---
src/signond/credentialsaccessmanager.cpp | 57 ++++++++++++++++++++++--------
src/signond/credentialsaccessmanager.h | 3 +-
2 files changed, 44 insertions(+), 16 deletions(-)
diff --git a/src/signond/credentialsaccessmanager.cpp
b/src/signond/credentialsaccessmanager.cpp
index f837fbe..2469d54 100644
--- a/src/signond/credentialsaccessmanager.cpp
+++ b/src/signond/credentialsaccessmanager.cpp
@@ -138,6 +138,7 @@ void CredentialsAccessManager::finalize()
keyManager->disconnect();
m_isInitialized = false;
+ m_systemReady = false;
m_error = NoError;
}
@@ -155,7 +156,12 @@ bool CredentialsAccessManager::init(const CAMConfiguration
&camConfiguration)
m_CAMConfiguration.serialize(&config);
TRACE() << "\n\nInitualizing CredentialsAccessManager with configuration:
" << config.data();
+ m_systemReady = true;
+
if (m_CAMConfiguration.m_useEncryption) {
+
+ if (!keyManagers.isEmpty()) {
+ m_systemReady = false;
//Initialize CryptoManager
m_pCryptoFileSystemManager = new CryptoManager(this);
m_pCryptoFileSystemManager->setFileSystemPath(m_CAMConfiguration.encryptedFSPath());
@@ -181,6 +187,7 @@ bool CredentialsAccessManager::init(const CAMConfiguration
&camConfiguration)
keyManager->setup();
}
}
+ }
m_isInitialized = true;
m_error = NoError;
@@ -260,6 +267,14 @@ bool CredentialsAccessManager::openMetaDataDB()
m_error = CredentialsDbSetupFailed;
return false;
}
+ //Set the right permissions for the storage directory
+ QFile storageDirAsFile(storageDir.path());
+ QFile::Permissions permissions = storageDirAsFile.permissions();
+ if (!permissions.testFlag(QFile::WriteUser))
+ permissions |= QFile::WriteUser;
+ if (!permissions.testFlag(QFile::ReadUser))
+ permissions |= QFile::ReadUser;
+ storageDirAsFile.setPermissions(permissions);
}
m_pCredentialsDB = new CredentialsDB(dbPath);
@@ -481,11 +496,11 @@ void CredentialsAccessManager::onKeyDisabled(const
SignOn::Key key)
SIGNAL(noKeyPresentAccepted()),
SLOT(onNoKeyPresentAccepted()));
connect(m_secureStorageUiAdaptor,
- SIGNAL(uiClosed()),
- SLOT(onSecureStorageUiClosed()));
+ SIGNAL(uiRejected()),
+ SLOT(onSecureStorageUiRejected()));
connect(m_secureStorageUiAdaptor,
SIGNAL(error()),
- SLOT(onSecureStorageUiClosed()));
+ SLOT(onSecureStorageUiRejected()));
m_secureStorageUiAdaptor->notifyNoKeyPresent();
setCoreKeyAuthorizationMech(AuthorizedKeyRemovedFirst);
@@ -578,7 +593,8 @@ void CredentialsAccessManager::onKeyAuthorized(const
SignOn::Key key,
m_secureStorageUiAdaptor->notifyKeyAuthorized();
//reset secure storage ui related data
- onSecureStorageUiClosed();
+ bool disableCoreKeyAuthorization = true;
+ secureStorageUiClosed(disableCoreKeyAuthorization);
}
} else if (!fileSystemDeployed()) {
/* if the secure FS does not exist, create it and use this new key to
@@ -653,7 +669,9 @@ QSet<SignOn::Key>
CredentialsAccessManager::authorizedInsertedKeys() const
void CredentialsAccessManager::onNoKeyPresentAccepted()
{
- onSecureStorageUiClosed();
+ bool disableCoreKeyAuthorization = false;
+ secureStorageUiClosed(disableCoreKeyAuthorization);
+ //enforce the setting of the core key authorization mechanism
setCoreKeyAuthorizationMech(AuthorizedKeyRemovedFirst);
}
@@ -661,7 +679,8 @@ void CredentialsAccessManager::onClearPasswordsStorage()
{
if (insertedKeys.isEmpty()) {
TRACE() << "No keys available. The reformatting of the secure storage
skipped.";
- onSecureStorageUiClosed();
+ bool disableCoreKeyAuthorization = false;
+ secureStorageUiClosed(disableCoreKeyAuthorization);
return;
}
@@ -686,26 +705,34 @@ void CredentialsAccessManager::onClearPasswordsStorage()
BLAME() << "Failed to reformat secure storage file system.";
}
- onSecureStorageUiClosed();
+ bool disableCoreKeyAuthorization = true;
+ secureStorageUiClosed(disableCoreKeyAuthorization);
}
-void CredentialsAccessManager::onSecureStorageUiClosed()
+void CredentialsAccessManager::secureStorageUiClosed(bool
disableCoreKeyAuthorization)
{
- TRACE();
- cachedUnauthorizedKey.clear();
- setCoreKeyAuthorizationMech(Disabled);
-
if (m_secureStorageUiAdaptor) {
delete m_secureStorageUiAdaptor;
m_secureStorageUiAdaptor = 0;
}
+ if (disableCoreKeyAuthorization) {
+ setCoreKeyAuthorizationMech(Disabled);
+ cachedUnauthorizedKey.clear();
+ }
+
if (processingSecureStorageEvent) {
processingSecureStorageEvent = false;
replyToSecureStorageEventNotifiers();
}
}
+void CredentialsAccessManager::onSecureStorageUiRejected()
+{
+ bool disableCoreKeyAuthorization = true;
+ secureStorageUiClosed(disableCoreKeyAuthorization);
+}
+
void CredentialsAccessManager::replyToSecureStorageEventNotifiers()
{
TRACE();
@@ -751,11 +778,11 @@ bool CredentialsAccessManager::processSecureStorageEvent()
SIGNAL(clearPasswordsStorage()),
SLOT(onClearPasswordsStorage()));
connect(m_secureStorageUiAdaptor,
- SIGNAL(uiClosed()),
- SLOT(onSecureStorageUiClosed()));
+ SIGNAL(uiRejected()),
+ SLOT(onSecureStorageUiRejected()));
connect(m_secureStorageUiAdaptor,
SIGNAL(error()),
- SLOT(onSecureStorageUiClosed()));
+ SLOT(onSecureStorageUiRejected()));
m_secureStorageUiAdaptor->notifyNoAuthorizedKeyPresent();
processingSecureStorageEvent = true;
diff --git a/src/signond/credentialsaccessmanager.h
b/src/signond/credentialsaccessmanager.h
index 5429c7b..7d67965 100644
--- a/src/signond/credentialsaccessmanager.h
+++ b/src/signond/credentialsaccessmanager.h
@@ -315,7 +315,7 @@ private Q_SLOTS:
void onKeyRemoved(const SignOn::Key key);
void onKeyAuthorized(const SignOn::Key key, bool authorized);
void onClearPasswordsStorage();
- void onSecureStorageUiClosed();
+ void onSecureStorageUiRejected();
void onNoKeyPresentAccepted();
protected:
@@ -333,6 +333,7 @@ private:
void queryEncryptionKeys();
void replyToSecureStorageEventNotifiers();
bool processSecureStorageEvent();
+ void secureStorageUiClosed(bool disableCoreKeyAuthorization);
/*!
* Checks if the key can open the secure storage. If it can, the file
system
--
1.6.3.3
_______________________________________________
MeeGo-dev mailing list
MeeGo-dev@meego.com
http://lists.meego.com/listinfo/meego-dev
http://wiki.meego.com/Mailing_list_guidelines
