--- src/signond/credentialsaccessmanager.cpp | 57 ++++++++++++++++++++++-------- src/signond/credentialsaccessmanager.h | 3 +- 2 files changed, 44 insertions(+), 16 deletions(-)
diff --git a/src/signond/credentialsaccessmanager.cpp b/src/signond/credentialsaccessmanager.cpp index f837fbe..2469d54 100644 --- a/src/signond/credentialsaccessmanager.cpp +++ b/src/signond/credentialsaccessmanager.cpp @@ -138,6 +138,7 @@ void CredentialsAccessManager::finalize() keyManager->disconnect(); m_isInitialized = false; + m_systemReady = false; m_error = NoError; } @@ -155,7 +156,12 @@ bool CredentialsAccessManager::init(const CAMConfiguration &camConfiguration) m_CAMConfiguration.serialize(&config); TRACE() << "\n\nInitualizing CredentialsAccessManager with configuration: " << config.data(); + m_systemReady = true; + if (m_CAMConfiguration.m_useEncryption) { + + if (!keyManagers.isEmpty()) { + m_systemReady = false; //Initialize CryptoManager m_pCryptoFileSystemManager = new CryptoManager(this); m_pCryptoFileSystemManager->setFileSystemPath(m_CAMConfiguration.encryptedFSPath()); @@ -181,6 +187,7 @@ bool CredentialsAccessManager::init(const CAMConfiguration &camConfiguration) keyManager->setup(); } } + } m_isInitialized = true; m_error = NoError; @@ -260,6 +267,14 @@ bool CredentialsAccessManager::openMetaDataDB() m_error = CredentialsDbSetupFailed; return false; } + //Set the right permissions for the storage directory + QFile storageDirAsFile(storageDir.path()); + QFile::Permissions permissions = storageDirAsFile.permissions(); + if (!permissions.testFlag(QFile::WriteUser)) + permissions |= QFile::WriteUser; + if (!permissions.testFlag(QFile::ReadUser)) + permissions |= QFile::ReadUser; + storageDirAsFile.setPermissions(permissions); } m_pCredentialsDB = new CredentialsDB(dbPath); @@ -481,11 +496,11 @@ void CredentialsAccessManager::onKeyDisabled(const SignOn::Key key) SIGNAL(noKeyPresentAccepted()), SLOT(onNoKeyPresentAccepted())); connect(m_secureStorageUiAdaptor, - SIGNAL(uiClosed()), - SLOT(onSecureStorageUiClosed())); + SIGNAL(uiRejected()), + SLOT(onSecureStorageUiRejected())); connect(m_secureStorageUiAdaptor, SIGNAL(error()), - SLOT(onSecureStorageUiClosed())); + SLOT(onSecureStorageUiRejected())); m_secureStorageUiAdaptor->notifyNoKeyPresent(); setCoreKeyAuthorizationMech(AuthorizedKeyRemovedFirst); @@ -578,7 +593,8 @@ void CredentialsAccessManager::onKeyAuthorized(const SignOn::Key key, m_secureStorageUiAdaptor->notifyKeyAuthorized(); //reset secure storage ui related data - onSecureStorageUiClosed(); + bool disableCoreKeyAuthorization = true; + secureStorageUiClosed(disableCoreKeyAuthorization); } } else if (!fileSystemDeployed()) { /* if the secure FS does not exist, create it and use this new key to @@ -653,7 +669,9 @@ QSet<SignOn::Key> CredentialsAccessManager::authorizedInsertedKeys() const void CredentialsAccessManager::onNoKeyPresentAccepted() { - onSecureStorageUiClosed(); + bool disableCoreKeyAuthorization = false; + secureStorageUiClosed(disableCoreKeyAuthorization); + //enforce the setting of the core key authorization mechanism setCoreKeyAuthorizationMech(AuthorizedKeyRemovedFirst); } @@ -661,7 +679,8 @@ void CredentialsAccessManager::onClearPasswordsStorage() { if (insertedKeys.isEmpty()) { TRACE() << "No keys available. The reformatting of the secure storage skipped."; - onSecureStorageUiClosed(); + bool disableCoreKeyAuthorization = false; + secureStorageUiClosed(disableCoreKeyAuthorization); return; } @@ -686,26 +705,34 @@ void CredentialsAccessManager::onClearPasswordsStorage() BLAME() << "Failed to reformat secure storage file system."; } - onSecureStorageUiClosed(); + bool disableCoreKeyAuthorization = true; + secureStorageUiClosed(disableCoreKeyAuthorization); } -void CredentialsAccessManager::onSecureStorageUiClosed() +void CredentialsAccessManager::secureStorageUiClosed(bool disableCoreKeyAuthorization) { - TRACE(); - cachedUnauthorizedKey.clear(); - setCoreKeyAuthorizationMech(Disabled); - if (m_secureStorageUiAdaptor) { delete m_secureStorageUiAdaptor; m_secureStorageUiAdaptor = 0; } + if (disableCoreKeyAuthorization) { + setCoreKeyAuthorizationMech(Disabled); + cachedUnauthorizedKey.clear(); + } + if (processingSecureStorageEvent) { processingSecureStorageEvent = false; replyToSecureStorageEventNotifiers(); } } +void CredentialsAccessManager::onSecureStorageUiRejected() +{ + bool disableCoreKeyAuthorization = true; + secureStorageUiClosed(disableCoreKeyAuthorization); +} + void CredentialsAccessManager::replyToSecureStorageEventNotifiers() { TRACE(); @@ -751,11 +778,11 @@ bool CredentialsAccessManager::processSecureStorageEvent() SIGNAL(clearPasswordsStorage()), SLOT(onClearPasswordsStorage())); connect(m_secureStorageUiAdaptor, - SIGNAL(uiClosed()), - SLOT(onSecureStorageUiClosed())); + SIGNAL(uiRejected()), + SLOT(onSecureStorageUiRejected())); connect(m_secureStorageUiAdaptor, SIGNAL(error()), - SLOT(onSecureStorageUiClosed())); + SLOT(onSecureStorageUiRejected())); m_secureStorageUiAdaptor->notifyNoAuthorizedKeyPresent(); processingSecureStorageEvent = true; diff --git a/src/signond/credentialsaccessmanager.h b/src/signond/credentialsaccessmanager.h index 5429c7b..7d67965 100644 --- a/src/signond/credentialsaccessmanager.h +++ b/src/signond/credentialsaccessmanager.h @@ -315,7 +315,7 @@ private Q_SLOTS: void onKeyRemoved(const SignOn::Key key); void onKeyAuthorized(const SignOn::Key key, bool authorized); void onClearPasswordsStorage(); - void onSecureStorageUiClosed(); + void onSecureStorageUiRejected(); void onNoKeyPresentAccepted(); protected: @@ -333,6 +333,7 @@ private: void queryEncryptionKeys(); void replyToSecureStorageEventNotifiers(); bool processSecureStorageEvent(); + void secureStorageUiClosed(bool disableCoreKeyAuthorization); /*! * Checks if the key can open the secure storage. If it can, the file system -- 1.6.3.3 _______________________________________________ MeeGo-dev mailing list MeeGo-dev@meego.com http://lists.meego.com/listinfo/meego-dev http://wiki.meego.com/Mailing_list_guidelines