luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-10 03:16:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'support-tcrypt' into 'master'

Browse Source 
Add support for TCRYPT volumes to GMountOperation

See merge request GNOME/glib!120
This commit is contained in:
Philip Withnall 2018-06-21 14:29:13 +00:00
commit 6700101495
7 changed files with 298 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/reference/gio/gio-sections.txt
View File

@ -1497,6 +1497,12 @@ g_mount_operation_get_password_save
g_mount_operation_set_password_save
g_mount_operation_get_choice
g_mount_operation_set_choice
g_mount_operation_get_is_tcrypt_hidden_volume
g_mount_operation_set_is_tcrypt_hidden_volume
g_mount_operation_get_is_tcrypt_system_volume
g_mount_operation_set_is_tcrypt_system_volume
g_mount_operation_get_pim
g_mount_operation_set_pim
g_mount_operation_reply
<SUBSECTION Standard>
GMountOperationClass

15
docs/reference/gio/gio.xml
View File

@ -455,6 +455,21 @@
<listitem><para>Show extra information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--tcrypt-pim</option></term>
<listitem><para>The numeric PIM when unlocking a VeraCrypt volume.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--tcrypt-hidden</option></term>
<listitem><para>Mount a TCRYPT hidden volume.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--tcrypt-system</option></term>
<listitem><para>Mount a TCRYPT system volume.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect3>
</listitem>

16
gio/gio-tool-mount.c
View File

@ -48,6 +48,9 @@ static gboolean anonymous = FALSE;
static gboolean mount_list = FALSE;
static gboolean extra_detail = FALSE;
static gboolean mount_monitor = FALSE;
static gboolean tcrypt_hidden = FALSE;
static gboolean tcrypt_system = FALSE;
static guint tcrypt_pim = 0;
static const char *unmount_scheme = NULL;
static const char *mount_device_file = NULL;
static const char *stop_device_file = NULL;
@ -68,6 +71,9 @@ static const GOptionEntry entries[] =
{ "list", 'l', 0, G_OPTION_ARG_NONE, &mount_list, N_("List"), NULL},
{ "monitor", 'o', 0, G_OPTION_ARG_NONE, &mount_monitor, N_("Monitor events"), NULL},
{ "detail", 'i', 0, G_OPTION_ARG_NONE, &extra_detail, N_("Show extra information"), NULL},
{ "tcrypt-pim", 0, 0, G_OPTION_ARG_INT, &tcrypt_pim, N_("The numeric PIM when unlocking a VeraCrypt volume"), N_("PIM")},
{ "tcrypt-hidden", 0, 0, G_OPTION_ARG_NONE, &tcrypt_hidden, N_("Mount a TCRYPT hidden volume"), NULL},
{ "tcrypt-system", 0, 0, G_OPTION_ARG_NONE, &tcrypt_system, N_("Mount a TCRYPT system volume"), NULL},
{ NULL }
};
@ -174,6 +180,16 @@ ask_password_cb (GMountOperation *op,
}
}
if (flags & G_ASK_PASSWORD_TCRYPT)
{
if (tcrypt_pim)
g_mount_operation_set_pim (op, tcrypt_pim);
if (tcrypt_hidden)
g_mount_operation_set_is_tcrypt_hidden_volume (op, TRUE);
if (tcrypt_system)
g_mount_operation_set_is_tcrypt_system_volume (op, TRUE);
}
/* Only try anonymous access once. */
if (anonymous &&
GPOINTER_TO_INT (g_object_get_data (G_OBJECT (op), "state")) == MOUNT_OP_ASKED)

12
gio/gioenums.h
View File

@ -572,17 +572,19 @@ typedef enum {
* @G_ASK_PASSWORD_NEED_DOMAIN: operation requires a domain.
* @G_ASK_PASSWORD_SAVING_SUPPORTED: operation supports saving settings.
* @G_ASK_PASSWORD_ANONYMOUS_SUPPORTED: operation supports anonymous users.
* @G_ASK_PASSWORD_TCRYPT: operation takes TCRYPT parameters (Since: 2.58)
*
* #GAskPasswordFlags are used to request specific information from the
* user, or to notify the user of their choices in an authentication
* situation.
**/
typedef enum {
G_ASK_PASSWORD_NEED_PASSWORD = (1 << 0),
G_ASK_PASSWORD_NEED_USERNAME = (1 << 1),
G_ASK_PASSWORD_NEED_DOMAIN = (1 << 2),
G_ASK_PASSWORD_SAVING_SUPPORTED = (1 << 3),
G_ASK_PASSWORD_ANONYMOUS_SUPPORTED = (1 << 4)
G_ASK_PASSWORD_NEED_PASSWORD = (1 << 0),
G_ASK_PASSWORD_NEED_USERNAME = (1 << 1),
G_ASK_PASSWORD_NEED_DOMAIN = (1 << 2),
G_ASK_PASSWORD_SAVING_SUPPORTED = (1 << 3),
G_ASK_PASSWORD_ANONYMOUS_SUPPORTED = (1 << 4),
G_ASK_PASSWORD_TCRYPT = (1 << 5),
} GAskPasswordFlags;

219
gio/gmountoperation.c
View File

@ -47,6 +47,12 @@
* #GtkMountOperation. If no user interaction is desired (for example
* when automounting filesystems at login time), usually %NULL can be
* passed, see each method taking a #GMountOperation for details.
*
* The term TCRYPT is used to mean compatible with TrueCrypt and VeraCrypt.
* [TrueCrypt](https://en.wikipedia.org/wiki/TrueCrypt) is a discontinued system for
* encrypting file containers, partitions or whole disks, typically used with Windows.
* [VeraCrypt](https://www.veracrypt.fr/) is a maintained fork of TrueCrypt with various
* improvements and auditing fixes.
*/
enum {
@ -68,6 +74,9 @@ struct _GMountOperationPrivate {
gboolean anonymous;
GPasswordSave password_save;
int choice;
gboolean hidden_volume;
gboolean system_volume;
guint pim;
};
enum {
@ -77,7 +86,10 @@ enum {
PROP_ANONYMOUS,
PROP_DOMAIN,
PROP_PASSWORD_SAVE,
PROP_CHOICE
PROP_CHOICE,
PROP_IS_TCRYPT_HIDDEN_VOLUME,
PROP_IS_TCRYPT_SYSTEM_VOLUME,
PROP_PIM
};
G_DEFINE_TYPE_WITH_PRIVATE (GMountOperation, g_mount_operation, G_TYPE_OBJECT)
@ -124,6 +136,21 @@ g_mount_operation_set_property (GObject *object,
g_value_get_int (value));
break;
case PROP_IS_TCRYPT_HIDDEN_VOLUME:
g_mount_operation_set_is_tcrypt_hidden_volume (operation,
g_value_get_boolean (value));
break;
case PROP_IS_TCRYPT_SYSTEM_VOLUME:
g_mount_operation_set_is_tcrypt_system_volume (operation,
g_value_get_boolean (value));
break;
case PROP_PIM:
g_mount_operation_set_pim (operation,
g_value_get_uint (value));
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -169,6 +196,18 @@ g_mount_operation_get_property (GObject *object,
g_value_set_int (value, priv->choice);
break;
case PROP_IS_TCRYPT_HIDDEN_VOLUME:
g_value_set_boolean (value, priv->hidden_volume);
break;
case PROP_IS_TCRYPT_SYSTEM_VOLUME:
g_value_set_boolean (value, priv->system_volume);
break;
case PROP_PIM:
g_value_set_uint (value, priv->pim);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@ -504,6 +543,60 @@ g_mount_operation_class_init (GMountOperationClass *klass)
0, G_MAXINT, 0,
G_PARAM_READWRITE|
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
/**
* GMountOperation:is-tcrypt-hidden-volume:
*
* Whether the device to be unlocked is a TCRYPT hidden volume.
* See https://www.veracrypt.fr/en/Hidden%20Volume.html.
*
* Since: 2.58
*/
g_object_class_install_property (object_class,
PROP_IS_TCRYPT_HIDDEN_VOLUME,
g_param_spec_boolean ("is-tcrypt-hidden-volume",
P_("TCRYPT Hidden Volume"),
P_("Whether to unlock a TCRYPT hidden volume. See https://www.veracrypt.fr/en/Hidden%20Volume.html."),
FALSE,
G_PARAM_READWRITE|
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
/**
* GMountOperation:is-tcrypt-system-volume:
*
* Whether the device to be unlocked is a TCRYPT system volume.
* In this context, a system volume is a volume with a bootloader
* and operating system installed. This is only supported for Windows
* operating systems. For further documentation, see
* https://www.veracrypt.fr/en/System%20Encryption.html.
*
* Since: 2.58
*/
g_object_class_install_property (object_class,
PROP_IS_TCRYPT_SYSTEM_VOLUME,
g_param_spec_boolean ("is-tcrypt-system-volume",
P_("TCRYPT System Volume"),
P_("Whether to unlock a TCRYPT system volume. Only supported for unlocking Windows system volumes. See https://www.veracrypt.fr/en/System%20Encryption.html."),
FALSE,
G_PARAM_READWRITE|
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
/**
* GMountOperation:pim:
*
* The VeraCrypt PIM value, when unlocking a VeraCrypt volume. See
* https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html.
*
* Since: 2.58
*/
g_object_class_install_property (object_class,
PROP_PIM,
g_param_spec_uint ("pim",
P_("PIM"),
P_("The VeraCrypt PIM value"),
0, G_MAXUINT, 0,
G_PARAM_READWRITE|
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
}
static void
@ -736,6 +829,130 @@ g_mount_operation_set_choice (GMountOperation *op,
}
}
/**
* g_mount_operation_get_is_tcrypt_hidden_volume:
* @op: a #GMountOperation.
*
* Check to see whether the mount operation is being used
* for a TCRYPT hidden volume.
*
* Returns: %TRUE if mount operation is for hidden volume.
*
* Since: 2.58
**/
gboolean
g_mount_operation_get_is_tcrypt_hidden_volume (GMountOperation *op)
{
g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), FALSE);
return op->priv->hidden_volume;
}
/**
* g_mount_operation_set_is_tcrypt_hidden_volume:
* @op: a #GMountOperation.
* @hidden_volume: boolean value.
*
* Sets the mount operation to use a hidden volume if @hidden_volume is %TRUE.
*
* Since: 2.58
**/
void
g_mount_operation_set_is_tcrypt_hidden_volume (GMountOperation *op,
gboolean hidden_volume)
{
GMountOperationPrivate *priv;
g_return_if_fail (G_IS_MOUNT_OPERATION (op));
priv = op->priv;
if (priv->hidden_volume != hidden_volume)
{
priv->hidden_volume = hidden_volume;
g_object_notify (G_OBJECT (op), "is-tcrypt-hidden-volume");
}
}
/**
* g_mount_operation_get_is_tcrypt_system_volume:
* @op: a #GMountOperation.
*
* Check to see whether the mount operation is being used
* for a TCRYPT system volume.
*
* Returns: %TRUE if mount operation is for system volume.
*
* Since: 2.58
**/
gboolean
g_mount_operation_get_is_tcrypt_system_volume (GMountOperation *op)
{
g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), FALSE);
return op->priv->system_volume;
}
/**
* g_mount_operation_set_is_tcrypt_system_volume:
* @op: a #GMountOperation.
* @system_volume: boolean value.
*
* Sets the mount operation to use a system volume if @system_volume is %TRUE.
*
* Since: 2.58
**/
void
g_mount_operation_set_is_tcrypt_system_volume (GMountOperation *op,
gboolean system_volume)
{
GMountOperationPrivate *priv;
g_return_if_fail (G_IS_MOUNT_OPERATION (op));
priv = op->priv;
if (priv->system_volume != system_volume)
{
priv->system_volume = system_volume;
g_object_notify (G_OBJECT (op), "is-tcrypt-system-volume");
}
}
/**
* g_mount_operation_get_pim:
* @op: a #GMountOperation.
*
* Gets a PIM from the mount operation.
*
* Returns: The VeraCrypt PIM within @op.
*
* Since: 2.58
**/
guint
g_mount_operation_get_pim (GMountOperation *op)
{
g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), 0);
return op->priv->pim;
}
/**
* g_mount_operation_set_pim:
* @op: a #GMountOperation.
* @pim: an unsigned integer.
*
* Sets the mount operation's PIM to @pim.
*
* Since: 2.58
**/
void
g_mount_operation_set_pim (GMountOperation *op,
guint pim)
{
GMountOperationPrivate *priv;
g_return_if_fail (G_IS_MOUNT_OPERATION (op));
priv = op->priv;
if (priv->pim != pim)
{
priv->pim = pim;
g_object_notify (G_OBJECT (op), "pim");
}
}
/**
* g_mount_operation_reply:
* @op: a #GMountOperation

15
gio/gmountoperation.h
View File

@ -149,6 +149,21 @@ void g_mount_operation_set_choice (GMountOperation *op,
GLIB_AVAILABLE_IN_ALL
void g_mount_operation_reply (GMountOperation *op,
GMountOperationResult result);
GLIB_AVAILABLE_IN_2_58
gboolean g_mount_operation_get_is_tcrypt_hidden_volume (GMountOperation *op);
GLIB_AVAILABLE_IN_2_58
void g_mount_operation_set_is_tcrypt_hidden_volume (GMountOperation *op,
gboolean hidden_volume);
GLIB_AVAILABLE_IN_2_58
gboolean g_mount_operation_get_is_tcrypt_system_volume (GMountOperation *op);
GLIB_AVAILABLE_IN_2_58
void g_mount_operation_set_is_tcrypt_system_volume (GMountOperation *op,
gboolean system_volume);
GLIB_AVAILABLE_IN_2_58
guint g_mount_operation_get_pim (GMountOperation *op);
GLIB_AVAILABLE_IN_2_58
void g_mount_operation_set_pim (GMountOperation *op,
guint pim);
G_END_DECLS

21
gio/tests/mount-operation.c
View File

@ -45,6 +45,9 @@ test_properties (void)
gchar *domain = NULL;
GPasswordSave password_save;
int choice;
gboolean hidden_volume;
gboolean system_volume;
guint pim;
op = g_mount_operation_new ();
@ -55,6 +58,9 @@ test_properties (void)
"domain", &domain,
"password-save", &password_save,
"choice", &choice,
"is-tcrypt-hidden-volume", &hidden_volume,
"is-tcrypt-system-volume", &system_volume,
"pim", &pim,
NULL);
g_assert_cmpstr (username, ==, g_mount_operation_get_username (op));
@ -63,6 +69,9 @@ test_properties (void)
g_assert_cmpstr (domain, ==, g_mount_operation_get_domain (op));
g_assert_cmpint (password_save, ==, g_mount_operation_get_password_save (op));
g_assert_cmpint (choice, ==, g_mount_operation_get_choice (op));
g_assert_cmpint (hidden_volume, ==, g_mount_operation_get_is_tcrypt_hidden_volume (op));
g_assert_cmpint (system_volume, ==, g_mount_operation_get_is_tcrypt_system_volume (op));
g_assert_cmpuint (pim, ==, g_mount_operation_get_pim (op));
g_mount_operation_set_username (op, "username");
g_assert_cmpstr (g_mount_operation_get_username (op), ==, "username");
@ -82,6 +91,15 @@ test_properties (void)
g_mount_operation_set_choice (op, 5);
g_assert_cmpint (g_mount_operation_get_choice (op), ==, 5);
g_mount_operation_set_is_tcrypt_hidden_volume (op, !hidden_volume);
g_assert_cmpint (g_mount_operation_get_is_tcrypt_hidden_volume (op), ==, !hidden_volume);
g_mount_operation_set_is_tcrypt_system_volume (op, !system_volume);
g_assert_cmpint (g_mount_operation_get_is_tcrypt_system_volume (op), ==, !system_volume);
g_mount_operation_set_pim (op, 5);
g_assert_cmpuint (g_mount_operation_get_pim (op), ==, 5);
g_object_set (op,
"username", "other-username",
"password", "other-password",
@ -89,6 +107,9 @@ test_properties (void)
"domain", "other-domain",
"password-save", G_PASSWORD_SAVE_PERMANENTLY,
"choice", 4,
"is-tcrypt-hidden-volume", FALSE,
"is-tcrypt-system-volume", FALSE,
"pim", 4,
NULL);
g_free (domain);