accounts-sso:jlaako-signon.git
6 years agoFix building of tests
Alberto Mardegan [Sun, 19 Jun 2011 07:56:06 +0000 (10:56 +0300)]
Fix building of tests

The tests are not using the libsignonextension library, and don't need that
debug header included.

6 years agoLog process ID in syslog
Alberto Mardegan [Sat, 18 Jun 2011 11:29:17 +0000 (14:29 +0300)]
Log process ID in syslog

6 years agoDebugging improvements
Alberto Mardegan [Sat, 18 Jun 2011 11:16:32 +0000 (14:16 +0300)]
Debugging improvements

Remove duplicate devinition of debugging macros: let libsignon-extension
contain the definitions.

6 years agoincrease version 8.35
Tomi Suviola [Mon, 13 Jun 2011 12:12:39 +0000 (15:12 +0300)]
increase version

6 years agoNeeded to fix bug 249545 - Verify username feature is broken.
Tomi Suviola [Mon, 13 Jun 2011 11:44:44 +0000 (14:44 +0300)]
Needed to fix bug 249545 - Verify username feature is broken.

6 years agoincrease version 8.34
Tomi Suviola [Thu, 9 Jun 2011 12:42:28 +0000 (15:42 +0300)]
increase version

6 years agoAdd counter for verifyUser()
Tomi Suviola [Thu, 9 Jun 2011 09:11:27 +0000 (12:11 +0300)]
Add counter for verifyUser()

6 years agoFix empty credential entries during store()
Tomi Suviola [Thu, 9 Jun 2011 09:10:52 +0000 (12:10 +0300)]
Fix empty credential entries during store()

6 years agoFix bug 263230 - login dialog is shown after configuring facebook account
Tomi Suviola [Thu, 9 Jun 2011 09:10:08 +0000 (12:10 +0300)]
Fix bug 263230 - login dialog is shown after configuring facebook account

6 years agoVersion 8.33 8.33
Alberto Mardegan [Mon, 6 Jun 2011 13:43:39 +0000 (16:43 +0300)]
Version 8.33

6 years agoLink libsignon-extensions with libcryptsetup
Alberto Mardegan [Mon, 6 Jun 2011 13:30:34 +0000 (16:30 +0300)]
Link libsignon-extensions with libcryptsetup

6 years agoAllow building without the libcreds library
Alberto Mardegan [Mon, 6 Jun 2011 09:08:45 +0000 (12:08 +0300)]
Allow building without the libcreds library

This library is part of the MeeGo Simplified Security Framework, which is going
to be obsoleted in meego.com.

6 years agoRemoved unused private method
Alberto Mardegan [Mon, 6 Jun 2011 09:08:02 +0000 (12:08 +0300)]
Removed unused private method

6 years agoincrease version 8.32
Tomi Suviola [Mon, 6 Jun 2011 09:45:14 +0000 (12:45 +0300)]
increase version

6 years agoMerge branch 'set_owner'
Tomi Suviola [Mon, 6 Jun 2011 08:19:22 +0000 (11:19 +0300)]
Merge branch 'set_owner'

Conflicts:
src/signond/signonidentity.cpp

6 years agoVersion 8.31 8.31
Alberto Mardegan [Wed, 1 Jun 2011 08:57:23 +0000 (11:57 +0300)]
Version 8.31

6 years agoAdd FinalUrl property to UiSessionData
Alberto Mardegan [Wed, 1 Jun 2011 08:40:05 +0000 (11:40 +0300)]
Add FinalUrl property to UiSessionData

This can be used in signon-ui to improve the user experience by either closing
the browser dialog or replacing the final page with an informative text.

6 years agoupdate version 8.30
Tomi Suviola [Fri, 27 May 2011 11:47:07 +0000 (14:47 +0300)]
update version

6 years agoMerge branch 'bug_259134'
Tomi Suviola [Thu, 26 May 2011 05:42:51 +0000 (08:42 +0300)]
Merge branch 'bug_259134'

6 years agoAdd new params into uisessiondata.
Tomi Suviola [Wed, 25 May 2011 13:01:13 +0000 (16:01 +0300)]
Add new params into uisessiondata.

6 years agoVersion 8.29 8.29
Alberto Mardegan [Wed, 25 May 2011 12:05:04 +0000 (15:05 +0300)]
Version 8.29

6 years agolib: restore signal connections
Alberto Mardegan [Wed, 25 May 2011 11:43:27 +0000 (14:43 +0300)]
lib: restore signal connections

D-Bus signals were lost when we moved away from QDBusInterface. Now they are
back in place.

6 years agolib: helper method to connect DBus signals
Alberto Mardegan [Wed, 25 May 2011 11:42:51 +0000 (14:42 +0300)]
lib: helper method to connect DBus signals

6 years agoVersion 8.28 8.28
Alberto Mardegan [Wed, 25 May 2011 06:47:13 +0000 (09:47 +0300)]
Version 8.28

6 years agosignond: do not open DB when started for backup
Alberto Mardegan [Wed, 25 May 2011 06:02:51 +0000 (09:02 +0300)]
signond: do not open DB when started for backup

If backup fails, reopen the DB only if we are not running in backup mode.

6 years agoCAM: fix opening of secrets DB
Alberto Mardegan [Wed, 25 May 2011 05:57:52 +0000 (08:57 +0300)]
CAM: fix opening of secrets DB

If the encrypted FS is not mounted when we are requested to open the
credentials system, we must attempt mounting it (and after that, the secrets DB
will be opened).

6 years agoDefault key authorizer: reformat unaccessible storage
Alberto Mardegan [Tue, 24 May 2011 12:35:50 +0000 (15:35 +0300)]
Default key authorizer: reformat unaccessible storage

If the storage has been encrypted with a different set of keys, none of which
are currently accessible, the default key authorizer will now reformat the
secrets storage with the new key.

6 years agoMerge branch 'fix_sasltests'
Tomi Suviola [Tue, 24 May 2011 11:33:32 +0000 (14:33 +0300)]
Merge branch 'fix_sasltests'

6 years agoDon't compare path to empty string, use isEmpty
Alberto Mardegan [Tue, 24 May 2011 11:08:32 +0000 (14:08 +0300)]
Don't compare path to empty string, use isEmpty

Code is poetry, but up to a certain point.

6 years agolibsignon: Don't use QDBusInterface
Alberto Mardegan [Tue, 24 May 2011 10:34:46 +0000 (13:34 +0300)]
libsignon: Don't use QDBusInterface

QDBusInterface makes blocking calls for introspecting the remove service.
Replace them with a simple wrapper around QDBusAbstractInterface.

6 years agoFix sasl tests. process call was reinitializing sasl library and server state got...
Tomi Suviola [Tue, 24 May 2011 10:34:46 +0000 (13:34 +0300)]
Fix sasl tests. process call was reinitializing sasl library and server state got wrong.

6 years agovserion 8.27 8.27
smita [Mon, 23 May 2011 11:49:59 +0000 (14:49 +0300)]
vserion 8.27

6 years agoFixing: 220787 - Twitter: 'Unknown error' is displayed while configuring Twitter...
smita [Mon, 23 May 2011 11:46:18 +0000 (14:46 +0300)]
Fixing: 220787 - Twitter: 'Unknown error' is displayed while configuring Twitter account when incorrect/default date and time is set on the device

6 years agosignond: moderate logging from external modules
Alberto Mardegan [Mon, 23 May 2011 08:13:22 +0000 (11:13 +0300)]
signond: moderate logging from external modules

If external modules (libraries or extensions) call the Qt logging functions,
make sure we don't spam the syslog if the LoggingLevel is /etc/signond.conf is
configured for a less verbose profile.

6 years agoRemove some unnecessary debug messages
Alberto Mardegan [Mon, 23 May 2011 08:13:02 +0000 (11:13 +0300)]
Remove some unnecessary debug messages

6 years agoCopy owners from acl during update
Tomi Suviola [Fri, 20 May 2011 12:15:15 +0000 (15:15 +0300)]
Copy owners from acl during update

6 years agoincrease version 8.26
Tomi Suviola [Fri, 20 May 2011 11:09:35 +0000 (14:09 +0300)]
increase version

6 years agoMerge commit '025f13011b466fda675d04f03c34fa647748c286'
Tomi Suviola [Fri, 20 May 2011 11:06:20 +0000 (14:06 +0300)]
Merge commit '025f13011b466fda675d04f03c34fa647748c286'

6 years agoRemoved unused code
Tomi Suviola [Fri, 20 May 2011 10:35:14 +0000 (13:35 +0300)]
Removed unused code

6 years agoReview changes
Tomi Suviola [Fri, 20 May 2011 10:21:25 +0000 (13:21 +0300)]
Review changes

6 years agofix merge errors
Tomi Suviola [Fri, 20 May 2011 08:36:52 +0000 (11:36 +0300)]
fix merge errors

6 years agoVersion 8.25 8.25
Alberto Mardegan [Fri, 20 May 2011 08:22:57 +0000 (11:22 +0300)]
Version 8.25

6 years agoTake owner into use
Tomi Suviola [Thu, 19 May 2011 11:55:44 +0000 (14:55 +0300)]
Take owner into use

6 years agoAdapt tests to changes, and fix findings
Tomi Suviola [Thu, 19 May 2011 11:27:10 +0000 (14:27 +0300)]
Adapt tests to changes, and fix findings

6 years agoremove owners before inserting
Tomi Suviola [Thu, 19 May 2011 10:29:55 +0000 (13:29 +0300)]
remove owners before inserting

6 years agoAdd owner to database
Tomi Suviola [Thu, 19 May 2011 09:55:34 +0000 (12:55 +0300)]
Add owner to database

6 years agoadd store method into dbus api
Tomi Suviola [Wed, 18 May 2011 07:58:30 +0000 (10:58 +0300)]
add store method into dbus api

6 years agoAdd owner to Identity
Tomi Suviola [Mon, 18 Apr 2011 12:10:51 +0000 (15:10 +0300)]
Add owner to Identity

6 years agoCAM: Support pluggable KeyAuthorizer
Alberto Mardegan [Thu, 19 May 2011 12:02:18 +0000 (15:02 +0300)]
CAM: Support pluggable KeyAuthorizer

6 years agoRemove UiKeyAuthorizer
Alberto Mardegan [Thu, 19 May 2011 08:58:12 +0000 (11:58 +0300)]
Remove UiKeyAuthorizer

Consequently, simplify the SignOnUi interface, removing the secure storage
adaptor.

6 years agosignond-dev: upgrade extension interface
Alberto Mardegan [Thu, 19 May 2011 08:26:01 +0000 (11:26 +0300)]
signond-dev: upgrade extension interface

Add a virtual method to get the KeyAuthorizer object.

6 years agoMove KeyHandler and AbstractKeyAuthorizer to library
Alberto Mardegan [Thu, 19 May 2011 07:32:17 +0000 (10:32 +0300)]
Move KeyHandler and AbstractKeyAuthorizer to library

We also need to bring in the CryptoManager and CryptoHandlers and the misc.cpp
file, but the latter two are not be exported, while CryptoManager APIs are onlu
available if the SIGNON_ENABLE_UNSTABLE_APIS preprocessor symbol is defined.

6 years agosignond-dev: selective exporting of symbols
Alberto Mardegan [Thu, 19 May 2011 07:09:15 +0000 (10:09 +0300)]
signond-dev: selective exporting of symbols

6 years agosignond-dev: add debugging facilities
Alberto Mardegan [Thu, 19 May 2011 06:34:21 +0000 (09:34 +0300)]
signond-dev: add debugging facilities

6 years agoCAM: use default key authorizer
Alberto Mardegan [Thu, 19 May 2011 08:55:25 +0000 (11:55 +0300)]
CAM: use default key authorizer

This is a temporary commit; we are moving the UiKeyAuthorizer into a separate
plugin.

6 years agosignon: add default key authorizer
Alberto Mardegan [Thu, 19 May 2011 08:54:08 +0000 (11:54 +0300)]
signon: add default key authorizer

Add a key authorizer which will authorize all given keys.

6 years agoVersion 8.24
Aurel Popirtac [Thu, 19 May 2011 11:11:56 +0000 (14:11 +0300)]
Version 8.24

6 years agoFixes: NB#255674 - UI freeze (for ~10 seconds) caused by the signond.
Aurel Popirtac [Thu, 19 May 2011 10:14:56 +0000 (13:14 +0300)]
Fixes: NB#255674 - UI freeze (for ~10 seconds) caused by the signond.

6 years agoVersion 8.23 8.23
Alberto Mardegan [Wed, 18 May 2011 08:41:10 +0000 (11:41 +0300)]
Version 8.23

6 years agosignond: fine-grain check for allowed mechanisms
Alberto Mardegan [Mon, 16 May 2011 13:25:52 +0000 (16:25 +0300)]
signond: fine-grain check for allowed mechanisms

SASL uses the mechanism string as a space-separated list; therefore, if
comparing the full string fails, we need to split it in words, and filter out
those mechanisms that are not allowed.

6 years agoSASL: reinitialize libsasl after every session
Alberto Mardegan [Mon, 16 May 2011 12:24:17 +0000 (15:24 +0300)]
SASL: reinitialize libsasl after every session

It seems that libsasl is misbehaving when following up a compelted XMPP
authentication.

6 years agoSignon DB: file permissions and ownership
Alberto Mardegan [Wed, 18 May 2011 08:13:11 +0000 (11:13 +0300)]
Signon DB: file permissions and ownership

Let the DB files be owned by the user running signond (currently that is root,
in Harmattan), and set an appropriate umask at startup so that other users
cannot read our files.
When creating files for backup, though, change their ownership to the current
user, so that the backup application can read them.

6 years agoincrease version 8.22
Tomi Suviola [Tue, 17 May 2011 07:04:02 +0000 (10:04 +0300)]
increase version

6 years agoFix bug 242165
Tomi Suviola [Mon, 16 May 2011 10:34:12 +0000 (13:34 +0300)]
Fix bug 242165

6 years agoVersion 8.21
Aurel Popirtac [Sun, 15 May 2011 16:44:32 +0000 (19:44 +0300)]
Version 8.21

6 years agoUsing ftruncate to create the signon secure FS partition file.
Aurel Popirtac [Sun, 15 May 2011 15:48:19 +0000 (18:48 +0300)]
Using ftruncate to create the signon secure FS partition file.

6 years agoMoved the creation of the storage directory to CAM's init phase.
Aurel Popirtac [Sun, 15 May 2011 15:47:15 +0000 (18:47 +0300)]
Moved the creation of the storage directory to CAM's init phase.

6 years agoVersion 8.20
Aurel Popirtac [Wed, 11 May 2011 10:34:36 +0000 (13:34 +0300)]
Version 8.20

6 years agoFixed signond crash.
Aurel Popirtac [Wed, 11 May 2011 10:27:11 +0000 (13:27 +0300)]
Fixed signond crash.

6 years agoRemoved unused tests.
Aurel Popirtac [Wed, 11 May 2011 10:26:18 +0000 (13:26 +0300)]
Removed unused tests.

6 years agoVersion 8.19
Aurel Popirtac [Mon, 9 May 2011 13:17:27 +0000 (16:17 +0300)]
Version 8.19

6 years agoRemoved encryption for the SignOn plugins' IPC.
Aurel Popirtac [Sat, 7 May 2011 11:24:40 +0000 (14:24 +0300)]
Removed encryption for the SignOn plugins' IPC.

6 years agoVersion 8.18
Aurel Popirtac [Mon, 9 May 2011 13:00:35 +0000 (16:00 +0300)]
Version 8.18

6 years agoTests temporary fix.
Aurel Popirtac [Mon, 9 May 2011 12:54:13 +0000 (15:54 +0300)]
Tests temporary fix.
- 6 more tests are skipped for the moment, until the secure storage is
stabilized.

6 years agoFixes: NB#250431 - sign up into ovi account always fails at first.
Aurel Popirtac [Mon, 9 May 2011 10:50:19 +0000 (13:50 +0300)]
Fixes: NB#250431 - sign up into ovi account always fails at first.

6 years agoVersion 8.17 8.17
Alberto Mardegan [Wed, 4 May 2011 10:53:35 +0000 (13:53 +0300)]
Version 8.17

6 years agoTests: add retries on failed initialization
Alberto Mardegan [Wed, 4 May 2011 10:42:20 +0000 (13:42 +0300)]
Tests: add retries on failed initialization

If signond was not already running by the time when tests were started, in some
cases tests could fail with this error: "Server internal error
occurred.Database error occurred.".
The reason is that the SIM initialization takes some time.

This patch fixes that issue by retrying the operation a few times, when it
fails because of that error.

6 years agoUse libcrypto pkg-config file
Alberto Mardegan [Mon, 2 May 2011 11:24:06 +0000 (14:24 +0300)]
Use libcrypto pkg-config file

Do not add -lcrypto to LIBS; instead, use the pkg-config feature.

6 years agoincrease version 8.16
Tomi Suviola [Mon, 2 May 2011 10:57:49 +0000 (13:57 +0300)]
increase version

6 years agoAdd new fields into uisessiondata for fixing bug 249311
Tomi Suviola [Mon, 2 May 2011 07:03:53 +0000 (10:03 +0300)]
Add new fields into uisessiondata for fixing bug 249311

6 years agoVersion 8.15 8.15
Alberto Mardegan [Sat, 30 Apr 2011 11:35:41 +0000 (14:35 +0300)]
Version 8.15

6 years agogitignore
Alberto Mardegan [Sat, 30 Apr 2011 11:35:20 +0000 (14:35 +0300)]
gitignore

6 years agoSession adaptor: refactor method/mechanism check
Alberto Mardegan [Tue, 26 Apr 2011 12:43:10 +0000 (15:43 +0300)]
Session adaptor: refactor method/mechanism check

Add a method on the IdentityInfo class to check if a method/mechanism
combination is allowed.

6 years agoIndentation
Alberto Mardegan [Tue, 26 Apr 2011 12:32:15 +0000 (15:32 +0300)]
Indentation

Also, no need to wrap everything inside the namespace when defining the
methods.

6 years agoEncrypt communication with plugins
Rauli Ikonen [Thu, 10 Feb 2011 11:55:59 +0000 (13:55 +0200)]
Encrypt communication with plugins

Added new class EncryptedDevice. EncryptedDevice inherits QIODevice and uses
AES in OFB mode to encrypt/decrypt any data that passes through it. The
constructor allows specifying the actual device from which data is read from /
written to, encryption key and initialization vectors for input and output
streams. PluginProxy and RemotePluginProcess were changed so that they wrap the
QProcess and QFile devices into EncryptedDevice objects and use those for
reading/writing data so that no data is passed in plain text.

The encryption key and initialization vectors are generated by PluginProxy
after launching remotepluginprocess and passed through normal stdin channel
before any other data as a string that has been encrypted using aegis-crypto
with *sso-encryption-token the remotepluginprocess provides. That is,
aegis-crypto is only used to protect the encryption key. This is because
aegis-crypto does not allow maintaining a state and is thus unsuitable for
doing stream encryption.

Fixes https://bugs.meego.com/show_bug.cgi?id=12435

6 years agoAuthSession: check method and mechanism
Rauli Ikonen [Thu, 10 Feb 2011 10:07:31 +0000 (12:07 +0200)]
AuthSession: check method and mechanism

SignonAuthSessionAdaptor now enforces the authentication method and mechanism.
New error code was added for this.

Fixes https://bugs.meego.com/show_bug.cgi?id=12425

6 years agoAuthSession: restrict setId() usage
Rauli Ikonen [Thu, 10 Feb 2011 09:58:49 +0000 (11:58 +0200)]
AuthSession: restrict setId() usage

SignonAuthSessionAdaptor now only allows setId call with identity id that the
calling process is allowed to access.

Fixes https://bugs.meego.com/show_bug.cgi?id=12570

6 years agoAuthSession: check calling process ID
Rauli Ikonen [Thu, 10 Feb 2011 09:14:23 +0000 (11:14 +0200)]
AuthSession: check calling process ID

SignonAuthSessionAdaptor now refuses to serve requests that come from a process
different than the one that created the associated SignonAuthSession object.
Fixes http://bugs.meego.com/show_bug.cgi?id=12427

6 years agoverifySecret call now properly encrypts password
Rauli Ikonen [Wed, 9 Feb 2011 15:21:11 +0000 (17:21 +0200)]
verifySecret call now properly encrypts password

Both on client and server side. Fixes
https://bugs.meego.com/show_bug.cgi?id=12430

6 years agoFixed storeCredentials to use decodedSecret instead of secret. Fixes https://bugs...
Rauli Ikonen [Wed, 9 Feb 2011 15:16:03 +0000 (17:16 +0200)]
Fixed storeCredentials to use decodedSecret instead of secret. Fixes https://bugs.meego.com/show_bug.cgi?id=12429

6 years agoAll SQL queries with string parameters changed to use prepared statements. New test...
Rauli Ikonen [Wed, 9 Feb 2011 15:07:53 +0000 (17:07 +0200)]
All SQL queries with string parameters changed to use prepared statements. New test case added to ensure checkPassword does not allow SQL injection. Fixes https://bugs.meego.com/show_bug.cgi?id=12424

6 years agoPlugins: initialize debugging
Alberto Mardegan [Sat, 30 Apr 2011 08:53:17 +0000 (11:53 +0300)]
Plugins: initialize debugging

We added the initDebug() function, but forgot to use it. :-)

6 years agoRevert "Tests: set preprocessor macro in project file"
Alberto Mardegan [Fri, 29 Apr 2011 14:10:04 +0000 (17:10 +0300)]
Revert "Tests: set preprocessor macro in project file"

This reverts commit 76fab5f19737af85034ae14ba51c8ae067328b23.

We cannot simply use a define, or "make" will see the the object file has
already been compiled and won't build it again.

6 years agolibsignon-qt-tests: enable untrusted tests in SB
Alberto Mardegan [Fri, 29 Apr 2011 14:09:02 +0000 (17:09 +0300)]
libsignon-qt-tests: enable untrusted tests in SB

The untrusted tests run in scratchbox just fine.

6 years agoFixed ACL in libsignon-qt-tests.
Aurel Popirtac [Wed, 27 Apr 2011 09:03:18 +0000 (12:03 +0300)]
Fixed ACL in libsignon-qt-tests.

6 years agoTests: allow running unit tests individually
Alberto Mardegan [Tue, 19 Apr 2011 11:04:00 +0000 (14:04 +0300)]
Tests: allow running unit tests individually

Remove some useless class and expose the test cases as individual slots. This
allows directly executing a single unit test from the command line.

The tests need some deeper refactoring and cleanup, but this is the first step.

6 years agoTests: set preprocessor macro in project file
Alberto Mardegan [Tue, 19 Apr 2011 07:32:12 +0000 (10:32 +0300)]
Tests: set preprocessor macro in project file

There's no need for a .cpp file just for defining a simple macro.

6 years agoVersion 8.14
Aurel Popirtac [Tue, 19 Apr 2011 14:40:58 +0000 (17:40 +0300)]
Version 8.14

6 years agoAdded miscellaneous files.
Aurel Popirtac [Tue, 19 Apr 2011 11:04:17 +0000 (14:04 +0300)]
Added miscellaneous files.
- Currently only defines functions for setting file permissions and
ownership

6 years agoSetting the right file permissions and ownership for the storage directory.
Aurel Popirtac [Fri, 15 Apr 2011 12:35:37 +0000 (15:35 +0300)]
Setting the right file permissions and ownership for the storage directory.
Also the same are set for the meta data DB file.