Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Detect session lock on Xfce/XUbuntu 16.04 #910

Merged
merged 1 commit into from
Oct 25, 2017

Conversation

francoisferrand
Copy link
Contributor

The current code does not work with XUbuntu 16.04, which uses
light-locker to lock the screen.

I am not using a screensaver, but I suspect the screensaver activation
may have been detected by the existing events, and using it could thus
mask the issue.

Copy link
Member

@phoerious phoerious left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wish Linux DEs were a little more consistent.

Your change looks good. Just one minor complaint.

@@ -51,6 +52,15 @@ ScreenLockListenerDBus::ScreenLockListenerDBus(QWidget *parent):
this, //receiver
SLOT(logindPrepareForSleep(bool)));

QString sessionId = QProcessEnvironment::systemEnvironment().value("XDG_SESSION_ID");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this will open us to exploits, but I'd feel better if you validated this to be an integer.

@TheZ3ro TheZ3ro added this to the v2.3.0 milestone Sep 4, 2017
Copy link
Contributor

@TheZ3ro TheZ3ro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and it's working well

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 24, 2017

@Typz is this still under development?

@francoisferrand
Copy link
Contributor Author

sorry, I saw the approval and missed the change request, then forgot about this... I'll fix it ASAP!

@francoisferrand
Copy link
Contributor Author

francoisferrand commented Oct 24, 2017

actually, XDG_SESSION_ID is not an integer: on my setup (XUbuntu 17.04) it is 'c2'.

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 24, 2017

@Typz no problem :)

PS: you will need to rebase on develop

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 24, 2017

Oh, it's c2 also on my system. Nevermind

Can you rebase on develop anyway so I can merge?

@francoisferrand
Copy link
Contributor Author

done

@phoerious
Copy link
Member

Right now, it's c2 as well here. But I'm certain that it was a number when I added that review note. c2 could also still be a (hex) number.

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 24, 2017

The manual says (https://www.freedesktop.org/software/systemd/man/pam_systemd.html)

A session identifier, suitable to be used in filenames. The string itself should be considered opaque, although often it is just the audit session ID as reported by /proc/self/sessionid. Each ID will be assigned only once during machine uptime. It may hence be used to uniquely label files or other resources of this session.

In the source code id seems defined as const char* https://github.com/systemd/systemd/blob/master/src/login/pam_systemd.c#L220
(used at line https://github.com/systemd/systemd/blob/master/src/login/pam_systemd.c#L437)

Searching online most of the time is in the range 1-7 or in range c1-c7

@phoerious
Copy link
Member

Ok, then leave it as is.

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 25, 2017

@Typz rebase please 😉

The current code does not work with XUbuntu 16.04, which uses
light-locker to lock the screen.

I am not using a screensaver, but I suspect the screensaver activation
may have been detected by the existing events, and using it could thus
mask the issue.
@francoisferrand
Copy link
Contributor Author

Done

@TheZ3ro TheZ3ro merged commit 03eda06 into keepassxreboot:develop Oct 25, 2017
@TheZ3ro
Copy link
Contributor

TheZ3ro commented Oct 25, 2017

Thanks

@francoisferrand francoisferrand deleted the xfce-lock branch October 27, 2017 12:50
phoerious added a commit that referenced this pull request Feb 27, 2018
- Add support for KDBX 4.0, Argon2 and ChaCha20 [#148, #1179, #1230, #1494]
- Add SSH Agent feature [#1098, #1450, #1463]
- Add preview panel with details of the selected entry [#879, #1338]
- Add more and configurable columns to entry table and allow copying of values by double click [#1305]
- Add KeePassXC-Browser API as a replacement for KeePassHTTP [#608]
- Deprecate KeePassHTTP [#1392]
- Add support for Steam one-time passwords [#1206]
- Add support for multiple Auto-Type sequences for a single entry [#1390]
- Adjust YubiKey HMAC-SHA1 challenge-response key generation for KDBX 4.0 [#1060]
- Replace qHttp with cURL for website icon downloads [#1460]
- Remove lock file [#1231]
- Add option to create backup file before saving [#1385]
- Ask to save a generated password before closing the entry password generator [#1499]
- Resolve placeholders recursively [#1078]
- Add Auto-Type button to the toolbar [#1056]
- Improve window focus handling for Auto-Type dialogs [#1204, #1490]
- Auto-Type dialog and password generator can now be exited with ESC [#1252, #1412]
- Add optional dark tray icon [#1154]
- Add new "Unsafe saving" option to work around saving problems with file sync services [#1385]
- Add IBus support to AppImage and additional image formats to Windows builds [#1534, #1537]
- Add diceware password generator to CLI [#1406]
- Add --key-file option to CLI [#816, #824]
- Add DBus interface for opening and closing KeePassXC databases [#283]
- Add KDBX compression options to database settings [#1419]
- Discourage use of old fixed-length key files in favor of arbitrary files [#1326, #1327]
- Correct reference resolution in entry fields [#1486]
- Fix window state and recent databases not being remembered on exit [#1453]
- Correct history item generation when configuring TOTP for an entry [#1446]
- Correct multiple TOTP bugs [#1414]
- Automatic saving after every change is now a default [#279]
- Allow creation of new entries during search [#1398]
- Correct menu issues on macOS [#1335]
- Allow compilation on OpenBSD [#1328]
- Improve entry attachments view [#1139, #1298]
- Fix auto lock for Gnome and Xfce [#910, #1249]
- Don't remember key files in file dialogs when the setting is disabled [#1188]
- Improve database merging and conflict resolution [#807, #1165]
- Fix macOS pasteboard issues [#1202]
- Improve startup times on some platforms [#1205]
- Hide the notes field by default [#1124]
- Toggle main window by clicking tray icon with the middle mouse button [#992]
- Fix custom icons not copied over when databases are merged [#1008]
- Allow use of DEL key to delete entries [#914]
- Correct intermittent crash due to stale history items [#1527]
- Sanitize newline characters in title, username and URL fields [#1502]
- Reopen previously opened databases in correct order [#774]
- Use system's zxcvbn library if available [#701]
- Implement various i18n improvements [#690, #875, #1436]
@phoerious phoerious added pr: new feature Pull request that adds a new feature and removed new feature labels Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pr: new feature Pull request that adds a new feature
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants