[gnome-online-accounts/redhat/rhel-7.0: 1/6] kerberos: don't crash if keyring credentials disappear

From: Debarshi Ray <debarshir src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-online-accounts/redhat/rhel-7.0: 1/6] kerberos: don't crash if keyring credentials disappear
Date: Tue, 6 May 2014 15:21:03 +0000 (UTC)

commit cde3e3f624204c0e2544551a268e109c0ed17f7d
Author: Ray Strode <rstrode redhat com>
Date:   Wed Nov 6 16:58:43 2013 -0500

    kerberos: don't crash if keyring credentials disappear
    
    It's possible to make gnome-online-accounts crash by:
    
    1) creating a kerberos account in control-center
    2) deleting the stored credentials from gnome keyring using seahorse
    3) running kdestroy in the terminal to make the sign in button show up
    in the control-center panel
    4) clicking sign in
    
    This is because the provider makes the assumption that there will always
    be stored credentials when signing in interactively, which is incorrect
    in the above scenario (because of step 2).
    
    This commit hardens the get_ticket_sync function against credentials
    disappearing.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=711572

 src/goabackend/goakerberosprovider.c |   24 ++++++++++++++----------
 1 files changed, 14 insertions(+), 10 deletions(-)
---
diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c
index e795856..fbe0364 100644
--- a/src/goabackend/goakerberosprovider.c
+++ b/src/goabackend/goakerberosprovider.c
@@ -695,7 +695,6 @@ get_ticket_sync (GoaKerberosProvider *self,
   GoaAccount          *account;
   const char          *identifier;
   const char          *password;
-  gboolean             has_password;
   SignInRequest        request;
   gboolean             ret;
 
@@ -722,16 +721,21 @@ get_ticket_sync (GoaKerberosProvider *self,
                        _("Could not find saved credentials for principal `%s' in keyring"), identifier);
       goto out;
     }
-
-  has_password = g_variant_lookup (credentials, "password", "&s", &password);
-  if (!has_password && !is_interactive)
+  else if (credentials != NULL)
     {
-      g_set_error (error,
-                   GOA_ERROR,
-                   GOA_ERROR_NOT_AUTHORIZED,
-                   _("Did not find password for principal `%s' in credentials"),
-                   identifier);
-      goto out;
+      gboolean has_password;
+
+      has_password = g_variant_lookup (credentials, "password", "&s", &password);
+
+      if (!has_password && !is_interactive)
+        {
+          g_set_error (error,
+                       GOA_ERROR,
+                       GOA_ERROR_NOT_AUTHORIZED,
+                       _("Did not find password for principal `%s' in credentials"),
+                       identifier);
+          goto out;
+        }
     }
 
   memset (&request, 0, sizeof (SignInRequest));

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]