[network-manager-vpnc] auth-dialog: simplify keyring access and don't save secrets

[Dan Williams <dcbw src gnome org>]

commit eeb299b431006dbf53e0ccaa1f55d78d8154fe9a
Author: Dan Williams <dcbw redhat com>
Date:   Thu Jul 14 10:44:28 2011 -0500

    auth-dialog: simplify keyring access and don't save secrets
    
    Secrets are saved by the agent (ie, nm-applet) and that means we're
    only using one keyring function here, so fold that keyring bit
    into the auth dialog since nobody else uses it.

 auth-dialog/Makefile.am |    2 +-
 auth-dialog/main.c      |   83 ++++++++++++++++++++++++++---------------------
 2 files changed, 47 insertions(+), 38 deletions(-)
---
diff --git a/auth-dialog/Makefile.am b/auth-dialog/Makefile.am
index 0a891e0..08b7a76 100644
--- a/auth-dialog/Makefile.am
+++ b/auth-dialog/Makefile.am
@@ -22,7 +22,7 @@ nm_vpnc_auth_dialog_SOURCES = \
 nm_vpnc_auth_dialog_LDADD = \
 	$(GTK_LIBS) \
 	$(NETWORKMANAGER_LIBS) \
-	$(top_builddir)/common-gnome/libnm-vpnc-common-gnome.la
+	$(GNOMEKEYRING_LIBS)
 
 @INTLTOOL_DESKTOP_RULE@
 desktopdir = $(datadir)/applications
diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index 699528c..38eed17 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -29,16 +29,52 @@
 #include <stdlib.h>
 #include <glib/gi18n.h>
 #include <gtk/gtk.h>
+#include <gnome-keyring.h>
 #include <gnome-keyring-memory.h>
 
 #include <nm-setting-vpn.h>
 #include <nm-setting-connection.h>
 #include <nm-vpn-plugin-utils.h>
 
-#include "common-gnome/keyring-helpers.h"
 #include "src/nm-vpnc-service.h"
 #include "gnome-two-password-dialog.h"
 
+#define VPNC_USER_PASSWORD "password"
+#define VPNC_GROUP_PASSWORD "group-password"
+
+#define KEYRING_UUID_TAG "connection-uuid"
+#define KEYRING_SN_TAG "setting-name"
+#define KEYRING_SK_TAG "setting-key"
+
+static char *
+keyring_lookup_secret (const char *uuid, const char *secret_name)
+{
+	GList *found_list = NULL;
+	GnomeKeyringResult ret;
+	GnomeKeyringFound *found;
+	char *secret = NULL;
+
+	ret = gnome_keyring_find_itemsv_sync (GNOME_KEYRING_ITEM_GENERIC_SECRET,
+	                                      &found_list,
+	                                      KEYRING_UUID_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      uuid,
+	                                      KEYRING_SN_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      NM_SETTING_VPN_SETTING_NAME,
+	                                      KEYRING_SK_TAG,
+	                                      GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
+	                                      secret_name,
+	                                      NULL);
+	if (ret == GNOME_KEYRING_RESULT_OK && found_list) {
+		found = g_list_nth_data (found_list, 0);
+		secret = gnome_keyring_memory_strdup (found->secret);
+	}
+
+	gnome_keyring_found_list_free (found_list);
+	return secret;
+}
+
 static gboolean
 get_secrets (const char *vpn_uuid,
              const char *vpn_name,
@@ -68,7 +104,7 @@ get_secrets (const char *vpn_uuid,
 		if (in_upw)
 			upw = gnome_keyring_memory_strdup (in_upw);
 		else
-			keyring_helpers_get_one_secret (vpn_uuid, VPNC_USER_PASSWORD, &upw);
+			upw = keyring_lookup_secret (vpn_uuid, VPNC_USER_PASSWORD);
 	}
 
 	if (   !(gpw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED)
@@ -76,7 +112,7 @@ get_secrets (const char *vpn_uuid,
 		if (in_gpw)
 			gpw = gnome_keyring_memory_strdup (in_gpw);
 		else
-			keyring_helpers_get_one_secret (vpn_uuid, VPNC_GROUP_PASSWORD, &gpw);
+			gpw = keyring_lookup_secret (vpn_uuid, VPNC_GROUP_PASSWORD);
 	}
 
 	if (!retry) {
@@ -142,16 +178,13 @@ get_secrets (const char *vpn_uuid,
 	}
 
 	/* if retrying, pre-fill dialog with the password */
-	if (upw) {
+	if (upw)
 		vpn_password_dialog_set_password (dialog, upw);
-		memset (upw, 0, strlen (upw));
-		gnome_keyring_memory_free (upw);
-	}
-	if (gpw) {
+	gnome_keyring_memory_free (upw);
+
+	if (gpw)
 		vpn_password_dialog_set_password_secondary (dialog, gpw);
-		memset (gpw, 0, strlen (gpw));
-		gnome_keyring_memory_free (gpw);
-	}
+	gnome_keyring_memory_free (gpw);
 
 	gtk_widget_show (GTK_WIDGET (dialog));
 
@@ -160,24 +193,6 @@ get_secrets (const char *vpn_uuid,
 	if (success) {
 		*out_upw = gnome_keyring_memory_strdup (vpn_password_dialog_get_password (dialog));
 		*out_gpw = gnome_keyring_memory_strdup (vpn_password_dialog_get_password_secondary (dialog));
-
-		if (upw_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
-		    if (*out_upw && !(upw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED))
-				keyring_helpers_save_secret (vpn_uuid, vpn_name, NULL, VPNC_USER_PASSWORD, *out_upw);
-			else {
-				/* Clear the password from the keyring */
-				keyring_helpers_delete_secret (vpn_uuid, VPNC_USER_PASSWORD);
-			}
-		}
-
-		if (gpw_flags & NM_SETTING_SECRET_FLAG_AGENT_OWNED) {
-		    if (*out_gpw && !(gpw_flags & NM_SETTING_SECRET_FLAG_NOT_SAVED))
-				keyring_helpers_save_secret (vpn_uuid, vpn_name, NULL, VPNC_GROUP_PASSWORD, *out_gpw);
-			else {
-				/* Clear the password from the keyring */
-				keyring_helpers_delete_secret (vpn_uuid, VPNC_GROUP_PASSWORD);
-			}
-		}
 	}
 
 	gtk_widget_hide (GTK_WIDGET (dialog));
@@ -306,14 +321,8 @@ main (int argc, char *argv[])
 		printf ("%s\n%s\n", NM_VPNC_KEY_SECRET, group_password);
 	printf ("\n\n");
 
-	if (password) {
-		memset (password, 0, strlen (password));
-		gnome_keyring_memory_free (password);
-	}
-	if (group_password) {
-		memset (group_password, 0, strlen (group_password));
-		gnome_keyring_memory_free (group_password);
-	}
+	gnome_keyring_memory_free (password);
+	gnome_keyring_memory_free (group_password);
 
 	/* for good measure, flush stdout since Kansas is going Bye-Bye */
 	fflush (stdout);