[network-manager-openconnect] Use gnome-keyring for password fields

From: David Woodhouse <dwmw2 src gnome org>
To: commits-list gnome org
Cc:
Subject: [network-manager-openconnect] Use gnome-keyring for password fields
Date: Fri, 15 Jun 2012 21:15:44 +0000 (UTC)
commit 72f391a24487ab442290c47e2e670f52c41b0608
Author: Michael Stapelberg <michael stapelberg de>
Date:   Fri Jun 15 21:19:19 2012 +0200

    Use gnome-keyring for password fields

 auth-dialog/Makefile.am |    4 ++-
 auth-dialog/main.c      |   68 +++++++++++++++++++++++++++++++++++++++++++++++
 configure.ac            |    4 +++
 3 files changed, 75 insertions(+), 1 deletions(-)
---
diff --git a/auth-dialog/Makefile.am b/auth-dialog/Makefile.am
index 6d98a26..2d00d76 100644
--- a/auth-dialog/Makefile.am
+++ b/auth-dialog/Makefile.am
@@ -9,6 +9,7 @@ nm_openconnect_auth_dialog_CPPFLAGS = \
 	$(GCONF_CFLAGS) \
 	$(OPENCONNECT_CFLAGS) \
 	$(LIBXML_CFLAGS) \
+	$(GNOMEKEYRING_CFLAGS) \
 	-DICONDIR=\""$(datadir)/pixmaps"\" \
 	-DBINDIR=\""$(bindir)"\" \
 	-DG_DISABLE_DEPRECATED \
@@ -26,7 +27,8 @@ nm_openconnect_auth_dialog_LDADD = \
 	$(NM_LIBS) \
 	$(GCONF_LIBS) \
 	$(OPENCONNECT_LIBS) \
-	$(LIBXML_LIBS)
+	$(LIBXML_LIBS) \
+	$(GNOMEKEYRING_LIBS)
 
 CLEANFILES = *~
 
diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index f3eb493..14575ae 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -44,6 +44,8 @@
 
 #include <nm-vpn-plugin-utils.h>
 
+#include <gnome-keyring.h>
+
 #include "src/nm-openconnect-service.h"
 
 #include "openconnect.h"
@@ -68,6 +70,20 @@
 #include <openssl/ui.h>
 #endif
 
+static const GnomeKeyringPasswordSchema OPENCONNECT_SCHEMA_DEF = {
+  GNOME_KEYRING_ITEM_GENERIC_SECRET,
+  {
+    {"host", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {"auth_id", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {"label", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {NULL, 0}
+  }
+};
+
+const GnomeKeyringPasswordSchema *OPENCONNECT_SCHEMA = &OPENCONNECT_SCHEMA_DEF;
+
+static void got_keyring_pw(GnomeKeyringResult result, const char *string, gpointer data);
+
 static char *lasthost;
 
 typedef struct vpnhost {
@@ -223,6 +239,7 @@ static void ssl_box_clear(auth_ui_data *ui_data)
 
 typedef struct ui_fragment_data {
 	GtkWidget *widget;
+	GtkWidget *entry;
 	auth_ui_data *ui_data;
 #ifdef OPENCONNECT_OPENSSL
 	UI_STRING *uis;
@@ -347,6 +364,7 @@ static gboolean ui_write_prompt (ui_fragment_data *data)
 
 	entry = gtk_entry_new();
 	gtk_box_pack_end(GTK_BOX(hbox), entry, FALSE, FALSE, 0);
+	data->entry = entry;
 	if (!visible)
 		gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
 	if (data->entry_text)
@@ -552,6 +570,19 @@ static char *find_form_answer(GHashTable *secrets, struct oc_auth_form *form,
 	return result;
 }
 
+/* Callback which is called when we got a reply from gnome-keyring for any
+ * password field. Updates the contents of the password field unless the user
+ * entered anything in the meantime. */
+static void got_keyring_pw(GnomeKeyringResult result, const char *string, gpointer userdata)
+{
+	ui_fragment_data *data = (ui_fragment_data*)userdata;
+	if (data->entry) {
+		if (g_ascii_strncasecmp("", gtk_entry_get_text(GTK_ENTRY(data->entry)), 0) == 0)
+			gtk_entry_set_text(GTK_ENTRY(data->entry), string);
+	} else
+		data->entry_text = g_strdup (string);
+}
+
 /* This part for processing forms from openconnect directly, rather than
    through the SSL UI abstraction (which doesn't allow 'select' options) */
 
@@ -593,6 +624,21 @@ static gboolean ui_form (struct oc_auth_form *form)
 			if (opt->type != OC_FORM_OPT_PASSWORD)
 				data->entry_text = g_strdup (find_form_answer(ui_data->secrets,
 									      form, opt));
+			else {
+				char *hostname;
+				hostname = openconnect_get_hostname(ui_data->vpninfo);
+				gnome_keyring_find_password(
+						OPENCONNECT_SCHEMA,
+						got_keyring_pw,
+						data,
+						NULL,
+						"host", hostname,
+						"auth_id", form->auth_id,
+						"label", data->opt->name,
+						NULL
+						);
+			}
+
 
 			ui_write_prompt(data);
 		} else if (opt->type == OC_FORM_OPT_SELECT) {
@@ -649,6 +695,28 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form)
 					g_hash_table_insert (ui_data->success_secrets,
 							     keyname, g_strdup (data->entry_text));
 				}
+
+				if (data->opt->type == OC_FORM_OPT_PASSWORD) {
+					/* store the password in gnome-keyring */
+					char *description;
+					char *hostname;
+					//int result;
+					description = g_strdup_printf(_("OpenConnect: %s: %s:%s"), ui_data->vpn_name, form->auth_id, data->opt->name);
+					hostname = openconnect_get_hostname(ui_data->vpninfo);
+					gnome_keyring_store_password_sync (
+							OPENCONNECT_SCHEMA,
+							GNOME_KEYRING_DEFAULT,
+							description,
+							data->entry_text, /* password */
+							"host", hostname,
+							"auth_id", form->auth_id,
+							"label", data->opt->name,
+							NULL
+							);
+					// TODO: err
+					g_free(description);
+
+				}
 			}
 			g_slice_free (ui_fragment_data, data);
 		}
diff --git a/configure.ac b/configure.ac
index 7e24c7e..be6da6f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -84,6 +84,10 @@ if test x"$with_gnome" != xno; then
 	AC_SUBST(GTK_CFLAGS)
 	AC_SUBST(GTK_LIBS)
 
+	PKG_CHECK_MODULES(GNOMEKEYRING, gnome-keyring-1)
+	AC_SUBST(GNOMEKEYRING_CFLAGS)
+	AC_SUBST(GNOMEKEYRING_LIBS)
+
 	PKG_CHECK_MODULES(GCONF, gconf-2.0)
 	AC_SUBST(GCONF_CFLAGS)
 	AC_SUBST(GCONF_LIBS)
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]