[geary: 21/39] Attempt to unlock the libsecret keyring before accessing secrets.



commit aebdfd6b82c192d88e3250e76cdb055e9b8ff948
Author: Michael James Gratton <mike vee net>
Date:   Thu Oct 26 22:06:13 2017 +1100

    Attempt to unlock the libsecret keyring before accessing secrets.
    
    Fixes Bug 784300.
    
    * src/client/application/secret-mediator.vala (SecretMediator): Add
      check_unlocked() method, call that up front from the public mediate API
      methods.

 src/client/application/secret-mediator.vala |   32 +++++++++++++++++++++++++++
 1 files changed, 32 insertions(+), 0 deletions(-)
---
diff --git a/src/client/application/secret-mediator.vala b/src/client/application/secret-mediator.vala
index 4b37325..7fd3e45 100644
--- a/src/client/application/secret-mediator.vala
+++ b/src/client/application/secret-mediator.vala
@@ -36,6 +36,8 @@ public class SecretMediator : Geary.CredentialsMediator, Object {
                                                     Geary.AccountInformation account,
                                                     Cancellable? cancellable = null)
     throws Error {
+        yield check_unlocked(cancellable);
+
         string? password = yield Secret.password_lookupv(
             SecretMediator.schema, new_attrs(service, account), cancellable
         );
@@ -54,6 +56,8 @@ public class SecretMediator : Geary.CredentialsMediator, Object {
                                                  Geary.AccountInformation account,
                                                  Cancellable? cancellable = null)
     throws Error {
+        yield check_unlocked(cancellable);
+
         Geary.Credentials credentials = get_credentials(service, account);
         try {
             yield do_store(service, account, credentials.pass, cancellable);
@@ -67,6 +71,8 @@ public class SecretMediator : Geary.CredentialsMediator, Object {
                                                    Geary.AccountInformation account,
                                                    Cancellable? cancellable = null)
     throws Error {
+        yield check_unlocked(cancellable);
+
         Geary.Credentials credentials = get_credentials(service, account);
         yield Secret.password_clearv(SecretMediator.schema,
                                      new_attrs(service, account),
@@ -137,6 +143,32 @@ public class SecretMediator : Geary.CredentialsMediator, Object {
         return true;
     }
 
+    // Ensure the default collection unlocked.  Try to unlock it since
+    // the user may be running in a limited environment and it would
+    // prevent us from prompting the user multiple times in one
+    // session. See Bug 784300.
+    private async void check_unlocked(Cancellable? cancellable = null)
+    throws Error {
+        Secret.Service service = yield Secret.Service.get(
+            Secret.ServiceFlags.OPEN_SESSION, cancellable
+        );
+        Secret.Collection collection = yield Secret.Collection.for_alias(
+            service,
+            Secret.COLLECTION_DEFAULT,
+            Secret.CollectionFlags.NONE,
+            cancellable
+        );
+        if (collection.get_locked()) {
+            List<Secret.Collection> to_lock = new List<Secret.Collection>();
+            to_lock.append(collection);
+            List<DBusProxy> unlocked;
+            yield service.unlock(to_lock, cancellable, out unlocked);
+            if (unlocked.length() != 0) {
+                // XXX
+            }
+        }
+    }
+
     private async void do_store(Geary.Service service,
                                 Geary.AccountInformation account,
                                 string password,


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]