[PATCH 1/7] Use gnome-keyring for password fields (cherry picked from commit 72f391a24487ab442290c47e2e670f52c41b0608)

From: Murilo Opsfelder Araujo <muriloo linux vnet ibm com>
To: networkmanager-list gnome org
Cc: David Woodhouse intel com
Subject: [PATCH 1/7] Use gnome-keyring for password fields (cherry picked from commit 72f391a24487ab442290c47e2e670f52c41b0608)
Date: Wed, 24 Oct 2012 21:21:27 -0200

Signed-off-by: Murilo Opsfelder Araujo <muriloo linux vnet ibm com>

Conflicts:
	auth-dialog/Makefile.am
	auth-dialog/main.c
---
 auth-dialog/Makefile.am |  6 +++--
 auth-dialog/main.c      | 68 +++++++++++++++++++++++++++++++++++++++++++++++++
 configure.ac            |  4 +++
 3 files changed, 76 insertions(+), 2 deletions(-)

diff --git a/auth-dialog/Makefile.am b/auth-dialog/Makefile.am
index 3f36f26..68a21a5 100644
--- a/auth-dialog/Makefile.am
+++ b/auth-dialog/Makefile.am
@@ -9,6 +9,7 @@ nm_openconnect_auth_dialog_CPPFLAGS = \
 	$(GTK_CFLAGS) \
 	$(GCONF_CFLAGS) \
 	$(OPENCONNECT_CFLAGS) \
+	$(LIBXML_CFLAGS) \
 	$(GNOMEKEYRING_CFLAGS) \
 	-DICONDIR=\""$(datadir)/pixmaps"\" \
 	-DBINDIR=\""$(bindir)"\" \
@@ -28,7 +29,8 @@ nm_openconnect_auth_dialog_LDADD = \
 	$(LIBXML_LIBS) \
 	$(GTHREAD_LIBS) \
 	$(GCONF_LIBS) \
-	$(OPENCONNECT_LIBS)
+	$(OPENCONNECT_LIBS) \
+	$(LIBXML_LIBS) \
+	$(GNOMEKEYRING_LIBS)
 
 CLEANFILES = *~
-
diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index 5e08b7a..af797e7 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -86,6 +86,9 @@ g_unix_set_fd_nonblocking (gint     fd,
 #endif /* GLIB_CHECK_VERSION(2,30,0) */
 
 #include "auth-dlg-settings.h"
+#include <gnome-keyring.h>
+
+#include "src/nm-openconnect-service.h"
 
 #include "openconnect.h"
 
@@ -112,6 +115,20 @@ static char *_config_path;
 #include <openssl/ui.h>
 #endif
 
+static const GnomeKeyringPasswordSchema OPENCONNECT_SCHEMA_DEF = {
+  GNOME_KEYRING_ITEM_GENERIC_SECRET,
+  {
+    {"host", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {"auth_id", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {"label", GNOME_KEYRING_ATTRIBUTE_TYPE_STRING},
+    {NULL, 0}
+  }
+};
+
+const GnomeKeyringPasswordSchema *OPENCONNECT_SCHEMA = &OPENCONNECT_SCHEMA_DEF;
+
+static void got_keyring_pw(GnomeKeyringResult result, const char *string, gpointer data);
+
 static char *lasthost;
 
 typedef struct vpnhost {
@@ -251,6 +268,7 @@ static void ssl_box_clear(auth_ui_data *ui_data)
 
 typedef struct ui_fragment_data {
 	GtkWidget *widget;
+	GtkWidget *entry;
 	auth_ui_data *ui_data;
 #ifdef OPENCONNECT_OPENSSL
 	UI_STRING *uis;
@@ -371,6 +389,7 @@ static gboolean ui_write_prompt (ui_fragment_data *data)
 
 	entry = gtk_entry_new();
 	gtk_box_pack_end(GTK_BOX(hbox), entry, FALSE, FALSE, 0);
+	data->entry = entry;
 	if (!visible)
 		gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
 	if (data->entry_text)
@@ -598,6 +617,19 @@ static char *find_form_answer(struct oc_auth_form *form, struct oc_form_opt *opt
 	return result;
 }
 
+/* Callback which is called when we got a reply from gnome-keyring for any
+ * password field. Updates the contents of the password field unless the user
+ * entered anything in the meantime. */
+static void got_keyring_pw(GnomeKeyringResult result, const char *string, gpointer userdata)
+{
+	ui_fragment_data *data = (ui_fragment_data*)userdata;
+	if (data->entry) {
+		if (g_ascii_strncasecmp("", gtk_entry_get_text(GTK_ENTRY(data->entry)), 0) == 0)
+			gtk_entry_set_text(GTK_ENTRY(data->entry), string);
+	} else
+		data->entry_text = g_strdup (string);
+}
+
 /* This part for processing forms from openconnect directly, rather than
    through the SSL UI abstraction (which doesn't allow 'select' options) */
 
@@ -638,6 +670,20 @@ static gboolean ui_form (struct oc_auth_form *form)
 			g_mutex_unlock (ui_data->form_mutex);
 			if (opt->type != OC_FORM_OPT_PASSWORD)
 				data->entry_text = find_form_answer(form, opt);
+			else {
+				char *hostname;
+				hostname = openconnect_get_hostname(ui_data->vpninfo);
+				gnome_keyring_find_password(
+						OPENCONNECT_SCHEMA,
+						got_keyring_pw,
+						data,
+						NULL,
+						"host", hostname,
+						"auth_id", form->auth_id,
+						"label", data->opt->name,
+						NULL
+						);
+			}
 
 			ui_write_prompt(data);
 		} else if (opt->type == OC_FORM_OPT_SELECT) {
@@ -692,6 +738,28 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form)
 					keyname = g_strdup_printf("form:%s:%s", form->auth_id, data->opt->name);
 					remember_gconf_key(ui_data, keyname, strdup(data->entry_text));
 				}
+
+				if (data->opt->type == OC_FORM_OPT_PASSWORD) {
+					/* store the password in gnome-keyring */
+					char *description;
+					char *hostname;
+					//int result;
+					description = g_strdup_printf(_("OpenConnect: %s: %s:%s"), ui_data->vpn_name, form->auth_id, data->opt->name);
+					hostname = openconnect_get_hostname(ui_data->vpninfo);
+					gnome_keyring_store_password_sync (
+							OPENCONNECT_SCHEMA,
+							GNOME_KEYRING_DEFAULT,
+							description,
+							data->entry_text, /* password */
+							"host", hostname,
+							"auth_id", form->auth_id,
+							"label", data->opt->name,
+							NULL
+							);
+					// TODO: err
+					g_free(description);
+
+				}
 			}
 			g_slice_free (ui_fragment_data, data);
 		}
diff --git a/configure.ac b/configure.ac
index 9f67e21..ad8f90f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -69,6 +69,10 @@ if test x"$with_gnome" != xno; then
 	AC_SUBST(GTK_CFLAGS)
 	AC_SUBST(GTK_LIBS)
 
+	PKG_CHECK_MODULES(GNOMEKEYRING, gnome-keyring-1)
+	AC_SUBST(GNOMEKEYRING_CFLAGS)
+	AC_SUBST(GNOMEKEYRING_LIBS)
+
 	PKG_CHECK_MODULES(GCONF, gconf-2.0)
 	AC_SUBST(GCONF_CFLAGS)
 	AC_SUBST(GCONF_LIBS)
-- 
1.8.0

References:
- [PATCH 0/7] nm-openconnect: backport gnome-keyring support for NM_0_8 branch
  - From: Murilo Opsfelder Araujo

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]