[PATCH v2 5/7] Remove passwords from gnome-keyring when user disables 'save passwords' (cherry picked from commit a37b1f725c460b5237ed6ab36a961c2e3f1c8145)

[Murilo Opsfelder Araujo <muriloo linux vnet ibm com>]

Also mark 'save passwords' toggle button if a password is found in
keyring.

Signed-off-by: Murilo Opsfelder Araujo <muriloo linux vnet ibm com>

Conflicts:
	auth-dialog/main.c
---
v2: Also mark 'save passwords' toggle button if a password is found in
keyring

 auth-dialog/main.c | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 68 insertions(+), 1 deletion(-)

diff --git a/auth-dialog/main.c b/auth-dialog/main.c
index a256bda..46b3199 100644
--- a/auth-dialog/main.c
+++ b/auth-dialog/main.c
@@ -195,6 +195,7 @@ static void keyring_store_passwords(gpointer key, gpointer value, gpointer user_
 typedef struct auth_ui_data {
 	char *vpn_name;
 	char *vpn_uuid;
+	GHashTable *secrets;
 	GHashTable *success_passwords;
 	struct openconnect_info *vpninfo;
 	struct gconf_key *success_keys;
@@ -207,6 +208,7 @@ typedef struct auth_ui_data {
 	GtkWidget *cancel_button;
 	GtkWidget *login_button;
 	GtkWidget *last_notice_icon;
+	GtkWidget *savepass;
 	GtkTextBuffer *log;
 
 	int retval;
@@ -671,6 +673,9 @@ static void got_keyring_pw(GnomeKeyringResult result, const char *string, gpoint
 				gtk_entry_set_text(GTK_ENTRY(data->entry), string);
 		} else
 			data->entry_text = g_strdup (string);
+
+		/* Mark 'Save passwords' if a password is found in keyring */
+		gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (data->ui_data->savepass), 1);
 	}
 }
 
@@ -1033,6 +1038,16 @@ static int get_gconf_autoconnect(GConfClient *gcl, char *config_path)
 	return ret;
 }
 
+static gboolean get_save_passwords(GHashTable *secrets)
+{
+	char *save = g_hash_table_lookup (secrets, "save_passwords");
+
+	if (save && !strcmp(save, "yes"))
+		return TRUE;
+
+	return FALSE;
+}
+
 static int parse_xmlconfig(char *xmlconfig)
 {
 	xmlDocPtr xml_doc;
@@ -1234,12 +1249,52 @@ static int write_new_config(void *cbdata, char *buf, int buflen)
 
 static void autocon_toggled(GtkWidget *widget)
 {
+	auth_ui_data *ui_data = _ui_data; /* FIXME global */
+	gchar *enabled = NULL;
 	char *config_path = _config_path; /* FIXME global */
 	GConfClient *gcl = _gcl; /* FIXME global */
-	int enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
 	char *key = g_strdup_printf("%s/vpn/autoconnect", config_path);
 
 	gconf_client_set_string(gcl, key, enabled ? "yes" : "no", NULL);
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON(widget)))
+		enabled = g_strdup ("yes");
+	else
+		enabled = g_strdup ("no");
+
+	g_hash_table_insert (ui_data->secrets, g_strdup ("autoconnect"), enabled);
+}
+
+/* gnome_keyring_delete_password() only deletes one matching password, so
+   keep doing it until it doesn't succeed. The ui_data is essentially
+   permanent anyway so no need to worry about its lifetime. */
+static void delete_next_password(GnomeKeyringResult result, gpointer data)
+{
+	auth_ui_data *ui_data = data;
+
+	if (result == GNOME_KEYRING_RESULT_OK) {
+		gnome_keyring_delete_password(OPENCONNECT_SCHEMA,
+					      delete_next_password,
+					      ui_data, NULL,
+					      "vpn_uuid", ui_data->vpn_uuid,
+					      NULL);
+	}
+}
+
+static void savepass_toggled(GtkWidget *widget, auth_ui_data *ui_data)
+{
+	gchar *enabled;
+
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON(widget)))
+		enabled = g_strdup ("yes");
+	else {
+		enabled = g_strdup ("no");
+		gnome_keyring_delete_password(OPENCONNECT_SCHEMA,
+					      delete_next_password,
+					      ui_data, NULL,
+					      "vpn_uuid", ui_data->vpn_uuid,
+					      NULL);
+	}
+	g_hash_table_insert (ui_data->secrets, g_strdup ("save_passwords"), enabled);
 }
 
 static void scroll_log(GtkTextBuffer *log, GtkTextView *view)
@@ -1366,10 +1421,13 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
 		openconnect_clear_cookie(ui_data->vpninfo);
 		printf("\n\n");
 		fflush(stdout);
+
+		if (get_save_passwords (ui_data->secrets)) {
 			g_hash_table_foreach(
 				ui_data->success_passwords,
 				keyring_store_passwords,
 				NULL);
+		}
 
 		ui_data->retval = 0;
 
@@ -1604,6 +1662,13 @@ static void build_main_dialog(auth_ui_data *ui_data)
 	gtk_widget_set_sensitive (ui_data->cancel_button, FALSE);
 	gtk_widget_show(ui_data->cancel_button);
 
+	ui_data->savepass = gtk_check_button_new_with_label(_("Save passwords"));
+	gtk_box_pack_start(GTK_BOX(hbox), ui_data->savepass, FALSE, FALSE, 0);
+	if (get_save_passwords (ui_data->secrets))
+		gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(ui_data->savepass), 1);
+	g_signal_connect(ui_data->savepass, "toggled", G_CALLBACK(savepass_toggled), ui_data);
+	gtk_widget_show(ui_data->savepass);
+
 	exp = gtk_expander_new(_("Log"));
 	gtk_box_pack_end(GTK_BOX(vbox), exp, FALSE, FALSE, 0);
 	gtk_widget_show(exp);
@@ -1643,6 +1708,8 @@ static auth_ui_data *init_ui_data (char *vpn_name, char *vpn_uuid)
 	ui_data->cert_response_changed = g_cond_new();
 	ui_data->vpn_name = vpn_name;
 	ui_data->vpn_uuid = vpn_uuid;
+	ui_data->secrets = g_hash_table_new_full (g_str_hash, g_str_equal,
+							  g_free, g_free);
 	ui_data->success_passwords = g_hash_table_new_full (g_str_hash, g_str_equal,
 							  g_free, keyring_password_free);
 	if (pipe(ui_data->cancel_pipes)) {
-- 
1.8.0