From 3aa77c6918d5670d894fc5f14240901073128952 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Sun, 25 Mar 2012 12:23:29 +0200
Subject: [PATCH] Support content type application/octet-stream for passwords

 * Older versions of gnome-keyring erroneously set this content type
   for passwords even though they're textual.
 * If we see this content type, then check if the password is textual
   and allow usage as a null-terminated password
---
 library/secret-password.c  | 18 ++++--------------
 library/secret-value.c     | 17 +++++++++++++++--
 library/tests/test-value.c |  2 +-
 3 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/library/secret-password.c b/library/secret-password.c
index 6b3e22a..db3317f 100644
--- a/library/secret-password.c
+++ b/library/secret-password.c
@@ -556,7 +556,6 @@ secret_password_lookup_nonpageable_finish (GAsyncResult *result,
 {
 	GSimpleAsyncResult *res;
 	LookupClosure *closure;
-	const gchar *content_type;
 	gchar *password = NULL;
 
 	g_return_val_if_fail (error == NULL || *error == NULL, NULL);
@@ -571,12 +570,8 @@ secret_password_lookup_nonpageable_finish (GAsyncResult *result,
 	if (closure->value == NULL)
 		return NULL;
 
-	content_type = secret_value_get_content_type (closure->value);
-	if (content_type && g_str_equal (content_type, "text/plain")) {
-		password = _secret_value_unref_to_password (closure->value);
-		closure->value = NULL;
-	}
-
+	password = _secret_value_unref_to_password (closure->value);
+	closure->value = NULL;
 	return password;
 }
 
@@ -596,7 +591,6 @@ secret_password_lookup_finish (GAsyncResult *result,
 {
 	GSimpleAsyncResult *res;
 	LookupClosure *closure;
-	const gchar *content_type;
 	gchar *string = NULL;
 
 	g_return_val_if_fail (error == NULL || *error == NULL, NULL);
@@ -611,12 +605,8 @@ secret_password_lookup_finish (GAsyncResult *result,
 	if (closure->value == NULL)
 		return NULL;
 
-	content_type = secret_value_get_content_type (closure->value);
-	if (content_type && g_str_equal (content_type, "text/plain")) {
-		string = _secret_value_unref_to_string (closure->value);
-		closure->value = NULL;
-	}
-
+	string = _secret_value_unref_to_string (closure->value);
+	closure->value = NULL;
 	return string;
 }
 
diff --git a/library/secret-value.c b/library/secret-value.c
index 959e4d3..185d7e8 100644
--- a/library/secret-value.c
+++ b/library/secret-value.c
@@ -219,6 +219,19 @@ secret_value_unref (gpointer value)
 	}
 }
 
+static gboolean
+is_password_value (SecretValue *value)
+{
+	if (value->content_type && g_str_equal (value->content_type, "text/plain"))
+		return TRUE;
+
+	/* gnome-keyring-daemon used to return passwords like this, so support this, but validate */
+	if (!value->content_type || g_str_equal (value->content_type, "application/octet-stream"))
+		return g_utf8_validate (value->secret, value->length, NULL);
+
+	return FALSE;
+}
+
 gchar *
 _secret_value_unref_to_password (SecretValue *value)
 {
@@ -227,7 +240,7 @@ _secret_value_unref_to_password (SecretValue *value)
 
 	g_return_val_if_fail (value != NULL, NULL);
 
-	if (val->content_type && !g_str_equal (val->content_type, "text/plain")) {
+	if (!is_password_value (value)) {
 		secret_value_unref (value);
 		return NULL;
 	}
@@ -259,7 +272,7 @@ _secret_value_unref_to_string (SecretValue *value)
 
 	g_return_val_if_fail (value != NULL, NULL);
 
-	if (val->content_type && !g_str_equal (val->content_type, "text/plain")) {
+	if (!is_password_value (value)) {
 		secret_value_unref (value);
 		return NULL;
 	}
diff --git a/library/tests/test-value.c b/library/tests/test-value.c
index d72a2b7..ac80c84 100644
--- a/library/tests/test-value.c
+++ b/library/tests/test-value.c
@@ -164,7 +164,7 @@ test_to_password_bad_content (void)
 	SecretValue *value;
 	gchar *password;
 
-	value = secret_value_new_full (g_strdup ("wooowhee"), -1,
+	value = secret_value_new_full (g_strdup ("w\xFFooowhee"), -1,
 	                                "application/octet-stream", g_free);
 
 	password = _secret_value_unref_to_password (value);