Cypher_Stack/libsecret
2
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libsecret.git synced 2025-01-03 02:28:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support content type application/octet-stream for passwords

Browse Source 
* Older versions of gnome-keyring erroneously set this content type
   for passwords even though they're textual.
 * If we see this content type, then check if the password is textual
   and allow usage as a null-terminated password
This commit is contained in:
Stef Walter 2012-03-25 12:23:29 +02:00
parent 11cc25f4e8
commit 3aa77c6918
3 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/secret-password.c
View File

@ -556,7 +556,6 @@ secret_password_lookup_nonpageable_finish (GAsyncResult *result,
{ {
GSimpleAsyncResult *res; GSimpleAsyncResult *res;
LookupClosure *closure; LookupClosure *closure;
const gchar *content_type;
gchar *password = NULL; gchar *password = NULL;
g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL);
@ -571,12 +570,8 @@ secret_password_lookup_nonpageable_finish (GAsyncResult *result,
if (closure->value == NULL) if (closure->value == NULL)
return NULL; return NULL;
content_type = secret_value_get_content_type (closure->value); password = _secret_value_unref_to_password (closure->value);
if (content_type && g_str_equal (content_type, "text/plain")) { closure->value = NULL;
password = _secret_value_unref_to_password (closure->value);
closure->value = NULL;
}
return password; return password;
} }
@ -596,7 +591,6 @@ secret_password_lookup_finish (GAsyncResult *result,
{ {
GSimpleAsyncResult *res; GSimpleAsyncResult *res;
LookupClosure *closure; LookupClosure *closure;
const gchar *content_type;
gchar *string = NULL; gchar *string = NULL;
g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL);
@ -611,12 +605,8 @@ secret_password_lookup_finish (GAsyncResult *result,
if (closure->value == NULL) if (closure->value == NULL)
return NULL; return NULL;
content_type = secret_value_get_content_type (closure->value); string = _secret_value_unref_to_string (closure->value);
if (content_type && g_str_equal (content_type, "text/plain")) { closure->value = NULL;
string = _secret_value_unref_to_string (closure->value);
closure->value = NULL;
}
return string; return string;
} }

17
library/secret-value.c
View File

@ -219,6 +219,19 @@ secret_value_unref (gpointer value)
} }
} }
static gboolean
is_password_value (SecretValue *value)
{
if (value->content_type && g_str_equal (value->content_type, "text/plain"))
return TRUE;
/* gnome-keyring-daemon used to return passwords like this, so support this, but validate */
if (!value->content_type || g_str_equal (value->content_type, "application/octet-stream"))
return g_utf8_validate (value->secret, value->length, NULL);
return FALSE;
}
gchar * gchar *
_secret_value_unref_to_password (SecretValue *value) _secret_value_unref_to_password (SecretValue *value)
{ {
@ -227,7 +240,7 @@ _secret_value_unref_to_password (SecretValue *value)
g_return_val_if_fail (value != NULL, NULL); g_return_val_if_fail (value != NULL, NULL);
if (val->content_type && !g_str_equal (val->content_type, "text/plain")) { if (!is_password_value (value)) {
secret_value_unref (value); secret_value_unref (value);
return NULL; return NULL;
} }
@ -259,7 +272,7 @@ _secret_value_unref_to_string (SecretValue *value)
g_return_val_if_fail (value != NULL, NULL); g_return_val_if_fail (value != NULL, NULL);
if (val->content_type && !g_str_equal (val->content_type, "text/plain")) { if (!is_password_value (value)) {
secret_value_unref (value); secret_value_unref (value);
return NULL; return NULL;
} }

2
library/tests/test-value.c
View File

@ -164,7 +164,7 @@ test_to_password_bad_content (void)
SecretValue *value; SecretValue *value;
gchar *password; gchar *password;
value = secret_value_new_full (g_strdup ("wooowhee"), -1, value = secret_value_new_full (g_strdup ("w\xFFooowhee"), -1,
"application/octet-stream", g_free); "application/octet-stream", g_free);
password = _secret_value_unref_to_password (value); password = _secret_value_unref_to_password (value);