mirrors/nextcloud-desktop
1
0
Fork 0
mirror of https://github.com/nextcloud/desktop.git synced 2024-11-28 01:53:27 +03:00
Code Issues Projects Releases Packages Wiki Activity

Fix Remote Wipe keychain storage

Browse source 
In certain cases don't write the app password in Account::writeAppPasswordOnce:
- id() is empty: This always happend once the Account Wizard showed the folder selection
- appPassword is empty: Caused by Logout -> Relaunch, preventing remote wipe on relaunch

Implement some logging to ease debugging in the future.

Signed-off-by: Michael Schuster <michael@schuster.ms>
This commit is contained in:
Michael Schuster 2019-12-08 00:02:11 +01:00 committed by Michael Schuster
parent 0c5f4a1525
commit 6a49e787bb
1 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
src/libsync/account.cpp
View file

@ -517,6 +517,14 @@ void Account::writeAppPasswordOnce(QString appPassword){
if(_wroteAppPassword) if(_wroteAppPassword)
return; return;
// Fix: Password got written from Account Wizard, before finish.
// Only write the app password for a connected account, else
// there'll be a zombie keychain slot forever, never used again ;p
//
// Also don't write empty passwords (Log out -> Relaunch)
if(id().isEmpty() || appPassword.isEmpty())
return;
const QString kck = AbstractCredentials::keychainKey( const QString kck = AbstractCredentials::keychainKey(
url().toString(), url().toString(),
davUser() + app_password, davUser() + app_password,
@ -527,9 +535,14 @@ void Account::writeAppPasswordOnce(QString appPassword){
job->setInsecureFallback(false); job->setInsecureFallback(false);
job->setKey(kck); job->setKey(kck);
job->setBinaryData(appPassword.toLatin1()); job->setBinaryData(appPassword.toLatin1());
connect(job, &WritePasswordJob::finished, [this](Job *) { connect(job, &WritePasswordJob::finished, [this](Job *incoming) {
qCInfo(lcAccount) << "appPassword stored in keychain"; WritePasswordJob *writeJob = static_cast<WritePasswordJob *>(incoming);
if (writeJob->error() == NoError)
qCInfo(lcAccount) << "appPassword stored in keychain";
else
qCWarning(lcAccount) << "Unable to store appPassword in keychain" << writeJob->errorString();
// We don't try this again on error, to not raise CPU consumption
_wroteAppPassword = true; _wroteAppPassword = true;
}); });
job->start(); job->start();
@ -574,6 +587,16 @@ void Account::deleteAppPassword(){
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName()); DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
job->setInsecureFallback(false); job->setInsecureFallback(false);
job->setKey(kck); job->setKey(kck);
connect(job, &DeletePasswordJob::finished, [this](Job *incoming) {
DeletePasswordJob *deleteJob = static_cast<DeletePasswordJob *>(incoming);
if (deleteJob->error() == NoError)
qCInfo(lcAccount) << "appPassword deleted from keychain";
else
qCWarning(lcAccount) << "Unable to delete appPassword from keychain" << deleteJob->errorString();
// Allow storing a new app password on re-login
_wroteAppPassword = false;
});
job->start(); job->start();
} }