Differential D22620 Diff 65095 deskutils/nextcloudclient/files/patch-fix_remote_wipe_keychain_storage
Changeset View
Changeset View
Standalone View
Standalone View
deskutils/nextcloudclient/files/patch-fix_remote_wipe_keychain_storage
- This file was added.
| Property | Old Value | New Value |
|---|---|---|
| fbsd:nokeywords | null | yes \ No newline at end of property |
| svn:eol-style | null | native \ No newline at end of property |
| svn:mime-type | null | text/plain \ No newline at end of property |
| From dcc84d35085d790a53b472d1edba663832af238a Mon Sep 17 00:00:00 2001 | |||||
| From: Michael Schuster <michael@schuster.ms> | |||||
| Date: Fri, 29 Nov 2019 04:28:50 +0100 | |||||
| Subject: [PATCH] Fix remote wipe keychain storage (issue #1592) | |||||
| The app password for the remote wipe was constantly being written in | |||||
| WebFlowCredentials::slotFinished to the keychain, leading to unnecessary | |||||
| write and log overhead on the system. | |||||
| This fix introduces a check to only store the app password once in | |||||
| a lifetime of the Account class. Also the method used to store the | |||||
| password will be renamed from setAppPassword to writeAppPasswordOnce | |||||
| to be more expressive. | |||||
| Signed-off-by: Michael Schuster <michael@schuster.ms> | |||||
| --- | |||||
| src/gui/creds/webflowcredentials.cpp | 2 +- | |||||
| src/libsync/account.cpp | 9 +++++++-- | |||||
| src/libsync/account.h | 5 ++++- | |||||
| 3 files changed, 12 insertions(+), 4 deletions(-) | |||||
| diff --git a/src/gui/creds/webflowcredentials.cpp b/src/gui/creds/webflowcredentials.cpp | |||||
| index 49c80e1ff..e2dc10b35 100644 | |||||
| --- src/gui/creds/webflowcredentials.cpp | |||||
| +++ src/gui/creds/webflowcredentials.cpp | |||||
| @@ -420,7 +420,7 @@ void WebFlowCredentials::slotFinished(QNetworkReply *reply) { | |||||
| _credentialsValid = true; | |||||
| /// Used later for remote wipe | |||||
| - _account->setAppPassword(_password); | |||||
| + _account->writeAppPasswordOnce(_password); | |||||
| } | |||||
| } | |||||
| diff --git a/src/libsync/account.cpp b/src/libsync/account.cpp | |||||
| index 32e58b2e4..33032e3f8 100644 | |||||
| --- src/libsync/account.cpp | |||||
| +++ src/libsync/account.cpp | |||||
| @@ -513,7 +513,10 @@ void Account::setNonShib(bool nonShib) | |||||
| } | |||||
| } | |||||
| -void Account::setAppPassword(QString appPassword){ | |||||
| +void Account::writeAppPasswordOnce(QString appPassword){ | |||||
| + if(_wroteAppPassword) | |||||
| + return; | |||||
| + | |||||
| const QString kck = AbstractCredentials::keychainKey( | |||||
| url().toString(), | |||||
| davUser() + app_password, | |||||
| @@ -524,8 +527,10 @@ void Account::setAppPassword(QString appPassword){ | |||||
| job->setInsecureFallback(false); | |||||
| job->setKey(kck); | |||||
| job->setBinaryData(appPassword.toLatin1()); | |||||
| - connect(job, &WritePasswordJob::finished, [](Job *) { | |||||
| + connect(job, &WritePasswordJob::finished, [this](Job *) { | |||||
| qCInfo(lcAccount) << "appPassword stored in keychain"; | |||||
| + | |||||
| + _wroteAppPassword = true; | |||||
| }); | |||||
| job->start(); | |||||
| } | |||||
| diff --git a/src/libsync/account.h b/src/libsync/account.h | |||||
| index 1f3e46a96..2b843dca9 100644 | |||||
| --- src/libsync/account.h | |||||
| +++ src/libsync/account.h | |||||
| @@ -243,7 +243,7 @@ class OWNCLOUDSYNC_EXPORT Account : public QObject | |||||
| /// Used in RemoteWipe | |||||
| void retrieveAppPassword(); | |||||
| - void setAppPassword(QString appPassword); | |||||
| + void writeAppPasswordOnce(QString appPassword); | |||||
| void deleteAppPassword(); | |||||
| public slots: | |||||
| @@ -319,6 +319,9 @@ protected Q_SLOTS: | |||||
| QString _davPath; // defaults to value from theme, might be overwritten in brandings | |||||
| ClientSideEncryption _e2e; | |||||
| + /// Used in RemoteWipe | |||||
| + bool _wroteAppPassword = false; | |||||
| + | |||||
| friend class AccountManager; | |||||
| }; | |||||
| } | |||||