Re: NetworManager and openconnect: using cookies

From: Murilo Opsfelder <muriloo linux vnet ibm com>
To: David Woodhouse <dwmw2 infradead org>
Cc: "ebarkie us ibm com" <ebarkie us ibm com>, "networkmanager-list gnome org" <networkmanager-list gnome org>, openconnect-devel lists infradead org
Subject: Re: NetworManager and openconnect: using cookies
Date: Thu, 02 Dec 2010 17:53:32 -0200

On 12/02/2010 04:16 PM, David Woodhouse wrote:

On Thu, 2010-12-02 at 17:53 +0000, David Woodhouse wrote:


Hrm, why not using the *same* 'keyname' string as we're using for the
TEXT and SELECT cases? There was a reason we included the form->auth_id
in that key.


Patch below should do that. But I notice two problems now I look closer.


Thanks David. I appreciated your attention.

Firstly, it's not optional. I think it needs to be; we don't want to
*unconditionally* save the password. Not only for security reasons, but
also because it might be a one-time password.

By optional, you mean a "save password" checkbox in the GUI or acompile-time flag (e.g.: --with-gnome-keyring)?

Secondly, it's saving the password even if the authentication fails.
You'll note that 'remember_gconf_key' doesn't actually set it
immediately; it just *stores* it, and the entry later gets set when the
cookie_obtained() function walks through the ui_data->success_keys list.

If I understood it correctly, in remember_keyring_key() I should onlystore form_id, name and value in auth_ui_data and actually save them ingnome-keyring inside cookie_obtained() function. Is that correct?

(Third problem was that your patch lacked a Signed-off-by)


Thanks for making me aware of this. I'll add it in the next patch.

--
Murilo

Follow-Ups:
- Re: NetworManager and openconnect: using cookies
  - From: David Woodhouse

References:
- Re: NetworManager and openconnect: using cookies
  - From: David Woodhouse
- Re: NetworManager and openconnect: using cookies
  - From: David Woodhouse

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]