From 2f358957f0c7f05eae1397a61b7a55a04afde6ae Mon Sep 17 00:00:00 2001
From: Denis Leroy <denis@fedoraproject.org>
Date: Oct 24 2006 09:31:40 +0000
Subject: Added patch to support saving group password only


---

diff --git a/NetworkManager-vpnc-0.7.0-gppasswd.patch b/NetworkManager-vpnc-0.7.0-gppasswd.patch
new file mode 100644
index 0000000..49f4458
--- /dev/null
+++ b/NetworkManager-vpnc-0.7.0-gppasswd.patch
@@ -0,0 +1,382 @@
+--- NetworkManager-vpnc-0.7.0/auth-dialog/main.c.orig	2006-10-21 15:01:07.000000000 +0200
++++ NetworkManager-vpnc-0.7.0/auth-dialog/main.c	2006-10-21 15:03:55.000000000 +0200
+@@ -33,13 +33,39 @@
+ 
+ #define VPN_SERVICE "org.freedesktop.NetworkManager.vpnc"
+ 
+-static GSList *
+-lookup_pass (const char *vpn_name, const char *vpn_service, gboolean *is_session)
++struct keyring_data {
++	const char* password;
++	const char* group_password;
++	gboolean is_session;
++};
++
++void keyring_data_init(struct keyring_data* d)
+ {
+-	GSList *passwords;
+-	GList *keyring_result;
++	d->password = NULL;
++	d->group_password = NULL;
++	d->is_session = FALSE;
++}
+ 
+-	passwords = NULL;
++void keyring_data_free(struct keyring_data* d)
++{
++	/* For security reasons, Make sure to clear the data before freeing */
++	if (d->password) {
++		memset((void*)d->password, 0, strlen(d->password));
++		g_free((void*)d->password);
++		d->password = NULL;
++	}
++	if (d->group_password) {
++		memset((void*)d->group_password, 0, strlen(d->group_password));
++		g_free((void*)d->group_password);
++		d->group_password = NULL;
++	}
++}
++ 
++
++gboolean
++lookup_pass (const char *vpn_name, const char *vpn_service, struct keyring_data* kd)
++{
++	GList *keyring_result;
+ 
+ 	if (gnome_keyring_find_network_password_sync (g_get_user_name (),     /* user */
+ 						      NULL,                   /* domain */
+@@ -51,40 +77,32 @@
+ 						      &keyring_result) != GNOME_KEYRING_RESULT_OK)
+ 		return FALSE;
+ 
+-	if (keyring_result != NULL && g_list_length (keyring_result) == 2) {
+-		char *password;
+-		char *group_password;
+-		GnomeKeyringNetworkPasswordData *data1 = keyring_result->data;
+-		GnomeKeyringNetworkPasswordData *data2 = (g_list_next (keyring_result))->data;
++	char *password = NULL;
++	char *group_password = NULL;
++	GList* i;
++
++	for (i = keyring_result; i; i = g_list_next(i)) {
++		GnomeKeyringNetworkPasswordData *data = i->data;
++
++		if (data) {
++			if (strcmp (data->object, "group_password") == 0) {
++				group_password = data->password;
++			} else if (strcmp (data->object, "password") == 0) {
++				password = data->password;
++			}
+ 
+-		password = NULL;
+-		group_password = NULL;
+-
+-		if (strcmp (data1->object, "group_password") == 0) {
+-			group_password = data1->password;
+-		} else if (strcmp (data1->object, "password") == 0) {
+-			password = data1->password;
+-		}
+-
+-		if (strcmp (data2->object, "group_password") == 0) {
+-			group_password = data2->password;
+-		} else if (strcmp (data2->object, "password") == 0) {
+-			password = data2->password;
++			kd->is_session = (strcmp (data->keyring, "session") == 0);
+ 		}
++	}
+ 
+-		if (password != NULL && group_password != NULL) {
+-			passwords = g_slist_append (passwords, g_strdup (group_password));
+-			passwords = g_slist_append (passwords, g_strdup (password));
+-			if (strcmp (data1->keyring, "session") == 0)
+-				*is_session = TRUE;
+-			else
+-				*is_session = FALSE;
+-		}
++	if (password)
++		kd->password = g_strdup(password);
++	if (group_password)
++		kd->group_password = g_strdup(group_password);
+ 
+-		gnome_keyring_network_password_list_free (keyring_result);
+-	}
++	gnome_keyring_network_password_list_free (keyring_result);
+ 
+-	return passwords;
++	return TRUE;
+ }
+ 
+ static void save_vpn_password (const char *vpn_name, const char *vpn_service, const char *keyring, 
+@@ -93,6 +111,7 @@
+ 	guint32 item_id;
+ 	GnomeKeyringResult keyring_result;
+ 
++	if (password) {
+ 	keyring_result = gnome_keyring_set_network_password_sync (keyring,
+ 								  g_get_user_name (),
+ 								  NULL,
+@@ -107,6 +126,7 @@
+ 	{
+ 		g_warning ("Couldn't store password in keyring, code %d", (int) keyring_result);
+ 	}
++	}
+ 
+ 	keyring_result = gnome_keyring_set_network_password_sync (keyring,
+ 								  g_get_user_name (),
+@@ -125,38 +145,20 @@
+ 	}
+ }
+ 
+-static GSList *
+-get_passwords (const char *vpn_name, const char *vpn_service, gboolean retry)
++gboolean
++get_passwords (const char *vpn_name, const char *vpn_service, gboolean retry, struct keyring_data* kdata)
+ {
+-	GSList          *result;
+-	char            *prompt;
++	char		*prompt;
+ 	GtkWidget	*dialog;
+-	char            *keyring_password;
+-	char            *keyring_group_password;
+-	gboolean         keyring_is_session;
+-	GSList          *keyring_result;
+ 	GnomeTwoPasswordDialogRemember remember;
+ 
+-	result = NULL;
+-	keyring_password = NULL;
+-	keyring_group_password = NULL;
+-	keyring_result = NULL;
+-
+-	g_return_val_if_fail (vpn_name != NULL, NULL);
++	g_return_val_if_fail (vpn_name != NULL, FALSE);
+ 
+ 	/* Use the system user name, since the VPN might have a different user name */
+-	if (!retry) {
+-		if ((result = lookup_pass (vpn_name, vpn_service, &keyring_is_session)) != NULL) {
+-			return result;
+-		}
+-	} else {
+-		if ((keyring_result = lookup_pass (vpn_name, vpn_service, &keyring_is_session)) != NULL) {
+-			keyring_group_password = g_strdup ((char *) keyring_result->data);
+-			keyring_password = g_strdup ((char *) (g_slist_next (keyring_result))->data);
+-		}
+-		g_slist_foreach (keyring_result, (GFunc)g_free, NULL);
+-		g_slist_free (keyring_result);
+-	}
++	gboolean has_keyring = lookup_pass (vpn_name, vpn_service, kdata);
++
++	if (!retry && has_keyring && kdata->password)
++		return TRUE;
+ 
+ 	prompt = g_strdup_printf (_("You need to authenticate to access the Virtual Private Network '%s'."), vpn_name);
+ 	dialog = gnome_two_password_dialog_new (_("Authenticate VPN"), prompt, NULL, NULL, FALSE);
+@@ -169,21 +171,24 @@
+ 	gnome_two_password_dialog_set_password_secondary_label (GNOME_TWO_PASSWORD_DIALOG (dialog), _("_Group Password:"));
+ 	/* use the same keyring storage options as from the items we put in the entry boxes */
+ 	remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING;
+-	if (keyring_result != NULL) {
+-		if (keyring_is_session)
++	if (has_keyring) {
++		if (!kdata->password && kdata->group_password)
++			remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_GROUP;
++		else if (kdata->is_session)
+ 			remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION;
+ 		else
+-			remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER;				
++			remember = GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER;
+ 	}
++
+ 	gnome_two_password_dialog_set_remember (GNOME_TWO_PASSWORD_DIALOG (dialog), remember);
+ 
+-	/* if retrying, put in the passwords from the keyring */
+-	if (keyring_password != NULL) {
+-		gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog), keyring_password);
+-	}
+-	if (keyring_group_password != NULL) {
+-		gnome_two_password_dialog_set_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog), keyring_group_password);
+-	}
++/* if retrying, put in the passwords from the keyring */
++	if (kdata->password)
++		gnome_two_password_dialog_set_password (GNOME_TWO_PASSWORD_DIALOG (dialog), kdata->password);
++
++	if (kdata->group_password)
++		gnome_two_password_dialog_set_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog),
++								  kdata->group_password);
+ 
+ 	gtk_widget_show (dialog);
+ 
+@@ -192,18 +197,21 @@
+ 		char *password;
+ 		char *group_password;
+ 
+-		password = gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog));
+-		group_password = gnome_two_password_dialog_get_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog));
+-		result = g_slist_append (result, group_password);
+-		result = g_slist_append (result, password);
++		keyring_data_free(kdata);
++
++		kdata->password = gnome_two_password_dialog_get_password (GNOME_TWO_PASSWORD_DIALOG (dialog));
++		kdata->group_password = gnome_two_password_dialog_get_password_secondary (GNOME_TWO_PASSWORD_DIALOG (dialog));
+ 
+ 		switch (gnome_two_password_dialog_get_remember (GNOME_TWO_PASSWORD_DIALOG (dialog)))
+ 		{
+ 			case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION:
+-				save_vpn_password (vpn_name, vpn_service, "session", password, group_password);
++				save_vpn_password (vpn_name, vpn_service, "session", kdata->password, kdata->group_password);
++				break;
++			case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_GROUP:
++				save_vpn_password (vpn_name, vpn_service, NULL, NULL, kdata->group_password);
+ 				break;
+ 			case GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER:
+-				save_vpn_password (vpn_name, vpn_service, NULL, password, group_password);
++				save_vpn_password (vpn_name, vpn_service, NULL, kdata->password, kdata->group_password);
+ 				break;
+ 			default:
+ 				break;
+@@ -211,12 +219,9 @@
+ 
+ 	}
+ 
+-	g_free (keyring_password);
+-	g_free (keyring_group_password);
+-
+ 	gtk_widget_destroy (dialog);
+ 
+-	return result;
++	return TRUE;
+ }
+ 
+ int 
+@@ -262,22 +267,28 @@
+ 	gnome_program_init ("nm-vpnc-auth-dialog", VERSION, LIBGNOMEUI_MODULE,
+ 			    argc, argv, 
+ 			    GNOME_PARAM_NONE, GNOME_PARAM_NONE);
++
++	struct keyring_data kdata;
++	gboolean success = FALSE;
++
++	keyring_data_init(&kdata);
+ 	  
+-	passwords = get_passwords (vpn_name, vpn_service, retry);
+-	if (passwords == NULL)
++	if (! get_passwords (vpn_name, vpn_service, retry, &kdata))
+ 		goto out;
+ 
++	if (!kdata.password || !kdata.group_password)
++		goto out;
++
++	success = TRUE;
+ 	/* dump the passwords to stdout */
+-	for (i = passwords; i != NULL; i = g_slist_next (i)) {
+-		char *password = (char *) i->data;
+-		printf ("%s\n", password);
+-	}
++	printf ("%s\n", kdata.group_password);
++	printf ("%s\n", kdata.password);
++
+ 	printf ("\n\n");
+ 	/* for good measure, flush stdout since Kansas is going Bye-Bye */
+ 	fflush (stdout);
+ 
+-	g_slist_foreach (passwords, (GFunc)g_free, NULL);
+-	g_slist_free (passwords);
++	keyring_data_free(&kdata);
+ 
+ 	/* wait for data on stdin  */
+ 	fread (buf, sizeof (char), sizeof (buf), stdin);
+@@ -285,5 +296,5 @@
+ out:
+ 	g_option_context_free (context);
+ 
+-	return passwords != NULL ? 0 : 1;
++	return success ? 0 : 1;
+ }
+--- NetworkManager-vpnc-0.7.0/auth-dialog/gnome-two-password-dialog.h.orig	2006-10-21 15:01:07.000000000 +0200
++++ NetworkManager-vpnc-0.7.0/auth-dialog/gnome-two-password-dialog.h	2006-10-21 15:01:12.000000000 +0200
+@@ -57,6 +57,7 @@
+ typedef enum {
+ 	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_NOTHING,
+ 	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION,
++	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_GROUP,
+ 	GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER
+ } GnomeTwoPasswordDialogRemember;
+ 
+--- NetworkManager-vpnc-0.7.0/auth-dialog/gnome-two-password-dialog.c.orig	2006-10-21 15:01:07.000000000 +0200
++++ NetworkManager-vpnc-0.7.0/auth-dialog/gnome-two-password-dialog.c	2006-10-21 15:01:12.000000000 +0200
+@@ -68,6 +68,7 @@
+ 	
+ 	GtkWidget *remember_session_button;
+ 	GtkWidget *remember_forever_button;
++	GtkWidget *remember_group_forever_button;
+ 
+ 	GtkWidget *radio_vbox;
+ 	GtkWidget *connect_with_no_userpass_button;
+@@ -465,11 +466,15 @@
+ 		gtk_check_button_new_with_mnemonic (_("_Remember passwords for this session"));
+ 	password_dialog->details->remember_forever_button =
+ 		gtk_check_button_new_with_mnemonic (_("_Save passwords in keyring"));
++	password_dialog->details->remember_group_forever_button =
++		gtk_check_button_new_with_mnemonic (_("S_ave group password in keyring"));
+ 
+ 	gtk_box_pack_start (GTK_BOX (vbox), password_dialog->details->remember_session_button, 
+ 			    TRUE, TRUE, 6);
+ 	gtk_box_pack_start (GTK_BOX (vbox), password_dialog->details->remember_forever_button, 
+ 			    TRUE, TRUE, 0);
++	gtk_box_pack_start (GTK_BOX (vbox), password_dialog->details->remember_group_forever_button, 
++			    TRUE, TRUE, 6);
+ 
+ 
+ 	gnome_two_password_dialog_set_username (password_dialog, username);
+@@ -689,9 +694,11 @@
+ 	if (show_remember) {
+ 		gtk_widget_show (password_dialog->details->remember_session_button);
+ 		gtk_widget_show (password_dialog->details->remember_forever_button);
++		gtk_widget_show (password_dialog->details->remember_group_forever_button);
+ 	} else {
+ 		gtk_widget_hide (password_dialog->details->remember_session_button);
+ 		gtk_widget_hide (password_dialog->details->remember_forever_button);
++		gtk_widget_hide (password_dialog->details->remember_group_forever_button);
+ 	}
+ }
+ 
+@@ -699,30 +706,38 @@
+ gnome_two_password_dialog_set_remember      (GnomeTwoPasswordDialog         *password_dialog,
+ 					 GnomeTwoPasswordDialogRemember  remember)
+ {
+-	gboolean session, forever;
++	gboolean session, forever, group;
+ 
+ 	session = FALSE;
+ 	forever = FALSE;
++	group = FALSE;
+ 	if (remember == GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION) {
+ 		session = TRUE;
+ 	} else if (remember == GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER){
+ 		forever = TRUE;
++	} else if (remember == GNOME_TWO_PASSWORD_DIALOG_REMEMBER_GROUP){
++		group = TRUE;
+ 	}
+ 	gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_session_button),
+ 				      session);
+ 	gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_forever_button),
+ 				      forever);
++	gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_group_forever_button),
++				      group);
+ }
+ 
+ GnomeTwoPasswordDialogRemember
+ gnome_two_password_dialog_get_remember (GnomeTwoPasswordDialog         *password_dialog)
+ {
+-	gboolean session, forever;
++	gboolean session, forever, group;
+ 
+ 	session = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_session_button));
+ 	forever = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_forever_button));
++	group = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (password_dialog->details->remember_group_forever_button));
+ 	if (forever) {
+ 		return GNOME_TWO_PASSWORD_DIALOG_REMEMBER_FOREVER;
++	} else if (group) {
++		return GNOME_TWO_PASSWORD_DIALOG_REMEMBER_GROUP;
+ 	} else if (session) {
+ 		return GNOME_TWO_PASSWORD_DIALOG_REMEMBER_SESSION;
+ 	}
diff --git a/NetworkManager-vpnc.spec b/NetworkManager-vpnc.spec
index 91b6eac..62693fd 100644
--- a/NetworkManager-vpnc.spec
+++ b/NetworkManager-vpnc.spec
@@ -13,11 +13,12 @@
 Summary:   NetworkManager VPN integration for vpnc
 Name:      NetworkManager-vpnc
 Version:   0.7.0
-Release:   0%{?nm_vpnc_cvs_version}.2%{?dist}
+Release:   0%{?nm_vpnc_cvs_version}.3%{?dist}
 License:   GPL
 Group:     System Environment/Base
 URL:       http://www.gnome.org/projects/NetworkManager/
 Source:    %{name}-%{version}%{?nm_vpnc_cvs_version}.tar.gz
+Patch0:    NetworkManager-vpnc-0.7.0-gppasswd.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 
 BuildRequires: gtk2-devel             >= %{gtk2_version}
@@ -47,6 +48,7 @@ with NetworkManager and the GNOME desktop
 
 %prep
 %setup -q
+%patch0 -p1 -b .gppasswd
 
 %build
 %configure
@@ -97,6 +99,9 @@ fi
 %{_datadir}/icons/hicolor/48x48/apps/gnome-mime-application-x-cisco-vpn-settings.png
 
 %changelog
+* Sat Oct 21 2006 Denis Leroy <denis@poolshark.org> - 0.7.0-0.cvs20060929.3
+- Added patch to support saving group password only
+
 * Thu Oct  5 2006 Denis Leroy <denis@poolshark.org> - 0.7.0-0.cvs20060929.2
 - Leave .so link alone, needed by nm