Fix remote wipe keychain storage (issue #1592)

The app password for the remote wipe was constantly being written in WebFlowCredentials::slotFinished to the keychain, leading to unnecessary write and log overhead on the system. This fix introduces a check to only store the app password once in a lifetime of the Account class. Also the method used to store the password will be renamed from setAppPassword to writeAppPasswordOnce to be more expressive. Signed-off-by: Michael Schuster <michael@schuster.ms>
nextcloud · Nov 29, 2019 · dcc84d3 · dcc84d3
1 parent 8ae18d9
commit dcc84d3
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 4 deletions.
diff --git a/src/gui/creds/webflowcredentials.cpp b/src/gui/creds/webflowcredentials.cpp
@@ -420,7 +420,7 @@ void WebFlowCredentials::slotFinished(QNetworkReply *reply) {
         _credentialsValid = true;
 
         /// Used later for remote wipe
-        _account->setAppPassword(_password);
+        _account->writeAppPasswordOnce(_password);
     }
 }
 

diff --git a/src/libsync/account.cpp b/src/libsync/account.cpp
@@ -513,7 +513,10 @@ void Account::setNonShib(bool nonShib)
     }
 }
 
-void Account::setAppPassword(QString appPassword){
+void Account::writeAppPasswordOnce(QString appPassword){
+    if(_wroteAppPassword)
+        return;
+
     const QString kck = AbstractCredentials::keychainKey(
                 url().toString(),
                 davUser() + app_password,
@@ -524,8 +527,10 @@ void Account::setAppPassword(QString appPassword){
     job->setInsecureFallback(false);
     job->setKey(kck);
     job->setBinaryData(appPassword.toLatin1());
-    connect(job, &WritePasswordJob::finished, [](Job *) {
+    connect(job, &WritePasswordJob::finished, [this](Job *) {
         qCInfo(lcAccount) << "appPassword stored in keychain";
+
+        _wroteAppPassword = true;
     });
     job->start();
 }

diff --git a/src/libsync/account.h b/src/libsync/account.h
@@ -243,7 +243,7 @@ class OWNCLOUDSYNC_EXPORT Account : public QObject
 
     /// Used in RemoteWipe
     void retrieveAppPassword();
-    void setAppPassword(QString appPassword);
+    void writeAppPasswordOnce(QString appPassword);
     void deleteAppPassword();
 
 public slots:
@@ -319,6 +319,9 @@ protected Q_SLOTS:
     QString _davPath; // defaults to value from theme, might be overwritten in brandings
     ClientSideEncryption _e2e;
 
+    /// Used in RemoteWipe
+    bool _wroteAppPassword = false;
+
     friend class AccountManager;
 };
 }