From e727be6329c2589a739f2260bbf164c43701ba77 Mon Sep 17 00:00:00 2001
From: Colin Leroy <colin@colino.net>
Date: Thu, 11 Feb 2016 12:11:48 +0100
Subject: [PATCH] Actually encrypt passwords before storing them

---
 src/plugins/gdata/cm_gdata_contacts.c       |  7 ++++++-
 src/plugins/spam_report/claws.def           |  1 +
 src/plugins/spam_report/spam_report_prefs.c |  8 ++++++--
 src/plugins/vcalendar/claws.def             |  1 +
 src/plugins/vcalendar/vcal_prefs.c          | 16 +++++++++++-----
 5 files changed, 25 insertions(+), 8 deletions(-)

diff --git a/src/plugins/gdata/cm_gdata_contacts.c b/src/plugins/gdata/cm_gdata_contacts.c
index 9a3076324..0a062d2da 100644
--- a/src/plugins/gdata/cm_gdata_contacts.c
+++ b/src/plugins/gdata/cm_gdata_contacts.c
@@ -624,6 +624,8 @@ gboolean cm_gdata_update_contacts_cache(void)
 
 void cm_gdata_contacts_done(void)
 {
+  gchar *pass;
+
   g_free(contacts_group_id);
   contacts_group_id = NULL;
 
@@ -635,7 +637,10 @@ void cm_gdata_contacts_done(void)
   {
 #if GDATA_CHECK_VERSION(0,17,2)
     /* store refresh token */
-    cm_gdata_config.oauth2_refresh_token = gdata_oauth2_authorizer_dup_refresh_token(authorizer);
+    pass = gdata_oauth2_authorizer_dup_refresh_token(authorizer);
+    cm_gdata_config.oauth2_refresh_token = password_encrypt(pass, NULL);
+    memset(pass, 0, strlen(pass));
+    g_free(pass);
 #endif
 
     g_object_unref(G_OBJECT(authorizer));
diff --git a/src/plugins/spam_report/claws.def b/src/plugins/spam_report/claws.def
index 723dae8a2..0d5e81a8c 100644
--- a/src/plugins/spam_report/claws.def
+++ b/src/plugins/spam_report/claws.def
@@ -34,6 +34,7 @@ matcherlist_match
 matcherlist_new
 matcherprop_new
 password_decrypt
+password_encrypt
 pref_get_escaped_pref
 pref_get_unescaped_pref
 prefs_common
diff --git a/src/plugins/spam_report/spam_report_prefs.c b/src/plugins/spam_report/spam_report_prefs.c
index f2353e7a8..7d0e88d1a 100644
--- a/src/plugins/spam_report/spam_report_prefs.c
+++ b/src/plugins/spam_report/spam_report_prefs.c
@@ -198,6 +198,7 @@ static void save_spamreport_prefs(PrefsPage *page)
         int i = 0;
 	
 	for (i = 0; i < INTF_LAST; i++) {
+		gchar *pass;
 
         	g_free(spamreport_prefs.user[i]);
 		g_free(spamreport_prefs.pass[i]);
@@ -206,8 +207,11 @@ static void save_spamreport_prefs(PrefsPage *page)
 			GTK_TOGGLE_BUTTON(prefs_page->enabled_chkbtn[i]));
 		spamreport_prefs.user[i] = gtk_editable_get_chars(
 			GTK_EDITABLE(prefs_page->user_entry[i]), 0, -1);
-		spamreport_prefs.pass[i] = gtk_editable_get_chars(
-			GTK_EDITABLE(prefs_page->pass_entry[i]), 0, -1);
+
+		pass = gtk_editable_get_chars(GTK_EDITABLE(prefs_page->pass_entry[i]), 0, -1);
+		spamreport_prefs.pass[i] = password_encrypt(pass, NULL);
+		memset(pass, 0, strlen(pass));
+		g_free(pass);
 	}
 
         pref_file = prefs_write_open(rc_file_path);
diff --git a/src/plugins/vcalendar/claws.def b/src/plugins/vcalendar/claws.def
index 1d38f533d..297aa5f54 100644
--- a/src/plugins/vcalendar/claws.def
+++ b/src/plugins/vcalendar/claws.def
@@ -110,6 +110,7 @@ mimeview_unregister_viewer_factory
 move_file
 open_uri
 password_decrypt
+password_encrypt
 prefs_button_toggled
 prefs_common
 prefs_common_get_uri_cmd
diff --git a/src/plugins/vcalendar/vcal_prefs.c b/src/plugins/vcalendar/vcal_prefs.c
index 06c6fd447..a039d3f08 100644
--- a/src/plugins/vcalendar/vcal_prefs.c
+++ b/src/plugins/vcalendar/vcal_prefs.c
@@ -628,6 +628,7 @@ void vcal_prefs_save(void)
 {
 	PrefFile *pfile;
 	gchar *rcpath;
+
 	rcpath = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, COMMON_RC, NULL);
 	pfile = prefs_write_open(rcpath);
 	g_free(rcpath);
@@ -649,6 +650,7 @@ void vcal_prefs_save(void)
 static void vcal_prefs_save_func(PrefsPage * _page)
 {
 	struct VcalendarPage *page = (struct VcalendarPage *) _page;
+	gchar *pass;
 
 /* alert */
 	vcalprefs.alert_enable =
@@ -679,8 +681,11 @@ static void vcal_prefs_save_func(PrefsPage * _page)
 	vcalprefs.export_user =
 	    gtk_editable_get_chars(GTK_EDITABLE(page->export_user_entry), 0, -1);
 	g_free(vcalprefs.export_pass);
-	vcalprefs.export_pass =
-	    gtk_editable_get_chars(GTK_EDITABLE(page->export_pass_entry), 0, -1);
+	pass = gtk_editable_get_chars(GTK_EDITABLE(page->export_pass_entry), 0, -1);
+	
+	vcalprefs.export_pass = password_encrypt(pass, NULL);
+	memset(pass, 0, strlen(pass));
+	g_free(pass);
 	
 /* free/busy export */
 	vcalprefs.export_freebusy_enable = 
@@ -699,9 +704,10 @@ static void vcal_prefs_save_func(PrefsPage * _page)
 	vcalprefs.export_freebusy_user =
 	    gtk_editable_get_chars(GTK_EDITABLE(page->export_freebusy_user_entry), 0, -1);
 	g_free(vcalprefs.export_freebusy_pass);
-	vcalprefs.export_freebusy_pass =
-	    gtk_editable_get_chars(GTK_EDITABLE(page->export_freebusy_pass_entry), 0, -1);
-	
+	pass = gtk_editable_get_chars(GTK_EDITABLE(page->export_freebusy_pass_entry), 0, -1);
+	vcalprefs.export_freebusy_pass = password_encrypt(pass, NULL);
+	memset(pass, 0, strlen(pass));
+	g_free(pass);
 
 /* free/busy import */
 	g_free(vcalprefs.freebusy_get_url);
-- 
2.25.1