New system default SOGoEncryptionKey

To be used to encrypt the passwords of remote Web calendars when SOGoTrustProxyAuthentication is enabled.
2013-03-11 09:34:36 -04:00 · 2013-03-11 09:34:36 -04:00 · d12c651d59
parent 41a6c02aa3
commit d12c651d59
5 changed files with 38 additions and 32 deletions
--- a/5
+++ b/5
@ -1,8 +1,9 @@
-2.0.5 (2013-02-dd)
+2.0.5 (2013-03-dd)
 ------------------

 New features
- - 
+ - new system default SOGoEncryptionKey to be used to encrypt the passwords of
+   remote Web calendars when SOGoTrustProxyAuthentication is enabled

 Enhancements
 - Added logging of the X-Forwarded-For HTTP header (#2229)
--- a/SoObjects/Appointments/SOGoWebAppointmentFolder.m
+++ b/SoObjects/Appointments/SOGoWebAppointmentFolder.m
@ -1,6 +1,6 @@
 /* SOGoWebAppointmentFolder.m - this file is part of SOGo
 *
- * Copyright (C) 2009-2010 Inverse inc.
+ * Copyright (C) 2009-2013 Inverse inc.
 *
 * Author: Cyril Robert <crobert@inverse.ca>
 *         Ludovic Marcotte <lmarcotte@inverse.ca>
@ -37,6 +37,7 @@
 #import <NGCards/iCalCalendar.h>
 #import <GDLContentStore/GCSFolder.h>
 #import <SOGo/SOGoAuthenticator.h>
+#import <SOGo/SOGoSystemDefaults.h>
 #import <SOGo/SOGoUser.h>
 #import <SOGo/SOGoUserSettings.h>
 #import <SOGo/NSDictionary+Utilities.h>
@ -69,27 +70,23 @@ size_t curl_body_function(void *ptr, size_t size, size_t nmemb, void *buffer)
  NSString *authValue, *userPassword;
  NSArray *parts, *keys;
  
-  userPassword = [[self authenticatorInContext: context]
-                   passwordInContext: context];
+  userPassword = [[self authenticatorInContext: context] passwordInContext: context];
  if ([userPassword length] == 0)
    {
-      authData = nil;
+      userPassword = [[SOGoSystemDefaults sharedSystemDefaults] encryptionKey];
+    }
+  authValue
+    = [[self folderPropertyValueInCategory: @"WebCalendarsAuthentication"]
+            decryptWithKey: userPassword];
+  parts = [authValue componentsSeparatedByString: @":"];
+  if ([parts count] == 2)
+    {
+      keys = [NSArray arrayWithObjects: @"username",  @"password", nil];
+      authData = [NSDictionary dictionaryWithObjects: parts
+                                             forKeys: keys];
    }
  else
-    {
-      authValue
-        = [[self folderPropertyValueInCategory: @"WebCalendarsAuthentication"]
-            decryptWithKey: userPassword];
-      parts = [authValue componentsSeparatedByString: @":"];
-      if ([parts count] == 2)
-        {
-          keys = [NSArray arrayWithObjects: @"username",  @"password", nil];
-          authData = [NSDictionary dictionaryWithObjects: parts
-                                                 forKeys: keys];
-        }
-      else
-        authData = nil;
-    }
+    authData = nil;

  return authData;
 }
@ -99,18 +96,18 @@ size_t curl_body_function(void *ptr, size_t size, size_t nmemb, void *buffer)
 {
  NSString *authValue, *userPassword;

-  userPassword = [[self authenticatorInContext: context]
-                   passwordInContext: context];
-  if ([userPassword length] > 0)
-    {
-      if (!username)
-        username = @"";
-      if (!password)
-        password = @"";
-      authValue = [NSString stringWithFormat: @"%@:%@", username, password];
-      [self setFolderPropertyValue: [authValue encryptWithKey: userPassword]
-                        inCategory: @"WebCalendarsAuthentication"];
-    }
+  userPassword = [[self authenticatorInContext: context] passwordInContext: context];
+  if ([userPassword length] == 0) {
+    userPassword = [[SOGoSystemDefaults sharedSystemDefaults] encryptionKey];
+  }
+
+  if (!username)
+    username = @"";
+  if (!password)
+    password = @"";
+  authValue = [NSString stringWithFormat: @"%@:%@", username, password];
+  [self setFolderPropertyValue: [authValue encryptWithKey: userPassword]
+                    inCategory: @"WebCalendarsAuthentication"];
 }

 - (NSDictionary *) loadWebCalendar
--- a/SoObjects/SOGo/SOGoDefaults.plist
+++ b/SoObjects/SOGo/SOGoDefaults.plist
@ -10,6 +10,8 @@

    SOGoZipPath = "/usr/bin/zip";

+    SOGoEncryptionKey = "MySOGoEncryptionKey";
+
    WOUseRelativeURLs = YES;
    WOMessageUseUTF8 = YES;
    WOParsersUseUTF8 = YES;
--- a/SoObjects/SOGo/SOGoSystemDefaults.h
+++ b/SoObjects/SOGo/SOGoSystemDefaults.h
@ -43,6 +43,7 @@
 - (BOOL) debugLeaks;
 - (int) vmemLimit;
 - (BOOL) trustProxyAuthentication;
+- (NSString *) encryptionKey;
 - (BOOL) useRelativeURLs;

 - (BOOL) isWebAccessEnabled;
--- a/SoObjects/SOGo/SOGoSystemDefaults.m
+++ b/SoObjects/SOGo/SOGoSystemDefaults.m
@ -349,6 +349,11 @@ _injectConfigurationFromFile (NSMutableDictionary *defaultsDict,
  return [self boolForKey: @"SOGoTrustProxyAuthentication"];
 }

+- (NSString *) encryptionKey;
+{
+  return [self stringForKey: @"SOGoEncryptionKey"];
+}
+
 - (BOOL) useRelativeURLs
 {
  return [self boolForKey: @"WOUseRelativeURLs"];