static void session_authenticate (SoupSession *session, SoupMessage *msg, SoupAuth *auth, gboolean retrying, gpointer user_data)
{
GnomeKeyringResult result;
gchar *user = NULL;
gchar *password = NULL;
// Get the previous user name that was used for this uri
// TODO Gconf stuff
// There wasn't one, so let's use the logged in user's name
if (!user)
user = g_strdup(getenv("USER"));
if (retrying)
{
// Prompt the user if there were no valid credentials in the keyring
GtkWidget *user_field = NULL;
GtkWidget *pass_field = NULL;
GtkWidget *dialog = get_credentials_dialog(user, soup_auth_get_realm(auth), soup_auth_get_host(auth), &user_field, &pass_field);
gint response = gtk_dialog_run(GTK_DIALOG (dialog));
if (response == GTK_RESPONSE_REJECT)
{
gtk_widget_destroy(dialog);
return;
}
g_free(user);
user = g_strdup(gtk_entry_get_text(GTK_ENTRY(user_field)));
password = g_strdup(gtk_entry_get_text(GTK_ENTRY(pass_field)));
gtk_widget_destroy(dialog);
// Store password in the keyring
gchar * description = g_strdup_printf("Nautilus-Sendto-Trac:%s:%s", soup_auth_get_host(auth), soup_auth_get_realm(auth));
result = gnome_keyring_store_password_sync(HTTP_AUTH_SCHEMA, NULL, description, password,
"host", soup_auth_get_host(auth),
"realm", soup_auth_get_realm(auth),
"user", user,
NULL);
g_free(description);
g_free(password);
}
// Try and get a password for the user from the keyring
result = gnome_keyring_find_password_sync(HTTP_AUTH_SCHEMA, &password,
"host", soup_auth_get_host(auth),
"realm", soup_auth_get_realm(auth),
"user", user,
NULL);
if (result != GNOME_KEYRING_RESULT_OK)
password = "";
// Do the authentication
soup_auth_authenticate(auth, user, password);
g_free(user);
if (result == GNOME_KEYRING_RESULT_OK)
gnome_keyring_free_password(password);
return;
}
static void
clear_credential(git_credential_t *cred)
{
if (cred->protocol) g_free(cred->protocol);
if (cred->host) g_free(cred->host);
if (cred->path) g_free(cred->path);
if (cred->username) g_free(cred->username);
if (cred->password) gnome_keyring_free_password(cred->password);
}
int main(int argc, char **argv) {
application = argv[0];
if (argc != 3)
die_usage();
if (!strncmp(argv[1], "set", 4)) {
password = malloc(MAX_PW_LEN);
if (!password)
die("memory error");
if (!fgets(password, MAX_PW_LEN, stdin)) {
gnome_keyring_free_password(password);
die("failed reading stdin");
}
GnomeKeyringResult result = set(argv[2], password);
if (result != GNOME_KEYRING_RESULT_OK) {
gnome_keyring_free_password(password);
die_result(result);
}
gnome_keyring_free_password(password);
return EXIT_SUCCESS;
}
if (!strncmp(argv[1], "get", 4)) {
GnomeKeyringResult result = get(argv[2], &password);
if (result != GNOME_KEYRING_RESULT_OK) {
gnome_keyring_free_password(password);
die_result(result);
}
printf("%s", password);
gnome_keyring_free_password(password);
return EXIT_SUCCESS;
}
if (!strncmp(argv[1], "del", 4)) {
GnomeKeyringResult result = del(argv[2]);
if (result != GNOME_KEYRING_RESULT_OK)
die_result(result);
return EXIT_SUCCESS;
}
die_usage(argv[0]);
}
static void
get_password(git_credential_t *cred)
{
GnomeKeyringResult keyres;
gchar *pass = NULL;
keyres = gnome_keyring_find_password_sync(&git_schema,
&pass,
"protocol", cred->protocol,
"host", cred->host,
"path", cred->path,
"username", cred->username,
NULL);
if (keyres != GNOME_KEYRING_RESULT_OK) {
return;
}
g_printf("password=%s\n", pass);
gnome_keyring_free_password(pass);
}
const QString GnomeKeychain::getPassword(const QString& account) {
Q_ASSERT(isAvailable());
char* password;
GnomeKeyringResult result = gnome_keyring_find_password_sync(
&kOurSchema,
&password,
"username", account.toUtf8().constData(),
"service", kServiceName.toUtf8().constData(),
NULL);
if (result == GNOME_KEYRING_RESULT_OK) {
QString pass(password);
gnome_keyring_free_password(password);
return pass;
}
qWarning() << "Failed to get password from keychain for account" << account;
return QString::null;
}
static int
check_password(jaro_credential_t *cred)
{
GnomeKeyringResult keyres;
gchar *pass = NULL;
keyres = gnome_keyring_find_password_sync(&jaro_schema,
&pass,
"protocol", cred->protocol,
"host", cred->host,
"path", cred->path,
"username", cred->username,
NULL);
if (keyres != GNOME_KEYRING_RESULT_OK) {
return 1;
}
gnome_keyring_free_password(pass);
return 0;
}
static int
get_password(jaro_credential_t *cred)
{
GnomeKeyringResult keyres;
gchar *pass = NULL;
keyres = gnome_keyring_find_password_sync(&jaro_schema,
&pass,
"protocol", cred->protocol,
"host", cred->host,
"path", cred->path,
"username", cred->username,
NULL);
if (keyres != GNOME_KEYRING_RESULT_OK) {
error("failed to get password: %s", gnome_keyring_result_to_message(keyres));
return 1;
}
g_printf("%s\n", pass);
gnome_keyring_free_password(pass);
return 0;
}
// static
bool OTKeyring::Gnome_RetrieveSecret(const OTString& strUser,
OTPassword& thePassword,
const std::string& str_display)
{
OT_ASSERT(strUser.Exists());
GnomeKeyringResult theResult = GNOME_KEYRING_RESULT_IO_ERROR;
gchar* gchar_p_password = nullptr;
// if the password exists in the keyring, set it in
// thePassword (output argument.)
//
int32_t nCount = -1;
int64_t lSleep = 1;
while ((GNOME_KEYRING_RESULT_OK != theResult)) {
++nCount; // 0 on first iteration.
theResult = gnome_keyring_find_password_sync(
GNOME_KEYRING_NETWORK_PASSWORD, &gchar_p_password, "user",
strUser.Get(), "protocol", "opentxs", // todo: hardcoding.
nullptr);
if (GNOME_KEYRING_RESULT_OK == theResult) break;
if (nCount > 2) // todo hardcoding.
break; // we try a few times -- not infinite times!
OTString strGnomeError(gnome_keyring_result_to_message(theResult));
// OTString strGnomeError;
// switch (theResult) {
// case GNOME_KEYRING_RESULT_OK: strGnomeError
// = "GNOME_KEYRING_RESULT_OK"; break;
// case GNOME_KEYRING_RESULT_DENIED: strGnomeError
// = "GNOME_KEYRING_RESULT_DENIED"; break;
// case GNOME_KEYRING_RESULT_NO_KEYRING_DAEMON: strGnomeError
// = "GNOME_KEYRING_RESULT_NO_KEYRING_DAEMON"; break;
// case GNOME_KEYRING_RESULT_ALREADY_UNLOCKED: strGnomeError
// = "GNOME_KEYRING_RESULT_ALREADY_UNLOCKED"; break;
// case GNOME_KEYRING_RESULT_NO_SUCH_KEYRING: strGnomeError
// = "GNOME_KEYRING_RESULT_NO_SUCH_KEYRING"; break;
// case GNOME_KEYRING_RESULT_BAD_ARGUMENTS: strGnomeError
// = "GNOME_KEYRING_RESULT_BAD_ARGUMENTS"; break;
// case GNOME_KEYRING_RESULT_IO_ERROR: strGnomeError
// = "GNOME_KEYRING_RESULT_IO_ERROR"; break;
// case GNOME_KEYRING_RESULT_CANCELLED: strGnomeError
// = "GNOME_KEYRING_RESULT_CANCELLED"; break;
// case GNOME_KEYRING_RESULT_KEYRING_ALREADY_EXISTS:
// strGnomeError = "GNOME_KEYRING_RESULT_KEYRING_ALREADY_EXISTS"; break;
// case GNOME_KEYRING_RESULT_NO_MATCH: strGnomeError
// = "GNOME_KEYRING_RESULT_NO_MATCH"; break;
//
// default:
// strGnomeError = "Unknown! Very strange!";
// break;
// }
otErr << __FUNCTION__ << ": gnome_keyring_find_password_sync returned "
<< strGnomeError.Get() << '\n';
otErr << "Remedy: Sleeping for " << lSleep
<< " seconds and then retrying (attempt " << (nCount + 2) << '\n';
// on first iteration, nCount is 0, and this will say "attempt 2" aka
// "second attempt," which is correct.
sleep(lSleep);
lSleep *= 2; // double it each time
}
if ((theResult == GNOME_KEYRING_RESULT_OK) &&
(nullptr != gchar_p_password)) {
size_t sizePassword =
OTString::safe_strlen(gchar_p_password, MAX_STRING_LENGTH);
if (sizePassword > 0) {
OTString strData(gchar_p_password, sizePassword);
gnome_keyring_free_password(gchar_p_password);
gchar_p_password = nullptr;
OTASCIIArmor ascData;
const bool bLoaded =
strData.Exists() && ascData.LoadFromString(strData);
strData.zeroMemory();
if (!bLoaded)
otErr << __FUNCTION__ << ": Failed trying to decode secret "
"from Gnome Keyring contents:\n\n"
<< strData.Get() << "\n\n";
else {
OTData thePayload(ascData);
ascData.zeroMemory();
if (thePayload.IsEmpty())
otErr << __FUNCTION__ << ": Failed trying to decode secret "
"OTData from OTASCIIArmor "
<< "from Gnome Keyring contents:\n\n" << strData.Get()
<< "\n\n";
else {
thePassword.setMemory(thePayload.GetPayloadPointer(),
thePayload.GetSize());
thePayload.zeroMemory(); // for security.
return true;
}
return false;
}
}
}
// Not an error: what if it just hasn't been set there yet?
//
otOut << "OTKeyring::Gnome_RetrieveSecret: "
<< "No secret found: gnome_keyring_find_password_sync: "
<< gnome_keyring_result_to_message(theResult) << '\n';
return false;
}
LibBalsaImapServer*
libbalsa_imap_server_new_from_config(void)
{
LibBalsaServer tmp_server;
LibBalsaImapServer *imap_server;
LibBalsaServer *server;
gboolean d, d1;
gint tls_mode, conn_limit;
tmp_server.host = libbalsa_conf_get_string("Server");
if(strrchr(tmp_server.host, ':') == NULL) {
gint port;
port = libbalsa_conf_get_int_with_default("Port", &d);
if (!d) {
gchar *newhost = g_strdup_printf("%s:%d", tmp_server.host, port);
g_free(tmp_server.host);
tmp_server.host = newhost;
}
}
tmp_server.user = libbalsa_conf_private_get_string("Username");
if (!tmp_server.user)
tmp_server.user = g_strdup(getenv("USER"));
imap_server = get_or_create(tmp_server.user, tmp_server.host);
server = LIBBALSA_SERVER(imap_server);
if (server->user) {
g_free(tmp_server.user);
g_free(tmp_server.host);
} else {
server->user = tmp_server.user;
server->host = tmp_server.host;
}
d1 = libbalsa_conf_get_bool_with_default("Anonymous", &d);
if(!d) server->try_anonymous = !!d1;
server->use_ssl |= libbalsa_conf_get_bool("SSL=false");
tls_mode = libbalsa_conf_get_int_with_default("TLSMode", &d);
if(!d) server->tls_mode = tls_mode;
conn_limit = libbalsa_conf_get_int_with_default("ConnectionLimit", &d);
if(!d) imap_server->max_connections = conn_limit;
d1 = libbalsa_conf_get_bool_with_default("PersistentCache", &d);
if(!d) imap_server->persistent_cache = !!d1;
d1 = libbalsa_conf_get_bool_with_default("HasFetchBug", &d);
if(!d) imap_server->has_fetch_bug = !!d1;
d1 = libbalsa_conf_get_bool_with_default("UseStatus", &d);
if(!d) imap_server->use_status = !!d1;
d1 = libbalsa_conf_get_bool_with_default("UseIdle", &d);
if(!d) imap_server->use_idle = !!d1;
if (!server->passwd) {
server->remember_passwd = libbalsa_conf_get_bool("RememberPasswd=false");
if(server->remember_passwd) {
#if defined(HAVE_LIBSECRET)
GError *err = NULL;
server->passwd =
secret_password_lookup_sync(LIBBALSA_SERVER_SECRET_SCHEMA,
NULL, &err,
"protocol", server->protocol,
"server", server->host,
"user", server->user,
NULL);
if (err) {
libbalsa_free_password(server->passwd);
server->passwd = NULL;
printf(_("Error looking up password for %s@%s: %s\n"),
server->user, server->host, err->message);
printf(_("Falling back\n"));
g_clear_error(&err);
server->passwd =
libbalsa_conf_private_get_string("Password");
if (server->passwd != NULL) {
gchar *buff = libbalsa_rot(server->passwd);
libbalsa_free_password(server->passwd);
server->passwd = buff;
secret_password_store_sync
(LIBBALSA_SERVER_SECRET_SCHEMA, NULL,
_("Balsa passwords"), server->passwd, NULL, &err,
"protocol", server->protocol,
"server", server->host,
"user", server->user,
NULL);
/* We could in principle clear the password in the
* config file here but we do not for the backward
* compatibility. */
if (err) {
printf(_("Error storing password for %s@%s: %s\n"),
server->user, server->host, err->message);
g_error_free(err);
}
}
}
#elif defined (HAVE_GNOME_KEYRING)
GnomeKeyringResult r;
server->passwd = NULL;
r = gnome_keyring_find_password_sync(LIBBALSA_SERVER_KEYRING_SCHEMA,
&server->passwd,
"protocol", server->protocol,
"server", server->host,
"user", server->user,
NULL);
if(r != GNOME_KEYRING_RESULT_OK) {
gnome_keyring_free_password(server->passwd);
server->passwd = NULL;
printf("Keyring has no password for %s@%s\n",
server->user, server->host);
server->passwd = libbalsa_conf_private_get_string("Password");
if (server->passwd != NULL) {
gchar *buff = libbalsa_rot(server->passwd);
libbalsa_free_password(server->passwd);
server->passwd = buff;
gnome_keyring_store_password_sync
(LIBBALSA_SERVER_KEYRING_SCHEMA, NULL,
_("Balsa passwords"), server->passwd,
"protocol", server->protocol,
"server", server->host,
"user", server->user,
NULL);
/* We could in principle clear the password in the
config file here but we do not for the backward
compatibility. */
}
}
#else
server->passwd = libbalsa_conf_private_get_string("Password");
if (server->passwd != NULL) {
gchar *buff = libbalsa_rot(server->passwd);
libbalsa_free_password(server->passwd);
server->passwd = buff;
}
#endif /* defined(HAVE_LIBSECRET) */
}
if(server->passwd && server->passwd[0] == '\0') {
libbalsa_free_password(server->passwd);
server->passwd = NULL;
}
}
return imap_server;
}
