int main( int argc, char **argv ) { if ( argc < 4 ) { g_print("Usage: %s url user password\n",argv[0]); return 1; } if ( gnome_keyring_is_available() ) { guint32 item_id; gchar *cleaned = cleanurl(argv[1]); gnome_keyring_set_network_password_sync(NULL, argv[2], "midori", cleaned, NULL, NULL, NULL, 0, argv[3], &item_id); g_free(cleaned); g_print("Created Gnome Keyring entry # %d\n",item_id); } else { g_print("Gnome Keyring not available!\n"); return 1; } return 0; }
int keyring_store(struct credential *c) { guint32 item_id; char *object = NULL; /* * Sanity check that what we are storing is actually sensible. * In particular, we can't make a URL without a protocol field. * Without either a host or pathname (depending on the scheme), * we have no primary key. And without a username and password, * we are not actually storing a credential. */ if (!c->protocol || !(c->host || c->path) || !c->username || !c->password) return EXIT_FAILURE; object = keyring_object(c); gnome_keyring_set_network_password_sync( GNOME_KEYRING_DEFAULT, c->username, NULL /* domain */, c->host, object, c->protocol, NULL /* authtype */, c->port, c->password, &item_id); free(object); return EXIT_SUCCESS; }
static PyObject* gnome_keyring_password_set(PyObject *self, PyObject *args) { const char *realmstring; const char *username; const char *password; if (!PyArg_ParseTuple(args, "sss", &realmstring, &username, &password)){ PyErr_Clear(); PyErr_SetString(PyExc_TypeError, "password_set() must be called as (servicename,username,password)"); return NULL; } if ((! dbus_bus_get(DBUS_BUS_SESSION,NULL)) || (!gnome_keyring_is_available())){ PyErr_Clear(); PyErr_SetString(PyExc_OSError, "Can's access the keyring now"); return NULL; } GnomeKeyringResult result; guint32 item_id; result = gnome_keyring_set_network_password_sync(NULL, username, realmstring, NULL, NULL, NULL, NULL, 0, password, &item_id); Py_RETURN_NONE; }
void gnc_keyring_set_password (const gchar *access_method, const gchar *server, guint32 port, const gchar *service, const gchar *user, const gchar* password) { #ifdef HAVE_GNOME_KEYRING GnomeKeyringResult gkr_result; guint32 item_id = 0; gkr_result = gnome_keyring_set_network_password_sync (NULL, user, NULL, server, service, access_method, NULL, port, password, &item_id); if (gkr_result != GNOME_KEYRING_RESULT_OK) { PWARN ("Gnome-keyring error: %s", gnome_keyring_result_to_message(gkr_result)); PWARN ("The user will be prompted for a password again next time."); } #endif /* HAVE_GNOME_KEYRING */ #ifdef HAVE_OSX_KEYCHAIN OSStatus status; SecKeychainItemRef *itemRef = NULL; /* mysql and postgres aren't valid protocols on Mac OS X. * So we use the security domain parameter to allow us to * distinguish between these two. */ // FIXME I'm not sure this works if a password was already in the keychain // I may have to do a lookup first and if it exists, run some update // update function instead status = SecKeychainAddInternetPassword ( NULL, /* keychain */ strlen(server), server, /* servername */ strlen(access_method), access_method, /* securitydomain */ strlen(user), user, /* acountname */ strlen(service), service, /* path */ port, /* port */ kSecProtocolTypeAny, /* protocol */ kSecAuthenticationTypeDefault, /* auth type */ strlen(password), password, /* passworddata */ itemRef ); if ( status != noErr ) { CFStringRef osx_resultstring = SecCopyErrorMessageString( status, NULL ); const gchar *resultstring = CFStringGetCStringPtr(osx_resultstring, GetApplicationTextEncoding()); PWARN ( "OS X keychain error: %s", resultstring ); PWARN ( "The user will be prompted for a password again next time." ); CFRelease ( osx_resultstring ); } #endif /* HAVE_OSX_KEYCHAIN */ }
void SG_password__set( SG_context* pCtx, const char *szRepoSpec, SG_string *pUserName, SG_string *pPassword) { const char *username; const char *password; SG_string *path = NULL; SG_string *server = NULL; SG_string *proto = NULL; SG_uint32 port; SG_bool isValid = SG_FALSE; GnomeKeyringResult saveRes = 0; guint32 itemid = 0; if (! SG_password__supported()) goto fail; SG_NULLARGCHECK(pUserName); SG_NULLARGCHECK(pPassword); SG_NULLARGCHECK(szRepoSpec); username = SG_string__sz(pUserName); password = SG_string__sz(pPassword); SG_ERR_CHECK( _sg_password__parse_url(pCtx, szRepoSpec, &isValid, &proto, &server, &path, &port) ); if (! isValid) SG_ERR_THROW(SG_ERR_NOTIMPLEMENTED); saveRes = gnome_keyring_set_network_password_sync( NULL, username, NULL, SG_string__sz(server), SG_string__sz(path), SG_string__sz(proto), NULL, (guint32)port, password, &itemid); if ((saveRes != GNOME_KEYRING_RESULT_OK) && (saveRes != GNOME_KEYRING_RESULT_NO_MATCH) && (saveRes != GNOME_KEYRING_RESULT_CANCELLED)) _SG_THROW_LINUX_SEC_ERROR(saveRes); fail: SG_STRING_NULLFREE(pCtx, path); SG_STRING_NULLFREE(pCtx, server); SG_STRING_NULLFREE(pCtx, proto); }
int main(int argc, char **argv) { GnomeKeyringResult result; GList *results; char *host; int i, tried, verbose = 0, remove = 0, list = 0; int set_domain = 0, set_host = 0, set_server = 0; int set_protocol = 0, set_port = 0, set_passfd = 0; int dry = 0; char *user = default_user(); char *domain = NULL; char *server = NULL; char *object = NULL; char *protocol = NULL; char *authtype = NULL; guint32 port = 0; int passfd = 0; char *use_keyring = GNOME_KEYRING_DEFAULT; for (i = 1; i < argc; i++) { if (ARG(u) || LARG(user)) { S_OPT(user); } else if (ARG(h) || LARG(host)) { S_OPT_Q(host); } else if (ARG(s) || LARG(server)) { S_OPT_Q(server); } else if (ARG(d) || LARG(domain)) { S_OPT_Q(domain); } else if (ARG(P) || LARG(protocol)) { S_OPT_Q(protocol); } else if (ARG(p) || LARG(port)) { I_OPT_Q(port); } else if (LARG(passfd)) { I_OPT_Q(passfd); } else if (ARG(v) || LARG(verbose)) { verbose = 1; } else if (ARG(R) || LARG(remove)) { MODE(remove); } else if (ARG(l) || LARG(list)) { MODE(list); } else if (ARG(n) || LARG(dry)) { dry = 1; verbose++; } else if (ARG(k) || LARG(keyring)) { S_OPT(use_keyring); } else if (LARG(help)) { usage(); return 0; } else { fprintf(stderr, "Unknown argument: %s\n", argv[i]); return 1; } } if (set_host && !(set_domain && set_server)) { char *dot = index(host, '.'); if (dot) { dot[0] = '\0'; dot++; if (!set_domain) domain = dot; if (!set_server) server = host; } else { server = host; domain = ""; } } else if (set_domain && set_server) { host = NULL; } else if (!list) { fprintf(stderr, "Must set --host or (--server and --domain)\n"); return 1; } if ((set_port + set_protocol) == 1) { if (set_protocol) { set_port_by_protocol(&port, protocol); } else if (set_port) { set_protocol_by_port(&protocol, port); } } else if (!(set_port || set_protocol || list)) { fprintf(stderr, "Must set at least one of --port or --protocol\n"); return 1; } if (set_protocol && !port) { fprintf(stderr, "Couldn't determine port for --protocol %s\n", protocol); return 1; } if (verbose && !list) { #define VALUE(X) printf("%s: %s\n", #X, X ? X : "(null)") VALUE(user); VALUE(domain); VALUE(server); VALUE(host); VALUE(protocol); #undef VALUE printf("port: %d\n", port); if (dry) return 0; } if (!gnome_keyring_is_available()) { fprintf(stderr, "No keyring available\n"); return 1; } if (list) return key_listing(verbose); for (tried = 0; tried < 2; tried++) { result = gnome_keyring_find_network_password_sync( user, domain, server, object, protocol, authtype, port, &results ); if (verbose) printf("attempt #%d: ", tried); if (result == OK) { GList *current; GnomeKeyringNetworkPasswordData *passdata; char *password; for (i = 0, current = results; current; i++, current = current->next) { passdata = (GnomeKeyringNetworkPasswordData *)current->data; password = passdata->password; if (verbose) { printf("Result[%d]=%s\n", i, password); continue; } if (remove) { result = gnome_keyring_item_delete_sync( passdata->keyring, passdata->item_id ); if (verbose) printf("Remove %s %d -> %s\n", passdata->keyring, passdata->item_id, result == OK ? "OK" : "NOT OK"); if (!current->next) return 0; continue; } printf("%s", password); return 0; } if (password) break; } if (remove) { printf("No such password\n"); return 1; } if (verbose) printf("nope\n"); if (!tried) { char *password; if (set_passfd) { password = password_from(passfd); } else { password = password_prompt(user, server, domain, protocol, port); } if (password) { guint32 item_id; gnome_keyring_set_network_password_sync( use_keyring, user, domain, server, object, protocol, authtype, port, password, &item_id ); if (verbose) printf("Stored password? %s\n", item_id ? "yes" : "no"); } } } return 0; }
static const gchar* tny_gnome_keyring_password_getter_get_password (TnyPasswordGetter *self, const gchar *aid, const gchar *prompt, gboolean *cancel) { gchar *retval = NULL; GList *list; GnomeKeyringResult keyringret; gchar *keyring; gnome_keyring_get_default_keyring_sync (&keyring); keyringret = gnome_keyring_find_network_password_sync (aid, "Mail", aid /* hostname */, "password", aid /* proto */, "PLAIN", 0, &list); if ((keyringret != GNOME_KEYRING_RESULT_OK) || (list == NULL)) { gboolean canc = FALSE; GnomePasswordDialog *dialog = GNOME_PASSWORD_DIALOG (gnome_password_dialog_new (_("Enter password"), prompt, NULL, NULL, TRUE)); gnome_password_dialog_set_domain (dialog, "Mail"); gnome_password_dialog_set_remember (dialog, GNOME_PASSWORD_DIALOG_REMEMBER_FOREVER); gnome_password_dialog_set_readonly_username (dialog, TRUE); /* gnome_password_dialog_set_username (dialog, tny_account_get_user (account)); */ gnome_password_dialog_set_show_username (dialog, FALSE); gnome_password_dialog_set_show_remember (dialog, gnome_keyring_is_available ()); gnome_password_dialog_set_show_domain (dialog, FALSE); gnome_password_dialog_set_show_userpass_buttons (dialog, FALSE); canc = gnome_password_dialog_run_and_block (dialog); if (canc) { guint32 item_id; GnomePasswordDialogRemember r; retval = gnome_password_dialog_get_password (dialog); mlock (retval, strlen (retval)); r = gnome_password_dialog_get_remember (dialog); if (r == GNOME_PASSWORD_DIALOG_REMEMBER_FOREVER) { gnome_keyring_set_network_password_sync (keyring, aid /* user */, "Mail", aid /* hostname */, "password", aid /* proto */, "PLAIN", 0, retval, &item_id); } } else retval = NULL; *cancel = (!canc); /* this causes warnings, but should be done afaik */ gtk_object_destroy (GTK_OBJECT (dialog)); while (gtk_events_pending ()) gtk_main_iteration (); } else { GnomeKeyringNetworkPasswordData *pwd_data; pwd_data = list->data; retval = g_strdup (pwd_data->password); *cancel = FALSE; gnome_keyring_network_password_list_free (list); } return retval; }
static void parse_and_decrypt_signons (const char *signons, gboolean handle_forms) { int version; gchar **lines; int i; guint length; lines = g_strsplit (signons, "\r\n", -1); if (!g_ascii_strncasecmp (lines[0], "#2c", 3)) version = 1; else if (!g_ascii_strncasecmp (lines[0], "#2d", 3)) version = 2; else if (!g_ascii_strncasecmp (lines[0], "#2e", 3)) version = 3; else goto out; /* Skip the never-saved list */ for (i = 1; lines[i] && !g_str_equal (lines[i], "."); i++) { ; } i++; /* * Read saved passwords. The information is stored in blocks * separated by lines that only contain a dot. We find a block by * the separator and parse them one by one. */ length = g_strv_length (lines); while (i < length) { size_t begin = i; size_t end = i + 1; const char *realmBracketBegin = " ("; const char *realmBracketEnd = ")"; SoupURI *uri = NULL; char *realm = NULL; while (lines[end] && !g_str_equal (lines[end], ".")) end++; i = end + 1; /* A block has at least five lines */ if (end - begin < 5) continue; /* The first line is the site URL. * For HTTP authentication logins, the URL may contain http realm, * which will be in bracket: * sitename:8080 (realm) */ if (g_strstr_len (lines[begin], -1, realmBracketBegin)) { char *start_ptr, *end_ptr; char *full_url, *url; glong start, end; /* In this case the scheme may not exist. We assume that the * scheme is HTTP. */ if (!g_strstr_len (lines[begin], -1, "://")) full_url = g_strconcat ("http://", lines[begin], NULL); else full_url = g_strdup (lines[begin]); start_ptr = g_strstr_len (full_url, -1, realmBracketBegin); start = g_utf8_pointer_to_offset (full_url, start_ptr); url = g_utf8_substring (full_url, 0, start); url = g_strstrip (url); uri = soup_uri_new (url); g_free (url); start += strlen (realmBracketBegin); end_ptr = g_strstr_len (full_url, -1, realmBracketEnd) -1; end = g_utf8_pointer_to_offset (full_url, end_ptr); realm = g_utf8_substring (full_url, start, end); g_free (full_url); } else { /* Don't have HTTP realm. It is the URL that the following * password belongs to. */ uri = soup_uri_new (lines[begin]); } if (!SOUP_URI_VALID_FOR_HTTP (uri)) { soup_uri_free (uri); g_free (realm); continue; } ++begin; /* There may be multiple username/password pairs for this site. * In this case, they are saved in one block without a separated * line (contains a dot). */ while (begin + 4 < end) { char *username = NULL; char *password = NULL; char *form_username = NULL; char *form_password = NULL; guint32 item_id; /* The username */ if (handle_forms) { form_username = g_strdup (lines[begin++]); } else { begin++; /* Skip username element */ } username = decrypt (lines[begin++]); /* The password */ /* The element name has a leading '*' */ if (lines[begin][0] == '*') { if (handle_forms) { form_password = g_strdup (lines[begin++]); } else { begin++; /* Skip password element */ } password = decrypt (lines[begin++]); } else { /* Maybe the file is broken, skip to the next block */ g_free (username); break; } /* The action attribute for from the form element. This line * exists in version 2 or above */ if (version >= 2) { if (begin < end) /* Skip it */ ; begin++; /* Version 3 has an extra line for further use */ if (version == 3) begin++; } if (handle_forms && !realm && username && password && !g_str_equal (username, "") && !g_str_equal (form_username, "") && !g_str_equal (form_password, "*")) { char *u = soup_uri_to_string (uri, FALSE); /* We skip the '*' at the beginning of form_password. */ _ephy_profile_utils_store_form_auth_data (u, form_username, form_password+1, username, password); g_free (u); } else if (!handle_forms && realm && username && password && !g_str_equal (username, "") && form_username == NULL && form_password == NULL) { gnome_keyring_set_network_password_sync (NULL, username, realm, uri->host, NULL, uri->scheme, NULL, uri->port, password, &item_id); } g_free (username); g_free (password); g_free (form_username); g_free (form_password); } soup_uri_free (uri); g_free (realm); } out: g_strfreev (lines); }