static char *
keyring_lookup_secret (const char *uuid, const char *secret_name)
{
GHashTable *attrs;
GList *list;
char *secret = NULL;
attrs = secret_attributes_build (&network_manager_secret_schema,
KEYRING_UUID_TAG, uuid,
KEYRING_SN_TAG, NM_SETTING_VPN_SETTING_NAME,
KEYRING_SK_TAG, secret_name,
NULL);
list = secret_service_search_sync (NULL, &network_manager_secret_schema, attrs,
SECRET_SEARCH_ALL | SECRET_SEARCH_UNLOCK | SECRET_SEARCH_LOAD_SECRETS,
NULL, NULL);
if (list && list->data) {
SecretItem *item = list->data;
SecretValue *value = secret_item_get_secret (item);
if (value) {
secret = g_strdup (secret_value_get (value, NULL));
secret_value_unref (value);
}
}
g_list_free_full (list, g_object_unref);
g_hash_table_unref (attrs);
return secret;
}
static int keyring_get(struct credential *c)
{
SecretService *service = NULL;
GHashTable *attributes = NULL;
GError *error = NULL;
GList *items = NULL;
if (!c->protocol || !(c->host || c->path))
return EXIT_FAILURE;
service = secret_service_get_sync(0, NULL, &error);
if (error != NULL) {
g_critical("could not connect to Secret Service: %s", error->message);
g_error_free(error);
return EXIT_FAILURE;
}
attributes = make_attr_list(c);
items = secret_service_search_sync(service,
SECRET_SCHEMA_COMPAT_NETWORK,
attributes,
SECRET_SEARCH_LOAD_SECRETS,
NULL,
&error);
g_hash_table_unref(attributes);
if (error != NULL) {
g_critical("lookup failed: %s", error->message);
g_error_free(error);
return EXIT_FAILURE;
}
if (items != NULL) {
SecretItem *item;
SecretValue *secret;
const char *s;
item = items->data;
secret = secret_item_get_secret(item);
attributes = secret_item_get_attributes(item);
s = g_hash_table_lookup(attributes, "user");
if (s) {
g_free(c->username);
c->username = g_strdup(s);
}
s = secret_value_get_text(secret);
if (s) {
g_free(c->password);
c->password = g_strdup(s);
}
g_hash_table_unref(attributes);
secret_value_unref(secret);
g_list_free_full(items, g_object_unref);
}
return EXIT_SUCCESS;
}
static char * keyring_lookup_secret (const char *uuid,
const char *secret_name) {
#if defined(HAVE_LIBSECRET)
GHashTable *attrs;
GList *list;
#else
GList *found_list = NULL;
GnomeKeyringResult ret;
GnomeKeyringFound *found;
#endif
char *secret = NULL;
#if defined(HAVE_LIBSECRET)
attrs = secret_attributes_build(&network_manager_secret_schema,
KEYRING_UUID_TAG, uuid,
KEYRING_SN_TAG, NM_SETTING_VPN_SETTING_NAME,
KEYRING_SK_TAG, secret_name,
NULL);
list = secret_service_search_sync(NULL, &network_manager_secret_schema, attrs,
SECRET_SEARCH_ALL | SECRET_SEARCH_UNLOCK | SECRET_SEARCH_LOAD_SECRETS,
NULL, NULL);
if (list && list->data) {
SecretItem *item = list->data;
SecretValue *value = secret_item_get_secret(item);
if (value) {
secret = g_strdup(secret_value_get(value, NULL));
secret_value_unref(value);
}
}
g_list_free_full(list, g_object_unref);
g_hash_table_unref(attrs);
#else
ret = gnome_keyring_find_itemsv_sync(GNOME_KEYRING_ITEM_GENERIC_SECRET,
&found_list,
KEYRING_UUID_TAG,
GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
uuid,
KEYRING_SN_TAG,
GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
NM_SETTING_VPN_SETTING_NAME,
KEYRING_SK_TAG,
GNOME_KEYRING_ATTRIBUTE_TYPE_STRING,
secret_name,
NULL);
if (ret == GNOME_KEYRING_RESULT_OK && found_list) {
found = g_list_nth_data(found_list, 0);
secret = gnome_keyring_memory_strdup(found->secret);
}
gnome_keyring_found_list_free(found_list);
#endif
return secret;
}
static int
secret_tool_action_search (int argc,
char *argv[])
{
GError *error = NULL;
GOptionContext *context;
SecretService *service;
GHashTable *attributes;
SecretSearchFlags flags;
gboolean flag_all = FALSE;
gboolean flag_unlock = FALSE;
GList *items, *l;
/* secret-tool lookup name xxxx yyyy zzzz */
const GOptionEntry lookup_options[] = {
{ "all", 'a', 0, G_OPTION_ARG_NONE, &flag_all,
N_("return all results, instead of just first one"), NULL
},
{ "unlock", 'a', 0, G_OPTION_ARG_NONE, &flag_unlock,
N_("unlock item results if necessary"), NULL
},
{ G_OPTION_REMAINING, 0, 0, G_OPTION_ARG_STRING_ARRAY, &attribute_args,
N_("attribute value pairs of item to lookup"), NULL
},
{ NULL }
};
context = g_option_context_new ("attribute value ...");
g_option_context_add_main_entries (context, lookup_options, GETTEXT_PACKAGE);
if (!g_option_context_parse (context, &argc, &argv, &error)) {
g_printerr ("%s\n", error->message);
usage();
}
g_option_context_free (context);
attributes = attributes_from_arguments (attribute_args);
g_strfreev (attribute_args);
service = secret_service_get_sync (SECRET_SERVICE_NONE, NULL, &error);
if (error == NULL) {
flags = SECRET_SEARCH_LOAD_SECRETS;
if (flag_all)
flags |= SECRET_SEARCH_ALL;
if (flag_unlock)
flags |= SECRET_SEARCH_UNLOCK;
items = secret_service_search_sync (service, NULL, attributes, flags, NULL, &error);
if (error == NULL) {
for (l = items; l != NULL; l = g_list_next (l))
print_item_details (l->data);
g_list_free_full (items, g_object_unref);
}
g_object_unref (service);
}
g_hash_table_unref (attributes);
if (error != NULL) {
g_printerr ("%s: %s\n", g_get_prgname (), error->message);
return 1;
}
return 0;
}
gboolean
g_vfs_keyring_lookup_password (const gchar *username,
const gchar *host,
const gchar *domain,
const gchar *protocol,
const gchar *object,
const gchar *authtype,
guint32 port,
gchar **username_out,
gchar **domain_out,
gchar **password_out)
{
#ifdef HAVE_KEYRING
GHashTable *attributes;
SecretItem *item;
SecretValue *secret;
GList *plist;
GError *error = NULL;
attributes = build_network_attributes (username, host, domain, protocol, object, authtype, port);
plist = secret_service_search_sync (NULL, SECRET_SCHEMA_COMPAT_NETWORK, attributes,
SECRET_SEARCH_UNLOCK | SECRET_SEARCH_LOAD_SECRETS |
SECRET_SEARCH_ALL,
NULL, &error);
g_hash_table_unref (attributes);
if (error != NULL)
{
g_error_free (error);
return FALSE;
}
if (plist == NULL)
return FALSE;
/* We want the least specific result, so we sort the return values.
For instance, given both items for ftp://host:port and ftp://host
in the keyring we always want to use the ftp://host one for
i.e. ftp://host/some/path. */
plist = g_list_sort (plist, compare_specificity);
item = SECRET_ITEM (plist->data);
secret = secret_item_get_secret (item);
attributes = secret_item_get_attributes (item);
g_list_free_full (plist, g_object_unref);
if (secret == NULL)
{
if (attributes)
g_hash_table_unref (attributes);
return FALSE;
}
*password_out = g_strdup (secret_value_get (secret, NULL));
secret_value_unref (secret);
if (username_out)
*username_out = g_strdup (g_hash_table_lookup (attributes, "user"));
if (domain_out)
*domain_out = g_strdup (g_hash_table_lookup (attributes, "domain"));
g_hash_table_unref (attributes);
return TRUE;
#else
return FALSE;
#endif /* HAVE_KEYRING */
}
