Exemplo n.º 1
0
/* Implementation of svn_auth__password_set_t that stores
   the password in the OS X KeyChain. */
static svn_error_t *
keychain_password_set(svn_boolean_t *done,
                      apr_hash_t *creds,
                      const char *realmstring,
                      const char *username,
                      const char *password,
                      apr_hash_t *parameters,
                      svn_boolean_t non_interactive,
                      apr_pool_t *pool)
{
  OSStatus status;
  SecKeychainItemRef item;

  if (non_interactive)
    SecKeychainSetUserInteractionAllowed(FALSE);

  status = SecKeychainFindGenericPassword(NULL, (int) strlen(realmstring),
                                          realmstring, username == NULL
                                            ? 0
                                            : (int) strlen(username),
                                          username, 0, NULL, &item);
  if (status)
    {
      if (status == errSecItemNotFound)
        status = SecKeychainAddGenericPassword(NULL, (int) strlen(realmstring),
                                               realmstring, username == NULL
                                                 ? 0
                                                 : (int) strlen(username),
                                               username, (int) strlen(password),
                                               password, NULL);
    }
  else
    {
      status = SecKeychainItemModifyAttributesAndData(item, NULL,
                                                      (int) strlen(password),
                                                      password);
      CFRelease(item);
    }

  if (non_interactive)
    SecKeychainSetUserInteractionAllowed(TRUE);

  *done = (status == 0);

  return SVN_NO_ERROR;
}
void SoundCloudCAPI_DefaultAuthenticationSave(SoundCloudCAPI *api)
{
    SecKeychainItemRef ref;
    const char *data=SoundCloudCAPI_GetCredentials(api);
    const char *service=api->apiBaseURL;
    CFStringRef bundleName=CFBundleGetIdentifier(CFBundleGetMainBundle());
    const char *name=CFStringGetCStringPtr(bundleName,kCFStringEncodingMacRoman);


    OSErr status=SecKeychainFindGenericPassword(NULL,strlen(name),name,strlen(service),service,0,0,&ref);
    if (status) status=SecKeychainAddGenericPassword(NULL,strlen(name),name,strlen(service),service,strlen(data),data,0);
    else		{
        status=SecKeychainItemModifyAttributesAndData(ref,NULL,strlen(data),data);
        CFRelease(ref);
    }
    if (status)	sc_log(api,SoundCloudCAPI_LogLevel_Errors,"Failed to save token, with err: %d\n",status);
}
Exemplo n.º 3
0
bool OsxWallet::setCredentials(const QString &realm, const QString &user, const QString &password)
{
    const QByteArray realm_data = realm.toUtf8();
    const QByteArray user_data = user.toUtf8();
    const QByteArray password_data = password.toUtf8();

    /* check whether the entry already exists */
    SecKeychainItemRef itemRef = NULL;
    int rc = SecKeychainFindInternetPassword(keychain,
        realm_data.size(), realm_data.constData(),
        0, NULL,
        user_data.size(), user_data.constData(),
        0, NULL,
        0, kSecProtocolTypeAny, kSecAuthenticationTypeAny,
        0, NULL,
        &itemRef);

    if (rc == errSecSuccess)
    {
        // FIXME: we should not update username!
        SecKeychainAttribute attr;
        SecKeychainAttributeList attrList;
        attr.tag = kSecAccountItemAttr;
        attr.length = user_data.size();
        attr.data = (void*)user_data.constData();
        attrList.count = 1;
        attrList.attr = &attr;

        rc = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, password_data.size(), password_data.constData());
        CFRelease(itemRef);
    } else {
        rc = SecKeychainAddInternetPassword(keychain,
            realm_data.size(), realm_data.constData(),
            0, NULL,
            user_data.size(), user_data.constData(),
            0, NULL,
            0, kSecProtocolTypeAny, kSecAuthenticationTypeAny,
            password_data.size(), password_data.constData(), NULL);
    }

    return (rc == errSecSuccess);
}
Exemplo n.º 4
0
/*	Creates or updates a keychain item to match new details.
*/
void keychain_update_password(const char *origServer, const char *origUser, const char *server, const char *username, const char *password)
{
	if (!strlen(server) || !strlen(username))
		return;

	void *s1 = NULL;
	
	BADGE_HOSTNAME(server);
	
	SecKeychainItemRef origItem = NULL;
	OSStatus status;
	
	if (strlen(origServer) && strlen(origUser))
	{
		s1 = (void*)BADGE_HOSTNAME(origServer);
		origItem = get_password_details(origServer, origUser, NULL, 0);
	}
	
	SecKeychainItemRef newItem  = get_password_details(server, username, NULL, 0);
	
	if (origItem || newItem)
	{
		// Modify the existing password
		SecKeychainItemRef keychainItem = (origItem) ? origItem : newItem;
			
		// use 7 instead of kSecLabelItemAttr because of a Carbon bug
		//	details: http://lists.apple.com/archives/apple-cdsa/2006//May/msg00037.html
		
		SecKeychainAttribute attrs[] =
		{
				{kSecAccountItemAttr, strlen(username), (void*)username},
				{7, strlen(server), (void*)server},
				{kSecServiceItemAttr, strlen(server), (void*)server}
		};
		
		SecKeychainAttributeList list = { sizeof(attrs) / sizeof(attrs[0]), attrs };
			
		status = SecKeychainItemModifyAttributesAndData(keychainItem, &list, strlen(password), password);
		
		if (status != noErr) 
			EXTENDED_KC_ERR(status, "editing an existing password");
	}
	else
	{
		// Password doesn't exist, create it
		status = SecKeychainAddGenericPassword (
					NULL,              // default keychain
					strlen(server),    // length of service name
					server,            // service name
					strlen(username),  // length of account name
					username,          // account name
					strlen(password),  // length of password
					password,          // pointer to password data
					NULL               // the item reference
					);
		
		if (status != noErr) 
			EXTENDED_KC_ERR(status, "saving a new password");
    }
	
	free(s1);
	free((void*)server);
}
static OSStatus SetKeyLabelAndTag(SecKeyRef keyRef, CFTypeRef label, CFDataRef tag)
{	
	int numToModify = 0;
	if (label != NULL)
	{
		numToModify += 1;
	}
	
	if (tag != NULL)
	{
		numToModify += 1;
	}
	
	if (numToModify == 0)
	{
		return noErr;
	}
	
	SecKeychainAttributeList attrList;
	SecKeychainAttribute attributes[numToModify];
	
	int i = 0;
	
	if (label != NULL)
	{
		if (CFStringGetTypeID() == CFGetTypeID(label)) {
			CFStringRef label_string = static_cast<CFStringRef>(label);
			attributes[i].tag = kSecKeyPrintName;
			attributes[i].data = (void*) CFStringGetCStringPtr(label_string, kCFStringEncodingUTF8);
			if (NULL == attributes[i].data) {
				CFIndex buffer_length = CFStringGetMaximumSizeForEncoding(CFStringGetLength(label_string), kCFStringEncodingUTF8);
				attributes[i].data = alloca((size_t)buffer_length);
				if (NULL == attributes[i].data) {
					UnixError::throwMe(ENOMEM);
				}
				if (!CFStringGetCString(label_string, static_cast<char *>(attributes[i].data), buffer_length, kCFStringEncodingUTF8)) {
					MacOSError::throwMe(paramErr);
				}
			}
			attributes[i].length = strlen(static_cast<char *>(attributes[i].data));
		} else if (CFDataGetTypeID() == CFGetTypeID(label)) {
			// 10.6 bug compatibility
			CFDataRef label_data = static_cast<CFDataRef>(label);
			attributes[i].tag = kSecKeyLabel;
			attributes[i].data = (void*) CFDataGetBytePtr(label_data);
			attributes[i].length = CFDataGetLength(label_data);
		} else {
			MacOSError::throwMe(paramErr);
		}
		i++;
	}
	
	if (tag != NULL)
	{
		attributes[i].tag = kSecKeyApplicationTag;
		attributes[i].data = (void*) CFDataGetBytePtr(tag);
		attributes[i].length = CFDataGetLength(tag);
		i++;
	}
	
	attrList.count = numToModify;
	attrList.attr = attributes;

	return SecKeychainItemModifyAttributesAndData((SecKeychainItemRef) keyRef, &attrList, 0, NULL);
}
void SG_password__set(
	SG_context *pCtx,
	const char *szRepoSpec,
	SG_string *pUserName,
	SG_string *pPassword)
{
	const char *username, *password;
	SG_string *path = NULL;
	SG_string *server = NULL;
	SecProtocolType proto;
	SG_uint32 port;
	SG_bool isValid = SG_FALSE;

	OSStatus saveRes, findRes;
	SecKeychainItemRef item = NULL;

	SG_NULLARGCHECK(pUserName);
	SG_NULLARGCHECK(pPassword);
	SG_NULLARGCHECK(szRepoSpec);

	username = SG_string__sz(pUserName);
	password = SG_string__sz(pPassword);

	SG_ERR_CHECK(  _sg_password__parse_url(pCtx, szRepoSpec,
		&isValid, &proto, &server, &path, &port)  );

	if (! isValid)
		SG_ERR_THROW(SG_ERR_NOTIMPLEMENTED);

	findRes = SecKeychainFindInternetPassword(
		NULL,
		SG_STRLEN( SG_string__sz(server) ), SG_string__sz(server),
		0, NULL,
		SG_STRLEN(username), username,
		SG_STRLEN( SG_string__sz(path) ), SG_string__sz(path),
		port, proto, kSecAuthenticationTypeDefault,
		NULL, NULL,
		&item);

	if (findRes == errSecSuccess)
	{
		saveRes = SecKeychainItemModifyAttributesAndData(item, NULL, SG_STRLEN(password), password);
	}
	else
	{
		saveRes = SecKeychainAddInternetPassword(
			NULL,
			SG_STRLEN( SG_string__sz(server) ), SG_string__sz(server),
			0, NULL,
			SG_STRLEN(username), username,
			SG_STRLEN( SG_string__sz(path) ), SG_string__sz(path),
			port, proto, kSecAuthenticationTypeDefault,
			SG_STRLEN(password), password,
			NULL);
	}

	if (saveRes != errSecSuccess)
		_SG_THROW_MAC_SEC_ERROR(saveRes);

fail:
	if (item)
		CFRelease(item);

	SG_STRING_NULLFREE(pCtx, path);
	SG_STRING_NULLFREE(pCtx, server);
}
Exemplo n.º 7
0
VALUE set_internet_password_for(VALUE self, VALUE data) {
    VALUE ret = Qfalse;

    CHECK_FETCH_HASH_KEY(account)
    CHECK_FETCH_HASH_KEY(protocol)
    CHECK_FETCH_HASH_KEY(server)
    CHECK_FETCH_HASH_KEY(password)

    VALUE sym_auth = rb_eval_string(":auth");
    VALUE auth;

    if (!rb_funcall(data, rb_intern("has_key?"), 1, sym_auth)) {
        auth = kSecAuthenticationTypeDefault;
    } else {
        auth = rb_funcall(rb_funcall(data, rb_intern("fetch"), 1, sym_auth), rb_intern("to_s"), 0);
        auth = String2FourChar(StringValuePtr(auth));
    }

    VALUE sym_port = rb_eval_string(":port");
    VALUE port;

    if (!rb_funcall(data, rb_intern("has_key?"), 1, sym_port)) {
        port = 0;
    } else {
        port = rb_funcall(rb_funcall(data, rb_intern("fetch"), 1, sym_port), rb_intern("to_i"), 0);
        port = NUM2INT(port);
    }

    VALUE sym_path = rb_eval_string(":path");
    VALUE path;

    if (!rb_funcall(data, rb_intern("has_key?"), 1, sym_path)) {
        path = rb_str_new2("");
    } else {
        path = rb_funcall(rb_funcall(data, rb_intern("fetch"), 1, sym_path), rb_intern("to_s"), 0);
    }

    OSStatus status = SecKeychainAddInternetPassword (
                          NULL,                                       // default keychain
                          strlen(StringValuePtr(server)),             // length of serverName
                          StringValuePtr(server),                     // serverName
                          0,                                          // length of domain
                          NULL,                                       // no domain
                          strlen(StringValuePtr(account)),            // length of account name
                          StringValuePtr(account),                    // account name
                          strlen(StringValuePtr(path)),               // length of path
                          StringValuePtr(path),                       // path
                          port,                                       // ignore port
                          String2FourChar(StringValuePtr(protocol)),  // protocol
                          auth,                                       // auth type
                          strlen(StringValuePtr(password)),
                          StringValuePtr(password),
                          NULL
                      );

    if (status == noErr) {
        ret = Qtrue;
    } else if (status == errSecDuplicateItem) {
        // Try updating instead
        SecKeychainItemRef itemRef = nil;

        status = SecKeychainFindInternetPassword (
                     NULL,                                       // default keychain
                     strlen(StringValuePtr(server)),             // length of serverName
                     StringValuePtr(server),                     // serverName
                     0,                                          // length of domain
                     NULL,                                       // no domain
                     strlen(StringValuePtr(account)),            // length of account name
                     StringValuePtr(account),                    // account name
                     strlen(StringValuePtr(path)),               // length of path
                     StringValuePtr(path),                       // path
                     port,                                       // ignore port
                     String2FourChar(StringValuePtr(protocol)),  // protocol
                     auth,
                     nil,
                     nil,
                     &itemRef
                 );

        if (status != noErr)
            rb_raise(rb_eStandardError, getStatusString(status));

        status = SecKeychainItemModifyAttributesAndData (
                     itemRef,                             // the item reference
                     NULL,                                // no change to attributes
                     strlen(StringValuePtr(password)),    // length of password
                     StringValuePtr(password)             // pointer to password data
                 );
        if (status != noErr)
            rb_raise(rb_eStandardError, getStatusString(status));

        ret = Qtrue;
    } else {
        rb_raise(rb_eStandardError, getStatusString(status));
    }

    return ret;
}