jaromail

a commandline tool to easily and privately handle your e-mail
git clone git://parazyd.org/jaromail.git
Log | Files | Refs | Submodules | README
commit 33be6051eae0bb938e8c897489a8fe2376f87b59
parent e8aab34973c879852a0f3f08f50d04d89dcbda20
Author: Jaromil <jaromil@dyne.org>
Date:   Wed, 16 Sep 2015 18:00:48 +0200

local keyring switch to zkv store (testing)

Diffstat:

Msrc/zlibs/keyring | 321++++++++++++++++++++++++++++++++++++++++---------------------------------------


1 file changed, 161 insertions(+), 160 deletions(-)

diff --git a/src/zlibs/keyring b/src/zlibs/keyring
@@ -21,7 +21,7 @@
 # Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 
 create_keyring() {
-    # make sure the local keyring exists 
+    # make sure the local keyring exists
     touch "$1"
     chmod 600 "$1"
     chown $_uid:$_gid "$1"
@@ -29,7 +29,7 @@ create_keyring() {
 CREATE TABLE secrets
 (
   hash		text unique,
-  password	text 
+  password	text
 );
 EOF
 }
@@ -39,7 +39,7 @@ EOF
 # comes from gpg project and is secure
 # it also conveniently uses the right toolkit
 pin_entry() {
-    	cat <<EOF | pinentry 2>/dev/null | awk '/^D / { sub(/^D /, ""); print }'
+    cat <<EOF | pinentry 2>/dev/null | awk '/^D / { sub(/^D /, ""); print }'
 OPTION ttyname=$TTY
 OPTION lc-ctype=$LANG
 SETTITLE Type your password
@@ -55,81 +55,86 @@ EOF
 # up to the caller to unset it after use
 ask_password() {
     case $OS in
-	MAC)
+        MAC)
             func "Looking for password in Mac/OSX keyring for $email ($account)"
-	    security find-internet-password \
-		-c JARO -a $email -s $host > /dev/null
-	    if [ $? != 0 ]; then # its a new password
-		new_password
-		{ test $? != 0 } && {
-		    error "Password input aborted."
-		    return 1 }
-	    else
-		password=`security find-internet-password -c JARO -a $email -s $host -g 2>&1| awk '/^password:/ { print $2 }' | sed -e 's/"//g'`
-	    fi
-	    return 0
-	    ;;
-	#####################################
-	GNU)
-	    ###################
-	    # USE GNOME KEYRING
-	    if [ "$GNOMEKEY" = "1" ]; then
+            security find-internet-password \
+                     -c JARO -a $email -s $host > /dev/null
+            if [ $? != 0 ]; then # its a new password
+                new_password
+                { test $? != 0 } && {
+                    error "Password input aborted."
+                    return 1 }
+            else
+                password=`security find-internet-password -c JARO -a $email -s $host -g 2>&1| awk '/^password:/ { print $2 }' | sed -e 's/"//g'`
+            fi
+            return 0
+            ;;
+        #####################################
+        GNU)
+            ###################
+            # USE GNOME KEYRING
+            if [ "$GNOMEKEY" = "1" ]; then
                 func "Looking for password in Gnome keyring for $email ($account)"
-		func "path: jaromail/${email}"
-
-		print "protocol=email\npath=jaromail/${email}\nusername=${login}\nhost=${host}\n\n" \
-		    | "$WORKDIR/bin/jaro-gnome-keyring" check
-		if [ $? != 0 ]; then # its a new password
-		    new_password
-		    { test $? != 0 } && {
-			error "Password input aborted."
-			return 1 }
-		else # password found into gnome keyring
-		    act "Using saved password for $login @ $host"
-		    password=`print "protocol=email\npath=jaromail/${email}\nusername=${login}\nhost=${host}\n\n" | "$WORKDIR/bin/jaro-gnome-keyring" get`
-		fi
-		return 0
-	    elif [ -r "$KEYRING" ]; then
-                func "looking for password in local keyring for $email ($account)"
-		func "new pass hash for: $login:$host"
-		_hash=`print "$login:$host" | shasum | awk '{print $1}'`
-		lookup="`lookup_secret ${_hash}`"
-		{ test "$lookup" = "" } || {
-		    act "saved password found for $email ($transport on $host)"
-		    notice "type the password to unlock this keyring entry:"
-		    password="`print - $lookup | base64 -d | gpg -d --cipher-algo aes256 --openpgp --no-options`"
-		    { test "$?" = 0 } || { error "incorrect password to unlock local keyring entry, operation aborted."; return 1 }
-		    return 0
-		}
-	    fi
-	    ####################
-	    # USE PINENTRY ALONE
-	    new_password
-	    { test $? != 0 } && {
-		error "Password input aborted."
-		return 1 }
-	    return 0
-	    ;;
-	*)
+                func "path: jaromail/${email}"
+
+                print "protocol=email\npath=jaromail/${email}\nusername=${login}\nhost=${host}\n\n" \
+                    | "$WORKDIR/bin/jaro-gnome-keyring" check
+                if [ $? != 0 ]; then # its a new password
+                    new_password
+                    { test $? != 0 } && {
+                        error "Password input aborted."
+                        return 1 }
+                else # password found into gnome keyring
+                    act "Using saved password for $login @ $host"
+                    password=`print "protocol=email\npath=jaromail/${email}\nusername=${login}\nhost=${host}\n\n" | "$WORKDIR/bin/jaro-gnome-keyring" get`
+                fi
+                return 0
+            elif [ -r "$KEYRING" ]; then
                 func "looking for password in local keyring for $email ($account)"
-		func "new pass hash for: $login:$host"
-		_hash=`print "$login:$host" | shasum | awk '{print $1}'`
-		lookup="`lookup_secret ${_hash}`"
-		{ test "$lookup" = "" } || {
-		    act "saved password found for $email ($transport on $host)"
-		    notice "type the password to unlock this keyring entry:"
-		    password="`print - $lookup | base64 -d | gpg -d --cipher-algo aes256 --openpgp --no-options`"
-		    { test "$?" = 0 } || { error "incorrect password to unlock local keyring entry, operation aborted."; return 1 }
-		    return 0
-		}
-	    ####################
-	    # USE PINENTRY ALONE
-	    new_password
-	    { test $? != 0 } && {
-		error "Password input aborted."
-		return 1 }
-	    return 0
-	    ;;
+                func "new pass hash for: $login:$host"
+                _hash=`print "$login:$host" | shasum | awk '{print $1}'`
+
+                typeset -A keyring
+                zkv.load $MAILDIRS/Keyring.zkv
+                lookup=${keyring[$_hash]}
+                unset keyring
+
+                { test "$lookup" = "" } || {
+                    act "saved password found for $email ($transport on $host)"
+                    notice "type the password to unlock this keyring entry:"
+                    password="`print - $lookup | base64 -d | gpg -d --cipher-algo aes256 --openpgp --no-options`"
+                    { test "$?" = 0 } || { error "incorrect password to unlock local keyring entry, operation aborted."; return 1 }
+                    return 0
+                }
+            fi
+            ####################
+            # USE PINENTRY ALONE
+            new_password
+            { test $? != 0 } && {
+                error "Password input aborted."
+                return 1 }
+            return 0
+            ;;
+        *)
+            func "looking for password in local keyring for $email ($account)"
+            func "new pass hash for: $login:$host"
+            _hash=`print "$login:$host" | shasum | awk '{print $1}'`
+            lookup="`lookup_secret ${_hash}`"
+            { test "$lookup" = "" } || {
+                act "saved password found for $email ($transport on $host)"
+                notice "type the password to unlock this keyring entry:"
+                password="`print - $lookup | base64 -d | gpg -d --cipher-algo aes256 --openpgp --no-options`"
+                { test "$?" = 0 } || { error "incorrect password to unlock local keyring entry, operation aborted."; return 1 }
+                return 0
+            }
+            ####################
+            # USE PINENTRY ALONE
+            new_password
+            { test $? != 0 } && {
+                error "Password input aborted."
+                return 1 }
+            return 0
+            ;;
 
     esac
 }
@@ -145,64 +150,64 @@ EOF
 }
 
 new_password() {
-    
+
     read_account ${account}
-    
+
     notice "Setting a new password for account $account"
     act "please enter password for username '$login'"
-    
+
     password=`pin_entry $login "on $account"`
     res=0
     case $OS in
-	    MAC)
+        MAC)
 
             [[ "$password" = "" ]] && {
-		        error "No password given, operation aborted"
-		        return 1
+                error "No password given, operation aborted"
+                return 1
             }
-            
+
             [[ "$imap" = "" ]] || {
                 security delete-internet-password \
-                    -c JARO -a $email -s $imap > /dev/null
+                         -c JARO -a $email -s $imap > /dev/null
                 res=$(( $? + $res ))
                 security add-internet-password \
-                    -c JARO -a $email -s $imap -w "${password}"
+                         -c JARO -a $email -s $imap -w "${password}"
                 res=$(( $? + $res ))
-                
+
             }
-            
+
             [[ "$smtp" = "" ]] || {
                 security delete-internet-password \
-                    -c JARO -a $email -s $smtp > /dev/null
+                         -c JARO -a $email -s $smtp > /dev/null
                 res=$(( $? + $res ))
                 security add-internet-password \
-                    -c JARO -a $email -s $smtp -w "${password}"
+                         -c JARO -a $email -s $smtp -w "${password}"
                 res=$(( $? + $res ))
             }
-            
-		    [[ $res = 0 ]] || {
-		        error "Error adding password to keyring."
+
+            [[ $res = 0 ]] || {
+                error "Error adding password to keyring."
                 return 1
             }
-            
-		    act "New password saved in keyring"
-		    return 0
-            
-	        ;;
 
-	    GNU)
+            act "New password saved in keyring"
+            return 0
+
+            ;;
+
+        GNU)
 
             [[ "$password" = "" ]] && {
-		        error "No password given, operation aborted"
-		        return 1
+                error "No password given, operation aborted"
+                return 1
             }
-            
-		    # USE GNOME KEYRING
-		    if [ "$GNOMEKEY" = "1" ]; then
-		        act "using gnome-keyring password storage"
-		        func "path: jaromail/${email}"
+
+            # USE GNOME KEYRING
+            if [ "$GNOMEKEY" = "1" ]; then
+                act "using gnome-keyring password storage"
+                func "path: jaromail/${email}"
                 for h in "$imap" "$smtp"; do
-		            cat <<EOF | "$WORKDIR/bin/jaro-gnome-keyring" store
+                    cat <<EOF | "$WORKDIR/bin/jaro-gnome-keyring" store
 protocol=email
 path=jaromail/${email}
 username=${login}
@@ -210,70 +215,66 @@ host=${h}
 password=${password}
 EOF
                 done
-		        { test $? != 0 } && { error "Error saving password in Gnome keyring" }
-                
-		    else # USE LOCAL KEYRING
-                
-		        { test -r "$KEYRING" } || { create_keyring "$KEYRING" }
-
-                for h in "$imap" "$smtp"; do                
-		            # calculate the hash for this entry
-		            _hash=`print "$login:$host" | shasum | awk '{print $1}'`
-		            # check if the entry is already present
-		            func "new pass hash for: $login:$host"
-		            lookup="`lookup_secret ${_hash} rowid`"
-		            notice "Select the password to lock this keyring entry:"
-		            _password="`print - $password | gpg -c --cipher-algo AES256 --openpgp --no-options | base64`"
-                                        
-		            if [ "$lookup" = "" ]; then # new entry
-			            cat <<EOF | ${SQL} -batch "$KEYRING"
-INSERT INTO secrets (hash, password)
-VALUES ("${_hash}", "${_password}");
-EOF
-			            act "saved new password in local keyring"
-		            else # update entry
-			            cat <<EOF | ${SQL} -batch "$KEYRING"
-UPDATE secrets SET password="${_password}" WHERE hash LIKE "${_hash}";
-EOF
-			            act "updated local keyring with new password"
-		            fi
+                { test $? != 0 } && { error "Error saving password in Gnome keyring" }
+
+            else # USE LOCAL KEYRING
+
+                { test -r "$KEYRING" } || { create_keyring "$KEYRING" }
+
+                for h in "$imap" "$smtp"; do
+                    # calculate the hash for this entry
+                    _hash=`print "$login:$host" | shasum | awk '{print $1}'`
+                    typeset -A keyring
+
+                    [[ -r $MAILDIRS/Keyring.zkv ]] && {
+                        # check if the entry is already present
+                        zkv.load $MAILDIRS/Keyring.zkv
+                    }
+
+                    notice "Select the password to lock this keyring entry:"
+                    _password="`print - $password | gpg -c --cipher-algo AES256 --openpgp --no-options | base64`"
+
+                    keyring[$_hash]="$_password"
+
+                    act "saved new password in local keyring"
+                    zkv.save keyring $MAILDIRS/Keyring.zkv
+
                 done
-            
+
             fi
-		    return 0
-            
-	        ;;
-	    *)
-
- 
-		        { test -r "$KEYRING" } || { create_keyring "$KEYRING" }
-
-                for h in "$imap" "$smtp"; do                
-		            # calculate the hash for this entry
-		            _hash=`print "$login:$host" | shasum | awk '{print $1}'`
-		            # check if the entry is already present
-		            func "new pass hash for: $login:$host"
-		            lookup="`lookup_secret ${_hash} rowid`"
-		            notice "Select the password to lock this keyring entry:"
-		            _password="`print - $password | gpg -c --cipher-algo AES256 --openpgp --no-options | base64`"
-                                        
-		            if [ "$lookup" = "" ]; then # new entry
-			            cat <<EOF | ${SQL} -batch "$KEYRING"
+            return 0
+
+            ;;
+        *)
+
+            { test -r "$KEYRING" } || { create_keyring "$KEYRING" }
+
+            for h in "$imap" "$smtp"; do
+                # calculate the hash for this entry
+                _hash=`print "$login:$host" | shasum | awk '{print $1}'`
+                # check if the entry is already present
+                func "new pass hash for: $login:$host"
+                lookup="`lookup_secret ${_hash} rowid`"
+                notice "Select the password to lock this keyring entry:"
+                _password="`print - $password | gpg -c --cipher-algo AES256 --openpgp --no-options | base64`"
+
+                if [ "$lookup" = "" ]; then # new entry
+                    cat <<EOF | ${SQL} -batch "$KEYRING"
 INSERT INTO secrets (hash, password)
 VALUES ("${_hash}", "${_password}");
 EOF
-			            act "saved new password in local keyring"
-		            else # update entry
-			            cat <<EOF | ${SQL} -batch "$KEYRING"
+                    act "saved new password in local keyring"
+                else # update entry
+                    cat <<EOF | ${SQL} -batch "$KEYRING"
 UPDATE secrets SET password="${_password}" WHERE hash LIKE "${_hash}";
 EOF
-			            act "updated local keyring with new password"
-		            fi
-                done
+                    act "updated local keyring with new password"
+                fi
+            done
+
 
 
 
-		   
-		    ;;
+            ;;
     esac
 }