commit 1bcee7fdf3a26b2ca0ebd04ed6b590ec2ca31cdb
parent 5437013588e4ecde4f70b3cd626e2c61f859839f
Author: Jaromil <jaromil@dyne.org>
Date: Tue, 8 Dec 2015 20:46:57 +0100
added secret-tool as default keyring tool on GNU systems
Diffstat:
2 files changed, 38 insertions(+), 37 deletions(-)
diff --git a/src/jaro b/src/jaro
@@ -98,9 +98,9 @@ DRYRUN=${DRYRUN:-0}
CALLMUTT=${CALLMUTT:-1}
# use gnome-keyring for passwords on GNU systems
-vars+=(GNOMEKEY)
+vars+=(GNOMEKEY SECRET_TOOL)
GNOMEKEY=${GNOMEKEY:-0}
-
+SECRET_TOOL=${SECRET_TOOL:-0}
# global variables for binaries called
vars+=(rm mkdir mutt SQL OS)
@@ -353,11 +353,16 @@ check_bin() {
func "Notmuch binary: `command -v notmuch`"
func "Alot binary: `command -v alot`"
- ps ax | grep '[g]nome-keyring-daemon' > /dev/null
- [[ $? = 0 ]] && {
- act "using gnome-keyring to store secrets"
- GNOMEKEY=1
- }
+ # check if secret-tool is present else fallback to gnome-keyring
+ if isfound secret-tool; then
+ SECRET_TOOL=1
+ else
+ ps ax | grep '[g]nome-keyring-daemon' > /dev/null
+ [[ $? = 0 ]] && {
+ act "using gnome-keyring to store secrets"
+ GNOMEKEY=1
+ }
+ fi
return 0
}
@@ -780,7 +785,9 @@ main() {
exitcode=$?
;;
- passwd) new_password ;;
+ passwd) read_account $account
+ host=${PARAM:-$imap}
+ new_password ;;
# cert) cert ${PARAM} ;; # was checking is_online
diff --git a/src/zlibs/keyring b/src/zlibs/keyring
@@ -20,20 +20,6 @@
# this source code; if not, write to:
# Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-create_keyring() {
- # make sure the local keyring exists
- touch "$1"
- chmod 600 "$1"
- chown $_uid:$_gid "$1"
- cat <<EOF | ${SQL} -batch "$1"
-CREATE TABLE secrets
-(
- hash text unique,
- password text
-);
-EOF
-}
-
# we use pinentry
# comes from gpg project and is secure
@@ -76,9 +62,14 @@ ask_password() {
;;
#####################################
GNU)
- ###################
- # USE GNOME KEYRING
- if [ "$GNOMEKEY" = "1" ]; then
+
+ if [[ $SECRET_TOOL = 1 ]]; then
+
+ act "looking for password in secret-tool"
+ password=`secret-tool lookup protocol email username "$login" host "$host"`
+ [[ $? = 0 ]] && act "saved password found in keyring"
+
+ elif [ "$GNOMEKEY" = "1" ]; then
act "looking for password in Gnome keyring"
func "path: jaromail/${login}/${host}"
@@ -106,21 +97,11 @@ ask_password() {
}
-lookup_secret() {
- _hash=$1
- if [ "$2" = "" ]; then key=password
- else key="$2"; fi
- cat <<EOF | ${SQL} -column -batch $KEYRING
-SELECT ${key} FROM secrets
-WHERE hash IS "${_hash}";
-EOF
-}
-
new_password() {
fn new_password
req=(login host email account)
ckreq || return 1
-
+
notice "Setting a new password for account $account"
act "Enter password for login '$login' on host '$host'"
@@ -150,7 +131,20 @@ new_password() {
GNU)
# USE GNOME KEYRING
- if [ "$GNOMEKEY" = "1" ]; then
+ if [[ $SECRET_TOOL = 1 ]]; then
+ act "using secret-tool password storage"
+ print -n - $password \
+ | secret-tool store --label "jaromail stored password" \
+ protocol email \
+ username "$login" \
+ host "$host"
+ if [[ $? = 0 ]]; then
+ notice "New password saved in secret-tool"
+ else
+ error "Error saving password in secret-tool"
+ fi
+
+ elif [ "$GNOMEKEY" = "1" ]; then
act "using gnome-keyring password storage"
func "path: jaromail/${login}/${host}"
cat <<EOF | "$WORKDIR/bin/jaro-gnome-keyring" store