commit 3a25fe7fd4e827c30ef122ca133aa7fbd759dcad
parent 0f7143f24b80b609779f950ea13a7605dc6f874a
Author: Jaromil <jaromil@dyne.org>
Date: Wed, 10 Apr 2013 11:54:10 +0000
fix to password keyring creation and storage
Diffstat:
M | src/zlibs/accounts | | | 73 | ++++++++++++++++++++++++++++++++++++------------------------------------- |
1 file changed, 36 insertions(+), 37 deletions(-)
diff --git a/src/zlibs/accounts b/src/zlibs/accounts
@@ -171,9 +171,9 @@ EOF
# put it in variable password
# up to the caller to unset it after use
ask_password() {
- func "Looking for password in keyring: $name"
case $OS in
MAC)
+ func "Looking for password in Mac/OSX keyring for $email on $host over $transport"
security find-internet-password \
-c JARO -a $email -s $host \
-p $transport -P $port > /dev/null
@@ -189,10 +189,10 @@ ask_password() {
;;
#####################################
GNU)
- func "Looking for password in keyring: $name"
###################
# USE GNOME KEYRING
if [ "$GNOMEKEY" = "1" ]; then
+ func "Looking for password in Gnome keyring for $email on $host over $transport"
print "protocol=${type}\npath=jaromail/${email}\nusername=${login}\nhost=${host}\n\n" \
| $WORKDIR/bin/jaro-gnome-keyring check
if [ $? != 0 ]; then # its a new password
@@ -206,10 +206,11 @@ ask_password() {
fi
return 0
elif [ -r $WORKDIR/keyring ]; then
- _hash=`print "$transport:$email:$host" | shasum`
+ func "Looking for password in local keyring for $email on $host over $transport"
+ _hash=`print "$transport:$email:$host" | shasum | awk '{print $1}'`
lookup="`lookup_secret ${_hash}`"
{ test "$lookup" = "" } || {
- act "Using saved password for $email ($transport on $host)"
+ act "Saved password found for $email ($transport on $host)"
password="$lookup"
return 0
}
@@ -229,12 +230,12 @@ ask_password() {
}
lookup_secret() {
- hash=$1
+ _hash=$1
if [ "$2" = "" ]; then key=password
else key="$2"; fi
cat <<EOF | ${SQL} -column -batch $WORKDIR/keyring
SELECT ${key} FROM secrets
-WHERE hash IS "${hash}";
+WHERE hash IS "${_hash}";
EOF
}
@@ -280,7 +281,7 @@ new_password() {
if [ "$password" != "" ]; then # password was written
# USE GNOME KEYRING
- { test $GNOMEKEY = 1 } && {
+ if [ "$GNOMEKEY" = "1" ]; then
cat <<EOF | $WORKDIR/bin/jaro-gnome-keyring store
protocol=${type}
@@ -290,30 +291,9 @@ host=${host}
password=${password}
EOF
{ test $? != 0 } && { error "Error saving password in Gnome keyring" }
- return 0
- }
-
- return 0
-
- else # password is blank or aborted
-
- # save it into gnome keyring
- if [ $GNOMEKEY = 1 ]; then
-
- cat <<EOF | $WORKDIR/bin/jaro-gnome-keyring erase
-protocol=${type}
-path=jaromail/${email}
-username=${login}
-host=${host}
-EOF
- { test $? != 0 } && {
- error "Error accessing password in Gnome keyring"
- return 1 }
- act "No new password given, old password erased."
- return 0
-
else # save it into local keyring
+
{ test -r $WORKDIR/keyring } || {
# make sure the local keyring exists
touch $WORKDIR/keyring
@@ -322,30 +302,49 @@ EOF
cat <<EOF | ${SQL} -batch $WORKDIR/keyring
CREATE TABLE secrets
(
- hash text unique,
- password text collate
+ hash text unique,
+ password text
);
EOF
}
# calculate the hash for this entry
- hash=`print "$transport:$email:$host" | shasum`
+ _hash=`print "$transport:$email:$host" | shasum | awk '{print $1}'`
# check if the entry is already present
- lookup="`lookup_secret ${hash} rowid`"
+ lookup="`lookup_secret ${_hash} rowid`"
if [ "$lookup" = "" ]; then # new entry
cat <<EOF | ${SQL} -batch $WORKDIR/keyring
INSERT INTO secrets (hash, password)
-VALUES ("${hash}", "${password}");
+VALUES ("${_hash}", "${password}");
EOF
act "saved new password in local keyring"
else # update entry
cat <<EOF | ${SQL} -batch $WORKDIR/keyring
-UPDATE secrets SET password="${password}" WHERE hash LIKE "${hash}";
+UPDATE secrets SET password="${password}" WHERE hash LIKE "${_hash}";
EOF
act "updated local keyring with new password"
fi
- return 0
fi
- return 1
+
+ return 0
+
+ else # password is blank or aborted
+
+ # save it into gnome keyring
+ if [ $GNOMEKEY = 1 ]; then
+
+ cat <<EOF | $WORKDIR/bin/jaro-gnome-keyring erase
+protocol=${type}
+path=jaromail/${email}
+username=${login}
+host=${host}
+EOF
+ { test $? != 0 } && {
+ error "Error accessing password in Gnome keyring"
+ return 1 }
+ act "No new password given, old password erased."
+ return 0
+ fi
+ # TODO: delete from local keyring
fi
;;