keyring (6193B)
1 #!/usr/bin/env zsh 2 # 3 # Jaro Mail, your humble and faithful electronic postman 4 # 5 # a tool to easily and privately handle your e-mail communication 6 # 7 # Copyleft (C) 2014 Denis Roio <jaromil@dyne.org> 8 # 9 # This source code is free software; you can redistribute it and/or 10 # modify it under the terms of the GNU Public License as published by 11 # the Free Software Foundation; either version 3 of the License, or 12 # (at your option) any later version. 13 # 14 # This source code is distributed in the hope that it will be useful, 15 # but WITHOUT ANY WARRANTY; without even the implied warranty of 16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 17 # Please refer to the GNU Public License for more details. 18 # 19 # You should have received a copy of the GNU Public License along with 20 # this source code; if not, write to: 21 # Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 22 23 24 # pass wrapper to set all env 25 _pass() { 26 fn pass $* 27 PASSWORD_STORE_DIR=$PASSWORD_STORE_DIR pass $* 28 } 29 30 # we use pinentry 31 # comes from gpg project and is secure 32 # it also conveniently uses the right toolkit 33 pin_entry() { 34 cat <<EOF | pinentry 2>/dev/null | awk '/^D / { sub(/^D /, ""); print }' 35 OPTION ttyname=$TTY 36 OPTION lc-ctype=$LANG 37 SETTITLE Type your password 38 SETDESC Type the password for $1 @ $2 39 SETPROMPT Password: 40 GETPIN 41 EOF 42 } 43 44 45 # retrieve a password for user @ domain 46 # put it in variable password 47 # up to the caller to unset it after use 48 ask_password() { 49 fn ask_password 50 51 req=(login host email account) 52 ckreq || return 1 53 54 password="" 55 act "retrieving login credentials for ${email} ($account)" 56 act "username '$login' on host '$host'" 57 func "keyring path: jaromail/${login}/${host}" 58 59 # $host is set by the caller 60 case $OS in 61 MAC) 62 act "looking for password in Mac/OSX keyring" 63 security find-internet-password \ 64 -c JARO -a $login -s $host > /dev/null 65 [[ $? = 0 ]] && { 66 act "saved password found in keyring" 67 password=`security find-internet-password -c JARO -a $login -s $host -g 2>&1| awk '/^password:/ { print $2 }' | sed -e 's/"//g'` 68 } 69 ;; 70 ##################################### 71 GNU) 72 if [[ $PASS = 1 ]]; then 73 act "looking for password in password-store" 74 password=`_pass show ${login}` 75 [[ $? = 0 ]] && act "password found in password-store" 76 elif [[ $SECRET_TOOL = 1 ]]; then 77 act "looking for password in secret-tool" 78 password=`secret-tool lookup protocol email username "$login" host "$host"` 79 [[ $? = 0 ]] && act "saved password found in keyring" 80 elif [ "$GNOMEKEY" = "1" ]; then 81 act "looking for password in Gnome keyring" 82 func "path: jaromail/${login}/${host}" 83 print "protocol=email\npath=jaromail/${login}/${host}\nusername=${login}\nhost=${host}\n\n" \ 84 | "$WORKDIR/bin/jaro-gnome-keyring" check 85 [[ $? = 0 ]] && { 86 act "saved password found in keyring" 87 password=`print - "protocol=email\npath=jaromail/${login}/${host}\nusername=${login}\nhost=${host}\n\n" | "$WORKDIR/bin/jaro-gnome-keyring" get` 88 } 89 fi 90 ;; 91 *) ;; 92 esac 93 94 [[ "$password" = "" ]] && { 95 act "no password found in keyring" 96 # use pinentry alone 97 new_password 98 [[ $? = 0 ]] || { 99 error "Password input aborted." 100 return 1 } 101 } 102 103 return 0 104 105 } 106 107 new_password() { 108 fn new_password 109 req=(login host email account) 110 ckreq || return 1 111 112 notice "Setting a new password for account $account" 113 act "Enter password for login '$login' on host '$host'" 114 115 password=`pin_entry $login "on $account"` 116 117 [[ "$password" = "" ]] && { 118 error "No password given, operation aborted" 119 return 1 120 } 121 122 case $OS in 123 MAC) 124 act "using Mac/OSX keyring password storage" 125 security delete-internet-password \ 126 -c JARO -a $login -s $host > /dev/null 127 # we are ignoring the success of delete 128 security add-internet-password \ 129 -c JARO -a $login -s $host -w "${password}" 130 131 if [[ $? = 0 ]]; then 132 notice "New password saved in Mac/OSX keyring" 133 else 134 error "Error adding password to Mac/OSX keyring." 135 fi 136 137 ;; 138 139 GNU) 140 # USE PASS 141 if [[ $PASS = 1 ]]; then 142 act "using pass for password-store" 143 print "$password\n" | _pass insert -e ${login} 144 if [[ $? = 0 ]]; then 145 notice "New password saved in password-store" 146 else 147 error "Error saving password in password-store" 148 fi 149 150 # USE GNOME KEYRING 151 elif [[ $SECRET_TOOL = 1 ]]; then 152 act "using secret-tool password storage" 153 print -n - $password \ 154 | secret-tool store --label "jaromail stored password" \ 155 protocol email \ 156 username "$login" \ 157 host "$host" 158 if [[ $? = 0 ]]; then 159 notice "New password saved in secret-tool" 160 else 161 error "Error saving password in secret-tool" 162 fi 163 164 elif [ "$GNOMEKEY" = "1" ]; then 165 act "using gnome-keyring password storage" 166 func "path: jaromail/${login}/${host}" 167 cat <<EOF | "$WORKDIR/bin/jaro-gnome-keyring" store 168 protocol=email 169 path=jaromail/${login}/${host} 170 username=${login} 171 host=${host} 172 password=${password} 173 EOF 174 if [[ $? = 0 ]]; then 175 notice "New password saved in GNOME keyring" 176 else 177 error "Error saving password in GNOME keyring" 178 fi 179 fi 180 ;; 181 *) ;; 182 esac 183 return 0 184 }