2008-08-15 19:31:51 +02:00
|
|
|
|
# -*- coding:utf-8 -*-
|
2008-08-15 05:20:23 +02:00
|
|
|
|
## src/common/passwords.py
|
2006-10-06 01:48:54 +02:00
|
|
|
|
##
|
2008-08-15 05:20:23 +02:00
|
|
|
|
## Copyright (C) 2006 Gustavo J. A. M. Carneiro <gjcarneiro AT gmail.com>
|
|
|
|
|
|
## Nikos Kouremenos <kourem AT gmail.com>
|
2014-01-02 09:33:54 +01:00
|
|
|
|
## Copyright (C) 2006-2014 Yann Leboulanger <asterix AT lagaule.org>
|
2008-08-15 05:20:23 +02:00
|
|
|
|
## Copyright (C) 2007 Jean-Marie Traissard <jim AT lapin.org>
|
|
|
|
|
|
## Julien Pivotto <roidelapluie AT gmail.com>
|
2008-08-15 19:31:51 +02:00
|
|
|
|
## Copyright (C) 2008 Stephan Erb <steve-e AT h3c.de>
|
2009-07-15 21:02:47 +02:00
|
|
|
|
## Copyright (c) 2009 Thorsten Glaser <t.glaser AT tarent.de>
|
2006-10-06 01:48:54 +02:00
|
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
|
## This file is part of Gajim.
|
|
|
|
|
|
##
|
|
|
|
|
|
## Gajim is free software; you can redistribute it and/or modify
|
2006-10-06 01:48:54 +02:00
|
|
|
|
## it under the terms of the GNU General Public License as published
|
2007-10-22 13:13:13 +02:00
|
|
|
|
## by the Free Software Foundation; version 3 only.
|
2006-10-06 01:48:54 +02:00
|
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
|
## Gajim is distributed in the hope that it will be useful,
|
2006-10-06 01:48:54 +02:00
|
|
|
|
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2008-08-15 05:20:23 +02:00
|
|
|
|
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2006-10-06 01:48:54 +02:00
|
|
|
|
## GNU General Public License for more details.
|
|
|
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
|
## You should have received a copy of the GNU General Public License
|
2008-08-15 05:20:23 +02:00
|
|
|
|
## along with Gajim. If not, see <http://www.gnu.org/licenses/>.
|
2007-10-22 13:13:13 +02:00
|
|
|
|
##
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
2016-12-11 01:20:16 +01:00
|
|
|
|
import os
|
|
|
|
|
|
import logging
|
|
|
|
|
|
import gi
|
|
|
|
|
|
from common import gajim
|
|
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
__all__ = ['get_password', 'save_password']
|
|
|
|
|
|
|
2016-12-11 01:20:16 +01:00
|
|
|
|
log = logging.getLogger('gajim.password')
|
|
|
|
|
|
|
|
|
|
|
|
if os.name == 'nt':
|
|
|
|
|
|
try:
|
|
|
|
|
|
import keyring
|
|
|
|
|
|
except ImportError:
|
|
|
|
|
|
log.debug('python-keyring missing, falling back to plaintext storage')
|
|
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
2015-07-18 15:44:36 +02:00
|
|
|
|
Secret = None
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
|
class PasswordStorage(object):
|
2010-02-08 15:08:40 +01:00
|
|
|
|
def get_password(self, account_name):
|
|
|
|
|
|
raise NotImplementedError
|
|
|
|
|
|
def save_password(self, account_name, password):
|
|
|
|
|
|
raise NotImplementedError
|
2006-11-01 17:49:49 +01:00
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
|
class SimplePasswordStorage(PasswordStorage):
|
2010-02-08 15:08:40 +01:00
|
|
|
|
def get_password(self, account_name):
|
|
|
|
|
|
passwd = gajim.config.get_per('accounts', account_name, 'password')
|
2017-01-23 19:18:59 +01:00
|
|
|
|
if passwd and (passwd.startswith('libsecret:') or passwd.startswith('winvault:')):
|
2016-11-20 22:56:26 +01:00
|
|
|
|
# this is not a real password, it’s stored through libsecret.
|
2010-02-08 15:08:40 +01:00
|
|
|
|
return None
|
|
|
|
|
|
else:
|
|
|
|
|
|
return passwd
|
|
|
|
|
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
|
|
|
|
|
gajim.config.set_per('accounts', account_name, 'password', password)
|
|
|
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
|
gajim.connections[account_name].password = password
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
|
|
|
|
|
|
2015-07-18 15:44:36 +02:00
|
|
|
|
class SecretPasswordStorage(PasswordStorage):
|
|
|
|
|
|
def __init__(self):
|
2015-07-24 21:49:10 +02:00
|
|
|
|
self.GAJIM_SCHEMA = Secret.Schema.new("org.gnome.keyring.NetworkPassword",
|
2015-07-18 15:44:36 +02:00
|
|
|
|
Secret.SchemaFlags.NONE,
|
|
|
|
|
|
{
|
|
|
|
|
|
'user': Secret.SchemaAttributeType.STRING,
|
|
|
|
|
|
'server': Secret.SchemaAttributeType.STRING,
|
2015-07-24 21:49:10 +02:00
|
|
|
|
'protocol': Secret.SchemaAttributeType.STRING,
|
2015-07-18 15:44:36 +02:00
|
|
|
|
}
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
def get_password(self, account_name):
|
|
|
|
|
|
conf = gajim.config.get_per('accounts', account_name, 'password')
|
2015-07-18 15:52:08 +02:00
|
|
|
|
if conf is None:
|
2015-07-18 15:44:36 +02:00
|
|
|
|
return None
|
2016-11-20 22:56:26 +01:00
|
|
|
|
if not conf.startswith('libsecret:'):
|
2015-07-18 15:44:36 +02:00
|
|
|
|
password = conf
|
|
|
|
|
|
## migrate the password over to keyring
|
|
|
|
|
|
try:
|
|
|
|
|
|
self.save_password(account_name, password, update=False)
|
|
|
|
|
|
except Exception:
|
|
|
|
|
|
## no keyring daemon: in the future, stop using it
|
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
|
return password
|
|
|
|
|
|
server = gajim.config.get_per('accounts', account_name, 'hostname')
|
|
|
|
|
|
user = gajim.config.get_per('accounts', account_name, 'name')
|
|
|
|
|
|
password = Secret.password_lookup_sync(self.GAJIM_SCHEMA, {'user': user,
|
2015-07-24 21:49:10 +02:00
|
|
|
|
'server': server, 'protocol': 'xmpp'}, None)
|
2015-07-18 15:44:36 +02:00
|
|
|
|
return password
|
|
|
|
|
|
|
|
|
|
|
|
def save_password(self, account_name, password, update=True):
|
|
|
|
|
|
server = gajim.config.get_per('accounts', account_name, 'hostname')
|
|
|
|
|
|
user = gajim.config.get_per('accounts', account_name, 'name')
|
|
|
|
|
|
display_name = _('XMPP account %s@%s') % (user, server)
|
|
|
|
|
|
if password is None:
|
|
|
|
|
|
password = str()
|
2015-07-24 21:49:10 +02:00
|
|
|
|
attributes = {'user': user, 'server': server, 'protocol': 'xmpp'}
|
2015-07-18 15:44:36 +02:00
|
|
|
|
Secret.password_store_sync(self.GAJIM_SCHEMA, attributes,
|
|
|
|
|
|
Secret.COLLECTION_DEFAULT, display_name, password, None)
|
|
|
|
|
|
gajim.config.set_per('accounts', account_name, 'password',
|
|
|
|
|
|
'libsecret:')
|
|
|
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
|
gajim.connections[account_name].password = password
|
|
|
|
|
|
|
2009-07-15 21:02:47 +02:00
|
|
|
|
|
2016-12-11 01:20:16 +01:00
|
|
|
|
class SecretWindowsPasswordStorage(PasswordStorage):
|
|
|
|
|
|
""" Windows Keyring """
|
|
|
|
|
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
|
|
self.win_keyring = keyring.get_keyring()
|
|
|
|
|
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
2017-01-23 19:18:59 +01:00
|
|
|
|
try:
|
|
|
|
|
|
self.win_keyring.set_password('gajim', account_name, password)
|
|
|
|
|
|
gajim.config.set_per(
|
|
|
|
|
|
'accounts', account_name, 'password', 'winvault:')
|
|
|
|
|
|
except:
|
|
|
|
|
|
log.exception('error:')
|
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
|
storage.save_password(account_name, password)
|
2016-12-11 01:20:16 +01:00
|
|
|
|
|
|
|
|
|
|
def get_password(self, account_name):
|
|
|
|
|
|
log.debug('getting password')
|
|
|
|
|
|
conf = gajim.config.get_per('accounts', account_name, 'password')
|
|
|
|
|
|
if conf is None:
|
|
|
|
|
|
return None
|
|
|
|
|
|
if not conf.startswith('winvault:'):
|
|
|
|
|
|
password = conf
|
|
|
|
|
|
# migrate the password over to keyring
|
2017-01-23 19:18:59 +01:00
|
|
|
|
self.save_password(account_name, password)
|
2016-12-11 01:20:16 +01:00
|
|
|
|
return password
|
|
|
|
|
|
return self.win_keyring.get_password('gajim', account_name)
|
|
|
|
|
|
|
|
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
storage = None
|
|
|
|
|
|
def get_storage():
|
2010-02-08 15:08:40 +01:00
|
|
|
|
global storage
|
|
|
|
|
|
if storage is None: # None is only in first time get_storage is called
|
2016-11-20 22:56:26 +01:00
|
|
|
|
global Secret
|
2017-01-23 19:02:21 +01:00
|
|
|
|
if gajim.config.get('use_keyring'):
|
|
|
|
|
|
try:
|
|
|
|
|
|
gi.require_version('Secret', '1')
|
|
|
|
|
|
gir = __import__('gi.repository', globals(), locals(),
|
|
|
|
|
|
['Secret'], 0)
|
|
|
|
|
|
Secret = gir.Secret
|
|
|
|
|
|
except (ValueError, AttributeError):
|
|
|
|
|
|
pass
|
|
|
|
|
|
try:
|
|
|
|
|
|
if os.name != 'nt':
|
|
|
|
|
|
storage = SecretPasswordStorage()
|
|
|
|
|
|
else:
|
|
|
|
|
|
storage = SecretWindowsPasswordStorage()
|
|
|
|
|
|
except Exception:
|
|
|
|
|
|
storage = SimplePasswordStorage()
|
|
|
|
|
|
else:
|
2010-02-08 15:08:40 +01:00
|
|
|
|
storage = SimplePasswordStorage()
|
|
|
|
|
|
return storage
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
|
def set_storage(storage_):
|
2010-02-08 15:08:40 +01:00
|
|
|
|
global storage
|
|
|
|
|
|
storage = storage_
|
2006-10-11 22:38:23 +02:00
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
def get_password(account_name):
|
2010-02-08 15:08:40 +01:00
|
|
|
|
return get_storage().get_password(account_name)
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
|
|
|
|
|
def save_password(account_name, password):
|
2017-06-25 23:14:35 +02:00
|
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
|
gajim.connections[account_name].set_password(password)
|
2010-02-08 15:08:40 +01:00
|
|
|
|
return get_storage().save_password(account_name, password)
|
