2018-09-05 02:59:34 +02:00
|
|
|
# Copyright (C) 2006 Gustavo J. A. M. Carneiro <gjcarneiro AT gmail.com>
|
|
|
|
# Nikos Kouremenos <kourem AT gmail.com>
|
|
|
|
# Copyright (C) 2006-2014 Yann Leboulanger <asterix AT lagaule.org>
|
|
|
|
# Copyright (C) 2007 Jean-Marie Traissard <jim AT lapin.org>
|
|
|
|
# Julien Pivotto <roidelapluie AT gmail.com>
|
|
|
|
# Copyright (C) 2008 Stephan Erb <steve-e AT h3c.de>
|
|
|
|
# Copyright (c) 2009 Thorsten Glaser <t.glaser AT tarent.de>
|
|
|
|
#
|
|
|
|
# This file is part of Gajim.
|
|
|
|
#
|
|
|
|
# Gajim is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published
|
|
|
|
# by the Free Software Foundation; version 3 only.
|
|
|
|
#
|
|
|
|
# Gajim is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with Gajim. If not, see <http://www.gnu.org/licenses/>.
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2016-12-11 01:20:16 +01:00
|
|
|
import logging
|
2017-09-19 22:06:21 +02:00
|
|
|
|
2017-08-13 13:18:56 +02:00
|
|
|
from gajim.common import app
|
2016-12-11 01:20:16 +01:00
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
__all__ = ['get_password', 'save_password']
|
|
|
|
|
2016-12-11 01:20:16 +01:00
|
|
|
log = logging.getLogger('gajim.password')
|
|
|
|
|
2018-09-21 23:55:57 +02:00
|
|
|
|
2018-02-03 20:32:37 +01:00
|
|
|
try:
|
|
|
|
import keyring
|
2018-12-01 13:47:15 +01:00
|
|
|
from keyring.core import recommended
|
2018-09-21 23:55:57 +02:00
|
|
|
KEYRING_AVAILABLE = True
|
2018-02-03 20:32:37 +01:00
|
|
|
except ImportError:
|
2018-09-21 23:55:57 +02:00
|
|
|
KEYRING_AVAILABLE = False
|
2019-03-02 19:59:27 +01:00
|
|
|
log.warning('python-keyring missing, falling back to plaintext storage')
|
2016-12-11 01:20:16 +01:00
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2018-09-16 11:56:56 +02:00
|
|
|
class PasswordStorage:
|
2017-08-12 17:00:16 +02:00
|
|
|
"""Interface for password stores"""
|
2010-02-08 15:08:40 +01:00
|
|
|
def get_password(self, account_name):
|
2017-08-12 17:00:16 +02:00
|
|
|
"""Return the password for account_name, or None if not found."""
|
2010-02-08 15:08:40 +01:00
|
|
|
raise NotImplementedError
|
2018-11-27 18:15:02 +01:00
|
|
|
|
2010-02-08 15:08:40 +01:00
|
|
|
def save_password(self, account_name, password):
|
2017-08-12 17:00:16 +02:00
|
|
|
"""Save password for account_name. Return a bool indicating success."""
|
2010-02-08 15:08:40 +01:00
|
|
|
raise NotImplementedError
|
2006-11-01 17:49:49 +01:00
|
|
|
|
2018-11-27 18:15:02 +01:00
|
|
|
def delete_password(self, account_name):
|
|
|
|
"""Delete password for account_name. Return a bool indicating success."""
|
|
|
|
raise NotImplementedError
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2018-02-03 20:32:37 +01:00
|
|
|
class SecretPasswordStorage(PasswordStorage):
|
|
|
|
""" Store password using Keyring """
|
|
|
|
identifier = 'keyring:'
|
2016-12-11 01:20:16 +01:00
|
|
|
|
|
|
|
def __init__(self):
|
2018-02-03 20:32:37 +01:00
|
|
|
self.keyring = keyring.get_keyring()
|
2019-03-02 19:59:27 +01:00
|
|
|
log.info('Select %s backend', self.keyring)
|
2016-12-11 01:20:16 +01:00
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
2017-01-23 19:18:59 +01:00
|
|
|
try:
|
2019-03-02 19:59:27 +01:00
|
|
|
log.info('Save password to keyring')
|
2018-02-03 20:32:37 +01:00
|
|
|
self.keyring.set_password('gajim', account_name, password)
|
2017-08-12 17:00:16 +02:00
|
|
|
return True
|
2019-03-02 19:59:27 +01:00
|
|
|
except Exception:
|
|
|
|
log.exception('Save password failed')
|
2017-08-12 17:00:16 +02:00
|
|
|
return False
|
2016-12-11 01:20:16 +01:00
|
|
|
|
|
|
|
def get_password(self, account_name):
|
2019-03-02 19:59:27 +01:00
|
|
|
log.info('Request password from keyring')
|
|
|
|
try:
|
|
|
|
return self.keyring.get_password('gajim', account_name)
|
|
|
|
except Exception:
|
|
|
|
log.exception('Request password failed')
|
|
|
|
return
|
2016-12-11 01:20:16 +01:00
|
|
|
|
2018-11-27 18:15:02 +01:00
|
|
|
def delete_password(self, account_name):
|
2019-03-02 19:59:27 +01:00
|
|
|
log.info('Remove password from keyring')
|
|
|
|
try:
|
|
|
|
return self.keyring.delete_password('gajim', account_name)
|
|
|
|
except Exception:
|
|
|
|
log.exception('Remove password failed')
|
|
|
|
return
|
2018-11-27 18:15:02 +01:00
|
|
|
|
2017-08-12 17:00:16 +02:00
|
|
|
class PasswordStorageManager(PasswordStorage):
|
|
|
|
"""Access all the implemented password storage backends, knowing which ones
|
|
|
|
are available and which we prefer to use.
|
2018-02-03 20:32:37 +01:00
|
|
|
Also implements storing directly in gajim config."""
|
2017-08-12 17:00:16 +02:00
|
|
|
|
|
|
|
def __init__(self):
|
|
|
|
self.preferred_backend = None
|
|
|
|
|
2018-02-03 20:32:37 +01:00
|
|
|
self.secret = None
|
2017-08-12 17:00:16 +02:00
|
|
|
|
|
|
|
self.connect_backends()
|
|
|
|
self.set_preferred_backend()
|
|
|
|
|
|
|
|
def connect_backends(self):
|
|
|
|
"""Initialize backend connections, determining which ones are available.
|
|
|
|
"""
|
2016-12-11 01:20:16 +01:00
|
|
|
|
2018-12-01 13:47:15 +01:00
|
|
|
if not app.config.get('use_keyring') or not KEYRING_AVAILABLE:
|
|
|
|
return
|
|
|
|
|
|
|
|
backends = keyring.backend.get_all_keyring()
|
|
|
|
for backend in backends:
|
|
|
|
log.info('Found keyring backend: %s', backend)
|
|
|
|
|
|
|
|
for backend in backends:
|
|
|
|
if recommended(backend):
|
|
|
|
self.secret = SecretPasswordStorage()
|
|
|
|
return
|
|
|
|
log.warning('No recommended keyring backend found, '
|
|
|
|
'plain storage is used')
|
2017-08-12 17:00:16 +02:00
|
|
|
|
|
|
|
def get_password(self, account_name):
|
2017-08-13 13:18:56 +02:00
|
|
|
pw = app.config.get_per('accounts', account_name, 'password')
|
2017-08-12 17:00:16 +02:00
|
|
|
if not pw:
|
|
|
|
return pw
|
2018-02-03 20:32:37 +01:00
|
|
|
if pw.startswith(SecretPasswordStorage.identifier) and self.secret:
|
|
|
|
backend = self.secret
|
2017-08-12 17:00:16 +02:00
|
|
|
else:
|
|
|
|
backend = None
|
|
|
|
|
|
|
|
if backend:
|
|
|
|
pw = backend.get_password(account_name)
|
2019-03-02 19:59:27 +01:00
|
|
|
|
2017-08-12 17:00:16 +02:00
|
|
|
if backend != self.preferred_backend:
|
|
|
|
# migrate password to preferred_backend
|
2018-02-03 20:32:37 +01:00
|
|
|
self.save_password(account_name, pw)
|
2017-08-12 17:00:16 +02:00
|
|
|
return pw
|
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
2018-11-27 18:15:02 +01:00
|
|
|
if account_name in app.connections:
|
|
|
|
app.connections[account_name].password = password
|
2019-03-02 19:59:27 +01:00
|
|
|
|
2018-11-27 18:15:02 +01:00
|
|
|
if not app.config.get_per('accounts', account_name, 'savepass'):
|
|
|
|
return True
|
|
|
|
|
2017-08-12 17:00:16 +02:00
|
|
|
if self.preferred_backend:
|
|
|
|
if self.preferred_backend.save_password(account_name, password):
|
2017-08-13 13:18:56 +02:00
|
|
|
app.config.set_per('accounts', account_name, 'password',
|
2019-03-02 19:59:27 +01:00
|
|
|
self.preferred_backend.identifier)
|
2018-11-27 18:15:02 +01:00
|
|
|
else:
|
|
|
|
app.config.set_per('accounts', account_name, 'password', password)
|
|
|
|
return True
|
2017-08-12 17:00:16 +02:00
|
|
|
|
2018-11-27 18:15:02 +01:00
|
|
|
def delete_password(self, account_name):
|
2017-08-13 13:18:56 +02:00
|
|
|
if account_name in app.connections:
|
2018-11-27 18:15:02 +01:00
|
|
|
app.connections[account_name].password = None
|
|
|
|
|
2019-03-02 19:59:27 +01:00
|
|
|
if self.preferred_backend is not None:
|
2018-11-27 18:15:02 +01:00
|
|
|
self.preferred_backend.delete_password(account_name)
|
2019-03-02 19:59:27 +01:00
|
|
|
app.config.set_per('accounts', account_name, 'password', None)
|
2017-08-12 17:00:16 +02:00
|
|
|
return True
|
|
|
|
|
|
|
|
def set_preferred_backend(self):
|
2018-02-03 20:32:37 +01:00
|
|
|
if self.secret:
|
|
|
|
self.preferred_backend = self.secret
|
2017-01-23 19:02:21 +01:00
|
|
|
else:
|
2017-08-12 17:00:16 +02:00
|
|
|
self.preferred_backend = None
|
|
|
|
|
|
|
|
passwordStorageManager = None
|
|
|
|
|
|
|
|
def get_storage():
|
|
|
|
global passwordStorageManager
|
|
|
|
if not passwordStorageManager:
|
|
|
|
passwordStorageManager = PasswordStorageManager()
|
|
|
|
return passwordStorageManager
|
2006-10-11 22:38:23 +02:00
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
def get_password(account_name):
|
2010-02-08 15:08:40 +01:00
|
|
|
return get_storage().get_password(account_name)
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2018-11-27 18:15:02 +01:00
|
|
|
def delete_password(account_name):
|
|
|
|
return get_storage().delete_password(account_name)
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
def save_password(account_name, password):
|
2010-02-08 15:08:40 +01:00
|
|
|
return get_storage().save_password(account_name, password)
|