2008-08-15 19:31:51 +02:00
|
|
|
# -*- coding:utf-8 -*-
|
2008-08-15 05:20:23 +02:00
|
|
|
## src/common/passwords.py
|
2006-10-06 01:48:54 +02:00
|
|
|
##
|
2008-08-15 05:20:23 +02:00
|
|
|
## Copyright (C) 2006 Gustavo J. A. M. Carneiro <gjcarneiro AT gmail.com>
|
|
|
|
|
## Nikos Kouremenos <kourem AT gmail.com>
|
2014-01-02 09:33:54 +01:00
|
|
|
## Copyright (C) 2006-2014 Yann Leboulanger <asterix AT lagaule.org>
|
2008-08-15 05:20:23 +02:00
|
|
|
## Copyright (C) 2007 Jean-Marie Traissard <jim AT lapin.org>
|
|
|
|
|
## Julien Pivotto <roidelapluie AT gmail.com>
|
2008-08-15 19:31:51 +02:00
|
|
|
## Copyright (C) 2008 Stephan Erb <steve-e AT h3c.de>
|
2009-07-15 21:02:47 +02:00
|
|
|
## Copyright (c) 2009 Thorsten Glaser <t.glaser AT tarent.de>
|
2006-10-06 01:48:54 +02:00
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
## This file is part of Gajim.
|
|
|
|
|
##
|
|
|
|
|
## Gajim is free software; you can redistribute it and/or modify
|
2006-10-06 01:48:54 +02:00
|
|
|
## it under the terms of the GNU General Public License as published
|
2007-10-22 13:13:13 +02:00
|
|
|
## by the Free Software Foundation; version 3 only.
|
2006-10-06 01:48:54 +02:00
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
## Gajim is distributed in the hope that it will be useful,
|
2006-10-06 01:48:54 +02:00
|
|
|
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2008-08-15 05:20:23 +02:00
|
|
|
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
2006-10-06 01:48:54 +02:00
|
|
|
## GNU General Public License for more details.
|
|
|
|
|
##
|
2007-10-22 13:13:13 +02:00
|
|
|
## You should have received a copy of the GNU General Public License
|
2008-08-15 05:20:23 +02:00
|
|
|
## along with Gajim. If not, see <http://www.gnu.org/licenses/>.
|
2007-10-22 13:13:13 +02:00
|
|
|
##
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
|
|
|
__all__ = ['get_password', 'save_password']
|
|
|
|
|
|
2009-01-19 23:19:43 +01:00
|
|
|
import warnings
|
2006-10-06 01:48:54 +02:00
|
|
|
from common import gajim
|
2009-07-15 21:02:47 +02:00
|
|
|
from common import kwalletbinding
|
2012-12-26 11:19:59 +01:00
|
|
|
from common.exceptions import GnomeKeyringError
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2006-12-29 19:30:18 +01:00
|
|
|
USER_HAS_GNOMEKEYRING = False
|
|
|
|
|
USER_USES_GNOMEKEYRING = False
|
2009-07-15 21:02:47 +02:00
|
|
|
USER_HAS_KWALLETCLI = False
|
2012-12-26 11:19:59 +01:00
|
|
|
GnomeKeyring = None
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
class PasswordStorage(object):
|
2010-02-08 15:08:40 +01:00
|
|
|
def get_password(self, account_name):
|
|
|
|
|
raise NotImplementedError
|
|
|
|
|
def save_password(self, account_name, password):
|
|
|
|
|
raise NotImplementedError
|
2006-11-01 17:49:49 +01:00
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
class SimplePasswordStorage(PasswordStorage):
|
2010-02-08 15:08:40 +01:00
|
|
|
def get_password(self, account_name):
|
|
|
|
|
passwd = gajim.config.get_per('accounts', account_name, 'password')
|
|
|
|
|
if passwd and (passwd.startswith('gnomekeyring:') or \
|
|
|
|
|
passwd == '<kwallet>'):
|
|
|
|
|
# this is not a real password, it's either a gnome
|
|
|
|
|
# keyring token or stored in the KDE wallet
|
|
|
|
|
return None
|
|
|
|
|
else:
|
|
|
|
|
return passwd
|
|
|
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
|
|
|
|
gajim.config.set_per('accounts', account_name, 'password', password)
|
|
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
gajim.connections[account_name].password = password
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
class GnomePasswordStorage(PasswordStorage):
|
2010-02-08 15:08:40 +01:00
|
|
|
def __init__(self):
|
2012-12-26 11:19:59 +01:00
|
|
|
(err, self.keyring) = GnomeKeyring.get_default_keyring_sync()
|
|
|
|
|
if err != GnomeKeyring.Result.OK:
|
|
|
|
|
raise GnomeKeyringError(err)
|
2010-02-08 15:08:40 +01:00
|
|
|
if self.keyring is None:
|
2012-01-03 20:17:33 +01:00
|
|
|
self.keyring = 'login'
|
2012-12-26 11:19:59 +01:00
|
|
|
err = GnomeKeyring.create_sync(self.keyring, None)
|
|
|
|
|
if err not in (GnomeKeyring.Result.OK,
|
|
|
|
|
GnomeKeyring.Result.KEYRING_ALREADY_EXISTS):
|
|
|
|
|
raise GnomeKeyringError(err)
|
2010-02-08 15:08:40 +01:00
|
|
|
|
|
|
|
|
def get_password(self, account_name):
|
|
|
|
|
conf = gajim.config.get_per('accounts', account_name, 'password')
|
|
|
|
|
if conf is None or conf == '<kwallet>':
|
|
|
|
|
return None
|
|
|
|
|
if not conf.startswith('gnomekeyring:'):
|
|
|
|
|
password = conf
|
|
|
|
|
## migrate the password over to keyring
|
|
|
|
|
try:
|
|
|
|
|
self.save_password(account_name, password, update=False)
|
2013-01-01 23:18:36 +01:00
|
|
|
except GnomeKeyringError as e:
|
2012-12-26 11:19:59 +01:00
|
|
|
if e.error == GnomeKeyring.Result.NO_KEYRING_DAEMON:
|
|
|
|
|
## no keyring daemon: in the future, stop using it
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
2010-02-08 15:08:40 +01:00
|
|
|
return password
|
2012-12-26 11:19:59 +01:00
|
|
|
server = gajim.config.get_per('accounts', account_name, 'hostname')
|
|
|
|
|
user = gajim.config.get_per('accounts', account_name, 'name')
|
|
|
|
|
attributes1 = GnomeKeyring.attribute_list_new()
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'server',
|
|
|
|
|
str(server))
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'user',
|
|
|
|
|
str(user))
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'protocol',
|
|
|
|
|
'xmpp')
|
|
|
|
|
attributes2 = GnomeKeyring.attribute_list_new()
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes2, 'account_name',
|
|
|
|
|
str(account_name))
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes2, 'gajim',
|
|
|
|
|
'1')
|
|
|
|
|
(err, items) = GnomeKeyring.find_items_sync(
|
|
|
|
|
GnomeKeyring.ItemType.NETWORK_PASSWORD, attributes1)
|
|
|
|
|
if err != GnomeKeyring.Result.OK:
|
|
|
|
|
(err, items) = GnomeKeyring.find_items_sync(
|
|
|
|
|
GnomeKeyring.ItemType.GENERIC_SECRET, attributes2)
|
|
|
|
|
if err == GnomeKeyring.Result.OK and len(items) > 0:
|
|
|
|
|
password = items[0].secret
|
|
|
|
|
self.save_password(account_name, password)
|
|
|
|
|
for item in items:
|
|
|
|
|
GnomeKeyring.item_delete_sync(item.keyring,
|
|
|
|
|
int(item.item_id))
|
2010-02-08 15:08:40 +01:00
|
|
|
else:
|
2012-12-26 11:19:59 +01:00
|
|
|
items = []
|
|
|
|
|
if len(items) > 1:
|
|
|
|
|
warnings.warn("multiple gnome keyring items found for account %s;"
|
|
|
|
|
" trying to use the first one..." % account_name)
|
|
|
|
|
if items:
|
|
|
|
|
return items[0].secret
|
|
|
|
|
else:
|
2010-02-08 15:08:40 +01:00
|
|
|
return None
|
2012-12-26 11:19:59 +01:00
|
|
|
if err == GnomeKeyring.Result.NO_KEYRING_DAEMON:
|
2010-02-08 15:08:40 +01:00
|
|
|
## no keyring daemon: in the future, stop using it
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
2012-12-26 11:19:59 +01:00
|
|
|
return None
|
2010-02-08 15:08:40 +01:00
|
|
|
|
|
|
|
|
def save_password(self, account_name, password, update=True):
|
|
|
|
|
server = gajim.config.get_per('accounts', account_name, 'hostname')
|
|
|
|
|
user = gajim.config.get_per('accounts', account_name, 'name')
|
|
|
|
|
display_name = _('XMPP account %s@%s') % (user, server)
|
2012-12-26 11:19:59 +01:00
|
|
|
attributes1 = GnomeKeyring.attribute_list_new()
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'server',
|
|
|
|
|
str(server))
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'user',
|
|
|
|
|
str(user))
|
|
|
|
|
GnomeKeyring.attribute_list_append_string(attributes1, 'protocol',
|
|
|
|
|
'xmpp')
|
2010-02-08 15:08:40 +01:00
|
|
|
if password is None:
|
|
|
|
|
password = str()
|
2012-12-26 11:19:59 +01:00
|
|
|
(err, auth_token) = GnomeKeyring.item_create_sync(self.keyring,
|
|
|
|
|
GnomeKeyring.ItemType.NETWORK_PASSWORD, display_name, attributes1,
|
|
|
|
|
password, update)
|
|
|
|
|
if err != GnomeKeyring.Result.OK:
|
2013-02-19 13:22:49 +01:00
|
|
|
if err in (GnomeKeyring.Result.DENIED,
|
|
|
|
|
GnomeKeyring.Result.CANCELLED):
|
2012-12-26 11:19:59 +01:00
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
storage.save_password(account_name, password)
|
|
|
|
|
return
|
|
|
|
|
else:
|
|
|
|
|
raise GnomeKeyringError(err)
|
2010-02-08 15:08:40 +01:00
|
|
|
gajim.config.set_per('accounts', account_name, 'password',
|
2012-12-26 11:19:59 +01:00
|
|
|
'gnomekeyring:')
|
2010-02-08 15:08:40 +01:00
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
gajim.connections[account_name].password = password
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2009-07-15 21:02:47 +02:00
|
|
|
class KWalletPasswordStorage(PasswordStorage):
|
2010-02-08 15:08:40 +01:00
|
|
|
def get_password(self, account_name):
|
|
|
|
|
pw = gajim.config.get_per('accounts', account_name, 'password')
|
|
|
|
|
if not pw or pw.startswith('gnomekeyring:'):
|
|
|
|
|
# unset, empty or not ours
|
|
|
|
|
return None
|
|
|
|
|
if pw != '<kwallet>':
|
|
|
|
|
# migrate the password
|
|
|
|
|
if kwalletbinding.kwallet_put('gajim', account_name, pw):
|
|
|
|
|
gajim.config.set_per('accounts', account_name, 'password',
|
|
|
|
|
'<kwallet>')
|
|
|
|
|
else:
|
|
|
|
|
# stop using the KDE Wallet
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
return pw
|
|
|
|
|
pw = kwalletbinding.kwallet_get('gajim', account_name)
|
|
|
|
|
if pw is None:
|
|
|
|
|
# stop using the KDE Wallet
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
if not pw:
|
|
|
|
|
# False, None, or the empty string
|
|
|
|
|
return None
|
|
|
|
|
return pw
|
|
|
|
|
|
|
|
|
|
def save_password(self, account_name, password):
|
|
|
|
|
if not kwalletbinding.kwallet_put('gajim', account_name, password):
|
|
|
|
|
# stop using the KDE Wallet
|
|
|
|
|
set_storage(SimplePasswordStorage())
|
|
|
|
|
storage.save_password(account_name, password)
|
|
|
|
|
return
|
|
|
|
|
pwtoken = '<kwallet>'
|
|
|
|
|
if not password:
|
|
|
|
|
# no sense in looking up the empty string in the KWallet
|
|
|
|
|
pwtoken = ''
|
|
|
|
|
gajim.config.set_per('accounts', account_name, 'password', pwtoken)
|
|
|
|
|
if account_name in gajim.connections:
|
|
|
|
|
gajim.connections[account_name].password = password
|
2009-07-15 21:02:47 +02:00
|
|
|
|
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
storage = None
|
|
|
|
|
def get_storage():
|
2010-02-08 15:08:40 +01:00
|
|
|
global storage
|
|
|
|
|
if storage is None: # None is only in first time get_storage is called
|
|
|
|
|
if gajim.config.get('use_gnomekeyring'):
|
2012-12-26 11:19:59 +01:00
|
|
|
global GnomeKeyring
|
2010-02-08 15:08:40 +01:00
|
|
|
try:
|
2012-12-26 11:19:59 +01:00
|
|
|
gir = __import__('gi.repository', globals(), locals(),
|
2013-02-16 20:31:38 +01:00
|
|
|
['GnomeKeyring'], 0)
|
2012-12-26 11:19:59 +01:00
|
|
|
GnomeKeyring = gir.GnomeKeyring
|
2013-02-20 20:13:08 +01:00
|
|
|
except (ImportError, AttributeError):
|
2010-02-08 15:08:40 +01:00
|
|
|
pass
|
|
|
|
|
else:
|
|
|
|
|
global USER_HAS_GNOMEKEYRING
|
|
|
|
|
global USER_USES_GNOMEKEYRING
|
|
|
|
|
USER_HAS_GNOMEKEYRING = True
|
2012-12-26 11:19:59 +01:00
|
|
|
if GnomeKeyring.is_available():
|
2010-02-08 15:08:40 +01:00
|
|
|
USER_USES_GNOMEKEYRING = True
|
|
|
|
|
else:
|
|
|
|
|
USER_USES_GNOMEKEYRING = False
|
|
|
|
|
if USER_USES_GNOMEKEYRING:
|
|
|
|
|
try:
|
|
|
|
|
storage = GnomePasswordStorage()
|
2012-12-26 11:19:59 +01:00
|
|
|
except GnomeKeyringError:
|
2010-02-08 15:08:40 +01:00
|
|
|
storage = None
|
|
|
|
|
if storage is None:
|
|
|
|
|
if gajim.config.get('use_kwalletcli'):
|
|
|
|
|
global USER_HAS_KWALLETCLI
|
|
|
|
|
if kwalletbinding.kwallet_available():
|
|
|
|
|
USER_HAS_KWALLETCLI = True
|
|
|
|
|
if USER_HAS_KWALLETCLI:
|
|
|
|
|
storage = KWalletPasswordStorage()
|
|
|
|
|
if storage is None:
|
|
|
|
|
storage = SimplePasswordStorage()
|
|
|
|
|
return storage
|
2006-10-06 01:48:54 +02:00
|
|
|
|
2006-10-11 22:38:23 +02:00
|
|
|
def set_storage(storage_):
|
2010-02-08 15:08:40 +01:00
|
|
|
global storage
|
|
|
|
|
storage = storage_
|
2006-10-11 22:38:23 +02:00
|
|
|
|
|
|
|
|
|
2006-10-06 01:48:54 +02:00
|
|
|
def get_password(account_name):
|
2010-02-08 15:08:40 +01:00
|
|
|
return get_storage().get_password(account_name)
|
2006-10-06 01:48:54 +02:00
|
|
|
|
|
|
|
|
def save_password(account_name, password):
|
2010-02-08 15:08:40 +01:00
|
|
|
return get_storage().save_password(account_name, password)
|
