mirror of
https://github.com/haiwen/seafile.git
synced 2025-01-09 04:17:30 +08:00
added suppoer for gnome-keyring
RepoPass for encrypted library is stored in gnome-keyring instead of the sqlite3 database
This commit is contained in:
parent
9d574a1a65
commit
5d3af0d492
11
configure.ac
11
configure.ac
@ -91,6 +91,9 @@ if test "$blinux" = true; then
|
||||
|
||||
AC_ARG_ENABLE(ceph, AC_HELP_STRING([--enable-ceph], [enable ceph backend]),
|
||||
[compile_ceph=$enableval],[compile_ceph="no"])
|
||||
|
||||
AC_ARG_ENABLE(gnome-keyring, AC_HELP_STRING([--enable-gnome-keyring], [enable gnome keyring support]),
|
||||
[compile_gnome_keyring=$enableval],[compile_gnome_keyring="no"])
|
||||
fi
|
||||
|
||||
AC_ARG_ENABLE(client, AC_HELP_STRING([--enable-client], [enable client]),
|
||||
@ -372,6 +375,14 @@ if test "${compile_ceph}" = "yes"; then
|
||||
AC_DEFINE([HAVE_RADOS], [1], ["define if have rados"])
|
||||
fi
|
||||
|
||||
AM_CONDITIONAL([HAVE_KEYSTORAGE_GK], [test "${compile_gnome_keyring}" = "yes"])
|
||||
if test "${compile_gnome_keyring}" = "yes"; then
|
||||
PKG_CHECK_MODULES(GNOME_KEYRING, [gnome-keyring-1])
|
||||
AC_SUBST(GNOME_KEYRING_CFLAGS)
|
||||
AC_SUBST(GNOME_KEYRING_LIBS)
|
||||
AC_DEFINE(HAVE_KEYSTORAGE_GK, 1, [Have Gnome-Keyring support])
|
||||
fi
|
||||
|
||||
ac_configure_args="$ac_configure_args -q"
|
||||
|
||||
AC_CONFIG_FILES(
|
||||
|
@ -8,6 +8,7 @@ AM_CFLAGS = -DPKGDATADIR=\"$(pkgdatadir)\" \
|
||||
@CCNET_CFLAGS@ \
|
||||
@SEARPC_CFLAGS@ \
|
||||
@GLIB2_CFLAGS@ \
|
||||
@GNOME_KEYRING_CFLAGS@ \
|
||||
@MSVC_CFLAGS@ \
|
||||
-Wall
|
||||
|
||||
@ -72,6 +73,10 @@ if MACOS
|
||||
wt_monitor_src = wt-monitor-macos.c
|
||||
endif
|
||||
|
||||
if HAVE_KEYSTORAGE_GK
|
||||
key_storage_src = repokey/seafile-gnome-keyring.c
|
||||
endif
|
||||
|
||||
common_src = \
|
||||
transfer-mgr.c \
|
||||
../common/unpack-trees.c ../common/seaf-tree-walk.c \
|
||||
@ -92,6 +97,7 @@ common_src = \
|
||||
../common/block-backend.c \
|
||||
../common/block-backend-fs.c \
|
||||
../common/mq-mgr.c \
|
||||
$(key_storage_src) \
|
||||
processors/check-tx-proc.c \
|
||||
processors/check-tx-v2-proc.c \
|
||||
processors/check-tx-v3-proc.c \
|
||||
@ -125,7 +131,7 @@ seaf_daemon_LDADD = $(top_builddir)/lib/libseafile_common.la \
|
||||
@GLIB2_LIBS@ @GOBJECT_LIBS@ -lssl @LIB_RT@ @LIB_UUID@ -lsqlite3 -levent \
|
||||
$(top_builddir)/common/cdc/libcdc.la \
|
||||
$(top_builddir)/common/index/libindex.la ${LIB_WS32} \
|
||||
@SEARPC_LIBS@ @CCNET_LIBS@
|
||||
@SEARPC_LIBS@ @CCNET_LIBS@ @GNOME_KEYRING_LIBS@
|
||||
|
||||
seaf_daemon_LDFLAGS = @STATIC_COMPILE@ @CONSOLE@
|
||||
|
||||
|
@ -35,6 +35,10 @@
|
||||
#define INDEX_DIR "index"
|
||||
#define IGNORE_FILE "seafile-ignore.txt"
|
||||
|
||||
#ifdef HAVE_KEYSTORAGE_GK
|
||||
#include "repokey/seafile-gnome-keyring.h"
|
||||
#endif // HAVE_KEYSTORAGE_GK
|
||||
|
||||
struct _SeafRepoManagerPriv {
|
||||
avl_tree_t *repo_tree;
|
||||
sqlite3 *db;
|
||||
@ -1561,11 +1565,13 @@ remove_repo_ondisk (SeafRepoManager *mgr, const char *repo_id)
|
||||
seaf_repo_manager_del_repo_property (mgr, repo_id);
|
||||
|
||||
pthread_mutex_lock (&mgr->priv->db_lock);
|
||||
|
||||
#ifdef HAVE_KEYSTORAGE_GK
|
||||
gnome_keyring_sf_delete_password(repo_id, "password");
|
||||
#else
|
||||
snprintf (sql, sizeof(sql), "DELETE FROM RepoPasswd WHERE repo_id = '%s'",
|
||||
repo_id);
|
||||
sqlite_query_exec (mgr->priv->db, sql);
|
||||
|
||||
#endif
|
||||
snprintf (sql, sizeof(sql), "DELETE FROM RepoKeys WHERE repo_id = '%s'",
|
||||
repo_id);
|
||||
sqlite_query_exec (mgr->priv->db, sql);
|
||||
@ -1935,13 +1941,23 @@ load_repo_passwd (SeafRepoManager *manager, SeafRepo *repo)
|
||||
int n;
|
||||
|
||||
pthread_mutex_lock (&manager->priv->db_lock);
|
||||
|
||||
#ifdef HAVE_KEYSTORAGE_GK
|
||||
guint gk_item_id;
|
||||
char* gk_password;
|
||||
gk_password = gnome_keyring_sf_get_password(repo->id, "password", &gk_item_id);
|
||||
if (gk_password != NULL) {
|
||||
repo->encrypted = TRUE;
|
||||
repo->passwd = g_strdup(gk_password);
|
||||
g_free(gk_password);
|
||||
gk_password = NULL;
|
||||
}
|
||||
#else
|
||||
snprintf (sql, sizeof(sql),
|
||||
"SELECT passwd FROM RepoPasswd WHERE repo_id='%s'",
|
||||
repo->id);
|
||||
if (sqlite_foreach_selected_row (db, sql, load_passwd_cb, repo) < 0)
|
||||
return -1;
|
||||
|
||||
#endif
|
||||
snprintf (sql, sizeof(sql),
|
||||
"SELECT key, iv FROM RepoKeys WHERE repo_id='%s'",
|
||||
repo->id);
|
||||
@ -2360,12 +2376,16 @@ save_repo_enc_info (SeafRepoManager *manager,
|
||||
char sql[256];
|
||||
char key[33], iv[33];
|
||||
|
||||
#ifdef HAVE_KEYSTORAGE_GK
|
||||
if (gnome_keyring_sf_set_password(repo->id, "password", repo->passwd) != 1)
|
||||
return -1;
|
||||
#else
|
||||
sqlite3_snprintf (sizeof(sql), sql,
|
||||
"REPLACE INTO RepoPasswd VALUES ('%s', '%q');",
|
||||
repo->id, repo->passwd);
|
||||
if (sqlite_query_exec (db, sql) < 0)
|
||||
return -1;
|
||||
|
||||
#endif
|
||||
rawdata_to_hex (repo->enc_key, key, 16);
|
||||
rawdata_to_hex (repo->enc_iv, iv, 16);
|
||||
snprintf (sql, sizeof(sql), "REPLACE INTO RepoKeys VALUES ('%s', '%s', '%s')",
|
||||
|
100
daemon/repokey/seafile-gnome-keyring.c
Normal file
100
daemon/repokey/seafile-gnome-keyring.c
Normal file
@ -0,0 +1,100 @@
|
||||
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include <glib.h>
|
||||
#include "gnome-keyring.h"
|
||||
|
||||
#include "seafile-gnome-keyring.h"
|
||||
|
||||
#define SEAFILE_GK_ATTR_APP_NAME "seafile"
|
||||
#define SEAFILE_GK_ATTR_APP_VALUE "seaf-daemon"
|
||||
#define SEAFILE_GK_ATTR_REPO_NAME "repo_id"
|
||||
#define SEAFILE_GK_ATTR_TYPE_NAME "type"
|
||||
|
||||
char * gnome_keyring_sf_get_password(const char * repo_id, const char * type, guint *item_id)
|
||||
{
|
||||
GnomeKeyringAttributeList * attributes;
|
||||
GnomeKeyringResult result;
|
||||
GList * found_list;
|
||||
GList * i;
|
||||
GnomeKeyringFound * found;
|
||||
char * password = NULL;
|
||||
|
||||
attributes = g_array_new(FALSE, FALSE, sizeof (GnomeKeyringAttribute));
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_APP_NAME,
|
||||
SEAFILE_GK_ATTR_APP_VALUE);
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_REPO_NAME,
|
||||
repo_id);
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_TYPE_NAME,
|
||||
type);
|
||||
|
||||
result = gnome_keyring_find_items_sync(GNOME_KEYRING_ITEM_GENERIC_SECRET,
|
||||
attributes,
|
||||
&found_list);
|
||||
|
||||
gnome_keyring_attribute_list_free(attributes);
|
||||
|
||||
*item_id = -1;
|
||||
if (result != GNOME_KEYRING_RESULT_OK)
|
||||
return NULL;
|
||||
|
||||
for (i = found_list; i != NULL; i = i->next) {
|
||||
found = i->data;
|
||||
password = g_strdup(found->secret);
|
||||
*item_id = found->item_id;
|
||||
break;
|
||||
}
|
||||
gnome_keyring_found_list_free(found_list);
|
||||
|
||||
return password;
|
||||
}
|
||||
|
||||
int gnome_keyring_sf_set_password(const char * repo_id, const char * type, const char * password)
|
||||
{
|
||||
GnomeKeyringAttributeList * attributes;
|
||||
GnomeKeyringResult result; guint item_id;
|
||||
|
||||
attributes = g_array_new(FALSE,
|
||||
FALSE,
|
||||
sizeof (GnomeKeyringAttribute));
|
||||
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_APP_NAME,
|
||||
SEAFILE_GK_ATTR_APP_VALUE);
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_REPO_NAME,
|
||||
repo_id);
|
||||
gnome_keyring_attribute_list_append_string(attributes,
|
||||
SEAFILE_GK_ATTR_TYPE_NAME,
|
||||
type);
|
||||
|
||||
result = gnome_keyring_item_create_sync(NULL,
|
||||
GNOME_KEYRING_ITEM_GENERIC_SECRET,
|
||||
"seafile repository",
|
||||
attributes,
|
||||
password,
|
||||
TRUE,
|
||||
&item_id);
|
||||
|
||||
gnome_keyring_attribute_list_free(attributes);
|
||||
|
||||
return (result == GNOME_KEYRING_RESULT_OK);
|
||||
}
|
||||
|
||||
int gnome_keyring_sf_delete_password(const char * repo_id, const char * type)
|
||||
{
|
||||
guint item_id;
|
||||
GnomeKeyringResult result;
|
||||
char * tmp = NULL;
|
||||
|
||||
tmp = gnome_keyring_sf_get_password(repo_id, type, &item_id);
|
||||
g_free(tmp);
|
||||
result = gnome_keyring_item_delete_sync(NULL, item_id);
|
||||
|
||||
return (result == GNOME_KEYRING_RESULT_OK);
|
||||
}
|
23
daemon/repokey/seafile-gnome-keyring.h
Normal file
23
daemon/repokey/seafile-gnome-keyring.h
Normal file
@ -0,0 +1,23 @@
|
||||
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
||||
|
||||
#ifndef SEAF_GNOME_KEYRING_H
|
||||
#define SEAF_GNOME_KEYRING_H
|
||||
|
||||
#include <glib.h>
|
||||
#include <gnome-keyring.h>
|
||||
|
||||
|
||||
char *
|
||||
gnome_keyring_sf_get_password(const char * repo_id,
|
||||
const char * type,
|
||||
guint *item_id);
|
||||
|
||||
int
|
||||
gnome_keyring_sf_set_password(const char * repo_id,
|
||||
const char * type,
|
||||
const char * password);
|
||||
|
||||
int
|
||||
gnome_keyring_sf_delete_password(const char * repo_id,
|
||||
const char * type);
|
||||
#endif /* SEAF_GNOME_KEYRING_H */
|
Loading…
Reference in New Issue
Block a user