[libsecret: 1/2] secret-tool: Add locking capabilities to secret tool




commit 015ea1194b28da44faa6b8b7bf070f4a0f5c4218
Author: Nick Montalbano <namontalbano email neit edu>
Date:   Wed Jun 23 21:27:32 2021 -0400

    secret-tool: Add locking capabilities to secret tool
    
    Context, secret tool currently does not have the capability to lock
    keyring.
    
    This capability was requested for specific use cases.
    
    Updates have been made to the secret tool to lock keyrings.
    
    Closes https://gitlab.gnome.org/GNOME/libsecret/-/issues/28

 tool/secret-tool.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
---
diff --git a/tool/secret-tool.c b/tool/secret-tool.c
index 9335e37..642d9c0 100644
--- a/tool/secret-tool.c
+++ b/tool/secret-tool.c
@@ -18,6 +18,8 @@
 #include "libsecret/secret-password.h"
 #include "libsecret/secret-retrievable.h"
 #include "libsecret/secret-value.h"
+#include "libsecret/secret-service.h"
+#include "libsecret/secret-paths.h"
 
 #include <glib/gi18n.h>
 
@@ -28,6 +30,7 @@
 #include <string.h>
 
 #define SECRET_ALIAS_PREFIX "/org/freedesktop/secrets/aliases/"
+#define SECRET_COLLECTION_PREFIX "/org/freedesktop/secrets/collection/"
 
 static gchar **attribute_args = NULL;
 static gchar *store_label = NULL;
@@ -58,6 +61,13 @@ static const GOptionEntry CLEAR_OPTIONS[] = {
        { NULL }
 };
 
+/* secret-tool lock collections="xxxx" */
+static const GOptionEntry COLLECTION_OPTIONS[] = {
+       { "collection", 'c', 0, G_OPTION_ARG_STRING, &store_collection,
+         N_("collection in which to lock"), NULL },
+       { NULL }
+};
+
 typedef int       (* SecretToolAction)          (int argc, char *argv[]);
 
 static void       usage                         (void) G_GNUC_NORETURN;
@@ -69,6 +79,7 @@ usage (void)
        g_printerr ("       secret-tool lookup attribute value ...\n");
        g_printerr ("       secret-tool clear attribute value ...\n");
        g_printerr ("       secret-tool search [--all] [--unlock] attribute value ...\n");
+       g_printerr ("       secret-tool lock --collection='collection'\n");
        exit (2);
 }
 
@@ -493,6 +504,61 @@ secret_tool_action_search (int argc,
        return 0;
 }
 
+static int
+secret_tool_action_lock (int argc,
+                         char *argv[])
+{
+       GError *error = NULL;
+       GList *locked = NULL;
+       GOptionContext *context;
+       g_autofree gchar *collection_path = NULL;
+       g_autolist (GList) collections = NULL;
+       g_autoptr (SecretService) service = NULL;
+       g_autoptr (SecretCollection) collection = NULL;
+
+       service = secret_service_get_sync (SECRET_SERVICE_LOAD_COLLECTIONS, NULL, &error);
+       if (error != NULL) {
+               g_printerr ("%s: %s\n", g_get_prgname (), error->message);
+               g_error_free (error);
+               return 1;
+       }
+
+       context = g_option_context_new ("collections");
+       g_option_context_add_main_entries (context, COLLECTION_OPTIONS, GETTEXT_PACKAGE);
+       g_option_context_parse (context, &argc, &argv, &error);
+
+       if (store_collection) {
+
+               collection_path = g_strconcat (SECRET_COLLECTION_PREFIX, store_collection, NULL);
+               collection = secret_collection_new_for_dbus_path_sync (service, collection_path, 
SECRET_COLLECTION_NONE, NULL, &error);
+               g_free (store_collection);
+               g_free (collection_path);
+
+               if (error != NULL) {
+                       g_printerr ("%s: %s\n", g_get_prgname (), error->message);
+                       g_error_free (error);
+                       return 1;
+               }
+
+               if (secret_collection_get_locked (collection) || collection == NULL) {
+                       return 1;
+               }
+
+               collections = g_list_append (collections, collection);
+       } else {
+               collections = secret_service_get_collections (service);
+       }
+
+       secret_service_lock_sync (NULL, collections, 0, &locked, &error);
+       if (error != NULL) {
+               g_printerr ("%s: %s\n", g_get_prgname (), error->message);
+               g_error_free (error);
+               return 1;
+       }
+
+       return 0;
+}
+
 int
 main (int argc,
       char *argv[])
@@ -518,6 +584,8 @@ main (int argc,
                action = secret_tool_action_clear;
        } else if (g_str_equal (argv[1], "search")) {
                action = secret_tool_action_search;
+       } else if (g_str_equal (argv[1], "lock")) {
+               action = secret_tool_action_lock;
        } else {
                usage ();
        }


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]