Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: libsecret instead of libgnome-keyring-1 #2

Open
snowyu opened this issue Jan 31, 2021 · 7 comments
Open

feat: libsecret instead of libgnome-keyring-1 #2

snowyu opened this issue Jan 31, 2021 · 7 comments
Assignees
Labels
Blocked This task is impossible to implement at all

Comments

@snowyu
Copy link

snowyu commented Jan 31, 2021

a little hint: https://askubuntu.com/questions/470384/is-it-possible-to-use-secret-tool-to-lookup-existing-seahorse-passwords

@recolic
Copy link
Owner

recolic commented Jan 31, 2021 via email

@recolic recolic self-assigned this Mar 15, 2021
@recolic recolic added the TODO TODOs label Mar 15, 2021
@recolic
Copy link
Owner

recolic commented Jul 10, 2021

Hi.
I read the libsecret usage again (the third time), but I still don't know how to use it instead of libgnome-keyring. Here's the problem:

I'm sure that I need to use secret_service_unlock_sync(), but it seems that there's no way to pass a password into this function. It only accepts password from user input.
The function signature is here, and I have did some test on libsecret here.

// This one is easy to use
GnomeKeyringResult  gnome_keyring_unlock_sync (const char *keyring, const char *password);

// This is libsecret version. It have to read password from an interactive window. 
gint
secret_service_unlock_sync (SecretService *service,
                            GList *objects,
                            GCancellable *cancellable,
                            GList **unlocked,
                            GError **error);

@janbrummer
Copy link

It should be easy:

secret_service_unlock_sync says The secret service may prompt the user. secret_service_prompt() will be used to handle any prompts that show up.

secret_service_prompt indicates that is possible to override it: Override the SecretServiceClass prompt_async virtual method to change the behavior of the propmting.

@recolic
Copy link
Owner

recolic commented Jul 18, 2022

After some research, I don't think it's even possible to do that with libsecret.

libsecret will call method org.freedesktop.Secret.Prompt via DBus, and the password text does not goes to libsecret at all. After a successful prompt, it will call another method to actually unlock these keyrings. There is no existing interface to do that automatically.

This is a test to prove my idea: (Using this branch)

  1. Run libsecret version of unlock_keyring program.
  2. Now the prompt appears.
  3. Kill the unlock_keyring program from another SSH session.
  4. type my password into the prompt, and ENTER.
  5. Unlock the keyring in seahorse. It does not require a password anymore.

Step 5 means that, the password did not go through our program. The password was passed to libsecret through another channel (so it's impossible to modify this behavior from our program)

If you have any idea, please let me know.

If libgnome-keyring is deprecating, I think we must send raw DBus message by hand.

@recolic recolic added Blocked This task is impossible to implement at all and removed TODO TODOs labels Jul 18, 2022
@recolic
Copy link
Owner

recolic commented May 18, 2024

Maybe gnome-keyring-daemon --replace --unlock is a possible solution, but it doesn't work in my test.

https://unix.stackexchange.com/questions/602313/unlock-gnome-keyring-daemon-from-command-line

Let me know if anyone could make progress on this problem.

@recolic
Copy link
Owner

recolic commented Dec 19, 2024

Just for a quick update. I added another standalone implementation, which doesn't require libgnome-keyring anymore.
Check it out if it might help you leave the deprecated lib.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Blocked This task is impossible to implement at all
Projects
None yet
Development

No branches or pull requests

3 participants