Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prefer kwallet over libsecret for KDE #111

Merged
merged 3 commits into from
Jul 6, 2018
Merged

Prefer kwallet over libsecret for KDE #111

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ed2ff1b
Prefer kwallet over libsecret for KDE #103
ckamm Jun 14, 2018
9bd44f0
Backends: Fall back on libsecret if kwallet is not available
ckamm Jun 14, 2018
b87c197
Backends: Adjust test order and fallbacks
ckamm Jun 25, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 61 additions & 11 deletions keychain_unix.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,32 +76,82 @@ static DesktopEnvironment detectDesktopEnvironment() {
return DesktopEnv_Other;
}

static bool isKwallet5Available()
{
if (!QDBusConnection::sessionBus().isConnected())
return false;

org::kde::KWallet iface(
QLatin1String("org.kde.kwalletd5"),
QLatin1String("/modules/kwalletd5"),
QDBusConnection::sessionBus());

// At this point iface.isValid() can return false even though the
// interface is activatable by making a call. Hence we check whether
// a wallet can be opened.

iface.setTimeout(500);
QDBusMessage reply = iface.call(QStringLiteral("networkWallet"));
return reply.type() == QDBusMessage::ReplyMessage;
}

static KeyringBackend detectKeyringBackend()
{
/* Libsecret unifies access to KDE and GNOME
* password services. */
if (LibSecretKeyring::isAvailable()) {
return Backend_LibSecretKeyring;
}
/* The secret service dbus api, accessible through libsecret, is supposed
* to unify password services.
*
* Unfortunately at the time of Kubuntu 18.04 the secret service backend
* in KDE is gnome-keyring-daemon - using it has several complications:
* - the default collection isn't opened on session start, so users need
* to manually unlock it when the first application uses it
* - it's separate from the kwallet5 keyring, so switching to it means the
* existing keyring data can't be accessed anymore
*
* Thus we still prefer kwallet backends on KDE even if libsecret is
* available.
*/

switch (detectDesktopEnvironment()) {
case DesktopEnv_Kde4:
return Backend_Kwallet4;
break;

case DesktopEnv_Plasma5:
if (isKwallet5Available()) {
return Backend_Kwallet5;
}
if (LibSecretKeyring::isAvailable()) {
return Backend_LibSecretKeyring;
}
if (GnomeKeyring::isAvailable()) {
return Backend_GnomeKeyring;
}
// During startup the keychain backend might just not have started yet
return Backend_Kwallet5;
break;
// fall through

case DesktopEnv_Gnome:
case DesktopEnv_Unity:
case DesktopEnv_Xfce:
case DesktopEnv_Other:
default:
if ( GnomeKeyring::isAvailable() ) {
if (LibSecretKeyring::isAvailable()) {
return Backend_LibSecretKeyring;
}
if (GnomeKeyring::isAvailable()) {
return Backend_GnomeKeyring;
} else {
return Backend_Kwallet4;
}
if (isKwallet5Available()) {
return Backend_Kwallet5;
}
// During startup the keychain backend might just not have started yet
//
// This doesn't need to be libsecret because LibSecretKeyring::isAvailable()
// only fails if the libsecret shared library couldn't be loaded. In contrast
// to that GnomeKeyring::isAvailable() can return false if the shared library
// *was* loaded but its libgnome_keyring::is_available() returned false.
//
// In the future there should be a difference between "API available" and
// "keychain available".
return Backend_GnomeKeyring;
}

}
Expand Down