diff options
Diffstat (limited to 'libsettings')
| -rw-r--r-- | libsettings/CMakeLists.txt | 11 | ||||
| -rw-r--r-- | libsettings/include/keyring.h | 92 | ||||
| -rw-r--r-- | libsettings/src/basicsettingsobject.cpp | 5 | ||||
| -rw-r--r-- | libsettings/src/inisettingsobject.cpp | 5 | ||||
| -rw-r--r-- | libsettings/src/keyring.cpp | 63 | ||||
| -rw-r--r-- | libsettings/src/setting.cpp | 9 | ||||
| -rw-r--r-- | libsettings/src/stubkeyring.cpp | 104 | ||||
| -rw-r--r-- | libsettings/src/stubkeyring.h | 41 |
8 files changed, 326 insertions, 4 deletions
diff --git a/libsettings/CMakeLists.txt b/libsettings/CMakeLists.txt index 9ae48354..e5aae0b7 100644 --- a/libsettings/CMakeLists.txt +++ b/libsettings/CMakeLists.txt @@ -18,6 +18,12 @@ include/overridesetting.h include/basicsettingsobject.h include/inisettingsobject.h + +include/keyring.h +) + +SET(LIBSETTINGS_HEADERS_PRIVATE +src/stubkeyring.h ) SET(LIBSETTINGS_SOURCES @@ -29,6 +35,9 @@ src/overridesetting.cpp src/basicsettingsobject.cpp src/inisettingsobject.cpp + +src/keyring.cpp +src/stubkeyring.cpp ) # Set the include dir path. @@ -37,6 +46,6 @@ include_directories(${LIBSETTINGS_INCLUDE_DIR}) add_definitions(-DLIBSETTINGS_LIBRARY) -add_library(libSettings SHARED ${LIBSETTINGS_SOURCES} ${LIBSETTINGS_HEADERS}) +add_library(libSettings SHARED ${LIBSETTINGS_SOURCES} ${LIBSETTINGS_HEADERS} ${LIBSETTINGS_HEADERS_PRIVATE}) qt5_use_modules(libSettings Core) target_link_libraries(libSettings) diff --git a/libsettings/include/keyring.h b/libsettings/include/keyring.h new file mode 100644 index 00000000..299b14b0 --- /dev/null +++ b/libsettings/include/keyring.h @@ -0,0 +1,92 @@ +/* Copyright 2013 MultiMC Contributors + * + * Authors: Orochimarufan <orochimarufan.x3@gmail.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef KEYRING_H +#define KEYRING_H + +#include <QString> + +#include "libsettings_config.h" + +/** + * @file libsettings/include/keyring.h + * Access to System Keyrings + */ + +/** + * @brief The Keyring class + * the System Keyring/Keychain/Wallet/Vault/etc + */ +class LIBSETTINGS_EXPORT Keyring +{ +public: + /** + * @brief the System Keyring instance + * @return the Keyring instance + */ + static Keyring *instance(); + + /** + * @brief store a password in the Keyring + * @param service the service name + * @param username the account name + * @param password the password to store + * @return success + */ + virtual bool storePassword(QString service, QString username, QString password) = 0; + + /** + * @brief get a password from the Keyring + * @param service the service name + * @param username the account name + * @return the password (success=!isNull()) + */ + virtual QString getPassword(QString service, QString username) = 0; + + /** + * @brief lookup a password + * @param service the service name + * @param username the account name + * @return wether the password is available + */ + virtual bool hasPassword(QString service, QString username) = 0; + + /** + * @brief get a list of all stored accounts. + * @param service the service name + * @return + */ + virtual QStringList getStoredAccounts(QString service) = 0; + + /** + * @brief Remove the specified account from storage + * @param service the service name + * @param username the account name + * @return + */ + virtual void removeStoredAccount(QString service, QString username) = 0; + +protected: + /// fall back to StubKeyring if false + virtual bool isValid() { return false; } + +private: + static Keyring *m_instance; + static void destroy(); +}; + +#endif // KEYRING_H diff --git a/libsettings/src/basicsettingsobject.cpp b/libsettings/src/basicsettingsobject.cpp index 66a2c2c8..484928c8 100644 --- a/libsettings/src/basicsettingsobject.cpp +++ b/libsettings/src/basicsettingsobject.cpp @@ -26,7 +26,10 @@ void BasicSettingsObject::changeSetting(const Setting &setting, QVariant value) { if (contains(setting.id())) { - config.setValue(setting.configKey(), value); + if(value.isValid()) + config.setValue(setting.configKey(), value); + else + config.remove(setting.configKey()); } } diff --git a/libsettings/src/inisettingsobject.cpp b/libsettings/src/inisettingsobject.cpp index 75228865..8c4cc89d 100644 --- a/libsettings/src/inisettingsobject.cpp +++ b/libsettings/src/inisettingsobject.cpp @@ -32,7 +32,10 @@ void INISettingsObject::changeSetting(const Setting &setting, QVariant value) { if (contains(setting.id())) { - m_ini.set(setting.configKey(), value); + if(value.isValid()) + m_ini.set(setting.configKey(), value); + else + m_ini.remove(setting.configKey()); } } diff --git a/libsettings/src/keyring.cpp b/libsettings/src/keyring.cpp new file mode 100644 index 00000000..9eaba684 --- /dev/null +++ b/libsettings/src/keyring.cpp @@ -0,0 +1,63 @@ +/* Copyright 2013 MultiMC Contributors + * + * Authors: Orochimarufan <orochimarufan.x3@gmail.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "include/keyring.h" + +#include "osutils.h" + +#include "stubkeyring.h" + +// system specific keyrings +/*#if defined(OSX) +class OSXKeychain; +#define KEYRING OSXKeychain +#elif defined(LINUX) +class XDGKeyring; +#define KEYRING XDGKeyring +#elif defined(WINDOWS) +class Win32Keystore; +#define KEYRING Win32Keystore +#else +#pragma message Keyrings are not supported on your os. Falling back to the insecure StubKeyring +#endif*/ + +Keyring *Keyring::instance() +{ + if (m_instance == nullptr) + { +#ifdef KEYRING + m_instance = new KEYRING(); + if (!m_instance->isValid()) + { + qWarning("Could not create SystemKeyring! falling back to StubKeyring."); + m_instance = new StubKeyring(); + } +#else + qWarning("Keyrings are not supported on your OS. Fallback StubKeyring is insecure!"); + m_instance = new StubKeyring(); +#endif + atexit(Keyring::destroy); + } + return m_instance; +} + +void Keyring::destroy() +{ + delete m_instance; +} + +Keyring *Keyring::m_instance; diff --git a/libsettings/src/setting.cpp b/libsettings/src/setting.cpp index a224ad39..1a4f9e13 100644 --- a/libsettings/src/setting.cpp +++ b/libsettings/src/setting.cpp @@ -26,9 +26,16 @@ QVariant Setting::get() const { SettingsObject *sbase = qobject_cast<SettingsObject *>(parent()); if (!sbase) + { return defValue(); + } else - return sbase->retrieveValue(*this); + { + QVariant test = sbase->retrieveValue(*this); + if(!test.isValid()) + return defValue(); + return test; + } } QVariant Setting::defValue() const diff --git a/libsettings/src/stubkeyring.cpp b/libsettings/src/stubkeyring.cpp new file mode 100644 index 00000000..cf814d2f --- /dev/null +++ b/libsettings/src/stubkeyring.cpp @@ -0,0 +1,104 @@ +/* Copyright 2013 MultiMC Contributors + * + * Authors: Orochimarufan <orochimarufan.x3@gmail.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "stubkeyring.h" + +#include <QStringList> + +// Scrambling +// this is NOT SAFE, but it's not plain either. +int scrambler = 0x9586309; + +QString scramble(QString in_) +{ + QByteArray in = in_.toUtf8(); + QByteArray out; + for (int i = 0; i<in.length(); i++) + out.append(in.at(i) ^ scrambler); + return QString::fromUtf8(out); +} + +inline QString base64(QString in) +{ + return QString(in.toUtf8().toBase64()); +} +inline QString unbase64(QString in) +{ + return QString::fromUtf8(QByteArray::fromBase64(in.toLatin1())); +} + +inline QString scramble64(QString in) +{ + return base64(scramble(in)); +} +inline QString unscramble64(QString in) +{ + return scramble(unbase64(in)); +} + +// StubKeyring implementation +inline QString generateKey(QString service, QString username) +{ + return QString("%1/%2").arg(base64(service)).arg(scramble64(username)); +} + +bool StubKeyring::storePassword(QString service, QString username, QString password) +{ + m_settings.setValue(generateKey(service, username), scramble64(password)); + return true; +} + +QString StubKeyring::getPassword(QString service, QString username) +{ + QString key = generateKey(service, username); + if (!m_settings.contains(key)) + return QString(); + return unscramble64(m_settings.value(key).toString()); +} + +bool StubKeyring::hasPassword(QString service, QString username) +{ + return m_settings.contains(generateKey(service, username)); +} + +QStringList StubKeyring::getStoredAccounts(QString service) +{ + service = base64(service).append('/'); + QStringList out; + QStringList in(m_settings.allKeys()); + QStringListIterator it(in); + while(it.hasNext()) + { + QString c = it.next(); + if (c.startsWith(service)) + out << unscramble64(c.mid(service.length())); + } + return out; +} + +void StubKeyring::removeStoredAccount ( QString service, QString username ) +{ + QString key = generateKey(service, username); + m_settings.remove(key); +} + +//FIXME: this needs tweaking/changes for user account level storage +StubKeyring::StubKeyring() : +// m_settings(QSettings::UserScope, "Orochimarufan", "Keyring") + m_settings("keyring.cfg", QSettings::IniFormat) +{ +} diff --git a/libsettings/src/stubkeyring.h b/libsettings/src/stubkeyring.h new file mode 100644 index 00000000..45791c85 --- /dev/null +++ b/libsettings/src/stubkeyring.h @@ -0,0 +1,41 @@ +/* Copyright 2013 MultiMC Contributors + * + * Authors: Orochimarufan <orochimarufan.x3@gmail.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef STUBKEYRING_H +#define STUBKEYRING_H + +#include "include/keyring.h" + +#include <QSettings> + +class StubKeyring : public Keyring +{ +public: + virtual bool storePassword(QString service, QString username, QString password); + virtual QString getPassword(QString service, QString username); + virtual bool hasPassword(QString service, QString username); + virtual QStringList getStoredAccounts(QString service); + virtual void removeStoredAccount(QString service, QString username); +private: + friend class Keyring; + explicit StubKeyring(); + virtual bool isValid() { return true; } + + QSettings m_settings; +}; + +#endif // STUBKEYRING_H |