diff options
author | Tomás Touceda <chiiph@leap.se> | 2014-04-04 16:58:18 -0300 |
---|---|---|
committer | Tomás Touceda <chiiph@leap.se> | 2014-04-04 16:58:18 -0300 |
commit | 81715dc47d77934c4f67d2527a56c28f58f0345d (patch) | |
tree | 6e66940af735e089803c5ce05ad1ce1df16c9d1e /src/leap/bitmask/util/keyring_helpers.py | |
parent | 496036f15cf257d16b6594770812da64a249280c (diff) | |
parent | eb4cdab9c6b8ff66bb4667cc6195d2c366122540 (diff) |
Merge branch 'release-0.5.0'
Diffstat (limited to 'src/leap/bitmask/util/keyring_helpers.py')
-rw-r--r-- | src/leap/bitmask/util/keyring_helpers.py | 65 |
1 files changed, 51 insertions, 14 deletions
diff --git a/src/leap/bitmask/util/keyring_helpers.py b/src/leap/bitmask/util/keyring_helpers.py index 4b3eb57f..ee2d7a1c 100644 --- a/src/leap/bitmask/util/keyring_helpers.py +++ b/src/leap/bitmask/util/keyring_helpers.py @@ -19,30 +19,67 @@ Keyring helpers. """ import logging -import keyring +try: + import keyring + from keyring.backends.file import EncryptedKeyring, PlaintextKeyring + OBSOLETE_KEYRINGS = [ + EncryptedKeyring, + PlaintextKeyring + ] + canuse = lambda kr: (kr is not None + and kr.__class__ not in OBSOLETE_KEYRINGS) + +except Exception: + # Problems when importing keyring! It might be a problem binding to the + # dbus socket, or stuff like that. + keyring = None -from keyring.backends.file import EncryptedKeyring, PlaintextKeyring logger = logging.getLogger(__name__) -OBSOLETE_KEYRINGS = [ - EncryptedKeyring, - PlaintextKeyring -] +def _get_keyring_with_fallback(): + """ + Get the default keyring, and if obsolete try to pick SecretService keyring + if available. + + This is a workaround for the cases in which the keyring module chooses + an insecure keyring by default (ie, inside a virtualenv). + """ + if not keyring: + return None + kr = keyring.get_keyring() + if not canuse(kr): + try: + kr_klass = keyring.backends.SecretService + kr = kr_klass.Keyring() + except AttributeError: + logger.warning("Keyring cannot find SecretService Backend") + logger.debug("Selected keyring: %s" % (kr.__class__,)) + if not canuse(kr): + logger.debug("Not using default keyring since it is obsolete") + return kr def has_keyring(): """ - Returns whether we have an useful keyring to use. + Return whether we have an useful keyring to use. :rtype: bool """ - kr = keyring.get_keyring() - klass = kr.__class__ - logger.debug("Selected keyring: %s" % (klass,)) + if not keyring: + return False + kr = _get_keyring_with_fallback() + return canuse(kr) + - canuse = kr is not None and klass not in OBSOLETE_KEYRINGS - if not canuse: - logger.debug("Not using this keyring since it is obsolete") - return canuse +def get_keyring(): + """ + Return an usable keyring. + + :rtype: keyringBackend or None + """ + if not keyring: + return False + kr = _get_keyring_with_fallback() + return kr if canuse(kr) else None |