diff options
author | Kali Kaneko <kali@leap.se> | 2014-04-09 16:24:12 -0500 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2014-04-09 16:24:12 -0500 |
commit | cf9fb29fd1098f694974ee60e5673f22e286d859 (patch) | |
tree | 5cdc4210b8c944ee4f2669fd8096998d507beda3 /src/leap/bitmask/util/keyring_helpers.py | |
parent | f0232265a2725d8129b472479dd380b9ec3ca6b2 (diff) | |
parent | 81715dc47d77934c4f67d2527a56c28f58f0345d (diff) |
Merge tag '0.5.0' into deb-0.5.0
Tag leap.bitmask version 0.5.0
Conflicts:
pkg/requirements.pip
Diffstat (limited to 'src/leap/bitmask/util/keyring_helpers.py')
-rw-r--r-- | src/leap/bitmask/util/keyring_helpers.py | 65 |
1 files changed, 51 insertions, 14 deletions
diff --git a/src/leap/bitmask/util/keyring_helpers.py b/src/leap/bitmask/util/keyring_helpers.py index 4b3eb57f..ee2d7a1c 100644 --- a/src/leap/bitmask/util/keyring_helpers.py +++ b/src/leap/bitmask/util/keyring_helpers.py @@ -19,30 +19,67 @@ Keyring helpers. """ import logging -import keyring +try: + import keyring + from keyring.backends.file import EncryptedKeyring, PlaintextKeyring + OBSOLETE_KEYRINGS = [ + EncryptedKeyring, + PlaintextKeyring + ] + canuse = lambda kr: (kr is not None + and kr.__class__ not in OBSOLETE_KEYRINGS) + +except Exception: + # Problems when importing keyring! It might be a problem binding to the + # dbus socket, or stuff like that. + keyring = None -from keyring.backends.file import EncryptedKeyring, PlaintextKeyring logger = logging.getLogger(__name__) -OBSOLETE_KEYRINGS = [ - EncryptedKeyring, - PlaintextKeyring -] +def _get_keyring_with_fallback(): + """ + Get the default keyring, and if obsolete try to pick SecretService keyring + if available. + + This is a workaround for the cases in which the keyring module chooses + an insecure keyring by default (ie, inside a virtualenv). + """ + if not keyring: + return None + kr = keyring.get_keyring() + if not canuse(kr): + try: + kr_klass = keyring.backends.SecretService + kr = kr_klass.Keyring() + except AttributeError: + logger.warning("Keyring cannot find SecretService Backend") + logger.debug("Selected keyring: %s" % (kr.__class__,)) + if not canuse(kr): + logger.debug("Not using default keyring since it is obsolete") + return kr def has_keyring(): """ - Returns whether we have an useful keyring to use. + Return whether we have an useful keyring to use. :rtype: bool """ - kr = keyring.get_keyring() - klass = kr.__class__ - logger.debug("Selected keyring: %s" % (klass,)) + if not keyring: + return False + kr = _get_keyring_with_fallback() + return canuse(kr) + - canuse = kr is not None and klass not in OBSOLETE_KEYRINGS - if not canuse: - logger.debug("Not using this keyring since it is obsolete") - return canuse +def get_keyring(): + """ + Return an usable keyring. + + :rtype: keyringBackend or None + """ + if not keyring: + return False + kr = _get_keyring_with_fallback() + return kr if canuse(kr) else None |