ProtonMail
/
proton-bridge
mirror of https://github.com/ProtonMail/proton-bridge
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(GODT-2481): Fix DBUS Secert Service 

Fix the path we are checking for was not updated for V3.

Ensure that we only inspect items that start with the correct prefix.
Some implementation (e.g.: KeepassXC) return some values which are not
valid.

Finally, remove unnecessary attributes.
This commit is contained in:
Leander Beernaert 2023-03-16 11:11:29 +01:00
parent b1ad0ab6dc
commit 9425e091d8
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pkg/keychain/helper_dbus_linux.go
View File

@ -20,6 +20,8 @@ package keychain
import ( import (
"strings" "strings"
"github.com/ProtonMail/proton-bridge/v3/internal/constants"
"github.com/bradenaw/juniper/xslices"
"github.com/docker/docker-credential-helpers/credentials" "github.com/docker/docker-credential-helpers/credentials"
"github.com/godbus/dbus" "github.com/godbus/dbus"
"github.com/keybase/go-keychain/secretservice" "github.com/keybase/go-keychain/secretservice"
@ -30,10 +32,13 @@ const (
labelAtt = "label" labelAtt = "label"
usernameAtt = "username" usernameAtt = "username"
defaulDomain = "protonmail/bridge/users/" defaultLabel = "Proton Mail Bridge Credentials"
defaultLabel = "Docker Credentials"
) )
func getDomain() string {
return hostURL(constants.KeyChainName)
}
func getSession() (*secretservice.SecretService, *secretservice.Session, error) { func getSession() (*secretservice.SecretService, *secretservice.Session, error) {
service, err := secretservice.NewService() service, err := secretservice.NewService()
if err != nil { if err != nil {
@ -73,8 +78,9 @@ func getItems(service *secretservice.SecretService, attributes map[string]string
if err != nil { if err != nil {
return nil, err return nil, err
} }
return xslices.Filter(items, func(t dbus.ObjectPath) bool {
return items, err return strings.HasPrefix(string(t), "/org/freedesktop/secrets")
}), err
} }
func unlock(service *secretservice.SecretService) error { func unlock(service *secretservice.SecretService) error {
@ -108,8 +114,6 @@ func (s *SecretServiceDBusHelper) Add(creds *credentials.Credentials) error {
usernameAtt: creds.Username, usernameAtt: creds.Username,
serverAtt: creds.ServerURL, serverAtt: creds.ServerURL,
labelAtt: defaultLabel, labelAtt: defaultLabel,
"xdg:schema": "io.docker.Credentials",
"docker_cli": "1",
} }
return handleTimeout(func() error { return handleTimeout(func() error {
@ -203,13 +207,15 @@ func (s *SecretServiceDBusHelper) List() (map[string]string, error) {
return nil, err return nil, err
} }
defaultDomain := getDomain()
for _, it := range items { for _, it := range items {
attributes, err := service.GetAttributes(it) attributes, err := service.GetAttributes(it)
if err != nil { if err != nil {
return nil, err return nil, err
} }
if !strings.HasPrefix(attributes[serverAtt], defaulDomain) { if !strings.HasPrefix(attributes[serverAtt], defaultDomain) {
continue continue
} }