2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2016 The Claws Mail Team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "claws-features.h"
25 #ifdef PASSWORD_CRYPTO_GNUTLS
26 # include <gnutls/gnutls.h>
27 # include <gnutls/crypto.h>
31 #include <glib/gi18n.h>
33 #include "common/defs.h"
34 #include "common/utils.h"
35 #include "passwordstore.h"
37 #include "prefs_gtk.h"
39 static GSList *_password_store;
41 /* Finds password block of given type and name in the pwdstore. */
42 static PasswordBlock *_get_block(PasswordBlockType block_type,
43 const gchar *block_name)
48 g_return_val_if_fail(block_type >= 0 && block_type < NUM_PWS_TYPES,
50 g_return_val_if_fail(block_name != NULL, NULL);
52 for (item = _password_store; item != NULL; item = item->next) {
53 block = (PasswordBlock *)item->data;
54 if (block->block_type == block_type &&
55 !strcmp(block->block_name, block_name))
62 static gboolean _hash_equal_func(gconstpointer a, gconstpointer b)
64 if (g_strcmp0((const gchar *)a, (const gchar *)b) == 0)
69 /* Creates a new, empty block and adds it to the pwdstore. */
70 static PasswordBlock *_new_block(PasswordBlockType block_type,
71 const gchar *block_name)
75 g_return_val_if_fail(block_type >= 0 && block_type < NUM_PWS_TYPES,
77 g_return_val_if_fail(block_name != NULL, NULL);
79 /* First check to see if the block doesn't already exist. */
80 if (_get_block(block_type, block_name)) {
81 debug_print("Block (%d/%s) already exists.\n",
82 block_type, block_name);
86 /* Let's create an empty block, and add it to pwdstore. */
87 block = g_new0(PasswordBlock, 1);
88 block->block_type = block_type;
89 block->block_name = g_strdup(block_name);
90 block->entries = g_hash_table_new_full(g_str_hash,
91 (GEqualFunc)_hash_equal_func,
93 debug_print("Created password block (%d/%s)\n",
94 block_type, block_name);
96 _password_store = g_slist_append(_password_store, block);
101 ///////////////////////////////////////////////////////////////
103 /* Stores a password. */
104 gboolean passwd_store_set(PasswordBlockType block_type,
105 const gchar *block_name,
106 const gchar *password_id,
107 const gchar *password,
110 PasswordBlock *block;
111 gchar *encrypted_password;
113 g_return_val_if_fail(block_type >= 0 && block_type < NUM_PWS_TYPES,
115 g_return_val_if_fail(block_name != NULL, FALSE);
116 g_return_val_if_fail(password_id != NULL, FALSE);
118 debug_print("%s password '%s' in block (%d/%s)%s\n",
119 (password == NULL ? "Deleting" : "Storing"),
120 password_id, block_type, block_name,
121 (encrypted ? ", already encrypted" : "") );
123 // find correct block (create if needed)
124 if ((block = _get_block(block_type, block_name)) == NULL &&
125 (block = _new_block(block_type, block_name)) == NULL) {
126 debug_print("Could not create password block (%d/%s)\n",
127 block_type, block_name);
131 if (password == NULL) {
132 /* NULL password was passed to us, so delete the entry with
133 * corresponding id */
134 g_hash_table_remove(block->entries, password_id);
137 /* encrypt password before saving it */
138 if ((encrypted_password =
139 password_encrypt(password, NULL)) == NULL) {
140 debug_print("Could not encrypt password '%s' for block (%d/%s).\n",
141 password_id, block_type, block_name);
145 /* password is already in encrypted form already */
146 encrypted_password = g_strdup(password);
149 // add encrypted password to the block
150 g_hash_table_insert(block->entries,
151 g_strdup(password_id),
158 /* Retrieves a password. */
159 gchar *passwd_store_get(PasswordBlockType block_type,
160 const gchar *block_name,
161 const gchar *password_id)
163 PasswordBlock *block;
164 gchar *encrypted_password, *password;
166 g_return_val_if_fail(block_type >= 0 && block_type < NUM_PWS_TYPES,
168 g_return_val_if_fail(block_name != NULL, NULL);
169 g_return_val_if_fail(password_id != NULL, NULL);
171 debug_print("Getting password '%s' from block (%d/%s)\n",
172 password_id, block_type, block_name);
174 // find correct block
175 if ((block = _get_block(block_type, block_name)) == NULL) {
176 debug_print("Block (%d/%s) not found.\n", block_type, block_name);
180 // grab pointer to encrypted password
181 if ((encrypted_password =
182 g_hash_table_lookup(block->entries, password_id)) == NULL) {
183 debug_print("Password '%s' in block (%d/%s) not found.\n",
184 password_id, block_type, block_name);
190 password_decrypt(encrypted_password, NULL)) == NULL) {
191 debug_print("Could not decrypt password '%s' for block (%d/%s).\n",
192 password_id, block_type, block_name);
196 // return decrypted password
200 /* Reencrypts all stored passwords. */
201 void passwd_store_reencrypt_all(const gchar *old_mpwd,
202 const gchar *new_mpwd)
204 PasswordBlock *block;
207 gchar *encrypted_password, *decrypted_password, *key;
209 g_return_if_fail(old_mpwd != NULL);
210 g_return_if_fail(new_mpwd != NULL);
212 for (item = _password_store; item != NULL; item = item->next) {
213 block = (PasswordBlock *)item->data;
215 continue; /* Just in case. */
217 debug_print("Reencrypting passwords in block (%d/%s).\n",
218 block->block_type, block->block_name);
220 if (g_hash_table_size(block->entries) == 0)
223 keys = g_hash_table_get_keys(block->entries);
224 for (eitem = keys; eitem != NULL; eitem = eitem->next) {
225 key = (gchar *)eitem->data;
226 if ((encrypted_password =
227 g_hash_table_lookup(block->entries, key)) == NULL)
230 if ((decrypted_password =
231 password_decrypt(encrypted_password, old_mpwd)) == NULL) {
232 debug_print("Reencrypt: couldn't decrypt password for '%s'.\n", key);
236 encrypted_password = password_encrypt(decrypted_password, new_mpwd);
237 memset(decrypted_password, 0, strlen(decrypted_password));
238 g_free(decrypted_password);
239 if (encrypted_password == NULL) {
240 debug_print("Reencrypt: couldn't encrypt password for '%s'.\n", key);
244 g_hash_table_insert(block->entries, g_strdup(key), encrypted_password);
250 debug_print("Reencrypting done.\n");
253 static gint _write_to_file(FILE *fp)
255 PasswordBlock *block;
258 gchar *typestr, *line, *key, *pwd;
260 for (item = _password_store; item != NULL; item = item->next) {
261 block = (PasswordBlock*)item->data;
263 continue; /* Just in case. */
265 /* Do not save empty blocks. */
266 if (g_hash_table_size(block->entries) == 0)
269 /* Prepare the section header string and write it out. */
271 if (block->block_type == PWS_CORE) {
273 } else if (block->block_type == PWS_ACCOUNT) {
275 } else if (block->block_type == PWS_PLUGIN) {
278 line = g_strdup_printf("[%s:%s]\n", typestr, block->block_name);
280 if (fputs(line, fp) == EOF) {
281 FILE_OP_ERROR("password store", "fputs");
287 /* Now go through all passwords in the block and write each out. */
288 keys = g_hash_table_get_keys(block->entries);
289 for (eitem = keys; eitem != NULL; eitem = eitem->next) {
290 key = (gchar *)eitem->data;
291 if ((pwd = g_hash_table_lookup(block->entries, key)) == NULL)
294 line = g_strdup_printf("%s %s\n", key, pwd);
295 if (fputs(line, fp) == EOF) {
296 FILE_OP_ERROR("password store", "fputs");
304 if (item->next != NULL && fputs("\n", fp) == EOF) {
305 FILE_OP_ERROR("password store", "fputs");
314 void passwd_store_write_config(void)
319 debug_print("Writing password store...\n");
321 rcpath = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
322 PASSWORD_STORE_RC, NULL);
324 if ((pfile = prefs_write_open(rcpath)) == NULL) {
325 g_warning("failed to open password store file for writing");
332 if (_write_to_file(pfile->fp) < 0) {
333 g_warning("failed to write password store to file");
334 prefs_file_close_revert(pfile);
335 } else if (prefs_file_close(pfile) < 0) {
336 g_warning("failed to properly close password store file after writing");
340 void passwd_store_read_config(void)
342 gchar *rcpath, *contents, **lines, **line, *typestr, *name;
343 GError *error = NULL;
345 PasswordBlock *block = NULL;
346 PasswordBlockType type;
348 // TODO: passwd_store_clear();
350 debug_print("Reading password store from file...\n");
352 rcpath = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
353 PASSWORD_STORE_RC, NULL);
355 if (!g_file_get_contents(rcpath, &contents, NULL, &error)) {
356 g_warning("couldn't read password store from file: %s\n", error->message);
363 lines = g_strsplit(contents, "\n", -1);
365 while (lines[i] != NULL) {
366 if (*lines[i] == '[') {
367 /* Beginning of a new block */
368 line = g_strsplit_set(lines[i], "[:]", -1);
369 if (line[0] != NULL && strlen(line[0]) == 0
370 && line[1] != NULL && strlen(line[1]) > 0
371 && line[2] != NULL && strlen(line[2]) > 0
372 && line[3] != NULL && strlen(line[3]) == 0) {
375 if (!strcmp(typestr, "core")) {
377 } else if (!strcmp(typestr, "account")) {
379 } else if (!strcmp(typestr, "plugin")) {
382 debug_print("Uknown password block type: '%s'\n", typestr);
387 if ((block = _new_block(type, name)) == NULL) {
388 debug_print("Duplicate password block, ignoring: (%d/%s)\n",
395 } else if (strlen(lines[i]) > 0 && block != NULL) {
396 /* If we have started a password block, test for a
397 * "password_id = password" line. */
398 line = g_strsplit(lines[i], " ", -1);
399 if (line[0] != NULL && strlen(line[0]) > 0
400 && line[1] != NULL && strlen(line[1]) > 0
401 && line[2] == NULL) {
402 debug_print("Adding password '%s'\n", line[0]);
403 g_hash_table_insert(block->entries,
404 g_strdup(line[0]), g_strdup(line[1]));