From f7f2744e6d110d8598dd72a7d06475e74cd59b1d Mon Sep 17 00:00:00 2001 From: Nassim 'Nass' Eddequiouaq Date: Wed, 8 Mar 2017 17:08:43 +0100 Subject: [PATCH] Add a Docker Credentials label support for linux Signed-off-by: Nassim 'Nass' Eddequiouaq --- secretservice/secretservice_linux.c | 13 ++++++++----- secretservice/secretservice_linux.go | 13 +++++++++---- secretservice/secretservice_linux.h | 4 ++-- secretservice/secretservice_linux_test.go | 5 +++-- 4 files changed, 22 insertions(+), 13 deletions(-) diff --git a/secretservice/secretservice_linux.c b/secretservice/secretservice_linux.c index ab23a5e..17e67bc 100644 --- a/secretservice/secretservice_linux.c +++ b/secretservice/secretservice_linux.c @@ -7,6 +7,7 @@ const SecretSchema *docker_get_schema(void) static const SecretSchema docker_schema = { "io.docker.Credentials", SECRET_SCHEMA_NONE, { + { "label", SECRET_SCHEMA_ATTRIBUTE_STRING }, { "server", SECRET_SCHEMA_ATTRIBUTE_STRING }, { "username", SECRET_SCHEMA_ATTRIBUTE_STRING }, { "docker_cli", SECRET_SCHEMA_ATTRIBUTE_STRING }, @@ -16,11 +17,12 @@ const SecretSchema *docker_get_schema(void) return &docker_schema; } -GError *add(char *server, char *username, char *secret) { +GError *add(char *label, char *server, char *username, char *secret) { GError *err = NULL; secret_password_store_sync (DOCKER_SCHEMA, SECRET_COLLECTION_DEFAULT, server, secret, NULL, &err, + "label", label, "server", server, "username", username, "docker_cli", "1", @@ -98,14 +100,15 @@ GError *get(char *server, char **username, char **secret) { return NULL; } -GError *list(char *** paths, char *** accts, unsigned int *list_l) { +GError *list(char *label, char *** paths, char *** accts, unsigned int *list_l) { GList *items; GError *err = NULL; SecretService *service; SecretSearchFlags flags = SECRET_SEARCH_LOAD_SECRETS | SECRET_SEARCH_ALL | SECRET_SEARCH_UNLOCK; - GHashTable *attributes; - g_hash_table_new_full(g_str_hash, g_str_equal, g_free, g_free); - attributes = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, g_free); + GHashTable *attributes = secret_attributes_build(NULL, + "label", label, + NULL); + service = secret_service_get_sync(SECRET_SERVICE_NONE, NULL, &err); items = secret_service_search_sync(service, NULL, attributes, flags, NULL, &err); int numKeys = g_list_length(items); diff --git a/secretservice/secretservice_linux.go b/secretservice/secretservice_linux.go index f3264ce..26760bf 100644 --- a/secretservice/secretservice_linux.go +++ b/secretservice/secretservice_linux.go @@ -22,6 +22,8 @@ func (h Secretservice) Add(creds *credentials.Credentials) error { if creds == nil { return errors.New("missing credentials") } + credsLabel := C.CString(creds.Label) + defer C.free(unsafe.Pointer(credsLabel)) server := C.CString(creds.ServerURL) defer C.free(unsafe.Pointer(server)) username := C.CString(creds.Username) @@ -29,7 +31,7 @@ func (h Secretservice) Add(creds *credentials.Credentials) error { secret := C.CString(creds.Secret) defer C.free(unsafe.Pointer(secret)) - if err := C.add(server, username, secret); err != nil { + if err := C.add(credsLabel, server, username, secret); err != nil { defer C.g_error_free(err) errMsg := (*C.char)(unsafe.Pointer(err.message)) return errors.New(C.GoString(errMsg)) @@ -79,14 +81,17 @@ func (h Secretservice) Get(serverURL string) (string, string, error) { return user, pass, nil } -// List returns the stored URLs and corresponding usernames. -func (h Secretservice) List() (map[string]string, error) { +// List returns the stored URLs and corresponding usernames for a given credentials label +func (h Secretservice) List(credsLabel string) (map[string]string, error) { + credsLabelC := C.CString(credsLabel) + defer C.free(unsafe.Pointer(credsLabelC)) + var pathsC **C.char defer C.free(unsafe.Pointer(pathsC)) var acctsC **C.char defer C.free(unsafe.Pointer(acctsC)) var listLenC C.uint - err := C.list(&pathsC, &acctsC, &listLenC) + err := C.list(credsLabelC, &pathsC, &acctsC, &listLenC) if err != nil { defer C.free(unsafe.Pointer(err)) return nil, errors.New("Error from list function in secretservice_linux.c likely due to error in secretservice library") diff --git a/secretservice/secretservice_linux.h b/secretservice/secretservice_linux.h index 319cdc0..a28179d 100644 --- a/secretservice/secretservice_linux.h +++ b/secretservice/secretservice_linux.h @@ -6,8 +6,8 @@ const SecretSchema *docker_get_schema(void) G_GNUC_CONST; #define DOCKER_SCHEMA docker_get_schema() -GError *add(char *server, char *username, char *secret); +GError *add(char *label, char *server, char *username, char *secret); GError *delete(char *server); GError *get(char *server, char **username, char **secret); -GError *list(char *** paths, char *** accts, unsigned int *list_l); +GError *list(char *label, char *** paths, char *** accts, unsigned int *list_l); void freeListData(char *** data, unsigned int length); diff --git a/secretservice/secretservice_linux_test.go b/secretservice/secretservice_linux_test.go index bd0caf3..daa11b1 100644 --- a/secretservice/secretservice_linux_test.go +++ b/secretservice/secretservice_linux_test.go @@ -13,6 +13,7 @@ func TestSecretServiceHelper(t *testing.T) { ServerURL: "https://foobar.docker.io:2376/v1", Username: "foobar", Secret: "foobarbaz", + Label: credentials.CredsLabel, } helper := Secretservice{} @@ -36,12 +37,12 @@ func TestSecretServiceHelper(t *testing.T) { if err := helper.Delete(creds.ServerURL); err != nil { t.Fatal(err) } - auths, err := helper.List() + auths, err := helper.List(credentials.CredsLabel) if err != nil || len(auths) == 0 { t.Fatal(err) } helper.Add(creds) - if newauths, err := helper.List(); (len(newauths) - len(auths)) != 1 { + if newauths, err := helper.List(credentials.CredsLabel); (len(newauths) - len(auths)) != 1 { t.Fatal(err) } }