From e8b79003ad3bcfbf85e21f8c74d8e6010cd597f9 Mon Sep 17 00:00:00 2001 From: Paul Annesley Date: Tue, 11 Feb 2020 15:14:41 +1100 Subject: [PATCH 1/2] cmd/keyring: minor help text copy/paste fix --- cmd/keyring/main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/keyring/main.go b/cmd/keyring/main.go index c34d3cc..25f3c04 100644 --- a/cmd/keyring/main.go +++ b/cmd/keyring/main.go @@ -17,7 +17,7 @@ func main() { listBackends := flag.Bool("list-backends", false, "Whether to list backends") // actions to take - actionListKeys := flag.Bool("list-keys", false, "Whether to list backends") + actionListKeys := flag.Bool("list-keys", false, "Whether to list keys") actionSetValue := flag.String("set", "", "The value to set") // keychain From f3045facf8d05029da98a12933354399facdc4df Mon Sep 17 00:00:00 2001 From: Paul Annesley Date: Tue, 11 Feb 2020 15:15:11 +1100 Subject: [PATCH 2/2] libsecret: Keys() unlocks collection first Otherwise it will return empty strings if the collection is locked. --- libsecret.go | 41 +++++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 18 deletions(-) diff --git a/libsecret.go b/libsecret.go index a617b16..ca4913d 100644 --- a/libsecret.go +++ b/libsecret.go @@ -171,25 +171,17 @@ func (k *secretsKeyring) Set(item Item) error { k.collection = collection } - // create the new item - data, err := json.Marshal(item) - if err != nil { + if err := k.ensureCollectionUnlocked(); err != nil { return err } - secret := libsecret.NewSecret(k.session, []byte{}, data, "application/json") - - // unlock the collection first - locked, err := k.collection.Locked() + // create the new item + data, err := json.Marshal(item) if err != nil { return err } - if locked { - if err := k.service.Unlock(k.collection); err != nil { - return err - } - } + secret := libsecret.NewSecret(k.session, []byte{}, data, "application/json") if _, err := k.collection.CreateItem(item.Key, secret, true); err != nil { return err @@ -243,23 +235,24 @@ func (k *secretsKeyring) Keys() ([]string, error) { if err == errCollectionNotFound { return []string{}, nil } - return []string{}, err + return nil, err + } + if err := k.ensureCollectionUnlocked(); err != nil { + return nil, err } - items, err := k.collection.Items() if err != nil { - return []string{}, err + return nil, err } - keys := []string{} - for _, item := range items { label, err := item.Label() if err == nil { keys = append(keys, label) + } else { + // err is being silently ignored here, not sure if that's good or bad } } - return keys, nil } @@ -270,3 +263,15 @@ func (k *secretsKeyring) deleteCollection() error { } return k.collection.Delete() } + +// unlock the collection if it's locked +func (k *secretsKeyring) ensureCollectionUnlocked() error { + locked, err := k.collection.Locked() + if err != nil { + return err + } + if !locked { + return nil + } + return k.service.Unlock(k.collection) +}