Context Navigation

Back to Ticket #14189

Ticket #14189: 0001-Support-for-Mac-OS-X-keychain.patch

File 0001-Support-for-Mac-OS-X-keychain.patch, 3.6 KB (added by jaysoffian@…, 16 years ago)

configure.ac

From 5b892d8374e27edfbf9d2902cd7c26d0b54c67bd Mon Sep 17 00:00:00 2001
From: Jay Soffian <jaysoffian@gmail.com>
Date: Tue, 5 Feb 2008 03:36:48 -0500
Subject: [PATCH] Support for Mac OS X keychain

The Mac OS X keychain provides a more secure mechanism for storing passwords
than a plaintext file such as .netrc or .msmtprc. The attached patch allows
msmtp to retrieve its account passwords from the keychain.

To make use of the functionality, an OS X user creates a keychain item with
tje Keychain Access GUI application. The "account name" is simply the value of
the msmtp "user" argument. However, the "keychain item name" is
"smtp://<hostname>" where "<hostname>" matches the msmtp host argument. Using
"smtp://" is needed so that the item is created of kind "Internet password."
For example, selecting "File -> Get Info" on a keychain item that corresponds
to "host smtp.freemail.example" and "user joe.smith" will show:

    Name: smtp.freemail.example
    Kind: Internet password
 Account: joe.smith
   Where: smtp://smtp.freemail.example

Signed-off-by: Jay Soffian <jaysoffian@gmail.com>
---
 configure.ac |   16 ++++++++++++++++
 src/msmtp.c  |   31 +++++++++++++++++++++++++++++--
 2 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index eeaa734..97a202d 100644

  if test "$libidn" != "no"; then
     fi
 fi
+dnl MacOS X Keychain Services (Security Framework)
+AC_CACHE_CHECK([for SecKeychainGetVersion],
+    ac_cv_func_SecKeychainGetVersion,
+    [ac_save_LIBS="$LIBS"
+    LIBS="$LIBS -Wl,-framework -Wl,Security"
+    AC_TRY_LINK([#include <Security/Security.h>],
+        [SecKeychainGetVersion(NULL);],
+        [ac_cv_func_SecKeychainGetVersion=yes],
+        [ac_cv_func_SecKeychainGetVersion=no])
+    LIBS="$ac_save_LIBS"])
+if test $ac_cv_func_SecKeychainGetVersion = yes; then
+    AC_DEFINE([HAVE_KEYCHAIN], 1,
+        [Define to 1 if you have the MacOS X Keychain Services API.])
+    LIBS="$LIBS -Wl,-framework -Wl,Security"
+fi
 dnl Global #defines for all source files
 AH_VERBATIM([UNUSED],
 [/* Let gcc know about unused variables to suppress warnings.

src/msmtp.c

diff --git a/src/msmtp.c b/src/msmtp.c
index fef0f5c..f0e30b7 100644

  extern int optind;
 #include <netdb.h>
 #include <arpa/inet.h>
 #endif
+#ifdef HAVE_KEYCHAIN
+#include <Security/Security.h>
+#endif
 #include "getpass.h"
 #include "gettext.h"
 #include "xalloc.h"
-…
+ char *msmtp_password_callback(const char *hostname, const char *user)
     char *prompt;
     char *gpw;
     char *password = NULL;
+#ifdef HAVE_KEYCHAIN
+    void *passwordData;
+    UInt32 passwordLength;
+    OSStatus status;
+#endif
     homedir = get_homedir();
     netrc_filename = get_filename(homedir, NETRCFILE);
-…
+ char *msmtp_password_callback(const char *hostname, const char *user)
         free_netrc_entry_list(netrc_hostlist);
+    }
     free(netrc_filename);
+#ifdef HAVE_KEYCHAIN
+    if (SecKeychainFindInternetPassword(
+        NULL,
+        strlen(hostname), hostname,
+, NULL,
+        strlen(user), user,
+, (char *)NULL,
+,
+        kSecProtocolTypeSMTP,
+        kSecAuthenticationTypeDefault,
+        &passwordLength, &passwordData,
+        NULL) == noErr)
+    {
+        password = xmalloc((passwordLength + 1) * sizeof(char));
+        strncpy(password, passwordData, (size_t)passwordLength);
+        password[passwordLength] = '\0';
+        SecKeychainItemFreeContent(NULL, passwordData);
+    }
+#endif /* HAVE_KEYCHAIN */
     if (!password)
+    {
         prompt = xasprintf(_("password for %s at %s: "), user, hostname);

Download in other formats:

Original Format