Default to libsecret if not Win32 or Apple, allow using it on Apple as an option (#48)

barracuda156 · web-flow · commit ccd774186829 · 2024-11-14T08:19:55.000-05:00
* CMakeLists: improve platform logic

* Allow using libsecret on macOS
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -25,6 +25,10 @@ include(CMakePackageConfigHelpers)
 include(GNUInstallDirs)
 include(CTest)
 
+if(APPLE)
+    option(USE_LIBSECRET "Use libsecret on macOS instead of Apple keychain" OFF)
+endif()
+
 #libnick Setup
 add_compile_definitions(SQLITE_HAS_CODEC)
 if(NOT WIN32)
@@ -94,8 +98,11 @@ endif()
 if(WIN32)
     find_package(sqlcipher CONFIG REQUIRED)
     target_link_libraries(${PROJECT_NAME} PUBLIC sqlcipher::sqlcipher Advapi32 Dnsapi Dwmapi Gdiplus Kernel32 Shell32 UxTheme)
-elseif(LINUX)
+elseif(APPLE)
     set(THREADS_PREFER_PTHREAD_FLAG ON)
+    find_library(CF_LIBRARY CoreFoundation)
+    find_library(CS_LIBRARY CoreServices)
+    find_library(IOKIT_LIBRARY IOKit)
     find_package(Threads REQUIRED)
     find_package(OpenSSL REQUIRED)
     find_package(PkgConfig REQUIRED)
@@ -104,14 +111,16 @@ elseif(LINUX)
     pkg_check_modules(gmodule REQUIRED IMPORTED_TARGET gmodule-2.0)
     pkg_check_modules(gobject REQUIRED IMPORTED_TARGET gobject-2.0)
     pkg_check_modules(gthread REQUIRED IMPORTED_TARGET gthread-2.0)
-    pkg_check_modules(libsecret REQUIRED IMPORTED_TARGET libsecret-1)
-    target_link_libraries(${PROJECT_NAME} PUBLIC Threads::Threads OpenSSL::SSL OpenSSL::Crypto PkgConfig::glib PkgConfig::gio PkgConfig::gmodule PkgConfig::gobject PkgConfig::gthread PkgConfig::libsecret)
-elseif(APPLE)
+    if(USE_LIBSECRET)
+        pkg_check_modules(libsecret REQUIRED IMPORTED_TARGET libsecret-1)
+        add_compile_definitions(APPLE_USE_LIBSECRET)
+        target_link_libraries(${PROJECT_NAME} PUBLIC ${CF_LIBRARY} ${CS_LIBRARY} ${IOKIT_LIBRARY} Threads::Threads OpenSSL::SSL OpenSSL::Crypto PkgConfig::glib PkgConfig::gio PkgConfig::gmodule PkgConfig::gobject PkgConfig::gthread PkgConfig::libsecret)
+    else()
+        find_library(SECURITY_LIBRARY Security)
+        target_link_libraries(${PROJECT_NAME} PUBLIC ${CF_LIBRARY} ${CS_LIBRARY} ${IOKIT_LIBRARY} ${SECURITY_LIBRARY} Threads::Threads OpenSSL::SSL OpenSSL::Crypto PkgConfig::glib PkgConfig::gio PkgConfig::gmodule PkgConfig::gobject PkgConfig::gthread)
+    endif()
+else()
     set(THREADS_PREFER_PTHREAD_FLAG ON)
-    find_library(CF_LIBRARY CoreFoundation)
-    find_library(CS_LIBRARY CoreServices)
-    find_library(IOKIT_LIBRARY IOKit)
-    find_library(SECURITY_LIBRARY Security)
     find_package(Threads REQUIRED)
     find_package(OpenSSL REQUIRED)
     find_package(PkgConfig REQUIRED)
@@ -120,7 +129,8 @@ elseif(APPLE)
     pkg_check_modules(gmodule REQUIRED IMPORTED_TARGET gmodule-2.0)
     pkg_check_modules(gobject REQUIRED IMPORTED_TARGET gobject-2.0)
     pkg_check_modules(gthread REQUIRED IMPORTED_TARGET gthread-2.0)
-    target_link_libraries(${PROJECT_NAME} PUBLIC ${CF_LIBRARY} ${CS_LIBRARY} ${IOKIT_LIBRARY} ${SECURITY_LIBRARY} Threads::Threads OpenSSL::SSL OpenSSL::Crypto PkgConfig::glib PkgConfig::gio PkgConfig::gmodule PkgConfig::gobject PkgConfig::gthread)
+    pkg_check_modules(libsecret REQUIRED IMPORTED_TARGET libsecret-1)
+    target_link_libraries(${PROJECT_NAME} PUBLIC Threads::Threads OpenSSL::SSL OpenSSL::Crypto PkgConfig::glib PkgConfig::gio PkgConfig::gmodule PkgConfig::gobject PkgConfig::gthread PkgConfig::libsecret)
 endif()
 
 #libnick Install
diff --git a/src/keyring/systemcredentials.cpp b/src/keyring/systemcredentials.cpp
@@ -5,18 +5,18 @@
 #ifdef _WIN32
 #include <windows.h>
 #include <wincred.h>
-#elif defined(__linux__)
-#include <libsecret/secret.h>
-#elif defined(__APPLE__)
+#elif defined(__APPLE__) && !defined(APPLE_USE_LIBSECRET)
 #include <CoreFoundation/CoreFoundation.h>
 #include <Security/Security.h>
+#else
+#include <libsecret/secret.h>
 #endif
 
 using namespace Nickvision::Helpers;
 
 namespace Nickvision::Keyring
 {
-#ifdef __linux__
+#if !defined(_WIN32) && (!defined(__APPLE__) || defined(APPLE_USE_LIBSECRET))
     static const SecretSchema KEYRING_SCHEMA = { "org.nickvision.libnick", SECRET_SCHEMA_NONE, { { "application", SECRET_SCHEMA_ATTRIBUTE_STRING }, { "NULL", SECRET_SCHEMA_ATTRIBUTE_STRING } } };
 #endif
 
@@ -37,20 +37,7 @@ namespace Nickvision::Keyring
                 return Credential{ StringHelpers::str(credName), StringHelpers::str(credUrl), StringHelpers::str(credUsername), StringHelpers::str(credPassword) };
             }
         }
-#elif defined(__linux__)
-        GError* error{ nullptr };
-        char* password{ secret_password_lookup_sync(&KEYRING_SCHEMA, nullptr, &error, "application", name.c_str(), nullptr) };
-        if (!error && password)
-        {
-            Credential c{ name, "", "default", password };
-            secret_password_free(password);
-            return c;
-        }
-        if (error)
-        {
-            g_error_free(error);
-        }
-#elif defined(__APPLE__)
+#elif defined(__APPLE__) && !defined(APPLE_USE_LIBSECRET)
         CFStringRef nameRef{ CFStringCreateWithCString(nullptr, name.c_str(), kCFStringEncodingUTF8) };
         CFMutableDictionaryRef query{ CFDictionaryCreateMutable(nullptr, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) };
         CFDictionaryAddValue(query, kSecClass, kSecClassGenericPassword);
@@ -86,6 +73,19 @@ namespace Nickvision::Keyring
         }
         CFRelease(query);
         CFRelease(nameRef);
+#else
+        GError* error{ nullptr };
+        char* password{ secret_password_lookup_sync(&KEYRING_SCHEMA, nullptr, &error, "application", name.c_str(), nullptr) };
+        if (!error && password)
+        {
+            Credential c{ name, "", "default", password };
+            secret_password_free(password);
+            return c;
+        }
+        if (error)
+        {
+            g_error_free(error);
+        }
 #endif
         return std::nullopt;
     }
@@ -123,16 +123,7 @@ namespace Nickvision::Keyring
         cred.CredentialBlobSize = static_cast<unsigned long>(password.size() * sizeof(wchar_t));
         cred.CredentialBlob = LPBYTE(password.c_str());
         return CredWriteW(&cred, 0);
-#elif defined(__linux__)
-        GError* error{ nullptr };
-        secret_password_store_sync(&KEYRING_SCHEMA, SECRET_COLLECTION_DEFAULT, credential.getName().c_str(), credential.getPassword().c_str(), nullptr, &error, "application", credential.getName().c_str(), nullptr);
-        if (error)
-        {
-            g_error_free(error);
-            return false;
-        }
-        return true;
-#elif defined(__APPLE__)
+#elif defined(__APPLE__) && !defined(APPLE_USE_LIBSECRET)
         CFStringRef name{ CFStringCreateWithCString(nullptr, credential.getName().c_str(), kCFStringEncodingUTF8) };
         CFStringRef uri{ CFStringCreateWithCString(nullptr, credential.getUri().c_str(), kCFStringEncodingUTF8) };
         CFStringRef username{ CFStringCreateWithCString(nullptr, credential.getUsername().c_str(), kCFStringEncodingUTF8) };
@@ -153,6 +144,15 @@ namespace Nickvision::Keyring
         CFRelease(name);
         CFRelease(query);
         return status == errSecSuccess;
+#else
+        GError* error{ nullptr };
+        secret_password_store_sync(&KEYRING_SCHEMA, SECRET_COLLECTION_DEFAULT, credential.getName().c_str(), credential.getPassword().c_str(), nullptr, &error, "application", credential.getName().c_str(), nullptr);
+        if (error)
+        {
+            g_error_free(error);
+            return false;
+        }
+        return true;
 #endif
     }
 
@@ -183,25 +183,7 @@ namespace Nickvision::Keyring
             CredFree(cred);
             return res;
         }
-#elif defined(__linux__)
-        GError* error{ nullptr };
-        char* password{ secret_password_lookup_sync(&KEYRING_SCHEMA, nullptr, &error, "application", credential.getName().c_str(), nullptr) };
-        if (!error && password)
-        {
-            secret_password_free(password);
-            secret_password_store_sync(&KEYRING_SCHEMA, SECRET_COLLECTION_DEFAULT, credential.getName().c_str(), credential.getPassword().c_str(), nullptr, &error, "application", credential.getName().c_str(), nullptr);
-            if (error)
-            {
-                g_error_free(error);
-                return false;
-            }
-            return true;
-        }
-        if (error)
-        {
-            g_error_free(error);
-        }
-#elif defined(__APPLE__)
+#elif defined(__APPLE__) && !defined(APPLE_USE_LIBSECRET)
         CFStringRef name{ CFStringCreateWithCString(nullptr, credential.getName().c_str(), kCFStringEncodingUTF8) };
         CFMutableDictionaryRef query{ CFDictionaryCreateMutable(nullptr, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) };
         CFDictionaryAddValue(query, kSecClass, kSecClassGenericPassword);
@@ -233,6 +215,24 @@ namespace Nickvision::Keyring
         }
         CFRelease(query);
         CFRelease(name);
+#else
+        GError* error{ nullptr };
+        char* password{ secret_password_lookup_sync(&KEYRING_SCHEMA, nullptr, &error, "application", credential.getName().c_str(), nullptr) };
+        if (!error && password)
+        {
+            secret_password_free(password);
+            secret_password_store_sync(&KEYRING_SCHEMA, SECRET_COLLECTION_DEFAULT, credential.getName().c_str(), credential.getPassword().c_str(), nullptr, &error, "application", credential.getName().c_str(), nullptr);
+            if (error)
+            {
+                g_error_free(error);
+                return false;
+            }
+            return true;
+        }
+        if (error)
+        {
+            g_error_free(error);
+        }
 #endif
         return false;
     }
@@ -242,7 +242,16 @@ namespace Nickvision::Keyring
 #ifdef _WIN32
         std::wstring wName{ StringHelpers::wstr(name) };
         return CredDeleteW(wName.c_str(), CRED_TYPE_GENERIC, 0);
-#elif defined(__linux__)
+#elif defined(__APPLE__) && !defined(APPLE_USE_LIBSECRET)
+        CFStringRef nameRef{ CFStringCreateWithCString(nullptr, name.c_str(), kCFStringEncodingUTF8) };
+        CFMutableDictionaryRef query{ CFDictionaryCreateMutable(nullptr, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) };
+        CFDictionaryAddValue(query, kSecClass, kSecClassGenericPassword);
+        CFDictionaryAddValue(query, kSecAttrService, nameRef);
+        OSStatus status{ SecItemDelete(query) };
+        CFRelease(query);
+        CFRelease(nameRef);
+        return status == errSecSuccess;
+#else
         GError* error{ nullptr };
         bool res{ secret_password_clear_sync(&KEYRING_SCHEMA, nullptr, &error, "application", name.c_str(), nullptr) };
         if (!error)
@@ -254,15 +263,6 @@ namespace Nickvision::Keyring
             g_error_free(error);
         }
         return false;
-#elif defined(__APPLE__)
-        CFStringRef nameRef{ CFStringCreateWithCString(nullptr, name.c_str(), kCFStringEncodingUTF8) };
-        CFMutableDictionaryRef query{ CFDictionaryCreateMutable(nullptr, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks) };
-        CFDictionaryAddValue(query, kSecClass, kSecClassGenericPassword);
-        CFDictionaryAddValue(query, kSecAttrService, nameRef);
-        OSStatus status{ SecItemDelete(query) };
-        CFRelease(query);
-        CFRelease(nameRef);
-        return status == errSecSuccess;
 #endif
     }
 }
