From 92c6ed27625fcf367f0fbcc755d83d7ff8fde94b Mon Sep 17 00:00:00 2001 From: nig Date: Wed, 6 Dec 2023 11:56:37 +0100 Subject: [PATCH] pre-select gnome-libsecret safeStorage backend if no explicit backend is given, we default to trying gnome-libsecret since that was what we required before. the code that keytar used to do its thing is virtually identical to what chromium is doing when using gnome-libsecret. --- src/desktop/DesktopMain.ts | 4 ++-- src/desktop/sse/SecretStorage.ts | 15 +++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/desktop/DesktopMain.ts b/src/desktop/DesktopMain.ts index 6bb78a0850fd..e0b5d38e574b 100644 --- a/src/desktop/DesktopMain.ts +++ b/src/desktop/DesktopMain.ts @@ -18,7 +18,7 @@ import { DesktopTray } from "./tray/DesktopTray" import { log } from "./DesktopLog" import { UpdaterWrapper } from "./UpdaterWrapper" import { ElectronNotificationFactory } from "./NotificatonFactory" -import { buildSecretStorage } from "./sse/SecretStorage" +import { buildSecretStorage, preselectGnomeLibsecret } from "./sse/SecretStorage" import fs from "node:fs" import { DesktopIntegrator, getDesktopIntegratorForPlatform } from "./integration/DesktopIntegrator" import net from "node:net" @@ -60,7 +60,6 @@ import { DefaultDateProvider } from "../calendar/date/CalendarUtils.js" import { OfflineDbRefCounter } from "./db/OfflineDbRefCounter.js" import { WorkerSqlCipher } from "./db/WorkerSqlCipher.js" import { TempFs } from "./files/TempFs.js" -import { WASMArgon2idFacade } from "../api/worker/facades/Argon2idFacade.js" /** * Should be injected during build time. @@ -136,6 +135,7 @@ if (opts.registerAsMailHandler && opts.unregisterAsMailHandler) { async function createComponents(): Promise { const en = (await import("../translations/en.js")).default lang.init(en) + preselectGnomeLibsecret(electron) const secretStorage = await buildSecretStorage(electron, fs, path) const keyStoreFacade = new DesktopKeyStoreFacade(secretStorage, desktopCrypto) const configMigrator = new DesktopConfigMigrator(desktopCrypto, keyStoreFacade, electron) diff --git a/src/desktop/sse/SecretStorage.ts b/src/desktop/sse/SecretStorage.ts index 24c7c3bb4bcf..c9a2852ef473 100644 --- a/src/desktop/sse/SecretStorage.ts +++ b/src/desktop/sse/SecretStorage.ts @@ -7,6 +7,21 @@ import type { default as Keytar } from "keytar" import os from "node:os" import { ProgrammingError } from "../../api/common/error/ProgrammingError.js" +export function preselectGnomeLibsecret(electron: typeof Electron.CrossProcessExports) { + // this is how chromium selects a backend: + // https://chromium.googlesource.com/chromium/src/+/main/components/os_crypt/sync/key_storage_util_linux.cc + // also for DE detection, which happens before: + // https://chromium.googlesource.com/chromium/src/+/main/base/nix/xdg_util.cc + // I'm 90% sure that it's the deprecated "GNOME_DESKTOP_SESSION_ID" env var that's set once you have logged into gnome + // and back out that makes it suddenly work with i3 since chromium falls back to that if none of the more modern vars + // contain something it recognizes. + // if no explicit backend is given, we default to trying gnome-libsecret since that was what we required before. + // the code that keytar used to do its thing is virtually identical to what chromium is doing when using gnome-libsecret. + if (process.platform === "linux" && !process.argv.some((a) => a.startsWith("--password-store="))) { + electron.app.commandLine.appendSwitch("password-store", "gnome-libsecret") + } +} + export async function buildSecretStorage(electron: typeof Electron.CrossProcessExports, fs: typeof FsModule, path: typeof PathModule): Promise { const mode = determineNativeBackendMode() switch (mode) {