Replace libgnome-keyring with libsecret

the former one is deprecated and marked as insecure

CMakeLists.txt

@@ -158,14 +158,9 @@ pkg_check_modules(CAIRO REQUIRED cairo>=1.5.12)
 pkg_check_modules(UUID REQUIRED uuid)
 pkg_check_modules(LIBZIP REQUIRED libzip)
 if (UNIX)
-	pkg_check_modules(GNOME_KEYRING gnome-keyring-1)
-	if (GNOME_KEYRING_FOUND)
-		set(KEYRING_DEFINITION     "HAVE_GNOME_KEYRING")
-	else()
-		pkg_check_modules(GNOME_KEYRING gnome-keyring)
-		if (GNOME_KEYRING_FOUND)
-			set(KEYRING_DEFINITION     "HAVE_OLD_GNOME_KEYRING")
-		endif()
+  pkg_check_modules(LIBSECRET REQUIRED libsecret-1)
+	if (LIBSECRET_FOUND)
+		set(KEYRING_DEFINITION     "HAVE_LIBSECRET_KEYRING")
 	endif()
 endif()
 

backend/wbpublic/grtui/grtdb_connect_panel.cpp

@@ -890,40 +890,48 @@ void DbConnectPanel::end_layout() {
 }
 
 void DbConnectPanel::set_keychain_password(DbDriverParam *param, bool clear) {
-  std::string storage_key;
-  std::string username;
+  std::string storageKey;
+  std::string userName;
   grt::DictRef paramValues(get_connection(true)->parameterValues());
   std::vector<std::string> tokens =
     base::split(param->object()->paramTypeDetails().get_string("storageKeyFormat"), "::");
   if (tokens.size() == 2) {
-    username = tokens[0];
-    storage_key = tokens[1];
+    userName = tokens[0];
+    storageKey = tokens[1];
   } else {
     logError("Invalid storage key format for option %s\n", param->object().id().c_str());
     return;
   }
+
   for (grt::DictRef::const_iterator iter = paramValues.begin(); iter != paramValues.end(); ++iter) {
-    storage_key = base::replaceString(storage_key, "%" + iter->first + "%", iter->second.toString());
-    username = base::replaceString(username, "%" + iter->first + "%", iter->second.toString());
+    storageKey = base::replaceString(storageKey, "%" + iter->first + "%", iter->second.toString());
+    userName = base::replaceString(userName, "%" + iter->first + "%", iter->second.toString());
+  }
+
+  if (storageKey.substr(0, 3) == "ssh") { // This is ssh, we should check if port was given, if not, we will append the default 22.
+    auto pos = storageKey.find_last_of(":");
+    if (pos == std::string::npos) {
+      storageKey.append(":22");
+    }
   }
 
-  if (username.empty()) {
+  if (userName.empty()) {
     mforms::Utilities::show_warning(_("Cannot Set Password"), _("Please fill the username to be used."), _("OK"));
     return;
   }
 
   if (clear) {
     try {
-      mforms::Utilities::forget_password(storage_key, username);
+      mforms::Utilities::forget_password(storageKey, userName);
     } catch (std::exception &exc) {
       mforms::Utilities::show_error("Clear Password", base::strfmt("Could not clear password: %s", exc.what()), "OK");
     }
   } else {
     std::string password;
 
     try {
-      if (mforms::Utilities::ask_for_password("Store Password For Connection", storage_key, username, password))
-        mforms::Utilities::store_password(storage_key, username, password);
+      if (mforms::Utilities::ask_for_password("Store Password For Connection", storageKey, userName, password))
+        mforms::Utilities::store_password(storageKey, userName, password);
     } catch (std::exception &exc) {
       mforms::Utilities::show_error("Store Password", base::strfmt("Could not store password: %s", exc.what()), "OK");
     }

build/debian.in/control

@@ -2,7 +2,7 @@ Source: mysql-workbench-@edition@
 Section: utils
 Priority: extra
 Maintainer: MySQL Release Engineering <mysql-build@oss.oracle.com>
-Build-Depends: debhelper (>= 5), libzip-dev, libgtkmm-3.0-dev, libxml2-dev, libgl1-mesa-dev, libpcre3-dev, python-dev (>= 2.6), libgnome-keyring-dev, libsqlite3-dev, libboost-dev, xdg-utils, cmake, swig (>= 1.3), libproj-dev, cmake, autoconf, autogen
+Build-Depends: debhelper (>= 5), libzip-dev, libgtkmm-3.0-dev, libxml2-dev, libgl1-mesa-dev, libpcre3-dev, python-dev (>= 2.6), libsqlite3-dev, libboost-dev, xdg-utils, cmake, swig (>= 1.3), libproj-dev, cmake, autoconf, autogen, libsecret-1-dev
 Standards-Version: 3.9.8
 Homepage: http://dev.mysql.com/workbench/
 
@@ -12,7 +12,7 @@ Replaces: mysql-workbench-gpl, mysql-workbench-oss, mysql-workbench, mysql-workb
 @else
 Replaces: mysql-workbench-com-se, mysql-workbench, mysql-workbench-community, mysql-workbench-data
 @endif
-Depends: ${shlibs:Depends}, ${misc:Depends}, libglib2.0-0 (>= 2.28)
+Depends: ${shlibs:Depends}, ${misc:Depends}, libglib2.0-0 (>= 2.28), libsecret-1-0
 Architecture: i386 amd64
 Suggests: gnome-keyring, libproj-dev
 Description: MySQL Workbench

build/mysql-workbench.spec.in

@@ -98,6 +98,7 @@ BuildRequires: tar
 BuildRequires: gcc-c++
 BuildRequires: swig >= 1.3
 BuildRequires: proj-devel
+BuildRequires: libsecret-devel
 
 %if !%{defined mysql_home}
 BuildRequires: mysql-devel >= 5.7
@@ -127,6 +128,7 @@ Requires: proj
 Requires: glib2 >= 2.28
 Requires: gtk3
 Requires: gtkmm30
+Requires: libsecret
 
 # our old package names
 Obsoletes: mysql-workbench < 7.0

frontend/common/server_instance_editor.cpp

@@ -469,32 +469,31 @@ ServerInstanceEditor::~ServerInstanceEditor() {
 void ServerInstanceEditor::set_password(bool clear) {
   std::string port = _ssh_port.get_string_value();
 
-  std::string storage_key;
+  std::string storageKey;
   if (_ssh_remote_admin.get_active()) {
-    // WBA stores password with key ssh@host, without port
-    // storage_key = strfmt("ssh@%s:%s", _remote_host.get_string_value().c_str(), port.empty() ? "22" : port.c_str());
-    storage_key = strfmt("ssh@%s", _remote_host.get_string_value().c_str());
+    // WBA stores password with key ssh@host:port
+    storageKey = strfmt("ssh@%s:%s", _remote_host.get_string_value().c_str(), port.empty() ? "22" : port.c_str());
   } else
-    storage_key = "wmi@" + _remote_host.get_string_value();
-  std::string username = _remote_user.get_string_value();
+    storageKey = "wmi@" + _remote_host.get_string_value();
+  std::string userName = _remote_user.get_string_value();
 
-  if (username.empty()) {
+  if (userName.empty()) {
     mforms::Utilities::show_warning("Cannot Set Password", "Please fill the username to be used.", "OK");
     return;
   }
 
   if (clear) {
     try {
-      mforms::Utilities::forget_password(storage_key, username);
+      mforms::Utilities::forget_password(storageKey, userName);
     } catch (std::exception &exc) {
       mforms::Utilities::show_error("Clear Password", base::strfmt("Could not clear password: %s", exc.what()), "OK");
     }
   } else {
     std::string password;
 
     try {
-      if (mforms::Utilities::ask_for_password(_("Store Password For Server"), storage_key, username, password))
-        mforms::Utilities::store_password(storage_key, username, password);
+      if (mforms::Utilities::ask_for_password(_("Store Password For Server"), storageKey, userName, password))
+        mforms::Utilities::store_password(storageKey, userName, password);
     } catch (std::exception &exc) {
       mforms::Utilities::show_error("Store Password", base::strfmt("Could not store password: %s", exc.what()), "OK");
     }
@@ -1183,29 +1182,28 @@ void ServerInstanceEditor::show_instance_info(db_mgmt_ConnectionRef connection,
 
   grt::DictRef loginInfo(instance.is_valid() ? instance->loginInfo() : grt::DictRef(true));
 
-  std::string storage_key;
+  std::string storageKey;
   std::string port = _ssh_port.get_string_value();
-  std::string username;
+  std::string userName;
   if (_ssh_remote_admin.get_active()) {
     _remote_host.set_value(loginInfo.get_string("ssh.hostName"));
     _remote_user.set_value(loginInfo.get_string("ssh.userName"));
-    username = _remote_user.get_string_value();
-    // WBA stores password key as "ssh@<host>"
-    // storage_key = strfmt("ssh@%s:%s", _remote_host.get_string_value().c_str(), port.empty() ? "22" : port.c_str());
-    storage_key = strfmt("ssh@%s", _remote_host.get_string_value().c_str());
+    userName = _remote_user.get_string_value();
+    // WBA stores password key as "ssh@<host>:<port>"
+    storageKey = strfmt("ssh@%s:%s", _remote_host.get_string_value().c_str(), port.empty() ? "22" : port.c_str());
   } else {
     _remote_host.set_value(loginInfo.get_string("wmi.hostName"));
     _remote_user.set_value(loginInfo.get_string("wmi.userName"));
-    username = _remote_user.get_string_value();
-    storage_key = "wmi@" + _remote_host.get_string_value();
+    userName = _remote_user.get_string_value();
+    storageKey = "wmi@" + _remote_host.get_string_value();
   }
   _ssh_port.set_value(loginInfo.get_string("ssh.port"));
   _ssh_usekey.set_active(loginInfo.get_int("ssh.useKey") != 0);
   _ssh_keypath.set_value(loginInfo.get_string("ssh.key"));
 
   std::string dummy;
 
-  if (instance.is_valid() && !username.empty() && mforms::Utilities::find_password(storage_key, username, dummy))
+  if (instance.is_valid() && !userName.empty() && mforms::Utilities::find_password(storageKey, userName, dummy))
     _password_clear.set_enabled(true);
   else
     _password_clear.set_enabled(false);

library/forms/CMakeLists.txt

@@ -15,6 +15,7 @@ include_directories(.
     SYSTEM ${PCRE_INCLUDE_DIRS}
     SYSTEM ${PROJECT_SOURCE_DIR}
     SYSTEM ${VSQLITE_INCLUDE_DIRS}
+    SYSTEM ${LIBSECRET_INCLUDE_DIRS}
     ${PROJECT_SOURCE_DIR}/library
     ${PROJECT_SOURCE_DIR}/library/parsers
     ${PROJECT_SOURCE_DIR}/library/grt/src
@@ -134,7 +135,7 @@ endif()
 
 target_compile_options(mforms PUBLIC ${WB_CXXFLAGS})
 
-target_link_libraries(mforms linux_utilities mdcanvasgtk mdcanvas wbscintilla ${CAIRO_LIBRARIES} ${GTK3_LIBRARIES} ${GNOME_KEYRING_LIBRARIES})
+target_link_libraries(mforms linux_utilities mdcanvasgtk mdcanvas wbscintilla ${CAIRO_LIBRARIES} ${GTK3_LIBRARIES} ${LIBSECRET_LIBRARIES})
 
 set_source_files_properties(gtk/src/mforms_acc.cpp PROPERTIES COMPILE_FLAGS -Wno-pragmas)