pax_global_header00006660000000000000000000000064147377507120014527gustar00rootroot0000000000000052 comment=c2dd491aae707bd4514d936ea52e13ed6eda141c nss-passwords-0.6/000077500000000000000000000000001473775071200142225ustar00rootroot00000000000000nss-passwords-0.6/.gitignore000066400000000000000000000000121473775071200162030ustar00rootroot00000000000000*~ _build nss-passwords-0.6/.ocamlformat000066400000000000000000000000431473775071200165240ustar00rootroot00000000000000profile = default version = 0.26.2 nss-passwords-0.6/CHANGES.md000066400000000000000000000013511473775071200156140ustar00rootroot000000000000000.6 (2025-01-09) ================ * Use ppx_yojson_conv instead of atdgen * Lazily decrypt usernames 0.5 (2024-12-29) ================ * Switch to dune * Ignore errors while decrypting entries (Debian bug #1091105) * Use ocamlformat 0.4 (2023-09-19) ================ * Add machine-readable output (GitHub #2) * Add possibility to select the username (GitHub #3) * Fix compilation with OCaml 4.14.1 (GitHub #6) 0.3 (2019-07-25) ================ * Fix compilation with OCaml 4.02.2 0.2 (2014-09-06) ================ * Add support for JSON-based password store (Firefox >= 32) 0.1.1 (2012-02-10) ================== * Fix FTBFS with ld --as-needed, tune build system 0.1 (2011-11-29) ================ * First public release nss-passwords-0.6/MPL000066400000000000000000000622321473775071200146020ustar00rootroot00000000000000 MOZILLA PUBLIC LICENSE Version 1.1 --------------- 1. Definitions. 1.0.1. "Commercial Use" means distribution or otherwise making the Covered Code available to a third party. 1.1. "Contributor" means each entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Code, prior Modifications used by a Contributor, and the Modifications made by that particular Contributor. 1.3. "Covered Code" means the Original Code or Modifications or the combination of the Original Code and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted in the software development community for the electronic transfer of data. 1.5. "Executable" means Covered Code in any form other than Source Code. 1.6. "Initial Developer" means the individual or entity identified as the Initial Developer in the Source Code notice required by Exhibit A. 1.7. "Larger Work" means a work which combines Covered Code or portions thereof with code not governed by the terms of this License. 1.8. "License" means this document. 1.8.1. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means any addition to or deletion from the substance or structure of either the Original Code or any previous Modifications. When Covered Code is released as a series of files, a Modification is: A. Any addition to or deletion from the contents of a file containing Original Code or previous Modifications. B. Any new file that contains any part of the Original Code or previous Modifications. 1.10. "Original Code" means Source Code of computer software code which is described in the Source Code notice required by Exhibit A as Original Code, and which, at the time of its release under this License is not already Covered Code governed by this License. 1.10.1. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.11. "Source Code" means the preferred form of the Covered Code for making modifications to it, including all modules it contains, plus any associated interface definition files, scripts used to control compilation and installation of an Executable, or source code differential comparisons against either the Original Code or another well known, available Covered Code of the Contributor's choice. The Source Code can be in a compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.12. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License or a future version of this License issued under Section 6.1. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. Source Code License. 2.1. The Initial Developer Grant. The Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license, subject to third party intellectual property claims: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer to use, reproduce, modify, display, perform, sublicense and distribute the Original Code (or portions thereof) with or without Modifications, and/or as part of a Larger Work; and (b) under Patents Claims infringed by the making, using or selling of Original Code, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Code (or portions thereof). (c) the licenses granted in this Section 2.1(a) and (b) are effective on the date Initial Developer first distributes Original Code under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: 1) for code that You delete from the Original Code; 2) separate from the Original Code; or 3) for infringements caused by: i) the modification of the Original Code or ii) the combination of the Original Code with other software or devices. 2.2. Contributor Grant. Subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor, to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof) either on an unmodified basis, with other Modifications, as Covered Code and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: 1) Modifications made by that Contributor (or portions thereof); and 2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) the licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first makes Commercial Use of the Covered Code. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: 1) for any code that Contributor has deleted from the Contributor Version; 2) separate from the Contributor Version; 3) for infringements caused by: i) third party modifications of Contributor Version or ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or 4) under Patent Claims infringed by Covered Code in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Application of License. The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2. The Source Code version of Covered Code may be distributed only under the terms of this License or a future version of this License released under Section 6.1, and You must include a copy of this License with every copy of the Source Code You distribute. You may not offer or impose any terms on any Source Code version that alters or restricts the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5. 3.2. Availability of Source Code. Any Modification which You create or to which You contribute must be made available in Source Code form under the terms of this License either on the same media as an Executable version or via an accepted Electronic Distribution Mechanism to anyone to whom you made an Executable version available; and if made available via Electronic Distribution Mechanism, must remain available for at least twelve (12) months after the date it initially became available, or at least six (6) months after a subsequent version of that particular Modification has been made available to such recipients. You are responsible for ensuring that the Source Code version remains available even if the Electronic Distribution Mechanism is maintained by a third party. 3.3. Description of Modifications. You must cause all Covered Code to which You contribute to contain a file documenting the changes You made to create that Covered Code and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Code provided by the Initial Developer and including the name of the Initial Developer in (a) the Source Code, and (b) in any notice in an Executable version or related documentation in which You describe the origin or ownership of the Covered Code. 3.4. Intellectual Property Matters (a) Third Party Claims. If Contributor has knowledge that a license under a third party's intellectual property rights is required to exercise the rights granted by such Contributor under Sections 2.1 or 2.2, Contributor must include a text file with the Source Code distribution titled "LEGAL" which describes the claim and the party making the claim in sufficient detail that a recipient will know whom to contact. If Contributor obtains such knowledge after the Modification is made available as described in Section 3.2, Contributor shall promptly modify the LEGAL file in all copies Contributor makes available thereafter and shall take other steps (such as notifying appropriate mailing lists or newsgroups) reasonably calculated to inform those who received the Covered Code that new knowledge has been obtained. (b) Contributor APIs. If Contributor's Modifications include an application programming interface and Contributor has knowledge of patent licenses which are reasonably necessary to implement that API, Contributor must also include this information in the LEGAL file. (c) Representations. Contributor represents that, except as disclosed pursuant to Section 3.4(a) above, Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in Exhibit A in each file of the Source Code. If it is not possible to put such notice in a particular Source Code file due to its structure, then You must include such notice in a location (such as a relevant directory) where a user would be likely to look for such a notice. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in Exhibit A. You must also duplicate this License in any documentation for the Source Code where You describe recipients' rights or ownership rights relating to Covered Code. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Code. However, You may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Distribution of Executable Versions. You may distribute Covered Code in Executable form only if the requirements of Section 3.1-3.5 have been met for that Covered Code, and if You include a notice stating that the Source Code version of the Covered Code is available under the terms of this License, including a description of how and where You have fulfilled the obligations of Section 3.2. The notice must be conspicuously included in any notice in an Executable version, related documentation or collateral in which You describe recipients' rights relating to the Covered Code. You may distribute the Executable version of Covered Code or ownership rights under a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable version does not attempt to limit or alter the recipient's rights in the Source Code version from the rights set forth in this License. If You distribute the Executable version under a different license You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or any Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.7. Larger Works. You may create a Larger Work by combining Covered Code with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Code. 4. Inability to Comply Due to Statute or Regulation. If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Code due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be included in the LEGAL file described in Section 3.4 and must be included with all distributions of the Source Code. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Application of this License. This License applies to code to which the Initial Developer has attached the notice in Exhibit A and to related Covered Code. 6. Versions of the License. 6.1. New Versions. Netscape Communications Corporation ("Netscape") may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 6.2. Effect of New Versions. Once Covered Code has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Covered Code under the terms of any subsequent version of the License published by Netscape. No one other than Netscape has the right to modify the terms applicable to Covered Code created under this License. 6.3. Derivative Works. If You create or use a modified version of this License (which you may only do in order to apply it to code which is not already Covered Code governed by this License), You must (a) rename Your license so that the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape", "MPL", "NPL" or any confusingly similar phrase do not appear in your license (except to note that your license differs from this License) and (b) otherwise make it clear that Your version of the license contains terms which differ from the Mozilla Public License and Netscape Public License. (Filling in the name of the Initial Developer, Original Code or Contributor in the notice described in Exhibit A shall not of themselves be deemed to be modifications of this License.) 7. DISCLAIMER OF WARRANTY. COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 8. TERMINATION. 8.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Covered Code which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.2. If You initiate litigation by asserting a patent infringement claim (excluding declatory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You file such action is referred to as "Participant") alleging that: (a) such Participant's Contributor Version directly or indirectly infringes any patent, then any and all rights granted by such Participant to You under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively, unless if within 60 days after receipt of notice You either: (i) agree in writing to pay Participant a mutually agreeable reasonable royalty for Your past and future use of Modifications made by such Participant, or (ii) withdraw Your litigation claim with respect to the Contributor Version against such Participant. If within 60 days of notice, a reasonable royalty and payment arrangement are not mutually agreed upon in writing by the parties or the litigation claim is not withdrawn, the rights granted by Participant to You under Sections 2.1 and/or 2.2 automatically terminate at the expiration of the 60 day notice period specified above. (b) any software, hardware, or device, other than such Participant's Contributor Version, directly or indirectly infringes any patent, then any rights granted to You by such Participant under Sections 2.1(b) and 2.2(b) are revoked effective as of the date You first made, used, sold, distributed, or had made, Modifications made by that Participant. 8.3. If You assert a patent infringement claim against Participant alleging that such Participant's Contributor Version directly or indirectly infringes any patent where such claim is resolved (such as by license or settlement) prior to the initiation of patent infringement litigation, then the reasonable value of the licenses granted by such Participant under Sections 2.1 or 2.2 shall be taken into account in determining the amount or value of any payment or license. 8.4. In the event of termination under Sections 8.1 or 8.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or any distributor hereunder prior to termination shall survive termination. 9. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 10. U.S. GOVERNMENT END USERS. The Covered Code is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" and "commercial computer software documentation," as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Code with only those rights set forth herein. 11. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law provisions (except to the extent applicable law, if any, provides otherwise), excluding its conflict-of-law provisions. With respect to disputes in which at least one party is a citizen of, or an entity chartered or registered to do business in the United States of America, any litigation relating to this License shall be subject to the jurisdiction of the Federal Courts of the Northern District of California, with venue lying in Santa Clara County, California, with the losing party responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. 12. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. 13. MULTIPLE-LICENSED CODE. Initial Developer may designate portions of the Covered Code as "Multiple-Licensed". "Multiple-Licensed" means that the Initial Developer permits you to utilize portions of the Covered Code under Your choice of the NPL or the alternative licenses, if any, specified by the Initial Developer in the file described in Exhibit A. EXHIBIT A -Mozilla Public License. ``The contents of this file are subject to the Mozilla Public License Version 1.1 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.mozilla.org/MPL/ Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. The Original Code is ______________________________________. The Initial Developer of the Original Code is ________________________. Portions created by ______________________ are Copyright (C) ______ _______________________. All Rights Reserved. Contributor(s): ______________________________________. Alternatively, the contents of this file may be used under the terms of the _____ license (the "[___] License"), in which case the provisions of [______] License are applicable instead of those above. If you wish to allow use of your version of this file only under the terms of the [____] License and not to allow others to use your version of this file under the MPL, indicate your decision by deleting the provisions above and replace them with the notice and other provisions required by the [___] License. If you do not delete the provisions above, a recipient may use your version of this file under either the MPL or the [___] License." [NOTE: The text of this Exhibit A may differ slightly from the text of the notices in the Source Code files of the Original Code. You should use the text of this Exhibit A rather than the text found in the Original Code Source Code for Your Modifications.] nss-passwords-0.6/README000066400000000000000000000022421473775071200151020ustar00rootroot00000000000000nss-passwords ============= This program reads passwords from a Mozilla keyring. It can run entirely in text mode. It is merely a higher level version of pwdecrypt, which is no longer convenient for direct use with SQLite-based and JSON-based keyrings of recent versions of Firefox. Requirements (versions known to work are between brackets): - Mozilla's Network Security Services (NSS) [3.12.6] (http://www.mozilla.org/projects/security/pki/nss/) - Objective Caml [3.12.0] (http://caml.inria.fr/) - ocaml-fileutils [0.4.0] (http://ocaml-fileutils.forge.ocamlcore.org/) - ocaml-sqlite3 [1.5.6] (http://ocaml.info/home/ocaml_sources.html#ocaml-sqlite3) - ppx_yojson_conv [0.17.0] (https://github.com/janestreet/ppx_yojson_conv) - some pinentry obeying the Assuan protocol (e.g. pinentry-curses [0.8.0] from http://www.gnupg.org/aegypten/) Usage: run with --help option Tested with: - Iceweasel 3.5.11 (should be OK with Firefox of same version) - Iceweasel 32.0 (should be OK with Firefox of same version) - Icedove 3.0.6 (should be OK with Thunderbird of same version) -- Stéphane Glondu Tue, 31 Aug 2010 17:58:11 +0200 nss-passwords-0.6/dune000066400000000000000000000002501473775071200150750ustar00rootroot00000000000000(executable (name main) (public_name nss-passwords) (libraries ppx_yojson_conv_lib fileutils.str sqlite3 nss_passwords_stubs) (preprocess (pps ppx_yojson_conv))) nss-passwords-0.6/dune-project000066400000000000000000000003551473775071200165470ustar00rootroot00000000000000(lang dune 3.11) (name nss-passwords) (generate_opam_files true) (package (name nss-passwords) (synopsis "Read passwords from a Mozilla keyring") (depends conf-pkg-config dune dune-configurator fileutils atdgen yojson)) nss-passwords-0.6/main.ml000066400000000000000000000227401473775071200155050ustar00rootroot00000000000000(* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Initial Developer of the Original Code is * Stéphane Glondu * Portions created by the Initial Developer are Copyright (C) 2010-2011 * the Initial Developer. All Rights Reserved. * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** *) open Ppx_yojson_conv_lib.Yojson_conv.Primitives type login = { hostname : string; encryptedUsername : string; encryptedPassword : string; } [@@deriving yojson] [@@yojson.allow_extra_fields] type logins = { logins : login list } [@@deriving yojson] [@@yojson.allow_extra_fields] type output_login = { hostname : string; username : string; password : string } [@@deriving yojson] type output = output_login list [@@deriving yojson] (** C interface *) exception NSS_init_failed exception NSS_cleanup_failed exception NSS_base64_decode_failed of string * int exception NSS_decrypt_failed of string * int * exn option let () = Callback.register_exception "NSS_init_failed" NSS_init_failed let () = Callback.register_exception "NSS_cleanup_failed" NSS_cleanup_failed let () = Callback.register_exception "NSS_base64_decode_failed" (NSS_base64_decode_failed ("", 0)) let () = Callback.register_exception "NSS_decrypt_failed" (NSS_decrypt_failed ("", 0, None)) external nss_cleanup : unit -> unit = "caml_nss_cleanup" external nss_init : string -> unit = "caml_nss_init" external do_decrypt : callback:(bool -> string) -> data:string -> string = "caml_do_decrypt" external ttyname : Unix.file_descr -> string = "caml_ttyname" (** Command-line arguments parsing and initialization *) let dir = ref "" let pinentry = ref "pinentry" let queries = ref [] let json_output = ref false let spec = Arg.align [ ( "-d", Arg.Set_string dir, "profile directory (default: Firefox default profile)" ); ( "-p", Arg.Set_string pinentry, "pinentry program to use (default: pinentry)" ); ("-j", Arg.Set json_output, " output result in JSON"); ] let usage_msg = "nss-passwords [-d ] [-p ] query [...]\n\ A query is either hostname:string, username:string, or string (which\n\ translates to hostname:string)." exception Found of string let chop_prefix ~prefix x = let n = String.length x and nprefix = String.length prefix in if n >= nprefix && String.sub x 0 nprefix = prefix then Some (String.sub x nprefix (n - nprefix)) else None let parse_query x = match chop_prefix ~prefix:"hostname:" x with | Some x -> `Hostname x | None -> ( match chop_prefix ~prefix:"username:" x with | Some x -> `Username x | None -> `Hostname x) let () = Arg.parse spec (fun x -> queries := parse_query x :: !queries) usage_msg; if !queries = [] then ( Arg.usage spec usage_msg; exit 1); if !dir = "" then try let () = FileUtil.find ~follow:FileUtil.Follow ~match_compile:FileUtilStr.match_compile (FileUtil.And (FileUtil.Is_dir, FileUtil.Match ".*\\.default$")) (FilePath.concat (Sys.getenv "HOME") ".mozilla/firefox") (fun _ x -> raise (Found x)) () in Printf.eprintf "No default profile directory found\n"; exit 1 with Found x -> dir := x else if not (FileUtil.test FileUtil.Is_dir !dir) then ( Printf.eprintf "Invalid profile directory: %s\n" !dir; exit 1); nss_init !dir; at_exit nss_cleanup (** Decrypt passwords *) let check line = assert (String.length line >= 2 && String.sub line 0 2 = "OK"); () let lc_ctype = try Some (Sys.getenv "LC_ALL") with Not_found -> ( try Some (Sys.getenv "LANG") with Not_found -> None) let callback retry = if retry then failwith "invalid password" else let ((stdin, stdout) as child) = Unix.open_process !pinentry in check (input_line stdin); let ttyname = try ttyname Unix.stdin with Unix.Unix_error (_, _, _) -> failwith "stdin is not a tty" in Printf.fprintf stdout "OPTION ttyname=%s\n%!" ttyname; check (input_line stdin); (match lc_ctype with | Some x -> Printf.fprintf stdout "OPTION lc-ctype=%s\n%!" x; check (input_line stdin) | None -> ()); Printf.fprintf stdout "GETPIN\n%!"; let line = input_line stdin in let _ = Unix.close_process child in let n = String.length line in if n > 2 then String.sub line 2 (n - 2) else failwith "missing password" let quote_query buf x = Buffer.add_string buf "'%"; String.iter (function | '\'' -> Buffer.add_string buf "''" | '%' -> Buffer.add_string buf "x%" | '_' -> Buffer.add_string buf "x_" | 'x' -> Buffer.add_string buf "xx" | c -> Buffer.add_char buf c) x; Buffer.add_string buf "%'" let results = ref [] let exec_hostname db query = let cb = function | [| hostname; encryptedUsername; encryptedPassword |] -> let username = do_decrypt ~callback ~data:encryptedUsername in let password = do_decrypt ~callback ~data:encryptedPassword in results := { hostname; username; password } :: !results | _ -> assert false in let buf = Buffer.create ((2 * String.length query) + 128) in Printf.bprintf buf "SELECT hostname, encryptedUsername, encryptedPassword FROM moz_logins \ WHERE hostname LIKE %a ESCAPE 'x';" quote_query query; let r = Sqlite3.exec_not_null_no_headers ~cb db (Buffer.contents buf) in assert (r = Sqlite3.Rc.OK) let exec_username db query = let rex = Str.regexp (".*" ^ Str.quote query ^ ".*") in let cb = function | [| hostname; encryptedUsername; encryptedPassword |] -> let username = do_decrypt ~callback ~data:encryptedUsername in if Str.string_match rex username 0 then let password = do_decrypt ~callback ~data:encryptedPassword in results := { hostname; username; password } :: !results | _ -> assert false in let sql = "SELECT hostname, encryptedUsername, encryptedPassword FROM moz_logins;" in let r = Sqlite3.exec_not_null_no_headers ~cb db sql in assert (r = Sqlite3.Rc.OK) let exec db = function | `Hostname x -> exec_hostname db x | `Username x -> exec_username db x let exec_sqlite () = let db = Sqlite3.db_open (FilePath.concat !dir "signons.sqlite") in List.iter (exec db) !queries; let r = Sqlite3.db_close db in assert (r = true) let iter_try f l = List.iter (fun x -> try f x with _ -> ()) l let json_process logins query = let string_match = match query with | `Hostname x -> let rex = Str.regexp (".*" ^ Str.quote x ^ ".*") in fun hostname _ -> Str.string_match rex hostname 0 | `Username x -> let rex = Str.regexp (".*" ^ Str.quote x ^ ".*") in fun _ username -> Str.string_match rex (Lazy.force username) 0 in iter_try (fun (l : login) -> let hostname = l.hostname in let username = lazy (do_decrypt ~callback ~data:l.encryptedUsername) in if string_match hostname username then let username = Lazy.force username in let password = do_decrypt ~callback ~data:l.encryptedPassword in results := { hostname; username; password } :: !results) logins let exec_json () = let ic = open_in (FilePath.concat !dir "logins.json") in let ls = Yojson.init_lexer () in let lb = Lexing.from_channel ic in let logins = Yojson.Safe.read_json ls lb |> logins_of_yojson in close_in ic; List.iter (json_process logins.logins) !queries let print_as_table results = let a, b, c = List.fold_left (fun (a, b, c) o -> let a = max a (String.length o.hostname) in let b = max b (String.length o.username) in let c = max c (String.length o.password) in (a, b, c)) (0, 0, 0) results in List.iter (fun o -> Printf.printf "| %-*s | %-*s | %-*s |\n" a o.hostname b o.username c o.password) results let print_as_json results = print_endline (results |> yojson_of_output |> Yojson.Safe.to_string) let () = try if Sys.file_exists (FilePath.concat !dir "logins.json") then exec_json () else exec_sqlite (); let results = List.sort compare !results in (if !json_output then print_as_json else print_as_table) results with NSS_decrypt_failed (_, _, Some e) -> Printf.eprintf "Error while decrypting: %s\n" (Printexc.to_string e); exit 2 nss-passwords-0.6/nss-passwords.1000066400000000000000000000017161473775071200171370ustar00rootroot00000000000000.\" Hey, EMACS: -*- nroff -*- .TH NSS-PASSWORDS 1 "April 2011" .\" Please adjust this date whenever revising the manpage. .SH NAME nss-passwords \- read passwords from Mozilla keyrings from command line .SH SYNOPSIS .B nss-passwords .RI [ options ] " query" .SH DESCRIPTION This manual page documents briefly the .B nss-passwords command. .PP \fBnss-passwords\fP is a program that reads passwords from keyrings used by Mozilla products, like Firefox and Thunderbird. It can run entirely in text mode. \fIquery\fP is a string that will be looked for in the hostname entries of the keyring. .SH OPTIONS .TP .B \-d \fIdir Profile directory. By default, Firefox default profile is guessed. .TP .B \-p \fIprog Program used to ask for a password. By default, \fBpinentry\fP(1) is used. .TP .B \-help, \-\-help Show summary of options. .SH SEE ALSO .BR pinentry (1). .SH AUTHOR nss-passwords was written by Stéphane Glondu . nss-passwords-0.6/nss-passwords.opam000066400000000000000000000006551473775071200177340ustar00rootroot00000000000000# This file is generated by dune, edit dune-project instead opam-version: "2.0" synopsis: "Read passwords from a Mozilla keyring" depends: [ "conf-pkg-config" "dune" {>= "3.11"} "dune-configurator" "fileutils" "atdgen" "yojson" "odoc" {with-doc} ] build: [ ["dune" "subst"] {dev} [ "dune" "build" "-p" name "-j" jobs "@install" "@runtest" {with-test} "@doc" {with-doc} ] ] nss-passwords-0.6/stubs/000077500000000000000000000000001473775071200153625ustar00rootroot00000000000000nss-passwords-0.6/stubs/config/000077500000000000000000000000001473775071200166275ustar00rootroot00000000000000nss-passwords-0.6/stubs/config/discover.ml000066400000000000000000000007441473775071200210040ustar00rootroot00000000000000module C = Configurator.V1 let () = C.main ~name:"nss-pkg-config" (fun c -> let conf = match C.Pkg_config.get c with | None -> failwith "pkg-config is missing" | Some pc -> ( match C.Pkg_config.query pc ~package:"nss" with | None -> failwith "nss is missing in pkg-config" | Some deps -> deps) in C.Flags.write_sexp "c_flags.sexp" conf.cflags; C.Flags.write_sexp "c_library_flags.sexp" conf.libs) nss-passwords-0.6/stubs/config/dune000066400000000000000000000000751473775071200175070ustar00rootroot00000000000000(executable (name discover) (libraries dune-configurator)) nss-passwords-0.6/stubs/dune000066400000000000000000000004501473775071200162370ustar00rootroot00000000000000(library (name nss_passwords_stubs) (foreign_stubs (language c) (names nss_stubs main_stubs) (flags (-fPIC (:include c_flags.sexp)))) (c_library_flags (:include c_library_flags.sexp))) (rule (targets c_flags.sexp c_library_flags.sexp) (action (run ./config/discover.exe))) nss-passwords-0.6/stubs/main_stubs.c000066400000000000000000000036261473775071200177010ustar00rootroot00000000000000/* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Initial Developer of the Original Code is * Stéphane Glondu * Portions created by the Initial Developer are Copyright (C) 2010-2011 * the Initial Developer. All Rights Reserved. * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ #include #include #include #include CAMLprim value caml_ttyname(value ml_fd) { CAMLparam1(ml_fd); char *r = ttyname(Int_val(ml_fd)); if (r) { CAMLreturn(caml_copy_string(r)); } else { uerror("ttyname", Nothing); } } nss-passwords-0.6/stubs/nss_stubs.c000066400000000000000000000112321473775071200175500ustar00rootroot00000000000000/* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is the Netscape security libraries. * * The Initial Developer of the Original Code is * Netscape Communications Corporation. * Portions created by the Initial Developer are Copyright (C) 1994-2000 * the Initial Developer. All Rights Reserved. * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * This file was adapted from nss/mozilla/security/nss/cmd/pwdecrypt.c for * use with Objective Caml. * Copyright (C) 2010 Stephane Glondu . * * ***** END LICENSE BLOCK ***** */ #define NO_NSPR_10_SUPPORT #include #include #include #include #include #include #include #include #include #include #include #include #include char *password_func(PK11SlotInfo *slot, PRBool retry, void *arg) { CAMLparam0(); CAMLlocal4(ml_arg, ml_retry, ml_res, ml_exn); ml_arg = *(value *)arg; /* ml_arg : (bool -> string) * exn option */ assert(Is_block(ml_arg)); ml_retry = retry ? Val_true : Val_false; ml_res = caml_callback_exn(Field(ml_arg, 0), ml_retry); if (Is_exception_result(ml_res)) { /* put (Some exn) in exn slot of arg */ ml_exn = caml_alloc_tuple(1); Store_field(ml_exn, 0, Extract_exception(ml_res)); Store_field(ml_arg, 1, ml_exn); CAMLreturnT(char *, NULL); } else { CAMLreturnT(char *, PL_strdup(String_val(ml_res))); } } CAMLprim value caml_nss_cleanup(value unit) { CAMLparam1(unit); if (NSS_Shutdown() != SECSuccess) { caml_raise_constant(*caml_named_value("NSS_cleanup_failed")); } PR_Cleanup (); CAMLreturn(Val_unit); } CAMLprim value caml_nss_init(value path) { CAMLparam1(path); int rv; PK11_SetPasswordFunc(password_func); rv = NSS_Init(String_val(path)); if (rv != SECSuccess) { caml_raise_constant(*caml_named_value("NSS_init_failed")); } CAMLreturn(Val_unit); } CAMLprim value caml_do_decrypt(value decrypt_callback, value data) { CAMLparam2(decrypt_callback, data); CAMLlocal3(res, exn, cb_data); const char *dataString = String_val(data); int strLen = caml_string_length(data); SECItem *decoded = NSSBase64_DecodeBuffer(NULL, NULL, dataString, strLen); SECStatus rv; SECItem result = { siBuffer, NULL, 0 }; if ((decoded == NULL) || (decoded->len == 0)) { /* Base64 decoding failed */ res = Val_int(PORT_GetError()); if (decoded) { SECITEM_FreeItem(decoded, PR_TRUE); } { value args[] = { data, res }; caml_raise_with_args(*caml_named_value("NSS_base64_decode_failed"), 2, args); } } /* Base64 decoding succeeded */ /* Build the argument to password_func ((bool -> string) * exn option) */ cb_data = caml_alloc_tuple(2); Store_field(cb_data, 0, decrypt_callback); Store_field(cb_data, 1, Val_unit); /* None */ /* Decrypt */ rv = PK11SDR_Decrypt(decoded, &result, &cb_data); SECITEM_ZfreeItem(decoded, PR_TRUE); if (rv == SECSuccess) { res = caml_alloc_string(result.len); memcpy(Bytes_val(res), result.data, result.len); SECITEM_ZfreeItem(&result, PR_FALSE); CAMLreturn(res); } /* decryption failed */ res = Val_int(PORT_GetError()); exn = Field(cb_data, 1); { value args[] = { data, res, exn }; caml_raise_with_args(*caml_named_value("NSS_decrypt_failed"), 3, args); } }