pidgin-gnome-keyring icon indicating copy to clipboard operation
pidgin-gnome-keyring copied to clipboard

Published 20 hours ago verified publisher icon aebrahim

Broken compatibility with purple-facebook

Open marsjaninzmarsa opened this issue 9 years ago • 7 comments

And probably other protocols too.

All collected info: https://github.com/jgeboski/purple-facebook/issues/48

marsjaninzmarsa avatar Aug 24 '15 22:08 marsjaninzmarsa

Does unchecking the clear memory option fix the problem?

aebrahim avatar Aug 25 '15 02:08 aebrahim

It was off when i tested it, memory_clearing_function() was never reached. I believe it's more about the purple_account_set_password() calls.

dequis avatar Aug 25 '15 15:08 dequis

@aebrahim nope. :disappointed:

marsjaninzmarsa avatar Aug 26 '15 01:08 marsjaninzmarsa

Hmm, actually, surprising... yes, that helped. Don't know why that wasn't working before, but after reboot it's working.

But it's workaround not solution, I think.

marsjaninzmarsa avatar Aug 26 '15 14:08 marsjaninzmarsa

i disagree that this is a "workaround not a solution"

The memory clearing option removes the passwords from pidgin, which would prevent any other plugin from being able to access them. It's a measure for extra security, which some people want and some won't. Because it might break compatibility for some protocols/features. It's off by default.

However, there is still a problem if the plugin doesn't work with this option unchecked. @dequis are you still unable to get this working with this option unchecked?

aebrahim avatar Jan 09 '16 21:01 aebrahim

I haven't tested again but indeed the problem is that it breaks when the option is unchecked. I'm not sure what the "workaround" is supposed to be.

I'll report back in a while with fresher testing results, to see if anything changed on the other side.

Quoting my main messages from the other ticket, for completeness:

Okay, i've done some debugging.

libpurple/account.c:1318-1324, in purple_account_connect()

  password = purple_account_get_password(account);
  if ((password == NULL) &&
      !(prpl_info->options & OPT_PROTO_NO_PASSWORD) &&
      !(prpl_info->options & OPT_PROTO_PASSWORD_OPTIONAL))
      purple_account_request_password(account, G_CALLBACK(request_password_ok_cb), G_CALLBACK(request_password_cancel_cb), account);
  else
      _purple_connection_new(account, FALSE, password);

purple_account_request_password is the function that shows the password prompt, if any of those three conditions pass

password == NULL always fails because the keyring plugin wipes passwords intentionally, and this plugin doesn't have OPT_PROTO_NO_PASSWORD and OPT_PROTO_PASSWORD_OPTIONAL

The only plugins with optional/no password flags are XMPP, IRC, SILC, bonjour and zephyr. Those will work fine with your keyring plugin. The rest won't. It seems you only tested with XMPP, aside from purple-facebook.

So, not our bug. Submit an issue to pidgin-gnome-keyring, and link them this comment. Good luck!

And:

I meant the password of the in-memory PurpleAccount structure. But yeah, my assumption that this password always gets wiped may be incorrect (and i don't even have the clear_memory setting enabled). I wasn't really aiming to debug the keyring plugin, which is clearly full of (unfortunately necessary) hacks.

But what I'm 100% sure about is that this affects every other plugin out there, and it's not our fault.

dequis avatar Jan 09 '16 23:01 dequis

You are correct that I only ever tested with XMPP, so I haven't really looked into this. I can easily see there being a bug because the purple_account_request_password function triggers a signal which pidgin_gnome_keyring will use to try to automatically fill the password field (that's the only real way I could think of to do it), and I'm not sure of the timing with respect to when the callback runs.

aebrahim avatar Jan 10 '16 00:01 aebrahim