Summary: | Use Kde password Wallet for keeping Nickserv's "identify" password's | ||
---|---|---|---|
Product: | [Applications] konversation | Reporter: | Loic Jaquemet <loic.jaquemet> |
Component: | general | Assignee: | Konversation Developers <konversation-devel> |
Status: | CONFIRMED --- | ||
Severity: | wishlist | CC: | andrius, bjorn.bidar, bluedzins, EagleScreen, feth, hein, jmillan, kde, kde, loic, mariano.mollo, niels_ole, opensource, public, rjvbertin, tl, victor.stinner, zorael |
Priority: | NOR | ||
Version: | 0.15 | ||
Target Milestone: | --- | ||
Platform: | Debian testing | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Sentry Crash Report: | |||
Attachments: |
Use kwallet for storing passwords
Ask for password if bot is defined but password is not. |
Description
Loic Jaquemet
2004-12-03 08:23:51 UTC
We can already auto-identify in konversation. The option can be found in File -> Identities. Ok so what you want is protecting password using KWallet? It's more about using Kwallet to keep services's passwords ... I'm working on it :) *** Bug 130762 has been marked as a duplicate of this bug. *** Is someone still working on it? (the status should be changed to assigned then) #6: Not that I know of. *** Bug 241438 has been marked as a duplicate of this bug. *** Created attachment 48160 [details]
Use kwallet for storing passwords
Hi,
This patch adds two methods to Application class: readPassword and writePassword.
Application::writePassword try to write a password in a wallet if KWallet is avaliable. If not, user is asked if he wants the password to be stored in the config file.
Application::readPassword will obtain the password from the wallet if it was stored using writePassword and the wallet is avaliable. If not, it will obtain the password from the config file.
This patch also makes identities, servers and channels passwords to be stored and readed using readPassword and writePassword, so KWallet is used if avaliable.
Created attachment 48161 [details]
Ask for password if bot is defined but password is not.
This patch may also be commited after the previous one.
This patch will make konversation ask the identity password is a bot is set but the password is not.
This would be a strange case before kwallet is used, but may happen now if the password was first stored in a wallet which is not avaliable now.
Thanks! Unfortunately time is a bit tight today, but I hope to get around to reviewing/merging this on Monday or Tuesday. Three comments: 1) I don't think Application::writePassword() should do configGroup.writeEntry("PasswordInWallet", false) before you actually determine that you're going to write a password to the config file. It's unnecessary data when the value ends up being "", and the "false" default fallback value in readPassword() will catch the empty case anyway. It also means that if the user cancels the dialog asking him whether he wants to store the password insecurely, Konversation will go look in the insecure config file next time anyway, even though kwalletd may be available again, and with it the password stored there. 2) Please remove m_alwaysStorePass and m_askedIfStorePass and instead use KMessageBox. KMessageBox provides a standard "Don't ask again" checkbox. And please integrate it with config/warnings_config.cpp so the user can reenable it in the config dialog. However, you want to make sure that the user is only asked once per saveOptions() run, so the code would have to do something like this: After the first time the dialog is shown, check whether the user has set it to "Don't ask again". If he hasn't, make note of that, but override the pref not to ask anyway. Then at the end of saveOptions(), reset it to ask again next time (unless the user did that anyway, then obviously not). 3) Please follow the coding style of the surrounding code, i.e. put opening braces ({) on their own line. To clarify, "unless the user did that anyway" == unless the user set it not to ask again. Hmm. On further thought, a fundamental flaw with this approach might be that saveOptions() can be called at various times - including e.g. during application quit - and popping up the dialog to unlock the wallet at these times would be unacceptable, since there is no visible connection to password editing. *** Bug 253334 has been marked as a duplicate of this bug. *** A new version of the patch was uploaded to reviewboard: https://git.reviewboard.kde.org/r/104699/ *** Bug 301118 has been marked as a duplicate of this bug. *** A new version of the patch was uploaded to https://git.reviewboard.kde.org/r/104699/ This has been around for almost 10 years(!) now ... still, the Nickserv passwords are stored as plain-text in konversationrc. Is anybody working on this? Would be really fine if kwallet support would be finally added to konversation! Is there any infos about this, which changes are needed? I was going to file a bug on this issue but then noticed this 14 year old bug. I was about to add konversationrc to my public dotfiles repository, fortunately I discovered in time that my password were in plain-text. *** Bug 402497 has been marked as a duplicate of this bug. *** This needs to be fixed. |