https://bugzilla.osafoundation.org/show_bug.cgi?id=2451
See patch in bug for the code. I think I now have this thing at a place where I am going to need some feedback to finish. I have implemented encrypted passwords for sharing accounts (should be straight forward to apply to mail). There is still some possibility of changing some of the crypto stuff, but that can be worked in isolation from the rest of the issues. Here are the remaining major issues: * XXX when MasterPassword imported/used, chandler does not always quit; unit tests don't quit - This seems like it might be a threading problem. Maybe using Timer is not a good thing. Maybe this should be replaced with the timed event or whatever the equivalent was in our repository? * XXX asking for master password from background thread will probably break - I was thinking that this could be fixed by making sure we get a master password before starting the background thread, and disabling master password timeout until the background thread finishes. Reasonable? Better ways? * XXX setting master pw before any passwords are initialized can lead into unrecoverable passwords because there is no way to confirm that a re-entered master password is actually correct. - I was thinking that the best way might be to create one password object with random password and store it as master password pref when you set master password initially. * Other issues? Code reviews very welcome... -- Heikki Toivonen
signature.asc
Description: OpenPGP digital signature
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Open Source Applications Foundation "chandler-dev" mailing list http://lists.osafoundation.org/mailman/listinfo/chandler-dev
