swick / mozilla-gnome-keyring Goto Github PK

Hi, the new Initialize method is not the same as Init. The former should be asynchronous, returning a Promise, and the latter is synchronous. In nsILoginManagerStorage.idl:

    /**
     * Initialize the component.
     *
     * At present, other methods of this interface may be called before the
     * returned promise is resolved or rejected.
     *
     * @return {Promise}
     * @resolves When initialization is complete.
     * @rejects JavaScript exception.
     */
    jsval initialize();

Hi there,

I'd like to keep using Firefox' own password store (for sync and other issues), but I would like to have them encrypted with a master password stored in gnome-keyring. Would it be possible to support this?

Hi,

Browsing through Firefox addons, and displaying details for this extension shows the following homepage:
https://sebastianwick.net/moz-gnome-keyring-integration

This address has a couples issues

• 404 Not Found
• SSL trust issue (self signed certificate) cf https://www.ssllabs.com/ssltest/analyze.html?d=sebastianwick.net

Consider making the page available again, or changing the homepage address (for the github repo maybe?)

When Firefox uses this extension to save a password to GNOME Keyring, it saves them in a different format than the one that Epiphany uses. This extension save passwords like this:

passwordField: passwd
formSubmitURL: https://www.reddit.com
hostname: https://www.reddit.com
usernameField: user
httpRealm: 
username: <username>
mozLoginInfoMagic: loginInfoMagicv1

Epiphany saves it like this:

username: <username>
form_password: passwd
uri: http://www.reddit.com/
form_username: user

Here's what it looks like visually:

Neither browser is able to understand the format used by the other, defeating the purpose of using a systemwide utility to store passwords. This extension should adopt the Epiphany format for the copy that it exports to GNOME Keyring.

Note: I have also filed a bug on the GNOME folks in case they're the ones Doing It Wrong:™ https://bugzilla.gnome.org/show_bug.cgi?id=774820

If I set the 'extensions.gnome-keyring.keyringName' property in the config to a existing keyring not created by this plugin (in this case named "Default keyring" and also set to be the default per seahorse) the plugin won't open it correctly, but instead try to create a new keyring with the same name. After it created them however, it seems to think that creating and unlocking failed as it tries to create another keyring with the same name again and again. This way I end up with a couple of keyrings with the same name (all confirmed to exist and be unlocked by seahorse), but the plugin won't use them and will create new ones if I, e.g. try to save a password.

I run Thunderbird 31.2.0 with version 0.5 of your plugin.

Hi
I just installed this Addon in Thunderbird and Firefox.
Thunderbird works fine but Firefox tells me that the Addon is not signed and could not be verified.
Can you get it signed by the Firefox Devs?
In the current version it is possible to set xpinstall.signatures.required to false, but this feature won't exist in the next version.

I think it would be great to store the credentials the same way as gnome-web (or as google-chrome, just one of them would be great so we could reduce the number of password formats). That way you could move between different browsers and still have your passwords working.

Since latest FF upgrade (to 32.0), the plugin does not seem to work anymore, at all...
I get these errors in the console:

NS_ERROR_XPC_GS_RETURNED_FAILURE: Component returned failure code: 0x80570016 (NS_ERROR_XPC_GS_RETURNED_FAILURE) [nsIJSCID.getService] passwordManagerCommon.js:28
TypeError: kObserverService is undefined passwordManagerCommon.js:39

Hi,
the plugin seems to be broken with FF 34. Symptoms are I get no keyring created in Seahorse and I'm not asked if I want to remember password when needed.
Looking into FF console log, I see these errors:
Services.logins is undefined LoginManagerParent.jsm:104
Services.logins is undefined LoginManagerParent.jsm:222

Any idea?

Does anyone know if this extension will be rewrited into FF57 compatible version ?

Reproducing:

• Go to a random random login page, such as http://oyanforum.com/
• Provide a dummy login-password pair, for testing purpose
• Accept to save it
• In the address bar, click on the globe, then "More Information..", and finally "View saved passwords..."
• Delete the saved password
• Close the dialogs, and repeat the previous step to display saved passwords again. The password still appear, whereas I expected it to be gone.

Gnome Keyring Integration 0.10
Firefox 38.5.0 (branded as Iceweasel)
Debian GNU/Linux

In thunderbird :
Go in preference->security->stored password. Unlock your keyring, show you passwords.
Close passwords window.
Lock your keyring
Go again in preference->security->stored password. In the window asking for your master key, don't enter it and click on “cancel”. -> you can see your passwords.
A little problematic I think…

Using the saved-password-editor extension together with this extension allows for easier testing. Unfortunately, editing an existing entry doesn't work:

Got an error:
  [JavaScript Error: "propEnum is undefined" {file: "jar:file:///home/infinity0/.mozilla/firefox/xxx.testing/extensions/[email protected]!/components/loginManagerStorage.js" line: 127}]'[JavaScript Error: "propEnum is undefined" {file: "jar:file:///home/infinity0/.mozilla/firefox/xxx.testing/extensions/[email protected]!/components/loginManagerStorage.js" line: 127}]' when calling method: [nsILoginManagerStorage::modifyLogin]
Did you try to create a duplicate login entry?

Hi,

I used to enjoy this add-on but recently I had to remove it since it makes Firefox freeze on newer versions.
I don't know if it's related to Firefox move to e10s ?
I'm using Firefox aurora from http://mozilla.debian.net/ on my Debian Sid 64 bits system
Thanks !

Hi,

When login-in on a website after the extension auto-fill the form, Firefox prompt me to remember the password (that's right, not even an update password prompt, but a remember password prompt).

That shouldn't happen. The login & pass was auto-filled, so its already remembered.

I removed the C(++) extension (didn't want to rebuild it after a Firefox update), and installed the pure-JS one. So the password database comes infinity0's C++ extension.

Firefox version: 29.0.1 (iceweasel package)
System: Debian GNU/Linux, amd64

I have installed this add-on and without a warning it has erased ALL passwords saved in my Firefox Sync. Well I had some really rare passwords there.

A warning and a chance to make a backup before proceeding would be probably appreciated by most users.

Apparently, there is no way to override this. Any plans to get this extension signed?

$ git clone https://github.com/swick/mozilla-gnome-keyring.git mozilla-gnome-keyring
$ cd mozilla-gnome-keyring
$ make

Then the file gnome-keyring-integration.xpi appears in the bin drectory.

When attempting to install add-on to firefox 68.0.2 (64-bit) from Ubuntu 18.04,
it claims that "This add-on could not be installed because it appears to be corrupted"

Any ideas?

The current plan is that Firefox 57 will only support web extensions. Your add-on is not a web extension yet as far as I can see, so you should consider remaking your add-on. The Firefox 57 release is planned for 28th November 2017.
Already for Firefox 53 (planned release: 18th April 2017) it is planned to no longer accept other new add-on submissions than web extensions on AMO (addons.mozilla.org). Old extensions can however still be updated.
The good message is that one should be able to use your web extensions add-on in all mayor browsers. That's the idea behind web extensions.
Note that you can use so-called hybrid extensions for switching to WebExtensions.

Note that all dates are estimates and may be changed.

German source: https://www.soeren-hentzschel.at/firefox/firefox-57-mit-exklusiver-webextension-unterstuetzung/
Original source: https://blog.mozilla.org/addons/2016/11/23/add-ons-in-2017/

Title says it all. This makes it difficult to use this extension if you haven't used it from day one!
Either add this option as a built-in or include a migrate script! (Preferred!)

Is it a live project?
And is there a way to install it on Debian 10?

Hi, after #27 is merged, I'd be happy to bless this as the next "official" version of mozilla-gnome-keyring, and hand over maintenance of this software to you. I actually already have a demo debian package of this here.

I'd prefer it if the name was kept, though. It has some presence online and it would provide some continuity with the current mozilla-gnome-keyring. Are you OK with doing this? It would involve changing the extension URL on addons.mozilla.org, and updating the places in the repo to change "moz-gnome-keyring-integration" to "mozilla-gnome-keyring".

The extension doesn't work with thunderbird 68. Maybe adding a manifest.json file instead of install.rdf can revive it?

Are there any plans to continue the development of the extension in general?

If I have a password without a username it is not handled correctly.
1.) If there is a stored login with a username in the stored passwords, that password will be used when retrieving one.
2.) If there has been no username/password combination before storing the password, that password will automatically also be used for username/password prompts (which does not make sense because there is a username to be entered too).

The first is not that big a problem.
The second, however, is more problamtic because I seem to be unable to store the password then with the username (might only be a problem if the password is the same as without the username)

I get a message every time I start FIrefox on the window bottom, saying "Sync encountered an error while synchronising: Incorrect account name or password. Sync will automatically retry this action.".
Then, If I try to sign in again, I have to enter masster password to use saved password, but it fails.

Without this extension, no error occurs.

I compare stored passwords with this extension via seahoce and without it via Firefox Preference:

• With this extension
  • Description: chrome://FirefoxAccounts
  • Use: Saved password or login
  • Type: Password
  • Password: {"version":1,"accountData": "sessionTokenContext":"fx_desktop_v1","unwrapBKey":"#####","keyFetchToken":"#####","customizeSync":false}}
  • Details:
    • passwordField:
    • formSubmitURL:
    • hostname: chrome://FirefoxAccounts
    • usernameField:
    • httpRealm: Firefox Accounts credentials
    • username: (my username)
    • mozLoginInfoMagic: loginInfoMagicv1
• Without this extension
  • Site: chrome://FirefoxAccounts (Firefox Accounts credentials)
  • Username: (my username)
  • Password: {"version":1,"accountData":{"sessionTokenContext":"fx_desktop_v1","customizeSync":false,"kA":"#####","kB":"#####"}}

Here, "#####" denotes strings consist of random alphabets and numbers.

I love this extension and I'm very glad if it is supported to store passwords for Firefox Sync.

As infinity0 writes ( in https://github.com/infinity0/mozilla-gnome-keyring/issues/43 ):
could you use libsecret instead of libgnome-keyring? That would work for KDE keyring too, I believe. There is more information about it in #23 and https://bugzilla.gnome.org/show_bug.cgi?id=672356.

Hi,

On the following login page, I have provided both an email and password, and confirmed I'd like them saved. This website like many others use email addresses as identifier.
https://soutien.laquadrature.net/login

However, when going back to the login page, only the password is filled. Upon listing the saved login/password, it appears the username was NOT saved.

A quick look at the HTML shows it's a relatively standard login form, but that the input type is "input". On most login forms the type "text" is used.
When changing the input type to "text" (w/ developer tools), the extension is able to remember the login.

Firefox 38.5.0 (branded as Iceaweasel by Debian)
GNOME Keyring Integration 0.10

After an upgrade, I noticed today all my passwords were gone. Investigating, I found that the keyring to use is now configurable and defaults to "default", whereas it was hardcoded to "mozilla" before. This leads to a bad upgrade experience - everything is gone, without any indication why.

Perhaps it makes sense to instead, if no keyring preference is set and a "mozilla" keyring exists, then default to "mozilla"? I'm not sure how fast people are to upgrade and if this is still relevant (since the change is from April, I think), but I just noticed this today, so I guess this change was only recently released?

I would not hold my breath waiting for Mozilla to (re)implement logins API for web-extensions, #48 will not be implemented anytime soon and running Firefox ESR pre-60 is a security risk now.

With this in mind, a conterpart of Migrating old passwords section that will document how-to export passwords and form logins from gnome-keyring would be great.

Correct me if I have a wrong understanding.
Shouldn't there be no password accessible in Firefox?
If I navigate to preferences, security, saved logins i see them all.
I use debian 9 and installed the add-on form the repository

Hi
I am running firefox latest (50.0) with this plugin, and on sync it hogs up CPU for hours and hours, in fact it is the gnome-keyring-daemon that takes nearly 100% of the CPU. I tried this now on 2 of my computers and after logging into my firefox account and starting sync, CPU goes up on g-k-d to close to100, and remains there even after 24h ...

I would really like to see my passwords moved to the g-k store, but as it is now it is unfortunately unusable.

All the best

Norbert

Debian/sid, firefox 50.0, gnome-keyring-integration 0.12

It worked fine for a long time, but since a while (possibly since last Firefox update, but not sure), the keyring does not seem to be accessible any more from Firefox. Logins are not filled automatically, and no saved passwords appear in Preferences->Security->Saved Logins. Also the Add-On preferences of mozilla-gnome-keyring do not list the available key rings.

Under Thunderbird all works as before.

I am using Xubuntu 16.04 LTS (32 bit).

Library functions don't exist on Cent OS 6.

How do I add a patch?

Could there be support for Seamonkey users?

I think this problem has actually been added after a recent commit

Now that the extension is in JS, it should be unnecessary to keep re-compiling it, which (IIRC) was the original reason for having "maxVersion" in install.rdf. It would avoid having to do e.g. #41 all the time, as well as things like Debian bug 838546

What do you think?

Hi,

if I have multiple users store for a page I can select which user I want to login with - which is still fast - but once I select the user it takes a while to get the correct password.

This is not an issue with the binary version but that one stopped working again.

I think it would be nice if there was a reference to the build / released addon @ mozilla.org:
https://addons.mozilla.org/de/firefox/addon/gnome-keyring-integration-1/

You could define this as the repos website.

If I have this extension installed, Firefox does not ask if passwords should be stored. I am using Firefox 37.0.1 and moz-gnome-keyring-integration 0.8.

Can this extension be fitted to the new Firefox 57 extension API?

I have a large number of secrets in my keyring (about 700, I think). Since today, I noticed my Firefox gets really sluggish when this add-on is enabled. There are frequent slowdowns, each lasting a few seconds (during which Firefox doesn't respond to any input). Slowdowns happen whenever switching tabs, clicking links, interacting with some input fields, possibly in more moments. The slowdowns disappear when I disabe the add-on, or when I switch it to use a nearly empty keyring.

dbus-monitor output shows that the full contents of my keyring is requested 3 times when I switch from one tab to another. Requesting all my keys takes a while, so this probably results in the slowdown. Is requesting the full keyring contents regularly intentional, or should it normally request only what it needs, or cache the results?

This issue is probably introduced when I upgraded the Debian package for this add-on, from version 0.6.11-3 to 0.10-1~deb8u1. When I downgrade again, the problem disappears.

It also seems the Secure Login (version 1.1.5) add-on is involved - if I disable it, the issue disappears as well. It seems likely that that add-on makes requests for secrets to the gnome-keyring add-on, which take a long time to fullfil. I'll file a support request for that add-on too and point it to this ticket as well.

Forms don't get filled out any more. The message in the console is:
GnomeKeyringLoginManagerStorage: Called ([object XPCOutParam],[xpconnect wrapped nsIPropertyBag])

The passwords and sites are still accessible in Preferences -> Security -> Saved Logins

It would be nice to explain the options in a bit more detail. For example:

• I don't know what the "default" keyring is. In the old mozilla-gnome-keyring, this was the "mozilla" keyring. Is it now the "login" keyring? But I also see "login" in the drop-down box for "use an available keyring", and there should be an indication that this is the same as the "default" keyring (if this is indeed true; I am not sure).
• What does "store passwords only for this session" mean? The browser session, or the desktop session?

Hi

The good: The addon works really good.
Thank you that passwords still in sync but: When changing the OS without /home (i386 to amd64) all passwords seems to be lost.
This [1] was the first adress to ask for

Now i would like to infom you and ask how to solve it for the future!?

My trouble report:
[1] https://support.mozilla.org/en-US/questions/1164487

Solution aftersome hours including backup recovery for analysis... Disabling the plugin brings back the passwords for firefox. But what about other passwords? e.g. Machine passwords or thunderbird passwords if the keyring db doesnt understand changes of the OS.

Kind regards
Florian

After deleting a password in Firefox it is not deleted from the keyring. After reopening the password list it wil show up once again.

See #14

After the upgrade to 0.3 to fix #5 in abf86ef, the extension no longer finds the passwords on Thunderbird 31 (or rather Icedove, Debian/Linux). Downgrading to fd3d509 solves the problem for now.

Thanks for your support! I can imagine that the debugging required to fix #5 has been quite bad, but the solution is at least not "working" on TB :-(.

If I choose to replace I password it somehow never happens.

And also I sometimes get the message to replace the password although it is already stored in that way.