[Bug 52051] New: libsecret migration

Fri Jul 13 22:12:27 CEST 2012

https://bugs.freedesktop.org/show_bug.cgi?id=52051

             Bug #: 52051
           Summary: libsecret migration
    Classification: Unclassified
           Product: Telepathy
           Version: unspecified
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: mission-control
        AssignedTo: telepathy-bugs at lists.freedesktop.org
        ReportedBy: stefw at gnome.org
         QAContact: telepathy-bugs at lists.freedesktop.org

Created attachment 64171
  --> https://bugs.freedesktop.org/attachment.cgi?id=64171
WIP patch to migrate to libsecret

libsecret is a new client for the Secret Service DBus API. The Secret Service
allows storage of passwords in a common way on the desktop. Supported by
gnome-keyring and ksecretservice.

libsecret solves many problems with libgnome-keyring. Relevant to telepathy: it
solves threading issues, uses GDBus instead of dbus-glib.

A future GNOME goal will be to migrate away from libgnome-keyring to libsecret:

https://live.gnome.org/GnomeGoals/LibsecretMigration

I've done a rough WIP patch in order to make sure that the libsecret API
covered all the use cases. I'll attach that patch here. I hope the patch is a
help for the migration, but I don't plan to iterate on it at the current time.

Some notes about the patch:

 * I chose an arbitrary schema name for the stored items, you may want to
   change it to something better. It would be good if empathy and other 
   code that looks up these passwords uses the the same schema and name.
     org.freedesktop.Telepathy.MissionControl
 * I haven't tested the patch. I'm not familiar with how to trigger all the
   various code paths and logic.
 * secret_password_remove_sync() removes all matching unlocked items as
   opposed the way that gnome_keyring_find_items_sync() +
   gnome_keyring_item_delete_sync() were previously used to unlock all the
   items to delete them. This is a corner case, but if you want the previous
   behavior, you can use secret_service_search() and secret_item_delete() to
   make that happen.
 * I didn't patch any of the tests. If you want a 'mock' Secret Service to
   run tests against, rather than running against a live gnome-keyring-daemon,
   then you can copy this stuff:
   http://git.gnome.org/browse/libsecret/tree/libsecret/tests/mock

Note that the patch uses the unstable 'advanced' parts of the libsecret API.

In particular, it's not "best practice" to use gnome-keyring as a place to
store account or connection details. In an ideal world gnome-keyring would be
used just to store secrets, and attributes are used to lookup those secrets.
However libsecret supports this use case, but that functionality is not yet
absolutely stable.

I'm aiming to get most of this stable by GNOME 3.8, but if you do migrate to
libsecret before then, I would patch telepathy-mission-control for any API
changes that come up.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are the assignee for the bug.