Re: pidgin: b05f9366: Password reenter prompt only for account...

View: New views

9 Messages — Rating Filter: Alert me

	Re: pidgin: b05f9366: Password reenter prompt only for account... by Paul Aurich-4 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message And sulabh@... spoke on 07/03/2009 04:50 AM, saying: > ----------------------------------------------------------------- > Revision: b05f93669b412dc123c17699c1c394cb2f30673d > Ancestor: 1d57dde9d15fd79af85e8a28d21680c4a1b6be2b > Author: sulabh@... > Date: 2009-07-03T11:43:15 > Branch: im.pidgin.pidgin > URL: http://d.pidgin.im/viewmtn/revision/info/b05f93669b412dc123c17699c1c394cb2f30673d > > Modified files: > libpurple/protocols/yahoo/yahoo.c > > ChangeLog: > > Password reenter prompt only for accounts where password storing is enabled. More consistent with other accounts. > Fix #9603 > > > > ------------------------------------------------------------------------ > > ============================================================ > --- libpurple/protocols/yahoo/yahoo.c 601388d98bb68f64ef08e3e4886829206a703f5a > +++ libpurple/protocols/yahoo/yahoo.c 8e8e0865c37c599ef73597cf0e872a9030379cfa > @@ -1792,7 +1792,8 @@ static void yahoo_auth16_stage1_cb(Purpl > case 1212: > /* Password incorrect / > / Set password to NULL. Avoids account locking. Brings dialog to enter password if clicked on Re-enable account */ > - purple_account_set_password(purple_connection_get_account(gc), NULL); > + if (purple_account_get_remember_password(purple_connection_get_account(gc))) > + purple_account_set_password(purple_connection_get_account(gc), NULL); > error_reason = g_strdup(_("Incorrect Password")); > error = PURPLE_CONNECTION_ERROR_AUTHENTICATION_FAILED; > break; This is, I believe, the opposite of what other protocols do. Certainly both XMPP and AIM/ICQ have the purple_account_get_remember_password() check inverted. ~Paul _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message This is, I believe, the opposite of what other protocols do. Certainly both XMPP and AIM/ICQ have the purple_account_get_remember_password() check inverted. Hmm.. yeah thats right, my mistake, forgot to invert that. Will change in the next commit. Since we are discussing, why do we ask the user to reenter password only for the accounts that do not save the password. Why don't we do so for those accounts where password is saved. If the server is saying that password is incorrect, user will have to eventually change the password. - Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Mark Doliner :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Fri, Jul 3, 2009 at 10:24 AM, Sulabh Mahajan<sulabh.dev@...> wrote: >> This is, I believe, the opposite of what other protocols do. Certainly >> both >> XMPP and AIM/ICQ have the purple_account_get_remember_password() check >> inverted. > > Hmm.. yeah thats right, my mistake, forgot to invert that. Will change in > the next commit. > > Since we are discussing, why do we ask the user to reenter password only for > the accounts that do not save the password. Why don't we do so for those > accounts where password is saved. If the server is saying that password is > incorrect, user will have to eventually change the password. I think maybe the reasoning might have been that if the user is saving their password then they've probably had their password set correct for a long time, and it is more likely that the server has a bug and is incorrectly telling us our password is wrong even though it isn't. And in that case we don't want to force the user to re-enter their password. I'm not sure that's really a valid concern, and I'm in favor of always setting the password to NULL for all protocols. -Mark _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Ethan Blanton-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Mark Doliner spake unto us the following wisdom: > On Fri, Jul 3, 2009 at 10:24 AM, Sulabh Mahajan<sulabh.dev@...> wrote: > > Since we are discussing, why do we ask the user to reenter password only for > > the accounts that do not save the password. Why don't we do so for those > > accounts where password is saved. If the server is saying that password is > > incorrect, user will have to eventually change the password. > > I think maybe the reasoning might have been that if the user is saving > their password then they've probably had their password set correct > for a long time, and it is more likely that the server has a bug and > is incorrectly telling us our password is wrong even though it isn't. > And in that case we don't want to force the user to re-enter their > password. I'm not sure that's really a valid concern, and I'm in > favor of always setting the password to NULL for all protocols. While I have no strong feelings either way on this matter, I will point out that a lot of users have no idea what their password is, and if we go around deleting it, they may never be able to log in again. Ethan -- The laws that forbid the carrying of arms are laws [that have no remedy for evils]. They disarm only those who are neither inclined nor determined to commit crimes. -- Cesare Beccaria, "On Crimes and Punishments", 1764 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel signature.asc (492 bytes) Download Attachment
	Re: pidgin: b05f9366: Password reenter prompt only for account... by John Bailey-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message > I think maybe the reasoning might have been that if the user is saving > their password then they've probably had their password set correct > for a long time, and it is more likely that the server has a bug and > is incorrectly telling us our password is wrong even though it isn't. > And in that case we don't want to force the user to re-enter their > password. I'm not sure that's really a valid concern, and I'm in > favor of always setting the password to NULL for all protocols. It is a valid concern. The AIM and ICQ servers will randomly disconnect users and when we autoreconnect the first time, the server will tell us the username and password is wrong. If you wait a few seconds and re-enable the account, it will be fine. I discovered this a couple months ago hunting down another bug that was already fixed at the time, and since that time it's hit me on a number of occasions. If I had to retype my password every time this happened, I'd be wanting to inflict bodily harm on whoever made it so. John _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel signature.asc (852 bytes) Download Attachment
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Sat, Jul 4, 2009 at 8:50 AM, John Bailey <rekkanoryo@...> wrote: of occasions. If I had to retype my password every time this happened, I'd be wanting to inflict bodily harm on whoever made it so. Gets the message :P If server can report incorrect password even when login credentials are correct, then its good idea to not implement this for the accounts that save password. - Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Eus-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Hi Ho! Please see my reply below. On Sat, 2009-07-04 at 10:27 +0530, Sulabh Mahajan wrote: > On Sat, Jul 4, 2009 at 8:50 AM, John Bailey > <rekkanoryo@...> wrote: > of occasions. If I had to retype my password every time this > happened, I'd be > wanting to inflict bodily harm on whoever made it so. > > Gets the message :P > > If server can report incorrect password even when login credentials > are correct, then its good idea to not implement this for the accounts > that save password. I have read the discussion on this mailing list concerning ticket #9603 that I submitted. Please be informed that I don't save my Yahoo! password with the Pidgin because every time I switch my status to "Available" from "Offline", I always get a password prompt as expected. So, I don't really know whether the committed fix really fixes the problem that I reported. Is there anyway I can confirm whether the fix really works, for example, by downloading a software update via GNU/Linux Ubuntu 8.04 update system or by downloading the source code before fix and after fix? Thanks. > - Sulabh -- Best regards, Eus (FSF member #4445) In this digital era, where computing technology is pervasive, your freedom depends on the software controlling those computing devices. Join free software movement today! It is free as in freedom, not as in free beer! Join: http://www.fsf.org/jf?referrer=4445 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Sun, Jul 5, 2009 at 4:33 AM, Eus <reply.to.eus.at.member.fsf.org@gmail.com> wrote: Please be informed that I don't save my Yahoo! password with the Pidgin because every time I switch my status to "Available" from "Offline", I always get a password prompt as expected. And this is the exact behavior you can expect from the next release onwards. So, I don't really know whether the committed fix really fixes the problem that I reported. Is there anyway I can confirm whether the fix really works, for example, by downloading a software update via GNU/Linux Ubuntu 8.04 update system or by downloading the source code before fix and after fix? The issue has been fixed for Pidgin 2.6.0, scheduled to be released later this month. Though you don't need to confirm, if you really want you can check the latest code from im.pidgin.pidgin branch, keeping in mind that doing so is NOT recommended for non-developers. -- Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Eus-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Hi Ho! On Sun, 2009-07-05 at 11:21 +0530, Sulabh Mahajan wrote: > The issue has been fixed for Pidgin 2.6.0, scheduled to be released > later this month. Though you don't need to confirm, if you really want > you can check the latest code from im.pidgin.pidgin branch, keeping in > mind that doing so is NOT recommended for non-developers. In that case, I will be waiting for the next Pidgin update to appear in the update manager. > -- Sulabh Thank you for working on this :-) -- Best regards, Eus (FSF member #4445) In this digital era, where computing technology is pervasive, your freedom depends on the software controlling those computing devices. Join free software movement today! It is free as in freedom, not as in free beer! Join: http://www.fsf.org/jf?referrer=4445 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel

	Re: pidgin: b05f9366: Password reenter prompt only for account... by Paul Aurich-4 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message And sulabh@... spoke on 07/03/2009 04:50 AM, saying: > ----------------------------------------------------------------- > Revision: b05f93669b412dc123c17699c1c394cb2f30673d > Ancestor: 1d57dde9d15fd79af85e8a28d21680c4a1b6be2b > Author: sulabh@... > Date: 2009-07-03T11:43:15 > Branch: im.pidgin.pidgin > URL: http://d.pidgin.im/viewmtn/revision/info/b05f93669b412dc123c17699c1c394cb2f30673d > > Modified files: > libpurple/protocols/yahoo/yahoo.c > > ChangeLog: > > Password reenter prompt only for accounts where password storing is enabled. More consistent with other accounts. > Fix #9603 > > > > ------------------------------------------------------------------------ > > ============================================================ > --- libpurple/protocols/yahoo/yahoo.c 601388d98bb68f64ef08e3e4886829206a703f5a > +++ libpurple/protocols/yahoo/yahoo.c 8e8e0865c37c599ef73597cf0e872a9030379cfa > @@ -1792,7 +1792,8 @@ static void yahoo_auth16_stage1_cb(Purpl > case 1212: > /* Password incorrect / > / Set password to NULL. Avoids account locking. Brings dialog to enter password if clicked on Re-enable account */ > - purple_account_set_password(purple_connection_get_account(gc), NULL); > + if (purple_account_get_remember_password(purple_connection_get_account(gc))) > + purple_account_set_password(purple_connection_get_account(gc), NULL); > error_reason = g_strdup(_("Incorrect Password")); > error = PURPLE_CONNECTION_ERROR_AUTHENTICATION_FAILED; > break; This is, I believe, the opposite of what other protocols do. Certainly both XMPP and AIM/ICQ have the purple_account_get_remember_password() check inverted. ~Paul _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message This is, I believe, the opposite of what other protocols do. Certainly both XMPP and AIM/ICQ have the purple_account_get_remember_password() check inverted. Hmm.. yeah thats right, my mistake, forgot to invert that. Will change in the next commit. Since we are discussing, why do we ask the user to reenter password only for the accounts that do not save the password. Why don't we do so for those accounts where password is saved. If the server is saying that password is incorrect, user will have to eventually change the password. - Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Mark Doliner :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Fri, Jul 3, 2009 at 10:24 AM, Sulabh Mahajan<sulabh.dev@...> wrote: >> This is, I believe, the opposite of what other protocols do. Certainly >> both >> XMPP and AIM/ICQ have the purple_account_get_remember_password() check >> inverted. > > Hmm.. yeah thats right, my mistake, forgot to invert that. Will change in > the next commit. > > Since we are discussing, why do we ask the user to reenter password only for > the accounts that do not save the password. Why don't we do so for those > accounts where password is saved. If the server is saying that password is > incorrect, user will have to eventually change the password. I think maybe the reasoning might have been that if the user is saving their password then they've probably had their password set correct for a long time, and it is more likely that the server has a bug and is incorrectly telling us our password is wrong even though it isn't. And in that case we don't want to force the user to re-enter their password. I'm not sure that's really a valid concern, and I'm in favor of always setting the password to NULL for all protocols. -Mark _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Ethan Blanton-3 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Mark Doliner spake unto us the following wisdom: > On Fri, Jul 3, 2009 at 10:24 AM, Sulabh Mahajan<sulabh.dev@...> wrote: > > Since we are discussing, why do we ask the user to reenter password only for > > the accounts that do not save the password. Why don't we do so for those > > accounts where password is saved. If the server is saying that password is > > incorrect, user will have to eventually change the password. > > I think maybe the reasoning might have been that if the user is saving > their password then they've probably had their password set correct > for a long time, and it is more likely that the server has a bug and > is incorrectly telling us our password is wrong even though it isn't. > And in that case we don't want to force the user to re-enter their > password. I'm not sure that's really a valid concern, and I'm in > favor of always setting the password to NULL for all protocols. While I have no strong feelings either way on this matter, I will point out that a lot of users have no idea what their password is, and if we go around deleting it, they may never be able to log in again. Ethan -- The laws that forbid the carrying of arms are laws [that have no remedy for evils]. They disarm only those who are neither inclined nor determined to commit crimes. -- Cesare Beccaria, "On Crimes and Punishments", 1764 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel signature.asc (492 bytes) Download Attachment
	Re: pidgin: b05f9366: Password reenter prompt only for account... by John Bailey-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message > I think maybe the reasoning might have been that if the user is saving > their password then they've probably had their password set correct > for a long time, and it is more likely that the server has a bug and > is incorrectly telling us our password is wrong even though it isn't. > And in that case we don't want to force the user to re-enter their > password. I'm not sure that's really a valid concern, and I'm in > favor of always setting the password to NULL for all protocols. It is a valid concern. The AIM and ICQ servers will randomly disconnect users and when we autoreconnect the first time, the server will tell us the username and password is wrong. If you wait a few seconds and re-enable the account, it will be fine. I discovered this a couple months ago hunting down another bug that was already fixed at the time, and since that time it's hit me on a number of occasions. If I had to retype my password every time this happened, I'd be wanting to inflict bodily harm on whoever made it so. John _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel signature.asc (852 bytes) Download Attachment
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Sat, Jul 4, 2009 at 8:50 AM, John Bailey <rekkanoryo@...> wrote: of occasions. If I had to retype my password every time this happened, I'd be wanting to inflict bodily harm on whoever made it so. Gets the message :P If server can report incorrect password even when login credentials are correct, then its good idea to not implement this for the accounts that save password. - Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Eus-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Hi Ho! Please see my reply below. On Sat, 2009-07-04 at 10:27 +0530, Sulabh Mahajan wrote: > On Sat, Jul 4, 2009 at 8:50 AM, John Bailey > <rekkanoryo@...> wrote: > of occasions. If I had to retype my password every time this > happened, I'd be > wanting to inflict bodily harm on whoever made it so. > > Gets the message :P > > If server can report incorrect password even when login credentials > are correct, then its good idea to not implement this for the accounts > that save password. I have read the discussion on this mailing list concerning ticket #9603 that I submitted. Please be informed that I don't save my Yahoo! password with the Pidgin because every time I switch my status to "Available" from "Offline", I always get a password prompt as expected. So, I don't really know whether the committed fix really fixes the problem that I reported. Is there anyway I can confirm whether the fix really works, for example, by downloading a software update via GNU/Linux Ubuntu 8.04 update system or by downloading the source code before fix and after fix? Thanks. > - Sulabh -- Best regards, Eus (FSF member #4445) In this digital era, where computing technology is pervasive, your freedom depends on the software controlling those computing devices. Join free software movement today! It is free as in freedom, not as in free beer! Join: http://www.fsf.org/jf?referrer=4445 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Sulabh Mahajan :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message On Sun, Jul 5, 2009 at 4:33 AM, Eus <reply.to.eus.at.member.fsf.org@gmail.com> wrote: Please be informed that I don't save my Yahoo! password with the Pidgin because every time I switch my status to "Available" from "Offline", I always get a password prompt as expected. And this is the exact behavior you can expect from the next release onwards. So, I don't really know whether the committed fix really fixes the problem that I reported. Is there anyway I can confirm whether the fix really works, for example, by downloading a software update via GNU/Linux Ubuntu 8.04 update system or by downloading the source code before fix and after fix? The issue has been fixed for Pidgin 2.6.0, scheduled to be released later this month. Though you don't need to confirm, if you really want you can check the latest code from im.pidgin.pidgin branch, keeping in mind that doing so is NOT recommended for non-developers. -- Sulabh _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel
	Re: pidgin: b05f9366: Password reenter prompt only for account... by Eus-2 :: Rate this Message: Reply (Restricted by the Administrator) \| Reply to Author \| View Threaded \| Show Only this Message Hi Ho! On Sun, 2009-07-05 at 11:21 +0530, Sulabh Mahajan wrote: > The issue has been fixed for Pidgin 2.6.0, scheduled to be released > later this month. Though you don't need to confirm, if you really want > you can check the latest code from im.pidgin.pidgin branch, keeping in > mind that doing so is NOT recommended for non-developers. In that case, I will be waiting for the next Pidgin update to appear in the update manager. > -- Sulabh Thank you for working on this :-) -- Best regards, Eus (FSF member #4445) In this digital era, where computing technology is pervasive, your freedom depends on the software controlling those computing devices. Join free software movement today! It is free as in freedom, not as in free beer! Join: http://www.fsf.org/jf?referrer=4445 _______________________________________________ Devel mailing list Devel@... http://pidgin.im/cgi-bin/mailman/listinfo/devel