-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support master password (volunteers wanted) #3
Comments
Since I don't know any way of contacting you directly: @nyov, here's a re-write of the Firefox password decryptor with proper licensing. If you feel like adding and testing master password support, that would rock the house. |
Thanks for the notify, nice work. Any reason for having both GPL2.0 and LGPL2.1 in the license? I don't quite see the point. Though I also believe the LGPL has the option "built-in" to rerelease / migrate any LGPL code under the stricter GPL anyway. And do you have a specific reason for choosing to go with another ctypes wrapper project? Or would you consider cffi instead? Personally, I wanted to clean up the codebases I had there and then move on to doing an alternate implementation on top using the python-nss lib bindings. Also, I'd prefer to not get hung up on "decrypting" passwords, rather what I had this code in mind for should work bidirectionally, also allowing to add entries to a database, maybe even create one. |
Ah I see my first question is answered by the license header in https://github.com/mozilla-services/services-central-legacy/blob/master/security/nss/cmd/pwdecrypt/pwdecrypt.c. |
Hi!
I had not heard about CFFI before. I have little motivation to do that transition myself, but I do not object to a transition to CFFI.
I would not mind a dependency on python-nss. I did play with python-nss before going to ctypes. It does not seem provide the functions called by pwdecrypt, i.e. grepping for "PK11SDR_Decrypt" in 0.16 code did not give any matches. If python-nss helps, which functions to call would need to be found out.
No objections, I just would not write the code myself.
I remember seeing a re-licensing commit on that file somewhere but I fail to reproduce it right now, maybe later. If the re-licensing was allowed to take place, could be an interesting question by the way. Personally, I would be happy with MPL 2, too. Best, Sebastian |
Awesome, I think I can work with that. Regarding cffi, it seems to be the up-and coming thing to use if one wants to support pypy, and I also like the option of potentially linking to C libs on the API level versus just dlopen'ing. I'll look into doing a conversion. Finally, on licensing, I just re-read the MPL2 here https://hg.mozilla.org/projects/nss/file/9c25253f6d3c/COPYING, which allows linking to GPL/LGPL code, if one provides a potentially modified nss lib under the MPL. This leads me to think it would be simplest to just provide this under one license, say LGPL. But that's your prerogative, I don't mind either way. |
I'm sitting on this basic cffi converted version for the last two days now, with added master password checking and pypy/python3 support. But the way this currently works is rather horrible, doing the whole NSS_Init/NSS_Shutdown procedure, and then PK11 login/logout in between, for every single password. |
I named |
No description provided.
The text was updated successfully, but these errors were encountered: