Gajim - 2025-02-08

  1. Polarian

    Been a while since I have been here, anyways, Gajim 1.9.5 on FreeBSD 14.1-RELEASE when using multiple accounts without keychain only one account will prompt for the password, and the other never will, you must manually go into accounts disable the account, and re-enable the account. It seems to be whatever account connects the first gets the password prompt and the other fails to connect at all. I used to do this a while back (before hopping to Dino because FreeBSD only had legacy gajim, and now it has 1.9.5 I use gajim again), and back then each account would prompt for password one after the other, which is the expected behaviour, but this does not happen anymore unfortunately.

  2. Polarian

    Also as I have been discussing it in the XSF discussions a day or two ago, I don't think gajim supports XEP-0484 (correct me if I am wrong) and this is not yet supported by all server implementations, however this would be really useful for a few reasons. 1. No more reliance on keychain, people who do not wish to run a keychain just to have fast login with gajim will not need to, the password does not need to be entered for the duration the token is valid 2. Allows for MFA authentication to be supported, such as XEP-0400 I suggested _jokingly_ that this would be a good GSoC project for conversations, and unfortunately others agreed and were serious... maybe I might take it on I am not sure, I by chance also know Python. Anyways as I keep saying I am an idiot when it comes to the XMPP protocol as I have not read the RFC and I have only read a few XEPs, it is on my reading list, so maybe when I do get around to reading the RFCs and the important XEPs I might be of some use to somebody.

  3. Polarian

    Also as I have been discussing it in the XSF discussions a day or two ago, I don't think gajim supports XEP-0484 (correct me if I am wrong) and this is not yet supported by all server implementations, however this would be really useful for a few reasons. 1. No more reliance on keychain, people who do not wish to run a keychain (me) just to have fast login with gajim will not need to, the password does not need to be entered for the duration the token is valid 2. Allows for MFA authentication to be supported, such as XEP-0400 I suggested _jokingly_ that this would be a good GSoC project for conversations, and unfortunately others agreed and were serious... maybe I might take it on I am not sure, I by chance also know Python. Anyways as I keep saying I am an idiot when it comes to the XMPP protocol as I have not read the RFC and I have only read a few XEPs, it is on my reading list, so maybe when I do get around to reading the RFCs and the important XEPs I might be of some use to somebody.

  4. Kris

    Well GSoC largely assumes that the participants are idiots that need a good mentor and most of the GSoC projects fail because the mentors are not contributing enough time.

  5. Polarian

    Kris, calling me an idiot now? ouch :(

  6. Polarian

    feeding my imposter syndrome :)

  7. Kris

    I just quoted you 🤷️

  8. Polarian

    I know :P

  9. Polarian

    I was kidding

    👍 1
  10. Polarian

    What you should do is say "You can do this" and secretly in your head think "you're so gonna fucking fail"

  11. Polarian

    xD

  12. Kris

    what I actually said is that I believe you can succeed if you find a good mentor 😎️

  13. Polarian

    There is only a 1% chance I will even apply, multiply that by the chance of a good mentor and there is a better chance of winning the euromillions :D

  14. Polarian

    I can't even find the energy to get out of bed in the morning, let alone code xD

    😓 1
  15. amlor

    lovetox, it does, thanks!

  16. lovetox

    Polarian, you seem to misunderstand what a keyring is for

  17. lovetox

    its a place where applications can store secrets in a secure way.

  18. lovetox

    Of course a Token is a secret, so of course we will store it in the keychain

  19. lovetox

    The password bug for multiple accounts has been fixed in master

  20. mesonium

    Polarian: have you gotten my PM or don'r they work here for normal participants?

  21. mesonium

    Polarian: have you gotten my PM or don't they work here for normal participants?

  22. lovetox

    they work

  23. mesonium

    Thanks for confirming.

  24. Polarian

    > its a place where applications can store secrets in a secure way. yeah... such as passwords, ssh keys... I know what its for

  25. Polarian

    but it also is quite a massive overhead too

  26. cal0pteryx

    Polarian: you are not forced to use it

  27. Polarian

    > Polarian: you are not forced to use it Yeah but it would be cool to find alternatives to it

  28. Polarian

    maybe a plugin to pull password from `pass` would be nice

  29. Polarian

    shouldn't be too difficult to code either... :)

  30. Polarian

    At the end of the day pass stores it all in ~/.password-store and they are gpg encrypted text files, where the first line is the password...

  31. Polarian

    But my point was tokens would be more useful... a keychain is important for securing the password, but a token is valid for say a week, storing it within the gajim database wouldn't therefore be a massive deal...

  32. Polarian

    no keychain needed then :P

  33. kali [she/they]

    this definitely feels like something that would be cool to have but not something i think is worth the developer's time

  34. Polarian

    If it isn't written by developers but instead a student with no life, whos gonna complain?

  35. kali [she/they]

    i mean i dont think anyone would complain if you made a PR yeah

  36. kali [she/they]

    seems reasonable to me

  37. cal0pteryx

    Passwords can already be stored without a keyring

  38. lovetox

    Polarian, you are making no sense, what do you think does a keyring, it does exactly what pass does, storing your password encrypted on the harddisk

  39. Polarian

    > Polarian, you are making no sense, what do you think does a keyring, it does exactly what pass does, storing your password encrypted on the harddisk yes... but its also a daemon and requires its own master password to encrypt said data

  40. Polarian

    I, and some others, do not want to remember another password to encrypt a password, so that gajim can hook into it and autologin

  41. Polarian

    so hooking into other existing solutions would be a lot more user friendly

  42. lovetox

    ?! its automatically encrypted with your login password from your DE

  43. Polarian

    no?

  44. lovetox

    nobody chooses a masterpassword for the keyring

  45. Polarian

    not when I used it _once_

  46. Polarian

    > ?! its automatically encrypted with your login password from your DE whats the point of that then? someone can login to your account and decrypt your password already

  47. lovetox

    !? how can someone login to your account without your password

  48. Polarian

    at this point just store the password unencrypted and use per user FDE

  49. Polarian

    at this point just store the password unencrypted and use per user home dir encryption

  50. Polarian

    > !? how can someone login to your account without your password encryption keys should never be the same as a user password

  51. Polarian

    s/keys/passphrases

  52. Polarian

    s/keys/passphrases /

  53. Polarian

    s/keys/passphrases/

  54. lovetox

    ok man, then all humanity uses it *wrong* because no windows user, no mac user, no ubuntu user, EVER was asked to setup some master password for their keyring

  55. lovetox

    but i understand it now, you insist on using it not as intended, and now complain that it is not great UX

  56. lovetox

    either way, use "pass", here https://github.com/nazarewk/keyring_pass

  57. lovetox

    thats a backend for pass for python-keyring

  58. lovetox

    pass of course is nothing else then another .... yeah keyring

  59. bot

    lovetox pushed 1 commits to branch python-nbxmpp/master cq: Fix type annotations - https://dev.gajim.org/gajim/python-nbxmpp/-/commit/02369de0d1fd985c87034627e9074e2551324929

  60. donnerwetter

    A long time ago, there was an indication in the group chats as to which message had been read. Is such a hint planned again? It would be a great help to me.

  61. bot

    lovetox pushed 1 commits to branch python-nbxmpp/master cq: Add type annotations - https://dev.gajim.org/gajim/python-nbxmpp/-/commit/d882d497a81f5ddb61cdde8c5fa989b184700f81

  62. bot

    lovetox pushed 1 commits to branch gajim/master cq: Fix type annotation - https://dev.gajim.org/gajim/gajim/-/commit/6d80cf3c15a361b816361f6faf040a3a0b28a6c6

  63. bot

    lovetox pushed 1 commits to branch gajim/master cfix: Detect translatable strings in ui files again - https://dev.gajim.org/gajim/gajim/-/commit/b7d2a7ff7123defb3fb7095984a2fd00f465a368

  64. bot

    lovetox pushed 1 commits to branch gajim/master cfix: SearchView: Fix placeholder string - https://dev.gajim.org/gajim/gajim/-/commit/9c97e77766c6b21aed919eef88c96cd04bce1b64

  65. bot

    lovetox pushed 1 commits to branch gajim/master chore: Update translations - https://dev.gajim.org/gajim/gajim/-/commit/1b5501f89a6724c48d038a5e678d2bccdc4817f3