Wallet dies - Thunderbird and SeaMonkey switch to Toolkit’s Password Manager
January 15th, 2009 Posted in UncategorizedFor too long now (since somewhere around April/May 2008 at least) I have had the task of switching MailNews from the old password manager code (known as wallet) to use the newer code in toolkit that Firefox has been using for a long time now.
Finally, the day has arrived for this to get pushed to the tree - the patches have now all landed, although we do have one final change to do which is to stop pulling the wallet cvs directory into the source tree when we do a pull.
What does this mean for Nightly Testers (and users when we release)?
Hopefully no-one will notice the difference, except for a few bug fixes and revised preferences display. However, as always (especially for nightly testers) it is recommended that you keep backups your profile.
What happens if I use the same profile on wallet and toolkit versions of Thunderbird/SeaMonkey?
When one of the applications with toolkit’s password manager is first run, it will create two new files in your profile directory, signons3.txt and signons.sqlite. signons3.txt is an unfortunate artefact of the upgrade. signons.sqlite is the file the toolkit’s password manager will actively use.
If you subsequently go back to a wallet version, then it will use signons.txt and store any changes to your passwords in that file. These changes won’t get picked up in the toolkit password manager version. Likewise, if you save passwords in the toolkit version, then they won’t get into the wallet version.
Why have we made the switch?
- Provides the same interfaces as Firefox - making it easier for extensions to work across our applications.
- Drops the old wallet password manager code which was virtually unmaintained and complicated.
- Increases code sharing (and string sharing for localisers).
- Moves Thunderbird and SeaMonkey slightly closer to being xulrunner based applications.
- Helps to fix some bugs, and should make it easier to fix some others.
I’ve got a problem with the new password manager that I didn’t have with the old one, what should I do?
Although we now have lots of unit tests for various bits of the mailnews code relating to getting saved passwords and communicating them to servers, and whilst I really do hope there won’t be any new bugs, I won’t be surprised if there are some. Here’s what you should do:
- Confirm the bug isn’t in a previous version of Thunderbird.
- Check for duplicates
- File a bug. We’ll need to know: the format of your username/hostname and if they have any special charaters. We may also need: a protocol log.
6 Responses to “Wallet dies - Thunderbird and SeaMonkey switch to Toolkit’s Password Manager”
By Phil Ringnalda on Jan 15, 2009
Well, it’s not possible that *no-one* will notice, since we dropped the existing option to have a master password (say from importing a cert for S/MIME) without using it to encrypt passwords, so people in that situation will notice that they suddenly have to enter their master password at the start of a session when they didn’t before. Probably very few people in that situation with me, though.
Neverthestill, wallet’s dead! Dead dead dead! Huzzah!
By Robert Kaiser on Jan 15, 2009
Mark, huge thanks for taking on this work, it’s so great that wallet is now actually dead and we’re all using maintained code, and Firefox, Thunderbird, SeaMonkey and Sunbird can share one more piece of code, actually. And sorry for bugging you so often about this one - it’s so great work you’ve done here. Thanks, again.
By Justin Dolske on Jan 16, 2009
HOORAY!
\o/
By Dimitry Andric on Jan 19, 2009
Well, the landing of this fix doesn’t bode well for me, at least. Now Thunderbird has gone into some state where it NEVER asks for passwords anymore, and tries to login continuously with some wrong password that it got from somewhere.
Reverting to an older build fixes the problem instantly….
By Standard8 on Jan 19, 2009
@ Dimitry: As I said in the post, file a bug, in your case I think we’d definitely need a protocol log as well.