Skip to content

Do not store LDAP credentials in clear-text (#89)

Albrecht Dreß requested to merge 89-fix-cleartext-ldap-credentials into master

Store LDAP credentials in the Secret Service if configured, and make sure the password is erased from the ~/.balsa/config-private file. Notify the user iff the authentication failed instead of just silently doing nothing.

If libsecret is not used, the password is obfuscated.

Note that the change will either erase a stored (cleartext) password or make it unusable, i.e. the user must enter it again in the configuration.

Details:

  • libbalsa/address-book-ldap.c: implementation as above
  • configure.ac, meson.build: link balsa-ab against libsecret

Signed-off-by: Albrecht Dreß albrecht.dress@posteo.de

Closes #89

Merge request reports