Warning should be shown when Keychain cannot be used due to Cleartext plugin being enabled

[wrmoon]

Passwords are not getting saved at all. No entries in keychain for Sequel Ace.

Sequel Ace version 2.1.5
MacOs 10.15.5 (19F101)
MacBook Pro (15-inch, 2019)

Would appreciate any suggestions to help debug this

[Jason-Morcos]

Can you provide more detail as to what the issue is as you are experiencing it? When do you expect a password to be saved and it's not being saved?

[wrmoon]

Steps to recreate:

1. File | New Connection Tab
2. Click on + button to create a new connection
3. Fill out Host, Username, Password
4. Click on "Save changes" button
5. Notice that the connection has been stored as a new favorite in your list
6. Click on a different connection, then the one that just got saved.
7. Notice that the password field is now empty. If you try to connect to this database, it will fail if it requires a password. (I get an Access denied popup)

I noticed that there are NO entries in my keychain for passwords for Sequel Ace (though there were for Sequel Pro)

[Jason-Morcos]

This is a very strange issue. I definitely cannot reproduce.
Perhaps this is not a Sequel Ace issue per say and more a Mac-specific issue? Have you tried repairing the keychain (or any of these other tips)? https://discussions.apple.com/thread/2716932

[stychos]

Hm.. can this be relevant?

Sequel-Ace/Source/SPKeychain.m

Lines 47 to 52 in 7a71505

	NSString *cleartext = [NSProcessInfo processInfo].environment[@"LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN"];
	if (cleartext != nil) {
	NSLog(@"LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN is set. Disabling keychain access. See Issue #2437");
	[self release];
	return nil;

[stychos]

Yes, looks like the possible source of trouble. I tried with this env var set and lost Keychain access:

 % LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN=1 /Applications/Sequel\ Ace.app/Contents/MacOS/Sequel\ Ace
2020-08-14 01:19:31.277 Sequel Ace[44057:10824358] Failed to set (systemColorOfName) user defined inspected property on (SPButtonBar): [<SPButtonBar 0x7f85b5e35070> setValue:forUndefinedKey:]: this class is not key value coding-compliant for the key systemColorOfName.
2020-08-14 01:19:31.497 Sequel Ace[44057:10824358] LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN is set. Disabling keychain access. See Issue #2437

@wrmoon what your output of the console command echo $LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN? Or try to launch via terminal as in my example but without LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN=1 part, please.

[wrmoon]

@stychos That's the culprit alright!

When I launch SA from a terminal window, passwords are saved correctly. When I launch from spotlight search (cmd-space) it doesn't work.

I opened SA from the spotlight search, and checked the environment variables (ps eww <pid>). Sure enough, I see LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN=yes

[stychos]

I think it maybe hidden in your .bash_profile, .zshrc or in mysqld launcher. Try to verify that places.

[wrmoon]

But now I wonder why keychain access is disabled when the cleartext plugin is enabled. Couldn't the password be intercepted even if the password isn't stored in the keychain?

[stychos]

Sorry, I can't answer you this question. You can try to read related issues in Sequel Pro tracker to have more vision: sequelpro/sequelpro#2437 and sequelpro/sequelpro#2247
By the nature of "cleartext" word － probably means yes, because anything transferring in cleartext can be intercepted in the middle.

[Jason-Morcos]

At the very least, it might be good if we popped up a one-time alert indicating to the user that keychain cannot be used because MySQL clear text is enabled? It is confusing that the end user can't tell what's going on!

[stychos]

At the very least, it might be good if we popped up a one-time alert indicating to the user that keychain cannot be used because MySQL clear text is enabled? It is confusing that the end user can't tell what's going on!

Thought about that too. Maybe we need to change the issue title and/or description appropriately and keep this open for a while?

[wrmoon]

In case someone has the same issue and reads this thread, I fixed my problem by moving ~/Library/LaunchAgents\mysql.plist elsewhere, and rebooting. Not sure what program put that there, but it looks like I didn't need it anyway.

[Kaspik]

I'm gonna close this for now, as we haven't seen any other issues really and it's solved afaik. :)