This file contains notes, hints and information of interest to people who wish to compile the Windows version of PasswordSafe.
The Windows version of PasswordSafe is currently built using Microsoft Visual Studio 2005 and 2008. People have also reported success in building PasswordSafe using Visual Studio Express (free edition), but that configuration is not described here.
In order to build the Windows version of Password Safe, you need to install the following freely available components, in addition to Visual Studio:
SDK NOTE: In order to compile Password Safe using MFC (Microsoft's Foundation Classes), the Microsoft Windows SDK's 'include' and 'lib' directories must be added to the directories supplied by Visual Studio 2005. This is achieved in VS2005 via Tools > Options > Project and Solutions > VC++ directories > Include files and Library files. They can be added at the end of each appropriate set using the directory you specified during installion (the defaults are: "C:\Program Files\Microsoft SDKs\Windows\NNN\Include" and "C:\Program Files\Microsoft SDKs\Windows\NNN\Lib", where NNN is 6.0, 6.0A or 6.1 as noted above). The Microsoft Visual Studio Registration Tool only adds the .Net libraries and not those needed for Password Safe. It is recommended that you get SDK V6.1 and you place them above the libraries supplied with Visual Studio e.g. "$(VCInstallDir)PlatformSDK\include" and "$(VCInstallDir)PlatformSDK\lib" otherwise you may get warning messages compiling source members using BlockInput.
Compiling using Visual Studio: If you're using Microsoft's Visual Studio, the file "UserVariables.vsprops" must exist and point to the directories where the non-"Windows SDK" components have been installed. The solution will not open correctly without this file being present. For your convenience, we've included a simple Visual Basic script, "configure.vbs", that you can run to generate the "UserVariables.vsprops" file with the correct values.
Originally, PasswordSafe used Microsoft's XML library for XML parsing and validation. For portability, we're now working on support for the Expat and Xerces XML libraries, which are available for non-Windows platforms. See their web sites for more information. Note: Xerces V3.0.0 at revision 707374 or greater is needed to correct a memory leak processing password history entries (we recommend the latest version - currently 3.0.1 as of September 2009).
To determine which XML library to use while building PasswordSafe, we've defined a preprocessor variable (USE_XML_LIBRARY). If NOT defined, the compiled Password Safe will not process XML files (databases or filter definitions in XML format). Filters within a database will be treated as 'Unknown Fields' and will remain unchanged so that other versions of Password Safe that do support XML parsing can still use them. Note, however, that the application will be able to write XML files.
The three valid values of the USE_XML_LIBRARY variable are "EXPAT", "MSXML" and "XERCES" corresponding to the three different implementations.
Password Safe uses SAX2 processing for both Microsoft's and the Xerces' XML Parsers, which are full validating parsers and require the presence of the appropriate XSD Schema file (included in the distribution and in the "xml" sub-directory, to process either file or filter imports. This ensures that the data eventually hitting the SAX2 content handlers is correct and just needs placing in the appropriate fields.
Expat is a non-validating XML Parser and uses its own API rather than SAX2. Note: SAX2 is only an official standard for Java XML processing, although many C supporting parsers also support this interface. Because Expat is non-validating, code is being added directly into Password Safe to perform this validation, so that the program and its databases are not corrupted by poorly formed XML or incorrect data within the XML file.
Note: As of 1 December 2008, the additional validation code for Expat and non-Unicode versions of all three implementations are in progress. Work is also needed to ensure that error processing is correct and that associated messages are produced correctly.
In order to help debug user problems when Windows justs says "there has been an error", a "Windows Unhandled Fault Handler" has been added. This will create a minidump, which can then be used to find where the error took place and, hopefully, why.
An extra "extended" Command Line flag of "--testdump" has been introduced for two reasons. Firstly, it allows the developer to test the minidump process, which is only available in the Release version of the executable and, secondly, allows the translators to check that the error screen displays as they wish.
Note to Translators: the error screen is a basic Windows function and has a fixed width. This is the reason why the minidump file name and directory have been split onto separate lines.
Note: Extended flags start with two minus signs ('--') and must be specified in full - i.e. no abbreviations. They are not displayed in the Usage notes for the normal users and no error message or display is shown if they are not recognised.
With this flag set, there will appear an extra button in the bottom right hand corner of the "About PasswordSafe" dialog. Click it, and a minidump should be produced.
In order to process the minimdump, either the free Microsoft Windbg program can be used (see Microsoft's site for details), or Visual Studio (VS) can be used. In the latter case (and probably the former too!):