rpms/gnome-keyring/devel gnome-keyring-no-human-security.patch, NONE, 1.1 gnome-keyring.spec, 1.85, 1.86

Thu May 29 21:37:21 UTC 2008

Author: walters

Update of /cvs/pkgs/rpms/gnome-keyring/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19134

Modified Files:
	gnome-keyring.spec 
Added Files:
	gnome-keyring-no-human-security.patch 
Log Message:
* Thu May 29 2008 Colin Walters <walters at redhat.com> - 2.22.2-2
- Add patch to nuke allow-deny dialog, see linked upstream bug
  for discussion


gnome-keyring-no-human-security.patch:

--- NEW FILE gnome-keyring-no-human-security.patch ---
Index: configure.in
===================================================================
--- configure.in	(revision 1140)
+++ configure.in	(working copy)
@@ -297,6 +297,17 @@
 	fi
 fi
 
+# --------------------------------------------------------------------
+# Mess with this if you want to cause user confusion
+
+AC_ARG_ENABLE(unreliable-human-guesswork-security, 
+	    AC_HELP_STRING([--enable-unreliable-human-guesswork-security],
+	    [Enable if you want to ask users incomprehensible questions]))
+
+if test x"$enable_unreliable_human_guesswork_security" == x"yes"; then
+	AC_DEFINE(ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY, 1, [Whether to ask users incomprehensible questions])
+fi
+
 AC_ARG_WITH([pam-dir],
             [AC_HELP_STRING([--with-pam-dir=DIR],
                              [directory to install pam modules in])],
Index: daemon/gkr-daemon-ops.c
===================================================================
--- daemon/gkr-daemon-ops.c	(revision 1140)
+++ daemon/gkr-daemon-ops.c	(working copy)
@@ -145,6 +145,7 @@
 	} 
 }
 
+#ifdef ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY
 static guint 
 check_acl_ask_request (GkrAskRequest* ask, GnomeKeyringApplicationRef *app)
 {
@@ -198,11 +199,16 @@
 	/* Continue with prompting */
 	return GKR_ASK_DONT_CARE;
 }
+#endif
 
 static gboolean
 request_item_access (GkrKeyringRequest *req, GkrKeyringItem *item, 
                      GnomeKeyringAccessType access_type, gboolean secret)
 {
+/* Asking general users this kind of question simply does not work. */
+#ifndef ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY
+	return TRUE;
+#else
 	GnomeKeyringApplicationRef *app = req->app_ref;
 	const gchar *keyring_name = NULL;
 	GkrAskRequest *ask;
@@ -279,6 +285,7 @@
 	g_object_unref (ask);
 	
 	return ret;
+#endif
 }
 
 static gboolean 


Index: gnome-keyring.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gnome-keyring/devel/gnome-keyring.spec,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -r1.85 -r1.86
--- gnome-keyring.spec	27 May 2008 09:18:03 -0000	1.85
+++ gnome-keyring.spec	29 May 2008 21:36:29 -0000	1.86
@@ -8,10 +8,12 @@
 Summary: A framework for managing user passwords and other secrets
 Name: gnome-keyring
 Version: 2.22.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: System Environment/Libraries
 Source: http://download.gnome.org/sources/gnome-keyring/2.22/gnome-keyring-%{version}.tar.bz2
+# http://bugzilla.gnome.org/show_bug.cgi?id=533493
+Patch0: gnome-keyring-no-human-security.patch
 URL: http://www.gnome.org
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) 
 BuildRequires: glib2-devel >= %{glib2_version}
@@ -67,6 +69,7 @@
 
 %prep
 %setup -q -n gnome-keyring-%{version}
+%patch0 -p0 -b .no-human-security
 
 %build
 aclocal
@@ -135,6 +138,10 @@
 
 
 %changelog
+* Thu May 29 2008 Colin Walters <walters at redhat.com> - 2.22.2-2
+- Add patch to nuke allow-deny dialog, see linked upstream bug
+  for discussion
+
 * Tue May 27 2008 Tomas Bzatek <tbzatek at redhat.com> - 2.22.2-1
 - Update to 2.22.2
 


