diff --git a/gnome-keyring-no-human-security.patch b/gnome-keyring-no-human-security.patch new file mode 100644 index 0000000..247b9b0 --- /dev/null +++ b/gnome-keyring-no-human-security.patch @@ -0,0 +1,59 @@ +Index: configure.in +=================================================================== +--- configure.in (revision 1140) ++++ configure.in (working copy) +@@ -297,6 +297,17 @@ + fi + fi + ++# -------------------------------------------------------------------- ++# Mess with this if you want to cause user confusion ++ ++AC_ARG_ENABLE(unreliable-human-guesswork-security, ++ AC_HELP_STRING([--enable-unreliable-human-guesswork-security], ++ [Enable if you want to ask users incomprehensible questions])) ++ ++if test x"$enable_unreliable_human_guesswork_security" == x"yes"; then ++ AC_DEFINE(ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY, 1, [Whether to ask users incomprehensible questions]) ++fi ++ + AC_ARG_WITH([pam-dir], + [AC_HELP_STRING([--with-pam-dir=DIR], + [directory to install pam modules in])], +Index: daemon/gkr-daemon-ops.c +=================================================================== +--- daemon/gkr-daemon-ops.c (revision 1140) ++++ daemon/gkr-daemon-ops.c (working copy) +@@ -145,6 +145,7 @@ + } + } + ++#ifdef ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY + static guint + check_acl_ask_request (GkrAskRequest* ask, GnomeKeyringApplicationRef *app) + { +@@ -198,11 +199,16 @@ + /* Continue with prompting */ + return GKR_ASK_DONT_CARE; + } ++#endif + + static gboolean + request_item_access (GkrKeyringRequest *req, GkrKeyringItem *item, + GnomeKeyringAccessType access_type, gboolean secret) + { ++/* Asking general users this kind of question simply does not work. */ ++#ifndef ENABLE_UNRELIABLE_HUMAN_GUESSWORK_SECURITY ++ return TRUE; ++#else + GnomeKeyringApplicationRef *app = req->app_ref; + const gchar *keyring_name = NULL; + GkrAskRequest *ask; +@@ -279,6 +285,7 @@ + g_object_unref (ask); + + return ret; ++#endif + } + + static gboolean diff --git a/gnome-keyring.spec b/gnome-keyring.spec index 9890cf2..dd16ca7 100644 --- a/gnome-keyring.spec +++ b/gnome-keyring.spec @@ -8,10 +8,12 @@ Summary: A framework for managing user passwords and other secrets Name: gnome-keyring Version: 2.22.2 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ and LGPLv2+ Group: System Environment/Libraries Source: http://download.gnome.org/sources/gnome-keyring/2.22/gnome-keyring-%{version}.tar.bz2 +# http://bugzilla.gnome.org/show_bug.cgi?id=533493 +Patch0: gnome-keyring-no-human-security.patch URL: http://www.gnome.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: glib2-devel >= %{glib2_version} @@ -67,6 +69,7 @@ and start the keyring daemon. %prep %setup -q -n gnome-keyring-%{version} +%patch0 -p0 -b .no-human-security %build aclocal @@ -135,6 +138,10 @@ fi %changelog +* Thu May 29 2008 Colin Walters - 2.22.2-2 +- Add patch to nuke allow-deny dialog, see linked upstream bug + for discussion + * Tue May 27 2008 Tomas Bzatek - 2.22.2-1 - Update to 2.22.2