Monday, January 02, 2023

Re: security/keepassxc: set password hint for clipboard managers

On 2023/01/02 17:32:46 +0000, Klemens Nanni <kn@openbsd.org> wrote:
> Like on Linux, set a specific MIME type when copying so programs can
> ignore the value; this makes certain clipboard managers not safe
> passwords in history.
>
> See PR for details.
> OK?

why pl1 instead of just bumping the revision? (could also bundle the
patch instead of fetching it, it's small and touches just one file.)

anyway, i ended up looking into it and agree with your diff. For
example x11/copyq can be instructed to ignore password copied from
keepassxc this way[0].

ok for me.

[0]: https://copyq.readthedocs.io/en/latest/faq.html#how-to-omit-storing-text-copied-from-specific-windows-like-a-password-manager

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/security/keepassxc/Makefile,v
> retrieving revision 1.47
> diff -u -p -r1.47 Makefile
> --- Makefile 24 Dec 2022 20:45:54 -0000 1.47
> +++ Makefile 2 Jan 2023 17:24:38 -0000
> @@ -2,7 +2,7 @@ COMMENT = management tool for password a
>
> V = 2.7.4
> DISTNAME = keepassxc-${V}
> -REVISION = 1
> +PKGNAME = ${DISTNAME}pl1
>
> CATEGORIES = security
>
> @@ -20,6 +20,12 @@ WANTLIB += argon2 botan-2 c m minizip qr
> MASTER_SITES = \
> https://github.com/keepassxreboot/keepassxc/releases/download/${V}/
> EXTRACT_SUFX = -src.tar.xz
> +
> +MASTER_SITES0 = https://github.com/keepassxreboot/keepassxc/
> +# pending "Enable password hints on BSD as is already done on Linux"
> +# https://github.com/keepassxreboot/keepassxc/pull/8949
> +PATCHFILES = keepassxc-set-password-hint-{commit/}27e92da.patch:0
> +PATCH_DIST_STRIP = -p1
>
> MODULES = x11/qt5 \
> devel/cmake
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/security/keepassxc/distinfo,v
> retrieving revision 1.28
> diff -u -p -r1.28 distinfo
> --- distinfo 30 Oct 2022 06:41:31 -0000 1.28
> +++ distinfo 2 Jan 2023 17:24:41 -0000
> @@ -1,2 +1,4 @@
> SHA256 (keepassxc-2.7.4-src.tar.xz) = VgBSlh2gOJMn51kXH2YCMN+k4PTh+rYTlgD7hcbl3s4=
> +SHA256 (keepassxc-set-password-hint-27e92da.patch) = kz8OTY8h786C/EXlYXwe72zU23owI4gm9JlFqhWcGXQ=
> SIZE (keepassxc-2.7.4-src.tar.xz) = 8957372
> +SIZE (keepassxc-set-password-hint-27e92da.patch) = 1102

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)