From a5a772a00526b0830c01254d0ba24305d46b1fa5 Mon Sep 17 00:00:00 2001 From: Philip Withnall Date: Tue, 11 Oct 2011 16:40:21 +0100 Subject: core: Ensure passwords and auth. tokens are stored in non-pageable memory If we're compiled with --enable-gnome, we now allocate passwords and auth. tokens in non-pageable memory where possible. Where not possible (due to API constraints imposed by ourselves or libsoup) we ensure that the details are zeroed out before being freed. This is all with the aim of never having passwords or auth. tokens hit disk or be leaked in other ways. It hasn't been formally reviewed or certified, and there are probably cases I've missed (which are bugs). This adds an optional dependency on libgnome-keyring when compiled with --enable-gnome. Helps: bgo#656783 --- configure.ac | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index bc05b07f..5f743eb8 100644 --- a/configure.ac +++ b/configure.ac @@ -78,19 +78,16 @@ AC_SUBST(GDK_PIXBUF_LIBS) PKG_CHECK_MODULES([GTK], [gtk+-3.0 >= $GTK_REQS], [have_gtk=yes], [have_gtk=no]) AM_CONDITIONAL([HAVE_GTK], [test "x$have_gtk" = "xyes"]) -# GNOME support, which pulls in libsoup-gnome-2.4 to provide transparent proxy support +# GNOME support, which pulls in libsoup-gnome-2.4 to provide transparent proxy support and gnome-keyring-1 to provide non-pageable memory AC_MSG_CHECKING(whether to build with GNOME support) AC_ARG_ENABLE(gnome, AS_HELP_STRING([--enable-gnome], [Whether to enable GNOME support]),, enable_gnome=yes) AC_MSG_RESULT($enable_gnome) if test "x$enable_gnome" = "xyes"; then AC_DEFINE(HAVE_GNOME, 1, [Defined if GNOME support is enabled]) - PKG_CHECK_MODULES(GNOME, [libsoup-gnome-2.4]) + PKG_CHECK_MODULES([GNOME], [libsoup-gnome-2.4 gnome-keyring-1]) fi -AC_SUBST(GNOME_CFLAGS) -AC_SUBST(GNOME_LIBS) - # Various necessary functions and headers AC_CHECK_FUNCS([strchr]) AC_CHECK_FUNCS([strstr]) -- cgit v1.2.1