[Patch/Fix] libsecret configure option

[Albrecht Dreß]

Hi all,

the configure option

<snip>
  --with-libsecret        Link to libsecret instead of gnome-keyring
                          (default=no)
</snip>

is actually *wrong*, as gnome-keyring has been deprecated.  Thus, if a user 
follows this comment only (the README is actually correct), the resulting 
binary will store obfuscated passwords in ~/.balsa/config-private which is 
typically a questionable (at best) idea.

I suggest
- to make using libsecret the default and
- print a warning if the user explicitly wants to disable it.

The attached patch (untested for Meson) fixes the confusion.

We might also want to ensure that the password (or all passwords) is erased 
from config-private (see the comment in libbalsa/server.c, line 359ff.) when 
accessing libsecret was successful.

Opinions?

Best,
Albrecht.
diff --git a/configure.ac b/configure.ac
index 35eedcd54..b726df685 100644
--- a/configure.ac
+++ b/configure.ac
@@ -124,8 +124,8 @@ AC_ARG_WITH([sqlite],
 
 AC_ARG_WITH(libsecret,
    AC_HELP_STRING([--with-libsecret],
-                  [Link to libsecret instead of gnome-keyring (default=no)]),
-                  [with_libsecret=$withval],[with_libsecret=no])
+                  [Use libsecret to store credentials (default=yes)]),
+                  [with_libsecret=$withval],[with_libsecret=yes])
 
 AC_ARG_WITH(gcr,
    AC_HELP_STRING([--with-gcr],
@@ -496,14 +496,15 @@ fi
 AC_MSG_CHECKING([whether to configure for libsecret])
 if test x$with_libsecret != xno; then
     AC_MSG_RESULT([yes])
-    PKG_CHECK_MODULES(LIBSECRET, [ libsecret-1 ], [],
-                      AC_MSG_ERROR([[You asked to link to libsecret, but
-                                    the development tool is not installed]]))
+    PKG_CHECK_MODULES(LIBSECRET, [ libsecret-1 ])
     AC_DEFINE(HAVE_LIBSECRET,1,[Defined when libsecret can be used.])
     BALSA_CFLAGS="$BALSA_CFLAGS $LIBSECRET_CFLAGS"
     BALSA_LIBS="$BALSA_LIBS $LIBSECRET_LIBS"
 else
     AC_MSG_RESULT([no])
+    AC_MSG_WARN([libsecret support is disabled. Balsa will store the
+               the obfuscated passwords in ~/.balsa/config-private,
+               which is usually not what you want.])
 fi
 
 dnl #####################################################################
diff --git a/meson.build b/meson.build
index 82681f48b..6cb6731c4 100644
--- a/meson.build
+++ b/meson.build
@@ -381,7 +381,7 @@ endif # igemacint
 if libsecret
   secret_dep = dependency('libsecret-1', required : false)
   if not secret_dep.found()
-    error('You asked to link to libsecret, but the development tool is not 
installed')
+    error('You asked to link to libsecret, but the development files are not 
installed')
   endif
   conf.set('HAVE_LIBSECRET', 1,
     description : 'Defined when libsecret can be used.')
diff --git a/meson_options.txt b/meson_options.txt
index 230052752..09bcf2af4 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -77,8 +77,8 @@ option('sqlite',
 
 option('libsecret',
   type        : 'boolean',
-  value       : false,
-  description : 'Link to libsecret (default=false)')
+  value       : true,
+  description : 'Link to libsecret (default=true)')
 
 option('gcr',
   type        : 'boolean',

pgpfS5l_U8bXz.pgp
Description: PGP signature

_______________________________________________
balsa-list mailing list
balsa-list@gnome.org
https://mail.gnome.org/mailman/listinfo/balsa-list