[kdeplasma-addons] 4.10.4-2
Rex Dieter
rdieter at fedoraproject.org
Mon Jun 3 17:48:31 UTC 2013
commit 07374257f4ea2ab765e5ad605623cf8202d1fb80
Author: Rex Dieter <rdieter at math.unl.edu>
Date: Mon Jun 3 12:48:20 2013 -0500
4.10.4-2
- spec cleanup
- Weak passwords generated by PasteMacroExpander (#969421,#969425)
0001-use-KRandom-avoid-modulo-bias.patch | 81 ++++++++++++++++++++++++++++++
kdeplasma-addons.spec | 27 ++++------
2 files changed, 91 insertions(+), 17 deletions(-)
---
diff --git a/0001-use-KRandom-avoid-modulo-bias.patch b/0001-use-KRandom-avoid-modulo-bias.patch
new file mode 100644
index 0000000..4c35d01
--- /dev/null
+++ b/0001-use-KRandom-avoid-modulo-bias.patch
@@ -0,0 +1,81 @@
+From 36a1fe49cb70f717c4a6e9eeee2c9186503a8dce Mon Sep 17 00:00:00 2001
+From: Aaron Seigo <aseigo at kde.org>
+Date: Mon, 3 Jun 2013 19:16:32 +0200
+Subject: use KRandom, avoid modulo bias
+
+---
+ applets/paste/pastemacroexpander.cpp | 29 ++++++++++++++++++++++-------
+ 1 file changed, 22 insertions(+), 7 deletions(-)
+
+diff --git a/applets/paste/pastemacroexpander.cpp b/applets/paste/pastemacroexpander.cpp
+index ea6163f..d0a8b49 100644
+--- a/applets/paste/pastemacroexpander.cpp
++++ b/applets/paste/pastemacroexpander.cpp
+@@ -27,6 +27,7 @@
+ #include <KDebug>
+ #include <KLocale>
+ #include <KMessageBox>
++#include <KRandom>
+
+ class PasteMacroExpanderSingleton
+ {
+@@ -142,35 +143,49 @@ QString PasteMacroExpander::password(const QString& args)
+ << "01234567890"
+ << "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
+
+- int charCount;
++ int charCount = 8;
+ QString chars;
+ QString result;
+
+ if (a.count() > 0) {
+- charCount = qMax(a[0].trimmed().toInt(), 1);
+- } else {
+- charCount = 8;
++ charCount = qMax(a[0].trimmed().toInt(), 8);
+ }
++
+ if (a.count() < 2) {
+ chars = characterSets.join("");
+ }
++
+ if (a.count() > 1) {
+ chars += (a[1].trimmed() == "true") ? characterSets[0] : "";
+ }
++
+ if (a.count() > 2) {
+ chars += (a[2].trimmed() == "true") ? characterSets[1] : "";
+ }
++
+ if (a.count() > 3) {
+ chars += (a[3].trimmed() == "true") ? characterSets[2] : "";
+ }
++
+ if (a.count() > 4) {
+ chars += (a[4].trimmed() == "true") ? characterSets[3] : "";
+ }
+
+- QDateTime now = QDateTime::currentDateTime();
+- qsrand(now.toTime_t() / now.time().msec());
++ const int setSize = chars.count();
++ const int top = (RAND_MAX / setSize) * setSize;
++ kDebug() << "topping out at " << setSize << RAND_MAX << top;
+ for (int i = 0; i < charCount; ++i) {
+- result += chars[qrand() % chars.count()];
++ // to prevent modulo bias, discard random numbers at the
++ // 'top end' of INT_MAX
++ int rand = -1;
++ do {
++ if (rand > 0) {
++ kDebug() << "Ha!" << rand;
++ }
++ rand = KRandom::random();
++ } while (rand >= top);
++
++ result += chars[rand % setSize];
+ }
+ //kDebug() << result;
+ return result;
+--
+1.8.2.1
+
diff --git a/kdeplasma-addons.spec b/kdeplasma-addons.spec
index 078ecd6..222bcb1 100644
--- a/kdeplasma-addons.spec
+++ b/kdeplasma-addons.spec
@@ -1,10 +1,9 @@
Name: kdeplasma-addons
Summary: Additional plasmoids for KDE
Version: 4.10.4
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
-Group: User Interface/Desktops
URL: http://www.kde.org/
%global revision %(echo %{version} | cut -d. -f3)
%if %{revision} >= 50
@@ -12,12 +11,12 @@ URL: http://www.kde.org/
%else
%global stable stable
%endif
-Source0: ftp://ftp.kde.org/pub/kde/%{stable}/%{version}/src/%{name}-%{version}.tar.xz
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Source0: http://download.kde.org/%{stable}/%{version}/src/%{name}-%{version}.tar.xz
## upstreamable patches
## upstream patches
+Patch101: 0001-use-KRandom-avoid-modulo-bias.patch
# rhel patches
Patch300: kdeplasma-addons-4.10.3-rhel.patch
@@ -71,7 +70,6 @@ Additional plasmoids for KDE.
%package libs
Summary: Runtime libraries for %{name}
-Group: System Environment/Libraries
Requires: %{name} = %{version}-%{release}
Requires: kdelibs4%{?_isa} >= %{version}
%description libs
@@ -79,7 +77,6 @@ Requires: kdelibs4%{?_isa} >= %{version}
%package devel
Summary: Developer files for %{name}
-Group: Development/Libraries
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Requires: kdelibs4-devel
Requires: plasma-devel
@@ -93,7 +90,6 @@ Summary: Plasma applet for input methods
%package -n plasma-wallpaper-marble
Summary: Marble wallpaper for kde-plasma
-Group: User Interface/Desktops
Requires: marble%{?_kde4_version: >= 1:%{_kde4_version}}
%description -n plasma-wallpaper-marble
%{summary}.
@@ -102,6 +98,8 @@ Requires: marble%{?_kde4_version: >= 1:%{_kde4_version}}
%prep
%setup -q -n kdeplasma-addons-%{version}%{?alphatag}
+%patch101 -p1 -b .0001
+
%if 0%{?rhel}
%patch300 -p1 -b .rhel
%endif
@@ -115,8 +113,8 @@ for icon in icons/*-action-youtube.* ; do
done
popd
-%build
+%build
mkdir -p %{_target_platform}
pushd %{_target_platform}
%{cmake_kde4} ..
@@ -126,18 +124,12 @@ make %{?_smp_mflags} -C %{_target_platform}
%install
-rm -rf %{buildroot}
-
make install/fast DESTDIR=%{buildroot} -C %{_target_platform}
## unpackaged files
rm -f %{buildroot}%{_kde4_libdir}/lib{plasma*,rtm}.so
-%clean
-rm -rf %{buildroot}
-
-
%post
touch --no-create %{_kde4_iconsdir}/hicolor &> /dev/null ||:
@@ -151,7 +143,6 @@ if [ $1 -eq 0 ] ; then
fi
%files
-%defattr(-,root,root,-)
%doc COPYING COPYING.LIB
%{_kde4_bindir}/lancelot
%{_kde4_appsdir}/bball/
@@ -397,7 +388,6 @@ fi
%postun libs -p /sbin/ldconfig
%files libs
-%defattr(-,root,root,-)
%{_kde4_libdir}/liblancelot.so.*
%{_kde4_libdir}/liblancelot-datamodels.so.*
%{_kde4_libdir}/libplasmapotdprovidercore.so.*
@@ -409,7 +399,6 @@ fi
%endif
%files devel
-%defattr(-,root,root,-)
%{_kde4_appsdir}/cmake/modules/FindLancelot-Datamodels.cmake
%{_kde4_appsdir}/cmake/modules/FindLancelot.cmake
%{_kde4_includedir}/lancelot/
@@ -437,6 +426,10 @@ fi
%changelog
+* Mon Jun 03 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.10.4-2
+- spec cleanup
+- Weak passwords generated by PasteMacroExpander (#969421,#969425)
+
* Sat Jun 01 2013 Rex Dieter <rdieter at fedoraproject.org> - 4.10.4-1
- 4.10.4
More information about the scm-commits
mailing list