From owner-freebsd-chromium@FreeBSD.ORG Mon May 27 05:37:56 2013 Return-Path: Delivered-To: chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id B651AF10 for ; Mon, 27 May 2013 05:37:56 +0000 (UTC) (envelope-from delivery@mx.sailthru.com) Received: from mx-fab-b.sailthru.com (mx-fab-b.sailthru.com [64.34.47.154]) by mx1.freebsd.org (Postfix) with ESMTP id 649DA272 for ; Mon, 27 May 2013 05:37:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; t=1369633073; s=sailthru; d=eu.fab.com; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:List-ID:List-Unsubscribe; bh=eQgK/VCHwOtnm1oLgLwqbiMVYMho7epYp5W9/HTjZI0=; b=V2EM2uvOFv4m2ojPPqco0O0FJbwxumvTw+IqMdho4Hc+j7aIEz7lhZ/zg2V4rN8f DqwU9dxzb7BeIshwGu1wwvDwp+aLCLNHdgPZFandMfVTIO6O3ObkrBMM2bueap+P4BO uw4dHRLPrexu6wtsHKvrKLDFdgzys2qKdkdJmC70= Date: Mon, 27 May 2013 01:37:53 -0400 (EDT) From: Fab To: chromium@freebsd.org Message-ID: <20130527053753.51a2f131d2f8807a46000289@sailthru.com> Subject: Invite from stripainaisjenots@inbox.lv to Fab MIME-Version: 1.0 X-TM-ID: 20130527053753.51a2f131d2f8807a46000289 X-Info: Message sent by sailthru.com customer Fab Europe X-Info: We do not permit unsolicited commercial email X-Info: Please report abuse by forwarding complete headers to X-Info: abuse@sailthru.com X-Mailer: sailthru.com X-IADB-IP: 64.34.47.154 X-IADB-IP-REVERSE: 154.47.34.64 X-IADB-URL: http://www.isipp.com/iadb.php X-Unsubscribe-Web: http://mailer.eu.fab.com/oc/518418df1e240a9c3f7210ea51a2f131d2f8807a46000289/5043f42a Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 May 2013 05:37:56 -0000 =C2=A0 =C2=A0 =C2=A0 If you are unable to see this message, click here to viewTo ensure delivery to = your inbox, please add info@eu.fab.com to your address book. =C2=A0 =C2=A0 Great News!chrom= ium@freebsd.org
Here's your exclus= ive invite from stripainaisjenots@inbox.lv to join FabFab provides daily = design inspirations and sales from the world's leading designers at prices up to 70% off retail. About Help Contact Us Return Policy Shipping Terms Privacy tw fb =C2=A0 If you believe this has been sent to you in error, please click to safely unsubscribe. From owner-freebsd-chromium@FreeBSD.ORG Mon May 27 11:06:22 2013 Return-Path: Delivered-To: chromium@FreeBSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 979C5221 for ; Mon, 27 May 2013 11:06:22 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 887B067E for ; Mon, 27 May 2013 11:06:22 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r4RB6Mhg015516 for ; Mon, 27 May 2013 11:06:22 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r4RB6M7E015514 for chromium@FreeBSD.org; Mon, 27 May 2013 11:06:22 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 27 May 2013 11:06:22 GMT Message-Id: <201305271106.r4RB6M7E015514@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: chromium@FreeBSD.org Subject: Current problem reports assigned to chromium@FreeBSD.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 May 2013 11:06:22 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- f ports/175369 chromium www/chromium: Chromimum Desktop Integration doesn't op o ports/165635 chromium www/chromium: 17.0.963.56: proxy isn't read by chrome f ports/165634 chromium www/chromium : 17.0.963.56 doesn't show physical print 3 problems total. From owner-freebsd-chromium@FreeBSD.ORG Wed May 29 08:50:02 2013 Return-Path: Delivered-To: chromium@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 26BF8583 for ; Wed, 29 May 2013 08:50:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 150DD6C8 for ; Wed, 29 May 2013 08:50:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r4T8o1Tn078250 for ; Wed, 29 May 2013 08:50:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r4T8o1xT078249; Wed, 29 May 2013 08:50:01 GMT (envelope-from gnats) Date: Wed, 29 May 2013 08:50:01 GMT Message-Id: <201305290850.r4T8o1xT078249@freefall.freebsd.org> To: chromium@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Subject: Re: ports/175369: commit references a PR X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: dfilter service List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 May 2013 08:50:02 -0000 The following reply was made to PR ports/175369; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: ports/175369: commit references a PR Date: Wed, 29 May 2013 08:42:01 +0000 (UTC) Author: rene Date: Wed May 29 08:41:47 2013 New Revision: 319360 URL: http://svnweb.freebsd.org/changeset/ports/319360 Log: Manually install the desktop file instead of using DESKTOP_ENTRIES, this allows to set the MimeTypes. PR: ports/175369 (still open) Submitted by: Lawrence Chen (lchen@zen.lhaven.homeip.net) The BSD Dreamer (beastie@tardisi.com) Added: head/www/chromium/files/chromium-browser.desktop.in (contents, props changed) Modified: head/www/chromium/Makefile head/www/chromium/pkg-plist Modified: head/www/chromium/Makefile ============================================================================== --- head/www/chromium/Makefile Wed May 29 08:30:12 2013 (r319359) +++ head/www/chromium/Makefile Wed May 29 08:41:47 2013 (r319360) @@ -42,7 +42,7 @@ RUN_DEPENDS= ${LOCALBASE}/lib/alsa-lib/l ONLY_FOR_ARCHS= i386 amd64 USE_XZ= yes -USES= bison pkgconfig +USES= bison pkgconfig desktop-file-utils USE_GMAKE= yes USE_PERL5_BUILD= yes USE_PYTHON_BUILD= 2.6+ @@ -50,9 +50,6 @@ USE_XORG= scrnsaverproto x11 xproto xscr USE_GNOME= glib20 gtk20 dconf libxslt MAN1= chrome.1 -DESKTOP_ENTRIES="Chromium" "Web browser" "${DATADIR}/product_logo_48.png" \ - "chrome %U" "Network;WebBrowser;GTK;" true - ALL_TARGET= chrome # See build/common.gypi for all the available variables. @@ -78,6 +75,10 @@ GYP_DEFINES+= use_cups=1 \ prefix_dir=${LOCALBASE} \ python_ver=${PYTHON_VER} +SUB_FILES= chromium-browser.desktop +SUB_LIST= COMMENT="${COMMENT}" \ + DATADIR=${DATADIR} + OPTIONS_DEFINE= CODECS GCONF PULSEAUDIO CLANG DEBUG CODECS_DESC= Compile and enable patented codecs like H.264 @@ -196,6 +197,7 @@ do-install: .endfor cd ${WRKSRC}/out/${BUILDTYPE} && \ ${COPYTREE_SHARE} "locales resources" ${DATADIR} + ${INSTALL_DATA} ${WRKDIR}/chromium-browser.desktop ${DESKTOPDIR} ${LN} -sf ${DATADIR}/chrome ${PREFIX}/bin post-install: Added: head/www/chromium/files/chromium-browser.desktop.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/chromium/files/chromium-browser.desktop.in Wed May 29 08:41:47 2013 (r319360) @@ -0,0 +1,11 @@ +[Desktop Entry] +Type=Application +Version=1.0 +Encoding=UTF-8 +Name=Chromium +Comment=%%COMMENT%% +Icon=%%DATADIR%%/product_logo_48.png +Exec=chrome %U +Categories=Application;Network;WebBrowser; +MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;/x-scheme-handler/https;x-scheme-handler/ftp; +StartupNotify=true Modified: head/www/chromium/pkg-plist ============================================================================== --- head/www/chromium/pkg-plist Wed May 29 08:30:12 2013 (r319359) +++ head/www/chromium/pkg-plist Wed May 29 08:41:47 2013 (r319360) @@ -1,4 +1,5 @@ bin/chrome +share/applications/chromium-browser.desktop %%DATADIR%%/chrome %%DATADIR%%/chrome-wrapper %%DATADIR%%/chrome.pak _______________________________________________ svn-ports-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-ports-all To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org" From owner-freebsd-chromium@FreeBSD.ORG Wed May 29 12:37:22 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id DEEBAAC2 for ; Wed, 29 May 2013 12:37:22 +0000 (UTC) (envelope-from r.c.ladan@gmail.com) Received: from mail-ea0-x229.google.com (mail-ea0-x229.google.com [IPv6:2a00:1450:4013:c01::229]) by mx1.freebsd.org (Postfix) with ESMTP id 77A2D8B2 for ; Wed, 29 May 2013 12:37:22 +0000 (UTC) Received: by mail-ea0-f169.google.com with SMTP id m14so5140870eaj.14 for ; Wed, 29 May 2013 05:37:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:content-type:content-transfer-encoding; bh=8ApHDp7fb4qWSRnhAs3SsFHX6YaACHKVz7S/zm6omko=; b=BTRy7Ev7UUAL2MH8LRaJuXSRRPNyND8os0J9hYnl4yOAt9/ilcDjvduNJjYKyGOccD qHUEH7NufvLwVgAR8HPXlaUj4OoWgLkX/9dX0/kSpA3xcwFW0kYaHqZ4MrK1xg/B5S++ ifXvRcmQ9tMwfJmJyCfUWwVi30+FXKLrVTxhzBaNDVmMsSznEelxbgRFvm7tqcf3Kpi4 hHkAjHZ1j4loFz2ifsTaa9vbLlp5L1IfiVQtkfmOoCSN43sO0eX6IM5qlTCriL4c9cZ7 dpyCf5IIylC4wt9c3oRw3Gkd1MalOYU1hNdQb+CpVRaW2XEyiU3p6OXIF5Hi5at6ri3R xAbA== X-Received: by 10.15.109.142 with SMTP id cf14mr2989144eeb.77.1369831041643; Wed, 29 May 2013 05:37:21 -0700 (PDT) Received: from ?IPv6:2001:980:d7ed:1:259b:f99c:b947:9f59? ([2001:980:d7ed:1:259b:f99c:b947:9f59]) by mx.google.com with ESMTPSA id l6sm53850084eef.12.2013.05.29.05.37.19 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 29 May 2013 05:37:20 -0700 (PDT) Sender: =?UTF-8?Q?Ren=C3=A9_Ladan?= Message-ID: <51A5F67F.3010706@freebsd.org> Date: Wed, 29 May 2013 14:37:19 +0200 From: =?ISO-8859-1?Q?Ren=E9_Ladan?= User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130516 Thunderbird/17.0.6 MIME-Version: 1.0 To: phajdan.jr@chromium.org, George Liaskos , freebsd-chromium@freebsd.org Subject: using API keys in the FreeBSD Chromium port X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 May 2013 12:37:22 -0000 Hi, the patch at [1] enables the use of FreeBSD API keys which allows things like Google Sync to work. However [3] states that these keys "are not for distribution purposes and must not be shared with other users". There has been some discussion about this on how to deal with this for source-based at [2], but it seems no consensus has been reached. Is it permitted to include these keys in the FreeBSD Ports Tree, and if not, are there any alternatives? Thanks, René o behalf of freebsd-chromium [1] https://github.com/gliaskos/freebsd-chromium/commit/8701e94cc54126d6907d7665b5181e5d53705d90 [2] https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/Qks4W0xLxqc [3] http://www.chromium.org/developers/how-tos/api-keys From owner-freebsd-chromium@FreeBSD.ORG Wed May 29 20:03:47 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 6C9F5EF7; Wed, 29 May 2013 20:03:47 +0000 (UTC) (envelope-from lkchen@k-state.edu) Received: from ksu-out.merit.edu (ksu-out.merit.edu [207.75.117.133]) by mx1.freebsd.org (Postfix) with ESMTP id 27AB8629; Wed, 29 May 2013 20:03:46 +0000 (UTC) X-Merit-ExtLoop1: 1 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AosGADtdplHPS3TT/2dsb2JhbABagwkwgzu+SYEKFnSCIwEBBSNWDA8aAg0ZAlkGEwmIBAynXolwiC6BJoxAeoJ9gRQDqHuDK4FOPQ X-IronPort-AV: E=Sophos;i="4.87,766,1363147200"; d="scan'208";a="926278968" X-MERIT-SOURCE: KSU Received: from ksu-sfpop-mailstore02.merit.edu ([207.75.116.211]) by sfpop-ironport05.merit.edu with ESMTP; 29 May 2013 16:00:00 -0400 Date: Wed, 29 May 2013 16:00:00 -0400 (EDT) From: "Lawrence K. Chen, P.Eng." To: =?utf-8?B?UmVuw6k=?= Ladan Message-ID: <805142494.21026729.1369857600745.JavaMail.root@k-state.edu> In-Reply-To: <51A5F67F.3010706@freebsd.org> Subject: Re: using API keys in the FreeBSD Chromium port MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [129.130.0.181] X-Mailer: Zimbra 7.2.2_GA_2852 (ZimbraWebClient - GC27 ([unknown])/7.2.2_GA_2852) Cc: freebsd-chromium@freebsd.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 May 2013 20:03:47 -0000 So, is this why sometimes chromium says I need to sign in again, but then l= eaves me endlessly trying to sign in? =20 I did see that gentoo has it in their ebuild file, with a note: # Note: these are for Gentoo use ONLY. For your own distribution, # please get your own set of keys. Feel free to contact chromium@ge= ntoo.org # for more info. I can't think of any way to avoid including the keys (in the clear or parti= ally obscured) in the ports tree....and avoid making it a RESTRICTED port a= nd having some hassle in providing an out-of-band means to control the dist= ribution of the info. ----- Original Message ----- > Hi, >=20 > the patch at [1] enables the use of FreeBSD API keys which allows > things > like Google Sync to work. However [3] states that these keys "are > not > for distribution purposes and must not be shared with other users". > There has been some discussion about this on how to deal with this > for > source-based at [2], but it seems no consensus has been reached. Is > it > permitted to include these keys in the FreeBSD Ports Tree, and if > not, > are there any alternatives? >=20 > Thanks, > Ren=C3=A9 o behalf of freebsd-chromium >=20 > [1] > https://github.com/gliaskos/freebsd-chromium/commit/8701e94cc54126d6907d7= 665b5181e5d53705d90 >=20 > [2] > https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromiu= m-dev/Qks4W0xLxqc >=20 > [3] http://www.chromium.org/developers/how-tos/api-keys From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 06:21:30 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id A8D3D959; Thu, 30 May 2013 06:21:30 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from anubis.delphij.net (anubis.delphij.net [64.62.153.212]) by mx1.freebsd.org (Postfix) with ESMTP id 956581A1; Thu, 30 May 2013 06:21:30 +0000 (UTC) Received: from delphij-macbook.local (unknown [IPv6:2001:470:83bf:0:d543:e77d:e6d0:cdd9]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by anubis.delphij.net (Postfix) with ESMTPSA id 1138913C9D; Wed, 29 May 2013 23:21:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis; t=1369894884; bh=tM/EejcthCeMjNbO04JftDBqeCHnE1UbGdHutV/kZ6Q=; h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To; b=0C637mKoApEi0y70GHxJF8Arudqg9fHIQC/wyInyEb7GMg99fjQbJM01f37U14eHg sT2JLKxC9uhbaQmbzYlCCqYEx+xmr2v6wXN6ZYmgjWt/vS6mfCV7XxHAON9oVBdv1s ty5fkbXb4cIkobOVJXHcVgrV8w3CRn/qlkesajvk= Message-ID: <51A6EFE3.7030306@delphij.net> Date: Wed, 29 May 2013 23:21:23 -0700 From: Xin Li Organization: The FreeBSD Project MIME-Version: 1.0 To: =?ISO-8859-1?Q?Ren=E9_Ladan?= Subject: Re: using API keys in the FreeBSD Chromium port References: <51A5F67F.3010706@freebsd.org> In-Reply-To: <51A5F67F.3010706@freebsd.org> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Cc: freebsd-chromium@freebsd.org, phajdan.jr@chromium.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: d@delphij.net List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 06:21:30 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 5/29/13 5:37 AM, René Ladan wrote: > Hi, > > the patch at [1] enables the use of FreeBSD API keys which allows > things like Google Sync to work. However [3] states that these > keys "are not for distribution purposes and must not be shared with > other users". There has been some discussion about this on how to > deal with this for source-based at [2], but it seems no consensus > has been reached. Is it permitted to include these keys in the > FreeBSD Ports Tree, and if not, are there any alternatives? What's the purpose of these keys? E.g. are they used to encrypt sensitive information, or are they used to identify that "this user is running this client, unchanged"? I personally don't think it's very practical to protect the key -- it has to be embedded into the binary some way, encrypted or encoded, or stored as plain text, and has to be decrypted/decoded to plain text before use, so anyone who do the due diligent would be able to get it, binary or source code. The only way to mitigate the problem, I think, would be to use a new key every new version and invalidate older ones from time to time, but that doesn't really solve the problem I guess. Cheers, -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJRpu/jAAoJEG80Jeu8UPuzRxoH/jm0XlV1KrviaxXBW303YaoF nqvJouXbt5qbgI7u/j3GSToJ/yUZLS0FT3OhLXEClven0nLj5sdR1Ru6EIjlKCwO 6wh6CbMhDhnn08crzFAD7jotDfcXDwX5yoqKsX1U6IE1it1t8K9Nx3nvVIca1bIS uMSWXpzNF8BPv9cOAjKm+NHAwsrm5qUOxuyiakNM2E/heRkF+6IG5AQwPd5WUKKS mUl5a8JnkvOf3T+ufFkkq9ehafHG9ADXkMiqvyW2BMb/e1ka6i8zazf6EX4Js19T tysv12ebw13vGqOXxSZ/62/gOhZJyc8siyPjybfmQ/nCnBiQmV2shBEE1uPO/mE= =Hi0t -----END PGP SIGNATURE----- From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 18:46:46 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id A6915C28; Thu, 30 May 2013 18:46:46 +0000 (UTC) (envelope-from geo.liaskos@gmail.com) Received: from mail-ea0-x231.google.com (mail-ea0-x231.google.com [IPv6:2a00:1450:4013:c01::231]) by mx1.freebsd.org (Postfix) with ESMTP id 19B23D4E; Thu, 30 May 2013 18:46:45 +0000 (UTC) Received: by mail-ea0-f177.google.com with SMTP id q14so721133eaj.8 for ; Thu, 30 May 2013 11:46:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=kp3k4nPX5XpTIL28Q0quJ6BMjnybym5jDEhPXFNXXLE=; b=PeiIQUXkpRegoCwoG2zVt2xmRdAIZGjN78UfT5QGEM7eKjLXyj/8CIOyzDIbU0KKy+ PjCwJgAMTMaSDjKvCW983/XcptyX2MsuEf6f7ecfpA5J0V4B5gWPgfgbTrJmb+c2NKVP VUWB1P5NFZdf/QNmg//tvS8lYDBAmAps+4XZ/Rk2hc2PXRxP+DqoztYelQiKGEAi0tBH FBZiJMkYnhjcRd5Nfs9YXDNRkb1NA19qYvD6M9i24jM0bkVTYIFsLc9D6j3M7OgS9QMB 6xv2OsaIgqhEErz6hxj12WVmpsMHj73c8EQF4PVemFwzOrcX8MgtHPWyzsJj6dnMengu Zo0g== MIME-Version: 1.0 X-Received: by 10.14.184.5 with SMTP id r5mr10766617eem.72.1369939605236; Thu, 30 May 2013 11:46:45 -0700 (PDT) Received: by 10.223.68.145 with HTTP; Thu, 30 May 2013 11:46:45 -0700 (PDT) In-Reply-To: <51A6EFE3.7030306@delphij.net> References: <51A5F67F.3010706@freebsd.org> <51A6EFE3.7030306@delphij.net> Date: Thu, 30 May 2013 18:46:45 +0000 Message-ID: Subject: Re: using API keys in the FreeBSD Chromium port From: George Liaskos To: d@delphij.net Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-chromium@freebsd.org, phajdan.jr@chromium.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 18:46:46 -0000 > > What's the purpose of these keys? E.g. are they used to encrypt > sensitive information, or are they used to identify that "this user is > running this client, unchanged"? > >From what i understand, the key should be unique per "derivative". It's used to identify the client, like User Agent one could say but with a quota on API calls. In this sense the "Official" Chromium port on FreeBSD should have a unique key. https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/Qks4W0xLxqc From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 19:22:10 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 554ED6BE for ; Thu, 30 May 2013 19:22:10 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) by mx1.freebsd.org (Postfix) with ESMTP id 3A7F4F40 for ; Thu, 30 May 2013 19:22:10 +0000 (UTC) Received: from zeta.ixsystems.com (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by anubis.delphij.net (Postfix) with ESMTPSA id A887EEA0F; Thu, 30 May 2013 12:22:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis; t=1369941729; bh=CzjU6rkY7XDKUs4RqSrsrsPhA+k3ibwzuVLIli7qN/I=; h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To; b=ISBO50GpO0HDEfSsN37IZL0SRC5LoSpyoTtyuEnONP3nuK7i8ovpLrLyhMUnpRU3P xGHWDsLSB2OejZ9hFrJDcavMh8PzS+oFLWw+pEBUSqZTaVNSeKGgtSRQRdVb+tsAef joHAnmDzjSUtInucWsGy+WR9Ahj/Dox1+Jd880zo= Message-ID: <51A7A6E1.3000104@delphij.net> Date: Thu, 30 May 2013 12:22:09 -0700 From: Xin Li Organization: The FreeBSD Project MIME-Version: 1.0 To: George Liaskos Subject: Re: using API keys in the FreeBSD Chromium port References: <51A5F67F.3010706@freebsd.org> <51A6EFE3.7030306@delphij.net> In-Reply-To: X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Kris Moore , freebsd-chromium@freebsd.org, d@delphij.net, phajdan.jr@chromium.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: d@delphij.net List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 19:22:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/30/13 11:46, George Liaskos wrote: >> >> What's the purpose of these keys? E.g. are they used to encrypt >> sensitive information, or are they used to identify that "this >> user is running this client, unchanged"? >> > > From what i understand, the key should be unique per "derivative". > It's used to identify the client, like User Agent one could say but > with a quota on API calls. > > In this sense the "Official" Chromium port on FreeBSD should have a > unique key. > > https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/Qks4W0xLxqc Ah, > ok so this is for identifying the client. I personally don't think this would work though. In order to do this, I think the only way would be: - Don't ship the port with a key. Instead, require the builder (currently everyone who runs FreeBSD) to acquire one for themselves. When the key is not present, don't build the features that requires an API key. - On FreeBSD package building cluster (as well as PC-BSD ones), deploy the "official" key and make binaries there. I don't see how this would even work as expected, though: the key is embedded in the binary and thus anyone who can run the binary and have debugging tools would be able to extract it. This situation is totally different from normal OAuth scenario, where API key is deployed on servers and protected from being accessed by average users, and the API provider can easily block misbehaving client when the key is "stolen". Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJRp6bhAAoJEG80Jeu8UPuzQusH/2ZmNiv70gPN3U/mioK+O827 lTvIo1ljPQudNwco+EcXxHinJmKYj36dKxtmU4ByJQmpCazBRRufzc0Zc6dZd2FX v5cwc6QQH9o0gAFafZS1nPxREoBoBQNmxtyutxjseeEqs+e0zbxix4RQJorZXNgE I2VyOwiVyxeCaeooa83h/0ll0AkQYn9ny/lDJUoph3rq1nGgX8esIO4XdVORXFPJ mHeixoI+aRtZ963p4T9ljEnJ4yP+nVqIcpsdL8nHQOdiPuNnNdc79AE4d7RhAaaF LQ3wdj9tRsA3cgmUGe37jkT3VuGEhIi6jci+W1k2uyiecqy4Qfs2lNdj+MOcOPA= =OYyE -----END PGP SIGNATURE----- From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 19:45:23 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 80FAED2 for ; Thu, 30 May 2013 19:45:23 +0000 (UTC) (envelope-from geo.liaskos@gmail.com) Received: from mail-ea0-x22c.google.com (mail-ea0-x22c.google.com [IPv6:2a00:1450:4013:c01::22c]) by mx1.freebsd.org (Postfix) with ESMTP id 1A78F143 for ; Thu, 30 May 2013 19:45:22 +0000 (UTC) Received: by mail-ea0-f172.google.com with SMTP id d10so762746eaj.17 for ; Thu, 30 May 2013 12:45:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nQHnWDmCv+2T5VOHdMMjOKA9ucQjm0usXVtATCTFIp8=; b=ijxSVS/9SmTxvGMK/VqG9jEQBcxMUFBGF1wkTTzp6TzD0/IQGCWBvOuWF0xGphm4cc UpTREIoAYQn5G54NAIXvpjvnA3jLJne1U8Z7ceqIYsLwW0EYf0LoU7YtZFL3y4lDIrdZ HE8ZcrdSqbhHRAD4WDTqyZzaA9ke5kB0iL0VPrzCBwPEaKHB1yrSOk8F/dKgfzTabyXY WeY8kztk942z8KUCtM9zgE2xO3ZkbkIBAAWjTYJX8gNkDTJlJjr7kH3YZ7LW/46J+Uov Xoi+UVp/k3UBtz9DfUR3oOz6ZjGT4AYNVYghMjj9Me+7MASlQhj1qMe4pYs9kskjzGr5 mjkA== MIME-Version: 1.0 X-Received: by 10.15.74.193 with SMTP id j41mr10750901eey.69.1369943122190; Thu, 30 May 2013 12:45:22 -0700 (PDT) Received: by 10.223.68.145 with HTTP; Thu, 30 May 2013 12:45:22 -0700 (PDT) In-Reply-To: <51A7A6E1.3000104@delphij.net> References: <51A5F67F.3010706@freebsd.org> <51A6EFE3.7030306@delphij.net> <51A7A6E1.3000104@delphij.net> Date: Thu, 30 May 2013 19:45:22 +0000 Message-ID: Subject: Re: using API keys in the FreeBSD Chromium port From: George Liaskos To: d@delphij.net Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-chromium@freebsd.org, Kris Moore , phajdan.jr@chromium.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 19:45:23 -0000 > > > - Don't ship the port with a key. Instead, require the builder > (currently everyone who runs FreeBSD) to acquire one for themselves. > When the key is not present, don't build the features that requires an > API key. > - On FreeBSD package building cluster (as well as PC-BSD ones), > deploy the "official" key and make binaries there. > > I don't see how this would even work as expected, though: the key is > embedded in the binary and thus anyone who can run the binary and have > debugging tools would be able to extract it. This situation is > totally different from normal OAuth scenario, where API key is > deployed on servers and protected from being accessed by average > users, and the API provider can easily block misbehaving client when > the key is "stolen". I may be wrong but i don't think that this is feasible, you can not expect every enduser to generate keys so he can use the browser. We just need a key that will be "blessed" as official for FreeBSD, just like Debian [0], Gentoo [1], Arch [2] and others have done. [0] http://anonscm.debian.org/gitweb/?p=pkg-chromium/pkg-chromium.git;a=blob;f=debian/rules;hb=HEAD [1] http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/www-client/chromium/chromium-9999-r1.ebuild?view=markup [2] https://projects.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/chromium From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 20:23:51 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 36081FE8 for ; Thu, 30 May 2013 20:23:51 +0000 (UTC) (envelope-from phajdan.jr@gmail.com) Received: from mail-vb0-x22f.google.com (mail-vb0-x22f.google.com [IPv6:2607:f8b0:400c:c02::22f]) by mx1.freebsd.org (Postfix) with ESMTP id E7E8A392 for ; Thu, 30 May 2013 20:23:50 +0000 (UTC) Received: by mail-vb0-f47.google.com with SMTP id x13so496582vbb.6 for ; Thu, 30 May 2013 13:23:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=CR1xVbRlFDMvvj8PphtfMpbCzZhDjS+PFhz0uw0rqko=; b=gv+KYzm3CoIGtLQdLA1gDUKByQyoWwJZtyjyW4riqFvdOJm5HAJS4GXDUIuHvbsVlR +M+oFaCXtGs1ha+SAbXTJKT/W5TpoZIHHavG4XYbs111Bv+5KY7J2z4k7DvrHV+BAo// /RlhBgxWXYyk9fxnytPskN+RpO8C5KMk3wTEne3l9LYnY1MLgssCEXzQhEtF6f6m0BCI TMfuU3VDJXPrVupwo1Q3qov6z/HHixz6PXdDWgtEy2e8t9kEai49B2kuMkybo+QOaySB xSdIWxm1g4x+JYYDmTdG3fbtql3yRxuzWYyHZ7nxWCgN/Ja98V5NCzB58IpqRoUvoFtU ZtkQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; bh=CR1xVbRlFDMvvj8PphtfMpbCzZhDjS+PFhz0uw0rqko=; b=UFKw9TEAAwTwlGzRA7kRMGeAmQIZmELar9o6fXtwBbNJLZSGsMxSXxQ4owLwPvKzK8 CppN+S246Vrx/matzayHUMUPiRvgbfxlYXplesihMcmLLk1UnDs6buF5dVmo2g0TUC5+ hbJvmul4im/3IKlh8I7BoADCV6wE11L1wzyWk= X-Received: by 10.52.16.201 with SMTP id i9mr6026854vdd.58.1369945430422; Thu, 30 May 2013 13:23:50 -0700 (PDT) MIME-Version: 1.0 Sender: phajdan.jr@gmail.com Received: by 10.58.133.234 with HTTP; Thu, 30 May 2013 13:23:30 -0700 (PDT) In-Reply-To: <51A7A6E1.3000104@delphij.net> References: <51A5F67F.3010706@freebsd.org> <51A6EFE3.7030306@delphij.net> <51A7A6E1.3000104@delphij.net> From: =?UTF-8?B?UGF3ZcWCIEhhamRhbiwgSnIu?= Date: Thu, 30 May 2013 13:23:30 -0700 X-Google-Sender-Auth: xS0Haimw53aAhoIvxPbqeA3ht4U Message-ID: Subject: Re: using API keys in the FreeBSD Chromium port To: d@delphij.net Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-chromium@freebsd.org, Kris Moore X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 20:23:51 -0000 Ren=C3=A9 should now have an official response from an @google.com e-mail. Please let me know if after that there are still some issues - and consider https://groups.google.com/a/chromium.org/forum/#!forum/chromium-packagersfo= r further questions. :) Pawe=C5=82 On Thu, May 30, 2013 at 12:22 PM, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 05/30/13 11:46, George Liaskos wrote: > >> > >> What's the purpose of these keys? E.g. are they used to encrypt > >> sensitive information, or are they used to identify that "this > >> user is running this client, unchanged"? > >> > > > > From what i understand, the key should be unique per "derivative". > > It's used to identify the client, like User Agent one could say but > > with a quota on API calls. > > > > In this sense the "Official" Chromium port on FreeBSD should have a > > unique key. > > > > > https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromiu= m-dev/Qks4W0xLxqc > > Ah, > > > ok so this is for identifying the client. I personally don't > think this would work though. > > In order to do this, I think the only way would be: > > - Don't ship the port with a key. Instead, require the builder > (currently everyone who runs FreeBSD) to acquire one for themselves. > When the key is not present, don't build the features that requires an > API key. > - On FreeBSD package building cluster (as well as PC-BSD ones), > deploy the "official" key and make binaries there. > > I don't see how this would even work as expected, though: the key is > embedded in the binary and thus anyone who can run the binary and have > debugging tools would be able to extract it. This situation is > totally different from normal OAuth scenario, where API key is > deployed on servers and protected from being accessed by average > users, and the API provider can easily block misbehaving client when > the key is "stolen". > > Cheers, > - -- > Xin LI https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > -----BEGIN PGP SIGNATURE----- > > iQEcBAEBCgAGBQJRp6bhAAoJEG80Jeu8UPuzQusH/2ZmNiv70gPN3U/mioK+O827 > lTvIo1ljPQudNwco+EcXxHinJmKYj36dKxtmU4ByJQmpCazBRRufzc0Zc6dZd2FX > v5cwc6QQH9o0gAFafZS1nPxREoBoBQNmxtyutxjseeEqs+e0zbxix4RQJorZXNgE > I2VyOwiVyxeCaeooa83h/0ll0AkQYn9ny/lDJUoph3rq1nGgX8esIO4XdVORXFPJ > mHeixoI+aRtZ963p4T9ljEnJ4yP+nVqIcpsdL8nHQOdiPuNnNdc79AE4d7RhAaaF > LQ3wdj9tRsA3cgmUGe37jkT3VuGEhIi6jci+W1k2uyiecqy4Qfs2lNdj+MOcOPA=3D > =3DOYyE > -----END PGP SIGNATURE----- > From owner-freebsd-chromium@FreeBSD.ORG Thu May 30 22:28:01 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 1188B3BD for ; Thu, 30 May 2013 22:28:01 +0000 (UTC) (envelope-from lkchen@k-state.edu) Received: from ksu-out.merit.edu (ksu-out.merit.edu [207.75.117.132]) by mx1.freebsd.org (Postfix) with ESMTP id D1E03ECE for ; Thu, 30 May 2013 22:28:00 +0000 (UTC) X-Merit-ExtLoop1: 1 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AlQJADTRp1HPS3TT/2dsb2JhbABagwkwgzu8HwR+FnSCIwEBBSNWDA8ODAINGQJZBhyIBAypPolliAeBJox3g0mBFAOYZ5AXgyuCCw X-IronPort-AV: E=Sophos;i="4.87,773,1363147200"; d="scan'208";a="66631063" X-MERIT-SOURCE: KSU Received: from ksu-sfpop-mailstore02.merit.edu ([207.75.116.211]) by sfpop-ironport04.merit.edu with ESMTP; 30 May 2013 18:28:00 -0400 Date: Thu, 30 May 2013 18:28:00 -0400 (EDT) From: "Lawrence K. Chen, P.Eng." To: George Liaskos Message-ID: <1239531525.21357067.1369952880052.JavaMail.root@k-state.edu> In-Reply-To: Subject: Re: using API keys in the FreeBSD Chromium port MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [70.179.144.108] X-Mailer: Zimbra 7.2.2_GA_2852 (ZimbraWebClient - GC27 ([unknown])/7.2.2_GA_2852) Cc: freebsd-chromium@freebsd.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 22:28:01 -0000 ----- Original Message ----- > > > > > > - Don't ship the port with a key. Instead, require the builder > > (currently everyone who runs FreeBSD) to acquire one for > > themselves. > > When the key is not present, don't build the features that requires > > an > > API key. > > - On FreeBSD package building cluster (as well as PC-BSD ones), > > deploy the "official" key and make binaries there. > > > > I don't see how this would even work as expected, though: the key > > is > > embedded in the binary and thus anyone who can run the binary and > > have > > debugging tools would be able to extract it. This situation is > > totally different from normal OAuth scenario, where API key is > > deployed on servers and protected from being accessed by average > > users, and the API provider can easily block misbehaving client > > when > > the key is "stolen". > > > I may be wrong but i don't think that this is feasible, you can not > expect > every enduser to generate keys so he can use the browser. > > We just need a key that will be "blessed" as official for FreeBSD, > just > like Debian [0], Gentoo [1], Arch [2] and others have done. > > [0] > http://anonscm.debian.org/gitweb/?p=pkg-chromium/pkg-chromium.git;a=blob;f=debian/rules;hb=HEAD > [1] > http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/www-client/chromium/chromium-9999-r1.ebuild?view=markup > [2] > https://projects.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/chromium And, presumably https://github.com/gliaskos/freebsd-chromium/commit/8701e94cc54126d6907d7665b5181e5d53705d90 is the official FreeBSD one. But the question is whether how Debian/Gentoo/Arch, and now FreeBSD, are distributing the keys in violation of http://www.chromium.org/developers/how-tos/api-keys "Note that the keys you have now acquired are not for distribution purposes and must not be shared with other users." I see geolocation is part api keys..is that why it hasn't been working since 23? Wonder if everybody who runs FreeBSD could just join the FreeBSD team and see the key?