- Update to 2.31.92
- Built against gtk3
This commit is contained in:
parent
2c91fc77d8
commit
1491244d5b
File diff suppressed because it is too large
Load Diff
@ -1,259 +0,0 @@
|
|||||||
From d30630070b2e7f6173ea872f45bb47b70948e796 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stef@memberwebs.com>
|
|
||||||
Date: Sat, 20 Mar 2010 02:19:44 +0000
|
|
||||||
Subject: [secret-store] Don't save session keyring to disk.
|
|
||||||
|
|
||||||
There was a major problem where the session keyring was being saved
|
|
||||||
to disk, and since it had to master password, as a cleartext keyring
|
|
||||||
|
|
||||||
Mark the session keyring as transient so it doesn't even come near
|
|
||||||
the storage code. Also rework the collection storage code, so that
|
|
||||||
it properly handles various corner cases.
|
|
||||||
|
|
||||||
Fixes bug #612977
|
|
||||||
---
|
|
||||||
diff --git a/pkcs11/gck/gck-object.c b/pkcs11/gck/gck-object.c
|
|
||||||
index a568042..a2d03e2 100644
|
|
||||||
--- a/pkcs11/gck/gck-object.c
|
|
||||||
+++ b/pkcs11/gck/gck-object.c
|
|
||||||
@@ -41,7 +41,8 @@ enum {
|
|
||||||
PROP_MODULE,
|
|
||||||
PROP_MANAGER,
|
|
||||||
PROP_STORE,
|
|
||||||
- PROP_UNIQUE
|
|
||||||
+ PROP_UNIQUE,
|
|
||||||
+ PROP_TRANSIENT
|
|
||||||
};
|
|
||||||
|
|
||||||
enum {
|
|
||||||
@@ -201,6 +202,13 @@ find_credential (GckCredential *cred, GckObject *object, gpointer user_data)
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void
|
|
||||||
+mark_object_transient (GckObject *self)
|
|
||||||
+{
|
|
||||||
+ if (!self->pv->transient)
|
|
||||||
+ self->pv->transient = g_slice_new0 (GckObjectTransient);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
/* -----------------------------------------------------------------------------
|
|
||||||
* OBJECT
|
|
||||||
*/
|
|
||||||
@@ -337,7 +345,7 @@ gck_object_real_create_attributes (GckObject *self, GckSession *session,
|
|
||||||
CKA_G_DESTRUCT_IDLE, CKA_GNOME_TRANSIENT, G_MAXULONG);
|
|
||||||
|
|
||||||
if (transient) {
|
|
||||||
- self->pv->transient = g_slice_new0 (GckObjectTransient);
|
|
||||||
+ mark_object_transient (self);
|
|
||||||
self->pv->transient->timed_after = after;
|
|
||||||
self->pv->transient->timed_idle = idle;
|
|
||||||
}
|
|
||||||
@@ -481,6 +489,11 @@ gck_object_set_property (GObject *obj, guint prop_id, const GValue *value,
|
|
||||||
g_return_if_fail (!self->pv->unique);
|
|
||||||
self->pv->unique = g_value_dup_string (value);
|
|
||||||
break;
|
|
||||||
+ case PROP_TRANSIENT:
|
|
||||||
+ g_return_if_fail (!self->pv->transient);
|
|
||||||
+ if (g_value_get_boolean (value))
|
|
||||||
+ mark_object_transient (self);
|
|
||||||
+ break;
|
|
||||||
default:
|
|
||||||
G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
|
|
||||||
break;
|
|
||||||
@@ -510,6 +523,9 @@ gck_object_get_property (GObject *obj, guint prop_id, GValue *value,
|
|
||||||
case PROP_UNIQUE:
|
|
||||||
g_value_set_string (value, gck_object_get_unique (self));
|
|
||||||
break;
|
|
||||||
+ case PROP_TRANSIENT:
|
|
||||||
+ g_value_set_boolean (value, gck_object_is_transient (self));
|
|
||||||
+ break;
|
|
||||||
default:
|
|
||||||
G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
|
|
||||||
break;
|
|
||||||
@@ -556,7 +572,11 @@ gck_object_class_init (GckObjectClass *klass)
|
|
||||||
g_object_class_install_property (gobject_class, PROP_UNIQUE,
|
|
||||||
g_param_spec_string ("unique", "Unique Identifer", "Machine unique identifier",
|
|
||||||
NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+ g_object_class_install_property (gobject_class, PROP_TRANSIENT,
|
|
||||||
+ g_param_spec_boolean ("transient", "Transient Object", "Transient Object",
|
|
||||||
+ FALSE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
||||||
+
|
|
||||||
signals[EXPOSE_OBJECT] = g_signal_new ("expose-object", GCK_TYPE_OBJECT,
|
|
||||||
G_SIGNAL_RUN_FIRST, G_STRUCT_OFFSET (GckObjectClass, expose_object),
|
|
||||||
NULL, NULL, g_cclosure_marshal_VOID__BOOLEAN,
|
|
||||||
diff --git a/pkcs11/secret-store/gck-secret-module.c b/pkcs11/secret-store/gck-secret-module.c
|
|
||||||
index 5b08008..c3cba91 100644
|
|
||||||
--- a/pkcs11/secret-store/gck-secret-module.c
|
|
||||||
+++ b/pkcs11/secret-store/gck-secret-module.c
|
|
||||||
@@ -42,10 +42,7 @@ struct _GckSecretModule {
|
|
||||||
GckFileTracker *tracker;
|
|
||||||
GHashTable *collections;
|
|
||||||
gchar *directory;
|
|
||||||
-
|
|
||||||
- /* Special 'session' keyring */
|
|
||||||
GckCredential *session_credential;
|
|
||||||
- GckSecretCollection *session_collection;
|
|
||||||
};
|
|
||||||
|
|
||||||
static const CK_SLOT_INFO gck_secret_module_slot_info = {
|
|
||||||
@@ -301,42 +298,52 @@ gck_secret_module_real_refresh_token (GckModule *base)
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
|
||||||
+gck_secret_module_real_add_object (GckModule *module, GckTransaction *transaction,
|
|
||||||
+ GckObject *object)
|
|
||||||
+{
|
|
||||||
+ GckSecretModule *self = GCK_SECRET_MODULE (module);
|
|
||||||
+ GckSecretCollection *collection;
|
|
||||||
+ const gchar *identifier;
|
|
||||||
+ gchar *filename;
|
|
||||||
+
|
|
||||||
+ g_return_if_fail (!gck_transaction_get_failed (transaction));
|
|
||||||
+
|
|
||||||
+ if (GCK_IS_SECRET_COLLECTION (object)) {
|
|
||||||
+ collection = GCK_SECRET_COLLECTION (object);
|
|
||||||
+
|
|
||||||
+ /* Setup a filename for this collection */
|
|
||||||
+ identifier = gck_secret_object_get_identifier (GCK_SECRET_OBJECT (collection));
|
|
||||||
+ filename = identifier_to_new_filename (self, identifier);
|
|
||||||
+ gck_secret_collection_set_filename (collection, filename);
|
|
||||||
+ g_free (filename);
|
|
||||||
+
|
|
||||||
+ add_collection (self, transaction, collection);
|
|
||||||
+ }
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static void
|
|
||||||
gck_secret_module_real_store_object (GckModule *module, GckTransaction *transaction,
|
|
||||||
GckObject *object)
|
|
||||||
{
|
|
||||||
GckSecretModule *self = GCK_SECRET_MODULE (module);
|
|
||||||
GckSecretCollection *collection = NULL;
|
|
||||||
- const gchar *identifier;
|
|
||||||
- gchar *filename;
|
|
||||||
|
|
||||||
- /* Storing an item */
|
|
||||||
+ /* Store the item's collection */
|
|
||||||
if (GCK_IS_SECRET_ITEM (object)) {
|
|
||||||
collection = gck_secret_item_get_collection (GCK_SECRET_ITEM (object));
|
|
||||||
g_return_if_fail (GCK_IS_SECRET_COLLECTION (collection));
|
|
||||||
+ gck_module_store_token_object (GCK_MODULE (self), transaction, GCK_OBJECT (collection));
|
|
||||||
|
|
||||||
/* Storing a collection */
|
|
||||||
} else if (GCK_IS_SECRET_COLLECTION (object)) {
|
|
||||||
collection = GCK_SECRET_COLLECTION (object);
|
|
||||||
- }
|
|
||||||
+ gck_secret_collection_save (collection, transaction);
|
|
||||||
|
|
||||||
/* No other kind of token object */
|
|
||||||
- if (collection == NULL) {
|
|
||||||
+ } else {
|
|
||||||
g_warning ("can't store object of type '%s' on secret token", G_OBJECT_TYPE_NAME (object));
|
|
||||||
gck_transaction_fail (transaction, CKR_GENERAL_ERROR);
|
|
||||||
- return;
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
- /* Setup a filename for this collection */
|
|
||||||
- if (!gck_secret_collection_get_filename (collection)) {
|
|
||||||
- identifier = gck_secret_object_get_identifier (GCK_SECRET_OBJECT (collection));
|
|
||||||
- filename = identifier_to_new_filename (self, identifier);
|
|
||||||
- gck_secret_collection_set_filename (collection, filename);
|
|
||||||
- g_free (filename);
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- gck_secret_collection_save (collection, transaction);
|
|
||||||
- if (!gck_transaction_get_failed (transaction))
|
|
||||||
- add_collection (self, transaction, collection);
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
|
||||||
@@ -351,11 +358,6 @@ gck_secret_module_real_remove_object (GckModule *module, GckTransaction *transac
|
|
||||||
GCK_OBJECT (self->session_credential) == object)
|
|
||||||
return;
|
|
||||||
|
|
||||||
- /* Ignore the session keyring collection */
|
|
||||||
- if (self->session_collection != NULL &&
|
|
||||||
- GCK_OBJECT (self->session_collection) == object)
|
|
||||||
- return;
|
|
||||||
-
|
|
||||||
/* Removing an item */
|
|
||||||
if (GCK_IS_SECRET_ITEM (object)) {
|
|
||||||
collection = gck_secret_item_get_collection (GCK_SECRET_ITEM (object));
|
|
||||||
@@ -384,6 +386,7 @@ gck_secret_module_constructor (GType type, guint n_props, GObjectConstructParam
|
|
||||||
{
|
|
||||||
GckSecretModule *self = GCK_SECRET_MODULE (G_OBJECT_CLASS (gck_secret_module_parent_class)->constructor(type, n_props, props));
|
|
||||||
GckManager *manager;
|
|
||||||
+ GckObject *collection;
|
|
||||||
CK_RV rv;
|
|
||||||
|
|
||||||
g_return_val_if_fail (self, NULL);
|
|
||||||
@@ -401,22 +404,27 @@ gck_secret_module_constructor (GType type, guint n_props, GObjectConstructParam
|
|
||||||
|
|
||||||
manager = gck_module_get_manager (GCK_MODULE (self));
|
|
||||||
|
|
||||||
+ collection = g_object_new (GCK_TYPE_SECRET_COLLECTION,
|
|
||||||
+ "module", self,
|
|
||||||
+ "identifier", "session",
|
|
||||||
+ "manager", manager,
|
|
||||||
+ "transient", TRUE,
|
|
||||||
+ NULL);
|
|
||||||
+
|
|
||||||
/* Create the 'session' keyring, which is not stored to disk */
|
|
||||||
- self->session_collection = g_object_new (GCK_TYPE_SECRET_COLLECTION,
|
|
||||||
- "module", self,
|
|
||||||
- "identifier", "session",
|
|
||||||
- "manager", manager,
|
|
||||||
- NULL);
|
|
||||||
- gck_object_expose (GCK_OBJECT (self->session_collection), TRUE);
|
|
||||||
+ g_return_val_if_fail (gck_object_is_transient (collection), NULL);
|
|
||||||
+ gck_module_add_token_object (GCK_MODULE (self), NULL, collection);
|
|
||||||
+ gck_object_expose (collection, TRUE);
|
|
||||||
|
|
||||||
/* Unlock the 'session' keyring */
|
|
||||||
- rv = gck_credential_create (GCK_MODULE (self), manager, GCK_OBJECT (self->session_collection),
|
|
||||||
+ rv = gck_credential_create (GCK_MODULE (self), manager, GCK_OBJECT (collection),
|
|
||||||
NULL, 0, &self->session_credential);
|
|
||||||
if (rv == CKR_OK)
|
|
||||||
gck_object_expose (GCK_OBJECT (self->session_credential), TRUE);
|
|
||||||
else
|
|
||||||
g_warning ("couldn't unlock the 'session' keyring");
|
|
||||||
|
|
||||||
+ g_object_unref (collection);
|
|
||||||
return G_OBJECT (self);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -438,10 +446,6 @@ gck_secret_module_dispose (GObject *obj)
|
|
||||||
g_object_unref (self->tracker);
|
|
||||||
self->tracker = NULL;
|
|
||||||
|
|
||||||
- if (self->session_collection)
|
|
||||||
- g_object_unref (self->session_collection);
|
|
||||||
- self->session_collection = NULL;
|
|
||||||
-
|
|
||||||
if (self->session_credential)
|
|
||||||
g_object_unref (self->session_credential);
|
|
||||||
self->session_credential = NULL;
|
|
||||||
@@ -465,7 +469,6 @@ gck_secret_module_finalize (GObject *obj)
|
|
||||||
self->directory = NULL;
|
|
||||||
|
|
||||||
g_assert (!self->session_credential);
|
|
||||||
- g_assert (!self->session_collection);
|
|
||||||
|
|
||||||
G_OBJECT_CLASS (gck_secret_module_parent_class)->finalize (obj);
|
|
||||||
}
|
|
||||||
@@ -484,8 +487,9 @@ gck_secret_module_class_init (GckSecretModuleClass *klass)
|
|
||||||
module_class->get_token_info = gck_secret_module_real_get_token_info;
|
|
||||||
module_class->parse_argument = gck_secret_module_real_parse_argument;
|
|
||||||
module_class->refresh_token = gck_secret_module_real_refresh_token;
|
|
||||||
- module_class->remove_token_object = gck_secret_module_real_remove_object;
|
|
||||||
+ module_class->add_token_object = gck_secret_module_real_add_object;
|
|
||||||
module_class->store_token_object = gck_secret_module_real_store_object;
|
|
||||||
+ module_class->remove_token_object = gck_secret_module_real_remove_object;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* ---------------------------------------------------------------------------------------
|
|
||||||
--
|
|
||||||
cgit v0.8.3.1
|
|
@ -1,335 +0,0 @@
|
|||||||
From d864698a290c55d1ccda5cc20946894ade5e827d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stef@memberwebs.com>
|
|
||||||
Date: Sun, 21 Mar 2010 15:55:51 +0000
|
|
||||||
Subject: [login] Fix various issues storing and using auto unlock passwords.
|
|
||||||
|
|
||||||
* Unwrap secrets directly into login keyring for auto unlock.
|
|
||||||
* Fix various corner cases using auto unlock stuff in login keyring.
|
|
||||||
---
|
|
||||||
diff --git a/daemon/dbus/gkd-secret-session.c b/daemon/dbus/gkd-secret-session.c
|
|
||||||
index 80cd054..73551df 100644
|
|
||||||
--- a/daemon/dbus/gkd-secret-session.c
|
|
||||||
+++ b/daemon/dbus/gkd-secret-session.c
|
|
||||||
@@ -730,6 +730,8 @@ gkd_secret_session_create_credential (GkdSecretSession *self, GP11Session *sessi
|
|
||||||
}
|
|
||||||
g_clear_error (&error);
|
|
||||||
return NULL;
|
|
||||||
+ } else {
|
|
||||||
+ gp11_object_set_session (object, session);
|
|
||||||
}
|
|
||||||
|
|
||||||
return object;
|
|
||||||
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
index 8a70ddc..f5df63b 100644
|
|
||||||
--- a/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
+++ b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
@@ -247,43 +247,35 @@ check_locked_collection (GP11Object *collection, gboolean *locked)
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
|
||||||
-attach_credential_to_login (GP11Object *collection, GP11Object *cred)
|
|
||||||
+attach_unlock_to_login (GP11Object *collection, GkdSecretSecret *master)
|
|
||||||
{
|
|
||||||
- GError *error = NULL;
|
|
||||||
+ DBusError derr = DBUS_ERROR_INIT;
|
|
||||||
GP11Attributes *attrs;
|
|
||||||
- gpointer value;
|
|
||||||
- gsize n_value;
|
|
||||||
+ GP11Object *cred;
|
|
||||||
gchar *location;
|
|
||||||
gchar *label;
|
|
||||||
|
|
||||||
g_assert (GP11_IS_OBJECT (collection));
|
|
||||||
- g_assert (GP11_IS_OBJECT (cred));
|
|
||||||
|
|
||||||
+ /* Relevant information for the unlock item */
|
|
||||||
attrs = attributes_for_collection (collection);
|
|
||||||
g_return_if_fail (attrs);
|
|
||||||
-
|
|
||||||
location = location_string_for_attributes (attrs);
|
|
||||||
label = label_string_for_attributes (attrs);
|
|
||||||
gp11_attributes_unref (attrs);
|
|
||||||
|
|
||||||
- value = gp11_object_get_data_full (cred, CKA_VALUE, egg_secure_realloc, NULL, &n_value, &error);
|
|
||||||
- if (value) {
|
|
||||||
- if (g_utf8_validate (value, n_value, NULL))
|
|
||||||
- gkd_login_attach_secret (label, value, "keyring", location, NULL);
|
|
||||||
- else
|
|
||||||
- g_warning ("couldn't save non utf-8 unlock credentials in login keyring");
|
|
||||||
- egg_secure_clear (value, n_value);
|
|
||||||
- egg_secure_free (value);
|
|
||||||
-
|
|
||||||
- } else {
|
|
||||||
- if (!g_error_matches (error, GP11_ERROR, CKR_USER_NOT_LOGGED_IN))
|
|
||||||
- g_warning ("couldn't read unlock credentials to save in login keyring: %s",
|
|
||||||
- egg_error_message (error));
|
|
||||||
- g_clear_error (&error);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
+ attrs = gkd_login_attach_make_attributes (label, "keyring", location, NULL);
|
|
||||||
g_free (location);
|
|
||||||
g_free (label);
|
|
||||||
+
|
|
||||||
+ cred = gkd_secret_session_create_credential (master->session, NULL, attrs, master, &derr);
|
|
||||||
+ gp11_attributes_unref (attrs);
|
|
||||||
+ g_object_unref (cred);
|
|
||||||
+
|
|
||||||
+ if (!cred) {
|
|
||||||
+ g_warning ("couldn't save unlock password in login collection: %s", derr.message);
|
|
||||||
+ dbus_error_free (&derr);
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
|
|
||||||
static void
|
|
||||||
@@ -304,6 +296,7 @@ authenticate_collection (GkdSecretUnlock *self, GP11Object *collection, gboolean
|
|
||||||
GP11Attribute *attr;
|
|
||||||
GP11Object *cred;
|
|
||||||
gboolean transient;
|
|
||||||
+ gboolean result;
|
|
||||||
|
|
||||||
g_assert (GKD_SECRET_IS_UNLOCK (self));
|
|
||||||
g_assert (GP11_IS_OBJECT (collection));
|
|
||||||
@@ -336,35 +329,37 @@ authenticate_collection (GkdSecretUnlock *self, GP11Object *collection, gboolean
|
|
||||||
}
|
|
||||||
|
|
||||||
cred = gkd_secret_session_create_credential (master->session, NULL, template, master, &derr);
|
|
||||||
- gkd_secret_secret_free (master);
|
|
||||||
+ g_object_unref (cred);
|
|
||||||
|
|
||||||
if (cred) {
|
|
||||||
/* Save it to the login keyring */
|
|
||||||
if (!transient)
|
|
||||||
- attach_credential_to_login (collection, cred);
|
|
||||||
- g_object_unref (cred);
|
|
||||||
+ attach_unlock_to_login (collection, master);
|
|
||||||
|
|
||||||
/* Save away the unlock options for next time */
|
|
||||||
gp11_object_set_template (collection, CKA_G_CREDENTIAL_TEMPLATE, template, NULL);
|
|
||||||
gp11_attributes_unref (template);
|
|
||||||
|
|
||||||
*locked = FALSE;
|
|
||||||
- return TRUE; /* Operation succeeded, and unlocked */
|
|
||||||
+ result = TRUE; /* Operation succeeded, and unlocked */
|
|
||||||
|
|
||||||
} else {
|
|
||||||
gp11_attributes_unref (template);
|
|
||||||
if (dbus_error_has_name (&derr, INTERNAL_ERROR_DENIED)) {
|
|
||||||
dbus_error_free (&derr);
|
|
||||||
*locked = TRUE;
|
|
||||||
- return TRUE; /* Operation succeded, although not unlocked*/
|
|
||||||
+ result = TRUE; /* Operation succeded, although not unlocked*/
|
|
||||||
|
|
||||||
} else {
|
|
||||||
g_warning ("couldn't create credential for collection: %s",
|
|
||||||
derr.message);
|
|
||||||
dbus_error_free (&derr);
|
|
||||||
- return FALSE; /* Operation failed */
|
|
||||||
+ result = FALSE; /* Operation failed */
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ gkd_secret_secret_free (master);
|
|
||||||
+ return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* -----------------------------------------------------------------------------
|
|
||||||
diff --git a/daemon/login/gkd-login.c b/daemon/login/gkd-login.c
|
|
||||||
index bdef57d..373561c 100644
|
|
||||||
--- a/daemon/login/gkd-login.c
|
|
||||||
+++ b/daemon/login/gkd-login.c
|
|
||||||
@@ -77,7 +77,9 @@ open_and_login_session (GP11Slot *slot, CK_USER_TYPE user_type, GError **error)
|
|
||||||
session = gp11_slot_open_session (slot, CKF_RW_SESSION, error);
|
|
||||||
if (session != NULL) {
|
|
||||||
if (!gp11_session_login (session, user_type, NULL, 0, error)) {
|
|
||||||
- if ((*error)->code != CKR_USER_ALREADY_LOGGED_IN) {
|
|
||||||
+ if (g_error_matches (*error, GP11_ERROR, CKR_USER_ALREADY_LOGGED_IN)) {
|
|
||||||
+ g_clear_error (error);
|
|
||||||
+ } else {
|
|
||||||
g_object_unref (session);
|
|
||||||
session = NULL;
|
|
||||||
}
|
|
||||||
@@ -574,20 +576,88 @@ find_login_keyring_item (GP11Session *session, GP11Attribute *fields)
|
|
||||||
return item;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static GP11Attributes*
|
|
||||||
+attach_make_attributes_va (GP11Session *session, const gchar *label,
|
|
||||||
+ const gchar *first, va_list va)
|
|
||||||
+{
|
|
||||||
+ GP11Attributes *attrs;
|
|
||||||
+ GP11Attribute fields;
|
|
||||||
+ gchar *display_name;
|
|
||||||
+ GP11Object* item;
|
|
||||||
+ GError *error = NULL;
|
|
||||||
+ gpointer value;
|
|
||||||
+ gsize n_value;
|
|
||||||
+
|
|
||||||
+ attrs = gp11_attributes_new ();
|
|
||||||
+
|
|
||||||
+ gp11_attribute_init_empty (&fields, CKA_G_FIELDS);
|
|
||||||
+ string_attribute_list_va (va, first, &fields);
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * If there already is such an item, then include its identifier.
|
|
||||||
+ * What this does is overwrite that item, rather than creating new.
|
|
||||||
+ */
|
|
||||||
+ item = find_login_keyring_item (session, &fields);
|
|
||||||
+ if (item) {
|
|
||||||
+ value = gp11_object_get_data (item, CKA_ID, &n_value, &error);
|
|
||||||
+ if (value != NULL) {
|
|
||||||
+ gp11_attributes_add_data (attrs, CKA_ID, value, n_value);
|
|
||||||
+ g_free (value);
|
|
||||||
+ } else {
|
|
||||||
+ g_warning ("couldn't retrieve id for previous login item: %s",
|
|
||||||
+ egg_error_message (error));
|
|
||||||
+ g_clear_error (&error);
|
|
||||||
+ }
|
|
||||||
+ g_object_unref (item);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (label == NULL)
|
|
||||||
+ label = _("Unnamed");
|
|
||||||
+
|
|
||||||
+ display_name = g_strdup_printf (_("Unlock password for: %s"), label);
|
|
||||||
+ gp11_attributes_add_string (attrs, CKA_LABEL, display_name);
|
|
||||||
+
|
|
||||||
+ gp11_attributes_add_boolean (attrs, CKA_TOKEN, TRUE);
|
|
||||||
+ gp11_attributes_add_ulong (attrs, CKA_CLASS, CKO_SECRET_KEY);
|
|
||||||
+ gp11_attributes_add_data (attrs, CKA_G_COLLECTION, "login", (gsize)5);
|
|
||||||
+ gp11_attributes_add (attrs, &fields);
|
|
||||||
+
|
|
||||||
+ gp11_attribute_clear (&fields);
|
|
||||||
+ return attrs;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+GP11Attributes*
|
|
||||||
+gkd_login_attach_make_attributes (const gchar *label, const gchar *first, ...)
|
|
||||||
+{
|
|
||||||
+ GP11Attributes *attrs;
|
|
||||||
+ GP11Session *session;
|
|
||||||
+ GP11Module *module;
|
|
||||||
+ va_list va;
|
|
||||||
+
|
|
||||||
+ module = module_instance ();
|
|
||||||
+ session = lookup_login_session (module);
|
|
||||||
+
|
|
||||||
+ va_start (va, first);
|
|
||||||
+ attrs = attach_make_attributes_va (session, label, first, va);
|
|
||||||
+ va_end (va);
|
|
||||||
+
|
|
||||||
+ g_object_unref (session);
|
|
||||||
+ g_object_unref (module);
|
|
||||||
+
|
|
||||||
+ return attrs;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void
|
|
||||||
gkd_login_attach_secret (const gchar *label, const gchar *secret,
|
|
||||||
const gchar *first, ...)
|
|
||||||
{
|
|
||||||
GError *error = NULL;
|
|
||||||
- GP11Attribute fields;
|
|
||||||
GP11Session *session;
|
|
||||||
GP11Module *module;
|
|
||||||
- gchar *display_name;
|
|
||||||
- GP11Object* item;
|
|
||||||
+ GP11Attributes *attrs;
|
|
||||||
+ GP11Object *item;
|
|
||||||
va_list va;
|
|
||||||
|
|
||||||
- if (label == NULL)
|
|
||||||
- label = _("Unnamed");
|
|
||||||
if (secret == NULL)
|
|
||||||
secret = "";
|
|
||||||
|
|
||||||
@@ -595,29 +665,11 @@ gkd_login_attach_secret (const gchar *label, const gchar *secret,
|
|
||||||
session = lookup_login_session (module);
|
|
||||||
|
|
||||||
va_start(va, first);
|
|
||||||
- gp11_attribute_init_empty (&fields, CKA_G_FIELDS);
|
|
||||||
- string_attribute_list_va (va, first, &fields);
|
|
||||||
+ attrs = attach_make_attributes_va (session, label, first, va);
|
|
||||||
va_end(va);
|
|
||||||
|
|
||||||
- display_name = g_strdup_printf (_("Unlock password for: %s"), label);
|
|
||||||
-
|
|
||||||
- item = find_login_keyring_item (session, &fields);
|
|
||||||
- if (item) {
|
|
||||||
- gp11_object_set (item, &error,
|
|
||||||
- CKA_LABEL, strlen (display_name), display_name,
|
|
||||||
- CKA_VALUE, strlen (secret), secret,
|
|
||||||
- GP11_INVALID);
|
|
||||||
- } else {
|
|
||||||
- item = gp11_session_create_object (session, &error,
|
|
||||||
- CKA_TOKEN, GP11_BOOLEAN, TRUE,
|
|
||||||
- CKA_CLASS, GP11_ULONG, CKO_SECRET_KEY,
|
|
||||||
- CKA_LABEL, strlen (display_name), display_name,
|
|
||||||
- CKA_VALUE, strlen (secret), secret,
|
|
||||||
- CKA_G_COLLECTION, (gsize)5, "login",
|
|
||||||
- CKA_G_FIELDS, fields.length, fields.value,
|
|
||||||
- GP11_INVALID);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
+ gp11_attributes_add_string (attrs, CKA_VALUE, secret);
|
|
||||||
+ item = gp11_session_create_object_full (session, attrs, NULL, &error);
|
|
||||||
if (error != NULL) {
|
|
||||||
g_warning ("couldn't store secret in login keyring: %s", egg_error_message (error));
|
|
||||||
g_clear_error (&error);
|
|
||||||
@@ -625,8 +677,8 @@ gkd_login_attach_secret (const gchar *label, const gchar *secret,
|
|
||||||
|
|
||||||
if (item)
|
|
||||||
g_object_unref (item);
|
|
||||||
- g_free (display_name);
|
|
||||||
- gp11_attribute_clear (&fields);
|
|
||||||
+
|
|
||||||
+ gp11_attributes_unref (attrs);
|
|
||||||
g_object_unref (session);
|
|
||||||
g_object_unref (module);
|
|
||||||
}
|
|
||||||
@@ -701,22 +753,3 @@ gkd_login_remove_secret (const gchar *first, ...)
|
|
||||||
g_object_unref (session);
|
|
||||||
g_object_unref (module);
|
|
||||||
}
|
|
||||||
-
|
|
||||||
-GP11Attributes*
|
|
||||||
-gkd_login_attributes_for_secret (const gchar *first, ...)
|
|
||||||
-{
|
|
||||||
- GP11Attributes *attrs;
|
|
||||||
- GP11Attribute *fields;
|
|
||||||
- va_list va;
|
|
||||||
-
|
|
||||||
- attrs = gp11_attributes_newv (CKA_CLASS, GP11_ULONG, CKO_SECRET_KEY,
|
|
||||||
- CKA_G_COLLECTION, (gsize)5, "login",
|
|
||||||
- GP11_INVALID);
|
|
||||||
-
|
|
||||||
- va_start(va, first);
|
|
||||||
- fields = gp11_attributes_add_empty (attrs, CKA_G_FIELDS);
|
|
||||||
- string_attribute_list_va (va, first, fields);
|
|
||||||
- va_end(va);
|
|
||||||
-
|
|
||||||
- return attrs;
|
|
||||||
-}
|
|
||||||
diff --git a/daemon/login/gkd-login.h b/daemon/login/gkd-login.h
|
|
||||||
index 89157b1..849b9f4 100644
|
|
||||||
--- a/daemon/login/gkd-login.h
|
|
||||||
+++ b/daemon/login/gkd-login.h
|
|
||||||
@@ -40,13 +40,14 @@ void gkd_login_attach_secret (const gchar *label,
|
|
||||||
const gchar *first,
|
|
||||||
...);
|
|
||||||
|
|
||||||
-gchar* gkd_login_lookup_secret (const gchar *first,
|
|
||||||
+GP11Attributes* gkd_login_attach_make_attributes (const gchar *label,
|
|
||||||
+ const gchar *first,
|
|
||||||
...);
|
|
||||||
|
|
||||||
-void gkd_login_remove_secret (const gchar *first,
|
|
||||||
+gchar* gkd_login_lookup_secret (const gchar *first,
|
|
||||||
...);
|
|
||||||
|
|
||||||
-GP11Attributes* gkd_login_attributes_for_secret (const gchar *first,
|
|
||||||
+void gkd_login_remove_secret (const gchar *first,
|
|
||||||
...);
|
|
||||||
|
|
||||||
#endif /* __GKD_LOGIN_H__ */
|
|
||||||
--
|
|
||||||
cgit v0.8.3.1
|
|
@ -1,26 +0,0 @@
|
|||||||
From 0512a0b5a30b432f53ee8c48d75acd582c5c9c9d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stef@memberwebs.com>
|
|
||||||
Date: Sun, 21 Mar 2010 14:24:33 +0000
|
|
||||||
Subject: [dbus] Hide the automatically unlock check when login not usable.
|
|
||||||
|
|
||||||
If the login keyring is locked or not present, hide the auto
|
|
||||||
unlock check box since that option isn't usable.
|
|
||||||
---
|
|
||||||
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
index 52e4978..8a70ddc 100644
|
|
||||||
--- a/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
+++ b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
@@ -200,6 +200,11 @@ prepare_unlock_prompt (GkdSecretUnlock *self, GP11Object *coll, gboolean first)
|
|
||||||
|
|
||||||
g_free (label);
|
|
||||||
|
|
||||||
+ if (gkd_login_is_usable ())
|
|
||||||
+ gkd_prompt_show_widget (prompt, "auto_unlock_check");
|
|
||||||
+ else
|
|
||||||
+ gkd_prompt_hide_widget (prompt, "auto_unlock_check");
|
|
||||||
+
|
|
||||||
/* Setup the unlock options */
|
|
||||||
if (first) {
|
|
||||||
template = gp11_object_get_template (coll, CKA_G_CREDENTIAL_TEMPLATE, &error);
|
|
||||||
--
|
|
||||||
cgit v0.8.3.1
|
|
@ -1,52 +0,0 @@
|
|||||||
From e43a24701767d1a8fd72f2f3ed01fe0937364b6d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stef@memberwebs.com>
|
|
||||||
Date: Sun, 21 Mar 2010 14:06:43 +0000
|
|
||||||
Subject: [dbus] Allow unlocking even when always unlock is not available.
|
|
||||||
|
|
||||||
When the Always Unlock option could not work (due to a missing or
|
|
||||||
locked login keyring) unlocking a keyring fail when that option
|
|
||||||
was selected.
|
|
||||||
|
|
||||||
Fixes bug #610998
|
|
||||||
---
|
|
||||||
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
index ee17fd1..52e4978 100644
|
|
||||||
--- a/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
+++ b/daemon/dbus/gkd-secret-unlock.c
|
|
||||||
@@ -271,8 +271,9 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
|
|
||||||
egg_secure_free (value);
|
|
||||||
|
|
||||||
} else {
|
|
||||||
- g_warning ("couldn't read unlock credentials to save in login keyring: %s",
|
|
||||||
- egg_error_message (error));
|
|
||||||
+ if (!g_error_matches (error, GP11_ERROR, CKR_USER_NOT_LOGGED_IN))
|
|
||||||
+ g_warning ("couldn't read unlock credentials to save in login keyring: %s",
|
|
||||||
+ egg_error_message (error));
|
|
||||||
g_clear_error (&error);
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -295,6 +296,7 @@ authenticate_collection (GkdSecretUnlock *self, GP11Object *collection, gboolean
|
|
||||||
DBusError derr = DBUS_ERROR_INIT;
|
|
||||||
GkdSecretSecret *master;
|
|
||||||
GP11Attributes *template;
|
|
||||||
+ GP11Attribute *attr;
|
|
||||||
GP11Object *cred;
|
|
||||||
gboolean transient;
|
|
||||||
|
|
||||||
@@ -321,8 +323,12 @@ authenticate_collection (GkdSecretUnlock *self, GP11Object *collection, gboolean
|
|
||||||
gkd_prompt_get_unlock_options (GKD_PROMPT (self), template);
|
|
||||||
|
|
||||||
/* If it's supposed to save non-transient, then we override that */
|
|
||||||
- if (!gp11_attributes_find_boolean (template, CKA_GNOME_TRANSIENT, &transient))
|
|
||||||
- transient = TRUE;
|
|
||||||
+ attr = gp11_attributes_find (template, CKA_GNOME_TRANSIENT);
|
|
||||||
+ if (attr != NULL) {
|
|
||||||
+ transient = gp11_attribute_get_boolean (attr);
|
|
||||||
+ gp11_attribute_clear (attr);
|
|
||||||
+ gp11_attribute_init_boolean (attr, CKA_GNOME_TRANSIENT, TRUE);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
cred = gkd_secret_session_create_credential (master->session, NULL, template, master, &derr);
|
|
||||||
gkd_secret_secret_free (master);
|
|
||||||
--
|
|
||||||
cgit v0.8.3.1
|
|
@ -1,67 +0,0 @@
|
|||||||
From 629fecbd61c8585a2bc95e2fcb059de260c34fb8 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Stef Walter <stef@memberwebs.com>
|
|
||||||
Date: Sun, 11 Jul 2010 23:18:23 +0000
|
|
||||||
Subject: [ssh-agent] Try to unlock key before use.
|
|
||||||
|
|
||||||
* This allows us to keep the unlocking for the rest of the session.
|
|
||||||
* Restores behavior from gnome-keyring 2.30 and before.
|
|
||||||
---
|
|
||||||
diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c
|
|
||||||
index 759a06a..dc02245 100644
|
|
||||||
--- a/daemon/ssh-agent/gkd-ssh-agent-ops.c
|
|
||||||
+++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c
|
|
||||||
@@ -892,6 +892,42 @@ make_raw_sign_hash (GChecksumType algo, const guchar *data, gsize n_data,
|
|
||||||
return hash;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static guchar*
|
|
||||||
+unlock_and_sign (GP11Session *session, GP11Object *key, gulong mech_type, const guchar *input,
|
|
||||||
+ gsize n_input, gsize *n_result, GError **err)
|
|
||||||
+{
|
|
||||||
+ GP11Attributes *attrs;
|
|
||||||
+ GP11Object *cred;
|
|
||||||
+ gboolean always;
|
|
||||||
+
|
|
||||||
+ /* First check if we should authenticate the key */
|
|
||||||
+ attrs = gp11_object_get (key, err, CKA_ALWAYS_AUTHENTICATE, GP11_INVALID);
|
|
||||||
+ if (!attrs)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
+ /* Authenticate the key if necessary, this allows long term */
|
|
||||||
+ if (!gp11_attributes_find_boolean (attrs, CKA_ALWAYS_AUTHENTICATE, &always))
|
|
||||||
+ g_return_val_if_reached (NULL);
|
|
||||||
+
|
|
||||||
+ gp11_attributes_unref (attrs);
|
|
||||||
+
|
|
||||||
+ if (always == TRUE) {
|
|
||||||
+ cred = gp11_session_create_object (session, err,
|
|
||||||
+ CKA_TOKEN, GP11_BOOLEAN, FALSE,
|
|
||||||
+ CKA_CLASS, GP11_ULONG, CKO_G_CREDENTIAL,
|
|
||||||
+ CKA_VALUE, 0, NULL,
|
|
||||||
+ CKA_G_OBJECT, GP11_ULONG, gp11_object_get_handle (key),
|
|
||||||
+ GP11_INVALID);
|
|
||||||
+ if (cred == NULL)
|
|
||||||
+ return NULL;
|
|
||||||
+
|
|
||||||
+ g_object_unref (cred);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ /* Do the magic */
|
|
||||||
+ return gp11_session_sign (session, key, mech_type, input, n_input, n_result, err);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static gboolean
|
|
||||||
op_sign_request (GkdSshAgentCall *call)
|
|
||||||
{
|
|
||||||
@@ -961,8 +997,7 @@ op_sign_request (GkdSshAgentCall *call)
|
|
||||||
session = gp11_object_get_session (key);
|
|
||||||
g_return_val_if_fail (session, FALSE);
|
|
||||||
|
|
||||||
- /* Do the magic */
|
|
||||||
- result = gp11_session_sign (session, key, mech, hash, n_hash, &n_result, &error);
|
|
||||||
+ result = unlock_and_sign (session, key, mech, hash, n_hash, &n_result, &error);
|
|
||||||
|
|
||||||
g_object_unref (session);
|
|
||||||
g_object_unref (key);
|
|
||||||
--
|
|
||||||
cgit v0.8.3.1
|
|
@ -1,5 +1,5 @@
|
|||||||
%define glib2_version 2.16.0
|
%define glib2_version 2.25.0
|
||||||
%define gtk2_version 2.20.0
|
%define gtk3_version 2.90.0
|
||||||
%define dbus_version 1.0
|
%define dbus_version 1.0
|
||||||
%define hal_version 0.5.7
|
%define hal_version 0.5.7
|
||||||
%define gcrypt_version 1.2.2
|
%define gcrypt_version 1.2.2
|
||||||
@ -7,7 +7,7 @@
|
|||||||
|
|
||||||
Summary: Framework for managing passwords and other secrets
|
Summary: Framework for managing passwords and other secrets
|
||||||
Name: gnome-keyring
|
Name: gnome-keyring
|
||||||
Version: 2.31.91
|
Version: 2.31.92
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+ and LGPLv2+
|
License: GPLv2+ and LGPLv2+
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -15,12 +15,13 @@ Group: System Environment/Libraries
|
|||||||
Source: http://download.gnome.org/sources/gnome-keyring/2.31/gnome-keyring-%{version}.tar.bz2
|
Source: http://download.gnome.org/sources/gnome-keyring/2.31/gnome-keyring-%{version}.tar.bz2
|
||||||
URL: http://www.gnome.org
|
URL: http://www.gnome.org
|
||||||
|
|
||||||
# https://bugzilla.gnome.org/show_bug.cgi?id=628457
|
# http://bugzilla.redhat.com/529709
|
||||||
Patch0: pam-headers.patch
|
# http://bugs.gnome.org/598494
|
||||||
|
Patch3: gnome-keyring-2.28.1-nopass.patch
|
||||||
|
|
||||||
|
|
||||||
BuildRequires: glib2-devel >= %{glib2_version}
|
BuildRequires: glib2-devel >= %{glib2_version}
|
||||||
BuildRequires: gtk2-devel >= %{gtk2_version}
|
BuildRequires: gtk3-devel >= %{gtk3_version}
|
||||||
BuildRequires: GConf2-devel
|
|
||||||
BuildRequires: dbus-devel >= %{dbus_version}
|
BuildRequires: dbus-devel >= %{dbus_version}
|
||||||
BuildRequires: libgcrypt-devel >= %{gcrypt_version}
|
BuildRequires: libgcrypt-devel >= %{gcrypt_version}
|
||||||
BuildRequires: libtasn1-devel >= %{libtasn1_version}
|
BuildRequires: libtasn1-devel >= %{libtasn1_version}
|
||||||
@ -30,9 +31,7 @@ BuildRequires: gettext
|
|||||||
BuildRequires: intltool
|
BuildRequires: intltool
|
||||||
BuildRequires: libtasn1-tools
|
BuildRequires: libtasn1-tools
|
||||||
BuildRequires: libgnome-keyring-devel
|
BuildRequires: libgnome-keyring-devel
|
||||||
Requires(pre): GConf2
|
BuildRequires: gtk-doc
|
||||||
Requires(preun): GConf2
|
|
||||||
Requires(post): GConf2
|
|
||||||
# for smooth transition since the core was split
|
# for smooth transition since the core was split
|
||||||
Requires: libgnome-keyring
|
Requires: libgnome-keyring
|
||||||
|
|
||||||
@ -69,8 +68,7 @@ automatically unlock the "login" keyring when the user logs in.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n gnome-keyring-%{version}
|
%setup -q -n gnome-keyring-%{version}
|
||||||
%patch0 -p1 -b .pam-headers
|
%patch3 -p1 -b .no-pass
|
||||||
|
|
||||||
|
|
||||||
# Enable daemon autostart in XFCE
|
# Enable daemon autostart in XFCE
|
||||||
for i in daemon/*.desktop.in.in; do
|
for i in daemon/*.desktop.in.in; do
|
||||||
@ -84,7 +82,8 @@ autoreconf -i -f
|
|||||||
%configure --disable-gtk-doc \
|
%configure --disable-gtk-doc \
|
||||||
--with-pam-dir=/%{_lib}/security \
|
--with-pam-dir=/%{_lib}/security \
|
||||||
--disable-acl-prompts \
|
--disable-acl-prompts \
|
||||||
--enable-pam
|
--enable-pam \
|
||||||
|
--with-gtk=3.0
|
||||||
|
|
||||||
# avoid unneeded direct dependencies
|
# avoid unneeded direct dependencies
|
||||||
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' libtool
|
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' libtool
|
||||||
@ -92,9 +91,7 @@ sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' libtool
|
|||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
|
|
||||||
%install
|
%install
|
||||||
export GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1
|
|
||||||
make install DESTDIR=$RPM_BUILD_ROOT
|
make install DESTDIR=$RPM_BUILD_ROOT
|
||||||
unset GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL
|
|
||||||
|
|
||||||
rm $RPM_BUILD_ROOT/%{_lib}/security/*.la
|
rm $RPM_BUILD_ROOT/%{_lib}/security/*.la
|
||||||
rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
||||||
@ -107,13 +104,15 @@ rm $RPM_BUILD_ROOT%{_libdir}/gnome-keyring/standalone/*.la
|
|||||||
%post
|
%post
|
||||||
/sbin/ldconfig
|
/sbin/ldconfig
|
||||||
|
|
||||||
%pre
|
%postun
|
||||||
%gconf_schema_obsolete gnome-keyring
|
/sbin/ldconfig
|
||||||
|
if [ $1 -eq 0 ]; then
|
||||||
|
glib-compile-schemas %{_datadir}/glib-2.0/schemas
|
||||||
|
fi
|
||||||
|
|
||||||
%preun
|
%posttrans
|
||||||
%gconf_schema_remove gnome-keyring
|
glib-compile-schemas %{_datadir}/glib-2.0/schemas
|
||||||
|
|
||||||
%postun -p /sbin/ldconfig
|
|
||||||
|
|
||||||
%files -f gnome-keyring.lang
|
%files -f gnome-keyring.lang
|
||||||
%defattr(-, root, root)
|
%defattr(-, root, root)
|
||||||
@ -128,9 +127,12 @@ rm $RPM_BUILD_ROOT%{_libdir}/gnome-keyring/standalone/*.la
|
|||||||
%{_bindir}/*
|
%{_bindir}/*
|
||||||
%{_libexecdir}/*
|
%{_libexecdir}/*
|
||||||
%{_datadir}/dbus-1/services/*.service
|
%{_datadir}/dbus-1/services/*.service
|
||||||
%{_datadir}/gcr
|
%{_datadir}/gcr-3
|
||||||
%{_datadir}/gnome-keyring
|
%{_datadir}/gnome-keyring
|
||||||
|
%{_datadir}/gnome-keyring-3
|
||||||
%{_sysconfdir}/xdg/autostart/*
|
%{_sysconfdir}/xdg/autostart/*
|
||||||
|
%{_datadir}/GConf/gsettings/*.convert
|
||||||
|
%{_datadir}/glib-2.0/schemas/*.gschema.xml
|
||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
%defattr(-, root, root)
|
%defattr(-, root, root)
|
||||||
@ -145,6 +147,10 @@ rm $RPM_BUILD_ROOT%{_libdir}/gnome-keyring/standalone/*.la
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 13 2010 Tomas Bzatek <tbzatek@redhat.com> - 2.31.92-1
|
||||||
|
- Update to 2.31.92
|
||||||
|
- Built against gtk3
|
||||||
|
|
||||||
* Tue Aug 31 2010 Matthias Clasen <mclasen@redhat.com> - 2.31.91-1
|
* Tue Aug 31 2010 Matthias Clasen <mclasen@redhat.com> - 2.31.91-1
|
||||||
- Update to 2.31.91
|
- Update to 2.31.91
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user