diff --git a/gnome-keyring-2.28.1-nopass.patch b/gnome-keyring-2.28.1-nopass.patch deleted file mode 100644 index c147edb..0000000 --- a/gnome-keyring-2.28.1-nopass.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up gnome-keyring-2.28.1/pam/gkr-pam-module.c.nopass gnome-keyring-2.28.1/pam/gkr-pam-module.c ---- gnome-keyring-2.28.1/pam/gkr-pam-module.c.nopass 2009-09-25 21:55:50.000000000 -0400 -+++ gnome-keyring-2.28.1/pam/gkr-pam-module.c 2009-10-19 11:27:34.000000000 -0400 -@@ -878,6 +878,7 @@ pam_sm_authenticate (pam_handle_t *ph, i - - started_daemon = 0; - -+ - /* Should we start the daemon? */ - if (args & ARG_AUTO_START) { - ret = start_daemon_if_necessary (ph, pwd, password, &started_daemon); -@@ -944,8 +945,9 @@ pam_sm_open_session (pam_handle_t *ph, i - * different PAM callbacks from different processes. - * - * No use complaining -+ * Do not start gnome-keyring, dbus will start it on login. - */ -- password = NULL; -+ return PAM_SUCCESS; - } - - started_daemon = 0; diff --git a/gnome-keyring-3.1.2-caps-ext-check.patch b/gnome-keyring-3.1.2-caps-ext-check.patch deleted file mode 100644 index 50b4aa3..0000000 --- a/gnome-keyring-3.1.2-caps-ext-check.patch +++ /dev/null @@ -1,49 +0,0 @@ -From fd0bf3d36f3295fbc7c6d4bed34e2d2849764e68 Mon Sep 17 00:00:00 2001 -From: Vincent Untz -Date: Fri, 6 May 2011 14:14:21 +0200 -Subject: [PATCH] Improved checks for fs capabilities, and drop unneeded ones - -If we have fs capabilities, we first need to check that we really do -have ipc_lock, and if that's the case we just keep ipc_lock and drop -everything else. - -https://bugzilla.gnome.org/show_bug.cgi?id=649560 ---- - daemon/gkd-capability.c | 19 +++++++++++++++++-- - 1 files changed, 17 insertions(+), 2 deletions(-) - -diff --git a/daemon/gkd-capability.c b/daemon/gkd-capability.c -index 5b47f4e..e15200a 100644 ---- a/daemon/gkd-capability.c -+++ b/daemon/gkd-capability.c -@@ -71,11 +71,26 @@ gkd_capability_obtain_capability_and_drop_privileges (void) - early_error ("failed dropping capabilities"); - break; - case CAPNG_FAIL: -- case CAPNG_NONE: - early_error ("error getting process capabilities"); - break; -+ case CAPNG_NONE: -+ early_error ("insufficient process capabilities"); -+ break; - case CAPNG_PARTIAL: /* File system based capabilities */ -- break; -+ if (!capng_have_capability (CAPNG_EFFECTIVE, CAP_IPC_LOCK)) { -+ early_error ("insufficient process capabilities"); -+ break; -+ } -+ -+ /* Drop all capabilities except ipc_lock */ -+ capng_clear (CAPNG_SELECT_BOTH); -+ if (capng_update (CAPNG_ADD, -+ CAPNG_EFFECTIVE|CAPNG_PERMITTED, -+ CAP_IPC_LOCK) != 0) -+ early_error ("error dropping process capabilities"); -+ if (capng_apply (CAPNG_SELECT_BOTH) != 0) -+ early_error ("error dropping process capabilities"); -+ break; - } - #endif /* HAVE_LIBCAPNG */ - } --- -1.7.4.2 diff --git a/gnome-keyring-3.1.2-caps-warn-unavail.patch b/gnome-keyring-3.1.2-caps-warn-unavail.patch deleted file mode 100644 index 085de9d..0000000 --- a/gnome-keyring-3.1.2-caps-warn-unavail.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 156f6f318daa782cd209c90ed69a0d24595af5d1 Mon Sep 17 00:00:00 2001 -From: Vincent Untz -Date: Fri, 6 May 2011 14:18:00 +0200 -Subject: [PATCH] Accept to run if ipc_lock capability is not available - -We print a warning about potential use of unsecure memory, but still -run (and drop unneeded capabilities if we have some). This is better -than nothing. - -https://bugzilla.gnome.org/show_bug.cgi?id=649560 ---- - daemon/gkd-capability.c | 13 +++++++++++-- - 1 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/daemon/gkd-capability.c b/daemon/gkd-capability.c -index e15200a..92c000c 100644 ---- a/daemon/gkd-capability.c -+++ b/daemon/gkd-capability.c -@@ -42,6 +42,12 @@ early_error (const char *err_string) - exit (1); - } - -+static void -+early_warning (const char *warn_string) -+{ -+ fprintf (stderr, "gnome-keyring-daemon: %s\n", warn_string); -+} -+ - #endif /* HAVE_LIPCAPNG */ - - /* -@@ -74,11 +80,14 @@ gkd_capability_obtain_capability_and_drop_privileges (void) - early_error ("error getting process capabilities"); - break; - case CAPNG_NONE: -- early_error ("insufficient process capabilities"); -+ early_warning ("insufficient process capabilities, unsecure memory might get used"); - break; - case CAPNG_PARTIAL: /* File system based capabilities */ - if (!capng_have_capability (CAPNG_EFFECTIVE, CAP_IPC_LOCK)) { -- early_error ("insufficient process capabilities"); -+ early_warning ("insufficient process capabilities, unsecure memory might get used"); -+ /* Drop all capabilities */ -+ capng_clear (CAPNG_SELECT_BOTH); -+ capng_apply (CAPNG_SELECT_BOTH); - break; - } - --- -1.7.4.2 diff --git a/gnome-keyring-error.patch b/gnome-keyring-error.patch deleted file mode 100644 index 2494427..0000000 --- a/gnome-keyring-error.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- gnome-keyring-3.3.4/daemon/dbus/gkd-secret-error.c 2011-12-19 02:51:11.000000000 -0500 -+++ foo/daemon/dbus/gkd-secret-error.c 2012-01-18 09:12:28.976906276 -0500 -@@ -60,7 +60,9 @@ - - g_return_val_if_fail (error != NULL, NULL); - -- if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN)) { -+ if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN) || -+ g_error_matches (error, GCK_ERROR, CKR_PIN_INCORRECT)) { -+ - dbus_set_error (&derr, INTERNAL_ERROR_DENIED, "The password was invalid"); - - } else if (g_error_matches (error, GCK_ERROR, CKR_WRAPPED_KEY_INVALID) ||