diff options
Diffstat (limited to 'source/l/gnome-keyring')
5 files changed, 2 insertions, 165 deletions
diff --git a/source/l/gnome-keyring/doinst.sh b/source/l/gnome-keyring/doinst.sh index c64347e9..27c5f9e4 100644 --- a/source/l/gnome-keyring/doinst.sh +++ b/source/l/gnome-keyring/doinst.sh @@ -1 +1 @@ -chroot . /usr/bin/glib-compile-schemas /usr/share/glib-2.0/schemas/ 2>/dev/null +chroot . /usr/bin/glib-compile-schemas /usr/share/glib-2.0/schemas/ 2>/dev/null 1>/dev/null diff --git a/source/l/gnome-keyring/gnome-keyring.SlackBuild b/source/l/gnome-keyring/gnome-keyring.SlackBuild index 81bc47ab..a238f1e7 100755 --- a/source/l/gnome-keyring/gnome-keyring.SlackBuild +++ b/source/l/gnome-keyring/gnome-keyring.SlackBuild @@ -24,7 +24,7 @@ PKGNAM=gnome-keyring VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -58,12 +58,6 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 cd $PKGNAM-$VERSION || exit 1 -# Fix improper passphrase caching. -# http://www.openwall.com/lists/oss-security/2012/08/09/2 -zcat $CWD/gpg-agent-Hook-up-the-TTL-cache-option.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/schema-Update-description-for-gpg-cache-method.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/secret-store-Mark-a-secret-item-as-used-when-acces.patch.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -84,15 +78,12 @@ CXXFLAGS="$SLKCFLAGS" \ --enable-nls \ --disable-debug \ --enable-ssh-agent \ - --with-root-certs=/etc/ssl/certs \ --with-pam-dir=/lib/security \ --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 -mkdir -p $PKG/etc/gconf/gconf.xml.defaults - find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true diff --git a/source/l/gnome-keyring/gpg-agent-Hook-up-the-TTL-cache-option.patch b/source/l/gnome-keyring/gpg-agent-Hook-up-the-TTL-cache-option.patch deleted file mode 100644 index c1298f75..00000000 --- a/source/l/gnome-keyring/gpg-agent-Hook-up-the-TTL-cache-option.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 7b65bf04737167fae6b0204d6524215550fcc079 Mon Sep 17 00:00:00 2001 -From: Stef Walter <stefw@gnome.org> -Date: Wed, 8 Aug 2012 06:06:58 +0200 -Subject: [PATCH] gpg-agent: Hook up the TTL cache option - - * So that when the gsettings gpg-cache-method is 'idle' or 'timeout' - we use gpg-cache-ttl to control how long the passphrase is cached - for. - * This is a regression from 3.3.x - -https://bugzilla.gnome.org/show_bug.cgi?id=681081 ---- - daemon/gpg-agent/gkd-gpg-agent-ops.c | 40 ++++++++++++++++++++++-------------- - 1 file changed, 25 insertions(+), 15 deletions(-) - -diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c -index a1a21ff..e1c188d 100644 ---- a/daemon/gpg-agent/gkd-gpg-agent-ops.c -+++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c -@@ -323,17 +323,6 @@ load_unlock_options (GcrPrompt *prompt) - g_free (method); - } - --static void --save_unlock_options (GcrPrompt *prompt) --{ -- GSettings *settings; -- -- settings = gkd_gpg_agent_settings (); -- -- if (gcr_prompt_get_choice_chosen (prompt)) -- g_settings_set_string (settings, "gpg-cache-method", GCR_UNLOCK_OPTION_ALWAYS); --} -- - static GcrPrompt * - open_password_prompt (GckSession *session, - const gchar *keyid, -@@ -406,11 +395,14 @@ do_get_password (GckSession *session, const gchar *keyid, const gchar *errmsg, - const gchar *prompt_text, const gchar *description, gboolean confirm) - { - GckBuilder builder = GCK_BUILDER_INIT; -+ GSettings *settings; - GckAttributes *attrs; - gchar *password = NULL; - GcrPrompt *prompt; - gboolean chosen; - GError *error = NULL; -+ gint lifetime; -+ gchar *method; - - g_assert (GCK_IS_SESSION (session)); - -@@ -431,21 +423,39 @@ do_get_password (GckSession *session, const gchar *keyid, const gchar *errmsg, - } - - if (password != NULL && keyid != NULL) { -+ settings = gkd_gpg_agent_settings (); - - /* Load up the save options */ - chosen = gcr_prompt_get_choice_chosen (prompt); - -- if (chosen) -+ if (chosen) { -+ g_settings_set_string (settings, "gpg-cache-method", GCR_UNLOCK_OPTION_ALWAYS); - gck_builder_add_string (&builder, CKA_G_COLLECTION, "login"); -- else -+ -+ } else { -+ method = g_settings_get_string (settings, "gpg-cache-method"); -+ lifetime = g_settings_get_int (settings, "gpg-cache-ttl"); -+ -+ if (g_strcmp0 (method, GCR_UNLOCK_OPTION_IDLE) == 0) { -+ gck_builder_add_boolean (&builder, CKA_GNOME_TRANSIENT, TRUE); -+ gck_builder_add_ulong (&builder, CKA_G_DESTRUCT_IDLE, lifetime); -+ -+ } else if (g_strcmp0 (method, GCR_UNLOCK_OPTION_TIMEOUT) == 0) { -+ gck_builder_add_boolean (&builder, CKA_GNOME_TRANSIENT, TRUE); -+ gck_builder_add_ulong (&builder, CKA_G_DESTRUCT_AFTER, lifetime); -+ -+ } else if (g_strcmp0 (method, GCR_UNLOCK_OPTION_SESSION)){ -+ g_message ("Unsupported gpg-cache-method setting: %s", method); -+ } -+ - gck_builder_add_string (&builder, CKA_G_COLLECTION, "session"); -+ g_free (method); -+ } - - /* Now actually save the password */ - attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); - do_save_password (session, keyid, description, password, attrs); - gck_attributes_unref (attrs); -- -- save_unlock_options (prompt); - } - - g_clear_object (&prompt); --- -1.7.11.2
\ No newline at end of file diff --git a/source/l/gnome-keyring/schema-Update-description-for-gpg-cache-method.patch b/source/l/gnome-keyring/schema-Update-description-for-gpg-cache-method.patch deleted file mode 100644 index 12b6fb2d..00000000 --- a/source/l/gnome-keyring/schema-Update-description-for-gpg-cache-method.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 6387fb065d5ea16c777a0aee05b22c3cc6a0f73c Mon Sep 17 00:00:00 2001 -From: Stef Walter <stefw@gnome.org> -Date: Wed, 8 Aug 2012 06:06:24 +0200 -Subject: [PATCH] schema: Update description for gpg-cache-method - - * Document the various method strings that can be present here - -https://bugzilla.gnome.org/show_bug.cgi?id=681081 ---- - schema/org.gnome.crypto.cache.gschema.xml | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/schema/org.gnome.crypto.cache.gschema.xml b/schema/org.gnome.crypto.cache.gschema.xml -index 9a431eb..4547399 100644 ---- a/schema/org.gnome.crypto.cache.gschema.xml -+++ b/schema/org.gnome.crypto.cache.gschema.xml -@@ -3,7 +3,10 @@ - <key name="gpg-cache-method" type="s"> - <default>'session'</default> - <summary>Cache Method</summary> -- <description>The method to use for caching passphrases typed into the GPG agent.</description> -+ <description>The method to use for caching passphrases typed into the GPG agent. -+ Should be one of: 'always' caches permanently, 'session' caches until session end, -+ 'idle' caches until the not used for gpg-cache-ttl seconds, 'timeout' caches until -+ gpg-cache-ttl seconds.</description> - </key> - <key name="gpg-cache-ttl" type="i"> - <default>300</default> --- -1.7.11.2
\ No newline at end of file diff --git a/source/l/gnome-keyring/secret-store-Mark-a-secret-item-as-used-when-acces.patch b/source/l/gnome-keyring/secret-store-Mark-a-secret-item-as-used-when-acces.patch deleted file mode 100644 index 1785b0cd..00000000 --- a/source/l/gnome-keyring/secret-store-Mark-a-secret-item-as-used-when-acces.patch +++ /dev/null @@ -1,26 +0,0 @@ -From d96c49f0bf1710b69a354f4bdebf6b53bf5cb0bc Mon Sep 17 00:00:00 2001 -From: Stef Walter <stefw@gnome.org> -Date: Wed, 8 Aug 2012 15:08:22 +0200 -Subject: [PATCH] secret-store: Mark a secret item as 'used' when accessed - - * This makes the gpg-agent idle feature work correctly - -https://bugzilla.gnome.org/show_bug.cgi?id=681081 ---- - pkcs11/secret-store/gkm-secret-item.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/pkcs11/secret-store/gkm-secret-item.c b/pkcs11/secret-store/gkm-secret-item.c -index 35698da..d7cbdb3 100644 ---- a/pkcs11/secret-store/gkm-secret-item.c -+++ b/pkcs11/secret-store/gkm-secret-item.c -@@ -224,6 +224,7 @@ gkm_secret_item_real_get_attribute (GkmObject *base, GkmSession *session, CK_ATT - identifier = gkm_secret_object_get_identifier (GKM_SECRET_OBJECT (self)); - secret = gkm_secret_data_get_raw (sdata, identifier, &n_secret); - rv = gkm_attribute_set_data (attr, secret, n_secret); -+ gkm_object_mark_used (base); - g_object_unref (sdata); - return rv; - --- -1.7.11.2
\ No newline at end of file |