Hello community,
here is the log from the commit of package gnome-keyring for openSUSE:Factory
checked in at 2012-08-26 11:31:33
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnome-keyring (Old)
and /work/SRC/openSUSE:Factory/.gnome-keyring.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnome-keyring", Maintainer is "gnome-maintain...@suse.de"
Changes:
--------
--- /work/SRC/openSUSE:Factory/gnome-keyring/gnome-keyring.changes
2012-04-20 15:15:20.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.gnome-keyring.new/gnome-keyring.changes
2012-08-26 11:31:34.000000000 +0200
@@ -1,0 +2,5 @@
+Wed Aug 22 22:25:40 UTC 2012 - sree...@suse.com
+
+- Add gnome-keyring-bnc775235-passphrase-cache.patch
+
+-------------------------------------------------------------------
New:
----
gnome-keyring-bnc775235-passphrase-cache.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gnome-keyring.spec ++++++
--- /var/tmp/diff_new_pack.0IcvBC/_old 2012-08-26 11:31:36.000000000 +0200
+++ /var/tmp/diff_new_pack.0IcvBC/_new 2012-08-26 11:31:36.000000000 +0200
@@ -29,6 +29,8 @@
Patch4: gnome-keyring-check-session.patch
# PATCH-FIX-OPENSUSE gnome-keyring-pam-auth-prompt-password.patch bnc466732
bgo560488 vu...@novell.com -- Make the pam module prompt the password in auth,
so we can use pam-config. This is a workaround until bnc#477488 is implemented.
Patch5: gnome-keyring-pam-auth-prompt-password.patch
+# PATCH-FIX-UPSTREAM gnome-keyring-bnc775235-passphrase-cache.patch bnc775235
sree...@suse.com -- Apply upstream patches to fix passphrase cache
+Patch6: gnome-keyring-bnc775235-passphrase-cache.patch
BuildRequires: ca-certificates
BuildRequires: desktop-file-utils
BuildRequires: fdupes
@@ -118,6 +120,7 @@
translation-update-upstream
%patch4 -p1
%patch5 -p1
+%patch6 -p1
%if 0%{?BUILD_FROM_VCS}
[ -x ./autogen.sh ] && NOCONFIGURE=1 ./autogen.sh
++++++ gnome-keyring-bnc775235-passphrase-cache.patch ++++++
diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c
b/daemon/gpg-agent/gkd-gpg-agent-ops.c
index a0e8731..c8414fe 100644
--- a/daemon/gpg-agent/gkd-gpg-agent-ops.c
+++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c
@@ -322,17 +322,6 @@ load_unlock_options (GcrPrompt *prompt)
g_free (method);
}
-static void
-save_unlock_options (GcrPrompt *prompt)
-{
- GSettings *settings;
-
- settings = gkd_gpg_agent_settings ();
-
- if (gcr_prompt_get_choice_chosen (prompt))
- g_settings_set_string (settings, "gpg-cache-method",
GCR_UNLOCK_OPTION_ALWAYS);
-}
-
static GcrPrompt *
open_password_prompt (GckSession *session,
const gchar *keyid,
@@ -405,11 +394,14 @@ do_get_password (GckSession *session, const gchar *keyid,
const gchar *errmsg,
const gchar *prompt_text, const gchar *description, gboolean
confirm)
{
GckBuilder builder = GCK_BUILDER_INIT;
+ GSettings *settings;
GckAttributes *attrs;
gchar *password = NULL;
GcrPrompt *prompt;
gboolean chosen;
GError *error = NULL;
+ gint lifetime;
+ gchar *method;
g_assert (GCK_IS_SESSION (session));
@@ -430,21 +422,39 @@ do_get_password (GckSession *session, const gchar *keyid,
const gchar *errmsg,
}
if (password != NULL && keyid != NULL) {
+ settings = gkd_gpg_agent_settings ();
/* Load up the save options */
chosen = gcr_prompt_get_choice_chosen (prompt);
- if (chosen)
+ if (chosen) {
+ g_settings_set_string (settings, "gpg-cache-method",
GCR_UNLOCK_OPTION_ALWAYS);
gck_builder_add_string (&builder, CKA_G_COLLECTION,
"login");
- else
+
+ } else {
+ method = g_settings_get_string (settings,
"gpg-cache-method");
+ lifetime = g_settings_get_int (settings,
"gpg-cache-ttl");
+
+ if (g_strcmp0 (method, GCR_UNLOCK_OPTION_IDLE) == 0) {
+ gck_builder_add_boolean (&builder,
CKA_GNOME_TRANSIENT, TRUE);
+ gck_builder_add_ulong (&builder,
CKA_G_DESTRUCT_IDLE, lifetime);
+
+ } else if (g_strcmp0 (method,
GCR_UNLOCK_OPTION_TIMEOUT) == 0) {
+ gck_builder_add_boolean (&builder,
CKA_GNOME_TRANSIENT, TRUE);
+ gck_builder_add_ulong (&builder,
CKA_G_DESTRUCT_AFTER, lifetime);
+
+ } else if (g_strcmp0 (method,
GCR_UNLOCK_OPTION_SESSION)){
+ g_message ("Unsupported gpg-cache-method
setting: %s", method);
+ }
+
gck_builder_add_string (&builder, CKA_G_COLLECTION,
"session");
+ g_free (method);
+ }
/* Now actually save the password */
attrs = gck_attributes_ref_sink (gck_builder_end (&builder));
do_save_password (session, keyid, description, password, attrs);
gck_attributes_unref (attrs);
-
- save_unlock_options (prompt);
}
g_clear_object (&prompt);
diff --git a/pkcs11/secret-store/gkm-secret-item.c
b/pkcs11/secret-store/gkm-secret-item.c
index d03c4a8..15791a9 100644
--- a/pkcs11/secret-store/gkm-secret-item.c
+++ b/pkcs11/secret-store/gkm-secret-item.c
@@ -224,6 +224,7 @@ gkm_secret_item_real_get_attribute (GkmObject *base,
GkmSession *session, CK_ATT
identifier = gkm_secret_object_get_identifier
(GKM_SECRET_OBJECT (self));
secret = gkm_secret_data_get_raw (sdata, identifier, &n_secret);
rv = gkm_attribute_set_data (attr, secret, n_secret);
+ gkm_object_mark_used (base);
g_object_unref (sdata);
return rv;
diff --git a/schema/org.gnome.crypto.cache.gschema.xml
b/schema/org.gnome.crypto.cache.gschema.xml
index 9a431eb..4547399 100644
--- a/schema/org.gnome.crypto.cache.gschema.xml
+++ b/schema/org.gnome.crypto.cache.gschema.xml
@@ -3,7 +3,10 @@
<key name="gpg-cache-method" type="s">
<default>'session'</default>
<summary>Cache Method</summary>
- <description>The method to use for caching passphrases
typed into the GPG agent.</description>
+ <description>The method to use for caching passphrases
typed into the GPG agent.
+ Should be one of: 'always' caches permanently,
'session' caches until session end,
+ 'idle' caches until the not used for gpg-cache-ttl
seconds, 'timeout' caches until
+ gpg-cache-ttl seconds.</description>
</key>
<key name="gpg-cache-ttl" type="i">
<default>300</default>
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
