Hello community, here is the log from the commit of package gnome-keyring for openSUSE:Factory checked in at 2012-08-26 11:31:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnome-keyring (Old) and /work/SRC/openSUSE:Factory/.gnome-keyring.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnome-keyring", Maintainer is "gnome-maintain...@suse.de" Changes: -------- --- /work/SRC/openSUSE:Factory/gnome-keyring/gnome-keyring.changes 2012-04-20 15:15:20.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gnome-keyring.new/gnome-keyring.changes 2012-08-26 11:31:34.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Aug 22 22:25:40 UTC 2012 - sree...@suse.com + +- Add gnome-keyring-bnc775235-passphrase-cache.patch + +------------------------------------------------------------------- New: ---- gnome-keyring-bnc775235-passphrase-cache.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnome-keyring.spec ++++++ --- /var/tmp/diff_new_pack.0IcvBC/_old 2012-08-26 11:31:36.000000000 +0200 +++ /var/tmp/diff_new_pack.0IcvBC/_new 2012-08-26 11:31:36.000000000 +0200 @@ -29,6 +29,8 @@ Patch4: gnome-keyring-check-session.patch # PATCH-FIX-OPENSUSE gnome-keyring-pam-auth-prompt-password.patch bnc466732 bgo560488 vu...@novell.com -- Make the pam module prompt the password in auth, so we can use pam-config. This is a workaround until bnc#477488 is implemented. Patch5: gnome-keyring-pam-auth-prompt-password.patch +# PATCH-FIX-UPSTREAM gnome-keyring-bnc775235-passphrase-cache.patch bnc775235 sree...@suse.com -- Apply upstream patches to fix passphrase cache +Patch6: gnome-keyring-bnc775235-passphrase-cache.patch BuildRequires: ca-certificates BuildRequires: desktop-file-utils BuildRequires: fdupes @@ -118,6 +120,7 @@ translation-update-upstream %patch4 -p1 %patch5 -p1 +%patch6 -p1 %if 0%{?BUILD_FROM_VCS} [ -x ./autogen.sh ] && NOCONFIGURE=1 ./autogen.sh ++++++ gnome-keyring-bnc775235-passphrase-cache.patch ++++++ diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c index a0e8731..c8414fe 100644 --- a/daemon/gpg-agent/gkd-gpg-agent-ops.c +++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c @@ -322,17 +322,6 @@ load_unlock_options (GcrPrompt *prompt) g_free (method); } -static void -save_unlock_options (GcrPrompt *prompt) -{ - GSettings *settings; - - settings = gkd_gpg_agent_settings (); - - if (gcr_prompt_get_choice_chosen (prompt)) - g_settings_set_string (settings, "gpg-cache-method", GCR_UNLOCK_OPTION_ALWAYS); -} - static GcrPrompt * open_password_prompt (GckSession *session, const gchar *keyid, @@ -405,11 +394,14 @@ do_get_password (GckSession *session, const gchar *keyid, const gchar *errmsg, const gchar *prompt_text, const gchar *description, gboolean confirm) { GckBuilder builder = GCK_BUILDER_INIT; + GSettings *settings; GckAttributes *attrs; gchar *password = NULL; GcrPrompt *prompt; gboolean chosen; GError *error = NULL; + gint lifetime; + gchar *method; g_assert (GCK_IS_SESSION (session)); @@ -430,21 +422,39 @@ do_get_password (GckSession *session, const gchar *keyid, const gchar *errmsg, } if (password != NULL && keyid != NULL) { + settings = gkd_gpg_agent_settings (); /* Load up the save options */ chosen = gcr_prompt_get_choice_chosen (prompt); - if (chosen) + if (chosen) { + g_settings_set_string (settings, "gpg-cache-method", GCR_UNLOCK_OPTION_ALWAYS); gck_builder_add_string (&builder, CKA_G_COLLECTION, "login"); - else + + } else { + method = g_settings_get_string (settings, "gpg-cache-method"); + lifetime = g_settings_get_int (settings, "gpg-cache-ttl"); + + if (g_strcmp0 (method, GCR_UNLOCK_OPTION_IDLE) == 0) { + gck_builder_add_boolean (&builder, CKA_GNOME_TRANSIENT, TRUE); + gck_builder_add_ulong (&builder, CKA_G_DESTRUCT_IDLE, lifetime); + + } else if (g_strcmp0 (method, GCR_UNLOCK_OPTION_TIMEOUT) == 0) { + gck_builder_add_boolean (&builder, CKA_GNOME_TRANSIENT, TRUE); + gck_builder_add_ulong (&builder, CKA_G_DESTRUCT_AFTER, lifetime); + + } else if (g_strcmp0 (method, GCR_UNLOCK_OPTION_SESSION)){ + g_message ("Unsupported gpg-cache-method setting: %s", method); + } + gck_builder_add_string (&builder, CKA_G_COLLECTION, "session"); + g_free (method); + } /* Now actually save the password */ attrs = gck_attributes_ref_sink (gck_builder_end (&builder)); do_save_password (session, keyid, description, password, attrs); gck_attributes_unref (attrs); - - save_unlock_options (prompt); } g_clear_object (&prompt); diff --git a/pkcs11/secret-store/gkm-secret-item.c b/pkcs11/secret-store/gkm-secret-item.c index d03c4a8..15791a9 100644 --- a/pkcs11/secret-store/gkm-secret-item.c +++ b/pkcs11/secret-store/gkm-secret-item.c @@ -224,6 +224,7 @@ gkm_secret_item_real_get_attribute (GkmObject *base, GkmSession *session, CK_ATT identifier = gkm_secret_object_get_identifier (GKM_SECRET_OBJECT (self)); secret = gkm_secret_data_get_raw (sdata, identifier, &n_secret); rv = gkm_attribute_set_data (attr, secret, n_secret); + gkm_object_mark_used (base); g_object_unref (sdata); return rv; diff --git a/schema/org.gnome.crypto.cache.gschema.xml b/schema/org.gnome.crypto.cache.gschema.xml index 9a431eb..4547399 100644 --- a/schema/org.gnome.crypto.cache.gschema.xml +++ b/schema/org.gnome.crypto.cache.gschema.xml @@ -3,7 +3,10 @@ <key name="gpg-cache-method" type="s"> <default>'session'</default> <summary>Cache Method</summary> - <description>The method to use for caching passphrases typed into the GPG agent.</description> + <description>The method to use for caching passphrases typed into the GPG agent. + Should be one of: 'always' caches permanently, 'session' caches until session end, + 'idle' caches until the not used for gpg-cache-ttl seconds, 'timeout' caches until + gpg-cache-ttl seconds.</description> </key> <key name="gpg-cache-ttl" type="i"> <default>300</default> -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org