These changes port the PAM module from gnome-keyring/pam to libsecret/pam.
Removed `start_daemon` and the dependent code altogether. Because,
gnome-keyring-daemon is launched by systemd.
Replaced calls to `pam_get_item` to retrieve authentication tokens with
`pam_get_authtok`.
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
This turns the `-Dgcrypt` build time option into a more generic
`-Dcrypto` option, which enables user to choose which cryptographic
library to link with. It currently supports libgcrypt (`libgcrypt`)
and GnuTLS (`gnutls`); for the latter, GnuTLS 3.8.2 is the minimum
required version.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
These changes define the TPM2 API and add its implementations
to the incubation area (egg/).
Summary of the public API:
`egg_tpm2_initialize`: Start a TPM context.
`egg_tpm2_finalize`: End a TPM context.
`egg_tpm2_generate_master_password`: Generate and returns an
encrypted master password in `GBytes` format. TSS Marshaling,
GVariant serialization is used.
`egg_tpm2_decrypt_master_password`: Decrypts a master password
generated from `egg_tpm2_generate_master_password`. TSS
Unmarshaling, GVariant deserialization is used.
TPM2 API: TSS Enhanced System API (ESAPI)
Proposal: [extend file backend to use TPM2 derived encryption keys](https://gitlab.gnome.org/Teams/Engagement/gsoc-2021/-/issues/13)
Related MRs: [#86](https://gitlab.gnome.org/GNOME/libsecret/-/merge_requests/86)
Related Issues: [#63](https://gitlab.gnome.org/GNOME/libsecret/-/issues/63)
Now with meson build system libsecret FTBFS without valgrind installed.
Two issues: (1) egg-testing.c depends on valgrind/valgrind.h unnecessarily;
(2) we forgot to add "build" directory as a header directory for meson.
This commit resolves both of them.
Some distributions patch libgcrypt to provide a pkg-config file, and
disable libgcrypt-config. One of these distributions is Yocto, which we
use as the basis for the GNOME Continuous build environment.
We should check if there's a pkg-config file available for gcrypt, and
use it, falling back to libgcrypt-config if the pkg-config file is not
found.