The SecretSession protocol uses a weak Diffie-Hellman parameters which
are not approved by FIPS. While this is not ideal, the protocol is not
designed as a general protection mechanism of data in transit, but
just as a safety net against when the dbus-daemon (or dbus-broker)
crashes and dumps a core, and thus bumping the protocol to use a
larger DH group would be overkill.
This patch temporarily disables the FIPS check around the GnuTLS DH
API calls to avoid errors.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This is the standard mechanism to initialize a GObject introspectable
interface. If you don't do this, you get this PyGIWarning:
Secret was imported without specifying a version first. Use
gi.require_version('Secret', '1') before import to ensure that the
right version gets loaded.
On NixOS packages are installed in separate prefixes.
Starting from GLib / gobject-introspection 2.80, GLib introspection data
is provided by GLib itself instead of gobject-introspection. This causes
tests failures on NixOS because env.set() resets the environment and GLib
is missing from GI_TYPELIB_PATH:
gi.RepositoryError: Typelib file for namespace 'Gio', version '2.0' not found
See also:
29e6cc5808
If you pass an option to enable a crypto backend it just silently
moves on when nothing is found. This is not how a build system
should behave and will lead to mistakes. The disabled option exists
for that purpose.
There were several issues in `secret_tool_action_lock()`:
- `g_autolist (GList)` isn't a correct type, as the list elements are
`SecretCollection`s, not `GList`s
- Separately from that, the list didn't take ownership of the elements
either in all cases
- We were leaking the `locked` and `context` variables
This commits just does away with all the g_auto* usage as it's the only
place in the code we're using it anyway, and just does all the freeing
at the end of the function.
Fixes: 015ea119 ("secret-tool: Add locking capabilities to secret tool")
Fixes: https://gitlab.gnome.org/GNOME/libsecret/-/issues/89
These changes port the PAM module from gnome-keyring/pam to libsecret/pam.
Removed `start_daemon` and the dependent code altogether. Because,
gnome-keyring-daemon is launched by systemd.
Replaced calls to `pam_get_item` to retrieve authentication tokens with
`pam_get_authtok`.
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
This change is a part of the port PAM module from gnome-keyring
patch set.
These changes port gnome-keyring/egg/egg-unix-credentials.c to
libsecret/egg
Furthermore ports gnome-keyring/egg/egg-buffer.c to libsecret/egg
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
Note that gnutls 3.8.2 packages is still under testing, so we
tentatively pull in the build directly from koji.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This turns the `-Dgcrypt` build time option into a more generic
`-Dcrypto` option, which enables user to choose which cryptographic
library to link with. It currently supports libgcrypt (`libgcrypt`)
and GnuTLS (`gnutls`); for the latter, GnuTLS 3.8.2 is the minimum
required version.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
When compiled without libgcrypt, some of the tests in test-session
fails as they expect the session algorithm to be
"dh-ietf1024-sha256-aes128-cbc-pkcs7". This adds a build-time
conditional to guard against it.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This moves low-level cryptographic functions into egg/egg-keyring1.c,
to make it easy to support multiple crypto backend libraries.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
The original code tries to encrypt the file format using AES-256-CBC,
though actually AES-128-CBC was used because the key size is shorter
and libgcrypt automatically degrades to AES-128-CBC based on the key
size. Reported by Sophie Herold in:
https://github.com/bilelmoussaoui/oo7/issues/46#issuecomment-1816286494
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This wraps gcry_mpi_t usage in the API with opaque strucs, so it would
be easier to port egg-dh to other crypto libraries.
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
This makes the internal logic of _secret_attributes_validate public,
so applications can check and recover when an invalid attributes table
is passed to other libsecret API, such as secret_service_clear.
