Commit Graph

804 Commits

Author SHA1 Message Date
Niels De Graef
bf362eeef0 Merge branch 'crypto-options' into 'master'
meson: Fix crypto option being silently ignored

See merge request GNOME/libsecret!137
2024-02-21 13:19:37 +00:00
Patrick Griffis
b1736bf119 CI: Bump image version
This includes newer gnutls
2024-02-16 13:16:27 -06:00
Patrick Griffis
257d521cb9 meson: Fix crypto option being silently ignored
If you pass an option to enable a crypto backend it just silently
moves on when nothing is found. This is not how a build system
should behave and will lead to mistakes. The disabled option exists
for that purpose.
2024-02-16 12:58:12 -06:00
Dhanuka Warusadura
9ee98781bc Merge branch 'doap' into 'master'
doap: add myself as maintainer

See merge request GNOME/libsecret!136
2024-02-08 14:42:47 +00:00
Dhanuka Warusadura
6a60ed5d9a doap: add myself as maintainer
With the approval of Daiki Ueno (@dueno)

Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2024-02-08 12:46:19 +05:30
Ridhubharan Venkatachalam
6d2e87e185 Add Tamil translation 2024-01-09 01:42:11 +00:00
Dhanuka Warusadura
70597d01b2
Release 0.21.3
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2024-01-06 13:53:25 +05:30
Andre Klapper
4378702619 DOAP: Replace defunct mailing list with GNOME Discourse URL 2024-01-05 19:23:53 +01:00
Dhanuka Warusadura
fdc2274595 Merge branch 'nielsdg/fix-illegal-free-in-secret-tool' into 'master'
secret-tool: Fix memory issues in lock command

Closes #89

See merge request GNOME/libsecret!134
2023-12-12 12:57:52 +00:00
Niels De Graef
a1ceaeed2a secret-tool: Fix memory issues in lock command
There were several issues in `secret_tool_action_lock()`:

- `g_autolist (GList)` isn't a correct type, as the list elements are
  `SecretCollection`s, not `GList`s
- Separately from that, the list didn't take ownership of the elements
  either in all cases
- We were leaking the `locked` and `context` variables

This commits just does away with all the g_auto* usage as it's the only
place in the code we're using it anyway, and just does all the freeing
at the end of the function.

Fixes: 015ea119 ("secret-tool: Add locking capabilities to secret tool")
Fixes: https://gitlab.gnome.org/GNOME/libsecret/-/issues/89
2023-12-12 12:27:12 +01:00
Dhanuka Warusadura
8e8000d404 Merge branch 'wip/dueno/crypto-backend-followup' into 'master'
tests: Remove unnecessary inclusion of <gcrypt.h>

See merge request GNOME/libsecret!133
2023-12-11 06:21:50 +00:00
Daiki Ueno
7f31c83230 tests: Remove unnecessary inclusion of <gcrypt.h>
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-11 08:39:58 +09:00
Dhanuka Warusadura
fa5ac29856 Merge branch 'port_pam_from_gnome_keyring' into 'master'
Port PAM module from gnome-keyring

See merge request GNOME/libsecret!128
2023-12-10 17:07:27 +00:00
Dhanuka Warusadura
b399f5f631 pam: add tests for the ported PAM module
These changes add PAM tests based on pam_wrapper and libpamtest.

Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-10 22:35:55 +05:30
Dhanuka Warusadura
9a37dc839a pam: port PAM module from gnome-keyring
These changes port the PAM module from gnome-keyring/pam to libsecret/pam.

Removed `start_daemon` and the dependent code altogether. Because,
gnome-keyring-daemon is launched by systemd.

Replaced calls to `pam_get_item` to retrieve authentication tokens with
`pam_get_authtok`.

Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-10 22:35:55 +05:30
Dhanuka Warusadura
9cfa77f967 pam: port PAM module egg helper functions from gnome-keyring
This change is a part of the port PAM module from gnome-keyring
patch set.
These changes port gnome-keyring/egg/egg-unix-credentials.c to
libsecret/egg
Furthermore ports gnome-keyring/egg/egg-buffer.c to libsecret/egg

Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-10 22:35:55 +05:30
Dhanuka Warusadura
175514244f ci: install packages required for the PAM module
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-10 22:35:55 +05:30
Dhanuka Warusadura
39a3d14169
Release 0.21.2
Signed-off-by: Dhanuka Warusadura <dhanuka@gnome.org>
2023-12-08 15:48:34 +05:30
Dhanuka Warusadura
cc309e255a Merge branch 'wip/dueno/crypto-backend' into 'master'
Support GnuTLS as an alternative crypto backend

See merge request GNOME/libsecret!122
2023-12-04 08:04:41 +00:00
Daiki Ueno
b3f5823d12 .gitlab-ci.yml: Exercise both libgcrypt and gnutls crypto backends
Note that gnutls 3.8.2 packages is still under testing, so we
tentatively pull in the build directly from koji.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:50 +09:00
Daiki Ueno
28486191b2 Support GnuTLS as an alternative crypto backend
This turns the `-Dgcrypt` build time option into a more generic
`-Dcrypto` option, which enables user to choose which cryptographic
library to link with.  It currently supports libgcrypt (`libgcrypt`)
and GnuTLS (`gnutls`); for the latter, GnuTLS 3.8.2 is the minimum
required version.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:49 +09:00
Daiki Ueno
0f49b34fa2 tests: Conditionalize session algorithm check in test-session
When compiled without libgcrypt, some of the tests in test-session
fails as they expect the session algorithm to be
"dh-ietf1024-sha256-aes128-cbc-pkcs7".  This adds a build-time
conditional to guard against it.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:11 +09:00
Daiki Ueno
564874beb0 file-collection: Move low-level crypto functions to egg
This moves low-level cryptographic functions into egg/egg-keyring1.c,
to make it easy to support multiple crypto backend libraries.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-12-04 16:50:10 +09:00
Daiki Ueno
0b4769f871 file-collection: Make it consistent about block cipher algorithm
The original code tries to encrypt the file format using AES-256-CBC,
though actually AES-128-CBC was used because the key size is shorter
and libgcrypt automatically degrades to AES-128-CBC based on the key
size.  Reported by Sophie Herold in:
https://github.com/bilelmoussaoui/oo7/issues/46#issuecomment-1816286494

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-11-28 14:56:19 +09:00
Daiki Ueno
47f524e2df egg-dh: Hide gcry_mpi_t from the internal API
This wraps gcry_mpi_t usage in the API with opaque strucs, so it would
be easier to port egg-dh to other crypto libraries.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-11-28 14:51:23 +09:00
Dhanuka Warusadura
39055f245e Merge branch 'vala-attributes-validate-test-fix' into 'master'
Fix Vala test for attributes_validate

See merge request GNOME/libsecret!132
2023-11-27 04:18:41 +00:00
Henry Rovner
79d3d403e8 Add missing equals sign to check equality instead of assignment 2023-11-25 10:44:05 -08:00
Dhanuka Warusadura
b2d1e56df1 Merge branch 'schema-doc-markup-fix' into 'master'
Fix markup syntax for SecretSchema

Closes #81

See merge request GNOME/libsecret!131
2023-11-14 17:06:01 +00:00
Henry Rovner
6308682e8f Update markup syntax 2023-11-12 05:20:54 +00:00
Daiki Ueno
e134b0ad77 Merge branch 'public-secret-attributes-validate' into 'master'
Public secret_attributes_validate method

See merge request GNOME/libsecret!129
2023-11-11 22:44:17 +00:00
Henry Rovner
f610c44a92 Public secret_attributes_validate method
This makes the internal logic of _secret_attributes_validate public,
so applications can check and recover when an invalid attributes table
is passed to other libsecret API, such as secret_service_clear.
2023-11-11 22:44:17 +00:00
Niels De Graef
4c5941505e Merge branch 'secret-tool-stdin-check-utf8' into 'master'
secret-tool: Verify that the parsed stdin password is vaild UTF-8

See merge request GNOME/libsecret!130
2023-11-06 20:32:25 +00:00
Henry Rovner
b6716c4d30 secret-tool: Verify that the parsed stdin password is vaild UTF-8 2023-11-06 11:17:24 -08:00
Daiki Ueno
abfc291568 Merge branch 'wip/dueno/asan-fixes' into 'master'
ci: Fix LeakSanitizer issues

See merge request GNOME/libsecret!126
2023-10-19 22:54:41 +00:00
Daiki Ueno
8efde50455 .gitlab-ci: Update CI base image to Fedora 38
Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-19 17:24:40 +09:00
Daiki Ueno
7f97e5e0fa .gitlab-ci.yml: Add LSan suppressions file
This adds a suppression file for Leak Sanitizer to ignore known leaks
in libgio-2.0.so.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-19 17:24:40 +09:00
Daiki Ueno
3c97587608 secret-file-collection: Improve etag tracking
This resets self->etag only after successful load of the contents, by
using a temporary variable and checking error of
g_file_replace_contents_finish, etc.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-19 17:23:38 +09:00
Daiki Ueno
f83cd26858 secret-service: Don't unnecessary increase refcount
As the GVariant returned in secret_service_real_prompt_finish should
be already sunk by secret_prompt_perform_finish, calling
g_variant_ref_sink actually increases the refcount and causes a leak.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-19 13:52:59 +09:00
Daiki Ueno
92705b58a3 secret-paths: Make sure to unref GVariant
The GVariant returned in
secret_service_get_secret{,s}_for_dbus_path{,s}_finish should be
unref'ed after use.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-19 13:52:59 +09:00
Daiki Ueno
e9818571e3 secret-paths: Fix memleak when unlocking a path
A GPtrArray allocated to temporarily hold (un)locked item paths was
not freed when the collection has a non-empty D-Bus path.

Signed-off-by: Daiki Ueno <dueno@src.gnome.org>
2023-10-18 16:06:23 +09:00
Kristjan SCHMIDT
115474aa67 Update Esperanto translation 2023-09-27 20:06:24 +00:00
Niels De Graef
79722e8c67
Release stable version 0.21.1 2023-09-19 23:11:26 +02:00
Dhanuka Warusadura
28a29bc2a5 Merge branch 'wip/ci_print_errorlogs' into 'master'
CI: Print error logs on test failure

See merge request GNOME/libsecret!125
2023-09-18 12:17:07 +00:00
Milan Crha
64cf3ff4b3 CI: Print error logs on test failure
It'll help to check what precisely failed with the test, instead of
getting only passed/failed states.
2023-09-18 12:14:45 +00:00
Niels De Graef
97d5c139ee Merge branch '62-flatpak-libsecret-fails-to-read-credentials-saved-by-other-process' into 'master'
Resolve "Flatpak: libsecret fails to read credentials saved by other process"

Closes #62

See merge request GNOME/libsecret!99
2023-09-18 11:42:54 +00:00
Milan Crha
1f44c81ca4 secret-file-collection: Check for file changes and reload when needed
When some other process changes the underlying file, the collection
should reload its in-memory content, to reflect the changes.

Closes https://gitlab.gnome.org/GNOME/libsecret/-/issues/62
2023-09-18 13:25:38 +02:00
Efstathios Iosifidis
ae7c52bd9c Update Greek translation 2023-09-08 23:21:55 +00:00
Amn Alam
8bbdfa3644 Update Punjabi translation 2023-08-31 02:04:46 +00:00
Dhanuka Warusadura
1374b09e61 Merge branch 'fix_depricated' into 'master'
TPM2: fix `g_memdup` deprecated warning

See merge request GNOME/libsecret!121
2023-08-24 13:31:15 +00:00
Dhanuka Warusadura
bf0ddf7ff3 TPM2: fix g_memdup deprecated warning 2023-08-24 13:31:15 +00:00