diff options
Diffstat (limited to 'gnome-base/gnome-keyring')
| -rw-r--r-- | gnome-base/gnome-keyring/Manifest | 6 | ||||
| -rw-r--r-- | gnome-base/gnome-keyring/files/3.31.91-fix-musl.patch | 27 | ||||
| -rw-r--r-- | gnome-base/gnome-keyring/files/3.31.91-race-fix1.patch | 37 | ||||
| -rw-r--r-- | gnome-base/gnome-keyring/files/3.31.91-race-fix2.patch | 104 | ||||
| -rw-r--r-- | gnome-base/gnome-keyring/files/3.31.91-ssh-tests-fix.patch | 112 | ||||
| -rw-r--r-- | gnome-base/gnome-keyring/gnome-keyring-3.31.91-r1.ebuild | 84 |
6 files changed, 370 insertions, 0 deletions
diff --git a/gnome-base/gnome-keyring/Manifest b/gnome-base/gnome-keyring/Manifest index 1a78fc25177a..140c8f709ab5 100644 --- a/gnome-base/gnome-keyring/Manifest +++ b/gnome-base/gnome-keyring/Manifest @@ -1,7 +1,13 @@ +AUX 3.31.91-fix-musl.patch 779 BLAKE2B 72dc9001d17dcec1a2612a19e0edb358398a36dc3bffb8b56f9dc911c3061d37c82a1c58ee94fabaa1ed97464769cce9aa36bd3d835eb557b31e7a89cadd083f SHA512 aa75b3017418d164e5f7014346b6916e618b05b7f444114859a1a914544a28f85eccaaf88e8bdd7defd7175f31e56b9cf203019d151493a2f262c4913b248775 +AUX 3.31.91-race-fix1.patch 1503 BLAKE2B cd90c630835f5e5c85ec6fc432ea10cc17aeec6bf7edbd42a6fecccc2426c4ee54135394f71d8ac8cfcd84062a465baf91dd85c29decd4e9db5c8bf39a719d8d SHA512 64ba00999370283d33f998ee6ed5f26cfaa685ea53a169a3bb0a1a28fe7229331ab388ef86fa3322deb3e454d850bb82c390686fad51cd69dc5005deac8dfb9a +AUX 3.31.91-race-fix2.patch 3510 BLAKE2B 706a88941bb9beb46209e45cbfbf72e4f8b7a5fb0abaffe55b213dd7d86584d03c50bf317fd5e266e540a9fcf454c44468ab4c03808e15702a301ba9388083e0 SHA512 8e90901cfae13793972eb4be903995ff11bde6d78a0c72db4ecde0dcf76b44496d398cd14c60f689d7720d0356abd85b4ccc523a5b57cede3e97cba394d223d8 +AUX 3.31.91-ssh-tests-fix.patch 3854 BLAKE2B 2cf3f6fc133960f0b4e7d07b0358a3075dd8289b1960164f613ec6aef4d6807302a7424fd770b2f399add63a1d1a32539264ee8625f271f00f557c17c09626fb SHA512 29b50f3530c29b158d65dadfdbac8a45fdf06e22b0f6e8de0596aca78e4e410ca99cadf0aeb7a6b23b6d7c1df1e40ae179fe380c5a3a9d89f7425a222d1ca444 DIST gnome-keyring-3.20.0.tar.xz 1215324 BLAKE2B 97a4663fac7d3e854a742ac2f160fda2b40c5ff9f7316b52197955aa1970732ef323252325a021469d4944e962b1f1b868d300476b854f21cc5636961e3972da SHA512 f7e6195b4be52edaee3bc3181f006ec31ebd54f8000c98220520f4158f66580b60950e4f55247aefae6aa9320f6589c8a09c1e32853165915ae5ff1b40627c5b DIST gnome-keyring-3.20.1.tar.xz 1219800 BLAKE2B b0c633575ee35a733bbf04322e4413675bc40d4de256b66183138483f50c1d399a450cd4d06a3d76707948a7c541ef129a3385044f109a37677af6a7fc01e9af SHA512 a60d8a4b17a9c6d8c581578881abaf7d79de43045a314b401e3bfd3974edb4ab94117dd430203b721058f432b24bf6296e0b7c4fba1e66cccd2c2e9441787177 DIST gnome-keyring-3.28.2.tar.xz 1322108 BLAKE2B 416697befb7670c3b854ff8d70626d495f5ba77691a062f854360e25a76766f5023e998b86114d36965023a5efefc2eb0ab1dca9aa03d73351eafebaa4920784 SHA512 a51bc9d6bc9203b86febe99bdbf893d3ba0eeaad976ece2bd49efc3869bd1d15f440a01999ce969f845f8336538de22e9f1161da990d707cbadb99d5cc3549bc +DIST gnome-keyring-3.31.91.tar.xz 1365052 BLAKE2B fed6ac7bb5a509e268180d047cd5df1564d5a90672f5240fa98773f43d9ca7eb63c598d81c4a9de8e988ee5886679bceeb4be1c43acce876680aeb3df4385856 SHA512 c66ad13fd84764f01e75de2d6142ecb42954d6111f86738c27e7b5b94e702be2af5af7f83ba4e4b9aae58cfa04f3973e272c8177179d1f8a54f63c037aea0210 EBUILD gnome-keyring-3.20.0.ebuild 2149 BLAKE2B b0b14027766ee97e3352465c496e5495da2ee6a60eff01ec108f0ea8e45b04212c3a9e4535392cb5a2547dc2fe4c7b03b99f4f89b8a37b3694d4cfb913c8767c SHA512 3498b100ddfc190e0994963f8f5f892948e1af570069417d2b3eb7df51ade7d5b82ec9b6e6ce617a761274baddb87d8495f8e5a438bf22f0fc88b2a7619497b5 EBUILD gnome-keyring-3.20.1.ebuild 2150 BLAKE2B 9b7f568fea159895924f5266728f685abffcb2c0f35f19725b9fb40ff481ec099d12c036fe4903ec3233f06502fdd3120a3a05d70bfe19b8922963e3827c9a63 SHA512 bc08c5581b9aff79fd0d610e57020c6772723a6e643dea8da4ede325c6231e91e36d9756dc1c505c1a483e9fe6a2c93bb0de946147748370fbcea45650763020 EBUILD gnome-keyring-3.28.2.ebuild 2152 BLAKE2B a9c31fab90f47193a55eeba49f87c85dcf6991a36fcc048cb55c43ff913247168f25d1d50410c31a4a568e45802a10719befed5830b20d0ace1034be60466557 SHA512 3438279a10b1bb8d3c35fe67fb97819d05bdc56ed347d4ed2dc378cfac8d072c83415880dea70dc7a2d36cb516878abe331b119f1048c54070118ae622afb7f9 +EBUILD gnome-keyring-3.31.91-r1.ebuild 2388 BLAKE2B 094cb925b0356ebd01181097b81aafc00ed4e2241e1ffa10384c6ce9ebee9aa7dc5d6fbce318c6888c3c08642037fd674225eeca723857d487ef29e4908c738d SHA512 55c5d25e7e41a4d891bcce0ef2d9bba45e298939d7b28c65b4afdad6d276a8e38994d57cc82080d78bc00013b12b7f03b83f29fa611b342adba941a14786a715 MISC metadata.xml 883 BLAKE2B 6d253b088319b1f442d91e0372751ce3ddd0516bbd3e72242e4541837c6c6bfe83371a5c47a7be73fad6046be5f053aa6c6fb41d884111ac53cd4de3cb0d1381 SHA512 31d506051c1353e1e4dd987e5ccd39281d19f6ae08974a09bd8145218c7209588629a79c6baad9ff1b83358a699f46fddb8c4ec51da73efe26be2d5e7f0a905a diff --git a/gnome-base/gnome-keyring/files/3.31.91-fix-musl.patch b/gnome-base/gnome-keyring/files/3.31.91-fix-musl.patch new file mode 100644 index 000000000000..85aebcd30012 --- /dev/null +++ b/gnome-base/gnome-keyring/files/3.31.91-fix-musl.patch @@ -0,0 +1,27 @@ +From 7a8b7d2ebfbb831840e6d58dbb1109f4c31d6ba4 Mon Sep 17 00:00:00 2001 +From: Daiki Ueno <dueno@src.gnome.org> +Date: Fri, 10 May 2019 15:47:33 +0200 +Subject: [PATCH] rpc-layer: fix build with musl-libc + +The recent POSIX suggests to include <sys/select.h> for select(). + +Reported by Anthony G. Basile. +--- + pkcs11/rpc-layer/gkm-rpc-daemon-standalone.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/pkcs11/rpc-layer/gkm-rpc-daemon-standalone.c b/pkcs11/rpc-layer/gkm-rpc-daemon-standalone.c +index 5024e1e1..b3fb6707 100644 +--- a/pkcs11/rpc-layer/gkm-rpc-daemon-standalone.c ++++ b/pkcs11/rpc-layer/gkm-rpc-daemon-standalone.c +@@ -34,6 +34,7 @@ + + #include <dlfcn.h> + #include <pthread.h> ++#include <sys/select.h> + + #define SOCKET_PATH "/tmp/gkm-rpc-daemon.sock" + +-- +2.20.1 + diff --git a/gnome-base/gnome-keyring/files/3.31.91-race-fix1.patch b/gnome-base/gnome-keyring/files/3.31.91-race-fix1.patch new file mode 100644 index 000000000000..d965fd712770 --- /dev/null +++ b/gnome-base/gnome-keyring/files/3.31.91-race-fix1.patch @@ -0,0 +1,37 @@ +From 8a948b3ac17f7d1b0ff31b0cf22e655054eb5c6b Mon Sep 17 00:00:00 2001 +From: Benjamin Berg <bberg@redhat.com> +Date: Tue, 14 May 2019 17:36:56 +0200 +Subject: [PATCH 1/2] dbus-environment: Log Setenv call failure after + initialization + +When the GNOME session is already initialized at the point that Setenv +is called, then an error is returned. Hidding this error makes it hard +to understand why the environment was not setup if things failed. +--- + daemon/dbus/gkd-dbus-environment.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/daemon/dbus/gkd-dbus-environment.c b/daemon/dbus/gkd-dbus-environment.c +index 93e2b878..051de953 100644 +--- a/daemon/dbus/gkd-dbus-environment.c ++++ b/daemon/dbus/gkd-dbus-environment.c +@@ -49,15 +49,11 @@ on_setenv_reply (GObject *source, + res = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), result, &error); + + if (error != NULL) { +- gchar *dbus_error; +- dbus_error = g_dbus_error_get_remote_error (error); +- if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN) || +- g_strcmp0 (dbus_error, "org.gnome.SessionManager.NotInInitialization") == 0) ++ if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN)) + g_debug ("couldn't set environment variable in session: %s", error->message); + else + g_message ("couldn't set environment variable in session: %s", error->message); + g_error_free (error); +- g_free (dbus_error); + } + + g_clear_pointer (&res, g_variant_unref); +-- +2.20.1 + diff --git a/gnome-base/gnome-keyring/files/3.31.91-race-fix2.patch b/gnome-base/gnome-keyring/files/3.31.91-race-fix2.patch new file mode 100644 index 000000000000..c51ffbef44ad --- /dev/null +++ b/gnome-base/gnome-keyring/files/3.31.91-race-fix2.patch @@ -0,0 +1,104 @@ +From 5d088356a9473c06564bd2cef18ca370437a17bc Mon Sep 17 00:00:00 2001 +From: Benjamin Berg <bberg@redhat.com> +Date: Tue, 14 May 2019 17:42:29 +0200 +Subject: [PATCH 2/2] dbus-environment: Make Setenv request synchronuous + +Currently there is a potential race condition where the Setenv request +races further session startup. i.e. the clients that are started with +--start on login may quit before the Setenv DBus call is delivered. This +opens a theoretical race condition where gnome-session is already past +the initialization phase when it serves the Setenv request. +--- + daemon/dbus/gkd-dbus-environment.c | 62 +++++++++++++++--------------- + 1 file changed, 30 insertions(+), 32 deletions(-) + +diff --git a/daemon/dbus/gkd-dbus-environment.c b/daemon/dbus/gkd-dbus-environment.c +index 051de953..acf398b9 100644 +--- a/daemon/dbus/gkd-dbus-environment.c ++++ b/daemon/dbus/gkd-dbus-environment.c +@@ -38,32 +38,13 @@ gkd_dbus_environment_cleanup (GDBusConnection *conn) + /* Nothing to do here */ + } + +-static void +-on_setenv_reply (GObject *source, +- GAsyncResult *result, +- gpointer user_data) +-{ +- GError *error = NULL; +- GVariant *res; +- +- res = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), result, &error); +- +- if (error != NULL) { +- if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN)) +- g_debug ("couldn't set environment variable in session: %s", error->message); +- else +- g_message ("couldn't set environment variable in session: %s", error->message); +- g_error_free (error); +- } +- +- g_clear_pointer (&res, g_variant_unref); +-} +- + static void + setenv_request (GDBusConnection *conn, const gchar *env) + { + const gchar *value; + gchar *name; ++ GVariant *res; ++ GError *error = NULL; + + /* Find the value part of the environment variable */ + value = strchr (env, '='); +@@ -73,19 +54,36 @@ setenv_request (GDBusConnection *conn, const gchar *env) + name = g_strndup (env, value - env); + ++value; + +- g_dbus_connection_call (conn, +- SERVICE_SESSION_MANAGER, +- PATH_SESSION_MANAGER, +- IFACE_SESSION_MANAGER, +- "Setenv", +- g_variant_new ("(ss)", +- name, +- value), +- NULL, G_DBUS_CALL_FLAGS_NONE, +- -1, NULL, +- on_setenv_reply, NULL); ++ /* Note: This call does not neccessarily need to be a sync call. However ++ * under certain conditions the process will quit immediately ++ * after emitting the call. This ensures that we wait long enough ++ * for the message to be sent out (could also be done using ++ * g_dbus_connection_flush() in the exit handler when called with ++ * --start) and also ensures that gnome-session has processed the ++ * DBus message before possibly thinking that the startup of ++ * gnome-keyring has finished and continuing with forking the ++ * shell. */ ++ res = g_dbus_connection_call_sync (conn, ++ SERVICE_SESSION_MANAGER, ++ PATH_SESSION_MANAGER, ++ IFACE_SESSION_MANAGER, ++ "Setenv", ++ g_variant_new ("(ss)", ++ name, ++ value), ++ NULL, G_DBUS_CALL_FLAGS_NONE, ++ -1, NULL, &error); ++ ++ if (error != NULL) { ++ if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_SERVICE_UNKNOWN)) ++ g_debug ("couldn't set environment variable in session: %s", error->message); ++ else ++ g_message ("couldn't set environment variable in session: %s", error->message); ++ g_error_free (error); ++ } + + g_free (name); ++ g_clear_pointer (&res, g_variant_unref); + } + + static void +-- +2.20.1 + diff --git a/gnome-base/gnome-keyring/files/3.31.91-ssh-tests-fix.patch b/gnome-base/gnome-keyring/files/3.31.91-ssh-tests-fix.patch new file mode 100644 index 000000000000..f5344d349fee --- /dev/null +++ b/gnome-base/gnome-keyring/files/3.31.91-ssh-tests-fix.patch @@ -0,0 +1,112 @@ +From 91bc9368ca2eedef0dec3f5aa81f641ced07a9b6 Mon Sep 17 00:00:00 2001 +From: Simon McVittie <smcv@debian.org> +Date: Sat, 9 Mar 2019 17:56:55 +0000 +Subject: [PATCH] test-gkd-ssh-agent-service: Avoid race condition with server + thread + +These tests create a server thread in setup() and join it in teardown(), +but there are various race conditions between them that can cause the +test to hang. These are particularly reproducible when building on a +single-CPU machine or VM, and particularly in the startup_shutdown +test (which doesn't do anything, so it runs teardown() immediately +after setup()). + +It's possible to get this preemption pattern: + + ___ Main thread ___ ___ Server thread ___ + g_thread_new() (starts) + g_cond_wait() (blocks) + ... + g_cond_signal() + (gets preempted here) + exit setup() + enter teardown() + g_main_loop_quit() + g_main_loop_run() + +which means g_main_loop_run() will never terminate, because it wasn't +running yet when the main thread told the GMainLoop to quit, and the +main thread won't tell it to quit again. + +One way to solve this would be for the server thread to signal +test->cond from an idle callback instead of directly from +server_thread(), to guarantee that the GMainLoop is already running. +However, it seems easier to reason about if we avoid GMainLoop and +iterate the main context directly. + +Signed-off-by: Simon McVittie <smcv@debian.org> +Bug-Debian: https://bugs.debian.org/909416 +--- + daemon/ssh-agent/test-gkd-ssh-agent-service.c | 23 +++++++++---------- + 1 file changed, 11 insertions(+), 12 deletions(-) + +diff --git a/daemon/ssh-agent/test-gkd-ssh-agent-service.c b/daemon/ssh-agent/test-gkd-ssh-agent-service.c +index 9a9ead99..5c7a6179 100644 +--- a/daemon/ssh-agent/test-gkd-ssh-agent-service.c ++++ b/daemon/ssh-agent/test-gkd-ssh-agent-service.c +@@ -38,7 +38,8 @@ typedef struct { + EggBuffer req; + EggBuffer resp; + GkdSshAgentService *service; +- GMainLoop *loop; ++ GMainContext *server_thread_context; ++ volatile gint server_thread_stop; + GSocketConnection *connection; + GThread *thread; + GMutex lock; +@@ -49,13 +50,9 @@ static gpointer + server_thread (gpointer data) + { + Test *test = data; +- GMainContext *context; + gboolean ret; + +- context = g_main_context_new (); +- test->loop = g_main_loop_new (context, FALSE); +- +- g_main_context_push_thread_default (context); ++ g_main_context_push_thread_default (test->server_thread_context); + + ret = gkd_ssh_agent_service_start (test->service); + g_assert_true (ret); +@@ -64,12 +61,10 @@ server_thread (gpointer data) + g_cond_signal (&test->cond); + g_mutex_unlock (&test->lock); + +- g_main_loop_run (test->loop); ++ while (g_atomic_int_get (&test->server_thread_stop) == 0) ++ g_main_context_iteration (test->server_thread_context, TRUE); + +- g_main_context_pop_thread_default (context); +- +- g_main_context_unref (context); +- g_main_loop_unref (test->loop); ++ g_main_context_pop_thread_default (test->server_thread_context); + + return NULL; + } +@@ -139,6 +134,7 @@ setup (Test *test, gconstpointer unused) + + g_mutex_init (&test->lock); + g_cond_init (&test->cond); ++ test->server_thread_context = g_main_context_new (); + + test->thread = g_thread_new ("ssh-agent", server_thread, test); + +@@ -151,9 +147,12 @@ setup (Test *test, gconstpointer unused) + static void + teardown (Test *test, gconstpointer unused) + { +- g_main_loop_quit (test->loop); ++ g_atomic_int_set (&test->server_thread_stop, 1); ++ g_main_context_wakeup (test->server_thread_context); + g_thread_join (test->thread); + ++ g_main_context_unref (test->server_thread_context); ++ + g_clear_object (&test->connection); + + gkd_ssh_agent_service_stop (test->service); +-- +2.20.1 + diff --git a/gnome-base/gnome-keyring/gnome-keyring-3.31.91-r1.ebuild b/gnome-base/gnome-keyring/gnome-keyring-3.31.91-r1.ebuild new file mode 100644 index 000000000000..e71fe8099eb0 --- /dev/null +++ b/gnome-base/gnome-keyring/gnome-keyring-3.31.91-r1.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +GNOME2_LA_PUNT="yes" +PYTHON_COMPAT=( python2_7 ) + +inherit fcaps gnome2 pam python-any-r1 virtualx + +DESCRIPTION="Password and keyring managing daemon" +HOMEPAGE="https://wiki.gnome.org/Projects/GnomeKeyring" + +LICENSE="GPL-2+ LGPL-2+" +SLOT="0" +IUSE="+caps pam selinux +ssh-agent test" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris" + +# Replace gkd gpg-agent with pinentry[gnome-keyring] one, bug #547456 +RDEPEND=" + >=app-crypt/gcr-3.27.90:=[gtk] + >=dev-libs/glib-2.44:2 + app-misc/ca-certificates + >=dev-libs/libgcrypt-1.2.2:0= + caps? ( sys-libs/libcap-ng ) + pam? ( virtual/pam ) + selinux? ( sec-policy/selinux-gnome ) + >=app-crypt/gnupg-2.0.28:= + ssh-agent? ( net-misc/openssh ) +" +DEPEND="${RDEPEND} + >=app-eselect/eselect-pinentry-0.5 + app-text/docbook-xml-dtd:4.3 + dev-libs/libxslt + >=sys-devel/gettext-0.19.8 + virtual/pkgconfig + test? ( ${PYTHON_DEPS} ) +" +PDEPEND="app-crypt/pinentry[gnome-keyring]" #570512 + +PATCHES=( + "${FILESDIR}"/${PV}-race-fix{1,2}.patch # fix race issues on start, where sometimes keyring doesn't work after login; from origin/master + "${FILESDIR}"/${PV}-ssh-tests-fix.patch + "${FILESDIR}"/${PV}-fix-musl.patch +) + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + # Disable stupid CFLAGS with debug enabled + sed -e 's/CFLAGS="$CFLAGS -g"//' \ + -e 's/CFLAGS="$CFLAGS -O0"//' \ + -i configure.ac configure || die + + gnome2_src_prepare +} + +src_configure() { + gnome2_src_configure \ + $(use_with caps libcap-ng) \ + $(use_enable pam) \ + $(use_with pam pam-dir $(getpam_mod_dir)) \ + $(use_enable selinux) \ + $(use_enable ssh-agent) \ + --enable-doc +} + +src_test() { + "${EROOT}${GLIB_COMPILE_SCHEMAS}" --allow-any-name "${S}/schema" || die + GSETTINGS_SCHEMA_DIR="${S}/schema" virtx emake check +} + +pkg_postinst() { + # cap_ipc_lock only needed if building --with-libcap-ng + # Never install as suid root, this breaks dbus activation, see bug #513870 + use caps && fcaps -m 755 cap_ipc_lock usr/bin/gnome-keyring-daemon + gnome2_pkg_postinst + + if ! [[ $(eselect pinentry show | grep "pinentry-gnome3") ]] ; then + ewarn "Please select pinentry-gnome3 as default pinentry provider:" + ewarn " # eselect pinentry set pinentry-gnome3" + fi +} |