commit 8fbb0c3e9df32dc9eb0fb9ebe9e791d5bb39036f Author: Stef Walter Date: 2009-07-27 [daemon] Use gio instead of libhal for monitoring volumes. Remove use of libhal from GkrLocationManager. Use GVolumeMonitor from gio instead. Fixes bug #589837 configure.in | 29 --- daemon/Makefile.am | 2 + daemon/util/gkr-location.c | 446 +++++++++++--------------------------------- 3 files changed, 114 insertions(+), 363 deletions(-) commit 04024cd895ad060e1e84e5c1312aa1294ce75cbd Author: Andre Klapper Date: 2009-07-24 Update Czech translation. po/cs.po | 455 ++++++++++++++++++++++++++++++-------------------------------- 1 files changed, 217 insertions(+), 238 deletions(-) commit 0275804640ccb2d64ab7f28fa23affdc3ba04420 Author: Stef Walter Date: 2009-07-23 [gck] Add concept of PKCS#11 applications. Remove VirtualSlot stuff and hide a lot of the apartment stuff inside the module whenever possible. pkcs11/gck/gck-module.c | 406 +++++++++++++++++++---------------- pkcs11/gck/gck-session.c | 27 ++- pkcs11/gck/gck-session.h | 7 +- pkcs11/pkcs11g.h | 5 +- pkcs11/pkcs11i.h | 57 ++--- pkcs11/plex-layer/gck-plex-layer.c | 14 +- pkcs11/rpc-layer/gck-rpc-dispatch.c | 71 ++++--- 7 files changed, 315 insertions(+), 272 deletions(-) commit b7dd715014c145f43dff2b35a0471357a6ff3ea4 Author: Ivar Smolin Date: 2009-07-23 Updating Estonian translation po/et.po | 135 +++++++++++++++++++++++++++++++------------------------------- 1 files changed, 68 insertions(+), 67 deletions(-) commit 5021d8af9b297c97eaf0f93d83a4672250b65971 Author: Theppitak Karoonboonyanan Date: 2009-07-23 Updated Thai translation. po/th.po | 465 ++++++++++++++++++++++++++++++-------------------------------- 1 files changed, 222 insertions(+), 243 deletions(-) commit d8e3f67b1bc68cb2545358d5d4882efc9a1b5376 Author: Daniel Nylander Date: 2009-07-22 Updated Swedish translation po/sv.po | 804 ++++++++++++++++++++++--------------------------------------- 1 files changed, 290 insertions(+), 514 deletions(-) commit 6f0865f2489e498352deb022dca7cf0cebf46e78 Author: Jorge González Date: 2009-07-21 Updated Spanish translation po/es.po | 475 ++++++++++++++++++++++++++++++-------------------------------- 1 files changed, 229 insertions(+), 246 deletions(-) commit 08977420782b3fe2c7b5f70f517fe37b69dedde2 Author: Stef Walter Date: 2009-07-21 [daemon] Translatable string fix. Fixes bug #573662. Remove spaces from end of translatable string. daemon/gkr-daemon-ops.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) commit 767bac01f7800d26553af73dc28c0f4ee9877416 Author: Stef Walter Date: 2009-07-21 Fix a couple more minor memory leaks. Fix memory leaks highlighted by the valgrind trace on bug #588443 daemon/gkr-daemon-dbus.c | 1 + pkcs11/gck/gck-session.c | 2 ++ pkcs11/ssh-store/gck-ssh-module.c | 2 ++ 3 files changed, 5 insertions(+), 0 deletions(-) commit 5a175e3c45883fc43a231f8144fdc8102a28c780 Author: Stef Walter Date: 2009-07-21 [tests] Fix some minor memory leaks in unit tests. pkcs11/gck/tests/unit-test-data-asn1.c | 2 ++ tests/gtest-helpers.c | 2 ++ 2 files changed, 4 insertions(+), 0 deletions(-) commit 00f08d16d86ee109a73372aa13f8ab7670b4f62b Author: Stef Walter Date: 2009-07-19 [gck] Write files without group or world permissions. Fixes bug #587908. Don't use g_file_set_contents() but write our own routines for writing file data from a transaction. pkcs11/gck/gck-transaction.c | 68 +++++++++++++++++++++++++++++++++++++---- 1 files changed, 61 insertions(+), 7 deletions(-) commit a957c0ed1fbf61d355e8d0eed8fdfac969ec4e37 Merge: 40a9f2a... 5baf704... Author: Stef Walter Date: 2009-07-19 Merge branch 'unlock-objects' commit 5baf7048a690e1d1e6d6b677f19bcd687c92c9ac Author: Stef Walter Date: 2009-07-19 [daemon, ssh-agent] Use authenticator objects instead of auth-cache. Now that we have authenticator objects in the actual pkcs#11 modules remove the auth cache for unlocking objects from the daemon, and use authenticator objects to lock objects from the ssh-agent. daemon/pkcs11/gkr-pkcs11-auth-ep.c | 414 +++------------------------------- daemon/pkcs11/gkr-pkcs11-auth.c | 167 ++------------ daemon/pkcs11/gkr-pkcs11-auth.h | 16 +- pkcs11/pkcs11g.h | 11 - pkcs11/ssh-agent/gck-ssh-agent-ops.c | 32 ++- 5 files changed, 76 insertions(+), 564 deletions(-) commit 71c0f037a3bbcf2ba4e1c46302834b345cf41847 Author: Stef Walter Date: 2009-07-19 [gck] Pass session to get/set attribute functions. This allows attributes to be different depending on which session or application they're accessed from. Implement CKA_ALWAYS_AUTHENTICATE as a session dependent attribute. pkcs11/gck/gck-authenticator.c | 4 +- pkcs11/gck/gck-certificate-key.c | 6 +- pkcs11/gck/gck-certificate-trust.c | 14 ++++--- pkcs11/gck/gck-certificate.c | 6 +- pkcs11/gck/gck-key.c | 4 +- pkcs11/gck/gck-manager.c | 12 +++--- pkcs11/gck/gck-object.c | 64 +++++++++++++--------------- pkcs11/gck/gck-object.h | 19 ++++++-- pkcs11/gck/gck-private-key.c | 21 +++++++--- pkcs11/gck/gck-private-key.h | 3 +- pkcs11/gck/gck-public-key.c | 4 +- pkcs11/gck/gck-session.c | 20 ++++---- pkcs11/gck/tests/mock-locked-object.c | 4 +- pkcs11/roots-store/gck-roots-certificate.c | 4 +- pkcs11/ssh-store/gck-ssh-private-key.c | 6 +- pkcs11/ssh-store/gck-ssh-public-key.c | 4 +- pkcs11/user-store/gck-user-private-key.c | 4 +- pkcs11/user-store/gck-user-storage.c | 6 +- 18 files changed, 110 insertions(+), 95 deletions(-) commit 45c79443a280bcda6e4c88f79e5db2f3391ac938 Author: Stef Walter Date: 2009-07-19 [gck] Don't map object identifiers in plex layer. This conflicts with future plans for having object handles present in the attributes of other objects. pkcs11/plex-layer/gck-plex-layer.c | 123 ++++++------------------------------ 1 files changed, 20 insertions(+), 103 deletions(-) commit d5f960e74da3c39c46b358f982e24407c77441b9 Author: Stef Walter Date: 2009-07-19 [gck] Tweak authenticator enumerator to return boolean. gck_session_for_each_authenticator() now returns a boolean value if any of the callbacks returned successfully. pkcs11/gck/gck-session.c | 14 ++++++++------ pkcs11/gck/gck-session.h | 2 +- 2 files changed, 9 insertions(+), 7 deletions(-) commit 6a6d07aa2265ff842b37900faaf13b096c0fdd5a Author: Stef Walter Date: 2009-07-19 [gck] Add authenticator objects for storing authenticated state. Authenticator objects are now used for PKCS#11 context specific logins. In the future we'll use them for unlocking stuff on a token, session, or timeout basis. pkcs11/gck/Makefile.am | 1 + pkcs11/gck/gck-authenticator.c | 402 ++++++++++++++++++++++++ pkcs11/gck/gck-authenticator.h | 77 +++++ pkcs11/gck/gck-key.c | 4 +- pkcs11/gck/gck-key.h | 5 +- pkcs11/gck/gck-login.c | 1 + pkcs11/gck/gck-module.c | 12 +- pkcs11/gck/gck-object.c | 50 +++- pkcs11/gck/gck-object.h | 8 +- pkcs11/gck/gck-private-key.c | 82 ++++-- pkcs11/gck/gck-private-key.h | 8 +- pkcs11/gck/gck-public-key.c | 2 +- pkcs11/gck/gck-session.c | 107 ++++++- pkcs11/gck/gck-session.h | 8 + pkcs11/gck/gck-sexp.c | 3 +- pkcs11/gck/gck-sexp.h | 2 +- pkcs11/gck/gck-types.h | 1 + pkcs11/gck/gck-util.c | 11 + pkcs11/gck/gck-util.h | 2 + pkcs11/gck/tests/Makefile.am | 2 + pkcs11/gck/tests/mock-locked-object.c | 88 +++++ pkcs11/gck/tests/mock-locked-object.h | 52 +++ pkcs11/gck/tests/test-module.c | 34 ++- pkcs11/gck/tests/test-module.h | 10 +- pkcs11/gck/tests/unit-test-authenticator.c | 254 +++++++++++++++ pkcs11/gck/tests/unit-test-memory-store.c | 6 +- pkcs11/gck/tests/unit-test-object.c | 23 +-- pkcs11/gck/tests/unit-test-store.c | 7 +- pkcs11/gck/tests/unit-test-timer.c | 6 +- pkcs11/pkcs11g.h | 14 +- pkcs11/ssh-store/gck-ssh-module.c | 8 + pkcs11/ssh-store/gck-ssh-private-key.c | 40 ++- pkcs11/ssh-store/tests/Makefile.am | 4 +- pkcs11/ssh-store/tests/test-ssh-module.c | 105 ++++++ pkcs11/ssh-store/tests/test-ssh-module.h | 43 +++ pkcs11/ssh-store/tests/unit-test-private-key.c | 97 ++++++ pkcs11/user-store/gck-user-private-key.c | 4 +- pkcs11/user-store/gck-user-storage.c | 10 +- 38 files changed, 1451 insertions(+), 142 deletions(-) commit 4508771f734590140051391b0a9222451f2aa453 Author: Stef Walter Date: 2009-07-18 [gck] Add support for transient PKCS#11 objects. Transient objects are not stored permanently. These may be token objects with token 'scope' but dissappear automatically at some point in the future. Auto-destructed objects are always token objects. pkcs11/gck/gck-module.c | 114 +++++++++++++++- pkcs11/gck/gck-object.c | 132 +++++++++++------- pkcs11/gck/gck-object.h | 13 +- pkcs11/gck/gck-session.c | 17 ++- pkcs11/gck/tests/Makefile.am | 1 + pkcs11/gck/tests/unit-test-object.c | 262 +++++++++++++++++++++++++++++++++++ pkcs11/gck/tests/unit-test-timer.c | 2 +- pkcs11/pkcs11g.h | 2 + 8 files changed, 478 insertions(+), 65 deletions(-) commit 3f7704cd340e9e8ee88dd5180a52cc583bb9daf3 Author: Stef Walter Date: 2009-07-18 [gck] Add helper function to parse bool attribute. pkcs11/gck/gck-attributes.c | 17 +++++++++++++++++ pkcs11/gck/gck-attributes.h | 5 ++++- pkcs11/gck/tests/unit-test-attributes.c | 27 +++++++++++++++++++++++++++ 3 files changed, 48 insertions(+), 1 deletions(-) commit b98358d3c3e43792474ff2622c6d3397c3a9badf Author: Stef Walter Date: 2009-07-18 [gck] PKCS#11 objects now track the module they're in. Since multiple modules share the same address space, this is a necessary change for future robustness and changes. pkcs11/gck/gck-certificate-key.c | 4 +- pkcs11/gck/gck-certificate-key.h | 3 +- pkcs11/gck/gck-certificate-trust.c | 4 +- pkcs11/gck/gck-certificate-trust.h | 3 +- pkcs11/gck/gck-certificate.c | 5 ++- pkcs11/gck/gck-object.c | 41 +++++++++++++++++++++++++- pkcs11/gck/gck-object.h | 2 + pkcs11/gck/gck-private-key.c | 4 ++- pkcs11/gck/gck-public-key.c | 4 ++- pkcs11/gck/tests/unit-test-memory-store.c | 13 +++++++- pkcs11/gck/tests/unit-test-store.c | 9 ++++++ pkcs11/roots-store/gck-roots-certificate.c | 20 +++++++++++-- pkcs11/roots-store/gck-roots-certificate.h | 3 +- pkcs11/roots-store/gck-roots-module.c | 2 +- pkcs11/ssh-store/gck-ssh-module.c | 2 +- pkcs11/ssh-store/gck-ssh-private-key.c | 11 ++++-- pkcs11/ssh-store/gck-ssh-private-key.h | 3 +- pkcs11/ssh-store/gck-ssh-public-key.c | 5 ++- pkcs11/ssh-store/gck-ssh-public-key.h | 3 +- pkcs11/user-store/gck-user-module.c | 2 +- pkcs11/user-store/gck-user-private-key.c | 4 ++- pkcs11/user-store/gck-user-public-key.c | 4 ++- pkcs11/user-store/gck-user-storage.c | 33 +++++++++++++++++---- pkcs11/user-store/gck-user-storage.h | 2 +- pkcs11/user-store/tests/.gitignore | 2 + pkcs11/user-store/tests/Makefile.am | 7 ++++ pkcs11/user-store/tests/p11-tests.conf | 2 + 27 files changed, 159 insertions(+), 38 deletions(-) commit 508054a15c332a7fa3ba3dd509863ed81eeea188 Author: Stef Walter Date: 2009-07-18 Figure out CKA_TOKEN for a PKCS#11 object based on manager. Instead of manually setting CKA_TOKEN as the 'permanent' property on an object, we automatically infer it from the manager that the token object is on. pkcs11/gck/gck-manager.c | 3 --- pkcs11/gck/gck-object.c | 23 +++++------------------ pkcs11/gck/gck-session.c | 5 ----- 3 files changed, 5 insertions(+), 26 deletions(-) commit 40a9f2aa3e0a888d856981b565d88e4f780df494 Author: Stef Walter Date: 2009-07-18 Update translatable files for last change po/POTFILES.in | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) commit d480df5f8f66478f00ed02bd46b15e9d2783f7d0 Author: Stef Walter Date: 2009-07-18 Use .ui files directly now that they're supported by glade. Remove old glade files, and the conversion rules from Makefile.am. gcr/.gitignore | 2 - gcr/Makefile.am | 14 +- gcr/gcr-certificate-basics-widget.glade | 512 ------------------------------- gcr/gcr-certificate-basics-widget.ui | 504 ++++++++++++++++++++++++++++++ gcr/gcr-import-dialog.glade | 130 -------- gcr/gcr-import-dialog.ui | 125 ++++++++ 6 files changed, 633 insertions(+), 654 deletions(-) commit 28bf965222e58c0eae7eb76ff0143ce3b86a6fda Merge: 92251a5... d69fdd3... Author: Stef Walter Date: 2009-07-18 Merge branch 'auto-destruct' commit d69fdd36a70052114b8b0c4cc0efa0868709ebb0 Author: Stef Walter Date: 2009-07-18 Add support for lifetime constrained identities. We don't support prompt constrained identities, as security wise this is incompatible with the current X11 desktop. And currently amounts to 'security theater'. pkcs11/ssh-agent/gck-ssh-agent-ops.c | 74 +++++++++++++++++++++++++++++++-- 1 files changed, 69 insertions(+), 5 deletions(-) commit 274b2f5d8993e7b1b8717b7df50a4c678aa64641 Author: Stef Walter Date: 2009-07-18 Make standalone socket in a directory we know exists: /tmp pkcs11/ssh-agent/gck-ssh-agent-standalone.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) commit ad2c0e75977c7a76c25ef27fb29b767d3c1e94ad Author: Stef Walter Date: 2009-07-18 Add support for auto destructing session objects. These destroy themselves after a certain amount of lifetime controlled by the CKA_GNOME_AUTO_DESTRUCT attribute. pkcs11/gck/gck-object.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++ pkcs11/gck/gck-object.h | 8 +++ pkcs11/gck/gck-session.c | 32 ++++++++++++- pkcs11/gck/gck-session.h | 5 ++ pkcs11/pkcs11g.h | 6 ++ 5 files changed, 170 insertions(+), 1 deletions(-) commit 10ecb163793305ceed6a3cee48f2e593daabdd20 Author: Stef Walter Date: 2009-07-18 Add support for parsing and storing time attributes. These time attributes follow the PKCS#11 clock format. That is: YYYYmmddHHMMSS00 16 chars pkcs11/gck/gck-attributes.c | 97 ++++++++++++++++++++++++ pkcs11/gck/gck-attributes.h | 8 ++ pkcs11/gck/tests/Makefile.am | 1 + pkcs11/gck/tests/unit-test-attributes.c | 125 +++++++++++++++++++++++++++++++ 4 files changed, 231 insertions(+), 0 deletions(-) commit 30d87d669ce3c17a3de5de1e065ddc09357d2170 Author: Stef Walter Date: 2009-07-18 Add support for thread timers. We can't use mainloop timers from PKCS#11 modules, since no mainloop runs in those modules. Thread timers all share a single thread and callback into the module at the given time. pkcs11/gck/Makefile.am | 1 + pkcs11/gck/gck-module-ep.h | 4 +- pkcs11/gck/gck-module.c | 32 +++++- pkcs11/gck/gck-module.h | 6 +- pkcs11/gck/gck-timer.c | 225 ++++++++++++++++++++++++++++++++++++ pkcs11/gck/gck-timer.h | 43 +++++++ pkcs11/gck/gck-types.h | 1 + pkcs11/gck/tests/Makefile.am | 2 + pkcs11/gck/tests/test-module.c | 70 +++++++++++ pkcs11/gck/tests/test-module.h | 41 +++++++ pkcs11/gck/tests/unit-test-timer.c | 159 +++++++++++++++++++++++++ 11 files changed, 578 insertions(+), 6 deletions(-) commit 92251a5d0995fb04ea54d148d7825b19d1c430b4 Author: Sweta Kothari Date: 2009-07-14 Updated Gujarati Translations po/gu.po | 206 ++++++++++++++++++++++++++++++++----------------------------- 1 files changed, 108 insertions(+), 98 deletions(-) commit 8261600a736854d44c869cf8077776b286e80680 Author: Sweta Kothari Date: 2009-07-14 Updated Gujarati Translations po/gu.po | 37 +++++++++++++++++++------------------ 1 files changed, 19 insertions(+), 18 deletions(-) commit 28005c65148d730e417669f227d8db35e2db2cac Author: Stef Walter Date: 2009-07-13 Release version 2.27.4 NEWS | 12 ++++++++++++ configure.in | 2 +- 2 files changed, 13 insertions(+), 1 deletions(-) commit 5f7e6f921cb4bc01aca90416ba83cb046fee1506 Author: Stef Walter Date: 2009-07-13 Fix tests so they work from 'make distwcheck' Fix path issues in the tests which need data from their test-data directory, so that they work when running 'make distcheck' daemon/keyrings/tests/unit-test-keyring-file.c | 20 ++++-------- gcr/gcr-library.c | 2 +- gcr/tests/unit-test-certificate.c | 11 ++----- gcr/tests/unit-test-parser.c | 2 +- pkcs11/gck/tests/unit-test-data-der.c | 2 +- pkcs11/gck/tests/unit-test-data-file.c | 4 +- pkcs11/ssh-store/tests/Makefile.am | 4 ++- tests/gtest-helpers.c | 38 ++++++++++++++++++++--- tests/gtest-helpers.h | 1 + tests/gtest.make | 2 +- 10 files changed, 53 insertions(+), 33 deletions(-)