diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9f3aace --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/glib-2.56.4.tar.xz diff --git a/.glib2.metadata b/.glib2.metadata new file mode 100644 index 0000000..e25d515 --- /dev/null +++ b/.glib2.metadata @@ -0,0 +1 @@ +4064eb1eb5ff626c211e86bc939f8b743ceafaba SOURCES/glib-2.56.4.tar.xz diff --git a/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch b/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch new file mode 100644 index 0000000..5bfd8ba --- /dev/null +++ b/SOURCES/0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch @@ -0,0 +1,170 @@ +From ee502dbbe89a5976c32eb8863c9a9d274ddb60e1 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 14 Oct 2019 08:47:39 +0100 +Subject: [PATCH] GDBus: prefer getsockopt()-style credentials-passing APIs + +Conceptually, a D-Bus server is really trying to determine the credentials +of (the process that initiated) a connection, not the credentials that +the process had when it sent a particular message. Ideally, it does +this with a getsockopt()-style API that queries the credentials of the +connection's initiator without requiring any particular cooperation from +that process, avoiding a class of possible failures. + +The leading '\0' in the D-Bus protocol is primarily a workaround +for platforms where the message-based credentials-passing API is +strictly better than the getsockopt()-style API (for example, on +FreeBSD, SCM_CREDS includes a process ID but getpeereid() does not), +or where the getsockopt()-style API does not exist at all. As a result +libdbus, the reference implementation of D-Bus, does not implement +Linux SCM_CREDENTIALS at all - it has no reason to do so, because the +SO_PEERCRED socket option is equally informative. + +This change makes GDBusServer on Linux more closely match the behaviour +of libdbus. + +In particular, GNOME/glib#1831 indicates that when a libdbus client +connects to a GDBus server, recvmsg() sometimes yields a SCM_CREDENTIALS +message with cmsg_data={pid=0, uid=65534, gid=65534}. I think this is +most likely a race condition in the early steps to connect: + + client server + connect + accept + send '\0' <- race -> set SO_PASSCRED = 1 + receive '\0' + +If the server wins the race: + + client server + connect + accept + set SO_PASSCRED = 1 + send '\0' + receive '\0' + +then everything is fine. However, if the client wins the race: + + client server + connect + accept + send '\0' + set SO_PASSCRED = 1 + receive '\0' + +then the kernel does not record credentials for the message containing +'\0' (because SO_PASSCRED was 0 at the time). However, by the time the +server receives the message, the kernel knows that credentials are +desired. I would have expected the kernel to omit the credentials header +in this case, but it seems that instead, it synthesizes a credentials +structure with a dummy process ID 0, a dummy uid derived from +/proc/sys/kernel/overflowuid and a dummy gid derived from +/proc/sys/kernel/overflowgid. + +In an unconfigured GDBusServer, hitting this race condition results in +falling back to DBUS_COOKIE_SHA1 authentication, which in practice usually +succeeds in authenticating the peer's uid. However, we encourage AF_UNIX +servers on Unix platforms to allow only EXTERNAL authentication as a +security-hardening measure, because DBUS_COOKIE_SHA1 relies on a series +of assumptions including a cryptographically strong PRNG and a shared +home directory with no write access by others, which are not necessarily +true for all operating systems and users. EXTERNAL authentication will +fail if the server cannot determine the client's credentials. + +In particular, this caused a regression when CVE-2019-14822 was fixed +in ibus, which appears to be resolved by this commit. Qt clients +(which use libdbus) intermittently fail to connect to an ibus server +(which uses GDBusServer), because ibus no longer allows DBUS_COOKIE_SHA1 +authentication or non-matching uids. + +Signed-off-by: Simon McVittie +Closes: https://gitlab.gnome.org/GNOME/glib/issues/1831 +--- + gio/gcredentialsprivate.h | 18 ++++++++++++++++++ + gio/gdbusauth.c | 27 +++++++++++++++++++++++++-- + 2 files changed, 43 insertions(+), 2 deletions(-) + +diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h +index 06f0aed19..e9ec09b9f 100644 +--- a/gio/gcredentialsprivate.h ++++ b/gio/gcredentialsprivate.h +@@ -81,6 +81,18 @@ + */ + #undef G_CREDENTIALS_SPOOFING_SUPPORTED + ++/* ++ * G_CREDENTIALS_PREFER_MESSAGE_PASSING: ++ * ++ * Defined to 1 if the data structure transferred by the message-passing ++ * API is strictly more informative than the one transferred by the ++ * `getsockopt()`-style API, and hence should be preferred, even for ++ * protocols like D-Bus that are defined in terms of the credentials of ++ * the (process that opened the) socket, as opposed to the credentials ++ * of an individual message. ++ */ ++#undef G_CREDENTIALS_PREFER_MESSAGE_PASSING ++ + #ifdef __linux__ + #define G_CREDENTIALS_SUPPORTED 1 + #define G_CREDENTIALS_USE_LINUX_UCRED 1 +@@ -100,6 +112,12 @@ + #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred)) + #define G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED 1 + #define G_CREDENTIALS_SPOOFING_SUPPORTED 1 ++/* GLib doesn't implement it yet, but FreeBSD's getsockopt()-style API ++ * is getpeereid(), which is not as informative as struct cmsgcred - ++ * it does not tell us the PID. As a result, libdbus prefers to use ++ * SCM_CREDS, and if we implement getpeereid() in future, we should ++ * do the same. */ ++#define G_CREDENTIALS_PREFER_MESSAGE_PASSING 1 + + #elif defined(__NetBSD__) + #define G_CREDENTIALS_SUPPORTED 1 +diff --git a/gio/gdbusauth.c b/gio/gdbusauth.c +index 752ec23fc..14cc5d70e 100644 +--- a/gio/gdbusauth.c ++++ b/gio/gdbusauth.c +@@ -31,6 +31,7 @@ + #include "gdbusutils.h" + #include "gioenumtypes.h" + #include "gcredentials.h" ++#include "gcredentialsprivate.h" + #include "gdbusprivate.h" + #include "giostream.h" + #include "gdatainputstream.h" +@@ -969,9 +970,31 @@ _g_dbus_auth_run_server (GDBusAuth *auth, + + g_data_input_stream_set_newline_type (dis, G_DATA_STREAM_NEWLINE_TYPE_CR_LF); + +- /* first read the NUL-byte */ ++ /* read the NUL-byte, possibly with credentials attached */ + #ifdef G_OS_UNIX +- if (G_IS_UNIX_CONNECTION (auth->priv->stream)) ++#ifndef G_CREDENTIALS_PREFER_MESSAGE_PASSING ++ if (G_IS_SOCKET_CONNECTION (auth->priv->stream)) ++ { ++ GSocket *sock = g_socket_connection_get_socket (G_SOCKET_CONNECTION (auth->priv->stream)); ++ ++ local_error = NULL; ++ credentials = g_socket_get_credentials (sock, &local_error); ++ ++ if (credentials == NULL && !g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED)) ++ { ++ g_propagate_error (error, local_error); ++ goto out; ++ } ++ else ++ { ++ /* Clear the error indicator, so we can retry with ++ * g_unix_connection_receive_credentials() if necessary */ ++ g_clear_error (&local_error); ++ } ++ } ++#endif ++ ++ if (credentials == NULL && G_IS_UNIX_CONNECTION (auth->priv->stream)) + { + local_error = NULL; + credentials = g_unix_connection_receive_credentials (G_UNIX_CONNECTION (auth->priv->stream), +-- +2.23.0 + diff --git a/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch b/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch new file mode 100644 index 0000000..7a2aea3 --- /dev/null +++ b/SOURCES/0001-build-sys-Pass-CFLAGS-to-DTRACE.patch @@ -0,0 +1,56 @@ +From d7233ef81e575e84d831414605ba6368394d88b5 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Mon, 15 Oct 2018 21:50:31 +0000 +Subject: [PATCH] build-sys: Pass CFLAGS to $(DTRACE) + +Fedora is using https://fedoraproject.org/wiki/Changes/Annobin +to try to ensure that all objects are built with hardening flags. +Pass down `CFLAGS` to ensure the SystemTap objects use them. +--- + gio/Makefile.am | 2 +- + glib/Makefile.am | 2 +- + gobject/Makefile.am | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/gio/Makefile.am b/gio/Makefile.am +index fc0b91855..05b20cdef 100644 +--- a/gio/Makefile.am ++++ b/gio/Makefile.am +@@ -896,7 +896,7 @@ gio_probes.h: gio_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + gio_probes.lo: gio_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += gio_probes.h gio_probes.lo + CLEANFILES += gio_probes.h gio_probes.h.tmp +diff --git a/glib/Makefile.am b/glib/Makefile.am +index 90d33d082..39163aa7f 100644 +--- a/glib/Makefile.am ++++ b/glib/Makefile.am +@@ -386,7 +386,7 @@ glib_probes.h: glib_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + glib_probes.lo: glib_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += glib_probes.h glib_probes.lo + CLEANFILES += glib_probes.h glib_probes.h.tmp +diff --git a/gobject/Makefile.am b/gobject/Makefile.am +index 4c28acdff..78748e96c 100644 +--- a/gobject/Makefile.am ++++ b/gobject/Makefile.am +@@ -119,7 +119,7 @@ gobject_probes.h: gobject_probes.d + < $@.tmp > $@ && rm -f $@.tmp + + gobject_probes.lo: gobject_probes.d +- $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC $(DTRACE) -G -s $< -o $@ ++ $(AM_V_GEN) $(LIBTOOL) --mode=compile $(AM_V_lt) --tag=CC env CFLAGS="$(CFLAGS)" $(DTRACE) -G -s $< -o $@ + + BUILT_SOURCES += gobject_probes.h gobject_probes.lo + CLEANFILES += gobject_probes.h +-- +2.21.0 + diff --git a/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch b/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch new file mode 100644 index 0000000..eb5ed23 --- /dev/null +++ b/SOURCES/0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch @@ -0,0 +1,100 @@ +From 64b76c7ca5cf5b4ede2f4b423114f46141890e1e Mon Sep 17 00:00:00 2001 +From: Robert Ancell +Date: Fri, 7 Sep 2018 10:19:05 +1200 +Subject: [PATCH] codegen: Change pointer casting to remove type-punning + warnings + +The existing code was generating code with undefined results that modern compilers warn about: + +accounts-generated.c:204:23: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] + (GDBusArgInfo **) &_accounts_accounts_method_info_list_cached_users_OUT_ARG_pointers, +--- + gio/gdbus-2.0/codegen/codegen.py | 22 +++++++++++----------- + 1 file changed, 11 insertions(+), 11 deletions(-) + +diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py +index e74131cdb..0d95cdcda 100644 +--- a/gio/gdbus-2.0/codegen/codegen.py ++++ b/gio/gdbus-2.0/codegen/codegen.py +@@ -1129,10 +1129,10 @@ class CodeGenerator: + '\n') + + if len(args) > 0: +- self.outfile.write('static const _ExtendedGDBusArgInfo * const %s_pointers[] =\n' ++ self.outfile.write('static const GDBusArgInfo * const %s_pointers[] =\n' + '{\n'%(prefix)) + for a in args: +- self.outfile.write(' &%s_%s,\n'%(prefix, a.name)) ++ self.outfile.write(' &%s_%s.parent_struct,\n'%(prefix, a.name)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1175,10 +1175,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusMethodInfo * const _%s_method_info_pointers[] =\n' ++ self.outfile.write('static const GDBusMethodInfo * const _%s_method_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for m in i.methods: +- self.outfile.write(' &_%s_method_info_%s,\n'%(i.name_lower, m.name_lower)) ++ self.outfile.write(' &_%s_method_info_%s.parent_struct,\n'%(i.name_lower, m.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1209,10 +1209,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusSignalInfo * const _%s_signal_info_pointers[] =\n' ++ self.outfile.write('static const GDBusSignalInfo * const _%s_signal_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for s in i.signals: +- self.outfile.write(' &_%s_signal_info_%s,\n'%(i.name_lower, s.name_lower)) ++ self.outfile.write(' &_%s_signal_info_%s.parent_struct,\n'%(i.name_lower, s.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1251,10 +1251,10 @@ class CodeGenerator: + self.outfile.write('};\n' + '\n') + +- self.outfile.write('static const _ExtendedGDBusPropertyInfo * const _%s_property_info_pointers[] =\n' ++ self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for p in i.properties: +- self.outfile.write(' &_%s_property_info_%s,\n'%(i.name_lower, p.name_lower)) ++ self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') +@@ -1948,7 +1948,7 @@ class CodeGenerator: + self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' + ' GVariant *variant;\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' +- ' info = _%s_property_info_pointers[prop_id - 1];\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' variant = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (object), info->parent_struct.name);\n' + ' if (info->use_gvariant)\n' + ' {\n' +@@ -2001,7 +2001,7 @@ class CodeGenerator: + self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' + ' GVariant *variant;\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' +- ' info = _%s_property_info_pointers[prop_id - 1];\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' variant = g_dbus_gvalue_to_gvariant (value, G_VARIANT_TYPE (info->parent_struct.signature));\n' + ' g_dbus_proxy_call (G_DBUS_PROXY (object),\n' + ' "org.freedesktop.DBus.Properties.Set",\n' +@@ -2887,7 +2887,7 @@ class CodeGenerator: + ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' + ' {\n' + ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' +- ' _%s_schedule_emit_changed (skeleton, _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' ++ ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_object_notify_by_pspec (object, pspec);\n' + ' }\n' +-- +2.19.1 + diff --git a/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch b/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch new file mode 100644 index 0000000..764d407 --- /dev/null +++ b/SOURCES/0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch @@ -0,0 +1,118 @@ +From 1485a97d8051b0aa047987f7b0c0bfe4ba4ce55b Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Fri, 18 Oct 2019 10:55:09 +0100 +Subject: [PATCH] credentials: Invalid Linux struct ucred means "no + information" + +On Linux, if getsockopt SO_PEERCRED is used on a TCP socket, one +might expect it to fail with an appropriate error like ENOTSUP or +EPROTONOSUPPORT. However, it appears that in fact it succeeds, but +yields a credentials structure with pid 0, uid -1 and gid -1. These +are not real process, user and group IDs that can be allocated to a +real process (pid 0 needs to be reserved to give kill(0) its documented +special semantics, and similarly uid and gid -1 need to be reserved for +setresuid() and setresgid()) so it is not meaningful to signal them to +high-level API users. + +An API user with Linux-specific knowledge can still inspect these fields +via g_credentials_get_native() if desired. + +Similarly, if SO_PASSCRED is used to receive a SCM_CREDENTIALS message +on a receiving Unix socket, but the sending socket had not enabled +SO_PASSCRED at the time that the message was sent, it is possible +for it to succeed but yield a credentials structure with pid 0, uid +/proc/sys/kernel/overflowuid and gid /proc/sys/kernel/overflowgid. Even +if we were to read those pseudo-files, we cannot distinguish between +the overflow IDs and a real process that legitimately has the same IDs +(typically they are set to 'nobody' and 'nogroup', which can be used +by a real process), so we detect this situation by noticing that +pid == 0, and to save syscalls we do not read the overflow IDs from +/proc at all. + +This results in a small API change: g_credentials_is_same_user() now +returns FALSE if we compare two credentials structures that are both +invalid. This seems like reasonable, conservative behaviour: if we cannot +prove that they are the same user, we should assume they are not. + +Signed-off-by: Simon McVittie +--- + gio/gcredentials.c | 42 +++++++++++++++++++++++++++++++++++++++--- + 1 file changed, 39 insertions(+), 3 deletions(-) + +diff --git a/gio/gcredentials.c b/gio/gcredentials.c +index c350e3c88..c4794ded7 100644 +--- a/gio/gcredentials.c ++++ b/gio/gcredentials.c +@@ -265,6 +265,35 @@ g_credentials_to_string (GCredentials *credentials) + + /* ---------------------------------------------------------------------------------------------------- */ + ++#if G_CREDENTIALS_USE_LINUX_UCRED ++/* ++ * Check whether @native contains invalid data. If getsockopt SO_PEERCRED ++ * is used on a TCP socket, it succeeds but yields a credentials structure ++ * with pid 0, uid -1 and gid -1. Similarly, if SO_PASSCRED is used on a ++ * receiving Unix socket when the sending socket did not also enable ++ * SO_PASSCRED, it can succeed but yield a credentials structure with ++ * pid 0, uid /proc/sys/kernel/overflowuid and gid ++ * /proc/sys/kernel/overflowgid. ++ */ ++static gboolean ++linux_ucred_check_valid (struct ucred *native, ++ GError **error) ++{ ++ if (native->pid == 0 ++ || native->uid == -1 ++ || native->gid == -1) ++ { ++ g_set_error_literal (error, ++ G_IO_ERROR, ++ G_IO_ERROR_INVALID_DATA, ++ _("GCredentials contains invalid data")); ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++#endif ++ + /** + * g_credentials_is_same_user: + * @credentials: A #GCredentials. +@@ -294,7 +323,8 @@ g_credentials_is_same_user (GCredentials *credentials, + + ret = FALSE; + #if G_CREDENTIALS_USE_LINUX_UCRED +- if (credentials->native.uid == other_credentials->native.uid) ++ if (linux_ucred_check_valid (&credentials->native, NULL) ++ && credentials->native.uid == other_credentials->native.uid) + ret = TRUE; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + if (credentials->native.cmcred_euid == other_credentials->native.cmcred_euid) +@@ -453,7 +483,10 @@ g_credentials_get_unix_user (GCredentials *credentials, + g_return_val_if_fail (error == NULL || *error == NULL, -1); + + #if G_CREDENTIALS_USE_LINUX_UCRED +- ret = credentials->native.uid; ++ if (linux_ucred_check_valid (&credentials->native, error)) ++ ret = credentials->native.uid; ++ else ++ ret = -1; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + ret = credentials->native.cmcred_euid; + #elif G_CREDENTIALS_USE_NETBSD_UNPCBID +@@ -499,7 +532,10 @@ g_credentials_get_unix_pid (GCredentials *credentials, + g_return_val_if_fail (error == NULL || *error == NULL, -1); + + #if G_CREDENTIALS_USE_LINUX_UCRED +- ret = credentials->native.pid; ++ if (linux_ucred_check_valid (&credentials->native, error)) ++ ret = credentials->native.pid; ++ else ++ ret = -1; + #elif G_CREDENTIALS_USE_FREEBSD_CMSGCRED + ret = credentials->native.cmcred_pid; + #elif G_CREDENTIALS_USE_NETBSD_UNPCBID +-- +2.23.0 + diff --git a/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch b/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch new file mode 100644 index 0000000..fe37025 --- /dev/null +++ b/SOURCES/0001-gcredentialsprivate-Document-the-various-private-mac.patch @@ -0,0 +1,83 @@ +From ef1035d9d86464ea0b5dde60a7a0e190895fdf5b Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 14 Oct 2019 08:22:24 +0100 +Subject: [PATCH] gcredentialsprivate: Document the various private macros + +Signed-off-by: Simon McVittie +--- + gio/gcredentialsprivate.h | 59 +++++++++++++++++++++++++++++++++++++++ + 1 file changed, 59 insertions(+) + +diff --git a/gio/gcredentialsprivate.h b/gio/gcredentialsprivate.h +index 4d1c420a8..06f0aed19 100644 +--- a/gio/gcredentialsprivate.h ++++ b/gio/gcredentialsprivate.h +@@ -22,6 +22,65 @@ + #include "gio/gcredentials.h" + #include "gio/gnetworking.h" + ++/* ++ * G_CREDENTIALS_SUPPORTED: ++ * ++ * Defined to 1 if GCredentials works. ++ */ ++#undef G_CREDENTIALS_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_USE_LINUX_UCRED, etc.: ++ * ++ * Defined to 1 if GCredentials uses Linux `struct ucred`, etc. ++ */ ++#undef G_CREDENTIALS_USE_LINUX_UCRED ++#undef G_CREDENTIALS_USE_FREEBSD_CMSGCRED ++#undef G_CREDENTIALS_USE_NETBSD_UNPCBID ++#undef G_CREDENTIALS_USE_OPENBSD_SOCKPEERCRED ++#undef G_CREDENTIALS_USE_SOLARIS_UCRED ++ ++/* ++ * G_CREDENTIALS_NATIVE_TYPE: ++ * ++ * Defined to one of G_CREDENTIALS_TYPE_LINUX_UCRED, etc. ++ */ ++#undef G_CREDENTIALS_NATIVE_TYPE ++ ++/* ++ * G_CREDENTIALS_NATIVE_SIZE: ++ * ++ * Defined to the size of the %G_CREDENTIALS_NATIVE_TYPE ++ */ ++#undef G_CREDENTIALS_NATIVE_SIZE ++ ++/* ++ * G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED: ++ * ++ * Defined to 1 if we have a message-passing API in which credentials ++ * are attached to a particular message, such as `SCM_CREDENTIALS` on Linux ++ * or `SCM_CREDS` on FreeBSD. ++ */ ++#undef G_CREDENTIALS_UNIX_CREDENTIALS_MESSAGE_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED: ++ * ++ * Defined to 1 if we have a `getsockopt()`-style API in which one end of ++ * a socket connection can directly query the credentials of the process ++ * that initiated the other end, such as `getsockopt SO_PEERCRED` on Linux ++ * or `getpeereid()` on multiple operating systems. ++ */ ++#undef G_CREDENTIALS_SOCKET_GET_CREDENTIALS_SUPPORTED ++ ++/* ++ * G_CREDENTIALS_SPOOFING_SUPPORTED: ++ * ++ * Defined to 1 if privileged processes can spoof their credentials when ++ * using the message-passing API. ++ */ ++#undef G_CREDENTIALS_SPOOFING_SUPPORTED ++ + #ifdef __linux__ + #define G_CREDENTIALS_SUPPORTED 1 + #define G_CREDENTIALS_USE_LINUX_UCRED 1 +-- +2.23.0 + diff --git a/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch b/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch new file mode 100644 index 0000000..09e2c84 --- /dev/null +++ b/SOURCES/0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch @@ -0,0 +1,613 @@ +From aea538fe703652fd0a39b2ac9185133849cfdcc4 Mon Sep 17 00:00:00 2001 +From: Thomas Jost +Date: Thu, 13 Dec 2018 03:06:02 -0800 +Subject: [PATCH] gdbus-codegen: honor "Property.EmitsChangedSignal" + annotations + +Co-Authored-by: Andy Holmes +--- + gio/gdbus-2.0/codegen/codegen.py | 18 ++++++++++----- + gio/gdbus-2.0/codegen/dbustypes.py | 7 ++++++ + gio/tests/gdbus-test-codegen.c | 36 +++++++++++++++++++++++++----- + gio/tests/test-codegen.xml | 6 +++++ + 4 files changed, 56 insertions(+), 11 deletions(-) + +diff --git a/gio/gdbus-2.0/codegen/codegen.py b/gio/gdbus-2.0/codegen/codegen.py +index f6892af95..442bd3f5d 100644 +--- a/gio/gdbus-2.0/codegen/codegen.py ++++ b/gio/gdbus-2.0/codegen/codegen.py +@@ -638,61 +638,62 @@ class CodeGenerator: + '# include \n' + '#endif\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusArgInfo parent_struct;\n' + ' gboolean use_gvariant;\n' + '} _ExtendedGDBusArgInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusMethodInfo parent_struct;\n' + ' const gchar *signal_name;\n' + ' gboolean pass_fdlist;\n' + '} _ExtendedGDBusMethodInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusSignalInfo parent_struct;\n' + ' const gchar *signal_name;\n' + '} _ExtendedGDBusSignalInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusPropertyInfo parent_struct;\n' + ' const gchar *hyphen_name;\n' +- ' gboolean use_gvariant;\n' ++ ' guint use_gvariant : 1;\n' ++ ' guint emits_changed_signal : 1;\n' + '} _ExtendedGDBusPropertyInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' GDBusInterfaceInfo parent_struct;\n' + ' const gchar *hyphen_name;\n' + '} _ExtendedGDBusInterfaceInfo;\n' + '\n') + + self.outfile.write('typedef struct\n' + '{\n' + ' const _ExtendedGDBusPropertyInfo *info;\n' + ' guint prop_id;\n' + ' GValue orig_value; /* the value before the change */\n' + '} ChangedProperty;\n' + '\n' + 'static void\n' + '_changed_property_free (ChangedProperty *data)\n' + '{\n' + ' g_value_unset (&data->orig_value);\n' + ' g_free (data);\n' + '}\n' + '\n') + + self.outfile.write('static gboolean\n' + '_g_strv_equal0 (gchar **a, gchar **b)\n' + '{\n' + ' gboolean ret = FALSE;\n' + ' guint n;\n' +@@ -933,63 +934,67 @@ class CodeGenerator: + '\n') + + # --- + + if len(i.properties) > 0: + for p in i.properties: + if p.readable and p.writable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE | G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' + elif p.readable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_READABLE' + elif p.writable: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_WRITABLE' + else: + access = 'G_DBUS_PROPERTY_INFO_FLAGS_NONE' + num_anno = self.generate_annotations('_%s_property_%s_annotation_info'%(i.name_lower, p.name_lower), p.annotations) + self.outfile.write('static const _ExtendedGDBusPropertyInfo _%s_property_info_%s =\n' + '{\n' + ' {\n' + ' -1,\n' + ' (gchar *) "%s",\n' + ' (gchar *) "%s",\n' + ' %s,\n'%(i.name_lower, p.name_lower, p.name, p.arg.signature, access)) + if num_anno == 0: + self.outfile.write(' NULL\n') + else: + self.outfile.write(' (GDBusAnnotationInfo **) &_%s_property_%s_annotation_info_pointers\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' },\n' + ' "%s",\n' + %(p.name_hyphen)) + if not utils.lookup_annotation(p.annotations, 'org.gtk.GDBus.C.ForceGVariant'): +- self.outfile.write(' FALSE\n') ++ self.outfile.write(' FALSE,\n') + else: ++ self.outfile.write(' TRUE,\n') ++ if p.emits_changed_signal: + self.outfile.write(' TRUE\n') ++ else: ++ self.outfile.write(' FALSE\n') + self.outfile.write('};\n' + '\n') + + self.outfile.write('static const GDBusPropertyInfo * const _%s_property_info_pointers[] =\n' + '{\n'%(i.name_lower)) + for p in i.properties: + self.outfile.write(' &_%s_property_info_%s.parent_struct,\n'%(i.name_lower, p.name_lower)) + self.outfile.write(' NULL\n' + '};\n' + '\n') + + num_anno = self.generate_annotations('_%s_annotation_info'%(i.name_lower), i.annotations) + self.outfile.write('static const _ExtendedGDBusInterfaceInfo _%s_interface_info =\n' + '{\n' + ' {\n' + ' -1,\n' + ' (gchar *) "%s",\n'%(i.name_lower, i.name)) + if len(i.methods) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusMethodInfo **) &_%s_method_info_pointers,\n'%(i.name_lower)) + if len(i.signals) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusSignalInfo **) &_%s_signal_info_pointers,\n'%(i.name_lower)) + if len(i.properties) == 0: + self.outfile.write(' NULL,\n') + else: + self.outfile.write(' (GDBusPropertyInfo **) &_%s_property_info_pointers,\n'%(i.name_lower)) + if num_anno == 0: +@@ -2568,68 +2573,71 @@ class CodeGenerator: + # this allows use of g_object_freeze_notify()/g_object_thaw_notify() ... + # This is useful when updating several properties from another thread than + # where the idle will be emitted from + self.outfile.write('static void\n' + '%s_skeleton_notify (GObject *object,\n' + ' GParamSpec *pspec G_GNUC_UNUSED)\n' + '{\n' + ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' + ' g_mutex_lock (&skeleton->priv->lock);\n' + ' if (skeleton->priv->changed_properties != NULL &&\n' + ' skeleton->priv->changed_properties_idle_source == NULL)\n' + ' {\n' + ' skeleton->priv->changed_properties_idle_source = g_idle_source_new ();\n' + ' g_source_set_priority (skeleton->priv->changed_properties_idle_source, G_PRIORITY_DEFAULT);\n' + ' g_source_set_callback (skeleton->priv->changed_properties_idle_source, _%s_emit_changed, g_object_ref (skeleton), (GDestroyNotify) g_object_unref);\n' + ' g_source_set_name (skeleton->priv->changed_properties_idle_source, "[generated] _%s_emit_changed");\n' + ' g_source_attach (skeleton->priv->changed_properties_idle_source, skeleton->priv->context);\n' + ' g_source_unref (skeleton->priv->changed_properties_idle_source);\n' + ' }\n' + ' g_mutex_unlock (&skeleton->priv->lock);\n' + '}\n' + '\n' + %(i.name_lower, i.camel_name, i.ns_upper, i.name_upper, i.name_lower, i.name_lower)) + + self.outfile.write('static void\n' + '%s_skeleton_set_property (GObject *object,\n' + ' guint prop_id,\n' + ' const GValue *value,\n' + ' GParamSpec *pspec)\n' + '{\n'%(i.name_lower)) +- self.outfile.write(' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' ++ self.outfile.write(' const _ExtendedGDBusPropertyInfo *info;\n' ++ ' %sSkeleton *skeleton = %s%s_SKELETON (object);\n' + ' g_assert (prop_id != 0 && prop_id - 1 < %d);\n' ++ ' info = (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1];\n' + ' g_mutex_lock (&skeleton->priv->lock);\n' + ' g_object_freeze_notify (object);\n' + ' if (!_g_value_equal (value, &skeleton->priv->properties[prop_id - 1]))\n' + ' {\n' +- ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL)\n' +- ' _%s_schedule_emit_changed (skeleton, (const _ExtendedGDBusPropertyInfo *) _%s_property_info_pointers[prop_id - 1], prop_id, &skeleton->priv->properties[prop_id - 1]);\n' ++ ' if (g_dbus_interface_skeleton_get_connection (G_DBUS_INTERFACE_SKELETON (skeleton)) != NULL &&\n' ++ ' info->emits_changed_signal)\n' ++ ' _%s_schedule_emit_changed (skeleton, info, prop_id, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_value_copy (value, &skeleton->priv->properties[prop_id - 1]);\n' + ' g_object_notify_by_pspec (object, pspec);\n' + ' }\n' + ' g_mutex_unlock (&skeleton->priv->lock);\n' + ' g_object_thaw_notify (object);\n' + %(i.camel_name, i.ns_upper, i.name_upper, len(i.properties), i.name_lower, i.name_lower)) + self.outfile.write('}\n' + '\n') + + self.outfile.write('static void\n' + '%s_skeleton_init (%sSkeleton *skeleton)\n' + '{\n' + '#if GLIB_VERSION_MAX_ALLOWED >= GLIB_VERSION_2_38\n' + ' skeleton->priv = %s_skeleton_get_instance_private (skeleton);\n' + '#else\n' + ' skeleton->priv = G_TYPE_INSTANCE_GET_PRIVATE (skeleton, %sTYPE_%s_SKELETON, %sSkeletonPrivate);\n' + '#endif\n\n' + %(i.name_lower, i.camel_name, + i.name_lower, + i.ns_upper, i.name_upper, i.camel_name)) + self.outfile.write(' g_mutex_init (&skeleton->priv->lock);\n') + self.outfile.write(' skeleton->priv->context = g_main_context_ref_thread_default ();\n') + if len(i.properties) > 0: + self.outfile.write(' skeleton->priv->properties = g_new0 (GValue, %d);\n'%(len(i.properties))) + n = 0 + for p in i.properties: + self.outfile.write(' g_value_init (&skeleton->priv->properties[%d], %s);\n'%(n, p.arg.gtype)) + n += 1 + self.outfile.write('}\n' + '\n') +diff --git a/gio/gdbus-2.0/codegen/dbustypes.py b/gio/gdbus-2.0/codegen/dbustypes.py +index bfc69f596..359880ff7 100644 +--- a/gio/gdbus-2.0/codegen/dbustypes.py ++++ b/gio/gdbus-2.0/codegen/dbustypes.py +@@ -300,89 +300,96 @@ class Signal: + arg_count = 0 + for a in self.args: + a.post_process(interface_prefix, cns, cns_upper, cns_lower, arg_count) + arg_count += 1 + + if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': + self.deprecated = True + + class Property: + def __init__(self, name, signature, access): + self.name = name + self.signature = signature + self.access = access + self.annotations = [] + self.arg = Arg('value', self.signature) + self.arg.annotations = self.annotations + self.readable = False + self.writable = False + if self.access == 'readwrite': + self.readable = True + self.writable = True + elif self.access == 'read': + self.readable = True + elif self.access == 'write': + self.writable = True + else: + print_error('Invalid access type "{}"'.format(self.access)) + self.doc_string = '' + self.since = '' + self.deprecated = False ++ self.emits_changed_signal = True + + def post_process(self, interface_prefix, cns, cns_upper, cns_lower, containing_iface): + if len(self.doc_string) == 0: + self.doc_string = utils.lookup_docs(self.annotations) + if len(self.since) == 0: + self.since = utils.lookup_since(self.annotations) + if len(self.since) == 0: + self.since = containing_iface.since + + name = self.name + overridden_name = utils.lookup_annotation(self.annotations, 'org.gtk.GDBus.C.Name') + if utils.is_ugly_case(overridden_name): + self.name_lower = overridden_name.lower() + else: + if overridden_name: + name = overridden_name + self.name_lower = utils.camel_case_to_uscore(name).lower().replace('-', '_') + self.name_hyphen = self.name_lower.replace('_', '-') + # don't clash with the GType getter, e.g.: GType foo_bar_get_type (void); G_GNUC_CONST + if self.name_lower == 'type': + self.name_lower = 'type_' + + # recalculate arg + self.arg.annotations = self.annotations + self.arg.post_process(interface_prefix, cns, cns_upper, cns_lower, 0) + + if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Deprecated') == 'true': + self.deprecated = True + ++ # FIXME: for now we only support 'false' and 'const' on the signal itself, see #674913 and ++ # http://dbus.freedesktop.org/doc/dbus-specification.html#introspection-format ++ # for details ++ if utils.lookup_annotation(self.annotations, 'org.freedesktop.DBus.Property.EmitsChangedSignal') in ('false', 'const'): ++ self.emits_changed_signal = False ++ + class Interface: + def __init__(self, name): + self.name = name + self.methods = [] + self.signals = [] + self.properties = [] + self.annotations = [] + self.doc_string = '' + self.doc_string_brief = '' + self.since = '' + self.deprecated = False + + def post_process(self, interface_prefix, c_namespace): + if len(self.doc_string) == 0: + self.doc_string = utils.lookup_docs(self.annotations) + if len(self.doc_string_brief) == 0: + self.doc_string_brief = utils.lookup_brief_docs(self.annotations) + if len(self.since) == 0: + self.since = utils.lookup_since(self.annotations) + + if len(c_namespace) > 0: + if utils.is_ugly_case(c_namespace): + cns = c_namespace.replace('_', '') + cns_upper = c_namespace.upper() + '_' + cns_lower = c_namespace.lower() + '_' + else: + cns = c_namespace + cns_upper = utils.camel_case_to_uscore(c_namespace).upper() + '_' + cns_lower = utils.camel_case_to_uscore(c_namespace).lower() + '_' + else: +diff --git a/gio/tests/gdbus-test-codegen.c b/gio/tests/gdbus-test-codegen.c +index 1c4e83c4c..c906d05ae 100644 +--- a/gio/tests/gdbus-test-codegen.c ++++ b/gio/tests/gdbus-test-codegen.c +@@ -1740,103 +1740,127 @@ on_object_proxy_added (GDBusObjectManagerClient *manager, + gpointer user_data) + { + OMData *om_data = user_data; + om_data->num_object_proxy_added_signals += 1; + g_signal_connect (object_proxy, + "interface-added", + G_CALLBACK (on_interface_added), + om_data); + g_signal_connect (object_proxy, + "interface-removed", + G_CALLBACK (on_interface_removed), + om_data); + } + + static void + on_object_proxy_removed (GDBusObjectManagerClient *manager, + GDBusObjectProxy *object_proxy, + gpointer user_data) + { + OMData *om_data = user_data; + om_data->num_object_proxy_removed_signals += 1; + g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, + G_CALLBACK (on_interface_added), + om_data), ==, 1); + g_assert_cmpint (g_signal_handlers_disconnect_by_func (object_proxy, + G_CALLBACK (on_interface_removed), + om_data), ==, 1); + } + + static void +-property_d_changed (GObject *object, +- GParamSpec *pspec, +- gpointer user_data) ++property_changed (GObject *object, ++ GParamSpec *pspec, ++ gpointer user_data) + { + gboolean *changed = user_data; + + *changed = TRUE; + } + + static void + om_check_property_and_signal_emission (GMainLoop *loop, + FooiGenBar *skeleton, + FooiGenBar *proxy) + { + gboolean d_changed = FALSE; ++ gboolean quiet_changed = FALSE; ++ gboolean quiet_too_changed = FALSE; + guint handler; + + /* First PropertiesChanged */ + g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 0); + g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 0); + foo_igen_bar_set_i (skeleton, 1); + _g_assert_property_notify (proxy, "i"); + g_assert_cmpint (foo_igen_bar_get_i (skeleton), ==, 1); + g_assert_cmpint (foo_igen_bar_get_i (proxy), ==, 1); + + /* Double-check the gdouble case */ + g_assert_cmpfloat (foo_igen_bar_get_d (skeleton), ==, 0.0); + g_assert_cmpfloat (foo_igen_bar_get_d (proxy), ==, 0.0); + foo_igen_bar_set_d (skeleton, 1.0); + _g_assert_property_notify (proxy, "d"); + + /* Verify that re-setting it to the same value doesn't cause a + * notify on the proxy, by taking advantage of the fact that + * notifications are serialized. + */ + handler = g_signal_connect (proxy, "notify::d", +- G_CALLBACK (property_d_changed), &d_changed); ++ G_CALLBACK (property_changed), &d_changed); + foo_igen_bar_set_d (skeleton, 1.0); + foo_igen_bar_set_i (skeleton, 2); + _g_assert_property_notify (proxy, "i"); + g_assert (d_changed == FALSE); + g_signal_handler_disconnect (proxy, handler); + ++ /* Verify that re-setting a property with the "EmitsChangedSignal" ++ * set to false doesn't emit a signal. */ ++ handler = g_signal_connect (proxy, "notify::quiet", ++ G_CALLBACK (property_changed), &quiet_changed); ++ foo_igen_bar_set_quiet (skeleton, "hush!"); ++ foo_igen_bar_set_i (skeleton, 3); ++ _g_assert_property_notify (proxy, "i"); ++ g_assert (quiet_changed == FALSE); ++ g_assert_cmpstr (foo_igen_bar_get_quiet (skeleton), ==, "hush!"); ++ g_signal_handler_disconnect (proxy, handler); ++ ++ /* Also verify that re-setting a property with the "EmitsChangedSignal" ++ * set to 'const' doesn't emit a signal. */ ++ handler = g_signal_connect (proxy, "notify::quiet-too", ++ G_CALLBACK (property_changed), &quiet_changed); ++ foo_igen_bar_set_quiet_too (skeleton, "hush too!"); ++ foo_igen_bar_set_i (skeleton, 4); ++ _g_assert_property_notify (proxy, "i"); ++ g_assert (quiet_too_changed == FALSE); ++ g_assert_cmpstr (foo_igen_bar_get_quiet_too (skeleton), ==, "hush too!"); ++ g_signal_handler_disconnect (proxy, handler); ++ + /* Then just a regular signal */ + foo_igen_bar_emit_another_signal (skeleton, "word"); + _g_assert_signal_received (proxy, "another-signal"); + } + + static void + check_object_manager (void) + { + FooiGenObjectSkeleton *o = NULL; + FooiGenObjectSkeleton *o2 = NULL; + FooiGenObjectSkeleton *o3 = NULL; + GDBusInterfaceSkeleton *i; + GDBusConnection *c; + GDBusObjectManagerServer *manager = NULL; + GDBusNodeInfo *info; + GError *error; + GMainLoop *loop; + OMData *om_data = NULL; + guint om_signal_id = -1; + GDBusObjectManager *pm = NULL; + GList *object_proxies; + GList *proxies; + GDBusObject *op; + GDBusProxy *p; + FooiGenBar *bar_skeleton; + GDBusInterface *iface; + gchar *path, *name, *name_owner; + GDBusConnection *c2; + GDBusObjectManagerClientFlags flags; + +@@ -2124,73 +2148,73 @@ check_object_manager (void) + "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}},)"); + + /* -------------------------------------------------- */ + + /* create a new object with two interfaces */ + o2 = foo_igen_object_skeleton_new ("/managed/second"); + i = G_DBUS_INTERFACE_SKELETON (foo_igen_bar_skeleton_new ()); + bar_skeleton = FOO_IGEN_BAR (i); /* save for later test */ + foo_igen_object_skeleton_set_bar (o2, FOO_IGEN_BAR (i)); + g_clear_object (&i); + i = G_DBUS_INTERFACE_SKELETON (foo_igen_bat_skeleton_new ()); + foo_igen_object_skeleton_set_bat (o2, FOO_IGEN_BAT (i)); + g_clear_object (&i); + /* ... add it */ + g_dbus_object_manager_server_export (manager, G_DBUS_OBJECT_SKELETON (o2)); + /* ... check we get the InterfacesAdded with _two_ interfaces */ + om_data->state = 101; + g_main_loop_run (om_data->loop); + g_assert_cmpint (om_data->state, ==, 102); + g_assert_cmpint (om_data->num_object_proxy_added_signals, ==, 5); + g_assert_cmpint (om_data->num_object_proxy_removed_signals, ==, 3); + g_assert_cmpint (om_data->num_interface_added_signals, ==, 1); + g_assert_cmpint (om_data->num_interface_removed_signals, ==, 1); + + /* -------------------------------------------------- */ + + /* Now that we have a couple of objects with interfaces, check + * that ObjectManager.GetManagedObjects() works + */ + om_check_get_all (c, loop, +- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); ++ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); + + /* Set connection to NULL, causing everything to be unexported.. verify this.. and + * then set the connection back.. and then check things still work + */ + g_dbus_object_manager_server_set_connection (manager, NULL); + info = introspect (c, g_dbus_connection_get_unique_name (c), "/managed", loop); + g_assert_cmpint (count_interfaces (info), ==, 0); /* nothing */ + g_dbus_node_info_unref (info); + + g_dbus_object_manager_server_set_connection (manager, c); + om_check_get_all (c, loop, +- "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); ++ "({objectpath '/managed/first': {'com.acme.Coyote': {'Mood': <''>}}, '/managed/second': {'org.project.Bar': {'y': , 'b': , 'n': , 'q': , 'i': <0>, 'u': , 'x': , 't': , 'd': <0.0>, 's': <''>, 'o': , 'g': , 'ay': , 'as': <@as []>, 'aay': <@aay []>, 'ao': <@ao []>, 'ag': <@ag []>, 'FinallyNormalName': <''>, 'ReadonlyProperty': <''>, 'quiet': <''>, 'quiet_too': <''>, 'unset_i': <0>, 'unset_d': <0.0>, 'unset_s': <''>, 'unset_o': , 'unset_g': , 'unset_ay': , 'unset_as': <@as []>, 'unset_ao': <@ao []>, 'unset_ag': <@ag []>, 'unset_struct': <(0, 0.0, '', objectpath '/', signature '', @ay [], @as [], @ao [], @ag [])>}, 'org.project.Bat': {'force_i': <0>, 'force_s': <''>, 'force_ay': <@ay []>, 'force_struct': <(0,)>}}},)"); + + /* Also check that the ObjectManagerClient returns these objects - and + * that they are of the right GType cf. what was requested via + * the generated ::get-proxy-type signal handler + */ + object_proxies = g_dbus_object_manager_get_objects (pm); + g_assert (g_list_length (object_proxies) == 2); + g_list_free_full (object_proxies, g_object_unref); + op = g_dbus_object_manager_get_object (pm, "/managed/first"); + g_assert (op != NULL); + g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); + g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/first"); + proxies = g_dbus_object_get_interfaces (op); + g_assert (g_list_length (proxies) == 1); + g_list_free_full (proxies, g_object_unref); + p = G_DBUS_PROXY (foo_igen_object_get_com_acme_coyote (FOO_IGEN_OBJECT (op))); + g_assert (p != NULL); + g_assert_cmpint (G_TYPE_FROM_INSTANCE (p), ==, FOO_IGEN_TYPE_COM_ACME_COYOTE_PROXY); + g_assert (g_type_is_a (G_TYPE_FROM_INSTANCE (p), FOO_IGEN_TYPE_COM_ACME_COYOTE)); + g_clear_object (&p); + p = (GDBusProxy *) g_dbus_object_get_interface (op, "org.project.NonExisting"); + g_assert (p == NULL); + g_clear_object (&op); + + /* -- */ + op = g_dbus_object_manager_get_object (pm, "/managed/second"); + g_assert (op != NULL); + g_assert (FOO_IGEN_IS_OBJECT_PROXY (op)); + g_assert_cmpstr (g_dbus_object_get_object_path (op), ==, "/managed/second"); + proxies = g_dbus_object_get_interfaces (op); +diff --git a/gio/tests/test-codegen.xml b/gio/tests/test-codegen.xml +index 885a21f77..39d8769c7 100644 +--- a/gio/tests/test-codegen.xml ++++ b/gio/tests/test-codegen.xml +@@ -79,60 +79,66 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ++ ++ ++ ++ ++ ++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +-- +2.21.0 + diff --git a/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch b/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch new file mode 100644 index 0000000..8ac8b87 --- /dev/null +++ b/SOURCES/0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch @@ -0,0 +1,27 @@ +From fe803a6da0c7d73cd689d905258847384e11d1fd Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 17 Dec 2018 14:36:07 -0500 +Subject: [PATCH] gdbus unix addresses test: don't g_debug when also testing + stdout + +At the moment the gdbus-unix-addresses test will fail if +G_MESSAGES_DEBUG is set, since the test checks stdout, and the +test has a g_debug call. + +This commit drops the g_debug call, which isn't that useful anyway. +--- + gio/tests/gdbus-unix-addresses.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/gio/tests/gdbus-unix-addresses.c b/gio/tests/gdbus-unix-addresses.c +index e08328711..d020edd06 100644 +--- a/gio/tests/gdbus-unix-addresses.c ++++ b/gio/tests/gdbus-unix-addresses.c +@@ -106,7 +106,6 @@ set_up_mock_dbus_launch (void) + { + path = g_strconcat (g_test_get_dir (G_TEST_BUILT), ":", + g_getenv ("PATH"), NULL); +- g_debug ("PATH=%s", path); + g_setenv ("PATH", path, TRUE); + + /* libdbus won't even try X11 autolaunch if DISPLAY is unset; GDBus diff --git a/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch b/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch new file mode 100644 index 0000000..6c514e1 --- /dev/null +++ b/SOURCES/0001-gfile-Limit-access-to-files-when-copying.patch @@ -0,0 +1,53 @@ +From d8f8f4d637ce43f8699ba94c9b7648beda0ca174 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy +Date: Thu, 23 May 2019 10:41:53 +0200 +Subject: [PATCH] gfile: Limit access to files when copying + +file_copy_fallback creates new files with default permissions and +set the correct permissions after the operation is finished. This +might cause that the files can be accessible by more users during +the operation than expected. Use G_FILE_CREATE_PRIVATE for the new +files to limit access to those files. +--- + gio/gfile.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/gio/gfile.c b/gio/gfile.c +index 24b136d80..74b58047c 100644 +--- a/gio/gfile.c ++++ b/gio/gfile.c +@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, + out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), + FALSE, NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, +- info, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, info, + cancellable, error); + else + out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), +- FALSE, 0, info, ++ FALSE, G_FILE_CREATE_PRIVATE, info, + cancellable, error); + } + else if (flags & G_FILE_COPY_OVERWRITE) +@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, + out = (GOutputStream *)g_file_replace (destination, + NULL, + flags & G_FILE_COPY_BACKUP, +- G_FILE_CREATE_REPLACE_DESTINATION, ++ G_FILE_CREATE_REPLACE_DESTINATION | ++ G_FILE_CREATE_PRIVATE, + cancellable, error); + } + else + { +- out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); ++ out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); + } + + if (!out) +-- +2.21.0 + diff --git a/SOURCES/0001-spawn-add-shebang-line-to-script.patch b/SOURCES/0001-spawn-add-shebang-line-to-script.patch new file mode 100644 index 0000000..1352561 --- /dev/null +++ b/SOURCES/0001-spawn-add-shebang-line-to-script.patch @@ -0,0 +1,21 @@ +From 521f9605e0ab019ec9a493153ca0c8fe4267d665 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 17 Dec 2018 15:46:10 -0500 +Subject: [PATCH] spawn: add shebang line to script + +downstream tools get confused when the script is missing a shebang +line, and having a shebang line doesn't hurt, so add one. +--- + glib/tests/echo-script | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/glib/tests/echo-script b/glib/tests/echo-script +index c732ed910..b609f2d39 100755 +--- a/glib/tests/echo-script ++++ b/glib/tests/echo-script +@@ -1 +1,2 @@ ++#!/bin/sh + echo "echo" +-- +2.20.0 + diff --git a/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch b/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch new file mode 100644 index 0000000..9107242 --- /dev/null +++ b/SOURCES/0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch @@ -0,0 +1,96 @@ +From 85c4031696add9797e2334ced20678edcd96c869 Mon Sep 17 00:00:00 2001 +From: Mart Raudsepp +Date: Wed, 19 Dec 2018 16:22:21 +0200 +Subject: [PATCH 1/2] tests: Allocate gvariant data from the heap to guarantee + alignment + +On glib-2-58 branch we don't have !455, thus we need aligned data +for the gvariant tests to not fail on i686. + +Fixes #1626 +--- + glib/tests/gvariant.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c +index 6e417f6c1..a7b19826d 100644 +--- a/glib/tests/gvariant.c ++++ b/glib/tests/gvariant.c +@@ -4664,6 +4664,7 @@ test_stack_dict_init (void) + static void + test_normal_checking_tuples (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, + 'a', '(', 'a', 'o', 'a', 'o', 'a', 'a', 'o', 'a', 'a', 'o', ')' +@@ -4672,13 +4673,15 @@ test_normal_checking_tuples (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +@@ -4790,6 +4793,7 @@ test_recursion_limits_array_in_variant (void) + static void + test_normal_checking_array_offsets (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, 0x00, 0x00, + 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'a', 'g', +@@ -4798,13 +4802,15 @@ test_normal_checking_array_offsets (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +@@ -4838,6 +4844,7 @@ test_normal_checking_tuple_offsets (void) + static void + test_normal_checking_empty_object_path (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x20, 0x20, 0x00, 0x00, 0x00, 0x00, + '(', 'h', '(', 'a', 'i', 'a', 'b', 'i', 'o', ')', ')', +@@ -4846,13 +4853,15 @@ test_normal_checking_empty_object_path (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, size, + FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +-- +2.19.1 + diff --git a/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch b/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch new file mode 100644 index 0000000..6699c59 --- /dev/null +++ b/SOURCES/0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch @@ -0,0 +1,47 @@ +From 4ef58e5661849317a1110c9b93957f2c608677dd Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Thu, 3 Jan 2019 08:21:40 +0000 +Subject: [PATCH 2/2] gvariant test: Also force alignment for tuple test data + +glib!552 (commit 9eed22b3) fixed this for the tests that failed on i686, +but this additional test failed on Debian's s390x port +(IBM z/Architecture, 64-bit big-endian). + +Signed-off-by: Simon McVittie +--- + glib/tests/gvariant.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/glib/tests/gvariant.c b/glib/tests/gvariant.c +index a7b19826d..c4a996c1f 100644 +--- a/glib/tests/gvariant.c ++++ b/glib/tests/gvariant.c +@@ -4820,6 +4820,7 @@ test_normal_checking_array_offsets (void) + static void + test_normal_checking_tuple_offsets (void) + { ++ gpointer aligned_data; + const guint8 data[] = { + 0x07, 0xe5, 0x00, 0x07, 0x00, 0x07, + '(', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', 'a', 's', ')', +@@ -4828,13 +4829,15 @@ test_normal_checking_tuple_offsets (void) + GVariant *variant = NULL; + GVariant *normal_variant = NULL; + +- variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, data, size, +- FALSE, NULL, NULL); ++ aligned_data = g_memdup (data, size); /* guarantee alignment */ ++ variant = g_variant_new_from_data (G_VARIANT_TYPE_VARIANT, aligned_data, ++ size, FALSE, NULL, NULL); + g_assert_nonnull (variant); + + normal_variant = g_variant_get_normal_form (variant); + g_assert_nonnull (normal_variant); + ++ g_free (aligned_data); + g_variant_unref (normal_variant); + g_variant_unref (variant); + } +-- +2.19.1 + diff --git a/SOURCES/backport-per-desktop-overrides.patch b/SOURCES/backport-per-desktop-overrides.patch new file mode 100644 index 0000000..fa4572e --- /dev/null +++ b/SOURCES/backport-per-desktop-overrides.patch @@ -0,0 +1,658 @@ +From 5634fd61f17d28dfc05cd47cfbd2bd2f21e6d2b1 Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:06:03 +0100 +Subject: [PATCH 1/4] gsettings: cleanup default value lookup + +There are a couple of different ways (and soon one more) to access the +default value of a key. Clean up the various places that access this to +avoid duplication. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/gsettings.c | 20 ++++---------------- + 1 file changed, 4 insertions(+), 16 deletions(-) + +diff --git a/gio/gsettings.c b/gio/gsettings.c +index 10d394d69..5e5816d57 100644 +--- a/gio/gsettings.c ++++ b/gio/gsettings.c +@@ -1204,10 +1204,7 @@ g_settings_get_value (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + g_settings_schema_key_clear (&skey); + +@@ -1304,10 +1301,7 @@ g_settings_get_default_value (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, TRUE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + g_settings_schema_key_clear (&skey); + +@@ -1360,10 +1354,7 @@ g_settings_get_enum (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + result = g_settings_schema_key_to_enum (&skey, value); + g_settings_schema_key_clear (&skey); +@@ -1473,10 +1464,7 @@ g_settings_get_flags (GSettings *settings, + value = g_settings_read_from_backend (settings, &skey, FALSE, FALSE); + + if (value == NULL) +- value = g_settings_schema_key_get_translated_default (&skey); +- +- if (value == NULL) +- value = g_variant_ref (skey.default_value); ++ value = g_settings_schema_key_get_default_value (&skey); + + result = g_settings_schema_key_to_flags (&skey, value); + g_settings_schema_key_clear (&skey); +-- +2.21.0 + + +From 89c6e8f4a0bcda4b58dbaea713e62be01cfc2087 Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:08:17 +0100 +Subject: [PATCH 2/4] gsettingsschema: Allow per-desktop overrides +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Recognise a new 'd' option in schema keys which gives a dictionary of +per-desktop default values. This dictionary is searched for the items +found in XDG_CURRENT_DESKTOP, in the order. If nothing matches (or if +the option is missing) then the default value is used as before. + +This feature was requested by Alberts Muktupāvels and this patch is +based on an approach devised by them. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/gsettings.c | 21 +++++++++++++++++ + gio/gsettingsschema-internal.h | 2 ++ + gio/gsettingsschema.c | 41 ++++++++++++++++++++++++++++++++++ + 3 files changed, 64 insertions(+) + +diff --git a/gio/gsettings.c b/gio/gsettings.c +index 5e5816d57..f1130c095 100644 +--- a/gio/gsettings.c ++++ b/gio/gsettings.c +@@ -1739,6 +1739,13 @@ g_settings_get_mapped (GSettings *settings, + if (okay) goto okay; + } + ++ if ((value = g_settings_schema_key_get_per_desktop_default (&skey))) ++ { ++ okay = mapping (value, &result, user_data); ++ g_variant_unref (value); ++ if (okay) goto okay; ++ } ++ + if (mapping (skey.default_value, &result, user_data)) + goto okay; + +@@ -2647,6 +2654,20 @@ g_settings_binding_key_changed (GSettings *settings, + } + } + ++ if (variant == NULL) ++ { ++ variant = g_settings_schema_key_get_per_desktop_default (&binding->key); ++ if (variant && ++ !binding->get_mapping (&value, variant, binding->user_data)) ++ { ++ g_error ("Per-desktop default value for key '%s' in schema '%s' " ++ "was rejected by the binding mapping function.", ++ binding->key.name, g_settings_schema_get_id (binding->key.schema)); ++ g_variant_unref (variant); ++ variant = NULL; ++ } ++ } ++ + if (variant == NULL) + { + variant = g_variant_ref (binding->key.default_value); +diff --git a/gio/gsettingsschema-internal.h b/gio/gsettingsschema-internal.h +index f54de3b34..5f996b4bc 100644 +--- a/gio/gsettingsschema-internal.h ++++ b/gio/gsettingsschema-internal.h +@@ -37,6 +37,7 @@ struct _GSettingsSchemaKey + const GVariantType *type; + GVariant *minimum, *maximum; + GVariant *default_value; ++ GVariant *desktop_overrides; + + gint ref_count; + }; +@@ -58,6 +59,7 @@ gboolean g_settings_schema_key_type_check (GSettin + GVariant * g_settings_schema_key_range_fixup (GSettingsSchemaKey *key, + GVariant *value); + GVariant * g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key); ++GVariant * g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key); + + gint g_settings_schema_key_to_enum (GSettingsSchemaKey *key, + GVariant *value); +diff --git a/gio/gsettingsschema.c b/gio/gsettingsschema.c +index f1274a369..17b7e3b01 100644 +--- a/gio/gsettingsschema.c ++++ b/gio/gsettingsschema.c +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + + /** + * SECTION:gsettingsschema +@@ -1283,6 +1284,11 @@ g_settings_schema_key_init (GSettingsSchemaKey *key, + endian_fixup (&key->maximum); + break; + ++ case 'd': ++ g_variant_get (data, "@a{sv}", &key->desktop_overrides); ++ endian_fixup (&key->desktop_overrides); ++ break; ++ + default: + g_warning ("unknown schema extension '%c'", code); + break; +@@ -1303,6 +1309,9 @@ g_settings_schema_key_clear (GSettingsSchemaKey *key) + if (key->maximum) + g_variant_unref (key->maximum); + ++ if (key->desktop_overrides) ++ g_variant_unref (key->desktop_overrides); ++ + g_variant_unref (key->default_value); + + g_settings_schema_unref (key->schema); +@@ -1410,6 +1419,35 @@ g_settings_schema_key_get_translated_default (GSettingsSchemaKey *key) + return value; + } + ++GVariant * ++g_settings_schema_key_get_per_desktop_default (GSettingsSchemaKey *key) ++{ ++ static const gchar * const *current_desktops; ++ GVariant *value = NULL; ++ gint i; ++ ++ if (!key->desktop_overrides) ++ return NULL; ++ ++ if (g_once_init_enter (¤t_desktops)) ++ { ++ const gchar *xdg_current_desktop = g_getenv ("XDG_CURRENT_DESKTOP"); ++ gchar **tmp; ++ ++ if (xdg_current_desktop != NULL && xdg_current_desktop[0] != '\0') ++ tmp = g_strsplit (xdg_current_desktop, G_SEARCHPATH_SEPARATOR_S, -1); ++ else ++ tmp = g_new0 (gchar *, 0 + 1); ++ ++ g_once_init_leave (¤t_desktops, (const gchar **) tmp); ++ } ++ ++ for (i = 0; value == NULL && current_desktops[i] != NULL; i++) ++ value = g_variant_lookup_value (key->desktop_overrides, current_desktops[i], NULL); ++ ++ return value; ++} ++ + gint + g_settings_schema_key_to_enum (GSettingsSchemaKey *key, + GVariant *value) +@@ -1698,6 +1736,9 @@ g_settings_schema_key_get_default_value (GSettingsSchemaKey *key) + + value = g_settings_schema_key_get_translated_default (key); + ++ if (!value) ++ value = g_settings_schema_key_get_per_desktop_default (key); ++ + if (!value) + value = g_variant_ref (key->default_value); + +-- +2.21.0 + + +From 3710e830de015829c086c69181a8703645d577ec Mon Sep 17 00:00:00 2001 +From: Allison Lortie +Date: Wed, 2 Aug 2017 11:10:18 +0100 +Subject: [PATCH 3/4] glib-compile-schemas: Handle per-desktop overrides + +Add a new syntax to override files: if the group name has a ':' in it, +it indicates that we want to override the default values of keys for +only one desktop. For example: + +[org.gnome.desktop.interface:Unity] +font-name='Ubuntu 12' + +Will override the settings, only if "Unity" is found in +XDG_CURRENT_DESKTOP. Multiple per-desktop overrides can be specified +for a given key: the one which comes first in XDG_CURRENT_DESKTOP will +be used. + +https://bugzilla.gnome.org/show_bug.cgi?id=746592 +--- + gio/glib-compile-schemas.c | 83 ++++++++++++++++++++++++++++++++++---- + 1 file changed, 75 insertions(+), 8 deletions(-) + +diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c +index 2dc8c7171..59fb68ee7 100644 +--- a/gio/glib-compile-schemas.c ++++ b/gio/glib-compile-schemas.c +@@ -179,6 +179,8 @@ typedef struct + GString *unparsed_default_value; + GVariant *default_value; + ++ GVariantDict *desktop_overrides; ++ + GString *strinfo; + gboolean is_enum; + gboolean is_flags; +@@ -731,6 +733,11 @@ key_state_serialise (KeyState *state) + g_variant_builder_add (&builder, "(y(**))", 'r', + state->minimum, state->maximum); + ++ /* per-desktop overrides */ ++ if (state->desktop_overrides) ++ g_variant_builder_add (&builder, "(y@a{sv})", 'd', ++ g_variant_dict_end (state->desktop_overrides)); ++ + state->serialised = g_variant_builder_end (&builder); + } + +@@ -768,6 +775,9 @@ key_state_free (gpointer data) + if (state->serialised) + g_variant_unref (state->serialised); + ++ if (state->desktop_overrides) ++ g_variant_dict_unref (state->desktop_overrides); ++ + g_slice_free (KeyState, state); + } + +@@ -1878,6 +1888,8 @@ set_overrides (GHashTable *schema_table, + gchar **groups; + gint i; + ++ g_debug ("Processing override file '%s'", filename); ++ + key_file = g_key_file_new (); + if (!g_key_file_load_from_file (key_file, filename, 0, &error)) + { +@@ -1900,18 +1912,31 @@ set_overrides (GHashTable *schema_table, + for (i = 0; groups[i]; i++) + { + const gchar *group = groups[i]; ++ const gchar *schema_name; ++ const gchar *desktop_id; + SchemaState *schema; ++ gchar **pieces; + gchar **keys; + gint j; + +- schema = g_hash_table_lookup (schema_table, group); ++ pieces = g_strsplit (group, ":", 2); ++ schema_name = pieces[0]; ++ desktop_id = pieces[1]; ++ ++ g_debug ("Processing group '%s' (schema '%s', %s)", ++ group, schema_name, desktop_id ? desktop_id : "all desktops"); ++ ++ schema = g_hash_table_lookup (schema_table, schema_name); + + if (schema == NULL) +- /* Having the schema not be installed is expected to be a +- * common case. Don't even emit an error message about +- * that. +- */ +- continue; ++ { ++ /* Having the schema not be installed is expected to be a ++ * common case. Don't even emit an error message about ++ * that. ++ */ ++ g_strfreev (pieces); ++ continue; ++ } + + keys = g_key_file_get_keys (key_file, group, NULL, NULL); + g_assert (keys != NULL); +@@ -1939,6 +1964,32 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); ++ g_strfreev (groups); ++ g_strfreev (keys); ++ ++ return FALSE; ++ } ++ ++ if (desktop_id != NULL && state->l10n) ++ { ++ /* Let's avoid the n*m case of per-desktop localised ++ * default values, and just forbid it. ++ */ ++ fprintf (stderr, ++ _("cannot provide per-desktop overrides for localised " ++ "key '%s' in schema '%s' (override file '%s')"), ++ key, group, filename); ++ ++ if (!strict) ++ { ++ fprintf (stderr, _("; ignoring override for this key.\n")); ++ continue; ++ } ++ ++ fprintf (stderr, _(" and --strict was specified; exiting.\n")); ++ g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -1969,6 +2020,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _("--strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -1997,6 +2049,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -2025,6 +2078,7 @@ set_overrides (GHashTable *schema_table, + + fprintf (stderr, _(" and --strict was specified; exiting.\n")); + g_key_file_free (key_file); ++ g_strfreev (pieces); + g_strfreev (groups); + g_strfreev (keys); + +@@ -2032,11 +2086,24 @@ set_overrides (GHashTable *schema_table, + } + } + +- g_variant_unref (state->default_value); +- state->default_value = value; ++ if (desktop_id != NULL) ++ { ++ if (state->desktop_overrides == NULL) ++ state->desktop_overrides = g_variant_dict_new (NULL); ++ ++ g_variant_dict_insert_value (state->desktop_overrides, desktop_id, value); ++ g_variant_unref (value); ++ } ++ else ++ { ++ g_variant_unref (state->default_value); ++ state->default_value = value; ++ } ++ + g_free (string); + } + ++ g_strfreev (pieces); + g_strfreev (keys); + } + +-- +2.21.0 + + +From 2ca9218fb46f32fa02bed43c6e60243c8c5d656f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Alberts=20Muktup=C4=81vels?= +Date: Tue, 19 Jun 2018 23:39:24 +0300 +Subject: [PATCH 4/4] Add a test for per-desktop overrides + +--- + gio/glib-compile-schemas.c | 1 + + gio/tests/Makefile.am | 2 + + gio/tests/gsettings.c | 106 ++++++++++++++++++- + gio/tests/org.gtk.test.gschema.override.orig | 2 + + gio/tests/org.gtk.test.gschema.xml.orig | 6 ++ + 5 files changed, 116 insertions(+), 1 deletion(-) + create mode 100644 gio/tests/org.gtk.test.gschema.override.orig + +diff --git a/gio/glib-compile-schemas.c b/gio/glib-compile-schemas.c +index 59fb68ee7..00dd64146 100644 +--- a/gio/glib-compile-schemas.c ++++ b/gio/glib-compile-schemas.c +@@ -2139,6 +2139,7 @@ main (int argc, char **argv) + + /* These options are only for use in the gschema-compile tests */ + { "schema-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &schema_files, NULL, NULL }, ++ { "override-file", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME_ARRAY, &override_files, NULL, NULL }, + { NULL } + }; + +diff --git a/gio/tests/Makefile.am b/gio/tests/Makefile.am +index 49a19bf4a..b41317ad9 100644 +--- a/gio/tests/Makefile.am ++++ b/gio/tests/Makefile.am +@@ -367,12 +367,14 @@ test.mo: de.po + EXTRA_DIST += de.po + dist_uninstalled_test_data += \ + org.gtk.test.gschema.xml.orig \ ++ org.gtk.test.gschema.override.orig \ + org.gtk.schemasourcecheck.gschema.xml \ + testenum.h \ + enums.xml.template + # Generated while running the testcase itself... + CLEANFILES += \ + org.gtk.test.gschema.xml \ ++ org.gtk.test.gschema.override \ + org.gtk.test.enums.xml \ + gsettings.store \ + gschemas.compiled \ +diff --git a/gio/tests/gsettings.c b/gio/tests/gsettings.c +index 2be4122fe..acdeead4c 100644 +--- a/gio/tests/gsettings.c ++++ b/gio/tests/gsettings.c +@@ -2192,6 +2192,7 @@ G_GNUC_END_IGNORE_DEPRECATIONS + "org.gtk.test.range.direct", + "org.gtk.test.mapped", + "org.gtk.test.descriptions", ++ "org.gtk.test.per-desktop", + NULL)); + } + +@@ -2583,6 +2584,100 @@ test_default_value (void) + g_object_unref (settings); + } + ++static gboolean ++string_map_func (GVariant *value, ++ gpointer *result, ++ gpointer user_data) ++{ ++ const gchar *str; ++ ++ str = g_variant_get_string (value, NULL); ++ *result = g_variant_new_string (str); ++ ++ return TRUE; ++} ++ ++/* Test that per-desktop values from org.gtk.test.gschema.override ++ * does not change default value if current desktop is not listed in ++ * $XDG_CURRENT_DESKTOP. ++ */ ++static void ++test_per_desktop (void) ++{ ++ GSettings *settings; ++ TestObject *obj; ++ gpointer p; ++ gchar *str; ++ ++ settings = g_settings_new ("org.gtk.test.per-desktop"); ++ obj = test_object_new (); ++ ++ if (!g_test_subprocess ()) ++ { ++ g_test_trap_subprocess ("/gsettings/per-desktop/subprocess", 0, 0); ++ g_test_trap_assert_passed (); ++ } ++ ++ str = g_settings_get_string (settings, "desktop"); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); ++ ++ str = g_variant_dup_string (p, NULL); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ g_variant_unref (p); ++ ++ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); ++ ++ g_object_get (obj, "string", &str, NULL); ++ g_assert_cmpstr (str, ==, "GNOME"); ++ g_free (str); ++ ++ g_object_unref (settings); ++ g_object_unref (obj); ++} ++ ++/* Test that per-desktop values from org.gtk.test.gschema.override ++ * are successfully loaded based on the value of $XDG_CURRENT_DESKTOP. ++ */ ++static void ++test_per_desktop_subprocess (void) ++{ ++ GSettings *settings; ++ TestObject *obj; ++ gpointer p; ++ gchar *str; ++ ++ g_setenv ("XDG_CURRENT_DESKTOP", "GNOME-Classic:GNOME", TRUE); ++ ++ settings = g_settings_new ("org.gtk.test.per-desktop"); ++ obj = test_object_new (); ++ ++ str = g_settings_get_string (settings, "desktop"); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ p = g_settings_get_mapped (settings, "desktop", string_map_func, NULL); ++ ++ str = g_variant_dup_string (p, NULL); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ g_variant_unref (p); ++ ++ g_settings_bind (settings, "desktop", obj, "string", G_SETTINGS_BIND_DEFAULT); ++ ++ g_object_get (obj, "string", &str, NULL); ++ g_assert_cmpstr (str, ==, "GNOME Classic"); ++ g_free (str); ++ ++ g_object_unref (settings); ++ g_object_unref (obj); ++} ++ + static void + test_extended_schema (void) + { +@@ -2603,6 +2698,7 @@ int + main (int argc, char *argv[]) + { + gchar *schema_text; ++ gchar *override_text; + gchar *enums; + gint result; + +@@ -2625,6 +2721,7 @@ main (int argc, char *argv[]) + g_setenv ("XDG_DATA_DIRS", ".", TRUE); + g_setenv ("XDG_DATA_HOME", ".", TRUE); + g_setenv ("GSETTINGS_SCHEMA_DIR", ".", TRUE); ++ g_setenv ("XDG_CURRENT_DESKTOP", "", TRUE); + + if (!backend_set) + g_setenv ("GSETTINGS_BACKEND", "memory", TRUE); +@@ -2647,6 +2744,10 @@ main (int argc, char *argv[]) + g_assert (g_file_set_contents ("org.gtk.test.gschema.xml", schema_text, -1, NULL)); + g_free (schema_text); + ++ g_assert (g_file_get_contents (SRCDIR "/org.gtk.test.gschema.override.orig", &override_text, NULL, NULL)); ++ g_assert (g_file_set_contents ("org.gtk.test.gschema.override", override_text, -1, NULL)); ++ g_free (override_text); ++ + /* Meson build defines this, autotools build does not */ + #ifndef GLIB_COMPILE_SCHEMAS + #define GLIB_COMPILE_SCHEMAS "../glib-compile-schemas" +@@ -2655,7 +2756,8 @@ main (int argc, char *argv[]) + g_remove ("gschemas.compiled"); + g_assert (g_spawn_command_line_sync (GLIB_COMPILE_SCHEMAS " --targetdir=. " + "--schema-file=org.gtk.test.enums.xml " +- "--schema-file=org.gtk.test.gschema.xml", ++ "--schema-file=org.gtk.test.gschema.xml " ++ "--override-file=org.gtk.test.gschema.override", + NULL, NULL, &result, NULL)); + g_assert (result == 0); + +@@ -2736,6 +2838,8 @@ main (int argc, char *argv[]) + g_test_add_func ("/gsettings/read-descriptions", test_read_descriptions); + g_test_add_func ("/gsettings/test-extended-schema", test_extended_schema); + g_test_add_func ("/gsettings/default-value", test_default_value); ++ g_test_add_func ("/gsettings/per-desktop", test_per_desktop); ++ g_test_add_func ("/gsettings/per-desktop/subprocess", test_per_desktop_subprocess); + + result = g_test_run (); + +diff --git a/gio/tests/org.gtk.test.gschema.override.orig b/gio/tests/org.gtk.test.gschema.override.orig +new file mode 100644 +index 000000000..6694baace +--- /dev/null ++++ b/gio/tests/org.gtk.test.gschema.override.orig +@@ -0,0 +1,2 @@ ++[org.gtk.test.per-desktop:GNOME-Classic] ++desktop = "GNOME Classic" +diff --git a/gio/tests/org.gtk.test.gschema.xml.orig b/gio/tests/org.gtk.test.gschema.xml.orig +index c07558335..fbcdce683 100644 +--- a/gio/tests/org.gtk.test.gschema.xml.orig ++++ b/gio/tests/org.gtk.test.gschema.xml.orig +@@ -209,4 +209,10 @@ + + + ++ ++ ++ "GNOME" ++ ++ ++ + +-- +2.21.0 + diff --git a/SOURCES/ghmac-gnutls.patch b/SOURCES/ghmac-gnutls.patch new file mode 100644 index 0000000..5d6ad6f --- /dev/null +++ b/SOURCES/ghmac-gnutls.patch @@ -0,0 +1,728 @@ +From 440a178c5aad19050a3d5b5d76881931138af680 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Fri, 7 Jun 2019 18:44:43 +0000 +Subject: [PATCH 1/2] ghmac: Split off wrapper functions into ghmac-utils.c + +Prep for adding a GnuTLS HMAC implementation; these are just +utility functions that call the "core" API. +--- + glib/Makefile.am | 1 + + glib/ghmac-utils.c | 145 +++++++++++++++++++++++++++++++++++++++++++++ + glib/ghmac.c | 112 ---------------------------------- + glib/meson.build | 1 + + 4 files changed, 147 insertions(+), 112 deletions(-) + create mode 100644 glib/ghmac-utils.c + +diff --git a/glib/Makefile.am b/glib/Makefile.am +index 8da549c7f..c367b09ad 100644 +--- a/glib/Makefile.am ++++ b/glib/Makefile.am +@@ -126,6 +126,7 @@ libglib_2_0_la_SOURCES = \ + ggettext.c \ + ghash.c \ + ghmac.c \ ++ ghmac-utils.c \ + ghook.c \ + ghostutils.c \ + giochannel.c \ +diff --git a/glib/ghmac-utils.c b/glib/ghmac-utils.c +new file mode 100644 +index 000000000..a17359ff1 +--- /dev/null ++++ b/glib/ghmac-utils.c +@@ -0,0 +1,145 @@ ++/* ghmac.h - data hashing functions ++ * ++ * Copyright (C) 2011 Collabora Ltd. ++ * Copyright (C) 2019 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with this library; if not, see . ++ */ ++ ++#include "config.h" ++ ++#include ++ ++#include "ghmac.h" ++ ++#include "glib/galloca.h" ++#include "gatomic.h" ++#include "gslice.h" ++#include "gmem.h" ++#include "gstrfuncs.h" ++#include "gtestutils.h" ++#include "gtypes.h" ++#include "glibintl.h" ++ ++/** ++ * g_compute_hmac_for_data: ++ * @digest_type: a #GChecksumType to use for the HMAC ++ * @key: (array length=key_len): the key to use in the HMAC ++ * @key_len: the length of the key ++ * @data: (array length=length): binary blob to compute the HMAC of ++ * @length: length of @data ++ * ++ * Computes the HMAC for a binary @data of @length. This is a ++ * convenience wrapper for g_hmac_new(), g_hmac_get_string() ++ * and g_hmac_unref(). ++ * ++ * The hexadecimal string returned will be in lower case. ++ * ++ * Returns: the HMAC of the binary data as a string in hexadecimal. ++ * The returned string should be freed with g_free() when done using it. ++ * ++ * Since: 2.30 ++ */ ++gchar * ++g_compute_hmac_for_data (GChecksumType digest_type, ++ const guchar *key, ++ gsize key_len, ++ const guchar *data, ++ gsize length) ++{ ++ GHmac *hmac; ++ gchar *retval; ++ ++ g_return_val_if_fail (length == 0 || data != NULL, NULL); ++ ++ hmac = g_hmac_new (digest_type, key, key_len); ++ if (!hmac) ++ return NULL; ++ ++ g_hmac_update (hmac, data, length); ++ retval = g_strdup (g_hmac_get_string (hmac)); ++ g_hmac_unref (hmac); ++ ++ return retval; ++} ++ ++/** ++ * g_compute_hmac_for_bytes: ++ * @digest_type: a #GChecksumType to use for the HMAC ++ * @key: the key to use in the HMAC ++ * @data: binary blob to compute the HMAC of ++ * ++ * Computes the HMAC for a binary @data. This is a ++ * convenience wrapper for g_hmac_new(), g_hmac_get_string() ++ * and g_hmac_unref(). ++ * ++ * The hexadecimal string returned will be in lower case. ++ * ++ * Returns: the HMAC of the binary data as a string in hexadecimal. ++ * The returned string should be freed with g_free() when done using it. ++ * ++ * Since: 2.50 ++ */ ++gchar * ++g_compute_hmac_for_bytes (GChecksumType digest_type, ++ GBytes *key, ++ GBytes *data) ++{ ++ gconstpointer byte_data; ++ gsize length; ++ gconstpointer key_data; ++ gsize key_len; ++ ++ g_return_val_if_fail (data != NULL, NULL); ++ g_return_val_if_fail (key != NULL, NULL); ++ ++ byte_data = g_bytes_get_data (data, &length); ++ key_data = g_bytes_get_data (key, &key_len); ++ return g_compute_hmac_for_data (digest_type, key_data, key_len, byte_data, length); ++} ++ ++ ++/** ++ * g_compute_hmac_for_string: ++ * @digest_type: a #GChecksumType to use for the HMAC ++ * @key: (array length=key_len): the key to use in the HMAC ++ * @key_len: the length of the key ++ * @str: the string to compute the HMAC for ++ * @length: the length of the string, or -1 if the string is nul-terminated ++ * ++ * Computes the HMAC for a string. ++ * ++ * The hexadecimal string returned will be in lower case. ++ * ++ * Returns: the HMAC as a hexadecimal string. ++ * The returned string should be freed with g_free() ++ * when done using it. ++ * ++ * Since: 2.30 ++ */ ++gchar * ++g_compute_hmac_for_string (GChecksumType digest_type, ++ const guchar *key, ++ gsize key_len, ++ const gchar *str, ++ gssize length) ++{ ++ g_return_val_if_fail (length == 0 || str != NULL, NULL); ++ ++ if (length < 0) ++ length = strlen (str); ++ ++ return g_compute_hmac_for_data (digest_type, key, key_len, ++ (const guchar *) str, length); ++} +diff --git a/glib/ghmac.c b/glib/ghmac.c +index 9b58fd81c..7db38e34a 100644 +--- a/glib/ghmac.c ++++ b/glib/ghmac.c +@@ -329,115 +329,3 @@ g_hmac_get_digest (GHmac *hmac, + g_checksum_update (hmac->digesto, buffer, len); + g_checksum_get_digest (hmac->digesto, buffer, digest_len); + } +- +-/** +- * g_compute_hmac_for_data: +- * @digest_type: a #GChecksumType to use for the HMAC +- * @key: (array length=key_len): the key to use in the HMAC +- * @key_len: the length of the key +- * @data: (array length=length): binary blob to compute the HMAC of +- * @length: length of @data +- * +- * Computes the HMAC for a binary @data of @length. This is a +- * convenience wrapper for g_hmac_new(), g_hmac_get_string() +- * and g_hmac_unref(). +- * +- * The hexadecimal string returned will be in lower case. +- * +- * Returns: the HMAC of the binary data as a string in hexadecimal. +- * The returned string should be freed with g_free() when done using it. +- * +- * Since: 2.30 +- */ +-gchar * +-g_compute_hmac_for_data (GChecksumType digest_type, +- const guchar *key, +- gsize key_len, +- const guchar *data, +- gsize length) +-{ +- GHmac *hmac; +- gchar *retval; +- +- g_return_val_if_fail (length == 0 || data != NULL, NULL); +- +- hmac = g_hmac_new (digest_type, key, key_len); +- if (!hmac) +- return NULL; +- +- g_hmac_update (hmac, data, length); +- retval = g_strdup (g_hmac_get_string (hmac)); +- g_hmac_unref (hmac); +- +- return retval; +-} +- +-/** +- * g_compute_hmac_for_bytes: +- * @digest_type: a #GChecksumType to use for the HMAC +- * @key: the key to use in the HMAC +- * @data: binary blob to compute the HMAC of +- * +- * Computes the HMAC for a binary @data. This is a +- * convenience wrapper for g_hmac_new(), g_hmac_get_string() +- * and g_hmac_unref(). +- * +- * The hexadecimal string returned will be in lower case. +- * +- * Returns: the HMAC of the binary data as a string in hexadecimal. +- * The returned string should be freed with g_free() when done using it. +- * +- * Since: 2.50 +- */ +-gchar * +-g_compute_hmac_for_bytes (GChecksumType digest_type, +- GBytes *key, +- GBytes *data) +-{ +- gconstpointer byte_data; +- gsize length; +- gconstpointer key_data; +- gsize key_len; +- +- g_return_val_if_fail (data != NULL, NULL); +- g_return_val_if_fail (key != NULL, NULL); +- +- byte_data = g_bytes_get_data (data, &length); +- key_data = g_bytes_get_data (key, &key_len); +- return g_compute_hmac_for_data (digest_type, key_data, key_len, byte_data, length); +-} +- +- +-/** +- * g_compute_hmac_for_string: +- * @digest_type: a #GChecksumType to use for the HMAC +- * @key: (array length=key_len): the key to use in the HMAC +- * @key_len: the length of the key +- * @str: the string to compute the HMAC for +- * @length: the length of the string, or -1 if the string is nul-terminated +- * +- * Computes the HMAC for a string. +- * +- * The hexadecimal string returned will be in lower case. +- * +- * Returns: the HMAC as a hexadecimal string. +- * The returned string should be freed with g_free() +- * when done using it. +- * +- * Since: 2.30 +- */ +-gchar * +-g_compute_hmac_for_string (GChecksumType digest_type, +- const guchar *key, +- gsize key_len, +- const gchar *str, +- gssize length) +-{ +- g_return_val_if_fail (length == 0 || str != NULL, NULL); +- +- if (length < 0) +- length = strlen (str); +- +- return g_compute_hmac_for_data (digest_type, key, key_len, +- (const guchar *) str, length); +-} +diff --git a/glib/meson.build b/glib/meson.build +index 9df77b6f9..c7f28b5b6 100644 +--- a/glib/meson.build ++++ b/glib/meson.build +@@ -138,6 +138,7 @@ glib_sources = files( + 'ggettext.c', + 'ghash.c', + 'ghmac.c', ++ 'ghmac-utils.c', + 'ghook.c', + 'ghostutils.c', + 'giochannel.c', +-- +2.21.0 + + +From 423355787ba9133b310c0b72708024b1428d7d14 Mon Sep 17 00:00:00 2001 +From: Colin Walters +Date: Fri, 7 Jun 2019 19:36:54 +0000 +Subject: [PATCH 2/2] Add a gnutls backend for GHmac + +For RHEL we want apps to use FIPS-certified crypto libraries, +and HMAC apparently counts as "keyed" and hence needs to +be validated. + +Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1630260 +Replaces: https://gitlab.gnome.org/GNOME/glib/merge_requests/897 + +This is a build-time option that backs the GHmac API with GnuTLS. +Most distributors ship glib-networking built with GnuTLS, and +most apps use glib-networking, so this isn't a net-new library +in most cases. + +However, a fun wrinkle is that the GnuTLS HMAC API doesn't expose +the necessary bits to implement `g_hmac_copy()`; OpenSSL does. +I chose to just make that abort for now since I didn't find +apps using it. +--- + glib/Makefile.am | 9 ++- + glib/gchecksum.c | 9 +-- + glib/gchecksumprivate.h | 32 +++++++++ + glib/ghmac-gnutls.c | 151 ++++++++++++++++++++++++++++++++++++++++ + glib/ghmac.c | 1 + + glib/meson.build | 10 ++- + glib/tests/hmac.c | 6 ++ + meson.build | 7 ++ + meson_options.txt | 5 ++ + 9 files changed, 221 insertions(+), 9 deletions(-) + create mode 100644 glib/gchecksumprivate.h + create mode 100644 glib/ghmac-gnutls.c + +diff --git a/glib/Makefile.am b/glib/Makefile.am +index c367b09ad..b0a721ad0 100644 +--- a/glib/Makefile.am ++++ b/glib/Makefile.am +@@ -125,7 +125,7 @@ libglib_2_0_la_SOURCES = \ + gfileutils.c \ + ggettext.c \ + ghash.c \ +- ghmac.c \ ++ ghmac-gnutls.c \ + ghmac-utils.c \ + ghook.c \ + ghostutils.c \ +@@ -352,11 +352,14 @@ pcre_lib = pcre/libpcre.la + pcre_inc = + endif + +-libglib_2_0_la_CFLAGS = $(AM_CFLAGS) $(GLIB_HIDDEN_VISIBILITY_CFLAGS) $(LIBSYSTEMD_CFLAGS) ++gnutls_libs = $(shell pkg-config --libs gnutls) ++gnutls_cflags = $(shell pkg-config --cflags gnutls) ++ ++libglib_2_0_la_CFLAGS = $(AM_CFLAGS) $(GLIB_HIDDEN_VISIBILITY_CFLAGS) $(LIBSYSTEMD_CFLAGS) $(gnutls_cflags) + libglib_2_0_la_LIBADD = libcharset/libcharset.la $(printf_la) @GIO@ @GSPAWN@ @PLATFORMDEP@ @ICONV_LIBS@ @G_LIBS_EXTRA@ $(pcre_lib) $(G_THREAD_LIBS_EXTRA) $(G_THREAD_LIBS_FOR_GTHREAD) $(LIBSYSTEMD_LIBS) + libglib_2_0_la_DEPENDENCIES = libcharset/libcharset.la $(printf_la) @GIO@ @GSPAWN@ @PLATFORMDEP@ $(glib_win32_res) $(glib_def) + +-libglib_2_0_la_LDFLAGS = $(GLIB_LINK_FLAGS) \ ++libglib_2_0_la_LDFLAGS = $(GLIB_LINK_FLAGS) $(gnutls_libs) \ + $(glib_win32_res_ldflag) \ + -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) \ + -export-dynamic $(no_undefined) +diff --git a/glib/gchecksum.c b/glib/gchecksum.c +index 40b1d50e2..2f59d4a66 100644 +--- a/glib/gchecksum.c ++++ b/glib/gchecksum.c +@@ -20,7 +20,7 @@ + + #include + +-#include "gchecksum.h" ++#include "gchecksumprivate.h" + + #include "gslice.h" + #include "gmem.h" +@@ -173,9 +173,9 @@ sha_byte_reverse (guint32 *buffer, + } + #endif /* G_BYTE_ORDER == G_BIG_ENDIAN */ + +-static gchar * +-digest_to_string (guint8 *digest, +- gsize digest_len) ++gchar * ++gchecksum_digest_to_string (guint8 *digest, ++ gsize digest_len) + { + gint len = digest_len * 2; + gint i; +@@ -195,6 +195,7 @@ digest_to_string (guint8 *digest, + + return retval; + } ++#define digest_to_string gchecksum_digest_to_string + + /* + * MD5 Checksum +diff --git a/glib/gchecksumprivate.h b/glib/gchecksumprivate.h +new file mode 100644 +index 000000000..86c7a3b61 +--- /dev/null ++++ b/glib/gchecksumprivate.h +@@ -0,0 +1,32 @@ ++/* gstdioprivate.h - Private GLib stdio functions ++ * ++ * Copyright 2017 Руслан Ижбулатов ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with this library; if not, see . ++ */ ++ ++#ifndef __G_CHECKSUMPRIVATE_H__ ++#define __G_CHECKSUMPRIVATE_H__ ++ ++#include "gchecksum.h" ++ ++G_BEGIN_DECLS ++ ++gchar * ++gchecksum_digest_to_string (guint8 *digest, ++ gsize digest_len); ++ ++G_END_DECLS ++ ++#endif +\ No newline at end of file +diff --git a/glib/ghmac-gnutls.c b/glib/ghmac-gnutls.c +new file mode 100644 +index 000000000..3b4dfb872 +--- /dev/null ++++ b/glib/ghmac-gnutls.c +@@ -0,0 +1,151 @@ ++/* ghmac.h - data hashing functions ++ * ++ * Copyright (C) 2011 Collabora Ltd. ++ * Copyright (C) 2019 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with this library; if not, see . ++ */ ++ ++#include "config.h" ++ ++#include ++#include ++ ++#include "ghmac.h" ++ ++#include "glib/galloca.h" ++#include "gatomic.h" ++#include "gslice.h" ++#include "gmem.h" ++#include "gstrfuncs.h" ++#include "gchecksumprivate.h" ++#include "gtestutils.h" ++#include "gtypes.h" ++#include "glibintl.h" ++ ++struct _GHmac ++{ ++ int ref_count; ++ GChecksumType digest_type; ++ gnutls_hmac_hd_t hmac; ++ gchar *digest_str; ++}; ++ ++GHmac * ++g_hmac_new (GChecksumType digest_type, ++ const guchar *key, ++ gsize key_len) ++{ ++ gnutls_mac_algorithm_t algo; ++ GHmac *hmac = g_slice_new0 (GHmac); ++ hmac->ref_count = 1; ++ hmac->digest_type = digest_type; ++ ++ switch (digest_type) ++ { ++ case G_CHECKSUM_MD5: ++ algo = GNUTLS_MAC_MD5; ++ break; ++ case G_CHECKSUM_SHA1: ++ algo = GNUTLS_MAC_SHA1; ++ break; ++ case G_CHECKSUM_SHA256: ++ algo = GNUTLS_MAC_SHA256; ++ break; ++ case G_CHECKSUM_SHA384: ++ algo = GNUTLS_MAC_SHA384; ++ break; ++ case G_CHECKSUM_SHA512: ++ algo = GNUTLS_MAC_SHA512; ++ break; ++ default: ++ g_return_val_if_reached (NULL); ++ } ++ ++ gnutls_hmac_init (&hmac->hmac, algo, key, key_len); ++ ++ return hmac; ++} ++ ++GHmac * ++g_hmac_copy (const GHmac *hmac) ++{ ++ g_error ("g_hmac_copy is not available with GnuTLS-backend GHmac"); ++} ++ ++GHmac * ++g_hmac_ref (GHmac *hmac) ++{ ++ g_return_val_if_fail (hmac != NULL, NULL); ++ ++ g_atomic_int_inc (&hmac->ref_count); ++ ++ return hmac; ++} ++ ++void ++g_hmac_unref (GHmac *hmac) ++{ ++ g_return_if_fail (hmac != NULL); ++ ++ if (g_atomic_int_dec_and_test (&hmac->ref_count)) ++ { ++ gnutls_hmac_deinit (hmac->hmac, NULL); ++ g_free (hmac->digest_str); ++ g_slice_free (GHmac, hmac); ++ } ++} ++ ++ ++void ++g_hmac_update (GHmac *hmac, ++ const guchar *data, ++ gssize length) ++{ ++ g_return_if_fail (hmac != NULL); ++ g_return_if_fail (length == 0 || data != NULL); ++ ++ gnutls_hmac (hmac->hmac, data, length); ++} ++ ++const gchar * ++g_hmac_get_string (GHmac *hmac) ++{ ++ guint8 *buffer; ++ gsize digest_len; ++ ++ g_return_val_if_fail (hmac != NULL, NULL); ++ ++ if (hmac->digest_str) ++ return hmac->digest_str; ++ ++ digest_len = g_checksum_type_get_length (hmac->digest_type); ++ buffer = g_alloca (digest_len); ++ ++ gnutls_hmac_output (hmac->hmac, buffer); ++ hmac->digest_str = gchecksum_digest_to_string (buffer, digest_len); ++ return hmac->digest_str; ++} ++ ++ ++void ++g_hmac_get_digest (GHmac *hmac, ++ guint8 *buffer, ++ gsize *digest_len) ++{ ++ g_return_if_fail (hmac != NULL); ++ ++ gnutls_hmac_output (hmac->hmac, buffer); ++ *digest_len = g_checksum_type_get_length (hmac->digest_type); ++} +diff --git a/glib/ghmac.c b/glib/ghmac.c +index 7db38e34a..b12eb07c4 100644 +--- a/glib/ghmac.c ++++ b/glib/ghmac.c +@@ -33,6 +33,7 @@ + #include "gtypes.h" + #include "glibintl.h" + ++#error "build configuration error" + + /** + * SECTION:hmac +diff --git a/glib/meson.build b/glib/meson.build +index c7f28b5b6..a2f9da81c 100644 +--- a/glib/meson.build ++++ b/glib/meson.build +@@ -137,7 +137,6 @@ glib_sources = files( + 'gfileutils.c', + 'ggettext.c', + 'ghash.c', +- 'ghmac.c', + 'ghmac-utils.c', + 'ghook.c', + 'ghostutils.c', +@@ -185,6 +184,7 @@ glib_sources = files( + 'gunidecomp.c', + 'gurifuncs.c', + 'gutils.c', ++ 'gchecksumprivate.h', + 'guuid.c', + 'gvariant.c', + 'gvariant-core.c', +@@ -222,6 +222,12 @@ else + glib_dtrace_hdr = [] + endif + ++if get_option('gnutls') ++ glib_sources += files('ghmac-gnutls.c') ++else ++ glib_sources += files('ghmac.c') ++endif ++ + pcre_static_args = [] + + if use_pcre_static_flag +@@ -238,7 +244,7 @@ libglib = library('glib-2.0', + link_args : platform_ldflags + noseh_link_args, + include_directories : configinc, + link_with : [charset_lib, gnulib_lib], +- dependencies : [pcre, thread_dep, libintl, librt] + libiconv + platform_deps, ++ dependencies : [pcre, thread_dep, libintl, librt] + libiconv + platform_deps + libgnutls_dep, + c_args : ['-DG_LOG_DOMAIN="GLib"', '-DGLIB_COMPILATION'] + pcre_static_args + glib_hidden_visibility_args + ) + +diff --git a/glib/tests/hmac.c b/glib/tests/hmac.c +index 3ac3206df..5212c2523 100644 +--- a/glib/tests/hmac.c ++++ b/glib/tests/hmac.c +@@ -1,3 +1,5 @@ ++#include "config.h" ++ + #include + #include + #include +@@ -427,6 +429,9 @@ test_hmac_ref_unref (void) + static void + test_hmac_copy (void) + { ++#ifdef HAVE_GNUTLS ++ g_test_skip ("No g_hmac_copy with gnutls"); ++#else + GHmac *hmac, *check; + + hmac = g_hmac_new (G_CHECKSUM_SHA256, (guchar*)"aaa", 3); +@@ -435,6 +440,7 @@ test_hmac_copy (void) + g_assert_cmpstr (g_hmac_get_string (hmac), ==, g_hmac_get_string (check)); + g_hmac_unref (check); + g_hmac_unref (hmac); ++#endif + } + + static void +diff --git a/meson.build b/meson.build +index 0cefee51d..81b16b004 100644 +--- a/meson.build ++++ b/meson.build +@@ -1596,6 +1596,13 @@ if host_system == 'linux' and get_option('libmount') + libmount_dep = [dependency('mount', version : '>=2.23', required : true)] + endif + ++# gnutls is used optionally by ghmac ++libgnutls_dep = [] ++if get_option('gnutls') ++ libgnutls_dep = [dependency('gnutls', version : '>=3.6.7', required : true)] ++ glib_conf.set('HAVE_GNUTLS', 1) ++endif ++ + if host_system == 'windows' + winsock2 = cc.find_library('ws2_32') + endif +diff --git a/meson_options.txt b/meson_options.txt +index 4504c6858..d18c42a36 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -34,6 +34,11 @@ option('libmount', + value : true, + description : 'build with libmount support') + ++option('gnutls', ++ type : 'boolean', ++ value : false, ++ description : 'build with gnutls support') ++ + option('internal_pcre', + type : 'boolean', + value : false, +-- +2.21.0 + diff --git a/SPECS/glib2.spec b/SPECS/glib2.spec new file mode 100644 index 0000000..4fbc0e1 --- /dev/null +++ b/SPECS/glib2.spec @@ -0,0 +1,725 @@ +%global _changelog_trimtime %(date +%s -d "1 year ago") + +# See https://fedoraproject.org/wiki/Packaging:Python_Appendix#Manual_byte_compilation +%global __python %{__python3} + +Name: glib2 +Version: 2.56.4 +Release: 8%{?dist} +Summary: A library of handy utility functions + +License: LGPLv2+ +URL: http://www.gtk.org +Source0: http://download.gnome.org/sources/glib/2.56/glib-%{version}.tar.xz + +# https://gitlab.gnome.org/GNOME/glib/merge_requests/903 +# https://bugzilla.redhat.com/show_bug.cgi?id=1630260 +Patch37: ghmac-gnutls.patch +# And the BR for this +BuildRequires: pkgconfig(gnutls) + +BuildRequires: chrpath +BuildRequires: gettext +BuildRequires: perl-interpreter +# for sys/inotify.h +BuildRequires: glibc-devel +BuildRequires: libattr-devel +BuildRequires: libselinux-devel +# for sys/sdt.h +BuildRequires: systemtap-sdt-devel +BuildRequires: pkgconfig(libelf) +BuildRequires: pkgconfig(libffi) +BuildRequires: pkgconfig(libpcre) +BuildRequires: pkgconfig(mount) +BuildRequires: pkgconfig(zlib) +# Bootstrap build requirements +BuildRequires: automake autoconf libtool +BuildRequires: gtk-doc +BuildRequires: python3-devel + +# for GIO content-type support +Recommends: shared-mime-info + +# Downstream patches +Patch01: 0001-gdbus-unix-addresses-test-don-t-g_debug-when-also-te.patch + +# Backported from git master +Patch10: 0001-codegen-Change-pointer-casting-to-remove-type-punnin.patch +Patch11: 0001-spawn-add-shebang-line-to-script.patch +Patch12: 0001-build-sys-Pass-CFLAGS-to-DTRACE.patch +Patch13: 0001-gfile-Limit-access-to-files-when-copying.patch + +# Backported from git glib-2-56 branch +Patch20: 0001-tests-Allocate-gvariant-data-from-the-heap-to-guaran.patch +Patch21: 0002-gvariant-test-Also-force-alignment-for-tuple-test-da.patch + +# Backported from 2.58 (for 3.32 GNOME rebase) +Patch30: backport-per-desktop-overrides.patch + +# Backported from git +Patch40: 0001-gdbus-codegen-honor-Property.EmitsChangedSignal-anno.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=1777213 +Patch50: 0001-gcredentialsprivate-Document-the-various-private-mac.patch +Patch51: 0001-GDBus-prefer-getsockopt-style-credentials-passing-AP.patch +Patch52: 0001-credentials-Invalid-Linux-struct-ucred-means-no-info.patch + +%description +GLib is the low-level core library that forms the basis for projects +such as GTK+ and GNOME. It provides data structure handling for C, +portability wrappers, and interfaces for such runtime functionality +as an event loop, threads, dynamic loading, and an object system. + + +%package devel +Summary: A library of handy utility functions +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The glib2-devel package includes the header files for the GLib library. + +%package doc +Summary: A library of handy utility functions +Requires: %{name} = %{version}-%{release} +BuildArch: noarch + +%description doc +The glib2-doc package includes documentation for the GLib library. + +%package fam +Summary: FAM monitoring module for GIO +Requires: %{name}%{?_isa} = %{version}-%{release} +BuildRequires: gamin-devel + +%description fam +The glib2-fam package contains the FAM (File Alteration Monitor) module for GIO. + +%package static +Summary: glib static +Requires: %{name}-devel = %{version}-%{release} + +%description static +The %{name}-static subpackage contains static libraries for %{name}. + +%package tests +Summary: Tests for the glib2 package +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description tests +The glib2-tests package contains tests that can be used to verify +the functionality of the installed glib2 package. + +%prep +%autosetup -n glib-%{version} -p1 + +# restore timestamps after patching to appease multilib for .pyc files +tar vtf %{SOURCE0} | while read mode user size date time name; do touch -d "$date $time" ../$name; done + +%build +autoreconf -f -i + +# Bug 1324770: Also explicitly remove PCRE sources since we use --with-pcre=system +rm glib/pcre/*.[ch] +# Support builds of both git snapshots and tarballs packed with autogoo +(if ! test -x configure; then NOCONFIGURE=1 ./autogen.sh; CONFIGFLAGS=--enable-gtk-doc; fi; + %configure $CONFIGFLAGS \ + --with-python=%{__python3} \ + --with-pcre=system \ + --enable-systemtap \ + --enable-static \ + --enable-installed-tests +) + +%make_build + +%install +# Use -p to preserve timestamps on .py files to ensure +# they're not recompiled with different timestamps +# to help multilib: https://bugzilla.redhat.com/show_bug.cgi?id=718404 +%make_install INSTALL="install -p" +# Also since this is a generated .py file, set it to a known timestamp, +# otherwise it will vary by build time, and thus break multilib -devel +# installs. +touch -r gio/gdbus-2.0/codegen/config.py.in $RPM_BUILD_ROOT/%{_datadir}/glib-2.0/codegen/config.py +# patch0 changes the timestamp of codegen.py; reset it to a known value to not +# break multilib +touch -r gio/gdbus-2.0/codegen/config.py.in $RPM_BUILD_ROOT/%{_datadir}/glib-2.0/codegen/codegen.py +chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so + +rm -f $RPM_BUILD_ROOT%{_libdir}/*.la +rm -f $RPM_BUILD_ROOT%{_libdir}/gio/modules/*.{a,la} +rm -f $RPM_BUILD_ROOT%{_libexecdir}/installed-tests/glib/*.{a,la} +rm -f $RPM_BUILD_ROOT%{_libexecdir}/installed-tests/glib/modules/*.{a,la} +# Remove python files bytecompiled by the build system. rpmbuild regenerates +# them again later in a brp script using the timestamps set above. +rm -f $RPM_BUILD_ROOT%{_datadir}/glib-2.0/gdb/*.{pyc,pyo} +rm -rf $RPM_BUILD_ROOT%{_datadir}/glib-2.0/gdb/__pycache__/ +rm -f $RPM_BUILD_ROOT%{_datadir}/glib-2.0/codegen/*.{pyc,pyo} +rm -rf $RPM_BUILD_ROOT%{_datadir}/glib-2.0/codegen/__pycache__/ + +mv $RPM_BUILD_ROOT%{_bindir}/gio-querymodules $RPM_BUILD_ROOT%{_bindir}/gio-querymodules-%{__isa_bits} + +touch $RPM_BUILD_ROOT%{_libdir}/gio/modules/giomodule.cache + +# bash-completion scripts need not be executable +chmod 644 $RPM_BUILD_ROOT%{_datadir}/bash-completion/completions/* + +%find_lang glib20 + +%transfiletriggerin -- %{_libdir}/gio/modules +gio-querymodules-%{__isa_bits} %{_libdir}/gio/modules &> /dev/null || : + +%transfiletriggerpostun -- %{_libdir}/gio/modules +gio-querymodules-%{__isa_bits} %{_libdir}/gio/modules &> /dev/null || : + +%transfiletriggerin -- %{_datadir}/glib-2.0/schemas +glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : + +%transfiletriggerpostun -- %{_datadir}/glib-2.0/schemas +glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : + +%files -f glib20.lang +%license COPYING +%doc AUTHORS NEWS README +%{_libdir}/libglib-2.0.so.* +%{_libdir}/libgthread-2.0.so.* +%{_libdir}/libgmodule-2.0.so.* +%{_libdir}/libgobject-2.0.so.* +%{_libdir}/libgio-2.0.so.* +%dir %{_datadir}/bash-completion +%dir %{_datadir}/bash-completion/completions +%{_datadir}/bash-completion/completions/gdbus +%{_datadir}/bash-completion/completions/gsettings +%{_datadir}/bash-completion/completions/gapplication +%dir %{_datadir}/glib-2.0 +%dir %{_datadir}/glib-2.0/schemas +%dir %{_libdir}/gio +%dir %{_libdir}/gio/modules +%ghost %{_libdir}/gio/modules/giomodule.cache +%{_bindir}/gio +%{_bindir}/gio-querymodules* +%{_bindir}/glib-compile-schemas +%{_bindir}/gsettings +%{_bindir}/gdbus +%{_bindir}/gapplication +%{_mandir}/man1/gio.1* +%{_mandir}/man1/gio-querymodules.1* +%{_mandir}/man1/glib-compile-schemas.1* +%{_mandir}/man1/gsettings.1* +%{_mandir}/man1/gdbus.1* +%{_mandir}/man1/gapplication.1* + +%files devel +%{_libdir}/lib*.so +%{_libdir}/glib-2.0 +%{_includedir}/* +%{_datadir}/aclocal/* +%{_libdir}/pkgconfig/* +%{_datadir}/glib-2.0/gdb +%{_datadir}/glib-2.0/gettext +%{_datadir}/glib-2.0/schemas/gschema.dtd +%{_datadir}/glib-2.0/valgrind/glib.supp +%{_datadir}/bash-completion/completions/gresource +%{_bindir}/glib-genmarshal +%{_bindir}/glib-gettextize +%{_bindir}/glib-mkenums +%{_bindir}/gobject-query +%{_bindir}/gtester +%{_bindir}/gdbus-codegen +%{_bindir}/glib-compile-resources +%{_bindir}/gresource +%{_datadir}/glib-2.0/codegen +%attr (0755, root, root) %{_bindir}/gtester-report +%{_mandir}/man1/glib-genmarshal.1* +%{_mandir}/man1/glib-gettextize.1* +%{_mandir}/man1/glib-mkenums.1* +%{_mandir}/man1/gobject-query.1* +%{_mandir}/man1/gtester-report.1* +%{_mandir}/man1/gtester.1* +%{_mandir}/man1/gdbus-codegen.1* +%{_mandir}/man1/glib-compile-resources.1* +%{_mandir}/man1/gresource.1* +%{_datadir}/gdb/ +%{_datadir}/gettext/ +%{_datadir}/systemtap/ + +%files doc +%doc %{_datadir}/gtk-doc/html/* + +%files fam +%{_libdir}/gio/modules/libgiofam.so + +%files static +%{_libdir}/libgio-2.0.a +%{_libdir}/libglib-2.0.a +%{_libdir}/libgmodule-2.0.a +%{_libdir}/libgobject-2.0.a +%{_libdir}/libgthread-2.0.a + +%files tests +%{_libexecdir}/installed-tests +%{_datadir}/installed-tests + +%changelog +* Mon Dec 02 2019 Colin Walters - 2.56.4-8 +- Backport patches for GDBus auth + Resolves: #1777213 + +* Sat Jul 13 2019 Colin Walters - 2.56.4-7 +- Backport patch for CVE-2019-12450 + Resolves: #1722101 + +* Mon Jun 17 2019 Ray Strode - 2.56.4-5 +- Backport glib2 change needed for accountsservice dbus + codegen fix + Resolves: #1713081 + +* Mon Jun 10 2019 Colin Walters - 2.56.4-4 +- Back GHmac with GnuTLS for FIPS +- Resolves: #1630260 + +* Fri May 31 2019 Florian Müllner - 2.56.4-3 +- Backport per-desktop overrides +- Resolves: #1715951 + +* Tue Apr 02 2019 Colin Walters - 2.56.4-2 +- Add system LDFLAGS +- Resolves: #1630566 + +* Mon Jan 14 2019 Kalev Lember - 2.56.4-1 +- Update to 2.56.4 +- Resolves: #1660859 + +* Mon Jan 14 2019 Kalev Lember - 2.56.1-7 +- Remove .la files from -tests subpackage + +* Mon Jan 14 2019 Kalev Lember - 2.56.1-6 +- Fix multilib -devel installs +- Related: #1639428 + +* Mon Jan 14 2019 Kalev Lember - 2.56.1-5 +- Fix gdbus codegen generated proxies breaking strict aliasing rules +- Resolves: #1639428 + +* Mon Dec 17 2018 Ray Strode - 2.56.1-4 +- Ensure shared-mime-info is installed during testing +- Ensure test suite runs as unprivileged user +- Ensure test suite works when debugging is enabled +- Ensure echo-script from spawn test is marked executable + Related: #1625683 + +* Fri Dec 14 2018 Ray Strode - 2.56.1-3 +- rebuild + Related: #1625683 + +* Mon Dec 10 2018 Josh Boyer - 2.56.1-2 +- Rebuild for CET note fixes + Resolves: #1657311 + +* Sun Apr 08 2018 Kalev Lember - 2.56.1-1 +- Update to 2.56.1 + +* Mon Mar 12 2018 Kalev Lember - 2.56.0-1 +- Update to 2.56.0 + +* Wed Feb 07 2018 Igor Gnatenko - 2.55.2-3 +- Undo disabling mangling + +* Wed Feb 07 2018 Kalev Lember - 2.55.2-2 +- Disable brp-mangle-shebangs shebangs + +* Wed Feb 07 2018 Kalev Lember - 2.55.2-1 +- Update to 2.55.2 +- Drop ldconfig scriptlets + +* Wed Jan 31 2018 Igor Gnatenko - 2.55.1-3 +- Switch to %%ldconfig_scriptlets + +* Thu Jan 18 2018 Kalev Lember - 2.55.1-2 +- gmain: Partial revert of recent wakeup changes + +* Mon Jan 08 2018 Kalev Lember - 2.55.1-1 +- Update to 2.55.1 +- Drop upstreamed systemtap multilib fix + +* Tue Dec 19 2017 Kalev Lember - 2.55.0-1 +- Update to 2.55.0 + +* Wed Nov 01 2017 Kalev Lember - 2.54.2-1 +- Update to 2.54.2 + +* Fri Oct 06 2017 Kalev Lember - 2.54.1-1 +- Update to 2.54.1 + +* Mon Sep 11 2017 Kalev Lember - 2.54.0-1 +- Update to 2.54.0 + +* Tue Sep 05 2017 Kalev Lember - 2.53.7-1 +- Update to 2.53.7 + +* Sat Aug 19 2017 Kalev Lember - 2.53.6-1 +- Update to 2.53.6 + +* Mon Aug 07 2017 Igor Gnatenko - 2.53.5-1 +- Update to 2.53.5 + +* Tue Aug 01 2017 Kalev Lember - 2.53.4-4 +- Backport glib-mkenums flags annotation parsing fixes + +* Wed Jul 26 2017 Fedora Release Engineering - 2.53.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Jul 21 2017 Kalev Lember - 2.53.4-2 +- Revert a GKeyFile introspection ABI change + +* Tue Jul 18 2017 Kalev Lember - 2.53.4-1 +- Update to 2.53.4 + +* Thu Jun 22 2017 Kalev Lember - 2.53.3-1 +- Update to 2.53.3 + +* Thu Jun 8 2017 Owen Taylor - 2.53.2-2 +- Make triggers also compile schemas in /app/share/glib-2.0/schemas + +* Wed May 24 2017 Florian Müllner - 2.53.2-1 +- Update to 2.53.2 + +* Mon May 15 2017 Kalev Lember - 2.52.2-2 +- Backport a gmain GWakeup patch to fix timedatex high CPU usage (#1450628) + +* Tue May 09 2017 Kalev Lember - 2.52.2-1 +- Update to 2.52.2 + +* Tue Apr 11 2017 Colin Walters - 2.52.1-3 +- Backport patches for gmain wakeup for qemu + See: https://bugzilla.gnome.org/show_bug.cgi?id=761102 + +* Tue Apr 11 2017 Colin Walters - 2.52.1-2 +- Explictly remove PCRE sources +- Related: https://bugzilla.redhat.com/show_bug.cgi?id=1324770 + +* Tue Apr 11 2017 Kalev Lember - 2.52.1-1 +- Update to 2.52.1 + +* Mon Mar 20 2017 Kalev Lember - 2.52.0-1 +- Update to 2.52.0 + +* Thu Mar 16 2017 Kalev Lember - 2.51.5-1 +- Update to 2.51.5 + +* Thu Mar 02 2017 Kalev Lember - 2.51.4-2 +- Remove the dependency on dbus-launch again (#927212) + +* Wed Mar 01 2017 David King - 2.51.4-1 +- Update to 2.51.4 +- Add a Requires on dbus-launch (#927212) +- Use pkgconfig for BuildRequires + +* Tue Feb 14 2017 Richard Hughes - 2.51.2-1 +- Update to 2.51.2 + +* Mon Feb 13 2017 Richard Hughes - 2.51.1-1 +- Update to 2.51.1 + +* Fri Feb 10 2017 Fedora Release Engineering - 2.51.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Dec 19 2016 Miro Hrončok - 2.51.0-2 +- Rebuild for Python 3.6 + +* Sun Oct 30 2016 Kalev Lember - 2.51.0-1 +- Update to 2.51.0 + +* Wed Oct 12 2016 Kalev Lember - 2.50.1-1 +- Update to 2.50.1 + +* Mon Sep 19 2016 Kalev Lember - 2.50.0-1 +- Update to 2.50.0 + +* Tue Sep 13 2016 Kalev Lember - 2.49.7-1 +- Update to 2.49.7 +- Don't set group tags + +* Sun Aug 28 2016 Kalev Lember - 2.49.6-1 +- Update to 2.49.6 + +* Thu Aug 18 2016 Kalev Lember - 2.49.5-1 +- Update to 2.49.5 +- Own /usr/share/gdb and /usr/share/systemtap directories + +* Tue Aug 16 2016 Miro Hrončok - 2.49.4-3 +- Use Python 3 for the RPM Python byte compilation + +* Wed Jul 27 2016 Ville Skyttä - 2.49.4-2 +- Switch to Python 3 (#1286284) + +* Thu Jul 21 2016 Kalev Lember - 2.49.4-1 +- Update to 2.49.4 + +* Sun Jul 17 2016 Kalev Lember - 2.49.3-1 +- Update to 2.49.3 + +* Wed Jun 22 2016 Richard Hughes - 2.49.2-1 +- Update to 2.49.2 + +* Wed Jun 01 2016 Yaakov Selkowitz - 2.49.1-2 +- Soften shared-mime-info dependency (#1266118) + +* Fri May 27 2016 Florian Müllner - 2.49.1-1 +- Update to 2.49.1 + +* Tue May 10 2016 Kalev Lember - 2.48.1-1 +- Update to 2.48.1 + +* Wed Apr 06 2016 Colin Walters - 2.48.0-2 +- Explicitly require system pcre, though we happened to default to this now + anyways due to something else pulling PCRE into the buildroot + Closes rhbz#1287266 + +* Tue Mar 22 2016 Kalev Lember - 2.48.0-1 +- Update to 2.48.0 + +* Thu Mar 17 2016 Richard Hughes - 2.47.92-1 +- Update to 2.47.92 + +* Wed Feb 24 2016 Colin Walters - 2.47.6.19.gad2092b-2 +- git snapshot to work around https://bugzilla.gnome.org/show_bug.cgi?id=762637 +- Add --with-python=/usr/bin/python explicitly to hopefully fix a weird + issue I am seeing where librepo fails to build in epel7 with this due to + us requiring /bin/python. + +* Wed Feb 17 2016 Richard Hughes - 2.47.6-1 +- Update to 2.47.6 + +* Wed Feb 03 2016 Fedora Release Engineering - 2.47.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Jan 19 2016 David King - 2.47.5-1 +- Update to 2.47.5 + +* Wed Dec 16 2015 Kalev Lember - 2.47.4-1 +- Update to 2.47.4 + +* Wed Nov 25 2015 Kalev Lember - 2.47.3-1 +- Update to 2.47.3 + +* Wed Nov 25 2015 Kalev Lember - 2.47.2-1 +- Update to 2.47.2 + +* Mon Nov 09 2015 Kevin Fenzi - 2.47.1-2 +- Add full path redirect output to null and || : to triggers. + +* Wed Oct 28 2015 Kalev Lember - 2.47.1-1 +- Update to 2.47.1 + +* Mon Oct 19 2015 Kalev Lember - 2.46.1-2 +- Backport an upstream fix for app launching under wayland (#1273146) + +* Wed Oct 14 2015 Kalev Lember - 2.46.1-1 +- Update to 2.46.1 + +* Mon Sep 21 2015 Kalev Lember - 2.46.0-1 +- Update to 2.46.0 + +* Mon Sep 14 2015 Kalev Lember - 2.45.8-1 +- Update to 2.45.8 + +* Tue Sep 01 2015 Kalev Lember - 2.45.7-1 +- Update to 2.45.7 + +* Wed Aug 19 2015 Kalev Lember - 2.45.6-1 +- Update to 2.45.6 + +* Wed Aug 19 2015 Kalev Lember - 2.45.5-1 +- Update to 2.45.5 + +* Fri Aug 14 2015 Matthias Clasen - 2.45.4-2 +- Add file triggers for gio modules and gsettings schemas + +* Tue Jul 21 2015 David King - 2.45.4-1 +- Update to 2.45.4 + +* Wed Jun 24 2015 Kalev Lember - 2.45.3-2 +- Backport a patch to fix notification withdrawing in gnome-software + +* Wed Jun 24 2015 David King - 2.45.3-1 +- Update to 2.45.3 + +* Wed Jun 17 2015 Fedora Release Engineering - 2.45.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue May 26 2015 David King - 2.45.2-1 +- Update to 2.45.2 + +* Thu Apr 30 2015 Kalev Lember - 2.45.1-1 +- Update to 2.45.1 + +* Mon Mar 23 2015 Kalev Lember - 2.44.0-1 +- Update to 2.44.0 + +* Tue Mar 17 2015 Kalev Lember - 2.43.92-1 +- Update to 2.43.92 + +* Mon Mar 02 2015 Kalev Lember - 2.43.91-1 +- Update to 2.43.91 + +* Sat Feb 21 2015 Till Maas - 2.43.90-2 +- Rebuilt for Fedora 23 Change + https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code + +* Wed Feb 18 2015 David King - 2.43.90-1 +- Update to 2.43.90 +- Update man pages glob in files section + +* Tue Feb 10 2015 Matthias Clasen - 2.43.4-1 +- Update to 2.43.4 + +* Tue Jan 20 2015 David King - 2.43.3-1 +- Update to 2.43.3 + +* Wed Dec 17 2014 Kalev Lember - 2.43.2-1 +- Update to 2.43.2 + +* Tue Nov 25 2014 Kalev Lember - 2.43.1-1 +- Update to 2.43.1 + +* Thu Oct 30 2014 Florian Müllner - 2.43.0-1 +- Update to 2.43.0 + +* Mon Sep 22 2014 Kalev Lember - 2.42.0-1 +- Update to 2.42.0 + +* Tue Sep 16 2014 Kalev Lember - 2.41.5-1 +- Update to 2.41.5 + +* Thu Sep 4 2014 Matthias Clasen 2.41.4-3 +- Don't remove rpath from gdbus-peer test - it doesn't work without it + +* Thu Sep 04 2014 Bastien Nocera 2.41.4-2 +- Fix banshee getting selected as the default movie player + +* Tue Sep 02 2014 Kalev Lember - 2.41.4-1 +- Update to 2.41.4 + +* Sat Aug 16 2014 Kalev Lember - 2.41.3-1 +- Update to 2.41.3 + +* Sat Aug 16 2014 Fedora Release Engineering - 2.41.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Jul 23 2014 Stef Walter - 2.41.2-2 +- Fix regression with GDBus array encoding rhbz#1122128 + +* Mon Jul 14 2014 Kalev Lember - 2.41.2-1 +- Update to 2.41.2 + +* Sat Jul 12 2014 Tom Callaway - 2.41.1-2 +- fix license handling + +* Tue Jun 24 2014 Richard Hughes - 2.41.1-1 +- Update to 2.41.1 + +* Sat Jun 07 2014 Fedora Release Engineering - 2.41.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue May 27 2014 Kalev Lember - 2.41.0-1 +- Update to 2.41.0 + +* Mon Mar 24 2014 Richard Hughes - 2.40.0-1 +- Update to 2.40.0 + +* Tue Mar 18 2014 Richard Hughes - 2.39.92-1 +- Update to 2.39.92 + +* Tue Mar 04 2014 Richard Hughes - 2.39.91-1 +- Update to 2.39.91 + +* Tue Feb 18 2014 Richard Hughes - 2.39.90-1 +- Update to 2.39.90 + +* Tue Feb 04 2014 Richard Hughes - 2.39.4-1 +- Update to 2.39.4 + +* Tue Jan 14 2014 Richard Hughes - 2.39.3-1 +- Update to 2.39.3 + +* Sun Dec 22 2013 Richard W.M. Jones - 2.39.2-2 +- Re-add static subpackage so that we can build static qemu as + an AArch64 binfmt. + +* Tue Dec 17 2013 Richard Hughes - 2.39.2-1 +- Update to 2.39.2 + +* Mon Dec 09 2013 Richard Hughes - 2.39.1-2 +- Backport a patch from master to stop gnome-settings-daemon crashing. + +* Thu Nov 14 2013 Richard Hughes - 2.39.1-1 +- Update to 2.39.1 + +* Mon Oct 28 2013 Richard Hughes - 2.39.0-1 +- Update to 2.39.0 + +* Tue Sep 24 2013 Kalev Lember - 2.38.0-1 +- Update to 2.38.0 + +* Tue Sep 17 2013 Kalev Lember - 2.37.93-1 +- Update to 2.37.93 + +* Mon Sep 02 2013 Kalev Lember - 2.37.7-1 +- Update to 2.37.7 + +* Wed Aug 21 2013 Debarshi Ray - 2.37.6-1 +- Update to 2.37.6 + +* Sat Aug 03 2013 Petr Pisar - 2.37.5-2 +- Perl 5.18 rebuild + +* Thu Aug 1 2013 Debarshi Ray - 2.37.5-1 +- Update to 2.37.5 + +* Wed Jul 17 2013 Petr Pisar - 2.37.4-2 +- Perl 5.18 rebuild + +* Tue Jul 9 2013 Matthias Clasen - 2.37.4-1 +- Update to 2.37.4 + +* Thu Jun 20 2013 Debarshi Ray - 2.37.2-1 +- Update to 2.37.2 + +* Tue May 28 2013 Matthias Clasen - 2.37.1-1 +- Update to 2.37.1 +- Add a tests subpackage + +* Sat May 04 2013 Kalev Lember - 2.37.0-1 +- Update to 2.37.0 + +* Sat Apr 27 2013 Thorsten Leemhuis - 2.36.1-2 +- Fix pidgin freezes by applying patch from master (#956872) + +* Mon Apr 15 2013 Kalev Lember - 2.36.1-1 +- Update to 2.36.1 + +* Mon Mar 25 2013 Kalev Lember - 2.36.0-1 +- Update to 2.36.0 + +* Tue Mar 19 2013 Matthias Clasen - 2.35.9-1 +- Update to 2.35.9 + +* Thu Feb 21 2013 Kalev Lember - 2.35.8-1 +- Update to 2.35.8 + +* Tue Feb 05 2013 Kalev Lember - 2.35.7-1 +- Update to 2.35.7 + +* Tue Jan 15 2013 Matthias Clasen - 2.35.4-1 +- Update to 2.35.4 + +* Thu Dec 20 2012 Kalev Lember - 2.35.3-1 +- Update to 2.35.3 + +* Sat Nov 24 2012 Kalev Lember - 2.35.2-1 +- Update to 2.35.2 + +* Thu Nov 08 2012 Kalev Lember - 2.35.1-1 +- Update to 2.35.1 +- Drop upstreamed codegen-in-datadir.patch