From 15a17ba8356ac3efdb252149cd856d67e286440a Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 01 2017 03:50:24 +0000 Subject: import gnome-online-accounts-3.22.5-1.el7 --- diff --git a/.gitignore b/.gitignore index ea6c0cf..cbff282 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/gnome-online-accounts-3.14.5.tar.xz +SOURCES/gnome-online-accounts-3.22.5.tar.xz diff --git a/.gnome-online-accounts.metadata b/.gnome-online-accounts.metadata index fa15f22..c4a4c84 100644 --- a/.gnome-online-accounts.metadata +++ b/.gnome-online-accounts.metadata @@ -1 +1 @@ -ab1bbe163535184cdb80a236f48d04b537977aef SOURCES/gnome-online-accounts-3.14.5.tar.xz +c000a70d5408c82caabc3483d6b12329ceb08877 SOURCES/gnome-online-accounts-3.22.5.tar.xz diff --git a/SOURCES/ensure-credentials-startup-and-network-change.patch b/SOURCES/ensure-credentials-startup-and-network-change.patch deleted file mode 100644 index 9e34d67..0000000 --- a/SOURCES/ensure-credentials-startup-and-network-change.patch +++ /dev/null @@ -1,1000 +0,0 @@ -From 3353374f93a16412444bb4fea5384f1a9ea9156f Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 27 May 2015 15:15:09 +0200 -Subject: [PATCH 01/12] daemon: Style fixes - -Use the name 'self' to refer to the instance. ---- - src/daemon/goadaemon.c | 138 ++++++++++++++++++++++++------------------------- - 1 file changed, 69 insertions(+), 69 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 1aa0f18aee45..f4aa0c2f95d9 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -1,6 +1,6 @@ - /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ - /* -- * Copyright (C) 2011, 2012 Red Hat, Inc. -+ * Copyright (C) 2011, 2012, 2015 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public -@@ -71,39 +71,39 @@ static gboolean on_account_handle_ensure_credentials (GoaAccount *acc - GDBusMethodInvocation *invocation, - gpointer user_data); - --static void goa_daemon_reload_configuration (GoaDaemon *daemon); -+static void goa_daemon_reload_configuration (GoaDaemon *self); - - G_DEFINE_TYPE (GoaDaemon, goa_daemon, G_TYPE_OBJECT); - - static void - goa_daemon_finalize (GObject *object) - { -- GoaDaemon *daemon = GOA_DAEMON (object); -+ GoaDaemon *self = GOA_DAEMON (object); - -- if (daemon->config_timeout_id != 0) -+ if (self->config_timeout_id != 0) - { -- g_source_remove (daemon->config_timeout_id); -+ g_source_remove (self->config_timeout_id); - } - -- if (daemon->system_conf_dir_monitor != NULL) -+ if (self->system_conf_dir_monitor != NULL) - { -- g_signal_handlers_disconnect_by_func (daemon->system_conf_dir_monitor, on_file_monitor_changed, daemon); -- g_object_unref (daemon->system_conf_dir_monitor); -+ g_signal_handlers_disconnect_by_func (self->system_conf_dir_monitor, on_file_monitor_changed, self); -+ g_object_unref (self->system_conf_dir_monitor); - } -- if (daemon->home_conf_dir_monitor != NULL) -+ if (self->home_conf_dir_monitor != NULL) - { -- g_signal_handlers_disconnect_by_func (daemon->home_conf_dir_monitor, on_file_monitor_changed, daemon); -- g_object_unref (daemon->home_conf_dir_monitor); -+ g_signal_handlers_disconnect_by_func (self->home_conf_dir_monitor, on_file_monitor_changed, self); -+ g_object_unref (self->home_conf_dir_monitor); - } -- if (daemon->home_conf_file_monitor != NULL) -+ if (self->home_conf_file_monitor != NULL) - { -- g_signal_handlers_disconnect_by_func (daemon->home_conf_file_monitor, on_file_monitor_changed, daemon); -- g_object_unref (daemon->home_conf_file_monitor); -+ g_signal_handlers_disconnect_by_func (self->home_conf_file_monitor, on_file_monitor_changed, self); -+ g_object_unref (self->home_conf_file_monitor); - } - -- g_object_unref (daemon->manager); -- g_object_unref (daemon->object_manager); -- g_object_unref (daemon->connection); -+ g_object_unref (self->manager); -+ g_object_unref (self->object_manager); -+ g_object_unref (self->connection); - - G_OBJECT_CLASS (goa_daemon_parent_class)->finalize (object); - } -@@ -138,11 +138,11 @@ create_monitor (const gchar *path, gboolean is_dir) - static gboolean - on_config_file_monitor_timeout (gpointer user_data) - { -- GoaDaemon *daemon = GOA_DAEMON (user_data); -+ GoaDaemon *self = GOA_DAEMON (user_data); - -- daemon->config_timeout_id = 0; -+ self->config_timeout_id = 0; - g_info ("Reloading configuration files\n"); -- goa_daemon_reload_configuration (daemon); -+ goa_daemon_reload_configuration (self); - - return FALSE; - } -@@ -154,17 +154,17 @@ on_file_monitor_changed (GFileMonitor *monitor, - GFileMonitorEvent event_type, - gpointer user_data) - { -- GoaDaemon *daemon = GOA_DAEMON (user_data); -+ GoaDaemon *self = GOA_DAEMON (user_data); - -- if (daemon->config_timeout_id == 0) -+ if (self->config_timeout_id == 0) - { -- daemon->config_timeout_id = g_timeout_add (200, on_config_file_monitor_timeout, daemon); -+ self->config_timeout_id = g_timeout_add (200, on_config_file_monitor_timeout, self); - } - } - - #ifdef GOA_KERBEROS_ENABLED - static void --activate_identity_service (GoaDaemon *daemon) -+activate_identity_service (GoaDaemon *self) - { - GoaProvider *provider; - -@@ -183,7 +183,7 @@ activate_identity_service (GoaDaemon *daemon) - #endif - - static void --goa_daemon_init (GoaDaemon *daemon) -+goa_daemon_init (GoaDaemon *self) - { - static volatile GQuark goa_error_domain = 0; - GoaObjectSkeleton *object; -@@ -196,20 +196,20 @@ goa_daemon_init (GoaDaemon *daemon) - goa_error_domain; /* shut up -Wunused-but-set-variable */ - - /* TODO: maybe nicer to pass in a GDBusConnection* construct property */ -- daemon->connection = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, NULL); -+ self->connection = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, NULL); - - /* Create object manager */ -- daemon->object_manager = g_dbus_object_manager_server_new ("/org/gnome/OnlineAccounts"); -+ self->object_manager = g_dbus_object_manager_server_new ("/org/gnome/OnlineAccounts"); - - /* Create and export Manager */ -- daemon->manager = goa_manager_skeleton_new (); -- g_signal_connect (daemon->manager, -+ self->manager = goa_manager_skeleton_new (); -+ g_signal_connect (self->manager, - "handle-add-account", - G_CALLBACK (on_manager_handle_add_account), -- daemon); -+ self); - object = goa_object_skeleton_new ("/org/gnome/OnlineAccounts/Manager"); -- goa_object_skeleton_set_manager (object, daemon->manager); -- g_dbus_object_manager_server_export (daemon->object_manager, G_DBUS_OBJECT_SKELETON (object)); -+ goa_object_skeleton_set_manager (object, self->manager); -+ g_dbus_object_manager_server_export (self->object_manager, G_DBUS_OBJECT_SKELETON (object)); - g_object_unref (object); - - /* create ~/.config/goa-1.0 directory */ -@@ -222,19 +222,19 @@ goa_daemon_init (GoaDaemon *daemon) - - /* set up file monitoring */ - path = g_strdup_printf ("%s/goa-1.0/accounts.conf", g_get_user_config_dir ()); -- daemon->home_conf_file_monitor = create_monitor (path, FALSE); -- if (daemon->home_conf_file_monitor != NULL) -- g_signal_connect (daemon->home_conf_file_monitor, "changed", G_CALLBACK (on_file_monitor_changed), daemon); -+ self->home_conf_file_monitor = create_monitor (path, FALSE); -+ if (self->home_conf_file_monitor != NULL) -+ g_signal_connect (self->home_conf_file_monitor, "changed", G_CALLBACK (on_file_monitor_changed), self); - g_free (path); - - /* prime the list of accounts */ -- goa_daemon_reload_configuration (daemon); -+ goa_daemon_reload_configuration (self); - - /* Export objects */ -- g_dbus_object_manager_server_set_connection (daemon->object_manager, daemon->connection); -+ g_dbus_object_manager_server_set_connection (self->object_manager, self->connection); - - #ifdef GOA_KERBEROS_ENABLED -- activate_identity_service (daemon); -+ activate_identity_service (self); - #endif - } - -@@ -331,7 +331,7 @@ key_file_data_new (GKeyFile *key_file, - /* ---------------------------------------------------------------------------------------------------- */ - - static void --add_config_file (GoaDaemon *daemon, -+add_config_file (GoaDaemon *self, - const gchar *path, - GHashTable *group_name_to_key_file_data, - GList **key_files_to_free) -@@ -363,7 +363,7 @@ add_config_file (GoaDaemon *daemon, - gsize num_groups; - guint n; - -- guid = g_dbus_connection_get_guid (daemon->connection); -+ guid = g_dbus_connection_get_guid (self->connection); - groups = g_key_file_get_groups (key_file, &num_groups); - for (n = 0; n < num_groups; n++) - { -@@ -421,7 +421,7 @@ add_config_file (GoaDaemon *daemon, - - /* returns FALSE if object is not (or no longer) valid */ - static gboolean --update_account_object (GoaDaemon *daemon, -+update_account_object (GoaDaemon *self, - GoaObjectSkeleton *object, - const gchar *path, - const gchar *group, -@@ -439,7 +439,7 @@ update_account_object (GoaDaemon *daemon, - gchar *serialized_icon; - GError *error; - -- g_return_val_if_fail (GOA_IS_DAEMON (daemon), FALSE); -+ g_return_val_if_fail (GOA_IS_DAEMON (self), FALSE); - g_return_val_if_fail (G_IS_DBUS_OBJECT_SKELETON (object), FALSE); - g_return_val_if_fail (group != NULL, FALSE); - g_return_val_if_fail (key_file != NULL, FALSE); -@@ -480,7 +480,7 @@ update_account_object (GoaDaemon *daemon, - goa_account_set_presentation_identity (account, presentation_identity); - - error = NULL; -- if (!goa_provider_build_object (provider, object, key_file, group, daemon->connection, just_added, &error)) -+ if (!goa_provider_build_object (provider, object, key_file, group, self->connection, just_added, &error)) - { - g_warning ("Error parsing account: %s (%s, %d)", - error->message, g_quark_to_string (error->domain), error->code); -@@ -519,7 +519,7 @@ object_path_to_group (const gchar *object_path) - } - - static void --process_config_entries (GoaDaemon *daemon, -+process_config_entries (GoaDaemon *self, - GHashTable *group_name_to_key_file_data) - { - GHashTableIter iter; -@@ -535,7 +535,7 @@ process_config_entries (GoaDaemon *daemon, - existing_object_paths = NULL; - { - GList *existing_objects; -- existing_objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (daemon->object_manager)); -+ existing_objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (self->object_manager)); - for (l = existing_objects; l != NULL; l = l->next) - { - GoaObject *object = GOA_OBJECT (l->data); -@@ -579,14 +579,14 @@ process_config_entries (GoaDaemon *daemon, - { - const gchar *object_path = l->data; - GoaObject *object; -- object = GOA_OBJECT (g_dbus_object_manager_get_object (G_DBUS_OBJECT_MANAGER (daemon->object_manager), object_path)); -+ object = GOA_OBJECT (g_dbus_object_manager_get_object (G_DBUS_OBJECT_MANAGER (self->object_manager), object_path)); - g_warn_if_fail (object != NULL); - g_signal_handlers_disconnect_by_func (goa_object_peek_account (object), - G_CALLBACK (on_account_handle_remove), - daemon); - g_object_unref (object); - g_debug ("removing %s", object_path); -- g_warn_if_fail (g_dbus_object_manager_server_unexport (daemon->object_manager, object_path)); -+ g_warn_if_fail (g_dbus_object_manager_server_unexport (self->object_manager, object_path)); - } - for (l = added; l != NULL; l = l->next) - { -@@ -601,22 +601,22 @@ process_config_entries (GoaDaemon *daemon, - g_warn_if_fail (key_file_data != NULL); - - object = goa_object_skeleton_new (object_path); -- if (update_account_object (daemon, -+ if (update_account_object (self, - object, - key_file_data->path, - group, - key_file_data->key_file, - TRUE)) - { -- g_dbus_object_manager_server_export (daemon->object_manager, G_DBUS_OBJECT_SKELETON (object)); -+ g_dbus_object_manager_server_export (self->object_manager, G_DBUS_OBJECT_SKELETON (object)); - g_signal_connect (goa_object_peek_account (GOA_OBJECT (object)), - "handle-remove", - G_CALLBACK (on_account_handle_remove), -- daemon); -+ self); - g_signal_connect (goa_object_peek_account (GOA_OBJECT (object)), - "handle-ensure-credentials", - G_CALLBACK (on_account_handle_ensure_credentials), -- daemon); -+ self); - } - g_object_unref (object); - g_free (group); -@@ -633,9 +633,9 @@ process_config_entries (GoaDaemon *daemon, - key_file_data = g_hash_table_lookup (group_name_to_key_file_data, group); - g_warn_if_fail (key_file_data != NULL); - -- object = GOA_OBJECT (g_dbus_object_manager_get_object (G_DBUS_OBJECT_MANAGER (daemon->object_manager), object_path)); -+ object = GOA_OBJECT (g_dbus_object_manager_get_object (G_DBUS_OBJECT_MANAGER (self->object_manager), object_path)); - g_warn_if_fail (object != NULL); -- if (!update_account_object (daemon, -+ if (!update_account_object (self, - GOA_OBJECT_SKELETON (object), - key_file_data->path, - group, -@@ -644,11 +644,11 @@ process_config_entries (GoaDaemon *daemon, - { - g_signal_handlers_disconnect_by_func (goa_object_peek_account (object), - G_CALLBACK (on_account_handle_remove), -- daemon); -+ self); - g_signal_handlers_disconnect_by_func (goa_object_peek_account (object), - G_CALLBACK (on_account_handle_ensure_credentials), -- daemon); -- g_warn_if_fail (g_dbus_object_manager_server_unexport (daemon->object_manager, object_path)); -+ self); -+ g_warn_if_fail (g_dbus_object_manager_server_unexport (self->object_manager, object_path)); - } - g_object_unref (object); - g_free (group); -@@ -665,14 +665,14 @@ process_config_entries (GoaDaemon *daemon, - - /* - * goa_daemon_reload_configuration: -- * @daemon: A #GoaDaemon -+ * @self: A #GoaDaemon - * - * Updates the accounts_objects member from stored configuration - - * typically called at startup or when a change on the configuration - * files has been detected. - */ - static void --goa_daemon_reload_configuration (GoaDaemon *daemon) -+goa_daemon_reload_configuration (GoaDaemon *self) - { - GList *key_files_to_free; - GHashTable *group_name_to_key_file_data; -@@ -686,11 +686,11 @@ goa_daemon_reload_configuration (GoaDaemon *daemon) - - /* Read the main user config file at $HOME/.config/goa-1.0/accounts.conf */ - path = g_strdup_printf ("%s/goa-1.0/accounts.conf", g_get_user_config_dir ()); -- add_config_file (daemon, path, group_name_to_key_file_data, &key_files_to_free); -+ add_config_file (self, path, group_name_to_key_file_data, &key_files_to_free); - g_free (path); - - /* now process the group_name_to_key_file_data hash table */ -- process_config_entries (daemon, group_name_to_key_file_data); -+ process_config_entries (self, group_name_to_key_file_data); - - g_hash_table_unref (group_name_to_key_file_data); - g_list_foreach (key_files_to_free, (GFunc) g_key_file_free, NULL); -@@ -698,7 +698,7 @@ goa_daemon_reload_configuration (GoaDaemon *daemon) - } - - static gchar * --generate_new_id (GoaDaemon *daemon) -+generate_new_id (GoaDaemon *self) - { - static guint counter = 0; - GDateTime *dt; -@@ -916,11 +916,11 @@ on_manager_handle_add_account (GoaManager *manager, - GVariant *details, - gpointer user_data) - { -- GoaDaemon *daemon = GOA_DAEMON (user_data); -+ GoaDaemon *self = GOA_DAEMON (user_data); - AddAccountData *data; - - data = g_slice_new0 (AddAccountData); -- data->daemon = g_object_ref (daemon); -+ data->daemon = g_object_ref (self); - data->manager = g_object_ref (manager); - data->invocation = g_object_ref (invocation); - data->provider_type = g_strdup (provider_type); -@@ -941,7 +941,7 @@ on_account_handle_remove (GoaAccount *account, - GDBusMethodInvocation *invocation, - gpointer user_data) - { -- GoaDaemon *daemon = GOA_DAEMON (user_data); -+ GoaDaemon *self = GOA_DAEMON (user_data); - GoaProvider *provider; - GKeyFile *key_file; - const gchar *provider_type; -@@ -1038,7 +1038,7 @@ on_account_handle_remove (GoaAccount *account, - goto out; - } - -- goa_daemon_reload_configuration (daemon); -+ goa_daemon_reload_configuration (self); - - goa_account_complete_remove (account, invocation); - -@@ -1063,13 +1063,13 @@ typedef struct - } EnsureData; - - static EnsureData * --ensure_data_new (GoaDaemon *daemon, -+ensure_data_new (GoaDaemon *self, - GoaObject *object, - GDBusMethodInvocation *invocation) - { - EnsureData *data; - data = g_slice_new0 (EnsureData); -- data->daemon = g_object_ref (daemon); -+ data->daemon = g_object_ref (self); - data->object = g_object_ref (object); - data->invocation = invocation; - return data; -@@ -1157,7 +1157,7 @@ on_account_handle_ensure_credentials (GoaAccount *account, - GDBusMethodInvocation *invocation, - gpointer user_data) - { -- GoaDaemon *daemon = GOA_DAEMON (user_data); -+ GoaDaemon *self = GOA_DAEMON (user_data); - GoaProvider *provider = NULL; - GoaObject *object; - -@@ -1178,7 +1178,7 @@ on_account_handle_ensure_credentials (GoaAccount *account, - object, - NULL, /* GCancellable */ - (GAsyncReadyCallback) ensure_credentials_cb, -- ensure_data_new (daemon, object, invocation)); -+ ensure_data_new (self, object, invocation)); - - out: - g_clear_object (&provider); --- -2.5.0 - - -From d649ab10c5a75504aab75d88f873ce8f78c4a0a9 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 27 May 2015 17:17:42 +0200 -Subject: [PATCH 02/12] daemon: Use G_SOURCE_REMOVE instead of FALSE - ---- - src/daemon/goadaemon.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index f4aa0c2f95d9..253ef7b68760 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -144,7 +144,7 @@ on_config_file_monitor_timeout (gpointer user_data) - g_info ("Reloading configuration files\n"); - goa_daemon_reload_configuration (self); - -- return FALSE; -+ return G_SOURCE_REMOVE; - } - - static void --- -2.5.0 - - -From c53298a8e9af407fb220b317acbb61e55d047f75 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 27 May 2015 19:07:39 +0200 -Subject: [PATCH 03/12] daemon: Use g_clear_object wherever applicable - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/daemon/goadaemon.c | 13 ++++++------- - 1 file changed, 6 insertions(+), 7 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 253ef7b68760..978a9e781a52 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -445,6 +445,8 @@ update_account_object (GoaDaemon *self, - g_return_val_if_fail (key_file != NULL, FALSE); - - ret = FALSE; -+ account = NULL; -+ provider = NULL; - identity = NULL; - type = NULL; - account = NULL; -@@ -499,12 +501,10 @@ update_account_object (GoaDaemon *self, - - out: - g_free (serialized_icon); -- if (icon != NULL) -- g_object_unref (icon); -+ g_clear_object (&icon); - g_free (name); -- if (provider != NULL) -- g_object_unref (provider); -- g_object_unref (account); -+ g_clear_object (&provider); -+ g_clear_object (&account); - g_free (type); - g_free (identity); - g_free (presentation_identity); -@@ -1043,8 +1043,7 @@ on_account_handle_remove (GoaAccount *account, - goa_account_complete_remove (account, invocation); - - out: -- if (provider != NULL) -- g_object_unref (provider); -+ g_clear_object (&provider); - g_free (data); - if (key_file != NULL) - g_key_file_free (key_file); --- -2.5.0 - - -From 4cae5ecbdfb934719ff278d9ae3fda07ef61658d Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 27 May 2015 19:11:54 +0200 -Subject: [PATCH 04/12] daemon: Use g_list_free_full wherever applicable - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/daemon/goadaemon.c | 12 ++++-------- - 1 file changed, 4 insertions(+), 8 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 978a9e781a52..b0105593106c 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -544,8 +544,7 @@ process_config_entries (GoaDaemon *self, - if (g_str_has_prefix (object_path, "/org/gnome/OnlineAccounts/Accounts/")) - existing_object_paths = g_list_prepend (existing_object_paths, g_strdup (object_path)); - } -- g_list_foreach (existing_objects, (GFunc) g_object_unref, NULL); -- g_list_free (existing_objects); -+ g_list_free_full (existing_objects, g_object_unref); - } - - config_object_paths = NULL; -@@ -657,10 +656,8 @@ process_config_entries (GoaDaemon *self, - g_list_free (removed); - g_list_free (added); - g_list_free (unchanged); -- g_list_foreach (existing_object_paths, (GFunc) g_free, NULL); -- g_list_free (existing_object_paths); -- g_list_foreach (config_object_paths, (GFunc) g_free, NULL); -- g_list_free (config_object_paths); -+ g_list_free_full (existing_object_paths, g_free); -+ g_list_free_full (config_object_paths, g_free); - } - - /* -@@ -693,8 +690,7 @@ goa_daemon_reload_configuration (GoaDaemon *self) - process_config_entries (self, group_name_to_key_file_data); - - g_hash_table_unref (group_name_to_key_file_data); -- g_list_foreach (key_files_to_free, (GFunc) g_key_file_free, NULL); -- g_list_free (key_files_to_free); -+ g_list_free_full (key_files_to_free, (GDestroyNotify) g_key_file_free); - } - - static gchar * --- -2.5.0 - - -From 14df59620e57965b81f448f1e6a707c3e319c7b2 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Wed, 27 May 2015 19:13:18 +0200 -Subject: [PATCH 05/12] daemon: Remove redundant NULL check - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/daemon/goadaemon.c | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index b0105593106c..01b85e43634a 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -882,8 +882,7 @@ get_all_providers_cb (GObject *source, - - out: - g_free (object_path); -- if (providers != NULL) -- g_list_free_full (providers, g_object_unref); -+ g_list_free_full (providers, g_object_unref); - g_free (key_file_data); - g_free (group); - g_free (id); --- -2.5.0 - - -From ab4de26b7613b60594ea8044f46f798e7b6f18cb Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 28 May 2015 13:26:06 +0200 -Subject: [PATCH 06/12] daemon: Remove redundant function call - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/daemon/goadaemon.c | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 01b85e43634a..03d329c2c127 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -1139,9 +1139,7 @@ ensure_credentials_cb (GoaProvider *provider, - g_message ("%s: Setting AttentionNeeded to FALSE because EnsureCredentials() succeded\n", - g_dbus_object_get_object_path (G_DBUS_OBJECT (data->object))); - } -- goa_account_complete_ensure_credentials (goa_object_peek_account (data->object), -- data->invocation, -- expires_in); -+ goa_account_complete_ensure_credentials (account, data->invocation, expires_in); - } - ensure_data_unref (data); - } --- -2.5.0 - - -From b1d8f19f0c794e26cb2cb9b26993d7874d90afba Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 28 May 2015 15:51:23 +0200 -Subject: [PATCH 07/12] daemon: Check & refresh credentials during startup and - network changes - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/daemon/goadaemon.c | 103 ++++++++++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 101 insertions(+), 2 deletions(-) - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 03d329c2c127..1a7b1fff65b5 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -36,11 +36,14 @@ struct _GoaDaemon - GFileMonitor *home_conf_file_monitor; - GFileMonitor *home_conf_dir_monitor; - -+ GNetworkMonitor *network_monitor; -+ - GDBusObjectManagerServer *object_manager; - - GoaManager *manager; - - guint config_timeout_id; -+ guint credentials_timeout_id; - }; - - typedef struct -@@ -71,6 +74,7 @@ static gboolean on_account_handle_ensure_credentials (GoaAccount *acc - GDBusMethodInvocation *invocation, - gpointer user_data); - -+static void goa_daemon_check_credentials (GoaDaemon *self); - static void goa_daemon_reload_configuration (GoaDaemon *self); - - G_DEFINE_TYPE (GoaDaemon, goa_daemon, G_TYPE_OBJECT); -@@ -85,6 +89,11 @@ goa_daemon_finalize (GObject *object) - g_source_remove (self->config_timeout_id); - } - -+ if (self->credentials_timeout_id != 0) -+ { -+ g_source_remove (self->credentials_timeout_id); -+ } -+ - if (self->system_conf_dir_monitor != NULL) - { - g_signal_handlers_disconnect_by_func (self->system_conf_dir_monitor, on_file_monitor_changed, self); -@@ -162,6 +171,35 @@ on_file_monitor_changed (GFileMonitor *monitor, - } - } - -+static gboolean -+on_check_credentials_timeout (gpointer user_data) -+{ -+ GoaDaemon *self = GOA_DAEMON (user_data); -+ -+ self->credentials_timeout_id = 0; -+ g_info ("Checking credentials\n"); -+ goa_daemon_check_credentials (self); -+ -+ return G_SOURCE_REMOVE; -+} -+ -+static void -+queue_check_credentials (GoaDaemon *self) -+{ -+ if (self->credentials_timeout_id != 0) -+ { -+ g_source_remove (self->credentials_timeout_id); -+ } -+ -+ self->credentials_timeout_id = g_timeout_add_seconds (1, on_check_credentials_timeout, self); -+} -+ -+static void -+on_network_monitor_network_changed (GoaDaemon *self, gboolean available) -+{ -+ queue_check_credentials (self); -+} -+ - #ifdef GOA_KERBEROS_ENABLED - static void - activate_identity_service (GoaDaemon *self) -@@ -230,9 +268,18 @@ goa_daemon_init (GoaDaemon *self) - /* prime the list of accounts */ - goa_daemon_reload_configuration (self); - -+ self->network_monitor = g_network_monitor_get_default (); -+ g_signal_connect_object (self->network_monitor, -+ "network-changed", -+ G_CALLBACK (on_network_monitor_network_changed), -+ self, -+ G_CONNECT_SWAPPED); -+ - /* Export objects */ - g_dbus_object_manager_server_set_connection (self->object_manager, self->connection); - -+ queue_check_credentials (self); -+ - #ifdef GOA_KERBEROS_ENABLED - activate_identity_service (self); - #endif -@@ -1124,7 +1171,14 @@ ensure_credentials_cb (GoaProvider *provider, - error->message, g_quark_to_string (error->domain), error->code); - } - } -- g_dbus_method_invocation_take_error (data->invocation, error); -+ -+ if (data->invocation != NULL) -+ { -+ g_dbus_method_invocation_take_error (data->invocation, error); -+ error = NULL; -+ } -+ -+ g_clear_error (&error); - } - else - { -@@ -1139,7 +1193,9 @@ ensure_credentials_cb (GoaProvider *provider, - g_message ("%s: Setting AttentionNeeded to FALSE because EnsureCredentials() succeded\n", - g_dbus_object_get_object_path (G_DBUS_OBJECT (data->object))); - } -- goa_account_complete_ensure_credentials (account, data->invocation, expires_in); -+ -+ if (data->invocation != NULL) -+ goa_account_complete_ensure_credentials (account, data->invocation, expires_in); - } - ensure_data_unref (data); - } -@@ -1176,3 +1232,46 @@ on_account_handle_ensure_credentials (GoaAccount *account, - g_clear_object (&provider); - return TRUE; /* invocation was handled */ - } -+ -+/* -+ * goa_daemon_check_credentials: -+ * @self: A #GoaDaemon -+ * -+ * Checks whether credentials are valid and tries to refresh them if -+ * not. It also reports whether accounts are usable with the current -+ * network. -+ */ -+static void -+goa_daemon_check_credentials (GoaDaemon *self) -+{ -+ GList *l; -+ GList *objects; -+ -+ objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (self->object_manager)); -+ for (l = objects; l != NULL; l = l->next) -+ { -+ GoaAccount *account; -+ GoaObject *object = GOA_OBJECT (l->data); -+ GoaProvider *provider = NULL; -+ const gchar *provider_type; -+ -+ account = goa_object_peek_account (object); -+ if (account == NULL) -+ continue; -+ -+ provider_type = goa_account_get_provider_type (account); -+ provider = goa_provider_get_for_provider_type (provider_type); -+ if (provider == NULL) -+ continue; -+ -+ goa_provider_ensure_credentials (provider, -+ object, -+ NULL, /* GCancellable */ -+ (GAsyncReadyCallback) ensure_credentials_cb, -+ ensure_data_new (self, object, NULL)); -+ -+ g_clear_object (&provider); -+ } -+ -+ g_list_free_full (objects, g_object_unref); -+} --- -2.5.0 - - -From f2c57a95ed7beb5e9ee0303ae4fbc7ff47e822e4 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Thu, 28 May 2015 16:20:57 +0200 -Subject: [PATCH 08/12] kerberos: Mark EnsureCredentials failures as - authorization errors - -Otherwise GoaAccount:attention-needed won't be set and the UI won't -reflect reality. - -Fall out from 7ba73645e6068935f331969e14d56a39544ebca5 - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/goabackend/goakerberosprovider.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c -index 2eb6b677ab22..33dc1ad096fa 100644 ---- a/src/goabackend/goakerberosprovider.c -+++ b/src/goabackend/goakerberosprovider.c -@@ -1406,18 +1406,29 @@ ensure_credentials_sync (GoaProvider *provider, - - if (identity == NULL || !goa_identity_service_identity_get_is_signed_in (identity)) - { -+ GError *lookup_error; - gboolean ticket_synced; - -+ lookup_error = NULL; -+ - g_mutex_unlock (&identity_manager_mutex); - ticket_synced = get_ticket_sync (GOA_KERBEROS_PROVIDER (provider), - object, - FALSE /* Don't allow interaction */, - cancellable, -- error); -+ &lookup_error); - g_mutex_lock (&identity_manager_mutex); - - if (!ticket_synced) -- goto out; -+ { -+ translate_error (&lookup_error); -+ g_set_error_literal (error, -+ GOA_ERROR, -+ GOA_ERROR_NOT_AUTHORIZED, -+ lookup_error->message); -+ g_error_free (lookup_error); -+ goto out; -+ } - - if (identity == NULL) - identity = get_identity_from_object_manager (GOA_KERBEROS_PROVIDER (provider), --- -2.5.0 - - -From 2a4765eed5b804aee25bfd7a924e72f202751f2d Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Fri, 29 May 2015 15:40:32 +0200 -Subject: [PATCH 09/12] client, identity: Use g_list_free_full wherever - applicable - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/goa/goaclient.c | 3 +-- - src/goaidentity/goakerberosidentitymanager.c | 3 +-- - 2 files changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/goa/goaclient.c b/src/goa/goaclient.c -index 89d52c84f711..20d6e8813fd8 100644 ---- a/src/goa/goaclient.c -+++ b/src/goa/goaclient.c -@@ -471,8 +471,7 @@ goa_client_get_accounts (GoaClient *client) - if (goa_object_peek_account (object) != NULL) - ret = g_list_prepend (ret, g_object_ref (object)); - } -- g_list_foreach (objects, (GFunc) g_object_unref, NULL); -- g_list_free (objects); -+ g_list_free_full (objects, g_object_unref); - - return ret; - } -diff --git a/src/goaidentity/goakerberosidentitymanager.c b/src/goaidentity/goakerberosidentitymanager.c -index a1898c99d703..162cf3f54fcf 100644 ---- a/src/goaidentity/goakerberosidentitymanager.c -+++ b/src/goaidentity/goakerberosidentitymanager.c -@@ -594,8 +594,7 @@ identity_sort_func (GoaIdentity *a, - static void - free_identity_list (GList *list) - { -- g_list_foreach (list, (GFunc) g_object_unref, NULL); -- g_list_free (list); -+ g_list_free_full (list, g_object_unref); - } - - static void --- -2.5.0 - - -From 56752aaf92f7c474b023d88b1000d89cf857f2d1 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Fri, 29 May 2015 15:45:10 +0200 -Subject: [PATCH 10/12] identity: Simplify the destruction - -GoaKerberosIdentityQuery doesn't hold any references so there is no -need to free the list in dispose. We can use the dummy finalize that we -already have and avoid the complexity. - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/goaidentity/goakerberosidentityinquiry.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/goaidentity/goakerberosidentityinquiry.c b/src/goaidentity/goakerberosidentityinquiry.c -index 7c9a84a1a733..4560b358b149 100644 ---- a/src/goaidentity/goakerberosidentityinquiry.c -+++ b/src/goaidentity/goakerberosidentityinquiry.c -@@ -102,15 +102,15 @@ goa_kerberos_identity_inquiry_dispose (GObject *object) - g_clear_object (&self->priv->identity); - g_clear_pointer (&self->priv->name, (GDestroyNotify) g_free); - g_clear_pointer (&self->priv->banner, (GDestroyNotify) g_free); -- -- g_list_foreach (self->priv->queries, -- (GFunc) goa_kerberos_identity_query_free, NULL); -- g_clear_pointer (&self->priv->queries, (GDestroyNotify) g_list_free); - } - - static void - goa_kerberos_identity_inquiry_finalize (GObject *object) - { -+ GoaKerberosIdentityInquiry *self = GOA_KERBEROS_IDENTITY_INQUIRY (object); -+ -+ g_list_free_full (self->priv->queries, (GDestroyNotify) goa_kerberos_identity_query_free); -+ - G_OBJECT_CLASS (goa_kerberos_identity_inquiry_parent_class)->finalize (object); - } - --- -2.5.0 - - -From ffc90f63bea5331206cdf4f62c5f799975df9bab Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Fri, 29 May 2015 15:46:09 +0200 -Subject: [PATCH 11/12] identity: Chain up during dispose - -https://bugzilla.gnome.org/show_bug.cgi?id=693578 ---- - src/goaidentity/goakerberosidentityinquiry.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/goaidentity/goakerberosidentityinquiry.c b/src/goaidentity/goakerberosidentityinquiry.c -index 4560b358b149..67a8a6000a15 100644 ---- a/src/goaidentity/goakerberosidentityinquiry.c -+++ b/src/goaidentity/goakerberosidentityinquiry.c -@@ -102,6 +102,8 @@ goa_kerberos_identity_inquiry_dispose (GObject *object) - g_clear_object (&self->priv->identity); - g_clear_pointer (&self->priv->name, (GDestroyNotify) g_free); - g_clear_pointer (&self->priv->banner, (GDestroyNotify) g_free); -+ -+ G_OBJECT_CLASS (goa_kerberos_identity_inquiry_parent_class)->dispose (object); - } - - static void --- -2.5.0 - - -From 6898eb14f14a7498f484af251f4e0826e7afe521 Mon Sep 17 00:00:00 2001 -From: Debarshi Ray -Date: Fri, 29 May 2015 17:51:33 +0200 -Subject: [PATCH 12/12] kerberos: Don't leak the GCancellable - ---- - src/goabackend/goakerberosprovider.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c -index 33dc1ad096fa..69a1c9142466 100644 ---- a/src/goabackend/goakerberosprovider.c -+++ b/src/goabackend/goakerberosprovider.c -@@ -990,9 +990,10 @@ perform_initial_sign_in (GoaKerberosProvider *self, - object); - g_simple_async_result_set_check_cancellable (operation_result, cancellable); - -- g_object_set_data (G_OBJECT (operation_result), -- "cancellable", -- cancellable); -+ g_object_set_data_full (G_OBJECT (operation_result), -+ "cancellable", -+ g_object_ref (cancellable), -+ g_object_unref); - g_object_set_data (G_OBJECT (operation_result), - "principal", - (gpointer) -@@ -1003,6 +1004,8 @@ perform_initial_sign_in (GoaKerberosProvider *self, - (GAsyncReadyCallback) - on_system_prompt_open_for_initial_sign_in, - operation_result); -+ -+ g_object_unref (cancellable); - } - - static char * --- -2.5.0 - diff --git a/SOURCES/kerberos-fail-early-on-ticket-request-when-ticketing.patch b/SOURCES/kerberos-fail-early-on-ticket-request-when-ticketing.patch deleted file mode 100644 index fda5c34..0000000 --- a/SOURCES/kerberos-fail-early-on-ticket-request-when-ticketing.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 9731022ab1e229efb48b32b29fa96885f95f2391 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 13 Oct 2015 09:05:30 -0400 -Subject: [PATCH] kerberos: Fail early on ticket request when ticketing - disabled - -Right now, it's possible to crash gnome-online-account if you -turn of the kerberos slider at just the right moment when it's -doing a refresh. - -This is because it will try to get a ticket when ticketing has -already been disabled (and the ticketing interface is unset). - -This commit adds a check for that. - -https://bugzilla.gnome.org/show_bug.cgi?id=756498 ---- - src/goabackend/goakerberosprovider.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c -index f51f56a0a34a..32e9ab257ae6 100644 ---- a/src/goabackend/goakerberosprovider.c -+++ b/src/goabackend/goakerberosprovider.c -@@ -300,7 +300,16 @@ get_ticket_sync (GoaKerberosProvider *self, - account = goa_object_peek_account (object); - identifier = goa_account_get_identity (account); - -- ticketing = goa_object_get_ticketing (GOA_OBJECT (object)); -+ ticketing = goa_object_get_ticketing (object); -+ if (ticketing == NULL) -+ { -+ g_set_error (error, -+ GOA_ERROR, -+ GOA_ERROR_NOT_SUPPORTED, -+ _("Ticketing is disabled for account")); -+ return FALSE; -+ } -+ - details = goa_ticketing_get_details (ticketing); - - preauth_source = NULL; --- -2.5.5 - diff --git a/SOURCES/kerberos-fix-renewal.patch b/SOURCES/kerberos-fix-renewal.patch deleted file mode 100644 index 1f47244..0000000 --- a/SOURCES/kerberos-fix-renewal.patch +++ /dev/null @@ -1,255 +0,0 @@ -From 25a3cc4de532748e162ad84451407e3263f8d512 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 22 Sep 2015 14:33:35 -0400 -Subject: [PATCH 1/2] identity: consider ticket start time when calculating - renewal time - -Right now we try to renew the kerberos ticket at the midpoint between -when we first set up the renewal alarm and when the ticket expires. - -Unfortunately, this doesn't work for kernel keyring based kerberos -tickets, since the alarms are reset on a regular interval (as part -of the polling process to check for updates, since kernel keyring -doesn't have changed notification). Since the alarms are reset -regularly, the midpoint converges toward the end of the ticket -lifetime. - -Instead, we should consider the ticket start time, which remains -constant. This commit tracks the ticket start time, and changes -the code renewal alarm to use the mid point between the start time -and expiration time of the ticket. ---- - src/goaidentity/goaidentity.c | 7 +++++ - src/goaidentity/goakerberosidentity.c | 55 +++++++++++++++++++++++++++++------ - 2 files changed, 53 insertions(+), 9 deletions(-) - -diff --git a/src/goaidentity/goaidentity.c b/src/goaidentity/goaidentity.c -index 2fc491be2876..2904e2afe020 100644 ---- a/src/goaidentity/goaidentity.c -+++ b/src/goaidentity/goaidentity.c -@@ -40,6 +40,13 @@ goa_identity_default_init (GoaIdentityInterface *interface) - FALSE, - G_PARAM_READABLE)); - g_object_interface_install_property (interface, -+ g_param_spec_int64 ("start-timestamp", -+ "Start Timestamp", -+ "A timestamp of when the identities credentials first became valid", -+ -1, -+ G_MAXINT64, -+ -1, G_PARAM_READABLE)); -+ g_object_interface_install_property (interface, - g_param_spec_int64 ("expiration-timestamp", - "Expiration Timestamp", - "A timestamp of when the identities credentials expire", -diff --git a/src/goaidentity/goakerberosidentity.c b/src/goaidentity/goakerberosidentity.c -index 1ce5079b6194..f43978d49ebf 100644 ---- a/src/goaidentity/goakerberosidentity.c -+++ b/src/goaidentity/goakerberosidentity.c -@@ -49,6 +49,8 @@ struct _GoaKerberosIdentityPrivate - - char *preauth_identity_source; - -+ krb5_timestamp start_time; -+ guint start_time_idle_id; - krb5_timestamp expiration_time; - guint expiration_time_idle_id; - -@@ -75,6 +77,7 @@ enum - PROP_0, - PROP_IDENTIFIER, - PROP_IS_SIGNED_IN, -+ PROP_START_TIMESTAMP, - PROP_EXPIRATION_TIMESTAMP - }; - -@@ -148,6 +151,11 @@ goa_kerberos_identity_get_property (GObject *object, - g_value_set_boolean (value, - goa_kerberos_identity_is_signed_in (GOA_IDENTITY (self))); - break; -+ case PROP_START_TIMESTAMP: -+ G_LOCK (identity_lock); -+ g_value_set_int64 (value, (gint64) self->priv->start_time); -+ G_UNLOCK (identity_lock); -+ break; - case PROP_EXPIRATION_TIMESTAMP: - G_LOCK (identity_lock); - g_value_set_int64 (value, (gint64) self->priv->expiration_time); -@@ -221,6 +229,9 @@ goa_kerberos_identity_class_init (GoaKerberosIdentityClass *klass) - g_object_class_override_property (object_class, PROP_IDENTIFIER, "identifier"); - g_object_class_override_property (object_class, PROP_IS_SIGNED_IN, "is-signed-in"); - g_object_class_override_property (object_class, -+ PROP_START_TIMESTAMP, -+ "start-timestamp"); -+ g_object_class_override_property (object_class, - PROP_EXPIRATION_TIMESTAMP, - "expiration-timestamp"); - -@@ -573,6 +584,23 @@ queue_notify (GoaKerberosIdentity *self, - } - - static void -+set_start_time (GoaKerberosIdentity *self, -+ krb5_timestamp start_time) -+{ -+ G_LOCK (identity_lock); -+ if (self->priv->start_time != start_time) -+ { -+ self->priv->start_time = start_time; -+ G_UNLOCK (identity_lock); -+ queue_notify (self, -+ &self->priv->start_time_idle_id, -+ "start-timestamp"); -+ G_LOCK (identity_lock); -+ } -+ G_UNLOCK (identity_lock); -+} -+ -+static void - set_expiration_time (GoaKerberosIdentity *self, - krb5_timestamp expiration_time) - { -@@ -592,6 +620,7 @@ set_expiration_time (GoaKerberosIdentity *self, - static gboolean - credentials_are_expired (GoaKerberosIdentity *self, - krb5_creds *credentials, -+ krb5_timestamp *start_time, - krb5_timestamp *expiration_time) - { - krb5_timestamp current_time; -@@ -599,11 +628,17 @@ credentials_are_expired (GoaKerberosIdentity *self, - current_time = get_current_time (self); - - G_LOCK (identity_lock); -+ if (self->priv->start_time == 0) -+ *start_time = credentials->times.starttime; -+ else -+ *start_time = MIN (self->priv->start_time, -+ credentials->times.starttime); - *expiration_time = MAX (credentials->times.endtime, - self->priv->expiration_time); - G_UNLOCK (identity_lock); - -- if (credentials->times.endtime <= current_time) -+ if (current_time < credentials->times.starttime || -+ credentials->times.endtime <= current_time) - { - return TRUE; - } -@@ -620,6 +655,7 @@ verify_identity (GoaKerberosIdentity *self, - krb5_cc_cursor cursor; - krb5_creds credentials; - krb5_error_code error_code; -+ krb5_timestamp start_time = 0; - krb5_timestamp expiration_time = 0; - VerificationLevel verification_level = VERIFICATION_LEVEL_UNVERIFIED; - -@@ -671,7 +707,7 @@ verify_identity (GoaKerberosIdentity *self, - { - if (credentials_validate_existence (self, principal, &credentials)) - { -- if (!credentials_are_expired (self, &credentials, &expiration_time)) -+ if (!credentials_are_expired (self, &credentials, &start_time, &expiration_time)) - verification_level = VERIFICATION_LEVEL_SIGNED_IN; - else - verification_level = VERIFICATION_LEVEL_EXISTS; -@@ -720,6 +756,7 @@ verify_identity (GoaKerberosIdentity *self, - goto out; - } - out: -+ set_start_time (self, start_time); - set_expiration_time (self, expiration_time); - - if (principal != NULL) -@@ -922,18 +959,18 @@ connect_alarm_signals (GoaKerberosIdentity *self) - static void - reset_alarms (GoaKerberosIdentity *self) - { -- GDateTime *now; -+ GDateTime *start_time; - GDateTime *expiration_time; - GDateTime *expiring_time; - GDateTime *renewal_time; -- GTimeSpan time_span_until_expiration; -+ GTimeSpan lifespan; - -- now = g_date_time_new_now_local (); - G_LOCK (identity_lock); -+ start_time = g_date_time_new_from_unix_local (self->priv->start_time); - expiration_time = g_date_time_new_from_unix_local (self->priv->expiration_time); - G_UNLOCK (identity_lock); -- time_span_until_expiration = g_date_time_difference (expiration_time, now); -- g_date_time_unref (now); -+ -+ lifespan = g_date_time_difference (expiration_time, start_time); - - /* Let the user reauthenticate 10 min before expiration */ - expiring_time = g_date_time_add_minutes (expiration_time, -10); -@@ -941,8 +978,7 @@ reset_alarms (GoaKerberosIdentity *self) - /* Try to quietly auto-renew halfway through so in ideal configurations - * the ticket is never more than halfway to expired - */ -- renewal_time = g_date_time_add (expiration_time, -- -(time_span_until_expiration / 2)); -+ renewal_time = g_date_time_add (expiration_time, -(lifespan / 2)); - - disconnect_alarm_signals (self); - -@@ -952,6 +988,7 @@ reset_alarms (GoaKerberosIdentity *self) - - g_date_time_unref (renewal_time); - g_date_time_unref (expiring_time); -+ g_date_time_unref (start_time); - g_date_time_unref (expiration_time); - connect_alarm_signals (self); - } --- -2.5.0 - - -From d3f7bcc56592a3113c1cde55bf67c44514acc7f9 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 22 Sep 2015 14:38:29 -0400 -Subject: [PATCH 2/2] identity: don't ignore almost all renewal requests - -There's a bug in the code where we ignore all renewal requests for -objects we already know about. - -This means we'll only ever honor renewal requests that happen almost -immediately after start up. - -This commit fixes the bug, so the only renewal requests that aren't -honored, are those that have been specifically disabled by the user. -This was clearly the original intention of the buggy code. ---- - src/goaidentity/goaidentityservice.c | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/goaidentity/goaidentityservice.c b/src/goaidentity/goaidentityservice.c -index 6b6225adbc61..bb5d3a7dbe25 100644 ---- a/src/goaidentity/goaidentityservice.c -+++ b/src/goaidentity/goaidentityservice.c -@@ -741,16 +741,17 @@ on_identity_needs_renewal (GoaIdentityManager *identity_manager, - - principal = goa_identity_get_identifier (identity); - -- g_debug ("GoaIdentityService: identity %s needs renewal", principal); -- - object = find_object_with_principal (self, principal, TRUE); - -- if (object != NULL) -+ if (object != NULL && should_ignore_object (self, object)) - { -- should_ignore_object (self, object); -+ g_debug ("GoaIdentityService: ignoring identity %s that says it needs renewal", principal); -+ - return; - } - -+ g_debug ("GoaIdentityService: identity %s needs renewal", principal); -+ - goa_identity_manager_renew_identity (GOA_IDENTITY_MANAGER - (self->priv->identity_manager), - identity, --- -2.5.0 - diff --git a/SOURCES/kerberos-separate-process.patch b/SOURCES/kerberos-separate-process.patch deleted file mode 100644 index 1a1f39b..0000000 --- a/SOURCES/kerberos-separate-process.patch +++ /dev/null @@ -1,1417 +0,0 @@ -From 2c351af58d1ba5581a95ed02d38fdc8dd904ad7b Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 28 Oct 2014 17:16:18 -0400 -Subject: [PATCH 1/2] kerberos: maintain one long-lasting object manager client - to kerberos service - -At the moment, the kerberos backend creates one object manager to the -kerberos identity service per provider object. Provider objects are actually -fairly transient and get created and destroyed, in some cases, per operation -on an account. The upshot is, object manager clients end up getting created -more frequently than they really should be. To make matters worse, the kerberos -provider has no finalize function, so these object manager clients are getting -leaked. - -This commit makes the object manager client get created once at start up, -and get reused by all providers. Since there's only one object manager, -rooted in the main thread, using the main thread's main loop context -now, the per-thread synchronous codepaths can't call object manager async -functions using a local main loop context. They do this, at the moment, because -there are async, main thread code paths that also need to talk to the -kerberos service. The local main loop context provides a way to call the -async code synchronously, and prevent duplication of logic. - -This commit gets rid of all the local main loop contexts, and instead uses -sync functions. To prevent duplication of logic, the async code now -leverages the sync code, in a thread. ---- - src/goabackend/goakerberosprovider.c | 963 +++++++++++++---------------------- - 1 file changed, 345 insertions(+), 618 deletions(-) - -diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c -index f9c54cd4f79c..2eb6b677ab22 100644 ---- a/src/goabackend/goakerberosprovider.c -+++ b/src/goabackend/goakerberosprovider.c -@@ -41,8 +41,6 @@ struct _GoaKerberosProvider - { - /*< private >*/ - GoaProvider parent_instance; -- GoaIdentityServiceManager *identity_manager; -- GDBusObjectManager *object_manager; - }; - - typedef struct _GoaKerberosProviderClass GoaKerberosProviderClass; -@@ -52,6 +50,35 @@ struct _GoaKerberosProviderClass - GoaProviderClass parent_class; - }; - -+static GoaIdentityServiceManager *identity_manager; -+static GMutex identity_manager_mutex; -+static GCond identity_manager_condition; -+ -+static GDBusObjectManager *object_manager; -+static GMutex object_manager_mutex; -+static GCond object_manager_condition; -+ -+static void ensure_identity_manager (void); -+static void ensure_object_manager (void); -+ -+static char *sign_in_identity_sync (GoaKerberosProvider *self, -+ const char *identifier, -+ const char *password, -+ const char *preauth_source, -+ GCancellable *cancellable, -+ GError **error); -+static void sign_in_thread (GSimpleAsyncResult *result, -+ GoaKerberosProvider *self, -+ GCancellable *cancellable); -+static GoaIdentityServiceIdentity *get_identity_from_object_manager (GoaKerberosProvider *self, -+ const char *identifier); -+static gboolean dbus_proxy_reload_properties_sync (GDBusProxy *proxy, -+ GCancellable *cancellable); -+ -+static void goa_kerberos_provider_module_init (void); -+static void create_object_manager (void); -+static void create_identity_manager (void); -+ - /** - * SECTION:goakerberosprovider - * @title: GoaKerberosProvider -@@ -61,12 +88,20 @@ struct _GoaKerberosProviderClass - */ - - G_DEFINE_TYPE_WITH_CODE (GoaKerberosProvider, goa_kerberos_provider, GOA_TYPE_PROVIDER, -+ goa_kerberos_provider_module_init (); - goa_provider_ensure_extension_points_registered (); - g_io_extension_point_implement (GOA_PROVIDER_EXTENSION_POINT_NAME, - g_define_type_id, - GOA_KERBEROS_NAME, - 0)); - -+static void -+goa_kerberos_provider_module_init (void) -+{ -+ create_object_manager (); -+ create_identity_manager (); -+} -+ - static const gchar * - get_provider_type (GoaProvider *provider) - { -@@ -189,359 +224,6 @@ clear_entry_validation_error (GtkEntry *entry) - } - - static void --on_identity_signed_in (GoaIdentityServiceManager *manager, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- gboolean signed_in; -- GError *error; -- char *identity_object_path; -- -- error = NULL; -- signed_in = goa_identity_service_manager_call_sign_in_finish (manager, -- &identity_object_path, -- result, -- &error); -- -- if (!signed_in) -- { -- translate_error (&error); -- -- if (g_error_matches (error, -- G_IO_ERROR, -- G_IO_ERROR_CANCELLED)) -- { -- g_clear_error (&error); -- g_set_error_literal (&error, -- GOA_ERROR, -- GOA_ERROR_DIALOG_DISMISSED, -- ""); -- } -- -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- g_simple_async_result_set_op_res_gpointer (operation_result, -- g_strdup (identity_object_path), -- (GDestroyNotify) -- g_free); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); --} -- --static void --on_identity_manager_ensured (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- GoaIdentityServiceManager *manager; -- GError *error; -- -- error = NULL; -- manager = goa_identity_service_manager_proxy_new_for_bus_finish (result, &error); -- if (manager == NULL) -- { -- translate_error (&error); -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- g_simple_async_result_set_op_res_gpointer (operation_result, -- g_object_ref (manager), -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); --} -- --static void --ensure_identity_manager (GoaKerberosProvider *self, -- GCancellable *cancellable, -- GAsyncReadyCallback callback, -- gpointer user_data) --{ -- GSimpleAsyncResult *operation_result; -- -- operation_result = g_simple_async_result_new (G_OBJECT (self), -- callback, -- user_data, -- ensure_identity_manager); -- g_simple_async_result_set_check_cancellable (operation_result, cancellable); -- -- g_object_set_data (G_OBJECT (operation_result), -- "cancellable", -- cancellable); -- -- if (self->identity_manager != NULL) -- { -- g_simple_async_result_set_op_res_gpointer (operation_result, -- g_object_ref (self->identity_manager), -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- goa_identity_service_manager_proxy_new_for_bus (G_BUS_TYPE_SESSION, -- G_DBUS_PROXY_FLAGS_NONE, -- "org.gnome.Identity", -- "/org/gnome/Identity/Manager", -- cancellable, -- (GAsyncReadyCallback) -- on_identity_manager_ensured, -- operation_result); --} -- --static void --on_object_manager_ensured (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- GDBusObjectManager *manager; -- GError *error; -- -- error = NULL; -- manager = goa_identity_service_object_manager_client_new_for_bus_finish (result, &error); -- if (manager == NULL) -- { -- translate_error (&error); -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- g_simple_async_result_set_op_res_gpointer (operation_result, -- g_object_ref (manager), -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); --} -- --static void --ensure_object_manager (GoaKerberosProvider *self, -- GCancellable *cancellable, -- GAsyncReadyCallback callback, -- gpointer user_data) --{ -- GSimpleAsyncResult *operation_result; -- -- operation_result = g_simple_async_result_new (G_OBJECT (self), -- callback, -- user_data, -- ensure_object_manager); -- g_simple_async_result_set_check_cancellable (operation_result, cancellable); -- -- g_object_set_data (G_OBJECT (operation_result), -- "cancellable", -- cancellable); -- -- if (self->object_manager != NULL) -- { -- g_simple_async_result_set_op_res_gpointer (operation_result, -- g_object_ref (self->object_manager), -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- goa_identity_service_object_manager_client_new_for_bus (G_BUS_TYPE_SESSION, -- G_DBUS_OBJECT_MANAGER_CLIENT_FLAGS_NONE, -- "org.gnome.Identity", -- "/org/gnome/Identity", -- cancellable, -- (GAsyncReadyCallback) -- on_object_manager_ensured, -- operation_result); --} -- --static void --on_secret_keys_exchanged_for_sign_in (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- const char *identifier; -- const char *password; -- const char *preauth_source; -- GCancellable *cancellable; -- GError *error; -- GVariantBuilder details; -- -- error = NULL; -- -- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), -- &error)) -- { -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable"); -- password = g_object_get_data (G_OBJECT (operation_result), "password"); -- preauth_source = g_object_get_data (G_OBJECT (operation_result), "preauthentication-source"); -- identifier = g_simple_async_result_get_source_tag (operation_result); -- -- g_variant_builder_init (&details, G_VARIANT_TYPE ("a{ss}")); -- -- if (password != NULL) -- { -- GcrSecretExchange *secret_exchange; -- char *secret; -- -- secret_exchange = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); -- -- secret = gcr_secret_exchange_send (secret_exchange, password, -1); -- g_variant_builder_add (&details, "{ss}", "initial-password", secret); -- g_free (secret); -- } -- -- if (preauth_source != NULL) -- { -- g_variant_builder_add (&details, "{ss}", "preauthentication-source", preauth_source); -- } -- -- goa_identity_service_manager_call_sign_in (self->identity_manager, -- identifier, -- g_variant_builder_end (&details), -- cancellable, -- (GAsyncReadyCallback) -- on_identity_signed_in, -- operation_result); --} -- --static void --on_secret_keys_exchanged (GoaIdentityServiceManager *manager, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- GcrSecretExchange *secret_exchange; -- char *return_key; -- GError *error; -- -- secret_exchange = g_simple_async_result_get_source_tag (operation_result); -- -- error = NULL; -- if (!goa_identity_service_manager_call_exchange_secret_keys_finish (manager, -- &return_key, -- result, -- &error)) -- { -- g_object_unref (secret_exchange); -- -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- if (!gcr_secret_exchange_receive (secret_exchange, return_key)) -- { -- g_object_unref (secret_exchange); -- -- g_simple_async_result_set_error (operation_result, -- GCR_ERROR, -- GCR_ERROR_UNRECOGNIZED, -- _("Identity service returned invalid key")); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- g_simple_async_result_set_op_res_gpointer (operation_result, -- secret_exchange, -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); --} -- --static void --exchange_secret_keys (GoaKerberosProvider *self, -- const char *password, -- GCancellable *cancellable, -- GAsyncReadyCallback callback, -- gpointer user_data) --{ -- -- GSimpleAsyncResult *operation_result; -- GcrSecretExchange *secret_exchange; -- char *secret_key; -- -- secret_exchange = gcr_secret_exchange_new (NULL); -- -- operation_result = g_simple_async_result_new (G_OBJECT (self), -- callback, -- user_data, -- secret_exchange); -- -- if (password == NULL) -- { -- g_simple_async_result_complete_in_idle (operation_result); -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- NULL, -- NULL); -- return; -- } -- -- secret_key = gcr_secret_exchange_begin (secret_exchange); -- -- goa_identity_service_manager_call_exchange_secret_keys (self->identity_manager, -- secret_key, -- cancellable, -- (GAsyncReadyCallback) -- on_secret_keys_exchanged, -- operation_result); -- g_free (secret_key); --} -- --static void --on_identity_manager_ensured_for_sign_in (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- GoaIdentityServiceManager *manager; -- const char *password; -- GCancellable *cancellable; -- GError *error; -- -- error = NULL; -- -- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), -- &error)) -- { -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- manager = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); -- -- if (self->identity_manager == NULL) -- self->identity_manager = g_object_ref (manager); -- -- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable"); -- password = g_object_get_data (G_OBJECT (operation_result), "password"); -- -- exchange_secret_keys (self, -- password, -- cancellable, -- (GAsyncReadyCallback) -- on_secret_keys_exchanged_for_sign_in, -- operation_result); --} -- --static void - sign_in_identity (GoaKerberosProvider *self, - const char *identifier, - const char *password, -@@ -567,116 +249,15 @@ sign_in_identity (GoaKerberosProvider *self, - "password", - (gpointer) - password); -- - g_object_set_data_full (G_OBJECT (operation_result), - "preauthentication-source", - g_strdup (preauth_source), - g_free); -- -- ensure_identity_manager (self, -- cancellable, -- (GAsyncReadyCallback) -- on_identity_manager_ensured_for_sign_in, -- operation_result); --} -- --static void --on_object_manager_ensured_for_look_up (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- GDBusObjectManager *manager; -- const char *identifier; -- GList *objects, *node; -- GError *error; -- gboolean found; -- -- error = NULL; -- found = FALSE; -- -- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), -- &error)) -- { -- -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- manager = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); -- -- if (self->object_manager == NULL) -- self->object_manager = g_object_ref (manager); -- -- identifier = g_simple_async_result_get_source_tag (operation_result); -- -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- NULL, -- NULL); -- objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (self->object_manager)); -- -- for (node = objects; node != NULL; node = node->next) -- { -- GoaIdentityServiceIdentity *candidate_identity; -- const char *candidate_identifier; -- GDBusObject *object; -- -- object = node->data; -- -- candidate_identity = GOA_IDENTITY_SERVICE_IDENTITY (g_dbus_object_get_interface (object, "org.gnome.Identity")); -- -- if (candidate_identity == NULL) -- continue; -- -- candidate_identifier = goa_identity_service_identity_get_identifier (candidate_identity); -- -- if (g_strcmp0 (candidate_identifier, identifier) == 0) -- { -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- candidate_identity, -- (GDestroyNotify) -- g_object_unref); -- found = TRUE; -- break; -- } -- -- g_object_unref (candidate_identity); -- } -- -- if (!found) -- g_simple_async_result_set_error (operation_result, GOA_ERROR, GOA_ERROR_FAILED, "Failed to find an identity"); -- -- g_list_free_full (objects, (GDestroyNotify) g_object_unref); -- g_simple_async_result_complete_in_idle (G_SIMPLE_ASYNC_RESULT (operation_result)); -- g_object_unref (operation_result); --} -- --static void --look_up_identity (GoaKerberosProvider *self, -- const char *identifier, -- GCancellable *cancellable, -- GAsyncReadyCallback callback, -- gpointer user_data) --{ -- GSimpleAsyncResult *operation_result; -- -- operation_result = g_simple_async_result_new (G_OBJECT (self), -- callback, -- user_data, -- (gpointer) -- identifier); -- -- g_simple_async_result_set_check_cancellable (operation_result, cancellable); -- -- g_object_set_data (G_OBJECT (operation_result), -- "cancellable", -- cancellable); -- ensure_object_manager (self, -- cancellable, -- (GAsyncReadyCallback) -- on_object_manager_ensured_for_look_up, -- operation_result); -+ g_simple_async_result_run_in_thread (operation_result, -+ (GSimpleAsyncThreadFunc) -+ sign_in_thread, -+ G_PRIORITY_DEFAULT, -+ cancellable); - } - - static void -@@ -703,13 +284,14 @@ get_ticket_sync (GoaKerberosProvider *self, - { - GVariant *credentials; - GError *lookup_error; -+ GError *sign_in_error; - GoaAccount *account; - GoaTicketing *ticketing; - GVariant *details; - const char *identifier; - const char *password; - const char *preauth_source; -- SignInRequest request; -+ char *object_path = NULL; - gboolean ret; - - ret = FALSE; -@@ -758,31 +340,24 @@ get_ticket_sync (GoaKerberosProvider *self, - } - } - -- memset (&request, 0, sizeof (SignInRequest)); -- request.loop = g_main_loop_new (g_main_context_get_thread_default (), FALSE); -- request.error = NULL; -- -- sign_in_identity (self, -- identifier, -- password, -- preauth_source, -- cancellable, -- (GAsyncReadyCallback) -- on_account_signed_in, -- &request); -- -- g_main_loop_run (request.loop); -- g_main_loop_unref (request.loop); -+ sign_in_error = NULL; -+ object_path = sign_in_identity_sync (self, -+ identifier, -+ password, -+ preauth_source, -+ cancellable, -+ &sign_in_error); - -- if (request.error != NULL) -+ if (sign_in_error != NULL) - { -- g_propagate_error (error, request.error); -+ g_propagate_error (error, sign_in_error); - goto out; - } - - ret = TRUE; - out: - g_clear_object (&ticketing); -+ g_free (object_path); - - if (credentials != NULL) - g_variant_unref (credentials); -@@ -1764,106 +1339,39 @@ show_account (GoaProvider *provider, - _("Network _Resources")); - } - --static void --on_identity_looked_up (GoaKerberosProvider *provider, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) --{ -- -- GoaIdentityServiceIdentity *identity; -- GError *error; -- -- error = NULL; -- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error)) -- { -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- identity = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); -- if (identity != NULL) -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- g_object_ref (identity), -- (GDestroyNotify) -- g_object_unref); -- else -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- NULL, -- NULL); -- -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); --} -- --static void --on_identity_looked_up_to_ensure_credentials (GoaKerberosProvider *self, -- GAsyncResult *result, -- GSimpleAsyncResult *operation_result) -+static gboolean -+dbus_proxy_reload_properties_sync (GDBusProxy *proxy, -+ GCancellable *cancellable) - { -- -- GoaIdentityServiceIdentity *identity; -- GError *error; -- GoaObject *object; -- GoaAccount *account; -- const char *identifier; -- GCancellable *cancellable; -- -- error = NULL; -- if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), &error)) -- { -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- identity = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); -- -- if (identity != NULL && goa_identity_service_identity_get_is_signed_in (identity)) -+ GVariant *result; -+ char *name; -+ GVariant *value; -+ GVariantIter *iter; -+ -+ result = g_dbus_connection_call_sync (g_dbus_proxy_get_connection (proxy), -+ g_dbus_proxy_get_name_owner (proxy), -+ g_dbus_proxy_get_object_path (proxy), -+ "org.freedesktop.DBus.Properties", -+ "GetAll", -+ g_variant_new ("(s)", g_dbus_proxy_get_interface_name (proxy)), -+ G_VARIANT_TYPE ("(a{sv})"), -+ G_DBUS_CALL_FLAGS_NONE, -+ -1, -+ cancellable, -+ NULL); -+ if (result == NULL) -+ return FALSE; -+ -+ g_variant_get (result, "(a{sv})", &iter); -+ while (g_variant_iter_next (iter, "{sv}", &name, &value)) - { -- g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (operation_result), -- g_object_ref (identity), -- (GDestroyNotify) -- g_object_unref); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -- } -- -- object = GOA_OBJECT (g_async_result_get_source_object (G_ASYNC_RESULT (operation_result))); -- cancellable = g_object_get_data (G_OBJECT (operation_result), "cancellable"); -+ g_dbus_proxy_set_cached_property (proxy, name, value); - -- if (!get_ticket_sync (self, -- object, -- FALSE /* Don't allow interaction */, -- cancellable, -- &error)) -- { -- g_simple_async_result_take_error (operation_result, error); -- g_simple_async_result_complete_in_idle (operation_result); -- g_object_unref (operation_result); -- return; -+ g_free (name); -+ g_variant_unref (value); - } -- -- account = goa_object_peek_account (object); -- identifier = goa_account_get_identity (account); -- -- look_up_identity (self, -- identifier, -- cancellable, -- (GAsyncReadyCallback) -- on_identity_looked_up, -- operation_result); --} -- --static void --on_credentials_ensured (GoaObject *object, -- GAsyncResult *result, -- GMainLoop *loop) --{ -- g_main_loop_quit (loop); -+ g_variant_iter_free (iter); -+ return TRUE; - } - - static gboolean -@@ -1873,65 +1381,57 @@ ensure_credentials_sync (GoaProvider *provider, - GCancellable *cancellable, - GError **error) - { -- GoaIdentityServiceIdentity *identity; -+ GoaIdentityServiceIdentity *identity = NULL; - GoaAccount *account; - const char *identifier; -- GSimpleAsyncResult *operation_result; -- GMainLoop *loop; -- GMainContext *context; - gint64 timestamp; - GDateTime *now, *expiration_time; - GTimeSpan time_span; -- GError *lookup_error; -+ gboolean credentials_ensured = FALSE; - - account = goa_object_peek_account (object); - identifier = goa_account_get_identity (account); - -- context = g_main_context_new (); -- g_main_context_push_thread_default (context); -- loop = g_main_loop_new (context, FALSE); -- operation_result = g_simple_async_result_new (G_OBJECT (object), -- (GAsyncReadyCallback) -- on_credentials_ensured, -- loop, -- ensure_credentials_sync); -- g_simple_async_result_set_check_cancellable (operation_result, cancellable); -- -- g_object_set_data (G_OBJECT (operation_result), -- "cancellable", -- cancellable); -+ ensure_identity_manager (); - -- g_object_ref (operation_result); -- look_up_identity (GOA_KERBEROS_PROVIDER (provider), -- identifier, -- cancellable, -- (GAsyncReadyCallback) -- on_identity_looked_up_to_ensure_credentials, -- operation_result); -+ g_mutex_lock (&identity_manager_mutex); -+ identity = get_identity_from_object_manager (GOA_KERBEROS_PROVIDER (provider), -+ identifier); - -- g_main_loop_run (loop); -- g_main_loop_unref (loop); -- -- g_main_context_pop_thread_default (context); -- g_main_context_unref (context); -+ if (identity != NULL) -+ { -+ if (!dbus_proxy_reload_properties_sync (G_DBUS_PROXY (identity), cancellable)) -+ g_clear_object (&identity); -+ } - -- lookup_error = NULL; -- if (g_simple_async_result_propagate_error (operation_result, &lookup_error)) -+ if (identity == NULL || !goa_identity_service_identity_get_is_signed_in (identity)) - { -- translate_error (&lookup_error); -- g_set_error_literal (error, -- GOA_ERROR, -- GOA_ERROR_NOT_AUTHORIZED, -- lookup_error->message); -- g_error_free (lookup_error); -- g_object_unref (operation_result); -- return FALSE; -+ gboolean ticket_synced; -+ -+ g_mutex_unlock (&identity_manager_mutex); -+ ticket_synced = get_ticket_sync (GOA_KERBEROS_PROVIDER (provider), -+ object, -+ FALSE /* Don't allow interaction */, -+ cancellable, -+ error); -+ g_mutex_lock (&identity_manager_mutex); -+ -+ if (!ticket_synced) -+ goto out; -+ -+ if (identity == NULL) -+ identity = get_identity_from_object_manager (GOA_KERBEROS_PROVIDER (provider), -+ identifier); - } - -- identity = g_simple_async_result_get_op_res_gpointer (operation_result); -+ if (identity == NULL) -+ goto out; -+ -+ dbus_proxy_reload_properties_sync (G_DBUS_PROXY (identity), cancellable); - - now = g_date_time_new_now_local (); - timestamp = goa_identity_service_identity_get_expiration_timestamp (identity); -+ - expiration_time = g_date_time_new_from_unix_local (timestamp); - time_span = g_date_time_difference (expiration_time, now); - -@@ -1941,12 +1441,239 @@ ensure_credentials_sync (GoaProvider *provider, - time_span = 0; - - *out_expires_in = (int) time_span; -+ credentials_ensured = TRUE; - - g_date_time_unref (now); - g_date_time_unref (expiration_time); -- g_object_unref (operation_result); - -- return TRUE; -+out: -+ g_clear_object (&identity); -+ g_mutex_unlock (&identity_manager_mutex); -+ return credentials_ensured; -+} -+ -+static GoaIdentityServiceIdentity * -+get_identity_from_object_manager (GoaKerberosProvider *self, -+ const char *identifier) -+{ -+ GoaIdentityServiceIdentity *identity = NULL; -+ GList *objects, *node; -+ -+ ensure_object_manager (); -+ -+ g_mutex_lock (&object_manager_mutex); -+ objects = g_dbus_object_manager_get_objects (G_DBUS_OBJECT_MANAGER (object_manager)); -+ -+ for (node = objects; node != NULL; node = node->next) -+ { -+ GoaIdentityServiceIdentity *candidate_identity; -+ const char *candidate_identifier; -+ GDBusObject *object; -+ -+ object = node->data; -+ -+ candidate_identity = GOA_IDENTITY_SERVICE_IDENTITY (g_dbus_object_get_interface (object, "org.gnome.Identity")); -+ -+ if (candidate_identity == NULL) -+ continue; -+ -+ candidate_identifier = goa_identity_service_identity_get_identifier (candidate_identity); -+ -+ if (g_strcmp0 (candidate_identifier, identifier) == 0) -+ { -+ identity = candidate_identity; -+ break; -+ } -+ -+ g_object_unref (candidate_identity); -+ } -+ -+ g_list_free_full (objects, (GDestroyNotify) g_object_unref); -+ g_mutex_unlock (&object_manager_mutex); -+ -+ return identity; -+} -+ -+static char * -+sign_in_identity_sync (GoaKerberosProvider *self, -+ const char *identifier, -+ const char *password, -+ const char *preauth_source, -+ GCancellable *cancellable, -+ GError **error) -+{ -+ GcrSecretExchange *secret_exchange; -+ char *secret_key; -+ char *return_key; -+ char *concealed_secret; -+ char *identity_object_path = NULL; -+ gboolean keys_exchanged; -+ GVariantBuilder details; -+ -+ secret_exchange = gcr_secret_exchange_new (NULL); -+ -+ secret_key = gcr_secret_exchange_begin (secret_exchange); -+ ensure_identity_manager (); -+ -+ g_mutex_lock (&identity_manager_mutex); -+ keys_exchanged = goa_identity_service_manager_call_exchange_secret_keys_sync (identity_manager, -+ secret_key, -+ &return_key, -+ cancellable, -+ error); -+ g_mutex_unlock (&identity_manager_mutex); -+ g_free (secret_key); -+ -+ if (!keys_exchanged) -+ goto out; -+ -+ if (!gcr_secret_exchange_receive (secret_exchange, return_key)) -+ { -+ g_set_error (error, -+ GCR_ERROR, -+ GCR_ERROR_UNRECOGNIZED, -+ _("Identity service returned invalid key")); -+ goto out; -+ } -+ -+ g_variant_builder_init (&details, G_VARIANT_TYPE ("a{ss}")); -+ -+ concealed_secret = gcr_secret_exchange_send (secret_exchange, password, -1); -+ g_variant_builder_add (&details, "{ss}", "initial-password", concealed_secret); -+ g_free (concealed_secret); -+ -+ if (preauth_source != NULL) -+ { -+ g_variant_builder_add (&details, "{ss}", "preauthentication-source", preauth_source); -+ } -+ -+ g_mutex_lock (&identity_manager_mutex); -+ goa_identity_service_manager_call_sign_in_sync (identity_manager, -+ identifier, -+ g_variant_builder_end (&details), -+ &identity_object_path, -+ cancellable, -+ error); -+ g_mutex_unlock (&identity_manager_mutex); -+ -+out: -+ g_object_unref (secret_exchange); -+ return identity_object_path; -+} -+ -+static void -+sign_in_thread (GSimpleAsyncResult *result, -+ GoaKerberosProvider *self, -+ GCancellable *cancellable) -+{ -+ const char *identifier; -+ const char *password; -+ const char *preauth_source; -+ char *object_path; -+ GError *error; -+ -+ identifier = g_simple_async_result_get_source_tag (result); -+ password = g_object_get_data (G_OBJECT (result), "password"); -+ preauth_source = g_object_get_data (G_OBJECT (result), "preauth-source"); -+ -+ error = NULL; -+ object_path = sign_in_identity_sync (self, identifier, password, preauth_source, cancellable, &error); -+ -+ if (object_path == NULL) -+ g_simple_async_result_take_error (result, error); -+ else -+ g_simple_async_result_set_op_res_gpointer (result, object_path, NULL); -+} -+ -+ -+static void -+on_object_manager_created (gpointer object, -+ GAsyncResult *result, -+ GSimpleAsyncResult *operation_result) -+{ -+ GDBusObjectManager *manager; -+ GError *error; -+ -+ error = NULL; -+ manager = goa_identity_service_object_manager_client_new_for_bus_finish (result, &error); -+ if (manager == NULL) -+ { -+ g_warning ("GoaKerberosProvider: Could not connect to identity service: %s", error->message); -+ g_clear_error (&error); -+ return; -+ } -+ -+ g_mutex_lock (&object_manager_mutex); -+ object_manager = manager; -+ g_cond_signal (&object_manager_condition); -+ g_mutex_unlock (&object_manager_mutex); -+} -+ -+static void -+create_object_manager (void) -+{ -+ goa_identity_service_object_manager_client_new_for_bus (G_BUS_TYPE_SESSION, -+ G_DBUS_OBJECT_MANAGER_CLIENT_FLAGS_NONE, -+ "org.gnome.Identity", -+ "/org/gnome/Identity", -+ NULL, -+ (GAsyncReadyCallback) -+ on_object_manager_created, -+ NULL); -+} -+ -+static void -+ensure_object_manager (void) -+{ -+ g_mutex_lock (&object_manager_mutex); -+ while (object_manager == NULL) -+ g_cond_wait (&object_manager_condition, &object_manager_mutex); -+ g_mutex_unlock (&object_manager_mutex); -+} -+ -+static void -+on_identity_manager_created (gpointer identity, -+ GAsyncResult *result, -+ GSimpleAsyncResult *operation_result) -+{ -+ GoaIdentityServiceManager *manager; -+ GError *error; -+ -+ error = NULL; -+ manager = goa_identity_service_manager_proxy_new_for_bus_finish (result, &error); -+ if (manager == NULL) -+ { -+ g_warning ("GoaKerberosProvider: Could not connect to identity service manager: %s", error->message); -+ g_clear_error (&error); -+ return; -+ } -+ -+ g_mutex_lock (&identity_manager_mutex); -+ identity_manager = manager; -+ g_cond_signal (&identity_manager_condition); -+ g_mutex_unlock (&identity_manager_mutex); -+} -+ -+static void -+create_identity_manager (void) -+{ -+ goa_identity_service_manager_proxy_new_for_bus (G_BUS_TYPE_SESSION, -+ G_DBUS_OBJECT_MANAGER_CLIENT_FLAGS_NONE, -+ "org.gnome.Identity", -+ "/org/gnome/Identity/Manager", -+ NULL, -+ (GAsyncReadyCallback) -+ on_identity_manager_created, -+ NULL); -+} -+ -+static void -+ensure_identity_manager (void) -+{ -+ g_mutex_lock (&identity_manager_mutex); -+ while (identity_manager == NULL) -+ g_cond_wait (&identity_manager_condition, &identity_manager_mutex); -+ g_mutex_unlock (&identity_manager_mutex); - } - - static void --- -2.5.0 - - -From 2dbd414c16d8654f0cfccb54fede644b8f3216db Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 28 Oct 2014 17:10:49 -0400 -Subject: [PATCH 2/2] identity: separate identity service off into its own - process - -This commit segregates the kerberos specific functionality off -into its own helper process. - -This has a couple of benefits: - -1) It is actually a better fit for how the code was initially designed, -which was first staged in gnome-settings-daemon with g-o-a talking to -it. Right now we have gnome-online-accounts talking to itself, -in-process, through d-bus, which is suboptimal. - -2) It keeps any leaks or crashes in the kerberos code from bringing down -the whole online accounts daemon. ---- - data/Makefile.am | 8 ++++- - data/org.gnome.Identity.service.in | 3 ++ - src/daemon/Makefile.am | 8 ----- - src/daemon/goadaemon.c | 43 +++++++++++++------------- - src/goaidentity/Makefile.am | 10 +++--- - src/goaidentity/goaidentityservice.c | 2 +- - src/goaidentity/main.c | 59 ++++++++++++++++++++++++++++++++++++ - 7 files changed, 97 insertions(+), 36 deletions(-) - create mode 100644 data/org.gnome.Identity.service.in - create mode 100644 src/goaidentity/main.c - -diff --git a/data/Makefile.am b/data/Makefile.am -index cb30eb8d1391..fb68063c8234 100644 ---- a/data/Makefile.am -+++ b/data/Makefile.am -@@ -14,9 +14,14 @@ gsettings_SCHEMAS = $(gsettings_in_files:.xml.in=.xml) - - servicedir = $(datadir)/dbus-1/services - service_in_files = org.gnome.OnlineAccounts.service.in -+ -+if BUILD_KERBEROS -+service_in_files += org.gnome.Identity.service.in -+endif -+ - service_DATA = $(service_in_files:.service.in=.service) - --$(service_DATA): $(service_in_files) Makefile -+%.service: %.service.in Makefile - @sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@ - - EXTRA_DIST = \ -@@ -29,6 +34,7 @@ EXTRA_DIST = \ - DISTCLEANFILES = \ - $(gsettings_SCHEMAS) \ - org.gnome.OnlineAccounts.service \ -+ org.gnome.Identity.service \ - $(NULL) - - clean-local : -diff --git a/data/org.gnome.Identity.service.in b/data/org.gnome.Identity.service.in -new file mode 100644 -index 000000000000..bd3b03225ab6 ---- /dev/null -+++ b/data/org.gnome.Identity.service.in -@@ -0,0 +1,3 @@ -+[D-BUS Service] -+Name=org.gnome.Identity -+Exec=@libexecdir@/goa-identity-service -diff --git a/src/daemon/Makefile.am b/src/daemon/Makefile.am -index 9fdb11538a4e..8f5352fad39e 100644 ---- a/src/daemon/Makefile.am -+++ b/src/daemon/Makefile.am -@@ -48,14 +48,6 @@ goa_daemon_LDADD = \ - $(TP_LIBS) \ - $(NULL) - --if BUILD_KERBEROS --goa_daemon_LDADD += \ -- $(top_builddir)/src/goaidentity/libgoaidentity.la \ -- $(KRB5_LIBS) \ -- $(GCR_LIBS) \ -- $(NULL) --endif -- - clean-local : - rm -f *~ - -diff --git a/src/daemon/goadaemon.c b/src/daemon/goadaemon.c -index 8074f201ef46..1aa0f18aee45 100644 ---- a/src/daemon/goadaemon.c -+++ b/src/daemon/goadaemon.c -@@ -25,9 +25,6 @@ - #include "goadaemon.h" - #include "goabackend/goabackend.h" - #include "goabackend/goautils.h" --#ifdef GOA_KERBEROS_ENABLED --#include "goaidentity/goaidentityservice.h" --#endif - - struct _GoaDaemon - { -@@ -43,10 +40,6 @@ struct _GoaDaemon - - GoaManager *manager; - --#ifdef GOA_KERBEROS_ENABLED -- GoaIdentityService *identity_service; --#endif -- - guint config_timeout_id; - }; - -@@ -112,10 +105,6 @@ goa_daemon_finalize (GObject *object) - g_object_unref (daemon->object_manager); - g_object_unref (daemon->connection); - --#ifdef GOA_KERBEROS_ENABLED -- g_clear_object (&daemon->identity_service); --#endif -- - G_OBJECT_CLASS (goa_daemon_parent_class)->finalize (object); - } - -@@ -173,15 +162,32 @@ on_file_monitor_changed (GFileMonitor *monitor, - } - } - -+#ifdef GOA_KERBEROS_ENABLED -+static void -+activate_identity_service (GoaDaemon *daemon) -+{ -+ GoaProvider *provider; -+ -+ /* We activate the identity service implicitly by using the kerberos -+ * backend. This way if the kerberos backend isn't enabled, we don't -+ * end up starting the identity service needlessly -+ */ -+ provider = goa_provider_get_for_provider_type (GOA_KERBEROS_NAME); -+ -+ if (provider != NULL) -+ { -+ g_debug ("activated kerberos provider"); -+ g_object_unref (provider); -+ } -+} -+#endif -+ - static void - goa_daemon_init (GoaDaemon *daemon) - { - static volatile GQuark goa_error_domain = 0; - GoaObjectSkeleton *object; - gchar *path; --#ifdef GOA_KERBEROS_ENABLED -- GError *error = NULL; --#endif - - /* this will force associating errors in the GOA_ERROR error domain - * with org.freedesktop.Goa.Error.* errors via g_dbus_error_register_error_domain(). -@@ -228,14 +234,7 @@ goa_daemon_init (GoaDaemon *daemon) - g_dbus_object_manager_server_set_connection (daemon->object_manager, daemon->connection); - - #ifdef GOA_KERBEROS_ENABLED -- daemon->identity_service = goa_identity_service_new (); -- if (!goa_identity_service_activate (daemon->identity_service, -- &error)) -- { -- g_warning ("Error activating identity service: %s", error->message); -- g_error_free (error); -- g_clear_object (&daemon->identity_service); -- } -+ activate_identity_service (daemon); - #endif - } - -diff --git a/src/goaidentity/Makefile.am b/src/goaidentity/Makefile.am -index 8e11f6d596da..537287a2cca3 100644 ---- a/src/goaidentity/Makefile.am -+++ b/src/goaidentity/Makefile.am -@@ -47,6 +47,7 @@ identity_sources = \ - goakerberosidentity.c \ - goakerberosidentityinquiry.c \ - goakerberosidentitymanager.c \ -+ main.c \ - $(NULL) - - identity_dbus_built_sources = \ -@@ -95,23 +96,24 @@ BUILT_SOURCES += $(realmd_dbus_built_sources) - EXTRA_DIST += org.freedesktop.realmd.xml - - if BUILD_KERBEROS --noinst_LTLIBRARIES = libgoaidentity.la -+libexec_PROGRAMS = goa-identity-service - --libgoaidentity_la_SOURCES = \ -+goa_identity_service_SOURCES = \ - goaidentityenumtypes.h goaidentityenumtypes.c \ - $(identity_dbus_built_sources) \ - $(realmd_dbus_built_sources) \ - $(identity_sources) \ - $(NULL) - --libgoaidentity_la_CFLAGS = \ -+goa_identity_service_CFLAGS = \ - $(GLIB_CFLAGS) \ - $(GTK_CFLAGS) \ - $(KRB5_CFLAGS) \ - $(GCR_CFLAGS) \ - $(NULL) - --libgoaidentity_la_LIBADD = \ -+goa_identity_service_LDADD = \ -+ $(top_builddir)/src/goa/libgoa-1.0.la \ - $(GLIB_LIBS) \ - $(GTK_LIBS) \ - $(KRB5_LIBS) \ -diff --git a/src/goaidentity/goaidentityservice.c b/src/goaidentity/goaidentityservice.c -index 38bbde6a7d93..6b6225adbc61 100644 ---- a/src/goaidentity/goaidentityservice.c -+++ b/src/goaidentity/goaidentityservice.c -@@ -1757,7 +1757,7 @@ on_name_lost (GDBusConnection *connection, - GoaIdentityService *self) - { - if (g_strcmp0 (name, "org.gnome.Identity") == 0) -- g_debug ("GoaIdentityService: Lost name org.gnome.Identity"); -+ raise (SIGTERM); - } - - gboolean -diff --git a/src/goaidentity/main.c b/src/goaidentity/main.c -new file mode 100644 -index 000000000000..2de35acfc561 ---- /dev/null -+++ b/src/goaidentity/main.c -@@ -0,0 +1,59 @@ -+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ -+/* -+ * Copyright (C) 2014 Red Hat, Inc. -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General -+ * Public License along with this library; if not, see . -+ */ -+ -+#include "config.h" -+ -+#include -+#include -+ -+#include -+ -+#include "goaidentityservice.h" -+ -+int -+main (int argc, -+ char **argv) -+{ -+ GMainLoop *loop; -+ GoaIdentityService *service; -+ GError *error; -+ int ret = 1; -+ -+ loop = g_main_loop_new (NULL, FALSE); -+ service = goa_identity_service_new (); -+ -+ error = NULL; -+ goa_identity_service_activate (service, &error); -+ -+ if (error != NULL) { -+ g_warning ("couldn't activate identity service: %s", error->message); -+ g_error_free (error); -+ goto out; -+ } -+ -+ g_main_loop_run (loop); -+ -+ goa_identity_service_deactivate (service); -+ -+ ret = 0; -+out: -+ g_object_unref (service); -+ g_main_loop_unref (loop); -+ -+ return ret; -+} --- -2.5.0 - diff --git a/SOURCES/kerberos-smartcard.patch b/SOURCES/kerberos-smartcard.patch deleted file mode 100644 index c52c4e7..0000000 --- a/SOURCES/kerberos-smartcard.patch +++ /dev/null @@ -1,589 +0,0 @@ -From fa3d138dbfe874fda8ede8b1153cfaa92dc404e4 Mon Sep 17 00:00:00 2001 -From: Ray Strode -Date: Tue, 21 Oct 2014 10:38:17 -0400 -Subject: [PATCH 1/2] ticketing: add new details property - -This commit adds a new "details" variant for attaching metadata -about tickets getting requested via the ticketing interface. - -This will give the kerberos account provider a place to tuck away -kerberos-specific preauthentication configuration for the tickets -associated with smartcard backed kerberos accounts. ---- - data/dbus-interfaces.xml | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/data/dbus-interfaces.xml b/data/dbus-interfaces.xml -index 5bf26e9dca69..fa8b18c9a817 100644 ---- a/data/dbus-interfaces.xml -+++ b/data/dbus-interfaces.xml -@@ -726,6 +726,8 @@ - ticketing capabilities. - --> - -+ -+ -