ANNOUNCEMENT: gnome-keyring 2.29.4



gnome-keyring is the part of the GNOME Desktop that saves your passwords
and encryption keys securely.

This is an unstable release for testing and development.


Important Notes:
================

    * gnome-keyring-daemon no longer supports the old protocol
      for accessing secrets or passwords. A new DBus API called
      'Secret Service' is implemented. The new libgnome-keyring
      abstracts this change in a mostly transparent way.

    * libgnome-keyring is no longer bundled. It is distributed
      separately.

    * GTK+ 2.18 is now required.

    * The XDG autostart files are used more extensively to
      startup and control what components of the daemon run.

    * Some helpful notes for distributors:
      http://live.gnome.org/GnomeKeyring/Distributors


Changes between 2.28.2 and 2.29.4:
==================================

     * Refactor how the daemon starts up.
     * Allow init with already present environment variables,
       using --start.
     * Install autostart files for each component of the daemon.
     * New DBus Secret Service API for accessing passwords and secrets.
     * Old protocol for accessing secrets is no longer present.
     * libgnome-keyring is now its own module, and no longer bundled
       with gnome-keyring.
     * Use normal GtkEntry when prompting for passwords.
     * Requires GTK+ 2.18
     * Implement new more flexible control protocol for pam and startup.
     * Complete more of the gp11 PKCS#11 wrapper library.
     * Implement AES key wrapping and unwrapping in PKCS#11 components.
     * Implement DH key generation and derivation in PKCS#11 components.
     * Integrate testing of PKCS#11 components via p11-tests.
     * Implement PKCS#11 component for storing 'keyring' style secrets.
     * Don't complain if we can't set session environment variables.
     * When running a debug build, warnings are fatal.
     * Refactor testing.
     * Encrypted channel for password with prompting dialog.


Details of changes between 2.28.1 and 2.29.4:
=============================================

Eric Sesterhenn (1):
      [gp11] Fix memory leak in gp11_slot_get_token_info()

Ivar Smolin (1):
      Updating Estonian translation

Kjartan Maraas (1):
      Updated Norwegian bokmål translation.

Leonid Kanter (1):
      Updated Russian translation

Manoj Kumar Giri (2):
      Updated Hindi Translation on behalf of Rajesh Ranjan
      Added entries for Hindi Translation updated by Rajesh Ranjan

Mattias Põldaru (1):
      Updating Estonian translation

Runa Bhattacharjee (1):
      Updated Bengali India Translations

Stef Walter (271):
      Add a rough draft of the secrets interfaces.
      Ignore built files
      Add build support for eggdbus interfaces.
      Spec out the remainder of the stuff in the api.
      Build docs for the secrets API.
      Complete most of the secrets API documentation.
      API changes: add error codes, add Created Modified properties.
      Move lookup executable path from pid into common code.
      Ignore more built files
      Use proper functions to free secure memory.
      Add missing header.
      Fix linking problem on FreeBSD.
      Fixed problem with RSA key sizes that were not a multiple of 8.
      Make "Password: " prompt be translated in pam module.
      Add only_if= option to pam module, can limit services enabled for.
      Message when gck-ssh-agent-standalone (test binary) used wrong.
      Add build support for eggdbus interfaces.
      Build docs for the secrets API.
      Merge branch 'master' into dbus-api
      Combine entire DBus definition into a single file.
      Remove == bashisms from 'test' calls configure.
      Release version 2.26.3
      Add support in pam module for use_authtok
      Don't be as strict with reserved/unused areas in keyrings.
      Parse, but don't use non-utf8 secrets in keyrings.
      Cleanup tests, hook into 'make check'.
      Make gkr_proto_get_raw_secret work as null-terminated when poss.
      Fix tests so they work from 'make distwcheck'
      Release version 2.27.4
      Add support for thread timers.
      Add support for parsing and storing time attributes.
      Add support for auto destructing session objects.
      Make standalone socket in a directory we know exists: /tmp
      Add support for lifetime constrained identities.
      Use .ui files directly now that they're supported by glade.
      Update translatable files for last change
      Figure out CKA_TOKEN for a PKCS#11 object based on manager.
      [gck] PKCS#11 objects now track the module they're in.
      [gck] Add helper function to parse bool attribute.
      [gck] Add support for transient PKCS#11 objects.
      [gck] Add authenticator objects for storing authenticated state.
      [gck] Tweak authenticator enumerator to return boolean.
      [gck] Don't map object identifiers in plex layer.
      [gck] Pass session to get/set attribute functions.
      [daemon, ssh-agent] Use authenticator objs instead of auth-cache.
      [gck] Write files without group or world permissions.
      [tests] Fix some minor memory leaks in unit tests.
      Merge branch 'master' into dbus-api
      [secrets] Move secrets api to top level in source tree.
      [roots] Properly initialize certificate parent klass.
      [secrets] Implement some smaller bits of secrets-store.
      [secrets] Add skeleton of search object.
      [secrets] Port over some parts of the keyring parsing.
      [secrets] Fix up some of the basic module stuff for secret-store.
      [secret] Add standalone module for secrets-store.
      [secrets] Complete some parts of the secrets fields code.
      [secrets] Distribute necessary header files and use $(srcdir)
      [gck] Add missing function gck_secret_new_from_password()
      [secret-store] Fix erroneous comment on top of unit test.
      [secret-store] Use GckSecret in GckSecretData.
      [gck] More tests for GckSecret, and complete missing functions.
      [secret-store] Additional methods for GckSecretData.
      [gck] Add missing gck_attribute_get_string() function, add tests.
      [secret-store] Complete implementation of GckSecretObject.
      [gck] Add public method to add session object.
      [secret-store] Complete basic GckSecretCollection, and test.
      [secret-store] Complete GckSecretItem functionality, unit tests.
      [secret-store] Implement tests for gck_secret_fields_().
      [secret-store] Add gck_secret_fields_take() functionality.
      [secret-store] Finish up textual reading code, and test.
      [egg] Add missing definition of egg_buffer_uninit_steal()
      [secret-store] Better tests for textual parsing, and fix bugs.
      [secret-store] Complete binary parsing, and write tests.
      [egg] Fix unit test.
      Merge branch 'master' into dbus-api
      [gck] Add gck_secret_equal(), change so NULL secret == ""
      [gck] Authenticator always has a login.
      [secret-store] Complete loading/unlocking for GckSecretCollection.
      [daemon] Refactor dbus code into seperate files.
      [daemon] Add initial framework for DBus Secrets API Service.
      [gck] Fix unit test for GckAuthenticator
      [gck] Add gck_attribute_set_empty() function.
      [gck] Add signals to GckManager, objects added, deleted, changed
      [pkcs11] Move unfinalized stuff out of pkcs11g.h
      [pkcs11, gck] Each GckObject now has manager for life.
      [dbus] Add start of implementation of session object.
      [dbus] Close all sessions for a caller when caller goes away.
      [daemon] Load secret-store component when starting daemon.
      [dbus] Initialize dbus service with pkcs11 slot.
      [dbus] We'll be proxying objects to pkcs11 from GkdSecretsObjects.
      [dbus] Return dbus messages from method/property handlers.
      [dbus] Do our own dispatch of dbus messages.
      [gp11] CK_NOTIFY accepted when opening a session.
      [gck] Don't crash on OpenSession if flags invalid.
      [daemon] Support calling pkcs11 code from mainloop.
      [gp11] Don't fail when allocating zero length value.
      [secret-store] Add proper CKA_CLASS attributes to item/collection
      [secret-store] Load *.keyring instead of *.keyrings files
      [dbus] Add property access, and collection/item mapping.
      [dbus] Add support for Locked, Created, Modified.
      [dbus] Implement support for Attributes property.
      [dbus] Implement the Collection.Items property.
      [secrets-store] Use const pointers when parsing fields attribute.
      [dbus] Refactor property lookups, less duplicated code.
      [dbus] Implement Collections proprerty on Service.
      [dbus] Put in stubs for all methods.
      [dbus] Make property calls handle interfaces better.
      [dbus] Add introspectable XML files.
      [dbus] Add introspection to all our dbus objects.
      Merge branch 'master' into dbus-api
      [secret-store] Mark objects as modifiable.
      [secret-store] Remove write protection from secret store.
      [secret-store] Implement C_SetAttributeValue.
      [gck] Return CKR_ATTRIBUTE_READ_ONLY when attribute exists.
      [secret-store] Only return CKR_USER_NOT_LOGGED_IN when attr valid.
      [dbus] Implement setting of collection and item properties.
      [gck] Separate object creation logic, from PKCS#11 interface.
      [gck] Fix GckManager attribute-changed signal.
      [egg] Null terminate credentials read from /proc
      [secret-store] Complete secret search functionality and tests.
      [gp11] Return added attr from gp11_attributes_add_*
      Merge branch 'master' into dbus-api
      [secret-store] Refresh token objects when creating a search.
      [daemon] Implement SearchItems on collection and service.
      Merge branch 'master' into dbus-api
      Merge branch 'master' into dbus-api
      [egg] Add DH functions for use by IPC.
      [ui] Add very basic unfinished prompt tool.
      [ui] Add titlebar, and buttons to prompt dialog.
      Merge branch 'master' into dbus-api
      [egg] Add spawn with callback functionality.
      [egg] Build in default DH parameters.
      [library] Fix possible memory leak in error condition.
      Merge branch 'master' into dbus-api
      DBus messages can be hanlded without a response.
      Shorter serial number for secrets module.
      Implement basics of prompting for operations.
      Move prompt tool into place, and show prompt text.
      Tons of bug fixes for the prompting.
      Implement prompt password return via encryption.
      Fixes for prompt signals and responses.
      Ignore anjuta files.
      Prompt close and cleanup fixes.
      Fix password and response bugs.
      Return the response text properly from prompt.
      Response is empty if window was closed.
      Perform PKCS#11 login to secret store token.
      Emit Prompt.Completed signal properly.
      Fix prompting problems.
      [gck] Make exposing pkcs11 object part of transaction.
      [gck] Include class name in error message about leaked object.
      [gck] Rename GckFactoryInfo to GckFactory.
      [egg] Move mkdtemp() code into its own file.
      Refactor test directory function calls.
      [gck] Don't crash on misformatted init PKCS#11 init strings.
      [gck] Reorder disposal of sessions and objects.
      [secret-store] Implement creation and deletion of collection.
      [daemon] When --enable-tests, make warnings fatal.
      [dbus] Implement Collection.Delete and Item.Delete
      [gck] Delay checks of whether a new object is a token object.
      [dbus] Implement Collection.CreateItem()
      [dbus] Perform session setenv asynchronously.
      [pkcs11] Don't barf on certificates with unsupported algorithm.
      Merge branch 'master' into dbus-api
      [pkcs11] Fix assertion when comparing attributes.
      Ignore anjuta project files.
      Merge branch 'master' into dbus-api
      [pkcs11] Reorder creation to fix unit tests.
      [pkcs11] Change terminology from 'authenticator' to 'credential.
      [pkcs11] Cleaner way of associating data with credentials.
      [dbus] Rename secrets service to secret service.
      [dbus] Refactor object to dbus path mapping.
      [dbus] Refactor property parsing.
      [pkcs11] Add support for creating credentials without object.
      [dbus] Implement Service.CreateCollection()
      [egg] Add IETF DH groups.
      [pkcs11] Rename current public and private key to 'xsa'
      [pkcs11] Refactor RSA and DSA mechanism support.
      [pkcs11] Use p11-tests to test pkcs#11 modules.
      [pkcs11] Implement DH key pair generation.
      [pkcs11] Add support for AES secret keys and DH derive.
      [pkcs11] Factor out padding functionality, and add pkcs7 padding.
      [pkcs11] Implement AES key wrapping.
      [pkcs11] Refactor object creation.
      [gp11] Implement support for generate, wrap, unwrap, derive.
      [egg] Store DH groups in binary.
      Fix build when p11-tests is not installed.
      Remove ui directory.
      Remove old secrets stuff, which is now in a freedesktop project.
      [pkcs11] Fix assertion when comparing attributes.
      Ignore anjuta project files.
      [daemon] No possibly fatal error when can't unlock login keyring.
      [daemon] Sent output of g_printerr to syslog.
      Merge branch 'master' into dbus-api
      [dbus] Implement getting and setting of secrets.
      Add license to reference documentation.
      [dbus] Return NoSuchObject when a bad collectiont or item path.
      [dbus] Use proper interface names, from spec.
      [dbus] Fix argument order for Completed event.
      [dbus] Implement support for aliases.
      [dbus] Return proper '/' path when no prompt is needed on unlock.
      [gp11] Support same attrs passed for pub/priv to generate_key.
      [dbus] Do session negotiation in OpenSession.
      [dbus] Fix problems with CreateItem and secret transfer.
      Fix methods that were accidentally implemented on wrong ifaces.
      Simplify creation of secret from DH negotiation.
      Add declaration of session dbus interface.
      Cleanup the session implementation, remove unused code.
      [pkcs11] Implement CKM_G_NULL mechanism and CKK_G_NULL key.
      [pkcs11] Fix bugs in DH key generation.
      [dbus] Internal interface for creating collection with passwd
      [dbus] Reorganize path <-> object mapping.
      [dbus] Fix encoding of secret into dbus message.
      [dbus] Fix use of freed memory.
      [dbus] Fix the problem with SetSecret signature.
      [dbus] Refactor collection creation.
      [secret-store] Implement always present 'session' keyring.
      [dbus] Separate SearchItems results into locked/unlocked.
      [dbus] Implement Service.GetSecrets().
      [dbus] Refactor error handling and session lookups.
      [egg] Move padding functionality into egg
      [secret-store] Implement changing of master cred for collection.
      [secret-store] Fix assertion when parsing textual keyring.
      [dbus] Big rework of prompting, unlocking and change lock.
      [dbus] Use constants that come with dbus library.
      [dbus] Update introspect xml data.
      [pkcs11] Fix some shutdown ordering problems.
      Release version 2.28.2
      Bump version number.
      Bump version number to unstable
      Merge branch 'dbus-api'
      [control] Initial implementation of control socket.
      [daemon] Use new control protocol for daemon.
      [gp11] Implement C_InitPIN and C_SetPIN in gp11 library.
      [gp11] gp11_object_get_data null terminates.
      [daemon] Rework control, and implement login keyring support.
      Remove old keyring socket, library and code support.
      [doc] Fix up documentation errors and warnings.
      [prompt] Add original password area to prompter.
      [prompt] Use 'secure' memory for buffer for prompt passwd entries.
      [prompt] Implement password prompting, for blank, and mismatched.
      [prompt] Add the password strength indicator to new prompt.
      [daemon] Large refactoring of prompting for pkcs11 logins.
      [daemon] Rename the dbus component library file.
      [gcr] Link tests to the right egg library file.
      [pkcs11] Fix warning when running tests.
      [po] Fix the translatable file list.
      [daemon] Refactor the startup.
      [prompt] Add some border width.
      Remove conflict lines from old merge
      Rename ItemCreated, ItemDeleted, and move ItemChanged.
      Add org.freedesktop.Secrets.Error.NoSession error.
      Consistently use term fields instead of attributes.
      Rename SearchCollections method to SearchItems.
      Add 'complete' argument to Negotiate method.
      Add more documentation of algorithms.
      Use a dict to return secrets from RetrieveSecrets.
      Rename 'results' arg of SearchItems to 'unlocked'
      Make object paths static for the lifetime of an object.
      [secrets] Add compat functions for acls.
      [secret] Add tests to secret-store component.
      [secret] Add compat function for converting item types.
      [gck, secret-store, user-store] Rename GckLogin to GckSecret.
      [gck, secret-store, user-store] Rename GckLogin to GckSecret.
      [egg] Function for clearing secure memory.
      [secret-store] Add basic incomplete concpet of GckSecretData
      [pkcs11] Fix freeing of unallocated memory in test.
      Ignore more built files
      Fix build warnings.
      Ignore a bunch more built files
      Merge branch 'master' into dbus-api

Sweta Kothari (2):
      Updated Gujarati Translations
      Updated Gujarati Translations

Thomas Thurman (1):
      Shavian translation


Downloads:
==========

Source code:
http://download.gnome.org/sources/gnome-keyring/2.29/gnome-keyring-2.29.4.tar.gz
[MD5 sum: 5fe6d1e6356e5fa9e333bd9696e9a398]

Cheers,
Stef Walter



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]