[gnome-keyring] Add patch to fix repeated SSH agent requests
David King
amigadave at fedoraproject.org
Sun Mar 8 19:14:57 UTC 2015
commit 87294d377096a5542781cd6316464eccea2f16e8
Author: David King <amigadave at amigadave.com>
Date: Sun Mar 8 18:57:13 2015 +0000
Add patch to fix repeated SSH agent requests
https://bugzilla.gnome.org/show_bug.cgi?id=744280
gnome-keyring-3.15.90-fix-ssh-agent.patch | 56 +++++++++++++++++++++++++++++++
gnome-keyring.spec | 8 ++++-
2 files changed, 63 insertions(+), 1 deletion(-)
---
diff --git a/gnome-keyring-3.15.90-fix-ssh-agent.patch b/gnome-keyring-3.15.90-fix-ssh-agent.patch
new file mode 100644
index 0000000..cc6c956
--- /dev/null
+++ b/gnome-keyring-3.15.90-fix-ssh-agent.patch
@@ -0,0 +1,56 @@
+From 06422ea18cebfd6d4d554d01445eafb3d140d6b8 Mon Sep 17 00:00:00 2001
+From: Christophe Fergeau <cfergeau at redhat.com>
+Date: Fri, 6 Mar 2015 10:36:04 +0100
+Subject: Revert "ssh-agent: Fix leak in search_keys_like_attributes()"
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This reverts commit d177a8b5353f3156ab504f39c20753d6786e5e4d.
+
+This breaks the ssh agent as this causes it to fail to remember unlocked
+keys, and to always ask for a key passphrase when attempting an ssh
+connection.
+From https://bugzilla.gnome.org/show_bug.cgi?id=744280 :
+« ssh foo.example.com is always asking to unlock the corresponding key
+while before this commit this works fine.
+
+gkd-ssh-agent-ops.c:op_sign_request has:
+result = unlock_and_sign (session, key, mech, hash, n_hash, &n_result,
+&error);
+g_object_unref (session);
+g_object_unref (key);
+
+After the leak fix mentioned above, unreffing 'key' causes the last
+reference to be released, so it's destroyed, and this locks the just
+unlocked key.
+Removing the g_object_unref() avoids this issue, but readds a leak. I
+assume 'key' should be added somewhere so that it's kept alive, but I'm
+not really sure where/how »
+
+diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c
+index 2b30747..d70875c 100644
+--- a/daemon/ssh-agent/gkd-ssh-agent-ops.c
++++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c
+@@ -139,7 +139,6 @@ search_keys_like_attributes (GList *modules, GckSession *session, GckAttributes
+ en = gck_modules_enumerate_objects (modules, search, GCK_SESSION_AUTHENTICATE | GCK_SESSION_READ_WRITE);
+
+ for (;;) {
+- gboolean done;
+ object = gck_enumerator_next (en, NULL, &error);
+ if (!object) {
+ if (error) {
+@@ -149,9 +148,7 @@ search_keys_like_attributes (GList *modules, GckSession *session, GckAttributes
+ break;
+ }
+
+- done = !(func) (object, user_data);
+- g_object_unref (object);
+- if (done)
++ if (!(func) (object, user_data))
+ break;
+ }
+
+--
+cgit v0.10.2
+
diff --git a/gnome-keyring.spec b/gnome-keyring.spec
index ae66d82..9d16c31 100644
--- a/gnome-keyring.spec
+++ b/gnome-keyring.spec
@@ -6,12 +6,14 @@
Summary: Framework for managing passwords and other secrets
Name: gnome-keyring
Version: 3.15.90
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+ and LGPLv2+
Group: System Environment/Libraries
#VCS: git:git://git.gnome.org/gnome-keyring
Source: https://download.gnome.org/sources/%{name}/3.15/%{name}-%{version}.tar.xz
URL: https://wiki.gnome.org/Projects/GnomeKeyring
+# https://bugzilla.gnome.org/show_bug.cgi?id=744280
+Patch0: gnome-keyring-3.15.90-fix-ssh-agent.patch
BuildRequires: pkgconfig(dbus-1) >= %{dbus_version}
BuildRequires: pkgconfig(gcr-3) >= %{gcr_version}
@@ -51,6 +53,7 @@ automatically unlock the "login" keyring when the user logs in.
%prep
%setup -q -n gnome-keyring-%{version}
+%patch0 -p1
%build
%configure \
@@ -107,6 +110,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas >&/dev/null || :
%changelog
+* Sun Mar 08 2015 David King <amigadave at amigadave.com> - 3.15.90-2
+- Add patch to fix repeated SSH agent requests
+
* Thu Feb 26 2015 David King <amigadave at amigadave.com> - 3.15.90-1
- Update to 3.15.90
- Update URL
More information about the scm-commits
mailing list