diff --git a/112.patch b/112.patch new file mode 100644 index 0000000..f17c318 --- /dev/null +++ b/112.patch @@ -0,0 +1,640 @@ +From c492cbfd861bc773cf8b4c15bc722380355fc4b3 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 28 Nov 2022 14:16:09 -0500 +Subject: [PATCH 1/2] kerberos-identity: Attempt to cope with multiple + credential caches per identity + +At the moment the identity service assumes there will just be one +credential cache collection for any given prinicipal. + +This isn't necessarily true though, and the service gets quite +confused when that assumption doesn't hold up. + +This commit attempts to make it cope with the situation better, by +maintaining a hash table of collections per identity. It deems +one of the collections the "active" one and relegates the rest to +be backup if the active one expires and can't be renewed. + +Closes: https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/issues/79 +--- + src/goaidentity/goakerberosidentity.c | 340 ++++++++++++++++++++++---- + 1 file changed, 287 insertions(+), 53 deletions(-) + +diff --git a/src/goaidentity/goakerberosidentity.c b/src/goaidentity/goakerberosidentity.c +index 695396bf..dbb5991d 100644 +--- a/src/goaidentity/goakerberosidentity.c ++++ b/src/goaidentity/goakerberosidentity.c +@@ -33,8 +33,8 @@ + + typedef enum + { ++ VERIFICATION_LEVEL_ERROR = -1, + VERIFICATION_LEVEL_UNVERIFIED, +- VERIFICATION_LEVEL_ERROR, + VERIFICATION_LEVEL_EXISTS, + VERIFICATION_LEVEL_SIGNED_IN + } VerificationLevel; +@@ -46,6 +46,9 @@ struct _GoaKerberosIdentity + krb5_context kerberos_context; + krb5_ccache credentials_cache; + ++ GHashTable *credentials_caches; ++ char *active_credentials_cache_name; ++ + char *identifier; + guint identifier_idle_id; + +@@ -109,6 +112,22 @@ G_DEFINE_TYPE_WITH_CODE (GoaKerberosIdentity, + initable_interface_init) + G_IMPLEMENT_INTERFACE (GOA_TYPE_IDENTITY, + identity_interface_init)); ++ ++static void ++close_credentials_caches (GoaKerberosIdentity *self) ++{ ++ GHashTableIter iter; ++ const char *name; ++ krb5_ccache credentials_cache; ++ ++ g_hash_table_iter_init (&iter, self->credentials_caches); ++ while (g_hash_table_iter_next (&iter, (gpointer *) &name, (gpointer*) &credentials_cache)) ++ { ++ krb5_cc_close (self->kerberos_context, credentials_cache); ++ } ++ g_clear_pointer (&self->active_credentials_cache_name, g_free); ++} ++ + static void + goa_kerberos_identity_dispose (GObject *object) + { +@@ -117,6 +136,8 @@ goa_kerberos_identity_dispose (GObject *object) + G_LOCK (identity_lock); + clear_alarms (self); + g_clear_pointer (&self->preauth_identity_source, g_free); ++ close_credentials_caches (self); ++ g_clear_pointer (&self->credentials_caches, g_hash_table_unref); + G_UNLOCK (identity_lock); + + G_OBJECT_CLASS (goa_kerberos_identity_parent_class)->dispose (object); +@@ -130,9 +151,6 @@ goa_kerberos_identity_finalize (GObject *object) + + g_free (self->identifier); + +- if (self->credentials_cache != NULL) +- krb5_cc_close (self->kerberos_context, self->credentials_cache); +- + G_OBJECT_CLASS (goa_kerberos_identity_parent_class)->finalize (object); + } + +@@ -255,11 +273,15 @@ get_identifier (GoaKerberosIdentity *self, + krb5_error_code error_code; + char *unparsed_name; + char *identifier = NULL; ++ krb5_ccache credentials_cache; + +- if (self->credentials_cache == NULL) ++ if (self->active_credentials_cache_name == NULL) + return NULL; + +- error_code = krb5_cc_get_principal (self->kerberos_context, self->credentials_cache, &principal); ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, ++ self->active_credentials_cache_name); ++ ++ error_code = krb5_cc_get_principal (self->kerberos_context, credentials_cache, &principal); + if (error_code != 0) + { + if (error_code == KRB5_CC_END) +@@ -304,6 +326,7 @@ out: + static void + goa_kerberos_identity_init (GoaKerberosIdentity *self) + { ++ self->credentials_caches = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); + } + + static void +@@ -640,25 +663,31 @@ examine_credentials (GoaKerberosIdentity *self, + } + + static VerificationLevel +-verify_identity (GoaKerberosIdentity *self, +- char **preauth_identity_source, +- GError **error) ++verify_identity_in_credentials_cache (GoaKerberosIdentity *self, ++ char **preauth_identity_source, ++ krb5_ccache credentials_cache, ++ krb5_timestamp *start_time, ++ krb5_timestamp *renewal_time, ++ krb5_timestamp *expiration_time, ++ GError **error) + { + krb5_principal principal = NULL; + krb5_cc_cursor cursor; + krb5_creds credentials; + krb5_error_code error_code; +- krb5_timestamp start_time = 0; +- krb5_timestamp renewal_time = 0; +- krb5_timestamp expiration_time = 0; + VerificationLevel verification_level = VERIFICATION_LEVEL_UNVERIFIED; + +- if (self->credentials_cache == NULL) +- goto out; ++ g_debug ("GoaKerberosIdentity: Verifying identity in credentials cache '%s'", ++ krb5_cc_get_name (self->kerberos_context, credentials_cache)); + +- error_code = krb5_cc_get_principal (self->kerberos_context, self->credentials_cache, &principal); ++ error_code = krb5_cc_get_principal (self->kerberos_context, credentials_cache, &principal); + if (error_code != 0) + { ++ if (error_code == KRB5_CC_END) ++ g_debug ("GoaKerberosIdentity: Credentials cache empty"); ++ else if (error_code == KRB5_FCC_NOFILE) ++ g_debug ("GoaKerberosIdentity: Credentials cache missing"); ++ + if (error_code == KRB5_CC_END || error_code == KRB5_FCC_NOFILE) + goto out; + +@@ -671,7 +700,7 @@ verify_identity (GoaKerberosIdentity *self, + goto out; + } + +- error_code = krb5_cc_start_seq_get (self->kerberos_context, self->credentials_cache, &cursor); ++ error_code = krb5_cc_start_seq_get (self->kerberos_context, credentials_cache, &cursor); + if (error_code != 0) + { + set_and_prefix_error_from_krb5_error_code (self, +@@ -686,17 +715,18 @@ verify_identity (GoaKerberosIdentity *self, + + verification_level = VERIFICATION_LEVEL_UNVERIFIED; + +- error_code = krb5_cc_next_cred (self->kerberos_context, self->credentials_cache, &cursor, &credentials); ++ error_code = krb5_cc_next_cred (self->kerberos_context, credentials_cache, &cursor, &credentials); + while (error_code == 0) + { + if (credentials_validate_existence (self, principal, &credentials)) + { + gboolean credentials_are_expired = TRUE; + +- examine_credentials (self, &credentials, +- &start_time, +- &renewal_time, +- &expiration_time, ++ examine_credentials (self, ++ &credentials, ++ start_time, ++ renewal_time, ++ expiration_time, + &credentials_are_expired); + + if (!credentials_are_expired) +@@ -710,7 +740,7 @@ verify_identity (GoaKerberosIdentity *self, + } + + krb5_free_cred_contents (self->kerberos_context, &credentials); +- error_code = krb5_cc_next_cred (self->kerberos_context, self->credentials_cache, &cursor, &credentials); ++ error_code = krb5_cc_next_cred (self->kerberos_context, credentials_cache, &cursor, &credentials); + } + + if (error_code != KRB5_CC_END) +@@ -722,11 +752,9 @@ verify_identity (GoaKerberosIdentity *self, + GOA_IDENTITY_ERROR_ENUMERATING_CREDENTIALS, + error_code, + _("Could not sift through identity credentials in cache: ")); +- goto end_sequence; + } + +- end_sequence: +- error_code = krb5_cc_end_seq_get (self->kerberos_context, self->credentials_cache, &cursor); ++ error_code = krb5_cc_end_seq_get (self->kerberos_context, credentials_cache, &cursor); + if (error_code != 0) + { + verification_level = VERIFICATION_LEVEL_ERROR; +@@ -739,16 +767,122 @@ verify_identity (GoaKerberosIdentity *self, + "identity credentials in cache: ")); + goto out; + } ++ + out: ++ switch (verification_level) ++ { ++ case VERIFICATION_LEVEL_EXISTS: ++ g_debug ("GoaKerberosIdentity: Credentials in credentials cache '%s' are out of date", ++ krb5_cc_get_name (self->kerberos_context, credentials_cache)); ++ break; ++ ++ case VERIFICATION_LEVEL_SIGNED_IN: ++ g_debug ("GoaKerberosIdentity: Credentials in credentials cache '%s' are valid", ++ krb5_cc_get_name (self->kerberos_context, credentials_cache)); ++ break; ++ ++ case VERIFICATION_LEVEL_UNVERIFIED: ++ g_debug ("GoaKerberosIdentity: Credentials in credentials cache '%s' are missing", ++ krb5_cc_get_name (self->kerberos_context, credentials_cache)); ++ break; ++ ++ case VERIFICATION_LEVEL_ERROR: ++ default: ++ g_debug ("GoaKerberosIdentity: Credentials in credentials cache '%s' could not be validated", ++ krb5_cc_get_name (self->kerberos_context, credentials_cache)); ++ break; ++ } ++ ++ if (principal != NULL) ++ krb5_free_principal (self->kerberos_context, principal); ++ return verification_level; ++} ++ ++static VerificationLevel ++verify_identity (GoaKerberosIdentity *self, ++ char **preauth_identity_source, ++ GError **error) ++{ ++ krb5_ccache credentials_cache; ++ const char *name; ++ krb5_timestamp start_time = 0; ++ krb5_timestamp renewal_time = 0; ++ krb5_timestamp expiration_time = 0; ++ VerificationLevel verification_level = VERIFICATION_LEVEL_UNVERIFIED; ++ GHashTableIter iter; ++ ++ if (self->active_credentials_cache_name != NULL) ++ { ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, ++ self->active_credentials_cache_name); ++ ++ verification_level = verify_identity_in_credentials_cache (self, ++ preauth_identity_source, ++ credentials_cache, ++ &start_time, ++ &renewal_time, ++ &expiration_time, ++ error); ++ if (verification_level == VERIFICATION_LEVEL_SIGNED_IN) ++ goto out; ++ ++ if (verification_level == VERIFICATION_LEVEL_UNVERIFIED) ++ { ++ krb5_cc_close (self->kerberos_context, credentials_cache); ++ g_hash_table_remove (self->credentials_caches, self->active_credentials_cache_name); ++ g_clear_pointer (&self->active_credentials_cache_name, g_free); ++ } ++ } ++ ++ self->start_time = 0; ++ self->renewal_time = 0; ++ self->expiration_time = 0; ++ ++ g_hash_table_iter_init (&iter, self->credentials_caches); ++ while (g_hash_table_iter_next (&iter, (gpointer *) &name, (gpointer*) &credentials_cache)) ++ { ++ krb5_timestamp new_start_time = 0; ++ krb5_timestamp new_renewal_time = 0; ++ krb5_timestamp new_expiration_time = 0; ++ ++ if (g_strcmp0 (name, self->active_credentials_cache_name) == 0) ++ continue; ++ ++ g_clear_pointer (preauth_identity_source, g_free); ++ verification_level = verify_identity_in_credentials_cache (self, ++ preauth_identity_source, ++ credentials_cache, ++ &new_start_time, ++ &new_renewal_time, ++ &new_expiration_time, ++ error); ++ ++ if (verification_level == VERIFICATION_LEVEL_SIGNED_IN || ++ self->active_credentials_cache_name == NULL) ++ { ++ g_clear_pointer (&self->active_credentials_cache_name, g_free); ++ self->active_credentials_cache_name = g_strdup (name); ++ start_time = new_start_time; ++ renewal_time = new_renewal_time; ++ expiration_time = new_expiration_time; ++ ++ if (verification_level == VERIFICATION_LEVEL_SIGNED_IN) ++ break; ++ } ++ else if (verification_level == VERIFICATION_LEVEL_UNVERIFIED) ++ { ++ krb5_cc_close (self->kerberos_context, credentials_cache); ++ g_hash_table_iter_remove (&iter); ++ } ++ } + ++out: + G_LOCK (identity_lock); + set_start_time (self, start_time); + set_renewal_time (self, renewal_time); + set_expiration_time (self, expiration_time); + G_UNLOCK (identity_lock); + +- if (principal != NULL) +- krb5_free_principal (self->kerberos_context, principal); + return verification_level; + } + +@@ -1079,11 +1213,37 @@ on_kerberos_inquiry (krb5_context kerberos_context, + return error_code; + } + ++static void ++goa_kerberos_identity_add_credentials_cache (GoaKerberosIdentity *self, ++ krb5_ccache credentials_cache) ++{ ++ const char *cache_name; ++ ++ cache_name = krb5_cc_get_name (self->kerberos_context, credentials_cache); ++ ++ if (g_hash_table_contains (self->credentials_caches, cache_name)) ++ { ++ krb5_ccache old_credentials_cache; ++ ++ old_credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, cache_name); ++ ++ krb5_cc_close (self->kerberos_context, old_credentials_cache); ++ } ++ ++ g_hash_table_replace (self->credentials_caches, g_strdup (cache_name), credentials_cache); ++ ++ if (self->active_credentials_cache_name == NULL) ++ { ++ self->active_credentials_cache_name = g_strdup (cache_name); ++ } ++} ++ + static gboolean +-create_credential_cache (GoaKerberosIdentity *self, +- GError **error) ++create_credentials_cache (GoaKerberosIdentity *self, ++ GError **error) + { + krb5_ccache default_cache; ++ krb5_ccache new_cache; + const char *cache_type; + krb5_error_code error_code; + +@@ -1092,7 +1252,7 @@ create_credential_cache (GoaKerberosIdentity *self, + if (error_code == 0) + { + cache_type = krb5_cc_get_type (self->kerberos_context, default_cache); +- error_code = krb5_cc_new_unique (self->kerberos_context, cache_type, NULL, &self->credentials_cache); ++ error_code = krb5_cc_new_unique (self->kerberos_context, cache_type, NULL, &new_cache); + } + + if (error_code != 0) +@@ -1106,6 +1266,8 @@ create_credential_cache (GoaKerberosIdentity *self, + return FALSE; + } + ++ goa_kerberos_identity_add_credentials_cache (self, new_cache); ++ + return TRUE; + } + +@@ -1116,17 +1278,22 @@ goa_kerberos_identity_update_credentials (GoaKerberosIdentity *self, + GError **error) + { + krb5_error_code error_code; ++ krb5_ccache credentials_cache; + +- if (self->credentials_cache == NULL) ++ ++ if (self->active_credentials_cache_name == NULL) + { +- if (!create_credential_cache (self, error)) ++ if (!create_credentials_cache (self, error)) + { + krb5_free_cred_contents (self->kerberos_context, new_credentials); + goto out; + } + } + +- error_code = krb5_cc_initialize (self->kerberos_context, self->credentials_cache, principal); ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, ++ self->active_credentials_cache_name); ++ ++ error_code = krb5_cc_initialize (self->kerberos_context, credentials_cache, principal); + if (error_code != 0) + { + set_and_prefix_error_from_krb5_error_code (self, +@@ -1139,7 +1306,7 @@ goa_kerberos_identity_update_credentials (GoaKerberosIdentity *self, + goto out; + } + +- error_code = krb5_cc_store_cred (self->kerberos_context, self->credentials_cache, new_credentials); ++ error_code = krb5_cc_store_cred (self->kerberos_context, credentials_cache, new_credentials); + if (error_code != 0) + { + set_and_prefix_error_from_krb5_error_code (self, +@@ -1354,6 +1521,40 @@ update_identifier (GoaKerberosIdentity *self, GoaKerberosIdentity *new_identity) + } + } + ++static int ++goa_kerberos_identity_compare (GoaKerberosIdentity *self, ++ GoaKerberosIdentity *new_identity) ++{ ++ if (self->cached_verification_level < new_identity->cached_verification_level) ++ return -100; ++ ++ if (self->cached_verification_level > new_identity->cached_verification_level) ++ return 100; ++ ++ if (self->cached_verification_level != VERIFICATION_LEVEL_SIGNED_IN) ++ return 50; ++ ++ if (self->expiration_time < new_identity->expiration_time) ++ return -10; ++ ++ if (self->expiration_time > new_identity->expiration_time) ++ return 10; ++ ++ if (self->start_time > new_identity->start_time) ++ return -5; ++ ++ if (self->start_time < new_identity->start_time) ++ return 5; ++ ++ if (self->renewal_time < new_identity->renewal_time) ++ return -1; ++ ++ if (self->renewal_time > new_identity->renewal_time) ++ return 1; ++ ++ return 0; ++} ++ + void + goa_kerberos_identity_update (GoaKerberosIdentity *self, + GoaKerberosIdentity *new_identity) +@@ -1361,15 +1562,30 @@ goa_kerberos_identity_update (GoaKerberosIdentity *self, + VerificationLevel old_verification_level, new_verification_level; + gboolean time_changed = FALSE; + char *preauth_identity_source = NULL; ++ int comparison; ++ ++ comparison = goa_kerberos_identity_compare (self, new_identity); ++ ++ if (new_identity->active_credentials_cache_name != NULL) ++ { ++ krb5_ccache credentials_cache; ++ krb5_ccache copied_cache; + +- if (self->credentials_cache != NULL) +- krb5_cc_close (self->kerberos_context, self->credentials_cache); ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (new_identity->credentials_caches, ++ new_identity->active_credentials_cache_name); ++ krb5_cc_dup (new_identity->kerberos_context, credentials_cache, &copied_cache); + +- krb5_cc_dup (new_identity->kerberos_context, new_identity->credentials_cache, &self->credentials_cache); ++ if (comparison < 0) ++ g_clear_pointer (&self->active_credentials_cache_name, &g_free); ++ ++ goa_kerberos_identity_add_credentials_cache (self, copied_cache); ++ } ++ ++ if (comparison >= 0) ++ return; + + G_LOCK (identity_lock); + update_identifier (self, new_identity); +- + time_changed |= set_start_time (self, new_identity->start_time); + time_changed |= set_renewal_time (self, new_identity->renewal_time); + time_changed |= set_expiration_time (self, new_identity->expiration_time); +@@ -1426,10 +1642,11 @@ goa_kerberos_identity_renew (GoaKerberosIdentity *self, GError **error) + krb5_error_code error_code = 0; + krb5_principal principal; + krb5_creds new_credentials; ++ krb5_ccache credentials_cache; + gboolean renewed = FALSE; + char *name = NULL; + +- if (self->credentials_cache == NULL) ++ if (self->active_credentials_cache_name == NULL) + { + g_set_error (error, + GOA_IDENTITY_ERROR, +@@ -1438,7 +1655,9 @@ goa_kerberos_identity_renew (GoaKerberosIdentity *self, GError **error) + goto out; + } + +- error_code = krb5_cc_get_principal (self->kerberos_context, self->credentials_cache, &principal); ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, ++ self->active_credentials_cache_name); ++ error_code = krb5_cc_get_principal (self->kerberos_context, credentials_cache, &principal); + if (error_code != 0) + { + set_and_prefix_error_from_krb5_error_code (self, +@@ -1451,7 +1670,7 @@ goa_kerberos_identity_renew (GoaKerberosIdentity *self, GError **error) + + name = goa_kerberos_identity_get_principal_name (self); + +- error_code = krb5_get_renewed_creds (self->kerberos_context, &new_credentials, principal, self->credentials_cache, NULL); ++ error_code = krb5_get_renewed_creds (self->kerberos_context, &new_credentials, principal, credentials_cache, NULL); + if (error_code != 0) + { + set_and_prefix_error_from_krb5_error_code (self, +@@ -1486,36 +1705,51 @@ out: + gboolean + goa_kerberos_identity_erase (GoaKerberosIdentity *self, GError **error) + { ++ GHashTableIter iter; ++ const char *name; ++ krb5_ccache credentials_cache; + krb5_error_code error_code = 0; + +- if (self->credentials_cache != NULL) ++ if (self->active_credentials_cache_name != NULL) + { +- error_code = krb5_cc_destroy (self->kerberos_context, self->credentials_cache); +- self->credentials_cache = NULL; ++ credentials_cache = (krb5_ccache) g_hash_table_lookup (self->credentials_caches, ++ self->active_credentials_cache_name); ++ g_debug ("GoaKerberosIdentity: Destroying active credentials cache %s", self->active_credentials_cache_name); ++ error_code = krb5_cc_destroy (self->kerberos_context, credentials_cache); ++ g_clear_pointer (&self->active_credentials_cache_name, g_free); ++ ++ if (error_code != 0) ++ { ++ set_and_prefix_error_from_krb5_error_code (self, ++ error, ++ GOA_IDENTITY_ERROR_REMOVING_CREDENTIALS, ++ error_code, _("Could not erase identity: ")); ++ } + } + +- if (error_code != 0) ++ g_hash_table_iter_init (&iter, self->credentials_caches); ++ while (g_hash_table_iter_next (&iter, (gpointer *) &name, (gpointer*) &credentials_cache)) + { +- set_and_prefix_error_from_krb5_error_code (self, +- error, +- GOA_IDENTITY_ERROR_REMOVING_CREDENTIALS, +- error_code, _("Could not erase identity: ")); +- return FALSE; ++ g_debug ("GoaKerberosIdentity: Destroying inactive credentials cache %s", name); ++ krb5_cc_destroy (self->kerberos_context, credentials_cache); + } ++ g_hash_table_remove_all (self->credentials_caches); + +- return TRUE; ++ return error_code == 0; + } + + GoaIdentity * + goa_kerberos_identity_new (krb5_context context, krb5_ccache cache, GError **error) + { + GoaKerberosIdentity *self; ++ krb5_ccache copied_cache; + + self = GOA_KERBEROS_IDENTITY (g_object_new (GOA_TYPE_KERBEROS_IDENTITY, NULL)); +- +- krb5_cc_dup (context, cache, &self->credentials_cache); + self->kerberos_context = context; + ++ krb5_cc_dup (self->kerberos_context, cache, &copied_cache); ++ goa_kerberos_identity_add_credentials_cache (self, copied_cache); ++ + error = NULL; + if (!g_initable_init (G_INITABLE (self), NULL, error)) + { +-- +GitLab + + +From 3e80e12c441348b69ce51b5799a9579ab1f81d53 Mon Sep 17 00:00:00 2001 +From: Ray Strode +Date: Mon, 28 Nov 2022 15:58:09 -0500 +Subject: [PATCH 2/2] kerberos-identity: Clear alarms on temporary identity + +When the identity service does a refresh, it creates a new temporary +identity object to check the credentials, then it merges that +temporary identity into the preexisting identity object (so the +pointers don't change). + +This has the unfortunate side-effect of arming expiration alarms in +the temporary object, that can then fire immediately before the object +is thrown out. + +This commit disarms those alarms so they don't fire needlessly. +--- + src/goaidentity/goakerberosidentity.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/goaidentity/goakerberosidentity.c b/src/goaidentity/goakerberosidentity.c +index dbb5991d..6006385b 100644 +--- a/src/goaidentity/goakerberosidentity.c ++++ b/src/goaidentity/goakerberosidentity.c +@@ -1581,6 +1581,8 @@ goa_kerberos_identity_update (GoaKerberosIdentity *self, + goa_kerberos_identity_add_credentials_cache (self, copied_cache); + } + ++ clear_alarms (new_identity); ++ + if (comparison >= 0) + return; + +-- +GitLab + diff --git a/gnome-online-accounts-3.44.0.tar.xz b/gnome-online-accounts-3.44.0.tar.xz deleted file mode 100644 index 0ffd056..0000000 Binary files a/gnome-online-accounts-3.44.0.tar.xz and /dev/null differ diff --git a/gnome-online-accounts-3.46.0.tar.xz b/gnome-online-accounts-3.46.0.tar.xz new file mode 100644 index 0000000..3be7186 Binary files /dev/null and b/gnome-online-accounts-3.46.0.tar.xz differ diff --git a/gnome-online-accounts.spec b/gnome-online-accounts.spec index 9d0a6ed..a254a2b 100644 --- a/gnome-online-accounts.spec +++ b/gnome-online-accounts.spec @@ -1,51 +1,57 @@ %global gettext_version 0.19.8 -%global glib2_version 2.52 +%global glib2_version 2.67.4 %global gtk3_version 3.19.12 -%global libsoup_version 2.42 -%global webkit2gtk3_version 2.26.0 +%global libsoup_version 3.0 +%global webkit2gtk_version 2.33.1 -Name: gnome-online-accounts -Version: 3.44.0 -Release: 1 -Summary: Single sign-on framework for GNOME -License: LGPLv2+ -URL: https://wiki.gnome.org/Projects/GnomeOnlineAccounts -Source0: https://download.gnome.org/sources/gnome-online-accounts/3.44/%{name}-%{version}.tar.xz -Patch0: 0001-google-Remove-Photos-support.patch +Name: gnome-online-accounts +Version: 3.46.0 +Release: 1 +Summary: Single sign-on framework for GNOME +License: LGPLv2+ +URL: https://wiki.gnome.org/Projects/GnomeOnlineAccounts +Source0: https://download.gnome.org/sources/gnome-online-accounts/3.46/%{name}-%{version}.tar.xz -BuildRequires: make vala gtk-doc krb5-devel -BuildRequires: pkgconfig(gcr-3) -BuildRequires: pkgconfig(gio-2.0) >= %{glib2_version} -BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version} -BuildRequires: pkgconfig(gobject-2.0) >= %{glib2_version} -BuildRequires: pkgconfig(gtk+-3.0) >= %{gtk3_version} -BuildRequires: pkgconfig(gobject-introspection-1.0) -BuildRequires: gettext >= %{gettext_version} -BuildRequires: pkgconfig(webkit2gtk-4.0) >= %{webkit2gtk3_version} -BuildRequires: pkgconfig(json-glib-1.0) -BuildRequires: pkgconfig(libsecret-1) >= 0.7 -BuildRequires: pkgconfig(libsoup-2.4) >= %{libsoup_version} -BuildRequires: pkgconfig(rest-0.7) -BuildRequires: pkgconfig(libxml-2.0) +Patch0: 0001-google-Remove-Photos-support.patch +# Patch for multiple credential cache issues. +Patch1: 112.patch -Requires: glib2%{?_isa} >= %{glib2_version} -Requires: gtk3%{?_isa} >= %{gtk3_version} -Requires: libsoup%{?_isa} >= %{libsoup_version} -Requires: webkit2gtk3%{?_isa} >= %{webkit2gtk3_version} +BuildRequires: gcr-devel +BuildRequires: pkgconfig(gio-2.0) >= %{glib2_version} +BuildRequires: pkgconfig(glib-2.0) >= %{glib2_version} +BuildRequires: pkgconfig(gobject-2.0) >= %{glib2_version} +BuildRequires: pkgconfig(gtk+-3.0) >= %{gtk3_version} +BuildRequires: pkgconfig(gobject-introspection-1.0) +BuildRequires: gettext >= %{gettext_version} +BuildRequires: gtk-doc +BuildRequires: krb5-devel +BuildRequires: meson +BuildRequires: pkgconfig(webkit2gtk-4.1) >= %{webkit2gtk_version} +BuildRequires: pkgconfig(json-glib-1.0) +BuildRequires: pkgconfig(libsecret-1) +BuildRequires: pkgconfig(libsoup-3.0) >= %{libsoup_version} +BuildRequires: pkgconfig(rest-1.0) +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: vala + +Requires: glib2%{?_isa} >= %{glib2_version} +Requires: gtk3%{?_isa} >= %{gtk3_version} +Requires: libsoup3%{?_isa} >= %{libsoup_version} +Requires: webkit2gtk4.1%{?_isa} >= %{webkit2gtk_version} %description -GNOME Online Accounts Single sign-on framework for GNOME. It aims to provide -a way for users to setup online accounts to be used by the core system and -core applications only. Calendar entries show up in GNOME Shell, e-mail in -Evolution, online storages are exposed as GVolumes, and so on. +GNOME Online Accounts provides interfaces so that applications and libraries +in GNOME can access the user's online accounts. It has providers for Google, +Nextcloud, Flickr, Foursquare, Microsoft Account, Microsoft Exchange, Fedora, +IMAP/SMTP and Kerberos. %package devel -Summary: Libraries and header files -Requires: %{name}%{?_isa} = %{version}-%{release} +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} %description devel -This package includes libraries and header files for -developing with gnome-online-accounts. +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. %package help Summary: Man pages for gnome-online-accounts @@ -55,22 +61,26 @@ Man pages for gnome-online-accounts. %prep %autosetup -n %{name}-%{version} -p1 -#%setup -q -#%if 0%{?rhel} >= 9 -#%patch0 -p1 -#%endif %build -%configure --disable-lastfm --disable-media-server --disable-pocket \ - --disable-silent-rules --disable-static --disable-todoist --enable-documentation \ - --enable-facebook --enable-foursquare --enable-exchange --enable-flickr \ - --enable-google --enable-gtk-doc --enable-imap-smtp --enable-kerberos \ - --enable-owncloud --enable-windows-live +sed -i 's/gcr-3/gcr-4/g' meson.build +%meson \ + -Dexchange=true \ + -Dgoogle=true \ + -Dimap_smtp=true \ + -Dfedora=false \ + -Dkerberos=false \ + -Dlastfm=false \ + -Dmedia_server=false \ + -Downcloud=true \ + -Dwindows_live=true \ + -Dman=true \ + %{nil} -%make_build +%meson_build %install -%make_install +%meson_install %delete_la_and_a @@ -92,9 +102,9 @@ Man pages for gnome-online-accounts. %dir %{_libdir}/goa-1.0/web-extensions %{_libdir}/goa-1.0/web-extensions/libgoawebextension.so %{_prefix}/libexec/goa-daemon -%{_prefix}/libexec/goa-identity-service +#%%{_prefix}/libexec/goa-identity-service %{_datadir}/dbus-1/services/org.gnome.OnlineAccounts.service -%{_datadir}/dbus-1/services/org.gnome.Identity.service +#%%{_datadir}/dbus-1/services/org.gnome.Identity.service %{_datadir}/icons/hicolor/*/apps/goa-*.svg %{_datadir}/glib-2.0/schemas/org.gnome.online-accounts.gschema.xml @@ -106,9 +116,6 @@ Man pages for gnome-online-accounts. %{_datadir}/gir-1.0/Goa-1.0.gir %{_libdir}/pkgconfig/goa-1.0.pc %{_libdir}/pkgconfig/goa-backend-1.0.pc -%dir %{_datadir}/gtk-doc -%dir %{_datadir}/gtk-doc/html -%{_datadir}/gtk-doc/html/goa/ %{_libdir}/goa-1.0/include %{_datadir}/vala/ @@ -116,6 +123,9 @@ Man pages for gnome-online-accounts. %{_datadir}/man/man8/goa-daemon.8* %changelog +* Mon Dec 5 2022 lin zhang - 3.46.0-1 +- update to 3.46.0 for gnome 43 + * Mon Jun 6 2022 lin zhang - 3.44.0-1 - update to 3.44.0 @@ -139,4 +149,4 @@ Man pages for gnome-online-accounts. - add gdb in buildrequires * Wed Sep 18 2019 Zaiwang Li - 3.30.0-4 -- Init Package +- Init Package \ No newline at end of file