--- /dev/null
+*~
+*.o
+*.la
+*.lo
+.deps
+.cproject
+.libs
+.project
+aclocal.m4
+autom4te.cache
+compile
+configure
+config.*
+depcomp
+install-sh
+INSTALL
+libtool
+ltmain.sh
+m4
+Makefile
+Makefile.in
+Makefile.in.in
+missing
+stamp*
+
+/po/POTFILES
--- /dev/null
+Stef Walter <stefw@collabora.co.uk>
--- /dev/null
+ GNU LIBRARY GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1991 Free Software Foundation, Inc.
+ 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the library GPL. It is
+ numbered 2 because it goes with version 2 of the ordinary GPL.]
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+ This license, the Library General Public License, applies to some
+specially designated Free Software Foundation software, and to any
+other libraries whose authors decide to use it. You can use it for
+your libraries, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if
+you distribute copies of the library, or if you modify it.
+
+ For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you. You must make sure that they, too, receive or can get the source
+code. If you link a program with the library, you must provide
+complete object files to the recipients so that they can relink them
+with the library, after making changes to the library and recompiling
+it. And you must show them these terms so they know their rights.
+
+ Our method of protecting your rights has two steps: (1) copyright
+the library, and (2) offer you this license which gives you legal
+permission to copy, distribute and/or modify the library.
+
+ Also, for each distributor's protection, we want to make certain
+that everyone understands that there is no warranty for this free
+library. If the library is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original
+version, so that any problems introduced by others will not reflect on
+the original authors' reputations.
+\f
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that companies distributing free
+software will individually obtain patent licenses, thus in effect
+transforming the program into proprietary software. To prevent this,
+we have made it clear that any patent must be licensed for everyone's
+free use or not licensed at all.
+
+ Most GNU software, including some libraries, is covered by the ordinary
+GNU General Public License, which was designed for utility programs. This
+license, the GNU Library General Public License, applies to certain
+designated libraries. This license is quite different from the ordinary
+one; be sure to read it in full, and don't assume that anything in it is
+the same as in the ordinary license.
+
+ The reason we have a separate public license for some libraries is that
+they blur the distinction we usually make between modifying or adding to a
+program and simply using it. Linking a program with a library, without
+changing the library, is in some sense simply using the library, and is
+analogous to running a utility program or application program. However, in
+a textual and legal sense, the linked executable is a combined work, a
+derivative of the original library, and the ordinary General Public License
+treats it as such.
+
+ Because of this blurred distinction, using the ordinary General
+Public License for libraries did not effectively promote software
+sharing, because most developers did not use the libraries. We
+concluded that weaker conditions might promote sharing better.
+
+ However, unrestricted linking of non-free programs would deprive the
+users of those programs of all benefit from the free status of the
+libraries themselves. This Library General Public License is intended to
+permit developers of non-free programs to use free libraries, while
+preserving your freedom as a user of such programs to change the free
+libraries that are incorporated in them. (We have not seen how to achieve
+this as regards changes in header files, but we have achieved it as regards
+changes in the actual functions of the Library.) The hope is that this
+will lead to faster development of free libraries.
+
+ The precise terms and conditions for copying, distribution and
+modification follow. Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library". The
+former contains code derived from the library, while the latter only
+works together with the library.
+
+ Note that it is possible for a library to be covered by the ordinary
+General Public License rather than by this special one.
+\f
+ GNU LIBRARY GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License Agreement applies to any software library which
+contains a notice placed by the copyright holder or other authorized
+party saying it may be distributed under the terms of this Library
+General Public License (also called "this License"). Each licensee is
+addressed as "you".
+
+ A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+ The "Library", below, refers to any such software library or work
+which has been distributed under these terms. A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language. (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+ "Source code" for a work means the preferred form of the work for
+making modifications to it. For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+ Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it). Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+
+ 1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+ You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+\f
+ 2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) The modified work must itself be a software library.
+
+ b) You must cause the files modified to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ c) You must cause the whole of the work to be licensed at no
+ charge to all third parties under the terms of this License.
+
+ d) If a facility in the modified Library refers to a function or a
+ table of data to be supplied by an application program that uses
+ the facility, other than as an argument passed when the facility
+ is invoked, then you must make a good faith effort to ensure that,
+ in the event an application does not supply such function or
+ table, the facility still operates, and performs whatever part of
+ its purpose remains meaningful.
+
+ (For example, a function in a library to compute square roots has
+ a purpose that is entirely well-defined independent of the
+ application. Therefore, Subsection 2d requires that any
+ application-supplied function or table used by this function must
+ be optional: if the application does not supply it, the square
+ root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library. To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License. (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.) Do not make any other change in
+these notices.
+\f
+ Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+ This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+ 4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+ If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library". Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+ However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library". The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+ When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library. The
+threshold for this to be true is not precisely defined by law.
+
+ If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work. (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+ Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+\f
+ 6. As an exception to the Sections above, you may also compile or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+ You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License. You must supply a copy of this License. If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License. Also, you must do one
+of these things:
+
+ a) Accompany the work with the complete corresponding
+ machine-readable source code for the Library including whatever
+ changes were used in the work (which must be distributed under
+ Sections 1 and 2 above); and, if the work is an executable linked
+ with the Library, with the complete machine-readable "work that
+ uses the Library", as object code and/or source code, so that the
+ user can modify the Library and then relink to produce a modified
+ executable containing the modified Library. (It is understood
+ that the user who changes the contents of definitions files in the
+ Library will not necessarily be able to recompile the application
+ to use the modified definitions.)
+
+ b) Accompany the work with a written offer, valid for at
+ least three years, to give the same user the materials
+ specified in Subsection 6a, above, for a charge no more
+ than the cost of performing this distribution.
+
+ c) If distribution of the work is made by offering access to copy
+ from a designated place, offer equivalent access to copy the above
+ specified materials from the same place.
+
+ d) Verify that the user has already received a copy of these
+ materials or that you have already sent this user a copy.
+
+ For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it. However, as a special exception,
+the source code distributed need not include anything that is normally
+distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+ It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system. Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+\f
+ 7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+ a) Accompany the combined library with a copy of the same work
+ based on the Library, uncombined with any other library
+ facilities. This must be distributed under the terms of the
+ Sections above.
+
+ b) Give prominent notice with the combined library of the fact
+ that part of it is a work based on the Library, and explaining
+ where to find the accompanying uncombined form of the same work.
+
+ 8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License. Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License. However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+ 9. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Library or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+ 10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+\f
+ 11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all. For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded. In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+ 13. The Free Software Foundation may publish revised and/or new
+versions of the Library General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation. If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+\f
+ 14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission. For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this. Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+ NO WARRANTY
+
+ 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+\f
+ How to Apply These Terms to Your New Libraries
+
+ If you develop a new library, and you want it to be of the greatest
+possible use to the public, we recommend making it free software that
+everyone can redistribute and change. You can do so by permitting
+redistribution under these terms (or, alternatively, under the terms of the
+ordinary General Public License).
+
+ To apply these terms, attach the following notices to the library. It is
+safest to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least the
+"copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the library's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with this library; if not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the library, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the
+ library `Frob' (a library for tweaking knobs) written by James Random Hacker.
+
+ <signature of Ty Coon>, 1 April 1990
+ Ty Coon, President of Vice
+
+That's all there is to it!
--- /dev/null
+=== ChangeLog discontinued ===
+
+ gsecret relies on commit messages to provide change history. Please
+ write commit messages in the following format:
+
+=== begin example commit ===
+
+ Short explanation of the commit
+
+ Longer explanation explaining exactly what's changed, whether any
+ external or private interfaces changed, what bugs were fixed (with bug
+ tracker reference if applicable) and so forth. Be concise but not too
+ brief.
+
+=== end example commit ===
+
+ - Always add a brief description of the commit to the _first_ line of
+ the commit and terminate by two newlines. This may be the title of
+ a fixed bug, copied from Bugzilla.
+
+ - First line (the brief description) must only be one sentence and
+ should start with a capital letter unless it starts with a
+ lowercase symbol or identifier. Don't use a trailing full stop,
+ and don't exceed 72 characters.
+
+ - The main description (the body) is normal prose and should use
+ normal punctuation and capital letters where appropriate.
+
+ - When committing code on behalf of others use the --author option,
+ e.g. git commit -a --author "Joe Coder <joe@coder.org>" and
+ --signoff.
+
--- /dev/null
+## Process this file with automake to produce Makefile.in
+include $(top_srcdir)/Makefile.decl
+
+ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS}
+
+SUBDIRS = po egg library
--- /dev/null
+2.27.90
+=======
+ * Fixed configure script to actually error out if installed glib
+ version is too old (Emilio Pozuelo Monfort)
+
+ * gnutls: updated GTlsClientConnectionGnutls for :accepted-cas type
+ change (Stef Walter)
+ * gnutls: fixed an uninitialized variable (Dan Winship)
+
+2.27.5
+======
+ * gnutls: finish implementing GTlsRehandshakeMode, which was present
+ but non-functional in 2.27.4
+ * gnutls: updates for glib TLS API changes
+ * gnutls: fix some async bugs that caused the main loop to spin
+ * gnutls: implement a client-side session cache, to speed up
+ handshakes
+
+ * Compile with gcc warnings by default
+
+2.27.4
+======
+ * GNUTLS-based implementation of GTlsBackend
+
+2.26.0
+======
+
+ * No changes, just a version bump
+
+2.25.0
+======
+
+ * Initial release, with libproxy-based GProxyResolver
--- /dev/null
+GObject based library for accessing the Secret Service API.
+
--- /dev/null
+#!/bin/sh
+# Run this to generate all the initial makefiles, etc.
+
+srcdir=`dirname $0`
+test -z "$srcdir" && srcdir=.
+
+ORIGDIR=`pwd`
+cd $srcdir
+PROJECT=gsecret
+TEST_TYPE=-f
+FILE=library/gsecret-data.c
+
+DIE=0
+
+have_libtool=false
+if libtoolize --version < /dev/null > /dev/null 2>&1 ; then
+ libtool_version=`libtoolize --version |
+ head -1 |
+ sed -e 's/^\(.*\)([^)]*)\(.*\)$/\1\2/g' \
+ -e 's/^[^0-9]*\([0-9.][0-9.]*\).*/\1/'`
+ case $libtool_version in
+ 2.2*)
+ have_libtool=true
+ ;;
+ 2.4*)
+ have_libtool=true
+ ;;
+ esac
+fi
+if $have_libtool ; then : ; else
+ echo
+ echo "You must have libtool >= 2.2 installed to compile $PROJECT."
+ echo "Install the appropriate package for your distribution,"
+ echo "or get the source tarball at http://ftp.gnu.org/gnu/libtool/"
+ DIE=1
+fi
+
+(autoconf --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "You must have autoconf installed to compile $PROJECT."
+ echo "Install the appropriate package for your distribution,"
+ echo "or get the source tarball at http://ftp.gnu.org/gnu/autoconf/"
+ DIE=1
+}
+
+if automake-1.11 --version < /dev/null > /dev/null 2>&1 ; then
+ AUTOMAKE=automake-1.11
+ ACLOCAL=aclocal-1.11
+else if automake-1.10 --version < /dev/null > /dev/null 2>&1 ; then
+ AUTOMAKE=automake-1.10
+ ACLOCAL=aclocal-1.10
+else
+ echo
+ echo "You must have automake 1.10.x or 1.11.x installed to compile $PROJECT."
+ echo "Install the appropriate package for your distribution,"
+ echo "or get the source tarball at http://ftp.gnu.org/gnu/automake/"
+ DIE=1
+fi
+fi
+
+if test "$DIE" -eq 1; then
+ exit 1
+fi
+
+test $TEST_TYPE $FILE || {
+ echo "You must run this script in the top-level $PROJECT directory"
+ exit 1
+}
+
+# NOCONFIGURE is used by gnome-common; support both
+if ! test -z "$AUTOGEN_SUBDIR_MODE"; then
+ NOCONFIGURE=1
+fi
+
+if test -z "$NOCONFIGURE"; then
+ if test -z "$*"; then
+ echo "I am going to run ./configure with no arguments - if you wish "
+ echo "to pass any to it, please specify them on the $0 command line."
+ fi
+fi
+
+rm -rf autom4te.cache
+
+# README and INSTALL are required by automake, but may be deleted by clean
+# up rules. to get automake to work, simply touch these here, they will be
+# regenerated from their corresponding *.in files by ./configure anyway.
+touch README INSTALL
+
+$ACLOCAL $ACLOCAL_FLAGS || exit $?
+
+libtoolize --force || exit $?
+intltoolize --force --copy || exit $?
+
+autoheader || exit $?
+
+$AUTOMAKE --add-missing || exit $?
+autoconf || exit $?
+cd $ORIGDIR || exit $?
+
+if test -z "$NOCONFIGURE"; then
+ $srcdir/configure --enable-maintainer-mode $AUTOGEN_CONFIGURE_ARGS "$@" || exit $?
+
+ echo
+ echo "Now type 'make' to compile $PROJECT."
+fi
--- /dev/null
+AC_PREREQ(2.65)
+AC_CONFIG_MACRO_DIR([m4])
+
+AC_INIT([gsecret],[0.1],[http://bugzilla.gnome.org/enter_bug.cgi?product=gsecret])
+
+AC_CONFIG_SRCDIR([library/gsecret-data.c])
+AC_CONFIG_HEADERS([config.h])
+
+dnl Other initialization
+AM_INIT_AUTOMAKE
+AM_MAINTAINER_MODE([enable])
+m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])],)
+LT_INIT
+
+dnl Checks for programs.
+AC_PROG_CC
+AC_PROG_CPP
+AM_PROG_CC_C_O
+
+dnl Checks for libraries.
+
+dnl ****************************
+dnl *** Checks for intltool
+
+IT_PROG_INTLTOOL([0.35.0])
+GETTEXT_PACKAGE=gsecret
+
+AC_SUBST([GETTEXT_PACKAGE])
+AC_DEFINE_UNQUOTED([GETTEXT_PACKAGE],["$GETTEXT_PACKAGE"],[The gettext domain name])
+AM_GLIB_GNU_GETTEXT
+
+dnl *****************************
+dnl *** Check GLib
+
+PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.16.0 gio-2.0 >= 2.16.0 gthread-2.0 >= 2.16.0)
+LIBS="$LIBS $GLIB_LIBS"
+CFLAGS="$CFLAGS $GLIB_CFLAGS"
+
+AC_CHECK_FUNCS(mlock)
+
+dnl *************************************
+dnl *** Warnings to show if using GCC ***
+dnl *************************************
+
+AC_ARG_ENABLE(more-warnings,
+ AS_HELP_STRING([--disable-more-warnings], [Inhibit compiler warnings]),
+ set_more_warnings=no)
+
+if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then
+ CFLAGS="$CFLAGS \
+ -Wall -Wstrict-prototypes -Wmissing-declarations \
+ -Wmissing-prototypes -Wnested-externs -Wpointer-arith \
+ -Wdeclaration-after-statement -Wformat=2 -Winit-self \
+ -Waggregate-return -Wmissing-format-attribute"
+
+ for option in -Wmissing-include-dirs -Wundef; do
+ SAVE_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS $option"
+ AC_MSG_CHECKING([whether gcc understands $option])
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [])],
+ [has_option=yes],
+ [has_option=no])
+ AC_MSG_RESULT($has_option)
+ if test $has_option = no; then
+ CFLAGS="$SAVE_CFLAGS"
+ fi
+ done
+fi
+
+dnl *****************************
+dnl *** done ***
+dnl *****************************
+AC_CONFIG_FILES([Makefile
+ egg/Makefile
+ po/Makefile.in
+ po/Makefile
+ library/Makefile
+ ])
+AC_OUTPUT
--- /dev/null
+
+noinst_LTLIBRARIES = \
+ libegg.la
+
+INCLUDES = \
+ -I$(top_srcdir)
+
+libegg_la_SOURCES = \
+ egg-secure-memory.c egg-secure-memory.h \
+ $(BUILT_SOURCES)
--- /dev/null
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* egg-secure-memory.h - library for allocating memory that is non-pageable
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef@memberwebs.com>
+*/
+
+/*
+ * IMPORTANT: This is pure vanila standard C, no glib. We need this
+ * because certain consumers of this protocol need to be built
+ * without linking in any special libraries. ie: the PKCS#11 module.
+ */
+
+#include "config.h"
+
+#include "egg-secure-memory.h"
+
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <stddef.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <assert.h>
+
+#ifdef WITH_VALGRIND
+#include <valgrind/valgrind.h>
+#include <valgrind/memcheck.h>
+#endif
+
+/*
+ * Use this to force all memory through malloc
+ * for use with valgrind and the like
+ */
+#define FORCE_FALLBACK_MEMORY 0
+
+#define DEBUG_SECURE_MEMORY 0
+
+#if DEBUG_SECURE_MEMORY
+#define DEBUG_ALLOC(msg, n) fprintf(stderr, "%s %lu bytes\n", msg, n);
+#else
+#define DEBUG_ALLOC(msg, n)
+#endif
+
+#define DEFAULT_BLOCK_SIZE 16384
+
+/* Use our own assert to guarantee no glib allocations */
+#ifndef ASSERT
+#ifdef G_DISABLE_ASSERT
+#define ASSERT(x)
+#else
+#define ASSERT(x) assert(x)
+#endif
+#endif
+
+#define DO_LOCK() \
+ egg_memory_lock ();
+
+#define DO_UNLOCK() \
+ egg_memory_unlock ();
+
+static int lock_warning = 1;
+int egg_secure_warnings = 1;
+
+/*
+ * We allocate all memory in units of sizeof(void*). This
+ * is our definition of 'word'.
+ */
+typedef void* word_t;
+
+/* The amount of extra words we can allocate */
+#define WASTE 4
+
+/*
+ * Track allocated memory or a free block. This structure is not stored
+ * in the secure memory area. It is allocated from a pool of other
+ * memory. See meta_pool_xxx ().
+ */
+typedef struct _Cell {
+ word_t *words; /* Pointer to secure memory */
+ size_t n_words; /* Amount of secure memory in words */
+ size_t allocated; /* Amount actually requested by app, in bytes, 0 if unused */
+ struct _Cell *next; /* Next in unused memory ring, or NULL if used */
+ struct _Cell *prev; /* Previous in unused memory ring, or NULL if used */
+} Cell;
+
+/*
+ * A block of secure memory. This structure is the header in that block.
+ */
+typedef struct _Block {
+ word_t *words; /* Actual memory hangs off here */
+ size_t n_words; /* Number of words in block */
+ size_t used; /* Number of used allocations */
+ struct _Cell* unused; /* Ring of unused allocations */
+ struct _Block *next; /* Next block in list */
+} Block;
+
+/* -----------------------------------------------------------------------------
+ * UNUSED STACK
+ */
+
+static inline void
+unused_push (void **stack, void *ptr)
+{
+ ASSERT (ptr);
+ ASSERT (stack);
+ *((void**)ptr) = *stack;
+ *stack = ptr;
+}
+
+static inline void*
+unused_pop (void **stack)
+{
+ void *ptr;
+ ASSERT (stack);
+ ptr = *stack;
+ *stack = *(void**)ptr;
+ return ptr;
+
+}
+
+static inline void*
+unused_peek (void **stack)
+{
+ ASSERT (stack);
+ return *stack;
+}
+
+/* -----------------------------------------------------------------------------
+ * POOL META DATA ALLOCATION
+ *
+ * A pool for memory meta data. We allocate fixed size blocks. There are actually
+ * two different structures stored in this pool: Cell and Block. Cell is allocated
+ * way more often, and is bigger so we just allocate that size for both.
+ */
+
+/* Pool allocates this data type */
+typedef union _Item {
+ Cell cell;
+ Block block;
+} Item;
+
+typedef struct _Pool {
+ struct _Pool *next; /* Next pool in list */
+ size_t length; /* Length in bytes of the pool */
+ size_t used; /* Number of cells used in pool */
+ void *unused; /* Unused stack of unused stuff */
+ size_t n_items; /* Total number of items in pool */
+ Item items[1]; /* Actual items hang off here */
+} Pool;
+
+static Pool *all_pools = NULL;
+
+static void*
+pool_alloc (void)
+{
+ Pool *pool;
+ void *pages, *item;
+ size_t len, i;
+
+ /* A pool with an available item */
+ for (pool = all_pools; pool; pool = pool->next) {
+ if (unused_peek (&pool->unused))
+ break;
+ }
+
+ /* Create a new pool */
+ if (pool == NULL) {
+ len = getpagesize () * 2;
+ pages = mmap (0, len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0);
+ if (pages == MAP_FAILED)
+ return NULL;
+
+ /* Fill in the block header, and inlude in block list */
+ pool = pages;
+ pool->next = all_pools;
+ all_pools = pool;
+ pool->length = len;
+ pool->used = 0;
+ pool->unused = NULL;
+
+ /* Fill block with unused items */
+ pool->n_items = (len - sizeof (Pool)) / sizeof (Item);
+ for (i = 0; i < pool->n_items; ++i)
+ unused_push (&pool->unused, pool->items + i);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_CREATE_MEMPOOL(pool, 0, 0);
+#endif
+ }
+
+ ++pool->used;
+ ASSERT (unused_peek (&pool->unused));
+ item = unused_pop (&pool->unused);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MEMPOOL_ALLOC (pool, item, sizeof (Item));
+#endif
+
+ return memset (item, 0, sizeof (Item));
+}
+
+static void
+pool_free (void* item)
+{
+ Pool *pool, **at;
+ char *ptr, *beg, *end;
+
+ ptr = item;
+
+ /* Find which block this one belongs to */
+ for (at = &all_pools, pool = *at; pool; at = &pool->next, pool = *at) {
+ beg = (char*)pool->items;
+ end = (char*)pool + pool->length - sizeof (Item);
+ if (ptr >= beg && ptr <= end) {
+ ASSERT ((ptr - beg) % sizeof (Item) == 0);
+ break;
+ }
+ }
+
+ /* Otherwise invalid meta */
+ ASSERT (at);
+ ASSERT (pool);
+ ASSERT (pool->used > 0);
+
+ /* No more meta cells used in this block, remove from list, destroy */
+ if (pool->used == 1) {
+ *at = pool->next;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_DESTROY_MEMPOOL (pool);
+#endif
+
+ munmap (pool, pool->length);
+ return;
+ }
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MEMPOOL_FREE (pool, item);
+ VALGRIND_MAKE_MEM_UNDEFINED (item, sizeof (Item));
+#endif
+
+ --pool->used;
+ memset (item, 0xCD, sizeof (Item));
+ unused_push (&pool->unused, item);
+}
+
+static int
+pool_valid (void* item)
+{
+ Pool *pool;
+ char *ptr, *beg, *end;
+
+ ptr = item;
+
+ /* Find which block this one belongs to */
+ for (pool = all_pools; pool; pool = pool->next) {
+ beg = (char*)pool->items;
+ end = (char*)pool + pool->length - sizeof (Item);
+ if (ptr >= beg && ptr <= end)
+ return (pool->used && (ptr - beg) % sizeof (Item) == 0);
+ }
+
+ return 0;
+}
+
+/* -----------------------------------------------------------------------------
+ * SEC ALLOCATION
+ *
+ * Each memory cell begins and ends with a pointer to its metadata. These are also
+ * used as guards or red zones. Since they're treated as redzones by valgrind we
+ * have to jump through a few hoops before reading and/or writing them.
+ */
+
+static inline size_t
+sec_size_to_words (size_t length)
+{
+ return (length % sizeof (void*) ? 1 : 0) + (length / sizeof (void*));
+}
+
+static inline void
+sec_write_guards (Cell *cell)
+{
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_UNDEFINED (cell->words, sizeof (word_t));
+ VALGRIND_MAKE_MEM_UNDEFINED (cell->words + cell->n_words - 1, sizeof (word_t));
+#endif
+
+ ((void**)cell->words)[0] = (void*)cell;
+ ((void**)cell->words)[cell->n_words - 1] = (void*)cell;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_NOACCESS (cell->words, sizeof (word_t));
+ VALGRIND_MAKE_MEM_NOACCESS (cell->words + cell->n_words - 1, sizeof (word_t));
+#endif
+}
+
+static inline void
+sec_check_guards (Cell *cell)
+{
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (cell->words, sizeof (word_t));
+ VALGRIND_MAKE_MEM_DEFINED (cell->words + cell->n_words - 1, sizeof (word_t));
+#endif
+
+ ASSERT(((void**)cell->words)[0] == (void*)cell);
+ ASSERT(((void**)cell->words)[cell->n_words - 1] == (void*)cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_NOACCESS (cell->words, sizeof (word_t));
+ VALGRIND_MAKE_MEM_NOACCESS (cell->words + cell->n_words - 1, sizeof (word_t));
+#endif
+}
+
+static void
+sec_insert_cell_ring (Cell **ring, Cell *cell)
+{
+ ASSERT (ring);
+ ASSERT (cell);
+ ASSERT (cell != *ring);
+ ASSERT (cell->next == NULL);
+ ASSERT (cell->prev == NULL);
+
+ /* Insert back into the mix of available memory */
+ if (*ring) {
+ cell->next = (*ring)->next;
+ cell->prev = *ring;
+ cell->next->prev = cell;
+ cell->prev->next = cell;
+ } else {
+ cell->next = cell;
+ cell->prev = cell;
+ }
+
+ *ring = cell;
+ ASSERT (cell->next->prev == cell);
+ ASSERT (cell->prev->next == cell);
+}
+
+static void
+sec_remove_cell_ring (Cell **ring, Cell *cell)
+{
+ ASSERT (ring);
+ ASSERT (*ring);
+ ASSERT (cell->next);
+ ASSERT (cell->prev);
+
+ ASSERT (cell->next->prev == cell);
+ ASSERT (cell->prev->next == cell);
+
+ if (cell == *ring) {
+ /* The last meta? */
+ if (cell->next == cell) {
+ ASSERT (cell->prev == cell);
+ *ring = NULL;
+
+ /* Just pointing to this meta */
+ } else {
+ ASSERT (cell->prev != cell);
+ *ring = cell->next;
+ }
+ }
+
+ cell->next->prev = cell->prev;
+ cell->prev->next = cell->next;
+ cell->next = cell->prev = NULL;
+
+ ASSERT (*ring != cell);
+}
+
+static inline void*
+sec_cell_to_memory (Cell *cell)
+{
+ return cell->words + 1;
+}
+
+static inline int
+sec_is_valid_word (Block *block, word_t *word)
+{
+ return (word >= block->words && word < block->words + block->n_words);
+}
+
+static inline void*
+sec_clear_memory (void *memory, size_t from, size_t to)
+{
+ ASSERT (from <= to);
+ memset ((char*)memory + from, 0, to - from);
+ return memory;
+}
+
+static Cell*
+sec_neighbor_before (Block *block, Cell *cell)
+{
+ word_t *word;
+
+ ASSERT (cell);
+ ASSERT (block);
+
+ word = cell->words - 1;
+ if (!sec_is_valid_word (block, word))
+ return NULL;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (word, sizeof (word_t));
+#endif
+
+ cell = *word;
+ sec_check_guards (cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_NOACCESS (word, sizeof (word_t));
+#endif
+
+ return cell;
+}
+
+static Cell*
+sec_neighbor_after (Block *block, Cell *cell)
+{
+ word_t *word;
+
+ ASSERT (cell);
+ ASSERT (block);
+
+ word = cell->words + cell->n_words;
+ if (!sec_is_valid_word (block, word))
+ return NULL;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (word, sizeof (word_t));
+#endif
+
+ cell = *word;
+ sec_check_guards (cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_NOACCESS (word, sizeof (word_t));
+#endif
+
+ return cell;
+}
+
+static void*
+sec_alloc (Block *block, size_t length)
+{
+ Cell *cell, *other;
+ size_t n_words;
+ void *memory;
+
+ ASSERT (block);
+ ASSERT (length);
+
+ if (!block->unused)
+ return NULL;
+
+ /*
+ * Each memory allocation is aligned to a pointer size, and
+ * then, sandwidched between two pointers to its meta data.
+ * These pointers also act as guards.
+ *
+ * We allocate memory in units of sizeof (void*)
+ */
+
+ n_words = sec_size_to_words (length) + 2;
+
+ /* Look for a cell of at least our required size */
+ cell = block->unused;
+ while (cell->n_words < n_words) {
+ cell = cell->next;
+ if (cell == block->unused) {
+ cell = NULL;
+ break;
+ }
+ }
+
+ if (!cell)
+ return NULL;
+
+ ASSERT (cell->allocated == 0);
+ ASSERT (cell->prev);
+ ASSERT (cell->words);
+ sec_check_guards (cell);
+
+ /* Steal from the cell if it's too long */
+ if (cell->n_words > n_words + WASTE) {
+ other = pool_alloc ();
+ if (!other)
+ return NULL;
+ other->n_words = n_words;
+ other->words = cell->words;
+ cell->n_words -= n_words;
+ cell->words += n_words;
+
+ sec_write_guards (other);
+ sec_write_guards (cell);
+
+ cell = other;
+ }
+
+ if (cell->next)
+ sec_remove_cell_ring (&block->unused, cell);
+
+ ++block->used;
+ cell->allocated = length;
+ memory = sec_cell_to_memory (cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_UNDEFINED (memory, length);
+#endif
+
+ return memset (memory, 0, length);
+}
+
+static void*
+sec_free (Block *block, void *memory)
+{
+ Cell *cell, *other;
+ word_t *word;
+
+ ASSERT (block);
+ ASSERT (memory);
+
+ word = memory;
+ --word;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (word, sizeof (word_t));
+#endif
+
+ /* Lookup the meta for this memory block (using guard pointer) */
+ ASSERT (sec_is_valid_word (block, word));
+ ASSERT (pool_valid (*word));
+ cell = *word;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (cell->words, cell->n_words * sizeof (word_t));
+#endif
+
+ sec_check_guards (cell);
+ sec_clear_memory (memory, 0, cell->allocated);
+
+ sec_check_guards (cell);
+ ASSERT (cell->next == NULL);
+ ASSERT (cell->prev == NULL);
+ ASSERT (cell->allocated > 0);
+
+ /* Find previous unallocated neighbor, and merge if possible */
+ other = sec_neighbor_before (block, cell);
+ if (other && other->allocated == 0) {
+ ASSERT (other->next && other->prev);
+ other->n_words += cell->n_words;
+ sec_write_guards (other);
+ pool_free (cell);
+ cell = other;
+ }
+
+ /* Find next unallocated neighbor, and merge if possible */
+ other = sec_neighbor_after (block, cell);
+ if (other && other->allocated == 0) {
+ ASSERT (other->next && other->prev);
+ other->n_words += cell->n_words;
+ other->words = cell->words;
+ if (cell->next)
+ sec_remove_cell_ring (&block->unused, cell);
+ sec_write_guards (other);
+ pool_free (cell);
+ cell = other;
+ }
+
+ /* Add to the unused list if not already there */
+ if (!cell->next)
+ sec_insert_cell_ring (&block->unused, cell);
+
+ cell->allocated = 0;
+ --block->used;
+ return NULL;
+}
+
+static void*
+sec_realloc (Block *block, void *memory, size_t length)
+{
+ Cell *cell, *other;
+ word_t *word;
+ size_t n_words;
+ size_t valid;
+ void *alloc;
+
+ /* Standard realloc behavior, should have been handled elsewhere */
+ ASSERT (memory != NULL);
+ ASSERT (length > 0);
+
+ /* Dig out where the meta should be */
+ word = memory;
+ --word;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (word, sizeof (word_t));
+#endif
+
+ ASSERT (sec_is_valid_word (block, word));
+ ASSERT (pool_valid (*word));
+ cell = *word;
+
+ /* Validate that it's actually for real */
+ sec_check_guards (cell);
+ ASSERT (cell->allocated > 0);
+ ASSERT (cell->next == NULL);
+ ASSERT (cell->prev == NULL);
+
+ /* The amount of valid data */
+ valid = cell->allocated;
+
+ /* How many words we actually want */
+ n_words = sec_size_to_words (length) + 2;
+
+ /* Less memory is required than is in the cell */
+ if (n_words <= cell->n_words) {
+
+ /* TODO: No shrinking behavior yet */
+ cell->allocated = length;
+ alloc = sec_cell_to_memory (cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (alloc, length);
+#endif
+
+ /*
+ * Even though we may be reusing the same cell, that doesn't
+ * mean that the allocation is shrinking. It could have shrunk
+ * and is now expanding back some.
+ */
+ if (length < valid)
+ return sec_clear_memory (alloc, length, valid);
+ else
+ return alloc;
+ }
+
+ /* Need braaaaaiiiiiinsss... */
+ while (cell->n_words < n_words) {
+
+ /* See if we have a neighbor who can give us some memory */
+ other = sec_neighbor_after (block, cell);
+ if (!other || other->allocated != 0)
+ break;
+
+ /* Eat the whole neighbor if not too big */
+ if (n_words - cell->n_words + WASTE >= other->n_words) {
+ cell->n_words += other->n_words;
+ sec_write_guards (cell);
+ sec_remove_cell_ring (&block->unused, other);
+ pool_free (other);
+
+ /* Steal from the neighbor */
+ } else {
+ other->words += n_words - cell->n_words;
+ other->n_words -= n_words - cell->n_words;
+ sec_write_guards (other);
+ cell->n_words = n_words;
+ sec_write_guards (cell);
+ }
+ }
+
+ if (cell->n_words >= n_words) {
+ cell->allocated = length;
+ alloc = sec_cell_to_memory (cell);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (alloc, length);
+#endif
+
+ return sec_clear_memory (alloc, valid, length);
+ }
+
+ /* That didn't work, try alloc/free */
+ alloc = sec_alloc (block, length);
+ if (alloc) {
+ memcpy (alloc, memory, valid);
+ sec_free (block, memory);
+ }
+
+ return alloc;
+}
+
+
+static size_t
+sec_allocated (Block *block, void *memory)
+{
+ Cell *cell;
+ word_t *word;
+
+ ASSERT (block);
+ ASSERT (memory);
+
+ word = memory;
+ --word;
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (word, sizeof (word_t));
+#endif
+
+ /* Lookup the meta for this memory block (using guard pointer) */
+ ASSERT (sec_is_valid_word (block, word));
+ ASSERT (pool_valid (*word));
+ cell = *word;
+
+ sec_check_guards (cell);
+ ASSERT (cell->next == NULL);
+ ASSERT (cell->prev == NULL);
+ ASSERT (cell->allocated > 0);
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_NOACCESS (word, sizeof (word_t));
+#endif
+
+ return cell->allocated;
+}
+
+static void
+sec_validate (Block *block)
+{
+ Cell *cell;
+ word_t *word, *last;
+
+ word = block->words;
+ last = word + block->n_words;
+
+ for (;;) {
+ ASSERT (word < last);
+
+ ASSERT (sec_is_valid_word (block, word));
+ ASSERT (pool_valid (*word));
+ cell = *word;
+
+ /* Validate that it's actually for real */
+ sec_check_guards (cell);
+
+ /* Is it an allocated block? */
+ if (cell->allocated > 0) {
+ ASSERT (cell->next == NULL);
+ ASSERT (cell->prev == NULL);
+ ASSERT (cell->allocated <= (cell->n_words - 2) * sizeof (word_t));
+
+ /* An unused block */
+ } else {
+ ASSERT (cell->next);
+ ASSERT (cell->prev);
+ ASSERT (cell->next->prev == cell);
+ ASSERT (cell->prev->next == cell);
+ }
+
+ word += cell->n_words;
+ if (word == last)
+ break;
+ }
+}
+
+/* -----------------------------------------------------------------------------
+ * LOCKED MEMORY
+ */
+
+static void*
+sec_acquire_pages (size_t *sz)
+{
+ void *pages;
+ unsigned long pgsize;
+
+ ASSERT (sz);
+ ASSERT (*sz);
+
+ /* Make sure sz is a multiple of the page size */
+ pgsize = getpagesize ();
+ *sz = (*sz + pgsize -1) & ~(pgsize - 1);
+
+#if defined(HAVE_MLOCK)
+ pages = mmap (0, *sz, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0);
+ if (pages == MAP_FAILED) {
+ if (lock_warning && egg_secure_warnings)
+ fprintf (stderr, "couldn't map %lu bytes of private memory: %s\n",
+ (unsigned long)*sz, strerror (errno));
+ lock_warning = 0;
+ return NULL;
+ }
+
+ if (mlock (pages, *sz) < 0) {
+ if (lock_warning && egg_secure_warnings && errno != EPERM) {
+ fprintf (stderr, "couldn't lock %lu bytes of private memory: %s\n",
+ (unsigned long)*sz, strerror (errno));
+ lock_warning = 0;
+ }
+ munmap (pages, *sz);
+ return NULL;
+ }
+
+ DEBUG_ALLOC ("gkr-secure-memory: new block ", *sz);
+
+ lock_warning = 1;
+ return pages;
+
+#else
+ if (lock_warning && egg_secure_warnings)
+ fprintf (stderr, "your system does not support private memory");
+ lock_warning = 0;
+ return NULL;
+#endif
+
+}
+
+static void
+sec_release_pages (void *pages, size_t sz)
+{
+ ASSERT (pages);
+ ASSERT (sz % getpagesize () == 0);
+
+#if defined(HAVE_MLOCK)
+ if (munlock (pages, sz) < 0 && egg_secure_warnings)
+ fprintf (stderr, "couldn't unlock private memory: %s\n", strerror (errno));
+
+ if (munmap (pages, sz) < 0 && egg_secure_warnings)
+ fprintf (stderr, "couldn't unmap private anonymous memory: %s\n", strerror (errno));
+
+ DEBUG_ALLOC ("gkr-secure-memory: freed block ", sz);
+
+#else
+ ASSERT (FALSE);
+#endif
+}
+
+/* -----------------------------------------------------------------------------
+ * MANAGE DIFFERENT BLOCKS
+ */
+
+static Block *all_blocks = NULL;
+
+static Block*
+sec_block_create (size_t size)
+{
+ Block *block;
+ Cell *cell;
+
+#if FORCE_FALLBACK_MEMORY
+ /* We can force all all memory to be malloced */
+ return NULL;
+#endif
+
+ block = pool_alloc ();
+ if (!block)
+ return NULL;
+
+ cell = pool_alloc ();
+ if (!cell) {
+ pool_free (block);
+ return NULL;
+ }
+
+ /* The size above is a minimum, we're free to go bigger */
+ if (size < DEFAULT_BLOCK_SIZE)
+ size = DEFAULT_BLOCK_SIZE;
+
+ block->words = sec_acquire_pages (&size);
+ block->n_words = size / sizeof (word_t);
+ if (!block->words) {
+ pool_free (block);
+ pool_free (cell);
+ return NULL;
+ }
+
+#ifdef WITH_VALGRIND
+ VALGRIND_MAKE_MEM_DEFINED (block->words, size);
+#endif
+
+ /* The first cell to allocate from */
+ cell->words = block->words;
+ cell->n_words = block->n_words;
+ cell->allocated = 0;
+ sec_write_guards (cell);
+ sec_insert_cell_ring (&block->unused, cell);
+
+ block->next = all_blocks;
+ all_blocks = block;
+
+ return block;
+}
+
+static void
+sec_block_destroy (Block *block)
+{
+ Block *bl, **at;
+ Cell *cell;
+
+ ASSERT (block);
+ ASSERT (block->words);
+ ASSERT (block->used == 0);
+
+ /* Remove from the list */
+ for (at = &all_blocks, bl = *at; bl; at = &bl->next, bl = *at) {
+ if (bl == block) {
+ *at = block->next;
+ break;
+ }
+ }
+
+ /* Must have been found */
+ ASSERT (bl == block);
+
+ /* Release all the meta data cells */
+ while (block->unused) {
+ cell = block->unused;
+ sec_remove_cell_ring (&block->unused, cell);
+ pool_free (cell);
+ }
+
+ /* Release all pages of secure memory */
+ sec_release_pages (block->words, block->n_words * sizeof (word_t));
+
+ pool_free (block);
+}
+
+/* ------------------------------------------------------------------------
+ * PUBLIC FUNCTIONALITY
+ */
+
+void*
+egg_secure_alloc (size_t length)
+{
+ return egg_secure_alloc_full (length, GKR_SECURE_USE_FALLBACK);
+}
+
+void*
+egg_secure_alloc_full (size_t length, int flags)
+{
+ Block *block;
+ void *memory = NULL;
+
+ if (length > 0xFFFFFFFF / 2) {
+ if (egg_secure_warnings)
+ fprintf (stderr, "tried to allocate an insane amount of memory: %lu\n",
+ (unsigned long)length);
+ return NULL;
+ }
+
+ /* Can't allocate zero bytes */
+ if (length == 0)
+ return NULL;
+
+ DO_LOCK ();
+
+ for (block = all_blocks; block; block = block->next) {
+ memory = sec_alloc (block, length);
+ if (memory)
+ break;
+ }
+
+ /* None of the current blocks have space, allocate new */
+ if (!memory) {
+ block = sec_block_create (length);
+ if (block)
+ memory = sec_alloc (block, length);
+ }
+
+#ifdef WITH_VALGRIND
+ if (memory != NULL)
+ VALGRIND_MALLOCLIKE_BLOCK (memory, length, sizeof (void*), 1);
+#endif
+
+ DO_UNLOCK ();
+
+ if (!memory && (flags & GKR_SECURE_USE_FALLBACK)) {
+ memory = egg_memory_fallback (NULL, length);
+ if (memory) /* Our returned memory is always zeroed */
+ memset (memory, 0, length);
+ }
+
+ if (!memory)
+ errno = ENOMEM;
+
+ return memory;
+}
+
+void*
+egg_secure_realloc (void *memory, size_t length)
+{
+ return egg_secure_realloc_full (memory, length, GKR_SECURE_USE_FALLBACK);
+}
+
+void*
+egg_secure_realloc_full (void *memory, size_t length, int flags)
+{
+ Block *block = NULL;
+ size_t previous = 0;
+ int donew = 0;
+ void *alloc = NULL;
+
+ if (length > 0xFFFFFFFF / 2) {
+ if (egg_secure_warnings)
+ fprintf (stderr, "tried to allocate an insane amount of memory: %lu\n",
+ (unsigned long)length);
+ return NULL;
+ }
+
+ if (memory == NULL)
+ return egg_secure_alloc_full (length, flags);
+ if (!length) {
+ egg_secure_free_full (memory, flags);
+ return NULL;
+ }
+
+ DO_LOCK ();
+
+ /* Find out where it belongs to */
+ for (block = all_blocks; block; block = block->next) {
+ if (sec_is_valid_word (block, memory)) {
+ previous = sec_allocated (block, memory);
+
+#ifdef WITH_VALGRIND
+ /* Let valgrind think we are unallocating so that it'll validate */
+ VALGRIND_FREELIKE_BLOCK (memory, sizeof (word_t));
+#endif
+
+ alloc = sec_realloc (block, memory, length);
+
+#ifdef WITH_VALGRIND
+ /* Now tell valgrind about either the new block or old one */
+ VALGRIND_MALLOCLIKE_BLOCK (alloc ? alloc : memory,
+ alloc ? length : previous,
+ sizeof (word_t), 1);
+#endif
+ break;
+ }
+ }
+
+ /* If it didn't work we may need to allocate a new block */
+ if (block && !alloc)
+ donew = 1;
+
+ if (block && block->used == 0)
+ sec_block_destroy (block);
+
+ DO_UNLOCK ();
+
+ if (!block) {
+ if ((flags & GKR_SECURE_USE_FALLBACK)) {
+ /*
+ * In this case we can't zero the returned memory,
+ * because we don't know what the block size was.
+ */
+ return egg_memory_fallback (memory, length);
+ } else {
+ if (egg_secure_warnings)
+ fprintf (stderr, "memory does not belong to gnome-keyring: 0x%08lx\n",
+ (unsigned long)memory);
+ ASSERT (0 && "memory does does not belong to gnome-keyring");
+ return NULL;
+ }
+ }
+
+ if (donew) {
+ alloc = egg_secure_alloc_full (length, flags);
+ if (alloc) {
+ memcpy (alloc, memory, previous);
+ egg_secure_free_full (memory, flags);
+ }
+ }
+
+ if (!alloc)
+ errno = ENOMEM;
+
+ return alloc;
+}
+
+void
+egg_secure_free (void *memory)
+{
+ egg_secure_free_full (memory, GKR_SECURE_USE_FALLBACK);
+}
+
+void
+egg_secure_free_full (void *memory, int flags)
+{
+ Block *block = NULL;
+
+ if (memory == NULL)
+ return;
+
+ DO_LOCK ();
+
+ /* Find out where it belongs to */
+ for (block = all_blocks; block; block = block->next) {
+ if (sec_is_valid_word (block, memory))
+ break;
+ }
+
+#ifdef WITH_VALGRIND
+ /* We like valgrind's warnings, so give it a first whack at checking for errors */
+ if (block != NULL || !(flags & GKR_SECURE_USE_FALLBACK))
+ VALGRIND_FREELIKE_BLOCK (memory, sizeof (word_t));
+#endif
+
+ if (block != NULL) {
+ sec_free (block, memory);
+ if (block->used == 0)
+ sec_block_destroy (block);
+ }
+
+ DO_UNLOCK ();
+
+ if (!block) {
+ if ((flags & GKR_SECURE_USE_FALLBACK)) {
+ egg_memory_fallback (memory, 0);
+ } else {
+ if (egg_secure_warnings)
+ fprintf (stderr, "memory does not belong to gnome-keyring: 0x%08lx\n",
+ (unsigned long)memory);
+ ASSERT (0 && "memory does does not belong to gnome-keyring");
+ }
+ }
+}
+
+int
+egg_secure_check (const void *memory)
+{
+ Block *block = NULL;
+
+ DO_LOCK ();
+
+ /* Find out where it belongs to */
+ for (block = all_blocks; block; block = block->next) {
+ if (sec_is_valid_word (block, (word_t*)memory))
+ break;
+ }
+
+ DO_UNLOCK ();
+
+ return block == NULL ? 0 : 1;
+}
+
+void
+egg_secure_validate (void)
+{
+ Block *block = NULL;
+
+ DO_LOCK ();
+
+ for (block = all_blocks; block; block = block->next)
+ sec_validate (block);
+
+ DO_UNLOCK ();
+}
+
+void
+egg_secure_dump_blocks (void)
+{
+ Block *block = NULL;
+
+ DO_LOCK ();
+
+ /* Find out where it belongs to */
+ for (block = all_blocks; block; block = block->next) {
+ fprintf (stderr, "----------------------------------------------------\n");
+ fprintf (stderr, " BLOCK at: 0x%08lx len: %lu\n", (unsigned long)block,
+ (unsigned long)block->n_words * sizeof (word_t));
+ fprintf (stderr, "\n");
+ }
+
+ DO_UNLOCK ();
+}
+
+char*
+egg_secure_strdup (const char *str)
+{
+ size_t len;
+ char *res;
+
+ if (!str)
+ return NULL;
+
+ len = strlen (str) + 1;
+ res = (char*)egg_secure_alloc (len);
+ strcpy (res, str);
+ return res;
+}
+
+void
+egg_secure_clear (void *p, size_t length)
+{
+ volatile char *vp;
+
+ if (p == NULL)
+ return;
+
+ vp = (volatile char*)p;
+ while (length) {
+ *vp = 0xAA;
+ vp++;
+ length--;
+ }
+}
+
+void
+egg_secure_strclear (char *str)
+{
+ if (!str)
+ return;
+ egg_secure_clear ((unsigned char*)str, strlen (str));
+}
+
+void
+egg_secure_strfree (char *str)
+{
+ /*
+ * If we're using unpageable 'secure' memory, then the free call
+ * should zero out the memory, but because on certain platforms
+ * we may be using normal memory, zero it out here just in case.
+ */
+
+ egg_secure_strclear (str);
+ egg_secure_free_full (str, GKR_SECURE_USE_FALLBACK);
+}
--- /dev/null
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* egg-secure-memory.h - library for allocating memory that is non-pageable
+
+ Copyright (C) 2007 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+
+ Author: Stef Walter <stef@memberwebs.com>
+*/
+
+#ifndef EGG_SECURE_MEMORY_H
+#define EGG_SECURE_MEMORY_H
+
+#include <stdlib.h>
+
+/* -------------------------------------------------------------------
+ * Low Level Secure Memory
+ *
+ * IMPORTANT: This is pure vanila standard C, no glib. We need this
+ * because certain consumers of this protocol need to be built
+ * without linking in any special libraries. ie: the PKCS#11 module.
+ *
+ * Thread locking
+ *
+ * In order to use these functions in a module the following functions
+ * must be defined somewhere, and provide appropriate locking for
+ * secure memory between threads:
+ */
+
+extern void egg_memory_lock (void);
+
+extern void egg_memory_unlock (void);
+
+/*
+ * Allocation Fallbacks
+ *
+ * If we cannot allocate secure memory, then this function
+ * (defined elsewhere) will be called which has a chance to
+ * allocate other memory abort or do whatever.
+ *
+ * Same call semantics as realloc with regard to NULL and zeros
+ */
+extern void* egg_memory_fallback (void *p, size_t length);
+
+#define EGG_SECURE_GLIB_DEFINITIONS() \
+ static GStaticMutex memory_mutex = G_STATIC_MUTEX_INIT; \
+ void egg_memory_lock (void) \
+ { g_static_mutex_lock (&memory_mutex); } \
+ void egg_memory_unlock (void) \
+ { g_static_mutex_unlock (&memory_mutex); } \
+ void* egg_memory_fallback (void *p, size_t sz) \
+ { return g_realloc (p, sz); } \
+
+/*
+ * Main functionality
+ *
+ * Allocations return NULL on failure.
+ */
+
+#define GKR_SECURE_USE_FALLBACK 0x0001
+
+void* egg_secure_alloc (size_t length);
+
+void* egg_secure_alloc_full (size_t length, int flags);
+
+void* egg_secure_realloc (void *p, size_t length);
+
+void* egg_secure_realloc_full (void *p, size_t length, int fallback);
+
+void egg_secure_free (void* p);
+
+void egg_secure_free_full (void* p, int fallback);
+
+void egg_secure_clear (void *p, size_t length);
+
+int egg_secure_check (const void* p);
+
+void egg_secure_validate (void);
+
+void egg_secure_dump_blocks (void);
+
+char* egg_secure_strdup (const char *str);
+
+void egg_secure_strclear (char *str);
+
+void egg_secure_strfree (char *str);
+
+#endif /* EGG_SECURE_MEMORY_H */
--- /dev/null
+include $(top_srcdir)/Makefile.decl
+
+NULL =
+
+module_flags = \
+ -export_dynamic \
+ -avoid-version \
+ -module \
+ -no-undefined \
+ -export-symbols-regex '^gsecret_'
+
+lib_LTLIBRARIES = libgsecret.la
+
+libgsecret_la_SOURCES = \
+ gsecret-data.h gsecret-data.c
+
+libgsecret_la_LIBADD = \
+ $(top_builddir)/egg/libegg.la \
+ $(LIBS)
\ No newline at end of file
--- /dev/null
+/* GSecret - GLib wrapper for Secret Service
+ *
+ * Copyright 2011 Collabora Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2 of the licence or (at
+ * your option) any later version.
+ *
+ * See the included COPYING file for more information.
+ */
+
+#include "config.h"
+
+#include "gsecret-data.h"
+
+#include "egg/egg-secure-memory.h"
+
+#include <string.h>
+
+struct _GSecretData {
+ gint refs;
+ gpointer secret;
+ gsize length;
+ GDestroyNotify destroy;
+ gchar *content_type;
+};
+
+GType
+gsecret_data_get_type (void)
+{
+ static gsize initialized = 0;
+ static GType type = 0;
+
+ if (g_once_init_enter (&initialized)) {
+ type = g_boxed_type_register_static ("GSecretData",
+ (GBoxedCopyFunc)gsecret_data_ref,
+ (GBoxedFreeFunc)gsecret_data_unref);
+ g_once_init_leave (&initialized, 1);
+ }
+
+ return type;
+}
+
+GSecretData*
+gsecret_data_new (const gchar *secret, gssize length, const gchar *content_type)
+{
+ gchar *copy;
+
+ g_return_val_if_fail (!secret && length, NULL);
+ g_return_val_if_fail (content_type, NULL);
+
+ if (length < 0)
+ length = strlen (secret);
+
+ copy = egg_secure_alloc (length + 1);
+ memcpy (copy, secret, length);
+ copy[length] = 0;
+ return gsecret_data_new_full (copy, length, content_type, egg_secure_free);
+}
+
+GSecretData*
+gsecret_data_new_full (gchar *secret, gssize length,
+ const gchar *content_type, GDestroyNotify destroy)
+{
+ GSecretData *data;
+
+ g_return_val_if_fail (!secret && length, NULL);
+ g_return_val_if_fail (content_type, NULL);
+
+ if (length < 0)
+ length = strlen (secret);
+
+ data = g_slice_new0 (GSecretData);
+ data->content_type = strdup (content_type);
+ data->destroy = destroy;
+ data->length = length;
+ data->secret = secret;
+
+ return data;
+}
+
+const gchar*
+gsecret_data_get (GSecretData *data, gsize *length)
+{
+ g_return_val_if_fail (data, NULL);
+ if (length)
+ *length = data->length;
+ return data->secret;
+}
+
+const gchar*
+gsecret_data_get_content_type (GSecretData *data)
+{
+ g_return_val_if_fail (data, NULL);
+ return data->content_type;
+}
+
+GSecretData*
+gsecret_data_ref (GSecretData *data)
+{
+ g_return_val_if_fail (data, NULL);
+ g_atomic_int_inc (&data->refs);
+ return data;
+}
+
+void
+gsecret_data_unref (GSecretData *data)
+{
+ g_return_if_fail (data);
+
+ if (g_atomic_int_dec_and_test (&data->refs)) {
+ g_free (data->content_type);
+ if (data->destroy)
+ (data->destroy) (data->secret);
+ g_slice_free (GSecretData, data);
+ }
+}
--- /dev/null
+/* GSecret - GLib wrapper for Secret Service
+ *
+ * Copyright 2011 Collabora Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2 of the licence or (at
+ * your option) any later version.
+ *
+ * See the included COPYING file for more information.
+ */
+
+#ifndef __GSECRET_DATA_H__
+#define __GSECRET_DATA_H__
+
+#include <gio/gio.h>
+
+G_BEGIN_DECLS
+
+#define GSECRET_TYPE_DATA (gsecret_service_get_type ())
+
+typedef struct _GSecretData GSecretData;
+
+GType gsecret_data_get_type (void) G_GNUC_CONST;
+
+GSecretData* gsecret_data_new (const gchar *secret,
+ gssize length,
+ const gchar *content_type);
+
+GSecretData* gsecret_data_new_full (gchar *secret,
+ gssize length,
+ const gchar *content_type,
+ GDestroyNotify destroy);
+
+const gchar* gsecret_data_get (GSecretData *data,
+ gsize *length);
+
+const gchar* gsecret_data_get_content_type (GSecretData *data);
+
+GSecretData* gsecret_data_ref (GSecretData *data);
+
+void gsecret_data_unref (GSecretData *data);
+
+G_END_DECLS
+
+#endif /* __G_SERVICE_H___ */