commit: c8e1df8cd659084771c6027fbdb1255934d1f996 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Mon Jun 3 07:54:06 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Jun 3 07:54:45 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8e1df8c
app-crypt/seahorse: fix modern C issues For c99-2.patch, we backport an upstream commit as Fedora did, as it felt like a better idea. Closes: https://bugs.gentoo.org/882805 Closes: https://bugs.gentoo.org/919323 Closes: https://bugs.gentoo.org/919458 Closes: https://bugs.gentoo.org/924997 Signed-off-by: Sam James <sam <AT> gentoo.org> app-crypt/seahorse/files/seahorse-43.0-c99-2.patch | 517 +++++++++++++++++++++ app-crypt/seahorse/files/seahorse-43.0-c99.patch | 21 + app-crypt/seahorse/seahorse-43.0-r4.ebuild | 87 ++++ 3 files changed, 625 insertions(+) diff --git a/app-crypt/seahorse/files/seahorse-43.0-c99-2.patch b/app-crypt/seahorse/files/seahorse-43.0-c99-2.patch new file mode 100644 index 000000000000..65aa21fc8ec8 --- /dev/null +++ b/app-crypt/seahorse/files/seahorse-43.0-c99-2.patch @@ -0,0 +1,517 @@ +https://bugs.gentoo.org/882805 +https://gitlab.gnome.org/GNOME/seahorse/-/commit/87a5e5312beac6cbe3b39f72cf0f120f1ed00473 + +From 87a5e5312beac6cbe3b39f72cf0f120f1ed00473 Mon Sep 17 00:00:00 2001 +From: Niels De Graef <[email protected]> +Date: Sat, 21 Oct 2023 15:43:04 +0200 +Subject: [PATCH] ssh: Refactor SSH key parsing + +Fix several issues in the SSH Key parsing code, and directly use a +`GInputStream` we can (asynchronously) read from. Take the opportunity +also to add some unit tests that we can run to make sure we're not +regressing on anything. +--- + ssh/key-data.vala | 59 +++++----- + ssh/key.vala | 58 +++++----- + ssh/meson.build | 20 ++++ + ssh/source.vala | 9 +- + ssh/test-key-parse.vala | 231 ++++++++++++++++++++++++++++++++++++++++ + 5 files changed, 316 insertions(+), 61 deletions(-) + create mode 100644 ssh/test-key-parse.vala + +diff --git a/ssh/key-data.vala b/ssh/key-data.vala +index 1fdb1e6a8..8843bff84 100644 +--- a/ssh/key-data.vala ++++ b/ssh/key-data.vala +@@ -101,12 +101,12 @@ public class Seahorse.Ssh.KeyData : GLib.Object { + return result; + } + +- internal static string parse_key_blob (uchar[] bytes) throws GLib.Error { ++ internal static string parse_key_blob(uchar[] bytes) throws GLib.Error { + string digest = Checksum.compute_for_data(ChecksumType.MD5, bytes); + if (digest == null) + throw new Error.GENERAL("Can't calculate fingerprint from key."); + +- StringBuilder fingerprint = new StringBuilder.sized((digest.length * 3) / 2); ++ var fingerprint = new StringBuilder.sized((digest.length * 3) / 2); + for (size_t i = 0; i < digest.length; i += 2) { + if (i > 0) + fingerprint.append_c(':'); +@@ -147,7 +147,7 @@ public class Seahorse.Ssh.KeyData : GLib.Object { + string contents; + FileUtils.get_contents(filename, out contents); + +- StringBuilder results = new StringBuilder(); ++ var results = new StringBuilder(); + + // Load each line + bool first = true; +@@ -204,54 +204,65 @@ public class Seahorse.Ssh.SecData : GLib.Object { + * + * @param data The data that contains a private key. + */ +- public static SecData parse_data(StringBuilder data) throws GLib.Error { +- SecData secdata = new SecData(); ++ public static SecData parse_data(DataInputStream data, string initial_line) throws GLib.Error { ++ var secdata = new SecData(); + + // Get the comment +- if (data.str.has_prefix(SSH_KEY_SECRET_SIG)) { +- string comment = data.str.split("\n", 2)[0]; +- secdata.comment = comment.substring(SSH_KEY_SECRET_SIG.length).strip(); ++ if (initial_line.has_prefix(SSH_KEY_SECRET_SIG)) { ++ secdata.comment = initial_line.substring(SSH_KEY_SECRET_SIG.length).strip(); + } + + // First get our raw data (if there is none, don't bother) +- string rawdata = parse_lines_block(data, SSH_PRIVATE_BEGIN, SSH_PRIVATE_END); ++ string rawdata = parse_lines_block(data, initial_line, SSH_PRIVATE_BEGIN, SSH_PRIVATE_END); + if (rawdata == null || rawdata == "") + throw new Error.GENERAL("Private key contains no data."); + + secdata.rawdata = rawdata; + +- // Guess at the algorithm type +- secdata.algo = Algorithm.guess_from_string(rawdata); ++ // Guess the algorithm type by searching the base64 decoded data. (we ++ // should properly exclude the start/end line, but it shouldn't harm ++ // too much though afaik). Note that it's definitely not ideal though; ++ // but the openssh format isn't exactly obvious ++ var decoded = Base64.decode(rawdata.offset(initial_line.length)); ++ for (uint i = 0; i < decoded.length - 3; i++) { ++ unowned var str = ((string) decoded).offset(i); ++ var algo = Algorithm.from_string(str); ++ if (algo != Algorithm.UNKNOWN) { ++ secdata.algo = algo; ++ break; ++ } ++ } + + return secdata; + } + +- /** +- * Takes everything between the start and end pattern and returns it. +- * NOTE: The string (if found will) be removed from the argument. +- */ +- private static string parse_lines_block(StringBuilder data, string start, string end) { +- StringBuilder result = new StringBuilder(); ++ /** Reads all lines from start until the end pattern and returns it */ ++ private static string parse_lines_block(DataInputStream data, ++ string initial_line, ++ string start, string end) ++ throws GLib.Error { ++ var result = new StringBuilder(); ++ ++ string? line = initial_line; + + bool start_found = false; +- string[] lines = data.str.split("\n"); +- foreach (string line in lines) { ++ do { + // Look for the beginning + if (!start_found) { + if (start in line) { +- result.append_printf("%s\n", line); +- result.erase(0, line.length + 1); ++ result.append(line); ++ result.append_c('\n'); + start_found = true; + continue; + } + } else { + // Look for the end +- result.append_printf("%s\n", line); +- result.erase(0, line.length + 1); ++ result.append(line); ++ result.append_c('\n'); + if (end in line) + break; + } +- } ++ } while ((line = data.read_line_utf8()) != null); + + return result.str; + } +diff --git a/ssh/key.vala b/ssh/key.vala +index e2ebc30b3..453f8dd2c 100644 +--- a/ssh/key.vala ++++ b/ssh/key.vala +@@ -223,24 +223,36 @@ public class Seahorse.Ssh.Key : Seahorse.Object, Seahorse.Exportable, Seahorse.D + } + + /** +- * Parses a string into public/private keys. ++ * Parses an input stream into public/private keys. + * +- * @param data The string that needs to be parsed. ++ * @param input The input stream that needs to be parsed. + * @param cancellable Can be used to cancel the parsing. + */ +- public static async KeyParseResult parse(string data, +- Cancellable? cancellable = null) throws GLib.Error { +- return_if_fail (data != null || data != ""); +- ++ public static async KeyParseResult parse(GLib.InputStream input, ++ Cancellable? cancellable = null) ++ throws GLib.Error { + var pubkeys = new GenericArray<KeyData>(); + var seckeys = new GenericArray<SecData>(); + +- StringBuilder toParse = new StringBuilder(data.chug()); +- while (toParse.str.length > 0) { ++ // Fetch the data into a string ++ var data = new DataInputStream(input); ++ ++ while (true) { ++ // Read the next line, and remove leading whitespace ++ var raw_line = yield data.read_line_utf8_async(Priority.DEFAULT, cancellable, null); ++ if (raw_line == null) ++ break; ++ ++ string line = raw_line.chug(); ++ ++ // Ignore comments and empty lines (not a parse error, but no data) ++ if (line == "" || line.has_prefix("#")) ++ continue; ++ + // First of all, check for a private key, as it can span several lines +- if (SecData.contains_private_key(toParse.str)) { ++ if (SecData.contains_private_key(line)) { + try { +- var secdata = SecData.parse_data(toParse); ++ var secdata = SecData.parse_data(data, line); + seckeys.add(secdata); + continue; + } catch (GLib.Error e) { +@@ -248,24 +260,9 @@ public class Seahorse.Ssh.Key : Seahorse.Object, Seahorse.Exportable, Seahorse.D + } + } + +- // We're sure we'll have at least 1 element +- string[] lines = toParse.str.split("\n", 2); +- string line = lines[0]; +- toParse.erase(0, line.length); +- if (lines.length == 2) // There was a \n, so don't forget to erase it as well +- toParse.erase(0, 1); +- +- // Comments and empty lines, not a parse error, but no data +- if (line.strip() == "" || line.has_prefix("#")) +- continue; +- + // See if we have a public key +- try { +- KeyData keydata = KeyData.parse_line(line); +- pubkeys.add(keydata); +- } catch (GLib.Error e) { +- warning(e.message); +- } ++ var keydata = KeyData.parse_line(line); ++ pubkeys.add(keydata); + } + + var result = KeyParseResult(); +@@ -282,9 +279,8 @@ public class Seahorse.Ssh.Key : Seahorse.Object, Seahorse.Exportable, Seahorse.D + */ + public static async KeyParseResult parse_file(string filename, + Cancellable? cancellable = null) throws GLib.Error { +- string contents; +- FileUtils.get_contents(filename, out contents); +- +- return yield parse(contents, cancellable); ++ var file = GLib.File.new_for_path(filename); ++ var file_stream = yield file.read_async(); ++ return yield parse(file_stream, cancellable); + } + } +diff --git a/ssh/meson.build b/ssh/meson.build +index 15418772e..c2c81a6a9 100644 +--- a/ssh/meson.build ++++ b/ssh/meson.build +@@ -58,3 +58,23 @@ ssh_askpass = executable('ssh-askpass', + install: true, + install_dir: libexecbindir, + ) ++ ++# Tests ++ssh_test_names = [ ++ 'key-parse', ++] ++ ++foreach _test : ssh_test_names ++ test_bin = executable(_test, ++ files('test-@[email protected]'.format(_test)), ++ dependencies: [ ++ ssh_dep, ++ ssh_dependencies, ++ ], ++ include_directories: include_directories('..'), ++ ) ++ ++ test(_test, test_bin, ++ suite: 'ssh', ++ ) ++endforeach +diff --git a/ssh/source.vala b/ssh/source.vala +index c4646c9fb..43b4a1ab0 100644 +--- a/ssh/source.vala ++++ b/ssh/source.vala +@@ -333,15 +333,12 @@ public class Seahorse.Ssh.Source : GLib.Object, Gcr.Collection, Seahorse.Place { + /** + * Parse an inputstream into a list of keys and import those keys. + */ +- public async List<Key>? import_async(InputStream input, Gtk.Window transient_for, ++ public async List<Key>? import_async(InputStream input, ++ Gtk.Window? transient_for, + Cancellable? cancellable = null) throws GLib.Error { +- uint8[] buffer = new uint8[4096]; +- size_t bytes_read; +- input.read_all(buffer, out bytes_read, cancellable); ++ var result = yield Key.parse(input, cancellable); + + string fullpath = other_keys_path(); +- +- var result = yield Key.parse((string) buffer, cancellable); + foreach (unowned var keydata in result.public_keys) { + yield import_public_async(keydata, fullpath, cancellable); + } +diff --git a/ssh/test-key-parse.vala b/ssh/test-key-parse.vala +new file mode 100644 +index 000000000..ef9404790 +--- /dev/null ++++ b/ssh/test-key-parse.vala +@@ -0,0 +1,231 @@ ++/* ++ * Seahorse ++ * ++ * Copyright (C) 2023 Niels De Graef ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 2 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ++ * See the GNU General Public License for more details. ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, see ++ * <http://www.gnu.org/licenses/>. ++ */ ++ ++void main(string[] args) { ++ Test.init(ref args); ++ ++ Test.add_func("/ssh/key-parse/pubkey-simple", test_key_parse_pubkey_simple); ++ Test.add_func("/ssh/key-parse/pubkey-bad-algo", test_key_parse_pubkey_bad_algo); ++ Test.add_func("/ssh/key-parse/pubkey-multple", test_key_parse_pubkey_multiple); ++ ++ Test.add_func("/ssh/key-parse/private-key-simple", test_key_parse_private_key_simple); ++ Test.add_func("/ssh/key-parse/private-key-pw-protected", test_key_parse_private_key_pw_protected); ++ ++ Test.run(); ++} ++ ++const string PUBKEY_SIMPLE = """ ++ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCi9ZNp78OzcMpR9QeSKKCybNxTR+ailXs3cwizr1R9Dlx/EobQBXOwE2Ed5PqSU5HEgtYRoKqlTxMogMXMX508dedC0ADTzM09B3OBqpZ7YnMuyLbtk1MNP8xcvVmHwwfw3Y79xxZZeqjUTI7cSE6jcNyz/k/Dl+6RYI552ab80b1kgDDwOyUL75hFllEZ9vHCcAOtk7y5LyeUpnRu5WJq0YBPVQljeYs23ZiTSo5NkJd7pvV9hs68ZAYqm1POXwCcAKOj4HXW3AL83AD49g8MJOAelCMaJpUkOgn4n4QTtqLEC108sqZgwWiadbN/ZHt3Idbn3AIxMMhD/wdkSwkfm9tAohMrqYpSiG31xyifH61mcoBMSxRMQhUscCGV3kLo6P/dZtxRbu4r74r/Ae2Jg4pzYrVFVzfObXdlTjtxJmR8UvnZg60OE0RwYMs1LJTE6xakcAg22O9i3bau00MoIIYEPgiFFP5t0Tw3D06BcEzr/2wEzlvbxy0qzDTr40U= testsimple ++"""; ++ ++private void test_key_parse_pubkey_simple() { ++ var input = new MemoryInputStream.from_data(PUBKEY_SIMPLE.data); ++ ++ var mainloop = new GLib.MainLoop(); ++ Seahorse.Ssh.Key.parse.begin(input, null, (obj, res) => { ++ try { ++ var parse_result = Seahorse.Ssh.Key.parse.end(res); ++ ++ assert_true(parse_result.public_keys.length == 1); ++ unowned var keydata = parse_result.public_keys[0]; ++ assert_true(keydata.comment == "testsimple"); ++ assert_true(keydata.algo == Seahorse.Ssh.Algorithm.RSA); ++ ++ assert_true(parse_result.secret_keys.length == 0); ++ } catch (Error err) { ++ error("Couldn't parse public key: %s", err.message); ++ } finally { ++ mainloop.quit(); ++ } ++ }); ++ mainloop.run(); ++} ++ ++// Basically the same as PUBKEY_SIMPLE, but a bogus algorithm ++const string PUBKEY_BAD_ALGO = """ ++ssh-blabla AAAAB3NzaC1yc2EAAAADAQABAAABgQCi9ZNp78OzcMpR9QeSKKCybNxTR+ailXs3cwizr1R9Dlx/EobQBXOwE2Ed5PqSU5HEgtYRoKqlTxMogMXMX508dedC0ADTzM09B3OBqpZ7YnMuyLbtk1MNP8xcvVmHwwfw3Y79xxZZeqjUTI7cSE6jcNyz/k/Dl+6RYI552ab80b1kgDDwOyUL75hFllEZ9vHCcAOtk7y5LyeUpnRu5WJq0YBPVQljeYs23ZiTSo5NkJd7pvV9hs68ZAYqm1POXwCcAKOj4HXW3AL83AD49g8MJOAelCMaJpUkOgn4n4QTtqLEC108sqZgwWiadbN/ZHt3Idbn3AIxMMhD/wdkSwkfm9tAohMrqYpSiG31xyifH61mcoBMSxRMQhUscCGV3kLo6P/dZtxRbu4r74r/Ae2Jg4pzYrVFVzfObXdlTjtxJmR8UvnZg60OE0RwYMs1LJTE6xakcAg22O9i3bau00MoIIYEPgiFFP5t0Tw3D06BcEzr/2wEzlvbxy0qzDTr40U= testbad ++"""; ++ ++private void test_key_parse_pubkey_bad_algo() { ++ var input = new MemoryInputStream.from_data(PUBKEY_BAD_ALGO.data); ++ ++ var mainloop = new GLib.MainLoop(); ++ Seahorse.Ssh.Key.parse.begin(input, null, (obj, res) => { ++ try { ++ Seahorse.Ssh.Key.parse.end(res); ++ assert_not_reached(); ++ } catch (Error err) { ++ // Expected ++ } finally { ++ mainloop.quit(); ++ } ++ }); ++ mainloop.run(); ++} ++ ++const string PUBKEY_MULTIPLE = """ ++ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCi9ZNp78OzcMpR9QeSKKCybNxTR+ailXs3cwizr1R9Dlx/EobQBXOwE2Ed5PqSU5HEgtYRoKqlTxMogMXMX508dedC0ADTzM09B3OBqpZ7YnMuyLbtk1MNP8xcvVmHwwfw3Y79xxZZeqjUTI7cSE6jcNyz/k/Dl+6RYI552ab80b1kgDDwOyUL75hFllEZ9vHCcAOtk7y5LyeUpnRu5WJq0YBPVQljeYs23ZiTSo5NkJd7pvV9hs68ZAYqm1POXwCcAKOj4HXW3AL83AD49g8MJOAelCMaJpUkOgn4n4QTtqLEC108sqZgwWiadbN/ZHt3Idbn3AIxMMhD/wdkSwkfm9tAohMrqYpSiG31xyifH61mcoBMSxRMQhUscCGV3kLo6P/dZtxRbu4r74r/Ae2Jg4pzYrVFVzfObXdlTjtxJmR8UvnZg60OE0RwYMs1LJTE6xakcAg22O9i3bau00MoIIYEPgiFFP5t0Tw3D06BcEzr/2wEzlvbxy0qzDTr40U= test1 ++ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDADxtTchMRaGP2YCG5Iiu/sCkdKYkogkZ9NrawGutvwcoQL4D3oIC+r+ka3YzenICz0Rpu4ZIyGzn5s7VISzjcGK99a8/UoXsSyTUy37ihbpAbkYju+avtJZyCMOrRyrXp0W8gSKnUuxDJJNlG5+Jhjdh35rGo7ENSDIGRBXx0uLmKvxbPGSQoULbUzxJRVes6HW7cr44RXG4GL5uekS5hSHN/wJuc/OBqT2ETn+Ivn8cj2fooR6Y7Ei6uFNwbNebYgzDzNOTfaGssCXoEqWL9dJA8FAXA9u4BQskIaUm9SiQblzKGZSKtoPPFh7Sp7Ii1k2TAG0g9VW8gYqUZgLZY4OKjARR+SkdyzlnJKOD1QuSIrnyDNOgl7SBwtujT6gg+9bcQzSPVRWuPldYj2qYEZiR7LPood7AvzDL2tZwb8r60O5KDip+66inj5BxmPO6Vmeo84DLXdZNhEnoCfaL5J9qArhTvxYPjU8RiuBoy6nqN00IWeT2e3RZTPjpq1wc= test2 ++"""; ++ ++private void test_key_parse_pubkey_multiple() { ++ var input = new MemoryInputStream.from_data(PUBKEY_MULTIPLE.data); ++ ++ var mainloop = new GLib.MainLoop(); ++ Seahorse.Ssh.Key.parse.begin(input, null, (obj, res) => { ++ try { ++ var parse_result = Seahorse.Ssh.Key.parse.end(res); ++ assert_true(parse_result.public_keys.length == 2); ++ assert_true(parse_result.secret_keys.length == 0); ++ } catch (Error err) { ++ error("Couldn't parse public key: %s", err.message); ++ } finally { ++ mainloop.quit(); ++ } ++ }); ++ mainloop.run(); ++} ++ ++const string PRIVATE_KEY_SIMPLE = """ ++-----BEGIN OPENSSH PRIVATE KEY----- ++b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn ++NhAAAAAwEAAQAAAYEAvR0sY6LuyQBk0eWtHlblilTu5ywOxIPtX5Xz1DQ/nTs3+EiuUjpX ++7wpBd0X8KLVwF8XqrgsS/cZGKKwwTTIthifiOkIin2M1c5zqjq5mYXLd8OVy7FPGz3kRcY ++bqcZ5IhH6rrccLKgqz8F8YDZ1PP/zViRV6pjL4M9V+vM50JNbc09o199rOhrIfzWpbmbsU ++L98ADNFdyAexJAo46I5KF4ABp43y8fxKVkOQmouN92ao5s4tktkU2RDieAQEGS5tCcuabM ++vyq+nsZ3SxhAAM+k1A98F4sDaPBLMvQrGTRfIhbtPEqJsffzmoNiLsuFooCB8bbrpb5gp0 ++pvoQCDomWPR618KJSt6c2JCpxd0v64N+xaGjeuKnH+nGeQ2I8KjGz49bpTsNU/XHSAJHS8 ++72GiVZ1sVeEGxU2nR58Faixg6quEQr/SjjFCLTjV1v9zXmYLGUC2WoYrvh8Xv1/5u11WG9 ++jxbZrwNeHR5b0mL4espyAaxhyP093cRj0am3HX03AAAFiLLBfcCywX3AAAAAB3NzaC1yc2 ++EAAAGBAL0dLGOi7skAZNHlrR5W5YpU7ucsDsSD7V+V89Q0P507N/hIrlI6V+8KQXdF/Ci1 ++cBfF6q4LEv3GRiisME0yLYYn4jpCIp9jNXOc6o6uZmFy3fDlcuxTxs95EXGG6nGeSIR+q6 ++3HCyoKs/BfGA2dTz/81YkVeqYy+DPVfrzOdCTW3NPaNffazoayH81qW5m7FC/fAAzRXcgH ++sSQKOOiOSheAAaeN8vH8SlZDkJqLjfdmqObOLZLZFNkQ4ngEBBkubQnLmmzL8qvp7Gd0sY ++QADPpNQPfBeLA2jwSzL0Kxk0XyIW7TxKibH385qDYi7LhaKAgfG266W+YKdKb6EAg6Jlj0 ++etfCiUrenNiQqcXdL+uDfsWho3ripx/pxnkNiPCoxs+PW6U7DVP1x0gCR0vO9holWdbFXh ++BsVNp0efBWosYOqrhEK/0o4xQi041db/c15mCxlAtlqGK74fF79f+btdVhvY8W2a8DXh0e ++W9Ji+HrKcgGsYcj9Pd3EY9Gptx19NwAAAAMBAAEAAAGAEepQGLZIObl0U6AW+N9RinvGUB ++cP5RT8aUg625kBh8Mi57326apGR0po7kQugarCjjX9J/S7nVfpsJOzVbTRtDpWB5/ZSNEs ++sKGmZNLntwabOOV7sCC1nlUBTohx8EaG5ypa2DEZgSeXaUeQ70U+SzkH/58Nye3dLofkpD ++1Iqm7CZ71tzGeplgAM3DhdqiAbZveQuSYiZL85zEi9oGZOZZCGV5mucLcuUaK/8awTzGKo ++0Iiqr5UqEPA1DBqRStNnbfu265Zc/VacI0Z+00dMiO7VQ1lB5TnO9MkuEU3Kd59sHKvuX0 ++Hw5V2BqvJVqdqF5j6yxAExD7J8JNybcpE+LXzgysTBAEg2QPQa4GzWERytWSddVU+LTrEu ++BOb8o2bMV4eHbo7Y06ziq+MJQIDWJr7qNMbDtaV5UCNWcIlYaKX9X8si0qFBzHPRTx53aV ++beb4C5G8Ce4HU4Q3eEC0idCSpALEZEb8NIqxHigWuQKlqAhju31IIFjPoJ8uvs/49VAAAA ++wD2DtKmKzpZrguKjUrMTtCyh8cRxvvACe5ij6oPlhnJJ3Hlyb5QkH/FMqudJhkOaZrLjz0 ++JFLXQ4SUoUxdnolBb5B6wNfL66CXCurwR8MzHxHZyNL2+EB/jHhgF5Oh631LShe9GHJ+nE ++umN9zzDmW4pfWIoUZbzaNi2IQS4Qv+pJWk/uQFzqnS39HQkdgNh8s3sPJQUvykgbD24vNu ++qzML23S3NxsJfxJzsl8HL7LTaf08toSXeNqif4iPxuy0F9nAAAAMEA+MjSgU7GxqAjgE+7 ++zTKbEAw2WZhSWk+sHDSzTpt7T6JhTbsD0I+ZXqb3lcrKTnxjGP8bj4zWeH/mtpVCRDb/xE ++cOjku/aszvCBHKcD9naE+U/pOqwWR60jPb65+2hvBxqCFKb+2FVeM7E7BYL4kSQ/FV3svu ++rCQ0+liFnD4VxDbvNHDXz2h9RlqYTjZ90/d5I4oibuHPvcy3jMri99qBuvPj/8BhfPBmKw ++o+VZpJbWHEfuDZx1Rr3vRx3VtmfLLFAAAAwQDCmU8SYZ/GYR/EQU3MfIK/3wVKiasBh3a/ ++gIgD1+wnobau0MHd8vvGdehLPNVHKQ0/QkOsIdQl1XEKXFaNNGo8ZMHsawacdRze7ulfpe ++LSYdlqKqu73m2wy8LsY+IGSZGRkjCK1LNJevU8ec0nHSUGIn49VK+jPPjyNGHZw5yIL8QE ++nmvLcmgqiGQHjsArmk4NAdA5LGJSF3EfSKDx1Rs1CKCn/3+tpIbTpVZl6r1IDpuLPOvtYO ++f5GQO1BGgcf8sAAAAQbmRlZ3JhZWZAdG9vbGJveAECAw== ++-----END OPENSSH PRIVATE KEY----- ++"""; ++ ++private void test_key_parse_private_key_simple() { ++ var input = new MemoryInputStream.from_data(PRIVATE_KEY_SIMPLE.data); ++ ++ var mainloop = new GLib.MainLoop(); ++ Seahorse.Ssh.Key.parse.begin(input, null, (obj, res) => { ++ try { ++ var parse_result = Seahorse.Ssh.Key.parse.end(res); ++ assert_true(parse_result.public_keys.length == 0); ++ ++ assert_true(parse_result.secret_keys.length == 1); ++ unowned var secdata = parse_result.secret_keys[0]; ++ assert_null(secdata.comment); ++ assert_true(secdata.algo == Seahorse.Ssh.Algorithm.RSA); ++ } catch (Error err) { ++ error("Couldn't parse private key: %s", err.message); ++ } finally { ++ mainloop.quit(); ++ } ++ }); ++ mainloop.run(); ++} ++ ++// Key with "test" password ++const string PRIVATE_KEY_PW_PROTECTED = """ ++-----BEGIN OPENSSH PRIVATE KEY----- ++b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABAkHotf4u ++iTM795vuCNSfZBAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQDcelHwoS/V ++AG2fg+gUkDFswBxazTuSASmXs5JXCPt3LpYRS38xr+LXH8APUBLoVTJbmU3QFMg9SCNVGp ++5hGKE3mYt9+EIMQQrQfSTGfU0JwLldNyO9pIPDW1ANjoP7fuGxVQpbHlbekNdZvVTarQS2 ++bJlIq2V4YwROyK6NRUj0JtRxlR0PQsdoOuCnzB0HUsRR4aSBkieVEytLy+/nhjSn22bz+g ++1XW3FePmEEGWXfKtCLXAXSkLiTmT0AgFCZyjbYjxJHWvJZ1ndiVsQSQFuAkvMfzoflBhfT ++pUMU22rl0GVsycJ06HkI9GF4aHjqzADvS4AvynKt+CQ7K/PDSAeGxNC7qa26OmBQPPT3Xw ++2PjqpqHpa/Hlx/G3nAMC6lzefHhAJkAB2wGF4DS/OxGTaS3rf+lJEVU7WSbLH9C5kTiqxf ++dlTC88ln9J2xHgnwewXfYbBbjqBbt6F1xSYBstm4o64fWzXdbsh0PzBBixGkFN0LZRuymB ++t0+jcxZwBL/UcAAAWQsqRgReFcL5tiXLDHd+pZxv3+mIyrqszEnoAw6/BGkt7UAFu2Gx5B ++3acmLUS5rgUmij+duFWPL4yZ3MW5ZJmCk89lkRholdIdFsZO3qz0L+fZ8mPa5IGxomrDxN ++mZiMQGSS+JnGsYxylAVucGmld02kP6F4hGYKMYsyUUQPtDg3qGJ4xckWfCLtaPUO0siLui ++//1lzHdT0dmodAMAxcXbwmlOYcpHDxSH5H9IfhzhTGQpHHw7aWys80G1HHRiClQDQgWvIg ++Wj/U30k2RuJYtfgIAcacvp4Fk1UMdUazrwfAogrjkLF2A6jqgYW6r2S1sITbruz0GrmXZy ++XHMA+cO2XsizMZOZAxpJmSkA04sb/gPiXOb+vBHAtjhY42Oucc0xg97QH1KfjBWG7yAqyc ++NC4XQ38ipF/Fyx0YCiZSysL37PGZlZo/sa8B8/9yb4/oSgyFhtE7aR/VI69ZWMjYSoc3/E ++yGIzEf67IC/BKNqBV281h6jc7DTr7F5nsdUHB0JdNmLf7sCVzDPNw+Gc88jHoV8eki9NJ3 ++X1vnzu2CnhvPYoVgb9GOmPAPD9PgB2W3wQ8lznIrcdKduWbi0uQJ8z/UWvJYs5nxZSBaW6 ++elVmeKjonzK/MX+U0pmKJnYLMkZ88PolzCY0Bka3mwcQGUjyq+GdUjo5yY1eeSW8bwNNRJ ++3riCVg7Zga5EQyNcAjxUP9gLkeFcHyIhyLlRGLLKtuNa+EkvcXzNVvUs1rP8KkusZrcbuH ++yZMUjOAvauXMwAiEm042QEUlQz6HGtVqmOnmTbsZQQ/DZqrAEgX8FoiRlWG76uQxvfo4qd ++cf/y3wapJfawFZ8rkQUtq4FsLGtIv4KYUyWgYlzpQvLolvTaNFcZNO75T2RrJ4DW/z8nDl ++2EdS0H+VxMa9At0D0kxxkJAKqQRhrT4axs3IUqbOVk4ztkcLmlHaxC+spxwspYQjyx785r ++oNgLcQnesQqIpRe0uVBaHbdOGrvWs2TUKBWxjVeXVZkenwU1Mnu+STXKhzcvtU0jHuei/Y ++fFxQg1P/KG7KWr+qoD1zBsKCQpv04VgFotexapUU6sW9tJdIpiplha43xt1fWRPFz3VA+/ ++GORk5nLRk1Rqdx8H1fClGACXyNy/jo4LyJavlH8j5eTdvbHAswEaXbR3XpXPUXlBXQRKzd ++INK8qEfl0Kk4SB/y/PLjr4J7xgFOTDtAbtZIa0T4woeIXbNd6D3gwG4VB7H8z56pms2sYf ++vE3a+xCGIdDyEqK3kNIy6j7ex3+E5AxHO0/vbG/2kDZlZUWI+9EeiMqLTx6QQeAQ9DQoDB ++E7BiJOPSJhjAhuTbxBaf29z8pC3P5EwJoRbpERoAlMmRoIdEL8UzHns97dB8mj0lgLJuYt ++1UEiuGgNI+7mtayMrMTmkPAH//v8b4JfyHSFOcMIFvQGd8Lf8/nl0sdhB/eVAKGxSYtRvE ++65cjw6U9afG+wyNkISHAtOXB2g4HTbwHRSsq5451z8kbMlSMufKoaI7NlWXtiStjgXA2TI ++4b/5STOu15kfnEDWrW0uUQkWodKZqvr+p1fbvM8ijysA8rfqCgqSu9XMaQYNeqn2p7Exp5 ++dsZBpE6gkNJjgHkhgUeBHtvkQmnXaj87kPkDOL2gnvWzVEnZiUBQZgL1O9Z3Qr0+PuSrkh ++QIwPO0umkWA4qRkd4vh1SAg/vyOeDgdAxmcHm3So2IxOKQnBmWBIgsxkaei4d2yUvqLhmY ++9dbjgNZnyh81Rf2bkYPvnUhf1anKyxyRcbybQMdGJS4u3J7RO246+VbpPDvDm7cL5wbGol ++Q9Y8O2PciUoksK03RCdyeoKpJ2VdAvve5TyNs0aLYmpemYyl7rA7s4STR/gSWzBRPYWxbI ++Znmynq4dXIf58Nj4+TpgQkxQwxM= ++-----END OPENSSH PRIVATE KEY----- ++"""; ++ ++private void test_key_parse_private_key_pw_protected() { ++ var input = new MemoryInputStream.from_data(PRIVATE_KEY_PW_PROTECTED.data); ++ ++ var mainloop = new GLib.MainLoop(); ++ Seahorse.Ssh.Key.parse.begin(input, null, (obj, res) => { ++ try { ++ var parse_result = Seahorse.Ssh.Key.parse.end(res); ++ assert_true(parse_result.public_keys.length == 0); ++ ++ assert_true(parse_result.secret_keys.length == 1); ++ unowned var secdata = parse_result.secret_keys[0]; ++ assert_null(secdata.comment); ++ assert_true(secdata.algo == Seahorse.Ssh.Algorithm.RSA); ++ } catch (Error err) { ++ error("Couldn't parse private key: %s", err.message); ++ } finally { ++ mainloop.quit(); ++ } ++ }); ++ mainloop.run(); ++} +-- +GitLab diff --git a/app-crypt/seahorse/files/seahorse-43.0-c99.patch b/app-crypt/seahorse/files/seahorse-43.0-c99.patch new file mode 100644 index 000000000000..6fe5ff3cd800 --- /dev/null +++ b/app-crypt/seahorse/files/seahorse-43.0-c99.patch @@ -0,0 +1,21 @@ +https://bugs.gentoo.org/882805 +https://gitlab.gnome.org/GNOME/seahorse/-/merge_requests/220 + +From 4110a2389bf9728b8f0c9b216b0a5843de806e4a Mon Sep 17 00:00:00 2001 +From: ppw 0 <[email protected]> +Date: Wed, 6 Dec 2023 12:16:45 +0000 +Subject: [PATCH] Update file operation.vala + +--- a/ssh/operation.vala ++++ b/ssh/operation.vala +@@ -49,7 +49,7 @@ public abstract class Operation : GLib.Object { + protected async string? operation_async(string command, + string? input, + Cancellable? cancellable) throws GLib.Error { +- return_val_if_fail (command != null && command != "", null); ++ return_val_if_fail (command != null && command != "", false); + + // Strip the command name for logging purposes + string[] args; +-- +GitLab diff --git a/app-crypt/seahorse/seahorse-43.0-r4.ebuild b/app-crypt/seahorse/seahorse-43.0-r4.ebuild new file mode 100644 index 000000000000..422476ec2fd6 --- /dev/null +++ b/app-crypt/seahorse/seahorse-43.0-r4.ebuild @@ -0,0 +1,87 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +PYTHON_COMPAT=( python3_{10..12} ) +inherit gnome.org gnome2-utils meson python-any-r1 vala xdg + +DESCRIPTION="Manage your passwords and encryption keys" +HOMEPAGE="https://wiki.gnome.org/Apps/Seahorse"; + +LICENSE="GPL-2+ FDL-1.1+" +SLOT="0" +IUSE="ldap zeroconf" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" + +RDEPEND=" + >=dev-libs/glib-2.66:2 + >=app-crypt/gcr-3.38:0= + >=app-crypt/gpgme-1.14.0:= + >=x11-libs/gtk+-3.24.0:3 + >=app-crypt/gnupg-2.2 + >=gui-libs/libhandy-1.6.0:1 + >=app-crypt/libsecret-0.16 + dev-libs/libpwquality + virtual/openssh + ldap? ( net-nds/openldap:= ) + net-libs/libsoup:3.0 + zeroconf? ( >=net-dns/avahi-0.6[dbus] ) +" +DEPEND="${RDEPEND} + $(vala_depend) + dev-libs/libxml2:2 + app-crypt/gcr:0[vala] + app-crypt/libsecret[vala] + gui-libs/libhandy:1[vala] +" +BDEPEND=" + ${PYTHON_DEPS} + app-text/docbook-xml-dtd:4.2 + app-text/docbook-xsl-stylesheets + dev-libs/appstream-glib + dev-libs/libxslt + dev-util/gdbus-codegen + dev-util/glib-utils + dev-util/itstool + >=sys-devel/gettext-0.19.8 + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}"/${P}-gnupg-2.4.patch + "${FILESDIR}"/${P}-musl-stdout.patch + "${FILESDIR}"/${P}-clang16.patch + "${FILESDIR}"/${P}-c99.patch + "${FILESDIR}"/${P}-c99-2.patch +) + +src_prepare() { + default + vala_setup + gnome2_environment_reset +} + +src_configure() { + local emesonargs=( + -Dhelp=true + -Dpgp-support=true + -Dcheck-compatible-gpg=false # keep lowest version listed as compatible as min dep for gnupg RDEPEND + -Dpkcs11-support=true + -Dkeyservers-support=true + -Dhkp-support=true + $(meson_use ldap ldap-support) + $(meson_use zeroconf key-sharing) + -Dmanpage=true + ) + meson_src_configure +} + +pkg_postinst() { + xdg_pkg_postinst + gnome2_schemas_update +} + +pkg_postrm() { + xdg_pkg_postrm + gnome2_schemas_update +}
