Changes in version 3.2.0 are: * Don't install setuid when filesystem capabilities not available * Updated translations Changes in version 3.1.92 are: * Add back the file format "documentation" * Make .desktop file match prompt process so icon and title are shown * Fix packaging issues installing the pkcs11 module * return correct error code in gpg-agent for unimplemented stuff * Fixes for parsing/viewing various (sometimes slightly invalid) PKCS#12 files * Allow daemon to access secrets of internal PKCS#11 modules, so that we can do things like hash NTLM and Kerberos secrets in the future. * Build and documentation fixes * Updated translations Changes in version 3.1.91 are: * gcr-viewer will now display errors when failing to load a file. * gcr-viewer can now prompt for passwords to unlock files * Add support for getting the current data block being parsed in GcrParser. * Add debug output to various points in the GCR and GCK libraries. * When replacing another gnome-keyring-daemon, wait a moment before initializing. * Fix GCR library initialization bugs loading PKCS#11 modules. * Fine tuning of GcrParser when parsing PKCS#12 files. * Build and packaging fixes * Updated translations Changes in version 3.1.90 are: * Install better xdg-mime files for identifying crypto related file types * New gcr-viewer for viewing certificates and keys, hooked up to file types * Display tweaks for the certificate and key widgets * Don't initialize PKCS#11 modules automatically in gcr library unless needed. * Cleanup the libgck API since we're bumping the major version. * ABI fixes for the GCR library for changes in the 3.1.x release cycle * New automatic checks for symbols that have changed in the ABI * Add async PKCS#11 initialization functions to libgck * Display Certificate otherName subject-alt-name for xmppAddr and DNS SRV * Documentation, testing, translation and build fixes. Changes in version 3.1.4 are: * New GcrListSelector class for selecting multiple keys. * Add icons for key and key pair. * Gcr now has support for loading of GnuPG keys from gpg, including photos. * New gcr dependency on p11-kit for loading PKCS#11 modules. * Remove support for GTK+ 2.x * Implement calculation of fingerprints in gcr for keys. * Fix problems in daemon if IPC lock or FS capabilities are not available. * Bug fixes and build fixes. * Code cleanup and refactoring. Changes in version 3.1.1 are: * Add 'Export Certificate' option to right click of certificate widget. * Use file system linux capabilities for memory locking. * Set correct daemon SELinux context when started from PAM module. * Fix assertions in parser. * Add GcrCollection interface to represent collections of objects. * Add GcrGnupgCollection to libgcr. * Implement functionality in renderers to populate GtkTreeModel * Add a GcrSelector widget. * Cleanup unregistering from session. * Translations and translation fixes. Changes in version 3.0.3 are: * Build fixes on OpenBSD. * Don't prompt multiple times for simultaneous unlocking of keyrings. Changes in version 3.0.2 are: * Add documentation images for gcr widgets. * Translation fixes. * Build fixes. Changes in version 3.0.1 are: * Fix clicking buttons in 'unsafe storage' dialog on GTK+3 * Build with GTK+3 by default * More tests and test fine tuning: --enable-tests=yes/no/full * Expand path in gnome-keyring-prompt.desktop properly * Implement debug tracing in parts of gcr library. * Complete documentation in gcr and gck libraries. * Fix assertions in gcr library during parsing of a stream. * Build fixes Changes in version 3.0.0 are: * Translations Changes in version 2.91.93 are: * Use full interface.Property form for CreateCollection and CreateItem in the DBus API. * Add deprecated functions for libgcr symbols lost since 2.32.x * Don't crash when the GPG agent is asked for a passhprase without a key id. Changes in version 2.91.92 are: * Don't leak login name from PAM when logging error. * Also start daemon in XFCE * Fix inability to save password for other keyrings. * Build and test fixes. * Support removal of aliases via the secret service API * Fix race condition when multiple applications create the default keyring at the same time. * Add a desktop file for gnome-keyring-prompt, so the icon shows up properly in gnome-shell. * Implement HKDF for transport encryption security. Changes in version 2.91.91 are: * Fix the certificate details expander when used with GTK+3 * Calculate the minimum/natural size of the certificate widget better. * Fix gnome-keyring-prompt for GTK+3 release. * Fix problems with the URIs used for trust lookup and storage. * Pass around a content-type for secrets in the DBus Secret Service API. * If DBus couldn't be initialized when starting up the daemon, try again at a later point. * Build and testing fixes. * Remove support for the pkcs11-options file, and wait for a proper configuration file setup being worked on in p11-kit. * Add support for --version argument to gnome-keyring-daemon and gnome-keyring * Create necessary directory when storing trust assertion objects. Changes in version 2.91.4 are: * gck library loads PKCS#11 modules from /usr/lib/pkcs11 * PKCS#11 config file in /etc/xdg/pkcs11.conf[.defaults] * Many ASN.1 encoding fixes. * Refactor how tests work. * Install standalone PKCS#11 modules to a consistent location. * Memory leaks and other bug fixes. * Allow enumeration of objects in specific PKCS#11 slots as well as modules. * Add GcrCertificateChain for building certificate chains. * Implementation of the initial PKCS#11 Trust Assertions spec. * Add GcrPkcs11Certificate for looking up certificates in PKCS#11 modules by issuer. * Expose gcr functionality for setting which PKCS#11 modules to use. * Find the root certificates by default. * Move to a single header model for libgcr. * Don't load *.la files when looking for PKCS#11 modules. * Fixes for GTK+3.0 * New xdg-store PKCS#11 module with support for storing trust assertions. * Rename old user-store to gnome2-store since it stores its data in old formats in the old .gnome2 location. Changes in version 2.91.3 are: * Shutdown module timer when holding proper mutex. * Linux capabilities to overcome limits on locked memory. * Update HACKING with coding style * Build fixes. Changes in version 2.91.2 are: * Add timeout if PAM startup doesn't complete shortly. * Fix login keyring password when it doesn't match unix login. * Replace gp11-0 with gck in pkgconfig file * Fix broken dispose of GcrCertificateWidget * Remove gp11 library. Changes in version 2.91.1 are: * Fix build problem in gpg-agent. * Properly distribute pkgconfig file for gck library. * Better certificate widget in gcr library. * Add extra debug guard around printing of prompt io. * Rework how the gcr parser and importer work together. * More GTK+ 3.0 fixes. Changes in version 2.91.0 are: * String and punctuation fixes. * Add libgck library to soon replace libgp11 * Migrate everything in gnome-keyring to libgp11 * Fix invalid memory access in PKCS#11 rpc-layer * Fix race condition in tests Changes in version 2.32.0 are: * Make bulids silent by default. Changes in version 2.31.92 are: * Require glib 2.25 or later. * Require automake 1.7 or later. * Fix assertion in secure memory code. * Don't go into endless loop when GPG Agent client disconnects. * Fix double free in gp11 library. * Fix crash during keyring unlock operation. * Expand prompt details when a non-default unlock option is chosen. * Migrate to gsettings. * Use gsettings for GPG agent unlock options. * Fix library header installation directory for libgcr. * Fix some errors parsing certificates. * Rework how unlock options are loaded and handled. * Fix saving of auto-unlock passwords. * Support building with GTK+ 3.0 * No warning message when SSH unlock prompt is cancelled. * Build fix finding PAM headers. * Build fix of PAM module for Hurd. Changes in version 2.31.91 are: * Fix problem with keyring names that contain foreign charaters. * Build fixes and warning fixes. * Better GPG Agent prompt strings. * More internal documentation. * Remove gconf as part of migration to gsettings. * Add --replace option to daemon. * Fix race condition in tests. * Use new DER decoding and encoding routines. * Only try to authenticate once if PKCS#11 slot has protected auth path. * Better handling of when PKCS#11 token is write protected. Changes in version 2.31.4 are: * New GPG Agent built into gnome-keyring-daemon * Start building (but not using) new DER parser and writer. * Fix building of desktop and service files. * Fix problems displaying prompts with certain characters in strings. * Fix deadlock on secure memory usage. * Refactor the way prompting works for PKCS#11 components. * Refactor the way testing works and files are named. * Implement coverage testing. * Cleanup whitespace issues and rename certain modules. * Tests can now involve prompts and responses. * Fix possible threading race condition in gp11. * Fix broken startup when used with gdm and password-less login. * Fix checking of uninitialized value in prompting code. Changes in version 2.30.1 are: * Updated translations. * Build fixes for errors and distribution problems. * Fixes for building on recent GTK versions. * Remove accidental storage of user's login password in login keyring. * Fix assertion when exiting. Changes in version 2.30.0 are: * More robust error display and handling. * Don't assert on va_list. * Don't save session keyring to disk. * Allow unlocking even when always unlock is not available. * Hide the automatically unlock check when login not usable. * Fix various issues storing and using auto unlock passwords. * Updated translations. Changes in version 2.29.92 are: * Fix various problems with not storing secret value properly. * Return no results when a search includes a bad collection identifier. * Don't raise error if ssh client disconnects early. * Allow running in a test environment. * Fix error when setting default keyring to NULL. * Autostart gnome-keyring-daemon in LXDE as well. * Rework the startup again, to use a singleton crontrolled via dbus, to help when no process was started by pam. * Display password and confirm prompts when creating keyring. * Allow specifying CKA_ID when creating collection. * Give translatable label to created login keyring. * When no default keyring set, use login keyring. * Fix problem initializing socket path in rpc module. * Fix endless loop in reading data. * Potential fix or sporadic crash. * Solaris build fixes. * Updated translations. Changes in version 2.29.90 are: * Quit daemon when the dbus session is disconnected. * GNU Hurd build fixes. * Solaris build fixes. * Translation fixes. * Don't print out warnings on SSH v1 keys. * Remove erroneous egg-dbus dependency. * Allow saving password for encryption keys. * Fix problems storing secrets in keyrings. * Expose idle and timeout lock options for keyrings in the prompt dialog. Fix remaining issues to get this to work. * Display a different message when unlocking the login keyring. * Fix problem with phantom 'xxx_1' keyrings appearing. * Load and use the default keyring properly. * Support accessing template style pkcs11 attributes. * Fix endless loop when looking for encryption key password in login keyring. Changes in version 2.29.5 are: * Implement lookup collection passwords in login keyring. * Various prompting fixes. * Store PKCS#11 objects after any attribute change. * Add 'Type' property to Secret Service API DBus item interface * Various warning, and uninitialized memory fixes. Changes in version 2.29.4 are: * Refactor how the daemon starts up. * Allow init with already present environment variables, using --start. * Install autostart files for each component of the daemon. * New DBus Secret Service API for accessing passwords and secrets. * Old protocol for accessing secrets is no longer present. * libgnome-keyring is now its own module, and no longer bundled with gnome-keyring. * Use normal GtkEntry when prompting for passwords. * Requires GTK+ 2.18 * Implement new more flexible control protocol for pam and startup. * Complete more of the gp11 PKCS#11 wrapper library. * Implement AES key wrapping and unwrapping in PKCS#11 components. * Implement DH key generation and derivation in PKCS#11 components. * Integrate testing of PKCS#11 components via p11-tests. * Implement PKCS#11 component for storing 'keyring' style secrets. * Don't complain if we can't set session environment variables. * When running a debug build, warnings are fatal. * Refactor testing. * Encrypted channel for password with prompting dialog. Changes in version 2.28.2 are: * Add license to reference documentation. * Sent output of g_printerr to syslog. * No error when can't unlock login keyring. * Fix assertion when comparing attributes. * Fix freeing of unallocated memory in test. * Don't barf on certificates with unsupported algorithm. * Fix some memory leaks. Changes in version 2.28.1 are: * Fix support for SSH RSA1 keys. * Fix a delay when the daemon quits. * Use default D-Bus timeout when finding daemon. * Make custom pkcs11 constants unsigned longs. * Use unsigned long for module handle counter. * Fix assertion when releasing secure memory block. Changes in version 2.28.0 are: * Fix build problems. Changes in version 2.27.92 are: * Some uses of glib memory routines to explicitly allocate memory. * Fix erroneous assertion hit by gtk-doc and tests. * Revert change which bumped libtasn1 required to 1.0. * Fix logic for only_if option in PAM module. * Handle unix signals on one thread. * Better daemon startup and forking logic. * Optional use of automake silent rules when available. * No warning when a disk doesn't have a UDI identifier. Changes in version 2.27.90 are: * Build fixes on Solaris and FreeBSD. * Take length of ASN.1 elements into account, when parsing. Changes in version 2.27.5 are: * Add support for lifetime constrained SSH identities. * Use GtkBuilder files where glade files were used. * Write private key files with tighter file permissions. * Use gio instead of libhal for monitoring volumes. Changes in version 2.27.4 are: * Insurance in parsing keyring format for future changes. * Add 'use_authtok' option to pam module. * Test utility fix [Jon Downland] * Add 'only_if=' option to pam module. * Make 'Password:' prompt translatable in pam module. * Use libgcrypt to generate iv/salt where needed. * Remove old cu-test style unit tests. * Code refactoring and cleanup, removed 'common' component. * Auto generated ChangeLog. * Cleanup unit tests, and make them run with 'make check' Changes in version 2.26.3 are: * Build fixes. [Alexis Ballier, Daniel Macks] * Fix problem with RSA key sizes that are not a multiple of 8. This affected use of SSH keys in particular. * Fix crash related to secure memory. [Ryan Beasley] Changes in version 2.26.1 are: * Fix many problems with the new secure memory allocator. * DBus now automatically starts the gnome-keyring service properly. * When auto activating the gnome-keyring DBus service, check for an already running daemon. * Don't print critical warnings when registering with DBus fails. * Bump glib dependency. * Add DBus method for getting the gnome-keyring environment variables. * Fix crash when prompting to unlock the keyring. * Initialize daemon with LOGNAME and USERNAME environment variables. * Build fixes [Ed Schouten] Changes in version 2.26.0 are: * Implement support for running gnome-keyring-daemon under valgrind. * Checks for asn1Parser tool when configuring. [Alberto Ruiz]. * Only automatically expose PKCS#11 public key objects for private keys. * Have the SSH agent only log into the token when we have a private key that we want to access. * Disable input method in password. [Takao Fujiwara] Changes in version 2.25.92 are: * Fix problems when multiple processes tried to initialize the gnome-keyring-daemon at the same time, often resulting in a user session that hung on login. * Add compatibility support for loading SSH unlock passwords from previous versions of gnome-keyring. * Fix compiler warnings on 32-bit systems. * Fix uninitialized variable usage. These resulted in crashes. * Initialize PKCS#11 tokens before importing certificates or keys to them. Remove previous auto-initialize idea. * Add basic support for PKCS#11 SO logins. * Fix focus issues in the import certificate/key dialog. * When looking for PKCS#11 objects, skip tokens that have not been initialized. * Exit properly when an error occurs on importing a certificate or key. * Hash objects when storing them in PKCS#11 user-store and validate the hashes when loading them. * Build fix on Solaris [Jeff Cai] * If login keyring doesn't exist when changing a PAM password, don't create it automatically. [Vincent Untz] * Close stdin/stdout when not running the daemon in foreground. This fixes a regression in scripts starting gnome-keyring-daemon. Changes in version 2.25.91 are: * Complete certificate details display in the gcr library. * Correctly escape prompt markup. [Joe Shaw, Magnus Boman] * Show correct MD5 hash in certificate display. [Fabrizio Tarizzo] * Overhaul the secure memory allocator to have memory guards, and also be more sparing with secure memory. * Add C++ header guards to public headers. [Xan Lopez] * Prompt to initialize new PKCS#11 tokens with a password. * Fix output of RSA keys to be interoperable. * Translation fixes. * Fix problems importing certificates and keys. * More code reorganization. * Add support for netscape trust objects, so Root CA certificates can be trusted by NSS. * Fixes to the PKCS#11 headers on 64-bit systems. [Christophe Fergeau] Changes in version 2.25.90 are: * Add certificate UI bit to gcr library. * Can now again clear the cached authentication from an SSH key. * Add some additional helper functions to gp11 library. * Fix some corner cases in signal handling. [James Henstridge] * Don't crash when trying to lock keyrings that don't have a password. * Fix problems running on 64-bit systems. [Christophe Fergeau] * Build fixes [Theppitak Karoonboonyanan, Saleem Abdulrasool] Changes in version 2.25.5 are: * Refactor out gcr library for crypto UI and related tasks. * Code refactoring. * Support automatically initializing a PKCS#11 token when not initialized. * Add modular user-store module for general storage of keys and certs. * Build fixes [Saleem Abdulrasool, Jeff Cai] * Add modular roots-store module for storage of trusted CA certs. * Add modular rpc-layer for communication between module and daemon. * Add modular ssh-agent as the main gnome-keyring-daemon agent. Changes in version 2.25.4.2 are: * The modular ssh agent uses keys from all available PKCS#11 slots. * Fix compiler warnings. * Fix broken release. Changes in version 2.25.4.1 are: * Fix broken release. Changes in version 2.25.4 are: * Half way through refactoring of PKCS#11 support. * Add crypto support to gp11 library. * gp11 library is now by and large thread-safe. * Add modular ssh-store, roots and rpc-layer PKCS#11 components. * Beginnings of a PKCS#11 based ssh-agent. * Transactional storage of PKCS#11 objects. * Add auto-authenticate support in GP11 library, which greatlty simplifies figuring out when to provide passwords. * Fix initialization problems which prevented SSH agent from setting environment variables properly [Yanko Kaneti] * Translation fixes [Gabor Kelemen] Changes in version 2.25.2 are: * Fix PKCS#11 corner cases highlighted by p11-tests tool. * Solaris fixes [Halton Huo, Jeff Cai] * Don't use non-pageable memory for public keys. * Rework initialization of daemon, and the way that it integrates with the session. * Close open file descriptors before starting daemon from PAM module. * Don't try and unlock keyring from PAM if daemon isn't running. [Vincent Untz] * Don't leave keyring daemon running if PAM just started it for a password change. [Vincent Untz] * Add a keyboard accelerator to the 'Deny' button. [Gabor Kelemen] * Use pkg-config to detect libtasn1. [Jeff Cai] * Register environment variables with session properly. * Make DBUS a required dependency of gnome-keyring. Changes in version 2.25.1 are: * Remove usage of deprecated glib/gtk stuff. Changes in version 2.24.1 are: * Fix crash on logout on Solaris. [Jeff Cai] * Add missing 'server' attribute to the NETWORK_PASSWORD schema. Changes in version 2.24.0 are: * Update documentation for functions in gp11 library * Ungrab the keyboard properly when a password prompt is minimized. * Report errors from keyboard grabbing. * Fix build problems with gcc 4.3. * PKCS#11 initialize compatibility fix for OpenSC. [Joe Orton] * Make all errors from prompt process go to syslog. * When prompting for a password on import, don't go into an endless loop for blank passwords. * Fix problems with PK indexes overwriting one another. * Don't add additional extensions on storage files when the extension is already correct. * Load all objects when a PKCS#11 session is opened, regardless of whether a C_FindObjects is run or not. Changes in version 2.23.92 are: * Build fix for Solaris. [Jeff Cai] * Import the LANG environment variable into daemon enviroment so that dialogs display with correct translations. Changes in version 2.23.91 are: * Use 'Change' instead of 'Create' when prompting the user for a password to change keyring password. [Adam Schreiber] * Fix RSA signing with X509 mechanism. * Tweaking of the asynchronous scheduling to prevent hangs. * Add some documentation for GP11 library. * Translation fixes. * Build fixes. [Götz Waschk] Changes in version 2.23.90 are: * Use 'Create' button instead of 'OK' when prompting the user for a password to create a new keyring. [Adam Schreiber] * Fix more cases where 'Deny' choice by a user resulted in more subsequent prompts. * Automatically create non-existant directories when storing files. * Fix problem prompting for the same password twice when parsing a PFX or PKCS#12 file. * Don't offer to store password during import operation. * Don't try to store certificates encrypted on the disk. * Add command line tool for importing of keys and certificates. * Fix problems with SSH agent not unlocking keys properly. * Build fixes. [John Ralls] Changes in version 2.23.6 are: * If the user denies a prompt, then don't prompt the same prompt again for that connection to the daemon. * Bug fixes for loading of SSH keys. * Add gconf schema for noting the user's configured PKCS#11 modules. * Update and bug fixes for the new GP11 library. * Better reference counting of internal objects. * When a certificate is in the roots storage, assume it is a CA if no basic constraints are present. * Add ability of PKCS#11 module to accept a string on its reserved initialization argument, similar to NSS's libsoftkn3 module. * Translation fixes. * Build fixes. Changes in version 2.23.5 are: * Load all SSH keys in ~/.ssh named id_?sa*, not just id_rsa and id_dsa. Also load public portions of keys when needed ie: *.pub * Include new GP11 library, which is a GLib wrapper for PKCS#11 * Add ability to import keys/certificates to PKCS#11. * Better storage and creation of PKCS#11 objects. * Start using GTest for new unit testing. * Better indexing of keys and certificates. * Better buffer handling, and threading fixes. [Jon Burgress] * Fix warnings in logs caused by programs checking whether gnome-keyring is available. * Standardize on libgcrypt random number generator. * Add --disable-acl-prompts option to disable all ACL prompting [Colin Walters] * Build fixes. Changes in version 2.22.2 are: * Streamline the importing of keys and make the proper prompts show up consistently. Better fixes for this to come in 2.24.x * Don't show 'location' field in most password prompts. * Return serial number of certificates properly to requesting programs. * Fix crash when receiving certain HAL events. * Build fixes [Brian Cameron, Matthias Drochner, Antoine Jacoutot] Changes in version 2.22.1 are: * Add SSH agent protocol 1 support. * Make 'ssh-add -D' lock any SSH private keys that gnome-keyring is automatically loading. * Reconnect to system DBus whenever the system bus restarts. [Sjoerd Simons] * Log to syslog even when running in the foreground [Tony Espy] * Add a configure option to disable building of the SSH agent. * Build fixes. [Alex Converse, Andrea Del Signore] Changes in version 2.22.0 are: * Build fix. [Jens Granseuer] Changes in version 2.21.92 are: * Sync up user's session environment with the daemon, so that things like X authentication, DBUS etc... work properly. * Shutdown socket connections properly, so things don't hang, when wrong versions of daemon/library are used. * Limit PKCS#12 parsing to a clearly defined subset of the format. * Decrypt PKCS#12 with empty passwords properly. * Build fixes. * Translation fixes. Changes in version 2.21.91 are: * Don't prompt for a password from the PAM module since gnome-keyring is not an authenticator. [Ray Strode] * Check that PKCS#11 socket connections come from same user. * Don't lock the entire gnome-keyring-ask process in memory. Just the password text. Works better when less non-pageable memory is available. * Basic serializing of certificates and keys. * Build fixes. * Translation fixes. Changes in version 2.21.90 are: * Fix problem where most keyrings were being treated as insecure from the point of view of storing passwords for keys or certificates. * Fix race condition that is causing deadlocks and freezes. Changes in version 2.21.5 are: * Proper support for creating and destroying objects through PKCS#11. * Support for setting PKCS#11 attributes. * Fix hanging of daemon under certain conditions. * Add gconf setting for determining which components of the daemon (such as SSH) are run at startup. * Better parsing of objects and prompting for passwords in PKCS#12 files. * Calculate trust and purpose/usage of certificates. * Mark certain key/certificate directories as special requiring certain special treatment (such as the CA root store, SSH keys etc...) * Add support for unencrypted keyrings which are used when the user specifies a blank password. * Fix crasher [Jeff Cai] * Build fixes. Changes in version 2.21.4 are: * x86_64 memory alignment fixes * Other build and install fixes * Solaris build fixes [Halton Huo] * Automatically activate keyring daemon via DBus if it is not already running. [Tom Parker] Changes in version 2.21.3.2 are: * x86_64 build fixes * Build and install fixes * Fix problems with assertions when not in debug mode. * Fix some crashers * Better ASN.1 and PKCS#11 date parsing and handling * Fix return results from C_GetAttributeValue * Lookup certificates related to keys properly. Changes in version 2.21.3.1 are: * Build fixes * Use SHA1 instead of MD5 where possible. * Install PKCS#11 module to a better prefix Changes in version 2.21.3 are: * Added basic X.509 certificate and key store * PKCS#11 module for accessing certificates and keys * Now includes an SSH agent * PAM module now works with SELinux [Alexander Larrson] * Add a simpler API for accessing and storing passwords. Changes in version 2.20.3 are: * Use correct environment to startup gnome-keyring-daemon from PAM. * Fix crash when comparing item attributes. [Sam Morris] * Fix crash on shutdown. [Jeff Cai] * Build fix for OpenBSD [Martynas Venckus] Changes in version 2.20.2 are: * Build fixes for systems that require GNU_SOURCE to be defined. [Christopher Taylor] * Builds with the latest DBus [Owen Taylor] * Build fix for OpenBSD [Jasper Lievisse Adriaanse] * Don't print out a warning message in applications using libgnome-keyring when non-pageable memory cannot be allocated. Changes in version 2.20.1 are: * Link pam module properly with libpam [Sebastian Dröge] * Remove 'install-pam' make target [Rémi Cardona] * Return a 'not found' result when no results are returned from a find operation. * Don't remove 'default' file on exit. [Alex Larrson] * Recognize newly created keyrings properly. [Darren Kenny] Changes in version 2.20 are: * Build fixes [Halton Huo] * Translation fixes [Claude Paroz] Changes in version 2.19.91 are: * Builds with newer versions of DBus [Theppitak Karoonboonyanan] * In the PAM module we now support starting gnome-keyring-daemon when the user's session actually starts, rather than during password validation. This makes us more solid and sane with GDM and well behaved PAM using applications. [Chris Rivera] * In the PAM module check that the socket is owned by the same user, before sending the login password there. * Don't read from /dev/random when not needed. This makes startup faster in many cases, as it won't block for entropy. * Get around more optimizations that cancel out wiping of strings in memory before freeing. * Now builds on FreeBSD [Joe Marcus Clarke] Changes in version 2.19.90 are: * Fix problem where keyrings are created in wrong directory [Nathaniel McCallum] * Incorporated security fixes from Novell * Fix crashers when the ask dialog sends back bad data. * Now builds on Solaris [Damien Carbery] * Configure PAM module directory better [Matthias Clasen] * Fix memory leaks Changes in version 2.19.6.1 are: * Fix uninitialized variable in 'get_item_info' operation * Better installing of PAM module on Fedora. [Matthias Clasen] * Build fixes [Jens Granseuer, Claudio Saavedra] Changes in version 2.19.6 are: * Grab the keyboard when prompting for passwords, and always put the prompt window above other windows. * Now supports use of keyrings on removable drives. * PAM module to automatically unlock keyrings on login, or unlocking * Simplify daemon code (now uses cooperative threading) and get it ready for other PKCS#11, SSH and other stuff running in same process. Changes in version 2.19.5 are: * Allow passing NULL as a password to gnome_keyring_unlock() * Added strerror() like functionality for GnomeKeyringResult * Added support for async version of gnome_keyring_item_grant_access_rights_sync() * Handle unix signals properly, quit gracefully. * Fix memory leaks [Alexander Sack] * Make unit tests automatic when building a distribution tarball * Fix prompt messages [Jürg Billeter] * Fix problems prompting for access to items when the keyring is locked. * Non-pageable memory degrades gracefully on Solaris, FreeBSD * Build fixes [Theppitak Karoonboonyanan, Christian Kirbach] * API Documentation Changes in version 2.19.4.1 are: * Build fix for unit tests Changes in version 2.19.4 are: * Fixed problem where zero find results returned 'denied'. * Fixed ugly password prompt for making a new keyring. * Consistent use of NULL in the API to represent the default keyring. * Use non-pageable memory for secrets and passwords. * Log warning and error messages to syslog when running as a daemon. * Added unit tests for the gnome-keyring API. * Refactored and reorganized the code. Changes in version 2.19.2 are: * Sync up version number with GNOME release schedule * Use libgcrypt instead of hand-rolled encryption algorithms. * Internationalization fixes [Elijah Newren] * Solaris build fixes. Changes in version 0.8 are: * Translations Changes in version 0.7.92 are: * Fix build by including sys/types.h * In gnome_keyring_free() don't crash on NULL parameter. Changes in version 0.7.91 are: * Add method for library to discover daemon via DBus. Adds soft DBus dependency. * Fixes for building on kFreeBSD. Changes in version 0.7.3 are: * Fix endless loop when creating a keyring and a file by that name already exists. * Fix crasher when deleting session keyring. * Fix crasher when doing find operation with NULL attribute string. * Sync files to disk after writing to keyring. Changes in version 0.7.2 are: * Don't have multiple password dialogs presented for the same keyring Changes in version 0.7.1 are: * Added GNOME_KEYRING_ITEM_APPLICATION_SECRET which allows an item to be for a single application only with strict access controls. * New function gnome_keyring_item_get_info_full(_sync) which allow retrieval of item meta data without the secret, thus not incurring an ACL prompt. * Translation updates Changes in version 0.6.0 are: * NetBSD fixes * Crash fix * Typo fix * Translations Changes in version 0.5.2 are: * Translation updates * Better title in docs * Fixed crashes * New function: gnome_keyring_item_grant_access_rights_sync Changes in version 0.5.1 are: * Support changing password of a keyring * Create ~/.gnome2 if needed * Save keyring when an ACL is added * Add password strength meter * Small bugfixes Changes in version 0.4.9 are: * Fix return value for some sync calls * Translation updates Changes in version 0.4.8 are: * Fix crash when asking for password * Translation updates Changes in version 0.4.7 are: * Fix --disable-nls * Translation updates Changes in version 0.4.6 are: * Confirm password when selecting new password Changes in version 0.4.5 are: * Fix a crash in some sync functions. Changes in version 0.4.4 are: * Translation updates * warning fixes * require gtk 2.6 Changes in version 0.4.3 are: * Translation updates * Fix bug in acl functions * implement gnome_keyring_set_info * add sync function for all operations * fix leaks Changes in version 0.4.2 are: * AIX portability fixes * Translation updates Changes in version 0.4.1 are: * Support for slaving lifecycle to a file descriptor * Translation updates Changes in version 0.4.0 are: * Build fix on some systems * Translation updates Changes in version 0.3.3 are: * Translation updates Changes in version 0.3.2 are: * New API functions for getting/setting ACL * Implemented delete keyring operation Changes in version 0.3.1 are: * New and updated translations. * New introduction document * unlocking the NULL keyring unlocks the default keyring Changes in version 0.2.1 are: * New and updated translations. Changes in version 0.2.0 are: * New and updated translations. Changes in version 0.1.91 are: * New translations Changes in version 0.1.90 are: * New translations * uninstalled pkg-config file Changes in version 0.1.4 are: * New translations * put gnome-keyring-ask in libexec Changes in version 0.1.3 are: * Fixed leaks * Portability fixes * Don't split strings for translations Changes in version 0.1.2 are: * Spelling fix in API * require latest gtk/glib * use g_get_tmp_dir instead of hardcoding /tmp * More translations Changes in version 0.1.2 are: * Slave lifecycle to session * More translations * Nicer user interface * FreeBSD fixes * Solaris fixes