path: root/NEWS

Changes in version 2.24.0 are:
* Update documentation for functions in gp11 library
* Ungrab the keyboard properly when a password prompt is minimized.
* Report errors from keyboard grabbing.
* Fix build problems with gcc 4.3.
* PKCS#11 initialize compatibility fix for OpenSC. [Joe Orton]
* Make all errors from prompt process go to syslog.
* When prompting for a password on import, don't go into an endless 
  loop for blank passwords.
* Fix problems with PK indexes overwriting one another.
* Don't add additional extensions on storage files when the extension 
  is already correct.
* Load all objects when a PKCS#11 session is opened, regardless of 
  whether a C_FindObjects is run or not.

Changes in version 2.23.92 are:
* Build fix for Solaris. [Jeff Cai] 
* Import the LANG environment variable into daemon enviroment
  so that dialogs display with correct translations.
	
Changes in version 2.23.91 are:
* Use 'Change' instead of 'Create' when prompting the user for 
  a password to change keyring password. [Adam Schreiber]
* Fix RSA signing with X509 mechanism.
* Tweaking of the asynchronous scheduling to prevent hangs.
* Add some documentation for GP11 library.
* Translation fixes.
* Build fixes. [Götz Waschk]

Changes in version 2.23.90 are:
* Use 'Create' button instead of 'OK' when prompting the user for 
  a password to create a new keyring. [Adam Schreiber]
* Fix more cases where 'Deny' choice by a user resulted in 
  more subsequent prompts.
* Automatically create non-existant directories when storing files.
* Fix problem prompting for the same password twice when parsing a 
  PFX or PKCS#12 file.
* Don't offer to store password during import operation.
* Don't try to store certificates encrypted on the disk.
* Add command line tool for importing of keys and certificates.
* Fix problems with SSH agent not unlocking keys properly.
* Build fixes. [John Ralls]

Changes in version 2.23.6 are:
* If the user denies a prompt, then don't prompt the same prompt
  again for that connection to the daemon.
* Bug fixes for loading of SSH keys. 
* Add gconf schema for noting the user's configured PKCS#11 modules.
* Update and bug fixes for the new GP11 library.
* Better reference counting of internal objects.
* When a certificate is in the roots storage, assume it is a CA if 
  no basic constraints are present.
* Add ability of PKCS#11 module to accept a string on its reserved
  initialization argument, similar to NSS's libsoftkn3 module.
* Translation fixes.
* Build fixes.

Changes in version 2.23.5 are:
* Load all SSH keys in ~/.ssh named id_?sa*, not just id_rsa 
  and id_dsa. Also load public portions of keys when needed ie: *.pub
* Include new GP11 library, which is a GLib wrapper for PKCS#11
* Add ability to import keys/certificates to PKCS#11.
* Better storage and creation of PKCS#11 objects.
* Start using GTest for new unit testing.
* Better indexing of keys and certificates.
* Better buffer handling, and threading fixes. [Jon Burgress] 
* Fix warnings in logs caused by programs checking whether 
  gnome-keyring is available.
* Standardize on libgcrypt random number generator. 
* Add --disable-acl-prompts option to disable all ACL prompting [Colin Walters]
* Build fixes. 

Changes in version 2.22.2 are:
* Streamline the importing of keys and make the proper prompts show up
  consistently. Better fixes for this to come in 2.24.x
* Don't show 'location' field in most password prompts.
* Return serial number of certificates properly to requesting programs.
* Fix crash when receiving certain HAL events.
* Build fixes [Brian Cameron, Matthias Drochner, Antoine Jacoutot]

Changes in version 2.22.1 are:
* Add SSH agent protocol 1 support. 
* Make 'ssh-add -D' lock any SSH private keys that gnome-keyring is 
  automatically loading.
* Reconnect to system DBus whenever the system bus restarts. [Sjoerd Simons]
* Log to syslog even when running in the foreground [Tony Espy]
* Add a configure option to disable building of the SSH agent.
* Build fixes. [Alex Converse, Andrea Del Signore]

Changes in version 2.22.0 are:
* Build fix. [Jens Granseuer]

Changes in version 2.21.92 are:
* Sync up user's session environment with the daemon, so that 
  things like X authentication, DBUS etc... work properly.
* Shutdown socket connections properly, so things don't hang, when 
  wrong versions of daemon/library are used.
* Limit PKCS#12 parsing to a clearly defined subset of the format.
* Decrypt PKCS#12 with empty passwords properly.
* Build fixes.
* Translation fixes.

Changes in version 2.21.91 are:
* Don't prompt for a password from the PAM module since  
  gnome-keyring is not an authenticator. [Ray Strode]
* Check that PKCS#11 socket connections come from same user.
* Don't lock the entire gnome-keyring-ask process in memory.
  Just the password text. Works better when less non-pageable
  memory is available.
* Basic serializing of certificates and keys.
* Build fixes.
* Translation fixes.

Changes in version 2.21.90 are:
* Fix problem where most keyrings were being treated as insecure 
  from the point of view of storing passwords for keys or certificates.
* Fix race condition that is causing deadlocks and freezes.

Changes in version 2.21.5 are:
* Proper support for creating and destroying objects through PKCS#11.
* Support for setting PKCS#11 attributes.
* Fix hanging of daemon under certain conditions.
* Add gconf setting for determining which components of the daemon 
  (such as SSH) are run at startup.
* Better parsing of objects and prompting for passwords in PKCS#12 files.
* Calculate trust and purpose/usage of certificates.
* Mark certain key/certificate directories as special requiring certain
  special treatment (such as the CA root store, SSH keys etc...)
* Add support for unencrypted keyrings which are used when the user 
  specifies a blank password.
* Fix crasher [Jeff Cai]
* Build fixes.

Changes in version 2.21.4 are:
* x86_64 memory alignment fixes
* Other build and install fixes
* Solaris build fixes [Halton Huo]
* Automatically activate keyring daemon via DBus if it is not already 
  running. [Tom Parker]

Changes in version 2.21.3.2 are:
* x86_64 build fixes
* Build and install fixes
* Fix problems with assertions when not in debug mode.
* Fix some crashers
* Better ASN.1 and PKCS#11 date parsing and handling
* Fix return results from C_GetAttributeValue
* Lookup certificates related to keys properly.

Changes in version 2.21.3.1 are:
* Build fixes
* Use SHA1 instead of MD5 where possible.
* Install PKCS#11 module to a better prefix

Changes in version 2.21.3 are:
* Added basic X.509 certificate and key store 
* PKCS#11 module for accessing certificates and keys
* Now includes an SSH agent
* PAM module now works with SELinux [Alexander Larrson]
* Add a simpler API for accessing and storing passwords.

Changes in version 2.20.3 are:
* Use correct environment to startup gnome-keyring-daemon from PAM.
* Fix crash when comparing item attributes. [Sam Morris]
* Fix crash on shutdown. [Jeff Cai]
* Build fix for OpenBSD [Martynas Venckus]

Changes in version 2.20.2 are:
* Build fixes for systems that require GNU_SOURCE to be defined. [Christopher Taylor]
* Builds with the latest DBus [Owen Taylor]
* Build fix for OpenBSD [Jasper Lievisse Adriaanse]
* Don't print out a warning message in applications using libgnome-keyring when 
  non-pageable memory cannot be allocated.

Changes in version 2.20.1 are:
* Link pam module properly with libpam [Sebastian Dröge]
* Remove 'install-pam' make target [Rémi Cardona]
* Return a 'not found' result when no results are returned 
  from a find operation.
* Don't remove 'default' file on exit. [Alex Larrson]
* Recognize newly created keyrings properly. [Darren Kenny]

Changes in version 2.20 are:
* Build fixes [Halton Huo]
* Translation fixes [Claude Paroz]

Changes in version 2.19.91 are:
* Builds with newer versions of DBus [Theppitak Karoonboonyanan]
* In the PAM module we now support starting gnome-keyring-daemon when 
  the user's session actually starts, rather than during password validation.
  This makes us more solid and sane with GDM and well behaved PAM using
  applications. [Chris Rivera]
* In the PAM module check that the socket is owned by the same user, before
  sending the login password there.
* Don't read from /dev/random when not needed. This makes startup faster 
  in many cases, as it won't block for entropy.
* Get around more optimizations that cancel out wiping of strings in 
  memory before freeing.
* Now builds on FreeBSD [Joe Marcus Clarke]
	
Changes in version 2.19.90 are:
* Fix problem where keyrings are created in wrong directory [Nathaniel McCallum]
* Incorporated security fixes from Novell
* Fix crashers when the ask dialog sends back bad data.
* Now builds on Solaris [Damien Carbery]
* Configure PAM module directory better [Matthias Clasen]
* Fix memory leaks

Changes in version 2.19.6.1 are:
* Fix uninitialized variable in 'get_item_info' operation
* Better installing of PAM module on Fedora. [Matthias Clasen]
* Build fixes [Jens Granseuer, Claudio Saavedra]

Changes in version 2.19.6 are:
* Grab the keyboard when prompting for passwords, and always put the prompt
  window above other windows.
* Now supports use of keyrings on removable drives. 
* PAM module to automatically unlock keyrings on login, or unlocking
* Simplify daemon code (now uses cooperative threading) and get it ready for
  other PKCS#11, SSH and other stuff running in same process.

Changes in version 2.19.5 are:
* Allow passing NULL as a password to gnome_keyring_unlock()
* Added strerror() like functionality for GnomeKeyringResult
* Added support for async version of gnome_keyring_item_grant_access_rights_sync()
* Handle unix signals properly, quit gracefully.
* Fix memory leaks [Alexander Sack]
* Make unit tests automatic when building a distribution tarball
* Fix prompt messages [Jürg Billeter]
* Fix problems prompting for access to items when the keyring is locked.
* Non-pageable memory degrades gracefully on Solaris, FreeBSD
* Build fixes [Theppitak Karoonboonyanan, Christian Kirbach]
* API Documentation

Changes in version 2.19.4.1 are:
* Build fix for unit tests

Changes in version 2.19.4 are:
* Fixed problem where zero find results returned 'denied'.
* Fixed ugly password prompt for making a new keyring.
* Consistent use of NULL in the API to represent the default keyring.
* Use non-pageable memory for secrets and passwords.
* Log warning and error messages to syslog when running as a daemon.
* Added unit tests for the gnome-keyring API.
* Refactored and reorganized the code.

Changes in version 2.19.2 are: 
* Sync up version number with GNOME release schedule
* Use libgcrypt instead of hand-rolled encryption algorithms.
* Internationalization fixes [Elijah Newren]
* Solaris build fixes. 

Changes in version 0.8 are: 
* Translations

Changes in version 0.7.92 are:
* Fix build by including sys/types.h
* In gnome_keyring_free() don't crash on NULL parameter. 

Changes in version 0.7.91 are:
* Add method for library to discover daemon via DBus. Adds soft 
  DBus dependency.
* Fixes for building on kFreeBSD.

Changes in version 0.7.3 are:
* Fix endless loop when creating a keyring and a file by that name 
  already exists. 
* Fix crasher when deleting session keyring.
* Fix crasher when doing find operation with NULL attribute string.
* Sync files to disk after writing to keyring.

Changes in version 0.7.2 are:
* Don't have multiple password dialogs presented for the same
  keyring

Changes in version 0.7.1 are: 
* Added GNOME_KEYRING_ITEM_APPLICATION_SECRET which allows an item 
  to be for a single application only with strict access controls.
* New function gnome_keyring_item_get_info_full(_sync) which allow 
  retrieval of item meta data without the secret, thus not incurring 
  an ACL prompt. 
* Translation updates

Changes in version 0.6.0 are:
* NetBSD fixes
* Crash fix
* Typo fix
* Translations

Changes in version 0.5.2 are:
* Translation updates
* Better title in docs
* Fixed crashes
* New function: gnome_keyring_item_grant_access_rights_sync

Changes in version 0.5.1 are:
* Support changing password of a keyring
* Create ~/.gnome2 if needed
* Save keyring when an ACL is added
* Add password strength meter
* Small bugfixes

Changes in version 0.4.9 are:
* Fix return value for some sync calls
* Translation updates

Changes in version 0.4.8 are:
* Fix crash when asking for password
* Translation updates

Changes in version 0.4.7 are:
* Fix --disable-nls
* Translation updates

Changes in version 0.4.6 are:
* Confirm password when selecting new password

Changes in version 0.4.5 are:
* Fix a crash in some sync functions.

Changes in version 0.4.4 are:
* Translation updates
* warning fixes
* require gtk 2.6

Changes in version 0.4.3 are:
* Translation updates
* Fix bug in acl functions
* implement gnome_keyring_set_info
* add sync function for all operations
* fix leaks

Changes in version 0.4.2 are:
* AIX portability fixes
* Translation updates

Changes in version 0.4.1 are:
* Support for slaving lifecycle to a file descriptor
* Translation updates

Changes in version 0.4.0 are:
* Build fix on some systems
* Translation updates

Changes in version 0.3.3 are:
* Translation updates

Changes in version 0.3.2 are:
* New API functions for getting/setting ACL
* Implemented delete keyring operation

Changes in version 0.3.1 are:
* New and updated translations.
* New introduction document
* unlocking the NULL keyring unlocks the default keyring

Changes in version 0.2.1 are:
* New and updated translations.

Changes in version 0.2.0 are:
* New and updated translations.

Changes in version 0.1.91 are:
* New translations

Changes in version 0.1.90 are:
* New translations
* uninstalled pkg-config file

Changes in version 0.1.4 are:
* New translations
* put gnome-keyring-ask in libexec

Changes in version 0.1.3 are:
* Fixed leaks
* Portability fixes
* Don't split strings for translations

Changes in version 0.1.2 are:
* Spelling fix in API
* require latest gtk/glib
* use g_get_tmp_dir instead of hardcoding /tmp
* More translations

Changes in version 0.1.2 are:
* Slave lifecycle to session
* More translations
* Nicer user interface
* FreeBSD fixes
* Solaris fixes