Hello community, here is the log from the commit of package epiphany for openSUSE:Factory checked in at 2017-02-07 12:09:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/epiphany (Old) and /work/SRC/openSUSE:Factory/.epiphany.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "epiphany" Changes: -------- --- /work/SRC/openSUSE:Factory/epiphany/epiphany.changes 2017-01-19 10:44:28.515790062 +0100 +++ /work/SRC/openSUSE:Factory/.epiphany.new/epiphany.changes 2017-02-07 12:09:50.435520435 +0100 @@ -1,0 +2,10 @@ +Fri Feb 3 20:22:50 UTC 2017 - [email protected] + +- Update to version 3.22.6: + + Fix minor memory leak (bgo#682723). + + Fix serious password extraction sweep attack on password + manager (bgo#752738). + + Fix adblocker blocking too much stuff, breaking Twitter + (bgo#777714). + +------------------------------------------------------------------- Old: ---- epiphany-3.22.5.tar.xz New: ---- epiphany-3.22.6.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ epiphany.spec ++++++ --- /var/tmp/diff_new_pack.NSJwqT/_old 2017-02-07 12:09:51.119423664 +0100 +++ /var/tmp/diff_new_pack.NSJwqT/_new 2017-02-07 12:09:51.123423098 +0100 @@ -17,7 +17,7 @@ Name: epiphany -Version: 3.22.5 +Version: 3.22.6 Release: 0 %define _base_version 3.22 Summary: GNOME Web Browser ++++++ epiphany-3.22.5.tar.xz -> epiphany-3.22.6.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/ChangeLog new/epiphany-3.22.6/ChangeLog --- old/epiphany-3.22.5/ChangeLog 2017-01-17 01:26:11.000000000 +0100 +++ new/epiphany-3.22.6/ChangeLog 2017-02-03 20:24:45.000000000 +0100 @@ -1,3 +1,206 @@ +commit 30a34f2a0a97d951dea8de923feafca6d0846011 +Author: Adrian Perez de Castro <[email protected]> +Date: Fri Feb 3 00:54:51 2017 +0200 + + uri-tester: Ensure regexps are properly constructed + + This adds a few more cases to the escaping done when converting an AdBlock + non-regepx "simple pattern" from a rule into a GRegex. This patch does the + following: + + - Adds escaping to some of the regexp metacharacters which were not being + handled: (){}+.|\ + - Adds support for using a vertical bar at the end of a pattern to anchor the + match at the end. + - Adds support for using ^ to match a "separator character" (a non-letter, + non-number, or one of _-.%). + + This also adds as much comment lines as code, which in this particular case + is probably a good thing, so reading the code in the future does not need + checking each case against the GRegex documentation. + + https://bugzilla.gnome.org/show_bug.cgi?id=777714 + + embed/web-extension/ephy-uri-tester.c | 56 +++++++++++++++++++++++++---------- + 1 file changed, 40 insertions(+), 16 deletions(-) + +commit cb4e78d687e3c55c88e0acd928dce9476f049a9a +Author: Michael Catanzaro <[email protected]> +Date: Thu Feb 2 21:31:46 2017 -0600 + + Do not run new migrator if the main profile has been migrated + + This is ephy *profile* migrator. It runs on a per-profile basis. i.e. + each web app runs migrators separately. So this migration step could run + once for a profile dir, then again far in the future when an old web app + is opened. But passwords are global state, not stored in the profile dir, + and we want to run this migration only once. This is tricky to fix, but + it's easier if we relax the constraint to "never run this migrator if it + has been run already for the default profile dir." That's because we don't + really care if a couple web app passwords get converted from insecure to + secure, which is not a big problem and indicates the user probably never + uses Epiphany except for web apps anyway. We just don't want all the user's + passwords to get converted mysteriously because he happens to open a web + app. So check the migration version for the default profile dir and abort + if this migrator has already run there. This way we avoid adding a new flag + file to clutter the profile dir just to check if this migrator has run. + + https://bugzilla.gnome.org/show_bug.cgi?id=752738 + + lib/ephy-profile-migrator.c | 22 ++++++++++++++++++++++ + lib/ephy-profile-utils.c | 15 ++++++++++++--- + lib/ephy-profile-utils.h | 2 ++ + 3 files changed, 36 insertions(+), 3 deletions(-) + +commit 941fa9fdcf1e621f4356b454dd8b6e2af039b79d +Author: Michael Catanzaro <[email protected]> +Date: Thu Feb 2 19:51:15 2017 -0600 + + form-auth-data: Properly normalize URI when accessing secret service + + I've mishandled this issue pretty badly. Incredibly, my previous patch, + which was intended to ensure we always normalize URIs to security + origins when working with form auth data, only fixed use of the form + auth data cache. It didn't actually fix any use of the secret service + itself. Fix that. + + This commit notably removes support for mailman passwords, which is + making the code way too complicated and conflicts with the goal of + storing only security origins and not full URIs in the secret service. + + Note: this normalization is way better than what we were doing before. + In particular, it incidentally fixes odd bugs like the URI framgment, + even the empty fragment #, being sufficient to trick our password + manager into storing separate passwords, so this should also make the + password filling significantly more reliable than it used to be. (Unless + you need per-URI passwords without a username, i.e. mailman passwords, + in which case you're just out of luck, sorry!) + + https://bugzilla.gnome.org/show_bug.cgi?id=752738 + + lib/ephy-form-auth-data.c | 68 ++++++++++++++--------------------------------- + 1 file changed, 20 insertions(+), 48 deletions(-) + +commit 2b0cf9aee2347c948c22578252d5a29d1856b956 +Author: Michael Catanzaro <[email protected]> +Date: Wed Feb 1 21:43:01 2017 -0600 + + Fix impedance mismatch between web extension and form auth data cache + + Using just host is not sufficient, we need to have protocol and port as + well for matching based on security origin to work properly. + + Unfortunately the existing code here was full of subtle errors: the + parameters named "uri" were actually passed hostnames from the web + extension, and not URIs at all. The code only worked as long as that + assumption held, but I broke it because I expected the URI parameters to + actually contain URIs. So fix this. Really pass URIs and not hostnames, + and properly convert them to security origins. + + Thanks to Hussam for reporting this bug so quickly after it was + introduced. (As well as lots of other bugs in the past that I've rarely + credited him for in commit messages.) + + https://bugzilla.gnome.org/show_bug.cgi?id=752738 + + embed/web-extension/ephy-web-extension.c | 24 ++++++++++-------------- + lib/ephy-form-auth-data.c | 31 +++++++++++++++++-------------- + 2 files changed, 27 insertions(+), 28 deletions(-) + +commit f3f29da094841988c50094d8b6251d109eb473af +Author: Michael Catanzaro <[email protected]> +Date: Wed Feb 1 16:41:53 2017 -0600 + + Revert "session: Ignore blank URLs when saving session" + + This reverts commit 60097bafc38052904e6484232453a48607731de7. + + Seems to be causing problems, so let's not do this in gnome-3-22 + + src/ephy-session.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +commit 20fec56e03ce24833abcf54cbba5d5e7930394c6 +Author: Michael Catanzaro <[email protected]> +Date: Wed Feb 1 11:32:32 2017 -0600 + + Add profile migrator to migrate insecure passwords + + All previously-saved passwords will now only be available to https:// + origins. Users will have to manually enter their passwords once again in + order to save them separately for an insecure origin. + + https://bugzilla.gnome.org/show_bug.cgi?id=752738 + + lib/ephy-profile-migrator.c | 76 +++++++++++++++++++++++++++++++++++++++++++++ + lib/ephy-profile-utils.h | 2 +- + lib/ephy-uri-helpers.c | 24 ++++++++++++++ + lib/ephy-uri-helpers.h | 1 + + 4 files changed, 102 insertions(+), 1 deletion(-) + +commit ca63e0a9935d49c23039f9737908e5ffad3343b5 +Author: Michael Catanzaro <[email protected]> +Date: Thu Dec 29 19:33:48 2016 -0600 + + form-auth: Store passwords for security origins, not hosts + + This prevents an active MITM attacker from enumerating all your saved + passwords. The attacker will now only be able to access passwords saved + on http:// sites. That's by design, though; users are now warned when + focusing insecure password forms and should think twice before saving + such passwords. + + Unfortunately this does introduce a migration issue, in that no + previously-saved passwords will be available on https:// websites + anymore, and all previously-saved passwords will still be enumerable by + attackers. I'm not sure how to handle migration. We might be able to + handle it nicely by using the history service to guess whether a + password should be migrated from http:// to https://, but that is not a + simple project. + + https://bugzilla.gnome.org/show_bug.cgi?id=752738 + + lib/ephy-form-auth-data.c | 34 +++++++++++++++------------------- + src/passwords-dialog.c | 24 ++++++++++++++---------- + 2 files changed, 29 insertions(+), 29 deletions(-) + +commit 63aec58489c92863568137f19158ca707642c416 +Author: Michael Catanzaro <[email protected]> +Date: Thu Dec 29 12:54:43 2016 -0600 + + uri-helpers: Add function to convert URI to security origin + + lib/ephy-uri-helpers.c | 25 ++++++++++++++++++++++++- + lib/ephy-uri-helpers.h | 2 ++ + 2 files changed, 26 insertions(+), 1 deletion(-) + +commit 6ff985ed09415473871692eaef98266517562136 +Author: Michael Catanzaro <[email protected]> +Date: Sun Jan 29 21:51:54 2017 -0600 + + embed-prefs: Fix memory leak when setting languages + + This was a tough one. It's a GArray rather than a GPtrArray, which led + me on a wild goose chase trying to set a clear function for the array... + the clear function is not allowed to actually free memory, since GArray + is not designed for holding pointers. + + This code should probably be refactored further. + + https://bugzilla.gnome.org/show_bug.cgi?id=682723 + + embed/ephy-embed-prefs.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +commit 60097bafc38052904e6484232453a48607731de7 +Author: Michael Catanzaro <[email protected]> +Date: Thu Jan 26 08:29:07 2017 -0600 + + session: Ignore blank URLs when saving session + + src/ephy-session.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + commit e580ac9a6946ce6932c482494d7317415d321721 Author: Michael Catanzaro <[email protected]> Date: Mon Jan 16 18:24:40 2017 -0600 @@ -5858,141 +6061,3 @@ embed/web-extension/ephy-web-extension-main.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) - -commit e6369581944c85815d75972edd8f36391eb87314 -Author: Michael Catanzaro <[email protected]> -Date: Sat Jan 23 12:06:58 2016 -0600 - - web-extension-main: Use a pragma to silence -Wmissing-prototype - - I like this better. - - embed/web-extension/ephy-web-extension-main.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -commit 1f4f310360d94bccd16cd30a0e506b575f54d70f -Author: Mario Blättermann <[email protected]> -Date: Sat Jan 23 18:03:02 2016 +0100 - - Updated German translation - - po/de.po | 147 +++++++++++++++++++++++++++++++++------------------------------ - 1 file changed, 77 insertions(+), 70 deletions(-) - -commit b73a25759ee1ee17a999af7f8a7c83d261a3dc2a -Author: Michael Catanzaro <[email protected]> -Date: Fri Jan 22 16:32:04 2016 -0600 - - sqlite-statement: Chain up properly in finalize - - lib/ephy-sqlite-statement.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -commit 2799c0084cb2c699d496fa849692732b4c1aa64b -Author: Michael Catanzaro <[email protected]> -Date: Fri Jan 22 16:28:55 2016 -0600 - - sqlite-connection: chain up properly in finalize - - lib/ephy-sqlite-connection.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -commit 86fdf35e7d0d9926e21d8484f290d46141449dc7 -Author: Michael Catanzaro <[email protected]> -Date: Fri Jan 22 12:44:53 2016 -0600 - - Update appdata - - data/epiphany.appdata.xml.in | 22 ++++++++++++++++------ - 1 file changed, 16 insertions(+), 6 deletions(-) - -commit d1784f095b392998473eb42d879f62762336ccc8 -Author: Michael Catanzaro <[email protected]> -Date: Mon Jan 18 19:08:13 2016 -0600 - - web-overview: Do not drop thumbnail update requests - - When the overview is opened in a new tab, it normally works fine, but - when the overview is opened in the first tab when starting Epiphany, - there are no thumbnails for any of the sites: just empty placeholder - images, at least on my machine. That's not good. - - The snapshot service does not have the images ready immediately when - requested by EphyAboutHandler, so EphyAboutHandler is not able to insert - them into the overview HTML when it is created. Instead, it inserts a - placeholder image. Then, when the snapshot service has finished getting - the thumbnail, it makes a D-Bus call to the web extension to convey the - file URI for the thumbnail (for each URL in the overview). - EphyWebOverview replaces the placeholder image with the thumbnail when - it receives the call. - - The problem is the call can occur before WebKit has finished loading the - overview HTML, in which case the thumbnail changes get dropped and we - wind up with a bunch of placeholder images. Instead, remember the - thumbnail change requests as they come in, then apply them all after the - document has loaded. - - https://bugzilla.gnome.org/show_bug.cgi?id=758470 - - embed/web-extension/ephy-web-overview.c | 54 +++++++++++++++++++++++++++++++-- - 1 file changed, 52 insertions(+), 2 deletions(-) - -commit 10e6ad5057c4dc778ebbecc4757c4f4894bf1a6d -Author: Carlos Garcia Campos <[email protected]> -Date: Mon Jan 18 12:35:43 2016 +0100 - - ephy-session: restore session state when restoring recently closed tabs - - This feature was lost with the port to WebKit2, but it's now back and - improved, since now nt only the back list is restored, but the whole - history navigation information and the scroll position. - - https://bugzilla.gnome.org/show_bug.cgi?id=760782 - - src/ephy-session.c | 27 ++++++++++++++++++++++----- - 1 file changed, 22 insertions(+), 5 deletions(-) - -commit 20fa897c5ebd1c20b9f6caad312a88bdb22f800f -Author: Carlos Garcia Campos <[email protected]> -Date: Mon Jan 18 12:13:47 2016 +0100 - - ephy-session: simplify the code to track closed tabs parent notebook - - Use a refcounted struct to add/remove the weak pointer, and let the - closed tabs just ref/unref the notebook tracker. This should also fix - the leak reported in bug #695966. - - src/ephy-session.c | 164 +++++++++++++++++++++++++---------------------------- - 1 file changed, 78 insertions(+), 86 deletions(-) - -commit 5086e25fcb5e1aab30c50af55f9e2a9db5d8bf42 -Author: Carlos Garcia Campos <[email protected]> -Date: Mon Jan 18 09:35:08 2016 +0100 - - ephy-session: stop saving the back forward list for recently closed tabs - - This is currently unused. Also improve the detection of empty tabs with - no history to not add them to the list of closed tabs. - - src/ephy-session.c | 27 ++++++++------------------- - 1 file changed, 8 insertions(+), 19 deletions(-) - -commit c45ae0b29287353f3798428b7131d8ac2127da62 -Author: Carlos Garcia Campos <[email protected]> -Date: Thu Jan 14 17:59:13 2016 +0100 - - ephy-session: save and restore web view session state - - Using the new WebKit API available in 2.11.3. The session state is - serialized and then encoded as Base-64 to be able to to save it in our - current session state XML file. Now, we always save the session on - close, since there are more things that might have changed in the state - like the scroll position that we don't monitor to schedule saves. - - https://bugzilla.gnome.org/show_bug.cgi?id=119432 - - configure.ac | 2 +- - embed/ephy-embed.c | 23 +++++++++++--- - embed/ephy-embed.h | 3 +- - src/ephy-session.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++++----- - 4 files changed, 105 insertions(+), 14 deletions(-) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/NEWS new/epiphany-3.22.6/NEWS --- old/epiphany-3.22.5/NEWS 2017-01-17 01:24:36.000000000 +0100 +++ new/epiphany-3.22.6/NEWS 2017-02-03 20:23:22.000000000 +0100 @@ -1,4 +1,12 @@ =============== +Epiphany 3.22.6 +=============== + +- Fix minor memory leak (#682723) +- Fix serious password extraction sweep attack on password manager (#752738) +- Fix adblocker blocking too much stuff, breaking Twitter (#777714) + +=============== Epiphany 3.22.5 =============== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/configure new/epiphany-3.22.6/configure --- old/epiphany-3.22.5/configure 2017-01-17 01:25:22.000000000 +0100 +++ new/epiphany-3.22.6/configure 2017-02-03 20:23:58.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for GNOME Web Browser 3.22.5. +# Generated by GNU Autoconf 2.69 for GNOME Web Browser 3.22.6. # # Report bugs to <http://bugzilla.gnome.org/enter_bug.cgi?product=epiphany>. # @@ -591,8 +591,8 @@ # Identity of this package. PACKAGE_NAME='GNOME Web Browser' PACKAGE_TARNAME='epiphany' -PACKAGE_VERSION='3.22.5' -PACKAGE_STRING='GNOME Web Browser 3.22.5' +PACKAGE_VERSION='3.22.6' +PACKAGE_STRING='GNOME Web Browser 3.22.6' PACKAGE_BUGREPORT='http://bugzilla.gnome.org/enter_bug.cgi?product=epiphany' PACKAGE_URL='' @@ -1454,7 +1454,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures GNOME Web Browser 3.22.5 to adapt to many kinds of systems. +\`configure' configures GNOME Web Browser 3.22.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1524,7 +1524,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of GNOME Web Browser 3.22.5:";; + short | recursive ) echo "Configuration of GNOME Web Browser 3.22.6:";; esac cat <<\_ACEOF @@ -1672,7 +1672,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -GNOME Web Browser configure 3.22.5 +GNOME Web Browser configure 3.22.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2041,7 +2041,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by GNOME Web Browser $as_me 3.22.5, which was +It was created by GNOME Web Browser $as_me 3.22.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -6044,7 +6044,7 @@ # Define the identity of the package. PACKAGE='epiphany' - VERSION='3.22.5' + VERSION='3.22.6' cat >>confdefs.h <<_ACEOF @@ -17359,7 +17359,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by GNOME Web Browser $as_me 3.22.5, which was +This file was extended by GNOME Web Browser $as_me 3.22.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -17425,7 +17425,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -GNOME Web Browser config.status 3.22.5 +GNOME Web Browser config.status 3.22.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/configure.ac new/epiphany-3.22.6/configure.ac --- old/epiphany-3.22.5/configure.ac 2017-01-17 01:16:20.000000000 +0100 +++ new/epiphany-3.22.6/configure.ac 2017-02-03 20:23:28.000000000 +0100 @@ -16,7 +16,7 @@ m4_define([epiphany_version_major],[3]) m4_define([epiphany_version_minor],[22]) -m4_define([epiphany_version_micro],[5]) +m4_define([epiphany_version_micro],[6]) m4_define([epiphany_version],[epiphany_version_major.epiphany_version_minor.epiphany_version_micro]) AC_INIT([GNOME Web Browser],[epiphany_version],[http://bugzilla.gnome.org/enter_bug.cgi?product=epiphany],[epiphany]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/embed/ephy-embed-prefs.c new/epiphany-3.22.6/embed/ephy-embed-prefs.c --- old/epiphany-3.22.5/embed/ephy-embed-prefs.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/embed/ephy-embed-prefs.c 2017-02-03 20:20:31.000000000 +0100 @@ -344,7 +344,7 @@ { GArray *array; char **languages; - int i; + guint i; EphyEmbedShell *shell = ephy_embed_shell_get_default (); WebKitWebContext *web_context = ephy_embed_shell_get_web_context (shell); @@ -372,6 +372,8 @@ } g_strfreev (languages); + for (i = 0; i < array->len; i++) + g_free (g_array_index (array, char *, i)); g_array_free (array, TRUE); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/embed/web-extension/ephy-uri-tester.c new/epiphany-3.22.6/embed/web-extension/ephy-uri-tester.c --- old/epiphany-3.22.5/embed/web-extension/ephy-uri-tester.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/embed/web-extension/ephy-uri-tester.c 2017-02-03 20:20:31.000000000 +0100 @@ -374,7 +374,6 @@ ephy_uri_tester_fixup_regexp (const char *prefix, char *src) { GString *str; - int len = 0; if (!src) return NULL; @@ -386,26 +385,56 @@ (void)*src++; } + /* NOTE: The '$' is used as separator for the rule options, so rule patterns + cannot ever contain them. If a rule needs to match it, it uses "%24". + Splitting the option is done in ephy_uri_tester_add_url_pattern(). + + The loop below always escapes square brackets. This way there is no chance + that they get interpreted as a character class, and it is NOT needed to + escape '-' because it's only special inside a character class. */ do { switch (*src) { case '*': g_string_append (str, ".*"); break; - /*case '.': - g_string_append (str, "\\."); - break;*/ + case '^': + /* Matches a separator character, defined as: + * "anything but a letter, a digit, or one of the following: _ - . %" */ + g_string_append (str, "([^a-zA-Z\\d]|[_\\-\\.%])"); + break; + case '|': + /* If at the end of the pattern, the match is anchored at the end. In + * the middle of a pattern it matches a literal vertical bar and the + * character must be escaped. */ + if (src[1] == '\0') + g_string_append (str, "$"); + else + g_string_append (str, "\\|"); + break; + /* The following characters are escaped as they have a meaning in + * regular expressions: + * - '.' matches any character. + * - '+' matches the preceding pattern one or more times. + * - '?' matches the preceding pattern zero or one times. + * - '[' ']' are used to define a character class. + * - '{' '}' are used to define a min/max quantifier. + * - '(' ')' are used to defin a submatch expression. + * - '\' has several uses in regexps (shortcut character classes. + * matching non-printing characters, using octal/hex, octal + * constants, backreferences... they must to be escaped to + * match a literal backslash and prevent wrecking havoc!). */ + case '.': + case '+': case '?': case '[': case ']': + case '{': + case '}': + case '(': + case ')': + case '\\': g_string_append_printf (str, "\\%c", *src); break; - case '|': - /* FIXME: We actually need to match :[0-9]+ or '/'. Sign means - "here could be port number or nothing". So bla.com^ will match - bla.com/ or bla.com:8080/ but not bla.com.au/ */ - case '^': - case '+': - break; default: g_string_append_printf (str, "%c", *src); break; @@ -413,11 +442,6 @@ src++; } while (*src); - len = str->len; - /* We dont need .* in the end of url. Thats stupid */ - if (str->str && str->str[len - 1] == '*' && str->str[len - 2] == '.') - g_string_erase (str, len - 2, 2); - return str; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/embed/web-extension/ephy-web-extension.c new/epiphany-3.22.6/embed/web-extension/ephy-web-extension.c --- old/epiphany-3.22.5/embed/web-extension/ephy-web-extension.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/embed/web-extension/ephy-web-extension.c 2017-02-03 20:20:31.000000000 +0100 @@ -213,15 +213,15 @@ username_field_value, password_field_value, NULL, NULL); - g_free (uri_str); /* Update internal caching */ ephy_form_auth_data_cache_add (extension->form_auth_data_cache, - uri->host, + uri_str, username_field_name, password_field_name, username_field_value); + g_free (uri_str); g_free (username_field_name); g_free (username_field_value); g_free (password_field_name); @@ -434,14 +434,15 @@ return; extension = ephy_web_extension_get (); - form_auth_data_list = ephy_form_auth_data_cache_get_list (extension->form_auth_data_cache, uri->host); + uri_str = soup_uri_to_string (uri, FALSE); + form_auth_data_list = ephy_form_auth_data_cache_get_list (extension->form_auth_data_cache, uri_str); l = g_slist_find_custom (form_auth_data_list, form_auth, (GCompareFunc)ephy_form_auth_data_compare); - if (!l) + if (!l) { + g_free (uri_str); return; + } form_data = (EphyFormAuthData *)l->data; - uri_str = soup_uri_to_string (uri, FALSE); - username_node = ephy_embed_form_auth_get_username_node (form_auth); if (username_node) g_object_get (username_node, "value", &username, NULL); @@ -955,8 +956,7 @@ if (ephy_web_dom_utils_find_form_auth_elements (form, &username_node, &password_node)) { EphyEmbedFormAuth *form_auth; GSList *auth_data_list; - const char *uri_string; - SoupURI *uri; + const char *uri; LOG ("Hooking and pre-filling a form"); @@ -972,12 +972,8 @@ } /* Plug in the user autocomplete */ - uri_string = webkit_web_page_get_uri (web_page); - uri = soup_uri_new (uri_string); - - auth_data_list = ephy_form_auth_data_cache_get_list (extension->form_auth_data_cache, uri->host); - - soup_uri_free (uri); + uri = webkit_web_page_get_uri (web_page); + auth_data_list = ephy_form_auth_data_cache_get_list (extension->form_auth_data_cache, uri); if (auth_data_list && auth_data_list->next && username_node) { LOG ("More than 1 password saved, hooking menu for choosing which on focus"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-form-auth-data.c new/epiphany-3.22.6/lib/ephy-form-auth-data.c --- old/epiphany-3.22.5/lib/ephy-form-auth-data.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-form-auth-data.c 2017-02-03 20:20:31.000000000 +0100 @@ -20,7 +20,7 @@ #include "config.h" #include "ephy-form-auth-data.h" -#include "ephy-string.h" +#include "ephy-uri-helpers.h" #include <glib/gi18n.h> #include <libsoup/soup.h> @@ -41,42 +41,32 @@ return &schema; } -static void -normalize_and_prepare_uri (SoupURI *uri, - gboolean remove_path) -{ - g_assert (uri != NULL); - - /* We normalize https? schemes here so that we use passwords - * we stored in https sites in their http counterparts, and - * vice-versa. */ - if (uri->scheme == SOUP_URI_SCHEME_HTTPS) - soup_uri_set_scheme (uri, SOUP_URI_SCHEME_HTTP); - - soup_uri_set_query (uri, NULL); - if (remove_path) - soup_uri_set_path (uri, "/"); -} - static GHashTable * ephy_form_auth_data_get_secret_attributes_table (const char *uri, const char *field_username, const char *field_password, const char *username) { + GHashTable *attributes; + char *origin; + + origin = ephy_uri_to_security_origin (uri); if (field_username) return secret_attributes_build (EPHY_FORM_PASSWORD_SCHEMA, - URI_KEY, uri, + URI_KEY, origin, FORM_USERNAME_KEY, field_username, FORM_PASSWORD_KEY, field_password, username ? USERNAME_KEY : NULL, username, NULL); else - return secret_attributes_build (EPHY_FORM_PASSWORD_SCHEMA, - URI_KEY, uri, - FORM_PASSWORD_KEY, field_password, - username ? USERNAME_KEY : NULL, username, - NULL); + attributes = secret_attributes_build (EPHY_FORM_PASSWORD_SCHEMA, + URI_KEY, origin, + FORM_PASSWORD_KEY, field_password, + username ? USERNAME_KEY : NULL, username, + NULL); + g_free (origin); + + return attributes; } static void @@ -104,10 +94,9 @@ GAsyncReadyCallback callback, gpointer userdata) { - SoupURI *fake_uri; - char *fake_uri_str; SecretValue *value; GHashTable *attributes; + char *origin; char *label; GTask *task; @@ -116,32 +105,24 @@ g_return_if_fail (password); g_return_if_fail ((form_username && username) || (!form_username && !username)); - fake_uri = soup_uri_new (uri); - g_return_if_fail (fake_uri); - task = g_task_new (NULL, NULL, callback, userdata); - /* Mailman passwords need the full URI */ - if (!form_username && g_strcmp0 (form_password, "adminpw") == 0) - normalize_and_prepare_uri (fake_uri, FALSE); - else - normalize_and_prepare_uri (fake_uri, TRUE); - fake_uri_str = soup_uri_to_string (fake_uri, FALSE); value = secret_value_new (password, -1, "text/plain"); - attributes = ephy_form_auth_data_get_secret_attributes_table (fake_uri_str, form_username, + attributes = ephy_form_auth_data_get_secret_attributes_table (uri, form_username, form_password, username); + origin = ephy_uri_to_security_origin (uri); if (username != NULL) { /* Translators: The first %s is the username and the second one is the - * hostname where this is happening. Example: [email protected] and - * mail.google.com. + * security origin where this is happening. Example: [email protected] and + * https://mail.google.com. */ label = g_strdup_printf (_("Password for %s in a form in %s"), - username, fake_uri_str); + username, origin); } else { - /* Translators: The first %s is the hostname where this is happening. - * Example: mail.google.com. + /* Translators: The first %s is the security origin where this is happening. + * Example: https://mail.google.com. */ - label = g_strdup_printf (_("Password in a form in %s"), fake_uri_str); + label = g_strdup_printf (_("Password in a form in %s"), origin); } secret_service_store (NULL, EPHY_FORM_PASSWORD_SCHEMA, attributes, NULL, label, value, @@ -152,8 +133,7 @@ g_free (label); secret_value_unref (value); g_hash_table_unref (attributes); - soup_uri_free (fake_uri); - g_free (fake_uri_str); + g_free (origin); g_object_unref (task); } @@ -234,25 +214,13 @@ gpointer user_data, GDestroyNotify destroy_data) { - SoupURI *key; - char *key_str; EphyFormAuthDataQueryClosure *closure; GHashTable *attributes; g_return_if_fail (uri); g_return_if_fail (form_password); - key = soup_uri_new (uri); - g_return_if_fail (key); - - if (!form_username && g_strcmp0 (form_password, "adminpw") == 0) - normalize_and_prepare_uri (key, FALSE); - else - normalize_and_prepare_uri (key, TRUE); - - key_str = soup_uri_to_string (key, FALSE); - - attributes = ephy_form_auth_data_get_secret_attributes_table (key_str, + attributes = ephy_form_auth_data_get_secret_attributes_table (uri, form_username, form_password, username); @@ -270,8 +238,6 @@ closure); g_hash_table_unref (attributes); - soup_uri_free (key); - g_free (key_str); } static EphyFormAuthData * @@ -317,16 +283,13 @@ for (p = results; p; p = p->next) { SecretItem *item = (SecretItem *)p->data; GHashTable *attributes; - char *host; attributes = secret_item_get_attributes (item); - host = ephy_string_get_host_name (g_hash_table_lookup (attributes, URI_KEY)); - ephy_form_auth_data_cache_add (cache, host, + ephy_form_auth_data_cache_add (cache, + g_hash_table_lookup (attributes, URI_KEY), g_hash_table_lookup (attributes, FORM_USERNAME_KEY), g_hash_table_lookup (attributes, FORM_PASSWORD_KEY), g_hash_table_lookup (attributes, USERNAME_KEY)); - - g_free (host); g_hash_table_unref (attributes); } @@ -397,24 +360,32 @@ { EphyFormAuthData *data; GSList *l; + char *origin; g_return_if_fail (cache); g_return_if_fail (uri); g_return_if_fail (form_password); data = ephy_form_auth_data_new (form_username, form_password, username); - l = g_hash_table_lookup (cache->form_auth_data_map, uri); + origin = ephy_uri_to_security_origin (uri); + l = g_hash_table_lookup (cache->form_auth_data_map, origin); l = g_slist_append (l, data); - g_hash_table_replace (cache->form_auth_data_map, - g_strdup (uri), l); + g_hash_table_replace (cache->form_auth_data_map, origin, l); } GSList * ephy_form_auth_data_cache_get_list (EphyFormAuthDataCache *cache, const char *uri) { + char *origin; + GSList *list; + g_return_val_if_fail (cache, NULL); g_return_val_if_fail (uri, NULL); - return g_hash_table_lookup (cache->form_auth_data_map, uri); + origin = ephy_uri_to_security_origin (uri); + list = g_hash_table_lookup (cache->form_auth_data_map, origin); + g_free (origin); + + return list; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-profile-migrator.c new/epiphany-3.22.6/lib/ephy-profile-migrator.c --- old/epiphany-3.22.5/lib/ephy-profile-migrator.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-profile-migrator.c 2017-02-03 20:20:31.000000000 +0100 @@ -37,6 +37,7 @@ #include "ephy-profile-utils.h" #include "ephy-settings.h" #include "ephy-sqlite-connection.h" +#include "ephy-uri-helpers.h" #include "ephy-web-app-utils.h" #include <fcntl.h> @@ -698,6 +699,102 @@ ephy_web_application_free_application_list (web_apps); } +/* https://bugzilla.gnome.org/show_bug.cgi?id=752738 */ +static void +migrate_insecure_password (SecretItem *item) +{ + GHashTable *attributes; + SoupURI *soup_uri; + const char *original_uri; + + attributes = secret_item_get_attributes (item); + original_uri = g_hash_table_lookup (attributes, URI_KEY); + soup_uri = soup_uri_new (original_uri); + if (soup_uri == NULL) { + g_warning ("Failed to convert URI %s to a SoupURI, insecure password will not be migrated", original_uri); + g_hash_table_unref (attributes); + return; + } + + if (soup_uri->scheme == SOUP_URI_SCHEME_HTTP) { + char *new_uri; + GError *error = NULL; + + new_uri = ephy_uri_to_https_security_origin (original_uri); + + g_hash_table_replace (attributes, g_strdup (URI_KEY), new_uri); + secret_item_set_attributes_sync (item, EPHY_FORM_PASSWORD_SCHEMA, attributes, NULL, &error); + if (error != NULL) { + g_warning ("Failed to convert URI %s to https://, insecure password will not be migrated: %s", original_uri, error->message); + g_error_free (error); + } + } + + g_hash_table_unref (attributes); + soup_uri_free (soup_uri); +} + +static void +migrate_insecure_passwords (void) +{ + SecretService *service; + GHashTable *attributes; + GList *items; + int default_profile_migration_version; + GError *error = NULL; + + /* This is ephy *profile* migrator. It runs on a per-profile basis. i.e. + * each web app runs migrators separately. So this migration step could run + * once for a profile dir, then again far in the future when an old web app + * is opened. But passwords are global state, not stored in the profile dir, + * and we want to run this migration only once. This is tricky to fix, but + * it's easier if we relax the constraint to "never run this migrator if it + * has been run already for the default profile dir." That's because we don't + * really care if a couple web app passwords get converted from insecure to + * secure, which is not a big problem and indicates the user probably never + * uses Epiphany except for web apps anyway. We just don't want all the user's + * passwords to get converted mysteriously because he happens to open a web + * app. So check the migration version for the default profile dir and abort + * if this migrator has already run there. This way we avoid adding a new flag + * file to clutter the profile dir just to check if this migrator has run. + */ + default_profile_migration_version = ephy_profile_utils_get_migration_version_for_profile_dir (ephy_default_dot_dir ()); + if (default_profile_migration_version >= EPHY_INSECURE_PASSWORDS_MIGRATION_VERSION) { + LOG ("Skipping insecure password migration because default profile has already migrated"); + return; + } + + service = secret_service_get_sync (SECRET_SERVICE_LOAD_COLLECTIONS, NULL, &error); + if (error != NULL) { + g_warning ("Failed to get secret service proxy, insecure passwords will not be migrated: %s", error->message); + g_error_free (error); + return; + } + + attributes = secret_attributes_build (EPHY_FORM_PASSWORD_SCHEMA, NULL); + + items = secret_service_search_sync (service, + EPHY_FORM_PASSWORD_SCHEMA, + attributes, + SECRET_SEARCH_ALL | SECRET_SEARCH_UNLOCK | SECRET_SEARCH_LOAD_SECRETS, + NULL, + &error); + if (error != NULL) { + g_warning ("Failed to search secret service, insecure passwords will not be migrated: %s", error->message); + g_error_free (error); + goto out; + } + + for (GList *l = items; l != NULL; l = l->next) + migrate_insecure_password ((SecretItem *)l->data); + + g_list_free_full (items, g_object_unref); + +out: + g_object_unref (service); + g_hash_table_unref (attributes); +} + static void migrate_nothing (void) { @@ -721,6 +818,7 @@ migrate_new_urls_table, migrate_form_passwords_to_libsecret, migrate_app_desktop_file_categories, + migrate_insecure_passwords, }; static gboolean diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-profile-utils.c new/epiphany-3.22.6/lib/ephy-profile-utils.c --- old/epiphany-3.22.5/lib/ephy-profile-utils.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-profile-utils.c 2017-02-03 20:20:31.000000000 +0100 @@ -23,17 +23,19 @@ #include "ephy-debug.h" #include "ephy-file-helpers.h" +#include <string.h> + #define PROFILE_MIGRATION_FILE ".migrated" int -ephy_profile_utils_get_migration_version (void) +ephy_profile_utils_get_migration_version_for_profile_dir (const char *profile_directory) { char *migrated_file, *contents = NULL; gsize size; int result = 0; int latest = 0; - migrated_file = g_build_filename (ephy_dot_dir (), + migrated_file = g_build_filename (profile_directory, PROFILE_MIGRATION_FILE, NULL); @@ -47,7 +49,8 @@ if (result != 1) latest = 0; - } else if (ephy_dot_dir_is_default () == FALSE) { + } else if (strcmp (ephy_dot_dir (), profile_directory) == 0 && + ephy_dot_dir_is_default () == FALSE) { /* Since version 8, we need to migrate also profile directories other than the default one. Profiles in such directories work perfectly fine without going through the first 7 migration @@ -62,6 +65,12 @@ return latest; } +int +ephy_profile_utils_get_migration_version (void) +{ + return ephy_profile_utils_get_migration_version_for_profile_dir (ephy_dot_dir ()); +} + gboolean ephy_profile_utils_set_migration_version (int version) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-profile-utils.h new/epiphany-3.22.6/lib/ephy-profile-utils.h --- old/epiphany-3.22.5/lib/ephy-profile-utils.h 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-profile-utils.h 2017-02-03 20:20:31.000000000 +0100 @@ -20,13 +20,15 @@ #include <glib.h> -#define EPHY_PROFILE_MIGRATION_VERSION 10 +#define EPHY_PROFILE_MIGRATION_VERSION 11 +#define EPHY_INSECURE_PASSWORDS_MIGRATION_VERSION 11 #define EPHY_HISTORY_FILE "ephy-history.db" #define EPHY_BOOKMARKS_FILE "ephy-bookmarks.xml" #define EPHY_BOOKMARKS_FILE_RDF "bookmarks.rdf" int ephy_profile_utils_get_migration_version (void); +int ephy_profile_utils_get_migration_version_for_profile_dir (const char *profile_directory); gboolean ephy_profile_utils_set_migration_version (int version); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-uri-helpers.c new/epiphany-3.22.6/lib/ephy-uri-helpers.c --- old/epiphany-3.22.5/lib/ephy-uri-helpers.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-uri-helpers.c 2017-02-03 20:20:31.000000000 +0100 @@ -1,6 +1,7 @@ /* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* * Copyright © 2013 Bastien Nocera <[email protected]> + * Copyright © 2016 Igalia S.L. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -280,4 +281,50 @@ return encoded_uri; } -/* vim: set sw=2 ts=2 sts=2 et: */ +char * +ephy_uri_to_security_origin (const char *uri_string) +{ + SoupURI *uri; + char *result; + + /* Convert to URI containing only protocol, host, and port. */ + uri = soup_uri_new (uri_string); + if (uri == NULL) + return NULL; + + if (uri->scheme == SOUP_URI_SCHEME_FILE || + uri->scheme == SOUP_URI_SCHEME_DATA) + return NULL; + + if (soup_uri_uses_default_port (uri)) + result = g_strdup_printf ("%s://%s", uri->scheme, uri->host); + else + result = g_strdup_printf ("%s://%s:%u", uri->scheme, uri->host, uri->port); + soup_uri_free (uri); + + return result; +} + +char * +ephy_uri_to_https_security_origin (const char *uri_string) +{ + SoupURI *uri; + char *result; + + /* Convert to URI containing only protocol, host, and port. */ + uri = soup_uri_new (uri_string); + if (uri == NULL) + return NULL; + + if (uri->scheme == SOUP_URI_SCHEME_FILE || + uri->scheme == SOUP_URI_SCHEME_DATA) + return NULL; + + if (soup_uri_uses_default_port (uri)) + result = g_strdup_printf ("https://%s";, uri->host); + else + result = g_strdup_printf ("https://%s:%u";, uri->host, uri->port); + soup_uri_free (uri); + + return result; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/lib/ephy-uri-helpers.h new/epiphany-3.22.6/lib/ephy-uri-helpers.h --- old/epiphany-3.22.5/lib/ephy-uri-helpers.h 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/lib/ephy-uri-helpers.h 2017-02-03 20:20:31.000000000 +0100 @@ -1,6 +1,7 @@ /* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* * Copyright © 2013 Bastien Nocera <[email protected]> + * Copyright © 2016 Igalia S.L. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,6 +27,8 @@ char *ephy_remove_tracking_from_uri (const char *uri); char *ephy_uri_decode (const char *uri); char *ephy_uri_normalize (const char *uri); +char *ephy_uri_to_security_origin (const char *uri); +char *ephy_uri_to_https_security_origin (const char *uri); G_END_DECLS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/src/ephy-shell-search-provider-generated.c new/epiphany-3.22.6/src/ephy-shell-search-provider-generated.c --- old/epiphany-3.22.5/src/ephy-shell-search-provider-generated.c 2017-01-17 01:25:40.000000000 +0100 +++ new/epiphany-3.22.6/src/ephy-shell-search-provider-generated.c 2017-02-03 20:24:15.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Generated by gdbus-codegen 2.51.0. DO NOT EDIT. + * Generated by gdbus-codegen 2.51.1. DO NOT EDIT. * * The license of this code is the same as for the source it was derived from. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/src/ephy-shell-search-provider-generated.h new/epiphany-3.22.6/src/ephy-shell-search-provider-generated.h --- old/epiphany-3.22.5/src/ephy-shell-search-provider-generated.h 2017-01-17 01:25:40.000000000 +0100 +++ new/epiphany-3.22.6/src/ephy-shell-search-provider-generated.h 2017-02-03 20:24:15.000000000 +0100 @@ -1,5 +1,5 @@ /* - * Generated by gdbus-codegen 2.51.0. DO NOT EDIT. + * Generated by gdbus-codegen 2.51.1. DO NOT EDIT. * * The license of this code is the same as for the source it was derived from. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/epiphany-3.22.5/src/passwords-dialog.c new/epiphany-3.22.6/src/passwords-dialog.c --- old/epiphany-3.22.5/src/passwords-dialog.c 2017-01-17 01:15:54.000000000 +0100 +++ new/epiphany-3.22.6/src/passwords-dialog.c 2017-02-03 20:20:31.000000000 +0100 @@ -26,11 +26,11 @@ #include <libsecret/secret.h> #include "ephy-form-auth-data.h" -#include "ephy-string.h" +#include "ephy-uri-helpers.h" #include "passwords-dialog.h" typedef enum { - COL_PASSWORDS_HOST, + COL_PASSWORDS_ORIGIN, COL_PASSWORDS_USER, COL_PASSWORDS_PASSWORD, COL_PASSWORDS_INVISIBLE, @@ -402,26 +402,30 @@ GHashTable *attributes = NULL; const char *username = NULL; const char *password = NULL; - char *host = NULL; + char *origin = NULL; GtkTreeIter iter; attributes = secret_item_get_attributes (item); username = g_hash_table_lookup (attributes, USERNAME_KEY); - host = ephy_string_get_host_name (g_hash_table_lookup (attributes, URI_KEY)); value = secret_item_get_secret (item); password = secret_value_get (value, NULL); + origin = ephy_uri_to_security_origin (g_hash_table_lookup (attributes, URI_KEY)); + if (origin == NULL) { + g_hash_table_unref (attributes); + continue; + } gtk_list_store_insert_with_values (GTK_LIST_STORE (dialog->liststore), &iter, -1, - COL_PASSWORDS_HOST, host, + COL_PASSWORDS_ORIGIN, origin, COL_PASSWORDS_USER, username, COL_PASSWORDS_PASSWORD, password, COL_PASSWORDS_INVISIBLE, "●●●●●●●●", COL_PASSWORDS_DATA, item, -1); - g_free (host); + g_free (origin); g_hash_table_unref (attributes); } @@ -463,23 +467,23 @@ EphyPasswordsDialog *dialog) { char *username; - char *host; + char *origin; gboolean visible = FALSE; if (dialog->search_text == NULL) return TRUE; gtk_tree_model_get (model, iter, - COL_PASSWORDS_HOST, &host, + COL_PASSWORDS_ORIGIN, &origin, COL_PASSWORDS_USER, &username, -1); - if (host != NULL && g_strrstr (host, dialog->search_text) != NULL) + if (origin != NULL && g_strrstr (origin, dialog->search_text) != NULL) visible = TRUE; else if (username != NULL && g_strrstr (username, dialog->search_text) != NULL) visible = TRUE; - g_free (host); + g_free (origin); g_free (username); return visible;
