GNOME Bugzilla – Bug 744280
ssh agent no longer remembers unlocked keys
Last modified: 2015-04-15 08:07:36 UTC
This was broken in commit d177a8b5353f ssh-agent: Fix leak in search_keys_like_attributes() gck_enumerator_next() return value must be unref'fed as it's transfer full. ssh foo.example.com is always asking to unlock the corresponding key while before this commit this works fine. gkd-ssh-agent-ops.c:op_sign_request has: result = unlock_and_sign (session, key, mech, hash, n_hash, &n_result, &error); g_object_unref (session); g_object_unref (key); After the leak fix mentioned above, unreffing 'key' causes the last reference to be released, so it's destroyed, and this locks the just unlocked key. Removing the g_object_unref() avoids this issue, but readds a leak. I assume 'key' should be added somewhere so that it's kept alive, but I'm not really sure where/how :(
At this point, best course of action is to revert that patch and fix the ssh agent, unless someone manages to come up with a fix ;) The leak has been present for a while anyway, so having it for one more release isn't going to be the end of the world.
I agree with Christophe. I had hoped to refactor this code to use the real ssh-agent instead (and thus get ECDSA support). But I didn't get around to it, so lets just revert for now.
I just pushed commit 06422ea which reverts the problematic patch, ssh agent should be working fine now.
thanks, now we just need to make sure we have a gnome-keyring release for 3.16
Can this bug be closed now?
Yup, thanks for the reminder.