Ubuntu
gnome-keyring package

Merge lp:~mitya57/ubuntu/raring/gnome-keyring/dbus-fixes into lp:ubuntu/raring/gnome-keyring

Raring (13.04)
dbus-fixes
Merge into raring

Proposed by Dmitry Shachnev on 2013-03-10

Status:	Merged
Merge reported by:	Sebastien Bacher
Merged at revision:	not available
Proposed branch:	lp:~mitya57/ubuntu/raring/gnome-keyring/dbus-fixes
Merge into:	lp:ubuntu/raring/gnome-keyring
Diff against target:	4024 lines (+3877/-24) 13 files modified .pc/00git_fix_introspection.patch/daemon/dbus/gkd-secret-introspect.c (+285/-0) .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.c (+1710/-0) .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.h (+112/-0) .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-service.c (+1598/-0) .pc/applied-patches (+2/-0) daemon/dbus/gkd-secret-introspect.c (+2/-3) daemon/dbus/gkd-secret-objects.c (+29/-19) daemon/dbus/gkd-secret-objects.h (+2/-1) daemon/dbus/gkd-secret-service.c (+1/-1) debian/changelog (+9/-0) debian/patches/00git_fix_introspection.patch (+26/-0) debian/patches/00git_fix_searchitems_method.patch (+99/-0) debian/patches/series (+2/-0)
To merge this branch:	bzr merge lp:~mitya57/ubuntu/raring/gnome-keyring/dbus-fixes
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Ubuntu branches		2013-03-10	Pending
Review via email: mp+152580@code.launchpad.net

Description of the change

Added two upstream patches to fix D-Bus related issues.

* debian/patches/00git_fix_searchitems_method.patch:
Upstream patch to fix return value of Collection.SearchItems().
* debian/patches/00git_fix_introspection.patch:
Upstream patch to fix introspection of some D-Bus methods.

Revision history for this message

Dmitry Shachnev (mitya57) wrote on 2013-03-12:

FWIW, I've also reviewed all the implementations I know to make sure this doesn't cause any regressions:

- libsecret: expect the *right* behavior (confirmed by Stef Walter);
- python-secretstorage: handles both cases correctly;
- ubuntu-sso-client, python-keyring: do not use that function at all.

lp:~mitya57/ubuntu/raring/gnome-keyring/dbus-fixes updated on 2013-03-14

161. By Dmitry Shachnev on 2013-03-14: Rename 05_fix_introspection.patch to 00git_fix_introspection.patch
now that it has been applied upstream
162. By Dmitry Shachnev on 2013-03-14: Update .pc directory so that the branch is buildable

Revision history for this message

Sebastien Bacher (seb128) wrote on 2013-03-15:

Thanks, uploaded to raring. Upstream asked if you want some fixes backported to the gnome-3-6 serie, it could be good to have those officially in there

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Dmitry Shachnev

Ubuntu branches

 === added directory '.pc/00git_fix_introspection.patch'
 === added directory '.pc/00git_fix_introspection.patch/daemon'
 === added directory '.pc/00git_fix_introspection.patch/daemon/dbus'
 === added file '.pc/00git_fix_introspection.patch/daemon/dbus/gkd-secret-introspect.c'
 --- .pc/00git_fix_introspection.patch/daemon/dbus/gkd-secret-introspect.c	1970-01-01 00:00:00 +0000
 +++ .pc/00git_fix_introspection.patch/daemon/dbus/gkd-secret-introspect.c	2013-03-14 13:26:21 +0000
@@ -0,0 +1,285 @@
++/*
++ * gnome-keyring
++ *
++ * Copyright (C) 2011 Collabora Ltd.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU Lesser General Public License as
++ * published by the Free Software Foundation; either version 2.1 of
++ * the License, or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
++ * 02111-1307, USA.
++ *
++ * Author: Stef Walter <stefw@collabora.co.uk>
++ */
++
++#include "config.h"
++
++#include "gkd-secret-introspect.h"
++
++const gchar *gkd_secret_introspect_root =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"	<node name='org/freedesktop/secrets'/>\n"
++	"</node>\n";
++
++const gchar *gkd_secret_introspect_collection =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Introspectable'>\n"
++	"		<method name='Introspect'>\n"
++	"			<arg name='data' direction='out' type='s'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Properties'>\n"
++	"		<method name='Get'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='out' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='Set'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='in' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='GetAll'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='props' direction='out' type='a{sv}'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.Secret.Collection'>\n"
++	"		<property name='Items' type='ao' access='read'/>\n"
++	"		<property name='Label' type='s' access='readwrite'/>\n"
++	"		<property name='Locked' type='s' access='read'/>\n"
++	"		<property name='Created' type='t' access='read'/>\n"
++	"		<property name='Modified' type='t' access='read'/>\n"
++	"		<method name='Delete'>\n"
++	"			<arg name='prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"		<method name='SearchItems'>\n"
++	"			<arg name='attributes' type='a{ss}' direction='in'/>\n"
++	"			<arg name='unlocked' type='ao' direction='out'/>\n"
++	"			<arg name='locked' type='ao' direction='out'/>\n"
++	"		</method>\n"
++	"		<method name='CreateItem'>\n"
++	"			<arg name='props' type='a{sv}' direction='in'/>\n"
++	"			<arg name='secret' type='(oayays)' direction='in'/>\n"
++	"			<arg name='replace' type='b' direction='in'/>\n"
++	"			<arg name='item' type='o' direction='out'/>\n"
++	"			<arg name='prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"		<signal name='ItemCreated'>\n"
++	"			<arg name='item' type='o'/>\n"
++	"		</signal>\n"
++	"		<signal name='ItemDeleted'>\n"
++	"			<arg name='item' type='o'/>\n"
++	"		</signal>\n"
++	"		<signal name='ItemChanged'>\n"
++	"			<arg name='item' type='o'/>\n"
++	"		</signal>\n"
++	"	</interface>\n"
++	"\n"
++	"<!--@children@-->"
++	"</node>\n";
++
++const gchar *gkd_secret_introspect_item =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Introspectable'>\n"
++	"		<method name='Introspect'>\n"
++	"			<arg name='data' direction='out' type='s'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Properties'>\n"
++	"		<method name='Get'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='out' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='Set'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='in' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='GetAll'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='props' direction='out' type='a{sv}'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.Secret.Item'>\n"
++	"		<property name='Locked' type='b' access='read'/>\n"
++	"		<property name='Attributes' type='a{ss}' access='readwrite'/>\n"
++	"		<property name='Label' type='s' access='readwrite'/>\n"
++	"		<property name='Type' type='s' access='readwrite'/>\n"
++	"		<property name='Created' type='t' access='read'/>\n"
++	"		<property name='Modified' type='t' access='read'/>\n"
++	"		<method name='Delete'>\n"
++	"			<arg name='prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"		<method name='GetSecret'>\n"
++	"			<arg name='session' type='o' direction='in'/>\n"
++	"			<arg name='secret' type='(oayays)' direction='out'/>\n"
++	"		</method>\n"
++	"		<method name='SetSecret'>\n"
++	"			<arg name='secret' type='(oayays)' direction='in'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"</node>\n";
++
++const gchar *gkd_secret_introspect_prompt =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Introspectable'>\n"
++	"		<method name='Introspect'>\n"
++	"			<arg name='data' direction='out' type='s'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.Secret.Prompt'>\n"
++	"		<method name='Prompt'>\n"
++	"			<arg name='window-id' type='s' direction='in'/>\n"
++	"		</method>\n"
++	"		<method name='Dismiss'>\n"
++	"		</method>\n"
++	"		<signal name='Completed'>\n"
++	"			<arg name='dismissed' type='b'/>\n"
++	"			<arg name='result' type='v'/>\n"
++	"		</signal>\n"
++	"	</interface>\n"
++	"\n"
++	"</node>\n";
++
++const gchar *gkd_secret_introspect_service =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Introspectable'>\n"
++	"		<method name='Introspect'>\n"
++	"			<arg name='data' direction='out' type='s'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Properties'>\n"
++	"		<method name='Get'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='out' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='Set'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='propname' direction='in' type='s'/>\n"
++	"			<arg name='value' direction='in' type='v'/>\n"
++	"		</method>\n"
++	"		<method name='GetAll'>\n"
++	"			<arg name='interface' direction='in' type='s'/>\n"
++	"			<arg name='props' direction='out' type='a{sv}'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.Secret.Service'>\n"
++	"\n"
++	"		<property name='Collections' type='ao' access='read'/>\n"
++	"\n"
++	"		<method name='OpenSession'>\n"
++	"			<arg name='algorithm' type='s' direction='in'/>\n"
++	"			<arg name='input' type='v' direction='in'/>\n"
++	"			<arg name='output' type='v' direction='out'/>\n"
++	"			<arg name='result' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='CreateCollection'>\n"
++	"			<arg name='properties' type='a{sv}' direction='in'/>\n"
++	"			<arg name='alias' type='s' direction='in'/>\n"
++	"			<arg name='collection' type='o' direction='out'/>\n"
++	"			<arg name='prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='SearchItems'>\n"
++	"			<arg name='attributes' type='a{ss}' direction='in'/>\n"
++	"			<arg name='unlocked' type='ao' direction='out'/>\n"
++	"			<arg name='locked' type='ao' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='Unlock'>\n"
++	"			<arg name='objects' type='ao' direction='in'/>\n"
++	"			<arg name='unlocked' type='ao' direction='out'/>\n"
++	"			<arg name='prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='Lock'>\n"
++	"			<arg name='objects' type='ao' direction='in'/>\n"
++	"			<arg name='locked' type='ao' direction='out'/>\n"
++	"			<arg name='Prompt' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='GetSecrets'>\n"
++	"			<arg name='items' type='ao' direction='in'/>\n"
++	"			<arg name='session' type='o' direction='in'/>\n"
++	"			<arg name='secrets' type='a{o(oayays)}' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='ReadAlias'>\n"
++	"			<arg name='name' type='s' direction='in'/>\n"
++	"			<arg name='collection' type='o' direction='out'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<method name='SetAlias'>\n"
++	"			<arg name='name' type='s' direction='in'/>\n"
++	"			<arg name='collection' type='o' direction='in'/>\n"
++	"		</method>\n"
++	"\n"
++	"		<signal name='CollectionCreated'>\n"
++	"			<arg name='collection' type='o'/>\n"
++	"		</signal>\n"
++	"\n"
++	"		<signal name='CollectionDeleted'>\n"
++	"			<arg name='collection' type='o'/>\n"
++	"		</signal>\n"
++	"\n"
++	"		<signal name='CollectionChanged'>\n"
++	"			<arg name='collection' type='o'/>\n"
++	"		</signal>\n"
++	"\n"
++	"	</interface>\n"
++	"\n"
++	"<!--@children@-->"
++	"</node>\n";
++
++const gchar *gkd_secret_introspect_session =
++	"<!DOCTYPE node PUBLIC '-//freedesktop//DTD D-BUS Object Introspection 1.0//EN'\n"
++	"	'http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd'>\n"
++	"<node>\n"
++	"\n"
++	"	<interface name='org.freedesktop.DBus.Introspectable'>\n"
++	"		<method name='Introspect'>\n"
++	"			<arg name='data' direction='out' type='s'/>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"	<interface name='org.freedesktop.Secret.Session'>\n"
++	"		<method name='Close'>\n"
++	"		</method>\n"
++	"	</interface>\n"
++	"\n"
++	"</node>\n";
 === added directory '.pc/00git_fix_searchitems_method.patch'
 === added directory '.pc/00git_fix_searchitems_method.patch/daemon'
 === added directory '.pc/00git_fix_searchitems_method.patch/daemon/dbus'
 === added file '.pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.c'
 --- .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.c	1970-01-01 00:00:00 +0000
 +++ .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.c	2013-03-14 13:26:21 +0000
@@ -0,0 +1,1710 @@
++/*
++ * gnome-keyring
++ *
++ * Copyright (C) 2008 Stefan Walter
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU Lesser General Public License as
++ * published by the Free Software Foundation; either version 2.1 of
++ * the License, or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
++ * 02111-1307, USA.
++ */
++
++#include "config.h"
++
++#include "gkd-dbus-util.h"
++
++#include "gkd-secret-error.h"
++#include "gkd-secret-introspect.h"
++#include "gkd-secret-objects.h"
++#include "gkd-secret-property.h"
++#include "gkd-secret-secret.h"
++#include "gkd-secret-service.h"
++#include "gkd-secret-session.h"
++#include "gkd-secret-types.h"
++#include "gkd-secret-util.h"
++
++#include "egg/egg-error.h"
++
++#include "pkcs11/pkcs11i.h"
++
++#include <string.h>
++
++enum {
++	PROP_0,
++	PROP_PKCS11_SLOT,
++	PROP_SERVICE
++};
++
++struct _GkdSecretObjects {
++	GObject parent;
++	GkdSecretService *service;
++	GckSlot *pkcs11_slot;
++};
++
++static gchar *    object_path_for_item          (const gchar *base,
++                                                 GckObject *item);
++
++static gchar *    object_path_for_collection    (GckObject *collection);
++
++static gchar *    collection_path_for_item      (GckObject *item);
++
++G_DEFINE_TYPE (GkdSecretObjects, gkd_secret_objects, G_TYPE_OBJECT);
++
++/* -----------------------------------------------------------------------------
++ * INTERNAL
++ */
++
++static gboolean
++parse_object_path (GkdSecretObjects *self, const gchar *path, gchar **collection, gchar **item)
++{
++	const gchar *replace;
++
++	g_assert (self);
++	g_assert (path);
++	g_assert (collection);
++
++	if (!gkd_secret_util_parse_path (path, collection, item))
++		return FALSE;
++
++	if (g_str_has_prefix (path, SECRET_ALIAS_PREFIX)) {
++		replace = gkd_secret_service_get_alias (self->service, *collection);
++		if (!replace) {
++			g_free (*collection);
++			*collection = NULL;
++			if (item) {
++				g_free (*item);
++				*item = NULL;
++			}
++			return FALSE;
++		}
++		g_free (*collection);
++		*collection = g_strdup (replace);
++	}
++
++	return TRUE;
++}
++
++static DBusMessage*
++object_property_get (GckObject *object, DBusMessage *message,
++                     const gchar *prop_name)
++{
++	DBusMessageIter iter;
++	GError *error = NULL;
++	DBusMessage *reply;
++	GckAttribute attr;
++	gpointer value;
++	gsize length;
++
++	if (!gkd_secret_property_get_type (prop_name, &attr.type))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have the '%s' property", prop_name);
++
++	/* Retrieve the actual attribute */
++	attr.value = value = gck_object_get_data (object, attr.type, NULL, &length, &error);
++	if (error != NULL) {
++		reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                       "Couldn't retrieve '%s' property: %s",
++		                                       prop_name, egg_error_message (error));
++		g_clear_error (&error);
++		return reply;
++	}
++
++	/* Marshall the data back out */
++	attr.length = length;
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++	gkd_secret_property_append_variant (&iter, &attr);
++	g_free (value);
++	return reply;
++}
++
++static DBusMessage*
++object_property_set (GckObject *object,
++                     DBusMessage *message,
++                     DBusMessageIter *iter,
++                     const gchar *prop_name)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	DBusMessage *reply;
++	GError *error = NULL;
++	gulong attr_type;
++
++	g_return_val_if_fail (dbus_message_iter_get_arg_type (iter) == DBUS_TYPE_VARIANT, NULL);
++
++	/* What type of property is it? */
++	if (!gkd_secret_property_get_type (prop_name, &attr_type))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have the '%s' property", prop_name);
++
++	/* Retrieve the actual attribute value */
++	if (!gkd_secret_property_parse_variant (iter, prop_name, &builder)) {
++		gck_builder_clear (&builder);
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "The property type or value was invalid: %s", prop_name);
++	}
++
++	gck_object_set (object, gck_builder_end (&builder), NULL, &error);
++
++	if (error != NULL) {
++		if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN))
++			reply = dbus_message_new_error (message, SECRET_ERROR_IS_LOCKED,
++			                                "Cannot set property on a locked object");
++		else
++			reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++			                                       "Couldn't set '%s' property: %s",
++			                                       prop_name, egg_error_message (error));
++		g_clear_error (&error);
++		return reply;
++	}
++
++	return dbus_message_new_method_return (message);
++}
++
++static DBusMessage*
++item_property_get (GckObject *object, DBusMessage *message)
++{
++	const gchar *interface;
++	const gchar *name;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface,
++	                            DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_ITEM_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	return object_property_get (object, message, name);
++}
++
++static DBusMessage*
++item_property_set (GkdSecretObjects *self,
++                   GckObject *object,
++                   DBusMessage *message)
++{
++	DBusMessageIter iter;
++	const char *interface;
++	const char *name;
++	DBusMessage *reply;
++
++	if (!dbus_message_has_signature (message, "ssv"))
++		return NULL;
++
++	dbus_message_iter_init (message, &iter);
++	dbus_message_iter_get_basic (&iter, &interface);
++	dbus_message_iter_next (&iter);
++	dbus_message_iter_get_basic (&iter, &name);
++	dbus_message_iter_next (&iter);
++
++	if (!gkd_dbus_interface_match (SECRET_ITEM_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	reply = object_property_set (object, message, &iter, name);
++
++	/* Notify everyone a property changed */
++	if (reply && dbus_message_get_type (reply) == DBUS_MESSAGE_TYPE_METHOD_RETURN)
++		gkd_secret_objects_emit_item_changed (self, object, name, NULL);
++
++	return reply;
++}
++
++static DBusMessage*
++item_property_getall (GckObject *object, DBusMessage *message)
++{
++	GckAttributes *attrs;
++	DBusMessageIter iter;
++	DBusMessageIter array;
++	GError *error = NULL;
++	DBusMessage *reply;
++	const gchar *interface;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_ITEM_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	attrs = gck_object_get (object, NULL, &error,
++	                         CKA_LABEL,
++	                         CKA_G_SCHEMA,
++	                         CKA_G_LOCKED,
++	                         CKA_G_CREATED,
++	                         CKA_G_MODIFIED,
++	                         CKA_G_FIELDS,
++	                         GCK_INVALID);
++
++	if (error != NULL)
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Couldn't retrieve properties: %s",
++		                                      egg_error_message (error));
++
++	reply = dbus_message_new_method_return (message);
++
++	dbus_message_iter_init_append (reply, &iter);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "{sv}", &array);
++	gkd_secret_property_append_all (&array, attrs);
++	dbus_message_iter_close_container (&iter, &array);
++	return reply;
++}
++
++static DBusMessage*
++item_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	GError *error = NULL;
++	gchar *collection_path;
++	gchar *item_path;
++	DBusMessage *reply;
++	const gchar *prompt;
++	GckObject *collection;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID))
++		return NULL;
++
++	collection_path = collection_path_for_item (object);
++	item_path = object_path_for_item (NULL, object);
++
++	if (gck_object_destroy (object, NULL, &error)) {
++		collection = gkd_secret_objects_lookup_collection (self, NULL, collection_path);
++		if (collection != NULL) {
++			gkd_secret_objects_emit_item_deleted (self, collection, item_path);
++			g_object_unref (collection);
++		}
++
++		prompt = "/"; /* No prompt necessary */
++		reply = dbus_message_new_method_return (message);
++		dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &prompt, DBUS_TYPE_INVALID);
++
++	} else {
++		if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN))
++			reply = dbus_message_new_error_printf (message, SECRET_ERROR_IS_LOCKED,
++			                                       "Cannot delete a locked item");
++		else
++			reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++			                                       "Couldn't delete collection: %s",
++			                                       egg_error_message (error));
++
++		g_clear_error (&error);
++	}
++
++	g_free (collection_path);
++	g_free (item_path);
++	return reply;
++}
++
++static DBusMessage*
++item_method_get_secret (GkdSecretObjects *self, GckObject *item, DBusMessage *message)
++{
++	DBusError derr = DBUS_ERROR_INIT;
++	GkdSecretSession *session;
++	GkdSecretSecret *secret;
++	DBusMessage *reply;
++	DBusMessageIter iter;
++	const char *path;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID))
++		return NULL;
++
++	session = gkd_secret_service_lookup_session (self->service, path, dbus_message_get_sender (message));
++	if (session == NULL)
++		return dbus_message_new_error (message, SECRET_ERROR_NO_SESSION, "The session does not exist");
++
++	secret = gkd_secret_session_get_item_secret (session, item, &derr);
++	if (secret == NULL)
++		return gkd_secret_error_to_reply (message, &derr);
++
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++	gkd_secret_secret_append (secret, &iter);
++	gkd_secret_secret_free (secret);
++	return reply;
++}
++
++static DBusMessage*
++item_method_set_secret (GkdSecretObjects *self, GckObject *item, DBusMessage *message)
++{
++	DBusError derr = DBUS_ERROR_INIT;
++	DBusMessageIter iter;
++	GkdSecretSecret *secret;
++	const char *caller;
++
++	if (!dbus_message_has_signature (message, "(oayays)"))
++		return NULL;
++	dbus_message_iter_init (message, &iter);
++	secret = gkd_secret_secret_parse (self->service, message, &iter, &derr);
++	if (secret == NULL)
++		return gkd_secret_error_to_reply (message, &derr);
++
++	caller = dbus_message_get_sender (message);
++	g_return_val_if_fail (caller, NULL);
++
++	gkd_secret_session_set_item_secret (secret->session, item, secret, &derr);
++	gkd_secret_secret_free (secret);
++
++	if (dbus_error_is_set (&derr))
++		return gkd_secret_error_to_reply (message, &derr);
++
++	return dbus_message_new_method_return (message);
++}
++
++static DBusMessage*
++item_message_handler (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	/* org.freedesktop.Secret.Item.Delete() */
++	if (dbus_message_is_method_call (message, SECRET_ITEM_INTERFACE, "Delete"))
++		return item_method_delete (self, object, message);
++
++	/* org.freedesktop.Secret.Session.GetSecret() */
++	else if (dbus_message_is_method_call (message, SECRET_ITEM_INTERFACE, "GetSecret"))
++		return item_method_get_secret (self, object, message);
++
++	/* org.freedesktop.Secret.Session.SetSecret() */
++	else if (dbus_message_is_method_call (message, SECRET_ITEM_INTERFACE, "SetSecret"))
++		return item_method_set_secret (self, object, message);
++
++	/* org.freedesktop.DBus.Properties.Get */
++	if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Get"))
++		return item_property_get (object, message);
++
++	/* org.freedesktop.DBus.Properties.Set */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Set"))
++		return item_property_set (self, object, message);
++
++	/* org.freedesktop.DBus.Properties.GetAll */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "GetAll"))
++		return item_property_getall (object, message);
++
++	else if (dbus_message_has_interface (message, DBUS_INTERFACE_INTROSPECTABLE))
++		return gkd_dbus_introspect_handle (message, gkd_secret_introspect_item, NULL);
++
++	return NULL;
++}
++
++static void
++item_cleanup_search_results (GckSession *session, GList *items,
++                             GList **locked, GList **unlocked)
++{
++	GError *error = NULL;
++	gpointer value;
++	gsize n_value;
++	GList *l;
++
++	*locked = NULL;
++	*unlocked = NULL;
++
++	for (l = items; l; l = g_list_next (l)) {
++		value = gck_object_get_data (l->data, CKA_G_LOCKED, NULL, &n_value, &error);
++		if (value == NULL) {
++			if (!g_error_matches (error, GCK_ERROR, CKR_OBJECT_HANDLE_INVALID))
++				g_warning ("couldn't check if item is locked: %s", egg_error_message (error));
++			g_clear_error (&error);
++
++		/* Is not locked */
++		} if (n_value == 1 && *((CK_BBOOL*)value) == CK_FALSE) {
++			*unlocked = g_list_prepend (*unlocked, l->data);
++
++		/* Is locked */
++		} else {
++			*locked = g_list_prepend (*locked, l->data);
++		}
++
++		g_free (value);
++	}
++
++	*locked = g_list_reverse (*locked);
++	*unlocked = g_list_reverse (*unlocked);
++}
++
++static DBusMessage*
++collection_property_get (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	DBusMessageIter iter;
++	DBusMessage *reply;
++	const gchar *interface;
++	const gchar *name;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface,
++	                            DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_COLLECTION_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	/* Special case, the Items property */
++	if (g_str_equal (name, "Items")) {
++		reply = dbus_message_new_method_return (message);
++		dbus_message_iter_init_append (reply, &iter);
++		gkd_secret_objects_append_item_paths (self, dbus_message_get_path (message), &iter, message);
++		return reply;
++	}
++
++	return object_property_get (object, message, name);
++}
++
++static DBusMessage*
++collection_property_set (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	DBusMessageIter iter;
++	DBusMessage *reply;
++	const char *interface;
++	const char *name;
++
++	if (!dbus_message_has_signature (message, "ssv"))
++		return NULL;
++
++	dbus_message_iter_init (message, &iter);
++	dbus_message_iter_get_basic (&iter, &interface);
++	dbus_message_iter_next (&iter);
++	dbus_message_iter_get_basic (&iter, &name);
++	dbus_message_iter_next (&iter);
++
++	if (!gkd_dbus_interface_match (SECRET_COLLECTION_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	reply = object_property_set (object, message, &iter, name);
++
++	/* Notify everyone a property changed */
++	if (reply && dbus_message_get_type (reply) == DBUS_MESSAGE_TYPE_METHOD_RETURN)
++		gkd_secret_objects_emit_collection_changed (self, object, name, NULL);
++
++	return reply;
++}
++
++static DBusMessage*
++collection_property_getall (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	GckAttributes *attrs;
++	DBusMessageIter iter;
++	DBusMessageIter array;
++	DBusMessageIter dict;
++	GError *error = NULL;
++	DBusMessage *reply;
++	const gchar *name;
++	const gchar *interface;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_COLLECTION_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	attrs = gck_object_get (object, NULL, &error,
++	                        CKA_LABEL,
++	                        CKA_G_LOCKED,
++	                        CKA_G_CREATED,
++	                        CKA_G_MODIFIED,
++	                        GCK_INVALID);
++
++	if (error != NULL)
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Couldn't retrieve properties: %s",
++		                                      egg_error_message (error));
++
++	reply = dbus_message_new_method_return (message);
++
++	dbus_message_iter_init_append (reply, &iter);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "{sv}", &array);
++
++	/* Append all the usual properties */
++	gkd_secret_property_append_all (&array, attrs);
++
++	/* Append the Items property */
++	dbus_message_iter_open_container (&array, DBUS_TYPE_DICT_ENTRY, NULL, &dict);
++	name = "Items";
++	dbus_message_iter_append_basic (&dict, DBUS_TYPE_STRING, &name);
++	gkd_secret_objects_append_item_paths (self, dbus_message_get_path (message), &dict, message);
++	dbus_message_iter_close_container (&array, &dict);
++
++	dbus_message_iter_close_container (&iter, &array);
++	return reply;
++}
++
++static DBusMessage*
++collection_method_search_items (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	return gkd_secret_objects_handle_search_items (self, message, dbus_message_get_path (message));
++}
++
++static GckObject*
++collection_find_matching_item (GkdSecretObjects *self,
++                               GckSession *session,
++                               const gchar *identifier,
++                               const GckAttribute *fields)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckObject *result = NULL;
++	GError *error = NULL;
++	GckObject *search;
++	gpointer data;
++	gsize n_data;
++
++	/* Find items matching the collection and fields */
++	gck_builder_add_attribute (&builder, fields);
++	gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier);
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_SEARCH);
++	gck_builder_add_boolean (&builder, CKA_TOKEN, FALSE);
++
++	/* Create the search object */
++	search = gck_session_create_object (session, gck_builder_end (&builder), NULL, &error);
++
++	if (error != NULL) {
++		g_warning ("couldn't search for matching item: %s", egg_error_message (error));
++		g_clear_error (&error);
++		return NULL;
++	}
++
++	/* Get the matched item handles, and delete the search object */
++	data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, NULL);
++	gck_object_destroy (search, NULL, NULL);
++	g_object_unref (search);
++
++	if (n_data >= sizeof (CK_OBJECT_HANDLE))
++		result = gck_object_from_handle (session, *((CK_OBJECT_HANDLE_PTR)data));
++
++	g_free (data);
++	return result;
++}
++
++static gchar *
++object_path_for_item (const gchar *base,
++                      GckObject *item)
++{
++	GError *error = NULL;
++	gpointer identifier;
++	gsize n_identifier;
++	gchar *alloc = NULL;
++	gchar *path = NULL;
++
++	if (base == NULL)
++		base = alloc = collection_path_for_item (item);
++
++	identifier = gck_object_get_data (item, CKA_ID, NULL, &n_identifier, &error);
++	if (identifier == NULL) {
++		g_warning ("couldn't get item identifier: %s", egg_error_message (error));
++		g_clear_error (&error);
++		path = NULL;
++
++	} else {
++		path = gkd_secret_util_build_path (base, identifier, n_identifier);
++		g_free (identifier);
++	}
++
++	g_free (alloc);
++	return path;
++}
++
++static gchar *
++collection_path_for_item (GckObject *item)
++{
++	GError *error = NULL;
++	gpointer identifier;
++	gsize n_identifier;
++	gchar *path = NULL;
++
++	identifier = gck_object_get_data (item, CKA_G_COLLECTION, NULL, &n_identifier, &error);
++	if (!identifier) {
++		g_warning ("couldn't get item collection identifier: %s", egg_error_message (error));
++		g_clear_error (&error);
++		return NULL;
++	}
++
++	path = gkd_secret_util_build_path (SECRET_COLLECTION_PREFIX, identifier, n_identifier);
++	g_free (identifier);
++	return path;
++}
++
++static gchar *
++object_path_for_collection (GckObject *collection)
++{
++	GError *error = NULL;
++	gpointer identifier;
++	gsize n_identifier;
++	gchar *path = NULL;
++
++	identifier = gck_object_get_data (collection, CKA_ID, NULL, &n_identifier, &error);
++	if (identifier == NULL) {
++		g_warning ("couldn't get collection identifier: %s", egg_error_message (error));
++		g_clear_error (&error);
++		path = NULL;
++
++	} else {
++		path = gkd_secret_util_build_path (SECRET_COLLECTION_PREFIX, identifier, n_identifier);
++		g_free (identifier);
++	}
++
++	return path;
++}
++
++static DBusMessage*
++collection_method_create_item (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckSession *pkcs11_session = NULL;
++	DBusError derr = DBUS_ERROR_INIT;
++	GkdSecretSecret *secret = NULL;
++	dbus_bool_t replace = FALSE;
++	GckAttributes *attrs = NULL;
++	const GckAttribute *fields;
++	DBusMessageIter iter, array;
++	GckObject *item = NULL;
++	const gchar *prompt;
++	const gchar *base;
++	GError *error = NULL;
++	DBusMessage *reply = NULL;
++	gchar *path = NULL;
++	gchar *identifier;
++	gboolean created = FALSE;
++
++	/* Parse the message */
++	if (!dbus_message_has_signature (message, "a{sv}(oayays)b"))
++		return NULL;
++	if (!dbus_message_iter_init (message, &iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_recurse (&iter, &array);
++	if (!gkd_secret_property_parse_all (&array, SECRET_ITEM_INTERFACE, &builder)) {
++		reply = dbus_message_new_error (message, DBUS_ERROR_INVALID_ARGS,
++		                                "Invalid properties argument");
++		goto cleanup;
++	}
++	dbus_message_iter_next (&iter);
++	secret = gkd_secret_secret_parse (self->service, message, &iter, &derr);
++	if (secret == NULL) {
++		reply = gkd_secret_error_to_reply (message, &derr);
++		goto cleanup;
++	}
++	dbus_message_iter_next (&iter);
++	dbus_message_iter_get_basic (&iter, &replace);
++
++	base = dbus_message_get_path (message);
++	if (!parse_object_path (self, base, &identifier, NULL))
++		g_return_val_if_reached (NULL);
++	g_return_val_if_fail (identifier, NULL);
++
++	pkcs11_session = gck_object_get_session (object);
++	g_return_val_if_fail (pkcs11_session, NULL);
++
++	attrs = gck_attributes_ref_sink (gck_builder_end (&builder));
++
++	if (replace) {
++		fields = gck_attributes_find (attrs, CKA_G_FIELDS);
++		if (fields)
++			item = collection_find_matching_item (self, pkcs11_session, identifier, fields);
++	}
++
++	/* Replace the item */
++	if (item) {
++		if (!gck_object_set (item, attrs, NULL, &error))
++			goto cleanup;
++
++	/* Create a new item */
++	} else {
++		gck_builder_add_all (&builder, attrs);
++		gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier);
++		gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY);
++		item = gck_session_create_object (pkcs11_session, gck_builder_end (&builder), NULL, &error);
++		if (item == NULL)
++			goto cleanup;
++		created = TRUE;
++	}
++
++	/* Set the secret */
++	if (!gkd_secret_session_set_item_secret (secret->session, item, secret, &derr)) {
++		if (created) /* If we created, then try to destroy on failure */
++			gck_object_destroy (item, NULL, NULL);
++		goto cleanup;
++	}
++
++	path = object_path_for_item (base, item);
++	gkd_secret_objects_emit_item_created (self, object, item);
++
++	/* Build up the item identifier */
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++	dbus_message_iter_append_basic (&iter, DBUS_TYPE_OBJECT_PATH, &path);
++	prompt = "/";
++	dbus_message_iter_append_basic (&iter, DBUS_TYPE_OBJECT_PATH, &prompt);
++
++cleanup:
++	if (error) {
++		if (!reply) {
++			if (g_error_matches (error, GCK_ERROR, CKR_USER_NOT_LOGGED_IN))
++				reply = dbus_message_new_error_printf (message, SECRET_ERROR_IS_LOCKED,
++				                                       "Cannot create an item in a locked collection");
++			else
++				reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++				                                       "Couldn't create item: %s", egg_error_message (error));
++		}
++		g_clear_error (&error);
++	}
++
++	if (dbus_error_is_set (&derr)) {
++		if (!reply)
++			reply = dbus_message_new_error (message, derr.name, derr.message);
++		dbus_error_free (&derr);
++	}
++
++	gkd_secret_secret_free (secret);
++	gck_attributes_unref (attrs);
++	if (item)
++		g_object_unref (item);
++	if (pkcs11_session)
++		g_object_unref (pkcs11_session);
++	g_free (path);
++
++	return reply;
++}
++
++static DBusMessage*
++collection_method_delete (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	GError *error = NULL;
++	DBusMessage *reply;
++	const gchar *prompt;
++	gchar *path;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID))
++		return NULL;
++
++	path = object_path_for_collection (object);
++	g_return_val_if_fail (path != NULL, NULL);
++
++	if (!gck_object_destroy (object, NULL, &error)) {
++		reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                       "Couldn't delete collection: %s",
++		                                       egg_error_message (error));
++		g_clear_error (&error);
++		g_free (path);
++		return reply;
++	}
++
++	/* Notify the callers that a collection was deleted */
++	gkd_secret_service_emit_collection_deleted (self->service, path);
++	g_free (path);
++
++	prompt = "/";
++	reply = dbus_message_new_method_return (message);
++	dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &prompt, DBUS_TYPE_INVALID);
++	return reply;
++}
++
++static void
++on_each_path_append_to_array (GkdSecretObjects *self,
++                              const gchar *path,
++                              GckObject *object,
++                              gpointer user_data)
++{
++	GPtrArray *array = user_data;
++	g_ptr_array_add (array, g_strdup (path));
++}
++
++static DBusMessage *
++collection_introspect (GkdSecretObjects *self,
++                       GckObject *object,
++                       DBusMessage *message)
++{
++	GPtrArray *names;
++	DBusMessage *reply;
++
++	names = g_ptr_array_new_with_free_func (g_free);
++	gkd_secret_objects_foreach_item (self, message, dbus_message_get_path (message),
++	                                 on_each_path_append_to_array, names);
++	g_ptr_array_add (names, NULL);
++
++	reply = gkd_dbus_introspect_handle (message, gkd_secret_introspect_collection,
++	                                    (const gchar **)names->pdata);
++
++	g_ptr_array_unref (names);
++	return reply;
++}
++
++static DBusMessage*
++collection_message_handler (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++{
++	/* org.freedesktop.Secret.Collection.Delete() */
++	if (dbus_message_is_method_call (message, SECRET_COLLECTION_INTERFACE, "Delete"))
++		return collection_method_delete (self, object, message);
++
++	/* org.freedesktop.Secret.Collection.SearchItems() */
++	if (dbus_message_is_method_call (message, SECRET_COLLECTION_INTERFACE, "SearchItems"))
++		return collection_method_search_items (self, object, message);
++
++	/* org.freedesktop.Secret.Collection.CreateItem() */
++	if (dbus_message_is_method_call (message, SECRET_COLLECTION_INTERFACE, "CreateItem"))
++		return collection_method_create_item (self, object, message);
++
++	/* org.freedesktop.DBus.Properties.Get() */
++	if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Get"))
++		return collection_property_get (self, object, message);
++
++	/* org.freedesktop.DBus.Properties.Set() */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Set"))
++		return collection_property_set (self, object, message);
++
++	/* org.freedesktop.DBus.Properties.GetAll() */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "GetAll"))
++		return collection_property_getall (self, object, message);
++
++	/* org.freedesktop.DBus.Introspectable.Introspect() */
++	else if (dbus_message_has_interface (message, DBUS_INTERFACE_INTROSPECTABLE))
++		return collection_introspect (self, object, message);
++
++	return NULL;
++}
++
++/* -----------------------------------------------------------------------------
++ * OBJECT
++ */
++
++static GObject*
++gkd_secret_objects_constructor (GType type, guint n_props, GObjectConstructParam *props)
++{
++	GkdSecretObjects *self = GKD_SECRET_OBJECTS (G_OBJECT_CLASS (gkd_secret_objects_parent_class)->constructor(type, n_props, props));
++
++	g_return_val_if_fail (self, NULL);
++	g_return_val_if_fail (self->pkcs11_slot, NULL);
++	g_return_val_if_fail (self->service, NULL);
++
++	return G_OBJECT (self);
++}
++
++static void
++gkd_secret_objects_init (GkdSecretObjects *self)
++{
++
++}
++
++static void
++gkd_secret_objects_dispose (GObject *obj)
++{
++	GkdSecretObjects *self = GKD_SECRET_OBJECTS (obj);
++
++	if (self->pkcs11_slot) {
++		g_object_unref (self->pkcs11_slot);
++		self->pkcs11_slot = NULL;
++	}
++
++	if (self->service) {
++		g_object_remove_weak_pointer (G_OBJECT (self->service),
++		                              (gpointer*)&(self->service));
++		self->service = NULL;
++	}
++
++	G_OBJECT_CLASS (gkd_secret_objects_parent_class)->dispose (obj);
++}
++
++static void
++gkd_secret_objects_finalize (GObject *obj)
++{
++	GkdSecretObjects *self = GKD_SECRET_OBJECTS (obj);
++
++	g_assert (!self->pkcs11_slot);
++	g_assert (!self->service);
++
++	G_OBJECT_CLASS (gkd_secret_objects_parent_class)->finalize (obj);
++}
++
++static void
++gkd_secret_objects_set_property (GObject *obj, guint prop_id, const GValue *value,
++                                 GParamSpec *pspec)
++{
++	GkdSecretObjects *self = GKD_SECRET_OBJECTS (obj);
++
++	switch (prop_id) {
++	case PROP_PKCS11_SLOT:
++		g_return_if_fail (!self->pkcs11_slot);
++		self->pkcs11_slot = g_value_dup_object (value);
++		g_return_if_fail (self->pkcs11_slot);
++		break;
++	case PROP_SERVICE:
++		g_return_if_fail (!self->service);
++		self->service = g_value_get_object (value);
++		g_return_if_fail (self->service);
++		g_object_add_weak_pointer (G_OBJECT (self->service),
++		                           (gpointer*)&(self->service));
++		break;
++	default:
++		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
++		break;
++	}
++}
++
++static void
++gkd_secret_objects_get_property (GObject *obj, guint prop_id, GValue *value,
++                                     GParamSpec *pspec)
++{
++	GkdSecretObjects *self = GKD_SECRET_OBJECTS (obj);
++
++	switch (prop_id) {
++	case PROP_PKCS11_SLOT:
++		g_value_set_object (value, gkd_secret_objects_get_pkcs11_slot (self));
++		break;
++	case PROP_SERVICE:
++		g_value_set_object (value, self->service);
++		break;
++	default:
++		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
++		break;
++	}
++}
++
++static void
++gkd_secret_objects_class_init (GkdSecretObjectsClass *klass)
++{
++	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
++
++	gobject_class->constructor = gkd_secret_objects_constructor;
++	gobject_class->dispose = gkd_secret_objects_dispose;
++	gobject_class->finalize = gkd_secret_objects_finalize;
++	gobject_class->set_property = gkd_secret_objects_set_property;
++	gobject_class->get_property = gkd_secret_objects_get_property;
++
++	g_object_class_install_property (gobject_class, PROP_PKCS11_SLOT,
++	        g_param_spec_object ("pkcs11-slot", "Pkcs11 Slot", "PKCS#11 slot that we use for secrets",
++	                             GCK_TYPE_SLOT, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
++
++	g_object_class_install_property (gobject_class, PROP_SERVICE,
++		g_param_spec_object ("service", "Service", "Service which owns this objects",
++		                     GKD_SECRET_TYPE_SERVICE, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
++}
++
++/* -----------------------------------------------------------------------------
++ * PUBLIC
++ */
++
++GckSlot*
++gkd_secret_objects_get_pkcs11_slot (GkdSecretObjects *self)
++{
++	g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL);
++	return self->pkcs11_slot;
++}
++
++DBusMessage*
++gkd_secret_objects_dispatch (GkdSecretObjects *self, DBusMessage *message)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	DBusMessage *reply = NULL;
++	GError *error = NULL;
++	GList *objects;
++	GckSession *session;
++	gchar *c_ident;
++	gchar *i_ident;
++	gboolean is_item;
++	const char *path;
++
++	g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL);
++	g_return_val_if_fail (message, NULL);
++
++	path = dbus_message_get_path (message);
++	g_return_val_if_fail (path, NULL);
++
++	if (!parse_object_path (self, path, &c_ident, &i_ident) || !c_ident)
++		return gkd_secret_error_no_such_object (message);
++
++	/* The session we're using to access the object */
++	session = gkd_secret_service_get_pkcs11_session (self->service, dbus_message_get_sender (message));
++	g_return_val_if_fail (session, NULL);
++
++	if (i_ident) {
++		is_item = TRUE;
++		gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY);
++		gck_builder_add_string (&builder, CKA_G_COLLECTION, c_ident);
++		gck_builder_add_string (&builder, CKA_ID, i_ident);
++	} else {
++		is_item = FALSE;
++		gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION);
++		gck_builder_add_string (&builder, CKA_ID, c_ident);
++	}
++
++	objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
++
++	g_free (c_ident);
++	g_free (i_ident);
++
++	if (error != NULL) {
++		g_warning ("couldn't lookup object: %s: %s", path, egg_error_message (error));
++		g_clear_error (&error);
++	}
++
++	if (!objects)
++		return gkd_secret_error_no_such_object (message);
++
++	if (is_item)
++		reply = item_message_handler (self, objects->data, message);
++	else
++		reply = collection_message_handler (self, objects->data, message);
++
++	gck_list_unref_free (objects);
++	return reply;
++}
++
++GckObject*
++gkd_secret_objects_lookup_collection (GkdSecretObjects *self, const gchar *caller,
++                                      const gchar *path)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckObject *object = NULL;
++	GError *error = NULL;
++	GList *objects;
++	GckSession *session;
++	gchar *identifier;
++
++	g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL);
++	g_return_val_if_fail (path, NULL);
++
++	if (!parse_object_path (self, path, &identifier, NULL))
++		return NULL;
++
++	/* The session we're using to access the object */
++	if (caller == NULL)
++		session = gkd_secret_service_internal_pkcs11_session (self->service);
++	else
++		session = gkd_secret_service_get_pkcs11_session (self->service, caller);
++	g_return_val_if_fail (session, NULL);
++
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION);
++	gck_builder_add_string (&builder, CKA_ID, identifier);
++
++	objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
++
++	g_free (identifier);
++
++	if (error != NULL) {
++		g_warning ("couldn't lookup collection: %s: %s", path, egg_error_message (error));
++		g_clear_error (&error);
++	}
++
++	if (objects)
++		object = g_object_ref (objects->data);
++
++	gck_list_unref_free (objects);
++	return object;
++}
++
++GckObject*
++gkd_secret_objects_lookup_item (GkdSecretObjects *self, const gchar *caller,
++                                const gchar *path)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckObject *object = NULL;
++	GError *error = NULL;
++	GList *objects;
++	GckSession *session;
++	gchar *collection;
++	gchar *identifier;
++
++	g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL);
++	g_return_val_if_fail (caller, NULL);
++	g_return_val_if_fail (path, NULL);
++
++	if (!parse_object_path (self, path, &collection, &identifier))
++		return NULL;
++
++	/* The session we're using to access the object */
++	session = gkd_secret_service_get_pkcs11_session (self->service, caller);
++	g_return_val_if_fail (session, NULL);
++
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY);
++	gck_builder_add_string (&builder, CKA_ID, identifier);
++	gck_builder_add_string (&builder, CKA_G_COLLECTION, collection);
++
++	objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
++
++	g_free (identifier);
++	g_free (collection);
++
++	if (error != NULL) {
++		g_warning ("couldn't lookup item: %s: %s", path, egg_error_message (error));
++		g_clear_error (&error);
++	}
++
++	if (objects)
++		object = g_object_ref (objects->data);
++
++	gck_list_unref_free (objects);
++	return object;
++}
++
++static void
++objects_foreach_item (GkdSecretObjects *self,
++                      GList *items,
++                      const gchar *base,
++                      GkdSecretObjectsForeach callback,
++                      gpointer user_data)
++{
++	gchar *path;
++	GList *l;
++
++	for (l = items; l; l = g_list_next (l)) {
++		path = object_path_for_item (base, l->data);
++		(callback) (self, path, l->data, user_data);
++		g_free (path);
++	}
++}
++
++void
++gkd_secret_objects_foreach_item (GkdSecretObjects *self,
++                                 DBusMessage *message,
++                                 const gchar *base,
++                                 GkdSecretObjectsForeach callback,
++                                 gpointer user_data)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckSession *session;
++	GError *error = NULL;
++	gchar *identifier;
++	GList *items;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (base != NULL);
++	g_return_if_fail (callback != NULL);
++
++	/* The session we're using to access the object */
++	if (message == NULL) {
++		session = gkd_secret_service_internal_pkcs11_session (self->service);
++	} else {
++		session = gkd_secret_service_get_pkcs11_session (self->service,
++		                                                 dbus_message_get_sender (message));
++	}
++
++	if (!parse_object_path (self, base, &identifier, NULL))
++		g_return_if_reached ();
++
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY);
++	gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier);
++
++	items = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
++
++	if (error == NULL) {
++		objects_foreach_item (self, items, base, callback, user_data);
++
++	} else {
++		g_warning ("couldn't lookup items in '%s' collection: %s", identifier, egg_error_message (error));
++		g_clear_error (&error);
++	}
++
++	gck_list_unref_free (items);
++	g_free (identifier);
++}
++
++static void
++on_object_path_append_to_iter (GkdSecretObjects *self,
++                               const gchar *path,
++                               GckObject *object,
++                               gpointer user_data)
++{
++	DBusMessageIter *array = user_data;
++	dbus_message_iter_append_basic (array, DBUS_TYPE_OBJECT_PATH, &path);
++}
++
++void
++gkd_secret_objects_append_item_paths (GkdSecretObjects *self,
++                                      const gchar *base,
++                                      DBusMessageIter *iter,
++                                      DBusMessage *message)
++{
++	DBusMessageIter variant;
++	DBusMessageIter array;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (base);
++	g_return_if_fail (iter);
++
++
++	dbus_message_iter_open_container (iter, DBUS_TYPE_VARIANT, "ao", &variant);
++	dbus_message_iter_open_container (&variant, DBUS_TYPE_ARRAY, "o", &array);
++
++	gkd_secret_objects_foreach_item (self, message, base, on_object_path_append_to_iter, &array);
++
++	dbus_message_iter_close_container (&variant, &array);
++	dbus_message_iter_close_container (iter, &variant);
++}
++
++void
++gkd_secret_objects_foreach_collection (GkdSecretObjects *self,
++                                       DBusMessage *message,
++                                       GkdSecretObjectsForeach callback,
++                                       gpointer user_data)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	GckSession *session;
++	GError *error = NULL;
++	GList *collections, *l;
++	gpointer identifier;
++	gsize n_identifier;
++	gchar *path;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (callback);
++
++	/* The session we're using to access the object */
++	if (message == NULL) {
++		session = gkd_secret_service_internal_pkcs11_session (self->service);
++	} else {
++		session = gkd_secret_service_get_pkcs11_session (self->service,
++		                                                 dbus_message_get_sender (message));
++	}
++
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_COLLECTION);
++
++	collections = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
++
++	if (error != NULL) {
++		g_warning ("couldn't lookup collections: %s", egg_error_message (error));
++		g_clear_error (&error);
++		return;
++	}
++
++	for (l = collections; l; l = g_list_next (l)) {
++
++		identifier = gck_object_get_data (l->data, CKA_ID, NULL, &n_identifier, &error);
++		if (identifier == NULL) {
++			g_warning ("couldn't get collection identifier: %s", egg_error_message (error));
++			g_clear_error (&error);
++			continue;
++		}
++
++		path = gkd_secret_util_build_path (SECRET_COLLECTION_PREFIX, identifier, n_identifier);
++		g_free (identifier);
++
++		(callback) (self, path, l->data, user_data);
++		g_free (path);
++	}
++
++	gck_list_unref_free (collections);
++}
++
++void
++gkd_secret_objects_append_collection_paths (GkdSecretObjects *self,
++                                            DBusMessageIter *iter,
++                                            DBusMessage *message)
++{
++	DBusMessageIter variant;
++	DBusMessageIter array;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (iter != NULL);
++
++	dbus_message_iter_open_container (iter, DBUS_TYPE_VARIANT, "ao", &variant);
++	dbus_message_iter_open_container (&variant, DBUS_TYPE_ARRAY, "o", &array);
++
++	gkd_secret_objects_foreach_collection (self, message, on_object_path_append_to_iter, &array);
++
++	dbus_message_iter_close_container (&variant, &array);
++	dbus_message_iter_close_container (iter, &variant);
++}
++
++DBusMessage*
++gkd_secret_objects_handle_search_items (GkdSecretObjects *self, DBusMessage *message,
++                                        const gchar *base)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	DBusMessageIter iter;
++	DBusMessageIter array;
++	GckObject *search;
++	GckSession *session;
++	DBusMessage *reply;
++	GError *error = NULL;
++	gchar *identifier;
++	gpointer data;
++	gsize n_data;
++	GList *locked, *unlocked;
++	GList *items;
++
++	g_return_val_if_fail (GKD_SECRET_IS_OBJECTS (self), NULL);
++	g_return_val_if_fail (message, NULL);
++
++	if (!dbus_message_has_signature (message, "a{ss}"))
++		return NULL;
++
++	dbus_message_iter_init (message, &iter);
++	if (!gkd_secret_property_parse_fields (&iter, &builder)) {
++		gck_builder_clear (&builder);
++		return dbus_message_new_error (message, DBUS_ERROR_FAILED,
++		                               "Invalid data in attributes argument");
++	}
++
++	if (base != NULL) {
++		if (!parse_object_path (self, base, &identifier, NULL))
++			g_return_val_if_reached (NULL);
++		gck_builder_add_string (&builder, CKA_G_COLLECTION, identifier);
++		g_free (identifier);
++	}
++
++	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_SEARCH);
++	gck_builder_add_boolean (&builder, CKA_TOKEN, FALSE);
++
++	/* The session we're using to access the object */
++	session = gkd_secret_service_get_pkcs11_session (self->service, dbus_message_get_sender (message));
++	g_return_val_if_fail (session, NULL);
++
++	/* Create the search object */
++	search = gck_session_create_object (session, gck_builder_end (&builder), NULL, &error);
++
++	if (error != NULL) {
++		reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                       "Couldn't search for items: %s",
++		                                       egg_error_message (error));
++		g_clear_error (&error);
++		return reply;
++	}
++
++	/* Get the matched item handles, and delete the search object */
++	data = gck_object_get_data (search, CKA_G_MATCHED, NULL, &n_data, &error);
++	gck_object_destroy (search, NULL, NULL);
++	g_object_unref (search);
++
++	if (error != NULL) {
++		reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                       "Couldn't retrieve matched items: %s",
++		                                       egg_error_message (error));
++		g_clear_error (&error);
++		return reply;
++	}
++
++	/* Build a list of object handles */
++	items = gck_objects_from_handle_array (session, data, n_data / sizeof (CK_OBJECT_HANDLE));
++	g_free (data);
++
++	/* Filter out the locked items */
++	item_cleanup_search_results (session, items, &locked, &unlocked);
++
++	/* Prepare the reply message */
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++	objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_iter, &array);
++	dbus_message_iter_close_container (&iter, &array);
++
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++	objects_foreach_item (self, locked, NULL, on_object_path_append_to_iter, &array);
++	dbus_message_iter_close_container (&iter, &array);
++
++	g_list_free (locked);
++	g_list_free (unlocked);
++	gck_list_unref_free (items);
++
++	return reply;
++}
++
++DBusMessage*
++gkd_secret_objects_handle_get_secrets (GkdSecretObjects *self, DBusMessage *message)
++{
++	DBusError derr = DBUS_ERROR_INIT;
++	GkdSecretSession *session;
++	GkdSecretSecret *secret;
++	DBusMessage *reply;
++	GckObject *item;
++	DBusMessageIter iter, array, dict;
++	const char *session_path;
++	const char *caller;
++	char **paths;
++	int n_paths, i;
++
++	if (!dbus_message_get_args (message, NULL,
++	                            DBUS_TYPE_ARRAY, DBUS_TYPE_OBJECT_PATH, &paths, &n_paths,
++	                            DBUS_TYPE_OBJECT_PATH, &session_path,
++	                            DBUS_TYPE_INVALID))
++		return NULL;
++
++	caller = dbus_message_get_sender (message);
++	g_return_val_if_fail (caller, NULL);
++
++	session = gkd_secret_service_lookup_session (self->service, session_path,
++	                                             dbus_message_get_sender (message));
++	if (session == NULL)
++		return dbus_message_new_error (message, SECRET_ERROR_NO_SESSION, "The session does not exist");
++
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "{o(oayays)}", &array);
++
++	for (i = 0; i < n_paths; ++i) {
++
++		/* Try to find the item, if it doesn't exist, just ignore */
++		item = gkd_secret_objects_lookup_item (self, caller, paths[i]);
++		if (!item)
++			continue;
++
++		secret = gkd_secret_session_get_item_secret (session, item, &derr);
++		g_object_unref (item);
++
++		if (secret == NULL) {
++			/* We ignore is locked, and just leave out from response */
++			if (dbus_error_has_name (&derr, SECRET_ERROR_IS_LOCKED)) {
++				dbus_error_free (&derr);
++				continue;
++
++			/* All other errors stop the operation */
++			} else {
++				dbus_message_unref (reply);
++				reply = dbus_message_new_error (message, derr.name, derr.message);
++				dbus_error_free (&derr);
++				break;
++			}
++		}
++
++		dbus_message_iter_open_container (&array, DBUS_TYPE_DICT_ENTRY, NULL, &dict);
++		dbus_message_iter_append_basic (&dict, DBUS_TYPE_OBJECT_PATH, &(paths[i]));
++		gkd_secret_secret_append (secret, &dict);
++		gkd_secret_secret_free (secret);
++		dbus_message_iter_close_container (&array, &dict);
++	}
++
++	if (i == n_paths)
++		dbus_message_iter_close_container (&iter, &array);
++	dbus_free_string_array (paths);
++
++	return reply;
++}
++
++static void
++on_each_item_emit_locked (GkdSecretObjects *self,
++                          const gchar *path,
++                          GckObject *object,
++                          gpointer user_data)
++{
++	gkd_secret_objects_emit_item_changed (self, object, "Locked", NULL);
++}
++
++void
++gkd_secret_objects_emit_collection_locked (GkdSecretObjects *self,
++                                           GckObject *collection)
++{
++	const gchar *collection_path;
++
++	collection_path = object_path_for_collection (collection);
++	gkd_secret_objects_foreach_item (self, NULL, collection_path,
++	                                 on_each_item_emit_locked, NULL);
++
++	gkd_secret_objects_emit_collection_changed (self, collection, "Locked", NULL);
++}
++
++static void
++emit_object_properties_changed (GkdSecretObjects *self,
++                                GckObject *object,
++                                const gchar *path,
++                                const gchar *iface,
++                                va_list va)
++{
++	gchar *collection_path;
++	const gchar *propname;
++	DBusMessage *message;
++	DBusMessageIter iter;
++	DBusMessageIter array;
++	DBusMessageIter dict;
++	CK_ATTRIBUTE_TYPE type;
++	GckAttributes *attrs;
++	GError *error = NULL;
++	gboolean items = FALSE;
++	GArray *types;
++
++	types = g_array_new (FALSE, FALSE, sizeof (CK_ATTRIBUTE_TYPE));
++	while ((propname = va_arg (va, const gchar *)) != NULL) {
++
++		/* Special case the Items property */
++		if (g_str_equal (propname, "Items")) {
++			items = TRUE;
++			continue;
++		}
++
++		if (gkd_secret_property_get_type (propname, &type))
++			g_array_append_val (types, type);
++		else
++			g_warning ("invalid property: %s", propname);
++	}
++
++	attrs = gck_object_get_full (object, (CK_ATTRIBUTE_TYPE *)types->data,
++	                             types->len, NULL, &error);
++	g_array_free (types, TRUE);
++
++	if (error != NULL) {
++		g_warning ("couldn't retrieve properties: %s", egg_error_message (error));
++		return;
++	}
++
++	message = dbus_message_new_signal (path, DBUS_INTERFACE_PROPERTIES,
++	                                   "PropertiesChanged");
++
++	dbus_message_iter_init_append (message, &iter);
++	dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &iface);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "{sv}", &array);
++	gkd_secret_property_append_all (&array, attrs);
++
++	/* Append the Items property */
++	if (items) {
++		collection_path = object_path_for_collection (object);
++		dbus_message_iter_open_container (&array, DBUS_TYPE_DICT_ENTRY, NULL, &dict);
++		propname = "Items";
++		dbus_message_iter_append_basic (&dict, DBUS_TYPE_STRING, &propname);
++		gkd_secret_objects_append_item_paths (self, collection_path, &dict, NULL);
++		dbus_message_iter_close_container (&array, &dict);
++		g_free (collection_path);
++	}
++
++	dbus_message_iter_close_container (&iter, &array);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "s", &array);
++	dbus_message_iter_close_container (&iter, &array);
++
++	if (!dbus_connection_send (gkd_secret_service_get_connection (self->service),
++	                           message, NULL))
++		g_return_if_reached ();
++	dbus_message_unref (message);
++
++	gck_attributes_unref (attrs);
++}
++
++void
++gkd_secret_objects_emit_collection_changed (GkdSecretObjects *self,
++                                            GckObject *collection,
++                                            ...)
++{
++	DBusMessage *message;
++	gchar *collection_path;
++	va_list va;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (GCK_OBJECT (collection));
++
++	collection_path = object_path_for_collection (collection);
++
++	message = dbus_message_new_signal (SECRET_SERVICE_PATH,
++	                                   SECRET_SERVICE_INTERFACE,
++	                                   "CollectionChanged");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &collection_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (gkd_secret_service_get_connection (self->service),
++	                           message, NULL))
++		g_return_if_reached ();
++
++	dbus_message_unref (message);
++
++	va_start (va, collection);
++	emit_object_properties_changed (self, collection, collection_path,
++	                                SECRET_COLLECTION_INTERFACE, va);
++	va_end (va);
++
++	g_free (collection_path);
++}
++
++void
++gkd_secret_objects_emit_item_created (GkdSecretObjects *self,
++                                      GckObject *collection,
++                                      GckObject *item)
++{
++	DBusMessage *message;
++	gchar *collection_path;
++	gchar *item_path;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (GCK_OBJECT (collection));
++	g_return_if_fail (GCK_OBJECT (item));
++
++	collection_path = object_path_for_collection (collection);
++	item_path = object_path_for_item (collection_path, item);
++
++	message = dbus_message_new_signal (collection_path,
++	                                   SECRET_COLLECTION_INTERFACE,
++	                                   "ItemCreated");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &item_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (gkd_secret_service_get_connection (self->service),
++	                           message, NULL))
++		g_return_if_reached ();
++
++	dbus_message_unref (message);
++
++	gkd_secret_objects_emit_collection_changed (self, collection, "Items", NULL);
++
++	g_free (item_path);
++	g_free (collection_path);
++}
++
++void
++gkd_secret_objects_emit_item_changed (GkdSecretObjects *self,
++                                      GckObject *item,
++                                      ...)
++{
++	DBusMessage *message;
++	gchar *collection_path;
++	gchar *item_path;
++	va_list va;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (GCK_OBJECT (item));
++
++	collection_path = collection_path_for_item (item);
++	item_path = object_path_for_item (collection_path, item);
++
++	message = dbus_message_new_signal (collection_path,
++	                                   SECRET_COLLECTION_INTERFACE,
++	                                   "ItemChanged");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &item_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (gkd_secret_service_get_connection (self->service),
++	                           message, NULL))
++		g_return_if_reached ();
++
++	dbus_message_unref (message);
++
++	va_start (va, item);
++	emit_object_properties_changed (self, item, item_path,
++	                                SECRET_ITEM_INTERFACE, va);
++	va_end (va);
++
++	g_free (item_path);
++	g_free (collection_path);
++}
++
++void
++gkd_secret_objects_emit_item_deleted (GkdSecretObjects *self,
++                                      GckObject *collection,
++                                      const gchar *item_path)
++{
++	DBusMessage *message;
++	gchar *collection_path;
++
++	g_return_if_fail (GKD_SECRET_IS_OBJECTS (self));
++	g_return_if_fail (GCK_OBJECT (collection));
++	g_return_if_fail (item_path != NULL);
++
++	collection_path = object_path_for_collection (collection);
++
++	message = dbus_message_new_signal (collection_path,
++	                                   SECRET_COLLECTION_INTERFACE,
++	                                   "ItemDeleted");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &item_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (gkd_secret_service_get_connection (self->service),
++	                           message, NULL))
++		g_return_if_reached ();
++
++	dbus_message_unref (message);
++	g_free (collection_path);
++
++	gkd_secret_objects_emit_collection_changed (self, collection, "Items", NULL);
++}
 === added file '.pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.h'
 --- .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.h	1970-01-01 00:00:00 +0000
 +++ .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-objects.h	2013-03-14 13:26:21 +0000
@@ -0,0 +1,112 @@
++/*
++ * gnome-keyring
++ *
++ * Copyright (C) 2009 Stefan Walter
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU Lesser General Public License as
++ * published by the Free Software Foundation; either version 2.1 of
++ * the License, or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
++ * 02111-1307, USA.
++ */
++
++#ifndef __GKD_SECRET_OBJECTS_H__
++#define __GKD_SECRET_OBJECTS_H__
++
++#include "gkd-secret-types.h"
++
++#include <gck/gck.h>
++
++#include <glib-object.h>
++
++#include <dbus/dbus.h>
++
++#define GKD_SECRET_TYPE_OBJECTS               (gkd_secret_objects_get_type ())
++#define GKD_SECRET_OBJECTS(obj)               (G_TYPE_CHECK_INSTANCE_CAST ((obj), GKD_SECRET_TYPE_OBJECTS, GkdSecretObjects))
++#define GKD_SECRET_OBJECTS_CLASS(klass)       (G_TYPE_CHECK_CLASS_CAST ((klass), GKD_SECRET_TYPE_OBJECTS, GkdSecretObjectsClass))
++#define GKD_SECRET_IS_OBJECTS(obj)            (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GKD_SECRET_TYPE_OBJECTS))
++#define GKD_SECRET_IS_OBJECTS_CLASS(klass)    (G_TYPE_CHECK_CLASS_TYPE ((klass), GKD_SECRET_TYPE_OBJECTS))
++#define GKD_SECRET_OBJECTS_GET_CLASS(obj)     (G_TYPE_INSTANCE_GET_CLASS ((obj), GKD_SECRET_TYPE_OBJECTS, GkdSecretObjectsClass))
++
++typedef struct _GkdSecretObjectsClass GkdSecretObjectsClass;
++
++struct _GkdSecretObjectsClass {
++	GObjectClass parent_class;
++};
++
++typedef void        (*GkdSecretObjectsForeach)                  (GkdSecretObjects *self,
++                                                                 const gchar *path,
++                                                                 GckObject *object,
++                                                                 gpointer user_data);
++
++GType               gkd_secret_objects_get_type                 (void);
++
++DBusMessage*        gkd_secret_objects_dispatch                  (GkdSecretObjects *self,
++                                                                  DBusMessage *message);
++
++DBusMessage*        gkd_secret_objects_handle_search_items       (GkdSecretObjects *self,
++                                                                  DBusMessage *message,
++                                                                  const gchar *base);
++
++DBusMessage*        gkd_secret_objects_handle_get_secrets        (GkdSecretObjects *self,
++                                                                  DBusMessage *message);
++
++void                gkd_secret_objects_foreach_collection        (GkdSecretObjects *self,
++                                                                  DBusMessage *message,
++                                                                  GkdSecretObjectsForeach callback,
++                                                                  gpointer user_data);
++
++void                gkd_secret_objects_foreach_item              (GkdSecretObjects *self,
++                                                                  DBusMessage *message,
++                                                                  const gchar *base,
++                                                                  GkdSecretObjectsForeach callback,
++                                                                  gpointer user_data);
++
++void                gkd_secret_objects_append_collection_paths   (GkdSecretObjects *self,
++                                                                  DBusMessageIter *iter,
++                                                                  DBusMessage *message);
++
++void                gkd_secret_objects_append_item_paths         (GkdSecretObjects *self,
++                                                                  const gchar *base,
++                                                                  DBusMessageIter *iter,
++                                                                  DBusMessage *message);
++
++GckSlot*            gkd_secret_objects_get_pkcs11_slot           (GkdSecretObjects *self);
++
++GckObject*          gkd_secret_objects_lookup_collection         (GkdSecretObjects *self,
++                                                                  const gchar *caller,
++                                                                  const gchar *path);
++
++GckObject*          gkd_secret_objects_lookup_item               (GkdSecretObjects *self,
++                                                                  const gchar *caller,
++                                                                  const gchar *path);
++
++void                gkd_secret_objects_emit_collection_locked    (GkdSecretObjects *self,
++                                                                  GckObject *collection);
++
++void                gkd_secret_objects_emit_collection_changed   (GkdSecretObjects *self,
++                                                                  GckObject *collection,
++                                                                  ...) G_GNUC_NULL_TERMINATED;
++
++void                gkd_secret_objects_emit_item_created         (GkdSecretObjects *self,
++                                                                  GckObject *collection,
++                                                                  GckObject *item);
++
++void                gkd_secret_objects_emit_item_changed         (GkdSecretObjects *self,
++                                                                  GckObject *item,
++                                                                  ...) G_GNUC_NULL_TERMINATED;
++
++void                gkd_secret_objects_emit_item_deleted         (GkdSecretObjects *self,
++                                                                  GckObject *collection,
++                                                                  const gchar *item_path);
++
++#endif /* __GKD_SECRET_OBJECTS_H__ */
 === added file '.pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-service.c'
 --- .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-service.c	1970-01-01 00:00:00 +0000
 +++ .pc/00git_fix_searchitems_method.patch/daemon/dbus/gkd-secret-service.c	2013-03-14 13:26:21 +0000
@@ -0,0 +1,1598 @@
++/*
++ * gnome-keyring
++ *
++ * Copyright (C) 2008 Stefan Walter
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU Lesser General Public License as
++ * published by the Free Software Foundation; either version 2.1 of
++ * the License, or (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * Lesser General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
++ * 02111-1307, USA.
++ */
++
++#include "config.h"
++
++#include "gkd-dbus-util.h"
++#include "gkd-secret-change.h"
++#include "gkd-secret-create.h"
++#include "gkd-secret-dispatch.h"
++#include "gkd-secret-error.h"
++#include "gkd-secret-introspect.h"
++#include "gkd-secret-lock.h"
++#include "gkd-secret-objects.h"
++#include "gkd-secret-prompt.h"
++#include "gkd-secret-property.h"
++#include "gkd-secret-secret.h"
++#include "gkd-secret-service.h"
++#include "gkd-secret-session.h"
++#include "gkd-secret-types.h"
++#include "gkd-secret-unlock.h"
++#include "gkd-secret-util.h"
++
++#include "egg/egg-error.h"
++#include "egg/egg-unix-credentials.h"
++
++#include <gck/gck.h>
++
++#include "pkcs11/pkcs11i.h"
++
++#include <string.h>
++
++enum {
++	PROP_0,
++	PROP_CONNECTION,
++	PROP_PKCS11_SLOT,
++};
++
++struct _GkdSecretService {
++	GObject parent;
++	DBusConnection *connection;
++	GHashTable *clients;
++	gchar *match_rule;
++	GkdSecretObjects *objects;
++	GHashTable *aliases;
++	GckSession *internal_session;
++	gchar *alias_directory;
++};
++
++typedef struct _ServiceClient {
++	gchar *caller_peer;
++	gchar *caller_exec;
++	pid_t caller_pid;
++	CK_G_APPLICATION app;
++	GckSession *pkcs11_session;
++	GHashTable *dispatch;
++} ServiceClient;
++
++/* Forward declaration */
++static void service_dispatch_message (GkdSecretService *, DBusMessage *);
++
++G_DEFINE_TYPE (GkdSecretService, gkd_secret_service, G_TYPE_OBJECT);
++
++/* -----------------------------------------------------------------------------
++ * INTERNAL
++ */
++
++static gchar*
++default_path (GkdSecretService *self)
++{
++	gchar *old_directory;
++	gchar *new_directory;
++
++	if (self->alias_directory == NULL) {
++		new_directory = g_build_filename (g_get_user_data_dir (), "keyrings", NULL);
++		old_directory = g_build_filename (g_get_home_dir (), ".gnome2", "keyrings", NULL);
++
++		if (!g_file_test (new_directory, G_FILE_TEST_IS_DIR) &&
++		    g_file_test (old_directory, G_FILE_TEST_IS_DIR)) {
++			self->alias_directory = old_directory;
++			old_directory = NULL;
++		} else {
++			self->alias_directory = new_directory;
++			new_directory = NULL;
++		}
++
++		g_free (old_directory);
++		g_free (new_directory);
++		g_debug ("keyring alias directory: %s", self->alias_directory);
++	}
++
++	return g_build_filename (self->alias_directory, "default", NULL);
++}
++
++static void
++update_default (GkdSecretService *self, gboolean force)
++{
++	gchar *contents = NULL;
++	const gchar *identifier;
++	gchar *path;
++
++	if (!force) {
++		identifier = g_hash_table_lookup (self->aliases, "default");
++		if (identifier)
++			return;
++	}
++
++	path = default_path (self);
++	if (g_file_get_contents (path, &contents, NULL, NULL)) {
++		g_strstrip (contents);
++		if (!contents[0]) {
++			g_free (contents);
++			contents = NULL;
++		}
++	}
++	g_free (path);
++
++	g_hash_table_replace (self->aliases, g_strdup ("default"), contents);
++}
++
++static void
++store_default (GkdSecretService *self)
++{
++	GError *error = NULL;
++	const gchar *identifier;
++	gchar *path;
++
++	identifier = g_hash_table_lookup (self->aliases, "default");
++	if (!identifier)
++		return;
++
++	path = default_path (self);
++	if (!g_file_set_contents (path, identifier, -1, &error))
++		g_message ("couldn't store default keyring: %s", egg_error_message (error));
++	g_free (path);
++}
++
++static gboolean
++object_path_has_prefix (const gchar *path, const gchar *prefix)
++{
++	gsize len;
++
++	g_assert (prefix);
++
++	if (!path)
++		return FALSE;
++
++	len = strlen (prefix);
++	return g_ascii_strncasecmp (path, prefix, len) == 0 &&
++	       (path[len] == '\0' || path[len] == '/');
++}
++
++static void
++dispose_and_unref (gpointer object)
++{
++	g_return_if_fail (G_IS_OBJECT (object));
++	g_object_run_dispose (G_OBJECT (object));
++	g_object_unref (object);
++}
++
++static void
++free_client (gpointer data)
++{
++	ServiceClient *client = data;
++
++	if (!client)
++		return;
++
++	/* Info about our client */
++	g_free (client->caller_peer);
++	g_free (client->caller_exec);
++
++	/* The session we use for accessing as our client */
++	if (client->pkcs11_session) {
++#if 0
++		gck_session_close (client->pkcs11_session, NULL);
++#endif
++		g_object_unref (client->pkcs11_session);
++	}
++
++	/* The sessions and prompts the client has open */
++	g_hash_table_destroy (client->dispatch);
++
++	g_free (client);
++}
++
++typedef struct _on_get_connection_unix_process_id_args {
++	GkdSecretService *self;
++	DBusMessage *message;
++} on_get_connection_unix_process_id_args;
++
++static void
++free_on_get_connection_unix_process_id_args (gpointer data)
++{
++	on_get_connection_unix_process_id_args *args = data;
++	if (args != NULL) {
++		g_object_unref (args->self);
++		dbus_message_unref (args->message);
++		g_free (args);
++	}
++}
++
++static void
++on_get_connection_unix_process_id (DBusPendingCall *pending, gpointer user_data)
++{
++	on_get_connection_unix_process_id_args *args = user_data;
++	DBusMessage *reply = NULL;
++	DBusError error = DBUS_ERROR_INIT;
++	dbus_uint32_t caller_pid = 0;
++	GkdSecretService *self;
++	ServiceClient *client;
++	const gchar *caller;
++
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (args->self));
++	self = args->self;
++
++	/* Get the resulting process ID */
++	reply = dbus_pending_call_steal_reply (pending);
++	g_return_if_fail (reply);
++
++	caller = dbus_message_get_sender (args->message);
++	g_return_if_fail (caller);
++
++	client = g_hash_table_lookup (self->clients, caller);
++	if (client == NULL) {
++
++		/* An error returned from GetConnectionUnixProcessID */
++		if (dbus_set_error_from_message (&error, reply)) {
++			g_message ("couldn't get the caller's unix process id: %s", error.message);
++			caller_pid = 0;
++			dbus_error_free (&error);
++
++		/* A PID was returned from GetConnectionUnixProcessID */
++		} else {
++			if (!dbus_message_get_args (reply, NULL, DBUS_TYPE_UINT32, &caller_pid, DBUS_TYPE_INVALID))
++				g_return_if_reached ();
++		}
++
++		/* Initialize the client object */
++		client = g_new0 (ServiceClient, 1);
++		client->caller_peer = g_strdup (caller);
++		client->caller_pid = caller_pid;
++		if (caller_pid != 0)
++			client->caller_exec = egg_unix_credentials_executable (caller_pid);
++		client->app.applicationData = client;
++		client->dispatch = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, dispose_and_unref);
++
++		g_hash_table_replace (self->clients, client->caller_peer, client);
++
++		/* Update default collection each time someone connects */
++		update_default (self, TRUE);
++	}
++
++	dbus_message_unref (reply);
++
++	/* Dispatch the original message again */
++	service_dispatch_message (self, args->message);
++}
++
++static void
++initialize_service_client (GkdSecretService *self, DBusMessage *message)
++{
++	on_get_connection_unix_process_id_args *args;
++	DBusMessage *request;
++	DBusPendingCall *pending;
++	const gchar *caller;
++
++	g_assert (GKD_SECRET_IS_SERVICE (self));
++	g_assert (message);
++
++	args = g_new0 (on_get_connection_unix_process_id_args, 1);
++	args->self = g_object_ref (self);
++	args->message = dbus_message_ref (message);
++
++	caller = dbus_message_get_sender (message);
++	g_return_if_fail (caller);
++
++	/* Message org.freedesktop.DBus.GetConnectionUnixProcessID(IN String caller) */
++	request = dbus_message_new_method_call ("org.freedesktop.DBus", "/org/freedesktop/DBus",
++	                                        "org.freedesktop.DBus", "GetConnectionUnixProcessID");
++	if (!request || !dbus_message_append_args (request, DBUS_TYPE_STRING, &caller, DBUS_TYPE_INVALID))
++		g_return_if_reached ();
++
++	/*
++	 * Send of request for GetConnectionUnixProcessID, with lowish timeout.
++	 * We're only talking to the session bus, so the reply should be fast.
++	 * In addition we want to send off a reply to our caller, before it
++	 * times out.
++	 */
++	if (!dbus_connection_send_with_reply (self->connection, request, &pending, 2000))
++		g_return_if_reached ();
++	dbus_message_unref (request);
++
++	/* Track our new session object, on this call */
++	dbus_pending_call_set_notify (pending, on_get_connection_unix_process_id, args,
++	                              free_on_get_connection_unix_process_id_args);
++	dbus_pending_call_unref (pending);
++}
++
++/* -----------------------------------------------------------------------------
++ * DBUS
++ */
++
++static DBusMessage*
++service_property_get (GkdSecretService *self, DBusMessage *message)
++{
++	DBusMessage *reply = NULL;
++	DBusMessageIter iter;
++	const gchar *interface;
++	const gchar *name;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface,
++	                            DBUS_TYPE_STRING, &name, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_SERVICE_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	/* The "Collections" property */
++	if (g_str_equal (name, "Collections")) {
++		reply = dbus_message_new_method_return (message);
++		dbus_message_iter_init_append (reply, &iter);
++		gkd_secret_objects_append_collection_paths (self->objects, &iter, message);
++
++	/* No such property */
++	} else {
++		reply = dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                       "Object does not have the '%s' property", name);
++	}
++
++	return reply;
++}
++
++static DBusMessage*
++service_property_set (GkdSecretService *self, DBusMessage *message)
++{
++	return NULL; /* TODO: Need to implement */
++}
++
++static void
++service_append_all_properties (GkdSecretService *self,
++                               DBusMessageIter *iter)
++{
++	DBusMessageIter array;
++	DBusMessageIter dict;
++	const gchar *name;
++
++	dbus_message_iter_open_container (iter, DBUS_TYPE_ARRAY, "{sv}", &array);
++
++	name = "Collections";
++	dbus_message_iter_open_container (&array, DBUS_TYPE_DICT_ENTRY, NULL, &dict);
++	dbus_message_iter_append_basic (&dict, DBUS_TYPE_STRING, &name);
++	gkd_secret_objects_append_collection_paths (self->objects, &dict, NULL);
++	dbus_message_iter_close_container (&array, &dict);
++
++	dbus_message_iter_close_container (iter, &array);
++}
++
++static DBusMessage*
++service_property_getall (GkdSecretService *self, DBusMessage *message)
++{
++	DBusMessage *reply = NULL;
++	DBusMessageIter iter;
++	const gchar *interface;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &interface, DBUS_TYPE_INVALID))
++		return NULL;
++
++	if (!gkd_dbus_interface_match (SECRET_SERVICE_INTERFACE, interface))
++		return dbus_message_new_error_printf (message, DBUS_ERROR_FAILED,
++		                                      "Object does not have properties on interface '%s'",
++		                                      interface);
++
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++	service_append_all_properties (self, &iter);
++	return reply;
++}
++
++static DBusMessage*
++service_method_open_session (GkdSecretService *self, DBusMessage *message)
++{
++	GkdSecretSession *session;
++	DBusMessage *reply = NULL;
++	const gchar *caller;
++
++	if (!dbus_message_has_signature (message, "sv"))
++		return NULL;
++
++	caller = dbus_message_get_sender (message);
++
++	/* Now we can create a session with this information */
++	session = gkd_secret_session_new (self, caller);
++	reply = gkd_secret_session_handle_open (session, message);
++
++	if (dbus_message_get_type (reply) == DBUS_MESSAGE_TYPE_METHOD_RETURN)
++		gkd_secret_service_publish_dispatch (self, caller,
++		                                     GKD_SECRET_DISPATCH (session));
++
++	g_object_unref (session);
++	return reply;
++}
++
++static DBusMessage*
++service_method_create_collection (GkdSecretService *self, DBusMessage *message)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	DBusMessageIter iter, array;
++	GckAttributes *attrs;
++	GkdSecretCreate *create;
++	DBusMessage *reply;
++	const gchar *path;
++	const gchar *alias;
++	const char *caller;
++	const gchar *coll;
++
++	/* Parse the incoming message */
++	if (!dbus_message_has_signature (message, "a{sv}s"))
++		return NULL;
++	if (!dbus_message_iter_init (message, &iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_recurse (&iter, &array);
++	if (!gkd_secret_property_parse_all (&array, SECRET_COLLECTION_INTERFACE, &builder)) {
++		gck_builder_clear (&builder);
++		return dbus_message_new_error_printf (message, DBUS_ERROR_INVALID_ARGS,
++		                                      "Invalid properties");
++	}
++	if (!dbus_message_iter_next (&iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_get_basic (&iter, &alias);
++
++	/* Empty alias is no alias */
++	if (alias) {
++		if (!alias[0]) {
++			alias = NULL;
++		} else if (!g_str_equal (alias, "default")) {
++			gck_builder_clear (&builder);
++			return dbus_message_new_error (message, DBUS_ERROR_NOT_SUPPORTED,
++			                               "Only the 'default' alias is supported");
++		}
++	}
++
++	gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE);
++	attrs = gck_attributes_ref_sink (gck_builder_end (&builder));
++
++	/* Create the prompt object, for the password */
++	caller = dbus_message_get_sender (message);
++	create = gkd_secret_create_new (self, caller, attrs, alias);
++	gck_attributes_unref (attrs);
++
++	path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (create));
++	gkd_secret_service_publish_dispatch (self, caller,
++	                                     GKD_SECRET_DISPATCH (create));
++
++	coll = "/";
++	reply = dbus_message_new_method_return (message);
++	dbus_message_append_args (reply,
++	                          DBUS_TYPE_OBJECT_PATH, &coll,
++	                          DBUS_TYPE_OBJECT_PATH, &path,
++	                          DBUS_TYPE_INVALID);
++
++	g_object_unref (create);
++	return reply;
++}
++
++static DBusMessage*
++service_method_lock_service (GkdSecretService *self, DBusMessage *message)
++{
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_INVALID))
++		return NULL;
++
++	/* TODO: Need to implement */
++	return dbus_message_new_method_return (message);
++}
++
++static DBusMessage*
++service_method_unlock (GkdSecretService *self, DBusMessage *message)
++{
++	GkdSecretUnlock *unlock;
++	DBusMessage *reply;
++	const char *caller;
++	const gchar *path;
++	int n_objpaths, i;
++	char **objpaths;
++
++	if (!dbus_message_get_args (message, NULL,
++	                            DBUS_TYPE_ARRAY, DBUS_TYPE_OBJECT_PATH, &objpaths, &n_objpaths,
++	                            DBUS_TYPE_INVALID))
++		return NULL;
++
++	caller = dbus_message_get_sender (message);
++	unlock = gkd_secret_unlock_new (self, caller, NULL);
++	for (i = 0; i < n_objpaths; ++i)
++		gkd_secret_unlock_queue (unlock, objpaths[i]);
++	dbus_free_string_array (objpaths);
++
++	/* So do we need to prompt? */
++	if (gkd_secret_unlock_have_queued (unlock)) {
++		gkd_secret_service_publish_dispatch (self, caller,
++		                                     GKD_SECRET_DISPATCH (unlock));
++		path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (unlock));
++
++	/* No need to prompt */
++	} else {
++		path = "/";
++	}
++
++	reply = dbus_message_new_method_return (message);
++	objpaths = gkd_secret_unlock_get_results (unlock, &n_objpaths);
++	dbus_message_append_args (reply,
++	                          DBUS_TYPE_ARRAY, DBUS_TYPE_OBJECT_PATH, &objpaths, n_objpaths,
++	                          DBUS_TYPE_OBJECT_PATH, &path,
++	                          DBUS_TYPE_INVALID);
++
++	gkd_secret_unlock_reset_results (unlock);
++	g_object_unref (unlock);
++
++	return reply;
++}
++
++static DBusMessage*
++service_method_lock (GkdSecretService *self, DBusMessage *message)
++{
++	DBusMessage *reply;
++	const char *caller;
++	const gchar *prompt;
++	GckObject *collection;
++	int n_objpaths, i;
++	char **objpaths;
++	GPtrArray *array;
++
++	if (!dbus_message_get_args (message, NULL,
++	                            DBUS_TYPE_ARRAY, DBUS_TYPE_OBJECT_PATH, &objpaths, &n_objpaths,
++	                            DBUS_TYPE_INVALID))
++		return NULL;
++
++	caller = dbus_message_get_sender (message);
++	array = g_ptr_array_new ();
++	for (i = 0; i < n_objpaths; ++i) {
++		collection = gkd_secret_objects_lookup_collection (self->objects, caller, objpaths[i]);
++		if (collection != NULL) {
++			if (gkd_secret_lock (collection, NULL)) {
++				g_ptr_array_add (array, objpaths[i]);
++				gkd_secret_objects_emit_collection_locked (self->objects,
++				                                           collection);
++			}
++			g_object_unref (collection);
++		}
++	}
++
++	prompt = "/";
++	reply = dbus_message_new_method_return (message);
++	dbus_message_append_args (reply,
++	                          DBUS_TYPE_ARRAY, DBUS_TYPE_OBJECT_PATH, &array->pdata, array->len,
++	                          DBUS_TYPE_OBJECT_PATH, &prompt,
++	                          DBUS_TYPE_INVALID);
++
++	dbus_free_string_array (objpaths);
++	return reply;
++}
++
++static DBusMessage*
++service_method_change_lock (GkdSecretService *self, DBusMessage *message)
++{
++	GkdSecretChange *change;
++	DBusMessage *reply;
++	const char *caller;
++	const gchar *path;
++	GckObject *collection;
++
++	caller = dbus_message_get_sender (message);
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID))
++		return NULL;
++
++	/* Make sure it exists */
++	collection = gkd_secret_objects_lookup_collection (self->objects, caller, path);
++	if (!collection)
++		return dbus_message_new_error (message, SECRET_ERROR_NO_SUCH_OBJECT,
++		                               "The collection does not exist");
++	g_object_unref (collection);
++
++	change = gkd_secret_change_new (self, caller, path);
++	path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (change));
++	gkd_secret_service_publish_dispatch (self, caller,
++	                                     GKD_SECRET_DISPATCH (change));
++
++	reply = dbus_message_new_method_return (message);
++	dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID);
++
++	g_object_unref (change);
++	return reply;
++}
++
++static DBusMessage*
++service_method_read_alias (GkdSecretService *self, DBusMessage *message)
++{
++	DBusMessage *reply;
++	const char *alias;
++	gchar *path = NULL;
++	const gchar *identifier;
++	GckObject  *collection = NULL;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &alias, DBUS_TYPE_INVALID))
++		return NULL;
++
++	identifier = gkd_secret_service_get_alias (self, alias);
++	if (identifier)
++		path = gkd_secret_util_build_path (SECRET_COLLECTION_PREFIX, identifier, -1);
++
++	/* Make sure it actually exists */
++	if (path)
++		collection = gkd_secret_objects_lookup_collection (self->objects,
++		                                                   dbus_message_get_sender (message), path);
++	if (collection == NULL) {
++		g_free (path);
++		path = NULL;
++	} else {
++		g_object_unref (collection);
++	}
++
++	reply = dbus_message_new_method_return (message);
++	if (path == NULL)
++		path = g_strdup ("/");
++	dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID);
++	g_free (path);
++
++	return reply;
++}
++
++static DBusMessage*
++service_method_set_alias (GkdSecretService *self, DBusMessage *message)
++{
++	GckObject *collection;
++	gchar *identifier;
++	const char *alias;
++	const char *path;
++
++	if (!dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &alias,
++	                            DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID))
++		return NULL;
++
++	g_return_val_if_fail (alias, NULL);
++	g_return_val_if_fail (path, NULL);
++
++	if (!g_str_equal (alias, "default"))
++		return dbus_message_new_error (message, DBUS_ERROR_NOT_SUPPORTED,
++		                               "Only the 'default' alias is supported");
++
++	/* No default collection */
++	if (g_str_equal (path, "/")) {
++		identifier = g_strdup ("");
++
++	/* Find a collection with that path */
++	} else {
++		if (!object_path_has_prefix (path, SECRET_COLLECTION_PREFIX) ||
++		    !gkd_secret_util_parse_path (path, &identifier, NULL))
++			return dbus_message_new_error (message, DBUS_ERROR_INVALID_ARGS,
++						       "Invalid collection object path");
++
++		collection = gkd_secret_objects_lookup_collection (self->objects,
++								   dbus_message_get_sender (message), path);
++		if (collection == NULL) {
++			g_free (identifier);
++			return dbus_message_new_error (message, SECRET_ERROR_NO_SUCH_OBJECT,
++						       "No such collection exists");
++		}
++
++		g_object_unref (collection);
++	}
++
++	gkd_secret_service_set_alias (self, alias, identifier);
++	g_free (identifier);
++
++	return dbus_message_new_method_return (message);
++}
++
++static DBusMessage*
++service_method_create_with_master_password (GkdSecretService *self, DBusMessage *message)
++{
++	GckBuilder builder = GCK_BUILDER_INIT;
++	DBusError derr = DBUS_ERROR_INIT;
++	DBusMessageIter iter, array;
++	DBusMessage *reply = NULL;
++	GkdSecretSecret *secret = NULL;
++	GckAttributes *attrs = NULL;
++	GError *error = NULL;
++	gchar *path;
++
++	/* Parse the incoming message */
++	if (!dbus_message_has_signature (message, "a{sv}(oayays)"))
++		return NULL;
++	if (!dbus_message_iter_init (message, &iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_recurse (&iter, &array);
++	if (!gkd_secret_property_parse_all (&array, SECRET_COLLECTION_INTERFACE, &builder)) {
++		gck_builder_clear (&builder);
++		return dbus_message_new_error (message, DBUS_ERROR_INVALID_ARGS,
++		                               "Invalid properties argument");
++	}
++	dbus_message_iter_next (&iter);
++	secret = gkd_secret_secret_parse (self, message, &iter, &derr);
++	if (secret == NULL) {
++		gck_builder_clear (&builder);
++		return gkd_secret_error_to_reply (message, &derr);
++	}
++
++	gck_builder_add_boolean (&builder, CKA_TOKEN, TRUE);
++	attrs = gck_attributes_ref_sink (gck_builder_end (&builder));
++	path = gkd_secret_create_with_secret (attrs, secret, &error);
++	gck_attributes_unref (attrs);
++	gkd_secret_secret_free (secret);
++
++	if (path == NULL)
++		return gkd_secret_propagate_error (message, "Couldn't create collection", error);
++
++	/* Notify the callers that a collection was created */
++	gkd_secret_service_emit_collection_created (self, path);
++
++	reply = dbus_message_new_method_return (message);
++	dbus_message_append_args (reply, DBUS_TYPE_OBJECT_PATH, &path, DBUS_TYPE_INVALID);
++	g_free (path);
++
++	return reply;
++}
++
++static DBusMessage*
++service_method_change_with_master_password (GkdSecretService *self, DBusMessage *message)
++{
++	DBusError derr = DBUS_ERROR_INIT;
++	GkdSecretSecret *original, *master;
++	GckObject *collection;
++	DBusMessageIter iter;
++	DBusMessage *reply;
++	GError *error = NULL;
++	const gchar *path;
++
++	/* Parse the incoming message */
++	if (!dbus_message_has_signature (message, "o(oayays)(oayays)"))
++		return NULL;
++	if (!dbus_message_iter_init (message, &iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_get_basic (&iter, &path);
++	dbus_message_iter_next (&iter);
++	original = gkd_secret_secret_parse (self, message, &iter, &derr);
++	if (original == NULL)
++		return gkd_secret_error_to_reply (message, &derr);
++	dbus_message_iter_next (&iter);
++	master = gkd_secret_secret_parse (self, message, &iter, &derr);
++	if (master == NULL) {
++		gkd_secret_secret_free (original);
++		return gkd_secret_error_to_reply (message, &derr);
++	}
++
++	/* Make sure we have such a collection */
++	collection = gkd_secret_objects_lookup_collection (self->objects,
++	                                                   dbus_message_get_sender (message),
++	                                                   path);
++
++	/* No such collection */
++	if (collection == NULL)
++		reply = dbus_message_new_error (message, SECRET_ERROR_NO_SUCH_OBJECT,
++		                                "The collection does not exist");
++
++	/* Success */
++	else if (gkd_secret_change_with_secrets (collection, NULL, original, master, &error))
++		reply = dbus_message_new_method_return (message);
++
++	/* Failure */
++	else
++		reply = gkd_secret_propagate_error (message, "Couldn't change collection password", error);
++
++	gkd_secret_secret_free (original);
++	gkd_secret_secret_free (master);
++
++	if (collection)
++		g_object_unref (collection);
++
++	return reply;
++}
++
++static DBusMessage*
++service_method_unlock_with_master_password (GkdSecretService *self, DBusMessage *message)
++{
++	DBusError derr = DBUS_ERROR_INIT;
++	GkdSecretSecret *master;
++	GError *error = NULL;
++	GckObject *collection;
++	DBusMessageIter iter;
++	DBusMessage *reply;
++	const gchar *path;
++
++	/* Parse the incoming message */
++	if (!dbus_message_has_signature (message, "o(oayays)"))
++		return NULL;
++	if (!dbus_message_iter_init (message, &iter))
++		g_return_val_if_reached (NULL);
++	dbus_message_iter_get_basic (&iter, &path);
++	dbus_message_iter_next (&iter);
++	master = gkd_secret_secret_parse (self, message, &iter, &derr);
++	if (master == NULL)
++		return gkd_secret_error_to_reply (message, &derr);
++
++	/* Make sure we have such a collection */
++	collection = gkd_secret_objects_lookup_collection (self->objects,
++	                                                   dbus_message_get_sender (message),
++	                                                   path);
++
++	/* No such collection */
++	if (collection == NULL) {
++		reply = dbus_message_new_error (message, SECRET_ERROR_NO_SUCH_OBJECT,
++		                                "The collection does not exist");
++
++	/* Success */
++	} else if (gkd_secret_unlock_with_secret (collection, master, &error)) {
++		reply = dbus_message_new_method_return (message);
++		gkd_secret_objects_emit_collection_locked (self->objects, collection);
++
++	/* Failure */
++	} else {
++		reply = gkd_secret_propagate_error (message, "Couldn't unlock collection", error);
++	}
++
++	gkd_secret_secret_free (master);
++
++	if (collection)
++		g_object_unref (collection);
++
++	return reply;
++}
++
++static void
++on_each_path_append_to_array (GkdSecretObjects *self,
++                              const gchar *path,
++                              GckObject *object,
++                              gpointer user_data)
++{
++	GPtrArray *array = user_data;
++	g_ptr_array_add (array, g_strdup (path));
++}
++
++static DBusMessage *
++service_introspect (GkdSecretService *self,
++                    DBusMessage *message)
++{
++	GPtrArray *names;
++	DBusMessage *reply;
++	ServiceClient *client;
++	const gchar *caller;
++	const gchar *path;
++	GHashTableIter iter;
++
++	names = g_ptr_array_new_with_free_func (g_free);
++	gkd_secret_objects_foreach_collection (self->objects, message,
++	                                       on_each_path_append_to_array,
++	                                       names);
++
++	/* Lookup all sessions and prompts for this client */
++	caller = dbus_message_get_sender (message);
++	if (caller != NULL) {
++		client = g_hash_table_lookup (self->clients, caller);
++		if (client != NULL) {
++			g_hash_table_iter_init (&iter, client->dispatch);
++			while (g_hash_table_iter_next (&iter, (gpointer *)&path, NULL))
++				g_ptr_array_add (names, g_strdup (path));
++		}
++	}
++
++	g_ptr_array_add (names, NULL);
++
++	reply = gkd_dbus_introspect_handle (message, gkd_secret_introspect_service,
++	                                    (const gchar **)names->pdata);
++
++	g_ptr_array_unref (names);
++	return reply;
++}
++
++static DBusMessage*
++service_message_handler (GkdSecretService *self, DBusMessage *message)
++{
++	g_return_val_if_fail (message, NULL);
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++
++	/* org.freedesktop.Secret.Service.OpenSession() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "OpenSession"))
++		return service_method_open_session (self, message);
++
++	/* org.freedesktop.Secret.Service.CreateCollection() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "CreateCollection"))
++		return service_method_create_collection (self, message);
++
++	/* org.freedesktop.Secret.Service.LockService() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "LockService"))
++		return service_method_lock_service (self, message);
++
++	/* org.freedesktop.Secret.Service.SearchItems() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "SearchItems"))
++		return gkd_secret_objects_handle_search_items (self->objects, message, NULL);
++
++	/* org.freedesktop.Secret.Service.GetSecrets() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "GetSecrets"))
++		return gkd_secret_objects_handle_get_secrets (self->objects, message);
++
++	/* org.freedesktop.Secret.Service.Unlock() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "Unlock"))
++		return service_method_unlock (self, message);
++
++	/* org.freedesktop.Secret.Service.Lock() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "Lock"))
++		return service_method_lock (self, message);
++
++	/* org.gnome.keyring.InternalUnsupportedGuiltRiddenInterface.ChangeWithPrompt() */
++	if (dbus_message_is_method_call (message, INTERNAL_SERVICE_INTERFACE, "ChangeWithPrompt") ||
++	    dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "ChangeLock"))
++		return service_method_change_lock (self, message);
++
++	/* org.freedesktop.Secret.Service.ReadAlias() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "ReadAlias"))
++		return service_method_read_alias (self, message);
++
++	/* org.freedesktop.Secret.Service.SetAlias() */
++	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "SetAlias"))
++		return service_method_set_alias (self, message);
++
++	/* org.gnome.keyring.InternalUnsupportedGuiltRiddenInterface.CreateWithMasterPassword */
++	if (dbus_message_is_method_call (message, INTERNAL_SERVICE_INTERFACE, "CreateWithMasterPassword"))
++		return service_method_create_with_master_password (self, message);
++
++	/* org.gnome.keyring.InternalUnsupportedGuiltRiddenInterface.ChangeWithMasterPassword() */
++	if (dbus_message_is_method_call (message, INTERNAL_SERVICE_INTERFACE, "ChangeWithMasterPassword"))
++		return service_method_change_with_master_password (self, message);
++
++	/* org.gnome.keyring.InternalUnsupportedGuiltRiddenInterface.UnlockWithMasterPassword() */
++	if (dbus_message_is_method_call (message, INTERNAL_SERVICE_INTERFACE, "UnlockWithMasterPassword"))
++		return service_method_unlock_with_master_password (self, message);
++
++	/* org.freedesktop.DBus.Properties.Get() */
++	if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Get"))
++		return service_property_get (self, message);
++
++	/* org.freedesktop.DBus.Properties.Set() */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "Set"))
++		return service_property_set (self, message);
++
++	/* org.freedesktop.DBus.Properties.GetAll() */
++	else if (dbus_message_is_method_call (message, DBUS_INTERFACE_PROPERTIES, "GetAll"))
++		return service_property_getall (self, message);
++
++	/* org.freedesktop.DBus.Introspectable.Introspect() */
++	else if (dbus_message_has_interface (message, DBUS_INTERFACE_INTROSPECTABLE))
++		return service_introspect (self, message);
++
++	return NULL;
++}
++
++static gboolean
++root_dispatch_message (GkdSecretService *self,
++                       DBusMessage *message)
++{
++	DBusMessage *reply = NULL;
++
++	if (dbus_message_has_interface (message, DBUS_INTERFACE_INTROSPECTABLE))
++		reply = gkd_dbus_introspect_handle (message, gkd_secret_introspect_root, NULL);
++
++	if (reply != NULL) {
++		dbus_connection_send (self->connection, reply, NULL);
++		dbus_message_unref (reply);
++		return TRUE;
++	}
++
++	return FALSE;
++}
++
++static void
++service_dispatch_message (GkdSecretService *self, DBusMessage *message)
++{
++	DBusMessage *reply = NULL;
++	const gchar *caller;
++	ServiceClient *client;
++	const gchar *path;
++	gpointer object;
++
++	g_assert (GKD_SECRET_IS_SERVICE (self));
++	g_assert (message);
++
++	/* The first thing we do is try to allocate a client context */
++	caller = dbus_message_get_sender (message);
++	if (caller == NULL) {
++		reply = dbus_message_new_error (message, DBUS_ERROR_FAILED,
++		                                "Could not not identify calling client application");
++		dbus_connection_send (self->connection, reply, NULL);
++		dbus_message_unref (reply);
++		return;
++	}
++
++	client = g_hash_table_lookup (self->clients, caller);
++	if (client == NULL) {
++		initialize_service_client (self, message);
++		return; /* This function called again, when client is initialized */
++	}
++
++	path = dbus_message_get_path (message);
++	g_return_if_fail (path);
++
++	/* Dispatched to a session or prompt */
++	if (object_path_has_prefix (path, SECRET_SESSION_PREFIX) ||
++	    object_path_has_prefix (path, SECRET_PROMPT_PREFIX)) {
++		object = g_hash_table_lookup (client->dispatch, path);
++		if (object == NULL)
++			reply = gkd_secret_error_no_such_object (message);
++		else
++			reply = gkd_secret_dispatch_message (GKD_SECRET_DISPATCH (object), message);
++
++	/* Dispatched to a collection, off it goes */
++	} else if (object_path_has_prefix (path, SECRET_COLLECTION_PREFIX) ||
++	           object_path_has_prefix (path, SECRET_ALIAS_PREFIX)) {
++		reply = gkd_secret_objects_dispatch (self->objects, message);
++
++	/* Addressed to the service */
++	} else if (g_str_equal (path, SECRET_SERVICE_PATH)) {
++		reply = service_message_handler (self, message);
++	}
++
++	/* Should we send an error? */
++	if (!reply && dbus_message_get_type (message) == DBUS_MESSAGE_TYPE_METHOD_CALL) {
++		if (!dbus_message_get_no_reply (message)) {
++			reply = dbus_message_new_error_printf (message, DBUS_ERROR_UNKNOWN_METHOD,
++			                                       "Method \"%s\" with signature \"%s\" on interface \"%s\" doesn't exist\n",
++			                                       dbus_message_get_member (message),
++			                                       dbus_message_get_signature (message),
++			                                       dbus_message_get_interface (message));
++		}
++	}
++
++	if (reply) {
++		dbus_connection_send (self->connection, reply, NULL);
++		dbus_message_unref (reply);
++	}
++}
++
++static DBusHandlerResult
++gkd_secret_service_filter_handler (DBusConnection *conn, DBusMessage *message, gpointer user_data)
++{
++	GkdSecretService *self = user_data;
++	const gchar *object_name;
++	const gchar *old_owner;
++	const gchar *new_owner;
++	const gchar *path;
++	const gchar *interface;
++
++	g_return_val_if_fail (conn && message, DBUS_HANDLER_RESULT_NOT_YET_HANDLED);
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), DBUS_HANDLER_RESULT_NOT_YET_HANDLED);
++
++	/* org.freedesktop.DBus.NameOwnerChanged(STRING name, STRING old_owner, STRING new_owner) */
++	if (dbus_message_is_signal (message, DBUS_INTERFACE_DBUS, "NameOwnerChanged") &&
++	    dbus_message_get_args (message, NULL, DBUS_TYPE_STRING, &object_name,
++	                           DBUS_TYPE_STRING, &old_owner, DBUS_TYPE_STRING, &new_owner,
++	                           DBUS_TYPE_INVALID)) {
++
++		/*
++		 * A peer is connecting or disconnecting from the bus,
++		 * remove any client info, when client gone.
++		 */
++
++		g_return_val_if_fail (object_name && new_owner, DBUS_HANDLER_RESULT_NOT_YET_HANDLED);
++		if (g_str_equal (new_owner, "") && object_name[0] == ':')
++			g_hash_table_remove (self->clients, object_name);
++
++		return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
++	}
++
++	/*
++	 * If the path is a within our object tree, then we do our own dispatch.
++	 */
++	path = dbus_message_get_path (message);
++	switch (dbus_message_get_type (message)) {
++
++	/* Dispatch any method call on our interfaces, for our objects */
++	case DBUS_MESSAGE_TYPE_METHOD_CALL:
++		if (path != NULL && g_str_equal (path, "/")) {
++			if (root_dispatch_message (self, message))
++				return DBUS_HANDLER_RESULT_HANDLED;
++		}
++
++		if (object_path_has_prefix (path, SECRET_SERVICE_PATH)) {
++			interface = dbus_message_get_interface (message);
++			if (interface == NULL ||
++			    g_str_has_prefix (interface, SECRET_INTERFACE_PREFIX) ||
++			    g_str_equal (interface, DBUS_INTERFACE_PROPERTIES) ||
++			    g_str_equal (interface, INTERNAL_SERVICE_INTERFACE) ||
++			    g_str_equal (interface, DBUS_INTERFACE_INTROSPECTABLE)) {
++				service_dispatch_message (self, message);
++				return DBUS_HANDLER_RESULT_HANDLED;
++			}
++		}
++		break;
++
++	/* Dispatch any signal for one of our objects */
++	case DBUS_MESSAGE_TYPE_SIGNAL:
++		if (object_path_has_prefix (path, SECRET_SERVICE_PATH)) {
++			service_dispatch_message (self, message);
++			return DBUS_HANDLER_RESULT_HANDLED;
++		}
++		break;
++
++	default:
++		break;
++	}
++
++	return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
++}
++
++/* -----------------------------------------------------------------------------
++ * OBJECT
++ */
++
++static GObject*
++gkd_secret_service_constructor (GType type, guint n_props, GObjectConstructParam *props)
++{
++	GkdSecretService *self = GKD_SECRET_SERVICE (G_OBJECT_CLASS (gkd_secret_service_parent_class)->constructor(type, n_props, props));
++	DBusError error = DBUS_ERROR_INIT;
++	GckSlot *slot = NULL;
++	guint i;
++
++	g_return_val_if_fail (self, NULL);
++	g_return_val_if_fail (self->connection, NULL);
++
++	/* Find the pkcs11-slot parameter */
++	for (i = 0; !slot && i < n_props; ++i) {
++		if (g_str_equal (props[i].pspec->name, "pkcs11-slot"))
++			slot = g_value_get_object (props[i].value);
++	}
++
++	/* Create our objects proxy */
++	g_return_val_if_fail (GCK_IS_SLOT (slot), NULL);
++	self->objects = g_object_new (GKD_SECRET_TYPE_OBJECTS,
++	                              "pkcs11-slot", slot, "service", self, NULL);
++
++	/* Register for signals that let us know when clients leave the bus */
++	self->match_rule = g_strdup_printf ("type='signal',member=NameOwnerChanged,"
++	                                    "interface='" DBUS_INTERFACE_DBUS "'");
++	dbus_bus_add_match (self->connection, self->match_rule, &error);
++	if (dbus_error_is_set (&error)) {
++		g_warning ("couldn't listen for NameOwnerChanged signal on session bus: %s", error.message);
++		dbus_error_free (&error);
++		g_free (self->match_rule);
++		self->match_rule = NULL;
++	}
++
++	if (!dbus_connection_add_filter (self->connection, gkd_secret_service_filter_handler, self, NULL))
++		g_return_val_if_reached (NULL);
++
++	return G_OBJECT (self);
++}
++
++static void
++gkd_secret_service_init (GkdSecretService *self)
++{
++	self->clients = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, free_client);
++	self->aliases = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
++}
++
++static void
++gkd_secret_service_dispose (GObject *obj)
++{
++	GkdSecretService *self = GKD_SECRET_SERVICE (obj);
++
++	if (self->match_rule) {
++		g_return_if_fail (self->connection);
++		dbus_bus_remove_match (self->connection, self->match_rule, NULL);
++		g_free (self->match_rule);
++		self->match_rule = NULL;
++	}
++
++	/* Closes all the clients */
++	g_hash_table_remove_all (self->clients);
++
++	/* Hide all the objects */
++	if (self->objects) {
++		g_object_run_dispose (G_OBJECT (self->objects));
++		g_object_unref (self->objects);
++		self->objects = NULL;
++	}
++
++	if (self->connection) {
++		dbus_connection_remove_filter (self->connection, gkd_secret_service_filter_handler, self);
++		dbus_connection_unref (self->connection);
++		self->connection = NULL;
++	}
++
++	if (self->internal_session) {
++		dispose_and_unref (self->internal_session);
++		self->internal_session = NULL;
++	}
++
++	G_OBJECT_CLASS (gkd_secret_service_parent_class)->dispose (obj);
++}
++
++static void
++gkd_secret_service_finalize (GObject *obj)
++{
++	GkdSecretService *self = GKD_SECRET_SERVICE (obj);
++
++	g_assert (g_hash_table_size (self->clients) == 0);
++	g_hash_table_destroy (self->clients);
++	self->clients = NULL;
++
++	g_hash_table_destroy (self->aliases);
++	self->aliases = NULL;
++
++	G_OBJECT_CLASS (gkd_secret_service_parent_class)->finalize (obj);
++}
++
++static void
++gkd_secret_service_set_property (GObject *obj, guint prop_id, const GValue *value,
++                                 GParamSpec *pspec)
++{
++	GkdSecretService *self = GKD_SECRET_SERVICE (obj);
++
++	switch (prop_id) {
++	case PROP_CONNECTION:
++		g_return_if_fail (!self->connection);
++		self->connection = g_value_dup_boxed (value);
++		g_return_if_fail (self->connection);
++		break;
++	case PROP_PKCS11_SLOT:
++		g_return_if_fail (!self->objects);
++		break;
++	default:
++		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
++		break;
++	}
++}
++
++static void
++gkd_secret_service_get_property (GObject *obj, guint prop_id, GValue *value,
++                                 GParamSpec *pspec)
++{
++	GkdSecretService *self = GKD_SECRET_SERVICE (obj);
++
++	switch (prop_id) {
++	case PROP_CONNECTION:
++		g_value_set_boxed (value, gkd_secret_service_get_connection (self));
++		break;
++	case PROP_PKCS11_SLOT:
++		g_value_set_object (value, gkd_secret_service_get_pkcs11_slot (self));
++		break;
++	default:
++		G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec);
++		break;
++	}
++}
++
++static void
++gkd_secret_service_class_init (GkdSecretServiceClass *klass)
++{
++	GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
++
++	gobject_class->constructor = gkd_secret_service_constructor;
++	gobject_class->dispose = gkd_secret_service_dispose;
++	gobject_class->finalize = gkd_secret_service_finalize;
++	gobject_class->set_property = gkd_secret_service_set_property;
++	gobject_class->get_property = gkd_secret_service_get_property;
++
++	g_object_class_install_property (gobject_class, PROP_CONNECTION,
++		g_param_spec_boxed ("connection", "Connection", "DBus Connection",
++		                    GKD_DBUS_TYPE_CONNECTION, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
++
++	g_object_class_install_property (gobject_class, PROP_PKCS11_SLOT,
++	        g_param_spec_object ("pkcs11-slot", "Pkcs11 Slot", "PKCS#11 slot that we use for secrets",
++	                             GCK_TYPE_SLOT, G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
++}
++
++/* -----------------------------------------------------------------------------
++ * PUBLIC
++ */
++
++void
++gkd_secret_service_send (GkdSecretService *self, DBusMessage *message)
++{
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	dbus_connection_send (self->connection, message, NULL);
++}
++
++GkdSecretObjects*
++gkd_secret_service_get_objects (GkdSecretService *self)
++{
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	return self->objects;
++}
++
++DBusConnection*
++gkd_secret_service_get_connection (GkdSecretService *self)
++{
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	return self->connection;
++}
++
++GckSlot*
++gkd_secret_service_get_pkcs11_slot (GkdSecretService *self)
++{
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	return gkd_secret_objects_get_pkcs11_slot (self->objects);
++}
++
++static gboolean
++log_into_pkcs11_session (GckSession *session, GError **error)
++{
++	GckSessionInfo *sess;
++	GckTokenInfo *info;
++	GckSlot *slot;
++	gboolean login;
++
++	/* Perform the necessary 'user' login to secrets token. Doesn't unlock anything */
++	slot = gck_session_get_slot (session);
++	info = gck_slot_get_token_info (slot);
++	login = info && (info->flags & CKF_LOGIN_REQUIRED);
++	gck_token_info_free (info);
++	g_object_unref (slot);
++
++	if (login) {
++		sess = gck_session_get_info (session);
++		if (sess->state == CKS_RO_USER_FUNCTIONS ||
++		    sess->state == CKS_RW_USER_FUNCTIONS)
++			login = FALSE;
++		gck_session_info_free (sess);
++	}
++
++	if (login && !gck_session_login (session, CKU_USER, NULL, 0, NULL, error))
++		return FALSE;
++
++	return TRUE;
++}
++
++GckSession*
++gkd_secret_service_get_pkcs11_session (GkdSecretService *self, const gchar *caller)
++{
++	ServiceClient *client;
++	GError *error = NULL;
++	GckSlot *slot;
++
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	g_return_val_if_fail (caller, NULL);
++
++	client = g_hash_table_lookup (self->clients, caller);
++	g_return_val_if_fail (client, NULL);
++
++	/* Open a new session if necessary */
++	if (!client->pkcs11_session) {
++		slot = gkd_secret_service_get_pkcs11_slot (self);
++		client->pkcs11_session = gck_slot_open_session_full (slot, GCK_SESSION_READ_WRITE,
++		                                                     CKF_G_APPLICATION_SESSION, &client->app,
++		                                                     NULL, NULL, &error);
++		if (!client->pkcs11_session) {
++			g_warning ("couldn't open pkcs11 session for secret service: %s",
++			           egg_error_message (error));
++			g_clear_error (&error);
++			return NULL;
++		}
++
++		if (!log_into_pkcs11_session (client->pkcs11_session, &error)) {
++			g_warning ("couldn't log in to pkcs11 session for secret service: %s",
++			           egg_error_message (error));
++			g_clear_error (&error);
++			g_object_unref (client->pkcs11_session);
++			client->pkcs11_session = NULL;
++			return NULL;
++		}
++	}
++
++	return client->pkcs11_session;
++}
++
++GckSession*
++gkd_secret_service_internal_pkcs11_session (GkdSecretService *self)
++{
++	GError *error = NULL;
++	GckSlot *slot;
++
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++
++	if (self->internal_session)
++		return self->internal_session;
++
++	slot = gkd_secret_service_get_pkcs11_slot (self);
++	self->internal_session = gck_slot_open_session_full (slot, GCK_SESSION_READ_WRITE,
++	                                                     0, NULL, NULL, NULL, &error);
++	if (!self->internal_session) {
++		g_warning ("couldn't open pkcs11 session for secret service: %s",
++		           egg_error_message (error));
++		g_clear_error (&error);
++		return NULL;
++	}
++
++	if (!log_into_pkcs11_session (self->internal_session, &error)) {
++		g_warning ("couldn't log in to pkcs11 session for secret service: %s",
++		           egg_error_message (error));
++		g_clear_error (&error);
++		g_object_unref (self->internal_session);
++		self->internal_session = NULL;
++		return NULL;
++	}
++
++	return self->internal_session;
++}
++
++GkdSecretSession*
++gkd_secret_service_lookup_session (GkdSecretService *self, const gchar *path,
++                                   const gchar *caller)
++{
++	ServiceClient *client;
++	gpointer object;
++
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	g_return_val_if_fail (path, NULL);
++	g_return_val_if_fail (caller, NULL);
++
++	client = g_hash_table_lookup (self->clients, caller);
++	g_return_val_if_fail (client, NULL);
++
++	object = g_hash_table_lookup (client->dispatch, path);
++	if (object == NULL || !GKD_SECRET_IS_SESSION (object))
++		return NULL;
++
++	return GKD_SECRET_SESSION (object);
++}
++
++void
++gkd_secret_service_close_session (GkdSecretService *self, GkdSecretSession *session)
++{
++	ServiceClient *client;
++	const gchar *caller;
++	const gchar *path;
++
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	g_return_if_fail (GKD_SECRET_IS_SESSION (session));
++
++	caller = gkd_secret_session_get_caller (session);
++	client = g_hash_table_lookup (self->clients, caller);
++	g_return_if_fail (client);
++
++	path = gkd_secret_dispatch_get_object_path (GKD_SECRET_DISPATCH (session));
++	g_hash_table_remove (client->dispatch, path);
++}
++
++const gchar*
++gkd_secret_service_get_alias (GkdSecretService *self, const gchar *alias)
++{
++	const gchar *identifier;
++
++	g_return_val_if_fail (GKD_SECRET_IS_SERVICE (self), NULL);
++	g_return_val_if_fail (alias != NULL, NULL);
++
++	identifier =  g_hash_table_lookup (self->aliases, alias);
++	if (!identifier) {
++		if (g_str_equal (alias, "default")) {
++			update_default (self, TRUE);
++			identifier = g_hash_table_lookup (self->aliases, alias);
++
++			/* Default to to 'login' if no default keyring */
++			if (identifier == NULL) {
++				identifier = "login";
++				g_hash_table_replace (self->aliases, g_strdup (alias),
++				                      g_strdup (identifier));
++			}
++
++		} else if (g_str_equal (alias, "session")) {
++			identifier = "session";
++			g_hash_table_replace (self->aliases, g_strdup (alias),
++			                      g_strdup (identifier));
++
++		/* TODO: We should be using CKA_G_LOGIN_COLLECTION */
++		} else if (g_str_equal (alias, "login")) {
++			identifier = "login";
++			g_hash_table_replace (self->aliases, g_strdup (alias),
++			                      g_strdup (identifier));
++		}
++	}
++
++	return identifier;
++}
++
++void
++gkd_secret_service_set_alias (GkdSecretService *self, const gchar *alias,
++                              const gchar *identifier)
++{
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	g_return_if_fail (alias);
++
++	g_hash_table_replace (self->aliases, g_strdup (alias), g_strdup (identifier));
++
++	if (g_str_equal (alias, "default"))
++		store_default (self);
++}
++
++void
++gkd_secret_service_publish_dispatch (GkdSecretService *self, const gchar *caller,
++                                     GkdSecretDispatch *object)
++{
++	ServiceClient *client;
++	const gchar *path;
++
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	g_return_if_fail (caller);
++	g_return_if_fail (GKD_SECRET_IS_DISPATCH (object));
++
++	/* Take ownership of the session */
++	client = g_hash_table_lookup (self->clients, caller);
++	g_return_if_fail (client);
++	path = gkd_secret_dispatch_get_object_path (object);
++	g_return_if_fail (!g_hash_table_lookup (client->dispatch, path));
++	g_hash_table_replace (client->dispatch, (gpointer)path, g_object_ref (object));
++}
++
++static void
++emit_collections_properties_changed (GkdSecretService *self)
++{
++	const gchar *iface = SECRET_SERVICE_INTERFACE;
++	DBusMessage *message;
++	DBusMessageIter array;
++	DBusMessageIter iter;
++
++	message = dbus_message_new_signal (SECRET_SERVICE_PATH,
++	                                   DBUS_INTERFACE_PROPERTIES,
++	                                   "PropertiesChanged");
++
++	dbus_message_iter_init_append (message, &iter);
++	dbus_message_iter_append_basic (&iter, DBUS_TYPE_STRING, &iface);
++	service_append_all_properties (self, &iter);
++	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "s", &array);
++	dbus_message_iter_close_container (&iter, &array);
++
++	if (!dbus_connection_send (self->connection, message, NULL))
++		g_return_if_reached ();
++	dbus_message_unref (message);
++}
++
++void
++gkd_secret_service_emit_collection_created (GkdSecretService *self,
++                                            const gchar *collection_path)
++{
++	DBusMessage *message;
++
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	g_return_if_fail (collection_path != NULL);
++
++	message = dbus_message_new_signal (SECRET_SERVICE_PATH,
++	                                   SECRET_SERVICE_INTERFACE,
++	                                   "CollectionCreated");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &collection_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (self->connection, message, NULL))
++		g_return_if_reached ();
++	dbus_message_unref (message);
++
++	emit_collections_properties_changed (self);
++}
++
++void
++gkd_secret_service_emit_collection_deleted (GkdSecretService *self,
++                                            const gchar *collection_path)
++{
++	DBusMessage *message;
++
++	g_return_if_fail (GKD_SECRET_IS_SERVICE (self));
++	g_return_if_fail (collection_path != NULL);
++
++	message = dbus_message_new_signal (SECRET_SERVICE_PATH,
++	                                   SECRET_SERVICE_INTERFACE,
++	                                   "CollectionDeleted");
++	dbus_message_append_args (message, DBUS_TYPE_OBJECT_PATH, &collection_path,
++	                          DBUS_TYPE_INVALID);
++
++	if (!dbus_connection_send (self->connection, message, NULL))
++		g_return_if_reached ();
++	dbus_message_unref (message);
++
++	emit_collections_properties_changed (self);
++}
 === modified file '.pc/applied-patches'
 --- .pc/applied-patches	2012-05-16 17:39:27 +0000
 +++ .pc/applied-patches	2013-03-14 13:26:21 +0000
@@ -1,2 +1,4 @@
++00git_fix_searchitems_method.patch
++00git_fix_introspection.patch
 _kfreebsd.patch
 _nodisplay_autostart.patch
 === modified file 'daemon/dbus/gkd-secret-introspect.c'
 --- daemon/dbus/gkd-secret-introspect.c	2012-05-16 17:39:27 +0000
 +++ daemon/dbus/gkd-secret-introspect.c	2013-03-14 13:26:21 +0000
@@ -63,7 +63,7 @@
  	"	<interface name='org.freedesktop.Secret.Collection'>\n"
  	"		<property name='Items' type='ao' access='read'/>\n"
  	"		<property name='Label' type='s' access='readwrite'/>\n"
--	"		<property name='Locked' type='s' access='read'/>\n"
++	"		<property name='Locked' type='b' access='read'/>\n"
  	"		<property name='Created' type='t' access='read'/>\n"
  	"		<property name='Modified' type='t' access='read'/>\n"
  	"		<method name='Delete'>\n"
@@ -71,8 +71,7 @@
  	"		</method>\n"
  	"		<method name='SearchItems'>\n"
  	"			<arg name='attributes' type='a{ss}' direction='in'/>\n"
--	"			<arg name='unlocked' type='ao' direction='out'/>\n"
--	"			<arg name='locked' type='ao' direction='out'/>\n"
++	"			<arg name='results' type='ao' direction='out'/>\n"
  	"		</method>\n"
  	"		<method name='CreateItem'>\n"
  	"			<arg name='props' type='a{sv}' direction='in'/>\n"
 === modified file 'daemon/dbus/gkd-secret-objects.c'
 --- daemon/dbus/gkd-secret-objects.c	2013-03-07 11:39:17 +0000
 +++ daemon/dbus/gkd-secret-objects.c	2013-03-14 13:26:21 +0000
@@ -542,7 +542,7 @@
  static DBusMessage*
  collection_method_search_items (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
+ {
--	return gkd_secret_objects_handle_search_items (self, message, dbus_message_get_path (message));
++	return gkd_secret_objects_handle_search_items (self, message, dbus_message_get_path (message), FALSE);
+ }
  static GckObject*
@@ -1314,8 +1314,10 @@
+ }
  DBusMessage*
--gkd_secret_objects_handle_search_items (GkdSecretObjects *self, DBusMessage *message,
--                                        const gchar *base)
++gkd_secret_objects_handle_search_items (GkdSecretObjects *self,
++                                        DBusMessage *message,
++                                        const gchar *base,
++                                        gboolean separate_locked)
+ {
  	GckBuilder builder = GCK_BUILDER_INIT;
  	DBusMessageIter iter;
@@ -1385,23 +1387,31 @@
  	items = gck_objects_from_handle_array (session, data, n_data / sizeof (CK_OBJECT_HANDLE));
  	g_free (data);
++	/* Prepare the reply message */
++	reply = dbus_message_new_method_return (message);
++	dbus_message_iter_init_append (reply, &iter);
++
  	/* Filter out the locked items */
--	item_cleanup_search_results (session, items, &locked, &unlocked);
--
--	/* Prepare the reply message */
--	reply = dbus_message_new_method_return (message);
--	dbus_message_iter_init_append (reply, &iter);
--
--	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
--	objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_iter, &array);
--	dbus_message_iter_close_container (&iter, &array);
--
--	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
--	objects_foreach_item (self, locked, NULL, on_object_path_append_to_iter, &array);
--	dbus_message_iter_close_container (&iter, &array);
--
--	g_list_free (locked);
--	g_list_free (unlocked);
++	if (separate_locked) {
++		item_cleanup_search_results (session, items, &locked, &unlocked);
++
++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++		objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_iter, &array);
++		dbus_message_iter_close_container (&iter, &array);
++
++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++		objects_foreach_item (self, locked, NULL, on_object_path_append_to_iter, &array);
++		dbus_message_iter_close_container (&iter, &array);
++
++		g_list_free (locked);
++		g_list_free (unlocked);
++
++	} else {
++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++		objects_foreach_item (self, items, NULL, on_object_path_append_to_iter, &array);
++		dbus_message_iter_close_container (&iter, &array);
++	}
++
  	gck_list_unref_free (items);
  	return reply;
 === modified file 'daemon/dbus/gkd-secret-objects.h'
 --- daemon/dbus/gkd-secret-objects.h	2012-08-13 12:39:40 +0000
 +++ daemon/dbus/gkd-secret-objects.h	2013-03-14 13:26:21 +0000
@@ -55,7 +55,8 @@
  DBusMessage*        gkd_secret_objects_handle_search_items       (GkdSecretObjects *self,
                                                                    DBusMessage *message,
--                                                                  const gchar *base);
++                                                                  const gchar *base,
++                                                                  gboolean separate_locked);
  DBusMessage*        gkd_secret_objects_handle_get_secrets        (GkdSecretObjects *self,
                                                                    DBusMessage *message);
 === modified file 'daemon/dbus/gkd-secret-service.c'
 --- daemon/dbus/gkd-secret-service.c	2012-08-24 10:32:10 +0000
 +++ daemon/dbus/gkd-secret-service.c	2013-03-14 13:26:21 +0000
@@ -913,7 +913,7 @@
  	/* org.freedesktop.Secret.Service.SearchItems() */
  	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "SearchItems"))
--		return gkd_secret_objects_handle_search_items (self->objects, message, NULL);
++		return gkd_secret_objects_handle_search_items (self->objects, message, NULL, TRUE);
  	/* org.freedesktop.Secret.Service.GetSecrets() */
  	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "GetSecrets"))
 === modified file 'debian/changelog'
 --- debian/changelog	2013-03-07 11:39:17 +0000
 +++ debian/changelog	2013-03-14 13:26:21 +0000
@@ -1,3 +1,12 @@
++gnome-keyring (3.6.3-0ubuntu2) raring; urgency=low
++
++  * debian/patches/00git_fix_searchitems_method.patch:
++    Upstream patch to fix return value of Collection.SearchItems().
++  * debian/patches/00git_fix_introspection.patch:
++    Upstream patch to fix introspection of some D-Bus methods.
++
++ -- Dmitry Shachnev <mitya57@ubuntu.com>  Thu, 14 Mar 2013 17:18:23 +0400
++
  gnome-keyring (3.6.3-0ubuntu1) raring; urgency=low
    * New upstream release
 === added file 'debian/patches/00git_fix_introspection.patch'
 --- debian/patches/00git_fix_introspection.patch	1970-01-01 00:00:00 +0000
 +++ debian/patches/00git_fix_introspection.patch	2013-03-14 13:26:21 +0000
@@ -0,0 +1,26 @@
++Author: Dmitry Shachnev <mitya57@ubuntu.com>
++Description: Fix introspection of some D-Bus methods
++Forwarded: yes
++Last-Update: 2013-03-10
++
++--- a/daemon/dbus/gkd-secret-introspect.c
+++++ b/daemon/dbus/gkd-secret-introspect.c
++@@ -63,7 +63,7 @@
++ 	"	<interface name='org.freedesktop.Secret.Collection'>\n"
++ 	"		<property name='Items' type='ao' access='read'/>\n"
++ 	"		<property name='Label' type='s' access='readwrite'/>\n"
++-	"		<property name='Locked' type='s' access='read'/>\n"
+++	"		<property name='Locked' type='b' access='read'/>\n"
++ 	"		<property name='Created' type='t' access='read'/>\n"
++ 	"		<property name='Modified' type='t' access='read'/>\n"
++ 	"		<method name='Delete'>\n"
++@@ -71,8 +71,7 @@
++ 	"		</method>\n"
++ 	"		<method name='SearchItems'>\n"
++ 	"			<arg name='attributes' type='a{ss}' direction='in'/>\n"
++-	"			<arg name='unlocked' type='ao' direction='out'/>\n"
++-	"			<arg name='locked' type='ao' direction='out'/>\n"
+++	"			<arg name='results' type='ao' direction='out'/>\n"
++ 	"		</method>\n"
++ 	"		<method name='CreateItem'>\n"
++ 	"			<arg name='props' type='a{sv}' direction='in'/>\n"
 === added file 'debian/patches/00git_fix_searchitems_method.patch'
 --- debian/patches/00git_fix_searchitems_method.patch	1970-01-01 00:00:00 +0000
 +++ debian/patches/00git_fix_searchitems_method.patch	2013-03-14 13:26:21 +0000
@@ -0,0 +1,99 @@
++Description: Only return one object path list from Collection.SearchItems()
++ In the Secret Service dbus interface the SearchItems method of the
++ Collection interface only returns one list of object paths, unlike
++ SearchItems on the Service interface which splits its return values
++ by locked and unlocked items.
++Origin: upstream, https://git.gnome.org/browse/gnome-keyring/commit/?id=ddb87ccad9
++Last-Update: 2013-03-10
++
++--- a/daemon/dbus/gkd-secret-objects.c
+++++ b/daemon/dbus/gkd-secret-objects.c
++@@ -542,7 +542,7 @@
++ static DBusMessage*
++ collection_method_search_items (GkdSecretObjects *self, GckObject *object, DBusMessage *message)
++ {
++-	return gkd_secret_objects_handle_search_items (self, message, dbus_message_get_path (message));
+++	return gkd_secret_objects_handle_search_items (self, message, dbus_message_get_path (message), FALSE);
++ }
++
++ static GckObject*
++@@ -1314,8 +1314,10 @@
++ }
++
++ DBusMessage*
++-gkd_secret_objects_handle_search_items (GkdSecretObjects *self, DBusMessage *message,
++-                                        const gchar *base)
+++gkd_secret_objects_handle_search_items (GkdSecretObjects *self,
+++                                        DBusMessage *message,
+++                                        const gchar *base,
+++                                        gboolean separate_locked)
++ {
++ 	GckBuilder builder = GCK_BUILDER_INIT;
++ 	DBusMessageIter iter;
++@@ -1385,23 +1387,31 @@
++ 	items = gck_objects_from_handle_array (session, data, n_data / sizeof (CK_OBJECT_HANDLE));
++ 	g_free (data);
++
++-	/* Filter out the locked items */
++-	item_cleanup_search_results (session, items, &locked, &unlocked);
++-
++ 	/* Prepare the reply message */
++ 	reply = dbus_message_new_method_return (message);
++ 	dbus_message_iter_init_append (reply, &iter);
++
++-	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++-	objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_iter, &array);
++-	dbus_message_iter_close_container (&iter, &array);
++-
++-	dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
++-	objects_foreach_item (self, locked, NULL, on_object_path_append_to_iter, &array);
++-	dbus_message_iter_close_container (&iter, &array);
+++	/* Filter out the locked items */
+++	if (separate_locked) {
+++		item_cleanup_search_results (session, items, &locked, &unlocked);
+++
+++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
+++		objects_foreach_item (self, unlocked, NULL, on_object_path_append_to_iter, &array);
+++		dbus_message_iter_close_container (&iter, &array);
+++
+++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
+++		objects_foreach_item (self, locked, NULL, on_object_path_append_to_iter, &array);
+++		dbus_message_iter_close_container (&iter, &array);
+++
+++		g_list_free (locked);
+++		g_list_free (unlocked);
+++
+++	} else {
+++		dbus_message_iter_open_container (&iter, DBUS_TYPE_ARRAY, "o", &array);
+++		objects_foreach_item (self, items, NULL, on_object_path_append_to_iter, &array);
+++		dbus_message_iter_close_container (&iter, &array);
+++	}
++
++-	g_list_free (locked);
++-	g_list_free (unlocked);
++ 	gck_list_unref_free (items);
++
++ 	return reply;
++--- a/daemon/dbus/gkd-secret-objects.h
+++++ b/daemon/dbus/gkd-secret-objects.h
++@@ -55,7 +55,8 @@
++
++ DBusMessage*        gkd_secret_objects_handle_search_items       (GkdSecretObjects *self,
++                                                                   DBusMessage *message,
++-                                                                  const gchar *base);
+++                                                                  const gchar *base,
+++                                                                  gboolean separate_locked);
++
++ DBusMessage*        gkd_secret_objects_handle_get_secrets        (GkdSecretObjects *self,
++                                                                   DBusMessage *message);
++--- a/daemon/dbus/gkd-secret-service.c
+++++ b/daemon/dbus/gkd-secret-service.c
++@@ -913,7 +913,7 @@
++
++ 	/* org.freedesktop.Secret.Service.SearchItems() */
++ 	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "SearchItems"))
++-		return gkd_secret_objects_handle_search_items (self->objects, message, NULL);
+++		return gkd_secret_objects_handle_search_items (self->objects, message, NULL, TRUE);
++
++ 	/* org.freedesktop.Secret.Service.GetSecrets() */
++ 	if (dbus_message_is_method_call (message, SECRET_SERVICE_INTERFACE, "GetSecrets"))
 === modified file 'debian/patches/series'
 --- debian/patches/series	2012-05-16 17:39:27 +0000
 +++ debian/patches/series	2013-03-14 13:26:21 +0000
@@ -1,2 +1,4 @@
++00git_fix_searchitems_method.patch
++00git_fix_introspection.patch
 _kfreebsd.patch
 _nodisplay_autostart.patch

Ubuntugnome-keyring package

Merge lp:~mitya57/ubuntu/raring/gnome-keyring/dbus-fixes into lp:ubuntu/raring/gnome-keyring

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
gnome-keyring package