summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-182-3/+8
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* attrs: Check printf formatting in buffer_append_printf()Stef Walter2013-07-181-0/+5
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985497
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-1811-51/+348
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-187-31/+31
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-1811-34/+91
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-1817-3/+423
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* tools: Use $TMPDIR instead of $TEMPStef Walter2013-07-1811-96/+73
| | | | | | | | | | | | TMPDIR is a more standard environment variable for locating the temp directory on Unix. In addition since this is only used in tests, remove the code from the generic p11_path_expand() func. In general remove the possibility for forks to put $HOME or $TEMP environment variables in configured paths. This was possible due to code in p11_path_expand() but not something we supported. https://bugzilla.redhat.com/show_bug.cgi?id=985017
* Fix various issues highlighted by coverity scannerStef Walter2013-07-1810-30/+43
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-184-79/+46
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* buffer: Check for unlikely integer overflowStef Walter2013-07-181-0/+6
| | | | | | | | If we see an integer overflow here something has gone horribly wrong (or malicious code is present). So treat this as unrecoverable, and fail if we're going to overflow. https://bugzilla.redhat.com/show_bug.cgi?id=985019
* Make preconditions abort unconditionally when scanning with coverityStef Walter2013-07-182-0/+9
| | | | | | | | | | | | This reflects that preconditions are invalid/unreachable on a functioning system and with valid input. We do not try to recover from such conditions. In addition teach coverity about how our test suite fails See http://p11-glue.freedesktop.org/doc/p11-kit/devel-building-style.html https://bugzilla.redhat.com/show_bug.cgi?id=985005
* iter: Document guarantees for filter matches argumetStef Walter2013-07-181-0/+4
| | | | | | | | The matches argument is always initialized to CK_TRUE when a filter is called, and it's up to filters to set it to CK_FALSE. Filters don't need to set to CK_TRUE. https://bugzilla.redhat.com/show_bug.cgi?id=985009
* Fixes for some recent win32 regressionsStef Walter2013-07-183-16/+37
|
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-173-3/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* Build with -fno-common to catch definition problemsStef Walter2013-07-102-3/+3
| | | | | | Fix some global variables not declared as extern https://bugs.freedesktop.org/show_bug.cgi?id=66015
* Various documentation tweaks and fixes for warningsStef Walter2013-07-103-1/+13
|
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-1017-648/+922
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* trust: Fix the 'p11-kit extract' commandStef Walter2013-07-093-3/+22
| | | | | This is supposed to call over to 'trust extract' and wasn't working correctly.
* trust: Fix bug with load validation failuresStef Walter2013-07-082-2/+53
|
* trust: Add a basic 'anchor' command to store a new anchorStef Walter2013-07-084-0/+348
|
* trust: Fix various issues writing objects in trust tokenStef Walter2013-07-088-252/+483
| | | | | | | | * Create directory before trying to write files to it * Handle write failures appropriately Refactor how we build and store objects in the index to handle the above cases properly.
* trust: Mark CKA_X_DISTRUSTED as a boolean attributeStef Walter2013-07-081-0/+1
|
* trust: Support token directory paths in user's home directoryStef Walter2013-07-082-1/+2
|
* trust: Explicitly specify which formats parser should parseStef Walter2013-07-085-28/+73
|
* trust: Support using the parser without an asn1_cacheStef Walter2013-07-083-7/+41
|
* asn1: In p11_asn1_read() allocate an extra null terminatorStef Walter2013-07-081-2/+5
| | | | As a courtesy for callers.
* common: Fix typo, and don't escape '6' in URL encodingStef Walter2013-07-081-1/+1
|
* p11-kit: Add P11_KIT_MODULE_TRUSTED flagStef Walter2013-07-046-56/+98
| | | | | A new flag to pass to p11_kit_modules_load() and related functions which limits loaded modules to ones with "trust-policy: yes".
* trust: Port to use CKA_PUBLIC_KEY_INFO and updated trust store specStef Walter2013-07-0418-216/+561
| | | | | | | | | | * Use the concepts and PKCS#11 objects described in the recently updated (still work in progress) storing trust spec. * Define our own CKA_X_PUBLIC_KEY_INFO define for now, since the the CKA_PUBLIC_KEY_INFO isn't defined yet. * Most notably, the association between certificates and stapled extensions is by public key. * Rework some of the tests to take into account the above.
* trust: Add p11_oid_hash() and various oid stringsStef Walter2013-07-043-5/+34
|
* trust: Add p11_asn1_read() and p11_asn1_free() functionsStef Walter2013-07-046-58/+74
| | | | Some helpers for commonly used ASN.1 related stuff.
* trust: Initial support for writing out token objectsStef Walter2013-07-039-39/+443
| | | | | * The objects are written out in the p11-kit persist format * Parser marks files in p11-kit persist format as modifiable
* trust: If token path is a file, don't try loading subdirectoriesStef Walter2013-07-031-8/+15
|
* trust: Correctly handle persisting OIDs with zero lengthStef Walter2013-07-031-2/+3
|
* trust: Don't write out internal attributes when persistingStef Walter2013-07-034-15/+63
|
* trust: Add support for saving files with unique file namesStef Walter2013-07-038-114/+298
|
* path: Add p11_path_canon() functionStef Walter2013-07-034-9/+36
| | | | Cleans up a filename with readable characters.
* trust: Rename p11_index_batch() to p11_index_load()Stef Walter2013-07-036-22/+22
| | | | | | The name makes it clearer what's going on. This is only used during loading, so we can track whether a change has resulted from the trust module or from the file storage.
* trust: Implement reloading of token dataStef Walter2013-07-0314-407/+746
| | | | | | | | | | | | | | | * Reload token data whenever a new session is opened. * Only reload files/directories that have changed. * Move duplicate anchor/blacklist detection logic into the extract code. This is in line with the approach being discussed on the mailing lists and spec document. * New internal attribute CKA_X_ORIGIN set on all objects so we can track where an object came from, and replace it when reloaded. In general this is a prerequisite for modification of objects reload before modify is necessary to prevent multiple callers clobbering each other's changes.
* iter: Add iteration mode where session is not busyStef Walter2013-07-0310-57/+144
| | | | | | | | | | | In order to use the session we are iterating on for other tasks such as other C_FindObject() calls, we need to make sure that it's not in the middle of a find operation. Finish up the complete find operation in advance of returning objects from a session. Make this the default mode. The previous behavior remains as an option. Add tests.
* path: Add p11_path_prefix() functionStef Walter2013-07-033-0/+33
| | | | | Checks if a wellformed path is identical to or a prefix of another path.
* trust: Implement validation for creating/modifying objectsStef Walter2013-06-262-43/+661
|
* Fix dependency between p11-kit command and libraryStef Walter2013-06-251-1/+1
|
* Fix running trust module tests under distcheckStef Walter2013-06-251-10/+12
|
* Reorganize various componentsStef Walter2013-06-2576-826/+638
| | | | | | | * p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory
* Merge branch 'stable'Stef Walter2013-06-176-14/+21
|\
| * trust: Move the extract-trust external placeholder command into trust/Stef Walter2013-06-175-6/+7
| |
| * trust: Print out usage when extract-trust run incorrectlyStef Walter2013-06-171-1/+6
| | | | | | | | Also sorta covers --help and -h usage
| * tools: Fix passing args to external commandsStef Walter2013-06-171-0/+4
| | | | | | | | | | There were various bugs passing arguments, with duplicates being passed, as well as certain arguments being skipped.t
| * tools: Only use our private path when looking for external commandsStef Walter2013-06-171-7/+4
| | | | | | | | | | | | | | | | | | Instead of looking for external commands in the path, just look for them in our private directory. We want to be conservative early on, and limit what sorta things we have to maintain later. We can later remove this restriction if a real use case presents itself.