summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* build: Check return value of p11_rpc_buffer_get_uint64Daiki Ueno2018-10-171-1/+2
|
* build: Check return value of p11_dict_setDaiki Ueno2018-10-173-3/+9
|
* build: Free memory before return{,_val}_if_* macrosDaiki Ueno2018-10-179-17/+77
|
* build: Call va_end() always when leaving the functionDaiki Ueno2018-10-174-4/+14
|
* debug: Work around cppcheck false-positivesDaiki Ueno2018-10-171-3/+3
| | | | https://trac.cppcheck.net/ticket/8794
* common: use /proc only on LinuxLeonardo Brondani Schenkel2018-09-121-0/+2
| | | | | Non-Linux systems do not have /proc, so do not attempt to open it and eliminate an unnecessary access() syscall on those systems.
* pkcs11: Don't redefine CKM_CAMELLIA_KEY_GENDaiki Ueno2018-08-311-2/+1
| | | | Also reorder the CKM_CAMELLIA_* definitions.
* Release 0.23.14Daiki Ueno2018-08-282-1/+7
|
* virtual: Tighten error handling when fixed closures are exhaustedDaiki Ueno2018-08-281-9/+8
|
* virtual: Don't be too loud about recoverable failureDaiki Ueno2018-08-281-2/+2
|
* trust: Factor out module initialization into separate fileDaiki Ueno2018-08-283-55/+44
| | | | | This prevents double call to p11_library_init() in test-module.c, once from the ELF constructor, and secondly from the test itself.
* common: Factor out common initializer code into a headerDaiki Ueno2018-08-284-111/+103
|
* travis: Manually install cpp-coverallsDaiki Ueno2018-08-281-2/+6
| | | | | | To accommodate the gcov format change in gcc 8.1: https://github.com/eddyxu/cpp-coveralls/pull/127 which is not yet available in the pip version.
* travis: Check valgrind exit code more strictlyDaiki Ueno2018-08-281-1/+1
|
* README.md: Add CII Best Practices badgeDaiki Ueno2018-08-211-1/+1
|
* README.md: Mention contact method for security issuesDaiki Ueno2018-08-211-0/+5
|
* Revert "build: Explicitly link threaded test programs to libpthread"Daiki Ueno2018-08-172-14/+4
| | | | This reverts commit dc4a6eaddbb36a344cc6a9c7eb12cab9df4899b0.
* Revert "build: Stop linking the library with libpthread when possible"Daiki Ueno2018-08-171-3/+3
| | | | This reverts commit 50f8906e63c9413a7687bab6608496d83c29a222.
* Revert "common: Prefer __register_atfork() to pthread_atfork() if possible"Daiki Ueno2018-08-172-20/+1
| | | | This reverts commit ce3cec7f8742254b8627b9db48973b81e91cbfc8.
* Revert "build: Link to libpthread, if pthread_atfork() needs to be used"Daiki Ueno2018-08-173-13/+6
| | | | This reverts commit 541d79cb651cfd3238b9aa41fce70208df8e9496.
* Update pkcs11 header to allow SoftHSMv2 to compileAlexander Bokovoy2018-08-171-18/+220
| | | | | Replace vendor-specific values with the IDs from PKCS11 v3.0 for those constants that were already standardized.
* travis: Check that proxy module can be loaded and unloadedDaiki Ueno2018-08-152-1/+2
|
* proxy: Avoid invalid memory access when unloading proxy moduleDaiki Ueno2018-08-151-13/+4
| | | | | | | | | | | | | | | | | | | | | | | When loading and unloading p11-kit-proxy.so with pkcs11-tool, it accesses already free'd memory area: $ valgrind pkcs11-tool --module p11-kit-proxy.so -L ==25173== Invalid read of size 8 ==25173== at 0x64BF493: p11_proxy_module_cleanup (proxy.c:1724) ==25173== by 0x64BD028: _p11_kit_fini (proxy-init.c:65) ==25173== by 0x401477C: _dl_close_worker (in /usr/lib64/ld-2.27.so) ==25173== by 0x4014E1D: _dl_close (in /usr/lib64/ld-2.27.so) ==25173== by 0x5E08C4E: _dl_catch_exception (in /usr/lib64/libc-2.27.so) ==25173== by 0x5E08CDE: _dl_catch_error (in /usr/lib64/libc-2.27.so) ==25173== by 0x58B1724: _dlerror_run (in /usr/lib64/libdl-2.27.so) ==25173== by 0x58B1113: dlclose (in /usr/lib64/libdl-2.27.so) ==25173== by 0x11E5A7: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x110023: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x5CF624A: (below main) (in /usr/lib64/libc-2.27.so) ==25173== Address 0x61231c8 is 552 bytes inside a block of size 584 free'd ==25173== at 0x4C2FDAC: free (vg_replace_malloc.c:530) ==25173== by 0x6548492: p11_virtual_unwrap (virtual.c:2902) ==25173== by 0x64BF492: p11_proxy_module_cleanup (proxy.c:1723)
* build: Link to libpthread, if pthread_atfork() needs to be usedDaiki Ueno2018-08-103-6/+13
| | | | | | | | On non-glibc systems (e.g., FreeBSD), pthread_atfork() stub is provided as a nop and our fork detection mechanism doesn't work. Pull in the actual implementation from libpthread in that case. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* build: Don't install systemd unit files when "make distcheck"Daiki Ueno2018-08-101-0/+1
|
* Release 0.23.13Daiki Ueno2018-08-102-1/+8
|
* common: Prefer __register_atfork() to pthread_atfork() if possibleDaiki Ueno2018-08-102-1/+20
|
* build: Stop linking the library with libpthread when possibleDaiki Ueno2018-08-101-3/+3
|
* common: Use thread-local storage class when possibleDaiki Ueno2018-08-102-0/+34
| | | | | This eliminates the unconditional use of pthread_{get,set}specific() and pthread_key_{create,delete}(), which glibc doesn't provide the stubs.
* build: Explicitly link threaded test programs to libpthreadDaiki Ueno2018-08-102-4/+14
| | | | | Some test programs use pthread_create(), which glibc doesn't provide the stub. Link those programs with -lpthread.
* common, p11-kit, trust: Use pthread_once only when necessaryDaiki Ueno2018-08-105-4/+16
| | | | | | If the ELF constructor is usable, we don't really need the once-init function because it is guaranteed that the code runs only once in the constructor.
* common: Use static mutex initializer when possibleDaiki Ueno2018-08-103-6/+30
| | | | | This eliminates the use of pthread_mutexattr_* functions, which glibc doesn't provide the stubs.
* server: Avoid FD leak in error casesDaiki Ueno2018-08-011-0/+3
| | | | Spotted by coverity.
* trust: Clarify C_Login behavior that returns an errorDaiki Ueno2018-07-191-0/+11
|
* proxy: Fail early if there is no slot mappingsDaiki Ueno2018-07-162-0/+44
|
* travis: Install pip for coverallsDaiki Ueno2018-07-161-1/+1
|
* rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modulesDaiki Ueno2018-07-164-89/+210
| | | | | This patch removes the restriction of p11_kit_remote_serve_tokens() that were not capable of serving tokens across multiple modules.
* build: Use separate p11-kit-{remote,server} executable for testingDaiki Ueno2018-07-164-3/+31
| | | | | Otherwise, the p11-kit-remote program called from p11-kit-server would load the system modules instead of the local fixtures.
* proxy: Allow proxy to be created from the libraryDaiki Ueno2018-07-162-1/+42
| | | | | | | | | | Previously, to aggregate multiple modules into one, there was no other way than loading the proxy module. From the p11-kit applications, however, it is not possible to load that module because of the recursive loading check (p11_proxy_module_check). This patch adds another means to aggregate modules, through a library function p11_proxy_module_create.
* proxy: Turn global variables module localDaiki Ueno2018-07-161-21/+14
|
* build: Make reallocarray detection robusterDaiki Ueno2018-07-162-1/+2
| | | | | | On NetBSD, reallocarray is not declared until _OPENBSD_SOURCE is defined. Reported by Patrick Welche in: https://lists.freedesktop.org/archives/p11-glue/2018-July/000691.html
* server: Enable socket activation through systemdDaiki Ueno2018-06-206-10/+96
| | | | | | | | | | | This enables socket activation of "p11-kit server" through systemd. The feature provided is essentially the same as commit a4fb2bb5 (reverted), but implemented with "p11-kit server" and libsystemd API instead of wrapping "p11-kit remote" in the unit file. Note that, while it exposes all tokens through the socket, it doesn't increase attack surface beyond the PKCS#11 binary interface provided by p11-kit-proxy.so, because the service is per-user.
* build: Ease issetugid() check when cross-compilingDaiki Ueno2018-06-081-7/+9
| | | | | | | | | When cross-compiling, the configure check for issetugid() aborts, because of the pessimistic default of AC_RUN_IFELSE. This patch provides the non-pessimistic default to AC_RUN_IFELSE and wrap the macro invocation with AC_CACHE_CHECK so that the user can override the check by setting ac_cv_issetugid_openbsd=yes, as suggested in: https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Runtime.html#Runtime
* Release 0.23.12Daiki Ueno2018-05-302-1/+6
|
* travis: Add build scripts for macOSDaiki Ueno2018-05-304-0/+15
|
* travis: Use matrixDaiki Ueno2018-05-306-40/+90
|
* test: Avoid unnecessary memory allocationDaiki Ueno2018-05-301-4/+3
|
* common: Fix runtime directory detection when given prefix is longDaiki Ueno2018-05-301-7/+7
|
* common: Don't rely on issetugid() when it is brokenDaiki Ueno2018-05-302-2/+15
| | | | | | | | | | | On macOS and FreeBSD, issetugid() has different semantics from the original OpenBSD implementation and cannot reliably detect if the process made setuid/setgid: https://gist.github.com/nicowilliams/4daf74a3a0c86848d3cbd9d0cdb5e26e This should fix: https://bugs.freedesktop.org/show_bug.cgi?id=67451 https://bugs.freedesktop.org/show_bug.cgi?id=100287
* build: Don't use locale funcs if locale_t is not defined in locale.hDaiki Ueno2018-05-286-13/+24
| | | | | | On macOS, locale_t is not defined in <locale.h>. Although it is defined in <xlocale.h>, we rather not use locales at all for POSIX compliance.