| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
This follows the definitions in PKCS#11 v2.40:
http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.html
|
|
|
|
|
|
|
|
|
|
| |
The value given to p11_rpc_buffer_add_ulong_value() must be a pointer
of CK_ULONG. Similarly, the value returned from
p11_rpc_buffer_get_ulong_value() must be converted to CK_ULONG before
comparison.
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-July/000665.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently `ca-certificates.spec` in Fedora ends up doing in `%post`:
```
/usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite --comment $DEST/openssl/ca-bundle.trust.crt
```
etc.
And due to this bit of code in p11-kit, we end up looking for the home
directory for configuration. In this case, `/root`.
It's categorically wrong to do this; the root user is distinct from
"the system". This issue is equivalent to one I fixed in Pango:
https://git.gnome.org/browse/pango/commit/?id=aecbe27c1b08f517c0e05f03308d3ac55cef490c
Fast forward to today, and the reason I'm making this change is I'm working on
`rpm-ostree ex container`, which builds containers as *non-root* (like
gnome-continuous does, but now with RPMs), keeping the invoking uid. And this
bug causes the `ca-certificates` `%post` to fail because it's trying to look for
my uid 1000 which doesn't exist in the target rootfs' password database.
Again, there's no reason to be looking for a home directory for system triggers,
regadless of UID, so once this patch lands, I'll update `ca-certificates` to use
it, and traditional RPM `%post` will stop looking in `/root` too.
|
|
|
|
|
|
|
|
|
| |
Solaris doesn't like it when dlclose is referenced using a define,
resulting in a linker error looking for a symbol version. Simply
calling the function in a normal way (instead of storing its address)
solves this linking error.
The error message seen by GNU ld is:
dlclose: invalid version 7 (max 0)
|
|
|
|
| |
Solaris can retrieve this information via getpeerucred().
|
|
|
|
| |
Solaris has socket() etc. in these two libs.
|
|
|
|
|
|
|
|
|
| |
As p11-kit is a library there are cases where it is not desirable
to log on stderr by default. See for example this report
https://bugzilla.redhat.com/show_bug.cgi?id=1464490
where wget prints an error due to an unconfigured pkcs11 module.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
| |
This reverts commit 6b457ffc, which forbids the use of GNU extension
for the incompatibility of strerror_r. However, now that strerror_l
is used instead on glibc systems, it has no point to do that.
|
| |
|
|
|
|
|
| |
strerror_r is being obsolete in the next POSIX specification:
http://austingroupbugs.net/view.php?id=655
|
| |
|
| |
|
|
|
|
| |
Spotted by clang-analyzer.
|
|
|
|
| |
Spotted by clang-analyzer.
|
|
|
|
| |
Spotted by clang-analyzer.
|
|
|
|
|
| |
This is to disable clang-analyzer against test programs, which can
contain several false-positives.
|
| |
|
|
|
|
|
| |
Reported by Mantas Mikulėnas in:
https://bugs.freedesktop.org/show_bug.cgi?id=101212
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Instead of a Unix domain socket on Unix, use a named pipe on Windows.
|
| |
|
| |
|
|
|
|
| |
This is similar to commit ba49b85e, but for mechanism parameters.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When using the RPC across multiple architectures, where data models
are different, say LP64 vs ILP32, there can be unwanted truncation of
attribute values.
This patch converts the values into portable format for the known
attributes.
Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
| |
Otherwise it will cause assertion failure in a few lines below.
Spotted by amrican fuzzy lop.
|
| |
|
|
|
|
|
| |
Instead of reusing the CKA_X_GENERATED attribute, check the file
contents directly in the caller side.
|
|
|
|
|
|
|
| |
A persistent file written by the trust module starts with the line "#
This file has been auto-generated and written by p11-kit". This can
be used as a magic word to determine whether the objects read from a
.p11-kit file are read-only.
|
|
|
|
|
| |
This reverts commit 8eed1e60b0921d05872e2f43eee9088cef038d7e, which
broke "trust anchor --remove".
|
|
|
|
|
| |
out_fd is not always 1 when p11_kit_remote_serve_module() is used for
writing a custom server.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Given that the remote proxy service shall be only used by NetworkManager
and not generally useful, revert commit
a4fb2bb587fb1a0146cf97f039b671d3258488f9 for now.
Once the necessary command that runs the proxy module is implemented in
p11-kit, maybe NetworkManager itself could install those files.
|
|
|
|
|
| |
The p11-kit-remote executable is now located under $libexecdir, but we
should use the p11-kit command to launch the subcommand.
|
| |
|
|
|
|
| |
Include signal.h for kill(2) and SIGKILL on FreeBSD.
|
|
|
|
|
|
| |
In common/unix-peer.c, we are checking if HAVE_GETPEEREID is defined,
however, we never actually check if getpeereid() is available, so
fix that by checking this function using AC_CHECK_FUNCS().
|
| |
|
|
|
|
|
|
|
|
| |
If an unknown attribute is present in the query part of the PKCS#11 URI,
the parser treated it as unrecognized and subsequent matches failed.
Instead, keep track of such attributes and provide a set of API to deal
with them.
|