summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* proxy: Avoid invalid memory access when unloading proxy moduleDaiki Ueno2018-08-151-13/+4
| | | | | | | | | | | | | | | | | | | | | | | When loading and unloading p11-kit-proxy.so with pkcs11-tool, it accesses already free'd memory area: $ valgrind pkcs11-tool --module p11-kit-proxy.so -L ==25173== Invalid read of size 8 ==25173== at 0x64BF493: p11_proxy_module_cleanup (proxy.c:1724) ==25173== by 0x64BD028: _p11_kit_fini (proxy-init.c:65) ==25173== by 0x401477C: _dl_close_worker (in /usr/lib64/ld-2.27.so) ==25173== by 0x4014E1D: _dl_close (in /usr/lib64/ld-2.27.so) ==25173== by 0x5E08C4E: _dl_catch_exception (in /usr/lib64/libc-2.27.so) ==25173== by 0x5E08CDE: _dl_catch_error (in /usr/lib64/libc-2.27.so) ==25173== by 0x58B1724: _dlerror_run (in /usr/lib64/libdl-2.27.so) ==25173== by 0x58B1113: dlclose (in /usr/lib64/libdl-2.27.so) ==25173== by 0x11E5A7: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x110023: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x5CF624A: (below main) (in /usr/lib64/libc-2.27.so) ==25173== Address 0x61231c8 is 552 bytes inside a block of size 584 free'd ==25173== at 0x4C2FDAC: free (vg_replace_malloc.c:530) ==25173== by 0x6548492: p11_virtual_unwrap (virtual.c:2902) ==25173== by 0x64BF492: p11_proxy_module_cleanup (proxy.c:1723)
* build: Link to libpthread, if pthread_atfork() needs to be usedDaiki Ueno2018-08-103-6/+13
| | | | | | | | On non-glibc systems (e.g., FreeBSD), pthread_atfork() stub is provided as a nop and our fork detection mechanism doesn't work. Pull in the actual implementation from libpthread in that case. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* build: Don't install systemd unit files when "make distcheck"Daiki Ueno2018-08-101-0/+1
|
* Release 0.23.13Daiki Ueno2018-08-102-1/+8
|
* common: Prefer __register_atfork() to pthread_atfork() if possibleDaiki Ueno2018-08-102-1/+20
|
* build: Stop linking the library with libpthread when possibleDaiki Ueno2018-08-101-3/+3
|
* common: Use thread-local storage class when possibleDaiki Ueno2018-08-102-0/+34
| | | | | This eliminates the unconditional use of pthread_{get,set}specific() and pthread_key_{create,delete}(), which glibc doesn't provide the stubs.
* build: Explicitly link threaded test programs to libpthreadDaiki Ueno2018-08-102-4/+14
| | | | | Some test programs use pthread_create(), which glibc doesn't provide the stub. Link those programs with -lpthread.
* common, p11-kit, trust: Use pthread_once only when necessaryDaiki Ueno2018-08-105-4/+16
| | | | | | If the ELF constructor is usable, we don't really need the once-init function because it is guaranteed that the code runs only once in the constructor.
* common: Use static mutex initializer when possibleDaiki Ueno2018-08-103-6/+30
| | | | | This eliminates the use of pthread_mutexattr_* functions, which glibc doesn't provide the stubs.
* server: Avoid FD leak in error casesDaiki Ueno2018-08-011-0/+3
| | | | Spotted by coverity.
* trust: Clarify C_Login behavior that returns an errorDaiki Ueno2018-07-191-0/+11
|
* proxy: Fail early if there is no slot mappingsDaiki Ueno2018-07-162-0/+44
|
* travis: Install pip for coverallsDaiki Ueno2018-07-161-1/+1
|
* rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modulesDaiki Ueno2018-07-164-89/+210
| | | | | This patch removes the restriction of p11_kit_remote_serve_tokens() that were not capable of serving tokens across multiple modules.
* build: Use separate p11-kit-{remote,server} executable for testingDaiki Ueno2018-07-164-3/+31
| | | | | Otherwise, the p11-kit-remote program called from p11-kit-server would load the system modules instead of the local fixtures.
* proxy: Allow proxy to be created from the libraryDaiki Ueno2018-07-162-1/+42
| | | | | | | | | | Previously, to aggregate multiple modules into one, there was no other way than loading the proxy module. From the p11-kit applications, however, it is not possible to load that module because of the recursive loading check (p11_proxy_module_check). This patch adds another means to aggregate modules, through a library function p11_proxy_module_create.
* proxy: Turn global variables module localDaiki Ueno2018-07-161-21/+14
|
* build: Make reallocarray detection robusterDaiki Ueno2018-07-162-1/+2
| | | | | | On NetBSD, reallocarray is not declared until _OPENBSD_SOURCE is defined. Reported by Patrick Welche in: https://lists.freedesktop.org/archives/p11-glue/2018-July/000691.html
* server: Enable socket activation through systemdDaiki Ueno2018-06-206-10/+96
| | | | | | | | | | | This enables socket activation of "p11-kit server" through systemd. The feature provided is essentially the same as commit a4fb2bb5 (reverted), but implemented with "p11-kit server" and libsystemd API instead of wrapping "p11-kit remote" in the unit file. Note that, while it exposes all tokens through the socket, it doesn't increase attack surface beyond the PKCS#11 binary interface provided by p11-kit-proxy.so, because the service is per-user.
* build: Ease issetugid() check when cross-compilingDaiki Ueno2018-06-081-7/+9
| | | | | | | | | When cross-compiling, the configure check for issetugid() aborts, because of the pessimistic default of AC_RUN_IFELSE. This patch provides the non-pessimistic default to AC_RUN_IFELSE and wrap the macro invocation with AC_CACHE_CHECK so that the user can override the check by setting ac_cv_issetugid_openbsd=yes, as suggested in: https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Runtime.html#Runtime
* Release 0.23.12Daiki Ueno2018-05-302-1/+6
|
* travis: Add build scripts for macOSDaiki Ueno2018-05-304-0/+15
|
* travis: Use matrixDaiki Ueno2018-05-306-40/+90
|
* test: Avoid unnecessary memory allocationDaiki Ueno2018-05-301-4/+3
|
* common: Fix runtime directory detection when given prefix is longDaiki Ueno2018-05-301-7/+7
|
* common: Don't rely on issetugid() when it is brokenDaiki Ueno2018-05-302-2/+15
| | | | | | | | | | | On macOS and FreeBSD, issetugid() has different semantics from the original OpenBSD implementation and cannot reliably detect if the process made setuid/setgid: https://gist.github.com/nicowilliams/4daf74a3a0c86848d3cbd9d0cdb5e26e This should fix: https://bugs.freedesktop.org/show_bug.cgi?id=67451 https://bugs.freedesktop.org/show_bug.cgi?id=100287
* build: Don't use locale funcs if locale_t is not defined in locale.hDaiki Ueno2018-05-286-13/+24
| | | | | | On macOS, locale_t is not defined in <locale.h>. Although it is defined in <xlocale.h>, we rather not use locales at all for POSIX compliance.
* pkcs11: Exercise GNU calling convention at compile timeDaiki Ueno2018-05-284-0/+47
|
* build: Simplify README inclusionDaiki Ueno2018-05-253-7/+2
| | | | Use symlink in the repository, instead of copying.
* NEWS: Mention latest changesDaiki Ueno2018-05-251-0/+2
|
* build: Delay building mock-six.la until "make check"Daiki Ueno2018-05-251-1/+1
|
* build: Include README in the distributionDaiki Ueno2018-05-251-2/+6
| | | | | As we removed README from the repository, it is no longer automatically picked up for the distribution by Automake.
* build: Fix ChangeLog generationDaiki Ueno2018-05-251-1/+1
|
* build: Remove obsolete upload rulesDaiki Ueno2018-05-251-15/+0
|
* build: Include p11-kit/test-messages.sh in distributionDaiki Ueno2018-05-251-0/+1
|
* uri: Make scheme comparison case-insensitiveDaiki Ueno2018-05-252-3/+30
| | | | | RFC 3986 suggests that implementations should accept uppercase letters as equivalent to lowercase in scheme names.
* common: Make case conversion locale independentDaiki Ueno2018-05-256-6/+25
| | | | | | The tolower()/toupper() functions take into account of the current locale settings, which p11-kit doesn't want. Add replacement functions that work as if they are called under the C locale.
* Improve const correctness for P11KitUriNathaniel McCallum2018-05-243-41/+41
| | | | | | | | | This does not improve const for the getters. The reason for this is that they are usually passed into the PKCS#11 APIs directly and these APIs are not const correct. Trying to force const correctnesss here would result in pain for library consumers. This is an API and ABI compatible change.
* README: replace by README.mdNikos Mavrogiannopoulos2018-05-233-8/+2
| | | | | | | | | That is, use README.md as primary source to generate README as README is required by the GNU guidelines. We don't try to convert to "real" plain text as markdown is readable, and to avoid introducing another dependency (e.g., pandoc). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* NEWS: mark the 0.23 series as stableNikos Mavrogiannopoulos2018-05-231-1/+1
| | | | | | Resolves #80 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* README.md: added reference to Daiki's keyNikos Mavrogiannopoulos2018-05-231-2/+23
| | | | | | Resolves #153 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Release 0.23.11Daiki Ueno2018-05-072-1/+9
|
* common: Pacify clang-analyzerDaiki Ueno2018-05-071-3/+4
|
* trust: Avoid array overflowDaiki Ueno2018-05-072-3/+3
|
* trust: Don't null terminate PKCS #11 string fieldsDaiki Ueno2018-05-071-6/+6
|
* proxy: Don't null terminate PKCS #11 string fieldsDaiki Ueno2018-05-071-2/+2
|
* test: Avoid exceeding maximum pathname length of Unix socketDaiki Ueno2018-05-041-2/+7
|
* library: Use dedicated locale object for printing errorDaiki Ueno2018-05-015-15/+43
|
* Revert "build: Check strerror_l() and uselocale() seperately"Daiki Ueno2018-05-013-15/+5
| | | | | | | | | This reverts commit 173ad93cc54057886b2055f3d73ea64a047127d1. We should rather use newlocale() when per-thread locale is not set. Otherwise uselocale() could return LC_GLOBAL_LOCALE on some platforms (e.g. musl-libc) and calling strerror_l() with it leads to an undefined behavior.