summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behaviorStef Walter2013-08-284-29/+16
| | | | | This allows us to try to get a RW session, but if not fallback to a read-only session.
* tool: Only include debug lines marked 'tool' when --verboseStef Walter2013-08-281-1/+3
| | | | | Otherwise we get all sorts of overwhelming internal debugging when someone specifies --verbose argument to a tool.
* debug: Allow debug lines longer than 512 charactersStef Walter2013-08-281-4/+3
| | | | | | Since fprintf (stderr, ...) already doesn't print atomically, we don't lose any atomicity here. If we want to print atomically this will need some further reworking anyway.
* debug: Add missing 'tool' flag to debug flagsStef Walter2013-08-281-0/+1
|
* p11-kit: Rename list.c to lists.c to simplify debuggingStef Walter2013-08-282-1/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-2816-69/+80
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* compat: Check return value of mmap() properlyStef Walter2013-08-281-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Add --with-module-config parameter to the configure scriptPascal Ernster2013-08-161-1/+6
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=68122
* trust: Add test tool for creating BasicConstraintsStef Walter2013-08-122-0/+102
|
* test-compat calls test_getauxval which is in a UNIX defined blockMichael Cronenworth2013-07-301-0/+2
| | | | | | MinGW builds fail due to this. https://bugs.freedesktop.org/show_bug.cgi?id=67518
* do not assume dead code existence in autoconf checksAlon Bar-Lev2013-07-291-2/+2
| | | | | | | | | when compiler optimize source, it removes dead code so a linkage error in these cases are not visisble. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> https://bugs.freedesktop.org/show_bug.cgi?id=67413
* Release version 0.19.3Stef Walter2013-07-242-1/+7
|
* Make tests work on file systems with block size directoriesStef Walter2013-07-241-0/+12
| | | | | | | | | On certain file systems the size of the directory does not change when adding a file. This caused the tests to fail. Make the tests wait more than a second in certain tests to get the mtime to change. https://bugs.freedesktop.org/show_bug.cgi?id=65249
* Fix uninitialized variablesStef Walter2013-07-231-2/+2
|
* Don't use _GNU_SOURCE and fix strerror_r usageStef Walter2013-07-237-6/+83
| | | | | glibc declares strerror_r completely different if in POSIX or GNU mode. Nastiness. Stop using _GNU_SOURCE all together.
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-2311-56/+79
|
* Use simple serial automake test harnessStef Walter2013-07-2312-12/+113
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Use an automake aux directory for storing litterStef Walter2013-07-232-1/+3
|
* doc: Add identifiers to doc sections so gtk-doc doesn't autogen themStef Walter2013-07-183-10/+10
|
* Add appropriate const qualifiersStef Walter2013-07-182-2/+2
|
* Release version 0.19.2Stef Walter2013-07-182-2/+20
|
* Fix extract example in documentationStef Walter2013-07-181-1/+1
|
* Use $XDG_CONFIG_HOME/pkcs11 as default user config directoryStef Walter2013-07-181-1/+1
| | | | | | | | | By default this evaluates to ~/.config/pkcs11. This is a somewhat backwards incompatible change. However so far only advanced users have been exposed to the user p11-kit configuration. Distributors are able to revert this if necessary with a --with-user-config='~/.pkcs11' ./configure option.
* Use getpwuid_r() instead of the non-thread-sofe getpwuid()Stef Walter2013-07-181-2/+9
|
* Fix p11_kit_space_strlen() result when empty stringStef Walter2013-07-183-3/+63
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985416
* Always pass size_t varargs to p11_hash_xxx() functionsStef Walter2013-07-183-4/+6
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985421
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-182-3/+8
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* attrs: Check printf formatting in buffer_append_printf()Stef Walter2013-07-181-0/+5
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985497
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-1811-51/+348
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-187-31/+31
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-1811-34/+91
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-1817-3/+423
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* tools: Use $TMPDIR instead of $TEMPStef Walter2013-07-1811-96/+73
| | | | | | | | | | | | TMPDIR is a more standard environment variable for locating the temp directory on Unix. In addition since this is only used in tests, remove the code from the generic p11_path_expand() func. In general remove the possibility for forks to put $HOME or $TEMP environment variables in configured paths. This was possible due to code in p11_path_expand() but not something we supported. https://bugzilla.redhat.com/show_bug.cgi?id=985017
* Fix various issues highlighted by coverity scannerStef Walter2013-07-1810-30/+43
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-184-79/+46
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* buffer: Check for unlikely integer overflowStef Walter2013-07-181-0/+6
| | | | | | | | If we see an integer overflow here something has gone horribly wrong (or malicious code is present). So treat this as unrecoverable, and fail if we're going to overflow. https://bugzilla.redhat.com/show_bug.cgi?id=985019
* Make preconditions abort unconditionally when scanning with coverityStef Walter2013-07-182-0/+9
| | | | | | | | | | | | This reflects that preconditions are invalid/unreachable on a functioning system and with valid input. We do not try to recover from such conditions. In addition teach coverity about how our test suite fails See http://p11-glue.freedesktop.org/doc/p11-kit/devel-building-style.html https://bugzilla.redhat.com/show_bug.cgi?id=985005
* iter: Document guarantees for filter matches argumetStef Walter2013-07-181-0/+4
| | | | | | | | The matches argument is always initialized to CK_TRUE when a filter is called, and it's up to filters to set it to CK_FALSE. Filters don't need to set to CK_TRUE. https://bugzilla.redhat.com/show_bug.cgi?id=985009
* Fixes for some recent win32 regressionsStef Walter2013-07-183-16/+37
|
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-173-3/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* Build with -fno-common to catch definition problemsStef Walter2013-07-102-3/+3
| | | | | | Fix some global variables not declared as extern https://bugs.freedesktop.org/show_bug.cgi?id=66015
* Various documentation tweaks and fixes for warningsStef Walter2013-07-103-1/+13
|
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-1017-648/+922
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* trust: Fix the 'p11-kit extract' commandStef Walter2013-07-093-3/+22
| | | | | This is supposed to call over to 'trust extract' and wasn't working correctly.
* trust: Fix bug with load validation failuresStef Walter2013-07-082-2/+53
|
* trust: Add a basic 'anchor' command to store a new anchorStef Walter2013-07-084-0/+348
|
* trust: Fix various issues writing objects in trust tokenStef Walter2013-07-088-252/+483
| | | | | | | | * Create directory before trying to write files to it * Handle write failures appropriately Refactor how we build and store objects in the index to handle the above cases properly.
* trust: Mark CKA_X_DISTRUSTED as a boolean attributeStef Walter2013-07-081-0/+1
|
* trust: Support token directory paths in user's home directoryStef Walter2013-07-082-1/+2
|
* trust: Explicitly specify which formats parser should parseStef Walter2013-07-085-28/+73
|