summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* client: Fix order of cleanupDaiki Ueno2017-08-111-1/+1
| | | | | | In C_GetFunctionList, state->virt is wrapped with a destroyer function free(). Thus p11_rpc_transport_free must be called before p11_virtual_unwrap.
* test: Add checks for duplicate vendor attributesDaiki Ueno2017-08-081-0/+10
|
* uri: Make vendor query attribute handling reliableDaiki Ueno2017-08-081-24/+80
| | | | | | | | | | | | Previously we used p11_dict to keep track of vendor query attributes. This had a couple of limitations: duplicate attributes are not allowed while they are actually allowed in RFC 7512, and the order of attributes is unpredictable. This patch switches to using an array instead of p11_dict and ensures that the attributes are sorted in alphabetical order. Fixes #88.
* common: New p11_array_insert functionDaiki Ueno2017-08-082-0/+20
|
* common: Use reallocarray instead of realloc as appropriateDaiki Ueno2017-08-085-4/+36
| | | | | | reallocarray is a new POSIX function added in glibc 2.26, with built-in overflow checks. Take advantage of that function for internal array allocation.
* pkcs11.h: updated informationNikos Mavrogiannopoulos2017-08-031-3/+3
| | | | | The scute project no longer exists, and the PKCS#11 standard is from OASIS group.
* pkcs11.h: added OTP-related mechanismsNikos Mavrogiannopoulos2017-08-031-0/+97
|
* pkcs11.h: added definitions of GOST CKA attributesNikos Mavrogiannopoulos2017-08-011-0/+3
|
* pkcs11.h: added definitions of GOST mechanismsNikos Mavrogiannopoulos2017-08-011-0/+12
| | | | | This follows the definitions in PKCS#11 v2.40: http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.html
* test: Fix failure on 32-bit big endian platformDaiki Ueno2017-07-141-14/+15
| | | | | | | | | | The value given to p11_rpc_buffer_add_ulong_value() must be a pointer of CK_ULONG. Similarly, the value returned from p11_rpc_buffer_get_ulong_value() must be converted to CK_ULONG before comparison. Reported by Andreas Metzler in: https://lists.freedesktop.org/archives/p11-glue/2017-July/000665.html
* trust: Fix build error with -Werror=return-typeDaiki Ueno2017-07-141-1/+1
|
* conf: Introduce P11_KIT_NO_USER_CONFIGColin Walters2017-07-101-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | Currently `ca-certificates.spec` in Fedora ends up doing in `%post`: ``` /usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite --comment $DEST/openssl/ca-bundle.trust.crt ``` etc. And due to this bit of code in p11-kit, we end up looking for the home directory for configuration. In this case, `/root`. It's categorically wrong to do this; the root user is distinct from "the system". This issue is equivalent to one I fixed in Pango: https://git.gnome.org/browse/pango/commit/?id=aecbe27c1b08f517c0e05f03308d3ac55cef490c Fast forward to today, and the reason I'm making this change is I'm working on `rpm-ostree ex container`, which builds containers as *non-root* (like gnome-continuous does, but now with RPMs), keeping the invoking uid. And this bug causes the `ca-certificates` `%post` to fail because it's trying to look for my uid 1000 which doesn't exist in the target rootfs' password database. Again, there's no reason to be looking for a home directory for system triggers, regadless of UID, so once this patch lands, I'll update `ca-certificates` to use it, and traditional RPM `%post` will stop looking in `/root` too.
* common: always use p11_dl_close wrapperFabian Groffen2017-06-272-10/+13
| | | | | | | | | Solaris doesn't like it when dlclose is referenced using a define, resulting in a linker error looking for a symbol version. Simply calling the function in a normal way (instead of storing its address) solves this linking error. The error message seen by GNU ld is: dlclose: invalid version 7 (max 0)
* p11_get_upeer_id: implement case using ucred.hFabian Groffen2017-06-272-1/+21
| | | | Solaris can retrieve this information via getpeerucred().
* configure: pull in -lnsl -lsocket for socket functionsFabian Groffen2017-06-271-0/+7
| | | | Solaris has socket() etc. in these two libs.
* Be silent by default and do not print messages on stderrNikos Mavrogiannopoulos2017-06-261-1/+1
| | | | | | | | | As p11-kit is a library there are cases where it is not desirable to log on stderr by default. See for example this report https://bugzilla.redhat.com/show_bug.cgi?id=1464490 where wget prints an error due to an unconfigured pkcs11 module. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc: Use correct PKCS#11 URI syntaxDaiki Ueno2017-06-131-1/+1
|
* build: Allow use of _GNU_SOURCEDaiki Ueno2017-06-123-9/+3
| | | | | | This reverts commit 6b457ffc, which forbids the use of GNU extension for the incompatibility of strerror_r. However, now that strerror_l is used instead on glibc systems, it has no point to do that.
* debug: Add p11_debug_err to prevent use of strerrorDaiki Ueno2017-06-123-3/+49
|
* compat: Prefer strerror_l to strerror_rDaiki Ueno2017-06-122-3/+16
| | | | | strerror_r is being obsolete in the next POSIX specification: http://austingroupbugs.net/view.php?id=655
* Release 0.23.7Daiki Ueno2017-05-312-1/+5
|
* trust: Suppress dead-assignment warnings from clang-analyzerDaiki Ueno2017-05-292-1/+1
|
* rpc: Avoid use-after-free when creating socket base directoryDaiki Ueno2017-05-291-1/+0
| | | | Spotted by clang-analyzer.
* rpc: Avoid calling memcmp() on NULL bufferDaiki Ueno2017-05-291-1/+3
| | | | Spotted by clang-analyzer.
* proxy: Don't call realloc() with size 0Daiki Ueno2017-05-291-9/+11
| | | | Spotted by clang-analyzer.
* build: Delay building test programs until "make check"Daiki Ueno2017-05-294-8/+7
| | | | | This is to disable clang-analyzer against test programs, which can contain several false-positives.
* travis: Enable clang-analyzerDaiki Ueno2017-05-291-1/+3
|
* server: Avoid use-after-freeDaiki Ueno2017-05-291-1/+0
| | | | | Reported by Mantas Mikulėnas in: https://bugs.freedesktop.org/show_bug.cgi?id=101212
* Release 0.23.6Daiki Ueno2017-05-262-1/+7
|
* test: Check the size of unsigned longDaiki Ueno2017-05-262-9/+11
|
* rpc: Load advapi32.dll on the flyDaiki Ueno2017-05-262-7/+91
|
* remote: Remove unnecessary declarationDaiki Ueno2017-05-261-4/+0
|
* doc: Clarify p11-kit server documentationDaiki Ueno2017-05-261-3/+5
|
* server: Port to WindowsDaiki Ueno2017-05-252-39/+511
| | | | Instead of a Unix domain socket on Unix, use a named pipe on Windows.
* rpc: New p11_kit_remote_serve_tokens functionDaiki Ueno2017-05-255-101/+248
|
* remote: Name command line options consistentlyDaiki Ueno2017-05-252-71/+116
|
* rpc: Convert mechanism parameters for portabilityDaiki Ueno2017-05-245-158/+467
| | | | This is similar to commit ba49b85e, but for mechanism parameters.
* pkcs11: Define RSA-PSS mechanism parameterDaiki Ueno2017-05-241-0/+11
|
* pkcs11: Make CK_RSA_PKCS_OAEP_PARAMS usefulDaiki Ueno2017-05-241-1/+7
|
* rpc: Fix typo in encoding CK_DATE valueDaiki Ueno2017-05-241-1/+1
|
* rpc: Factor out attribute value serializer definitionsDaiki Ueno2017-05-241-26/+25
|
* rpc: Add a comment why we call _get_attribute() twiceDaiki Ueno2017-05-241-0/+1
|
* rpc: Convert attribute value for portabilityDaiki Ueno2017-05-225-80/+827
| | | | | | | | | | | When using the RPC across multiple architectures, where data models are different, say LP64 vs ILP32, there can be unwanted truncation of attribute values. This patch converts the values into portable format for the known attributes. Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* rpc: Return early if call_id of request is ERRORDaiki Ueno2017-05-221-1/+2
| | | | | Otherwise it will cause assertion failure in a few lines below. Spotted by amrican fuzzy lop.
* build: Add fuzzer using AFLDaiki Ueno2017-05-225-0/+142
|
* trust: Simplify the check for the magicDaiki Ueno2017-05-183-12/+17
| | | | | Instead of reusing the CKA_X_GENERATED attribute, check the file contents directly in the caller side.
* trust: Check magic comment in persist file for modifiablityDaiki Ueno2017-05-183-2/+14
| | | | | | | A persistent file written by the trust module starts with the line "# This file has been auto-generated and written by p11-kit". This can be used as a magic word to determine whether the objects read from a .p11-kit file are read-only.
* Revert "trust: Honor "modifiable" setting in persist file"Daiki Ueno2017-05-183-11/+1
| | | | | This reverts commit 8eed1e60b0921d05872e2f43eee9088cef038d7e, which broke "trust anchor --remove".
* remote: Fix typo when writing a credential byteDaiki Ueno2017-03-091-1/+1
| | | | | out_fd is not always 1 when p11_kit_remote_serve_module() is used for writing a custom server.
* correct text for --user-config optionDaniel Black2017-03-061-1/+1
|