| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
* Close the file descriptor used to read the the pin file
https://bugs.freedesktop.org/show_bug.cgi?id=58706
|
| |
|
|
|
|
|
|
| |
* P11_KIT_URI_NO_MEMORY is an unexpected state, that will probably
never actually be returned. But kept for API compatibility.
* make distcheck doc fix
|
|
|
|
|
|
|
|
|
| |
* When setting a key in a map that already exists, then free
the old key and replace with the new one.
* Fix related bug where key was not properly allocated
* Add tests for this
https://bugs.freedesktop.org/show_bug.cgi?id=59087
|
|
|
|
|
|
|
| |
* If a process is running under selinux it may not be able
to access the home directory of the uid that it is running as.
https://bugs.freedesktop.org/show_bug.cgi?id=57115
|
|
|
|
|
|
|
|
|
|
| |
* Since p11-kit-proxy.so is a symlink to the libp11-kit.so library
we check that we are not calling into our known CK_FUNCTION_LIST
for the proxy code.
* Although such a configuration is invalid, detecting this directly
prevents strange initialization loop issues that are hard to debug.
https://bugs.freedesktop.org/show_bug.cgi?id=55052
|
|
|
|
|
|
|
|
|
|
| |
* We weren't resetting the result code after a failure,
so even though failures for critical modules didn't interrupt
the initialization loop, the result still leaked to callers.
* Also print an error message clearly indicating that a module
failed to initialize, regardless of whether critical or not.
https://bugs.freedesktop.org/show_bug.cgi?id=55051
|
| |
|
|
|
|
|
|
|
| |
* This allows user configured PKCS#11 modules by default.
* Admins can change this to 'none' in /etc/pkcs11/pkcs11.conf
to go back to the previous behavior.
* Posted to the mailing list.
|
|
|
|
|
|
| |
* Fixes a mistake in the previous commit
https://bugs.freedesktop.org/show_bug.cgi?id=53706
|
|
|
|
|
|
| |
Were erroneusly detecting program_invocation_short_name on OpenBSD
https://bugs.freedesktop.org/show_bug.cgi?id=53706
|
|
|
|
|
|
|
| |
* Conditional inclusion of the errno.h header
* Link librt when appropriate for nanosleep
https://bugs.freedesktop.org/show_bug.cgi?id=52261
|
|
|
|
|
|
| |
Per recommendation of the spec.
https://bugs.freedesktop.org/show_bug.cgi?id=52606
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=44740
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=44740
|
|
|
|
|
|
|
|
| |
* We had relied on module 'two' loading before 'two-duplicate'
in the conf tests. However this isn't always the case, and the
name of the module can end up as 'two-duplicate'
https://bugzilla.gnome.org/show_bug.cgi?id=44740
|
|
|
|
|
|
|
|
|
|
| |
* It seems that the HANDLE's returned from GetCurrentThread
are often equal for two threads. GetCurrentThreadID doesn't
have this problem.
* Separate our cross platform thread_t and thread_id_t types
even though on unix they're the same thing.
https://bugzilla.gnome.org/show_bug.cgi?id=44740
|
|
|
|
|
|
|
|
| |
* The windows shared libraries have the .dll extension
* This means we also need separate directories for the test module
configs on win32
https://bugzilla.gnome.org/show_bug.cgi?id=44740
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* And want alphanumeric/_.- filenames
* Currently this is just a warning, soon it will be enforced
* The name of a module does not include the extension
Andreas Metzler and Ubuntu both worked on this patch, and I've made
some more changes.
See https://bugs.launchpad.net/ubuntu/+source/p11-kit/+bug/911436
https://bugs.freedesktop.org/show_bug.cgi?id=52158
|
| |
|
|
|
|
|
| |
* Due to the way in which we pass pointers of different types
to _p11_hash_iter_next()
|
|
|
|
| |
* Wine uses normal slashes instead of backslashes on windows
|
|
|
|
| |
* The previous EOVERFLOW was not supported on mingw
|
|
|
|
| |
* clang was giving a build failure here.
|
| |
|
|
|
|
| |
* p11_kit_pin_file_callback() only returns pins up to 4096 bytes now
|
|
|
|
|
|
| |
* Remove unused functions
* Use getprogname() instead of calc_progname() which no longer exists
* Fix up exporting of functions in the mock module
|
| |
|
|
|
|
|
| |
* Ignore failure when initializing registered modules when
'critical' is not set on a module.
|
|
|
|
|
|
|
|
|
| |
* Due to a brain fart the P11_KIT_PIN_* flags were not
bit flags but decimal numbers.
* This necessarily breaks API/ABI for users of the
P11_KIT_PIN_FLAGS_RETRY, P11_KIT_PIN_FLAGS_MANY_TRIES and
P11_KIT_PIN_FLAGS_FINAL_TRY flags. But those wouldn't have
worked anyway.
|
|
|
|
|
|
| |
* We don't try to guarantee completely robust and problem
free behavior in cases where the caller or process isn't
behaving. We consider these to be outside of our control.
|
|
|
|
|
| |
* Add macros GNUC_PRINTF and GNUC_NULL_TERMINATED to check
correct printf and NULL terminated style varargs
|
|
|
|
| |
* And display warning messages in the debug output
|
|
|
|
| |
* And use them in our replacement err() and p11_kit_set_progname()
|
|
|
|
|
| |
* And the compat stuff in the p11-kit directory merged
into util.c and util.h
|
| |
|
| |
|
|
|
|
| |
* And put together a test for duplicate modules
|
|
|
|
|
| |
* per-thread memory isn't actually a real memory leak, but was
still reachable after exit, so clean this up.
|
| |
|
|
|
|
|
|
|
|
| |
* These can be used to load certain modules in certain
programs, or prevent loading in others.
* Useful for a key manager like seahorse, so we can load
extra modules (think NSS) that other modules shouldn't
load.
|
|
|
|
|
|
|
| |
* We were relying on undefined gcc behavior related to the &
operator.
* This would show up as a test failure when running with -O2 on
certain GCC versions, as well as failure on clang 3.1
|
|
|
|
| |
* Generated automatically
|
| |
|
|
|
|
| |
See: http://ipozgaj.blogspot.com/2006/08/posix-threads-and-manual-pages-rant.htm
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* First of all one should only call async-signal-safe functions
from the callbacks of pthread_atfork(), and so we cannot
reinitialize directly.
* Some modules use pthread_atfork() to detect forking and setup
their internal state. If we call into them in our pthread_atfork()
callback then this is inherently racy.
* There was danger of endless loops and deadlocks which are caused
by handlers which fork in their C_Initialize
* Many processes do fork/exec, reinitializing PKCS#11 for these
forks is quite resourc intensive when the child process won't use
PKCS#11 at all.
|
| |
|
| |
|