summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* trust: Don't add CKA_TRUSTED to extension objectDaiki Ueno2016-12-061-2/+33
| | | | | | | While 'trust anchor' command tries to add CKA_TRUSTED attribute to any object, it is only valid for a certificate object. https://bugzilla.redhat.com/show_bug.cgi?id=1158926
* common, trust: Avoid integer overflowDaiki Ueno2016-12-064-3/+14
| | | | | | | This fixes issues pointed in: https://bugzilla.redhat.com/show_bug.cgi?id=985445 except for p11-kit/conf.c:read_config_file(), which was rewritten using mmap() and thus length calculation is no longer needed.
* move privatedir from libdir to libexecdirStanislav Brabec2016-11-301-1/+1
| | | | | | | | | | | According to the GNU Coding Standards[1], private executables should be installed to libexecdir, not libdir. Move privatedir to libexecdir. [1] https://www.gnu.org/prep/standards/ https://bugs.freedesktop.org/show_bug.cgi?id=98817
* trust: Avoid confusion in DER/PEM decodingDaiki Ueno2016-11-303-1/+115
| | | | | | | | Previously p11-kit-trust.so tried to interpret certificate as PEM format first. This could cause potential conflict if the certificate were actually in DER format and contained a PEM marker strings. https://bugs.freedesktop.org/show_bug.cgi?id=92063
* doc: Update documentation to point towards GitHubStef Walter2016-11-292-2/+5
| | | | | The p11-kit code has moved to GitHub. The documentation needs an update.
* test-conf: don't create the setuid copy in /tmpLubomir Rintel2016-11-291-1/+1
| | | | | The temporary directory is often mounted with nosuid, thus whatever runs from there doesn't get AT_SECURE in auxv.
* trust: Clarify the error message of 'extract'Daiki Ueno2016-11-281-1/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1154693
* trust: Mention anchor --remove option in helpDaiki Ueno2016-11-281-1/+2
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1158467
* trust: Reject invalid UTF-8 inputDaiki Ueno2016-11-282-0/+8
| | | | | | | Merge changes from utf8.c in FreeBSD's libc: https://svnweb.freebsd.org/base/head/lib/libc/locale/utf8.c?revision=290494&view=markup#l196 https://bugzilla.redhat.com/show_bug.cgi?id=985449
* pkg-config: Expose p11_trust_paths variableDaiki Ueno2016-11-151-0/+1
| | | | | The variable is mentioned in the manual but wasn't exposed from the pkg-config.
* build: Remove *.in files from EXTRA_DISTDaiki Ueno2016-11-151-2/+0
| | | | | The files created with AC_CONFIG_FILES are automatically added to the distribution.
* build: Don't update po files on every make runDaiki Ueno2016-11-151-0/+37
| | | | | Update po/Makevars to the latest template and take advantage of PO_DEPENDS_ON_POT = no.
* travis: Enable GCC sanitizersDaiki Ueno2016-10-311-1/+7
|
* travis: Disable silent rulesDaiki Ueno2016-10-311-1/+1
|
* test: Remove /proxy/deinit-after-fork testDaiki Ueno2016-10-311-37/+0
| | | | | | | This test hasn't been working since the removal of the pthread_atfork() deinit code. To properly clean up, the child process needs to call C_Initialize() and C_Finalize(), and it is already tested by /proxy/initialize-child.
* test: Fix memleak in test-token cleanupDaiki Ueno2016-10-311-1/+1
| | | | | | | | | | GCC's asan spotted this: Direct leak of 338 byte(s) in 13 object(s) allocated from: #0 0x7f54f03fee20 in malloc (/lib64/libasan.so.3+0xc6e20) #1 0x445e8c in p11_path_build ../common/path.c:222 #2 0x4385bd in expand_tempdir ../common/test.c:334 #3 0x43869c in p11_test_directory ../common/test.c:361 #4 0x4033e3 in setup_temp ../trust/test-token.c:79
* modules: Reset the init count on fork()Daiki Ueno2016-10-311-0/+4
| | | | | | | | | | | | | | | Reset mod->init_count when forkid has changed. Otherwise C_Finalize does not get called. GCC's asan spotted this: Direct leak of 48 byte(s) in 1 object(s) allocated from: #0 0x7f89bc7bfe20 in malloc (/lib64/libasan.so.3+0xc6e20) #1 0x7f89bc47a1f1 in p11_dict_new ../common/dict.c:278 #2 0x7f89bc42143d in managed_C_Initialize ../p11-kit/modules.c:1477 #3 0x7f89bc464c72 in binding_C_Initialize ../p11-kit/virtual.c:121 #4 0x7f89bc1b0a51 in ffi_closure_unix64_inner (/lib64/libffi.so.6+0x5a51) #5 0x7f89bc1b0dbf in ffi_closure_unix64 (/lib64/libffi.so.6+0x5dbf) #6 0x7f89bc44f9e8 in rpc_C_Initialize ../p11-kit/rpc-server.c:691
* modules: Fix memleak when loading remote moduleDaiki Ueno2016-10-311-0/+2
| | | | | | | | | | | | Make sure to call p11_virtual_uninit() on managed module. Otherwise the associated lower_module will not be released. GCC's asan spotted this: Direct leak of 56 byte(s) in 1 object(s) allocated from: #0 0x7f6c5368dfe0 in calloc (/lib64/libasan.so.3+0xc6fe0) #1 0x4436ba in p11_rpc_client_init ../p11-kit/rpc-client.c:2082 #2 0x42c147 in p11_rpc_transport_new ../p11-kit/rpc-transport.c:850 #3 0x415d95 in setup_module_for_remote_inlock ../p11-kit/modules.c:411
* rpc: Fix memleak in rpc_socket cleanupDaiki Ueno2016-10-311-0/+1
| | | | | | | | GCC's asan spotted this: Direct leak of 120 byte(s) in 1 object(s) allocated from: #0 0x7f8d4f221fe0 in calloc (/lib64/libasan.so.3+0xc6fe0) #1 0x427f55 in rpc_socket_new ../p11-kit/rpc-transport.c:100 #2 0x42bc1b in rpc_exec_connect ../p11-kit/rpc-transport.c:767
* uri: Port to PKCS#11 GNU calling conventionDaiki Ueno2016-10-311-0/+2
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Fix buffer overflow in memcmp()Daiki Ueno2016-10-311-25/+32
| | | | | | | The commit 63644dc introduced several memcmp() calls without checking the length of the first argument. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* travis: Enable build on the CIDaiki Ueno2016-10-311-0/+27
|
* rpc: Send x-init-reserved to remote moduleDaiki Ueno2016-10-057-16/+144
| | | | | | | Signed-off-by: Stef Walter <stefw@redhat.com> * Fixed up indentation https://bugs.freedesktop.org/show_bug.cgi?id=80519
* test: Fix p11_virtual_init() usageDaiki Ueno2016-10-051-1/+1
| | | | | | | p11_virtual_init() should take a CK_FUNCTION_LIST as the 3rd argument, if the 2nd argument is &p11_virtual_base. https://bugs.freedesktop.org/show_bug.cgi?id=87192
* Fix link of p11-kit-proxy.dylib on Mac OS XLeonardo Brondani Schenkel2016-10-031-1/+1
| | | | | | | | | However, on Mac OS X the library is named libp11-kit.dylib so in the above command the source of the link resolves to nothing, the destination becomes the source and the link to a non-existent file is created in the working directory. https://bugs.freedesktop.org/show_bug.cgi?id=98022
* test: Make test-module work --without-trust-moduleDaiki Ueno2016-09-041-1/+2
| | | | | | | | | The test-module program currently depends on TRUST_PATHS, which is determined by the configure script and normally points to a resource outside of the build tree. To make the test system-independent, use a crafted path for testing. https://bugs.freedesktop.org/show_bug.cgi?id=89027
* iter: Utilize 'slot-id' URI path attributeDaiki Ueno2016-09-022-1/+83
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=97245
* iter: Utilize slot info URI path attributesDaiki Ueno2016-09-023-0/+134
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Support 'slot-id' path attributeDaiki Ueno2016-09-023-3/+126
| | | | | | Accept 'slot-id' path attribute defined in RFC 7512. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Support slot info path attributesDaiki Ueno2016-09-024-0/+180
| | | | | | | Accept 'slot-description' and 'slot-manifacturer' path attributes defined in RFC 7512. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Remove whitespace early when parsingDaiki Ueno2016-09-021-66/+78
| | | | | | | | | | | For every path/query component, p11_kit_uri_parse() allocates a small buffer to strip whitespace out. This patch removes any whitespace in the URI at the entry of the function to simplify the code. Note that RFC 7512 actually suggests to ignore whitespace at the extracting phase rather than the parsing phase. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* Fix leak when C_Initialize() is called from childDaiki Ueno2016-08-222-0/+5
| | | | | | | The test case added for bug 90289 (commit c73edd00) revealed that some of the C_Initialize() implementations do not consider the case where it is called from the parent process and then from the child process, without calling C_Finalize() in between.
* configure: Remove redundant AM_GNU_GETTEXTDaiki Ueno2016-08-221-1/+0
| | | | There is the same line a few lines below.
* Fix typos flagged by codespellDaiki Ueno2016-08-228-12/+12
|
* Fix typo in pkcs11.confStef Walter2016-08-091-1/+1
| | | | Pointed out by David Woodhouse
* doc: Fix interpolation of p11-kit configuration paths in documentationStef Walter2016-08-091-6/+4
| | | | | Previously these were expanded based on the home directory of the one building the documentation (me).
* Doc: p11_kit_module_load accepts a filename arg.Andreas Metzler2016-02-241-1/+4
| | | | | | | | p11_kit_module_load() hands on the module_path argument to load_module_from_file_inlock() which accepts relative paths, prepending P11_MODULE_PATH. Update API documentation accordingly. https://lists.freedesktop.org/archives/p11-glue/2016-February/000587.html
* Avoiding redundant checkPankaj2016-01-051-3/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=93587
* Fix distcheck by removing some linguas that don't buildStef Walter2015-12-071-2/+0
|
* Bump version numberStef Walter2015-12-072-1/+6
|
* rpc-transport.c: include sys/select.h for fd_setGustavo Zacarias2015-12-071-0/+1
| | | | | | | | | | | | | | fd_set and friends, according to POSIX.1-2001, needs sys/select.h, so include it otherwise the build fails for uClibc: p11-kit/rpc-transport.c: In function ‘rpc_socket_read’: p11-kit/rpc-transport.c:350:2: error: unknown type name ‘fd_set’ p11-kit/rpc-transport.c:416:4: warning: implicit declaration of function ‘FD_ZERO’ [-Wimplicit-function-declaration] Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> https://bugs.freedesktop.org/show_bug.cgi?id=93211
* p11-kit: Fix redundant check for 'signature' is always 'true'Pankaj2015-11-231-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92807
* common: Fix warning about dereferencing NULL pointerPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92842
* common: Fix in test-code for file descriptor validity checkPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92843
* trust: Fix always false comparison of EAGAIN and EINTRStef Walter2015-11-091-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92864
* p11-kit: Remove unused pointerPankaj2015-10-211-2/+0
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92532
* po: Update translations from transifexStef Walter2015-10-2071-1856/+1097
|
* Add estonian translation from TransifexStef Walter2015-10-202-0/+343
|
* p11-kit: Fix warnings related to use dangling pointerPankaj2015-10-201-2/+6
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92551
* common: Remove compat timegm() implementationStef Walter2015-10-192-32/+0
| | | | We no longer use timegm()