Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | test-server: Add test for detecting address | Daiki Ueno | 2018-02-27 | 1 | -1/+29 |
| | |||||
* | test-server: Fix compilation error on FreeBSD | Daiki Ueno | 2018-02-27 | 1 | -0/+1 |
| | |||||
* | common, client: Move runtime directory detection to libp11-common | Daiki Ueno | 2018-02-27 | 5 | -65/+292 |
| | |||||
* | common: Make p11_test_directory_delete() work recursively | Daiki Ueno | 2018-02-27 | 1 | -1/+11 |
| | |||||
* | test: Improve temporary directory handling | Daiki Ueno | 2018-02-27 | 2 | -2/+6 |
| | |||||
* | p11_kit_remote_serve_tokens: Read "write-protected" setting from URI | Daiki Ueno | 2018-02-27 | 2 | -0/+42 |
| | |||||
* | filter: Respect CKF_WRITE_PROTECTED setting when allowing a token | Daiki Ueno | 2018-02-27 | 2 | -16/+134 |
| | |||||
* | test: Add test for client-server interaction | Daiki Ueno | 2018-02-27 | 4 | -3/+213 |
| | | | | | | | The test spawns a process running the server command and connects to it through p11-kit-client.so. It's is a bit tricky that the child process requires to preload libasan.so when ASan is in in effect, to properly load a mock module. | ||||
* | server: Print envvars even when running in foreground | Daiki Ueno | 2018-02-27 | 1 | -22/+39 |
| | |||||
* | test-transport: Make sure to initialize addrlen given to accept | Daiki Ueno | 2018-02-27 | 1 | -0/+1 |
| | |||||
* | client: Fix memleaks in the module | Daiki Ueno | 2018-02-27 | 1 | -3/+9 |
| | |||||
* | test: Fix unconditional jump in test-proxy.c | Daiki Ueno | 2018-02-27 | 1 | -0/+1 |
| | |||||
* | doc: Replace links to freedesktop.org to github pages | Daiki Ueno | 2018-02-26 | 4 | -10/+10 |
| | |||||
* | trust: Forcibly mark "Default Trust" read-only | Daiki Ueno | 2018-02-05 | 7 | -15/+101 |
| | | | | | | | | The "Default Trust" token is typically mounted as $datadir, which is considered as read-only on modern OSes. Suggestd by Kai Engert in: https://bugzilla.redhat.com/show_bug.cgi?id=1523630 | ||||
* | po: Update translations from transifex | Daiki Ueno | 2018-01-31 | 38 | -447/+1139 |
| | |||||
* | build: Add more files to .gitignore | Daiki Ueno | 2018-01-31 | 1 | -19/+7 |
| | |||||
* | travis: Exclude generated files from coverage | Daiki Ueno | 2018-01-31 | 1 | -1/+1 |
| | |||||
* | build: Split out generated code from p11-kit/virtual.c | Daiki Ueno | 2018-01-31 | 6 | -199/+51 |
| | |||||
* | trust: Filter out duplicate extensions | Daiki Ueno | 2018-01-31 | 5 | -5/+120 |
| | | | | | | | | | | | | The trust policy module keeps all the objects in the database, while PKIX doesn't allow multiple extensions identified by the same OID can be attached to a certificate. Add a check to C_FindObjects to exclude any duplicates and only return the first matching object. It would be better if the module rejects such duplicates when loading, but it would make startup slower. https://bugzilla.redhat.com/show_bug.cgi?id=1141241 | ||||
* | build: Delay compilation of test-related stuff | Daiki Ueno | 2018-01-30 | 4 | -16/+29 |
| | |||||
* | proxy: Remove dead code | Daiki Ueno | 2018-01-30 | 1 | -708/+0 |
| | | | | | Since the libffi became optional (commit 9f632bed), the fallback code path in proxy.c has never taken. | ||||
* | proxy: Reuse the existing slot ID mapping after fork | Daiki Ueno | 2018-01-29 | 5 | -4/+122 |
| | | | | | | | While the proxy module reassigns slot IDs in C_Initialize(), some applications assume that valid slot IDs should never change across multiple calls to C_Initialize(). This patch mitigates this by preserving the slot IDs, if they are known to the proxy module. | ||||
* | server: Avoid null-dereference of timespec value on timeout | Daiki Ueno | 2018-01-17 | 1 | -1/+2 |
| | | | | Spotted by clang-analyzer. | ||||
* | Added p11-kit remoting page in manual | Nikos Mavrogiannopoulos | 2018-01-05 | 3 | -0/+255 |
| | |||||
* | build: Add README.md to display build status | Daiki Ueno | 2017-12-21 | 1 | -0/+10 |
| | |||||
* | travis: Exclude test programs from coveralls | Daiki Ueno | 2017-12-21 | 1 | -1/+1 |
| | |||||
* | travis: Supply necessary envvars to container for coveralls | Daiki Ueno | 2017-11-27 | 1 | -1/+1 |
| | |||||
* | travis: Use in-tree build for coverage | Daiki Ueno | 2017-11-15 | 1 | -14/+16 |
| | | | | | | The coverage tools (gcov, cpp-coveralls, etc) cannot detect source files if the project is built out-of-tree. Use the same directory for $srcdir and $builddir for the build with --enable-coverage. | ||||
* | test: Improve code coverage of filter.c | Daiki Ueno | 2017-11-15 | 1 | -0/+67 |
| | |||||
* | travis: Use coveralls for measuring coverage | Daiki Ueno | 2017-11-15 | 1 | -1/+5 |
| | |||||
* | p11_kit_override_system_files: introduced new function | Nikos Mavrogiannopoulos | 2017-11-01 | 3 | -5/+59 |
| | | | | | | | That allows overriding the default module and configuration locations, for use in test suites, etc. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | p11_kit_modules_load*: enhanced documentation on flags | Nikos Mavrogiannopoulos | 2017-10-31 | 1 | -0/+6 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | build: Take advantage of parallel-tests | Daiki Ueno | 2017-10-06 | 3 | -2/+6 |
| | |||||
* | server: Better shell integration | Daiki Ueno | 2017-10-06 | 4 | -20/+152 |
| | | | | | | This adds -k, -c, and -s options to the "p11-kit server" command, which allows you to terminate the server process, select which C-shell or Bourne shell command line is printed on startup, respectively. | ||||
* | server: Make it possible to eval envvar settings | Daiki Ueno | 2017-10-05 | 1 | -9/+11 |
| | | | | | Previously, calling "eval $(p11-kit server)" from shell hung because the program didn't properly close stdout before forking. | ||||
* | Release 0.23.9 | Daiki Ueno | 2017-10-02 | 2 | -1/+6 |
| | |||||
* | trust: Respect anyExtendedKeyUsage in CA certificates | Daiki Ueno | 2017-10-02 | 3 | -0/+45 |
| | |||||
* | rpc: Fix crash when retrieving attribute length | Daiki Ueno | 2017-09-27 | 2 | -4/+34 |
| | | | | | | It is possible that NULL is given to the serializers, when C_GetAttributeValue() just wants to know the size of an attribute. Previously, this resulted in giving NULL to memcpy(). | ||||
* | server: Make it work only when token URI is provided | Daiki Ueno | 2017-09-27 | 1 | -47/+41 |
| | | | | | | Previously, when "p11-kit server" started only with a token URI, it couldn't properly find and initialize the module which provides the token. This was because of the wrong order of cleanup of the modules. | ||||
* | common: Re-add placeholder definition of p11_debug | Daiki Ueno | 2017-08-18 | 1 | -0/+4 |
| | | | | | This was mistakenly removed in commit efe6dc56c. Pointed by Lars Wendler in issue #97. | ||||
* | build: Include <stdint.h> for SIZE_MAX | Daiki Ueno | 2017-08-16 | 1 | -0/+1 |
| | | | | Fixes issue #95. | ||||
* | Release 0.23.8 | Daiki Ueno | 2017-08-15 | 2 | -1/+8 |
| | |||||
* | build: Include <stdint.h> for SIZE_MAX | Daiki Ueno | 2017-08-15 | 1 | -0/+1 |
| | |||||
* | client: Fix order of cleanup | Daiki Ueno | 2017-08-11 | 1 | -1/+1 |
| | | | | | | In C_GetFunctionList, state->virt is wrapped with a destroyer function free(). Thus p11_rpc_transport_free must be called before p11_virtual_unwrap. | ||||
* | test: Add checks for duplicate vendor attributes | Daiki Ueno | 2017-08-08 | 1 | -0/+10 |
| | |||||
* | uri: Make vendor query attribute handling reliable | Daiki Ueno | 2017-08-08 | 1 | -24/+80 |
| | | | | | | | | | | | | Previously we used p11_dict to keep track of vendor query attributes. This had a couple of limitations: duplicate attributes are not allowed while they are actually allowed in RFC 7512, and the order of attributes is unpredictable. This patch switches to using an array instead of p11_dict and ensures that the attributes are sorted in alphabetical order. Fixes #88. | ||||
* | common: New p11_array_insert function | Daiki Ueno | 2017-08-08 | 2 | -0/+20 |
| | |||||
* | common: Use reallocarray instead of realloc as appropriate | Daiki Ueno | 2017-08-08 | 5 | -4/+36 |
| | | | | | | reallocarray is a new POSIX function added in glibc 2.26, with built-in overflow checks. Take advantage of that function for internal array allocation. | ||||
* | pkcs11.h: updated information | Nikos Mavrogiannopoulos | 2017-08-03 | 1 | -3/+3 |
| | | | | | The scute project no longer exists, and the PKCS#11 standard is from OASIS group. | ||||
* | pkcs11.h: added OTP-related mechanisms | Nikos Mavrogiannopoulos | 2017-08-03 | 1 | -0/+97 |
| |