summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* iter: Utilize slot info URI path attributesDaiki Ueno2016-09-023-0/+134
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Support 'slot-id' path attributeDaiki Ueno2016-09-023-3/+126
| | | | | | Accept 'slot-id' path attribute defined in RFC 7512. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Support slot info path attributesDaiki Ueno2016-09-024-0/+180
| | | | | | | Accept 'slot-description' and 'slot-manifacturer' path attributes defined in RFC 7512. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* uri: Remove whitespace early when parsingDaiki Ueno2016-09-021-66/+78
| | | | | | | | | | | For every path/query component, p11_kit_uri_parse() allocates a small buffer to strip whitespace out. This patch removes any whitespace in the URI at the entry of the function to simplify the code. Note that RFC 7512 actually suggests to ignore whitespace at the extracting phase rather than the parsing phase. https://bugs.freedesktop.org/show_bug.cgi?id=97245
* Fix leak when C_Initialize() is called from childDaiki Ueno2016-08-222-0/+5
| | | | | | | The test case added for bug 90289 (commit c73edd00) revealed that some of the C_Initialize() implementations do not consider the case where it is called from the parent process and then from the child process, without calling C_Finalize() in between.
* configure: Remove redundant AM_GNU_GETTEXTDaiki Ueno2016-08-221-1/+0
| | | | There is the same line a few lines below.
* Fix typos flagged by codespellDaiki Ueno2016-08-228-12/+12
|
* Fix typo in pkcs11.confStef Walter2016-08-091-1/+1
| | | | Pointed out by David Woodhouse
* doc: Fix interpolation of p11-kit configuration paths in documentationStef Walter2016-08-091-6/+4
| | | | | Previously these were expanded based on the home directory of the one building the documentation (me).
* Doc: p11_kit_module_load accepts a filename arg.Andreas Metzler2016-02-241-1/+4
| | | | | | | | p11_kit_module_load() hands on the module_path argument to load_module_from_file_inlock() which accepts relative paths, prepending P11_MODULE_PATH. Update API documentation accordingly. https://lists.freedesktop.org/archives/p11-glue/2016-February/000587.html
* Avoiding redundant checkPankaj2016-01-051-3/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=93587
* Fix distcheck by removing some linguas that don't buildStef Walter2015-12-071-2/+0
|
* Bump version numberStef Walter2015-12-072-1/+6
|
* rpc-transport.c: include sys/select.h for fd_setGustavo Zacarias2015-12-071-0/+1
| | | | | | | | | | | | | | fd_set and friends, according to POSIX.1-2001, needs sys/select.h, so include it otherwise the build fails for uClibc: p11-kit/rpc-transport.c: In function ‘rpc_socket_read’: p11-kit/rpc-transport.c:350:2: error: unknown type name ‘fd_set’ p11-kit/rpc-transport.c:416:4: warning: implicit declaration of function ‘FD_ZERO’ [-Wimplicit-function-declaration] Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> https://bugs.freedesktop.org/show_bug.cgi?id=93211
* p11-kit: Fix redundant check for 'signature' is always 'true'Pankaj2015-11-231-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92807
* common: Fix warning about dereferencing NULL pointerPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92842
* common: Fix in test-code for file descriptor validity checkPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92843
* trust: Fix always false comparison of EAGAIN and EINTRStef Walter2015-11-091-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92864
* p11-kit: Remove unused pointerPankaj2015-10-211-2/+0
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92532
* po: Update translations from transifexStef Walter2015-10-2071-1856/+1097
|
* Add estonian translation from TransifexStef Walter2015-10-202-0/+343
|
* p11-kit: Fix warnings related to use dangling pointerPankaj2015-10-201-2/+6
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92551
* common: Remove compat timegm() implementationStef Walter2015-10-192-32/+0
| | | | We no longer use timegm()
* p11-kit: 'int' comparison with 'unsigned int' in for() for the array indexPankaj2015-10-191-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92443
* p11-kit: 'int' comparison with 'unsigned int' in for() for array indexPankaj2015-10-191-1/+1
|
* p11-kit: 'int' comparison with 'unsigned int' in for() for array indexPankaj2015-10-191-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92445
* manual: Fix typos in documentationLudovic Rousseau2015-10-192-6/+6
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92520
* p11-kit: Fix expression 'call_id < 0' is always falsePankaj2015-10-121-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92434
* Fix trust command segfaults in expand_homedir() when no matching password ↵Robert Milasan2015-07-311-9/+9
| | | | | | | | | | | | | record was found Hello, it looks like under some conditions, command trust segfaults in expand_homedir() due to no matching password record was found: Signed-off-by: Robert Milasan <rmilasan@suse.com> Signed-off-by: Stef Walter <stefw@redhat.com> * Updated path so message is printed and errno is not overwritten https://bugs.freedesktop.org/show_bug.cgi?id=91506
* Fix build on Mingw due to missing EWOULDBLOCKLew Palm2015-07-141-0/+3
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=89081
* Added p11_kit_module_get_filename()Nikos Mavrogiannopoulos2015-07-143-1/+85
| | | | | | | | | | | That function allows to obtain the filename used by the PKCS #11 module. That is the filename used by dlopen(). Note that we don't provide p11_kit_module_for_filename() because it would have to deal with filename equivalences. Signed-off-by: Stef Walter <stefw@redhat.com> * Fixed up whitespace
* In proxy module don't call C_Finalize on a forked process.Nikos Mavrogiannopoulos2015-06-291-6/+13
| | | | | | | | | | | | This corrects a deadlock on the forked process. The deadlock happened because the proxy called C_Finalize prior to a C_Initialize which is wrong according to PKCS #11 (2.40). This patch eliminates the C_Finalize call in that case. This resolves #90289 https://bugs.freedesktop.org/show_bug.cgi?id=90289 Reviewed-by: Stef Walter <stefw@redhat.com>
* Add test case for bug 90289 (deadlock on C_Initialize() in child after fork)David Woodhouse2015-06-291-0/+57
| | | | Reviewed-by: Stef Walter <stefw@redhat.com>
* Do not deinitialize libffi's wrapper functionsNikos Mavrogiannopoulos2015-06-291-0/+11
| | | | | | | | Libffi uses shared memory to store them, and a deallocation in a child will cause issues for the parent or vice versa. Signed-off-by: Stef Walter <stefw@redhat.com> * Use #if to comment out code, avoid compiler warnings
* Added test case for crash after a fork in proxy moduleNikos Mavrogiannopoulos2015-06-291-1/+45
| | | | Reviewed-by: Stef Walter <stefw@redhat.com>
* p11-kit: Missing unlock in function rpc_socket_read()Pankaj2015-06-031-1/+3
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=90827
* trust: Fix double close()Pankaj2015-06-011-1/+0
|
* Fix some compiler warnings from GCC 5.xStef Walter2015-04-171-3/+3
|
* Release version 0.23.1Stef Walter2015-02-202-1/+6
|
* Generate URIs compliant to the PKCS#11 URI draft in LCNikos Mavrogiannopoulos2015-02-202-14/+14
| | | | | | | | | | | | We continue to accept both the older style 'object-type' field in addition to the new 'type' field. However we start generating URIs in the new form. In other words we have backwards compatibility, but not forwards compatibility. Given the fact that PKCS#11 URIs are now standardizing this is an acceptable compromise. https://bugs.freedesktop.org/show_bug.cgi?id=86474
* Added test for pin-valueNikos Mavrogiannopoulos2015-02-201-0/+54
| | | | | | | https://bugs.freedesktop.org/show_bug.cgi?id=87582 Signed-off-by: Stef Walter <stefw@redhat.com> * Added test for bad encoded pin-value in uri
* Added support for pin-value PKCS#11 URI elementNikos Mavrogiannopoulos2015-02-202-0/+57
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=87582
* p11-kit: Remove duplicate WHITESPACE defineStef Walter2015-02-201-5/+3
|
* trust: Add pem-directory-hash extract formatAdam Williamson2015-01-146-52/+139
| | | | | | | | | | | | This allows extraction of a directory of standard PEM files with the OpenSSL hash symlinks; this is a format used by some popular platforms (Debian's /etc/ssl/certs is in this form, and OpenSUSE provides it for compatibility). Initially by: Ludwig Nussel <ludwig.nussel@suse.de> Signed-off-by: Stef Walter <stefw@redhat.com> * Added header, fixed compiler warnings
* uri: Accept 'type' in additon to 'object-type' in PKCS#11 URIsStef Walter2014-11-142-2/+30
| | | | This was a later change to the PKCS#11 specification drafts
* compat: Add definition for setenv for Win32Michael Cronenworth2014-11-122-0/+5
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* Release version 0.22.1Stef Walter2014-10-092-1/+7
|
* trust: Certificate CKA_ID is SubjectKeyIdentifier if possibleStef Walter2014-10-097-46/+91
| | | | | | | | | | | | | | | | | | | | | | The PKCS#11 spec states that the CKA_ID should match the SubjectKeyIdentifier if such an extension is present. We delay the filling of CKA_ID until the builder phase of populating attributes which allows us to have more control over how this works. Note that we don't make CKA_ID reflect SubjectKeyIdentifier *attached* extensions. The CKA_ID isn't supposed to change after object creation. Making it dependent on attached extensions would be making promises we cannot keep, since attached extensions can be added/removed at any time. This also means the CKA_ID of attached extensions and certificates won't necessarily match up, but that was never promised, and not how attached extensions should be matched to their certificate anyway. Based on a patch and research done by David Woodhouse. https://bugs.freedesktop.org/show_bug.cgi?id=84761
* trust: Allow 'BEGIN PUBLIC KEY' PEM blocks in .p11-kit filesStef Walter2014-10-094-4/+82
| | | | | | | These PEM blocks contribute a CKA_PUBLIC_KEY_INFO to the object being read/written. https://bugs.freedesktop.org/show_bug.cgi?id=83799
* trust: add missing libtasn1 cflagsRoman Bogorodskiy2014-10-071-0/+39
| | | | Add a number of missing LIBTASN1_CFLAGS where it's required