| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Correctly set the CKF_TOKEN_WRITE_PROTECTED flag for paths
which we will be able to write to.
|
| |
|
|
|
|
|
|
|
| |
Support a new managed style module loading for PKCS#11 modules. This
allows us to better coordinate between multiple callers of the same
PKCS#11 modules and provide hooks into their behavior.
This meant redoing the public facing API. The old methods are now
deprecated, marked and documented as such.
|
| |
|
|
|
|
|
|
|
|
| |
Centralize the path handling code, so we can remove unixy assumptions
and have a chance of running on Windows. The current goal is to run
all the tests on Windows.
Includes some code from LRN <lrn1986@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=63062
|
| |
|
|
|
|
| |
Both are nasty. Do our own, and test it a bit
https://bugs.freedesktop.org/show_bug.cgi?id=62479
|
| | |
|
| |
|
|
| |
So that the Windows' C library doesn't munge line endings
|
| |
|
|
| |
Not available on Win32 or ancient unixes
|
| |
|
|
| |
Not available on Win32 or ancient unixes
|
| |
|
|
| |
These are not available on Win32 and ancient unixes
|
| |
|
|
| |
Not available on Win32 and ancient unixes
|
| |
|
|
|
| |
The Win32 for mmap() is very different from Unix, so abstract
this into our own p11_mmap_xxx() functions.
|
| |
|
|
| |
For Win32 and older unixes
|
| |
|
|
|
|
|
| |
For clarity. In addition, make p11_dl_close() able to be used
as a destroyer callback.
Also make p11_dl_error() return an allocated string
|
| |
|
|
|
| |
* Add annotations to our precondition functions so that they
don't make the analyzer complain
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Use stapled certificate extensions to represent loaded trust policy
* Build NSS trust objects from stapled certificate extensions
* Add further attribute debugging for NSS trust objects
* Use a custom certificate extension for the OpenSSL reject purpose data
* Use SubjectKeyIdentifier for OpenSSL keyid data
* Use ExtendedKeyUsage for OpenSSL trust purpose data
* Implement simple way to handle binary DER OIDs, using the DER TLV
length. DER OIDs are used in the CKA_OBJECT_ID value, and elsewhere.
* Split out the building of NSS trust objects from the main parser
|
| |
|
|
|
|
| |
This is based off the roots-store from gnome-keyring and loads
certificates from a root directory and exposes them as PKCS#11
objects.
|
| |
|
|
|
| |
We want to use p11_message in our commands anyway, since that
allows us control with --verbose and --quiet.
|
| |
|
|
|
|
| |
It was getting really wild knowing whether a function returning
an int would return -1 on failure or 0 or whether the int return
value was actually a number etc..
|
| |
|
|
|
|
|
|
|
|
|
| |
Start using p11_ as our internal prefix rather than _p11_. We explicitly
export p11_kit_ so this is fine as far as visibility.
Move the threading, mutex, and module compat, dict, and array code
into the common directory too.
Take this opportunity to clean up a bit of internal API as well,
since so many lines are being touched internally.
|
| |
|
|
|
|
|
| |
* Conditional inclusion of the errno.h header
* Link librt when appropriate for nanosleep
https://bugs.freedesktop.org/show_bug.cgi?id=52261
|
| |
|
|
|
| |
* Add macros GNUC_PRINTF and GNUC_NULL_TERMINATED to check
correct printf and NULL terminated style varargs
|
| |
|
|
| |
* And use them in our replacement err() and p11_kit_set_progname()
|
|
|
* And the compat stuff in the p11-kit directory merged
into util.c and util.h
|
