summaryrefslogtreecommitdiff
path: root/common/compat.h
Commit message (Collapse)AuthorAgeFilesLines
* common: Use secure_getenv() implementation when setuidStef Walter2014-10-021-0/+2
| | | | | In anything security sensitive, use secure_getenv() implementation for retrieving environment variables.
* Add compatibility fdwalk() functionStef Walter2014-07-081-0/+7
| | | | | This is used when execing another process to close all open file descriptors that we don't wish to be inherited.
* Avoid multiple stat() calls for same fileStef Walter2013-08-281-0/+3
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Don't use _GNU_SOURCE and fix strerror_r usageStef Walter2013-07-231-3/+7
| | | | | glibc declares strerror_r completely different if in POSIX or GNU mode. Nastiness. Stop using _GNU_SOURCE all together.
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-181-0/+8
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Don't load configs from user directory when setuidStef Walter2013-07-181-0/+12
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* open files with O_CLOEXEC when possibleStef Walter2013-07-181-0/+4
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* trust: Correctly reflect the CK_TOKEN_INFO writability flagsStef Walter2013-06-141-0/+3
| | | | | Correctly set the CKF_TOKEN_WRITE_PROTECTED flag for paths which we will be able to write to.
* p11-kit: Managed PKCS#11 module loadingStef Walter2013-05-211-2/+2
| | | | | | | | | Support a new managed style module loading for PKCS#11 modules. This allows us to better coordinate between multiple callers of the same PKCS#11 modules and provide hooks into their behavior. This meant redoing the public facing API. The old methods are now deprecated, marked and documented as such.
* More compatible path munging and handling codeStef Walter2013-04-031-7/+2
| | | | | | | | | | Centralize the path handling code, so we can remove unixy assumptions and have a chance of running on Windows. The current goal is to run all the tests on Windows. Includes some code from LRN <lrn1986@gmail.com> https://bugs.freedesktop.org/show_bug.cgi?id=63062
* trust: Don't use POSIX or GNU basename()Stef Walter2013-03-191-6/+11
| | | | | | Both are nasty. Do our own, and test it a bit https://bugs.freedesktop.org/show_bug.cgi?id=62479
* Fix syntax errors in OS_WIN32 ifdefsStef Walter2013-03-031-2/+2
|
* Open files in binary mode on windowsStef Walter2013-03-031-0/+4
| | | | So that the Windows' C library doesn't munge line endings
* Add compat gmtime_r() and timegm() functionsStef Walter2013-03-031-0/+15
| | | | Not available on Win32 or ancient unixes
* Add compat mkstemp() and mkdtemp() functionsStef Walter2013-03-031-0/+12
| | | | Not available on Win32 or ancient unixes
* Add compat vasprintf() and asprintf() functionsStef Walter2013-03-031-0/+17
| | | | These are not available on Win32 and ancient unixes
* Add compat strndup() functionStef Walter2013-03-031-0/+7
| | | | Not available on Win32 and ancient unixes
* Abstract mmap() into a compat APIStef Walter2013-03-031-0/+16
| | | | | The Win32 for mmap() is very different from Unix, so abstract this into our own p11_mmap_xxx() functions.
* Add compat implementation of basename()Stef Walter2013-03-031-0/+6
| | | | For Win32 and older unixes
* Rename p11_module_xxx() compat functions to p11_dl_xxx()Stef Walter2013-03-031-10/+10
| | | | | | | For clarity. In addition, make p11_dl_close() able to be used as a destroyer callback. Also make p11_dl_error() return an allocated string
* Fix various clang analyzer warningsStef Walter2013-02-061-0/+13
| | | | | * Add annotations to our precondition functions so that they don't make the analyzer complain
* Implement stapled certificate extensions internallyStef Walter2013-02-051-1/+1
| | | | | | | | | | | | * Use stapled certificate extensions to represent loaded trust policy * Build NSS trust objects from stapled certificate extensions * Add further attribute debugging for NSS trust objects * Use a custom certificate extension for the OpenSSL reject purpose data * Use SubjectKeyIdentifier for OpenSSL keyid data * Use ExtendedKeyUsage for OpenSSL trust purpose data * Implement simple way to handle binary DER OIDs, using the DER TLV length. DER OIDs are used in the CKA_OBJECT_ID value, and elsewhere. * Split out the building of NSS trust objects from the main parser
* Add basic trust moduleStef Walter2013-02-051-2/+15
| | | | | | This is based off the roots-store from gnome-keyring and loads certificates from a root directory and exposes them as PKCS#11 objects.
* Remove the unused err() function and friendsStef Walter2013-02-051-23/+0
| | | | | We want to use p11_message in our commands anyway, since that allows us control with --verbose and --quiet.
* Use the stdbool.h C99 bool typeStef Walter2013-01-231-0/+8
| | | | | | It was getting really wild knowing whether a function returning an int would return -1 on failure or 0 or whether the int return value was actually a number etc..
* Move debug and library code into the common/ subdirectoryStef Walter2013-01-091-0/+123
| | | | | | | | | | | Start using p11_ as our internal prefix rather than _p11_. We explicitly export p11_kit_ so this is fine as far as visibility. Move the threading, mutex, and module compat, dict, and array code into the common directory too. Take this opportunity to clean up a bit of internal API as well, since so many lines are being touched internally.
* Fix build on solarisRob McMahon2012-07-311-0/+4
| | | | | | | * Conditional inclusion of the errno.h header * Link librt when appropriate for nanosleep https://bugs.freedesktop.org/show_bug.cgi?id=52261
* Use gcc extensions to check varargs during compileStef Walter2012-05-131-6/+18
| | | | | * Add macros GNUC_PRINTF and GNUC_NULL_TERMINATED to check correct printf and NULL terminated style varargs
* Provide compat getprogname() implementations on other OS'sStef Walter2012-05-011-3/+7
| | | | * And use them in our replacement err() and p11_kit_set_progname()
* Move the compat.[ch] headers into common directory/Stef Walter2012-04-301-0/+63
* And the compat stuff in the p11-kit directory merged into util.c and util.h