summaryrefslogtreecommitdiff
path: root/common
Commit message (Collapse)AuthorAgeFilesLines
* Drop unused libtasn1.h includeRoman Bogorodskiy2013-11-081-2/+0
| | | | | | | | | It's not only unsed, but also causes build fail because CFLAGS for tests does not contain LIBTASN1_CFLAGS. Signed-off-by: Stef Walter <stef@thewalter.net> https://bugs.freedesktop.org/show_bug.cgi?id=71379
* Disable tests with setgid binaries when running in fakerootAndreas Metzler2013-10-011-1/+4
| | | | | We use the FAKED_MODE environment variable as a way to detect fakeroot.
* Remove unused make variablesStef Walter2013-09-091-4/+2
|
* tool: Only include debug lines marked 'tool' when --verboseStef Walter2013-08-281-1/+3
| | | | | Otherwise we get all sorts of overwhelming internal debugging when someone specifies --verbose argument to a tool.
* debug: Allow debug lines longer than 512 charactersStef Walter2013-08-281-4/+3
| | | | | | Since fprintf (stderr, ...) already doesn't print atomically, we don't lose any atomicity here. If we want to print atomically this will need some further reworking anyway.
* debug: Add missing 'tool' flag to debug flagsStef Walter2013-08-281-0/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-283-12/+32
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* compat: Check return value of mmap() properlyStef Walter2013-08-281-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=68525
* test-compat calls test_getauxval which is in a UNIX defined blockMichael Cronenworth2013-07-301-0/+2
| | | | | | MinGW builds fail due to this. https://bugs.freedesktop.org/show_bug.cgi?id=67518
* Don't use _GNU_SOURCE and fix strerror_r usageStef Walter2013-07-235-3/+80
| | | | | glibc declares strerror_r completely different if in POSIX or GNU mode. Nastiness. Stop using _GNU_SOURCE all together.
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-42/+48
|
* Use simple serial automake test harnessStef Walter2013-07-234-3/+97
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Use getpwuid_r() instead of the non-thread-sofe getpwuid()Stef Walter2013-07-181-2/+9
|
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-181-2/+7
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* attrs: Check printf formatting in buffer_append_printf()Stef Walter2013-07-181-0/+5
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985497
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-185-2/+55
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-181-4/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-182-13/+30
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-188-1/+270
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* tools: Use $TMPDIR instead of $TEMPStef Walter2013-07-184-74/+60
| | | | | | | | | | | | TMPDIR is a more standard environment variable for locating the temp directory on Unix. In addition since this is only used in tests, remove the code from the generic p11_path_expand() func. In general remove the possibility for forks to put $HOME or $TEMP environment variables in configured paths. This was possible due to code in p11_path_expand() but not something we supported. https://bugzilla.redhat.com/show_bug.cgi?id=985017
* Fix various issues highlighted by coverity scannerStef Walter2013-07-182-1/+3
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-182-3/+19
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* buffer: Check for unlikely integer overflowStef Walter2013-07-181-0/+6
| | | | | | | | If we see an integer overflow here something has gone horribly wrong (or malicious code is present). So treat this as unrecoverable, and fail if we're going to overflow. https://bugzilla.redhat.com/show_bug.cgi?id=985019
* Make preconditions abort unconditionally when scanning with coverityStef Walter2013-07-182-0/+9
| | | | | | | | | | | | This reflects that preconditions are invalid/unreachable on a functioning system and with valid input. We do not try to recover from such conditions. In addition teach coverity about how our test suite fails See http://p11-glue.freedesktop.org/doc/p11-kit/devel-building-style.html https://bugzilla.redhat.com/show_bug.cgi?id=985005
* Fixes for some recent win32 regressionsStef Walter2013-07-181-3/+18
|
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-103-614/+0
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* common: Fix typo, and don't escape '6' in URL encodingStef Walter2013-07-081-1/+1
|
* trust: Port to use CKA_PUBLIC_KEY_INFO and updated trust store specStef Walter2013-07-043-0/+3
| | | | | | | | | | * Use the concepts and PKCS#11 objects described in the recently updated (still work in progress) storing trust spec. * Define our own CKA_X_PUBLIC_KEY_INFO define for now, since the the CKA_PUBLIC_KEY_INFO isn't defined yet. * Most notably, the association between certificates and stapled extensions is by public key. * Rework some of the tests to take into account the above.
* path: Add p11_path_canon() functionStef Walter2013-07-033-0/+34
| | | | Cleans up a filename with readable characters.
* path: Add p11_path_prefix() functionStef Walter2013-07-033-0/+33
| | | | | Checks if a wellformed path is identical to or a prefix of another path.
* Reorganize various componentsStef Walter2013-06-2532-5244/+373
| | | | | | | * p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory
* trust: Writable module PKCS#11 token functionsStef Walter2013-06-171-3/+11
| | | | | | Although we don't actually write anything out yet, make the various PKCS#11 functions behave properly when faced with requests to write to token objects
* trust: Correctly reflect the CK_TOKEN_INFO writability flagsStef Walter2013-06-141-0/+3
| | | | | Correctly set the CKF_TOKEN_WRITE_PROTECTED flag for paths which we will be able to write to.
* path: Add p11_path_parent() functionStef Walter2013-06-143-0/+55
| | | | | Gets the parent element of the path, removing the last component. Handles trailing and duplicate path separators correctly.
* path: Fix expanding of paths and testsStef Walter2013-06-142-25/+37
|
* common: Abort test cases when one failsStef Walter2013-06-131-0/+2
|
* Fix uninitialized p11_library_oncemanphiz@gmail.com2013-05-281-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=57714
* constants: Tweaks and add mechanismsStef Walter2013-05-272-253/+245
|
* pem: Write PEM data directly to a bufferStef Walter2013-05-273-32/+34
|
* url: Encode directly to a bufferStef Walter2013-05-273-33/+31
|
* Fix up Makefile.am files for automake 1.13 warningsStef Walter2013-05-211-2/+2
|
* Our own unit testing frameworkStef Walter2013-05-2121-1006/+1162
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Pull the argv parsing code into its own fileStef Walter2013-05-213-0/+160
| | | | So it can be used from multiple code paths
* Support /xxx/yyy as an absolute path with Win32Stef Walter2013-05-212-5/+5
| | | | | Because win32 code doesn't just run on windows, wine runs with unix style paths.
* Add the log-calls module config optionStef Walter2013-05-215-20/+387
| | | | | If 'log-calls = yes' is set then all the PKCS#11 modules are logged to stderr.
* Manage C_CloseAllSessions function for multiple callersStef Walter2013-05-211-1/+1
| | | | | | Make C_CloseAllSessions work for different callers. Track the sessions that each caller opens and close just those when C_CloseAllSessiosn is called.
* Update the proxy module to use managed PKCS#11 modulesStef Walter2013-05-212-9/+11
| | | | | | | | | | Each time C_GetFunctionList is called on the proxy module, a new managed PKCS#11 set of functions is returned. These are all cleaned up when the module is unloaded. We want the proxy module to continue to work even without the highly recommended libffi. For that reason we still keep the old behavior of sharing state in the proxy module.
* p11-kit: Managed PKCS#11 module loadingStef Walter2013-05-214-25/+54
| | | | | | | | | Support a new managed style module loading for PKCS#11 modules. This allows us to better coordinate between multiple callers of the same PKCS#11 modules and provide hooks into their behavior. This meant redoing the public facing API. The old methods are now deprecated, marked and documented as such.
* Add subclassable CK_X_FUNCTION_LISTStef Walter2013-05-153-4/+1561
| | | | | | | | | | One of the flaws in PKCS#11 for our usage is that each PKCS#11 module is not passed the pointer to the function list, ie: the vtable Here we define a new function list vtable, where each PKCS#11 function takes the vtable itself as the first argument. We use this new list internally to represent subclassable PKCS#11 modules for various features.
* Implement valgrind's hellgrind checks for threading problemsStef Walter2013-05-151-1/+1
| | | | | | | And cleanup our locks/locking model. There's no need to use recursive locks, especially since we can't use them on all platforms. In addition adjust taking of locks during initialization so that there's no chance of deadlocking here.