| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
On macOS and FreeBSD, issetugid() has different semantics from the
original OpenBSD implementation and cannot reliably detect if the
process made setuid/setgid:
https://gist.github.com/nicowilliams/4daf74a3a0c86848d3cbd9d0cdb5e26e
This should fix:
https://bugs.freedesktop.org/show_bug.cgi?id=67451
https://bugs.freedesktop.org/show_bug.cgi?id=100287
|
|
|
|
|
|
| |
On macOS, locale_t is not defined in <locale.h>. Although it is
defined in <xlocale.h>, we rather not use locales at all for POSIX
compliance.
|
|
|
|
|
|
| |
The tolower()/toupper() functions take into account of the current
locale settings, which p11-kit doesn't want. Add replacement
functions that work as if they are called under the C locale.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit 173ad93cc54057886b2055f3d73ea64a047127d1.
We should rather use newlocale() when per-thread locale is not set.
Otherwise uselocale() could return LC_GLOBAL_LOCALE on some
platforms (e.g. musl-libc) and calling strerror_l() with it leads to
an undefined behavior.
|
|
|
|
|
|
| |
NetBSD deliberately doesn't support per-thread locale and our
thread-safe replacement of strerror() using strerror_l() cannot be
used. Fallback to strerror_r() in that case.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This was mistakenly removed in commit efe6dc56c.
Pointed by Lars Wendler in issue #97.
|
|
|
|
| |
Fixes issue #95.
|
| |
|
| |
|
|
|
|
|
|
| |
reallocarray is a new POSIX function added in glibc 2.26, with
built-in overflow checks. Take advantage of that function for
internal array allocation.
|
|
|
|
|
| |
The scute project no longer exists, and the PKCS#11 standard is
from OASIS group.
|
| |
|
| |
|
|
|
|
|
| |
This follows the definitions in PKCS#11 v2.40:
http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/os/pkcs11-curr-v2.40-os.html
|
|
|
|
|
|
|
|
|
| |
Solaris doesn't like it when dlclose is referenced using a define,
resulting in a linker error looking for a symbol version. Simply
calling the function in a normal way (instead of storing its address)
solves this linking error.
The error message seen by GNU ld is:
dlclose: invalid version 7 (max 0)
|
|
|
|
| |
Solaris can retrieve this information via getpeerucred().
|
|
|
|
|
|
|
|
|
| |
As p11-kit is a library there are cases where it is not desirable
to log on stderr by default. See for example this report
https://bugzilla.redhat.com/show_bug.cgi?id=1464490
where wget prints an error due to an unconfigured pkcs11 module.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
This reverts commit 6b457ffc, which forbids the use of GNU extension
for the incompatibility of strerror_r. However, now that strerror_l
is used instead on glibc systems, it has no point to do that.
|
| |
|
|
|
|
|
| |
strerror_r is being obsolete in the next POSIX specification:
http://austingroupbugs.net/view.php?id=655
|
|
|
|
|
| |
This is to disable clang-analyzer against test programs, which can
contain several false-positives.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds p11_path_{encode,decode}(), following the escaping rule
described in:
https://dbus.freedesktop.org/doc/dbus-specification.html#addresses
Although they are merely a wrapper around p11_url_{decode,encode}(),
having dedicated functions hides the implementation details.
|
| |
|
| |
|
|
|
|
|
| |
Don't append the backslash character twice to the output. It is
interpolated a few lines below, if it is really required.
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=99600
|
|
|
|
|
| |
See also NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=1334976
and p11-kit bug https://bugs.freedesktop.org/show_bug.cgi?id=99453
|
|
|
|
|
| |
Follow-up fix for commit 4d228aa0, which forgot to clear
p11_virtual_mutex on library finalization.
|
|
|
|
|
|
|
|
|
| |
We used to provide p11_virtual_fixed_{,un}init() to only initialize a
mutex used in virtual.c. That required all the tests calling virtual
functions to call p11_virtual_fixed_{,un}init() in main().
For simplicity, move the mutex variable initialization into
p11_library_init().
|
|
|
|
|
|
|
|
|
|
|
| |
* common/compat.c: Fix "implicit declaration of function 'issetugid'"
warning. On FreeBSD, it's required to define __BSD_VISIBLE to make
issetugid(2) visible
* common/test-message.c: Fix "implicit declaration of function
'asprintf'" by including <stdio.h>
* p11-kit/test-iter.c: Fix "format '%lu' expects argument of
type 'long unsigned int', but argument 3 has type 'int'" by
changing format string to "%d"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows us to do nested locking within one thread avoiding a lockup
when remoting the p11-kit-proxy.so module:
#0 0x00007f190f35838d in __lll_lock_wait () from /lib64/libpthread.so.0
#1 0x00007f190f351e4d in pthread_mutex_lock () from /lib64/libpthread.so.0
#2 0x00007f190f98657f in C_GetFunctionList (list=0x7ffe7ec3f798) at p11-kit/proxy.c:2355
#3 0x00007f190f993cc9 in dlopen_and_get_function_list (funcs=0x7ffe7ec3f798, path=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", mod=0x249e3d0) at p11-kit/modules.c:337
#4 load_module_from_file_inlock (name=name@entry=0x0, path=path@entry=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", result=result@entry=0x7ffe7ec3f7e8) at p11-kit/modules.c:382
#5 0x00007f190f99587f in p11_kit_module_load (module_path=module_path@entry=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", flags=flags@entry=0) at p11-kit/modules.c:2427
#6 0x0000000000401c4b in serve_module_from_file (file=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so") at p11-kit/remote.c:105
#7 main (argc=1, argv=<optimized out>) at p11-kit/remote.c:169
The Windows NT mutex is aready recursive by default.
|
|
|
|
| |
Otherwise the file is left in builddir, after make distclean.
|
| |
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1191209
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=1191231
|