summaryrefslogtreecommitdiff
path: root/common
Commit message (Collapse)AuthorAgeFilesLines
* p11-kit: Use pthread_atfork() in a safe mannerStef Walter2014-10-033-0/+14
| | | | | | | | | | | | | Instead of trying to perform actions in pthread_atfork() which are not async-signal-safe, just increment a counter so we can later tell if the process has forked. Note this does not make it safe to mix threads and forking without immediately execing. This is a far broader problem that p11-kit, however we now do the right thing when fork+exec is used from a thread. https://bugs.freedesktop.org/show_bug.cgi?id=84567
* common: Use secure_getenv() implementation when setuidStef Walter2014-10-027-3/+112
| | | | | In anything security sensitive, use secure_getenv() implementation for retrieving environment variables.
* common: In tests preserve parent environment for childrenStef Walter2014-10-021-1/+1
|
* common: Move unistd include to define getopt and friendsMichael Cronenworth2014-09-181-1/+1
| | | | | | Needed to fix MinGW builds. Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* common: New public pkcs11x.h header containing extensionsStef Walter2014-09-106-456/+514
| | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFOStef Walter2014-09-103-3/+7
| | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Add support for multiple field names (ie: nicks) per constantStef Walter2014-09-103-21/+22
| | | | | | This allows us to have old/new names for a given constant. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* Move to non-recursive Makefile for building bins and libsStef Walter2014-08-1515-67/+85
| | | | Still use recursive for documentation and translation.
* common: Fix regression introduced by last commitStef Walter2014-08-151-1/+1
| | | | | | The last commit caused dirfd() to become undefined. https://bugs.freedesktop.org/show_bug.cgi?id=82617
* Fix build against older pthreads implementationsBaruch Siach2014-08-141-0/+6
| | | | | | | | | | | | | | | | | Older pthreads implementations like glibc NPTL prior to version 2.12, and uClibc linuxthreads (both), need _XOPEN_SOURCE to expose pthread_mutexattr_settype() and THREAD_MUTEX_DEFAULT. The value 600 (SuSv3, POSIX.1-2001) is equivalent to _POSIX_C_SOURCE 200112L. Fixes the following build error: CC compat.lo compat.c: In function 'p11_mutex_init': compat.c:164:2: warning: implicit declaration of function 'pthread_mutexattr_settype' [-Wimplicit-function-declaration] compat.c:164:2: warning: nested extern declaration of 'pthread_mutexattr_settype' [-Wnested-externs] compat.c:164:36: error: 'PTHREAD_MUTEX_DEFAULT' undeclared (first use in this function) https://bugs.freedesktop.org/show_bug.cgi?id=82617
* common: Quiet down clang scanner with assertionsStef Walter2014-08-081-1/+1
| | | | | Quieten down the clang scanner by telling it to expect that our test assertions fail
* Fix mostly erroneous scanner warnings in testsStef Walter2014-08-083-0/+6
|
* common: Allow specifying which tests to run on command lineStef Walter2014-08-081-1/+33
| | | | | | This modifies our common unit test code so we can specify full test paths on the command line, and restrict the run tests to the ones specified. Order is not respected at this time.
* common: Don't do repeated linear reallocation of array memoryStef Walter2014-08-071-1/+4
| | | | | | | Some mallocs (notably on Windows) have really poor behavior when called repeatedly with a linearly growing buffer. https://bugzilla.redhat.com/show_bug.cgi?id=985419
* test: Move some file and directory code into general test stuffStef Walter2014-07-082-0/+93
|
* Add compatibility fdwalk() functionStef Walter2014-07-082-0/+80
| | | | | This is used when execing another process to close all open file descriptors that we don't wish to be inherited.
* rpc: Implement PKCS#11 messages/client/server codeStef Walter2014-07-084-0/+12
| | | | | | | | | | | | * This enables passing around bytes which represent PKCS#11 RPC calls. * Caller is responsible for connecting/disconnecting and so on. * Client side caller gets a mixin from p11_rpc_client_init() to call into, which generates callbacks with byte arrays to be transported. * Server side calls p11_rpc_server_handle() with a CK_FUNCTION_LIST_PTR on which relevant methods get called. * Doesn't yet implement the actual daemon or clients etc... https://bugs.freedesktop.org/show_bug.cgi?id=54105
* common: Fixed implementation of strerror_r for WinXPPavel A2014-07-011-0/+15
| | | | | | ie: when streror_s is missing in msvcrt.dll https://bugs.freedesktop.org/show_bug.cgi?id=76594
* Proposed fix for compiler warnings in common/compat.cPavel A2014-06-201-19/+23
| | | | | | | | | | | | | when buliding for Windows (mingw). This issue has been reported in bug #76594 a. Moved vasprintf before asprintf b. Added prototypes for each of them Thanks, pa Signed-off-by: Pavel A <pavel.aronsky@daynix.com>
* Fix handling of mmap failure and mapping empty filesPascal Terjan2014-02-132-2/+26
| | | | | | | | | | | Check the return value of mmap() correctly. Empty files cannot be mmap'd so we implement some work around code for that. https://bugs.freedesktop.org/show_bug.cgi?id=74773 Signed-off-by: Stef Walter <stef@thewalter.net>
* attrs: Allow NULL attribute to be passed to p11_attr_hash()Stef Walter2014-01-132-5/+10
| | | | | | This allows simpler lookups. https://bugs.freedesktop.org/show_bug.cgi?id=73558
* Fix typo in mock.cStef Walter2014-01-081-1/+1
| | | | Reported-by: Tijl Coosemans <tijl@FreeBSD.org>
* Drop unused libtasn1.h includeRoman Bogorodskiy2013-11-081-2/+0
| | | | | | | | | It's not only unsed, but also causes build fail because CFLAGS for tests does not contain LIBTASN1_CFLAGS. Signed-off-by: Stef Walter <stef@thewalter.net> https://bugs.freedesktop.org/show_bug.cgi?id=71379
* Disable tests with setgid binaries when running in fakerootAndreas Metzler2013-10-011-1/+4
| | | | | We use the FAKED_MODE environment variable as a way to detect fakeroot.
* Remove unused make variablesStef Walter2013-09-091-4/+2
|
* tool: Only include debug lines marked 'tool' when --verboseStef Walter2013-08-281-1/+3
| | | | | Otherwise we get all sorts of overwhelming internal debugging when someone specifies --verbose argument to a tool.
* debug: Allow debug lines longer than 512 charactersStef Walter2013-08-281-4/+3
| | | | | | Since fprintf (stderr, ...) already doesn't print atomically, we don't lose any atomicity here. If we want to print atomically this will need some further reworking anyway.
* debug: Add missing 'tool' flag to debug flagsStef Walter2013-08-281-0/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-283-12/+32
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* compat: Check return value of mmap() properlyStef Walter2013-08-281-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=68525
* test-compat calls test_getauxval which is in a UNIX defined blockMichael Cronenworth2013-07-301-0/+2
| | | | | | MinGW builds fail due to this. https://bugs.freedesktop.org/show_bug.cgi?id=67518
* Don't use _GNU_SOURCE and fix strerror_r usageStef Walter2013-07-235-3/+80
| | | | | glibc declares strerror_r completely different if in POSIX or GNU mode. Nastiness. Stop using _GNU_SOURCE all together.
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-42/+48
|
* Use simple serial automake test harnessStef Walter2013-07-234-3/+97
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Use getpwuid_r() instead of the non-thread-sofe getpwuid()Stef Walter2013-07-181-2/+9
|
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-181-2/+7
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* attrs: Check printf formatting in buffer_append_printf()Stef Walter2013-07-181-0/+5
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985497
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-185-2/+55
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-181-4/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-182-13/+30
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-188-1/+270
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* tools: Use $TMPDIR instead of $TEMPStef Walter2013-07-184-74/+60
| | | | | | | | | | | | TMPDIR is a more standard environment variable for locating the temp directory on Unix. In addition since this is only used in tests, remove the code from the generic p11_path_expand() func. In general remove the possibility for forks to put $HOME or $TEMP environment variables in configured paths. This was possible due to code in p11_path_expand() but not something we supported. https://bugzilla.redhat.com/show_bug.cgi?id=985017
* Fix various issues highlighted by coverity scannerStef Walter2013-07-182-1/+3
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-182-3/+19
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* buffer: Check for unlikely integer overflowStef Walter2013-07-181-0/+6
| | | | | | | | If we see an integer overflow here something has gone horribly wrong (or malicious code is present). So treat this as unrecoverable, and fail if we're going to overflow. https://bugzilla.redhat.com/show_bug.cgi?id=985019
* Make preconditions abort unconditionally when scanning with coverityStef Walter2013-07-182-0/+9
| | | | | | | | | | | | This reflects that preconditions are invalid/unreachable on a functioning system and with valid input. We do not try to recover from such conditions. In addition teach coverity about how our test suite fails See http://p11-glue.freedesktop.org/doc/p11-kit/devel-building-style.html https://bugzilla.redhat.com/show_bug.cgi?id=985005
* Fixes for some recent win32 regressionsStef Walter2013-07-181-3/+18
|
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-103-614/+0
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* common: Fix typo, and don't escape '6' in URL encodingStef Walter2013-07-081-1/+1
|
* trust: Port to use CKA_PUBLIC_KEY_INFO and updated trust store specStef Walter2013-07-043-0/+3
| | | | | | | | | | * Use the concepts and PKCS#11 objects described in the recently updated (still work in progress) storing trust spec. * Define our own CKA_X_PUBLIC_KEY_INFO define for now, since the the CKA_PUBLIC_KEY_INFO isn't defined yet. * Most notably, the association between certificates and stapled extensions is by public key. * Rework some of the tests to take into account the above.