summaryrefslogtreecommitdiff
path: root/common
Commit message (Collapse)AuthorAgeFilesLines
* build: Delay building test programs until "make check"Daiki Ueno2017-05-291-1/+1
| | | | | This is to disable clang-analyzer against test programs, which can contain several false-positives.
* pkcs11: Define RSA-PSS mechanism parameterDaiki Ueno2017-05-241-0/+11
|
* pkcs11: Make CK_RSA_PKCS_OAEP_PARAMS usefulDaiki Ueno2017-05-241-1/+7
|
* fixed license in unix peer fileNikos Mavrogiannopoulos2017-02-271-12/+27
|
* common: New p11_get_upeer_id() functionNikos Mavrogiannopoulos2017-02-173-0/+132
|
* common: Add path encoding functionsDaiki Ueno2017-02-163-0/+59
| | | | | | | | | This adds p11_path_{encode,decode}(), following the escaping rule described in: https://dbus.freedesktop.org/doc/dbus-specification.html#addresses Although they are merely a wrapper around p11_url_{decode,encode}(), having dedicated functions hides the implementation details.
* library: Initialize p11_virtual_mutex for WindowsDaiki Ueno2017-02-161-0/+2
|
* test: Fix Windows test case for p11_path_expandDaiki Ueno2017-02-161-1/+1
|
* argv: Fix misinterpretation of backslash in quotesDaiki Ueno2017-02-163-1/+119
| | | | | Don't append the backslash character twice to the output. It is interpolated a few lines below, if it is really required.
* compat: Fix character generation in mk{s,d}temp()Daiki Ueno2017-02-161-1/+1
|
* Fix a typo in "x-cetrificate-value", see also ↵Kai Engert2017-02-161-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=99600
* Support loading new NSS attribute CKA_NSS_MOZILLA_CA_POLICY from .p11-kit files.Kai Engert2017-02-162-0/+2
| | | | | See also NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=1334976 and p11-kit bug https://bugs.freedesktop.org/show_bug.cgi?id=99453
* library: Deinit p11_virtual_mutexDaiki Ueno2017-02-161-0/+1
| | | | | Follow-up fix for commit 4d228aa0, which forgot to clear p11_virtual_mutex on library finalization.
* virtual: Move mutex into p11_library_init()Daiki Ueno2017-02-142-0/+6
| | | | | | | | | We used to provide p11_virtual_fixed_{,un}init() to only initialize a mutex used in virtual.c. That required all the tests calling virtual functions to call p11_virtual_fixed_{,un}init() in main(). For simplicity, move the mutex variable initialization into p11_library_init().
* Fix compiler warnings on FreeBSDRoman Bogorodskiy2017-01-232-0/+5
| | | | | | | | | | | * common/compat.c: Fix "implicit declaration of function 'issetugid'" warning. On FreeBSD, it's required to define __BSD_VISIBLE to make issetugid(2) visible * common/test-message.c: Fix "implicit declaration of function 'asprintf'" by including <stdio.h> * p11-kit/test-iter.c: Fix "format '%lu' expects argument of type 'long unsigned int', but argument 3 has type 'int'" by changing format string to "%d"
* common: use recursive pthread mutex for library lockLubomir Rintel2017-01-191-1/+1
| | | | | | | | | | | | | | | | This allows us to do nested locking within one thread avoiding a lockup when remoting the p11-kit-proxy.so module: #0 0x00007f190f35838d in __lll_lock_wait () from /lib64/libpthread.so.0 #1 0x00007f190f351e4d in pthread_mutex_lock () from /lib64/libpthread.so.0 #2 0x00007f190f98657f in C_GetFunctionList (list=0x7ffe7ec3f798) at p11-kit/proxy.c:2355 #3 0x00007f190f993cc9 in dlopen_and_get_function_list (funcs=0x7ffe7ec3f798, path=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", mod=0x249e3d0) at p11-kit/modules.c:337 #4 load_module_from_file_inlock (name=name@entry=0x0, path=path@entry=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", result=result@entry=0x7ffe7ec3f7e8) at p11-kit/modules.c:382 #5 0x00007f190f99587f in p11_kit_module_load (module_path=module_path@entry=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so", flags=flags@entry=0) at p11-kit/modules.c:2427 #6 0x0000000000401c4b in serve_module_from_file (file=0x7ffe7ec40926 "/usr/local/lib/p11-kit-proxy.so") at p11-kit/remote.c:105 #7 main (argc=1, argv=<optimized out>) at p11-kit/remote.c:169 The Windows NT mutex is aready recursive by default.
* test: Remove setgid()ed copy of frob-getenvDaiki Ueno2016-12-131-2/+1
| | | | Otherwise the file is left in builddir, after make distclean.
* pkcs11: Update CRYPTOKI_VERSION to 2.40Daiki Ueno2016-12-131-6/+3
|
* pkcs11: Add CK_RSA_PKCS_OAEP_PARAMS definitionDaiki Ueno2016-12-131-0/+20
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1191209
* pkcs11: Add CKA_COPYABLE definitionDaiki Ueno2016-12-131-0/+1
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1191231
* pkcs11: Add AES key wrap mechanismsDaiki Ueno2016-12-131-0/+3
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1191231
* mock: Check return value of calloc()Pankaj2016-12-131-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92813
* common, trust: Avoid integer overflowDaiki Ueno2016-12-063-3/+9
| | | | | | | This fixes issues pointed in: https://bugzilla.redhat.com/show_bug.cgi?id=985445 except for p11-kit/conf.c:read_config_file(), which was rewritten using mmap() and thus length calculation is no longer needed.
* test-conf: don't create the setuid copy in /tmpLubomir Rintel2016-11-291-1/+1
| | | | | The temporary directory is often mounted with nosuid, thus whatever runs from there doesn't get AT_SECURE in auxv.
* Fix leak when C_Initialize() is called from childDaiki Ueno2016-08-221-0/+3
| | | | | | | The test case added for bug 90289 (commit c73edd00) revealed that some of the C_Initialize() implementations do not consider the case where it is called from the parent process and then from the child process, without calling C_Finalize() in between.
* p11-kit: Fix redundant check for 'signature' is always 'true'Pankaj2015-11-231-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92807
* common: Fix warning about dereferencing NULL pointerPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92842
* common: Fix in test-code for file descriptor validity checkPankaj2015-11-091-0/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92843
* common: Remove compat timegm() implementationStef Walter2015-10-191-31/+0
| | | | We no longer use timegm()
* p11-kit: 'int' comparison with 'unsigned int' in for() for the array indexPankaj2015-10-191-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92443
* p11-kit: 'int' comparison with 'unsigned int' in for() for array indexPankaj2015-10-191-1/+1
|
* Fix trust command segfaults in expand_homedir() when no matching password ↵Robert Milasan2015-07-311-9/+9
| | | | | | | | | | | | | record was found Hello, it looks like under some conditions, command trust segfaults in expand_homedir() due to no matching password record was found: Signed-off-by: Robert Milasan <rmilasan@suse.com> Signed-off-by: Stef Walter <stefw@redhat.com> * Updated path so message is printed and errno is not overwritten https://bugs.freedesktop.org/show_bug.cgi?id=91506
* compat: Add definition for setenv for Win32Michael Cronenworth2014-11-121-0/+4
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* p11-kit: Use pthread_atfork() in a safe mannerStef Walter2014-10-033-0/+14
| | | | | | | | | | | | | Instead of trying to perform actions in pthread_atfork() which are not async-signal-safe, just increment a counter so we can later tell if the process has forked. Note this does not make it safe to mix threads and forking without immediately execing. This is a far broader problem that p11-kit, however we now do the right thing when fork+exec is used from a thread. https://bugs.freedesktop.org/show_bug.cgi?id=84567
* common: Use secure_getenv() implementation when setuidStef Walter2014-10-027-3/+112
| | | | | In anything security sensitive, use secure_getenv() implementation for retrieving environment variables.
* common: In tests preserve parent environment for childrenStef Walter2014-10-021-1/+1
|
* common: Move unistd include to define getopt and friendsMichael Cronenworth2014-09-181-1/+1
| | | | | | Needed to fix MinGW builds. Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* common: New public pkcs11x.h header containing extensionsStef Walter2014-09-106-456/+514
| | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFOStef Walter2014-09-103-3/+7
| | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Add support for multiple field names (ie: nicks) per constantStef Walter2014-09-103-21/+22
| | | | | | This allows us to have old/new names for a given constant. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* Move to non-recursive Makefile for building bins and libsStef Walter2014-08-1515-67/+85
| | | | Still use recursive for documentation and translation.
* common: Fix regression introduced by last commitStef Walter2014-08-151-1/+1
| | | | | | The last commit caused dirfd() to become undefined. https://bugs.freedesktop.org/show_bug.cgi?id=82617
* Fix build against older pthreads implementationsBaruch Siach2014-08-141-0/+6
| | | | | | | | | | | | | | | | | Older pthreads implementations like glibc NPTL prior to version 2.12, and uClibc linuxthreads (both), need _XOPEN_SOURCE to expose pthread_mutexattr_settype() and THREAD_MUTEX_DEFAULT. The value 600 (SuSv3, POSIX.1-2001) is equivalent to _POSIX_C_SOURCE 200112L. Fixes the following build error: CC compat.lo compat.c: In function 'p11_mutex_init': compat.c:164:2: warning: implicit declaration of function 'pthread_mutexattr_settype' [-Wimplicit-function-declaration] compat.c:164:2: warning: nested extern declaration of 'pthread_mutexattr_settype' [-Wnested-externs] compat.c:164:36: error: 'PTHREAD_MUTEX_DEFAULT' undeclared (first use in this function) https://bugs.freedesktop.org/show_bug.cgi?id=82617
* common: Quiet down clang scanner with assertionsStef Walter2014-08-081-1/+1
| | | | | Quieten down the clang scanner by telling it to expect that our test assertions fail
* Fix mostly erroneous scanner warnings in testsStef Walter2014-08-083-0/+6
|
* common: Allow specifying which tests to run on command lineStef Walter2014-08-081-1/+33
| | | | | | This modifies our common unit test code so we can specify full test paths on the command line, and restrict the run tests to the ones specified. Order is not respected at this time.
* common: Don't do repeated linear reallocation of array memoryStef Walter2014-08-071-1/+4
| | | | | | | Some mallocs (notably on Windows) have really poor behavior when called repeatedly with a linearly growing buffer. https://bugzilla.redhat.com/show_bug.cgi?id=985419
* test: Move some file and directory code into general test stuffStef Walter2014-07-082-0/+93
|
* Add compatibility fdwalk() functionStef Walter2014-07-082-0/+80
| | | | | This is used when execing another process to close all open file descriptors that we don't wish to be inherited.
* rpc: Implement PKCS#11 messages/client/server codeStef Walter2014-07-084-0/+12
| | | | | | | | | | | | * This enables passing around bytes which represent PKCS#11 RPC calls. * Caller is responsible for connecting/disconnecting and so on. * Client side caller gets a mixin from p11_rpc_client_init() to call into, which generates callbacks with byte arrays to be transported. * Server side calls p11_rpc_server_handle() with a CK_FUNCTION_LIST_PTR on which relevant methods get called. * Doesn't yet implement the actual daemon or clients etc... https://bugs.freedesktop.org/show_bug.cgi?id=54105