summaryrefslogtreecommitdiff
path: root/configure.ac
Commit message (Collapse)AuthorAgeFilesLines
* build: Make reallocarray detection robusterDaiki Ueno2018-07-161-0/+1
| | | | | | On NetBSD, reallocarray is not declared until _OPENBSD_SOURCE is defined. Reported by Patrick Welche in: https://lists.freedesktop.org/archives/p11-glue/2018-July/000691.html
* server: Enable socket activation through systemdDaiki Ueno2018-06-201-0/+23
| | | | | | | | | | | This enables socket activation of "p11-kit server" through systemd. The feature provided is essentially the same as commit a4fb2bb5 (reverted), but implemented with "p11-kit server" and libsystemd API instead of wrapping "p11-kit remote" in the unit file. Note that, while it exposes all tokens through the socket, it doesn't increase attack surface beyond the PKCS#11 binary interface provided by p11-kit-proxy.so, because the service is per-user.
* build: Ease issetugid() check when cross-compilingDaiki Ueno2018-06-081-7/+9
| | | | | | | | | When cross-compiling, the configure check for issetugid() aborts, because of the pessimistic default of AC_RUN_IFELSE. This patch provides the non-pessimistic default to AC_RUN_IFELSE and wrap the macro invocation with AC_CACHE_CHECK so that the user can override the check by setting ac_cv_issetugid_openbsd=yes, as suggested in: https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Runtime.html#Runtime
* Release 0.23.12Daiki Ueno2018-05-301-1/+1
|
* common: Don't rely on issetugid() when it is brokenDaiki Ueno2018-05-301-1/+14
| | | | | | | | | | | On macOS and FreeBSD, issetugid() has different semantics from the original OpenBSD implementation and cannot reliably detect if the process made setuid/setgid: https://gist.github.com/nicowilliams/4daf74a3a0c86848d3cbd9d0cdb5e26e This should fix: https://bugs.freedesktop.org/show_bug.cgi?id=67451 https://bugs.freedesktop.org/show_bug.cgi?id=100287
* build: Don't use locale funcs if locale_t is not defined in locale.hDaiki Ueno2018-05-281-3/+8
| | | | | | On macOS, locale_t is not defined in <locale.h>. Although it is defined in <xlocale.h>, we rather not use locales at all for POSIX compliance.
* Release 0.23.11Daiki Ueno2018-05-071-1/+1
|
* library: Use dedicated locale object for printing errorDaiki Ueno2018-05-011-1/+1
|
* Revert "build: Check strerror_l() and uselocale() seperately"Daiki Ueno2018-05-011-1/+1
| | | | | | | | | This reverts commit 173ad93cc54057886b2055f3d73ea64a047127d1. We should rather use newlocale() when per-thread locale is not set. Otherwise uselocale() could return LC_GLOBAL_LOCALE on some platforms (e.g. musl-libc) and calling strerror_l() with it leads to an undefined behavior.
* build: Check strerror_l() and uselocale() seperatelyDaiki Ueno2018-04-191-1/+1
| | | | | | NetBSD deliberately doesn't support per-thread locale and our thread-safe replacement of strerror() using strerror_l() cannot be used. Fallback to strerror_r() in that case.
* test: Factor out common harness from test-extract.inDaiki Ueno2018-04-101-1/+1
|
* test: Take advantage of TAP test driverDaiki Ueno2018-03-291-0/+1
|
* Release 0.23.10Daiki Ueno2018-02-271-1/+1
|
* maint: Point to the new URLsDaiki Ueno2018-02-271-2/+2
|
* build: Split out generated code from p11-kit/virtual.cDaiki Ueno2018-01-311-0/+13
|
* build: Take advantage of parallel-testsDaiki Ueno2017-10-061-1/+1
|
* Release 0.23.9Daiki Ueno2017-10-021-1/+1
|
* Release 0.23.8Daiki Ueno2017-08-151-1/+1
|
* common: Use reallocarray instead of realloc as appropriateDaiki Ueno2017-08-081-0/+1
| | | | | | reallocarray is a new POSIX function added in glibc 2.26, with built-in overflow checks. Take advantage of that function for internal array allocation.
* p11_get_upeer_id: implement case using ucred.hFabian Groffen2017-06-271-1/+2
| | | | Solaris can retrieve this information via getpeerucred().
* configure: pull in -lnsl -lsocket for socket functionsFabian Groffen2017-06-271-0/+7
| | | | Solaris has socket() etc. in these two libs.
* build: Allow use of _GNU_SOURCEDaiki Ueno2017-06-121-0/+3
| | | | | | This reverts commit 6b457ffc, which forbids the use of GNU extension for the incompatibility of strerror_r. However, now that strerror_l is used instead on glibc systems, it has no point to do that.
* compat: Prefer strerror_l to strerror_rDaiki Ueno2017-06-121-2/+2
| | | | | strerror_r is being obsolete in the next POSIX specification: http://austingroupbugs.net/view.php?id=655
* Release 0.23.7Daiki Ueno2017-05-311-1/+1
|
* Release 0.23.6Daiki Ueno2017-05-261-1/+1
|
* test: Check the size of unsigned longDaiki Ueno2017-05-261-0/+2
|
* correct text for --user-config optionDaniel Black2017-03-061-1/+1
|
* Release 0.23.5Daiki Ueno2017-03-021-1/+1
|
* systemd: Fix location of p11-kit-remoteDaiki Ueno2017-02-271-1/+0
| | | | | The p11-kit-remote executable is now located under $libexecdir, but we should use the p11-kit command to launch the subcommand.
* build: check for getpeereidRoman Bogorodskiy2017-02-241-0/+1
| | | | | | In common/unix-peer.c, we are checking if HAVE_GETPEEREID is defined, however, we never actually check if getpeereid() is available, so fix that by checking this function using AC_CHECK_FUNCS().
* Release 0.23.4Daiki Ueno2017-02-221-3/+3
|
* p11-kit: Add 'p11-kit server' commandNikos Mavrogiannopoulos2017-02-171-0/+3
| | | | | | | | This adds a new tool to the p11-kit command called 'server', which allows us to access a PKCS#11 module over a Unix domain socket. Internally, it is implemented as a wrapper around 'p11-kit remote'. Upon connection it executes 'p11-kit remote' in a forked process.
* build: Adjust executable/module names for WindowsDaiki Ueno2017-02-161-0/+2
| | | | Append EXEEXT or SHLEXT to the filename if needed.
* build: Check *asprintf on all platformsDaiki Ueno2017-02-161-3/+4
|
* build: Make libffi closure optionalDaiki Ueno2017-01-241-11/+0
| | | | | | | | libffi's closure support is not available on all platforms and may fail at run time if running under a stricter SELinux policy. Fallback to pre-compiled closures if it is not usable. https://bugs.freedesktop.org/show_bug.cgi?id=97611
* systemd: add per-user remoting socketLubomir Rintel2017-01-201-0/+1
| | | | | | This allows daemons outside user's session to use per-user PKCS#11 modules. Useful for letting VPN daemons or wpa_supplicant use certificates stored in user's GNOME keyring, etc.
* Release version 0.23.3Daiki Ueno2016-12-201-3/+3
|
* move privatedir from libdir to libexecdirStanislav Brabec2016-11-301-1/+1
| | | | | | | | | | | According to the GNU Coding Standards[1], private executables should be installed to libexecdir, not libdir. Move privatedir to libexecdir. [1] https://www.gnu.org/prep/standards/ https://bugs.freedesktop.org/show_bug.cgi?id=98817
* configure: Remove redundant AM_GNU_GETTEXTDaiki Ueno2016-08-221-1/+0
| | | | There is the same line a few lines below.
* Bump version numberStef Walter2015-12-071-1/+1
|
* common: Remove compat timegm() implementationStef Walter2015-10-191-1/+0
| | | | We no longer use timegm()
* Release version 0.23.1Stef Walter2015-02-201-1/+1
|
* compat: Add definition for setenv for Win32Michael Cronenworth2014-11-121-0/+1
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* Release version 0.22.1Stef Walter2014-10-091-1/+1
|
* Bump libtool versioning for added APIsStef Walter2014-10-061-2/+2
|
* Release version 0.22.0Stef Walter2014-10-041-1/+1
|
* common: Use secure_getenv() implementation when setuidStef Walter2014-10-021-1/+1
| | | | | In anything security sensitive, use secure_getenv() implementation for retrieving environment variables.
* Release version 2.21.3Stef Walter2014-09-171-1/+1
|
* configure: Check for pthread_create() in pthread libraryRoman Bogorodskiy2014-09-091-3/+3
| | | | | | | Check for pthread_create() in pthread library instaed of pthread_mutexattr_init(). This fixes a linking error on FreeBSD. https://bugs.freedesktop.org/show_bug.cgi?id=75674
* Release version 0.21.2Stef Walter2014-09-051-1/+1
|