summaryrefslogtreecommitdiff
path: root/p11-kit
Commit message (Collapse)AuthorAgeFilesLines
* Disable tests with setgid binaries when running in fakerootAndreas Metzler2013-10-011-1/+4
| | | | | We use the FAKED_MODE environment variable as a way to detect fakeroot.
* Remove unused make variablesStef Walter2013-09-091-1/+0
|
* messages: Better message for CKR_FUNCTION_REJECTEDStef Walter2013-09-051-1/+1
|
* Route 'p11-kit extract-trust' over to trust toolStef Walter2013-08-291-28/+30
| | | | | | The actual command is 'trust extract-compat'. Make installed placeholder script reflect this. We still support the old placeholder script if it is present.
* Add p11-kit style typedefs for iter and uriStef Walter2013-08-282-0/+2
| | | | | In general we're slowly migrating towards the lower case style for stuctures/objects.
* iter: Add a p11_kit_iter_destroy_object() functionStef Walter2013-08-283-0/+59
| | | | Handy function since this is a common need.
* iter: Add p11_kit_iter_set_uri() functionStef Walter2013-08-283-7/+65
| | | | This is so we can set a filtering uri on the iterator after construction
* iter: Add p11_kit_iter_get_token() callStef Walter2013-08-283-4/+55
| | | | | To get the already loaded CK_TOKEN_INFO during iteration for the token that the current object is on.
* iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behaviorStef Walter2013-08-283-28/+16
| | | | | This allows us to try to get a RW session, but if not fallback to a read-only session.
* p11-kit: Rename list.c to lists.c to simplify debuggingStef Walter2013-08-282-1/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-283-23/+21
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-0/+2
|
* Use simple serial automake test harnessStef Walter2013-07-233-1/+3
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Add appropriate const qualifiersStef Walter2013-07-181-1/+1
|
* Fix p11_kit_space_strlen() result when empty stringStef Walter2013-07-183-3/+63
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985416
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-181-1/+1
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-181-4/+2
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-182-4/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-181-1/+1
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-186-2/+144
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* Fix various issues highlighted by coverity scannerStef Walter2013-07-183-6/+15
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-182-76/+27
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* iter: Document guarantees for filter matches argumetStef Walter2013-07-181-0/+4
| | | | | | | | The matches argument is always initialized to CK_TRUE when a filter is called, and it's up to filters to set it to CK_FALSE. Filters don't need to set to CK_TRUE. https://bugzilla.redhat.com/show_bug.cgi?id=985009
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-171-1/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* Build with -fno-common to catch definition problemsStef Walter2013-07-101-2/+2
| | | | | | Fix some global variables not declared as extern https://bugs.freedesktop.org/show_bug.cgi?id=66015
* Various documentation tweaks and fixes for warningsStef Walter2013-07-101-0/+8
|
* trust: Fix the 'p11-kit extract' commandStef Walter2013-07-092-2/+21
| | | | | This is supposed to call over to 'trust extract' and wasn't working correctly.
* p11-kit: Add P11_KIT_MODULE_TRUSTED flagStef Walter2013-07-045-19/+86
| | | | | A new flag to pass to p11_kit_modules_load() and related functions which limits loaded modules to ones with "trust-policy: yes".
* iter: Add iteration mode where session is not busyStef Walter2013-07-033-45/+132
| | | | | | | | | | | In order to use the session we are iterating on for other tasks such as other C_FindObject() calls, we need to make sure that it's not in the middle of a find operation. Finish up the complete find operation in advance of returning objects from a session. Make this the default mode. The previous behavior remains as an option. Add tests.
* Fix dependency between p11-kit command and libraryStef Walter2013-06-251-1/+1
|
* Reorganize various componentsStef Walter2013-06-253-0/+415
| | | | | | | * p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory
* url: Encode directly to a bufferStef Walter2013-05-271-13/+19
|
* Mark p11_kit_message() as a stable functionStef Walter2013-05-211-2/+2
|
* Fix building of applications using CRYPTOKI_GNU styleStef Walter2013-05-211-1/+3
|
* Bump the version for deprecated function documentationStef Walter2013-05-211-9/+9
|
* Fix up Makefile.am files for automake 1.13 warningsStef Walter2013-05-212-2/+2
|
* Our own unit testing frameworkStef Walter2013-05-2114-1729/+1572
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Further reorganization of the core module trackingStef Walter2013-05-211-188/+161
| | | | | | | | | * Keep the module ownership apart from the tracking of module function pointers, since these are only relevant for unmanaged modules. * Less assumptions that each module has a raw unmanaged module function pointer. * More clarity in the naming of dictionaries tracking the modules.
* Add the log-calls module config optionStef Walter2013-05-217-16/+2234
| | | | | If 'log-calls = yes' is set then all the PKCS#11 modules are logged to stderr.
* Manage C_CloseAllSessions function for multiple callersStef Walter2013-05-213-7/+268
| | | | | | Make C_CloseAllSessions work for different callers. Track the sessions that each caller opens and close just those when C_CloseAllSessiosn is called.
* Update the proxy module to use managed PKCS#11 modulesStef Walter2013-05-218-256/+1410
| | | | | | | | | | Each time C_GetFunctionList is called on the proxy module, a new managed PKCS#11 set of functions is returned. These are all cleaned up when the module is unloaded. We want the proxy module to continue to work even without the highly recommended libffi. For that reason we still keep the old behavior of sharing state in the proxy module.
* p11-kit: Managed PKCS#11 module loadingStef Walter2013-05-2118-364/+4355
| | | | | | | | | Support a new managed style module loading for PKCS#11 modules. This allows us to better coordinate between multiple callers of the same PKCS#11 modules and provide hooks into their behavior. This meant redoing the public facing API. The old methods are now deprecated, marked and documented as such.
* Use libffi to implement mixins for managed codeStef Walter2013-05-165-1/+3228
| | | | | | * This allows us to call into subclassed PKCS#11 modules as if they were plain old PKCS#11 modules * libffi is an optional dependency
* Implement valgrind's hellgrind checks for threading problemsStef Walter2013-05-151-1/+1
| | | | | | | And cleanup our locks/locking model. There's no need to use recursive locks, especially since we can't use them on all platforms. In addition adjust taking of locks during initialization so that there's no chance of deadlocking here.
* More compatible path munging and handling codeStef Walter2013-04-032-91/+7
| | | | | | | | | | Centralize the path handling code, so we can remove unixy assumptions and have a chance of running on Windows. The current goal is to run all the tests on Windows. Includes some code from LRN <lrn1986@gmail.com> https://bugs.freedesktop.org/show_bug.cgi?id=63062
* Separate library init from message codeStef Walter2013-04-0312-25/+29
| | | | | | | | | | | Put library init/uninit code its into their own statically linked library so that they don't get linked into the p11-kit executable. Refactor the message code so that the library initialization can plug in its per thread message buffer. https://bugs.freedesktop.org/show_bug.cgi?id=63046
* Don't use library locks from p11-kit toolStef Walter2013-04-031-0/+4
| | | | | | | The global library p11_library_mutex is for libraries to use, so don't use it from any code in common/, which is also used by the p11-kit tool https://bugs.freedesktop.org/show_bug.cgi?id=63046
* Fix build with automake 1.13Stef Walter2013-04-031-1/+1
| | | | Also remove some generated files from the po/ directory.
* Fix memory leaks reported by 'make leakcheck'Stef Walter2013-03-205-5/+7
|
* Add a bit of infrastructure for running valgrindStef Walter2013-03-201-1/+2
| | | | | * make memcheck: Runs basic memory checking * make leakcheck: Also runs leak checking