summaryrefslogtreecommitdiff
path: root/p11-kit
Commit message (Collapse)AuthorAgeFilesLines
* proxy: Fix cases where modules are unloaded while in useStef Walter2014-02-131-22/+31
| | | | | | | | | | | | | The proxy module would unload the PKCS#11 modules it was proxying when C_Finalize() was called. However if a caller in another thread was inside of a PKCS#11 function at the time, this would cause a crash. Change things around so that underlying modules are finalized during the proxy C_Finalize() but not released/unloaded until the proxy module itself is unloaded. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* proxy: Remove assertions when module is not initializedStef Walter2014-02-131-2/+0
| | | | | | | | We should return CKR_CRYPTOKI_NOT_INITIALIZED rather than assert() when proxy PKCS#11 functions are called before the module is initialized. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* test-iter: Fix use of uninitialized variableStef Walter2014-01-141-0/+1
|
* iter: Fix return value in rare memory allocation caseStef Walter2014-01-131-1/+1
|
* iter: Add p11_kit_iter_get_attributes() functionStef Walter2014-01-133-0/+106
| | | | A simple wrapper for C_GetAttributeValue()
* Disable tests with setgid binaries when running in fakerootAndreas Metzler2013-10-011-1/+4
| | | | | We use the FAKED_MODE environment variable as a way to detect fakeroot.
* Remove unused make variablesStef Walter2013-09-091-1/+0
|
* messages: Better message for CKR_FUNCTION_REJECTEDStef Walter2013-09-051-1/+1
|
* Route 'p11-kit extract-trust' over to trust toolStef Walter2013-08-291-28/+30
| | | | | | The actual command is 'trust extract-compat'. Make installed placeholder script reflect this. We still support the old placeholder script if it is present.
* Add p11-kit style typedefs for iter and uriStef Walter2013-08-282-0/+2
| | | | | In general we're slowly migrating towards the lower case style for stuctures/objects.
* iter: Add a p11_kit_iter_destroy_object() functionStef Walter2013-08-283-0/+59
| | | | Handy function since this is a common need.
* iter: Add p11_kit_iter_set_uri() functionStef Walter2013-08-283-7/+65
| | | | This is so we can set a filtering uri on the iterator after construction
* iter: Add p11_kit_iter_get_token() callStef Walter2013-08-283-4/+55
| | | | | To get the already loaded CK_TOKEN_INFO during iteration for the token that the current object is on.
* iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behaviorStef Walter2013-08-283-28/+16
| | | | | This allows us to try to get a RW session, but if not fallback to a read-only session.
* p11-kit: Rename list.c to lists.c to simplify debuggingStef Walter2013-08-282-1/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-283-23/+21
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-0/+2
|
* Use simple serial automake test harnessStef Walter2013-07-233-1/+3
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Add appropriate const qualifiersStef Walter2013-07-181-1/+1
|
* Fix p11_kit_space_strlen() result when empty stringStef Walter2013-07-183-3/+63
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985416
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-181-1/+1
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-181-4/+2
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-182-4/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-181-1/+1
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-186-2/+144
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* Fix various issues highlighted by coverity scannerStef Walter2013-07-183-6/+15
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-182-76/+27
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* iter: Document guarantees for filter matches argumetStef Walter2013-07-181-0/+4
| | | | | | | | The matches argument is always initialized to CK_TRUE when a filter is called, and it's up to filters to set it to CK_FALSE. Filters don't need to set to CK_TRUE. https://bugzilla.redhat.com/show_bug.cgi?id=985009
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-171-1/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* Build with -fno-common to catch definition problemsStef Walter2013-07-101-2/+2
| | | | | | Fix some global variables not declared as extern https://bugs.freedesktop.org/show_bug.cgi?id=66015
* Various documentation tweaks and fixes for warningsStef Walter2013-07-101-0/+8
|
* trust: Fix the 'p11-kit extract' commandStef Walter2013-07-092-2/+21
| | | | | This is supposed to call over to 'trust extract' and wasn't working correctly.
* p11-kit: Add P11_KIT_MODULE_TRUSTED flagStef Walter2013-07-045-19/+86
| | | | | A new flag to pass to p11_kit_modules_load() and related functions which limits loaded modules to ones with "trust-policy: yes".
* iter: Add iteration mode where session is not busyStef Walter2013-07-033-45/+132
| | | | | | | | | | | In order to use the session we are iterating on for other tasks such as other C_FindObject() calls, we need to make sure that it's not in the middle of a find operation. Finish up the complete find operation in advance of returning objects from a session. Make this the default mode. The previous behavior remains as an option. Add tests.
* Fix dependency between p11-kit command and libraryStef Walter2013-06-251-1/+1
|
* Reorganize various componentsStef Walter2013-06-253-0/+415
| | | | | | | * p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory
* url: Encode directly to a bufferStef Walter2013-05-271-13/+19
|
* Mark p11_kit_message() as a stable functionStef Walter2013-05-211-2/+2
|
* Fix building of applications using CRYPTOKI_GNU styleStef Walter2013-05-211-1/+3
|
* Bump the version for deprecated function documentationStef Walter2013-05-211-9/+9
|
* Fix up Makefile.am files for automake 1.13 warningsStef Walter2013-05-212-2/+2
|
* Our own unit testing frameworkStef Walter2013-05-2114-1729/+1572
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Further reorganization of the core module trackingStef Walter2013-05-211-188/+161
| | | | | | | | | * Keep the module ownership apart from the tracking of module function pointers, since these are only relevant for unmanaged modules. * Less assumptions that each module has a raw unmanaged module function pointer. * More clarity in the naming of dictionaries tracking the modules.
* Add the log-calls module config optionStef Walter2013-05-217-16/+2234
| | | | | If 'log-calls = yes' is set then all the PKCS#11 modules are logged to stderr.
* Manage C_CloseAllSessions function for multiple callersStef Walter2013-05-213-7/+268
| | | | | | Make C_CloseAllSessions work for different callers. Track the sessions that each caller opens and close just those when C_CloseAllSessiosn is called.
* Update the proxy module to use managed PKCS#11 modulesStef Walter2013-05-218-256/+1410
| | | | | | | | | | Each time C_GetFunctionList is called on the proxy module, a new managed PKCS#11 set of functions is returned. These are all cleaned up when the module is unloaded. We want the proxy module to continue to work even without the highly recommended libffi. For that reason we still keep the old behavior of sharing state in the proxy module.
* p11-kit: Managed PKCS#11 module loadingStef Walter2013-05-2118-364/+4355
| | | | | | | | | Support a new managed style module loading for PKCS#11 modules. This allows us to better coordinate between multiple callers of the same PKCS#11 modules and provide hooks into their behavior. This meant redoing the public facing API. The old methods are now deprecated, marked and documented as such.
* Use libffi to implement mixins for managed codeStef Walter2013-05-165-1/+3228
| | | | | | * This allows us to call into subclassed PKCS#11 modules as if they were plain old PKCS#11 modules * libffi is an optional dependency
* Implement valgrind's hellgrind checks for threading problemsStef Walter2013-05-151-1/+1
| | | | | | | And cleanup our locks/locking model. There's no need to use recursive locks, especially since we can't use them on all platforms. In addition adjust taking of locks during initialization so that there's no chance of deadlocking here.
* More compatible path munging and handling codeStef Walter2013-04-032-91/+7
| | | | | | | | | | Centralize the path handling code, so we can remove unixy assumptions and have a chance of running on Windows. The current goal is to run all the tests on Windows. Includes some code from LRN <lrn1986@gmail.com> https://bugs.freedesktop.org/show_bug.cgi?id=63062
generated by cgit v1.1 at 2024-12-26 18:22:37 +0000