| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Since the libffi became optional (commit 9f632bed), the fallback code
path in proxy.c has never taken.
|
| |
|
|
|
|
|
| |
While the proxy module reassigns slot IDs in C_Initialize(), some
applications assume that valid slot IDs should never change across
multiple calls to C_Initialize(). This patch mitigates this by
preserving the slot IDs, if they are known to the proxy module.
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| | |
|
| |
|
|
|
|
|
| |
That allows overriding the default module and configuration
locations, for use in test suites, etc.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
| |
This adds -k, -c, and -s options to the "p11-kit server" command,
which allows you to terminate the server process, select which C-shell
or Bourne shell command line is printed on startup, respectively.
|
| |
|
|
|
| |
Previously, calling "eval $(p11-kit server)" from shell hung because
the program didn't properly close stdout before forking.
|
| |
|
|
|
|
| |
It is possible that NULL is given to the serializers, when
C_GetAttributeValue() just wants to know the size of an attribute.
Previously, this resulted in giving NULL to memcpy().
|
| |
|
|
|
|
| |
Previously, when "p11-kit server" started only with a token URI, it
couldn't properly find and initialize the module which provides the
token. This was because of the wrong order of cleanup of the modules.
|
| |
|
|
|
|
| |
In C_GetFunctionList, state->virt is wrapped with a destroyer function
free(). Thus p11_rpc_transport_free must be called before
p11_virtual_unwrap.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously we used p11_dict to keep track of vendor query attributes.
This had a couple of limitations: duplicate attributes are not allowed
while they are actually allowed in RFC 7512, and the order of
attributes is unpredictable.
This patch switches to using an array instead of p11_dict and ensures
that the attributes are sorted in alphabetical order.
Fixes #88.
|
| |
|
|
|
|
|
|
|
|
| |
The value given to p11_rpc_buffer_add_ulong_value() must be a pointer
of CK_ULONG. Similarly, the value returned from
p11_rpc_buffer_get_ulong_value() must be converted to CK_ULONG before
comparison.
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-July/000665.html
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently `ca-certificates.spec` in Fedora ends up doing in `%post`:
```
/usr/bin/p11-kit extract --format=openssl-bundle --filter=certificates --overwrite --comment $DEST/openssl/ca-bundle.trust.crt
```
etc.
And due to this bit of code in p11-kit, we end up looking for the home
directory for configuration. In this case, `/root`.
It's categorically wrong to do this; the root user is distinct from
"the system". This issue is equivalent to one I fixed in Pango:
https://git.gnome.org/browse/pango/commit/?id=aecbe27c1b08f517c0e05f03308d3ac55cef490c
Fast forward to today, and the reason I'm making this change is I'm working on
`rpm-ostree ex container`, which builds containers as *non-root* (like
gnome-continuous does, but now with RPMs), keeping the invoking uid. And this
bug causes the `ca-certificates` `%post` to fail because it's trying to look for
my uid 1000 which doesn't exist in the target rootfs' password database.
Again, there's no reason to be looking for a home directory for system triggers,
regadless of UID, so once this patch lands, I'll update `ca-certificates` to use
it, and traditional RPM `%post` will stop looking in `/root` too.
|
| | |
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
|
| |
This is to disable clang-analyzer against test programs, which can
contain several false-positives.
|
| |
|
|
|
| |
Reported by Mantas Mikulėnas in:
https://bugs.freedesktop.org/show_bug.cgi?id=101212
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Instead of a Unix domain socket on Unix, use a named pipe on Windows.
|
| | |
|
| | |
|
| |
|
|
| |
This is similar to commit ba49b85e, but for mechanism parameters.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
When using the RPC across multiple architectures, where data models
are different, say LP64 vs ILP32, there can be unwanted truncation of
attribute values.
This patch converts the values into portable format for the known
attributes.
Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
| |
Otherwise it will cause assertion failure in a few lines below.
Spotted by amrican fuzzy lop.
|
| |
|
|
|
| |
out_fd is not always 1 when p11_kit_remote_serve_module() is used for
writing a custom server.
|
| |
|
|
|
|
|
|
|
| |
Given that the remote proxy service shall be only used by NetworkManager
and not generally useful, revert commit
a4fb2bb587fb1a0146cf97f039b671d3258488f9 for now.
Once the necessary command that runs the proxy module is implemented in
p11-kit, maybe NetworkManager itself could install those files.
|
| |
|
|
|
| |
The p11-kit-remote executable is now located under $libexecdir, but we
should use the p11-kit command to launch the subcommand.
|
| |
|
|
| |
Include signal.h for kill(2) and SIGKILL on FreeBSD.
|
| |
|
|
|
|
|
|
| |
If an unknown attribute is present in the query part of the PKCS#11 URI,
the parser treated it as unrecognized and subsequent matches failed.
Instead, keep track of such attributes and provide a set of API to deal
with them.
|
| |
|
|
|
| |
The connection failure here is not fatal. Use p11_debug() instead of
p11_message().
|
| |
|
|
|
| |
This is unset on most systems, but might as well follow the Base
Directory spec properly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a PKCS#11 module that connects to the p11-kit server
exposed on the filesystem. The filename of the socket is determined in
the following order:
- $P11_KIT_SERVER_ADDRESS, if the envvar is available
- $XDG_RUNTIME_DIR/p11-kit/pkcs11, if the envvar is available
- /run/$(id -u)/p11-kit/pkcs11, if /run/$(id -u) exists
- /var/run/$(id -u)/p11-kit/pkcs11, if /var/run/$(id -u) exists
- ~/.cache/p11-kit/pkcs11.
Note that the program loading this module may have called setuid() and
secure_getenv() which we use for fetching envvars could return NULL.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This adds a new tool to the p11-kit command called 'server', which
allows us to access a PKCS#11 module over a Unix domain socket.
Internally, it is implemented as a wrapper around 'p11-kit remote'.
Upon connection it executes 'p11-kit remote' in a forked process.
|
| | |
|
| |
|
|
|
| |
Synchronize the fixture module to the non-Unix one and enable
"/modules/test_filename".
|
| |
|
|
|
|
|
| |
On Windows, use _spawnv() to create a subprocess and two unidirectional
pipe created with _pipe() to communicate with it. If we can assume
WinSock, it might be simpler to use a socketpair() replacement from:
https://github.com/ncm/selectable-socketpair.
|
