| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a PKCS#11 module that connects to the p11-kit server
exposed on the filesystem. The filename of the socket is determined in
the following order:
- $P11_KIT_SERVER_ADDRESS, if the envvar is available
- $XDG_RUNTIME_DIR/p11-kit/pkcs11, if the envvar is available
- /run/$(id -u)/p11-kit/pkcs11, if /run/$(id -u) exists
- /var/run/$(id -u)/p11-kit/pkcs11, if /var/run/$(id -u) exists
- ~/.cache/p11-kit/pkcs11.
Note that the program loading this module may have called setuid() and
secure_getenv() which we use for fetching envvars could return NULL.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
This adds a new tool to the p11-kit command called 'server', which
allows us to access a PKCS#11 module over a Unix domain socket.
Internally, it is implemented as a wrapper around 'p11-kit remote'.
Upon connection it executes 'p11-kit remote' in a forked process.
|
| |
|
|
|
|
|
| |
Synchronize the fixture module to the non-Unix one and enable
"/modules/test_filename".
|
|
|
|
|
|
|
| |
On Windows, use _spawnv() to create a subprocess and two unidirectional
pipe created with _pipe() to communicate with it. If we can assume
WinSock, it might be simpler to use a socketpair() replacement from:
https://github.com/ncm/selectable-socketpair.
|
|
|
|
| |
Append EXEEXT or SHLEXT to the filename if needed.
|
| |
|
|
|
|
|
|
|
|
|
| |
We used to provide p11_virtual_fixed_{,un}init() to only initialize a
mutex used in virtual.c. That required all the tests calling virtual
functions to call p11_virtual_fixed_{,un}init() in main().
For simplicity, move the mutex variable initialization into
p11_library_init().
|
| |
|
|
|
|
|
|
|
|
|
| |
While PKCS#11 URI can identify slots/tokens/modules, P11KitIter is only
capable of iterating over objects.
This patch adds new behaviors to P11KitIter to support iterations over
slots/tokens/modules, using the C coroutine trick as described in:
http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
|
|
|
|
|
|
|
|
|
|
|
|
| |
While 'pin-source' and 'pin-value' are defined as query atttribute, they
were defined as path attribute in earlier drafts, and some
implementations still stick to it.
For backward compatibility, accept those in path attributes when
parsing (but not when formatting).
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-January/000637.html
|
|
|
|
|
| |
Add proper inclusion guard to virtual-fixed.h and move the declarations
of the (un)initialization functions there.
|
|
|
|
|
| |
To prevent leaks of fixed closures, p11_kit_module_release() needs to be
called on the mock module itself.
|
| |
|
|
|
|
|
|
|
|
| |
libffi's closure support is not available on all platforms and may fail
at run time if running under a stricter SELinux policy. Fallback to
pre-compiled closures if it is not usable.
https://bugs.freedesktop.org/show_bug.cgi?id=97611
|
|
|
|
|
|
|
|
|
|
|
| |
* common/compat.c: Fix "implicit declaration of function 'issetugid'"
warning. On FreeBSD, it's required to define __BSD_VISIBLE to make
issetugid(2) visible
* common/test-message.c: Fix "implicit declaration of function
'asprintf'" by including <stdio.h>
* p11-kit/test-iter.c: Fix "format '%lu' expects argument of
type 'long unsigned int', but argument 3 has type 'int'" by
changing format string to "%d"
|
|
|
|
|
|
| |
This allows daemons outside user's session to use per-user PKCS#11
modules. Useful for letting VPN daemons or wpa_supplicant use
certificates stored in user's GNOME keyring, etc.
|
|
|
|
|
| |
Accept and produce 'module-name' and 'module-path' query attributes
defined in RFC 7512.
|
|
|
|
|
|
|
|
|
| |
Like memcpy(), the 'void *' argument of p11_buffer_add() points to the
memory area ordered in host's endianness. Add typecast of int->char to
avoid the confusion.
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-January/000633.html
|
|
|
|
| |
Put the pin-* attributes where they belong: to the query part.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pin-* attributes belong to the query part. We should not parse them
until we see a '?' and they're separated with a '&'.
This might be an important thing -- some of the query attributes may
have security implications reaching outside scope of the token itself, to the
host system itself. E.g. a pin-source may cause the consumer to access a file
or module-path (unimplemented) execute code. The user may want to just chop the
attribute part off if they want the consumer access the token and not take the
security considerations into account.
|
|
|
|
|
|
|
|
|
|
| |
- Current command for creation of the p11-kit-proxy symlink
uses shell brace expansion that isn't supported by all
the shells (e.g. FreeBSD's /bin/sh does not support that).
Replace it with the old-fashioned 'for' loop
- Match extension of the source and the target, i.e. so links
to so, dylib links to dylib (previously dylib linked to so)
- Add an uninstall-local target to clean up the symlink
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=93589
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=93588
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92815
|
|
|
|
|
| |
The variable is mentioned in the manual but wasn't exposed from the
pkg-config.
|
|
|
|
|
| |
The files created with AC_CONFIG_FILES are automatically added to the
distribution.
|
|
|
|
|
|
|
| |
This test hasn't been working since the removal of the pthread_atfork()
deinit code. To properly clean up, the child process needs to call
C_Initialize() and C_Finalize(), and it is already tested by
/proxy/initialize-child.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reset mod->init_count when forkid has changed. Otherwise C_Finalize
does not get called.
GCC's asan spotted this:
Direct leak of 48 byte(s) in 1 object(s) allocated from:
#0 0x7f89bc7bfe20 in malloc (/lib64/libasan.so.3+0xc6e20)
#1 0x7f89bc47a1f1 in p11_dict_new ../common/dict.c:278
#2 0x7f89bc42143d in managed_C_Initialize ../p11-kit/modules.c:1477
#3 0x7f89bc464c72 in binding_C_Initialize ../p11-kit/virtual.c:121
#4 0x7f89bc1b0a51 in ffi_closure_unix64_inner (/lib64/libffi.so.6+0x5a51)
#5 0x7f89bc1b0dbf in ffi_closure_unix64 (/lib64/libffi.so.6+0x5dbf)
#6 0x7f89bc44f9e8 in rpc_C_Initialize ../p11-kit/rpc-server.c:691
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure to call p11_virtual_uninit() on managed module. Otherwise the
associated lower_module will not be released.
GCC's asan spotted this:
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7f6c5368dfe0 in calloc (/lib64/libasan.so.3+0xc6fe0)
#1 0x4436ba in p11_rpc_client_init ../p11-kit/rpc-client.c:2082
#2 0x42c147 in p11_rpc_transport_new ../p11-kit/rpc-transport.c:850
#3 0x415d95 in setup_module_for_remote_inlock ../p11-kit/modules.c:411
|
|
|
|
|
|
|
|
| |
GCC's asan spotted this:
Direct leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7f8d4f221fe0 in calloc (/lib64/libasan.so.3+0xc6fe0)
#1 0x427f55 in rpc_socket_new ../p11-kit/rpc-transport.c:100
#2 0x42bc1b in rpc_exec_connect ../p11-kit/rpc-transport.c:767
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
|
| |
The commit 63644dc introduced several memcmp() calls without checking
the length of the first argument.
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
|
| |
Signed-off-by: Stef Walter <stefw@redhat.com>
* Fixed up indentation
https://bugs.freedesktop.org/show_bug.cgi?id=80519
|
|
|
|
|
|
|
| |
p11_virtual_init() should take a CK_FUNCTION_LIST as the 3rd argument,
if the 2nd argument is &p11_virtual_base.
https://bugs.freedesktop.org/show_bug.cgi?id=87192
|
|
|
|
|
|
|
|
|
| |
However, on Mac OS X the library is named libp11-kit.dylib so
in the above command the source of the link resolves to nothing,
the destination becomes the source and the link to a non-existent
file is created in the working directory.
https://bugs.freedesktop.org/show_bug.cgi?id=98022
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
| |
Accept 'slot-id' path attribute defined in RFC 7512.
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
|
| |
Accept 'slot-description' and 'slot-manifacturer' path attributes
defined in RFC 7512.
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
|
|
|
|
|
| |
For every path/query component, p11_kit_uri_parse() allocates a small
buffer to strip whitespace out. This patch removes any whitespace in
the URI at the entry of the function to simplify the code.
Note that RFC 7512 actually suggests to ignore whitespace at the
extracting phase rather than the parsing phase.
https://bugs.freedesktop.org/show_bug.cgi?id=97245
|
|
|
|
|
|
|
| |
The test case added for bug 90289 (commit c73edd00) revealed that some
of the C_Initialize() implementations do not consider the case where it
is called from the parent process and then from the child process,
without calling C_Finalize() in between.
|
| |
|
|
|
|
|
|
|
|
| |
p11_kit_module_load() hands on the module_path argument to
load_module_from_file_inlock() which accepts relative paths, prepending
P11_MODULE_PATH. Update API documentation accordingly.
https://lists.freedesktop.org/archives/p11-glue/2016-February/000587.html
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=93587
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fd_set and friends, according to POSIX.1-2001, needs sys/select.h, so
include it otherwise the build fails for uClibc:
p11-kit/rpc-transport.c: In function ‘rpc_socket_read’:
p11-kit/rpc-transport.c:350:2: error: unknown type name ‘fd_set’
p11-kit/rpc-transport.c:416:4: warning: implicit declaration of function
‘FD_ZERO’ [-Wimplicit-function-declaration]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
https://bugs.freedesktop.org/show_bug.cgi?id=93211
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=92532
|