summaryrefslogtreecommitdiff
path: root/p11-kit
Commit message (Collapse)AuthorAgeFilesLines
* build: Don't hardcode module pathDaiki Ueno2019-06-186-16/+22
|
* build: Move check_PROGRAMS into subdirectoriesDaiki Ueno2019-06-186-25/+25
|
* tests: Add tmpdir argument to p11_test_copy_setgidDaiki Ueno2019-06-181-1/+1
| | | | To prevent BUILDDIR being embedded in the library.
* tests: Skip tests calling getauxval(AT_SECURE) if binary is on /tmpDaiki Ueno2019-06-181-2/+3
|
* conf: Skip root UID check on WindowsDaiki Ueno2019-06-181-0/+2
|
* virtual: Rename virtual-fixed.c to virtual-fixed-generated.hDaiki Ueno2019-06-182-4/+4
| | | | | Previously the generated .c file was included in another source file, which is not supported in some build systems (e.g., meson).
* rpc: On UNIX wait on condition variable instead of FD if header is for a ↵Simon Haggett2019-06-141-12/+35
| | | | | | | | | | | | | | | | | | | | different thread. If rpc_socket_read() receives a header for a different thread, it tries to yield by releasing the read mutex and waiting on the socket's read FD. On Linux systems, this has been observed to cause a performance problem in cases where multiple threads are being used. Threads expecting a different header can rapidly unlock and relock the read mutex, as they resume when sock->read_code hasn't changed. This can result in contention on the read mutex, which delays the thread that is expecting to consume the header. This fix updates rpc_socket_read() on UNIX to wait on a condition variable instead of the socket's read FD. The condition variable is signalled when sock->read_code changes. This allows waiting threads to only resume once the header and payload have been consumed by their target thread. This fix only targets UNIX platforms, as the Windows version that p11-kit targets by default (Windows 2000) does not provide support for condition variables. Signed-off-by: Simon Haggett <simon.haggett@gmail.com>
* tests: Avoid uninitialized value in test-proxy.cDaiki Ueno2019-05-231-0/+4
|
* build: Suppress compiler warningDaiki Ueno2019-05-221-1/+0
| | | | Remove unused "global" variable.
* doc: Add 'server' command in helpRaphael Medaer2019-05-221-0/+1
| | | | | | 'server' is the last common command which is not in CLI help. IMHO, adding this small documentation could help to promote usage of pkcs11 forwarding.
* proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specifiedDaiki Ueno2019-05-214-15/+166
| | | | | | | | While fully implementing C_WaitForSlotEvent() would require a separate thread to monitor events, it is straightforward to implement the function if the CKF_DONT_BLOCK flag is given. Suggested by David Ward.
* conf: Ignore user configuration if the program is running as rootDaiki Ueno2019-05-181-1/+3
| | | | | Suggested by Bastien Nocera: https://bugzilla.redhat.com/show_bug.cgi?id=1688583
* proxy: Refresh slot list on every C_GetSlotList callDaiki Ueno2019-05-164-48/+192
| | | | | | | | Previously, the proxy module calculated the slot list only once at the C_Initialize() call. That was causing a usability limitation when the user attaches HSM after starting an application. Suggested by David Ward.
* modules: Fix index used in call to p11_dict_remove()Simon Haggett2019-03-131-1/+1
| | | | | | | | | This fixes a call to p11_dict_remove() in managed_steal_sessions_inlock() to use the correct index in the stolen array (i, rather than at). This avoids an assert, which was encountered on a host serving a PKCS#11 module to a remote Linux client. Signed-off-by: Simon Haggett <simon.haggett@gmail.com>
* modules: check gl.modules before iterates on it when freeingStefano Garzarella2019-02-271-8/+10
| | | | | | | | | | | In some circumstances, as described in the BZ, can happen that free_modules_when_no_refs_unlocked() is called multiple times when the module destructor is invoked. We should check gl.modules before iterates on it in the free_modules_when_no_refs_unlocked() functions, to avoid a SIGSEGV. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1680963
* trust: Propagate library verbosity to module through init_argsDaiki Ueno2019-01-042-7/+25
| | | | | | Previously, even when the -v option is used with the 'trust' command, the messages from p11-kit-trust.so module were suppressed because the verbosity setting is not propagated to the module.
* build: Fix typo spotted by codespellDaiki Ueno2018-12-296-9/+9
|
* build: Suppress cppcheck errorsDaiki Ueno2018-11-221-2/+6
|
* tests: Ensure p11_proxy_module_cleanup is calledDaiki Ueno2018-11-141-0/+2
| | | | Reported and suggested in #197.
* url: Prefer upper-case letters in hex characters when encodingDaiki Ueno2018-11-071-7/+7
| | | | | | | This makes it more compliant with RFC 3986, where the use of upper-case letters is recommended (as "SHOULD"). Suggested by Sumit Bose.
* virtual: Prefer fixed closures to libffi closuresDaiki Ueno2018-10-241-5/+14
| | | | | | | | On some circumstances (such as when loading p11-kit-proxy from httpd), it is known that creation of libffi closure always fails, due to SELinux policy. Although this is harmless, it pollutes the journal and gives wrong hints when troubleshooting. This patch changes the order of preference of libffi vs pre-compiled closures to avoid that.
* rpc-server: Check calloc failureDaiki Ueno2018-10-171-0/+4
|
* proxy: Fix null dereference when reusing slotsDaiki Ueno2018-10-171-1/+4
|
* rpc-server: p11_kit_remote_serve_tokens: Fix memleakDaiki Ueno2018-10-171-0/+5
|
* build: Check return value of p11_rpc_buffer_get_uint64Daiki Ueno2018-10-171-1/+2
|
* build: Check return value of p11_dict_setDaiki Ueno2018-10-172-2/+7
|
* build: Free memory before return{,_val}_if_* macrosDaiki Ueno2018-10-172-3/+12
|
* virtual: Tighten error handling when fixed closures are exhaustedDaiki Ueno2018-08-281-9/+8
|
* virtual: Don't be too loud about recoverable failureDaiki Ueno2018-08-281-2/+2
|
* common: Factor out common initializer code into a headerDaiki Ueno2018-08-282-111/+8
|
* Revert "build: Explicitly link threaded test programs to libpthread"Daiki Ueno2018-08-171-4/+4
| | | | This reverts commit dc4a6eaddbb36a344cc6a9c7eb12cab9df4899b0.
* proxy: Avoid invalid memory access when unloading proxy moduleDaiki Ueno2018-08-151-13/+4
| | | | | | | | | | | | | | | | | | | | | | | When loading and unloading p11-kit-proxy.so with pkcs11-tool, it accesses already free'd memory area: $ valgrind pkcs11-tool --module p11-kit-proxy.so -L ==25173== Invalid read of size 8 ==25173== at 0x64BF493: p11_proxy_module_cleanup (proxy.c:1724) ==25173== by 0x64BD028: _p11_kit_fini (proxy-init.c:65) ==25173== by 0x401477C: _dl_close_worker (in /usr/lib64/ld-2.27.so) ==25173== by 0x4014E1D: _dl_close (in /usr/lib64/ld-2.27.so) ==25173== by 0x5E08C4E: _dl_catch_exception (in /usr/lib64/libc-2.27.so) ==25173== by 0x5E08CDE: _dl_catch_error (in /usr/lib64/libc-2.27.so) ==25173== by 0x58B1724: _dlerror_run (in /usr/lib64/libdl-2.27.so) ==25173== by 0x58B1113: dlclose (in /usr/lib64/libdl-2.27.so) ==25173== by 0x11E5A7: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x110023: ??? (in /usr/bin/pkcs11-tool) ==25173== by 0x5CF624A: (below main) (in /usr/lib64/libc-2.27.so) ==25173== Address 0x61231c8 is 552 bytes inside a block of size 584 free'd ==25173== at 0x4C2FDAC: free (vg_replace_malloc.c:530) ==25173== by 0x6548492: p11_virtual_unwrap (virtual.c:2902) ==25173== by 0x64BF492: p11_proxy_module_cleanup (proxy.c:1723)
* build: Explicitly link threaded test programs to libpthreadDaiki Ueno2018-08-101-4/+4
| | | | | Some test programs use pthread_create(), which glibc doesn't provide the stub. Link those programs with -lpthread.
* common, p11-kit, trust: Use pthread_once only when necessaryDaiki Ueno2018-08-102-2/+2
| | | | | | If the ELF constructor is usable, we don't really need the once-init function because it is guaranteed that the code runs only once in the constructor.
* server: Avoid FD leak in error casesDaiki Ueno2018-08-011-0/+3
| | | | Spotted by coverity.
* proxy: Fail early if there is no slot mappingsDaiki Ueno2018-07-162-0/+44
|
* rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modulesDaiki Ueno2018-07-164-89/+210
| | | | | This patch removes the restriction of p11_kit_remote_serve_tokens() that were not capable of serving tokens across multiple modules.
* build: Use separate p11-kit-{remote,server} executable for testingDaiki Ueno2018-07-163-3/+29
| | | | | Otherwise, the p11-kit-remote program called from p11-kit-server would load the system modules instead of the local fixtures.
* proxy: Allow proxy to be created from the libraryDaiki Ueno2018-07-162-1/+42
| | | | | | | | | | Previously, to aggregate multiple modules into one, there was no other way than loading the proxy module. From the p11-kit applications, however, it is not possible to load that module because of the recursive loading check (p11_proxy_module_check). This patch adds another means to aggregate modules, through a library function p11_proxy_module_create.
* proxy: Turn global variables module localDaiki Ueno2018-07-161-21/+14
|
* server: Enable socket activation through systemdDaiki Ueno2018-06-204-9/+72
| | | | | | | | | | | This enables socket activation of "p11-kit server" through systemd. The feature provided is essentially the same as commit a4fb2bb5 (reverted), but implemented with "p11-kit server" and libsystemd API instead of wrapping "p11-kit remote" in the unit file. Note that, while it exposes all tokens through the socket, it doesn't increase attack surface beyond the PKCS#11 binary interface provided by p11-kit-proxy.so, because the service is per-user.
* pkcs11: Exercise GNU calling convention at compile timeDaiki Ueno2018-05-283-0/+46
|
* build: Delay building mock-six.la until "make check"Daiki Ueno2018-05-251-1/+1
|
* build: Include p11-kit/test-messages.sh in distributionDaiki Ueno2018-05-251-0/+1
|
* uri: Make scheme comparison case-insensitiveDaiki Ueno2018-05-252-3/+30
| | | | | RFC 3986 suggests that implementations should accept uppercase letters as equivalent to lowercase in scheme names.
* Improve const correctness for P11KitUriNathaniel McCallum2018-05-243-41/+41
| | | | | | | | | This does not improve const for the getters. The reason for this is that they are usually passed into the PKCS#11 APIs directly and these APIs are not const correct. Trying to force const correctnesss here would result in pain for library consumers. This is an API and ABI compatible change.
* proxy: Don't null terminate PKCS #11 string fieldsDaiki Ueno2018-05-071-2/+2
|
* test: Avoid exceeding maximum pathname length of Unix socketDaiki Ueno2018-05-041-2/+7
|
* mock-module-ep: Properly override C_GetFunctionListDaiki Ueno2018-04-061-1/+1
|
* modules: Add option to control module visibility from proxyDaiki Ueno2018-04-065-10/+116
| | | | | | This enables to control whether a module will be loaded from the proxy module. The configuration reuses the "enable-in" and "disable-in" options, with a special literal "p11-kit-proxy" as the value.