summaryrefslogtreecommitdiff
path: root/p11-kit
Commit message (Collapse)AuthorAgeFilesLines
* p11-kit: Mark p11_kit_be_quiet() and p11_kit_be_loud() stableStef Walter2014-07-041-4/+4
| | | | | These are useful functions for callers who want to supress all output from p11-kit library.
* p11-kit: Handle managed modules correctly when forkingStef Walter2014-07-042-5/+56
| | | | | | | | Correctly allow reinitialization when a process forks. We don't yet implement checks on all entry points of a managed module, but this allows callers to call C_Initialize again after forking, as outlined by the PKCS#11 v2 spec.
* p11-kit: Fix corrupted list when initialization of modules failStef Walter2014-06-251-0/+2
| | | | | | | | This fixes the function call p11_kit_module_initialize() to correctly rearrange the modules array when initializing a module fails. Also fixes p11_kit_modules_load_and_initialize()
* Don't try to symlink p11-proxy.so on windowsMilan Crha2014-06-201-5/+5
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=76594
* proxy: Fix cases where modules are unloaded while in useStef Walter2014-02-131-22/+31
| | | | | | | | | | | | | The proxy module would unload the PKCS#11 modules it was proxying when C_Finalize() was called. However if a caller in another thread was inside of a PKCS#11 function at the time, this would cause a crash. Change things around so that underlying modules are finalized during the proxy C_Finalize() but not released/unloaded until the proxy module itself is unloaded. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* proxy: Remove assertions when module is not initializedStef Walter2014-02-131-2/+0
| | | | | | | | We should return CKR_CRYPTOKI_NOT_INITIALIZED rather than assert() when proxy PKCS#11 functions are called before the module is initialized. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* test-iter: Fix use of uninitialized variableStef Walter2014-01-141-0/+1
|
* iter: Fix return value in rare memory allocation caseStef Walter2014-01-131-1/+1
|
* iter: Add p11_kit_iter_get_attributes() functionStef Walter2014-01-133-0/+106
| | | | A simple wrapper for C_GetAttributeValue()
* Disable tests with setgid binaries when running in fakerootAndreas Metzler2013-10-011-1/+4
| | | | | We use the FAKED_MODE environment variable as a way to detect fakeroot.
* Remove unused make variablesStef Walter2013-09-091-1/+0
|
* messages: Better message for CKR_FUNCTION_REJECTEDStef Walter2013-09-051-1/+1
|
* Route 'p11-kit extract-trust' over to trust toolStef Walter2013-08-291-28/+30
| | | | | | The actual command is 'trust extract-compat'. Make installed placeholder script reflect this. We still support the old placeholder script if it is present.
* Add p11-kit style typedefs for iter and uriStef Walter2013-08-282-0/+2
| | | | | In general we're slowly migrating towards the lower case style for stuctures/objects.
* iter: Add a p11_kit_iter_destroy_object() functionStef Walter2013-08-283-0/+59
| | | | Handy function since this is a common need.
* iter: Add p11_kit_iter_set_uri() functionStef Walter2013-08-283-7/+65
| | | | This is so we can set a filtering uri on the iterator after construction
* iter: Add p11_kit_iter_get_token() callStef Walter2013-08-283-4/+55
| | | | | To get the already loaded CK_TOKEN_INFO during iteration for the token that the current object is on.
* iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behaviorStef Walter2013-08-283-28/+16
| | | | | This allows us to try to get a RW session, but if not fallback to a read-only session.
* p11-kit: Rename list.c to lists.c to simplify debuggingStef Walter2013-08-282-1/+1
|
* Avoid multiple stat() calls for same fileStef Walter2013-08-283-23/+21
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-0/+2
|
* Use simple serial automake test harnessStef Walter2013-07-233-1/+3
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Add appropriate const qualifiersStef Walter2013-07-181-1/+1
|
* Fix p11_kit_space_strlen() result when empty stringStef Walter2013-07-183-3/+63
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985416
* Don't call memdup with zero length or NULL pointerStef Walter2013-07-181-1/+1
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985433
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-181-4/+2
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Declare static variables const where it makes senseStef Walter2013-07-182-4/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Support expanding $XDG_CONFIG_HOME in user config pathsStef Walter2013-07-181-1/+1
| | | | | | | | | | If ~/.config is specified as a prefix to a configured path, then it is expanded to the $XDG_CONFIG_HOME if that exists Add --with-user-config ./configure option to configure a different user config directory. Interpolate the right directories into documentation.
* Don't load configs from user directory when setuidStef Walter2013-07-186-2/+144
| | | | | | | When running as setuid() or setgid() don't access the user's home directory, or use $HOME environment variables. https://bugzilla.redhat.com/show_bug.cgi?id=985014
* Fix various issues highlighted by coverity scannerStef Walter2013-07-183-6/+15
| | | | Among others fix possible usage of large stack allocation.
* open files with O_CLOEXEC when possibleStef Walter2013-07-182-76/+27
| | | | | | | | | | | | | This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
* iter: Document guarantees for filter matches argumetStef Walter2013-07-181-0/+4
| | | | | | | | The matches argument is always initialized to CK_TRUE when a filter is called, and it's up to filters to set it to CK_FALSE. Filters don't need to set to CK_TRUE. https://bugzilla.redhat.com/show_bug.cgi?id=985009
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-171-1/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* Build with -fno-common to catch definition problemsStef Walter2013-07-101-2/+2
| | | | | | Fix some global variables not declared as extern https://bugs.freedesktop.org/show_bug.cgi?id=66015
* Various documentation tweaks and fixes for warningsStef Walter2013-07-101-0/+8
|
* trust: Fix the 'p11-kit extract' commandStef Walter2013-07-092-2/+21
| | | | | This is supposed to call over to 'trust extract' and wasn't working correctly.
* p11-kit: Add P11_KIT_MODULE_TRUSTED flagStef Walter2013-07-045-19/+86
| | | | | A new flag to pass to p11_kit_modules_load() and related functions which limits loaded modules to ones with "trust-policy: yes".
* iter: Add iteration mode where session is not busyStef Walter2013-07-033-45/+132
| | | | | | | | | | | In order to use the session we are iterating on for other tasks such as other C_FindObject() calls, we need to make sure that it's not in the middle of a find operation. Finish up the complete find operation in advance of returning objects from a session. Make this the default mode. The previous behavior remains as an option. Add tests.
* Fix dependency between p11-kit command and libraryStef Walter2013-06-251-1/+1
|
* Reorganize various componentsStef Walter2013-06-253-0/+415
| | | | | | | * p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory
* url: Encode directly to a bufferStef Walter2013-05-271-13/+19
|
* Mark p11_kit_message() as a stable functionStef Walter2013-05-211-2/+2
|
* Fix building of applications using CRYPTOKI_GNU styleStef Walter2013-05-211-1/+3
|
* Bump the version for deprecated function documentationStef Walter2013-05-211-9/+9
|
* Fix up Makefile.am files for automake 1.13 warningsStef Walter2013-05-212-2/+2
|
* Our own unit testing frameworkStef Walter2013-05-2114-1729/+1572
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Further reorganization of the core module trackingStef Walter2013-05-211-188/+161
| | | | | | | | | * Keep the module ownership apart from the tracking of module function pointers, since these are only relevant for unmanaged modules. * Less assumptions that each module has a raw unmanaged module function pointer. * More clarity in the naming of dictionaries tracking the modules.
* Add the log-calls module config optionStef Walter2013-05-217-16/+2234
| | | | | If 'log-calls = yes' is set then all the PKCS#11 modules are logged to stderr.
* Manage C_CloseAllSessions function for multiple callersStef Walter2013-05-213-7/+268
| | | | | | Make C_CloseAllSessions work for different callers. Track the sessions that each caller opens and close just those when C_CloseAllSessiosn is called.
* Update the proxy module to use managed PKCS#11 modulesStef Walter2013-05-218-256/+1410
| | | | | | | | | | Each time C_GetFunctionList is called on the proxy module, a new managed PKCS#11 set of functions is returned. These are all cleaned up when the module is unloaded. We want the proxy module to continue to work even without the highly recommended libffi. For that reason we still keep the old behavior of sharing state in the proxy module.
generated by cgit v1.1 at 2024-10-24 07:17:29 +0000