| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
| |
Spotted by clang-analyzer.
|
| |
|
|
|
| |
This is to disable clang-analyzer against test programs, which can
contain several false-positives.
|
| |
|
|
|
| |
Reported by Mantas Mikulėnas in:
https://bugs.freedesktop.org/show_bug.cgi?id=101212
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Instead of a Unix domain socket on Unix, use a named pipe on Windows.
|
| | |
|
| | |
|
| |
|
|
| |
This is similar to commit ba49b85e, but for mechanism parameters.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
When using the RPC across multiple architectures, where data models
are different, say LP64 vs ILP32, there can be unwanted truncation of
attribute values.
This patch converts the values into portable format for the known
attributes.
Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
| |
Otherwise it will cause assertion failure in a few lines below.
Spotted by amrican fuzzy lop.
|
| |
|
|
|
| |
out_fd is not always 1 when p11_kit_remote_serve_module() is used for
writing a custom server.
|
| |
|
|
|
|
|
|
|
| |
Given that the remote proxy service shall be only used by NetworkManager
and not generally useful, revert commit
a4fb2bb587fb1a0146cf97f039b671d3258488f9 for now.
Once the necessary command that runs the proxy module is implemented in
p11-kit, maybe NetworkManager itself could install those files.
|
| |
|
|
|
| |
The p11-kit-remote executable is now located under $libexecdir, but we
should use the p11-kit command to launch the subcommand.
|
| |
|
|
| |
Include signal.h for kill(2) and SIGKILL on FreeBSD.
|
| |
|
|
|
|
|
|
| |
If an unknown attribute is present in the query part of the PKCS#11 URI,
the parser treated it as unrecognized and subsequent matches failed.
Instead, keep track of such attributes and provide a set of API to deal
with them.
|
| |
|
|
|
| |
The connection failure here is not fatal. Use p11_debug() instead of
p11_message().
|
| |
|
|
|
| |
This is unset on most systems, but might as well follow the Base
Directory spec properly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a PKCS#11 module that connects to the p11-kit server
exposed on the filesystem. The filename of the socket is determined in
the following order:
- $P11_KIT_SERVER_ADDRESS, if the envvar is available
- $XDG_RUNTIME_DIR/p11-kit/pkcs11, if the envvar is available
- /run/$(id -u)/p11-kit/pkcs11, if /run/$(id -u) exists
- /var/run/$(id -u)/p11-kit/pkcs11, if /var/run/$(id -u) exists
- ~/.cache/p11-kit/pkcs11.
Note that the program loading this module may have called setuid() and
secure_getenv() which we use for fetching envvars could return NULL.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This adds a new tool to the p11-kit command called 'server', which
allows us to access a PKCS#11 module over a Unix domain socket.
Internally, it is implemented as a wrapper around 'p11-kit remote'.
Upon connection it executes 'p11-kit remote' in a forked process.
|
| | |
|
| |
|
|
|
| |
Synchronize the fixture module to the non-Unix one and enable
"/modules/test_filename".
|
| |
|
|
|
|
|
| |
On Windows, use _spawnv() to create a subprocess and two unidirectional
pipe created with _pipe() to communicate with it. If we can assume
WinSock, it might be simpler to use a socketpair() replacement from:
https://github.com/ncm/selectable-socketpair.
|
| |
|
|
| |
Append EXEEXT or SHLEXT to the filename if needed.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
We used to provide p11_virtual_fixed_{,un}init() to only initialize a
mutex used in virtual.c. That required all the tests calling virtual
functions to call p11_virtual_fixed_{,un}init() in main().
For simplicity, move the mutex variable initialization into
p11_library_init().
|
| | |
|
| |
|
|
|
|
|
|
|
| |
While PKCS#11 URI can identify slots/tokens/modules, P11KitIter is only
capable of iterating over objects.
This patch adds new behaviors to P11KitIter to support iterations over
slots/tokens/modules, using the C coroutine trick as described in:
http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html
|
| |
|
|
|
|
|
|
|
|
|
|
| |
While 'pin-source' and 'pin-value' are defined as query atttribute, they
were defined as path attribute in earlier drafts, and some
implementations still stick to it.
For backward compatibility, accept those in path attributes when
parsing (but not when formatting).
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-January/000637.html
|
| |
|
|
|
| |
Add proper inclusion guard to virtual-fixed.h and move the declarations
of the (un)initialization functions there.
|
| |
|
|
|
| |
To prevent leaks of fixed closures, p11_kit_module_release() needs to be
called on the mock module itself.
|
| | |
|
| |
|
|
|
|
|
|
| |
libffi's closure support is not available on all platforms and may fail
at run time if running under a stricter SELinux policy. Fallback to
pre-compiled closures if it is not usable.
https://bugs.freedesktop.org/show_bug.cgi?id=97611
|
| |
|
|
|
|
|
|
|
|
|
| |
* common/compat.c: Fix "implicit declaration of function 'issetugid'"
warning. On FreeBSD, it's required to define __BSD_VISIBLE to make
issetugid(2) visible
* common/test-message.c: Fix "implicit declaration of function
'asprintf'" by including <stdio.h>
* p11-kit/test-iter.c: Fix "format '%lu' expects argument of
type 'long unsigned int', but argument 3 has type 'int'" by
changing format string to "%d"
|
| |
|
|
|
|
| |
This allows daemons outside user's session to use per-user PKCS#11
modules. Useful for letting VPN daemons or wpa_supplicant use
certificates stored in user's GNOME keyring, etc.
|
| |
|
|
|
| |
Accept and produce 'module-name' and 'module-path' query attributes
defined in RFC 7512.
|
| |
|
|
|
|
|
|
|
| |
Like memcpy(), the 'void *' argument of p11_buffer_add() points to the
memory area ordered in host's endianness. Add typecast of int->char to
avoid the confusion.
Reported by Andreas Metzler in:
https://lists.freedesktop.org/archives/p11-glue/2017-January/000633.html
|
| |
|
|
| |
Put the pin-* attributes where they belong: to the query part.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The pin-* attributes belong to the query part. We should not parse them
until we see a '?' and they're separated with a '&'.
This might be an important thing -- some of the query attributes may
have security implications reaching outside scope of the token itself, to the
host system itself. E.g. a pin-source may cause the consumer to access a file
or module-path (unimplemented) execute code. The user may want to just chop the
attribute part off if they want the consumer access the token and not take the
security considerations into account.
|
| |
|
|
|
|
|
|
|
|
| |
- Current command for creation of the p11-kit-proxy symlink
uses shell brace expansion that isn't supported by all
the shells (e.g. FreeBSD's /bin/sh does not support that).
Replace it with the old-fashioned 'for' loop
- Match extension of the source and the target, i.e. so links
to so, dylib links to dylib (previously dylib linked to so)
- Add an uninstall-local target to clean up the symlink
|
| | |
|
