summaryrefslogtreecommitdiff
path: root/trust/token.c
Commit message (Collapse)AuthorAgeFilesLines
* trust: Fix leak in token loading error pathStef Walter2014-08-081-0/+1
|
* trust: Fix unlikely use of uninitialized memory in token loadingStef Walter2014-08-081-3/+3
|
* trust: Add support for removing trust token objectsStef Walter2013-08-291-1/+86
|
* trust: Do reload object removals inside a loading blockStef Walter2013-08-291-0/+4
| | | | | So that validation/storage logic doesn't kick in if a file was removed outside of p11-kit trust module.
* trust: Add index callback for when an object is removedStef Walter2013-08-291-0/+1
| | | | This allows a token to remove the file if desired
* trust: Prefer parsing the persist format to PEMStef Walter2013-08-281-2/+2
| | | | | This is because the persist format contains PEM, and if the PEM parser gets it first, then it'll ignore the other non PEM data.
* trust: Correctly rewrite other objects in a modifiable persist fileStef Walter2013-08-281-1/+1
| | | | | There was a bug where we were rewriting the modified object multiple times.
* Avoid multiple stat() calls for same fileStef Walter2013-08-281-1/+1
| | | | | | As a side effect we can also not use the dirent.d_type field https://bugs.freedesktop.org/show_bug.cgi?id=68525
* Don't use _GNU_SOURCE and fix strerror_r usageStef Walter2013-07-231-1/+1
| | | | | glibc declares strerror_r completely different if in POSIX or GNU mode. Nastiness. Stop using _GNU_SOURCE all together.
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-2/+8
|
* Use simple serial automake test harnessStef Walter2013-07-231-2/+1
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Avoid using the non-thread-safe strerror() functionStef Walter2013-07-181-12/+7
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985481
* Fixes for some recent win32 regressionsStef Walter2013-07-181-1/+9
|
* Remove erroneous comments about readdir() and thread-safetyStef Walter2013-07-171-1/+0
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=984989
* trust: Fix various issues writing objects in trust tokenStef Walter2013-07-081-49/+117
| | | | | | | | * Create directory before trying to write files to it * Handle write failures appropriately Refactor how we build and store objects in the index to handle the above cases properly.
* trust: Support token directory paths in user's home directoryStef Walter2013-07-081-1/+1
|
* trust: Explicitly specify which formats parser should parseStef Walter2013-07-081-0/+2
|
* trust: Initial support for writing out token objectsStef Walter2013-07-031-21/+197
| | | | | * The objects are written out in the p11-kit persist format * Parser marks files in p11-kit persist format as modifiable
* trust: If token path is a file, don't try loading subdirectoriesStef Walter2013-07-031-8/+15
|
* trust: Rename p11_index_batch() to p11_index_load()Stef Walter2013-07-031-2/+2
| | | | | | The name makes it clearer what's going on. This is only used during loading, so we can track whether a change has resulted from the trust module or from the file storage.
* trust: Implement reloading of token dataStef Walter2013-07-031-68/+263
| | | | | | | | | | | | | | | * Reload token data whenever a new session is opened. * Only reload files/directories that have changed. * Move duplicate anchor/blacklist detection logic into the extract code. This is in line with the approach being discussed on the mailing lists and spec document. * New internal attribute CKA_X_ORIGIN set on all objects so we can track where an object came from, and replace it when reloaded. In general this is a prerequisite for modification of objects reload before modify is necessary to prevent multiple callers clobbering each other's changes.
* trust: Correctly reflect the CK_TOKEN_INFO writability flagsStef Walter2013-06-141-0/+47
| | | | | Correctly set the CKF_TOKEN_WRITE_PROTECTED flag for paths which we will be able to write to.
* More compatible path munging and handling codeStef Walter2013-04-031-1/+2
| | | | | | | | | | Centralize the path handling code, so we can remove unixy assumptions and have a chance of running on Windows. The current goal is to run all the tests on Windows. Includes some code from LRN <lrn1986@gmail.com> https://bugs.freedesktop.org/show_bug.cgi?id=63062
* Separate library init from message codeStef Walter2013-04-031-1/+1
| | | | | | | | | | | Put library init/uninit code its into their own statically linked library so that they don't get linked into the p11-kit executable. Refactor the message code so that the library initialization can plug in its per thread message buffer. https://bugs.freedesktop.org/show_bug.cgi?id=63046
* trust: Predictable behavior with duplicate certificates in tokenStef Walter2013-03-201-15/+4
| | | | | | | | If duplicate certificates are present in a token, we warn about this, and don't really recommend it. However we have predictable behavior where blacklist is prefered to anchor is preferred to unknown trust. https://bugs.freedesktop.org/show_bug.cgi?id=62548
* trust: Use descriptive labels for tokensStef Walter2013-03-191-2/+20
| | | | | | | | Try to determine which one is the system trust input token, and which one is the default token by using datadir and sysconfdir respectively. https://bugs.freedesktop.org/show_bug.cgi?id=62534
* trust: Remove the temporary built in distrust objectsStef Walter2013-03-191-148/+0
| | | | These should now be loaded from the .p11-kit persist format.
* trust: Add a builder which builds objects out of parsed dataStef Walter2013-03-151-5/+16
| | | | | | | | | | | The builder completes the objects from the parsed data and takes over the responsibilities that the parser and adapter previously shared. This is necessary to prepare for arbitrary data coming from the p11-kit specific input files. https://bugs.freedesktop.org/show_bug.cgi?id=62329
* trust: Refactor to include concept of the indexStef Walter2013-03-151-20/+12
| | | | | | | | | | * The index holds PKCS#11 objects whether for the token or for the session. * The index provides hook for a builder to expand or validate objects being added to the index. * In addition theres a change hook so that a builder can maintain state between objects, such as the compat NSS trust objects. https://bugs.freedesktop.org/show_bug.cgi?id=62329
* trust: Make each configured path its own tokenStef Walter2013-03-151-41/+23
| | | | | | | | | | | | | | | | | | | * Each source directory or file configured into the module or passed in as an initialization argument becomes its own token. Previously there was one token that contained certificates from all the configured paths. * These tokens are clearly labeled in the token info as to the directory or file that they represent. * Update PKCS#11 module logic to deal with multiple tokens, validate the slot ids and so on. * The order in which the paths are configured will become the order of trust priority. This is the same order in which they are listed through 'p11-kit list-modules' and C_GetSlotList. * Update the frob-token internal tool to only play with one path * Adjust tests where necessary to reflect the new state of things and add tests for modified trust module code https://bugs.freedesktop.org/show_bug.cgi?id=61499
* trust: Rework input path treatmentStef Walter2013-03-151-26/+52
| | | | | | | | | | | | | | | | | | | | | * Accept a single --with-trust-paths argument to ./configure which cotnains all the input paths. * The --with-system-anchors and --with-system-certificates ./configure arguments are no longer supported. Since they were only present briefly, no provision is made for backwards compatibility. * Each input file is treated as containing anchors by default unless an input certificate contains detailed trust information. * The files in each input directory are not automatically treated as anchors unless a certificate contains detailed trust information. * The files in anchors/ subdirectory of each input directory are automatically marked as anchors. * The files in the blacklist/ subdirectory of each input directory are automatically marked as blacklisted. * Update tests and move around test certificates so we can test these changes. https://bugs.freedesktop.org/show_bug.cgi?id=62327
* trust: Use the new NSS PKCS#11 extension codesStef Walter2013-03-081-3/+3
| | | | | NSS had subtly changed the values of the distrust CK_TRUST codes so update them to stay in sync.
* Hard code distrust temporarily.Stef Walter2013-03-081-1/+149
| | | | | This is because we have no way to load this data into the trust module. Working on a real solution.
* trust: Refactor how we load builtin objectsStef Walter2013-03-081-11/+13
|
* Some debug info about which files are being loadedStef Walter2013-02-051-2/+15
|
* Add the builtin roots NSS specific objectStef Walter2013-02-051-1/+27
| | | | This tells NSS that this is a source of anchors.
* Add basic trust moduleStef Walter2013-02-051-0/+256
This is based off the roots-store from gnome-keyring and loads certificates from a root directory and exposes them as PKCS#11 objects.