summaryrefslogtreecommitdiff
path: root/trust
Commit message (Collapse)AuthorAgeFilesLines
* trust: Forcibly mark "Default Trust" read-onlyDaiki Ueno2018-02-057-15/+101
| | | | | | | | The "Default Trust" token is typically mounted as $datadir, which is considered as read-only on modern OSes. Suggestd by Kai Engert in: https://bugzilla.redhat.com/show_bug.cgi?id=1523630
* trust: Filter out duplicate extensionsDaiki Ueno2018-01-315-5/+120
| | | | | | | | | | | | The trust policy module keeps all the objects in the database, while PKIX doesn't allow multiple extensions identified by the same OID can be attached to a certificate. Add a check to C_FindObjects to exclude any duplicates and only return the first matching object. It would be better if the module rejects such duplicates when loading, but it would make startup slower. https://bugzilla.redhat.com/show_bug.cgi?id=1141241
* build: Delay compilation of test-related stuffDaiki Ueno2018-01-301-4/+8
|
* trust: Respect anyExtendedKeyUsage in CA certificatesDaiki Ueno2017-10-023-0/+45
|
* trust: Fix build error with -Werror=return-typeDaiki Ueno2017-07-141-1/+1
|
* trust: Suppress dead-assignment warnings from clang-analyzerDaiki Ueno2017-05-292-1/+1
|
* build: Delay building test programs until "make check"Daiki Ueno2017-05-291-1/+1
| | | | | This is to disable clang-analyzer against test programs, which can contain several false-positives.
* trust: Simplify the check for the magicDaiki Ueno2017-05-183-12/+17
| | | | | Instead of reusing the CKA_X_GENERATED attribute, check the file contents directly in the caller side.
* trust: Check magic comment in persist file for modifiablityDaiki Ueno2017-05-183-2/+14
| | | | | | | A persistent file written by the trust module starts with the line "# This file has been auto-generated and written by p11-kit". This can be used as a magic word to determine whether the objects read from a .p11-kit file are read-only.
* Revert "trust: Honor "modifiable" setting in persist file"Daiki Ueno2017-05-183-11/+1
| | | | | This reverts commit 8eed1e60b0921d05872e2f43eee9088cef038d7e, which broke "trust anchor --remove".
* trust: Honor "modifiable" setting in persist fileDaiki Ueno2017-02-203-1/+11
| | | | | | | | | Previously, all objects read from p11-kit persist files are marked as modifiable when parsing, regardless of the explicit "modifiable: false" setting in the file. Reported by Kai Engert in: https://bugs.freedesktop.org/show_bug.cgi?id=99797
* rpc: Add PKCS#11 module that connects to socketDaiki Ueno2017-02-171-2/+1
| | | | | | | | | | | | | | | This patch adds a PKCS#11 module that connects to the p11-kit server exposed on the filesystem. The filename of the socket is determined in the following order: - $P11_KIT_SERVER_ADDRESS, if the envvar is available - $XDG_RUNTIME_DIR/p11-kit/pkcs11, if the envvar is available - /run/$(id -u)/p11-kit/pkcs11, if /run/$(id -u) exists - /var/run/$(id -u)/p11-kit/pkcs11, if /var/run/$(id -u) exists - ~/.cache/p11-kit/pkcs11. Note that the program loading this module may have called setuid() and secure_getenv() which we use for fetching envvars could return NULL.
* trust: Fix uninitialized value in anchor commandDaiki Ueno2017-02-161-1/+1
|
* trust: Fix saving trust file on WindowsDaiki Ueno2017-02-161-6/+9
|
* build: Include <unistd.h> for execvDaiki Ueno2017-02-161-0/+1
|
* Support loading new NSS attribute CKA_NSS_MOZILLA_CA_POLICY from .p11-kit files.Kai Engert2017-02-162-0/+2
| | | | | See also NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=1334976 and p11-kit bug https://bugs.freedesktop.org/show_bug.cgi?id=99453
* trust: Revert to the original 'extract' behaviorDaiki Ueno2017-02-141-0/+1
| | | | | | | | Since commit f4384a40, due to a missing ex->flags setting, the 'trust extract' command didn't retrieve correlation between related objects and that was causing assertion failure when writing PEM files. https://bugs.freedesktop.org/show_bug.cgi?id=99795
* trust: Implement a 'trust dump' commandStef Walter2017-01-314-0/+237
| | | | | | | | | | | This dumps all the PKCS#11 objects in the internal .p11-kit persistence format. This is part of the trust command and tooling, even though at some point it could go in the p11-kit command. The reason for this is that the code related to the internal .p11-kit objects is in the trust code, and consumed solely by the trust related modules.
* trust: Don't encode spaces when writing .p11-kit formatStef Walter2017-01-311-1/+1
| | | | | These should not be encoded by default for readability in strings.
* trust: Add an "all" filter option for trust commandsStef Walter2017-01-311-0/+3
|
* trust: Make extraction and correlation of certificate info optionalStef Walter2017-01-317-19/+30
| | | | | This is so that the code can be shared by the upcoming 'trust dump' command where correlation between related objects is not desired.
* trust: Load all attributes for each object when enumeratingStef Walter2017-01-311-17/+21
| | | | | We load all known attributes for each object we're enumerating over in the 'trust list' and 'trust extract' commands.
* test: Fix privatedir substitution in test-extractDaiki Ueno2016-12-131-0/+1
| | | | | Since $privatedir expands to "${libexecdir}/p11-kit", $libexecdir must be substituted in the script beforehand.
* trust: Don't add CKA_TRUSTED to extension objectDaiki Ueno2016-12-061-2/+33
| | | | | | | While 'trust anchor' command tries to add CKA_TRUSTED attribute to any object, it is only valid for a certificate object. https://bugzilla.redhat.com/show_bug.cgi?id=1158926
* common, trust: Avoid integer overflowDaiki Ueno2016-12-061-0/+5
| | | | | | | This fixes issues pointed in: https://bugzilla.redhat.com/show_bug.cgi?id=985445 except for p11-kit/conf.c:read_config_file(), which was rewritten using mmap() and thus length calculation is no longer needed.
* trust: Avoid confusion in DER/PEM decodingDaiki Ueno2016-11-303-1/+115
| | | | | | | | Previously p11-kit-trust.so tried to interpret certificate as PEM format first. This could cause potential conflict if the certificate were actually in DER format and contained a PEM marker strings. https://bugs.freedesktop.org/show_bug.cgi?id=92063
* trust: Clarify the error message of 'extract'Daiki Ueno2016-11-281-1/+4
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1154693
* trust: Mention anchor --remove option in helpDaiki Ueno2016-11-281-1/+2
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=1158467
* trust: Reject invalid UTF-8 inputDaiki Ueno2016-11-282-0/+8
| | | | | | | Merge changes from utf8.c in FreeBSD's libc: https://svnweb.freebsd.org/base/head/lib/libc/locale/utf8.c?revision=290494&view=markup#l196 https://bugzilla.redhat.com/show_bug.cgi?id=985449
* test: Fix memleak in test-token cleanupDaiki Ueno2016-10-311-1/+1
| | | | | | | | | | GCC's asan spotted this: Direct leak of 338 byte(s) in 13 object(s) allocated from: #0 0x7f54f03fee20 in malloc (/lib64/libasan.so.3+0xc6e20) #1 0x445e8c in p11_path_build ../common/path.c:222 #2 0x4385bd in expand_tempdir ../common/test.c:334 #3 0x43869c in p11_test_directory ../common/test.c:361 #4 0x4033e3 in setup_temp ../trust/test-token.c:79
* test: Make test-module work --without-trust-moduleDaiki Ueno2016-09-041-1/+2
| | | | | | | | | The test-module program currently depends on TRUST_PATHS, which is determined by the configure script and normally points to a resource outside of the build tree. To make the test system-independent, use a crafted path for testing. https://bugs.freedesktop.org/show_bug.cgi?id=89027
* Fix typos flagged by codespellDaiki Ueno2016-08-223-3/+3
|
* trust: Fix always false comparison of EAGAIN and EINTRStef Walter2015-11-091-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=92864
* trust: Fix double close()Pankaj2015-06-011-1/+0
|
* Fix some compiler warnings from GCC 5.xStef Walter2015-04-171-3/+3
|
* trust: Add pem-directory-hash extract formatAdam Williamson2015-01-145-51/+134
| | | | | | | | | | | | This allows extraction of a directory of standard PEM files with the OpenSSL hash symlinks; this is a format used by some popular platforms (Debian's /etc/ssl/certs is in this form, and OpenSUSE provides it for compatibility). Initially by: Ludwig Nussel <ludwig.nussel@suse.de> Signed-off-by: Stef Walter <stefw@redhat.com> * Added header, fixed compiler warnings
* trust: Certificate CKA_ID is SubjectKeyIdentifier if possibleStef Walter2014-10-097-46/+91
| | | | | | | | | | | | | | | | | | | | | | The PKCS#11 spec states that the CKA_ID should match the SubjectKeyIdentifier if such an extension is present. We delay the filling of CKA_ID until the builder phase of populating attributes which allows us to have more control over how this works. Note that we don't make CKA_ID reflect SubjectKeyIdentifier *attached* extensions. The CKA_ID isn't supposed to change after object creation. Making it dependent on attached extensions would be making promises we cannot keep, since attached extensions can be added/removed at any time. This also means the CKA_ID of attached extensions and certificates won't necessarily match up, but that was never promised, and not how attached extensions should be matched to their certificate anyway. Based on a patch and research done by David Woodhouse. https://bugs.freedesktop.org/show_bug.cgi?id=84761
* trust: Allow 'BEGIN PUBLIC KEY' PEM blocks in .p11-kit filesStef Walter2014-10-093-0/+73
| | | | | | | These PEM blocks contribute a CKA_PUBLIC_KEY_INFO to the object being read/written. https://bugs.freedesktop.org/show_bug.cgi?id=83799
* trust: add missing libtasn1 cflagsRoman Bogorodskiy2014-10-071-0/+39
| | | | Add a number of missing LIBTASN1_CFLAGS where it's required
* makefile: Rename DATADIR to not conflict with Win32 defineMichael Cronenworth2014-10-052-2/+2
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* trust: Use term 'attached extensions' instead of 'stapled'Stef Walter2014-09-108-72/+72
| | | | | | | The term 'stapled extensions' is confusing because it overloads terminology used with OSCP stapling. Suggested by Daniel Kahn Gillmor.
* common: New public pkcs11x.h header containing extensionsStef Walter2014-09-104-0/+4
| | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFOStef Walter2014-09-108-45/+45
| | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495
* trust: Fix token test when building with MinGWMichael Cronenworth2014-09-091-0/+4
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* trust: Show public-key-info in 'trust list --details'Stef Walter2014-09-051-0/+14
| | | | | Since the public-key-info is an important part of the way we represent trust, show it in 'trust list' if --details is present.
* trust: Produce a proper message for an invalid stapled extensionStef Walter2014-09-051-1/+10
| | | | | | Previously we would output a line like this: p11-kit: 'node != NULL' not true at lookup_extension
* Move to non-recursive Makefile for building bins and libsStef Walter2014-08-1567-243/+272
| | | | Still use recursive for documentation and translation.
* trust: Don't use invalid public keys for looking up stapled extensionsStef Walter2014-08-081-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* trust: Print label of certificate when complaining about basic constraintsStef Walter2014-08-081-1/+5
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* trust: Double check that index bucket is valid before accessStef Walter2014-08-081-2/+2
|