Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | remote: only accept if the FD is setrpc-daemon | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -42/+44 |
| | |||||
* | remote: gracefully handle sigterm | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -0/+13 |
| | |||||
* | remote: cleanup socket file | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -2/+4 |
| | |||||
* | remote: increased debugging info | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -2/+3 |
| | |||||
* | remote: added --timeout option | Nikos Mavrogiannopoulos | 2014-09-25 | 3 | -5/+16 |
| | |||||
* | remote: updated self tests for new remote functionality | Nikos Mavrogiannopoulos | 2014-09-25 | 3 | -8/+43 |
| | |||||
* | remote: added option to run in foreground | Nikos Mavrogiannopoulos | 2014-09-25 | 3 | -6/+16 |
| | |||||
* | remote: provide the options --run-as-user and --run-as-group | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -10/+54 |
| | |||||
* | remote: server will overwrite the library manufacturer | Nikos Mavrogiannopoulos | 2014-09-25 | 4 | -8/+31 |
| | | | | | | That would allow objects within a PKCS #11 module to remain unique if both the remote and the normal module are in use, as well when many remote modules exist. | ||||
* | remote: Allow restricting the connecting user and group | Nikos Mavrogiannopoulos | 2014-09-25 | 3 | -12/+70 |
| | |||||
* | remote: updated to account for socket files only | Nikos Mavrogiannopoulos | 2014-09-25 | 2 | -105/+14 |
| | | | | | | | Changes: 1. Isolated config option was removed 2. Remote config option now accepts a socket file 3. On remote modules, only connection to the socket file is attempted. | ||||
* | remote: is now running as daemon | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -0/+6 |
| | |||||
* | remote: eliminated timeout from server | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -8/+6 |
| | |||||
* | remote: does accept socket file on cmd | Nikos Mavrogiannopoulos | 2014-09-25 | 1 | -2/+13 |
| | |||||
* | remote: operate as a single forking server | Nikos Mavrogiannopoulos | 2014-09-25 | 11 | -120/+549 |
| | |||||
* | common: Move unistd include to define getopt and friends | Michael Cronenworth | 2014-09-18 | 1 | -1/+1 |
| | | | | | | Needed to fix MinGW builds. Signed-off-by: Michael Cronenworth <mike@cchtml.com> | ||||
* | Release version 2.21.30.21.3 | Stef Walter | 2014-09-17 | 2 | -1/+9 |
| | |||||
* | trust: Use term 'attached extensions' instead of 'stapled' | Stef Walter | 2014-09-10 | 8 | -72/+72 |
| | | | | | | | The term 'stapled extensions' is confusing because it overloads terminology used with OSCP stapling. Suggested by Daniel Kahn Gillmor. | ||||
* | common: New public pkcs11x.h header containing extensions | Stef Walter | 2014-09-10 | 12 | -457/+520 |
| | | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495 | ||||
* | common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFO | Stef Walter | 2014-09-10 | 11 | -48/+52 |
| | | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495 | ||||
* | common: Add support for multiple field names (ie: nicks) per constant | Stef Walter | 2014-09-10 | 3 | -21/+22 |
| | | | | | | This allows us to have old/new names for a given constant. https://bugs.freedesktop.org/show_bug.cgi?id=83495 | ||||
* | p11-kit: Fix tests when building with MinGW | Michael Cronenworth | 2014-09-09 | 3 | -0/+30 |
| | | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com> | ||||
* | trust: Fix token test when building with MinGW | Michael Cronenworth | 2014-09-09 | 1 | -0/+4 |
| | | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com> | ||||
* | configure: Check for pthread_create() in pthread library | Roman Bogorodskiy | 2014-09-09 | 1 | -3/+3 |
| | | | | | | | Check for pthread_create() in pthread library instaed of pthread_mutexattr_init(). This fixes a linking error on FreeBSD. https://bugs.freedesktop.org/show_bug.cgi?id=75674 | ||||
* | p11-kit: Compilation fixes for previous commit | Stef Walter | 2014-09-09 | 1 | -4/+1 |
| | | | | Pushed the wrong version | ||||
* | p11-kit: Make proxy module respect critical = no | Stef Walter | 2014-09-09 | 1 | -37/+47 |
| | | | | | | | The p11-kit-proxy.so module would not respect the critical = no setting in module configuration, and fail if any module failed to initialize. https://bugs.freedesktop.org/show_bug.cgi?id=83651 | ||||
* | Fix build without debug | Roman Bogorodskiy | 2014-09-09 | 1 | -0/+2 |
| | | | | | | | | | | | | | When building without debug build fails with: CCLD p11-kit/p11-kit ./.libs/libp11-kit.so: undefined reference to `P11_RPC_CHECK_CALLS' cc: error: linker command failed with exit code 1 (use -v to see invocation) gmake[2]: *** [p11-kit/p11-kit] Error 1 This happens because P11_RPC_CHECK_CALLS is not defined when debugging is enabled, so provide a noop macro for that case. | ||||
* | trust: Show public-key-info in 'trust list --details' | Stef Walter | 2014-09-05 | 1 | -0/+14 |
| | | | | | Since the public-key-info is an important part of the way we represent trust, show it in 'trust list' if --details is present. | ||||
* | Release version 0.21.20.21.2 | Stef Walter | 2014-09-05 | 2 | -1/+11 |
| | |||||
* | trust: Produce a proper message for an invalid stapled extension | Stef Walter | 2014-09-05 | 1 | -1/+10 |
| | | | | | | Previously we would output a line like this: p11-kit: 'node != NULL' not true at lookup_extension | ||||
* | Move to non-recursive Makefile for building bins and libs | Stef Walter | 2014-08-15 | 133 | -589/+632 |
| | | | | Still use recursive for documentation and translation. | ||||
* | common: Fix regression introduced by last commit | Stef Walter | 2014-08-15 | 1 | -1/+1 |
| | | | | | | The last commit caused dirfd() to become undefined. https://bugs.freedesktop.org/show_bug.cgi?id=82617 | ||||
* | Fix build against older pthreads implementations | Baruch Siach | 2014-08-14 | 1 | -0/+6 |
| | | | | | | | | | | | | | | | | | Older pthreads implementations like glibc NPTL prior to version 2.12, and uClibc linuxthreads (both), need _XOPEN_SOURCE to expose pthread_mutexattr_settype() and THREAD_MUTEX_DEFAULT. The value 600 (SuSv3, POSIX.1-2001) is equivalent to _POSIX_C_SOURCE 200112L. Fixes the following build error: CC compat.lo compat.c: In function 'p11_mutex_init': compat.c:164:2: warning: implicit declaration of function 'pthread_mutexattr_settype' [-Wimplicit-function-declaration] compat.c:164:2: warning: nested extern declaration of 'pthread_mutexattr_settype' [-Wnested-externs] compat.c:164:36: error: 'PTHREAD_MUTEX_DEFAULT' undeclared (first use in this function) https://bugs.freedesktop.org/show_bug.cgi?id=82617 | ||||
* | Fix 'make upload-release' target | Stef Walter | 2014-08-14 | 1 | -2/+2 |
| | |||||
* | doc: Fix missing tag in p11-kit-sharing.xml | Stef Walter | 2014-08-11 | 1 | -0/+1 |
| | |||||
* | p11-kit: Fix various noise/issues highlighted by clang | Stef Walter | 2014-08-11 | 4 | -13/+13 |
| | |||||
* | Ignore clang scanner litter | Stef Walter | 2014-08-08 | 1 | -0/+1 |
| | |||||
* | trust: Don't use invalid public keys for looking up stapled extensions | Stef Walter | 2014-08-08 | 1 | -1/+1 |
| | | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328 | ||||
* | trust: Print label of certificate when complaining about basic constraints | Stef Walter | 2014-08-08 | 1 | -1/+5 |
| | | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328 | ||||
* | trust: Double check that index bucket is valid before access | Stef Walter | 2014-08-08 | 1 | -2/+2 |
| | |||||
* | p11-kit: Remove use after free in debug output code path | Stef Walter | 2014-08-08 | 1 | -1/+1 |
| | |||||
* | Quiten down scanner warnings about unused variables | Stef Walter | 2014-08-08 | 2 | -8/+2 |
| | |||||
* | common: Quiet down clang scanner with assertions | Stef Walter | 2014-08-08 | 1 | -1/+1 |
| | | | | | Quieten down the clang scanner by telling it to expect that our test assertions fail | ||||
* | Fix mostly erroneous scanner warnings in tests | Stef Walter | 2014-08-08 | 11 | -2/+22 |
| | |||||
* | trust: Fix leak in token loading error path | Stef Walter | 2014-08-08 | 1 | -0/+1 |
| | |||||
* | trust: Fix unlikely use of uninitialized memory in token loading | Stef Walter | 2014-08-08 | 1 | -3/+3 |
| | |||||
* | trust: Fix leak in trust list command | Stef Walter | 2014-08-08 | 1 | -0/+1 |
| | |||||
* | trust: Fix use after free and double free in extract command | Stef Walter | 2014-08-08 | 1 | -7/+4 |
| | |||||
* | trust: Remove dead while condition in anchor commond | Stef Walter | 2014-08-08 | 1 | -1/+1 |
| | |||||
* | p11-kit: Fix integer overflow in memset() argument | Stef Walter | 2014-08-08 | 1 | -1/+1 |
| |