summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* common: Don't do repeated linear reallocation of array memorystableStef Walter2014-10-131-1/+4
| | | | | | | Some mallocs (notably on Windows) have really poor behavior when called repeatedly with a linearly growing buffer. https://bugzilla.redhat.com/show_bug.cgi?id=985419
* p11-kit: Use pthread_atfork() in a safe mannerStef Walter2014-10-037-89/+46
| | | | | | | | | | | | | Instead of trying to perform actions in pthread_atfork() which are not async-signal-safe, just increment a counter so we can later tell if the process has forked. Note this does not make it safe to mix threads and forking without immediately execing. This is a far broader problem that p11-kit, however we now do the right thing when fork+exec is used from a thread. https://bugs.freedesktop.org/show_bug.cgi?id=84567
* Release version 0.20.7Stef Walter2014-09-172-1/+6
|
* common: Use correct CKA_PUBLIC_KEY_INFO valueStef Walter2014-09-171-1/+1
|
* common: New public pkcs11x.h header containing extensionsStef Walter2014-09-1612-458/+521
| | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFOStef Walter2014-09-1610-47/+51
| | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Add support for multiple field names (ie: nicks) per constantStef Walter2014-09-163-21/+22
| | | | | | This allows us to have old/new names for a given constant. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* trust: Fix token test when building with MinGWMichael Cronenworth2014-09-091-0/+4
| | | | Signed-off-by: Michael Cronenworth <mike@cchtml.com>
* Release version 0.20.60.20.6Stef Walter2014-09-092-1/+5
|
* configure: Check for pthread_create() in pthread libraryRoman Bogorodskiy2014-09-091-3/+3
| | | | | | | Check for pthread_create() in pthread library instaed of pthread_mutexattr_init(). This fixes a linking error on FreeBSD. https://bugs.freedesktop.org/show_bug.cgi?id=75674
* p11-kit: Compilation fixes for previous commitStef Walter2014-09-091-4/+1
| | | | Pushed the wrong version
* p11-kit: Make proxy module respect critical = noStef Walter2014-09-091-37/+47
| | | | | | | The p11-kit-proxy.so module would not respect the critical = no setting in module configuration, and fail if any module failed to initialize. https://bugs.freedesktop.org/show_bug.cgi?id=83651
* Release version 0.20.50.20.5Stef Walter2014-09-052-1/+8
|
* trust: Parse TRUSTED CERTIFICATE openssl format even without CertAuxStef Walter2014-09-053-13/+151
| | | | | | | | openssl sometimes outputs TRUSTED CERTIFICATE PEM files without the additional CertAux (ie: trust fields) information. It simply leaves that block out. This happens with a command like: $ openssl x509 -in my-cert.pem -out output -trustout
* trust: Produce a proper message for an invalid stapled extensionStef Walter2014-09-051-1/+10
| | | | | | Previously we would output a line like this: p11-kit: 'node != NULL' not true at lookup_extension
* configure: Don't use subdir-objects on our stable branch yetStef Walter2014-09-051-1/+1
| | | | | | This just causes build problems when switching between branches. On master we've switched to a non-recursive Makefile so this is just relevant here.
* Ignore clang scanner litterStef Walter2014-08-081-0/+1
|
* trust: Don't use invalid public keys for looking up stapled extensionsStef Walter2014-08-081-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* trust: Print label of certificate when complaining about basic constraintsStef Walter2014-08-081-1/+5
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* trust: Double check that index bucket is valid before accessStef Walter2014-08-081-2/+2
|
* p11-kit: Remove use after free in debug output code pathStef Walter2014-08-081-1/+1
|
* Quiten down scanner warnings about unused variablesStef Walter2014-08-082-8/+2
|
* common: Quiet down clang scanner with assertionsStef Walter2014-08-081-1/+1
| | | | | Quieten down the clang scanner by telling it to expect that our test assertions fail
* Fix mostly erroneous scanner warnings in testsStef Walter2014-08-0811-2/+22
|
* trust: Fix leak in token loading error pathStef Walter2014-08-081-0/+1
|
* trust: Fix unlikely use of uninitialized memory in token loadingStef Walter2014-08-081-3/+3
|
* trust: Fix leak in trust list commandStef Walter2014-08-081-0/+1
|
* trust: Fix use after free and double free in extract commandStef Walter2014-08-081-7/+4
|
* trust: Remove dead while condition in anchor commondStef Walter2014-08-081-1/+1
|
* p11-kit: Fix integer overflow in memset() argumentStef Walter2014-08-081-1/+1
|
* p11-kit: Fix bad check of asprintf() return valueStef Walter2014-08-081-1/+1
|
* configure.ac: Add subdir-objects to satisfy newer automakesStef Walter2014-08-081-1/+1
|
* trust: Fix use of invalid memory in PEM parserStef Walter2014-08-081-3/+1
|
* Release version 0.20.4Stef Walter2014-08-072-1/+5
|
* p11-kit: Tweak last commit, handle the not-forked caseStef Walter2014-08-071-1/+4
| | | | | When we hadn't forked, but were just not initialized, still return CKR_CRYPTOKI_NOT_INITIALIZED from managed modules.
* p11-kit: Don't complain about C_Finalize called in wrong processStef Walter2014-08-071-6/+13
| | | | | | When C_Finalize is called in the wrong process, it's often because of a caller unaware of forking. This is a painful area of PKCS#11, but at least for C_Finalize, lets not complain loudly about it.
* Fix typo: supress - > suppressAndreas Metzler2014-07-074-4/+4
|
* Release version 0.20.30.20.3Stef Walter2014-07-042-1/+11
|
* Added test for non-null values in empty ID and label URI partsNikos Mavrogiannopoulos2014-07-041-0/+66
|
* p11-kit: Mark p11_kit_be_quiet() and p11_kit_be_loud() stableStef Walter2014-07-042-6/+6
| | | | | These are useful functions for callers who want to supress all output from p11-kit library.
* p11-kit: Handle managed modules correctly when forkingStef Walter2014-07-042-5/+56
| | | | | | | | Correctly allow reinitialization when a process forks. We don't yet implement checks on all entry points of a managed module, but this allows callers to call C_Initialize again after forking, as outlined by the PKCS#11 v2 spec.
* common: Fixed implementation of strerror_r for WinXPPavel A2014-07-011-0/+15
| | | | | | ie: when streror_s is missing in msvcrt.dll https://bugs.freedesktop.org/show_bug.cgi?id=76594
* p11-kit: Fix corrupted list when initialization of modules failStef Walter2014-06-251-0/+2
| | | | | | | | This fixes the function call p11_kit_module_initialize() to correctly rearrange the modules array when initializing a module fails. Also fixes p11_kit_modules_load_and_initialize()
* Don't try to symlink p11-proxy.so on windowsMilan Crha2014-06-201-5/+5
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=76594
* configure: Require automake 1.12 or laterStef Walter2014-06-201-1/+1
| | | | | We can't use automake 1.10 as serial-tests is not supported there.
* Proposed fix for compiler warnings in common/compat.cPavel A2014-06-201-19/+23
| | | | | | | | | | | | | when buliding for Windows (mingw). This issue has been reported in bug #76594 a. Moved vasprintf before asprintf b. Added prototypes for each of them Thanks, pa Signed-off-by: Pavel A <pavel.aronsky@daynix.com>
* proxy: Fix cases where modules are unloaded while in useStef Walter2014-02-131-22/+31
| | | | | | | | | | | | | The proxy module would unload the PKCS#11 modules it was proxying when C_Finalize() was called. However if a caller in another thread was inside of a PKCS#11 function at the time, this would cause a crash. Change things around so that underlying modules are finalized during the proxy C_Finalize() but not released/unloaded until the proxy module itself is unloaded. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* proxy: Remove assertions when module is not initializedStef Walter2014-02-131-2/+0
| | | | | | | | We should return CKR_CRYPTOKI_NOT_INITIALIZED rather than assert() when proxy PKCS#11 functions are called before the module is initialized. https://bugs.freedesktop.org/show_bug.cgi?id=74919
* Fix handling of mmap failure and mapping empty filesPascal Terjan2014-02-132-2/+26
| | | | | | | | | | | Check the return value of mmap() correctly. Empty files cannot be mmap'd so we implement some work around code for that. https://bugs.freedesktop.org/show_bug.cgi?id=74773 Signed-off-by: Stef Walter <stef@thewalter.net>
* Support running autogen.sh from srcdir != builddirStef Walter2014-01-291-2/+6
|
View Lorry Controller Status