packages/p11-kit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Package init

Browse Source
This commit is contained in:
overweight 2019-09-30 11:11:11 -04:00
commit b61746609a
17 changed files with 1053 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
build-Call-va_end-always-when-leaving-the-function.patch Normal file
View File

@ -0,0 +1,79 @@
From c76197ddbbd0c29adc2bceff2ee9f740f71d134d Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 16 Oct 2018 18:06:56 +0200
Subject: [PATCH 04/36] build: Call va_end() always when leaving the function
---
common/attrs.c | 4 +++-
common/compat.c | 5 ++++-
common/path.c | 5 ++++-
trust/parser.c | 4 +++-
4 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/common/attrs.c b/common/attrs.c
index aa91891..a387a66 100644
--- a/common/attrs.c
+++ b/common/attrs.c
@@ -538,8 +538,10 @@ buffer_append_printf (p11_buffer *buffer,
va_list va;
va_start (va, format);
- if (vasprintf (&string, format, va) < 0)
+ if (vasprintf (&string, format, va) < 0) {
+ va_end (va);
return_if_reached ();
+ }
va_end (va);
p11_buffer_add (buffer, string, -1);
diff --git a/common/compat.c b/common/compat.c
index 5a9702d..48614fa 100644
--- a/common/compat.c
+++ b/common/compat.c
@@ -525,7 +525,10 @@ strconcat (const char *first,
for (arg = first; arg; arg = va_arg (va, const char*)) {
size_t old_length = length;
length += strlen (arg);
- return_val_if_fail (length >= old_length, NULL);
+ if (length < old_length) {
+ va_end (va);
+ return_val_if_reached (NULL);
+ }
}
va_end (va);
diff --git a/common/path.c b/common/path.c
index 5cf0e1a..17a6230 100644
--- a/common/path.c
+++ b/common/path.c
@@ -218,7 +218,10 @@ p11_path_build (const char *path,
while (path != NULL) {
size_t old_len = len;
len += strlen (path) + 1;
- return_val_if_fail (len >= old_len, NULL);
+ if (len < old_len) {
+ va_end (va);
+ return_val_if_reached (NULL);
+ }
path = va_arg (va, const char *);
}
va_end (va);
diff --git a/trust/parser.c b/trust/parser.c
index f92cdc9..e912c3a 100644
--- a/trust/parser.c
+++ b/trust/parser.c
@@ -697,8 +697,10 @@ p11_parser_formats (p11_parser *parser,
func = va_arg (va, parser_func);
if (func == NULL)
break;
- if (!p11_array_push (formats, func))
+ if (!p11_array_push (formats, func)) {
+ va_end (va);
return_if_reached ();
+ }
}
va_end (va);
--
2.19.1

42
debug-Work-around-cppcheck-false-positives.patch Normal file
View File

@ -0,0 +1,42 @@
From 8a8db182af533a43b4d478d28af8623035475d68 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 16 Oct 2018 18:05:10 +0200
Subject: [PATCH 03/36] debug: Work around cppcheck false-positives
https://trac.cppcheck.net/ticket/8794
---
common/debug.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/common/debug.h b/common/debug.h
index 255c62c..7ea36f3 100644
--- a/common/debug.h
+++ b/common/debug.h
@@ -71,13 +71,13 @@ void p11_debug_precond (const char *format,
#endif
#define return_val_if_fail(x, v) \
- do { if (!(x)) { \
+ do { if (x) { } else { \
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
return v; \
} } while (false)
#define return_if_fail(x) \
- do { if (!(x)) { \
+ do { if (x) { } else { \
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
return; \
} } while (false)
@@ -100,7 +100,7 @@ void p11_debug_precond (const char *format,
} while (false)
#define warn_if_fail(x) \
- do { if (!(x)) { \
+ do { if (x) { } else { \
p11_debug_precond ("p11-kit: '%s' not true at %s\n", #x, __func__); \
} } while (false)
--
2.19.1

31
modules-Fix-index-used-in-call-to-p11_dict_remove.patch Normal file
View File

@ -0,0 +1,31 @@
From 793cc3b78f17bb5a3c151eba1144b73a5d51be3e Mon Sep 17 00:00:00 2001
From: Simon Haggett <simon.haggett@gmail.com>
Date: Tue, 12 Mar 2019 11:26:20 +0000
Subject: [PATCH 36/36] modules: Fix index used in call to p11_dict_remove()
This fixes a call to p11_dict_remove() in managed_steal_sessions_inlock() to use
the correct index in the stolen array (i, rather than at). This avoids an
assert, which was encountered on a host serving a PKCS#11 module to a remote
Linux client.
Signed-off-by: Simon Haggett <simon.haggett@gmail.com>
---
p11-kit/modules.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 891ce4c..39e1fda 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -1647,7 +1647,7 @@ managed_steal_sessions_inlock (p11_dict *sessions,
/* Only removed some, go through and remove those */
} else {
for (i = 0; i < at; i++) {
- if (!p11_dict_remove (sessions, stolen + at))
+ if (!p11_dict_remove (sessions, stolen + i))
assert_not_reached ();
}
}
--
2.19.1

50
modules-check-gl.modules-before-iterates-on-it-when-.patch Normal file
View File

@ -0,0 +1,50 @@
From 4a925177a81c2566d2a81a0a450607a5ff4d9048 Mon Sep 17 00:00:00 2001
From: Stefano Garzarella <sgarzare@redhat.com>
Date: Wed, 27 Feb 2019 12:25:20 +0100
Subject: [PATCH 34/36] modules: check gl.modules before iterates on it when
freeing
In some circumstances, as described in the BZ, can happen that
free_modules_when_no_refs_unlocked() is called multiple times
when the module destructor is invoked.
We should check gl.modules before iterates on it in the
free_modules_when_no_refs_unlocked() functions, to avoid
a SIGSEGV.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1680963
---
p11-kit/modules.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index 0299eda..891ce4c 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -797,14 +797,16 @@ init_globals_unlocked (void)
static void
free_modules_when_no_refs_unlocked (void)
{
- Module *mod;
- p11_dictiter iter;
-
- /* Check if any modules have a ref count */
- p11_dict_iterate (gl.modules, &iter);
- while (p11_dict_next (&iter, (void **)&mod, NULL)) {
- if (mod->ref_count)
- return;
+ if (gl.modules) {
+ Module *mod;
+ p11_dictiter iter;
+
+ /* Check if any modules have a ref count */
+ p11_dict_iterate (gl.modules, &iter);
+ while (p11_dict_next (&iter, (void **)&mod, NULL)) {
+ if (mod->ref_count)
+ return;
+ }
}
p11_dict_free (gl.unmanaged_by_funcs);
--
2.19.1

BIN
p11-kit-0.23.14.tar.gz Normal file
View File

Binary file not shown.

11
p11-kit-client.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=p11-kit client
[Service]
Type=oneshot
RemainAfterExit=true
RuntimeDirectory=p11-kit
ExecStart=/usr/bin/true
[Install]
WantedBy=default.target

133
p11-kit.spec Normal file
View File

@ -0,0 +1,133 @@
Name: p11-kit
Version: 0.23.14
Release: 2
Summary: Provides a way to load and enumerate PKCS#11 modules.
License: BSD
URL: http://p11-glue.freedesktop.org/p11-kit.html
Source0: %{name}-%{version}.tar.gz
Source1: trust-extract-compat
Source2: p11-kit-client.service
Patch6001: debug-Work-around-cppcheck-false-positives.patch
Patch6002: build-Call-va_end-always-when-leaving-the-function.patch
Patch6003: rpc-server-p11_kit_remote_serve_tokens-Fix-memleak.patch
Patch6004: rpc-server-Check-calloc-failure.patch
Patch6005: trust-Check-index-buckets-is-allocated-on-cleanup.patch
Patch6006: trust-Propagate-library-verbosity-to-module-through-.patch
Patch6007: trust-Fail-if-trust-anchors-are-not-loaded-from-a-fi.patch
Patch6008: trust-p11_token_load-Treat-parse-error-as-failure.patch
Patch6009: trust-Continue-parsing-if-the-file-cannot-be-read-as.patch
Patch6010: pem-Fix-assert-condition.patch
Patch6011: trust-Ignore-unreadable-content-in-anchors.patch
Patch6012: modules-check-gl.modules-before-iterates-on-it-when-.patch
Patch6013: modules-Fix-index-used-in-call-to-p11_dict_remove.patch
BuildRequires: gcc libtasn1-devel >= 2.3 libffi-devel gtk-doc systemd-devel pkgconfig(glib-2.0)
%description
Provides a way to load and enumerate PKCS#11 modules.
Provides a standard configuration setup for installing
PKCS#11 modules in such a way that they're discoverable.
Also solves problems with coordinating the use of PKCS#11
by different components or libraries living in the same process.
Provides: %{name}-server
Obsoletes: %{name}-server
%package devel
Summary: Development files for %{name}
Requires: %{name} = %{version}-%{release}
%description devel
Provides header and libraries files for applications use %{name} to develop.
%package trust
Summary: Trust policy module of %{name}
Requires: %{name} = %{version}-%{release}
Conflicts: nss < 3.14.3-9
%description trust
This package contains PKCS#11 trust policy module.
%package help
Summary: Help infomation of %{name}
Requires: %{name} = %{version}-%{release}
%description help
This package contains help information of p11-kit.
%prep
%autosetup -p1
%build
%configure --enable-doc --with-trust-paths=/etc/pki/ca-trust/source:/usr/share/pki/ca-trust-source
make -j 4 V=1
%install
make install DESTDIR=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pkcs11/modules
install -p -m 755 %{SOURCE1} $RPM_BUILD_ROOT%{_libexecdir}/p11-kit/
install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_userunitdir}
find $RPM_BUILD_ROOT -type f -name "*.la" -delete -print
%check
make check
%post -p /sbin/ldconfig
%post trust
%{_sbindir}/update-alternatives --install %{_libdir}/libnssckbi.so libnssckbi.so %{_libdir}/pkcs11/p11-kit-trust.so 30
%postun -p /sbin/ldconfig
%postun trust
if [ $1 -eq 0 ]; then
%{_sbindir}/update-alternatives --remove libnssckbi.so %{_libdir}/pkcs11/p11-kit-trust.so
fi
%files
%license COPYING
%dir %{_libexecdir}/p11-kit
%dir %{_sysconfdir}/pkcs11
%dir %{_sysconfdir}/pkcs11/modules
%dir %{_datadir}/p11-kit
%dir %{_datadir}/p11-kit/modules
%{_bindir}/p11-kit
%{_libdir}/libp11-kit.so.*
%{_libdir}/p11-kit-proxy.so
%{_libdir}/pkcs11/p11-kit-client.so
%{_libexecdir}/p11-kit/p11-kit-remote
%{_libexecdir}/p11-kit/p11-kit-server
%{_userunitdir}/p11-kit-client.service
%{_userunitdir}/p11-kit-server.service
%{_userunitdir}/p11-kit-server.socket
%files help
%doc AUTHORS NEWS README
%doc p11-kit/pkcs11.conf.example
%{_mandir}/man1/trust.1.gz
%{_mandir}/man8/p11-kit.8.gz
%{_mandir}/man5/pkcs11.conf.5.gz
%{_sysconfdir}/pkcs11/pkcs11.conf.example
%files devel
%doc %{_datadir}/gtk-doc/
%{_includedir}/p11-kit-1/
%{_libdir}/libp11-kit.so
%{_libdir}/pkgconfig/p11-kit-1.pc
%files trust
%{_bindir}/trust
%dir %{_libdir}/pkcs11
%ghost %{_libdir}/libnssckbi.so
%{_libdir}/pkcs11/p11-kit-trust.so
%{_datadir}/p11-kit/modules/p11-kit-trust.module
%{_libexecdir}/p11-kit/trust-extract-compat
%changelog
* Fri Sep 27 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.23.14-2
- Correct patch number
* Sat Sep 7 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.23.14-1
- Package init

58
pem-Fix-assert-condition.patch Normal file
View File

@ -0,0 +1,58 @@
From f277a1469aef05d3542e8ae9fd3f5dbadbe12463 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Fri, 11 Jan 2019 10:35:16 +0100
Subject: [PATCH 30/36] pem: Fix assert condition
If the PEM header is "-----BEGIN -----", *type should be an empty
string and the parser shouldn't fail. Reported by Han Han in:
https://bugzilla.redhat.com/show_bug.cgi?id=1665172
---
trust/pem.c | 2 +-
trust/test-pem.c | 18 ++++++++++++++++++
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/trust/pem.c b/trust/pem.c
index ce4f554..fae7dd6 100644
--- a/trust/pem.c
+++ b/trust/pem.c
@@ -84,7 +84,7 @@ pem_find_begin (const char *data,
if (type) {
pref += ARMOR_PREF_BEGIN_L;
- assert (suff > pref);
+ assert (suff >= pref);
*type = strndup (pref, suff - pref);
return_val_if_fail (*type != NULL, NULL);
}
diff --git a/trust/test-pem.c b/trust/test-pem.c
index 0c7d60a..6feff86 100644
--- a/trust/test-pem.c
+++ b/trust/test-pem.c
@@ -119,6 +119,24 @@ struct {
}
},
+ {
+ /* one block with empty type */
+ "-----BEGIN -----\n"
+ "aYNNXqshlVxCdo8QfKeXh3GUzd/yn4LYIVgQrx4a\n"
+ "-----END -----",
+ {
+ {
+ "",
+ "\x69\x83\x4d\x5e\xab\x21\x95\x5c\x42\x76\x8f\x10\x7c\xa7\x97\x87"
+ "\x71\x94\xcd\xdf\xf2\x9f\x82\xd8\x21\x58\x10\xaf\x1e\x1a",
+ 30,
+ },
+ {
+ NULL,
+ }
+ }
+ },
+
{
NULL,
}
--
2.19.1

27
rpc-server-Check-calloc-failure.patch Normal file
View File

@ -0,0 +1,27 @@
From 6417780ebbbbb0f01ddb001b239347655fb98578 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 17 Oct 2018 09:53:27 +0200
Subject: [PATCH 11/36] rpc-server: Check calloc failure
---
p11-kit/rpc-server.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
index 5b3dbf0..3216742 100644
--- a/p11-kit/rpc-server.c
+++ b/p11-kit/rpc-server.c
@@ -2219,6 +2219,10 @@ p11_kit_remote_serve_tokens (const char **tokens,
filter = p11_dict_get (filters, module);
if (filter == NULL) {
lower = calloc (1, sizeof (p11_virtual));
+ if (lower == NULL) {
+ error = ENOMEM;
+ goto out;
+ }
p11_virtual_init (lower, &p11_virtual_base, module, NULL);
filter = p11_filter_subclass (lower, NULL);
if (filter == NULL) {
--
2.19.1

28
rpc-server-p11_kit_remote_serve_tokens-Fix-memleak.patch Normal file
View File

@ -0,0 +1,28 @@
From 1f78cb0b4dd193ec1f1b2b424a497a6c2edec043 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 16 Oct 2018 18:16:51 +0200
Subject: [PATCH 08/36] rpc-server: p11_kit_remote_serve_tokens: Fix memleak
---
p11-kit/rpc-server.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
index 3a8991d..5b3dbf0 100644
--- a/p11-kit/rpc-server.c
+++ b/p11-kit/rpc-server.c
@@ -2285,6 +2285,11 @@ p11_kit_remote_serve_tokens (const char **tokens,
p11_kit_modules_release (modules);
if (error != 0)
errno = error;
+ if (uris) {
+ for (i = 0; i < n_tokens; i++)
+ p11_kit_uri_free (uris[i]);
+ free (uris);
+ }
return ret;
}
--
2.19.1

31
trust-Check-index-buckets-is-allocated-on-cleanup.patch Normal file
View File

@ -0,0 +1,31 @@
From 83e92c2f9575707083d8b0c70ef330e285d70836 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Wed, 17 Oct 2018 09:53:46 +0200
Subject: [PATCH 12/36] trust: Check index->buckets is allocated on cleanup
---
trust/index.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/trust/index.c b/trust/index.c
index 6a8e535..2d1da29 100644
--- a/trust/index.c
+++ b/trust/index.c
@@ -193,9 +193,11 @@ p11_index_free (p11_index *index)
p11_dict_free (index->objects);
p11_dict_free (index->changes);
- for (i = 0; i < NUM_BUCKETS; i++)
- free (index->buckets[i].elem);
- free (index->buckets);
+ if (index->buckets) {
+ for (i = 0; i < NUM_BUCKETS; i++)
+ free (index->buckets[i].elem);
+ free (index->buckets);
+ }
free (index);
}
--
2.19.1

29
trust-Continue-parsing-if-the-file-cannot-be-read-as.patch Normal file
View File

@ -0,0 +1,29 @@
From 5e6a92b67ddade14a54769b05cc717043bc56b78 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 25 Dec 2018 08:32:19 +0100
Subject: [PATCH 27/36] trust: Continue parsing if the file cannot be read as
persist format
A corrupted file that contains "[p11-kit-object-v1]" can be a valid
PEM certs file. Continue with the next format if it cannot be read as
a persistent format.
---
trust/parser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/trust/parser.c b/trust/parser.c
index e912c3a..e84e47c 100644
--- a/trust/parser.c
+++ b/trust/parser.c
@@ -639,7 +639,7 @@ p11_parser_format_persist (p11_parser *parser,
}
p11_array_free (objects);
- return ret ? P11_PARSE_SUCCESS : P11_PARSE_FAILURE;
+ return ret ? P11_PARSE_SUCCESS : P11_PARSE_UNRECOGNIZED;
}
p11_parser *
--
2.19.1

69
trust-Fail-if-trust-anchors-are-not-loaded-from-a-fi.patch Normal file
View File

@ -0,0 +1,69 @@
From eb503f3a1467f21a5ecc9ae84ae23b216afc102f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 25 Dec 2018 07:32:01 +0100
Subject: [PATCH 25/36] trust: Fail if trust anchors are not loaded from a file
If the trust path is a file, treat parse error as fatal and abort the
C_FindObjectsInit call.
---
trust/module.c | 11 ++++++++---
trust/token.c | 6 +++---
2 files changed, 11 insertions(+), 6 deletions(-)
diff --git a/trust/module.c b/trust/module.c
index 0c16a39..1722340 100644
--- a/trust/module.c
+++ b/trust/module.c
@@ -1198,11 +1198,16 @@ sys_C_FindObjectsInit (CK_SESSION_HANDLE handle,
indices[n++] = session->index;
if (want_token_objects) {
if (!session->loaded)
- p11_token_load (session->token);
- session->loaded = CK_TRUE;
- indices[n++] = p11_token_index (session->token);
+ if (p11_token_load (session->token) < 0)
+ rv = CKR_FUNCTION_FAILED;
+ if (rv == CKR_OK) {
+ session->loaded = CK_TRUE;
+ indices[n++] = p11_token_index (session->token);
+ }
}
+ }
+ if (rv == CKR_OK) {
find = calloc (1, sizeof (FindObjects));
warn_if_fail (find != NULL);
diff --git a/trust/token.c b/trust/token.c
index fd3b043..030c17b 100644
--- a/trust/token.c
+++ b/trust/token.c
@@ -196,14 +196,14 @@ loader_load_file (p11_token *token,
default:
p11_debug ("failed to parse: %s", filename);
loader_gone_file (token, filename);
- return 0;
+ return -1;
}
/* Update each parsed object with the origin */
parsed = p11_parser_parsed (token->parser);
for (i = 0; i < parsed->num; i++) {
parsed->elem[i] = p11_attrs_build (parsed->elem[i], origin, NULL);
- return_val_if_fail (parsed->elem[i] != NULL, 0);
+ return_val_if_fail (parsed->elem[i] != NULL, -1);
}
p11_index_load (token->index);
@@ -215,7 +215,7 @@ loader_load_file (p11_token *token,
if (rv != CKR_OK) {
p11_message ("couldn't load file into objects: %s", filename);
- return 0;
+ return -1;
}
loader_was_loaded (token, filename, sb);
--
2.19.1

181
trust-Ignore-unreadable-content-in-anchors.patch Normal file
View File

@ -0,0 +1,181 @@
From e2170b295992cb7fdf115227a78028ac3780619f Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Mon, 18 Feb 2019 14:53:49 +0100
Subject: [PATCH 33/36] trust: Ignore unreadable content in anchors
This amends eb503f3a1467f21a5ecc9ae84ae23b216afc102f. Instead of
failing C_FindObjectsInit, treat any errors internally and accumulates
the successfully loaded certificates.
Reported by Andrej Kvasnica in:
https://bugzilla.redhat.com/show_bug.cgi?id=1675441
---
trust/module.c | 3 +-
trust/test-module.c | 77 +++++++++++++++++++++++++++++++++++++++++++++
trust/token.c | 23 ++++++--------
3 files changed, 88 insertions(+), 15 deletions(-)
diff --git a/trust/module.c b/trust/module.c
index 1722340..ec3333d 100644
--- a/trust/module.c
+++ b/trust/module.c
@@ -1198,8 +1198,7 @@ sys_C_FindObjectsInit (CK_SESSION_HANDLE handle,
indices[n++] = session->index;
if (want_token_objects) {
if (!session->loaded)
- if (p11_token_load (session->token) < 0)
- rv = CKR_FUNCTION_FAILED;
+ p11_token_load (session->token);
if (rv == CKR_OK) {
session->loaded = CK_TRUE;
indices[n++] = p11_token_index (session->token);
diff --git a/trust/test-module.c b/trust/test-module.c
index 1e8d812..4024d81 100644
--- a/trust/test-module.c
+++ b/trust/test-module.c
@@ -163,6 +163,80 @@ setup_writable (void *unused)
p11_parser_formats (test.parser, p11_parser_format_persist, NULL);
}
+/* This is similar to setup(), but it adds an unreadable content in
+ * the anchor directory. */
+static void
+setup_unreadable (void *unused)
+{
+ CK_C_INITIALIZE_ARGS args;
+ const char *paths;
+ char *p, *pp, *anchors;
+ FILE *f, *ff;
+ char buffer[4096];
+ char *arguments;
+ CK_ULONG count;
+ CK_RV rv;
+
+ memset (&test, 0, sizeof (test));
+
+ /* This is the entry point of the trust module, linked to this test */
+ rv = C_GetFunctionList (&test.module);
+ assert (rv == CKR_OK);
+
+ test.directory = p11_test_directory ("test-module");
+ anchors = p11_path_build (test.directory, "anchors", NULL);
+#ifdef OS_UNIX
+ if (mkdir (anchors, S_IRWXU) < 0)
+#else
+ if (mkdir (anchors) < 0)
+#endif
+ assert_fail ("mkdir()", anchors);
+
+ p = p11_path_build (anchors, "unreadable", NULL);
+ f = fopen (p, "w");
+ fwrite ("foo", 3, 1, f);
+ fclose (f);
+ chmod (p, 0);
+ free (p);
+
+ pp = p11_path_build (anchors, "thawte", NULL);
+ ff = fopen (pp, "w");
+ f = fopen (SRCDIR "/trust/fixtures/thawte.pem", "r");
+ while (!feof (f)) {
+ size_t size;
+ size = fread (buffer, 1, sizeof (buffer), f);
+ if (ferror (f))
+ assert_fail ("fread()",
+ SRCDIR "/trust/fixtures/thawte.pem");
+ fwrite (buffer, 1, size, ff);
+ if (ferror (ff))
+ assert_fail ("write()", pp);
+ }
+ free (pp);
+ fclose (ff);
+ fclose (f);
+ free (anchors);
+
+ memset (&args, 0, sizeof (args));
+ paths = SRCDIR "/trust/input" P11_PATH_SEP \
+ SRCDIR "/trust/fixtures/self-signed-with-ku.der";
+ if (asprintf (&arguments, "paths='%s%c%s'",
+ paths, P11_PATH_SEP_C, test.directory) < 0)
+ assert (false && "not reached");
+ args.pReserved = arguments;
+ args.flags = CKF_OS_LOCKING_OK;
+
+ rv = test.module->C_Initialize (&args);
+ assert (rv == CKR_OK);
+
+ free (arguments);
+
+ count = NUM_SLOTS;
+ rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count);
+ assert (rv == CKR_OK);
+ assert (count == NUM_SLOTS);
+}
+
static void
test_get_slot_list (void)
{
@@ -1324,5 +1398,8 @@ main (int argc,
p11_fixture (NULL, NULL);
p11_test (test_token_write_protected, "/module/token-write-protected");
+ p11_fixture (setup_unreadable, teardown);
+ p11_test (test_find_certificates, "/module/unreadable");
+
return p11_test_run (argc, argv);
}
diff --git a/trust/token.c b/trust/token.c
index b91a1d0..8c75d06 100644
--- a/trust/token.c
+++ b/trust/token.c
@@ -266,8 +266,8 @@ loader_load_directory (p11_token *token,
return_val_if_fail (path != NULL, -1);
ret = loader_load_if_file (token, path);
- return_val_if_fail (ret >=0, -1);
- total += ret;
+ if (ret >= 0)
+ total += ret;
/* Make note that this file was seen */
p11_dict_remove (present, path);
@@ -328,8 +328,8 @@ loader_load_path (p11_token *token,
p11_dict_iterate (present, &iter);
while (p11_dict_next (&iter, (void **)&filename, NULL)) {
ret = loader_load_if_file (token, filename);
- return_val_if_fail (ret >= 0, ret);
- total += ret;
+ if (ret >= 0)
+ total += ret;
}
}
@@ -377,20 +377,17 @@ p11_token_load (p11_token *token)
int ret;
ret = loader_load_path (token, token->path, &is_dir);
- if (ret < 0)
- return -1;
- total += ret;
+ if (ret >= 0)
+ total += ret;
if (is_dir) {
ret = loader_load_path (token, token->anchors, &is_dir);
- if (ret < 0)
- return -1;
- total += ret;
+ if (ret >= 0)
+ total += ret;
ret = loader_load_path (token, token->blacklist, &is_dir);
- if (ret < 0)
- return -1;
- total += ret;
+ if (ret >= 0)
+ total += ret;
}
return total;
--
2.19.1

222
trust-Propagate-library-verbosity-to-module-through-.patch Normal file
View File

@ -0,0 +1,222 @@
From 0dd62395788ae566d3adef967611bce214a04435 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Sun, 23 Dec 2018 14:11:00 +0100
Subject: [PATCH 24/36] trust: Propagate library verbosity to module through
init_args
Previously, even when the -v option is used with the 'trust' command,
the messages from p11-kit-trust.so module were suppressed because the
verbosity setting is not propagated to the module.
---
common/message.c | 8 ++++----
p11-kit/modules.c | 29 +++++++++++++++++++++++------
p11-kit/p11-kit.h | 3 ++-
trust/enumerate.c | 11 +++++++++--
trust/module.c | 5 +++++
trust/p11-kit-trust.module | 4 ++++
6 files changed, 47 insertions(+), 13 deletions(-)
diff --git a/common/message.c b/common/message.c
index f9d4f57..e439def 100644
--- a/common/message.c
+++ b/common/message.c
@@ -58,7 +58,7 @@
#include <stdio.h>
#include <string.h>
-static bool print_messages = false;
+bool p11_print_messages = false;
#ifdef HAVE_STRERROR_L
locale_t p11_message_locale = (locale_t) 0;
@@ -148,7 +148,7 @@ p11_message (const char* msg,
buffer[length] = 0;
/* If printing is not disabled, just print out */
- if (print_messages)
+ if (p11_print_messages)
fprintf (stderr, "p11-kit: %s\n", buffer);
else
p11_debug_message (P11_DEBUG_LIB, "message: %s", buffer);
@@ -158,13 +158,13 @@ p11_message (const char* msg,
void
p11_message_quiet (void)
{
- print_messages = false;
+ p11_print_messages = false;
}
void
p11_message_loud (void)
{
- print_messages = true;
+ p11_print_messages = true;
}
const char *
diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index cfc4daf..0299eda 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -306,6 +306,7 @@ free_module_unlocked (void *data)
p11_dict_free (mod->config);
free (mod->name);
free (mod->filename);
+ free (mod->init_args.pReserved);
free (mod);
}
@@ -550,10 +551,12 @@ is_module_enabled_unlocked (const char *name,
static CK_RV
take_config_and_load_module_inlock (char **name,
p11_dict **config,
- bool critical)
+ bool critical,
+ bool verbose)
{
const char *filename = NULL;
const char *remote = NULL;
+ char *init_reserved = NULL;
CK_RV rv = CKR_OK;
Module *mod;
@@ -591,7 +594,19 @@ take_config_and_load_module_inlock (char **name,
* 'x-init-reserved' setting in the config. This only works with specific
* PKCS#11 modules, and is non-standard use of that field.
*/
- mod->init_args.pReserved = p11_dict_get (*config, "x-init-reserved");
+ init_reserved = p11_dict_get (*config, "x-init-reserved");
+ if (init_reserved) {
+ if (verbose) {
+ init_reserved = strconcat (init_reserved, " verbose=yes", NULL);
+ } else {
+ init_reserved = strdup (init_reserved);
+ }
+ if (init_reserved == NULL) {
+ rv = CKR_HOST_MEMORY;
+ goto out;
+ }
+ }
+ mod->init_args.pReserved = init_reserved;
/* Take ownership of thes evariables */
p11_dict_free (mod->config);
@@ -607,7 +622,7 @@ out:
}
static CK_RV
-load_registered_modules_unlocked (void)
+load_registered_modules_unlocked (int flags)
{
p11_dictiter iter;
p11_dict *configs;
@@ -617,6 +632,7 @@ load_registered_modules_unlocked (void)
int mode;
CK_RV rv;
bool critical;
+ bool verbose;
if (gl.config)
return CKR_OK;
@@ -652,7 +668,8 @@ load_registered_modules_unlocked (void)
/* Is this a critical module, should abort loading of others? */
critical = _p11_conf_parse_boolean (p11_dict_get (config, "critical"), false);
- rv = take_config_and_load_module_inlock (&name, &config, critical);
+ verbose = (flags & P11_KIT_MODULE_VERBOSE) != 0;
+ rv = take_config_and_load_module_inlock (&name, &config, critical, verbose);
/*
* These variables will be cleared if ownership is transeferred
@@ -858,7 +875,7 @@ initialize_registered_inlock_reentrant (void)
if (rv != CKR_OK)
return rv;
- rv = load_registered_modules_unlocked ();
+ rv = load_registered_modules_unlocked (0);
if (rv == CKR_OK) {
p11_dict_iterate (gl.unmanaged_by_funcs, &iter);
while (rv == CKR_OK && p11_dict_next (&iter, NULL, (void **)&mod)) {
@@ -1955,7 +1972,7 @@ p11_modules_load_inlock_reentrant (int flags,
if (rv != CKR_OK)
return rv;
- rv = load_registered_modules_unlocked ();
+ rv = load_registered_modules_unlocked (flags);
if (rv != CKR_OK)
return rv;
diff --git a/p11-kit/p11-kit.h b/p11-kit/p11-kit.h
index abf618b..cc89595 100644
--- a/p11-kit/p11-kit.h
+++ b/p11-kit/p11-kit.h
@@ -57,7 +57,8 @@ enum {
P11_KIT_MODULE_UNMANAGED = 1 << 0,
P11_KIT_MODULE_CRITICAL = 1 << 1,
P11_KIT_MODULE_TRUSTED = 1 << 2,
- P11_KIT_MODULE_MASK = (1 << 3) - 1
+ P11_KIT_MODULE_VERBOSE = 1 << 3,
+ P11_KIT_MODULE_MASK = (1 << 4) - 1
};
typedef void (* p11_kit_destroyer) (void *data);
diff --git a/trust/enumerate.c b/trust/enumerate.c
index e197765..0cef089 100644
--- a/trust/enumerate.c
+++ b/trust/enumerate.c
@@ -674,6 +674,8 @@ p11_enumerate_opt_purpose (p11_enumerate *ex,
return true;
}
+extern bool p11_print_messages;
+
bool
p11_enumerate_ready (p11_enumerate *ex,
const char *def_filter)
@@ -687,8 +689,13 @@ p11_enumerate_ready (p11_enumerate *ex,
* We only "believe" the CKA_TRUSTED and CKA_X_DISTRUSTED attributes
* we get from modules explicitly marked as containing trust-policy.
*/
- if (!ex->modules)
- ex->modules = p11_kit_modules_load_and_initialize (P11_KIT_MODULE_TRUSTED);
+ if (!ex->modules) {
+ int flags = P11_KIT_MODULE_TRUSTED;
+ if (p11_print_messages)
+ flags |= P11_KIT_MODULE_VERBOSE;
+
+ ex->modules = p11_kit_modules_load_and_initialize (flags);
+ }
if (!ex->modules)
return false;
if (ex->modules[0] == NULL)
diff --git a/trust/module.c b/trust/module.c
index 24cda87..0c16a39 100644
--- a/trust/module.c
+++ b/trust/module.c
@@ -287,6 +287,11 @@ parse_argument (char *arg,
free (gl.paths);
gl.paths = value ? strdup (value) : NULL;
+ } else if (strcmp (arg, "verbose") == 0) {
+ if (strcmp (value, "yes") == 0)
+ p11_message_loud ();
+ else if (strcmp (value, "no") == 0)
+ p11_message_quiet ();
} else {
p11_message ("unrecognized module argument: %s", arg);
}
diff --git a/trust/p11-kit-trust.module b/trust/p11-kit-trust.module
index 72122c3..a2a3306 100644
--- a/trust/p11-kit-trust.module
+++ b/trust/p11-kit-trust.module
@@ -18,3 +18,7 @@ x-trust-lookup: pkcs11:library-description=PKCS%2311%20Kit%20Trust%20Module
# Prevent this module being loaded by the proxy module
disable-in: p11-kit-proxy
+
+# This will be overwritten by appending "verbose=yes", if the trust
+# command is called with the -v option.
+x-init-reserved:
--
2.19.1

20
trust-extract-compat Executable file
View File

@ -0,0 +1,20 @@
#!/bin/sh
# This script is a placeholder designed to be replaced when this software
# has been customized for distribution. It should be symlinked linked to the
# distribution's update-ca-certificates or update-ca-trust command as
# appropriate. In the future this script will be called when the PKCS#11
# trust module is used to modify trust anchors and related data.
if [ $# -ne 0 ]; then
echo "usage: trust extract-compat" >&2
exit 2
fi
uid=$(id -u)
if [ "$uid" != 0 ]; then
echo "trust: running as non-root user: skip extracting compat bundles" >&2
exit 0
fi
exec /usr/bin/update-ca-trust

42
trust-p11_token_load-Treat-parse-error-as-failure.patch Normal file
View File

@ -0,0 +1,42 @@
From 4aa6ef9e82f6bb14746a47a7d56789d5e982a1f5 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <dueno@redhat.com>
Date: Tue, 25 Dec 2018 07:38:26 +0100
Subject: [PATCH 26/36] trust: p11_token_load: Treat parse error as failure
Those conditions can happen when the trust file is corrupted, so it
makes more sense to treat them as a failure instead of programmer
error.
---
trust/token.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/trust/token.c b/trust/token.c
index 030c17b..b91a1d0 100644
--- a/trust/token.c
+++ b/trust/token.c
@@ -377,16 +377,19 @@ p11_token_load (p11_token *token)
int ret;
ret = loader_load_path (token, token->path, &is_dir);
- return_val_if_fail (ret >= 0, -1);
+ if (ret < 0)
+ return -1;
total += ret;
if (is_dir) {
ret = loader_load_path (token, token->anchors, &is_dir);
- return_val_if_fail (ret >= 0, -1);
+ if (ret < 0)
+ return -1;
total += ret;
ret = loader_load_path (token, token->blacklist, &is_dir);
- return_val_if_fail (ret >= 0, -1);
+ if (ret < 0)
+ return -1;
total += ret;
}
--
2.19.1