AgeCommit message (Collapse)AuthorFilesLines
2016-11-29MOVED TO: Walter367-106672/+10
This repository has moved to GitHub to allow further contributions and more flexibility who can merge changes. More details here:
2016-10-05rpc: Send x-init-reserved to remote modulebefore-moveDaiki Ueno7-16/+144
Signed-off-by: Stef Walter <> * Fixed up indentation
2016-10-05test: Fix p11_virtual_init() usageDaiki Ueno1-1/+1
p11_virtual_init() should take a CK_FUNCTION_LIST as the 3rd argument, if the 2nd argument is &p11_virtual_base.
2016-10-03Fix link of p11-kit-proxy.dylib on Mac OS XLeonardo Brondani Schenkel1-1/+1
However, on Mac OS X the library is named libp11-kit.dylib so in the above command the source of the link resolves to nothing, the destination becomes the source and the link to a non-existent file is created in the working directory.
2016-09-04test: Make test-module work --without-trust-moduleDaiki Ueno1-1/+2
The test-module program currently depends on TRUST_PATHS, which is determined by the configure script and normally points to a resource outside of the build tree. To make the test system-independent, use a crafted path for testing.
2016-09-02iter: Utilize 'slot-id' URI path attributeDaiki Ueno2-1/+83
2016-09-02iter: Utilize slot info URI path attributesDaiki Ueno3-0/+134
2016-09-02uri: Support 'slot-id' path attributeDaiki Ueno3-3/+126
Accept 'slot-id' path attribute defined in RFC 7512.
2016-09-02uri: Support slot info path attributesDaiki Ueno4-0/+180
Accept 'slot-description' and 'slot-manifacturer' path attributes defined in RFC 7512.
2016-09-02uri: Remove whitespace early when parsingDaiki Ueno1-66/+78
For every path/query component, p11_kit_uri_parse() allocates a small buffer to strip whitespace out. This patch removes any whitespace in the URI at the entry of the function to simplify the code. Note that RFC 7512 actually suggests to ignore whitespace at the extracting phase rather than the parsing phase.
2016-08-22Fix leak when C_Initialize() is called from childDaiki Ueno2-0/+5
The test case added for bug 90289 (commit c73edd00) revealed that some of the C_Initialize() implementations do not consider the case where it is called from the parent process and then from the child process, without calling C_Finalize() in between.
2016-08-22configure: Remove redundant AM_GNU_GETTEXTDaiki Ueno1-1/+0
There is the same line a few lines below.
2016-08-22Fix typos flagged by codespellDaiki Ueno8-12/+12
2016-08-09Fix typo in pkcs11.confStef Walter1-1/+1
Pointed out by David Woodhouse
2016-08-09doc: Fix interpolation of p11-kit configuration paths in documentationStef Walter1-6/+4
Previously these were expanded based on the home directory of the one building the documentation (me).
2016-02-24Doc: p11_kit_module_load accepts a filename arg.Andreas Metzler1-1/+4
p11_kit_module_load() hands on the module_path argument to load_module_from_file_inlock() which accepts relative paths, prepending P11_MODULE_PATH. Update API documentation accordingly.
2016-01-05Avoiding redundant checkPankaj1-3/+1
2015-12-07Fix distcheck by removing some linguas that don't build0.23.2Stef Walter1-2/+0
2015-12-07Bump version numberStef Walter2-1/+6
2015-12-07rpc-transport.c: include sys/select.h for fd_setGustavo Zacarias1-0/+1
fd_set and friends, according to POSIX.1-2001, needs sys/select.h, so include it otherwise the build fails for uClibc: p11-kit/rpc-transport.c: In function ‘rpc_socket_read’: p11-kit/rpc-transport.c:350:2: error: unknown type name ‘fd_set’ p11-kit/rpc-transport.c:416:4: warning: implicit declaration of function ‘FD_ZERO’ [-Wimplicit-function-declaration] Signed-off-by: Gustavo Zacarias <>
2015-11-23p11-kit: Fix redundant check for 'signature' is always 'true'Pankaj1-1/+1
2015-11-09common: Fix warning about dereferencing NULL pointerPankaj1-0/+1
2015-11-09common: Fix in test-code for file descriptor validity checkPankaj1-0/+1
2015-11-09trust: Fix always false comparison of EAGAIN and EINTRStef Walter1-1/+1
2015-10-21p11-kit: Remove unused pointerPankaj1-2/+0
2015-10-20po: Update translations from transifexStef Walter71-1856/+1097
2015-10-20Add estonian translation from TransifexStef Walter2-0/+343
2015-10-20p11-kit: Fix warnings related to use dangling pointerPankaj1-2/+6
2015-10-19common: Remove compat timegm() implementationStef Walter2-32/+0
We no longer use timegm()
2015-10-19p11-kit: 'int' comparison with 'unsigned int' in for() for the array indexPankaj1-1/+1
2015-10-19p11-kit: 'int' comparison with 'unsigned int' in for() for array indexPankaj1-1/+1
2015-10-19p11-kit: 'int' comparison with 'unsigned int' in for() for array indexPankaj1-1/+1
2015-10-19manual: Fix typos in documentationLudovic Rousseau2-6/+6
2015-10-12p11-kit: Fix expression 'call_id < 0' is always falsePankaj1-1/+1
2015-07-31Fix trust command segfaults in expand_homedir() when no matching password ↵Robert Milasan1-9/+9
record was found Hello, it looks like under some conditions, command trust segfaults in expand_homedir() due to no matching password record was found: Signed-off-by: Robert Milasan <> Signed-off-by: Stef Walter <> * Updated path so message is printed and errno is not overwritten
2015-07-14Fix build on Mingw due to missing EWOULDBLOCKLew Palm1-0/+3
2015-07-14Added p11_kit_module_get_filename()Nikos Mavrogiannopoulos3-1/+85
That function allows to obtain the filename used by the PKCS #11 module. That is the filename used by dlopen(). Note that we don't provide p11_kit_module_for_filename() because it would have to deal with filename equivalences. Signed-off-by: Stef Walter <> * Fixed up whitespace
2015-06-29In proxy module don't call C_Finalize on a forked process.Nikos Mavrogiannopoulos1-6/+13
This corrects a deadlock on the forked process. The deadlock happened because the proxy called C_Finalize prior to a C_Initialize which is wrong according to PKCS #11 (2.40). This patch eliminates the C_Finalize call in that case. This resolves #90289 Reviewed-by: Stef Walter <>
2015-06-29Add test case for bug 90289 (deadlock on C_Initialize() in child after fork)David Woodhouse1-0/+57
Reviewed-by: Stef Walter <>
2015-06-29Do not deinitialize libffi's wrapper functionsNikos Mavrogiannopoulos1-0/+11
Libffi uses shared memory to store them, and a deallocation in a child will cause issues for the parent or vice versa. Signed-off-by: Stef Walter <> * Use #if to comment out code, avoid compiler warnings
2015-06-29Added test case for crash after a fork in proxy moduleNikos Mavrogiannopoulos1-1/+45
Reviewed-by: Stef Walter <>
2015-06-03p11-kit: Missing unlock in function rpc_socket_read()Pankaj1-1/+3
2015-06-01trust: Fix double close()Pankaj1-1/+0
2015-04-17Fix some compiler warnings from GCC 5.xStef Walter1-3/+3
2015-02-20Release version Walter2-1/+6
2015-02-20Generate URIs compliant to the PKCS#11 URI draft in LCNikos Mavrogiannopoulos2-14/+14
We continue to accept both the older style 'object-type' field in addition to the new 'type' field. However we start generating URIs in the new form. In other words we have backwards compatibility, but not forwards compatibility. Given the fact that PKCS#11 URIs are now standardizing this is an acceptable compromise.
2015-02-20Added test for pin-valueNikos Mavrogiannopoulos1-0/+54 Signed-off-by: Stef Walter <> * Added test for bad encoded pin-value in uri
2015-02-20Added support for pin-value PKCS#11 URI elementNikos Mavrogiannopoulos2-0/+57
2015-02-20p11-kit: Remove duplicate WHITESPACE defineStef Walter1-5/+3
2015-01-14trust: Add pem-directory-hash extract formatAdam Williamson6-52/+139
This allows extraction of a directory of standard PEM files with the OpenSSL hash symlinks; this is a format used by some popular platforms (Debian's /etc/ssl/certs is in this form, and OpenSUSE provides it for compatibility). Initially by: Ludwig Nussel <> Signed-off-by: Stef Walter <> * Added header, fixed compiler warnings