diff --git a/ChangeLog b/ChangeLog index dad9d13..97776e3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,404 @@ # Generate automatically. Do not edit. +commit bd97afbfe28d5fbbde95ce36ff7a8834fc0291ee +Author: Daiki Ueno +Date: 2020-12-11 + + Release 0.23.22 + + NEWS | 10 ++++++++++ + configure.ac | 2 +- + meson.build | 2 +- + 3 files changed, 12 insertions(+), 2 deletions(-) + +commit bd670b1d4984b27d6a397b9ddafaf89ab26e4e7f +Author: David Cook +Date: 2020-11-14 + + Follow-up to arithmetic overflow fix + + Check if nmemb is zero in p11_rpc_message_alloc_extra_array to avoid a + division by zero trap. Additionally, change the reallocarray + compatibility shim so that it won't assert when resizing an array to + zero, and add the same nmemb != 0 check there. + + common/compat.c | 4 ++-- + p11-kit/rpc-message.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +commit 5307a1d21a50cacd06f471a873a018d23ba4b963 +Author: David Cook +Date: 2020-11-07 + + Check for arithmetic overflows before allocating + + p11-kit/iter.c | 4 ++-- + p11-kit/lists.c | 2 ++ + p11-kit/proxy.c | 2 +- + p11-kit/rpc-message.c | 13 +++++++++++++ + p11-kit/rpc-message.h | 4 ++++ + p11-kit/rpc-server.c | 8 ++++---- + trust/index.c | 4 ++-- + 7 files changed, 28 insertions(+), 9 deletions(-) + +commit 2617f3ef888e103324a28811886b99ed0a56346d +Author: David Cook +Date: 2020-11-07 + + Check attribute length against buffer size + + If an attribute's length does not match the length of the byte array + inside it, one length was used for allocation, and the other was used + for memcpy. This additional check will instead return an error on + malformed messages. + + p11-kit/rpc-message.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +commit bda2f543ff8e0195c90e849379ef1585d00677bc +Author: David Cook +Date: 2020-11-06 + + Fix bounds check in p11_rpc_buffer_get_byte_array + + This bounds check should be using off, not *offset, because it has been + advanced four bytes from reading a uint32 earlier in the function. + Additionally, the pointer that is returned is computed using off, not + *offset. + + p11-kit/rpc-message.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit e53bd90895c70d3d510cdc53a83611614be29202 +Author: David Cook +Date: 2020-11-06 + + Fix buffer overflow in log_token_info + + The utcTime field in CK_TOKEN_INFO is not null terminated, so a length + must be provided when copying it. This call to p11_buffer_add with a + length of -1 was reading past the end of the string, and off the end of + the stack. + + p11-kit/log.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit e38ff9ef0004c1d3b2a82886924c55e565d988bb +Author: Daiki Ueno +Date: 2020-11-28 + + common: Don't assume __STDC_VERSION__ is always defined + + Old compilers may not define __STDC_VERSION__: + https://sourceforge.net/p/predef/wiki/Standards/ + + Reported by dirkf in: + https://github.com/p11-glue/p11-kit/issues/337 + + common/compat.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 566247515bcb47d36fa8befacbb4a6a61fea9d24 +Author: Daiki Ueno +Date: 2020-12-03 + + compat: getauxval: correct compiler macro for FreeBSD + + It should be __FreeBSD__ instead of __FREEBSD__: + https://sourceforge.net/p/predef/wiki/OperatingSystems/ + + common/compat.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit e0c09919bae321306f38517f4dcfb195e1667559 +Author: Daiki Ueno +Date: 2020-12-03 + + compat: fdwalk: add guard for Linux specific local variables + + common/compat.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +commit 2b36520fa4b27816b4f123d16e93d3b3520bf692 +Author: Daiki Ueno +Date: 2020-12-03 + + meson: Add missing libtasn1 dependency + + trust/meson.build | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 3a355e9736a7853d593fe1f483cbb23198f4cfd1 +Author: Daiki Ueno +Date: 2020-12-02 + + travis: Add freebsd build + + .travis.yml | 1 + + .travis/freebsd/after_failure.sh | 3 +++ + .travis/freebsd/before_install.sh | 5 +++++ + .travis/freebsd/script.sh | 6 ++++++ + 4 files changed, 15 insertions(+) + +commit cdc313a0bb9673d7c4413e24b338b3dd9923d0e9 +Author: Daiki Ueno +Date: 2020-11-06 + + anchor: Prefer persistent format when storing anchor + + When a new certificate is stored with "trust anchor --store" from a + .p11-kit file, the command treated it as a PEM file, while it should + preserve extra fields in the file. + + trust/anchor.c | 7 ++++--- + trust/test-extract.sh | 27 ++++++++++++++++++++++++--- + 2 files changed, 28 insertions(+), 6 deletions(-) + +commit 8f7352a6ba77f8bde8bbd9ec3aee30fd0f1a3be3 +Author: Daiki Ueno +Date: 2020-11-29 + + travis: Run "make check" along with "make distcheck" for coverage + + .travis/autotools/script.sh | 5 +++++ + 1 file changed, 5 insertions(+) + +commit 495652718b3d5793fae7cbc2c031d401abfd6af2 +Author: Daiki Ueno +Date: 2020-11-29 + + travis: Use python3 as the default Python interpreter + + .travis/autotools/after_success.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit ae1bda39910169395c720290964f10f8b34f2554 +Author: Daiki Ueno +Date: 2020-11-29 + + travis: Route to Ubuntu 20.04 base image + + Fedora 33 image doesn't work well under the the default image based on + Ubuntu 16.04. + + .travis.yml | 7 +++++++ + 1 file changed, 7 insertions(+) + +commit f1cf43acea56c0db3191fdd8f467f2d5c5545782 +Author: Daiki Ueno +Date: 2020-11-07 + + meson: Set -fstack-protector for MinGW64 cross build + + This fixes CI failures caused by: + https://sourceforge.net/p/mingw-w64/bugs/818/ + + build/cross_file_mingw64.txt | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +commit b9cb93d4ab959afab62bb4e482bfe12c0421623f +Author: Daiki Ueno +Date: 2020-11-27 + + meson: expand ternary operator in function call for compatibility + + While the minimum version requirement of meson is 0.49, the current + meson.build causes the parser crash, because of the use of a ternary + operator inside a function call: + https://github.com/mesonbuild/meson/issues/5003 + + meson.build | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +commit c4e75e10021ce86ab42682ea4936dce94ced2f77 +Author: Daiki Ueno +Date: 2020-11-20 + + meson: Use custom_target for generating external XML entities + + configure_file() adds a trailing newline, and thus the resulting + document contains unwanted spaces between the resolved entities and + the following text. Instead, use custom_target() along with 'echo -n' + to generate the XML entity files. + + doc/manual/meson.build | 35 ++++++++++++++++++++++------------- + 1 file changed, 22 insertions(+), 13 deletions(-) + +commit 5f30d867f35390e4f4e71b3b54ced2362c0038f8 +Author: Jan Alexander Steffens (heftig) +Date: 2020-11-16 + + meson: Allow building manpages without gtk-doc + + Fixes https://github.com/p11-glue/p11-kit/issues/331 + + doc/manual/meson.build | 30 +++++++++++++++--------------- + 1 file changed, 15 insertions(+), 15 deletions(-) + +commit bb9e3bdd753fdc93042657829da2a6eb5ba8db9c +Author: Alexander Sosedkin +Date: 2020-10-27 + + Rename is_path_component to is_path_separator + + Thanks to Daiki Ueno for noticing the misnaming. + + common/path.c | 26 +++++++++++++------------- + 1 file changed, 13 insertions(+), 13 deletions(-) + +commit 8768892d86c403f65e4e2163f8c77246d5e675b4 +Author: Alexander Sosedkin +Date: 2020-10-27 + + Use is_path_component in one more place + + common/path.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit 8b2081d63739ed311d3c9ba4763f8e9d8da60711 +Author: Alexander Sosedkin +Date: 2020-10-27 + + Remove more duplicate separators in p11_path_build + + Makes p11_path_build remove duplicate separators more thoroughly, + e.g., after a "" or in the first argument. + + common/path.c | 26 +++++++++++++++++++------- + common/test-path.c | 22 ++++++++++++++++++++++ + 2 files changed, 41 insertions(+), 7 deletions(-) + +commit 4901dc73f7cf8756e9f1bd22c29dda5397875691 +Author: Daiki Ueno +Date: 2020-10-22 + + common: Fix infloop in p11_path_build + + If p11_path_build is called with 2 or more arguments and the non-first + argument is an empty string (""), it previously fell into an infloop. + + Reported by Karel Srot. + + common/path.c | 4 +++- + common/test-path.c | 4 ++++ + 2 files changed, 7 insertions(+), 1 deletion(-) + +commit 0a1263a41d4c482f50aa5c4643f9de38fda44bbd +Author: Daiki Ueno +Date: 2020-10-05 + + proxy: C_CloseAllSessions: Make sure that calloc args are non-zero + + This prevents efence warning if either of the calloc arguments is + zero. While it is is safe on glibc systems, POSIX says the behavior + is implementation-defined. + + Reported by Paul Wouters. + + p11-kit/proxy.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +commit 08fcec713c1d3038f706d049910bd13a8c811fb5 +Author: Daiki Ueno +Date: 2020-10-05 + + build: Use calloc in a consistent manner + + common/dict.c | 6 +++--- + p11-kit/proxy.c | 4 ++-- + 2 files changed, 5 insertions(+), 5 deletions(-) + +commit 565ba5d6de58d4b210435b786ae0d753e044901c +Author: John Hein +Date: 2020-09-23 + + meson: Allow override of default bashcompdir. + Fixes meson regression (issue #322). Pass -Dbashcompdir=/xxx to meson. + + bash-completion/meson.build | 16 ++++++++++------ + meson_options.txt | 4 ++++ + 2 files changed, 14 insertions(+), 6 deletions(-) + +commit 56251aa50783cdd465877d28c8f017ae16c61f79 +Author: Tavian Barnes +Date: 2020-09-06 + + common: Check for a NULL locale before freeing it + + If newlocale() fails, (locale_t) 0 ends up being passed to freelocale(), + resulting in a segfault when the library is unloaded. + + common/library.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +commit 2c40a4a55efa8c1bce0f7aadd5135be705565610 +Author: Anders Kaseorg +Date: 2020-08-30 + + p11_test_copy_setgid: Skip setgid tests on nosuid filesystems + + Some build environments build packages from a build directory mounted + nosuid, causing p11_test_copy_setgid to fail. Skip the test in this + case. + + Signed-off-by: Anders Kaseorg + + common/test.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +commit 8b5a10e7ed74b6839e5e415d47b263d26c63e572 +Author: Rosen Penev +Date: 2020-08-27 + + unix-peer: replace incorrect include1 + + Fixes musl warning: + + warning: #warning redirecting incorrect #include to [-Wcpp] + + common/unix-peer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +commit a26d0b052c32fbd9c7ef468bd4188fa8fa03499a +Author: Daiki Ueno +Date: 2020-08-21 + + test-compat: Skip getprogname test if BUILDDIR contains a symlink + + common/test-compat.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +commit 7f59a79179b978e867c9def56475bfb877024312 +Author: Xℹ Ruoyao +Date: 2020-08-19 + + add trust-extract-compat into EXTRA-DIST + + trust/Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +commit 1a21df391691d9a9c7b5ebc77022385f7feb266b +Author: Xℹ Ruoyao +Date: 2020-08-19 + + meson: install trust-extract-compat + + trust/meson.build | 3 +++ + 1 file changed, 3 insertions(+) + +commit 49e9b47c9546525e29b25c707068770e12add45f +Author: Xℹ Ruoyao +Date: 2020-08-19 + + rename trust-extract-compat.in to trust-extract-compat + + There is no substitution in this file, so it's unnecessary to have a .in + file. + + configure.ac | 1 - + trust/{trust-extract-compat.in => trust-extract-compat} | 0 + 2 files changed, 1 deletion(-) + commit fd8b56f3ee971f94dc6fc95411fc01e1c12153ab Author: Daiki Ueno Date: 2020-08-18 diff --git a/Makefile.in b/Makefile.in index 119722d..090a401 100644 --- a/Makefile.in +++ b/Makefile.in @@ -129,7 +129,8 @@ TESTS = $(am__EXEEXT_5) $(sh_tests) @WITH_TRUST_MODULE_TRUE@am__append_14 = trust/trust @WITH_BASH_COMPLETION_TRUE@@WITH_TRUST_MODULE_TRUE@am__append_15 = bash-completion/trust -@WITH_TRUST_MODULE_TRUE@am__append_16 = trust/p11-kit-trust.module \ +@WITH_TRUST_MODULE_TRUE@am__append_16 = trust/trust-extract-compat \ +@WITH_TRUST_MODULE_TRUE@ trust/p11-kit-trust.module \ @WITH_TRUST_MODULE_TRUE@ trust/meson.build trust/basic.asn \ @WITH_TRUST_MODULE_TRUE@ trust/openssl.asn trust/pkix.asn \ @WITH_TRUST_MODULE_TRUE@ trust/input trust/fixtures \ @@ -199,7 +200,7 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = p11-kit/p11-kit-1.pc p11-kit/pkcs11.conf.example \ - trust/trust-extract-compat trust/test-init.sh + trust/test-init.sh CONFIG_CLEAN_VPATH_FILES = @WITH_TRUST_MODULE_TRUE@am__EXEEXT_1 = trust/trust$(EXEEXT) am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(privatedir)" \ @@ -1514,9 +1515,8 @@ am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/common/Makefile.am \ $(top_srcdir)/build/litter/test-driver \ $(top_srcdir)/p11-kit/p11-kit-1.pc.in \ $(top_srcdir)/p11-kit/pkcs11.conf.example.in \ - $(top_srcdir)/trust/test-init.sh.in \ - $(top_srcdir)/trust/trust-extract-compat.in ABOUT-NLS AUTHORS \ - COPYING ChangeLog NEWS README build/litter/compile \ + $(top_srcdir)/trust/test-init.sh.in ABOUT-NLS AUTHORS COPYING \ + ChangeLog NEWS README build/litter/compile \ build/litter/config.guess build/litter/config.rpath \ build/litter/config.sub build/litter/depcomp \ build/litter/install-sh build/litter/ltmain.sh \ @@ -2410,8 +2410,6 @@ p11-kit/p11-kit-1.pc: $(top_builddir)/config.status $(top_srcdir)/p11-kit/p11-ki cd $(top_builddir) && $(SHELL) ./config.status $@ p11-kit/pkcs11.conf.example: $(top_builddir)/config.status $(top_srcdir)/p11-kit/pkcs11.conf.example.in cd $(top_builddir) && $(SHELL) ./config.status $@ -trust/trust-extract-compat: $(top_builddir)/config.status $(top_srcdir)/trust/trust-extract-compat.in - cd $(top_builddir) && $(SHELL) ./config.status $@ trust/test-init.sh: $(top_builddir)/config.status $(top_srcdir)/trust/test-init.sh.in cd $(top_builddir) && $(SHELL) ./config.status $@ install-binPROGRAMS: $(bin_PROGRAMS) @@ -5686,9 +5684,9 @@ maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) +@OS_WIN32_TRUE@uninstall-local: @OS_WIN32_TRUE@installcheck-local: @WITH_TRUST_MODULE_FALSE@installcheck-local: -@OS_WIN32_TRUE@uninstall-local: @OS_WIN32_TRUE@install-exec-hook: clean: clean-recursive diff --git a/NEWS b/NEWS index d4f87cd..977c980 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,13 @@ +0.23.22 (stable) + * Fix memory-safety issues that affect the RPC protocol + (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered + and fixed by David Cook + * anchor: Prefer persistent format when storing anchor [PR#329] + * common: Fix infloop in p11_path_build [PR#326, PR#327] + * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325] + * common: Check for a NULL locale before freeing it [PR#321] + * Build and test fixes [PR#313, PR#315, PR#317, PR#318, PR#319, PR#323, PR#330, PR#333, PR#334, PR#335, PR#338, PR#339] + 0.23.21 (stable) * proxy: Do not assign duplicate slot IDs [PR#282] * common: Get program name based on executable path if possible [PR#307] diff --git a/bash-completion/meson.build b/bash-completion/meson.build index 2845dd7..818f7b0 100644 --- a/bash-completion/meson.build +++ b/bash-completion/meson.build @@ -1,11 +1,15 @@ -bashcomp = dependency('bash-completion', required: get_option('bash_completion')) - -if bashcomp.found() - bashcompdir = bashcomp.get_pkgconfig_variable('completionsdir') +bashcompdir = get_option('bashcompdir') +if bashcompdir == '' + bashcomp = dependency('bash-completion', required: get_option('bash_completion')) + if bashcomp.found() + bashcompdir = bashcomp.get_pkgconfig_variable('completionsdir') + else + warning('Will not install bash completion due to missing dependencies!') + endif +endif +if bashcompdir != '' install_data('p11-kit', install_dir: bashcompdir) if with_trust_module install_data('trust', install_dir: bashcompdir) endif -else - warning('Will not install bash completion due to missing dependencies!') endif diff --git a/common/compat.c b/common/compat.c index f69187f..4390cef 100644 --- a/common/compat.c +++ b/common/compat.c @@ -525,8 +525,8 @@ reallocarray (void *ptr, size_t nmemb, size_t size) { - assert (nmemb > 0 && size > 0); - if (SIZE_MAX / nmemb < size) { + assert (nmemb >= 0 && size >= 0); + if (nmemb != 0 && SIZE_MAX / nmemb < size) { errno = ENOMEM; return NULL; } @@ -845,7 +845,7 @@ getauxval (unsigned long type) secure = __libc_enable_secure; #elif defined(HAVE_ISSETUGID) && \ - !((defined __APPLE__ && defined __MACH__) || (defined __FREEBSD__)) + !((defined __APPLE__ && defined __MACH__) || (defined __FreeBSD__)) secure = issetugid (); #elif defined(OS_UNIX) @@ -938,9 +938,6 @@ int fdwalk (int (* cb) (void *data, int fd), void *data) { - struct dirent *de; - char *end; - DIR *dir; int open_max; long num; int res = 0; @@ -951,6 +948,10 @@ fdwalk (int (* cb) (void *data, int fd), #endif #ifdef __linux__ + struct dirent *de; + char *end; + DIR *dir; + dir = opendir ("/proc/self/fd"); if (dir != NULL) { while ((de = readdir (dir)) != NULL) { diff --git a/common/compat.h b/common/compat.h index d6ce3d4..9ecbfc8 100644 --- a/common/compat.h +++ b/common/compat.h @@ -52,7 +52,7 @@ #define GNUC_NULL_TERMINATED #endif -#if (201112L <= __STDC_VERSION__ \ +#if ((defined __STDC_VERSION__ && 201112L <= __STDC_VERSION__) \ || (!defined __STRICT_ANSI__ && 4 < __GNUC__ + (6 <= __GNUC_MINOR__))) # define P11_STATIC_ASSERT(x) _Static_assert(x, "static assertion failed") #else diff --git a/common/dict.c b/common/dict.c index b7ab00d..62a7816 100644 --- a/common/dict.c +++ b/common/dict.c @@ -122,7 +122,7 @@ lookup_or_create_bucket (p11_dict *dict, return bucketp; /* add a new entry for non-NULL val */ - (*bucketp) = calloc (sizeof (dictbucket), 1); + (*bucketp) = calloc (1, sizeof (dictbucket)); if (*bucketp != NULL) { (*bucketp)->key = (void*)key; @@ -175,7 +175,7 @@ p11_dict_set (p11_dict *dict, /* check that the collision rate isn't too high */ if (dict->num_items > dict->num_buckets) { num_buckets = dict->num_buckets * 2 + 1; - new_buckets = (dictbucket **)calloc (sizeof (dictbucket *), num_buckets); + new_buckets = (dictbucket **)calloc (num_buckets, sizeof (dictbucket *)); /* Ignore failures, maybe we can expand later */ if(new_buckets) { @@ -283,7 +283,7 @@ p11_dict_new (p11_dict_hasher hash_func, dict->value_destroy_func = value_destroy_func; dict->num_buckets = 9; - dict->buckets = (dictbucket **)calloc (sizeof (dictbucket *), dict->num_buckets); + dict->buckets = (dictbucket **)calloc (dict->num_buckets, sizeof (dictbucket *)); if (!dict->buckets) { free (dict); return NULL; diff --git a/common/library.c b/common/library.c index c1275f3..891344a 100644 --- a/common/library.c +++ b/common/library.c @@ -181,7 +181,8 @@ p11_library_uninit (void) #endif #ifdef HAVE_STRERROR_L - freelocale (p11_message_locale); + if (p11_message_locale != (locale_t) 0) + freelocale (p11_message_locale); #endif p11_message_storage = dont_store_message; #ifndef P11_TLS_KEYWORD diff --git a/common/path.c b/common/path.c index 17a6230..d0d1893 100644 --- a/common/path.c +++ b/common/path.c @@ -94,15 +94,21 @@ p11_path_base (const char *path) } static inline bool -is_path_component_or_null (char ch) +is_path_separator (char ch) { - return (ch == '\0' || ch == '/' + return (ch == '/' #ifdef OS_WIN32 || ch == '\\' #endif ); } +static inline bool +is_path_separator_or_null (char ch) +{ + return is_path_separator (ch) || ch == '\0'; +} + static char * expand_homedir (const char *remainder) { @@ -113,7 +119,7 @@ expand_homedir (const char *remainder) return NULL; } - while (remainder[0] && is_path_component_or_null (remainder[0])) + while (is_path_separator (remainder[0])) remainder++; if (remainder[0] == '\0') remainder = NULL; @@ -121,7 +127,7 @@ expand_homedir (const char *remainder) /* Expand $XDG_CONFIG_HOME */ if (remainder != NULL && strncmp (remainder, ".config", 7) == 0 && - is_path_component_or_null (remainder[7])) { + is_path_separator_or_null (remainder[7])) { env = getenv ("XDG_CONFIG_HOME"); if (env && env[0]) return p11_path_build (env, remainder + 8, NULL); @@ -174,7 +180,7 @@ p11_path_expand (const char *path) return_val_if_fail (path != NULL, NULL); if (strncmp (path, "~", 1) == 0 && - is_path_component_or_null (path[1])) { + is_path_separator_or_null (path[1])) { return expand_homedir (path + 1); } else { @@ -235,15 +241,27 @@ p11_path_build (const char *path, while (path != NULL) { num = strlen (path); + /* Trim beginning of path */ + while (is_path_separator (path[0])) { + /* But preserve the leading path component */ + if (!at && !is_path_separator (path[1])) + break; + path++; + num--; + } + /* Trim end of the path */ until = (at > 0) ? 0 : 1; - while (num > until && is_path_component_or_null (path[num - 1])) + while (num > until && is_path_separator_or_null (path[num - 1])) num--; if (at != 0) { - if (num == 0) + if (num == 0) { + path = va_arg (va, const char *); continue; - built[at++] = delim; + } + if (built[at - 1] != delim) + built[at++] = delim; } assert (at + num < len); @@ -251,10 +269,6 @@ p11_path_build (const char *path, at += num; path = va_arg (va, const char *); - - /* Trim beginning of path */ - while (path && path[0] && is_path_component_or_null (path[0])) - path++; } va_end (va); @@ -274,17 +288,17 @@ p11_path_parent (const char *path) /* Find the end of the last component */ e = path + strlen (path); - while (e != path && is_path_component_or_null (*e)) + while (e != path && is_path_separator_or_null (*e)) e--; /* Find the beginning of the last component */ - while (e != path && !is_path_component_or_null (*e)) { + while (e != path && !is_path_separator_or_null (*e)) { had = true; e--; } /* Find the end of the last component */ - while (e != path && is_path_component_or_null (*e)) + while (e != path && is_path_separator_or_null (*e)) e--; if (e == path) { @@ -313,7 +327,7 @@ p11_path_prefix (const char *string, return a > b && strncmp (string, prefix, b) == 0 && - is_path_component_or_null (string[b]); + is_path_separator_or_null (string[b]); } void diff --git a/common/test-compat.c b/common/test-compat.c index 9759003..edbc174 100644 --- a/common/test-compat.c +++ b/common/test-compat.c @@ -36,6 +36,7 @@ #include "test.h" #include +#include #include #include #include @@ -130,8 +131,22 @@ test_getprogname (void) { #if defined(__linux__) && defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME) const char *args[] = { BUILDDIR "/common/frob-getprogname", NULL }; + char *path; int ret; + if (access ("/proc/self/exe", F_OK) < 0) + assert_skip ("cannot perform getprogname test: no /proc/self/exe", NULL); + + path = realpath ("/proc/self/exe", NULL); + if (!path) + assert_skip ("cannot perform getprogname test: cannot resolve /proc/self/exe", NULL); + + ret = strcmp (path, BUILDDIR "/test-compat" EXEEXT); + free (path); + if (ret != 0) { + assert_skip ("cannot perform getprogname test: path contains a symlink", NULL); + } + ret = p11_test_run_child (args, false); assert_num_eq (ret, 0); #else diff --git a/common/test-path.c b/common/test-path.c index 2eb5444..cf4a8e3 100644 --- a/common/test-path.c +++ b/common/test-path.c @@ -88,23 +88,49 @@ static void test_build (void) { #ifdef OS_UNIX + assert_str_eq_free ("/", + p11_path_build ("/", NULL)); + assert_str_eq_free ("/", + p11_path_build ("", "//", NULL)); + assert_str_eq_free ("/root", + p11_path_build ("///root///", NULL)); + assert_str_eq_free ("/root", + p11_path_build ("/", "root", NULL)); + assert_str_eq_free ("/root", + p11_path_build ("", "/root", NULL)); + assert_str_eq_free ("/root", + p11_path_build ("/root", "", NULL)); assert_str_eq_free ("/root/second", p11_path_build ("/root", "second", NULL)); assert_str_eq_free ("/root/second", p11_path_build ("/root", "/second", NULL)); assert_str_eq_free ("/root/second", p11_path_build ("/root/", "second", NULL)); + assert_str_eq_free ("/root/second", + p11_path_build ("/root//", "//second/", NULL)); + assert_str_eq_free ("/root/second", + p11_path_build ("/root//", "", "//second/", NULL)); assert_str_eq_free ("/root/second/third", p11_path_build ("/root", "second", "third", NULL)); assert_str_eq_free ("/root/second/third", p11_path_build ("/root", "/second/third", NULL)); #else /* OS_WIN32 */ + assert_str_eq_free ("C:\\root", + p11_path_build ("C:\\", "root", NULL)); + assert_str_eq_free ("C:\\root", + p11_path_build ("", "C:\\root", NULL)); + assert_str_eq_free ("C:\\root", + p11_path_build ("C:\\root", "", NULL)); assert_str_eq_free ("C:\\root\\second", p11_path_build ("C:\\root", "second", NULL)); assert_str_eq_free ("C:\\root\\second", p11_path_build ("C:\\root", "\\second", NULL)); assert_str_eq_free ("C:\\root\\second", p11_path_build ("C:\\root\\", "second", NULL)); + assert_str_eq_free ("C:\\root\\second", + p11_path_build ("C:\\root\\\\", "\\\\second", NULL)); + assert_str_eq_free ("C:\\root\\second", + p11_path_build ("C:\\root\\\\", "", "\\\\second", NULL)); assert_str_eq_free ("C:\\root\\second\\third", p11_path_build ("C:\\root", "second", "third", NULL)); assert_str_eq_free ("C:\\root\\second/third", diff --git a/common/test.c b/common/test.c index 82c41de..3ed98da 100644 --- a/common/test.c +++ b/common/test.c @@ -53,6 +53,7 @@ #ifdef OS_UNIX #include +#include #include #endif @@ -586,6 +587,13 @@ p11_test_copy_setgid (const char *input, int ret; int fd; int i; + struct statvfs f; + + statvfs (tmpdir, &f); + if (f.f_flag & ST_NOSUID) { + fprintf (stderr, "cannot perform setgid test on nosuid filesystem\n"); + return NULL; + } ret = getgroups (128, groups); for (i = 0; i < ret; ++i) { diff --git a/common/unix-peer.c b/common/unix-peer.c index 7fe2eea..b060c53 100644 --- a/common/unix-peer.c +++ b/common/unix-peer.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include #ifdef HAVE_UCRED_H # include diff --git a/configure b/configure index 41f2050..3e2655c 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for p11-kit 0.23.21. +# Generated by GNU Autoconf 2.69 for p11-kit 0.23.22. # # Report bugs to . # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='p11-kit' PACKAGE_TARNAME='p11-kit' -PACKAGE_VERSION='0.23.21' -PACKAGE_STRING='p11-kit 0.23.21' +PACKAGE_VERSION='0.23.22' +PACKAGE_STRING='p11-kit 0.23.22' PACKAGE_BUGREPORT='https://github.com/p11-glue/p11-kit/issues' PACKAGE_URL='https://p11-glue.github.io/p11-glue/p11-kit.html' @@ -1430,7 +1430,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures p11-kit 0.23.21 to adapt to many kinds of systems. +\`configure' configures p11-kit 0.23.22 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1500,7 +1500,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of p11-kit 0.23.21:";; + short | recursive ) echo "Configuration of p11-kit 0.23.22:";; esac cat <<\_ACEOF @@ -1674,7 +1674,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -p11-kit configure 0.23.21 +p11-kit configure 0.23.22 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2383,7 +2383,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by p11-kit $as_me 0.23.21, which was +It was created by p11-kit $as_me 0.23.22, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3265,7 +3265,7 @@ fi # Define the identity of the package. PACKAGE='p11-kit' - VERSION='0.23.21' + VERSION='0.23.22' cat >>confdefs.h <<_ACEOF @@ -18682,7 +18682,7 @@ fi -ac_config_files="$ac_config_files Makefile doc/Makefile doc/manual/Makefile po/Makefile.in p11-kit/p11-kit-1.pc p11-kit/pkcs11.conf.example trust/trust-extract-compat trust/test-init.sh" +ac_config_files="$ac_config_files Makefile doc/Makefile doc/manual/Makefile po/Makefile.in p11-kit/p11-kit-1.pc p11-kit/pkcs11.conf.example trust/test-init.sh" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -19283,7 +19283,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by p11-kit $as_me 0.23.21, which was +This file was extended by p11-kit $as_me 0.23.22, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19350,7 +19350,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -p11-kit config.status 0.23.21 +p11-kit config.status 0.23.22 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -19778,7 +19778,6 @@ do "po/Makefile.in") CONFIG_FILES="$CONFIG_FILES po/Makefile.in" ;; "p11-kit/p11-kit-1.pc") CONFIG_FILES="$CONFIG_FILES p11-kit/p11-kit-1.pc" ;; "p11-kit/pkcs11.conf.example") CONFIG_FILES="$CONFIG_FILES p11-kit/pkcs11.conf.example" ;; - "trust/trust-extract-compat") CONFIG_FILES="$CONFIG_FILES trust/trust-extract-compat" ;; "trust/test-init.sh") CONFIG_FILES="$CONFIG_FILES trust/test-init.sh" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; diff --git a/configure.ac b/configure.ac index ac21cbb..d163fd1 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ AC_PREREQ(2.61) AC_INIT([p11-kit], - [0.23.21], + [0.23.22], [https://github.com/p11-glue/p11-kit/issues], [p11-kit], [https://p11-glue.github.io/p11-glue/p11-kit.html]) @@ -613,7 +613,6 @@ AC_CONFIG_FILES([Makefile po/Makefile.in p11-kit/p11-kit-1.pc p11-kit/pkcs11.conf.example - trust/trust-extract-compat trust/test-init.sh ]) AC_OUTPUT diff --git a/doc/manual/html/index.html b/doc/manual/html/index.html index 64ef248..66ab0e9 100644 --- a/doc/manual/html/index.html +++ b/doc/manual/html/index.html @@ -14,7 +14,7 @@
-

for p11-kit 0.23.21

+

for p11-kit 0.23.22

diff --git a/doc/manual/meson.build b/doc/manual/meson.build index 6739b88..02cc458 100644 --- a/doc/manual/meson.build +++ b/doc/manual/meson.build @@ -1,3 +1,26 @@ +version_xml = custom_target('generate version.xml', + output: 'version.xml', + capture: true, + command: [ + 'echo', '-n', meson.project_version() + ]) + +userdir_xml = custom_target('generate userdir.xml', + output: 'userdir.xml', + capture: true, + command: [ + 'echo', '-n', p11_user_config + ]) + +sysdir_xml = custom_target('generate sysdir.xml', + output: 'sysdir.xml', + capture: true, + command: [ + 'echo', '-n', p11_system_config + ]) + +xml_deps = [version_xml, userdir_xml, sysdir_xml] + if get_option('gtk_doc') ignore_headers = [ 'private.h', @@ -37,21 +60,6 @@ if get_option('gtk_doc') 'annotation-glossary.xml' ] - configure_file( - input: 'version.xml.in', - output: '@BASENAME@', - configuration: {'VERSION': meson.project_version()}) - - configure_file( - input: 'userdir.xml.in', - output: '@BASENAME@', - configuration: {'p11_user_config': p11_user_config}) - - configure_file( - input: 'sysdir.xml.in', - output: '@BASENAME@', - configuration: {'p11_system_config': p11_system_config}) - glib_prefix = dependency('glib-2.0').get_pkgconfig_variable('prefix') fixxref_args = [ '--html-dir=' + (prefix / gnome.gtkdoc_html_dir(meson.project_name())), @@ -62,7 +70,7 @@ if get_option('gtk_doc') main_xml: 'p11-kit-docs.xml', namespace: 'p11_kit', src_dir: 'p11-kit', - dependencies: libffi_deps + dlopen_deps, + dependencies: libffi_deps + dlopen_deps + xml_deps, scan_args: [ '--ignore-headers=' + ' '.join(ignore_headers), '--rebuild-types', @@ -114,6 +122,7 @@ if get_option('man') ], input: man_src, output: man_dst, + depends: xml_deps, install: true, install_dir: join_paths(mandir, man_section), build_by_default: true) diff --git a/meson.build b/meson.build index bea3e99..0645a17 100644 --- a/meson.build +++ b/meson.build @@ -1,5 +1,5 @@ project('p11-kit', 'c', - version: '0.23.21', + version: '0.23.22', meson_version: '>= 0.49') version_arr = meson.project_version().split('.') @@ -30,7 +30,11 @@ conf.set('PACKAGE_MAJOR', major_version) conf.set('PACKAGE_MINOR', minor_version) host_system = host_machine.system() -conf.set(host_system == 'windows' ? 'OS_WIN32' : 'OS_UNIX', 1) +if host_system == 'windows' + conf.set('OS_WIN32', 1) +else + conf.set('OS_UNIX', 1) +endif if host_system == 'windows' shlext = '.dll' diff --git a/meson_options.txt b/meson_options.txt index 9c3a7dc..c5fd190 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -42,6 +42,10 @@ option('systemd', type : 'feature', value : 'auto', description : 'Use systemd socket activation') +option('bashcompdir', type : 'string', + value : '', + description : 'Override default location for bash completion files') + option('bash_completion', type : 'feature', value : 'auto', description : 'Install bash completion files') diff --git a/p11-kit/iter.c b/p11-kit/iter.c index b5a9bbf..d8c8207 100644 --- a/p11-kit/iter.c +++ b/p11-kit/iter.c @@ -549,7 +549,7 @@ move_next_session (P11KitIter *iter) if (rv != CKR_OK) return finish_iterating (iter, rv); - slots = realloc (iter->slots, sizeof (CK_SLOT_ID) * (num_slots + 1)); + slots = reallocarray (iter->slots, num_slots + 1, sizeof (CK_SLOT_ID)); return_val_if_fail (slots != NULL, CKR_HOST_MEMORY); iter->slots = slots; @@ -705,7 +705,7 @@ p11_kit_iter_next (P11KitIter *iter) CK_OBJECT_HANDLE *objects; iter->max_objects = iter->max_objects ? iter->max_objects * 2 : 64; - objects = realloc (iter->objects, iter->max_objects * sizeof (CK_ULONG)); + objects = reallocarray (iter->objects, iter->max_objects, sizeof (CK_ULONG)); return_val_if_fail (objects != NULL, CKR_HOST_MEMORY); iter->objects = objects; } diff --git a/p11-kit/lists.c b/p11-kit/lists.c index 5804be2..365a6d8 100644 --- a/p11-kit/lists.c +++ b/p11-kit/lists.c @@ -64,6 +64,8 @@ hex_encode (const unsigned char *data, size_t i; size_t o; + if ((SIZE_MAX - 1) / 3 < n_data) + return NULL; result = malloc (n_data * 3 + 1); if (result == NULL) return NULL; diff --git a/p11-kit/log.c b/p11-kit/log.c index 19377b2..58bc5f4 100644 --- a/p11-kit/log.c +++ b/p11-kit/log.c @@ -726,7 +726,7 @@ log_token_info (p11_buffer *buf, (unsigned int)info->firmwareVersion.minor); p11_buffer_add (buf, temp, -1); p11_buffer_add (buf, "\n\tutcTime: ", -1); - p11_buffer_add (buf, (info->flags & CKF_CLOCK_ON_TOKEN) ? (const char*)info->utcTime : "", -1); + p11_buffer_add (buf, (info->flags & CKF_CLOCK_ON_TOKEN) ? (const char*)info->utcTime : "", sizeof (info->utcTime)); p11_buffer_add (buf, "\n }\n", -1); } } diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c index 97c9b09..d24e977 100644 --- a/p11-kit/proxy.c +++ b/p11-kit/proxy.c @@ -265,7 +265,7 @@ proxy_list_slots (Proxy *py, Mapping *mappings, unsigned int n_mappings) /* Ask module for its slots */ rv = (funcs->C_GetSlotList) (FALSE, NULL, &count); if (rv == CKR_OK && count) { - slots = calloc (sizeof (CK_SLOT_ID), count); + slots = calloc (count, sizeof (CK_SLOT_ID)); rv = (funcs->C_GetSlotList) (FALSE, slots, &count); } @@ -283,7 +283,7 @@ proxy_list_slots (Proxy *py, Mapping *mappings, unsigned int n_mappings) new_slots = calloc (count, sizeof(CK_SLOT_ID)); return_val_if_fail (new_slots != NULL, CKR_HOST_MEMORY); - new_mappings = realloc (py->mappings, sizeof (Mapping) * (py->n_mappings + count)); + new_mappings = reallocarray (py->mappings, (py->n_mappings + count), sizeof (Mapping)); return_val_if_fail (new_mappings != NULL, CKR_HOST_MEMORY); py->mappings = new_mappings; @@ -744,7 +744,7 @@ proxy_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, CK_SLOT_ID id) { State *state = (State *)self; - CK_SESSION_HANDLE_PTR to_close; + CK_SESSION_HANDLE_PTR to_close = NULL; CK_RV rv = CKR_OK; Session *sess; CK_ULONG i, count = 0; @@ -756,7 +756,7 @@ proxy_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, rv = CKR_CRYPTOKI_NOT_INITIALIZED; } else { assert (state->px->sessions != NULL); - to_close = calloc (sizeof (CK_SESSION_HANDLE), p11_dict_size (state->px->sessions)); + to_close = calloc (p11_dict_size (state->px->sessions) + 1, sizeof (CK_SESSION_HANDLE)); if (!to_close) { rv = CKR_HOST_MEMORY; } else { diff --git a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c index be45c18..8dfa30b 100644 --- a/p11-kit/rpc-message.c +++ b/p11-kit/rpc-message.c @@ -43,6 +43,7 @@ #include "rpc-message.h" #include +#include #include #define ELEMS(x) (sizeof (x) / sizeof (x[0])) @@ -114,6 +115,18 @@ p11_rpc_message_alloc_extra (p11_rpc_message *msg, return (void *)(data + 1); } +void * +p11_rpc_message_alloc_extra_array (p11_rpc_message *msg, + size_t nmemb, + size_t size) +{ + if (nmemb != 0 && (SIZE_MAX - sizeof (void *)) / nmemb < size) { + errno = ENOMEM; + return NULL; + } + return p11_rpc_message_alloc_extra (msg, nmemb * size); +} + bool p11_rpc_message_prep (p11_rpc_message *msg, int call_id, @@ -744,7 +757,7 @@ p11_rpc_buffer_get_byte_array (p11_buffer *buf, return false; } - if (buf->len < len || *offset > buf->len - len) { + if (buf->len < len || off > buf->len - len) { p11_buffer_fail (buf); return false; } @@ -1213,7 +1226,7 @@ p11_rpc_buffer_get_attribute (p11_buffer *buffer, size_t *offset, CK_ATTRIBUTE *attr) { - uint32_t type, length; + uint32_t type, length, decode_length; unsigned char validity; p11_rpc_attribute_serializer *serializer; p11_rpc_value_type value_type; @@ -1243,8 +1256,13 @@ p11_rpc_buffer_get_attribute (p11_buffer *buffer, assert (serializer != NULL); if (!serializer->decode (buffer, offset, attr->pValue, &attr->ulValueLen)) return false; - if (!attr->pValue) + if (!attr->pValue) { + decode_length = attr->ulValueLen; attr->ulValueLen = length; + if (decode_length > length) { + return false; + } + } attr->type = type; return true; } diff --git a/p11-kit/rpc-message.h b/p11-kit/rpc-message.h index 989bbc0..62e7b18 100644 --- a/p11-kit/rpc-message.h +++ b/p11-kit/rpc-message.h @@ -255,6 +255,10 @@ void p11_rpc_message_clear (p11_rpc_message *msg); void * p11_rpc_message_alloc_extra (p11_rpc_message *msg, size_t length); +void * p11_rpc_message_alloc_extra_array (p11_rpc_message *msg, + size_t nmemb, + size_t size); + bool p11_rpc_message_prep (p11_rpc_message *msg, int call_id, p11_rpc_message_type type); diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c index 846ee94..dfdb76d 100644 --- a/p11-kit/rpc-server.c +++ b/p11-kit/rpc-server.c @@ -88,7 +88,7 @@ proto_read_byte_buffer (p11_rpc_message *msg, if (length == 0) return CKR_OK; - *buffer = p11_rpc_message_alloc_extra (msg, length * sizeof (CK_BYTE)); + *buffer = p11_rpc_message_alloc_extra_array (msg, length, sizeof (CK_BYTE)); if (*buffer == NULL) return CKR_DEVICE_MEMORY; @@ -186,7 +186,7 @@ proto_read_ulong_buffer (p11_rpc_message *msg, if (length == 0) return CKR_OK; - *buffer = p11_rpc_message_alloc_extra (msg, length * sizeof (CK_ULONG)); + *buffer = p11_rpc_message_alloc_extra_array (msg, length, sizeof (CK_ULONG)); if (!*buffer) return CKR_DEVICE_MEMORY; @@ -246,7 +246,7 @@ proto_read_attribute_buffer (p11_rpc_message *msg, return PARSE_ERROR; /* Allocate memory for the attribute structures */ - attrs = p11_rpc_message_alloc_extra (msg, n_attrs * sizeof (CK_ATTRIBUTE)); + attrs = p11_rpc_message_alloc_extra_array (msg, n_attrs, sizeof (CK_ATTRIBUTE)); if (attrs == NULL) return CKR_DEVICE_MEMORY; @@ -300,7 +300,7 @@ proto_read_attribute_array (p11_rpc_message *msg, return PARSE_ERROR; /* Allocate memory for the attribute structures */ - attrs = p11_rpc_message_alloc_extra (msg, n_attrs * sizeof (CK_ATTRIBUTE)); + attrs = p11_rpc_message_alloc_extra_array (msg, n_attrs, sizeof (CK_ATTRIBUTE)); if (attrs == NULL) return CKR_DEVICE_MEMORY; diff --git a/po/p11-kit.pot b/po/p11-kit.pot index ca34955..b7c06ee 100644 --- a/po/p11-kit.pot +++ b/po/p11-kit.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: p11-kit 0.23.21\n" +"Project-Id-Version: p11-kit 0.23.22\n" "Report-Msgid-Bugs-To: https://github.com/p11-glue/p11-kit/issues\n" -"POT-Creation-Date: 2020-08-18 16:34+0200\n" +"POT-Creation-Date: 2020-12-11 18:57+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" diff --git a/trust/Makefile.am b/trust/Makefile.am index 6fd740b..c1d7578 100644 --- a/trust/Makefile.am +++ b/trust/Makefile.am @@ -122,6 +122,7 @@ bashcomp_DATA += bash-completion/trust endif EXTRA_DIST += \ + trust/trust-extract-compat \ trust/p11-kit-trust.module \ trust/meson.build diff --git a/trust/anchor.c b/trust/anchor.c index fab9cf6..5ba5065 100644 --- a/trust/anchor.c +++ b/trust/anchor.c @@ -64,9 +64,10 @@ create_arg_file_parser (void) return_val_if_fail (parser != NULL, NULL); p11_parser_formats (parser, - p11_parser_format_x509, - p11_parser_format_pem, - NULL); + p11_parser_format_persist, + p11_parser_format_x509, + p11_parser_format_pem, + NULL); return parser; } diff --git a/trust/index.c b/trust/index.c index 27b9717..a57f7ec 100644 --- a/trust/index.c +++ b/trust/index.c @@ -273,7 +273,7 @@ bucket_insert (index_bucket *bucket, alloc = alloc ? alloc * 2 : 1; return_if_fail (alloc != 0); - elem = realloc (bucket->elem, alloc * sizeof (CK_OBJECT_HANDLE)); + elem = reallocarray (bucket->elem, alloc, sizeof (CK_OBJECT_HANDLE)); return_if_fail (elem != NULL); bucket->elem = elem; } @@ -297,7 +297,7 @@ bucket_push (index_bucket *bucket, alloc = alloc ? alloc * 2 : 1; return_val_if_fail (alloc != 0, false); - elem = realloc (bucket->elem, alloc * sizeof (CK_OBJECT_HANDLE)); + elem = reallocarray (bucket->elem, alloc, sizeof (CK_OBJECT_HANDLE)); return_val_if_fail (elem != NULL, false); bucket->elem = elem; } diff --git a/trust/meson.build b/trust/meson.build index 4ca0687..482a3c1 100644 --- a/trust/meson.build +++ b/trust/meson.build @@ -105,6 +105,9 @@ executable('trust', libp11_tool_dep] + libffi_deps + dlopen_deps + libtasn1_deps, install: true) +install_data('trust-extract-compat', + install_dir: prefix / privatedir) + # Tests ---------------------------------------------------------------- if get_option('test') @@ -146,7 +149,7 @@ if get_option('test') dependencies: [asn_h_dep, libp11_kit_dep, libp11_library_dep, - libp11_test_dep] + dlopen_deps, + libp11_test_dep] + libtasn1_deps + dlopen_deps, link_with: [libtrust_testable, libtrust_data, libtrust_test]) test(name, t) endforeach diff --git a/trust/test-extract.sh b/trust/test-extract.sh index 61745a9..2ddbd79 100644 --- a/trust/test-extract.sh +++ b/trust/test-extract.sh @@ -8,7 +8,7 @@ teardown() if [ -d $x ]; then rmdir $x elif [ -f $x ]; then - rm $x + rm -f $x fi done TD="" @@ -51,6 +51,7 @@ setup() CERT_1_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') CERT_2_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') CERT_3_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') + CERT_4_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') # Generate relevant certificates openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ @@ -59,8 +60,10 @@ setup() -out cert_2.pem -subj /CN=$CERT_2_CN openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ -out cert_3.pem -subj /CN=$CERT_3_CN + openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ + -out cert_4.pem -subj /CN=$CERT_4_CN - TD="cert_1.pem cert_2.pem cert_3.pem $TD" + TD="cert_1.pem cert_2.pem cert_3.pem cert_4.pem $TD" mkdir -p $SOURCE_1/anchors cp cert_1.pem $SOURCE_1/anchors/ @@ -70,6 +73,15 @@ setup() cp cert_3.pem $SOURCE_2/anchors/ TD="$SOURCE_1/anchors/cert_1.pem $SOURCE_2/anchors/cert_2.pem $SOURCE_2/anchors/cert_3.pem $TD" + + cat > cert_4.p11-kit <> cert_4.p11-kit + trust anchor --store cert_4.p11-kit + TD="cert_4.p11-kit $SOURCE_1/$CERT_4_CN.p11-kit $TD" } test_extract() @@ -81,6 +93,7 @@ test_extract() assert_contains extract-test.pem $CERT_1_CN assert_contains extract-test.pem $CERT_2_CN assert_contains extract-test.pem $CERT_3_CN + assert_contains extract-test.pem $CERT_4_CN } test_blacklist() @@ -97,4 +110,12 @@ test_blacklist() assert_not_contains blacklist-test.pem $CERT_3_CN } -run test_extract test_blacklist +test_persist() +{ + if ! (trust dump --filter "pkcs11:object=$CERT_4_CN" | \ + grep '^nss-server-distrust-after: "191228000000Z"$') 2>&1 >/dev/null; then + assert_fail "nss-server-distrust-after is not preserved" + fi +} + +run test_extract test_blacklist test_persist diff --git a/trust/trust-extract-compat b/trust/trust-extract-compat new file mode 100755 index 0000000..b1b7a08 --- /dev/null +++ b/trust/trust-extract-compat @@ -0,0 +1,32 @@ +#!/bin/sh + +# This script is a placeholder designed to be replaced when this software +# has been customized for distribution. It should be symlinked linked to the +# distribution's update-ca-certificates or update-ca-trust command as +# appropriate. In the future this script will be called when the PKCS#11 +# trust module is used to modify trust anchors and related data. + +if [ $# -ne 0 ]; then + echo "usage: trust extract-compat" >&2 + exit 2 +fi + +uid=$(id -u) +if [ "$uid" != 0 ]; then + echo "trust: running as non-root user: skip extracting compat bundles" >&2 + exit 0 +fi + +echo "trust: the placeholder extract-compat command has not been customized by your distribution." >&2 + +# You can use commands like this to extract data from trust modules +# into appropriate locations for your distribution. +# +# trust extract --format=openssl-bundle --filter=ca-anchors \ +# --overwrite /tmp/openssl-bundle.pem +# trust extract --format=pem-bundle --filter=ca-anchors --overwrite \ +# --purpose server-auth /tmp/server-auth-bundle.pem +# trust extract --format=java-cacerts --filter=ca-anchors --overwrite \ +# --purpose server-auth /tmp/cacerts + +exit 1