| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
* --enable-strict to enable -Werror, fatal warnings and disable
deprecations
* --disable-debug to G_DISABLE_ASSERT
* default debug for -g, WITH_DEBUG
* --enable-debug to -OO
|
|
|
|
|
| |
* Tag all secure memory with strings, and print out diagnostic
report of what's in use, upon request.
|
|
|
|
|
|
| |
* Update symbols for new APIs
* Update docs with new APIs
* Change how tests find fixture files.
|
| |
|
|
|
|
| |
* Remove -k from gtester arguments
|
|
|
|
|
|
| |
* From RHEL and Solaris OpenCSW
https://bugzilla.gnome.org/show_bug.cgi?id=647766
|
|
|
|
|
| |
* Bring up to date with gtester running and individual binaries.
* Make the tests run in make distcheck
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=647315
|
| |
|
| |
|
|
|
|
|
| |
* Make the standalone modules always resident after loading.
* Install modules to a path that's published in the pkg-config file.
|
|
|
|
|
|
| |
* Allows tests to be commented out or ifdefed.
* Faster building of tests.
* Other cleanup of tests.
|
|
|
|
| |
Add testing_data_to_scratch() function for use in tests.
|
|
|
|
|
| |
This attribute signifies whether the collection is properly encrypted
or not. Fix broken boolean check.
|
|
|
|
|
| |
* This is because attributes can vary depending on session
and we need the session to determine their value.
|
|
|
|
| |
* Including tests and necessary infrastructure.
|
| |
|
| |
|
|
|
|
|
| |
* Rip off bandaid (painful) whitespace cleanup.
* At the same time cleanup naming, and remove old cruft.
|
|
|
|
| |
* Also define locking on the daemon.
|
|
|
|
|
|
|
|
| |
* Cleanup all line endings for pkcs11 code.
* Rename C namespace to GKM
This is big "rip off the bandaid fast" change in order
to prevent later constant pain with git and naming.
|
|
|
|
|
|
|
|
|
|
|
| |
There was a major problem where the session keyring was being saved
to disk, and since it had to master password, as a cleartext keyring
Mark the session keyring as transient so it doesn't even come near
the storage code. Also rework the collection storage code, so that
it properly handles various corner cases.
Fixes bug #612977
|
|
|
|
|
|
|
| |
Handle all cases where a function may return a failure
with a NULL GError, such as preconditions and warnings.
Also use proper function for checking error codes.
|
|
|
|
| |
Include translatable files, and a null pointer dereference.
|
|
|
|
|
|
|
| |
This is necessary to allow creation of the login keyring, which
needs a specific CKA_ID. Also we return an already existing
collection if the ID matches one that already exists. This is
similar to the behavior of item creation.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
So basically we just don't return any results. This is for two reasons:
* PKCS#11 isn't very helpful to the caller of C_CreateObject about
which attribute was wrong.
* Race conditions abound where you set up a search of a collection
that is being deleted.
|
|
|
|
|
| |
If a new object was not created, such as when unwrapping a
secret item, then the attributes set were not stored properly.
|
| |
|
| |
|
|
|
|
| |
Fixes bug #606710
|
|
|
|
|
| |
Some minor fixes for creating unlock credentials with the right
attributes, such as making them available to all applications.
|
|
|
|
|
| |
The module had a bug which would cause collections that were reloaded
to appear as new collections
|
| |
|
| |
|
|
|
|
|
|
|
| |
Add the concept of a CKA_CREDENTIAL_TEMPLATE from which
credential objects for a given object take attributes.
Change around the various auto-destruct attributes.
|
| |
|
|
|
|
| |
This will be used for the Type secret API property.
|
|
|
|
|
|
| |
Previously most token objects did not have modifiable attributes, or at
least not those stored on the token. This changed with the addition
of secret objects.
|
|
|
|
| |
And do a bunch of distcheck fixes.
|
|
|
|
|
|
| |
After this commit, all callers must use the libgnome-keyring module
to access secrets. The old socket method and included library
no longer work.
|
| |
|
|
|
|
| |
Use appropriate method call for null secret.
|
|
|
|
|
| |
Use the credentials mechanism to allow changing master password
for a collection.
|
| |
|
|
|
|
|
|
|
| |
This is not very well tested, but all basically speced out
and implemented. We use wrapping and unwrapping to transfer
secrets via the aes algorithm, or simple get/set attributes
when transferring via plaintext.
|
|
|
|
|
|
| |
Factories are now able to recycle objects, if they match the
attributes in specific ways. Cleanup the factory function
signature, and the semantics of pointer ownership.
|
|
|
|
|
|
| |
This is necessary for creating collections, which expect
a credential when they are created. That credential is used
to lock the items.
|
|
|
|
|
| |
Don't use g_object_set_data instead use our own way of
associating data with credentials.
|