[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-93-gba1f72e
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-93-gba1f72e |
|
Date: |
Wed, 15 Jun 2011 19:42:44 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=ba1f72e1084d80655668353dc6cc142cf54d3a14
The branch, master has been updated
via ba1f72e1084d80655668353dc6cc142cf54d3a14 (commit)
via 9d6aa26c04402b1969c80c743183802eedd5bda2 (commit)
via 2e6fbad4423350f2357f05266e6a6f3dffcc27cf (commit)
via 7f0fcc3395a01e5253dd251b300fa298283aabb6 (commit)
from 91b8780df570ce1a94a516c8cc7a5b7778bb2243 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ba1f72e1084d80655668353dc6cc142cf54d3a14
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 15 21:32:19 2011 +0200
When setting the TRUSTED flag login as security officer.
commit 9d6aa26c04402b1969c80c743183802eedd5bda2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 15 20:55:15 2011 +0200
write label in PKCS #11 privkey.
commit 2e6fbad4423350f2357f05266e6a6f3dffcc27cf
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 15 20:52:11 2011 +0200
define ck_bool_t to be compatible with PKCS #11 bool type.
commit 7f0fcc3395a01e5253dd251b300fa298283aabb6
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 15 21:39:48 2011 +0200
ignore more warnings.
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 1 +
lib/gnutls_privkey.c | 1 -
lib/gnutls_pubkey.c | 1 -
lib/includes/gnutls/pkcs11.h | 1 +
lib/pkcs11.c | 4 +++-
lib/pkcs11_int.h | 2 +-
lib/pkcs11_privkey.c | 1 -
lib/pkcs11_secret.c | 2 +-
lib/pkcs11_write.c | 12 ++++++++++--
src/pkcs11.c | 7 ++++++-
10 files changed, 23 insertions(+), 9 deletions(-)
diff --git a/configure.ac b/configure.ac
index e16894a..3e8a7ff 100644
--- a/configure.ac
+++ b/configure.ac
@@ -247,6 +247,7 @@ if test "$gl_gcc_warnings" = yes; then
gl_WARN_ADD([-Wno-missing-field-initializers]) # We need this one
gl_WARN_ADD([-Wno-sign-compare]) # Too many warnings for now
gl_WARN_ADD([-Wno-pointer-sign]) # Too many warnings for now
+ gl_WARN_ADD([-Wno-unused-result]) # warnings for things we don't want to get
gl_WARN_ADD([-Wno-unused-parameter]) # Too many warnings for now
gl_WARN_ADD([-Wno-unused-parameter]) # Too many warnings for now
gl_WARN_ADD([-Wno-stack-protector]) # Some functions cannot be protected
diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c
index f701ec4..45731d3 100644
--- a/lib/gnutls_privkey.c
+++ b/lib/gnutls_privkey.c
@@ -23,7 +23,6 @@
#include <gnutls_int.h>
#include <gnutls/pkcs11.h>
#include <stdio.h>
-#include <stdbool.h>
#include <string.h>
#include <gnutls_errors.h>
#include <gnutls_datum.h>
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c
index 3199492..2a09808 100644
--- a/lib/gnutls_pubkey.c
+++ b/lib/gnutls_pubkey.c
@@ -23,7 +23,6 @@
#include <gnutls_int.h>
#include <gnutls/pkcs11.h>
#include <stdio.h>
-#include <stdbool.h>
#include <string.h>
#include <gnutls_errors.h>
#include <gnutls_datum.h>
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 4f2cefd..c1b7981 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -68,6 +68,7 @@ int gnutls_pkcs11_obj_init (gnutls_pkcs11_obj_t * obj);
#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN (1<<0) /* force login in the token
for the operation */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as
trusted */
#define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as
sensitive (unexportable) */
+#define GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO (1<<3) /* force login as a
security officer in the token for the operation */
/**
* gnutls_pkcs11_url_type_t:
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 7b3e106..3e030a4 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1054,7 +1054,7 @@ pkcs11_obj_import_pubkey (struct ck_function_list *module,
opaque tmp1[2048];
opaque tmp2[2048];
int ret;
- unsigned int tval;
+ ck_bool_t tval;
a[0].type = CKA_KEY_TYPE;
a[0].value = &key_type;
@@ -1396,6 +1396,8 @@ pkcs11_obj_flags_to_int (unsigned int flags)
if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN)
ret_flags |= SESSION_LOGIN;
+ else if (flags & GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO)
+ ret_flags |= SESSION_LOGIN|SESSION_SO;
return ret_flags;
}
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
index 70df3ba..7ff7869 100644
--- a/lib/pkcs11_int.h
+++ b/lib/pkcs11_int.h
@@ -11,8 +11,8 @@
#define PKCS11_ID_SIZE 128
#define PKCS11_LABEL_SIZE 128
-#define P11_KIT_API_SUBJECT_TO_CHANGE 1
#include <p11-kit/uri.h>
+typedef unsigned char ck_bool_t;
struct token_info
{
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index 0485c9a..a6ed247 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -23,7 +23,6 @@
#include <gnutls_int.h>
#include <gnutls/pkcs11.h>
#include <stdio.h>
-#include <stdbool.h>
#include <string.h>
#include <gnutls_errors.h>
#include <gnutls_datum.h>
diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c
index 6ae355f..aab723f 100644
--- a/lib/pkcs11_secret.c
+++ b/lib/pkcs11_secret.c
@@ -58,7 +58,7 @@ gnutls_pkcs11_copy_secret_key (const char *token_url,
gnutls_datum_t * key,
ck_object_class_t class = CKO_SECRET_KEY;
ck_object_handle_t obj;
ck_key_type_t keytype = CKK_GENERIC_SECRET;
- unsigned int tval = 1;
+ ck_bool_t tval = 1;
int a_val;
opaque id[16];
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index bc20b72..a81cce8 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -58,7 +58,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
ck_object_class_t class = CKO_CERTIFICATE;
ck_certificate_type_t type = CKC_X_509;
ck_object_handle_t obj;
- unsigned int tval = 1;
+ ck_bool_t tval = 1;
int a_val;
ret = pkcs11_url_to_info (token_url, &info);
@@ -199,7 +199,7 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
ck_object_class_t class = CKO_PRIVATE_KEY;
ck_object_handle_t obj;
ck_key_type_t type;
- unsigned int tval = 1;
+ ck_bool_t tval = 1;
int a_val;
gnutls_pk_algorithm_t pk;
gnutls_datum_t p, q, g, y, x;
@@ -260,6 +260,14 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
a[a_val].value_len = sizeof (tval);
a_val++;
+ if (label)
+ {
+ a[a_val].type = CKA_LABEL;
+ a[a_val].value = (void *) label;
+ a[a_val].value_len = strlen (label);
+ a_val++;
+ }
+
if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE)
tval = 1;
else
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 4bb10a6..dafabe3 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -145,7 +145,12 @@ pkcs11_list (FILE * outfile, const char *url, int type,
unsigned int login,
unsigned int obj_flags = 0;
if (login)
- obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
+ {
+ if (type == PKCS11_TYPE_TRUSTED)
+ obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO;
+ else
+ obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN;
+ }
pkcs11_common ();
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_99_2-93-gba1f72e,
Nikos Mavrogiannopoulos <=