summaryrefslogtreecommitdiffstats
path: root/src/shared/pkcs11-util.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* env-util: replace unsetenv_erase() by new getenv_steal_erase() helperLennart Poettering2022-02-201-5/+7
| | | | | | | | The new helper combines a bunch of steps every invocation of unsetenv_erase() did so far: getenv() + strdup() + unsetenv_erase(). Let's unify this into one helper that is harder to use incorrectly. It's in inspired by TAKE_PTR() in a way: get the env var out and invalidate where it was before.
* tree-wide: assorted Coccinelle fixesFrantisek Sumsal2021-10-081-3/+3
| | | | It's that time of year again.
* pkcs11-util: split pkcs11_token_login functionOndrej Kozina2021-08-191-37/+64
| | | | | | | | | | Future systemd-pkcs11 plugin requires unlock via single call with supplied pin. To reduce needless code duplication in plugin itself split original pkcs_11_token_login call in two calls: new pkcs11_token_login_by_pin and the former where loop for retrying via PIN query callback remains.
* cryptsetup-pkcs11: move pkcs11_callback and data in shared utils.Ondrej Kozina2021-08-191-0/+68
| | | | | To be used later by both (future) systemd-pkcs11 libcryptsetup plugin and cryptsetup-pkcs11.
* env-util: add unsetenv_erase() helperLennart Poettering2021-08-171-3/+2
| | | | Let's unify how we remove secrets from the env block.
* cryptsetup: add 'headless' parameter to skip password/pin queryLuca Boccassi2021-05-071-2/+5
| | | | | | On headless setups, in case other methods fail, asking for a password/pin is not useful as there are no users on the terminal, and generates unwanted noise. Add a parameter to /etc/crypttab to skip it.
* Extend characters set for PKCS11 URI Oleg Popov2021-04-101-1/+1
| | | | | | There are tokens with dots (and other symbols) in PKCS11 URI: pkcs11:model=Rutoken%20ECP;manufacturer=Aktiv%20Co.;serial=3xxxxxxb;token=livelace pkcs11:model=PRO;manufacturer=Aladdin%20R.D.;serial=CC62FB25;token=val%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00;id=%33%32%31%30%33%61%36%37%36%65%32%34%35%62%32%31;type=private
* ask-password: when querying for a password, try to read from credential ↵Lennart Poettering2021-03-261-3/+4
| | | | | | | | | | | | store first This adds generic support for the SetCredential=/LoadCredential= logic to our password querying infrastructure: if a password is requested by a program that has a credential store configured via $CREDENTIALS_DIRECTORY we'll look in it for a password. The "systemd-ask-password" tool is updated with an option to specify the credential to look for.
* homed: move code to list and resolve "auto" pkcs#11 URL into common codeLennart Poettering2020-12-171-0/+138
| | | | That way we can reuse it from systemd-cryptenroll.
* homed: move pkcs11 LUKS glue into shared codeLennart Poettering2020-12-171-0/+88
| | | | That way we can lter reuse it from cryptsetup/cryptenroll too.
* random-util: open /dev/urandom implicitly in random_write_entropy() if neededLennart Poettering2020-12-031-6/+1
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* tree-wide: assorted coccinelle fixesFrantisek Sumsal2020-10-091-10/+9
|
* cryptsetup: Fix null pointer dereference (#16987)Mikael Szreder2020-09-091-2/+4
| | | | | cryptsetup: Fix null pointer dereference Fix null pointer dereference in the pkcs11 related code of systemd-cryptsetup
* homectl: add --pkcs11-uri=auto and --pkcs-11-uri=list supportLennart Poettering2020-07-011-11/+29
| | | | | We have the same for FIDO2 devices, for listing suitable devices, or picking the right one automatically, let's add that for PKCS11 too.
* pkcs11-util: reduce scope of a variableLennart Poettering2020-07-011-20/+21
|
* tree-wide: spellcheck using codespellZbigniew Jędrzejewski-Szmek2020-04-161-1/+1
| | | | Fixes #15436.
* pkcs11-util: don't mask return value of the first asprintf()Frantisek Sumsal2020-01-071-1/+1
| | | | Fixes CID#1409666
* shared: add pkcs11-util.[ch]Lennart Poettering2019-12-091-0/+912
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 08:50:01 +0100