Add socket based server #15

ueno · 2016-11-25T15:20:31Z

This pull request adds a new p11-kit server command, which provides a Unix domain socket based server to expose access to smartcards.

ueno · 2017-01-09T15:33:38Z

I have added the stuff needed for PKCS#11 forwarding through OpenSSH. Here is an example usage.

On the local host, start the server:

local$ p11-kit server 'pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=67060e945183d131;token=Daiki%27s%20token'
P11_KIT_SERVER_ADDRESS='/run/user/15082/p11-kit/pkcs11-12345'
P11_KIT_SERVER_PID=12345

and forward the socket with ssh -R:

local$ ssh -R /run/user/<remote-user-id>/p11-kit/pkcs11:$P11_KIT_SERVER_ADDRESS remote

Note that /run/user/<remote-user-id>/p11-kit must be created in advance. One way to automate that is using systemd user service:

remote$ cat ~/.config/systemd/user/p11-kit-client.service
[Unit]
Description=Create directory for p11-kit client
[Service]
Type=oneshot
ExecStart=/usr/bin/mkdir %t/p11-kit
[Install]
WantedBy=default.target

remote$ systemctl --user enable p11-kit-client.service

On the remote host, access the forwarded socket through p11-kit-client.so:

remote$ p11tool --provider /usr/lib64/pkcs11/p11-kit-client.so --test-sign --login 'pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=67060e945183d131;token=Daiki%27s%20token;id=%09%7c%5e%bd%55%a6%37%d7%ee%99%e1%f9%7e%71%cf%56%81%8d%60%9f;object=Daiki%27s%20key;type=private'
Token 'Daiki's token' with URL 'pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=67060e945183d131;token=Daiki%27s%20token' requires user PIN
Enter PIN: 
Verifying against private key parameters... ok
Verifying against public key in the token... ok

ueno · 2017-01-25T12:07:09Z

Rebased against #38

This adds a new tool to the p11-kit command called 'server', which allows us to access a PKCS#11 module over a Unix domain socket. Internally, it is implemented as a wrapper around 'p11-kit remote'. Upon connection it executes 'p11-kit remote' in a forked process.

This patch adds a PKCS#11 module that connects to the p11-kit server exposed on the filesystem. The filename of the socket is determined in the following order: - $P11_KIT_SERVER_ADDRESS, if the envvar is available - $XDG_RUNTIME_DIR/p11-kit/pkcs11, if the envvar is available - /run/$(id -u)/p11-kit/pkcs11, if /run/$(id -u) exists - /var/run/$(id -u)/p11-kit/pkcs11, if /var/run/$(id -u) exists - ~/.cache/p11-kit/pkcs11. Note that the program loading this module may have called setuid() and secure_getenv() which we use for fetching envvars could return NULL.

Reads after the end of the array happen when removing elements as well as if the last element was removed. Note that the new if is required because memmove() expects a size_t as length, so we must ensure that it can not be negative. The full AddressSanitizer report is: | ================================================================= | ==27174==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x616000000bb0 at pc 0x00010f8b618d bp 0x7ff7b0b5c3c0 sp 0x7ff7b0b5bb80 | READ of size 560 at 0x616000000bb0 thread T0 | #0 0x10f8b618c in wrap_memcpy+0x16c (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) | p11-glue#1 0x111a9bac5 in rpc_C_GetMechanismList+0x18c (p11-kit-client.so:x86_64+0x18ac5) | p11-glue#2 0x111823534 in p11prov_GetMechanismList interface.gen.c:138 | p11-glue#3 0x11184e404 in get_slot_mechanisms session.c:113 | p11-glue#4 0x11184c3ba in p11prov_init_slots session.c:226 | p11-glue#5 0x111843fed in p11prov_module_init provider.c:1035 | p11-glue#6 0x1118417a9 in OSSL_provider_init provider.c:1102 | p11-glue#7 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | p11-glue#8 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | p11-glue#9 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | p11-glue#10 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | p11-glue#11 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | p11-glue#12 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | p11-glue#13 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | p11-glue#14 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | p11-glue#15 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | p11-glue#16 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | p11-glue#17 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | p11-glue#18 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | p11-glue#19 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | p11-glue#20 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | p11-glue#21 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | 0x616000000bb0 is located 0 bytes to the right of 560-byte region [0x616000000980,0x616000000bb0) | allocated by thread T0 here: | #0 0x10f8e1ed0 in wrap_malloc+0xa0 (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4aed0) | p11-glue#1 0x111f1432f in CRYPTO_malloc+0x8f (libcrypto.3.dylib:x86_64+0x16332f) | p11-glue#2 0x11184e1a8 in get_slot_mechanisms session.c:107 | p11-glue#3 0x11184c3ba in p11prov_init_slots session.c:226 | p11-glue#4 0x111843fed in p11prov_module_init provider.c:1035 | p11-glue#5 0x1118417a9 in OSSL_provider_init provider.c:1102 | p11-glue#6 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | p11-glue#7 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | p11-glue#8 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | p11-glue#9 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | p11-glue#10 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | p11-glue#11 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | p11-glue#12 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | p11-glue#13 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | p11-glue#14 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | p11-glue#15 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | p11-glue#16 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | p11-glue#17 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | p11-glue#18 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | p11-glue#19 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | p11-glue#20 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) in wrap_memcpy+0x16c | Shadow bytes around the buggy address: | 0x1c2c00000120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | =>0x1c2c00000170: 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa fa fa | 0x1c2c00000180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | Shadow byte legend (one shadow byte represents 8 application bytes): | Addressable: 00 | Partially addressable: 01 02 03 04 05 06 07 | Heap left redzone: fa | Freed heap region: fd | Stack left redzone: f1 | Stack mid redzone: f2 | Stack right redzone: f3 | Stack after return: f5 | Stack use after scope: f8 | Global redzone: f9 | Global init order: f6 | Poisoned by user: f7 | Container overflow: fc | Array cookie: ac | Intra object redzone: bb | ASan internal: fe | Left alloca redzone: ca | Right alloca redzone: cb | ==27174==ABORTING | Abort trap: 6 Signed-off-by: Clemens Lang <[email protected]>

Reads after the end of the array happen when removing elements as well as if the last element was removed. Note that the new if is required because memmove() expects a size_t as length, so we must ensure that it can not be negative. The full AddressSanitizer report is: | ================================================================= | ==27174==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x616000000bb0 at pc 0x00010f8b618d bp 0x7ff7b0b5c3c0 sp 0x7ff7b0b5bb80 | READ of size 560 at 0x616000000bb0 thread T0 | #0 0x10f8b618c in wrap_memcpy+0x16c (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) | p11-glue#1 0x111a9bac5 in rpc_C_GetMechanismList+0x18c (p11-kit-client.so:x86_64+0x18ac5) | p11-glue#2 0x111823534 in p11prov_GetMechanismList interface.gen.c:138 | p11-glue#3 0x11184e404 in get_slot_mechanisms session.c:113 | p11-glue#4 0x11184c3ba in p11prov_init_slots session.c:226 | p11-glue#5 0x111843fed in p11prov_module_init provider.c:1035 | p11-glue#6 0x1118417a9 in OSSL_provider_init provider.c:1102 | p11-glue#7 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | p11-glue#8 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | p11-glue#9 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | p11-glue#10 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | p11-glue#11 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | p11-glue#12 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | p11-glue#13 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | p11-glue#14 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | p11-glue#15 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | p11-glue#16 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | p11-glue#17 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | p11-glue#18 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | p11-glue#19 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | p11-glue#20 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | p11-glue#21 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | 0x616000000bb0 is located 0 bytes to the right of 560-byte region [0x616000000980,0x616000000bb0) | allocated by thread T0 here: | #0 0x10f8e1ed0 in wrap_malloc+0xa0 (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4aed0) | p11-glue#1 0x111f1432f in CRYPTO_malloc+0x8f (libcrypto.3.dylib:x86_64+0x16332f) | p11-glue#2 0x11184e1a8 in get_slot_mechanisms session.c:107 | p11-glue#3 0x11184c3ba in p11prov_init_slots session.c:226 | p11-glue#4 0x111843fed in p11prov_module_init provider.c:1035 | p11-glue#5 0x1118417a9 in OSSL_provider_init provider.c:1102 | p11-glue#6 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | p11-glue#7 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | p11-glue#8 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | p11-glue#9 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | p11-glue#10 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | p11-glue#11 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | p11-glue#12 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | p11-glue#13 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | p11-glue#14 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | p11-glue#15 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | p11-glue#16 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | p11-glue#17 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | p11-glue#18 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | p11-glue#19 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | p11-glue#20 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) in wrap_memcpy+0x16c | Shadow bytes around the buggy address: | 0x1c2c00000120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | =>0x1c2c00000170: 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa fa fa | 0x1c2c00000180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | Shadow byte legend (one shadow byte represents 8 application bytes): | Addressable: 00 | Partially addressable: 01 02 03 04 05 06 07 | Heap left redzone: fa | Freed heap region: fd | Stack left redzone: f1 | Stack mid redzone: f2 | Stack right redzone: f3 | Stack after return: f5 | Stack use after scope: f8 | Global redzone: f9 | Global init order: f6 | Poisoned by user: f7 | Container overflow: fc | Array cookie: ac | Intra object redzone: bb | ASan internal: fe | Left alloca redzone: ca | Right alloca redzone: cb | ==27174==ABORTING | Abort trap: 6 Signed-off-by: Clemens Lang <[email protected]> Modified-by: Daiki Ueno <[email protected]>

Reads after the end of the array happen when removing elements as well as if the last element was removed. Note that the new if is required because memmove() expects a size_t as length, so we must ensure that it can not be negative. The full AddressSanitizer report is: | ================================================================= | ==27174==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x616000000bb0 at pc 0x00010f8b618d bp 0x7ff7b0b5c3c0 sp 0x7ff7b0b5bb80 | READ of size 560 at 0x616000000bb0 thread T0 | #0 0x10f8b618c in wrap_memcpy+0x16c (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) | #1 0x111a9bac5 in rpc_C_GetMechanismList+0x18c (p11-kit-client.so:x86_64+0x18ac5) | #2 0x111823534 in p11prov_GetMechanismList interface.gen.c:138 | #3 0x11184e404 in get_slot_mechanisms session.c:113 | #4 0x11184c3ba in p11prov_init_slots session.c:226 | #5 0x111843fed in p11prov_module_init provider.c:1035 | #6 0x1118417a9 in OSSL_provider_init provider.c:1102 | #7 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | #8 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | #9 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | #10 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | #11 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | #12 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | #13 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | #14 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | #15 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | #16 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | #17 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | #18 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | #19 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | #20 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | #21 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | 0x616000000bb0 is located 0 bytes to the right of 560-byte region [0x616000000980,0x616000000bb0) | allocated by thread T0 here: | #0 0x10f8e1ed0 in wrap_malloc+0xa0 (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x4aed0) | #1 0x111f1432f in CRYPTO_malloc+0x8f (libcrypto.3.dylib:x86_64+0x16332f) | #2 0x11184e1a8 in get_slot_mechanisms session.c:107 | #3 0x11184c3ba in p11prov_init_slots session.c:226 | #4 0x111843fed in p11prov_module_init provider.c:1035 | #5 0x1118417a9 in OSSL_provider_init provider.c:1102 | #6 0x11080ee97 in provider_activate+0x117 (libcrypto.3.dylib:x86_64+0x12be97) | #7 0x11080eced in ossl_provider_activate+0x42 (libcrypto.3.dylib:x86_64+0x12bced) | #8 0x11080db4a in provider_conf_init+0x2a2 (libcrypto.3.dylib:x86_64+0x12ab4a) | #9 0x11075ae36 in CONF_modules_load+0x37b (libcrypto.3.dylib:x86_64+0x77e36) | #10 0x11075b0c9 in CONF_modules_load_file_ex+0x78 (libcrypto.3.dylib:x86_64+0x780c9) | #11 0x11075b899 in ossl_config_int+0x36 (libcrypto.3.dylib:x86_64+0x78899) | #12 0x110806ac9 in ossl_init_config_ossl_+0xa (libcrypto.3.dylib:x86_64+0x123ac9) | #13 0x7ff818b4acc4 in __pthread_once_handler+0x40 (libsystem_pthread.dylib:x86_64+0x2cc4) | #14 0x7ff818b61725 in _os_once_callout+0x11 (libsystem_platform.dylib:x86_64+0x1725) | #15 0x7ff818b4ac72 in pthread_once+0x49 (libsystem_pthread.dylib:x86_64+0x2c72) | #16 0x11081126c in CRYPTO_THREAD_run_once+0x8 (libcrypto.3.dylib:x86_64+0x12e26c) | #17 0x11080691d in OPENSSL_init_crypto+0x446 (libcrypto.3.dylib:x86_64+0x12391d) | #18 0x10f6032dc in OPENSSL_init_ssl+0x79 (libssl.3.dylib:x86_64+0x102dc) | #19 0x10f3c6287 in main+0x62 (openssl:x86_64+0x100024287) | #20 0x115f5252d in start+0x1cd (dyld:x86_64+0x552d) | | SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f18c) in wrap_memcpy+0x16c | Shadow bytes around the buggy address: | 0x1c2c00000120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c00000160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | =>0x1c2c00000170: 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa fa fa | 0x1c2c00000180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa | 0x1c2c00000190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0x1c2c000001c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | Shadow byte legend (one shadow byte represents 8 application bytes): | Addressable: 00 | Partially addressable: 01 02 03 04 05 06 07 | Heap left redzone: fa | Freed heap region: fd | Stack left redzone: f1 | Stack mid redzone: f2 | Stack right redzone: f3 | Stack after return: f5 | Stack use after scope: f8 | Global redzone: f9 | Global init order: f6 | Poisoned by user: f7 | Container overflow: fc | Array cookie: ac | Intra object redzone: bb | ASan internal: fe | Left alloca redzone: ca | Right alloca redzone: cb | ==27174==ABORTING | Abort trap: 6 Signed-off-by: Clemens Lang <[email protected]> Modified-by: Daiki Ueno <[email protected]>

ueno added the enhancement label Nov 25, 2016

ueno added this to the future milestone Nov 25, 2016

ueno mentioned this pull request Dec 14, 2016

filter: New virtual wrapper for access control #26

Merged

ueno force-pushed the wip/dueno/rpc-daemon branch from b3f7eef to 00fbb93 Compare January 9, 2017 15:25

ueno force-pushed the wip/dueno/rpc-daemon branch 10 times, most recently from 3a4de0f to 488a875 Compare January 13, 2017 10:57

lkundrak mentioned this pull request Jan 16, 2017

Improve usefullness of remoting #18

Closed

ueno mentioned this pull request Jan 18, 2017

rpc: New rpc_unix transport based on Unix socket #38

Merged

ueno force-pushed the wip/dueno/rpc-daemon branch 4 times, most recently from eaf9122 to f388e0c Compare January 25, 2017 12:03

ueno force-pushed the wip/dueno/rpc-daemon branch 2 times, most recently from 9c37f07 to 423b999 Compare January 26, 2017 13:03

ueno force-pushed the wip/dueno/rpc-daemon branch from 423b999 to 9046462 Compare February 16, 2017 16:38

Nikos Mavrogiannopoulos and others added 5 commits February 17, 2017 10:00

common: New p11_get_upeer_id() function

56ecdd9

remote, server: Recognize PKCS#11 URI

786323f

remote: Add API to serve a token

3693280

ueno force-pushed the wip/dueno/rpc-daemon branch from 9046462 to dadaf2a Compare February 17, 2017 09:15

ueno merged commit 0684cd7 into p11-glue:master Feb 17, 2017

ueno deleted the wip/dueno/rpc-daemon branch March 1, 2017 08:53

neverpanic mentioned this pull request Feb 1, 2023

rpc: Fix two off-by-one errors identified by asan #454

Closed

ueno mentioned this pull request Feb 28, 2023

rpc: Fix two off-by-one errors identified by asan #456

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add socket based server #15

Add socket based server #15

ueno commented Nov 25, 2016

ueno commented Jan 9, 2017 •

edited

Loading

ueno commented Jan 25, 2017

Add socket based server #15

Add socket based server #15

Conversation

ueno commented Nov 25, 2016

ueno commented Jan 9, 2017 • edited Loading

ueno commented Jan 25, 2017

ueno commented Jan 9, 2017 •

edited

Loading