trust: Ignore unreadable content in anchors

Fixes rhbz#1675441

.gitignore

@@ -8,3 +8,15 @@
 /p11-kit-client.service
 /trust-extract-compat
 /p11-kit-0.23.9.tar.gz
+/p11-kit-client.service
+/trust-extract-compat
+/p11-kit-0.23.10.tar.gz
+/p11-kit-client.service
+/trust-extract-compat
+/p11-kit-0.23.12.tar.gz
+/p11-kit-client.service
+/trust-extract-compat
+/p11-kit-0.23.14.tar.gz
+/p11-kit-client.service
+/trust-extract-compat
+/p11-kit-0.23.15.tar.gz

0001-trust-Ignore-unreadable-content-in-anchors.patch

@@ -0,0 +1,181 @@
+From e2170b295992cb7fdf115227a78028ac3780619f Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Mon, 18 Feb 2019 14:53:49 +0100
+Subject: [PATCH] trust: Ignore unreadable content in anchors
+
+This amends eb503f3a1467f21a5ecc9ae84ae23b216afc102f.  Instead of
+failing C_FindObjectsInit, treat any errors internally and accumulates
+the successfully loaded certificates.
+
+Reported by Andrej Kvasnica in:
+https://bugzilla.redhat.com/show_bug.cgi?id=1675441
+---
+ trust/module.c      |  3 +-
+ trust/test-module.c | 77 +++++++++++++++++++++++++++++++++++++++++++++
+ trust/token.c       | 23 ++++++--------
+ 3 files changed, 88 insertions(+), 15 deletions(-)
+
+diff --git a/trust/module.c b/trust/module.c
+index 1722340..ec3333d 100644
+--- a/trust/module.c
++++ b/trust/module.c
+@@ -1198,8 +1198,7 @@ sys_C_FindObjectsInit (CK_SESSION_HANDLE handle,
+ 				indices[n++] = session->index;
+ 			if (want_token_objects) {
+ 				if (!session->loaded)
+-					if (p11_token_load (session->token) < 0)
+-						rv = CKR_FUNCTION_FAILED;
++					p11_token_load (session->token);
+ 				if (rv == CKR_OK) {
+ 					session->loaded = CK_TRUE;
+ 					indices[n++] = p11_token_index (session->token);
+diff --git a/trust/test-module.c b/trust/test-module.c
+index 1e8d812..4024d81 100644
+--- a/trust/test-module.c
++++ b/trust/test-module.c
+@@ -163,6 +163,80 @@ setup_writable (void *unused)
+ 	p11_parser_formats (test.parser, p11_parser_format_persist, NULL);
+ }
+ 
++/* This is similar to setup(), but it adds an unreadable content in
++ * the anchor directory. */
++static void
++setup_unreadable (void *unused)
++{
++	CK_C_INITIALIZE_ARGS args;
++	const char *paths;
++	char *p, *pp, *anchors;
++	FILE *f, *ff;
++	char buffer[4096];
++	char *arguments;
++	CK_ULONG count;
++	CK_RV rv;
++
++	memset (&test, 0, sizeof (test));
++
++	/* This is the entry point of the trust module, linked to this test */
++	rv = C_GetFunctionList (&test.module);
++	assert (rv == CKR_OK);
++
++	test.directory = p11_test_directory ("test-module");
++	anchors = p11_path_build (test.directory, "anchors", NULL);
++#ifdef OS_UNIX
++	if (mkdir (anchors, S_IRWXU) < 0)
++#else
++	if (mkdir (anchors) < 0)
++#endif
++		assert_fail ("mkdir()", anchors);
++
++	p = p11_path_build (anchors, "unreadable", NULL);
++	f = fopen (p, "w");
++	fwrite ("foo", 3, 1, f);
++	fclose (f);
++	chmod (p, 0);
++	free (p);
++
++	pp = p11_path_build (anchors, "thawte", NULL);
++	ff = fopen (pp, "w");
++	f = fopen (SRCDIR "/trust/fixtures/thawte.pem", "r");
++	while (!feof (f)) {
++		size_t size;
++		size = fread (buffer, 1, sizeof (buffer), f);
++		if (ferror (f))
++			assert_fail ("fread()",
++				     SRCDIR "/trust/fixtures/thawte.pem");
++		fwrite (buffer, 1, size, ff);
++		if (ferror (ff))
++			assert_fail ("write()", pp);
++	}
++	free (pp);
++	fclose (ff);
++	fclose (f);
++	free (anchors);
++
++	memset (&args, 0, sizeof (args));
++	paths = SRCDIR "/trust/input" P11_PATH_SEP \
++		SRCDIR "/trust/fixtures/self-signed-with-ku.der";
++	if (asprintf (&arguments, "paths='%s%c%s'",
++		      paths, P11_PATH_SEP_C, test.directory) < 0)
++		assert (false && "not reached");
++	args.pReserved = arguments;
++	args.flags = CKF_OS_LOCKING_OK;
++
++	rv = test.module->C_Initialize (&args);
++	assert (rv == CKR_OK);
++
++	free (arguments);
++
++	count = NUM_SLOTS;
++	rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count);
++	assert (rv == CKR_OK);
++	assert (count == NUM_SLOTS);
++}
++
+ static void
+ test_get_slot_list (void)
+ {
+@@ -1324,5 +1398,8 @@ main (int argc,
+ 	p11_fixture (NULL, NULL);
+ 	p11_test (test_token_write_protected, "/module/token-write-protected");
+ 
++	p11_fixture (setup_unreadable, teardown);
++	p11_test (test_find_certificates, "/module/unreadable");
++
+ 	return p11_test_run (argc, argv);
+ }
+diff --git a/trust/token.c b/trust/token.c
+index b91a1d0..8c75d06 100644
+--- a/trust/token.c
++++ b/trust/token.c
+@@ -266,8 +266,8 @@ loader_load_directory (p11_token *token,
+ 		return_val_if_fail (path != NULL, -1);
+ 
+ 		ret = loader_load_if_file (token, path);
+-		return_val_if_fail (ret >=0, -1);
+-		total += ret;
++		if (ret >= 0)
++			total += ret;
+ 
+ 		/* Make note that this file was seen */
+ 		p11_dict_remove (present, path);
+@@ -328,8 +328,8 @@ loader_load_path (p11_token *token,
+ 			p11_dict_iterate (present, &iter);
+ 			while (p11_dict_next (&iter, (void **)&filename, NULL)) {
+ 				ret = loader_load_if_file (token, filename);
+-				return_val_if_fail (ret >= 0, ret);
+-				total += ret;
++				if (ret >= 0)
++					total += ret;
+ 			}
+ 		}
+ 
+@@ -377,20 +377,17 @@ p11_token_load (p11_token *token)
+ 	int ret;
+ 
+ 	ret = loader_load_path (token, token->path, &is_dir);
+-	if (ret < 0)
+-		return -1;
+-	total += ret;
++	if (ret >= 0)
++		total += ret;
+ 
+ 	if (is_dir) {
+ 		ret = loader_load_path (token, token->anchors, &is_dir);
+-		if (ret < 0)
+-			return -1;
+-		total += ret;
++		if (ret >= 0)
++			total += ret;
+ 
+ 		ret = loader_load_path (token, token->blacklist, &is_dir);
+-		if (ret < 0)
+-			return -1;
+-		total += ret;
++		if (ret >= 0)
++			total += ret;
+ 	}
+ 
+ 	return total;
+-- 
+2.20.1
+

p11-kit-server-eval-env.patch

@@ -1,52 +0,0 @@
-From 031912fa844c4f3da327c8b2578d9d9ce2a6473e Mon Sep 17 00:00:00 2001
-From: Daiki Ueno <dueno@redhat.com>
-Date: Thu, 5 Oct 2017 10:59:02 +0200
-Subject: [PATCH] server: Make it possible to eval envvar settings
-
-Previously, calling "eval $(p11-kit server)" from shell hung because
-the program didn't properly close stdout before forking.
----
- p11-kit/server.c | 20 +++++++++++---------
- 1 file changed, 11 insertions(+), 9 deletions(-)
-
-diff --git a/p11-kit/server.c b/p11-kit/server.c
-index 97e18e2..96c77ec 100644
---- a/p11-kit/server.c
-+++ b/p11-kit/server.c
-@@ -346,6 +346,17 @@ server_loop (Server *server,
- 	if (server->socket == -1)
- 		return 1;
- 
-+	if (!quiet) {
-+		char *path;
-+
-+		path = p11_path_encode (server->socket_name);
-+		printf ("P11_KIT_SERVER_ADDRESS=unix:path=%s\n", path);
-+		free (path);
-+		printf ("P11_KIT_SERVER_PID=%d\n", getpid ());
-+		fflush (stdout);
-+		close (STDOUT_FILENO);
-+	}
-+
- 	/* run as daemon */
- 	if (!foreground) {
- 		pid = fork ();
-@@ -372,15 +383,6 @@ server_loop (Server *server,
- 
- 	sigprocmask (SIG_BLOCK, &blockset, NULL);
- 
--	if (!quiet) {
--		char *path;
--
--		path = p11_path_encode (server->socket_name);
--		printf ("P11_KIT_SERVER_ADDRESS=unix:path=%s\n", path);
--		free (path);
--		printf ("P11_KIT_SERVER_PID=%d\n", getpid ());
--	}
--
- 	/* accept connections */
- 	ret = 0;
- 	for (;;) {
--- 
-2.13.6
-

p11-kit.spec

@@ -1,7 +1,6 @@
 # This spec file has been automatically updated
-Version:	0.23.9
-Release: 3%{?dist}
-Patch1:	p11-kit-server-eval-env.patch
+Version:	0.23.15
+Release: 2%{?dist}
 Name:           p11-kit
 Summary:        Library for loading and sharing PKCS#11 modules
 
@@ -10,7 +9,9 @@ URL:            http://p11-glue.freedesktop.org/p11-kit.html
 Source0:        https://github.com/p11-glue/p11-kit/releases/download/%{version}/p11-kit-%{version}.tar.gz
 Source1:        trust-extract-compat
 Source2:	p11-kit-client.service
+Patch0:		0001-trust-Ignore-unreadable-content-in-anchors.patch
 
+BuildRequires:  gcc
 BuildRequires:  libtasn1-devel >= 2.3
 BuildRequires:  libffi-devel
 BuildRequires:  gtk-doc
@@ -143,6 +144,21 @@ fi
 
 
 %changelog
+* Mon Feb 18 2019 Daiki Ueno <dueno@redhat.com> - 0.23.15-2
+- trust: Ignore unreadable content in anchors
+
+* Mon Jan 21 2019 Daiki Ueno <dueno@redhat.com> - 0.23.15-1
+- Update to upstream 0.23.15 release
+
+* Mon Sep 10 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-1
+- Update to upstream 0.23.14 release
+
+* Wed May 30 2018 Daiki Ueno <dueno@redhat.com> - 0.23.12-1
+- Update to upstream 0.23.11 release
+
+* Wed Feb 28 2018 Daiki Ueno <dueno@redhat.com> - 0.23.10-1
+- Update to upstream 0.23.10 release
+
 * Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.9-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
 

sources

@@ -1,3 +1,3 @@
 SHA512 (p11-kit-client.service) = 0f08618851c6eafb35c630957044fc96324be4d3828cdd2aa9b5d6e1245549197ca5b969d6a2f735c893d73c02e885cdc3205bd43e37f6124ebc6cfa61970d3b
 SHA512 (trust-extract-compat) = 91210705f9bcf1a13c0de1ca9943e3ac68296bfcb7953fc59241de060247b470b39be6e914dd4d92e38a78d5df0962c83315ad78f8c0eade8e62d884b05fdd42
-SHA512 (p11-kit-0.23.9.tar.gz) = 6a8a569483763d3ffacadf669b8ba9b9be38a77dd8dc366ca0cb91c44753517fa1879d4422e4e8dfbcac594565727839a619566a170c0f94f8e112f18b0086ed
+SHA512 (p11-kit-0.23.15.tar.gz) = d703eec12626b79551ce337521f7ea7b1a0b64c211d7a93d831dd28ec1de77c7b58358c1588bf82d70f047c01ad9433fa8a286d1a25ae3f6b0ee6016b8c42950