AgeCommit message (Collapse)AuthorFilesLines
2010-03-24Release version 0.1.2v0.1.2Samuel Lidén Borell3-2/+26
2010-03-23Implement the "NonVisibleData" parameterSamuel Lidén Borell9-12/+49
This parameter works like TextToBeSigned, except that the text is not shown to the user. It's used by Skatteverket (the Swedish Tax Office) to sign XML documents, for instance.
2010-03-23Allow signing without a subject filterSamuel Lidén Borell1-2/+1
2010-03-23Make the test page support signingSamuel Lidén Borell1-15/+30
This patch makes it possible to test signing, and not only authentication, on the test page.
2010-02-24Return NULL on failure, not falseLinus Walleij1-1/+1
Some boolean/pointer confusion fix. Signed-off-by: Linus Walleij <>
2010-02-24Use /dev/urandom if available for random stringLinus Walleij1-1/+23
David Wheeler writes that you should use the available services for random numbers when generating random numbers, so let's attempt to use /dev/urandom before we try libc:s intrinsic rand(). Signed-off-by: Linus Walleij <>
2010-02-23Fix some bugs from the second last patchSamuel Lidén Borell4-7/+9
These changes fix two bugs from the secure memory patch, 2605e8dd6ffd0b8cc710a3f91d58192cd510473a The one in gtk.c was caused by the password variable being dereferenced after it had been indexed (an operator precedence problem). This could cause a crash. The one in main.c was a logic error were an error message was sent as a parameter to the plugin. However, the plugin expects this parameter to be the Signature so this was wrong (but hard to spot!). I also changed a secmem_init_pool function to reset the pool pointer to NULL if mmap fails, to avoid errors later on.
2010-02-20Introduce guaranteed_memset()Linus Walleij5-7/+21
This patch tries to counter the issues presented by some compilers that agressively optimize inlined memset() code. Solution proposed by Michael Howard as documented in David Wheelers secure programming book. Signed-off-by: Linus Walleij <>
2010-02-20Provide a secure memory pool and use itLinus Walleij6-23/+245
This implements a secure memory pool for use in fribid, allocating a page at a time for secure use. We currently only use one page for the passphrase, but an arbitrary number of pages can be made available. We currently don't need more intelligence than this. The page pool is mmap():ed in to make sure it's on even pages, and the entire pool is then mlock():ed to hinder it from being spooled out as swap. This also augments the platform_sign function so that it takes the piece of (secure) memory used to store the password as a parameter, and copied the passphrase into it as soon as it's retrieved, so that it is not allocated or passed around elsewhere. Signed-off-by: Linus Walleij <>
2010-02-20Release version 0.1.1v0.1.1Samuel Lidén Borell4-4/+27
2010-02-20Fix GCC warnings about sentinelsSamuel Lidén Borell1-2/+2
Thanks to Markus Bergkvist for this patch.
2010-02-20Call pkg-config to get the X11 includes on OpenBSDSamuel Lidén Borell3-2/+3
The include files for X11 are located in the /usr/X11R6/include/ directory on OpenBSD. Thanks to Markus Bergkvist for discovering this problem.
2010-02-20Fixed a few more window id problems on 64-bit platformsSamuel Lidén Borell5-18/+19
This commit fixes the code outside of the plugin to work properly with 64-bit windows ids. I also simplified the plugin code a bit by using the None value instead of having a separate parameter and a boolean return value.
2010-02-20Fixed crash on 64 bit platforms.Hakan Kvist3-10/+22
The npn_getvalue on NPNVnetscapeWindow returns a Window on X11. A X11 Window is defined as an unsigned long. This happends to be 8 bytes on amd64 and 4 bytes on i386 (int is 4 bytes on both amd64 and i386). So prevously the code worked on i386, but not on amd64 where you instead got a SIGSEV. Signed-off-by: Hakan Kvist <>
2010-02-19Fixed the signing rules in the MakefileSamuel Lidén Borell1-2/+2
2010-02-19Fixed a compilation problem on BSDSamuel Lidén Borell1-0/+2
This patch is based on a patch from Markus Bergkvist.
2010-02-19Updated the changelog and fixed indentationSamuel Lidén Borell2-1/+3
2010-02-19mlock() password memoryLinus Walleij1-0/+5
This locks the memory where the password is stored so that it cannot be swapped out to disk but stays resident in RAM. Signed-off-by: Linus Walleij <>
2010-02-18Updated the changelogSamuel Lidén Borell1-0/+2
2010-02-18Created a fuzzer scriptSamuel Lidén Borell1-0/+237
2010-02-18Made the plugin windowless (for compatibility with Chrome)Samuel Lidén Borell1-0/+3
2010-02-18Removed WNOHANG from waitpid call because it left zombie processesSamuel Lidén Borell2-1/+5
2010-02-05Refactoring: Moved the sha_base64 function to misc.cSamuel Lidén Borell3-9/+10
2010-02-05Replaced malloc+sprintf with a function on it's ownSamuel Lidén Borell4-31/+31
2010-02-03Increased the version number to 0.1.0v0.1.0Samuel Lidén Borell3-5/+5
2010-02-01Refactoring and warning fixes in pipe.cSamuel Lidén Borell1-15/+10
2010-02-01Fixed a possible quoting problem in the "configure" scriptSamuel Lidén Borell1-1/+1
2010-02-01Dependency checking in the "configure" scriptSamuel Lidén Borell1-0/+30
2010-01-29Added a certificate request testSamuel Lidén Borell2-0/+135
2010-01-29Moved the test page into a new "tests" directorySamuel Lidén Borell1-0/+0
2010-01-29Fixed invalid HTML in the test pageSamuel Lidén Borell1-8/+10
2010-01-27Updated changelogSamuel Lidén Borell1-1/+3
2010-01-27Updated changelogSamuel Lidén Borell1-0/+3
2010-01-27Made the subject filter optional and a common parameterSamuel Lidén Borell7-14/+33
Now it can be used in authentication objects too.
2010-01-27Added a missing dependency in the makefileSamuel Lidén Borell1-2/+2
2010-01-26Removed some stupid codeSamuel Lidén Borell1-3/+1
2010-01-26Changed the version to 0.0.9bSamuel Lidén Borell3-5/+5
2010-01-02Renamed a #defineSamuel Lidén Borell1-1/+1
2010-01-02Fixed a bug in "make clean" caused by the previous Makefile changesSamuel Lidén Borell1-19/+17
I "rewrote history" here to remove some personal information (especially my personal identity number) from some old commits in the repository. Previously, this commit had the following SHA1 identifier: c6e01776adcdc70d0d0e921fe32ffcedc3e8e497 (Actually the current version is an "amended" commit. The commit above was missing a small change that I added after the "history rewrite")
2010-01-02Changed the name of the license to be more specific in "debian/copyright"Samuel Lidén Borell1-1/+1
2010-01-02A makefile rule to update the CHANGELOG dateSamuel Lidén Borell1-1/+6
2010-01-02A makefile rule that syncs "debian/changelog"Samuel Lidén Borell1-3/+26
2010-01-02Makefile rule for setting PACKAGEVERSIONSamuel Lidén Borell1-2/+8
2010-01-02Makefile rule for updating RELEASE_TIMESamuel Lidén Borell1-1/+8
2010-01-02Added a comment about Opera compatibilitySamuel Lidén Borell1-4/+7
2010-01-02Prevent multiple windows from getting opened from the same web siteSamuel Lidén Borell1-2/+42
2010-01-02Added support for a few debian build flags/variablesSamuel Lidén Borell1-0/+13
2010-01-02Increase the copyright yearSamuel Lidén Borell1-1/+1
2010-01-02Handle memory allocation errorsSamuel Lidén Borell4-20/+52
Also fixes a couple of very unlikely integer overflows.
2010-01-02Updated the changelogSamuel Lidén Borell1-1/+3