summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-11-21Fix build failure on ARM64HEADmasterSamuel Lidén Borell1-1/+1
Thanks to Edmund Grimley Evans.
2014-11-02Update npcompatsrv instructions for Chrome/Chromium 38Samuel Lidén Borell2-7/+14
2014-10-27Rename strndup to f_strndupSamuel Lidén Borell1-4/+7
With strndup it failed to compile under Arch Linux. Also, names starting with str* are reserved in C89 / ANSI C (section 4.13.7) and C99 (section 7.26.10).
2014-10-10free(origin) also when there's an errorSamuel Lidén Borell1-0/+1
2014-10-08Fix compilation errorJosef Larsson1-0/+2
2014-10-08Only free(origin) when we are done using it.Josef Larsson1-2/+2
2014-08-20Add a config option to dump retrieved certificates on errorSamuel Lidén Borell11-5/+110
2014-08-19Show an error message when certificate retreival failsSamuel Lidén Borell9-10/+62
2014-08-04Rewrite most initializers to not require relocationsSamuel Lidén Borell7-84/+97
This patch changes most initializers to not require relocations, except for the ASN1 stuff in client/request.c and baseClass in plugin/npobject.c
2014-08-04Build with -fPIE/-pie and -lpthreadSamuel Lidén Borell1-4/+3
The former is needed for further security hardening which may be done by the kernel (e.g. ASLR) or the distribution (e.g. Debian adding extra hardenings only when PIE is enabled). The latter is needed in case the pthread functions are not available from the other libraries or a dependency of them.
2014-06-15Fix typo in userscript descriptionSamuel Lidén Borell1-1/+1
2014-06-15Fix copyright yearSamuel Lidén Borell1-1/+1
2014-06-15Add "user script" + backend server for compatibility with NPAPI-less browsersSamuel Lidén Borell6-0/+1057
This is needed in Google Chrome / Chromium version 35 and later. It might become necessary in Firefox as well if/when they choose to remove NPAPI.
2014-05-11Document and simplify the IPC codeSamuel Lidén Borell1-13/+24
2014-05-10do not mix TokenError and BankIDErrorcybjit1-1/+7
found with clang: bankid.c:245:25: warning: implicit conversion from enumeration type 'TokenError' to different enumeration type 'BankIDError' [-Wenum-conversion] BankIDError error = backend_storeCertificates(p7data, length, hostname); ~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2014-05-10handle pipe errorcybjit2-13/+25
found with clang scan-build ipc.c:101:5: warning: Function call argument is an uninitialized value pipe_sendCommand(pipeinfo->out, command); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2014-04-30Replace deprecated GTK_STOCK_ macros by their official replacement labelsHenrik Nordstrom1-2/+2
2014-04-29Release version 1.0.4v1.0.4Samuel Lidén Borell2-2/+15
2014-04-27Fix file-based BankID enrollment from NordeaAndreas Karlsson1-0/+10
Description from the patch author: "Nordea har nu gått över till BankID, i varje fall för deras e-legitimationer på fil. Jag testade att använda FriBID 1.0.3 för att hämta en ny legitimation och fick en popup med felet: "640 | maxLen". Tydligen så sätter BankID för Nordea två parametrar som andra banker inte gör: minLen och rfc2797cmcoid. Nedan kan ni se alla parametrar de sätter. Jag har valt att hantera maxLen genom att ignorera den då jag inte ser hur en maximal längd för lösenord ger nåågon extra säkerhet eller annan fördel. För rfc2797cmcoid har jag valt att kräva att ifall den skickas med så måste den vara "true", då så vitt jag kan se använder FriBID alltid CMC Oid:ar. Har ni några synpunkter på detta sätt att hantera parametrarna? Med min patch som fixar detta kunde jag beställa en legitmation på fil som jag använde för att logga in på mitt konto på Hoistspar. = Alla anrop till SetParam vid skapande SetParam: keySize 2048 SetParam: subjectDN OID.2.5.4.41=(140427 17.48) ANDREAS KARLSSON - BankID på fil SetParam: keyUsage digitalSignature SetParam: keyUsage nonRepudiation SetParam: maxLen 30 SetParam: minLen 12 SetParam: minChars 4 SetParam: minDigits 1 SetParam: rfc2797cmcoid true SetParam: oneTimePassword Not Applicable Andreas"
2014-04-17Fix DESTDIR in doc MakefileSamuel Lidén Borell1-2/+2
Thanks to Daniel Sandman Almehdi for this bug fix!
2014-04-14Fix non-zero return from ./configure --internal--list-extra-objectsSamuel Lidén Borell1-1/+1
2014-04-14Simplify pkg-config argument. Fixes BSD make problemSamuel Lidén Borell1-1/+1
Thanks to Hellqvio for this patch!
2014-04-11Remove old text about supported banks in the man pageSamuel Lidén Borell2-4/+0
2014-04-11Make <enter> activate the OK button in the password selection dialogSamuel Lidén Borell2-4/+8
2014-04-11Improve the test scripts and install them under <docdir>/fribid/examplesSamuel Lidén Borell11-104/+359
2014-04-10Fix compatibility with BSD MakeSamuel Lidén Borell3-14/+38
2014-04-08Don't redefine SIZE_T_MAXSamuel Lidén Borell1-0/+2
Thanks to Hellqvio for the patch!
2014-04-07Don't call closedir() on directories that didn't existSamuel Lidén Borell1-1/+3
2014-02-16Focus password entry again if the password was incorrectSamuel Lidén Borell3-1/+10
2014-02-16Give the password entry focus even when signing a text messageSamuel Lidén Borell1-0/+3
2014-02-15Remove some old TODO commentsSamuel Lidén Borell2-4/+0
Regarding the "length checks" TODO, the length check is now done in objInvoke() which in turn calls objInvokeSafe().
2014-02-15Remove old TODO commentSamuel Lidén Borell1-3/+0
2014-02-15Exit from main loop if there's an invalid pipe commandSamuel Lidén Borell1-0/+5
2014-02-08Update copyright year in LICENSE fileSamuel Lidén Borell1-1/+1
2014-02-08Change test page URL in manpageSamuel Lidén Borell2-5/+4
The official BankID test page doesn't work with FriBID, perhaps because FriBID emulates an older version of the BankID application.
2014-02-08Remove/merge unused functionsSamuel Lidén Borell2-8/+1
2014-02-08Change unspecified argument lists "()" into "(void)"Samuel Lidén Borell13-33/+33
2014-02-08More security precautions (length checks, null checks, etc)Samuel Lidén Borell6-16/+62
The plugin has always limited the input to 10MB per parameter, but this change adds length checks of internal data structures and PKCS7 data, as well as some more null pointer checks.
2014-02-07Remove version expiry status checking systemSamuel Lidén Borell8-271/+8
This system had two purposes: 1) to make FriBID able to determine the latest version of the official software it could emulate, without having to upgrade FriBID itself. 2) to make it possible to "revoke" old versions of FriBID in case of security problems. It has turned out that this system is not necessary. 1) was never really needed because the official software was updated quite rarely anyway and only a few web sites cared about the version string anyway. 2) is a kind of "kill switch" but it's not very useful since it's only checked when you use the FriBID user interface. Hence users who use FriBID (the user interface) infrequently or users who do not use it any longer would not see the warning message. And it seems that most users only use FriBID infrequently (typically once a year or so). This change removes a lot of code. One of the function calls removed is platform_seedRandom which was ONLY used for the "expiry" feature which used rand(). This does not affect the crypto stuff which uses OpenSSL's random generator which in turn uses /dev/random.
2014-02-02Fix window size in recent Firefox versionsSamuel Lidén Borell1-3/+3
2014-02-01Select the last sorted (usaully the newest) token at start upSamuel Lidén Borell1-8/+33
2014-02-01Remove unused sort codeSamuel Lidén Borell1-4/+0
2014-02-01Sort the list of tokensSamuel Lidén Borell1-5/+5
2014-01-31Release version 1.0.3v1.0.3Samuel Lidén Borell2-2/+7
2013-11-12Use the IPv4 server address instead of the IPv6 one in the signatureSamuel Lidén Borell1-2/+7
2012-11-29Detect multiarch in the configure scriptSamuel Lidén Borell1-2/+29
The multiarch filesystem hierarchy is used in new versions of Ubuntu and Debian. See http://wiki.debian.org/Multiarch for more information.
2012-11-14Release version 1.0.2v1.0.2Samuel Lidén Borell2-2/+12
2012-11-14Clarify error messages about missing dependenciesSamuel Lidén Borell1-2/+22
2012-10-11Accept but ignore OnlyAcceptMRU parameterSamuel Lidén Borell4-2/+37
2012-10-10New error message when P12 file can be created, but is not writableSamuel Lidén Borell4-2/+14