p11-glue
diff --git a/‎.github/actions/basic-autotools/action.yaml‎
Lines changed: 10 additions & 2 deletions b/‎.github/actions/basic-autotools/action.yaml‎
Lines changed: 10 additions & 2 deletions
diff --git a/‎.github/actions/basic-meson/action.yaml‎
Lines changed: 16 additions & 1 deletion b/‎.github/actions/basic-meson/action.yaml‎
Lines changed: 16 additions & 1 deletion
diff --git a/‎Makefile.am‎
Lines changed: 14 additions & 0 deletions b/‎Makefile.am‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎meson_options.txt‎
Lines changed: 4 additions & 0 deletions b/‎meson_options.txt‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎meson_post_install_test.sh‎
Lines changed: 15 additions & 0 deletions b/‎meson_post_install_test.sh‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎p11-kit/Makefile.am‎
Lines changed: 15 additions & 1 deletion b/‎p11-kit/Makefile.am‎
Lines changed: 15 additions & 1 deletion
diff --git a/‎p11-kit/fixtures/package-modules/softhsm2.module‎ renamed to ‎p11-kit/fixtures/package-modules/fourteen.module‎
Lines changed: 1 addition & 1 deletion b/‎p11-kit/fixtures/package-modules/softhsm2.module‎ renamed to ‎p11-kit/fixtures/package-modules/fourteen.module‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎p11-kit/meson.build‎
Lines changed: 12 additions & 1 deletion b/‎p11-kit/meson.build‎
Lines changed: 12 additions & 1 deletion
diff --git a/‎p11-kit/mock-module-ep12.c‎
Lines changed: 203 additions & 0 deletions b/‎p11-kit/mock-module-ep12.c‎
Lines changed: 203 additions & 0 deletions
@@ -42,11 +42,19 @@ runs:
         cd $GITHUB_WORKSPACE/$BUILDDIR
         make install
         # This is necessary for 'trust/test-extract.sh'
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source
         mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit
         ln -sf /usr/bin/true $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit/trust-extract-compat
         if [ "$RUNNER_OS" = "macOS" ]; then
-          DD=gdd
-          export DD
+          export DD=gdd
         fi
+        # This is necessary for 'p11-kit/test-softhsm2.sh'
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules
+        ln -sf /usr/share/p11-kit/modules/softhsm2.module $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules || :
+        export PATH=$GITHUB_WORKSPACE/$INSTALLDIR/bin:$PATH
+        export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/$INSTALLDIR/lib
+        export abs_top_builddir=$GITHUB_WORKSPACE/$BUILDDIR
+        export abs_top_srcdir=$GITHUB_WORKSPACE
         make installcheck
       shell: bash
@@ -10,7 +10,7 @@ runs:
 
     - name: Setup
       run: |
-        $GITHUB_WORKSPACE/build/run-wrapper.sh meson setup $GITHUB_WORKSPACE/$BUILDDIR -Dstrict=true -Dprefix=$GITHUB_WORKSPACE/$INSTALLDIR -Dlibdir=$GITHUB_WORKSPACE/$INSTALLDIR/lib -Dsysconfdir=$GITHUB_WORKSPACE/$INSTALLDIR/etc -Dtrust_paths=$GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source:$GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source -Dsystemd=disabled -Dbash_completion=disabled $MESON_BUILD_OPTS
+        $GITHUB_WORKSPACE/build/run-wrapper.sh meson setup $GITHUB_WORKSPACE/$BUILDDIR -Dstrict=true -Dprefix=$GITHUB_WORKSPACE/$INSTALLDIR -Dlibdir=$GITHUB_WORKSPACE/$INSTALLDIR/lib -Dsysconfdir=$GITHUB_WORKSPACE/$INSTALLDIR/etc -Dtrust_paths=$GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source:$GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source -Dsystemd=disabled -Dbash_completion=disabled -Dpost_install_test=true $MESON_BUILD_OPTS
       shell: bash
 
     - name: Build (scan-build)
@@ -32,6 +32,21 @@ runs:
         exit $ret
       shell: bash
 
+    - name: Prepare for post-install tests
+      run: |
+        # This is necessary for 'trust/test-extract.sh'
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit
+        ln -sf /usr/bin/true $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit/trust-extract-compat
+        if [ "$RUNNER_OS" = "macOS" ]; then
+          export DD=gdd
+        fi
+        # This is necessary for 'p11-kit/test-softhsm2.sh'
+        mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules
+        ln -sf /usr/share/p11-kit/modules/softhsm2.module $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules || :
+      shell: bash
+
     - name: Install
       run: ninja -C $GITHUB_WORKSPACE/$BUILDDIR install
       shell: bash
@@ -43,6 +43,9 @@ c_tests =
 sh_tests =
 TESTS = $(c_tests) $(sh_tests)
 
+post_install_tests =
+noinst_SCRIPTS = $(post_install_tests)
+
 moduledir = $(p11_module_path)
 module_LTLIBRARIES =
 
@@ -76,6 +79,8 @@ DISTCHECK_CONFIGURE_FLAGS = \
 AM_TESTS_ENVIRONMENT = \
 	abs_top_builddir="$(abs_top_builddir)"; \
 	export abs_top_builddir; \
+	abs_top_srcdir="$(abs_top_srcdir)"; \
+	export abs_top_srcdir; \
 	P11_MODULE_PATH="$(abs_top_builddir)/.libs"; \
 	export P11_MODULE_PATH;
 AM_TESTS_FD_REDIRECT = 9>&2;
@@ -113,6 +118,15 @@ dist-hook:
 		echo A git clone is required to generate a ChangeLog >&2; \
 	fi
 
+noinst_SCRIPTS += $(post_install_tests)
+
+if !OS_WIN32
+installcheck-local:
+	for t in $(post_install_tests); do \
+		abs_top_builddir="$(abs_top_builddir)" $(SHELL) $(srcdir)/$$t; \
+	done
+endif
+
 if WITH_COVERAGE
 coverage:
 	mkdir -p build/coverage
 
@@ -74,6 +74,10 @@ option('test', type : 'boolean',
        value : true,
        description : 'Enable building test programs')
 
+option('post_install_test', type : 'boolean',
+       value : false,
+       description : 'Enable running post-install test programs')
+
 option('rpc_min', type : 'integer',
        min : 0, max : 0, value : 0,
        description : 'Minimum RPC protocol version we support')
 
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set +x
+
+bindir="$1"
+libdir="$2"
+shift 2
+
+export PATH="$MESON_INSTALL_DESTDIR_PREFIX/$bindir:$PATH"
+export LD_LIBRARY_PATH="$MESON_INSTALL_DESTDIR_PREFIX/$libdir:$LD_LIBRARY_PATH"
+export PKG_CONFIG_PATH="$MESON_INSTALL_DESTDIR_PREFIX/$libdir/pkg-config:$PKG_CONFIG_PATH"
+export abs_top_builddir="$MESON_BUILD_ROOT"
+export abs_top_srcdir="$MESON_SOURCE_ROOT"
+
+exec "$@"
@@ -545,7 +545,8 @@ check_LTLIBRARIES += \
 	mock-ten.la \
 	mock-eleven.la \
 	mock-twelve.la \
-	mock-thirteen.la
+	mock-thirteen.la \
+	mock-fourteen.la
 
 mock_one_la_SOURCES = p11-kit/mock-module-ep.c
 mock_one_la_LIBADD = libp11-test.la libp11-common.la
@@ -622,6 +623,18 @@ else
 mock_thirteen_la_LIBADD = $(mock_one_la_LIBADD)
 endif
 
+mock_fourteen_la_SOURCES = p11-kit/mock-module-ep12.c
+mock_fourteen_la_LDFLAGS = $(mock_one_la_LDFLAGS)
+if WITH_ASN1
+mock_fourteen_la_LIBADD = libp11-asn1.la $(mock_one_la_LIBADD) $(LIBTASN1_LIBS)
+else
+mock_fourteen_la_LIBADD = $(mock_one_la_LIBADD)
+endif
+
+if WITH_ASN1
+post_install_tests += p11-kit/test-softhsm2.sh
+endif
+
 EXTRA_DIST += \
 	p11-kit/fixtures \
 	p11-kit/templates \
@@ -637,4 +650,5 @@ EXTRA_DIST += \
 	p11-kit/test-import-public.sh \
 	p11-kit/test-list-mechanisms.sh \
 	p11-kit/test-generate-keypair.sh \
+	p11-kit/test-softhsm2.sh \
 	$(NULL)
@@ -1,4 +1,4 @@
 
-module: libsofthsm2.so
+module: mock-fourteen.so
 managed: yes
 enable-in: p11-kit-testable
@@ -386,6 +386,7 @@ if get_option('test')
 
   p11_kit_tests_env = environment()
   p11_kit_tests_env.set('abs_top_builddir', top_build_dir)
+  p11_kit_tests_env.set('abs_top_srcdir', top_source_dir)
   p11_kit_tests_env.set('P11_MODULE_PATH', meson.current_build_dir())
 
   if host_system != 'windows'
@@ -432,6 +433,15 @@ if get_option('test')
          env: p11_kit_tests_env)
   endif
 
+  if get_option('post_install_test') and with_asn1 and host_system != 'windows'
+    meson.add_install_script(
+      top_source_dir / 'meson_post_install_test.sh',
+      bindir,
+      libdir,
+      find_program('test-softhsm2.sh'),
+    )
+  endif
+
   mock_sources = {
                    'mock-one': ['mock-module-ep.c'],
                    'mock-v3-one': ['mock-module-v3-ep.c'],
@@ -447,7 +457,8 @@ if get_option('test')
                    'mock-ten': ['mock-module-ep8.c'],
                    'mock-eleven': ['mock-module-ep9.c'],
                    'mock-twelve': ['mock-module-ep10.c'],
-                   'mock-thirteen': ['mock-module-ep11.c']
+                   'mock-thirteen': ['mock-module-ep11.c'],
+                   'mock-fourteen': ['mock-module-ep12.c']
                  }
 
   if host_system != 'windows'
 
@@ -0,0 +1,203 @@
+/*
+ * Copyright (c) 2023, Red Hat Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *     * Redistributions of source code must retain the above
+ *       copyright notice, this list of conditions and the
+ *       following disclaimer.
+ *     * Redistributions in binary form must reproduce the
+ *       above copyright notice, this list of conditions and
+ *       the following disclaimer in the documentation and/or
+ *       other materials provided with the distribution.
+ *     * The names of contributors to this software may not be
+ *       used to endorse or promote products derived from this
+ *       software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ *
+ * Author: Zoltan Fridrich <zfridric@redhat.com>, Daiki Ueno
+ */
+
+#include "config.h"
+
+#define CRYPTOKI_EXPORTS 1
+#include "pkcs11.h"
+
+#include "attrs.h"
+#include "debug.h"
+#include "mock.h"
+
+#ifdef WITH_ASN1
+#include "persist.h"
+#endif
+
+#include <stdio.h>
+#include <string.h>
+
+static const CK_TOKEN_INFO MOCK_TOKEN_INFO = {
+	"PERSIST LABEL ONE               ",
+	"PERSIST MANUFACTURER            ",
+	"PERSIST MODEL   ",
+	"PERSIST SERIAL  ",
+	CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_CLOCK_ON_TOKEN | CKF_TOKEN_INITIALIZED,
+	1,
+	2,
+	3,
+	4,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	{ 75, 175 },
+	{ 85, 185 },
+	{ '1', '9', '9', '9', '0', '5', '2', '5', '0', '9', '1', '9', '5', '9', '0', '0' }
+};
+
+static CK_RV
+override_C_GetTokenInfo (CK_SLOT_ID slot_id,
+			 CK_TOKEN_INFO_PTR info)
+{
+	return_val_if_fail (info != NULL, CKR_ARGUMENTS_BAD);
+
+	switch (slot_id) {
+	case MOCK_SLOT_ONE_ID:
+		memcpy (info, &MOCK_TOKEN_INFO, sizeof (*info));
+		return CKR_OK;
+	case MOCK_SLOT_TWO_ID:
+		return CKR_TOKEN_NOT_PRESENT;
+	default:
+		return CKR_SLOT_ID_INVALID;
+	}
+}
+
+#ifdef WITH_ASN1
+static CK_RV
+override_C_Initialize (CK_VOID_PTR init_args)
+{
+	bool ok;
+	size_t i, size = 0;
+	void *data = NULL;
+	const char *filename = "test-persist.p11-kit";
+	p11_mmap *map = NULL;
+	p11_persist *persist = NULL;
+	p11_array *objects = NULL;
+	CK_ATTRIBUTE *attrs = NULL;
+	CK_RV rv;
+
+	map = p11_mmap_open (filename, NULL, &data, &size);
+	if (map == NULL)
+		return mock_C_Initialize (init_args);
+
+	ok = p11_persist_magic (data, size);
+	return_val_if_fail (ok, CKR_GENERAL_ERROR);
+
+	persist = p11_persist_new ();
+	return_val_if_fail (persist != NULL, CKR_HOST_MEMORY);
+
+	objects = p11_array_new (NULL);
+	return_val_if_fail (objects != NULL, CKR_HOST_MEMORY);
+
+	ok = p11_persist_read (persist, filename, (const unsigned char *)data, size, objects);
+	return_val_if_fail (ok, CKR_GENERAL_ERROR);
+
+	rv = mock_C_Initialize (init_args);
+	for (i = 0; i < objects->num; ++i) {
+		attrs = p11_attrs_build (objects->elem[i], NULL);
+		mock_module_add_object (MOCK_SLOT_ONE_ID, attrs);
+		p11_attrs_free (attrs);
+	}
+
+	p11_array_free (objects);
+	p11_persist_free (persist);
+	p11_mmap_close (map);
+	return rv;
+}
+
+struct WriteData {
+	p11_persist *persist;
+	p11_buffer buf;
+};
+
+static bool
+persist_enumerator (CK_OBJECT_HANDLE handle,
+		   CK_ATTRIBUTE *attrs,
+		   void *user_data)
+{
+	struct WriteData *data = user_data;
+
+	p11_persist_write (data->persist, attrs, &data->buf);
+
+	return true;
+}
+
+static CK_RV
+override_C_Finalize (CK_VOID_PTR reserved)
+{
+	bool ok;
+	FILE *f = NULL;
+	const char *filename = "test-persist.p11-kit";
+	CK_SESSION_HANDLE session = 0;
+	struct WriteData data;
+	CK_RV rv;
+
+	ok = p11_buffer_init (&data.buf, 0);
+	return_val_if_fail (ok, CKR_HOST_MEMORY);
+
+	data.persist = p11_persist_new ();
+	return_val_if_fail (data.persist != NULL, CKR_HOST_MEMORY);
+
+	rv = mock_C_OpenSession (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	mock_module_enumerate_objects (session,
+				       persist_enumerator,
+				       &data);
+
+	rv = mock_C_CloseSession (session);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	f = fopen (filename, "wb");
+	return_val_if_fail (f != NULL, CKR_HOST_MEMORY);
+	fwrite (data.buf.data, 1, data.buf.len, f);
+	fclose (f);
+
+	p11_persist_free (data.persist);
+	p11_buffer_uninit (&data.buf);
+	return mock_C_Finalize (reserved);
+}
+#endif /* WITH_ASN1 */
+
+#ifdef OS_WIN32
+__declspec(dllexport)
+#endif
+CK_RV
+C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
+{
+	mock_module_init ();
+#ifdef WITH_ASN1
+	mock_module.C_Initialize = override_C_Initialize;
+	mock_module.C_Finalize = override_C_Finalize;
+#endif
+	mock_module.C_GetFunctionList = C_GetFunctionList;
+	mock_module.C_GetTokenInfo = override_C_GetTokenInfo;
+	if (list == NULL)
+		return CKR_ARGUMENTS_BAD;
+	*list = &mock_module;
+	return CKR_OK;
+}