Experimental fork of QEMU with video encoding patches https://git.openslx.org/bwlp/qemu.git/atom/libcacard?h=spice_video_codecs 2015-09-23T21:34:17+00:00 2015-09-23T21:34:17+00:00 Marc-André Lureau 2015-08-30T09:48:40+00:00 urn:sha1:7b02f5447c64d1854468f758398c9f6fe9e5721f libcacard is now a standalone project hosted with the Spice project (see the 2.5.0 release announcement), remove it from qemu tree. Use the library if found during configure or if --enable-smartcard. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Tested-by: Paolo Bonzini <pbonzini@redhat.com> 2015-09-11T07:45:43+00:00 Veres Lajos 2015-09-08T21:45:14+00:00 urn:sha1:67cc32ebfd8c0ee3fcdb26780a8991baf5eb1d45 Signed-off-by: Veres Lajos <vlajos@gmail.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> 2015-06-23T16:57:28+00:00 Michael Tokarev 2015-06-17T18:02:03+00:00 urn:sha1:1e4db0595777b9b9a5a6a9f49ac3d187dda341f9 libcacard.pc file lists only one package in Requires field, which is nss, while glib-2.0 is also a requiriment. Furthermore, for libraries used internally by the library (this is the way nss and glib are used by libcacard), Requires.private shold be used instead of Requires. Fix both issues. This does not affect linking of qemu because it links with objects from libcacard directly. Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> 2015-04-30T13:05:48+00:00 Michael Tokarev 2015-04-27T13:29:58+00:00 urn:sha1:f66759d3aec208651a7ad0cd37f4fec8d86fa7c1 Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> 2015-04-30T13:05:48+00:00 Paolo Bonzini 2015-04-27T10:34:18+00:00 urn:sha1:28507a415a9b1e897aa8cdab658c6cdc00eff6cd This is a small step towards making libcacard standalone. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> 2015-02-10T06:27:20+00:00 Daniel P. Berrange 2015-02-03T11:31:30+00:00 urn:sha1:b41112c46b93f781669c0eb89e51d3a87af6bb49 Building QEMU results in a libcacard.so that links against practically the entire world linux-vdso.so.1 => (0x00007fff71e99000) libssl3.so => /usr/lib64/libssl3.so (0x00007f49f94b6000) libsmime3.so => /usr/lib64/libsmime3.so (0x00007f49f928e000) libnss3.so => /usr/lib64/libnss3.so (0x00007f49f8f67000) libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f49f8d3b000) libplds4.so => /usr/lib64/libplds4.so (0x00007f49f8b36000) libplc4.so => /usr/lib64/libplc4.so (0x00007f49f8931000) libnspr4.so => /usr/lib64/libnspr4.so (0x00007f49f86f2000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f49f84ed000) libm.so.6 => /usr/lib64/libm.so.6 (0x00007f49f81e5000) libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f49f7fe3000) librt.so.1 => /usr/lib64/librt.so.1 (0x00007f49f7dda000) libz.so.1 => /usr/lib64/libz.so.1 (0x00007f49f7bc4000) libcap-ng.so.0 => /usr/lib64/libcap-ng.so.0 (0x00007f49f79be000) libuuid.so.1 => /usr/lib64/libuuid.so.1 (0x00007f49f77b8000) libgnutls.so.28 => /usr/lib64/libgnutls.so.28 (0x00007f49f749a000) libSDL-1.2.so.0 => /usr/lib64/libSDL-1.2.so.0 (0x00007f49f71fd000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f49f6fe0000) libvte.so.9 => /usr/lib64/libvte.so.9 (0x00007f49f6d3f000) libXext.so.6 => /usr/lib64/libXext.so.6 (0x00007f49f6b2d000) libgtk-x11-2.0.so.0 => /usr/lib64/libgtk-x11-2.0.so.0 (0x00007f49f64a0000) libgdk-x11-2.0.so.0 => /usr/lib64/libgdk-x11-2.0.so.0 (0x00007f49f61de000) libpangocairo-1.0.so.0 => /usr/lib64/libpangocairo-1.0.so.0 (0x00007f49f5fd1000) libatk-1.0.so.0 => /usr/lib64/libatk-1.0.so.0 (0x00007f49f5daa000) libcairo.so.2 => /usr/lib64/libcairo.so.2 (0x00007f49f5a9d000) libgdk_pixbuf-2.0.so.0 => /usr/lib64/libgdk_pixbuf-2.0.so.0 (0x00007f49f5878000) libgio-2.0.so.0 => /usr/lib64/libgio-2.0.so.0 (0x00007f49f5500000) libpangoft2-1.0.so.0 => /usr/lib64/libpangoft2-1.0.so.0 (0x00007f49f52eb000) libpango-1.0.so.0 => /usr/lib64/libpango-1.0.so.0 (0x00007f49f50a0000) libgobject-2.0.so.0 => /usr/lib64/libgobject-2.0.so.0 (0x00007f49f4e4e000) libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f49f4b15000) libfontconfig.so.1 => /usr/lib64/libfontconfig.so.1 (0x00007f49f48d6000) libfreetype.so.6 => /usr/lib64/libfreetype.so.6 (0x00007f49f462b000) libX11.so.6 => /usr/lib64/libX11.so.6 (0x00007f49f42e8000) libxenstore.so.3.0 => /usr/lib64/libxenstore.so.3.0 (0x00007f49f40de000) libxenctrl.so.4.4 => /usr/lib64/libxenctrl.so.4.4 (0x00007f49f3eb6000) libxenguest.so.4.4 => /usr/lib64/libxenguest.so.4.4 (0x00007f49f3c8b000) libseccomp.so.2 => /usr/lib64/libseccomp.so.2 (0x00007f49f3a74000) librdmacm.so.1 => /usr/lib64/librdmacm.so.1 (0x00007f49f385d000) libibverbs.so.1 => /usr/lib64/libibverbs.so.1 (0x00007f49f364a000) libutil.so.1 => /usr/lib64/libutil.so.1 (0x00007f49f3447000) libc.so.6 => /usr/lib64/libc.so.6 (0x00007f49f3089000) /lib64/ld-linux-x86-64.so.2 (0x00007f49f9902000) libp11-kit.so.0 => /usr/lib64/libp11-kit.so.0 (0x00007f49f2e23000) libtspi.so.1 => /usr/lib64/libtspi.so.1 (0x00007f49f2bb2000) libtasn1.so.6 => /usr/lib64/libtasn1.so.6 (0x00007f49f299f000) libnettle.so.4 => /usr/lib64/libnettle.so.4 (0x00007f49f276d000) libhogweed.so.2 => /usr/lib64/libhogweed.so.2 (0x00007f49f2545000) libgmp.so.10 => /usr/lib64/libgmp.so.10 (0x00007f49f22cd000) libncurses.so.5 => /usr/lib64/libncurses.so.5 (0x00007f49f20a5000) libtinfo.so.5 => /usr/lib64/libtinfo.so.5 (0x00007f49f1e7a000) libgmodule-2.0.so.0 => /usr/lib64/libgmodule-2.0.so.0 (0x00007f49f1c76000) libXfixes.so.3 => /usr/lib64/libXfixes.so.3 (0x00007f49f1a6f000) libXrender.so.1 => /usr/lib64/libXrender.so.1 (0x00007f49f1865000) libXinerama.so.1 => /usr/lib64/libXinerama.so.1 (0x00007f49f1662000) libXi.so.6 => /usr/lib64/libXi.so.6 (0x00007f49f1452000) libXrandr.so.2 => /usr/lib64/libXrandr.so.2 (0x00007f49f1247000) libXcursor.so.1 => /usr/lib64/libXcursor.so.1 (0x00007f49f103c000) libXcomposite.so.1 => /usr/lib64/libXcomposite.so.1 (0x00007f49f0e39000) libXdamage.so.1 => /usr/lib64/libXdamage.so.1 (0x00007f49f0c35000) libharfbuzz.so.0 => /usr/lib64/libharfbuzz.so.0 (0x00007f49f09dd000) libpixman-1.so.0 => /usr/lib64/libpixman-1.so.0 (0x00007f49f072f000) libEGL.so.1 => /usr/lib64/libEGL.so.1 (0x00007f49f0505000) libpng16.so.16 => /usr/lib64/libpng16.so.16 (0x00007f49f02d2000) libxcb-shm.so.0 => /usr/lib64/libxcb-shm.so.0 (0x00007f49f00cd000) libxcb-render.so.0 => /usr/lib64/libxcb-render.so.0 (0x00007f49efec3000) libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x00007f49efca1000) libGL.so.1 => /usr/lib64/libGL.so.1 (0x00007f49efa06000) libffi.so.6 => /usr/lib64/libffi.so.6 (0x00007f49ef7fe000) libselinux.so.1 => /usr/lib64/libselinux.so.1 (0x00007f49ef5d8000) libresolv.so.2 => /usr/lib64/libresolv.so.2 (0x00007f49ef3be000) libexpat.so.1 => /usr/lib64/libexpat.so.1 (0x00007f49ef193000) libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x00007f49eef83000) libgcc_s.so.1 => /usr/lib64/libgcc_s.so.1 (0x00007f49eed6c000) liblzma.so.5 => /usr/lib64/liblzma.so.5 (0x00007f49eeb46000) libnl-route-3.so.200 => /usr/lib64/libnl-route-3.so.200 (0x00007f49ee8e2000) libnl-3.so.200 => /usr/lib64/libnl-3.so.200 (0x00007f49ee6c4000) libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f49ee2d6000) libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f49ee067000) libgraphite2.so.3 => /usr/lib64/libgraphite2.so.3 (0x00007f49ede48000) libX11-xcb.so.1 => /usr/lib64/libX11-xcb.so.1 (0x00007f49edc46000) libxcb-dri2.so.0 => /usr/lib64/libxcb-dri2.so.0 (0x00007f49eda41000) libxcb-xfixes.so.0 => /usr/lib64/libxcb-xfixes.so.0 (0x00007f49ed838000) libxcb-shape.so.0 => /usr/lib64/libxcb-shape.so.0 (0x00007f49ed634000) libgbm.so.1 => /usr/lib64/libgbm.so.1 (0x00007f49ed426000) libwayland-client.so.0 => /usr/lib64/libwayland-client.so.0 (0x00007f49ed217000) libwayland-server.so.0 => /usr/lib64/libwayland-server.so.0 (0x00007f49ed005000) libglapi.so.0 => /usr/lib64/libglapi.so.0 (0x00007f49ecddb000) libdrm.so.2 => /usr/lib64/libdrm.so.2 (0x00007f49ecbce000) libXau.so.6 => /usr/lib64/libXau.so.6 (0x00007f49ec9ca000) libxcb-glx.so.0 => /usr/lib64/libxcb-glx.so.0 (0x00007f49ec7b0000) libxcb-dri3.so.0 => /usr/lib64/libxcb-dri3.so.0 (0x00007f49ec5ad000) libxcb-present.so.0 => /usr/lib64/libxcb-present.so.0 (0x00007f49ec3aa000) libxcb-randr.so.0 => /usr/lib64/libxcb-randr.so.0 (0x00007f49ec19b000) libxcb-sync.so.1 => /usr/lib64/libxcb-sync.so.1 (0x00007f49ebf94000) libxshmfence.so.1 => /usr/lib64/libxshmfence.so.1 (0x00007f49ebd91000) libXxf86vm.so.1 => /usr/lib64/libXxf86vm.so.1 (0x00007f49ebb8a000) libpcre.so.1 => /usr/lib64/libpcre.so.1 (0x00007f49eb91d000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00007f49eb6cf000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00007f49eb3ec000) libcom_err.so.2 => /usr/lib64/libcom_err.so.2 (0x00007f49eb1e8000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00007f49eafb4000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00007f49eada5000) libkeyutils.so.1 => /usr/lib64/libkeyutils.so.1 (0x00007f49eaba0000) All libcacard actually needs are the NSS libs. Linking against the entire world is a regression caused by commit 9d171bd9375e4d08feff9adda15163e0811f5f42 Author: Michael Tokarev <mjt@tls.msk.ru> Date: Thu May 8 16:48:27 2014 +0400 libcacard: remove libcacard-specific CFLAGS and LIBS from global vars Which removed the setting of the LIBS variable in libcacard/Makefile. Adding it back as an empty assignment brings the linked libs back to a more reasonable set linux-vdso.so.1 => (0x00007fff575c1000) libssl3.so => /usr/lib64/libssl3.so (0x00007f7f753b1000) libsmime3.so => /usr/lib64/libsmime3.so (0x00007f7f75189000) libnss3.so => /usr/lib64/libnss3.so (0x00007f7f74e62000) libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007f7f74c36000) libplds4.so => /usr/lib64/libplds4.so (0x00007f7f74a31000) libplc4.so => /usr/lib64/libplc4.so (0x00007f7f7482c000) libnspr4.so => /usr/lib64/libnspr4.so (0x00007f7f745ed000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x00007f7f743d0000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x00007f7f741cc000) libgthread-2.0.so.0 => /usr/lib64/libgthread-2.0.so.0 (0x00007f7f73fca000) libglib-2.0.so.0 => /usr/lib64/libglib-2.0.so.0 (0x00007f7f73c90000) libc.so.6 => /usr/lib64/libc.so.6 (0x00007f7f738d3000) libz.so.1 => /usr/lib64/libz.so.1 (0x00007f7f736bd000) librt.so.1 => /usr/lib64/librt.so.1 (0x00007f7f734b4000) /lib64/ld-linux-x86-64.so.2 (0x00007f7f757fd000) Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Cc: <qemu-stable@nongnu.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru> 2014-11-14T11:15:40+00:00 zhanghailiang 2014-11-14T02:18:08+00:00 urn:sha1:5bbebf622897a59db5da4c468e737bfec4d71280 In function connect_to_qemu(), getaddrinfo() will allocate memory that is stored into server, it should be freed by using freeaddrinfo() before connect_to_qemu() return. Cc: qemu-stable@nongnu.org Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> 2014-10-28T10:38:18+00:00 Ray Strode 2014-10-19T02:12:49+00:00 urn:sha1:81b49e8f892a977f3821f3416ea51aa641d63ac4 commit 57f97834efe0c208ffadc9d2959f3d3d55580e52 cleaned up the cac_applet_pki_process_apdu function to have a single exit point. Unfortunately, that commit introduced a bug where the sign buffer can get free'd and nullified while it's still being used. This commit corrects the bug by introducing a boolean to track whether or not the sign buffer should be freed in the function exit path. Signed-off-by: Ray Strode <rstrode@redhat.com> Reviewed-by: Alon Levy <alon@pobox.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> 2014-10-28T10:38:18+00:00 Ray Strode 2014-10-19T02:12:48+00:00 urn:sha1:1223bc4cee3fcdbcb1f6a3ff4ff7a3ab1d875b8a When a process in a guest uses an emulated smartcard, libcacard running on the host passes the PIN from the guest to the PK11_Authenticate NSS function. The first time PK11_Authenticate is called the passed in PIN is used to unlock the certificate database. Subsequent calls to PK11_Authenticate will transparently succeed, regardless of the passed in PIN. This is a convenience for applications provided by NSS. Of course, the guest may have many applications using the one emulated smart card all driven from the same host QEMU process. That means if a user enters the right PIN in one program in the guest, and then enters the wrong PIN in another program in the guest, the wrong PIN will still successfully unlock the virtual smartcard. This commit forces the NSS certificate database to be locked anytime an applet is selected on an emulated smartcard by calling vcard_emul_logout. Signed-off-by: Ray Strode <rstrode@redhat.com> Reviewed-By: Robert Relyea <rrelyea@redhat.com> Reviewed-By: Alon Levy <alevy@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> 2014-10-28T10:38:18+00:00 Ray Strode 2014-10-19T02:12:47+00:00 urn:sha1:f032cfab6158e981a6ea0c369c5366e654e668a6 vcard_emul_reset currently only logs NSS out, but there is a TODO for potentially sending insertion/removal events when powering down or powering up. For clarity, this commit moves the current guts of vcard_emul_reset to a new vcard_emul_logout function which will never send insertion/removal events. The vcard_emul_reset function now just calls vcard_emul_logout, but also retains its TODO for watching power state transitions and sending insertion/removal events. Signed-off-by: Ray Strode <rstrode@redhat.com> Reviewed-By: Robert Relyea <rrelyea@redhat.com> Reviewed-By: Alon Levy <alevy@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>