diff options
author | Stef Walter <stefw@gnome.org> | 2013-03-07 18:53:50 +0100 |
---|---|---|
committer | Stef Walter <stefw@gnome.org> | 2013-03-15 17:29:23 +0100 |
commit | 8fd55c8089c90b52f00e4ffad572d1b9da72e6ba (patch) | |
tree | 3b381718ede4745ef2f9e2f6cbca1283b0a2fe58 /doc/manual | |
parent | 0e75a5ba8261955d4d75a38a528f79ff4edd5c21 (diff) |
p11-kit: New priority option and change trust-policy option
* Sort loaded modules appropriately using the 'priority' option. This
allows us to have a predictable order for callers, when callers
iterate through modules.
* Modules default to having an 'priority' option of '0'.
* If modules have the same order value, then sort by name.
* The above assumes the role of ordering trust-policy sources.
* Change the trust-policy option to a boolean
* Some of this code will be rearranged when the managed branch
is merged.
https://bugs.freedesktop.org/show_bug.cgi?id=61978
Diffstat (limited to 'doc/manual')
-rw-r--r-- | doc/manual/p11-kit-trust.xml | 5 | ||||
-rw-r--r-- | doc/manual/pkcs11.conf.xml | 20 |
2 files changed, 18 insertions, 7 deletions
diff --git a/doc/manual/p11-kit-trust.xml b/doc/manual/p11-kit-trust.xml index 06f168e..198d5db 100644 --- a/doc/manual/p11-kit-trust.xml +++ b/doc/manual/p11-kit-trust.xml @@ -107,11 +107,12 @@ $ pkg-config --variable p11_trust_paths p11-kit-1 <listitem><para>Disable loading trust policy information from this module by adding a file to <literal>/etc/pkcs11/modules</literal> called <literal>p11-kit-trust.module</literal> containing a - <literal>trust-policy:</literal> line.</para></listitem> + <literal>trust-policy: no</literal> line.</para></listitem> + <listitem><para>Disable this module completely by adding a file to <literal>/etc/pkcs11/modules</literal> called <literal>p11-kit-trust.module</literal> containing a - <literal>enable-in:</literal> line.</para></listitem> + <literal>enable-in:</literal> line (without a value).</para></listitem> </itemizedlist> </section> diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml index 3146f60..5ff0863 100644 --- a/doc/manual/pkcs11.conf.xml +++ b/doc/manual/pkcs11.conf.xml @@ -128,13 +128,23 @@ x-custom : text </listitem> </varlistentry> <varlistentry> + <term><option>priority:</option></term> + <listitem> + <para>The value should be an integer. When lists of modules are + returned to a caller of p11-kit, modules with a higher number are sorted + first. When applications search modules for for certificates, keys and + trust policy information, this setting will affect what find + first.</para> + <para>This argument is optional, and defaults to zero. Modules + with the same <option>priority</option> option will be sorted + alphabetically.</para> + </listitem> + </varlistentry> + <varlistentry> <term><option>trust-policy:</option></term> <listitem> - <para>If this setting is present then this module is used to load - trust policy information such as certificate anchors and black lists. - The value should be an integer. Modules with a lower number are loaded - first. Trust policy information in modules loaded later overrides - those loaded first.</para> + <para>Set to <literal>yes</literal> to use use this module as a source + of trust policy information such as certificate anchors and black lists.</para> </listitem> </varlistentry> </variablelist> |