summaryrefslogtreecommitdiff
path: root/doc/manual
diff options
context:
space:
mode:
authorStef Walter <stefw@gnome.org>2013-03-07 18:53:50 +0100
committerStef Walter <stefw@gnome.org>2013-03-15 17:29:23 +0100
commit8fd55c8089c90b52f00e4ffad572d1b9da72e6ba (patch)
tree3b381718ede4745ef2f9e2f6cbca1283b0a2fe58 /doc/manual
parent0e75a5ba8261955d4d75a38a528f79ff4edd5c21 (diff)
p11-kit: New priority option and change trust-policy option
* Sort loaded modules appropriately using the 'priority' option. This allows us to have a predictable order for callers, when callers iterate through modules. * Modules default to having an 'priority' option of '0'. * If modules have the same order value, then sort by name. * The above assumes the role of ordering trust-policy sources. * Change the trust-policy option to a boolean * Some of this code will be rearranged when the managed branch is merged. https://bugs.freedesktop.org/show_bug.cgi?id=61978
Diffstat (limited to 'doc/manual')
-rw-r--r--doc/manual/p11-kit-trust.xml5
-rw-r--r--doc/manual/pkcs11.conf.xml20
2 files changed, 18 insertions, 7 deletions
diff --git a/doc/manual/p11-kit-trust.xml b/doc/manual/p11-kit-trust.xml
index 06f168e..198d5db 100644
--- a/doc/manual/p11-kit-trust.xml
+++ b/doc/manual/p11-kit-trust.xml
@@ -107,11 +107,12 @@ $ pkg-config --variable p11_trust_paths p11-kit-1
<listitem><para>Disable loading trust policy information
from this module by adding a file to <literal>/etc/pkcs11/modules</literal>
called <literal>p11-kit-trust.module</literal> containing a
- <literal>trust-policy:</literal> line.</para></listitem>
+ <literal>trust-policy: no</literal> line.</para></listitem>
+
<listitem><para>Disable this module completely by
adding a file to <literal>/etc/pkcs11/modules</literal>
called <literal>p11-kit-trust.module</literal> containing a
- <literal>enable-in:</literal> line.</para></listitem>
+ <literal>enable-in:</literal> line (without a value).</para></listitem>
</itemizedlist>
</section>
diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml
index 3146f60..5ff0863 100644
--- a/doc/manual/pkcs11.conf.xml
+++ b/doc/manual/pkcs11.conf.xml
@@ -128,13 +128,23 @@ x-custom : text
</listitem>
</varlistentry>
<varlistentry>
+ <term><option>priority:</option></term>
+ <listitem>
+ <para>The value should be an integer. When lists of modules are
+ returned to a caller of p11-kit, modules with a higher number are sorted
+ first. When applications search modules for for certificates, keys and
+ trust policy information, this setting will affect what find
+ first.</para>
+ <para>This argument is optional, and defaults to zero. Modules
+ with the same <option>priority</option> option will be sorted
+ alphabetically.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
<term><option>trust-policy:</option></term>
<listitem>
- <para>If this setting is present then this module is used to load
- trust policy information such as certificate anchors and black lists.
- The value should be an integer. Modules with a lower number are loaded
- first. Trust policy information in modules loaded later overrides
- those loaded first.</para>
+ <para>Set to <literal>yes</literal> to use use this module as a source
+ of trust policy information such as certificate anchors and black lists.</para>
</listitem>
</varlistentry>
</variablelist>