summaryrefslogtreecommitdiff
path: root/trust
diff options
context:
space:
mode:
authorStef Walter <stef@thewalter.net>2013-08-29 12:12:46 +0200
committerStef Walter <stef@thewalter.net>2013-08-29 12:14:01 +0200
commitc980eb29619edc28610a03ccb62514683604257c (patch)
tree806ab9d9f507a518622a7e0dffac146172a1f9e7 /trust
parentf2beacb7c59b9c4b41b00da993c747fd814882a8 (diff)
Route 'p11-kit extract-trust' over to trust tool
The actual command is 'trust extract-compat'. Make installed placeholder script reflect this. We still support the old placeholder script if it is present.
Diffstat (limited to 'trust')
-rw-r--r--trust/Makefile.am3
-rw-r--r--trust/extract.c38
-rw-r--r--trust/extract.h3
-rwxr-xr-xtrust/trust-extract-compat.in (renamed from trust/p11-kit-extract-trust.in)10
-rw-r--r--trust/trust.c1
5 files changed, 49 insertions, 6 deletions
diff --git a/trust/Makefile.am b/trust/Makefile.am
index 18fded6..7410f5d 100644
--- a/trust/Makefile.am
+++ b/trust/Makefile.am
@@ -10,6 +10,7 @@ AM_CPPFLAGS = \
-I$(top_srcdir)/common \
-DDATADIR=\"$(datadir)\" \
-DSYSCONFDIR=\"$(sysconfdir)\" \
+ -DPRIVATEDIR=\"$(privatedir)\" \
$(LIBTASN1_CFLAGS) \
$(NULL)
@@ -111,7 +112,7 @@ trust_SOURCES = \
externaldir = $(privatedir)
external_SCRIPTS = \
- p11-kit-extract-trust
+ trust-extract-compat
EXTRA_DIST = \
p11-kit-trust.module
diff --git a/trust/extract.c b/trust/extract.c
index 0389d29..d12d18b 100644
--- a/trust/extract.c
+++ b/trust/extract.c
@@ -41,6 +41,7 @@
#include "iter.h"
#include "message.h"
#include "oid.h"
+#include "path.h"
#include "pkcs11.h"
#include "pkcs11x.h"
#include "save.h"
@@ -48,6 +49,7 @@
#include <assert.h>
#include <ctype.h>
+#include <errno.h>
#include <getopt.h>
#include <stdint.h>
#include <stdio.h>
@@ -281,3 +283,39 @@ p11_trust_extract (int argc,
p11_enumerate_cleanup (&ex);
return ret;
}
+
+int
+p11_trust_extract_compat (int argc,
+ char *argv[])
+{
+ char *path;
+ char *path2;
+ int error;
+
+ argv[argc] = NULL;
+
+ /*
+ * For compatibility with people who deployed p11-kit 0.18.x
+ * before trust stuff was put into its own branch.
+ */
+ path2 = p11_path_build (PRIVATEDIR, "p11-kit-extract-trust", NULL);
+ return_val_if_fail (path2 != NULL, 1);
+ execv (path2, argv);
+ error = errno;
+ free (path2);
+
+ if (error == ENOENT) {
+ path = p11_path_build (PRIVATEDIR, "trust-extract-compat", NULL);
+ return_val_if_fail (path != NULL, 1);
+ execv (path, argv);
+ error = errno;
+ free (path);
+ }
+
+ /* At this point we have no command */
+ p11_message_err (error, "could not run %s command", path);
+
+ free (path);
+ free (path2);
+ return 2;
+}
diff --git a/trust/extract.h b/trust/extract.h
index 1bd8e4a..ca14238 100644
--- a/trust/extract.h
+++ b/trust/extract.h
@@ -72,4 +72,7 @@ bool p11_extract_openssl_directory (p11_enumerate *ex,
int p11_trust_extract (int argc,
char **argv);
+int p11_trust_extract_compat (int argc,
+ char *argv[]);
+
#endif /* P11_EXTRACT_H_ */
diff --git a/trust/p11-kit-extract-trust.in b/trust/trust-extract-compat.in
index c7214e9..2d8809c 100755
--- a/trust/p11-kit-extract-trust.in
+++ b/trust/trust-extract-compat.in
@@ -7,20 +7,20 @@
# trust module is used to modifiy trust anchors and related data.
if [ $# -ne 0 ]; then
- echo "usage: p11-kit extract-trust" >&2
+ echo "usage: trust extract-compat" >&2
exit 2
fi
-echo "p11-kit: the placeholder extract-trust command has not been customized by your distribution." >&2
+echo "trust: the placeholder extract-compat command has not been customized by your distribution." >&2
# You can use commands like this to extract data from trust modules
# into appropriate locations for your distribution.
#
-# p11-kit extract --format=openssl-bundle --filter=ca-anchors \
+# trust extract --format=openssl-bundle --filter=ca-anchors \
# --overwrite /tmp/openssl-bundle.pem
-# p11-kit extract --format=pem-bundle --filter=ca-anchors --overwrite \
+# trust extract --format=pem-bundle --filter=ca-anchors --overwrite \
# --purpose server-auth /tmp/server-auth-bundle.pem
-# p11-kit extract --format=java-cacerts --filter=ca-anchors --overwrite \
+# trust extract --format=java-cacerts --filter=ca-anchors --overwrite \
# --purpose server-auth /tmp/cacerts
exit 1
diff --git a/trust/trust.c b/trust/trust.c
index 4ed1df8..b006ec8 100644
--- a/trust/trust.c
+++ b/trust/trust.c
@@ -56,6 +56,7 @@
static const p11_tool_command commands[] = {
{ "list", p11_trust_list, "List trust or certificates" },
{ "extract", p11_trust_extract, "Extract certificates and trust" },
+ { "extract-compat", p11_trust_extract_compat, "Extract trust compatibility bundles" },
{ "anchor", p11_trust_anchor, "Add, remove, change trust anchors" },
{ 0, }
};