diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | common/path.c | 37 | ||||
| -rw-r--r-- | common/tests/test-path.c | 6 | ||||
| -rw-r--r-- | configure.ac | 8 | ||||
| -rw-r--r-- | doc/manual/Makefile.am | 17 | ||||
| -rw-r--r-- | doc/manual/p11-kit-config.xml | 18 | ||||
| -rw-r--r-- | doc/manual/p11-kit-devel.xml | 10 | ||||
| -rw-r--r-- | doc/manual/p11-kit-trust.xml | 10 | ||||
| -rw-r--r-- | doc/manual/pkcs11.conf.xml | 14 | ||||
| -rw-r--r-- | doc/manual/version.xml.in | 1 | ||||
| -rw-r--r-- | p11-kit/pkcs11.conf.example.in | 2 |
11 files changed, 91 insertions, 34 deletions
@@ -80,6 +80,8 @@ x86_64-w64-mingw32 /doc/manual/p11-kit.signals /doc/manual/p11-kit.types /doc/manual/tmpl/ +/doc/manual/sysdir.xml +/doc/manual/userdir.xml /doc/manual/version.xml /doc/manual/xml/ /doc/manual/*.5 diff --git a/common/path.c b/common/path.c index d807301..a22c2a6 100644 --- a/common/path.c +++ b/common/path.c @@ -91,19 +91,40 @@ p11_path_base (const char *path) return strndup (beg, end - beg); } +static inline bool +is_path_component_or_null (char ch) +{ + return (ch == '\0' || ch == '/' +#ifdef OS_WIN32 + || ch == '\\' +#endif + ); +} + static char * expand_homedir (const char *remainder) { const char *env; - if (remainder[0] == '\0') - remainder = NULL; - if (getauxval (AT_SECURE)) { errno = EPERM; return NULL; } + while (remainder[0] && is_path_component_or_null (remainder[0])) + remainder++; + if (remainder[0] == '\0') + remainder = NULL; + + /* Expand $XDG_CONFIG_HOME */ + if (remainder != NULL && + strncmp (remainder, ".config", 7) == 0 && + is_path_component_or_null (remainder[7])) { + env = getenv ("XDG_CONFIG_HOME"); + if (env && env[0]) + return p11_path_build (env, remainder + 8, NULL); + } + env = getenv ("HOME"); if (env && env[0]) { return p11_path_build (env, remainder, NULL); @@ -139,16 +160,6 @@ expand_homedir (const char *remainder) } } -static inline bool -is_path_component_or_null (char ch) -{ - return (ch == '\0' || ch == '/' -#ifdef OS_WIN32 - || ch == '\\' -#endif - ); -} - char * p11_path_expand (const char *path) { diff --git a/common/tests/test-path.c b/common/tests/test-path.c index 0077cd0..a6ba54d 100644 --- a/common/tests/test-path.c +++ b/common/tests/test-path.c @@ -117,6 +117,12 @@ test_expand (void) p11_path_expand ("~/my/path")); check_equals_and_free ("/home/blah", p11_path_expand ("~")); + putenv ("XDG_CONFIG_HOME=/my"); + check_equals_and_free ("/my/path", + p11_path_expand ("~/.config/path")); + putenv ("XDG_CONFIG_HOME="); + check_equals_and_free ("/home/blah/.config/path", + p11_path_expand ("~/.config/path")); #else /* OS_WIN32 */ putenv ("HOME=C:\\Users\\blah"); check_equals_and_free ("C:\\Users\\blah\\path", diff --git a/configure.ac b/configure.ac index 2f92b8c..445bd4f 100644 --- a/configure.ac +++ b/configure.ac @@ -115,6 +115,11 @@ AC_ARG_WITH([system-config], [system_config_dir=$withval], [system_config_dir=$sysconfdir/pkcs11]) +AC_ARG_WITH([user-config], + [AS_HELP_STRING([--with-system-config], [Change PKCS#11 user config directory])], + [user_config_dir=$withval], + [user_config_dir="~/.pkcs11"]) + AC_ARG_WITH([module-path], [AS_HELP_STRING([--with-module-path], [Load modules with relative path names from here])], [module_path=$withval], @@ -125,7 +130,7 @@ p11_system_config=$system_config_dir p11_system_config_file=$p11_system_config/pkcs11.conf p11_system_config_modules=$p11_system_config/modules p11_package_config_modules='${pkgdatadir}/modules' -p11_user_config="~/.pkcs11" +p11_user_config=$user_config_dir p11_user_config_file="$p11_user_config/pkcs11.conf" p11_user_config_modules="$p11_user_config/modules" p11_module_path="$module_path" @@ -487,7 +492,6 @@ AC_CONFIG_FILES([Makefile common/tests/Makefile doc/Makefile doc/manual/Makefile - doc/manual/version.xml po/Makefile.in p11-kit/Makefile p11-kit/tests/Makefile diff --git a/doc/manual/Makefile.am b/doc/manual/Makefile.am index ea6166e..ab73373 100644 --- a/doc/manual/Makefile.am +++ b/doc/manual/Makefile.am @@ -83,7 +83,11 @@ content_files=p11-kit-config.xml p11-kit-sharing.xml \ # SGML files where gtk-doc abbrevations (#GtkWidget) are expanded # These files must be listed here *and* in content_files # e.g. expand_content_files=running.sgml -expand_content_files= +expand_content_files= \ + version.xml \ + userdir.xml \ + sysdir.xml \ + $(NULL) # CFLAGS and LDFLAGS for compiling gtkdoc-scangobj with your library. # Only needed if you are using gtkdoc-scangobj to dynamically query widget @@ -98,6 +102,14 @@ p11-kit-sections.txt: $(srcdir)/p11-kit-sections.txt p11-kit-overrides.txt: $(srcdir)/p11-kit-overrides.txt cp $(srcdir)/p11-kit-overrides.txt p11-kit-overrides.txt +# Generate our files with variables +sysdir.xml: + echo -n $(p11_system_config) > "$@" +userdir.xml: + echo -n $(p11_user_config) > "$@" +version.xml: + echo -n $(VERSION) > "$@" + # This includes the standard gtk-doc make rules, copied by gtkdocize. include $(top_srcdir)/gtk-doc.make @@ -140,6 +152,7 @@ CLEANFILES += \ EXTRA_DIST += \ $(MAN_IN_FILES) \ - version.xml.in \ + sysdir.xml \ + userdir.xml \ version.xml \ $(NULL) diff --git a/doc/manual/p11-kit-config.xml b/doc/manual/p11-kit-config.xml index 1df55b1..ec17b1b 100644 --- a/doc/manual/p11-kit-config.xml +++ b/doc/manual/p11-kit-config.xml @@ -1,6 +1,10 @@ <?xml version="1.0"?> <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" +[ + <!ENTITY sysdir SYSTEM "sysdir.xml"> + <!ENTITY userdir SYSTEM "userdir.xml"> +]> <chapter xml:id="config"> <title>PKCS#11 Configuration</title> @@ -29,17 +33,17 @@ two modules called 'my-module' and 'nss'. The user settings override some aspects of the system settings.</para> -<para>Global configuration file: <literal>/etc/pkcs11/pkcs11.conf</literal></para> +<para>Global configuration file: <literal>&sysdir;/pkcs11.conf</literal></para> <programlisting> # This setting controls whether to load user configuration from the -# ~/.pkcs11 directory. Possible values: +# &userdir; directory. Possible values: # none: No user configuration # merge: Merge the user config over the system configuration (default) # only: Only user configuration, ignore system configuration user-config: merge </programlisting> -<para>One module configuration file per module: <literal>/etc/pkcs11/modules/my-module</literal></para> +<para>One module configuration file per module: <literal>&sysdir;/modules/my-module</literal></para> <programlisting> # This setting controls the actual module library to load. This config file # might be installed by the package that installs this module library. This @@ -52,19 +56,19 @@ module: my-pkcs11-module.so critical: no </programlisting> -<para>User configuration file: <literal>~/.pkcs11/pkcs11.conf</literal></para> +<para>User configuration file: <literal>&userdir;/pkcs11.conf</literal></para> <programlisting> # This is an empty file. Files that do not exist are treated as empty. </programlisting> -<para>User configuration file: <literal>~/.pkcs11/modules/my-module</literal></para> +<para>User configuration file: <literal>&userdir;/modules/my-module</literal></para> <programlisting> # Merge with the settings in the system my-module config file. In this case # a developer has overridden to load a different module for my-module instead. module: /home/user/src/custom-module/my-module.so </programlisting> -<para>User configuration file: <literal>~/.pkcs11/modules/nss</literal></para> +<para>User configuration file: <literal>&userdir;/modules/nss</literal></para> <programlisting> # Load the NSS libsoftokn.so.3 PKCS#11 library as a module. Note that we pass # some custom non-standard initialization arguments, as NSS expects. diff --git a/doc/manual/p11-kit-devel.xml b/doc/manual/p11-kit-devel.xml index 5ffc32b..2ce3f0c 100644 --- a/doc/manual/p11-kit-devel.xml +++ b/doc/manual/p11-kit-devel.xml @@ -230,6 +230,16 @@ $ make install <listitem><para>Specify the path to look for p11-kit config files. This usually defaults to something like <literal>/etc/pkcs11</literal></para></listitem> </varlistentry> + <varlistentry> + <term><option>--with-user-config</option></term> + <listitem><para>Specify the path to look for user specific p11-kit config files. If + specify a path that begins with <literal>~/</literal> then this is expanded to the + home directory of the user running p11-kit. If you specify a path that begins with + <literal>~/.config/</literal> then this is expanded to the $XDG_CONFIG_HOME directory, + as outlined in the + <ulink url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables">XDG Base Dir specification</ulink>. + This option defaults to <literal>~/.pkcs11</literal></para></listitem> + </varlistentry> </variablelist> <para></para> </section> diff --git a/doc/manual/p11-kit-trust.xml b/doc/manual/p11-kit-trust.xml index 999bfef..4b3521a 100644 --- a/doc/manual/p11-kit-trust.xml +++ b/doc/manual/p11-kit-trust.xml @@ -1,6 +1,10 @@ <?xml version="1.0"?> <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" +[ + <!ENTITY sysdir SYSTEM "sysdir.xml"> + <!ENTITY userdir SYSTEM "userdir.xml"> +]> <chapter xml:id="trust"> <title>Trust Policy Module</title> @@ -106,12 +110,12 @@ $ pkg-config --variable p11_trust_paths p11-kit-1 during the <link linkend="devel-building-configure">p11-kit build</link>.</para></listitem> <listitem><para>Disable loading trust policy information - from this module by adding a file to <literal>/etc/pkcs11/modules</literal> + from this module by adding a file to <literal>&sysdir;/modules</literal> called <literal>p11-kit-trust.module</literal> containing a <literal>trust-policy: no</literal> line.</para></listitem> <listitem><para>Disable this module completely by - adding a file to <literal>/etc/pkcs11/modules</literal> + adding a file to <literal>&sysdir;/modules</literal> called <literal>p11-kit-trust.module</literal> containing a <literal>enable-in:</literal> line (without a value).</para></listitem> </itemizedlist> diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml index cda02ee..14b1783 100644 --- a/doc/manual/pkcs11.conf.xml +++ b/doc/manual/pkcs11.conf.xml @@ -1,6 +1,10 @@ <?xml version='1.0'?> <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" +[ + <!ENTITY sysdir SYSTEM "sysdir.xml"> + <!ENTITY userdir SYSTEM "userdir.xml"> +]> <refentry id="pkcs11.conf"> @@ -232,13 +236,13 @@ x-custom : text additional configuration or override the system configuration.</para> <para>The system global configuration file is usually in - <literal>/etc/pkcs11/pkcs11.conf</literal> and the user global - configuration file is in <literal>~/.pkcs11/pkcs11.conf</literal> in the + <literal>&sysdir;/pkcs11.conf</literal> and the user global + configuration file is in <literal>&userdir;/pkcs11.conf</literal> in the user's home directory.</para> <para>The module config files are usually located in the - <literal>/etc/pkcs11/modules</literal> directory, with one configuration - file per module. In addition the <literal>~/.pkcs11/modules</literal> directory + <literal>&sysdir;/modules</literal> directory, with one configuration + file per module. In addition the <literal>&userdir;/modules</literal> directory can be used for modules installed by the user.</para> <para>Note that user configuration files are not loaded from the home diff --git a/doc/manual/version.xml.in b/doc/manual/version.xml.in deleted file mode 100644 index 27323da..0000000 --- a/doc/manual/version.xml.in +++ /dev/null @@ -1 +0,0 @@ -@VERSION@
\ No newline at end of file diff --git a/p11-kit/pkcs11.conf.example.in b/p11-kit/pkcs11.conf.example.in index a148000..96d0a08 100644 --- a/p11-kit/pkcs11.conf.example.in +++ b/p11-kit/pkcs11.conf.example.in @@ -2,7 +2,7 @@ # place before use. # This setting controls whether to load user configuration from the -# ~/.pkcs11 directory. Possible values: +# @p11_user_config@ directory. Possible values: # none: No user configuration # merge: Merge the user config over the system configuration (default) # only: Only user configuration, ignore system configuration |