| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Otherwise, the p11-kit-remote program called from p11-kit-server would
load the system modules instead of the local fixtures.
|
|
|
|
|
|
|
|
|
|
|
| |
This enables socket activation of "p11-kit server" through systemd.
The feature provided is essentially the same as commit
a4fb2bb5 (reverted), but implemented with "p11-kit server" and
libsystemd API instead of wrapping "p11-kit remote" in the unit file.
Note that, while it exposes all tokens through the socket, it doesn't
increase attack surface beyond the PKCS#11 binary interface provided
by p11-kit-proxy.so, because the service is per-user.
|
| |
|
|
|
|
| |
Use symlink in the repository, instead of copying.
|
|
|
|
|
|
|
|
|
| |
That is, use README.md as primary source to generate README as
README is required by the GNU guidelines. We don't try to convert
to "real" plain text as markdown is readable, and to avoid introducing
another dependency (e.g., pandoc).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
This allows daemons outside user's session to use per-user PKCS#11
modules. Useful for letting VPN daemons or wpa_supplicant use
certificates stored in user's GNOME keyring, etc.
|
| |
|
|
|
|
|
|
|
|
| |
This is an integration test that the extract and blacklist
functionality basics work.
More integration tests should follow, at which point we should
place the various generic testing bits into their own file.
|
|
|
|
| |
Naturally this doesn't apply to tarballs
|
|
|
|
|
|
| |
The actual command is 'trust extract-compat'. Make installed placeholder
script reflect this. We still support the old placeholder script
if it is present.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If ~/.config is specified as a prefix to a configured path,
then it is expanded to the $XDG_CONFIG_HOME if that exists
Add --with-user-config ./configure option to configure a
different user config directory.
Interpolate the right directories into documentation.
|
|
|
|
|
|
|
| |
* p11-kit library and tool in the p11-kit/ subdirectory
* trust module and new trust tool in trust/ subdirectory
* No more tools/ subdirectory
* Lots less in the common/ subdirectory
|
| |
|
|
|
|
| |
Add win32 cross build, and build out of tree
|
|
|
|
| |
Also remove some generated files from the po/ directory.
|
| |
|
| |
|
|
|
|
|
|
| |
* Build a script to help with this
https://bugs.freedesktop.org/show_bug.cgi?id=60792
|
|
|
|
|
| |
Enable installation of gettext translations and add German translation
by Chris Leick.
|
| |
|
|
|
|
|
|
| |
The SHA-1 and MD5 digests here are used for checksums in legacy
protocols. We don't use them in cryptographic contexts at all.
These particular algorithms would be poor choices for that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Start using p11_ as our internal prefix rather than _p11_. We explicitly
export p11_kit_ so this is fine as far as visibility.
Move the threading, mutex, and module compat, dict, and array code
into the common directory too.
Take this opportunity to clean up a bit of internal API as well,
since so many lines are being touched internally.
|
|
|
|
|
|
|
|
| |
* These can be used to load certain modules in certain
programs, or prevent loading in others.
* Useful for a key manager like seahorse, so we can load
extra modules (think NSS) that other modules shouldn't
load.
|
|
|
|
| |
* Generated automatically
|
|
|
|
|
|
|
|
| |
* Tests do not all yet pass, at least not on wine
* Added abstraction of some non-portable functions in compat.h/c
* Build with an argument like this for win32 support:
./autogen.sh --host=i586-mingw32msvc
* This win32 port needs more work from interested parties
|
| |
|
|
|
|
| |
* Allows checking of translations
|
|
|
|
|
|
|
| |
* If a module forks during its C_Initialize, previously our
fork handler would try to initialize it again, ad nauseum.
Reported by Nikos on the mailing list.
|
|
|
|
| |
* And also install example pkcs11.conf file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* We were missing a call to gettextize, which is what copies in config.rpath
* Delete ABOUT-NLS, it is copied in by gettextize
* While we're here, take a page from gtk+'s autogen.sh and just use autoreconf,
instead of specifying everything.
* We need to always have an m4/ directory, so that gettextize works,
so we make a dummy empty file
* Apparently gettextize is totally insane, requiring user input etc. Copy
in some hacks from Avahi's autogen.sh to work around this.
|
| |
|
|
|
|
|
|
| |
* These are callbacks that hanlde the pinfile part of a PKCS#11 URI.
* One library can register a callback that another can then call
in a thread-safe and simple fashion.
|
| |
|
|
|
|
|
|
|
|
| |
* Install headers to ${prefix}/include/p11-kit-1/p11-kit/
* This solves problems with other projects that have their own
pkcs11.h files.
* Change the pkg-config file name to p11-kit-1.pc
* Change the source file names.
|
|
|
|
|
| |
List modules:
$ p11-kit -l
|
|
|
|
|
|
|
|
|
|
|
| |
Use P11_KIT_DEBUG=xxx environment variable to enable tracing. Must
have been built without --disable-debug option.
P11_KIT_DEBUG can (at this point) be one of these values:
all
help
conf
lib
|
|
|
|
|
|
| |
* Rename source directory
* More consistent with return values from URI functions.
* Allow formatting URI to take a uri type.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|