summaryrefslogtreecommitdiff
path: root/build
Commit message (Collapse)AuthorAgeFilesLines
* Use an automake aux directory for storing litterStef Walter2013-07-231-0/+1
|
* trust: Port to use CKA_PUBLIC_KEY_INFO and updated trust store specStef Walter2013-07-041-9/+10
| | | | | | | | | | * Use the concepts and PKCS#11 objects described in the recently updated (still work in progress) storing trust spec. * Define our own CKA_X_PUBLIC_KEY_INFO define for now, since the the CKA_PUBLIC_KEY_INFO isn't defined yet. * Most notably, the association between certificates and stapled extensions is by public key. * Rework some of the tests to take into account the above.
* Our own unit testing frameworkStef Walter2013-05-216-701/+1
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Implement valgrind's hellgrind checks for threading problemsStef Walter2013-05-152-0/+10
| | | | | | | And cleanup our locks/locking model. There's no need to use recursive locks, especially since we can't use them on all platforms. In addition adjust taking of locks during initialization so that there's no chance of deadlocking here.
* Don't try to guess at overflowing time values on 32-bit systemsStef Walter2013-03-282-0/+3
| | | | | | | | | Since CKA_START_DATE and CKA_END_DATE are the only places where we want to parse out times, and these are optional, just leave blank if the time overflows what libc can handle on a 32-bit system. https://bugs.freedesktop.org/show_bug.cgi?id=62825
* Add a bit of infrastructure for running valgrindStef Walter2013-03-203-0/+26
| | | | | * make memcheck: Runs basic memory checking * make leakcheck: Also runs leak checking
* hash: Add the murmur2 hash and start using itStef Walter2013-03-201-3/+3
| | | | | | | | | | | Add implementation of the murmur2 hash function, and start using it for our dictionaries. Our implementation is incremental like our other hash functions. Also remove p11_oid_hash() which wasn't being used. In addition fix several tests whose success was based on the way that the dictionary hashed. This was a hidden testing bug.
* trust: Add a builder which builds objects out of parsed dataStef Walter2013-03-152-0/+0
| | | | | | | | | | | The builder completes the objects from the parsed data and takes over the responsibilities that the parser and adapter previously shared. This is necessary to prepare for arbitrary data coming from the p11-kit specific input files. https://bugs.freedesktop.org/show_bug.cgi?id=62329
* trust: Rework input path treatmentStef Walter2013-03-152-6/+7
| | | | | | | | | | | | | | | | | | | | | * Accept a single --with-trust-paths argument to ./configure which cotnains all the input paths. * The --with-system-anchors and --with-system-certificates ./configure arguments are no longer supported. Since they were only present briefly, no provision is made for backwards compatibility. * Each input file is treated as containing anchors by default unless an input certificate contains detailed trust information. * The files in each input directory are not automatically treated as anchors unless a certificate contains detailed trust information. * The files in anchors/ subdirectory of each input directory are automatically marked as anchors. * The files in the blacklist/ subdirectory of each input directory are automatically marked as blacklisted. * Update tests and move around test certificates so we can test these changes. https://bugs.freedesktop.org/show_bug.cgi?id=62327
* Pull translations from transifexStef Walter2013-02-131-0/+68
| | | | | | * Build a script to help with this https://bugs.freedesktop.org/show_bug.cgi?id=60792
* Add support for exporting OpenSSL's TRUSTED CERTIFICATE formatStef Walter2013-02-051-0/+9
|
* Add support for extracting to pem-bundle and pem-directory formatsStef Walter2013-02-051-0/+2
|
* Support for sane writing to files extractedStef Walter2013-02-051-0/+2
| | | | | | * Implement atomic writes of files * Writing with checks that not overwriting anything unless desired * Writing and overwriting of directory contents in a robust way
* Test a TRUSTED CERTIFICATE without any trust OIDsStef Walter2013-02-052-0/+2
|
* Add support for openssl TRUSTED CERTIFICATE PEM filesStef Walter2013-02-051-0/+3
|
* Add support for parsing PEM filesStef Walter2013-02-051-0/+1
|
* Add basic trust moduleStef Walter2013-02-0511-0/+67
| | | | | | This is based off the roots-store from gnome-keyring and loads certificates from a root directory and exposes them as PKCS#11 objects.
* Move debug and library code into the common/ subdirectoryStef Walter2013-01-097-0/+709
Start using p11_ as our internal prefix rather than _p11_. We explicitly export p11_kit_ so this is fine as far as visibility. Move the threading, mutex, and module compat, dict, and array code into the common directory too. Take this opportunity to clean up a bit of internal API as well, since so many lines are being touched internally.