| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
* Implement trust assertions for anchored and distrusted certs
* Pinned certificate trust assertions are not implemented yet
* Add an internal tool for pulling apart bits of certificates
|
| |
|
|
| |
This tells NSS that this is a source of anchors.
|
| | |
|
| |
|
|
|
|
| |
This is based off the roots-store from gnome-keyring and loads
certificates from a root directory and exposes them as PKCS#11
objects.
|
| |
|
|
|
|
|
| |
* Unindent the main headings
* Don't wrap options
* Better spacing in table of contents
* Don't have line numbers on code examples
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Try to make /etc/pkcs11/modules for administrator use
* Override the old pkg-config variables to help packages start
using the new location
|
| |
|
|
| |
This does the opposite of p11_kit_be_quiet().
|
| |
|
|
|
| |
* Move mock code into the common/ directory to be used by multiple
components of p11-kit
|
| |
|
|
|
|
|
|
|
|
|
| |
Start using p11_ as our internal prefix rather than _p11_. We explicitly
export p11_kit_ so this is fine as far as visibility.
Move the threading, mutex, and module compat, dict, and array code
into the common directory too.
Take this opportunity to clean up a bit of internal API as well,
since so many lines are being touched internally.
|
| |
|
|
|
|
| |
* P11_KIT_URI_NO_MEMORY is an unexpected state, that will probably
never actually be returned. But kept for API compatibility.
* make distcheck doc fix
|
| |
|
|
|
|
|
| |
* This allows user configured PKCS#11 modules by default.
* Admins can change this to 'none' in /etc/pkcs11/pkcs11.conf
to go back to the previous behavior.
* Posted to the mailing list.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* And want alphanumeric/_.- filenames
* Currently this is just a warning, soon it will be enforced
* The name of a module does not include the extension
Andreas Metzler and Ubuntu both worked on this patch, and I've made
some more changes.
See https://bugs.launchpad.net/ubuntu/+source/p11-kit/+bug/911436
https://bugs.freedesktop.org/show_bug.cgi?id=52158
|
| |
|
|
|
|
|
|
| |
* These can be used to load certain modules in certain
programs, or prevent loading in others.
* Useful for a key manager like seahorse, so we can load
extra modules (think NSS) that other modules shouldn't
load.
|
| |
|
|
|
|
|
|
| |
* Tests do not all yet pass, at least not on wine
* Added abstraction of some non-portable functions in compat.h/c
* Build with an argument like this for win32 support:
./autogen.sh --host=i586-mingw32msvc
* This win32 port needs more work from interested parties
|
| |
|
|
|
| |
* Default module path
* How to lookup paths using pkg-config
|
| |
|
|
|
|
| |
* When a module has critical set to 'yes', and that module fails to init
then it aborts the entire init process.
* Defaults to 'no'
|
| |
|
|
|
|
|
|
|
| |
* pinfile attribute was renamed to pin-source
* objecttype attribute was renamed to object-type
* secretkey value was renamed to secret-key
We continue to support parsing the old attribute names and values but
generate URIs with the new ones.
|
| |
|
|
| |
* And also install example pkcs11.conf file.
|
| |
|
|
|
| |
* After recent hash table rewrite we should be ignoring the new
file.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
* Add p11_kit_message() function to get last message.
|
| | |
|
| |
|
|
| |
of space terminated strings.
|
| | |
|
| |
|
|
|
| |
* This function will load a module from a file path, and then
initialize it.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
* Install headers to ${prefix}/include/p11-kit-1/p11-kit/
* This solves problems with other projects that have their own
pkcs11.h files.
* Change the pkg-config file name to p11-kit-1.pc
* Change the source file names.
|
| |
|
|
|
|
|
|
|
|
|
| |
Use P11_KIT_DEBUG=xxx environment variable to enable tracing. Must
have been built without --disable-debug option.
P11_KIT_DEBUG can (at this point) be one of these values:
all
help
conf
lib
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Rename source directory
* More consistent with return values from URI functions.
* Allow formatting URI to take a uri type.
|
| | |
|
| |
|
