| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=985481
|
|
|
|
|
|
|
| |
* p11-kit library and tool in the p11-kit/ subdirectory
* trust module and new trust tool in trust/ subdirectory
* No more tools/ subdirectory
* Lots less in the common/ subdirectory
|
| |
|
|
|
|
|
|
|
|
| |
* Support the TAP protocol
* Much cleaner without having to carry around state
* First class support for setup/teardown
* Port the common tests
* Wait on porting other tests until we've merged outstanding code
|
|
|
|
|
|
|
|
|
| |
Support a new managed style module loading for PKCS#11 modules. This
allows us to better coordinate between multiple callers of the same
PKCS#11 modules and provide hooks into their behavior.
This meant redoing the public facing API. The old methods are now
deprecated, marked and documented as such.
|
|
|
|
|
|
|
|
|
|
| |
Centralize the path handling code, so we can remove unixy assumptions
and have a chance of running on Windows. The current goal is to run
all the tests on Windows.
Includes some code from LRN <lrn1986@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=63062
|
|
|
|
|
|
|
|
|
|
|
| |
Put library init/uninit code its into their own statically
linked library so that they don't get linked into the p11-kit
executable.
Refactor the message code so that the library initialization can
plug in its per thread message buffer.
https://bugs.freedesktop.org/show_bug.cgi?id=63046
|
|
|
|
|
|
| |
Don't reference an undefined macro
https://bugs.freedesktop.org/show_bug.cgi?id=63046
|
|
|
|
| |
Also remove some generated files from the po/ directory.
|
| |
|
|
|
|
|
| |
* make memcheck: Runs basic memory checking
* make leakcheck: Also runs leak checking
|
|
|
|
|
|
|
|
|
|
|
| |
Add implementation of the murmur2 hash function, and start using
it for our dictionaries. Our implementation is incremental
like our other hash functions.
Also remove p11_oid_hash() which wasn't being used.
In addition fix several tests whose success was based on the
way that the dictionary hashed. This was a hidden testing bug.
|
|
|
|
|
|
| |
This is not a security feature or anything like that, but a hint
that the files are managed by the extract tool and should not be
modified manually.
|
|
|
|
|
|
|
|
| |
There was a class of bugs for looking up invalid or empty
attributes in the internal PKCS#11 attribute arrays.
* Refine what p11_attrs_find_valid() treats as valid
* Rename p11_attrs_is_empty() to p11_attrs_terminator() for clarity
|
|
|
|
|
|
|
|
|
|
| |
* Collapse multiple identical certificates coming from different
tokens. Note that if a certificate should not be placed multiple
times on a token. We cannot know which one to respect.
* Add a new extract filter: --trust-policy
This extracts all anchor and blacklist information
https://bugs.freedesktop.org/show_bug.cgi?id=61497
|
|
|
|
|
|
|
|
| |
* Placed before the certificate, simple one liner
* No need to put comments in PEM files extracted into
directories, as the file names are already descriptive.
https://bugs.freedesktop.org/show_bug.cgi?id=62029
|
|
|
|
|
|
|
|
|
| |
Also if automatically calculating length, then ignore input
that is NULL, as something that shouldn't be written out.
This allows easier chaining of optional output, such as comments.
https://bugs.freedesktop.org/show_bug.cgi?id=62029
|
|
|
|
|
|
|
|
| |
The --purpose option would only match certificates that had no
purposes marked on them. Fix it so that it correctly matches
certificates with the given purpose.
https://bugs.freedesktop.org/show_bug.cgi?id=62009
|
|
|
|
|
|
| |
Tweaks by: Roman Bogorodskiy <bogorodskiy@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=61739
|
|
|
|
| |
This fixes hangs when running tests on windows
|
|
|
|
|
|
|
| |
* Don't create symlinks on windows
* No atomic renames, so delete and then rename
* Make sure to close files before unlinking on windows
* No chmod permissions on windows
|
|
|
|
| |
So that the Windows' C library doesn't munge line endings
|
|
|
|
|
| |
The Win32 for mmap() is very different from Unix, so abstract
this into our own p11_mmap_xxx() functions.
|
|
|
|
|
| |
* This is in cases where the certificate information does not
already have a friendly name or alias.
|
| |
|
| |
|
|
|
|
|
|
| |
* The only formats supported are x509-file and x509-directory
Allow tool to build without extract
|
|
* Implement atomic writes of files
* Writing with checks that not overwriting anything unless desired
* Writing and overwriting of directory contents in a robust way
|