| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
| |
* Support the TAP protocol
* Much cleaner without having to carry around state
* First class support for setup/teardown
* Port the common tests
* Wait on porting other tests until we've merged outstanding code
|
|
|
|
|
|
|
|
|
| |
Support a new managed style module loading for PKCS#11 modules. This
allows us to better coordinate between multiple callers of the same
PKCS#11 modules and provide hooks into their behavior.
This meant redoing the public facing API. The old methods are now
deprecated, marked and documented as such.
|
|
|
|
|
| |
These are possibly architecture specific binaries, so they should be
in $libdir/p11-kit and not in $datadir/p11-kit
|
|
|
|
|
|
|
|
|
|
| |
Centralize the path handling code, so we can remove unixy assumptions
and have a chance of running on Windows. The current goal is to run
all the tests on Windows.
Includes some code from LRN <lrn1986@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=63062
|
|
|
|
|
|
|
|
|
|
|
| |
Put library init/uninit code its into their own statically
linked library so that they don't get linked into the p11-kit
executable.
Refactor the message code so that the library initialization can
plug in its per thread message buffer.
https://bugs.freedesktop.org/show_bug.cgi?id=63046
|
|
|
|
|
|
| |
Don't reference an undefined macro
https://bugs.freedesktop.org/show_bug.cgi?id=63046
|
|
|
|
| |
Also remove some generated files from the po/ directory.
|
| |
|
|
|
|
|
| |
* make memcheck: Runs basic memory checking
* make leakcheck: Also runs leak checking
|
|
|
|
|
|
|
|
|
|
|
| |
Add implementation of the murmur2 hash function, and start using
it for our dictionaries. Our implementation is incremental
like our other hash functions.
Also remove p11_oid_hash() which wasn't being used.
In addition fix several tests whose success was based on the
way that the dictionary hashed. This was a hidden testing bug.
|
|
|
|
|
| |
We're going to be adding other hashes. Also build as part of a
different common library.
|
|
|
|
|
|
| |
This is not a security feature or anything like that, but a hint
that the files are managed by the extract tool and should not be
modified manually.
|
|
|
|
|
|
|
|
| |
There was a class of bugs for looking up invalid or empty
attributes in the internal PKCS#11 attribute arrays.
* Refine what p11_attrs_find_valid() treats as valid
* Rename p11_attrs_is_empty() to p11_attrs_terminator() for clarity
|
|
|
|
|
|
|
|
|
|
| |
* Collapse multiple identical certificates coming from different
tokens. Note that if a certificate should not be placed multiple
times on a token. We cannot know which one to respect.
* Add a new extract filter: --trust-policy
This extracts all anchor and blacklist information
https://bugs.freedesktop.org/show_bug.cgi?id=61497
|
|
|
|
|
|
|
|
| |
* Placed before the certificate, simple one liner
* No need to put comments in PEM files extracted into
directories, as the file names are already descriptive.
https://bugs.freedesktop.org/show_bug.cgi?id=62029
|
|
|
|
|
|
|
|
|
| |
Also if automatically calculating length, then ignore input
that is NULL, as something that shouldn't be written out.
This allows easier chaining of optional output, such as comments.
https://bugs.freedesktop.org/show_bug.cgi?id=62029
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Sort loaded modules appropriately using the 'priority' option. This
allows us to have a predictable order for callers, when callers
iterate through modules.
* Modules default to having an 'priority' option of '0'.
* If modules have the same order value, then sort by name.
* The above assumes the role of ordering trust-policy sources.
* Change the trust-policy option to a boolean
* Some of this code will be rearranged when the managed branch
is merged.
https://bugs.freedesktop.org/show_bug.cgi?id=61978
|
|
|
|
|
|
|
|
| |
* Fixes a regression
* In addition allows --help to be specified before the command. If
a command is present, command help will be shown
https://bugs.freedesktop.org/show_bug.cgi?id=62153
|
|
|
|
|
|
|
| |
Unless initialized according to the environment all debug output
is printed.
https://bugs.freedesktop.org/show_bug.cgi?id=62152
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
The --purpose option would only match certificates that had no
purposes marked on them. Fix it so that it correctly matches
certificates with the given purpose.
https://bugs.freedesktop.org/show_bug.cgi?id=62009
|
| |
|
|
|
|
|
| |
If the 'p11-kit extract-trust' command is to be used by
distributions, make them customize it appropriately.
|
|
|
|
|
|
| |
Tweaks by: Roman Bogorodskiy <bogorodskiy@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=61739
|
|
|
|
| |
This fixes hangs when running tests on windows
|
|
|
|
|
|
|
| |
* Don't create symlinks on windows
* No atomic renames, so delete and then rename
* Make sure to close files before unlinking on windows
* No chmod permissions on windows
|
|
|
|
| |
So that the Windows' C library doesn't munge line endings
|
|
|
|
|
| |
The Win32 for mmap() is very different from Unix, so abstract
this into our own p11_mmap_xxx() functions.
|
| |
|
|
|
|
|
| |
* Add annotations to our precondition functions so that they
don't make the analyzer complain
|
| |
|
|
|
|
|
| |
* All aliases must be lower case in order to work with the
default keystore implementation.
|
|
|
|
|
| |
* This is in cases where the certificate information does not
already have a friendly name or alias.
|
| |
|
| |
|
|
|
|
|
|
| |
* The only formats supported are x509-file and x509-directory
Allow tool to build without extract
|
|
|
|
|
|
| |
* Implement atomic writes of files
* Writing with checks that not overwriting anything unless desired
* Writing and overwriting of directory contents in a robust way
|
|
|
|
|
|
| |
* Change the -l argument into the list-modules command.
* Add proper functions for printing usage
* Support for external commands in the path or /usr/share/p11-kit
|
|
|
|
|
|
| |
It was getting really wild knowing whether a function returning
an int would return -1 on failure or 0 or whether the int return
value was actually a number etc..
|
|
|
|
|
|
| |
* This is cleaner than building the same source files all over
the place over and over.
* Works better with code coverage.
|
| |
|
|
|
|
| |
* And use them in our replacement err() and p11_kit_set_progname()
|
|
|
|
|
| |
* And the compat stuff in the p11-kit directory merged
into util.c and util.h
|
|
|
|
|
|
|
|
| |
* Tests do not all yet pass, at least not on wine
* Added abstraction of some non-portable functions in compat.h/c
* Build with an argument like this for win32 support:
./autogen.sh --host=i586-mingw32msvc
* This win32 port needs more work from interested parties
|
| |
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=39622
|
| |
|