p11-kit.git - Clone of https://github.com/p11-glue/p11-kit

	Commit message (Collapse)	Author	Age	Files	Lines
*	trust: Make each configured path its own token	Stef Walter	2013-03-15	1	-5/+28
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Each source directory or file configured into the module or passed in as an initialization argument becomes its own token. Previously there was one token that contained certificates from all the configured paths. * These tokens are clearly labeled in the token info as to the directory or file that they represent. * Update PKCS#11 module logic to deal with multiple tokens, validate the slot ids and so on. * The order in which the paths are configured will become the order of trust priority. This is the same order in which they are listed through 'p11-kit list-modules' and C_GetSlotList. * Update the frob-token internal tool to only play with one path * Adjust tests where necessary to reflect the new state of things and add tests for modified trust module code https://bugs.freedesktop.org/show_bug.cgi?id=61499
*	trust: Rework input path treatment	Stef Walter	2013-03-15	1	-3/+120
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Accept a single --with-trust-paths argument to ./configure which cotnains all the input paths. * The --with-system-anchors and --with-system-certificates ./configure arguments are no longer supported. Since they were only present briefly, no provision is made for backwards compatibility. * Each input file is treated as containing anchors by default unless an input certificate contains detailed trust information. * The files in each input directory are not automatically treated as anchors unless a certificate contains detailed trust information. * The files in anchors/ subdirectory of each input directory are automatically marked as anchors. * The files in the blacklist/ subdirectory of each input directory are automatically marked as blacklisted. * Update tests and move around test certificates so we can test these changes. https://bugs.freedesktop.org/show_bug.cgi?id=62327
*	Initialize modules correctly in tests	Stef Walter	2013-03-03	1	-0/+1
\| \| \| \|	This fixes hangs when running tests on windows
*	Use putenv() instead of setenv()	Stef Walter	2013-03-03	1	-1/+1
\| \| \| \|	Since older operating systems don't support setenv()
*	Fill in certificate authority and trust data correctly	Stef Walter	2013-02-05	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	* Fill in CKA_CERTIFICATE_CATEGORY properly for authorities based on the presence of BasicConstraints and/or v1 certificates * Fill in CKA_TRUSTED and CKA_X_DISTRUSTED based on whether the parser is running for anchors or blacklist * In addition support the concept of blacklisted certificates mixed in with the anchors (without any purposes) since that's what exists in the real world. * We do this after the various hooks have had a chance to mess with the certificate extensions and such.
*	Add the builtin roots NSS specific object	Stef Walter	2013-02-05	1	-3/+3
\| \| \| \|	This tells NSS that this is a source of anchors.
*	Add basic trust module	Stef Walter	2013-02-05	1	-0/+106
	This is based off the roots-store from gnome-keyring and loads certificates from a root directory and exposes them as PKCS#11 objects.