summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Be consistent with version numberHEADmasterLinus Nordberg2020-02-192-2/+2
|
* Sane default path to p11-kit-remoteLinus Nordberg2020-02-192-2/+2
| | | | This is where the Debian package installs it.
* Merge branch 'packaging'Linus Nordberg2020-02-181-0/+44
|\
| * Use p11-kit from packagesLinus Nordberg2020-02-181-7/+3
| | | | | | | | Also, fix the PATH -- $HOME is not set.
| * Add missing rebar3 dependenciespackagingLinus Nordberg2020-02-181-0/+4
| |
| * Add basic DockerfileLinus Nordberg2020-02-181-0/+44
| |
* | Use a default socket path which works on non systemdLinus Nordberg2020-02-181-1/+1
|/
* Document defaults in config fileLinus Nordberg2020-02-171-3/+4
|
* Make the $PID part of socket names configurableLinus Nordberg2020-02-173-2/+23
|
* Make socket base path configurableLinus Nordberg2020-02-173-10/+26
|
* Fix a bug in balance config settingsLinus Nordberg2020-02-141-2/+2
|
* Merge branch 'devel'Linus Nordberg2020-02-148-321/+835
|\ | | | | | | | | | | | | | | | | | | Implements (partial) PKCS #11 state tracking and the "return error to application" strategy for dealing with token switching. NOTE: This commit changes the configuration file format in a non backwards compatible way. You need to update your config/sys.config. NOTE 2: Handling of the TOML configuration file format is not complete.
| * better balance settingsLinus Nordberg2020-02-144-32/+40
| |
| * Make probability of dropping a request, for testing, configurableLinus Nordberg2020-02-143-15/+45
| |
| * Some more documentation and cosmetic changesLinus Nordberg2020-02-113-99/+133
| |
| * WIP track p11 state and shortcut responses when neededLinus Nordberg2020-02-115-40/+149
| |
| * WIP parts from transparent-failover + half baked toml configdevelLinus Nordberg2020-02-107-244/+577
|/ | | | | | | | | | | | The transparent failover experiment, see branch transparent-failover, resulted in a bunch of changes that we want regardless of failover implementation. This commit incorporates these. This commit also has a half baked implementation of TOML file based configuration, to not expose the operator for Erlang syntax when configuring the daemon. TODO: sort this out!
* Rename remote -> clientLinus Nordberg2020-01-107-132/+148
| | | | Also rename token -> vtoken where appropriate.
* Verify RPC versionLinus Nordberg2020-01-093-61/+96
| | | | | | | | | | Don't just forward the version octet, verify it and refuse other protocol versions. Send it once in each direction and don't count on the misconception that new client means new remote, or vice versa. Especially the latter, that a new remote means new client, will be untrue as soon as we implement failover.
* Code cleanup, variable renamingLinus Nordberg2020-01-077-156/+167
| | | | | | | | Move away from func(Foo) -> NewFoo = something(Foo) and instead use FooIn and Foo, or something else that makes sense.
* Servers don't need to know socket pathLinus Nordberg2020-01-072-12/+14
|
* Set up environment for remotes according to configurationLinus Nordberg2020-01-074-19/+40
|
* Add documentation to READMELinus Nordberg2020-01-071-2/+82
|
* use better path for p11-kit-remote in config fileLinus Nordberg2020-01-031-3/+4
|
* use better path to p11-kit-client.so in exampleLinus Nordberg2020-01-031-2/+1
|
* clean up the README's someLinus Nordberg2020-01-032-34/+35
|
* do clean up after p11-kit server even if the openssl operation failLinus Nordberg2020-01-032-7/+13
|
* invoke do-verify.sh with the right argumentsLinus Nordberg2020-01-031-4/+4
| | | | | Specifically, don't use $< now that we have the openssl config file as our first dependant.
* expand instructions on running testsLinus Nordberg2020-01-031-2/+10
|
* modern versions of the p11-kit package will doLinus Nordberg2020-01-031-0/+4
|
* generate openssl config filesLinus Nordberg2020-01-033-30/+23
| | | | Also, no .pem on sigfile names.
* do export OPENSSL_CONFLinus Nordberg2019-10-242-0/+2
| | | | When not, dgst runs with the default config succeeds.
* use the symlink for libsofthsm2.soLinus Nordberg2019-10-221-1/+1
| | | | | This should be more stable. It's used in openssl.direct.cnf too.
* allow overriding providers in environmentLinus Nordberg2019-10-221-3/+3
|
* remove spurious mkdirLinus Nordberg2019-10-221-1/+0
| | | | We already do that in target softhsm/tokens.
* sign and verify once per found tokenLinus Nordberg2019-10-222-5/+11
| | | | | | | | If more than one token is found, all of them should have the same key. This is a somewhat lame way of verifying they all work. Lame because the resulting signature will be made from the last key only. Also pass PIN in URI.
* export SOFTHSM2_CONF properlyLinus Nordberg2019-10-221-7/+6
| | | | Also, do create the token directory.
* use a default target testing softhsm without p11p firstLinus Nordberg2019-10-221-0/+1
|
* whitespaceLinus Nordberg2019-10-221-1/+1
|
* use paths used by (debian) packagesLinus Nordberg2019-10-221-2/+3
|
* 0.2.0-devLinus Nordberg2019-10-091-1/+1
|
* language and spelingLinus Nordberg2019-10-092-13/+19
|
* remove empty fileLinus Nordberg2019-07-031-8/+0
|
* split up p11p.mdLinus Nordberg2019-07-033-168/+127
|
* p11p-0.1.0p11p-0.1.0Linus Nordberg2019-07-021-1/+1
|
* add copyright and license info headersLinus Nordberg2019-07-0210-0/+30
|
* remove unused filesLinus Nordberg2019-07-022-0/+0
|
* add LICENSELinus Nordberg2019-07-021-0/+35
|
* add contact infoLinus Nordberg2019-07-021-0/+4
|
* update README with more build instructionsLinus Nordberg2019-07-021-10/+31
|
generated by cgit v1.1 at 2025-07-01 20:46:34 +0000