diff options
author | Stef Walter <stefw@gnome.org> | 2013-03-14 10:05:17 +0100 |
---|---|---|
committer | Stef Walter <stefw@gnome.org> | 2013-03-15 17:19:01 +0100 |
commit | 86e60637394340ef2fa3b3db6b451dac1d73052b (patch) | |
tree | 8fa4f4c353534ffc259f9e333e64fbf7d068e913 /trust/module.c | |
parent | bf63f009cd4a1147a3e0684d898f140f46666b0e (diff) |
trust: Rework input path treatment
* Accept a single --with-trust-paths argument to ./configure
which cotnains all the input paths.
* The --with-system-anchors and --with-system-certificates
./configure arguments are no longer supported. Since they were
only present briefly, no provision is made for backwards
compatibility.
* Each input file is treated as containing anchors by default
unless an input certificate contains detailed trust information.
* The files in each input directory are not automatically treated
as anchors unless a certificate contains detailed trust information.
* The files in anchors/ subdirectory of each input directory are
automatically marked as anchors.
* The files in the blacklist/ subdirectory of each input directory
are automatically marked as blacklisted.
* Update tests and move around test certificates so we can
test these changes.
https://bugs.freedesktop.org/show_bug.cgi?id=62327
Diffstat (limited to 'trust/module.c')
-rw-r--r-- | trust/module.c | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/trust/module.c b/trust/module.c index bf9c0db..5ac018e 100644 --- a/trust/module.c +++ b/trust/module.c @@ -64,8 +64,7 @@ static struct _Shared { p11_dict *sessions; p11_token *token; - char *anchor_paths; - char *certificate_paths; + char *paths; } gl = { NULL, NULL }; /* Used during FindObjects */ @@ -115,13 +114,9 @@ parse_argument (char *arg) else *(value++) = 0; - if (strcmp (arg, "anchors") == 0) { - free (gl.anchor_paths); - gl.anchor_paths = value ? strdup (value) : NULL; - - } else if (strcmp (arg, "certificates") == 0) { - free (gl.certificate_paths); - gl.certificate_paths = value ? strdup (value) : NULL; + if (strcmp (arg, "paths") == 0) { + free (gl.paths); + gl.paths = value ? strdup (value) : NULL; } else { p11_message ("unrecognized module argument: %s", arg); @@ -219,9 +214,8 @@ sys_C_Finalize (CK_VOID_PTR reserved) rv = CKR_CRYPTOKI_NOT_INITIALIZED; } else { - free (gl.certificate_paths); - free (gl.anchor_paths); - gl.certificate_paths = gl.anchor_paths = NULL; + free (gl.paths); + gl.paths = NULL; p11_dict_free (gl.sessions); gl.sessions = NULL; @@ -290,8 +284,7 @@ sys_C_Initialize (CK_VOID_PTR init_args) p11_dict_ulongptr_equal, NULL, p11_session_free); - gl.token = p11_token_new (gl.anchor_paths ? gl.anchor_paths : SYSTEM_ANCHORS, - gl.certificate_paths ? gl.certificate_paths : SYSTEM_CERTIFICATES); + gl.token = p11_token_new (gl.paths ? gl.paths : TRUST_PATHS); if (gl.sessions == NULL || gl.token == NULL) { warn_if_reached (); |