| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
This amends eb503f3a1467f21a5ecc9ae84ae23b216afc102f. Instead of
failing C_FindObjectsInit, treat any errors internally and accumulates
the successfully loaded certificates.
Reported by Andrej Kvasnica in:
https://bugzilla.redhat.com/show_bug.cgi?id=1675441
|
| |
|
|
|
|
| |
Those conditions can happen when the trust file is corrupted, so it
makes more sense to treat them as a failure instead of programmer
error.
|
| |
|
|
|
| |
If the trust path is a file, treat parse error as fatal and abort the
C_FindObjectsInit call.
|
| | |
|
| |
|
|
|
|
|
|
| |
The "Default Trust" token is typically mounted as $datadir, which is
considered as read-only on modern OSes.
Suggestd by Kai Engert in:
https://bugzilla.redhat.com/show_bug.cgi?id=1523630
|
| |
|
|
|
|
|
|
| |
Previously p11-kit-trust.so tried to interpret certificate as PEM format
first. This could cause potential conflict if the certificate were
actually in DER format and contained a PEM marker strings.
https://bugs.freedesktop.org/show_bug.cgi?id=92063
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
So that validation/storage logic doesn't kick in if a file was
removed outside of p11-kit trust module.
|
| |
|
|
| |
This allows a token to remove the file if desired
|
| |
|
|
|
| |
This is because the persist format contains PEM, and if the PEM
parser gets it first, then it'll ignore the other non PEM data.
|
| |
|
|
|
| |
There was a bug where we were rewriting the modified object
multiple times.
|
| |
|
|
|
|
| |
As a side effect we can also not use the dirent.d_type field
https://bugs.freedesktop.org/show_bug.cgi?id=68525
|
| |
|
|
|
| |
glibc declares strerror_r completely different if in POSIX or GNU
mode. Nastiness. Stop using _GNU_SOURCE all together.
|
| | |
|
| |
|
|
|
| |
* Add a testing sanity check to see if we're catching errors
* Fix a few other testing issues
|
| |
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=985481
|
| | |
|
| |
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=984989
|
| |
|
|
|
|
|
|
| |
* Create directory before trying to write files to it
* Handle write failures appropriately
Refactor how we build and store objects in the index to handle
the above cases properly.
|
| | |
|
| | |
|
| |
|
|
|
| |
* The objects are written out in the p11-kit persist format
* Parser marks files in p11-kit persist format as modifiable
|
| | |
|
| |
|
|
|
|
| |
The name makes it clearer what's going on. This is only used
during loading, so we can track whether a change has resulted
from the trust module or from the file storage.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Reload token data whenever a new session is opened.
* Only reload files/directories that have changed.
* Move duplicate anchor/blacklist detection logic into
the extract code. This is in line with the approach
being discussed on the mailing lists and spec document.
* New internal attribute CKA_X_ORIGIN set on all objects
so we can track where an object came from, and replace
it when reloaded.
In general this is a prerequisite for modification of objects
reload before modify is necessary to prevent multiple callers
clobbering each other's changes.
|
| |
|
|
|
| |
Correctly set the CKF_TOKEN_WRITE_PROTECTED flag for paths
which we will be able to write to.
|
| |
|
|
|
|
|
|
|
|
| |
Centralize the path handling code, so we can remove unixy assumptions
and have a chance of running on Windows. The current goal is to run
all the tests on Windows.
Includes some code from LRN <lrn1986@gmail.com>
https://bugs.freedesktop.org/show_bug.cgi?id=63062
|
| |
|
|
|
|
|
|
|
|
|
| |
Put library init/uninit code its into their own statically
linked library so that they don't get linked into the p11-kit
executable.
Refactor the message code so that the library initialization can
plug in its per thread message buffer.
https://bugs.freedesktop.org/show_bug.cgi?id=63046
|
| |
|
|
|
|
|
|
| |
If duplicate certificates are present in a token, we warn about this,
and don't really recommend it. However we have predictable behavior
where blacklist is prefered to anchor is preferred to unknown trust.
https://bugs.freedesktop.org/show_bug.cgi?id=62548
|
| |
|
|
|
|
|
|
| |
Try to determine which one is the system trust input token,
and which one is the default token by using datadir and sysconfdir
respectively.
https://bugs.freedesktop.org/show_bug.cgi?id=62534
|
| |
|
|
| |
These should now be loaded from the .p11-kit persist format.
|
| |
|
|
|
|
|
|
|
|
|
| |
The builder completes the objects from the parsed data and takes
over the responsibilities that the parser and adapter previously
shared.
This is necessary to prepare for arbitrary data coming from
the p11-kit specific input files.
https://bugs.freedesktop.org/show_bug.cgi?id=62329
|
| |
|
|
|
|
|
|
|
|
| |
* The index holds PKCS#11 objects whether for the token or for the session.
* The index provides hook for a builder to expand or validate objects
being added to the index.
* In addition theres a change hook so that a builder can maintain state
between objects, such as the compat NSS trust objects.
https://bugs.freedesktop.org/show_bug.cgi?id=62329
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Each source directory or file configured into the module or passed
in as an initialization argument becomes its own token.
Previously there was one token that contained certificates from
all the configured paths.
* These tokens are clearly labeled in the token info as
to the directory or file that they represent.
* Update PKCS#11 module logic to deal with multiple tokens, validate
the slot ids and so on.
* The order in which the paths are configured will become the
order of trust priority. This is the same order in which they
are listed through 'p11-kit list-modules' and C_GetSlotList.
* Update the frob-token internal tool to only play with one path
* Adjust tests where necessary to reflect the new state of things
and add tests for modified trust module code
https://bugs.freedesktop.org/show_bug.cgi?id=61499
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Accept a single --with-trust-paths argument to ./configure
which cotnains all the input paths.
* The --with-system-anchors and --with-system-certificates
./configure arguments are no longer supported. Since they were
only present briefly, no provision is made for backwards
compatibility.
* Each input file is treated as containing anchors by default
unless an input certificate contains detailed trust information.
* The files in each input directory are not automatically treated
as anchors unless a certificate contains detailed trust information.
* The files in anchors/ subdirectory of each input directory are
automatically marked as anchors.
* The files in the blacklist/ subdirectory of each input directory
are automatically marked as blacklisted.
* Update tests and move around test certificates so we can
test these changes.
https://bugs.freedesktop.org/show_bug.cgi?id=62327
|
| |
|
|
|
| |
NSS had subtly changed the values of the distrust CK_TRUST codes
so update them to stay in sync.
|
| |
|
|
|
| |
This is because we have no way to load this data into the trust module.
Working on a real solution.
|
| | |
|
| | |
|
| |
|
|
| |
This tells NSS that this is a source of anchors.
|
|
|
This is based off the roots-store from gnome-keyring and loads
certificates from a root directory and exposes them as PKCS#11
objects.
|
