trust paths on W32
Stef Walter
stefw at redhat.com
Wed Apr 3 03:51:56 PDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02.04.2013 23:44, LRN wrote:
> On 02.04.2013 23:49, Stef Walter wrote:
>> Thanks for digging into the issue.
>
>> Looking forward to hearing how it goes (on a newly filed
>> bugzilla bug if possible).
> Done.
I also filed a new bug about the path handling. Thanks for your review
and testing.
> Also, completely unrelated: what should i pass on
> --with-trust-paths? HTML docs speak of a pkg-config invocation that
> shows trust path, but that variable is not in the .pc file.
> TRUST_PATHS is used at runtime only once, in module.c, so it must
> be a string constant. Since it's parsed, it should have appropriate
> path separators (now that different separators are used). The thing
> is, they shouldn't be hard-coded absolute paths on W32, yet i'm not
> sure the code has a concept of runtime prefix. And the value that
> pkg-config should return should be completely different, i.e.
> ${prefix}/foo/bar (like that, verbatim; pkg-config will substitute
> ${prefix} at runtime).
Well I'm not sure the trust module is really what we want on Windows,
to be honest. Instead we should be using the central CAPI certificate
store.
In order for programs/libraries and so on not to each have both
PKCS#11 code and CAPI code, I should dust off the p11-capi module, and
make it compatible with (and good win32 replacement for) the trust module.
http://thewalter.net/git/cgit.cgi/p11-capi/
Cheers,
Stef
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlFcCcsACgkQe/sRCNknZa/XagCg2P4BMfa4WvXrCn5AgTUKKZID
/f8AnjnmT2QgOgsQgobXiCk61sOkMY9Y
=Z2Bb
-----END PGP SIGNATURE-----
More information about the p11-glue
mailing list