ANNOUNCE: p11-kit 0.19.4

Stef Walter stefw at
Thu Aug 29 03:34:13 PDT 2013

This is an unstable development release.

Of note, is that the file for customizing compatibility bundle trust
extraction has moved from $(libdir)/p11-kit/p11-kit-extract-trust to

This is inline with the commands available in the 'trust' tool.

What's new in 0.19.4

 * 'trust anchor' now adds/removes certificate anchors
 * 'trust list' lists trust policy stuff
 * 'p11-kit extract' is now 'trust extract'
 * 'p11-kit extract-trust' is now 'trust extract-compat'
 * Workarounds for working on broken [#68525]
 * Add --with-module-config parameter to the configure script [#68122]
 * Add support for removing stored PKCS#11 objects in trust module
 * Various debugging tweaks

Detailed changes between 0.19.3 and 0.19.4

Alon Bar-Lev (1):
      do not assume dead code existence in autoconf checks

Michael Cronenworth (1):
      test-compat calls test_getauxval which is in a UNIX defined block

Pascal Ernster (1):
      Add --with-module-config parameter to the configure script

Stef Walter (23):
      trust: Add test tool for creating BasicConstraints
      compat: Check return value of mmap() properly
      Avoid multiple stat() calls for same file
      p11-kit: Rename list.c to lists.c to simplify debugging
      debug: Add missing 'tool' flag to debug flags
      debug: Allow debug lines longer than 512 characters
      tool: Only include debug lines marked 'tool' when --verbose
      iter: Add new P11_KIT_ITER_WANT_WRITABLE iterator behavior
      iter: Add p11_kit_iter_get_token() call
      iter: Add p11_kit_iter_set_uri() function
      iter: Add a p11_kit_iter_destroy_object() function
      Add p11-kit style typedefs for iter and uri
      trust: Correctly rewrite other objects in a modifiable persist fil
      trust: Prefer parsing the persist format to PEM
      trust: Add index callback for when an object is removed
      trust: Do reload object removals inside a loading block
      trust: Refactor enumeration of certificates to extract
      trust: Add support for removing trust token objects
      trust: Add a list command to the trust tool
      trust: Add 'trust anchor --remove' command
      trust: Document the new command line trust tool
      Route 'p11-kit extract-trust' over to trust tool
      Release version 0.19.4




More information about the p11-glue mailing list