ANNOUNCE: p11-kit 0.23.4
Daiki Ueno
dueno at redhat.com
Wed Feb 22 10:09:05 UTC 2017
This is a development release.
What's new in 0.23.4
--------------------
* Recognize query attributes defined in PKCS#11 URI (RFC7512) [PR#31,
PR#37, PR#52]
* The trust policy module now recognizes CKA_NSS_MOZILLA_CA_POLICY
attribute, used by Firefox [#99453, PR#46]
* Add 'trust dump' command to dump all PKCS#11 objects in the
persistence format [PR#44]
* New experimental 'p11-kit server' command that allows PKCS#11
forwarding through a Unix domain socket. A client-side module
p11-kit-client.so is also provided [PR#15]
* Add systemd unit files for exporting the proxy module through a
Unix domain socket [PR#35]
* New P11KitIter API to iterate over slots, tokens, and modules in
addition to objects [PR#28]
* libffi dependency is now optional [PR#9]
* Build fixes for FreeBSD, macOS, and Windows [PR#32, PR#39, PR#45]
Detailed changes between 0.23.3 and 0.23.4
------------------------------------------
Daiki Ueno (34):
uri: Avoid typecasting confusion on s390x
uri: Support query attributes to specify module
travis: Enable strict code compilation
maint: Add .dir-locals.el file for Emacs
build: Make libffi closure optional
test: Release transport mock module
virtual: Make virtual-fixed internal API cleaner
uri: Relax pin-* parsing for compatibility
iter: Enable iteration over slots/tokens/modules
filter: New virtual wrapper for access control
trust: Revert to the original 'extract' behavior
virtual: Move mutex into p11_library_init()
library: Deinit p11_virtual_mutex
compat: Fix character generation in mk{s,d}temp()
argv: Fix misinterpretation of backslash in quotes
build: Check *asprintf on all platforms
build: Include <unistd.h> for execv
build: Avoid undefined reference to rpc_exec_init
build: Adjust executable/module names for Windows
rpc: Port exec transport to Windows
test: Fix Windows test case for p11_path_expand
trust: Fix saving trust file on Windows
test: Fix modules test for Windows
library: Initialize p11_virtual_mutex for Windows
trust: Fix uninitialized value in anchor command
travis: Enable mingw64 cross build
common: Add path encoding functions
remote, server: Recognize PKCS#11 URI
remote: Add API to serve a token
rpc: Add PKCS#11 module that connects to socket
trust: Honor "modifiable" setting in persist file
rpc: Make it less verbose about connection failure
uri: Support vendor query attributes
Release 0.23.4
Kai Engert (2):
Support loading new NSS attribute CKA_NSS_MOZILLA_CA_POLICY from .p11-kit files. See also NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=1334976 and p11-kit bug https://bugs.freedesktop.org/show_bug.cgi?id=99453
Fix a typo in "x-cetrificate-value", see also https://bugs.freedesktop.org/show_bug.cgi?id=99600
Lubomir Rintel (4):
uri: fix the query attribute parsing
uri: fix producing the query attributes
common: use recursive pthread mutex for library lock
systemd: add per-user remoting socket
Mantas Mikulėnas (1):
rpc: Try $XDG_CACHE_HOME before ~/.cache
Nikos Mavrogiannopoulos (4):
test: Check exhaustion of fixed closures
rpc: New rpc_unix transport based on Unix socket
common: New p11_get_upeer_id() function
p11-kit: Add 'p11-kit server' command
Roman Bogorodskiy (2):
build: improve p11-kit-proxy symlink handling
Fix compiler warnings on FreeBSD
Stef Walter (5):
trust: Load all attributes for each object when enumerating
trust: Make extraction and correlation of certificate info optional
trust: Add an "all" filter option for trust commands
trust: Don't encode spaces when writing .p11-kit format
trust: Implement a 'trust dump' command
Download
--------
https://github.com/p11-glue/p11-kit/releases/tag/0.23.4
Regards,
--
Daiki Ueno
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/p11-glue/attachments/20170222/ebfa4755/attachment.sig>
More information about the p11-glue
mailing list