ANNOUNCE: p11-kit 0.25.0

Thu Jun 29 12:07:27 UTC 2023

Hello,

We have just released p11-kit-0.25.0. This is a new bug fix and enhancement release.

What's new in 0.25.0
--------------------
  * add PKCS#11 3.0 support [PR#458, PR#461, PR#462, PR#463, PR#464, PR#467, PR#469, PR#470, PR#475, PR#485, PR#486]
  * add support for profile objects [PR#479]
  * add ability to adjust module and config paths at run-time via system environmental exports [PR#442]
  * make terminal output nicer [PR#509, PR#510]
  * p11-kit: add command to print merged configuration [PR#446, PR#489]
  * p11-kit: add commands to list, add and delete profiles of a token [PR#500, PR#503, PR#506]
  * trust: add command to check format of .p11-kit files [PR#476, PR#483]
  * virtual: fix libffi type signatures for PKCS#11 3.0 functions [PR#492]
  * server: fix umask setting when --group is specified [PR#478]
  * server: check SHELL only when neither --sh nor --csh is specified [PR#438]
  * rpc: use space string in C_InitToken [PR#514]
  * rpc: fix two off-by-one errors identified by asan [PR#456]
  * modules: make logging message more translatable [PR#436]
  * pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms [PR#421]
  * pkcs11.h: add IBM specific mechanism and attributes [PR#415]
  * pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms [PR#487]
  * pkcs11.h: add AES-GCM mechanism parameters for message-based encryption [PR#481]
  * po: update translations from Transifex [PR#439]
  * bug and build fixes [PR#412, PR#414, PR#417, PR#418, PR#420, PR#426, PR#427, PR#428, PR#448, PR#451, PR#459, PR#496, PR#505, PR#511, PR#512, PR#513, PR#516, PR#517, PR#524, PR#521]
  * test fixes [PR#424, PR#441, PR#444, PR#443, PR#460, PR#472, PR#474, PR#465, PR#473, PR#487, PR#499, PR#519, PR#525, PR#526]

Detailed changes between 0.24.1 and 0.25.0
------------------------------------------

Daiki Ueno (30)
	meson: revert the p11_system_config_modules pkg-config variable build: 
Use EXEEXT and SHLEXT README.md: Remove status badge for Travis CI which 
is no longer used common/pkcs11x.h: Support CRYPTOKI_GNU for IBM vendor 
mechanisms pkcs11-gnu: Enable testing with <p11-kit/pkcs11x.h> trust: 
Replace deprecated node_asn and ASN1_ARRAY_TYPE macro usagecompat: Fix 
detection of O_BINARY and O_CLOEXEC Silence warnings spotted by 
LGTM.commodules: Make logging message more translatable server: Check 
SHELL only when neither --sh nor --csh is 
specified.github/workflows/test.yaml: Enable CI on macOS rpc: Fix two 
off-by-one errors identified by asan rpc-server: Check pointer value 
returned by proto_read_byte_array Add CodeQL workflow for GitHub code 
scanning proxy: Simplify interface lookup logic proxy: Check requested 
interface version upon GetInterface mock: Export C_GetInterface{,List} 
from the module .github/workflows/test.yaml: Switch to using macOS 12 
image tests: Make test-managed succeed without libffi server: Fix umask 
setting when --group is specified Add AES-GCM mechanism parameters for 
message-based encryption trust: Use the same parser code for parsing and 
checking trust: Lower Cryptoki version from 3.0 to 2.40 pkcs11.h: Add 
ChaCha20/Salsa20 and Poly1305 mechanisms .github/actions: Don't swallow 
error exit code when printing logs virtual: Fix libffi type signatures 
for PKCS#11 3.0 functions .github/workflows: Switch macOS CI to using Meson
libffi: Fix handling of pulCount parameter of C_GetInterfaceList
print: New interface p11_list_printer
client: Support PKCS#11 3.0 winner658(1) fix "trust dump --help" 
displays "usage: trust list"

Ingo Franzki (1)
	Add support for some IBM specific mechanisms supported by OpenCryptoki 
for the RPC protocol

Frederik Boster (1)
	Fix support for epoch time 0 in JKS for reproducibilityBalázs Úr (1) po: 
Update translations from Transifex David Korczynski (1) ci: Add CIFuzz 
workflow Zoltan Fridrich (29) Add command to print merged configuration
po: Add p11-kit/print-config.c to POTFILES.in
Add PKCS #11 3.0 interface
Add PKCS#11 3.0 support to RPC
Add tests for pkcs#11 3.0 proxy module
Add PKCS#11 3.0 support to mock module
Add pkcs#11 3.0 mock modules for testing
Add PKCS#11 3.0 support to log
Add PKCS#11 3.0 support to proxy
Add tests for pkcs#11 3.0
Add support for profile objects
Add trust-check-format utility tool
Document print-config command
Add list-profiles sub-command to p11-kit cmd tool
Add command to delete profiles from a token
Add command to add profiles to a token
Make terminal output nicer
Small format fix in p11-kit/modules.c
Set stdin and stdout to binary mode on Windows
Fix hard-coded TRUST_SO path in trust/frob-multi-init.c
RPC module: use space string in C_InitToken
Make the proxy_module extension in pkg-config .pc file adaptable
Fix bug in base_C_MessageSignFinal
Add test for p11-kit-client.so
Fix CI issues
Fix memory leak inside p11_kit_remote_serve_tokens
Handle both XSI and GNU versions of strerror_r
Suppress memory test warning
Release 0.25.0

Florian Weimer (1)
	Fix meson/configure _Thread_local checks for C99 compatibility Jakub 
Jelen (1) Test improvements (from #374)

Clemens Lang (1)
	build: Fix meson build & tests on macOS timesys-nathan (1) Add in the 
ability to dynamically adjust module and configuration paths at run-time 
via system environmental exports Download -------- 
https://github.com/p11-glue/p11-kit/releases/tag/0.25.0 Regards, -- 
Zoltan Fridrich

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/p11-glue/attachments/20230629/963026da/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x7A75A648B3F9220C.asc
Type: application/pgp-keys
Size: 669 bytes
Desc: OpenPGP public key
URL: <https://lists.freedesktop.org/archives/p11-glue/attachments/20230629/963026da/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/p11-glue/attachments/20230629/963026da/attachment-0001.sig>