Announcing a new release of p11-kit. This is a stable release (at least
that's the idea :)
The 0.22.x series focuses on remoting PKCS#11. Not all the various
types of remoting are implemented yet, but the basic logic is in place.
These changes occurred over the course of the 0.21.x series, and 0.22.x
releases will have minor bug fixes and stabilization.
What's new in 0.22.x
--------------------
* Add 'remote' option to run a PKCS#11 module in another process or
on another machine.
* Install a new public pkcs11x.h header containing extensions
* Use secure_getenv() where necessary
* Use term 'attached extensions rather than 'stapled extensions'
* Show public-key-info in 'trust list --details'
* Fix racy and deadlock prone use of pthread_atfork()
* Lots of build fixes
Many thanks to everyone who contributed with review, patches and testing :)
Detailed changes between 0.20.x and 0.22.0
------------------------------------------
Baruch Siach (1):
Fix build against older pthreads implementations
Michael Cronenworth (3):
trust: Fix token test when building with MinGW
p11-kit: Fix tests when building with MinGW
common: Move unistd include to define getopt and friends
Roman Bogorodskiy (2):
Fix build without debug
configure: Check for pthread_create() in pthread library
Stef Walter (55):
rpc: Implement PKCS#11 messages/client/server code
Add compatibility fdwalk() function
test: Move some file and directory code into general test stuff
modules: Make config file and module configs overridable by tests
mock: Minor testing tweaks to mock testing
rpc: Implement execution of another tool to transport PKCS#11 RPC
p11-kit: Add 'p11-kit remote' command for isolating modules
p11-kit: Cleanup and add documentation for 'remote' option
p11-kit: Add a new 'isolate' pkcs11 config option
p11-kit: Don't complain about C_Finalize called in wrong process
p11-kit: Tweak last commit, handle the not-forked case
common: Don't do repeated linear reallocation of array memory
po: Add new translations: oc
Release version 0.21.1
common: Allow specifying which tests to run on command line
trust: Parse TRUSTED CERTIFICATE openssl format even without CertA
trust: Fix use of invalid memory in PEM parser
configure.ac: Add subdir-objects to satisfy newer automakes
p11-kit: Fix bad check of asprintf() return value
p11-kit: Fix integer overflow in memset() argument
trust: Remove dead while condition in anchor commond
trust: Fix use after free and double free in extract command
trust: Fix leak in trust list command
trust: Fix unlikely use of uninitialized memory in token loading
trust: Fix leak in token loading error path
Fix mostly erroneous scanner warnings in tests
common: Quiet down clang scanner with assertions
Quiten down scanner warnings about unused variables
p11-kit: Remove use after free in debug output code path
trust: Double check that index bucket is valid before access
trust: Print label of certificate when complaining about basic con
trust: Don't use invalid public keys for looking up stapled extens
Ignore clang scanner litter
p11-kit: Fix various noise/issues highlighted by clang
doc: Fix missing tag in p11-kit-sharing.xml
Fix 'make upload-release' target
common: Fix regression introduced by last commit
Move to non-recursive Makefile for building bins and libs
trust: Produce a proper message for an invalid stapled extension
Release version 0.21.2
trust: Show public-key-info in 'trust list --details'
p11-kit: Make proxy module respect critical = no
p11-kit: Compilation fixes for previous commit
common: Add support for multiple field names (ie: nicks) per cons
common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KE
common: New public pkcs11x.h header containing extensions
trust: Use term 'attached extensions' instead of 'stapled'
Release version 2.21.3
p11-kit: Remove the 'isolated' option for now
common: In tests preserve parent environment for children
common: Use secure_getenv() implementation when setuid
p11-kit: P11_KIT_PRIVATEDIR env var overrides private binary dir
remote: Run separate executable binary for 'p11-kit remote'
p11-kit: Use pthread_atfork() in a safe manner
Release version 0.22.0
Download
--------
http://p11-glue.freedesktop.org/releases/
Cheers,
Stef
_______________________________________________
p11-glue mailing list
p11-glue@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/p11-glue
