[gnome-keyring: 1/2] [gcr] Remove support for pkcs11-options file.
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring: 1/2] [gcr] Remove support for pkcs11-options file.
- Date: Tue, 1 Mar 2011 09:22:42 +0000 (UTC)
commit 9ba7ec409f6ef2ae10e295e5dd168e216133c7f8
Author: Stef Walter <stefw collabora co uk>
Date: Mon Feb 28 15:21:07 2011 +0100
[gcr] Remove support for pkcs11-options file.
In the next release we should be integrating with p11-kit which will
contain support for proper configuration of PKCS#11 modules. So for
this release we hard code the modules we'd like to use.
gcr/Makefile.am | 9 -------
gcr/gcr-library.c | 44 ++++++++---------------------------
gcr/pkcs11-options.defaults | 13 ----------
gcr/tests/Makefile.am | 1 -
gcr/tests/test-certificate-chain.c | 3 --
gcr/tests/test-certificate.c | 3 --
gcr/tests/test-pkcs11-certificate.c | 3 --
gcr/tests/test-simple-certificate.c | 3 --
gcr/tests/test-trust.c | 3 --
gcr/tests/unit-test-parser.c | 3 --
10 files changed, 10 insertions(+), 75 deletions(-)
---
diff --git a/gcr/Makefile.am b/gcr/Makefile.am
index 68aa8c7..264ac8a 100644
--- a/gcr/Makefile.am
+++ b/gcr/Makefile.am
@@ -21,14 +21,6 @@ ui_DATA = \
gcr-unlock-options-widget.ui
# ------------------------------------------------------------------
-# CONFIG
-
-confdir = $(sysconfdir)/pkcs11
-
-conf_DATA = \
- pkcs11-options.defaults
-
-# ------------------------------------------------------------------
# HEADERS
incdir = $(includedir)/gcr GCR_VERSION_SUFFIX@/gcr
@@ -95,7 +87,6 @@ libgcr GCR_VERSION_SUFFIX@_la_SOURCES = \
$(BUILT_SOURCES)
libgcr GCR_VERSION_SUFFIX@_la_CFLAGS = \
- -DPKCS11_CONFIG_DIR=\""$(confdir)"\" \
-DGCK_API_SUBJECT_TO_CHANGE \
-DGCR_API_SUBJECT_TO_CHANGE \
-DGCR_COMPILATION \
diff --git a/gcr/gcr-library.c b/gcr/gcr-library.c
index 3619987..6ec7fe3 100644
--- a/gcr/gcr-library.c
+++ b/gcr/gcr-library.c
@@ -57,7 +57,6 @@
*/
static GList *all_modules = NULL;
-static const gchar *config_dir = PKCS11_CONFIG_DIR;
static gchar *trust_store_uri = NULL;
static gchar **trust_lookup_uris = NULL;
@@ -157,9 +156,6 @@ void
_gcr_initialize (void)
{
static volatile gsize gcr_initialized = 0;
- GError *error = NULL;
- GKeyFile *key_file;
- gchar *value, *path;
/* Initialize the libgcrypt library if needed */
egg_libgcrypt_initialize ();
@@ -167,43 +163,23 @@ _gcr_initialize (void)
if (g_once_init_enter (&gcr_initialized)) {
all_modules = gck_modules_initialize_registered (0);
- key_file = g_key_file_new ();
-
- /* Load the defaults */
- path = g_build_filename (config_dir, "pkcs11-options.defaults", NULL);
- if (!g_key_file_load_from_file (key_file, path, G_KEY_FILE_NONE, &error)) {
- g_warning ("couldn't parse %s file: %s", path, egg_error_message (error));
- g_clear_error (&error);
- }
- g_free (path);
-
- /* Load any overrides */
- path = g_build_filename (config_dir, "pkcs11-options.conf", NULL);
- if (g_file_test (path, G_FILE_TEST_EXISTS) &&
- !g_key_file_load_from_file (key_file, path, G_KEY_FILE_NONE, &error)) {
- g_warning ("couldn't parse %s file: %s", path, egg_error_message (error));
- g_clear_error (&error);
- }
- g_free (path);
-
- trust_store_uri = g_key_file_get_string (key_file, "trust-assertions", "storage", NULL);
+ /*
+ * Soon we're going to have support for using a configuration of
+ * PKCS#11 modules using p11-kit. But for this release this is
+ * hard coded.
+ */
- value = g_key_file_get_string (key_file, "trust-assertions", "lookups", NULL);
- trust_lookup_uris = g_strsplit_set (value ? value : "", " \t", -1);
- g_free (value);
+ trust_store_uri = g_strdup ("pkcs11:library-manufacturer=Gnome%20Keyring;serial=1:XDG:DEFAULT");
- g_key_file_free (key_file);
+ trust_lookup_uris = g_new0 (gchar*, 3);
+ trust_lookup_uris[0] = g_strdup ("pkcs11:library-manufacturer=Gnome%20Keyring;serial=1:ROOTS:DEFAULT");
+ trust_lookup_uris[1] = g_strdup ("pkcs11:library-manufacturer=Gnome%20Keyring;serial=1:XDG:DEFAULT");
+ trust_lookup_uris[2] = NULL;
g_once_init_leave (&gcr_initialized, 1);
}
}
-void
-_gcr_set_pkcs11_config_dir (const gchar *dir)
-{
- config_dir = dir;
-}
-
/**
* gcr_pkcs11_get_modules:
*
diff --git a/gcr/tests/Makefile.am b/gcr/tests/Makefile.am
index bfea68e..fab95d8 100644
--- a/gcr/tests/Makefile.am
+++ b/gcr/tests/Makefile.am
@@ -15,7 +15,6 @@ TESTING_LIBS = \
$(top_builddir)/gck/libgck.la
TESTING_FLAGS = \
- -DTEST_CONFIG_DIR=\""$(srcdir)/.."\" \
-DGCR_API_SUBJECT_TO_CHANGE \
-DGCK_API_SUBJECT_TO_CHANGE
diff --git a/gcr/tests/test-certificate-chain.c b/gcr/tests/test-certificate-chain.c
index 2cb5318..92284ec 100644
--- a/gcr/tests/test-certificate-chain.c
+++ b/gcr/tests/test-certificate-chain.c
@@ -110,9 +110,6 @@ TESTING_SETUP (certificate_chain)
CK_RV rv;
GckModule *module;
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
rv = gck_mock_C_GetFunctionList (&f);
gck_assert_cmprv (rv, ==, CKR_OK);
memcpy (&funcs, f, sizeof (funcs));
diff --git a/gcr/tests/test-certificate.c b/gcr/tests/test-certificate.c
index 28be047..ec84c2f 100644
--- a/gcr/tests/test-certificate.c
+++ b/gcr/tests/test-certificate.c
@@ -18,9 +18,6 @@ TESTING_SETUP(certificate)
guchar *contents;
gsize n_contents;
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
contents = testing_data_read ("der-certificate.crt", &n_contents);
certificate = gcr_simple_certificate_new (contents, n_contents);
g_assert (certificate);
diff --git a/gcr/tests/test-pkcs11-certificate.c b/gcr/tests/test-pkcs11-certificate.c
index 91a6d9e..beb0bd4 100644
--- a/gcr/tests/test-pkcs11-certificate.c
+++ b/gcr/tests/test-pkcs11-certificate.c
@@ -54,9 +54,6 @@ TESTING_SETUP (pkcs11_certificate)
GNode *asn, *node;
CK_RV rv;
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
cert_data = testing_data_read ("der-certificate.crt", &n_cert_data);
g_assert (cert_data);
diff --git a/gcr/tests/test-simple-certificate.c b/gcr/tests/test-simple-certificate.c
index 2ef7a96..3bc18dd 100644
--- a/gcr/tests/test-simple-certificate.c
+++ b/gcr/tests/test-simple-certificate.c
@@ -38,9 +38,6 @@ static gsize n_cert_data;
TESTING_SETUP (simple_certificate)
{
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
cert_data = testing_data_read ("der-certificate.crt", &n_cert_data);
g_assert (cert_data);
}
diff --git a/gcr/tests/test-trust.c b/gcr/tests/test-trust.c
index c74cd5f..545fce0 100644
--- a/gcr/tests/test-trust.c
+++ b/gcr/tests/test-trust.c
@@ -49,9 +49,6 @@ TESTING_SETUP (trust_setup)
gsize len;
CK_RV rv;
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
contents = testing_data_read ("der-certificate.crt", &len);
g_assert (contents);
diff --git a/gcr/tests/unit-test-parser.c b/gcr/tests/unit-test-parser.c
index e06cb52..b8bfd88 100644
--- a/gcr/tests/unit-test-parser.c
+++ b/gcr/tests/unit-test-parser.c
@@ -94,9 +94,6 @@ authenticate (GcrParser *par, gint state, gpointer user_data)
TESTING_SETUP(parser)
{
- /* Look for the config in the build directory */
- _gcr_set_pkcs11_config_dir (TEST_CONFIG_DIR);
-
parser = gcr_parser_new ();
g_signal_connect (parser, "parsed", G_CALLBACK (parsed_item), parser);
g_signal_connect (parser, "authenticate", G_CALLBACK (authenticate), parser);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
