# Generate automatically. Do not edit.

commit 0dd113361057e477f40ff4d8788f3e7e400af5f9
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-07-04

    Release 0.25.5
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 NEWS         | 5 +++++
 configure.ac | 4 ++--
 meson.build  | 4 ++--
 3 files changed, 9 insertions(+), 4 deletions(-)

commit fc0ed91facddc95c475ee31afef7400300d12367
Author: Jan Alexander Steffens (heftig) <heftig@archlinux.org>
Date:   2024-07-02

    iter: Fix recursive attribute loading
    
    Fixes: https://github.com/p11-glue/p11-kit/issues/641
    Signed-off-by: Jan Alexander Steffens (heftig) <heftig@archlinux.org>

 p11-kit/iter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 694d5cbc89541090664dfb5a43123c123f63b80d
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-07-04

    Add include for stdint.h to common/hex.c
    
    Co-authored-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/hex.c | 1 +
 1 file changed, 1 insertion(+)

commit 94ef36f5a98d977a4bba69312a413f208b7d4664
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-07-04

    Update pkcs11-json submodule
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 subprojects/pkcs11-json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit d9449ee55be7adf4666720dd7c1957b44960159b
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-07-01

    Release 0.25.4
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 NEWS         | 10 ++++++++++
 configure.ac |  8 ++++----
 meson.build  |  8 ++++----
 3 files changed, 18 insertions(+), 8 deletions(-)

commit c203931e32040f2ffb41461f3e3a5ebf3829ef63
Author: Rosen Penev <rosenp@gmail.com>
Date:   2024-06-28

    fix format warning with 32-bit platforms on musl
    
    musl uses 64-bit time_t, even on 32-bit platforms. Cast to avoid the warning.

 p11-kit/server.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

commit e4cf0375cb70cd0993e3bc5049acf4b495b812c6
Author: Daiki Ueno <ueno@gnu.org>
Date:   2024-05-07

    Add function to check run-time version of the library
    
    This adds p11_kit_check_version function, which can be used to check
    the run-time version of p11-kit.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 Makefile.am            |  1 +
 p11-kit/test-version.c | 16 ++++++++++++++--
 p11-kit/util.c         | 19 +++++++++++++++++++
 p11-kit/version.h.in   |  2 ++
 4 files changed, 36 insertions(+), 2 deletions(-)

commit 652927da18abecedf3ab21728252ec73e8214174
Author: Daiki Ueno <ueno@gnu.org>
Date:   2024-04-26

    p11-kit: Expose version information through macros
    
    This provides P11_KIT_VERSION_{MAJOR,MINOR,MICRO} from the
    <p11-kit/version.h> header, along with a helper macro
    P11_KIT_CHECK_VERSION(major, minor, micro) for checking the version
    requirement with `#if` directive.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 .gitignore             |  1 +
 configure.ac           | 20 +++++++++----
 meson.build            |  1 +
 p11-kit/Makefile.am    |  4 +++
 p11-kit/meson.build    | 14 +++++++--
 p11-kit/test-version.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++
 p11-kit/version.h.in   | 58 +++++++++++++++++++++++++++++++++++++
 7 files changed, 169 insertions(+), 7 deletions(-)

commit 8832556a467f65b24d51fda14ea42a42d406c406
Author: Daiki Ueno <ueno@gnu.org>
Date:   2024-04-27

    common: Make libp11-asn1.a depend on libtasn1
    
    This fixes build on systems where <libtasn1.h> is installed in a
    non-standard path.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 common/meson.build | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 99611af151c8934f628a11a93a54410fc237d9e9
Author: Daiki Ueno <ueno@gnu.org>
Date:   2024-04-27

    ci: Bump GitHub actions requirements
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 .github/workflows/build-image.yml |  2 +-
 .github/workflows/codeql.yml      |  6 +++---
 .github/workflows/test.yaml       | 22 +++++++++++-----------
 3 files changed, 15 insertions(+), 15 deletions(-)

commit aeb0324ffcfb890fb009cfbeb7b531d67cd6c108
Author: Daiki Ueno <ueno@gnu.org>
Date:   2024-04-27

    ci: Switch to macos-latest
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 .github/workflows/test.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit f180636c8f812ccfd9ae149431dab74f734abf5c
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-21

    Fix division by zero in proto_read_attribute_buffer_array
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/rpc-server.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

commit 1195177e20222774de800bbeafa97e3ef291c72d
Author: Jakub Jelen <jjelen@redhat.com>
Date:   2024-03-12

    log: Avoid buffer overflow
    
    There was attempt to fix this in bb3a3cb1, but it fixed only the case
    when this value was actually provided by the token. When the token does
    not support clock, it would print behind the "" buffer, causing random
    constant string to be printed instead of the actual value, for example
    
            utcTime: ../common/attrs
    
    This simplifies the long line for readability and prints additional
    information about this value being unsupported by the token.
    
    Signed-off-by: Jakub Jelen <jjelen@redhat.com>

 p11-kit/log.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

commit 74af78c83e91fb67dce5403a893e6bc133fbc985
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-20

    Fix the test badge in README
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 README.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

commit c7f12e2eae087c75891cb734875a61e7456e6811
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-18

    rpc: remove length assert in proto_read_attribute_buffer_array
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/rpc-server.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

commit f53bdc2c941aae47d592b0376de9a4bc442ec3d2
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-14

    rpc: check value length before reading the value
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/rpc-message.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

commit ebfc19c741c7399c2bd48133d3bdf2c70a7b5b0e
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-07

    Add more tests for recursive attributes
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/test-attrs.c | 389 +++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 382 insertions(+), 7 deletions(-)

commit 6529b540ce16cab9a589004152e3c1d1c05d200f
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-02-19

    rpc: add support for recursive attributes
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/attrs.c        |   4 +-
 common/mock.c         |  72 +++++++++++++++++--
 common/persist.c      |   6 ++
 p11-kit/iter.c        |  58 ++++++++++++++-
 p11-kit/rpc-client.c  |   7 +-
 p11-kit/rpc-message.c | 193 ++++++++++++++++++++++++++++++++++++--------------
 p11-kit/rpc-message.h |  12 +++-
 p11-kit/rpc-server.c  |  75 ++++++++------------
 p11-kit/test-mock.c   | 131 ++++++++++++++++++++++++++++++++++
 9 files changed, 446 insertions(+), 112 deletions(-)

commit 935e28520b7bf00b4fc9b129e75ef6a7372cee25
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-03-04

    Fix some compiler warnings
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/compat.c      | 2 +-
 p11-kit/rpc-client.c | 9 +++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

commit e8abb00776163e1179ca7257d8bb137857b5eeac
Author: S-P Chan <shihping.chan@gmail.com>
Date:   2024-02-22

    Fallback if C_GetInterface returns 0x54
    
    Addresses #621
    
    Signed-off-by: S-P Chan <shihping.chan@gmail.com>

 p11-kit/modules.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

commit 775640465d460e7be262f375830f2617917ffbbb
Author: Kai Kang <kai.kang@windriver.com>
Date:   2024-01-22

    common/meson.build: fix required headers missing failure
    
    It fails occasionally with missing generated header files:
    
    | ../git/common/asn1.c:42:10: fatal error: openssl.asn.h: No such file or directory
    |    42 | #include "openssl.asn.h"
    |       |          ^~~~~~~~~~~~~~~
    | compilation terminated.
    
    According to meson manual page:
    
    https://mesonbuild.com/Wrap-best-practices-and-tips.html#declare-generated-headers-explicitly
    
    'asn_h_dep' should be a dependency of static_library target 'libp11_asn1'
    to make sure that required header files generated before compile
    common/asn1.c.
    
    Signed-off-by: Kai Kang <kai.kang@windriver.com>

 common/meson.build | 1 +
 1 file changed, 1 insertion(+)

commit 90bc380385fe2d0c79d1853c7607607e932aeddd
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-01-10

    Fix a bug where eddsa mechanism isnt recognized in generate-keypair
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 doc/manual/p11-kit.xml           |  2 +-
 p11-kit/generate-keypair.c       |  3 +--
 p11-kit/test-generate-keypair.sh | 10 +++++-----
 3 files changed, 7 insertions(+), 8 deletions(-)

commit 2db1b489d6dcef0530109f30908f16e24c093ba6
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-01-05

    Add option to specify CKA_ID in generate-keypair and import-object
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/Makefile.am            |   4 ++
 common/hex.c                  |  65 +++++++++++++++++++++++-
 common/hex.h                  |   9 +++-
 common/meson.build            |   1 +
 common/test-hex.c             | 114 ++++++++++++++++++++++++++++++++++++++++++
 common/test.h                 |   8 +++
 doc/manual/p11-kit.xml        |  12 ++++-
 p11-kit/generate-keypair.c    |  46 +++++++++++++++--
 p11-kit/import-object.c       |  73 ++++++++++++++++++++++++---
 p11-kit/test-import-public.sh |  12 ++---
 10 files changed, 322 insertions(+), 22 deletions(-)

commit 3fb878a020ea2a178e03165699a5a592fa99dd50
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2024-01-09

    Rename "template" parameters in iter.h
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/iter.c | 38 +++++++++++++++++++-------------------
 p11-kit/iter.h |  4 ++--
 2 files changed, 21 insertions(+), 21 deletions(-)

commit 304db3551edd35c1eb5e067aee783d1a028a2a88
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-28

    p11-kit tool: Support --provider option
    
    This adds --provider option to p11-kit subcommands which loads PKCS#11
    modules.  The option would be useful for testing a specific module
    without installing it on the system.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 doc/manual/p11-kit.xml      | 63 +++++++++++++++++++++++++++++++++++++++++++++
 p11-kit/add-profile.c       | 13 ++++++++++
 p11-kit/delete-object.c     | 13 ++++++++++
 p11-kit/delete-profile.c    | 13 ++++++++++
 p11-kit/export-object.c     | 12 +++++++++
 p11-kit/generate-keypair.c  | 13 ++++++++++
 p11-kit/import-object.c     | 12 +++++++++
 p11-kit/list-mechanisms.c   | 13 ++++++++++
 p11-kit/list-objects.c      | 13 ++++++++++
 p11-kit/list-profiles.c     | 14 ++++++++++
 p11-kit/list-tokens.c       | 13 ++++++++++
 p11-kit/test-list-tokens.sh | 29 ++++++++++++++++++++-
 p11-kit/tool.c              | 41 ++++++++++++++++++++++++++++-
 p11-kit/tool.h              |  3 +++
 14 files changed, 263 insertions(+), 2 deletions(-)

commit 84e50bb3331e3a40706e16546b836b7669ec62bd
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-30

    doc: Make option requirement clear for p11-kit subcommands
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 doc/manual/p11-kit.xml | 114 +++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 96 insertions(+), 18 deletions(-)

commit 6fa1c8708c93cf5148247f0c7a2da3bc06a6f4eb
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-31

    doc: Fix DocBook validation errors
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 doc/manual/p11-kit.xml | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

commit 231726f8bd1b0a421226ebe984bbaab9915bbb6d
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-28

    p11-kit tool: Factor out common logic
    
    This moves the common module loading and iteration logic to
    p11-kit/tool.c to avoid code duplication.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 common/meson.build         |   4 +-
 p11-kit/Makefile.am        |   2 +
 p11-kit/add-profile.c      |  72 ++++++---------------
 p11-kit/delete-object.c    |  73 +++++++--------------
 p11-kit/delete-profile.c   |  72 ++++++---------------
 p11-kit/export-object.c    |  73 +++++++--------------
 p11-kit/generate-keypair.c |  77 +++++++---------------
 p11-kit/import-object.c    |  76 +++++++---------------
 p11-kit/list-mechanisms.c  |  53 +++++++--------
 p11-kit/list-objects.c     |  80 +++++++----------------
 p11-kit/list-profiles.c    |  73 +++++++--------------
 p11-kit/list-tokens.c      |  60 +++++++----------
 p11-kit/meson.build        |   3 +-
 p11-kit/tool.c             | 158 +++++++++++++++++++++++++++++++++++++++++++++
 p11-kit/tool.h             |  59 +++++++++++++++++
 15 files changed, 451 insertions(+), 484 deletions(-)

commit a50af66e4edf800327eaf5ddb8968616aeadbbd6
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-28

    common: Rename tool.h to options.h
    
    As the interface provided by tool.h is sorely for command-line option
    parsing, options.h would be a better name.  This also allows
    consumers (the p11-kit and trust commands) to factor out shared
    utilities under the name of p11-kit/tool.[ch] or trust/tool.[ch].
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 common/Makefile.am           | 2 +-
 common/meson.build           | 2 +-
 common/{tool.c => options.c} | 2 +-
 common/{tool.h => options.h} | 6 +++---
 p11-kit/add-profile.c        | 2 +-
 p11-kit/delete-object.c      | 2 +-
 p11-kit/delete-profile.c     | 2 +-
 p11-kit/export-object.c      | 2 +-
 p11-kit/generate-keypair.c   | 2 +-
 p11-kit/import-object.c      | 2 +-
 p11-kit/list-mechanisms.c    | 2 +-
 p11-kit/list-objects.c       | 2 +-
 p11-kit/list-profiles.c      | 2 +-
 p11-kit/list-tokens.c        | 2 +-
 p11-kit/lists.c              | 2 +-
 p11-kit/p11-kit.c            | 2 +-
 p11-kit/print-config.c       | 2 +-
 p11-kit/remote.c             | 2 +-
 p11-kit/server.c             | 2 +-
 po/POTFILES.in               | 2 +-
 subprojects/pkcs11-json      | 2 +-
 trust/anchor.c               | 2 +-
 trust/check-format.c         | 2 +-
 trust/dump.c                 | 2 +-
 trust/extract.c              | 2 +-
 trust/list.c                 | 2 +-
 trust/trust.c                | 2 +-
 27 files changed, 29 insertions(+), 29 deletions(-)

commit 81715a26a36599562793f5fe103b6bee1a141fdb
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-23

    add missing check for strnstr() to meson build
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 meson.build | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

commit 2057776b2d44cbdf144afba7c41c07aa08428bca
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-27

    Disable getauxval() on !linux systems for meson build, too
    
    See http://bugs.debian.org/718285
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 meson.build | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

commit a1ea579ee7d70ab51a8684dd146967fc3d8c2762
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-22

    Do not use getauxval() on !linux systems
    
    See http://bugs.debian.org/718285
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 common/compat.c         |  4 ++--
 common/compat.h         |  3 ++-
 common/frob-getauxval.c |  2 +-
 common/path.c           |  2 +-
 configure.ac            | 12 +++++++++++-
 p11-kit/conf.c          |  2 +-
 p11-kit/frob-setuid.c   |  2 +-
 7 files changed, 19 insertions(+), 8 deletions(-)

commit 59a5a17134fb6622d5e39146e0c9e4d546a663ad
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-26

    use libbsd-overlay on GNU/hurd and kfreebsd for meson build
    
    https://bugs.debian.org/995049
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 common/meson.build |  2 +-
 meson.build        | 12 ++++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

commit ee287e25a1a6c93daf9c39dbb6b548ea61232724
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-17

    use libbsd-overlay on GNU/hurd and kfreebsd.
    
    https://bugs.debian.org/995049
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 configure.ac | 9 +++++++++
 1 file changed, 9 insertions(+)

commit aa8a52e4037dced85657ac58ffd3fff5b2530347
Author: Andreas Metzler <ametzler@bebt.de>
Date:   2023-12-17

    Disable __libc_enable_secure usage on Hurd
    
    __libc_enable_secure is not set as 1 when executing something as sgid
    and the differet gid is still part of the user's own groups. See also:
    - http://lists.gnu.org/archive/html/bug-hurd/2015-06/msg00051.html
    - http://lists.gnu.org/archive/html/bug-hurd/2015-07/msg00000.html
    
    Originally contributed to Debian by Pino Toscano <toscano.pino@tiscali.it>
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

 common/compat.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 3f6233d70ed81fdbc81b9bff345ea90ec2496b3b
Author: MaxHearnden <maxoscarhearnden@gmail.com>
Date:   2023-11-15

    Add the flags required for libtasn1 to libp11-asn1.la
    
    These were not copied when libp11-asn1.la was seperated from
    libtrust-data.la as part of d8cc241187775e18de86caf446e9160299e6f157

 common/Makefile.am | 4 ++++
 1 file changed, 4 insertions(+)

commit d49c92c8420db6ee4c88515bdb014f68f4d471d9
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-12-02

    import-object: Avoid integer truncation on 32-bit platforms
    
    The build fails when compiling for 32-bit platforms with
    -Werror=incompatible-pointer-types:
    
      CFLAGS="-m32 -march=i686 -Werror=incompatible-pointer-types -Werror=implicit -Werror=int-conversion" setarch i686 -- meson setup _build
      setarch i686 -- meson compile -C _build -v
      ...
    
      ../p11-kit/import-object.c: In function ‘add_attrs_pubkey_rsa’:
      ../p11-kit/import-object.c:223:62: error: passing argument 3 of ‘p11_asn1_read’ from incompatible pointer type [-Werror=incompatible-pointer-types]
        223 |         attr_modulus.pValue = p11_asn1_read (asn, "modulus", &attr_modulus.ulValueLen);
            |                                                              ^~~~~~~~~~~~~~~~~~~~~~~~
            |                                                              |
            |                                                              long unsigned int *
    
    Reported by Sam James in:
    https://github.com/p11-glue/p11-kit/issues/608
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/import-object.c | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

commit 58cd1c05e001a4fe250c15f3599e79974bc509e3
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-11-16

    Fix issues found by static analysis
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/frob-getprogname.c  |  4 ++--
 common/test.c              |  4 +---
 p11-kit/generate-keypair.c | 25 +++++++++----------------
 p11-kit/import-object.c    | 22 +++++-----------------
 p11-kit/lists.c            |  1 +
 p11-kit/print-config.c     |  4 +++-
 p11-kit/rpc-client.c       |  6 ++++--
 p11-kit/test-uri.c         |  4 ++--
 trust/test-trust.c         |  2 +-
 9 files changed, 28 insertions(+), 44 deletions(-)

commit 8e46359a68deab9112a1e262d5384986ce87b5d8
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-11-16

    Fix usage message in p11-kit list-tokens command
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/list-tokens.c       | 2 +-
 p11-kit/test-list-tokens.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

commit 917e02a3211dabbdea4b079cb598581dce84fda1
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-11-15

    Release 0.25.3
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 NEWS         | 4 ++++
 configure.ac | 4 ++--
 meson.build  | 4 ++--
 3 files changed, 8 insertions(+), 4 deletions(-)

commit b7589ec79305f68b552ebb5cf2e4c6c3aa0703fa
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-11-15

    Fix meson build failure in macOS (appleframeworks not found)
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 meson.build | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 66f1fc7b8f60693e0947d5a9d38cd0d1bc306baa
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-11-15

    rpc: Fix serialization of NULL mechanism pointer
    
    A NULL mechanism pointer is valid for C_*Init functions to cancel the
    operation.  Since 852ccd8d we encoded it with a CK_MECHANISM_TYPE 0 as
    an indicator, though it clashes with CKM_RSA_PKCS_KEY_PAIR_GEN (0).
    This patch changes the encoding to use a special value (0xffffffff) to
    indicate that and also properly advance the offset when reading.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/rpc-client.c  |  8 ++++++--
 p11-kit/rpc-message.c | 10 ++++++++--
 p11-kit/rpc-server.c  |  8 +++++++-
 p11-kit/test-rpc.c    | 27 +++++++++++++++++++++++++++
 4 files changed, 48 insertions(+), 5 deletions(-)

commit 66d6b42ef8dd84fcd8e199ac9f23f822f1a058c9
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-31

    Release 0.25.2
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 NEWS         | 5 +++++
 configure.ac | 2 +-
 meson.build  | 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

commit 72ed0c2ab27b0ccbeec3ae08054eb674f49abdba
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-27

    tests: Run tests using SoftHSM after installation
    
    This makes the unit tests self-contained so all possible code paths
    are exercised without optional packages installed.  The integration
    tests against SoftHSM can still run after installation, through "make
    installcheck" or running the scripts manually.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 .github/actions/basic-autotools/action.yaml        |  12 +-
 .github/actions/basic-meson/action.yaml            |  17 +-
 Makefile.am                                        |  14 ++
 meson_options.txt                                  |   4 +
 meson_post_install_test.sh                         |  15 ++
 p11-kit/Makefile.am                                |  16 +-
 .../{softhsm2.module => fourteen.module}           |   2 +-
 p11-kit/meson.build                                |  13 +-
 p11-kit/mock-module-ep12.c                         | 203 +++++++++++++++++++++
 p11-kit/test-generate-keypair.sh                   |  77 +++-----
 p11-kit/test-import-public.sh                      |  79 ++------
 p11-kit/test-lists.sh                              |  17 ++
 p11-kit/test-softhsm2.sh                           | 180 ++++++++++++++++++
 trust/Makefile.am                                  |   8 +-
 trust/meson.build                                  |  19 ++
 trust/test-extract.sh                              |   5 +
 trust/test-trust.sh                                |   0
 17 files changed, 552 insertions(+), 129 deletions(-)

commit cdc4720d29466e717aa694a85a7aee86ebb94172
Author: Erdem Meydanli <meydanli@amazon.com>
Date:   2023-10-26

    fix: improper comparison
    
    Compare the return value of the readpassphrase function to NULL.
    
    Signed-off-by: Erdem Meydanli <meydanli@amazon.com>

 p11-kit/tty.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

commit 8e21f76e5e5bd6d647bb56782183227d8829f552
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-26

    pkcs11-json: Make regeneration robuster
    
    Previously, when common/pkcs11.h is updated and castxml is not
    installed on the system, an empty pkcs11.json is created.  This makes
    the build process abort in that case.
    
    This also fixes the path of pkcs11.json referred to by
    p11-kit/Makefile.am, and only includes necessary files in the
    distribution.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 Makefile.am             |  2 +-
 p11-kit/Makefile.am     | 20 ++++++++++----------
 subprojects/pkcs11-json |  2 +-
 3 files changed, 12 insertions(+), 12 deletions(-)

commit 3ee322327b37d9137f3c2c8a9df267ddc7a44678
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-25

    Release 0.25.1
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 NEWS         | 13 +++++++++++++
 configure.ac |  2 +-
 meson.build  |  2 +-
 3 files changed, 15 insertions(+), 2 deletions(-)

commit 96a8b145a33f95eae52d7d31d0d7ed1674c68423
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-24

    Revise documentation of the object and profile sub-commands
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 doc/manual/p11-kit.xml | 99 +++++++++++++++++++++++++++++++++-----------------
 1 file changed, 65 insertions(+), 34 deletions(-)

commit bd75edd1aeb964b124b1b96e8d5c8cea0db6eacc
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-25

    Add --login option to delete-object command
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 p11-kit/delete-object.c | 41 +++++++++++++++++++++++++++++++++++++----
 1 file changed, 37 insertions(+), 4 deletions(-)

commit 6bacb564458a3bb3b2de5a5dfded809a2e348d6b
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-09-04

    Add command for importing objects into a PKCS#11 token
    
    The import-object command allows users to import certificates or
    public keys into a pkcs#11 token by providing a PEM file.
    
    usage: p11-kit import-object --file=<file.pem> [--label=<label>]
    [--login] pkcs11:token
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 bash-completion/p11-kit       |   2 +-
 doc/manual/p11-kit.xml        |  19 +-
 p11-kit/Makefile.am           |   3 +
 p11-kit/import-object.c       | 615 ++++++++++++++++++++++++++++++++++++++++++
 p11-kit/meson.build           |   5 +
 p11-kit/p11-kit.c             |   4 +
 p11-kit/test-import-public.sh | 151 +++++++++++
 po/POTFILES.in                |   1 +
 8 files changed, 798 insertions(+), 2 deletions(-)

commit cced2d9a4772cb126974a69354b6a9845105407a
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-19

    iter: Add option to stop at token with active session
    
    The commit fd7c819eff1de40619ba0231dc8819af76df72a6 introduced a
    slight backward incompatibility to the P11KitIter behavior when
    iterating with P11_KIT_ITER_WITH_TOKENS: previously it stopped before
    opening a token, while now it stops after that.
    
    This adds a compatibility measure so those two are distinguishable
    with an explicit flag P11_KIT_ITER_WITH_SESSIONS and a kind
    P11_KIT_ITER_KIND_SESSION.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/add-profile.c      |  2 +-
 p11-kit/delete-profile.c   |  2 +-
 p11-kit/generate-keypair.c |  2 +-
 p11-kit/iter.c             | 31 ++++++++++++++++++++++---------
 p11-kit/iter.h             |  2 ++
 p11-kit/list-profiles.c    |  2 +-
 6 files changed, 28 insertions(+), 13 deletions(-)

commit e5f0be33f5d39ad117e1cb84de5a8ac1ebe75548
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-06

    p11-kit commands: Add --login option
    
    Previously those tools determined whether a login is necessary by
    checking the presence of "pin-value" query attribute in the URI.  It
    was too implicit and against modern security practice.  This instead
    asks users to specify --login option and if no "pin-value" is given,
    it tries to read a PIN from the terminal.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/add-profile.c            | 32 +++++++++++++++++++---
 p11-kit/delete-profile.c         | 32 +++++++++++++++++++---
 p11-kit/export-object.c          | 41 ++++++++++++++++++++++++++---
 p11-kit/generate-keypair.c       | 34 +++++++++++++++++++++---
 p11-kit/list-objects.c           | 42 ++++++++++++++++++++++++++---
 p11-kit/list-profiles.c          | 37 +++++++++++++++++++++++---
 p11-kit/test-generate-keypair.sh | 10 +++----
 p11-kit/test-objects.sh          | 57 +++++++++++++++++++++++++++++++++++++++-
 8 files changed, 257 insertions(+), 28 deletions(-)

commit 751118077ae093c33a093a9a0f634406b2e97c13
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-04

    p11-kit: Support PIN prompting from tty
    
    This adds support for prompting PIN on the terminal, through the
    readpassphrase function borrowed from libbsd.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 common/Makefile.am      |   6 ++
 common/compat.h         |  21 +++++
 common/meson.build      |  10 +++
 common/readpassphrase.c | 208 ++++++++++++++++++++++++++++++++++++++++++++++++
 configure.ac            |   2 +
 meson.build             |   3 +-
 p11-kit/Makefile.am     |  19 ++---
 p11-kit/meson.build     |   4 +
 p11-kit/pin.c           |   2 +-
 p11-kit/tty.c           |  78 ++++++++++++++++++
 p11-kit/tty.h           |  48 +++++++++++
 11 files changed, 385 insertions(+), 16 deletions(-)

commit 466da61d3ec8a1dbbc7f48eab8efb4d6f56d2a41
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-05

    p11-kit commands: Stop calling C_Login manually
    
    This is now done in P11KitIter as needed.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/add-profile.c      | 34 +++++++++-------------------------
 p11-kit/delete-profile.c   | 34 +++++++++-------------------------
 p11-kit/generate-keypair.c | 34 +++++++++-------------------------
 p11-kit/list-profiles.c    | 34 +++++++++-------------------------
 4 files changed, 36 insertions(+), 100 deletions(-)

commit fd7c819eff1de40619ba0231dc8819af76df72a6
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-05

    iter: Plumb PIN retrieval through pin-source
    
    This make P11KitIter use the P11KitPin interface to retrieve PIN if
    the "pin-source" attribute is available in the matching URI.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/iter.c      | 92 +++++++++++++++++++++++++++++++++++++++++++----------
 p11-kit/test-iter.c | 92 +++++++++++++++++++++++++++++++++++++++++++++++------
 po/POTFILES.in      |  1 +
 3 files changed, 159 insertions(+), 26 deletions(-)

commit 605232952fa4b4b9f0d7ac8d79afa97f992136a5
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-04

    Add list-tokens into po/POTFILES.in and autocompletion
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 bash-completion/p11-kit | 2 +-
 po/POTFILES.in          | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

commit 168fdc2b6a9d5aa82a86b417ddf4bba9ef150e05
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-05

    Fix some cppcheck errors
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 common/compat.c       | 15 +++++++++------
 p11-kit/rpc-message.c |  6 +++---
 p11-kit/test-iter.c   | 16 ++++++++--------
 p11-kit/test-mock.c   | 18 +++++++++---------
 4 files changed, 29 insertions(+), 26 deletions(-)

commit 1cfbac317f2029a3a3a1c4cc65c49488efd0cd1e
Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   2023-10-04

    Fix CI warnings and errors
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

 .github/actions/basic-meson/action.yaml |  2 +-
 build/cross_file_mingw64.txt            |  2 +-
 common/test-hash.c                      | 12 ++++++------
 3 files changed, 8 insertions(+), 8 deletions(-)

commit 1cec78401c814c589f2dd826de8eaf6c599a4608
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-01

    ci: Update base image and pull in additional packages
    
    This updates the base image to Fedora 38 from Fedora 34, and install
    the p11-kit-devel and softhsm packages, which are needed to test the
    p11-kit generate-keypair command.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 ci/Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

commit fc6d0e281ef3401a619dc1e6f6bbe2751c27b8b1
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-04

    p11-kit generate-keypair: Support EdDSA key generation
    
    This adds support for generating EdDSA keys with the p11-kit
    generate-keypair command.  Aside from that tests are added using
    SoftHSM to exercise all the supported algorithms.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 p11-kit/Makefile.am                              |  2 +
 p11-kit/fixtures/package-modules/softhsm2.module |  4 ++
 p11-kit/generate-keypair.c                       | 11 ++-
 p11-kit/meson.build                              |  4 ++
 p11-kit/test-generate-keypair.sh                 | 92 ++++++++++++++++++++++++
 p11-kit/test-server.sh                           |  1 +
 6 files changed, 113 insertions(+), 1 deletion(-)

commit e2c932038a2c4384d25d24cd5b249b9c84eb12a6
Author: Daiki Ueno <ueno@gnu.org>
Date:   2023-10-01

    p11-kit list-tokens: New subcommand
    
    This adds a new subcommand "list-tokens" to the p11-kit command, which
    is similar to "list-modules" but only prints tokens.  This would make
    scripting tasks easier.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

 doc/manual/p11-kit.xml      |  19 +++++
 p11-kit/Makefile.am         |   4 +
 p11-kit/list-tokens.c       | 196 ++++++++++++++++++++++++++++++++++++++++++++
 p11-kit/lists.c             |   9 +-
 p11-kit/meson.build         |   5 ++
 p11-kit/p11-kit.c           |   4 +
