Releases: p11-glue/p11-kit
Releases · p11-glue/p11-kit
0.25.3 (stable)
0.25.2 (stable)
0.25.1 (stable)
- fix probing of C_GetInterface [#535]
- p11-kit: add command to list tokens [#581]
- p11-kit: add command to list mechanisms supported by a token [#576]
- p11-kit: add command to generate private-public keypair on a token [#551, #582]
- p11-kit: add commands to import/export certificates and public keys into/from a token [#543, #549, #568, #588]
- p11-kit: add commands to list and delete objects of a token [#533, #544, #571]
- p11-kit: add --login option to login into a token with object and profile management commands [#587]
- p11-kit: adjust behavior of PKCS#11 profile management commands [#558, #560, #583, #591]
- p11-kit: print PKCS#11 URIs in list-modules [#532]
- bug and build fixes [#528 #529, #534, #537, #540, #541, #545, #547, #550, #557, #572, #575, #579, #585, #586, #590]
- test fixes [#553, #580]
0.25.0 (stable)
- add PKCS#11 3.0 support [#458, #461, #462, #463, #464, #467, #469, #470, #475, #485, #486]
- add support for profile objects [#479]
- add ability to adjust module and config paths at run-time via system environmental exports [#442]
- make terminal output nicer [#509, #510]
- p11-kit: add command to print merged configuration [#446, #489]
- p11-kit: add commands to list, add and delete profiles of a token [#500, #503, #506]
- trust: add command to check format of .p11-kit files [#476, #483]
- virtual: fix libffi type signatures for PKCS#11 3.0 functions [#492]
- server: fix umask setting when --group is specified [#478]
- server: check SHELL only when neither --sh nor --csh is specified [#438]
- rpc: use space string in C_InitToken [#514]
- rpc: fix two off-by-one errors identified by asan [#456]
- modules: make logging message more translatable [#436]
- pkcs11.h: support CRYPTOKI_GNU for IBM vendor mechanisms [#421]
- pkcs11.h: add IBM specific mechanism and attributes [#415]
- pkcs11.h: add ChaCha20/Salsa20 and Poly1305 mechanisms [#487]
- pkcs11.h: add AES-GCM mechanism parameters for message-based encryption [#481]
- po: update translations from Transifex [#439]
- bug and build fixes [#412, #414, #417, #418, #420, #426, #427, #428, #448, #451, #459, #496, #505, #511, #512, #513, #516, #517, #524, #521]
- test fixes [#424, #441, #444, #443, #460, #472, #474, #465, #473, #487, #499, #519, #525, #526]
0.24.1 (stable)
0.24.0 (stable)
- Use inclusive language on certificate distrust. Note: This changes the directory and attribute names to distrust certain CAs to
"blocklist" [#324] - Fix issues spotted by coverity and ASan [#349, #351]
- Integrate gettext with tools more tightly [#358]
- rpc: Forbid use of array of attributes [#365, #367]
- Build fixes [#342, #344, #345, #353, #362, #364]
0.23.22 (stable)
- Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
- anchor: Prefer persistent format when storing anchor [#329]
- common: Fix infloop in p11_path_build [#326, #327]
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
- common: Check for a NULL locale before freeing it [#321]
- Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
0.23.21 (stable)
0.23.20 (stable)
0.23.20 (stable)
- Revert "Fix RPC when length-s are 0" changes [#276]
0.23.19 (stable)
- common: add Russian PKCS#11 extensions to pkcs11x.h header [#255]
- Add simple bash completion for provided commands [#258]
- Unbreak list matching in enable-in and disable-in [#262]
- Fix RPC when length-s are 0 [#259]
- rpc: Add vsock transport support [#270]
- trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [#265]
- Build fixes [#271, #272, #273, ...]