oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hx509: Make hxtool default store type to FILE

Browse Source 
A common complaint about hxtool(1) is that if one fails to add a TYPE:
prefix to a CSR or certificate/private key store names, then hxtool
fails somewhat inscrutably.  We can't just fix hx509_certs_init() or
hx509_certs_append() because they default to "MEMORY" so who knows what
might break.  Instead we fix all uses of user-provided store names in
hxtool to have a FILE: prefix if no type was given.  For CSRs we'll
default to adding the only type prefix supported, "PKCS10".
This commit is contained in:
Nicolas Williams
2021-03-24 01:07:50 -05:00
parent 8e7c7209e8
commit 5d939ba1b6
5 changed files with 135 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/hx509/version-script.map
View File

@@ -17,6 +17,7 @@ HEIMDAL_X509_1.2 {
_hx509_generate_private_key_init;
_hx509_generate_private_key_is_ca;
_hx509_get_cert;
_hx509_ks_type;
_hx509_make_pkinit_san;
_hx509_map_file_os;
_hx509_name_from_Name;