Rick van Rein [Wed, 10 Aug 2016 11:13:48 +0000 (12:13 +0100)]
Added tlspool_configvar() to libtlspool
This retrieves a value from a configvar in a default location
Also used it to locate the TLS Pool socket
There is an environment variable to accommodate this
The TLS Pool daemon will not continue to use its own code (efficiency, security)
The tool/* and perhaps tests will later be updated to use this new facility
Rick van Rein [Tue, 9 Aug 2016 14:53:51 +0000 (15:53 +0100)]
Undone overzealous inclusion of changes in QUICKSTART.sh
Rick van Rein [Tue, 9 Aug 2016 10:51:45 +0000 (11:51 +0100)]
Removed length valexp_varchars[] dump sequence (DEBUG)
Rick van Rein [Tue, 9 Aug 2016 10:49:25 +0000 (11:49 +0100)]
Updated header files to support C++ (notably, g++)
Aschwin Marsman [Tue, 9 Aug 2016 05:26:12 +0000 (07:26 +0200)]
Merge branch 'master' of https://github.com/arpa2/tlspool into tlspool-gui
Rick van Rein [Wed, 3 Aug 2016 14:51:15 +0000 (15:51 +0100)]
Removed accidentally (?) added PEM files from testdata/
Rick van Rein [Tue, 2 Aug 2016 20:32:08 +0000 (21:32 +0100)]
Additional changes to SWIG-generated files (with new GIL support)
Rick van Rein [Tue, 2 Aug 2016 20:31:15 +0000 (21:31 +0100)]
Added GIL support to the Python wrapper (sigh... after a long search)
More local changes
Aschwin Marsman [Mon, 1 Aug 2016 05:00:40 +0000 (07:00 +0200)]
Merge branch 'master' of https://github.com/arpa2/tlspool into tlspool-gui
Rick van Rein [Thu, 28 Jul 2016 14:16:54 +0000 (15:16 +0100)]
Fix of missing sys introduced by PR on https_proxy
A few improvements on the build infra for lib/* wrappers
Aschwin Marsman [Thu, 28 Jul 2016 06:05:03 +0000 (08:05 +0200)]
Merge branch 'master' of https://github.com/arpa2/tlspool into tlspool-gui
Rick van Rein [Wed, 27 Jul 2016 14:41:15 +0000 (16:41 +0200)]
Changes to lib/*/Makefile to accommodate building without local SWIG
Aschwin Marsman [Tue, 26 Jul 2016 04:51:25 +0000 (06:51 +0200)]
Merge branch 'master' of https://github.com/arpa2/tlspool into tlspool-gui
vanrein [Mon, 25 Jul 2016 20:12:07 +0000 (22:12 +0200)]
Merge pull request #39 from leenaars/patch-3
Add tlspool socket parameter to https_proxy
leenaars [Mon, 25 Jul 2016 17:39:49 +0000 (19:39 +0200)]
Add tlspool socket parameter to https_proxy
Rick van Rein [Mon, 25 Jul 2016 16:40:33 +0000 (17:40 +0100)]
Parameter for socket filename to lib/python/webdemo.py
Added swig output for lib/go to GIT repo, only rebuilt with "make veryclean"
More advances with lib/go, but not done yet
Rick van Rein [Mon, 25 Jul 2016 16:21:37 +0000 (17:21 +0100)]
SWIG now is not needed for lib/python, unless after "make veryclean"
Aschwin Marsman [Fri, 22 Jul 2016 15:33:36 +0000 (17:33 +0200)]
Merge branch 'master' of https://github.com/amarsman/tlspool into tlspool-gui
Rick van Rein [Fri, 22 Jul 2016 13:20:16 +0000 (14:20 +0100)]
Merge branch 'master' of https://github.com/arpa2/tlspool
Rick van Rein [Fri, 22 Jul 2016 13:18:46 +0000 (14:18 +0100)]
Decoupled language wrappers from the main build.
The C library for linking with -ltlspool is still part of the main build.
See INSTALL for more details.
vanrein [Thu, 21 Jul 2016 21:12:59 +0000 (23:12 +0200)]
Merge pull request #37 from hfmanson/master
MXE cross compile
Rick van Rein [Thu, 21 Jul 2016 20:43:43 +0000 (21:43 +0100)]
Using the new Python library wrapper, this makes https_proxy.py work
Aschwin Marsman [Thu, 21 Jul 2016 19:22:21 +0000 (21:22 +0200)]
Merge branch 'master' of https://github.com/amarsman/tlspool into tlspool-gui
Aschwin Marsman [Thu, 21 Jul 2016 15:44:15 +0000 (17:44 +0200)]
Make date command more platform independent, don't rely on a GNU extension
Rick van Rein [Wed, 20 Jul 2016 15:00:52 +0000 (16:00 +0100)]
Removed old-style python wrapper, added clean target for library wrappers
vanrein [Wed, 20 Jul 2016 14:51:58 +0000 (16:51 +0200)]
Merge pull request #38 from arpa2/pythonwrap
Branch "pythonwrap" sufficiently complete to merge
Rick van Rein [Wed, 20 Jul 2016 14:48:42 +0000 (15:48 +0100)]
Removed "uninstall" target from lib/python/Makefile
- This is missing in the setup.py functionality, or so it appears
Rick van Rein [Wed, 20 Jul 2016 14:44:19 +0000 (15:44 +0100)]
Update pythonwrap branch with master @ github.com
Rick van Rein [Wed, 20 Jul 2016 14:41:02 +0000 (15:41 +0100)]
Working Python wrapper and webdemo.py
- Introduced mappings in the style of Python, such as ping() with defaults
- Can build up a tlspool.Connection() and perform TLS over it
- Cannot currently handle control keys in Python
- Cannot currently use callback facility in starttls()
- Downloads a web page from a secure site (over IPv6 only)
Rick van Rein [Fri, 15 Jul 2016 08:43:09 +0000 (09:43 +0100)]
Working Python wrapper, for starttls() but some other utility functions remain todo
Rick van Rein [Thu, 14 Jul 2016 13:22:35 +0000 (14:22 +0100)]
A bit more development, but nothing really grand
Aschwin Marsman [Thu, 14 Jul 2016 00:33:08 +0000 (02:33 +0200)]
Merge branch 'master' of https://github.com/arpa2/tlspool into tlspool-gui
Rick van Rein [Wed, 13 Jul 2016 22:01:56 +0000 (23:01 +0100)]
Initial attempt, with some pieces working, of Python SWIG
Rick van Rein [Wed, 13 Jul 2016 14:58:10 +0000 (15:58 +0100)]
bugfix in tool/pingpool.c -- made socket path arg work
Aschwin Marsman [Tue, 12 Jul 2016 17:47:22 +0000 (19:47 +0200)]
Updated to use amarsman repositories and tlspool-gui branches, will also build tlspool-gui
Henri Manson [Tue, 12 Jul 2016 17:23:05 +0000 (19:23 +0200)]
MXE cross compile fixes 3
Henri Manson [Tue, 12 Jul 2016 17:20:05 +0000 (19:20 +0200)]
MXE cross compile fixes 2
Henri Manson [Tue, 12 Jul 2016 17:07:55 +0000 (19:07 +0200)]
MXE cross compile fixes
Aschwin Marsman [Mon, 11 Jul 2016 19:33:15 +0000 (21:33 +0200)]
Remove checkout of older versions.
Fix incorrect test argument.
Fix typo.
Aschwin Marsman [Mon, 11 Jul 2016 19:31:10 +0000 (21:31 +0200)]
Merge branch 'master' of github.com:amarsman/tlspool into tlspool-gui
Aschwin Marsman [Mon, 11 Jul 2016 19:29:28 +0000 (21:29 +0200)]
changes to make it build with a c++ compiler
Rick van Rein [Wed, 6 Jul 2016 07:17:27 +0000 (08:17 +0100)]
Parameterised testdata/Makefile, roughly as suggested by Michiel
This enables using the tools from another bin directory
Testdata is meant for developers, so relative paths within Git are still default
Rick van Rein [Tue, 5 Jul 2016 07:27:12 +0000 (08:27 +0100)]
Gotten started with a _tlspool.so module for Python
- swig is doing its work nicely, already for many scripting languages
- figured out how to compile to a Python dynamic module _tlspool.so
- to keep languages separate, the output is named python_tlspool.so
- it does not provide a good API to C types, so calling functions fails
Rick van Rein [Wed, 29 Jun 2016 09:34:54 +0000 (10:34 +0100)]
Adriaan spotted a bug with indirection
Rick van Rein [Wed, 29 Jun 2016 09:30:29 +0000 (10:30 +0100)]
Adriaan found a few places where "make" should be "$(MAKE)"
vanrein [Tue, 28 Jun 2016 08:11:41 +0000 (10:11 +0200)]
Merge pull request #33 from leenaars/steamworks
Some cleanups, added steamworks to QUICKSTART.sh
Michiel Leenaars [Tue, 28 Jun 2016 07:56:44 +0000 (09:56 +0200)]
QUICKSTART.sh
Rick van Rein [Sun, 26 Jun 2016 11:54:42 +0000 (12:54 +0100)]
DNSSEC root key configurable in tlspool.conf ; added default root key for testing
Rick van Rein [Sat, 25 Jun 2016 21:02:07 +0000 (22:02 +0100)]
Merged the compilation and installation of Pulleyback into the TLS Pool
- pulleyback is a backend for steamworks, as described on:
- https://github.com/arpa2/steamworks/blob/master/docs/pulleyback-api.md
- https://github.com/arpa2/tlspool/blob/master/doc/steamworks-ldap-scheme.md
- https://github.com/arpa2/tlspool/blob/master/doc/pulleyscript.md
Rick van Rein [Sat, 25 Jun 2016 20:47:36 +0000 (21:47 +0100)]
Merge branch 'master' of https://github.com/arpa2/tlspool
Rick van Rein [Sat, 25 Jun 2016 20:43:40 +0000 (21:43 +0100)]
Pulleyback now appears to work
- The test program adds and removes disclose.db and localid.db entries
- There are some weird interactions with the tool/get_xxx programs
- This may be due to opening the databases with DB_RECOVER, but I'm not sure
- Running one program at a time appears to work though
- Also note there's been no problem interacting with programs and TLS Pool
vanrein [Fri, 24 Jun 2016 15:36:47 +0000 (17:36 +0200)]
Merge pull request #32 from leenaars/patch-2
Small cosmetic improvements for Makefile consistency
leenaars [Fri, 24 Jun 2016 14:58:01 +0000 (16:58 +0200)]
Makefile consistency
Rick van Rein [Fri, 24 Jun 2016 14:49:16 +0000 (15:49 +0100)]
Updates to the PulleyBack simulation and Output Driver
- it's not working though
- BerkeleyDB is complaining about the environment upon closure
- Sometimes the database also cannot be closed
- Complaints about range conflicts
Rick van Rein [Fri, 24 Jun 2016 04:46:45 +0000 (05:46 +0100)]
PulleyScript for trust.db added
Rick van Rein [Wed, 22 Jun 2016 10:29:31 +0000 (12:29 +0200)]
Updates LDAP schema for Pulley backend aimed at TLS Pool
Rick van Rein [Wed, 22 Jun 2016 10:24:25 +0000 (11:24 +0100)]
Clarified PulleyBack transaction interface and got it compiling correctly
- Dropped the notion of idempotent _commit() / _rollback()
- Implemented the idempotent function of _prepare()
- Caused assert() to bail out on detected-illegal calling orders
- Not yet tested or run
- Not yet resolved the _collaborate() functiality
vanrein [Wed, 22 Jun 2016 07:30:24 +0000 (09:30 +0200)]
Merge pull request #31 from leenaars/stable
Add stable branch
Michiel Leenaars [Wed, 22 Jun 2016 07:04:59 +0000 (09:04 +0200)]
QUICKSTART.sh modified
Michiel Leenaars [Wed, 22 Jun 2016 06:53:19 +0000 (08:53 +0200)]
Consistent use of PKG_CONFIG
Rick van Rein [Tue, 21 Jun 2016 20:52:18 +0000 (21:52 +0100)]
Initial test/pulleybacksimu.c -- opens and closes databases, dumps data
Rick van Rein [Tue, 21 Jun 2016 16:00:35 +0000 (17:00 +0100)]
Improved Makefile for pulleyscript
- Quoted '#' in echo statements (were interpreted as Makefile comments)
Rick van Rein [Tue, 21 Jun 2016 15:59:54 +0000 (16:59 +0100)]
Merge branch 'master' of /usr/local/src/tlspool-master into pulleyback
Rick van Rein [Tue, 21 Jun 2016 15:58:21 +0000 (16:58 +0100)]
Improvements to the Makefile
- quoted echo statements starting with '#' (which became Makefile comment)
- used ?= instead of ifndef
Rick van Rein [Tue, 21 Jun 2016 15:45:44 +0000 (16:45 +0100)]
Completed the coding for database updates -- and it compiles
(No running yet, though)
Rick van Rein [Tue, 21 Jun 2016 06:57:02 +0000 (07:57 +0100)]
Added self->valexp, started harvesting from structures (preps update.c)
- https://github.com/arpa2/tlspool/blob/pulleyback/doc/pulleyscript.md
- compiler breaks on "TODO;" statements in update_xxx() in update.c
Rick van Rein [Tue, 21 Jun 2016 06:26:19 +0000 (07:26 +0100)]
Merge branch 'master' of /usr/local/src/tlspool-master into pulleyback
Rick van Rein [Tue, 21 Jun 2016 06:24:00 +0000 (07:24 +0100)]
Initial, compiling code for Pulley backend to the TLS Pool
- https://github.com/arpa2/steamworks/blob/master/docs/pulleyback-api.md
- API fully implemented, compiles, but not yet tested
- update.c not incorporated in build; it still needs all database specifics
Rick van Rein [Tue, 21 Jun 2016 05:29:46 +0000 (06:29 +0100)]
Removed build warnings and an unexplained linker error in test/
Rick van Rein [Mon, 20 Jun 2016 07:25:55 +0000 (08:25 +0100)]
Fixed syntax error; accidentally checked into master, sorry
Rick van Rein [Mon, 20 Jun 2016 07:18:51 +0000 (08:18 +0100)]
Prepared documentation for the Pulley backend driver for the TLS Pool
vanrein [Sun, 19 Jun 2016 21:16:49 +0000 (23:16 +0200)]
Merge pull request #30 from arpa2/validation
Validation
Rick van Rein [Sun, 19 Jun 2016 21:15:42 +0000 (22:15 +0100)]
Preparing for inclusion of validation logic into master branch
Rick van Rein [Sun, 19 Jun 2016 21:12:51 +0000 (22:12 +0100)]
First delivery of the validation framework
- The valexp logic has been implemented and integrated properly
- The gnutls_validate() functionality is no longer statically run
- Files issues #27 #28 #29 on GitHUB, with unfinished work
vanrein [Sat, 18 Jun 2016 11:16:44 +0000 (13:16 +0200)]
Merge pull request #26 from hfmanson/master
bugfix uninstall make targets
Henri Manson [Sat, 18 Jun 2016 11:09:40 +0000 (13:09 +0200)]
bugfix uninstall make targets
vanrein [Fri, 17 Jun 2016 19:39:25 +0000 (21:39 +0200)]
Merge pull request #25 from leenaars/master
Much improved version with .conf generation for SoftHSM2 and self-updates
Michiel Leenaars [Fri, 17 Jun 2016 19:06:35 +0000 (21:06 +0200)]
Much improved version of QUICKSTART with conf generation for SoftHSMv2 and updates
Rick van Rein [Fri, 17 Jun 2016 10:10:51 +0000 (11:10 +0100)]
Rick van Rein [Fri, 17 Jun 2016 10:08:12 +0000 (11:08 +0100)]
Merge commit '
fda96751b800bf7722c247af49abbba8020b011f' into validation
Conflicts:
src/Makefile
src/starttls.c
Rick van Rein [Fri, 17 Jun 2016 10:00:16 +0000 (11:00 +0100)]
Fixed fetch_remote_credentials(), got working tool/testcli --> tool/testsrv
Rick van Rein [Thu, 16 Jun 2016 18:39:49 +0000 (19:39 +0100)]
Removed the #warning on RAND_MAX limitedness (so Windows compiles silently)
Rick van Rein [Thu, 16 Jun 2016 18:30:32 +0000 (19:30 +0100)]
Dealt with an idiot's RAND_MAX, that is even below 0xffff
(and made it work more efficiently when it is 0xffffffff too)
vanrein [Thu, 16 Jun 2016 15:40:57 +0000 (17:40 +0200)]
Merge pull request #24 from hfmanson/namedpipe
Native windows port daemon and libtlspool
Henri Manson [Thu, 16 Jun 2016 15:34:36 +0000 (17:34 +0200)]
small fix
Henri Manson [Thu, 16 Jun 2016 15:31:08 +0000 (17:31 +0200)]
small fix
Rick van Rein [Thu, 16 Jun 2016 15:27:35 +0000 (16:27 +0100)]
Build updates on Linux to the Windows port
Henri Manson [Thu, 16 Jun 2016 14:54:04 +0000 (16:54 +0200)]
determine whether compiling for windows or not
Henri Manson [Thu, 16 Jun 2016 14:43:34 +0000 (16:43 +0200)]
cleanup code
Henri Manson [Thu, 16 Jun 2016 13:54:17 +0000 (15:54 +0200)]
merge with arpa2/master
Rick van Rein [Wed, 15 Jun 2016 21:33:12 +0000 (22:33 +0100)]
Bugfix. Incomplete static typing led to a missing dereference operator.
vanrein [Wed, 15 Jun 2016 18:34:23 +0000 (20:34 +0200)]
Merge pull request #21 from leenaars/patch-1
Link to DoNAI definition for user friendlyness
Rick van Rein [Wed, 15 Jun 2016 18:23:30 +0000 (19:23 +0100)]
Compiling version of valexp code linked in with starttls_thread()
* Not yet tested (or even run)
* DONE: 2ND: Either add `remote_flags` or remove chains without any root cert
* DONE: Setup `remote_cert_raw` in `fetch_remote_credentials()`
* DONE: Reference `remote_cert_raw` from cmd (use in `valexp_`{`Oo`,`Gg`}`_start`)
* DONE: Validation expression predicates can use `cmd->remote_xxx`
* DONE: Make adjustments in `valexp_Tt_start` for correct handling of self-signed etc.
* DONE: Cleanup `cmd->remote_xxx` when done with `starttls_thread()` + takeover
* DONE: Invoke validation expression logic
Not all the work has been done yet:
* DEFER: Load a PGP key ring for validation under `valexp_Tt_start()`
* DEFER: Process `SIGUSR1` by re-reading the PGP key ring, and possibly more
* DEFER: Process `valexp_Dd_start()` with an `online.c` profile
* DEFER: Consider taking the validation expression out of the `disclose.db`
Henri Manson [Sat, 11 Jun 2016 13:18:18 +0000 (15:18 +0200)]
cross-compile makefile update
Henri Manson [Sat, 11 Jun 2016 10:56:27 +0000 (12:56 +0200)]
cross-compile makefile fix
Henri Manson [Sat, 11 Jun 2016 10:52:59 +0000 (12:52 +0200)]
cross-compile makefile fix
Henri Manson [Sat, 11 Jun 2016 10:49:59 +0000 (12:49 +0200)]
cross-compile makefile fix
Henri Manson [Sat, 11 Jun 2016 10:28:35 +0000 (12:28 +0200)]
cross-compile makefile
Henri Manson [Sat, 11 Jun 2016 09:57:59 +0000 (11:57 +0200)]
libtlspool windows files
Henri Manson [Sat, 11 Jun 2016 09:49:38 +0000 (11:49 +0200)]
libtlspool