| #
365680 |
|
13-Sep-2020 |
kevans |
MFC r361397, r361655, r361683: certctl(8) unprivileged & HISTORY correction
r361397:
Add an unprivileged mode where calls to install are passed appropriate
flags. For ease of integration, use the same flags as install:
-U unprivileged mode
-D <destdir> Specify DESTDIR (overrides the environment)
-M <metalog> Full path to METALOG file
r361655:
certctl.8: Correct the HISTORY section.
certctl was merged to stable/12 after 12.1 was branched.
r361683:
certctl: fix test syntax
test doesn't understand &&, but it does understand -a.
PR: 246190
|
| #
357082 |
|
24-Jan-2020 |
kevans |
MFC r352948-r352951, r353002, r353066, r353070: caroot infrastructure
Infrastructure only -- no plans in place currently to commit any certs to
these branches.
r352948:
[1/3] Initial infrastructure for SSL root bundle in base
This setup will add the trusted certificates from the Mozilla NSS bundle
to base.
This commit includes:
- CAROOT option to opt out of installation of certs
- mtree amendments for final destinations
- infrastructure to fetch/update certs, along with instructions
A follow-up commit will add a certctl(8) utility to give the user control
over trust specifics. Another follow-up commit will actually commit the
initial result of updatecerts.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352949:
[2/3] Add certctl(8)
This is a simple utility to hash all trusted on the system into
/etc/ssl/certs. It also allows the user to blacklist certificates they do
not trust.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352950:
[3/3] etcupdate and mergemaster support for certctl
This commit add support for certctl in mergemaster and etcupdate. Both will
either rehash or prompt for rehash as new certificates are
trusted/blacklisted.
This work was done primarily by allanjude@, with minor contributions by
myself.
r352951:
caroot: add @generated tags to extracted .pem
As is the current trend; while these files are manually curated, they are
still generated. If they end up in a review, it would be helpful to also
take the hint and hide them.
r353002:
Unbreak etcupdate(8) and mergemaster(8) after r352950
r352950 introduced improper case fall-through for shell scripts. Fix it with
a pipe.
r353066:
certctl(8): realpath the file before creating the symlink
Otherwise we end up creating broken relative symlinks in
/etc/ssl/blacklisted.
r353070:
certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:
$ certctl list
# reviews output -- ah, yeah, I don't trust that one
$ certctl blacklist ce5e74ef.0
$ certctl rehash
We can unambiguously determine what cert "ce5e74ef.0" refers to, and we've
described it to them in `certctl list` output -- I see little sense in
forcing another level of filesystem inspection to determien what cert file
this physically corresponds to.
Relnotes: yes |