Change Details

This is a work in progress. Currently, only the rehash, list, and untrusted commands are implemented. Notable changes include: - We no longer forget manually untrusted certificates when rehashing. - When not running in unprivileged mode, rehash will construct an entire new /etc/ssl and then swap out the old one, instead of deleting it before generating the new one. This means it will fail gracefully, and although the double rename is not atomic, the window in which we are left without a trust store is much shorter. - We no longer attempt to link to the original files. - We now generate a trust bundle in addition to the hashed diretory. - The C version is approximately two orders of magnitude faster than the sh version, with rehash taking ~100 ms vs ~5-25 s depending on whether ca_root_nss is installed.

certctl: Reimplement in C. This is a work in progress. Notable changes include: * We no longer forget manually untrusted certificates when rehashing. * Rehash will now scan the existing directory and progressively replace its contents with those of the new trust store. The trust store as a while is not replaced atomically, but each file within it is. * We no longer attempt to link to the original files, but we don't copy them either. Instead, we write each certificate out in its minimal form. * We now generate a trust bundle in addition to the hashed diretory. This also contains only the minimal DER form of each certificate. * The C version is approximately two orders of magnitude faster than the sh version, with rehash taking ~100 ms vs ~5-25 s depending on whether ca_root_nss is installed. All commands are now implemented. TODO: * Respect TRUSTPATH and UNTRUSTPATH environment variables. * Respect CERTDESTDIR and UNTRUSTDESTDIR environment variables. * Add an environment variable for the bundle. * Add tests.

This is a work in progress. Currently, only the rehash, list, and untrusted commands are certctl: Reimplemented in C. This is a work in progress. Notable changes include: -* We no longer forget manually untrusted certificates when rehashing. - When not running in unprivileged mode, rehash will construct an entire* Rehash will now scan the existing directory and progressively replace new /etc/ssl and then swap outits contents with those of the old one, instead of deleting itnew trust store. The trust store as a before generating the new one. This means it will fail gracefully,while is not replaced atomically, but each file within it is. * We no longer attempt to link to the original files, but we don't copy and although the double rename is not atomicthem either. Instead, the windowwe write each certificate out in which weits minimal are left without a trust store is much shorterform. - We no longer attempt to link to the original files* We now generate a trust bundle in addition to the hashed diretory. This also contains only the minimal DER form of each certificate. - We now generate a trust bundle in addition to the hashed diretory. -* The C version is approximately two orders of magnitude faster than the sh version, with rehash taking ~100 ms vs ~5-25 s depending on whether ca_root_nss is installed. All commands are now implemented. TODO: * Respect TRUSTPATH and UNTRUSTPATH environment variables. * Respect CERTDESTDIR and UNTRUSTDESTDIR environment variables. * Add an environment variable for the bundle. * Add tests.