| 8c4094f3 | 09-Jan-2021 |
Kyle Evans <[email protected]> |
certctl: factor out certname resolution
create_blacklisted() will identify a cert whether it's provided a path to a cert or the hash.serial format that is shown by `certctl list`.
Factor this logic
certctl: factor out certname resolution
create_blacklisted() will identify a cert whether it's provided a path to a cert or the hash.serial format that is shown by `certctl list`.
Factor this logic out into a resolve_certname() so that it may be reused elsewhere.
show more ...
|
| 5e6c628e | 14-May-2020 |
Kyle Evans <[email protected]> |
certctl: follow-up to r361022, prune blacklist as well
Otherwise, removals from the blacklist may not get processed as they should.
While we're here, restructure these to not bother with mkdir(1) i
certctl: follow-up to r361022, prune blacklist as well
Otherwise, removals from the blacklist may not get processed as they should.
While we're here, restructure these to not bother with mkdir(1) if we've already tested them to exist.
MFC after: 3 days
show more ...
|
| 94a5245c | 03-Oct-2019 |
Kyle Evans <[email protected]> |
certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:
$ certctl list # reviews output -- ah, yeah, I don't trust that one $ certctl blacklist ce5e74ef.
certctl(8): let one blacklist based on hashed filenames
It seems reasonable to allow, for instance:
$ certctl list # reviews output -- ah, yeah, I don't trust that one $ certctl blacklist ce5e74ef.0 $ certctl rehash
We can unambiguously determine what cert "ce5e74ef.0" refers to, and we've described it to them in `certctl list` output -- I see little sense in forcing another level of filesystem inspection to determien what cert file this physically corresponds to.
show more ...
|