FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=main 2026-05-05T22:30:52Z 2026-05-05T22:30:52Z Dag-Erling Smørgrav des@FreeBSD.org 2026-05-05T22:30:52Z urn:sha1:2fef18ff594328a771b6aa659e8ffa5a7e076540 Ever since certctl was rewritten in C, the rehash command has reingested TRUSTDESTDIR / UNTRUSTDESTDIR in addition to TRUSTPATH / UNTRUSTPATH. This seemed like a good idea at the time but was, in retrospect, a mistake, as it means a (un)trusted certificate remains (un)trusted forever (or at least until it expires) even if it is removed from (UN)TRUSTPATH. Among other issues, it causes ports QA to fail for any port that either installs certificates or depends on a port that does. Although this behavior was undocumented, the change may surprise users who have added certificates manually, so update the manual page to point it out and add prominent warnings to the trust and untrust commands. PR: 290078 MFC after: 1 week Reviewed by: kevans, bcr Differential Revision: https://reviews.freebsd.org/D56617 2025-12-05T17:36:49Z Jose Luis Duran jlduran@FreeBSD.org 2025-12-05T17:36:49Z urn:sha1:5c7176bba30ab3b250177cba3923bdc84b68a7c7 With the reimplementation in C of certctl, the environment variable previously known as CERTDESTDIR was renamed to TRUSTDESTDIR for consistency. Although the previous variable is still valid, prefer the new one, as it is described in the manual page, while the old one is not. Reviewed by: des MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D54044 2025-10-14T13:41:20Z Mark Johnston markj@FreeBSD.org 2025-10-14T13:32:46Z urn:sha1:ec8e07e8fa94767dceb409c4c7c1840bba39172b - Fix a typo. - Provide the default path. Reviewed by: des MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D53001 2025-09-09T13:47:42Z Mark Johnston markj@FreeBSD.org 2025-09-09T13:47:42Z urn:sha1:2024887abc7d1b931e00fbb0697658e98adf048d This is needed to fix bootstrapping on FreeBSD versions before commit 56ee5c551f89 ("sysctl: make sys/sysctl.h self contained"). Moreover, certctl should really be including sys/types.h directly since it uses size_t. MFC after: 1 week 2025-09-09T13:27:02Z Jessica Clarke jrtc27@FreeBSD.org 2025-09-09T13:27:02Z urn:sha1:26d56dec1e0e3bab571a00fcb9c39d3269fbcf97 2025-08-22T15:33:45Z Dag-Erling Smørgrav des@FreeBSD.org 2025-08-22T15:33:45Z urn:sha1:03221b189a48a509c1bc9adb8331638ae3eac065 In a pkgbase world, we cannot assume that these directories exist; we must create them ourselves. Fixes: c340ef28fd38 ("certctl: Reimplement in C") Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D52121 2025-08-18T14:28:29Z Dag-Erling Smørgrav des@FreeBSD.org 2025-08-18T14:26:29Z urn:sha1:c340ef28fd384b567e35882d04ce17fa31b7384f Notable changes include: * We no longer forget manually untrusted certificates when rehashing. * Rehash will now scan the existing directory and progressively replace its contents with those of the new trust store. The trust store as a whole is not replaced atomically, but each file within it is. * We no longer attempt to link to the original files, but we don't copy them either. Instead, we write each certificate out in its minimal form. * We now generate a trust bundle in addition to the hashed diretory. This also contains only the minimal DER form of each certificate. This allows e.g. Unbound to preload the bundle before chrooting. * The C version is approximately two orders of magnitude faster than the sh version, with rehash taking ~100 ms vs ~5-25 s depending on whether ca_root_nss is installed. * We now also have tests. Reviewed by: kevans, markj Differential Revision: https://reviews.freebsd.org/D42320 Differential Revision: https://reviews.freebsd.org/D51896 2025-08-17T00:25:49Z Colin Percival cperciva@FreeBSD.org 2025-08-17T00:17:03Z urn:sha1:31ac42b486ebb5609c94cfd8a9bec86e457f9b53 The reimplementation of certctl, while much needed, broke the release build and 72 hours later corrections are still under review (D51896). This revert should be reverted once that is ready to land; I just need this out of the tree temporarily because breakage is interfering with release engineering for the upcoming 15.0-RELEASE. Unsquashed reversions: Revert "etc: add missing mtree entry for certctl tests" This reverts commit f751757259158a8d3b81d4fb7576b3ebe226dece. Revert "certctl: Fix bootstrap build" This reverts commit c989e3cc3da1bfd8ac3ec5a05d1e86ab8ff719f7. Revert "certctl: Reimplement in C" This reverts commit 81d8827ad8752e35411204541f1f09df1481e417. With hat: re@ 2025-08-13T22:39:21Z Dag-Erling Smørgrav des@FreeBSD.org 2025-08-13T22:38:52Z urn:sha1:c989e3cc3da1bfd8ac3ec5a05d1e86ab8ff719f7 Fixes: 81d8827ad875 ("certctl: Reimplement in C") 2025-08-13T22:37:52Z Dag-Erling Smørgrav des@FreeBSD.org 2025-08-13T22:37:52Z urn:sha1:2f8bbfe5873bf652619e7e433cff17ac18c9d4fa This reverts commit 42ac41983ee184e818f6e8da791a5c6c7530f87e.