diff options
Diffstat (limited to 'source4/heimdal/lib/hx509')
31 files changed, 1504 insertions, 1254 deletions
diff --git a/source4/heimdal/lib/hx509/ca.c b/source4/heimdal/lib/hx509/ca.c index 5b4d7711e7..cbd58ebd01 100644 --- a/source4/heimdal/lib/hx509/ca.c +++ b/source4/heimdal/lib/hx509/ca.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -236,7 +236,7 @@ hx509_ca_tbs_set_template(hx509_context context, hx509_name_free(&tbs->subject); ret = hx509_cert_get_subject(cert, &tbs->subject); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to get subject from template"); return ret; } @@ -246,7 +246,7 @@ hx509_ca_tbs_set_template(hx509_context context, ret = hx509_cert_get_serialnumber(cert, &tbs->serial); tbs->flags.serial = !ret; if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to copy serial number"); return ret; } @@ -473,7 +473,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, int ret; memset(&dp, 0, sizeof(dp)); - + dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint)); { @@ -488,8 +488,8 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, gn.element = choice_GeneralName_uniformResourceIdentifier; gn.u.uniformResourceIdentifier = rk_UNCONST(uri); - ASN1_MALLOC_ENCODE(DistributionPointName, - dp.distributionPoint->data, + ASN1_MALLOC_ENCODE(DistributionPointName, + dp.distributionPoint->data, dp.distributionPoint->length, &name, &size, ret); if (ret) { @@ -509,7 +509,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context, hx509_set_error_string(context, 0, EINVAL, "CRLDistributionPoints.name.issuername not yet supported"); return EINVAL; -#else +#else GeneralNames *crlissuer; GeneralName gn; Name n; @@ -579,7 +579,7 @@ hx509_ca_tbs_add_san_otherName(hx509_context context, gn.element = choice_GeneralName_otherName; gn.u.otherName.type_id = *oid; gn.u.otherName.value = *os; - + return add_GeneralNames(&tbs->san, &gn); } @@ -621,7 +621,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, if(*str=='\\'){ if(str[1] == '\0' || str[1] == '@') { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "trailing \\ in principal name"); goto out; } @@ -629,7 +629,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, } else if(*str == '/') n++; } - p.principalName.name_string.val = + p.principalName.name_string.val = calloc(n, sizeof(*p.principalName.name_string.val)); if (p.principalName.name_string.val == NULL) { ret = ENOMEM; @@ -661,7 +661,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, *q++ = '\0'; } } - + ASN1_MALLOC_ENCODE(KRB5PrincipalName, os.data, os.length, &p, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -669,7 +669,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context, } if (size != os.length) _hx509_abort("internal ASN.1 encoder error"); - + ret = hx509_ca_tbs_add_san_otherName(context, tbs, oid_id_pkinit_san(), @@ -682,7 +682,7 @@ out: free(s); return ret; } - + /* * */ @@ -708,7 +708,7 @@ add_utf8_san(hx509_context context, } if (size != os.length) _hx509_abort("internal ASN.1 encoder error"); - + ret = hx509_ca_tbs_add_san_otherName(context, tbs, oid, @@ -787,7 +787,7 @@ hx509_ca_tbs_add_san_hostname(hx509_context context, memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_dNSName; gn.u.dNSName = rk_UNCONST(dnsname); - + return add_GeneralNames(&tbs->san, &gn); } @@ -814,7 +814,7 @@ hx509_ca_tbs_add_san_rfc822name(hx509_context context, memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_rfc822Name; gn.u.rfc822Name = rk_UNCONST(rfc822Name); - + return add_GeneralNames(&tbs->san, &gn); } @@ -1005,7 +1005,7 @@ ca_sign(hx509_context context, return EINVAL; } if (hx509_name_is_null_p(tbs->subject) && tbs->san.len == 0) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "NULL subject and no SubjectAltNames"); return EINVAL; } @@ -1017,7 +1017,7 @@ ca_sign(hx509_context context, } if (tbs->flags.proxy) { if (tbs->san.len > 0) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Proxy certificate is not allowed " "to have SubjectAltNames"); return EINVAL; @@ -1099,7 +1099,7 @@ ca_sign(hx509_context context, hx509_set_error_string(context, 0, ret, "Out of memory"); goto out; } - + /* Add the text BMP string Domaincontroller to the cert */ if (tbs->flags.domaincontroller) { data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d" @@ -1137,7 +1137,7 @@ ca_sign(hx509_context context, /* add ExtendedKeyUsage */ if (tbs->eku.len > 0) { - ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length, + ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length, &tbs->eku, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1154,7 +1154,7 @@ ca_sign(hx509_context context, /* add Subject Alternative Name */ if (tbs->san.len > 0) { - ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length, + ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length, &tbs->san, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1172,7 +1172,7 @@ ca_sign(hx509_context context, /* Add Authority Key Identifier */ if (ai) { - ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length, + ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length, ai, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1195,7 +1195,7 @@ ca_sign(hx509_context context, { SHA_CTX m; - + SHA1_Init(&m); SHA1_Update(&m, tbs->spki.subjectPublicKey.data, tbs->spki.subjectPublicKey.length / 8); @@ -1205,7 +1205,7 @@ ca_sign(hx509_context context, si.data = hash; si.length = sizeof(hash); - ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length, + ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length, &si, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1221,7 +1221,7 @@ ca_sign(hx509_context context, goto out; } - /* Add BasicConstraints */ + /* Add BasicConstraints */ { BasicConstraints bc; int aCA = 1; @@ -1237,7 +1237,7 @@ ca_sign(hx509_context context, } } - ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length, + ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length, &bc, &size, ret); if (ret) { hx509_set_error_string(context, 0, ret, "Out of memory"); @@ -1261,7 +1261,7 @@ ca_sign(hx509_context context, memset(&info, 0, sizeof(info)); if (tbs->pathLenConstraint >= 0) { - info.pCPathLenConstraint = + info.pCPathLenConstraint = malloc(sizeof(*info.pCPathLenConstraint)); if (info.pCPathLenConstraint == NULL) { ret = ENOMEM; @@ -1279,7 +1279,7 @@ ca_sign(hx509_context context, goto out; } - ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length, + ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length, &info, &size, ret); free_ProxyCertInfo(&info); if (ret) { @@ -1377,14 +1377,14 @@ get_AuthorityKeyIdentifier(hx509_context context, memset(&gns, 0, sizeof(gns)); memset(&name, 0, sizeof(name)); - ai->authorityCertIssuer = + ai->authorityCertIssuer = calloc(1, sizeof(*ai->authorityCertIssuer)); if (ai->authorityCertIssuer == NULL) { ret = ENOMEM; hx509_set_error_string(context, 0, ret, "Out of memory"); goto out; } - ai->authorityCertSerialNumber = + ai->authorityCertSerialNumber = calloc(1, sizeof(*ai->authorityCertSerialNumber)); if (ai->authorityCertSerialNumber == NULL) { ret = ENOMEM; @@ -1392,7 +1392,7 @@ get_AuthorityKeyIdentifier(hx509_context context, goto out; } - /* + /* * XXX unbreak when asn1 compiler handle IMPLICIT * * This is so horrible. @@ -1407,7 +1407,7 @@ get_AuthorityKeyIdentifier(hx509_context context, memset(&gn, 0, sizeof(gn)); gn.element = choice_GeneralName_directoryName; - gn.u.directoryName.element = + gn.u.directoryName.element = choice_GeneralName_directoryName_rdnSequence; gn.u.directoryName.u.rdnSequence = name.u.rdnSequence; @@ -1436,7 +1436,7 @@ out: /** - * Sign a to-be-signed certificate object with a issuer certificate. + * Sign a to-be-signed certificate object with a issuer certificate. * * The caller needs to at least have called the following functions on the * to-be-signed certificate object: @@ -1478,7 +1478,7 @@ hx509_ca_sign(hx509_context context, goto out; ret = ca_sign(context, - tbs, + tbs, _hx509_cert_private_key(signer), &ai, &signer_cert->tbsCertificate.subject, @@ -1510,7 +1510,7 @@ hx509_ca_sign_self(hx509_context context, hx509_cert *certificate) { return ca_sign(context, - tbs, + tbs, signer, NULL, NULL, diff --git a/source4/heimdal/lib/hx509/cert.c b/source4/heimdal/lib/hx509/cert.c index 3597896c0c..121847faaa 100644 --- a/source4/heimdal/lib/hx509/cert.c +++ b/source4/heimdal/lib/hx509/cert.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -141,7 +141,7 @@ hx509_context_init(hx509_context *context) * the existans of a revokation method (OCSP, CRL) or not. Note that * hx509_verify_path(), hx509_cms_verify_signed(), and other function * call hx509_revoke_verify(). - * + * * @param context hx509 context to change the flag for. * @param flag zero, revokation method required, non zero missing * revokation method ok @@ -160,7 +160,7 @@ hx509_context_set_missing_revoke(hx509_context context, int flag) /** * Free the context allocated by hx509_context_init(). - * + * * @param context context to be freed. * * @ingroup hx509 @@ -205,7 +205,7 @@ _hx509_cert_get_version(const Certificate *t) /** * Allocate and init an hx509 certificate object from the decoded - * certificate `c´. + * certificate `c´. * * @param context A hx509 context. * @param c @@ -268,7 +268,7 @@ hx509_cert_init(hx509_context context, const Certificate *c, hx509_cert *cert) */ int -hx509_cert_init_data(hx509_context context, +hx509_cert_init_data(hx509_context context, const void *ptr, size_t len, hx509_cert *cert) @@ -294,7 +294,7 @@ hx509_cert_init_data(hx509_context context, } void -_hx509_cert_set_release(hx509_cert cert, +_hx509_cert_set_release(hx509_cert cert, _hx509_cert_release_func release, void *ctx) { @@ -383,7 +383,7 @@ hx509_cert_ref(hx509_cert cert) /** * Allocate an verification context that is used fo control the - * verification process. + * verification process. * * @param context A hx509 context. * @param ctx returns a pointer to a hx509_verify_ctx object. @@ -405,7 +405,7 @@ hx509_verify_init_ctx(hx509_context context, hx509_verify_ctx *ctx) c->max_depth = HX509_VERIFY_MAX_DEPTH; *ctx = c; - + return 0; } @@ -576,7 +576,7 @@ find_extension(const Certificate *cert, const heim_oid *oid, int *idx) if (c->version == NULL || *c->version < 2 || c->extensions == NULL) return NULL; - + for (;*idx < c->extensions->len; (*idx)++) { if (der_heim_oid_cmp(&c->extensions->val[*idx].extnID, oid) == 0) return &c->extensions->val[(*idx)++]; @@ -585,7 +585,7 @@ find_extension(const Certificate *cert, const heim_oid *oid, int *idx) } static int -find_extension_auth_key_id(const Certificate *subject, +find_extension_auth_key_id(const Certificate *subject, AuthorityKeyIdentifier *ai) { const Extension *e; @@ -597,9 +597,9 @@ find_extension_auth_key_id(const Certificate *subject, e = find_extension(subject, oid_id_x509_ce_authorityKeyIdentifier(), &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_AuthorityKeyIdentifier(e->extnValue.data, - e->extnValue.length, + + return decode_AuthorityKeyIdentifier(e->extnValue.data, + e->extnValue.length, ai, &size); } @@ -616,14 +616,14 @@ _hx509_find_extension_subject_key_id(const Certificate *issuer, e = find_extension(issuer, oid_id_x509_ce_subjectKeyIdentifier(), &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_SubjectKeyIdentifier(e->extnValue.data, + + return decode_SubjectKeyIdentifier(e->extnValue.data, e->extnValue.length, si, &size); } static int -find_extension_name_constraints(const Certificate *subject, +find_extension_name_constraints(const Certificate *subject, NameConstraints *nc) { const Extension *e; @@ -635,9 +635,9 @@ find_extension_name_constraints(const Certificate *subject, e = find_extension(subject, oid_id_x509_ce_nameConstraints(), &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_NameConstraints(e->extnValue.data, - e->extnValue.length, + + return decode_NameConstraints(e->extnValue.data, + e->extnValue.length, nc, &size); } @@ -653,8 +653,8 @@ find_extension_subject_alt_name(const Certificate *cert, int *i, e = find_extension(cert, oid_id_x509_ce_subjectAltName(), i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_GeneralNames(e->extnValue.data, + + return decode_GeneralNames(e->extnValue.data, e->extnValue.length, sa, &size); } @@ -671,8 +671,8 @@ find_extension_eku(const Certificate *cert, ExtKeyUsage *eku) e = find_extension(cert, oid_id_x509_ce_extKeyUsage(), &i); if (e == NULL) return HX509_EXTENSION_NOT_FOUND; - - return decode_ExtKeyUsage(e->extnValue.data, + + return decode_ExtKeyUsage(e->extnValue.data, e->extnValue.length, eku, &size); } @@ -716,7 +716,7 @@ hx509_free_octet_string_list(hx509_octet_string_list *list) /** * Return a list of subjectAltNames specified by oid in the - * certificate. On error the + * certificate. On error the * * The returned list of octet string should be freed with * hx509_free_octet_string_list(). @@ -758,11 +758,11 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, for (j = 0; j < sa.len; j++) { if (sa.val[j].element == choice_GeneralName_otherName && - der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) + der_heim_oid_cmp(&sa.val[j].u.otherName.type_id, oid) == 0) { ret = add_to_list(list, &sa.val[j].u.otherName.value); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Error adding an exra SAN to " "return list"); hx509_free_octet_string_list(list); @@ -778,7 +778,7 @@ hx509_cert_find_subjectAltName_otherName(hx509_context context, static int -check_key_usage(hx509_context context, const Certificate *cert, +check_key_usage(hx509_context context, const Certificate *cert, unsigned flags, int req_present) { const Extension *e; @@ -800,7 +800,7 @@ check_key_usage(hx509_context context, const Certificate *cert, } return 0; } - + ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, &ku, &size); if (ret) return ret; @@ -827,7 +827,7 @@ check_key_usage(hx509_context context, const Certificate *cert, */ int -_hx509_check_key_usage(hx509_context context, hx509_cert cert, +_hx509_check_key_usage(hx509_context context, hx509_cert cert, unsigned flags, int req_present) { return check_key_usage(context, _hx509_get_cert(cert), flags, req_present); @@ -836,7 +836,7 @@ _hx509_check_key_usage(hx509_context context, hx509_cert cert, enum certtype { PROXY_CERT, EE_CERT, CA_CERT }; static int -check_basic_constraints(hx509_context context, const Certificate *cert, +check_basic_constraints(hx509_context context, const Certificate *cert, enum certtype type, int depth) { BasicConstraints bc; @@ -865,8 +865,8 @@ check_basic_constraints(hx509_context context, const Certificate *cert, } } } - - ret = decode_BasicConstraints(e->extnValue.data, + + ret = decode_BasicConstraints(e->extnValue.data, e->extnValue.length, &bc, &size); if (ret) @@ -901,14 +901,14 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, SubjectKeyIdentifier si; int ret_ai, ret_si, ret; - ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, + ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, &subject->tbsCertificate.issuer, &diff); if (ret) return ret; if (diff) return diff; - + memset(&ai, 0, sizeof(ai)); memset(&si, 0, sizeof(si)); @@ -937,7 +937,7 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, goto out; } } - + if (ai.keyIdentifier == NULL) { Name name; @@ -946,7 +946,7 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, if (ai.authorityCertSerialNumber == NULL) return -1; - diff = der_heim_integer_cmp(ai.authorityCertSerialNumber, + diff = der_heim_integer_cmp(ai.authorityCertSerialNumber, &issuer->tbsCertificate.serialNumber); if (diff) return diff; @@ -955,12 +955,12 @@ _hx509_cert_is_parent_cmp(const Certificate *subject, if (ai.authorityCertIssuer->val[0].element != choice_GeneralName_directoryName) return -1; - name.element = + name.element = ai.authorityCertIssuer->val[0].u.directoryName.element; - name.u.rdnSequence = + name.u.rdnSequence = ai.authorityCertIssuer->val[0].u.directoryName.u.rdnSequence; - ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, + ret = _hx509_name_cmp(&issuer->tbsCertificate.subject, &name, &diff); if (ret) @@ -1008,7 +1008,7 @@ certificate_is_self_signed(hx509_context context, int *self_signed) { int ret, diff; - ret = _hx509_name_cmp(&cert->tbsCertificate.subject, + ret = _hx509_name_cmp(&cert->tbsCertificate.subject, &cert->tbsCertificate.issuer, &diff); *self_signed = (diff == 0); if (ret) @@ -1033,7 +1033,7 @@ find_parent(hx509_context context, time_t time_now, hx509_certs trust_anchors, hx509_path *path, - hx509_certs pool, + hx509_certs pool, hx509_cert current, hx509_cert *parent) { @@ -1043,7 +1043,7 @@ find_parent(hx509_context context, *parent = NULL; memset(&ai, 0, sizeof(ai)); - + _hx509_query_clear(&q); if (!subject_null_p(current->data)) { @@ -1122,8 +1122,8 @@ find_parent(hx509_context context, */ static int -is_proxy_cert(hx509_context context, - const Certificate *cert, +is_proxy_cert(hx509_context context, + const Certificate *cert, ProxyCertInfo *rinfo) { ProxyCertInfo info; @@ -1140,8 +1140,8 @@ is_proxy_cert(hx509_context context, return HX509_EXTENSION_NOT_FOUND; } - ret = decode_ProxyCertInfo(e->extnValue.data, - e->extnValue.length, + ret = decode_ProxyCertInfo(e->extnValue.data, + e->extnValue.length, &info, &size); if (ret) { @@ -1151,7 +1151,7 @@ is_proxy_cert(hx509_context context, if (size != e->extnValue.length) { free_ProxyCertInfo(&info); hx509_clear_error_string(context); - return HX509_EXTRA_DATA_AFTER_STRUCTURE; + return HX509_EXTRA_DATA_AFTER_STRUCTURE; } if (rinfo == NULL) free_ProxyCertInfo(&info); @@ -1187,7 +1187,7 @@ void _hx509_path_free(hx509_path *path) { unsigned i; - + for (i = 0; i < path->len; i++) hx509_cert_free(path->val[i]); free(path->val); @@ -1208,7 +1208,7 @@ _hx509_path_free(hx509_path *path) * The path includes a path from the top certificate to the anchor * certificate. * - * The caller needs to free `path´ both on successful built path and + * The caller needs to free `path´ both on successful built path and * failure. */ @@ -1236,7 +1236,7 @@ _hx509_calculate_path(hx509_context context, while (!certificate_is_anchor(context, anchors, current)) { - ret = find_parent(context, time_now, anchors, path, + ret = find_parent(context, time_now, anchors, path, pool, current, &parent); hx509_cert_free(current); if (ret) @@ -1256,8 +1256,8 @@ _hx509_calculate_path(hx509_context context, } } - if ((flags & HX509_CALCULATE_PATH_NO_ANCHOR) && - path->len > 0 && + if ((flags & HX509_CALCULATE_PATH_NO_ANCHOR) && + path->len > 0 && certificate_is_anchor(context, anchors, path->val[path->len - 1])) { hx509_cert_free(path->val[path->len - 1]); @@ -1297,7 +1297,7 @@ _hx509_Certificate_cmp(const Certificate *p, const Certificate *q) diff = der_heim_bit_string_cmp(&p->signatureValue, &q->signatureValue); if (diff) return diff; - diff = _hx509_AlgorithmIdentifier_cmp(&p->signatureAlgorithm, + diff = _hx509_AlgorithmIdentifier_cmp(&p->signatureAlgorithm, &q->signatureAlgorithm); if (diff) return diff; @@ -1481,7 +1481,7 @@ hx509_cert_get_SPKI(hx509_context context, hx509_cert p, SubjectPublicKeyInfo *s int hx509_cert_get_SPKI_AlgorithmIdentifier(hx509_context context, - hx509_cert p, + hx509_cert p, AlgorithmIdentifier *alg) { int ret; @@ -1534,7 +1534,7 @@ _hx509_cert_private_decrypt(hx509_context context, return _hx509_private_key_private_decrypt(context, ciphertext, encryption_oid, - p->private_key, + p->private_key, cleartext); } @@ -1623,7 +1623,7 @@ match_RDN(const RelativeDistinguishedName *c, if (c->len != n->len) return HX509_NAME_CONSTRAINT_ERROR; - + for (i = 0; i < n->len; i++) { int diff, ret; @@ -1654,13 +1654,13 @@ match_X501Name(const Name *c, const Name *n) return ret; } return 0; -} +} static int match_general_name(const GeneralName *c, const GeneralName *n, int *match) { - /* + /* * Name constraints only apply to the same name type, see RFC3280, * 4.2.1.11. */ @@ -1741,7 +1741,7 @@ match_general_name(const GeneralName *c, const GeneralName *n, int *match) } static int -match_alt_name(const GeneralName *n, const Certificate *c, +match_alt_name(const GeneralName *n, const Certificate *c, int *same, int *match) { GeneralNames sa; @@ -1790,14 +1790,14 @@ match_tree(const GeneralSubtrees *t, const Certificate *c, int *match) && !subject_null_p(c)) { GeneralName certname; - + memset(&certname, 0, sizeof(certname)); certname.element = choice_GeneralName_directoryName; - certname.u.directoryName.element = + certname.u.directoryName.element = c->tbsCertificate.subject.element; - certname.u.directoryName.u.rdnSequence = + certname.u.directoryName.u.rdnSequence = c->tbsCertificate.subject.u.rdnSequence; - + ret = match_general_name(&t->val[i].base, &certname, &name); } @@ -1814,7 +1814,7 @@ match_tree(const GeneralSubtrees *t, const Certificate *c, int *match) } static int -check_name_constraints(hx509_context context, +check_name_constraints(hx509_context context, const hx509_name_constraints *nc, const Certificate *c) { @@ -1978,13 +1978,13 @@ hx509_verify_path(hx509_context context, ret = certificate_is_self_signed(context, c, &selfsigned); if (ret) goto out; - if (selfsigned) + if (selfsigned) selfsigned_depth++; } break; case PROXY_CERT: { - ProxyCertInfo info; + ProxyCertInfo info; if (is_proxy_cert(context, c, &info) == 0) { int j; @@ -2005,7 +2005,7 @@ hx509_verify_path(hx509_context context, j = 0; if (find_extension(c, oid_id_x509_ce_subjectAltName(), &j)) { ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Proxy certificate have explicity " "forbidden subjectAltName"); goto out; @@ -2014,13 +2014,13 @@ hx509_verify_path(hx509_context context, j = 0; if (find_extension(c, oid_id_x509_ce_issuerAltName(), &j)) { ret = HX509_PROXY_CERT_INVALID; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Proxy certificate have explicity " "forbidden issuerAltName"); goto out; } - /* + /* * The subject name of the proxy certificate should be * CN=XXX,<proxy issuer>, prune of CN and check if its * the same over the whole chain of proxy certs and @@ -2050,7 +2050,7 @@ hx509_verify_path(hx509_context context, } j = proxy_issuer.u.rdnSequence.len; - if (proxy_issuer.u.rdnSequence.len < 2 + if (proxy_issuer.u.rdnSequence.len < 2 || proxy_issuer.u.rdnSequence.val[j - 1].len > 1 || der_heim_oid_cmp(&proxy_issuer.u.rdnSequence.val[j - 1].val[0].type, oid_id_at_commonName())) @@ -2080,7 +2080,7 @@ hx509_verify_path(hx509_context context, break; } else { - /* + /* * Now we are done with the proxy certificates, this * cert was an EE cert and we we will fall though to * EE checking below. @@ -2097,7 +2097,7 @@ hx509_verify_path(hx509_context context, */ if (proxy_cert_depth) { - ret = _hx509_name_cmp(&proxy_issuer, + ret = _hx509_name_cmp(&proxy_issuer, &c->tbsCertificate.subject, &diff); if (ret) { hx509_set_error_string(context, 0, ret, "out of memory"); @@ -2121,11 +2121,11 @@ hx509_verify_path(hx509_context context, break; } - ret = check_basic_constraints(context, c, type, + ret = check_basic_constraints(context, c, type, i - proxy_cert_depth - selfsigned_depth); if (ret) goto out; - + /* * Don't check the trust anchors expiration time since they * are transported out of band, from RFC3820. @@ -2211,7 +2211,7 @@ hx509_verify_path(hx509_context context, int parent = (i < path.len - 1) ? i + 1 : i; ret = hx509_revoke_verify(context, - ctx->revoke_ctx, + ctx->revoke_ctx, certs, ctx->time_now, path.val[i], @@ -2326,7 +2326,7 @@ hx509_verify_hostname(hx509_context context, hx509_hostname_type type, const char *hostname, const struct sockaddr *sa, - /* XXX krb5_socklen_t */ int sa_size) + /* XXX krb5_socklen_t */ int sa_size) { GeneralNames san; int ret, i, j; @@ -2397,8 +2397,8 @@ hx509_verify_hostname(hx509_context context, int _hx509_set_cert_attribute(hx509_context context, - hx509_cert cert, - const heim_oid *oid, + hx509_cert cert, + const heim_oid *oid, const heim_octet_string *attr) { hx509_cert_attribute a; @@ -2407,7 +2407,7 @@ _hx509_set_cert_attribute(hx509_context context, if (hx509_cert_get_attribute(cert, oid) != NULL) return 0; - d = realloc(cert->attrs.val, + d = realloc(cert->attrs.val, sizeof(cert->attrs.val[0]) * (cert->attrs.len + 1)); if (d == NULL) { hx509_clear_error_string(context); @@ -2421,7 +2421,7 @@ _hx509_set_cert_attribute(hx509_context context, der_copy_octet_string(attr, &a->data); der_copy_oid(oid, &a->oid); - + cert->attrs.val[cert->attrs.len] = a; cert->attrs.len++; @@ -2517,13 +2517,13 @@ hx509_cert_get_friendly_name(hx509_cert cert) free_PKCS9_friendlyName(&n); return NULL; } - + cert->friendlyname = malloc(n.val[0].length + 1); if (cert->friendlyname == NULL) { free_PKCS9_friendlyName(&n); return NULL; } - + for (i = 0; i < n.val[0].length; i++) { if (n.val[0].data[i] <= 0xff) cert->friendlyname[i] = n.val[0].data[i] & 0xff; @@ -2611,7 +2611,7 @@ hx509_query_match_option(hx509_query *q, hx509_query_option option) int hx509_query_match_issuer_serial(hx509_query *q, - const Name *issuer, + const Name *issuer, const heim_integer *serialNumber) { int ret; @@ -2840,7 +2840,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert } if ((q->match & HX509_QUERY_MATCH_ISSUER_ID)) return 0; - if ((q->match & HX509_QUERY_PRIVATE_KEY) && + if ((q->match & HX509_QUERY_PRIVATE_KEY) && _hx509_cert_private_key(cert) == NULL) return 0; @@ -2900,7 +2900,7 @@ _hx509_query_match_cert(hx509_context context, const hx509_query *q, hx509_cert heim_octet_string os; os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = + os.length = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; ret = _hx509_verify_signature(context, @@ -3039,12 +3039,12 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) return; f = fopen(context->querystat, "r"); if (f == NULL) { - fprintf(out, "No statistic file %s: %s.\n", + fprintf(out, "No statistic file %s: %s.\n", context->querystat, strerror(errno)); return; } rk_cloexec_file(f); - + for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { stats[i].index = i; stats[i].stats = 0; @@ -3075,7 +3075,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) errx(1, "out of memory"); rtbl_set_separator (t, " "); - + rtbl_add_column_by_id (t, 0, "Name", 0); rtbl_add_column_by_id (t, 1, "Counter", 0); @@ -3083,7 +3083,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) for (i = 0; i < sizeof(stats)/sizeof(stats[0]); i++) { char str[10]; - if (stats[i].index < sizeof(statname)/sizeof(statname[0])) + if (stats[i].index < sizeof(statname)/sizeof(statname[0])) rtbl_add_column_entry_by_id (t, 0, statname[stats[i].index]); else { snprintf(str, sizeof(str), "%d", stats[i].index); @@ -3096,7 +3096,7 @@ hx509_query_unparse_stats(hx509_context context, int printtype, FILE *out) rtbl_format(t, out); rtbl_destroy(t); - fprintf(out, "\nQueries: multi %lu total %lu\n", + fprintf(out, "\nQueries: multi %lu total %lu\n", multiqueries, totalqueries); } @@ -3166,7 +3166,7 @@ _hx509_cert_get_keyusage(hx509_context context, e = find_extension(cert, oid_id_x509_ce_keyUsage(), &i); if (e == NULL) return HX509_KU_CERT_MISSING; - + ret = decode_KeyUsage(e->extnValue.data, e->extnValue.length, ku, &size); if (ret) return ret; @@ -3212,7 +3212,7 @@ hx509_cert_binary(hx509_context context, hx509_cert c, heim_octet_string *os) os->data = NULL; os->length = 0; - ASN1_MALLOC_ENCODE(Certificate, os->data, os->length, + ASN1_MALLOC_ENCODE(Certificate, os->data, os->length, _hx509_get_cert(c), &size, ret); if (ret) { os->data = NULL; diff --git a/source4/heimdal/lib/hx509/cms.c b/source4/heimdal/lib/hx509/cms.c index 629060a253..ba1800ddf2 100644 --- a/source4/heimdal/lib/hx509/cms.c +++ b/source4/heimdal/lib/hx509/cms.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan + * Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -38,7 +38,7 @@ RCSID("$Id$"); * @page page_cms CMS/PKCS7 message functions. * * CMS is defined in RFC 3369 and is an continuation of the RSA Labs - * standard PKCS7. The basic messages in CMS is + * standard PKCS7. The basic messages in CMS is * * - SignedData * Data signed with private key (RSA, DSA, ECDSA) or secret @@ -68,7 +68,7 @@ RCSID("$Id$"); * der_free_octet_string(). * * @return Returns an hx509 error code. - * + * * @ingroup hx509_cms */ @@ -122,7 +122,7 @@ hx509_cms_wrap_ContentInfo(const heim_oid *oid, * diffrence between no data and the zero length data. * * @return Returns an hx509 error code. - * + * * @ingroup hx509_cms */ @@ -709,8 +709,8 @@ any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs) for (i = 0; i < sd->certificates->len; i++) { hx509_cert c; - ret = hx509_cert_init_data(context, - sd->certificates->val[i].data, + ret = hx509_cert_init_data(context, + sd->certificates->val[i].data, sd->certificates->val[i].length, &c); if (ret) @@ -838,7 +838,7 @@ hx509_cms_verify_signed(hx509_context context, continue; } - ret = find_CMSIdentifier(context, &signer_info->sid, certs, + ret = find_CMSIdentifier(context, &signer_info->sid, certs, _hx509_verify_get_time(ctx), &cert, HX509_QUERY_KU_DIGITALSIGNATURE); if (ret) @@ -1314,7 +1314,7 @@ hx509_cms_create_signed_1(hx509_context context, */ if (pool) { _hx509_calculate_path(context, - HX509_CALCULATE_PATH_NO_ANCHOR, + HX509_CALCULATE_PATH_NO_ANCHOR, time(NULL), anchors, 0, diff --git a/source4/heimdal/lib/hx509/collector.c b/source4/heimdal/lib/hx509/collector.c index d8212927e6..b59052bb4e 100644 --- a/source4/heimdal/lib/hx509/collector.c +++ b/source4/heimdal/lib/hx509/collector.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -113,7 +113,7 @@ free_private_key(struct private_key *key) int _hx509_collector_private_key_add(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const AlgorithmIdentifier *alg, hx509_private_key private_key, const heim_octet_string *key_data, @@ -153,7 +153,7 @@ _hx509_collector_private_key_add(hx509_context context, if (localKeyId) { ret = der_copy_octet_string(localKeyId, &key->localKeyId); if (ret) { - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to copy localKeyId"); goto out; } @@ -187,9 +187,9 @@ match_localkeyid(hx509_context context, _hx509_query_clear(&q); q.match |= HX509_QUERY_MATCH_LOCAL_KEY_ID; - + q.local_key_id = &value->localKeyId; - + ret = hx509_certs_find(context, certs, &q, &cert); if (ret == 0) { @@ -208,7 +208,7 @@ match_keys(hx509_context context, struct private_key *value, hx509_certs certs) int ret, found = HX509_CERT_NOT_FOUND; if (value->private_key == NULL) { - hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, + hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING, "No private key to compare with"); return HX509_PRIVATE_KEY_MISSING; } @@ -248,7 +248,7 @@ match_keys(hx509_context context, struct private_key *value, hx509_certs certs) } int -_hx509_collector_collect_certs(hx509_context context, +_hx509_collector_collect_certs(hx509_context context, struct hx509_collector *c, hx509_certs *ret_certs) { @@ -282,7 +282,7 @@ _hx509_collector_collect_certs(hx509_context context, } int -_hx509_collector_collect_private_keys(hx509_context context, +_hx509_collector_collect_private_keys(hx509_context context, struct hx509_collector *c, hx509_private_key **keys) { diff --git a/source4/heimdal/lib/hx509/crypto.c b/source4/heimdal/lib/hx509/crypto.c index e16977c6bf..4a8ec8f756 100644 --- a/source4/heimdal/lib/hx509/crypto.c +++ b/source4/heimdal/lib/hx509/crypto.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -241,11 +241,11 @@ rsa_verify_signature(hx509_context context, goto out; } - retsize = RSA_public_decrypt(sig->length, (unsigned char *)sig->data, + retsize = RSA_public_decrypt(sig->length, (unsigned char *)sig->data, to, rsa, RSA_PKCS1_PADDING); if (retsize <= 0) { ret = HX509_CRYPTO_SIG_INVALID_FORMAT; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "RSA public decrypt failed: %d", retsize); free(to); goto out; @@ -269,8 +269,8 @@ rsa_verify_signature(hx509_context context, } if (sig_alg->digest_oid && - der_heim_oid_cmp(&di.digestAlgorithm.algorithm, - (*sig_alg->digest_oid)()) != 0) + der_heim_oid_cmp(&di.digestAlgorithm.algorithm, + (*sig_alg->digest_oid)()) != 0) { ret = HX509_CRYPTO_OID_MISMATCH; hx509_set_error_string(context, 0, ret, "object identifier in RSA sig mismatch"); @@ -323,7 +323,7 @@ rsa_create_signature(hx509_context context, const heim_oid *sig_oid; size_t size; int ret; - + if (alg) sig_oid = &alg->algorithm; else @@ -391,8 +391,8 @@ rsa_create_signature(hx509_context context, return ENOMEM; } - ret = RSA_private_encrypt(indata.length, indata.data, - sig->data, + ret = RSA_private_encrypt(indata.length, indata.data, + sig->data, signer->private_key.rsa, RSA_PKCS1_PADDING); if (indata.data != data->data) @@ -407,7 +407,7 @@ rsa_create_signature(hx509_context context, _hx509_abort("RSA signature prelen longer the output len"); sig->length = ret; - + return 0; } @@ -419,7 +419,7 @@ rsa_private_key_import(hx509_context context, { const unsigned char *p = data; - private_key->private_key.rsa = + private_key->private_key.rsa = d2i_RSAPrivateKey(NULL, &p, len); if (private_key->private_key.rsa == NULL) { hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, @@ -449,7 +449,7 @@ rsa_private_key2SPKI(hx509_context context, } spki->subjectPublicKey.length = len * 8; - ret = set_digest_alg(&spki->algorithm,oid_id_pkcs1_rsaEncryption(), + ret = set_digest_alg(&spki->algorithm,oid_id_pkcs1_rsaEncryption(), "\x05\x00", 2); if (ret) { hx509_set_error_string(context, 0, ret, "malloc - out of memory"); @@ -468,7 +468,7 @@ rsa_private_key2SPKI(hx509_context context, } static int -rsa_generate_private_key(hx509_context context, +rsa_generate_private_key(hx509_context context, struct hx509_generate_private_context *ctx, hx509_private_key private_key) { @@ -485,7 +485,7 @@ rsa_generate_private_key(hx509_context context, "Failed to generate RSA key"); return HX509_PARSING_KEY_FAILED; } - + e = BN_new(); BN_set_word(e, default_rsa_e); @@ -508,7 +508,7 @@ rsa_generate_private_key(hx509_context context, return 0; } -static int +static int rsa_private_key_export(hx509_context context, const hx509_private_key key, heim_octet_string *data) @@ -533,7 +533,7 @@ rsa_private_key_export(hx509_context context, return ret; } data->length = ret; - + { unsigned char *p = data->data; i2d_RSAPrivateKey(key->private_key.rsa, &p); @@ -664,7 +664,7 @@ dsa_parse_private_key(hx509_context context, { const unsigned char *p = data; - private_key->private_key.dsa = + private_key->private_key.dsa = d2i_DSAPrivateKey(NULL, &p, len); if (private_key->private_key.dsa == NULL) return EINVAL; @@ -689,7 +689,7 @@ sha1_verify_signature(hx509_context context, { unsigned char digest[SHA_DIGEST_LENGTH]; SHA_CTX m; - + if (sig->length != SHA_DIGEST_LENGTH) { hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, "SHA1 sigature have wrong length"); @@ -719,7 +719,7 @@ sha256_create_signature(hx509_context context, heim_octet_string *sig) { SHA256_CTX m; - + memset(sig, 0, sizeof(*sig)); if (signatureAlgorithm) { @@ -729,7 +729,7 @@ sha256_create_signature(hx509_context context, if (ret) return ret; } - + sig->data = malloc(SHA256_DIGEST_LENGTH); if (sig->data == NULL) { @@ -755,7 +755,7 @@ sha256_verify_signature(hx509_context context, { unsigned char digest[SHA256_DIGEST_LENGTH]; SHA256_CTX m; - + if (sig->length != SHA256_DIGEST_LENGTH) { hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, "SHA256 sigature have wrong length"); @@ -785,17 +785,17 @@ sha1_create_signature(hx509_context context, heim_octet_string *sig) { SHA_CTX m; - + memset(sig, 0, sizeof(*sig)); if (signatureAlgorithm) { int ret; - ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), + ret = set_digest_alg(signatureAlgorithm, (*sig_alg->sig_oid)(), "\x05\x00", 2); if (ret) return ret; } - + sig->data = malloc(SHA_DIGEST_LENGTH); if (sig->data == NULL) { @@ -821,7 +821,7 @@ md5_verify_signature(hx509_context context, { unsigned char digest[MD5_DIGEST_LENGTH]; MD5_CTX m; - + if (sig->length != MD5_DIGEST_LENGTH) { hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, "MD5 sigature have wrong length"); @@ -851,7 +851,7 @@ md2_verify_signature(hx509_context context, { unsigned char digest[MD2_DIGEST_LENGTH]; MD2_CTX m; - + if (sig->length != MD2_DIGEST_LENGTH) { hx509_set_error_string(context, 0, HX509_CRYPTO_SIG_INVALID_FORMAT, "MD2 sigature have wrong length"); @@ -941,7 +941,7 @@ static const struct signature_alg dsa_sha1_alg = { "dsa-with-sha1", oid_id_dsa_with_sha1, NULL, - oid_id_dsa, + oid_id_dsa, oid_id_secsig_sha_1, PROVIDE_CONF|REQUIRE_SIGNER|SIG_PUBLIC_SIG, dsa_verify_signature, @@ -990,7 +990,7 @@ static const struct signature_alg md2_alg = { md2_verify_signature }; -/* +/* * Order matter in this structure, "best" first for each "key * compatible" type (type is RSA, DSA, none, etc) */ @@ -1094,7 +1094,7 @@ _hx509_verify_signature_bitstring(hx509_context context, os.data = sig->data; os.length = sig->length / 8; - + return _hx509_verify_signature(context, signer, alg, data, &os); } @@ -1111,7 +1111,7 @@ _hx509_create_signature(hx509_context context, if (signer && signer->ops && signer->ops->handle_alg && (*signer->ops->handle_alg)(signer, alg, COT_SIGN)) { - return (*signer->ops->sign)(context, signer, alg, data, + return (*signer->ops->sign)(context, signer, alg, data, signatureAlgorithm, sig); } @@ -1128,7 +1128,7 @@ _hx509_create_signature(hx509_context context, return HX509_CRYPTO_SIG_NO_CONF; } - return (*md->create_signature)(context, md, signer, alg, data, + return (*md->create_signature)(context, md, signer, alg, data, signatureAlgorithm, sig); } @@ -1205,8 +1205,8 @@ _hx509_public_encrypt(hx509_context context, return ENOMEM; } - ret = RSA_public_encrypt(cleartext->length, - (unsigned char *)cleartext->data, + ret = RSA_public_encrypt(cleartext->length, + (unsigned char *)cleartext->data, to, rsa, RSA_PKCS1_PADDING); RSA_free(rsa); if (ret <= 0) { @@ -1331,7 +1331,7 @@ _hx509_generate_private_key_init(hx509_context context, *ctx = NULL; if (der_heim_oid_cmp(oid, oid_id_pkcs1_rsaEncryption()) != 0) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "private key not an RSA key"); return EINVAL; } @@ -1408,72 +1408,72 @@ _hx509_generate_private_key(hx509_context context, static const heim_octet_string null_entry_oid = { 2, rk_UNCONST("\x05\x00") }; static const unsigned sha512_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 3 }; -const AlgorithmIdentifier _hx509_signature_sha512_data = { +const AlgorithmIdentifier _hx509_signature_sha512_data = { { 9, rk_UNCONST(sha512_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned sha384_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_sha384_data = { +const AlgorithmIdentifier _hx509_signature_sha384_data = { { 9, rk_UNCONST(sha384_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned sha256_oid_tree[] = { 2, 16, 840, 1, 101, 3, 4, 2, 1 }; -const AlgorithmIdentifier _hx509_signature_sha256_data = { +const AlgorithmIdentifier _hx509_signature_sha256_data = { { 9, rk_UNCONST(sha256_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned sha1_oid_tree[] = { 1, 3, 14, 3, 2, 26 }; -const AlgorithmIdentifier _hx509_signature_sha1_data = { +const AlgorithmIdentifier _hx509_signature_sha1_data = { { 6, rk_UNCONST(sha1_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned md5_oid_tree[] = { 1, 2, 840, 113549, 2, 5 }; -const AlgorithmIdentifier _hx509_signature_md5_data = { +const AlgorithmIdentifier _hx509_signature_md5_data = { { 6, rk_UNCONST(md5_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned md2_oid_tree[] = { 1, 2, 840, 113549, 2, 2 }; -const AlgorithmIdentifier _hx509_signature_md2_data = { +const AlgorithmIdentifier _hx509_signature_md2_data = { { 6, rk_UNCONST(md2_oid_tree) }, rk_UNCONST(&null_entry_oid) }; static const unsigned rsa_with_sha512_oid[] ={ 1, 2, 840, 113549, 1, 1, 13 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha512_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_sha512_data = { { 7, rk_UNCONST(rsa_with_sha512_oid) }, NULL }; static const unsigned rsa_with_sha384_oid[] ={ 1, 2, 840, 113549, 1, 1, 12 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha384_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_sha384_data = { { 7, rk_UNCONST(rsa_with_sha384_oid) }, NULL }; static const unsigned rsa_with_sha256_oid[] ={ 1, 2, 840, 113549, 1, 1, 11 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha256_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_sha256_data = { { 7, rk_UNCONST(rsa_with_sha256_oid) }, NULL }; static const unsigned rsa_with_sha1_oid[] ={ 1, 2, 840, 113549, 1, 1, 5 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_sha1_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_sha1_data = { { 7, rk_UNCONST(rsa_with_sha1_oid) }, NULL }; static const unsigned rsa_with_md5_oid[] ={ 1, 2, 840, 113549, 1, 1, 4 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_md5_data = { { 7, rk_UNCONST(rsa_with_md5_oid) }, NULL }; static const unsigned rsa_with_md2_oid[] ={ 1, 2, 840, 113549, 1, 1, 2 }; -const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = { +const AlgorithmIdentifier _hx509_signature_rsa_with_md2_data = { { 7, rk_UNCONST(rsa_with_md2_oid) }, NULL }; static const unsigned rsa_oid[] ={ 1, 2, 840, 113549, 1, 1, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_data = { +const AlgorithmIdentifier _hx509_signature_rsa_data = { { 7, rk_UNCONST(rsa_oid) }, NULL }; static const unsigned rsa_pkcs1_x509_oid[] ={ 1, 2, 752, 43, 16, 1 }; -const AlgorithmIdentifier _hx509_signature_rsa_pkcs1_x509_data = { +const AlgorithmIdentifier _hx509_signature_rsa_pkcs1_x509_data = { { 6, rk_UNCONST(rsa_pkcs1_x509_oid) }, NULL }; @@ -1564,11 +1564,11 @@ hx509_crypto_aes256_cbc(void) * */ -const AlgorithmIdentifier * _hx509_crypto_default_sig_alg = +const AlgorithmIdentifier * _hx509_crypto_default_sig_alg = &_hx509_signature_rsa_with_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_digest_alg = +const AlgorithmIdentifier * _hx509_crypto_default_digest_alg = &_hx509_signature_sha1_data; -const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = +const AlgorithmIdentifier * _hx509_crypto_default_secret_alg = &_hx509_crypto_aes128_cbc_data; /* @@ -1635,7 +1635,7 @@ _hx509_private_key_assign_rsa(hx509_private_key key, void *ptr) key->md = &pkcs1_rsa_sha1_alg; } -int +int _hx509_private_key_oid(hx509_context context, const hx509_private_key key, heim_oid *data) @@ -1657,7 +1657,7 @@ _hx509_private_key_exportable(hx509_private_key key) BIGNUM * _hx509_private_key_get_internal(hx509_context context, - hx509_private_key key, + hx509_private_key key, const char *type) { if (key->ops->get_internal == NULL) @@ -1665,7 +1665,7 @@ _hx509_private_key_get_internal(hx509_context context, return (*key->ops->get_internal)(context, key, type); } -int +int _hx509_private_key_export(hx509_context context, const hx509_private_key key, heim_octet_string *data) @@ -1688,7 +1688,7 @@ struct hx509cipher { const EVP_CIPHER *(*evp_func)(void); int (*get_params)(hx509_context, const hx509_crypto, const heim_octet_string *, heim_octet_string *); - int (*set_params)(hx509_context, const heim_octet_string *, + int (*set_params)(hx509_context, const heim_octet_string *, hx509_crypto, heim_octet_string *); }; @@ -2063,7 +2063,7 @@ hx509_crypto_set_random_key(hx509_crypto crypto, heim_octet_string *key) int hx509_crypto_set_params(hx509_context context, - hx509_crypto crypto, + hx509_crypto crypto, const heim_octet_string *param, heim_octet_string *ivec) { @@ -2072,7 +2072,7 @@ hx509_crypto_set_params(hx509_context context, int hx509_crypto_get_params(hx509_context context, - hx509_crypto crypto, + hx509_crypto crypto, const heim_octet_string *ivec, heim_octet_string *param) { @@ -2128,7 +2128,7 @@ hx509_crypto_encrypt(hx509_crypto crypto, ret = ENOMEM; goto out; } - + if (EVP_CIPHER_block_size(crypto->c) == 1) { padsize = 0; } else { @@ -2222,7 +2222,7 @@ hx509_crypto_decrypt(hx509_crypto crypto, if (EVP_CIPHER_block_size(crypto->c) > 1) { int padsize; - unsigned char *p; + unsigned char *p; int j, bsize = EVP_CIPHER_block_size(crypto->c); if (clear->length < bsize) { @@ -2259,7 +2259,7 @@ hx509_crypto_decrypt(hx509_crypto crypto, typedef int (*PBE_string2key_func)(hx509_context, const char *, const heim_octet_string *, - hx509_crypto *, heim_octet_string *, + hx509_crypto *, heim_octet_string *, heim_octet_string *, const heim_oid *, const EVP_MD *); @@ -2267,7 +2267,7 @@ static int PBE_string2key(hx509_context context, const char *password, const heim_octet_string *parameters, - hx509_crypto *crypto, + hx509_crypto *crypto, heim_octet_string *key, heim_octet_string *iv, const heim_oid *enc_oid, const EVP_MD *md) @@ -2296,13 +2296,13 @@ PBE_string2key(hx509_context context, salt = p12params.salt.data; saltlen = p12params.salt.length; - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, + if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, PKCS12_KEY_ID, iter, key->length, key->data, md)) { ret = HX509_CRYPTO_INTERNAL_ERROR; goto out; } - - if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, + + if (!PKCS12_key_gen (password, passwordlen, salt, saltlen, PKCS12_IV_ID, iter, iv->length, iv->data, md)) { ret = HX509_CRYPTO_INTERNAL_ERROR; goto out; @@ -2325,8 +2325,8 @@ out: } static const heim_oid * -find_string2key(const heim_oid *oid, - const EVP_CIPHER **c, +find_string2key(const heim_oid *oid, + const EVP_CIPHER **c, const EVP_MD **md, PBE_string2key_func *s2k) { @@ -2439,7 +2439,7 @@ _hx509_pbe_decrypt(hx509_context context, else password = NULL; - ret = (*s2k)(context, password, ai->parameters, &crypto, + ret = (*s2k)(context, password, ai->parameters, &crypto, &key, &iv, enc_oid, md); if (ret) goto out; @@ -2452,7 +2452,7 @@ _hx509_pbe_decrypt(hx509_context context, hx509_crypto_destroy(crypto); if (ret == 0) goto out; - + } out: if (key.data) @@ -2510,7 +2510,7 @@ _hx509_match_keys(hx509_cert c, hx509_private_key private_key) rsa->dmq1 = BN_dup(private_key->private_key.rsa->dmq1); rsa->iqmp = BN_dup(private_key->private_key.rsa->iqmp); - if (rsa->n == NULL || rsa->e == NULL || + if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL || rsa->p == NULL|| rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL) { RSA_free(rsa); @@ -2556,13 +2556,13 @@ hx509_crypto_select(const hx509_context context, def = _hx509_crypto_default_digest_alg; } else if (type == HX509_SELECT_PUBLIC_SIG) { bits = SIG_PUBLIC_SIG; - /* XXX depend on `source´ and `peer´ */ + /* XXX depend on `source´ and `peer´ */ def = _hx509_crypto_default_sig_alg; } else if (type == HX509_SELECT_SECRET_ENC) { bits = SIG_SECRET; def = _hx509_crypto_default_secret_alg; } else { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Unknown type %d of selection", type); return EINVAL; } @@ -2576,10 +2576,10 @@ hx509_crypto_select(const hx509_context context, for (j = 0; sig_algs[j]; j++) { if ((sig_algs[j]->flags & bits) != bits) continue; - if (der_heim_oid_cmp((*sig_algs[j]->sig_oid)(), + if (der_heim_oid_cmp((*sig_algs[j]->sig_oid)(), &peer->val[i].algorithm) != 0) continue; - if (keytype && sig_algs[j]->key_oid && + if (keytype && sig_algs[j]->key_oid && der_heim_oid_cmp(keytype, (*sig_algs[j]->key_oid)())) continue; @@ -2633,7 +2633,7 @@ hx509_crypto_available(hx509_context context, } else if (type == HX509_SELECT_PUBLIC_SIG) { bits = SIG_PUBLIC_SIG; } else { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "Unknown type %d of available", type); return EINVAL; } @@ -2647,7 +2647,7 @@ hx509_crypto_available(hx509_context context, continue; if (sig_algs[i]->sig_alg == NULL) continue; - if (keytype && sig_algs[i]->key_oid && + if (keytype && sig_algs[i]->key_oid && der_heim_oid_cmp((*sig_algs[i]->key_oid)(), keytype)) continue; @@ -2675,7 +2675,7 @@ hx509_crypto_available(hx509_context context, if (ptr == NULL) goto out; *val = ptr; - + ret = copy_AlgorithmIdentifier((ciphers[i].ai_func)(), &(*val)[len]); if (ret) goto out; @@ -2703,4 +2703,4 @@ hx509_crypto_free_algs(AlgorithmIdentifier *val, for (i = 0; i < len; i++) free_AlgorithmIdentifier(&val[i]); free(val); -} +} diff --git a/source4/heimdal/lib/hx509/env.c b/source4/heimdal/lib/hx509/env.c index 9d771c506f..0b0a68ceae 100644 --- a/source4/heimdal/lib/hx509/env.c +++ b/source4/heimdal/lib/hx509/env.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2007 - 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2007 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -54,7 +54,7 @@ RCSID("$Id$"); */ int -hx509_env_add(hx509_context context, hx509_env *env, +hx509_env_add(hx509_context context, hx509_env *env, const char *key, const char *value) { hx509_env n; @@ -105,7 +105,7 @@ hx509_env_add(hx509_context context, hx509_env *env, */ int -hx509_env_add_binding(hx509_context context, hx509_env *env, +hx509_env_add_binding(hx509_context context, hx509_env *env, const char *key, hx509_env list) { hx509_env n; @@ -157,7 +157,7 @@ hx509_env_lfind(hx509_context context, hx509_env env, { while(env) { if (strncmp(key, env->name ,len) == 0 - && env->name[len] == '\0' && env->type == env_string) + && env->name[len] == '\0' && env->type == env_string) return env->u.string; env = env->next; } @@ -180,7 +180,7 @@ const char * hx509_env_find(hx509_context context, hx509_env env, const char *key) { while(env) { - if (strcmp(key, env->name) == 0 && env->type == env_string) + if (strcmp(key, env->name) == 0 && env->type == env_string) return env->u.string; env = env->next; } diff --git a/source4/heimdal/lib/hx509/error.c b/source4/heimdal/lib/hx509/error.c index 9eeecb227c..6f25404145 100644 --- a/source4/heimdal/lib/hx509/error.c +++ b/source4/heimdal/lib/hx509/error.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -87,7 +87,7 @@ hx509_clear_error_string(hx509_context context) */ void -hx509_set_error_stringv(hx509_context context, int flags, int code, +hx509_set_error_stringv(hx509_context context, int flags, int code, const char *fmt, va_list ap) { hx509_error msg; @@ -115,7 +115,7 @@ hx509_set_error_stringv(hx509_context context, int flags, int code, } /** - * See hx509_set_error_stringv(). + * See hx509_set_error_stringv(). * * @param context A hx509 context. * @param flags @@ -172,7 +172,7 @@ hx509_get_error_string(hx509_context context, int error_code) } for (msg = context->error; msg; msg = msg->next) - p = rk_strpoolprintf(p, "%s%s", msg->msg, + p = rk_strpoolprintf(p, "%s%s", msg->msg, msg->next != NULL ? "; " : ""); return rk_strpoolcollect(p); @@ -205,7 +205,7 @@ hx509_free_error_string(char *str) */ void -hx509_err(hx509_context context, int exit_code, +hx509_err(hx509_context context, int exit_code, int error_code, const char *fmt, ...) { va_list ap; diff --git a/source4/heimdal/lib/hx509/file.c b/source4/heimdal/lib/hx509/file.c index c8f0e9a642..a364dd2179 100644 --- a/source4/heimdal/lib/hx509/file.c +++ b/source4/heimdal/lib/hx509/file.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -73,7 +73,7 @@ header(FILE *f, const char *type, const char *str) } int -hx509_pem_write(hx509_context context, const char *type, +hx509_pem_write(hx509_context context, const char *type, hx509_pem_header *headers, FILE *f, const void *data, size_t size) { @@ -82,11 +82,11 @@ hx509_pem_write(hx509_context context, const char *type, char *line; #define ENCODE_LINE_LENGTH 54 - + header(f, "BEGIN", type); while (headers) { - fprintf(f, "%s: %s\n%s", + fprintf(f, "%s: %s\n%s", headers->header, headers->value, headers->next ? "" : "\n"); headers = headers->next; @@ -121,7 +121,7 @@ hx509_pem_write(hx509_context context, const char *type, */ int -hx509_pem_add_header(hx509_pem_header **headers, +hx509_pem_add_header(hx509_pem_header **headers, const char *header, const char *value) { hx509_pem_header *h; @@ -182,7 +182,7 @@ hx509_pem_find_header(const hx509_pem_header *h, const char *header) int hx509_pem_read(hx509_context context, - FILE *f, + FILE *f, hx509_pem_read_func func, void *ctx) { @@ -212,7 +212,7 @@ hx509_pem_read(hx509_context context, if (i > 0) i--; } - + switch (where) { case BEFORE: if (strncmp("-----BEGIN ", buf, 11) == 0) { @@ -261,7 +261,7 @@ hx509_pem_read(hx509_context context, free(p); goto out; } - + data = erealloc(data, len + i); memcpy(((char *)data) + len, p, i); free(p); diff --git a/source4/heimdal/lib/hx509/hx509.h b/source4/heimdal/lib/hx509/hx509.h index 289f8d04a7..5e5a2f811b 100644 --- a/source4/heimdal/lib/hx509/hx509.h +++ b/source4/heimdal/lib/hx509/hx509.h @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* $Id$ */ diff --git a/source4/heimdal/lib/hx509/hx_locl.h b/source4/heimdal/lib/hx509/hx_locl.h index 4cf7a54e13..8de2353f15 100644 --- a/source4/heimdal/lib/hx509/hx_locl.h +++ b/source4/heimdal/lib/hx509/hx_locl.h @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* $Id$ */ @@ -156,17 +156,17 @@ struct hx509_query_data { struct hx509_keyset_ops { const char *name; int flags; - int (*init)(hx509_context, hx509_certs, void **, + int (*init)(hx509_context, hx509_certs, void **, int, const char *, hx509_lock); int (*store)(hx509_context, hx509_certs, void *, int, hx509_lock); int (*free)(hx509_certs, void *); int (*add)(hx509_context, hx509_certs, void *, hx509_cert); - int (*query)(hx509_context, hx509_certs, void *, + int (*query)(hx509_context, hx509_certs, void *, const hx509_query *, hx509_cert *); int (*iter_start)(hx509_context, hx509_certs, void *, void **); int (*iter)(hx509_context, hx509_certs, void *, void *, hx509_cert *); int (*iter_end)(hx509_context, hx509_certs, void *, void *); - int (*printinfo)(hx509_context, hx509_certs, + int (*printinfo)(hx509_context, hx509_certs, void *, int (*)(void *, const char *), void *); int (*getkeys)(hx509_context, hx509_certs, void *, hx509_private_key **); int (*addkey)(hx509_context, hx509_certs, void *, hx509_private_key); diff --git a/source4/heimdal/lib/hx509/keyset.c b/source4/heimdal/lib/hx509/keyset.c index bb36221aff..b68064b512 100644 --- a/source4/heimdal/lib/hx509/keyset.c +++ b/source4/heimdal/lib/hx509/keyset.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -40,7 +40,7 @@ RCSID("$Id$"); * Type of certificates store: * - MEMORY * In memory based format. Doesnt support storing. - * - FILE + * - FILE * FILE supports raw DER certicates and PEM certicates. When PEM is * used the file can contain may certificates and match private * keys. Support storing the certificates. DER format only supports @@ -84,7 +84,7 @@ _hx509_ks_register(hx509_context context, struct hx509_keyset_ops *ops) if (_hx509_ks_type(context, ops->name)) return; - val = realloc(context->ks_ops, + val = realloc(context->ks_ops, (context->ks_num_ops + 1) * sizeof(context->ks_ops[0])); if (val == NULL) return; @@ -138,10 +138,10 @@ hx509_certs_init(hx509_context context, hx509_clear_error_string(context); return ENOMEM; } - + ops = _hx509_ks_type(context, type); if (ops == NULL) { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Keyset type %s is not supported", type); free(type); return ENOENT; @@ -257,8 +257,8 @@ hx509_certs_start_seq(hx509_context context, int ret; if (certs->ops->iter_start == NULL) { - hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, - "Keyset type %s doesn't support iteration", + hx509_set_error_string(context, 0, HX509_UNSUPPORTED_OPERATION, + "Keyset type %s doesn't support iteration", certs->ops->name); return HX509_UNSUPPORTED_OPERATION; } @@ -333,8 +333,8 @@ hx509_certs_end_seq(hx509_context context, */ int -hx509_certs_iter(hx509_context context, - hx509_certs certs, +hx509_certs_iter(hx509_context context, + hx509_certs certs, int (*func)(hx509_context, void *, hx509_cert), void *ctx) { @@ -345,7 +345,7 @@ hx509_certs_iter(hx509_context context, ret = hx509_certs_start_seq(context, certs, &cursor); if (ret) return ret; - + while (1) { ret = hx509_certs_next_cert(context, certs, cursor, &c); if (ret) @@ -420,8 +420,8 @@ int hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert) { if (certs->ops->add == NULL) { - hx509_set_error_string(context, 0, ENOENT, - "Keyset type %s doesn't support add operation", + hx509_set_error_string(context, 0, ENOENT, + "Keyset type %s doesn't support add operation", certs->ops->name); return ENOENT; } @@ -445,7 +445,7 @@ hx509_certs_add(hx509_context context, hx509_certs certs, hx509_cert cert) int hx509_certs_find(hx509_context context, - hx509_certs certs, + hx509_certs certs, const hx509_query *q, hx509_cert *r) { @@ -604,7 +604,7 @@ certs_info_stdio(void *ctx, const char *str) */ int -hx509_certs_info(hx509_context context, +hx509_certs_info(hx509_context context, hx509_certs certs, int (*func)(void *, const char *), void *ctx) @@ -639,8 +639,8 @@ _hx509_pi_printf(int (*func)(void *, const char *), void *ctx, } int -_hx509_certs_keys_get(hx509_context context, - hx509_certs certs, +_hx509_certs_keys_get(hx509_context context, + hx509_certs certs, hx509_private_key **keys) { if (certs->ops->getkeys == NULL) { @@ -651,8 +651,8 @@ _hx509_certs_keys_get(hx509_context context, } int -_hx509_certs_keys_add(hx509_context context, - hx509_certs certs, +_hx509_certs_keys_add(hx509_context context, + hx509_certs certs, hx509_private_key key) { if (certs->ops->addkey == NULL) { diff --git a/source4/heimdal/lib/hx509/ks_dir.c b/source4/heimdal/lib/hx509/ks_dir.c index 17a3ae4745..76c0c42633 100644 --- a/source4/heimdal/lib/hx509/ks_dir.c +++ b/source4/heimdal/lib/hx509/ks_dir.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -55,7 +55,7 @@ struct dircursor { static int dir_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { *data = NULL; @@ -96,7 +96,7 @@ dir_free(hx509_certs certs, void *data) -static int +static int dir_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { @@ -130,7 +130,7 @@ dir_iter(hx509_context context, { struct dircursor *d = iter; int ret = 0; - + *cert = NULL; do { diff --git a/source4/heimdal/lib/hx509/ks_file.c b/source4/heimdal/lib/hx509/ks_file.c index bb8dce3a4e..ca0171f8b9 100644 --- a/source4/heimdal/lib/hx509/ks_file.c +++ b/source4/heimdal/lib/hx509/ks_file.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -47,8 +47,8 @@ struct ks_file { */ static int -parse_certificate(hx509_context context, const char *fn, - struct hx509_collector *c, +parse_certificate(hx509_context context, const char *fn, + struct hx509_collector *c, const hx509_pem_header *headers, const void *data, size_t len) { @@ -131,7 +131,7 @@ out: static int parse_rsa_private_key(hx509_context context, const char *fn, - struct hx509_collector *c, + struct hx509_collector *c, const hx509_pem_header *headers, const void *data, size_t len) { @@ -281,7 +281,7 @@ parse_rsa_private_key(hx509_context context, const char *fn, struct pem_formats { const char *name; - int (*func)(hx509_context, const char *, struct hx509_collector *, + int (*func)(hx509_context, const char *, struct hx509_collector *, const hx509_pem_header *, const void *, size_t); } formats[] = { { "CERTIFICATE", parse_certificate }, @@ -327,7 +327,7 @@ pem_func(hx509_context context, const char *type, static int file_init_common(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock, outformat format) { char *p, *pnext; @@ -358,13 +358,13 @@ file_init_common(hx509_context context, goto out; } - /* + /* * XXX this is broken, the function should parse the file before * overwriting it */ if (flags & HX509_CERTS_CREATE) { - ret = hx509_certs_init(context, "MEMORY:ks-file-create", + ret = hx509_certs_init(context, "MEMORY:ks-file-create", 0, lock, &f->certs); if (ret) goto out; @@ -386,15 +386,15 @@ file_init_common(hx509_context context, if ((f = fopen(p, "r")) == NULL) { ret = ENOENT; - hx509_set_error_string(context, 0, ret, - "Failed to open PEM file \"%s\": %s", + hx509_set_error_string(context, 0, ret, + "Failed to open PEM file \"%s\": %s", p, strerror(errno)); goto out; } rk_cloexec_file(f); ret = hx509_pem_read(context, f, pem_func, &pem_ctx); - fclose(f); + fclose(f); if (ret != 0 && ret != HX509_PARSING_KEY_FAILED) goto out; else if (ret == HX509_PARSING_KEY_FAILED) { @@ -448,7 +448,7 @@ out: static int file_init_pem(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { return file_init_common(context, certs, data, flags, residue, lock, USE_PEM); @@ -456,7 +456,7 @@ file_init_pem(hx509_context context, static int file_init_der(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { return file_init_common(context, certs, data, flags, residue, lock, USE_DER); @@ -487,14 +487,14 @@ store_func(hx509_context context, void *ctx, hx509_cert c) ret = hx509_cert_binary(context, c, &data); if (ret) return ret; - + switch (sc->format) { case USE_DER: fwrite(data.data, data.length, 1, sc->f); free(data.data); break; case USE_PEM: - hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, + hx509_pem_write(context, "CERTIFICATE", NULL, sc->f, data.data, data.length); free(data.data); if (_hx509_cert_private_key_exportable(c)) { @@ -513,7 +513,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) } static int -file_store(hx509_context context, +file_store(hx509_context context, hx509_certs certs, void *data, int flags, hx509_lock lock) { struct ks_file *f = data; @@ -534,14 +534,14 @@ file_store(hx509_context context, return ret; } -static int +static int file_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { struct ks_file *f = data; return hx509_certs_add(context, f->certs, c); } -static int +static int file_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { diff --git a/source4/heimdal/lib/hx509/ks_keychain.c b/source4/heimdal/lib/hx509/ks_keychain.c index e51b0ab6a0..2dc0721563 100644 --- a/source4/heimdal/lib/hx509/ks_keychain.c +++ b/source4/heimdal/lib/hx509/ks_keychain.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -50,7 +50,7 @@ OSStatus SecKeyGetCredentials(SecKeyRef, CSSM_ACL_AUTHORIZATION_TAG, static int getAttribute(SecKeychainItemRef itemRef, SecItemAttr item, SecKeychainAttributeList **attrs) -{ +{ SecKeychainAttributeInfo attrInfo; UInt32 attrFormat = 0; OSStatus ret; @@ -60,7 +60,7 @@ getAttribute(SecKeychainItemRef itemRef, SecItemAttr item, attrInfo.count = 1; attrInfo.tag = &item; attrInfo.format = &attrFormat; - + ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, attrs, NULL, NULL); if (ret) @@ -101,7 +101,7 @@ kc_rsa_public_decrypt(int flen, static int -kc_rsa_private_encrypt(int flen, +kc_rsa_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, @@ -160,7 +160,7 @@ kc_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, return -1; } -static int +static int kc_rsa_init(RSA *rsa) { return 1; @@ -281,12 +281,12 @@ keychain_init(hx509_context context, ret = SecKeychainOpen(residue + 5, &ctx->keychain); if (ret != noErr) { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Failed to open %s", residue); return ENOENT; } } else { - hx509_set_error_string(context, 0, ENOENT, + hx509_set_error_string(context, 0, ENOENT, "Unknown subtype %s", residue); return ENOENT; } @@ -321,7 +321,7 @@ struct iter { SecKeychainSearchRef searchRef; }; -static int +static int keychain_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { @@ -339,7 +339,7 @@ keychain_iter_start(hx509_context context, int ret; int i; - ret = hx509_certs_init(context, "MEMORY:ks-file-create", + ret = hx509_certs_init(context, "MEMORY:ks-file-create", 0, NULL, &iter->certs); if (ret) { free(iter); @@ -350,12 +350,12 @@ keychain_iter_start(hx509_context context, if (ret != 0) { hx509_certs_free(&iter->certs); free(iter); - hx509_set_error_string(context, 0, ENOMEM, + hx509_set_error_string(context, 0, ENOMEM, "Can't get trust anchors from Keychain"); return ENOMEM; } for (i = 0; i < CFArrayGetCount(anchors); i++) { - SecCertificateRef cr; + SecCertificateRef cr; hx509_cert cert; CSSM_DATA cssm; @@ -390,7 +390,7 @@ keychain_iter_start(hx509_context context, &iter->searchRef); if (ret) { free(iter); - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "Failed to start search for attributes"); return ENOMEM; } @@ -438,7 +438,7 @@ keychain_iter(hx509_context context, attrInfo.count = 1; attrInfo.tag = item; attrInfo.format = attrFormat; - + ret = SecKeychainItemCopyAttributesAndData(itemRef, &attrInfo, NULL, &attrs, &len, &ptr); if (ret) @@ -448,7 +448,7 @@ keychain_iter(hx509_context context, if (ret) goto out; - /* + /* * Find related private key if there is one by looking at * kSecPublicKeyHashItemAttr == kSecKeyLabel */ diff --git a/source4/heimdal/lib/hx509/ks_mem.c b/source4/heimdal/lib/hx509/ks_mem.c index 043f19b3e4..bf952fbeee 100644 --- a/source4/heimdal/lib/hx509/ks_mem.c +++ b/source4/heimdal/lib/hx509/ks_mem.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -74,7 +74,7 @@ mem_free(hx509_certs certs, void *data) { struct mem_data *mem = data; unsigned long i; - + for (i = 0; i < mem->certs.len; i++) hx509_cert_free(mem->certs.val[i]); free(mem->certs.val); @@ -87,13 +87,13 @@ mem_free(hx509_certs certs, void *data) return 0; } -static int +static int mem_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { struct mem_data *mem = data; hx509_cert *val; - val = realloc(mem->certs.val, + val = realloc(mem->certs.val, (mem->certs.len + 1) * sizeof(mem->certs.val[0])); if (val == NULL) return ENOMEM; @@ -105,7 +105,7 @@ mem_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) return 0; } -static int +static int mem_iter_start(hx509_context context, hx509_certs certs, void *data, @@ -125,7 +125,7 @@ mem_iter_start(hx509_context context, static int mem_iter(hx509_context contexst, hx509_certs certs, - void *data, + void *data, void *cursor, hx509_cert *cert) { @@ -172,7 +172,7 @@ mem_getkeys(hx509_context context, hx509_set_error_string(context, 0, ENOMEM, "out of memory"); return ENOMEM; } - } + } (*keys)[i] = NULL; return 0; } diff --git a/source4/heimdal/lib/hx509/ks_null.c b/source4/heimdal/lib/hx509/ks_null.c index 0b571c8406..fae631fb3f 100644 --- a/source4/heimdal/lib/hx509/ks_null.c +++ b/source4/heimdal/lib/hx509/ks_null.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -51,7 +51,7 @@ null_free(hx509_certs certs, void *data) return 0; } -static int +static int null_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { diff --git a/source4/heimdal/lib/hx509/ks_p11.c b/source4/heimdal/lib/hx509/ks_p11.c index 19db6004ce..652cdc2210 100644 --- a/source4/heimdal/lib/hx509/ks_p11.c +++ b/source4/heimdal/lib/hx509/ks_p11.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -83,7 +83,7 @@ static void p11_release_module(struct p11_module *); static int p11_list_keys(hx509_context, struct p11_module *, - struct p11_slot *, + struct p11_slot *, CK_SESSION_HANDLE, hx509_lock, hx509_certs *); @@ -121,7 +121,7 @@ p11_rsa_public_decrypt(int flen, static int -p11_rsa_private_encrypt(int flen, +p11_rsa_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, @@ -152,7 +152,7 @@ p11_rsa_private_encrypt(int flen, return -1; } - ret = P11FUNC(p11rsa->p, Sign, + ret = P11FUNC(p11rsa->p, Sign, (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); p11_put_session(p11rsa->p, p11rsa->slot, session); if (ret != CKR_OK) @@ -190,7 +190,7 @@ p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, return -1; } - ret = P11FUNC(p11rsa->p, Decrypt, + ret = P11FUNC(p11rsa->p, Decrypt, (session, (CK_BYTE *)from, flen, to, &ck_sigsize)); p11_put_session(p11rsa->p, p11rsa->slot, session); if (ret != CKR_OK) @@ -199,7 +199,7 @@ p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to, return ck_sigsize; } -static int +static int p11_rsa_init(RSA *rsa) { return 1; @@ -299,7 +299,7 @@ p11_mech_info(hx509_context context, } static int -p11_init_slot(hx509_context context, +p11_init_slot(hx509_context context, struct p11_module *p, hx509_lock lock, CK_SLOT_ID id, @@ -376,14 +376,14 @@ p11_get_session(hx509_context context, if (slot->flags & P11_SESSION_IN_USE) _hx509_abort("slot already in session"); - + if (slot->flags & P11_SESSION) { slot->flags |= P11_SESSION_IN_USE; *psession = slot->session; return 0; } - ret = P11FUNC(p, OpenSession, (slot->id, + ret = P11FUNC(p, OpenSession, (slot->id, CKF_SERIAL_SESSION, NULL, NULL, @@ -396,10 +396,10 @@ p11_get_session(hx509_context context, (int)slot->id, ret); return HX509_PKCS11_OPEN_SESSION; } - + slot->flags |= P11_SESSION; - - /* + + /* * If we have have to login, and haven't tried before and have a * prompter or known to work pin code. * @@ -419,8 +419,6 @@ p11_get_session(hx509_context context, char pin[20]; char *str; - slot->flags |= P11_LOGIN_DONE; - if (slot->pin == NULL) { memset(&prompt, 0, sizeof(prompt)); @@ -430,7 +428,7 @@ p11_get_session(hx509_context context, prompt.type = HX509_PROMPT_TYPE_PASSWORD; prompt.reply.data = pin; prompt.reply.length = sizeof(pin); - + ret = hx509_lock_prompt(lock, &prompt); if (ret) { free(str); @@ -454,16 +452,16 @@ p11_get_session(hx509_context context, "Failed to login on slot id %d " "with error: 0x%08x", (int)slot->id, ret); - p11_put_session(p, slot, slot->session); return HX509_PKCS11_LOGIN; - } + } else + slot->flags |= P11_LOGIN_DONE; + if (slot->pin == NULL) { slot->pin = strdup(pin); if (slot->pin == NULL) { if (context) hx509_set_error_string(context, 0, ENOMEM, "out of memory"); - p11_put_session(p, slot, slot->session); return ENOMEM; } } @@ -479,7 +477,7 @@ p11_get_session(hx509_context context, static int p11_put_session(struct p11_module *p, - struct p11_slot *slot, + struct p11_slot *slot, CK_SESSION_HANDLE session) { if ((slot->flags & P11_SESSION_IN_USE) == 0) @@ -520,7 +518,7 @@ iterate_entries(hx509_context context, for (i = 0; i < num_query; i++) query[i].pValue = NULL; - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, query, num_query)); if (ret != CKR_OK) { return -1; @@ -569,7 +567,7 @@ static BIGNUM * getattr_bn(struct p11_module *p, struct p11_slot *slot, CK_SESSION_HANDLE session, - CK_OBJECT_HANDLE object, + CK_OBJECT_HANDLE object, unsigned int type) { CK_ATTRIBUTE query; @@ -580,14 +578,14 @@ getattr_bn(struct p11_module *p, query.pValue = NULL; query.ulValueLen = 0; - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, &query, 1)); if (ret != CKR_OK) return NULL; query.pValue = malloc(query.ulValueLen); - ret = P11FUNC(p, GetAttributeValue, + ret = P11FUNC(p, GetAttributeValue, (session, object, &query, 1)); if (ret != CKR_OK) { free(query.pValue); @@ -624,7 +622,7 @@ collect_private_key(hx509_context context, if (rsa == NULL) _hx509_abort("out of memory"); - /* + /* * The exponent and modulus should always be present according to * the pkcs11 specification, but some smartcards leaves it out, * let ignore any failure to fetch it. @@ -639,7 +637,7 @@ collect_private_key(hx509_context context, p11rsa->p = p; p11rsa->slot = slot; p11rsa->private_key = object; - + if (p->ref == 0) _hx509_abort("pkcs11 ref == 0 on alloc"); p->ref++; @@ -676,7 +674,7 @@ p11_cert_release(hx509_cert cert, void *ctx) static int -collect_cert(hx509_context context, +collect_cert(hx509_context context, struct p11_module *p, struct p11_slot *slot, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, @@ -687,12 +685,12 @@ collect_cert(hx509_context context, int ret; if ((CK_LONG)query[0].ulValueLen == -1 || - (CK_LONG)query[1].ulValueLen == -1) + (CK_LONG)query[1].ulValueLen == -1) { return 0; } - ret = hx509_cert_init_data(context, query[1].pValue, + ret = hx509_cert_init_data(context, query[1].pValue, query[1].ulValueLen, &cert); if (ret) return ret; @@ -738,7 +736,7 @@ collect_cert(hx509_context context, static int p11_list_keys(hx509_context context, struct p11_module *p, - struct p11_slot *slot, + struct p11_slot *slot, CK_SESSION_HANDLE session, hx509_lock lock, hx509_certs *certs) @@ -792,7 +790,7 @@ out: static int p11_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { CK_C_GetFunctionList getFuncs; @@ -842,7 +840,7 @@ p11_init(hx509_context context, if (getFuncs == NULL) { ret = HX509_PKCS11_LOAD; hx509_set_error_string(context, 0, ret, - "C_GetFunctionList missing in %s: %s", + "C_GetFunctionList missing in %s: %s", list, dlerror()); goto out; } @@ -908,7 +906,7 @@ p11_init(hx509_context context, ret = ENOMEM; goto out; } - + for (i = 0; i < p->num_slots; i++) { ret = p11_init_slot(context, p, lock, slot_ids[i], i, &p->slot[i]); if (ret) @@ -928,7 +926,7 @@ p11_init(hx509_context context, *data = p; return 0; - out: + out: p11_release_module(p); return ret; } @@ -1003,7 +1001,7 @@ struct p11_cursor { void *cursor; }; -static int +static int p11_iter_start(hx509_context context, hx509_certs certs, void *data, void **cursor) { @@ -1103,16 +1101,16 @@ static struct units mechflags[] = { #undef MECHFLAG static int -p11_printinfo(hx509_context context, - hx509_certs certs, +p11_printinfo(hx509_context context, + hx509_certs certs, void *data, int (*func)(void *, const char *), void *ctx) { struct p11_module *p = data; int i, j; - - _hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s", + + _hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s", p->num_slots, p->num_slots > 1 ? "s" : ""); for (i = 0; i < p->num_slots; i++) { @@ -1121,7 +1119,7 @@ p11_printinfo(hx509_context context, _hx509_pi_printf(func, ctx, "slot %d: id: %d name: %s flags: %08x", i, (int)s->id, s->name, s->flags); - _hx509_pi_printf(func, ctx, "number of supported mechanisms: %lu", + _hx509_pi_printf(func, ctx, "number of supported mechanisms: %lu", (unsigned long)s->mechs.num); for (j = 0; j < s->mechs.num; j++) { const char *mechname = "unknown"; @@ -1155,13 +1153,13 @@ p11_printinfo(hx509_context context, MECHNAME(CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen"); default: snprintf(unknownname, sizeof(unknownname), - "unknown-mech-%lu", + "unknown-mech-%lu", (unsigned long)s->mechs.list[j]); mechname = unknownname; break; } #undef MECHNAME - unparse_flags(s->mechs.infos[j]->flags, mechflags, + unparse_flags(s->mechs.infos[j]->flags, mechflags, flags, sizeof(flags)); _hx509_pi_printf(func, ctx, " %s: %s", mechname, flags); diff --git a/source4/heimdal/lib/hx509/ks_p12.c b/source4/heimdal/lib/hx509/ks_p12.c index 53590c768c..b59bd215f0 100644 --- a/source4/heimdal/lib/hx509/ks_p12.c +++ b/source4/heimdal/lib/hx509/ks_p12.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -50,7 +50,7 @@ struct type { }; static void -parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *, +parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *, const void *, size_t, const PKCS12_Attributes *); @@ -68,7 +68,7 @@ find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid) static int keyBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -84,7 +84,7 @@ keyBag_parser(hx509_context context, ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); if (ret) return ret; - + _hx509_collector_private_key_add(context, c, &ki.privateKeyAlgorithm, @@ -97,16 +97,16 @@ keyBag_parser(hx509_context context, static int ShroudedKeyBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { PKCS8EncryptedPrivateKeyInfo pk; heim_octet_string content; int ret; - + memset(&pk, 0, sizeof(pk)); - + ret = decode_PKCS8EncryptedPrivateKeyInfo(data, length, &pk, NULL); if (ret) return ret; @@ -127,7 +127,7 @@ ShroudedKeyBag_parser(hx509_context context, static int certBag_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -145,7 +145,7 @@ certBag_parser(hx509_context context, return 0; } - ret = decode_PKCS12_OctetString(cb.certValue.data, + ret = decode_PKCS12_OctetString(cb.certValue.data, cb.certValue.length, &os, NULL); @@ -187,7 +187,7 @@ certBag_parser(hx509_context context, static int parse_safe_content(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const unsigned char *p, size_t len) { PKCS12_SafeContents sc; @@ -213,7 +213,7 @@ parse_safe_content(hx509_context context, static int safeContent_parser(hx509_context context, - struct hx509_collector *c, + struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -280,7 +280,7 @@ envelopedData_parser(hx509_context context, &contentType, &content); if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, "PKCS12 failed to unenvelope"); return ret; } @@ -307,7 +307,7 @@ struct type bagtypes[] = { static void parse_pkcs12_type(hx509_context context, struct hx509_collector *c, - const heim_oid *oid, + const heim_oid *oid, const void *data, size_t length, const PKCS12_Attributes *attrs) { @@ -320,7 +320,7 @@ parse_pkcs12_type(hx509_context context, static int p12_init(hx509_context context, - hx509_certs certs, void **data, int flags, + hx509_certs certs, void **data, int flags, const char *residue, hx509_lock lock) { struct ks_pkcs12 *p12; @@ -404,7 +404,7 @@ p12_init(hx509_context context, hx509_clear_error_string(context); goto out; } - ret = decode_PKCS12_AuthenticatedSafe(asdata.data, + ret = decode_PKCS12_AuthenticatedSafe(asdata.data, asdata.length, &as, NULL); @@ -465,7 +465,7 @@ addBag(hx509_context context, hx509_set_error_string(context, 0, ret, "out of memory"); return ret; } - + as->val[as->len].content = calloc(1, sizeof(*as->val[0].content)); if (as->val[as->len].content == NULL) { der_free_oid(&as->val[as->len].contentType); @@ -528,7 +528,7 @@ store_func(hx509_context context, void *ctx, hx509_cert c) ret = der_parse_hex_heim_integer("00", &pki.version); if (ret) return ret; - ret = _hx509_private_key_oid(context, key, + ret = _hx509_private_key_oid(context, key, &pki.privateKeyAlgorithm.algorithm); if (ret) { free_PKCS8PrivateKeyInfo(&pki); @@ -559,7 +559,7 @@ out: } static int -p12_store(hx509_context context, +p12_store(hx509_context context, hx509_certs certs, void *data, int flags, hx509_lock lock) { struct ks_pkcs12 *p12 = data; @@ -581,7 +581,7 @@ p12_store(hx509_context context, free_PKCS12_AuthenticatedSafe(&as); if (ret) return ret; - + ret = der_parse_hex_heim_integer("03", &pfx.version); if (ret) { free(asdata.data); @@ -590,7 +590,7 @@ p12_store(hx509_context context, pfx.authSafe.content = calloc(1, sizeof(*pfx.authSafe.content)); - ASN1_MALLOC_ENCODE(PKCS12_OctetString, + ASN1_MALLOC_ENCODE(PKCS12_OctetString, pfx.authSafe.content->data, pfx.authSafe.content->length, &asdata, &size, ret); @@ -647,14 +647,14 @@ p12_free(hx509_certs certs, void *data) return 0; } -static int +static int p12_add(hx509_context context, hx509_certs certs, void *data, hx509_cert c) { struct ks_pkcs12 *p12 = data; return hx509_certs_add(context, p12->certs, c); } -static int +static int p12_iter_start(hx509_context context, hx509_certs certs, void *data, diff --git a/source4/heimdal/lib/hx509/lock.c b/source4/heimdal/lib/hx509/lock.c index df1acea042..e2ceedecb8 100644 --- a/source4/heimdal/lib/hx509/lock.c +++ b/source4/heimdal/lib/hx509/lock.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -69,8 +69,8 @@ hx509_lock_init(hx509_context context, hx509_lock *lock) if (l == NULL) return ENOMEM; - ret = hx509_certs_init(context, - "MEMORY:locks-internal", + ret = hx509_certs_init(context, + "MEMORY:locks-internal", 0, NULL, &l->certs); @@ -147,8 +147,8 @@ hx509_lock_reset_certs(hx509_context context, hx509_lock lock) { hx509_certs certs = lock->certs; int ret; - - ret = hx509_certs_init(context, + + ret = hx509_certs_init(context, "MEMORY:locks-internal", 0, NULL, @@ -181,7 +181,7 @@ hx509_lock_reset_promper(hx509_lock lock) lock->prompt_data = NULL; } -static int +static int default_prompter(void *data, const hx509_prompt *prompter) { if (hx509_prompt_hidden(prompter->type)) { diff --git a/source4/heimdal/lib/hx509/name.c b/source4/heimdal/lib/hx509/name.c index a34e09e847..069eed6062 100644 --- a/source4/heimdal/lib/hx509/name.c +++ b/source4/heimdal/lib/hx509/name.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -116,7 +116,7 @@ quote_string(const char *f, size_t len, size_t *rlen) static int -append_string(char **str, size_t *total_len, const char *ss, +append_string(char **str, size_t *total_len, const char *ss, size_t len, int quote) { char *s, *qs; @@ -143,7 +143,7 @@ oidtostring(const heim_oid *type) { char *s; size_t i; - + for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { if (der_heim_oid_cmp((*no[i].o)(), type) == 0) return strdup(no[i].n); @@ -158,7 +158,7 @@ stringtooid(const char *name, size_t len, heim_oid *oid) { int i, ret; char *s; - + memset(oid, 0, sizeof(*oid)); for (i = 0; i < sizeof(no)/sizeof(no[0]); i++) { @@ -210,7 +210,7 @@ _hx509_Name_to_string(const Name *n, char **str) DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value; char *oidname; char *ss; - + oidname = oidtostring(&n->u.rdnSequence.val[i].val[j].type); switch(ds->element) { @@ -426,7 +426,7 @@ _hx509_name_cmp(const Name *n1, const Name *n2, int *c) &n1->u.rdnSequence.val[i].val[j].type); if (*c) return 0; - + ret = _hx509_name_ds_cmp(&n1->u.rdnSequence.val[i].val[j].value, &n2->u.rdnSequence.val[i].val[j].value, c); @@ -480,17 +480,17 @@ _hx509_name_from_Name(const Name *n, hx509_name *name) int _hx509_name_modify(hx509_context context, - Name *name, + Name *name, int append, - const heim_oid *oid, + const heim_oid *oid, const char *str) { RelativeDistinguishedName *rdn; int ret; void *ptr; - ptr = realloc(name->u.rdnSequence.val, - sizeof(name->u.rdnSequence.val[0]) * + ptr = realloc(name->u.rdnSequence.val, + sizeof(name->u.rdnSequence.val[0]) * (name->u.rdnSequence.len + 1)); if (ptr == NULL) { hx509_set_error_string(context, 0, ENOMEM, "Out of memory"); @@ -503,7 +503,7 @@ _hx509_name_modify(hx509_context context, } else { memmove(&name->u.rdnSequence.val[1], &name->u.rdnSequence.val[0], - name->u.rdnSequence.len * + name->u.rdnSequence.len * sizeof(name->u.rdnSequence.val[0])); rdn = &name->u.rdnSequence.val[0]; @@ -577,7 +577,7 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name) } if (q == p) { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "missing name before = in %s", p); goto out; } @@ -591,7 +591,7 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name) ret = stringtooid(p, q - p, &oid); if (ret) { ret = HX509_PARSING_NAME_FAILED; - hx509_set_error_string(context, 0, ret, + hx509_set_error_string(context, 0, ret, "unknown type: %.*s", (int)(q - p), p); goto out; } @@ -600,7 +600,7 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name) size_t pstr_len = len - (q - p) - 1; const char *pstr = p + (q - p) + 1; char *r; - + r = malloc(pstr_len + 1); if (r == NULL) { der_free_oid(&oid); @@ -731,8 +731,8 @@ hx509_name_expand(hx509_context context, } p = strstr(ds->u.utf8String, "${"); if (p) { - strpool = rk_strpoolprintf(strpool, "%.*s", - (int)(p - ds->u.utf8String), + strpool = rk_strpoolprintf(strpool, "%.*s", + (int)(p - ds->u.utf8String), ds->u.utf8String); if (strpool == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); @@ -751,7 +751,7 @@ hx509_name_expand(hx509_context context, p += 2; value = hx509_env_lfind(context, env, p, p2 - p); if (value == NULL) { - hx509_set_error_string(context, 0, EINVAL, + hx509_set_error_string(context, 0, EINVAL, "variable %.*s missing", (int)(p2 - p), p); rk_strpoolfree(strpool); @@ -766,7 +766,7 @@ hx509_name_expand(hx509_context context, p = strstr(p2, "${"); if (p) - strpool = rk_strpoolprintf(strpool, "%.*s", + strpool = rk_strpoolprintf(strpool, "%.*s", (int)(p - p2), p2); else strpool = rk_strpoolprintf(strpool, "%s", p2); @@ -942,7 +942,7 @@ hx509_general_name_unparse(GeneralName *name, char **str) break; } case choice_GeneralName_uniformResourceIdentifier: - strpool = rk_strpoolprintf(strpool, "URI: %s", + strpool = rk_strpoolprintf(strpool, "URI: %s", name->u.uniformResourceIdentifier); break; case choice_GeneralName_iPAddress: { @@ -952,20 +952,20 @@ hx509_general_name_unparse(GeneralName *name, char **str) if (strpool == NULL) break; if (name->u.iPAddress.length == 4) - strpool = rk_strpoolprintf(strpool, "%d.%d.%d.%d", + strpool = rk_strpoolprintf(strpool, "%d.%d.%d.%d", a[0], a[1], a[2], a[3]); else if (name->u.iPAddress.length == 16) - strpool = rk_strpoolprintf(strpool, + strpool = rk_strpoolprintf(strpool, "%02X:%02X:%02X:%02X:" "%02X:%02X:%02X:%02X:" "%02X:%02X:%02X:%02X:" - "%02X:%02X:%02X:%02X", + "%02X:%02X:%02X:%02X", a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15]); else - strpool = rk_strpoolprintf(strpool, + strpool = rk_strpoolprintf(strpool, "unknown IP address of length %lu", (unsigned long)name->u.iPAddress.length); break; diff --git a/source4/heimdal/lib/hx509/peer.c b/source4/heimdal/lib/hx509/peer.c index 9845ce051f..f5841e497b 100644 --- a/source4/heimdal/lib/hx509/peer.c +++ b/source4/heimdal/lib/hx509/peer.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" diff --git a/source4/heimdal/lib/hx509/print.c b/source4/heimdal/lib/hx509/print.c index 92d7811909..38d103905f 100644 --- a/source4/heimdal/lib/hx509/print.c +++ b/source4/heimdal/lib/hx509/print.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -114,7 +114,7 @@ print_func(hx509_vprint_func func, void *ctx, const char *fmt, ...) /** * Print a oid to a string. - * + * * @param oid oid to print * @param str allocated string, free with hx509_xfree(). * @@ -132,7 +132,7 @@ hx509_oid_sprint(const heim_oid *oid, char **str) /** * Print a oid using a hx509_vprint_func function. To print to stdout * use hx509_print_stdout(). - * + * * @param oid oid to print * @param func hx509_vprint_func to print with. * @param ctx context variable to hx509_vprint_func function. @@ -152,7 +152,7 @@ hx509_oid_print(const heim_oid *oid, hx509_vprint_func func, void *ctx) /** * Print a bitstring using a hx509_vprint_func function. To print to * stdout use hx509_print_stdout(). - * + * * @param b bit string to print. * @param func hx509_vprint_func to print with. * @param ctx context variable to hx509_vprint_func function. @@ -168,7 +168,7 @@ hx509_bitstring_print(const heim_bit_string *b, print_func(func, ctx, "\tlength: %d\n\t", b->length); for (i = 0; i < (b->length + 7) / 8; i++) print_func(func, ctx, "%02x%s%s", - ((unsigned char *)b->data)[i], + ((unsigned char *)b->data)[i], i < (b->length - 7) / 8 && (i == 0 || (i % 16) != 15) ? ":" : "", i != 0 && (i % 16) == 15 ? @@ -177,7 +177,7 @@ hx509_bitstring_print(const heim_bit_string *b, /** * Print certificate usage for a certificate to a string. - * + * * @param context A hx509 context. * @param c a certificate print the keyusage for. * @param s the return string with the keysage printed in to, free @@ -234,7 +234,7 @@ validate_print(hx509_validate_ctx ctx, int flags, const char *fmt, ...) va_end(va); } -/* +/* * Dont Care, SHOULD critical, SHOULD NOT critical, MUST critical, * MUST NOT critical */ @@ -275,7 +275,7 @@ check_Null(hx509_validate_ctx ctx, } static int -check_subjectKeyIdentifier(hx509_validate_ctx ctx, +check_subjectKeyIdentifier(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -287,7 +287,7 @@ check_subjectKeyIdentifier(hx509_validate_ctx ctx, status->haveSKI = 1; check_Null(ctx, status, cf, e); - ret = decode_SubjectKeyIdentifier(e->extnValue.data, + ret = decode_SubjectKeyIdentifier(e->extnValue.data, e->extnValue.length, &si, &size); if (ret) { @@ -323,7 +323,7 @@ check_subjectKeyIdentifier(hx509_validate_ctx ctx, } static int -check_authorityKeyIdentifier(hx509_validate_ctx ctx, +check_authorityKeyIdentifier(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -335,7 +335,7 @@ check_authorityKeyIdentifier(hx509_validate_ctx ctx, status->haveAKI = 1; check_Null(ctx, status, cf, e); - ret = decode_AuthorityKeyIdentifier(e->extnValue.data, + ret = decode_AuthorityKeyIdentifier(e->extnValue.data, e->extnValue.length, &ai, &size); if (ret) { @@ -363,7 +363,7 @@ check_authorityKeyIdentifier(hx509_validate_ctx ctx, } static int -check_extKeyUsage(hx509_validate_ctx ctx, +check_extKeyUsage(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -374,7 +374,7 @@ check_extKeyUsage(hx509_validate_ctx ctx, check_Null(ctx, status, cf, e); - ret = decode_ExtKeyUsage(e->extnValue.data, + ret = decode_ExtKeyUsage(e->extnValue.data, e->extnValue.length, &eku, &size); if (ret) { @@ -436,7 +436,7 @@ check_pkinit_san(hx509_validate_ctx ctx, heim_any *a) /* print kerberos principal, add code to quote / within components */ for (i = 0; i < kn.principalName.name_string.len; i++) { - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s", kn.principalName.name_string.val[i]); if (i + 1 < kn.principalName.name_string.len) validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "/"); @@ -475,7 +475,7 @@ check_altnull(hx509_validate_ctx ctx, heim_any *a) } static int -check_CRLDistributionPoints(hx509_validate_ctx ctx, +check_CRLDistributionPoints(hx509_validate_ctx ctx, struct cert_status *status, enum critical_flag cf, const Extension *e) @@ -486,7 +486,7 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx, check_Null(ctx, status, cf, e); - ret = decode_CRLDistributionPoints(e->extnValue.data, + ret = decode_CRLDistributionPoints(e->extnValue.data, e->extnValue.length, &dp, &size); if (ret) { @@ -501,11 +501,11 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx, DistributionPointName dpname; heim_any *data = dp.val[i].distributionPoint; int j; - + ret = decode_DistributionPointName(data->data, data->length, &dpname, NULL); if (ret) { - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Failed to parse CRL Distribution Point Name: %d\n", ret); continue; } @@ -579,7 +579,7 @@ check_altName(hx509_validate_ctx ctx, &gn, &size); if (ret) { validate_print(ctx, HX509_VALIDATE_F_VALIDATE, - "\tret = %d while decoding %s GeneralNames\n", + "\tret = %d while decoding %s GeneralNames\n", ret, name); return 1; } @@ -598,11 +598,11 @@ check_altName(hx509_validate_ctx ctx, "%sAltName otherName ", name); for (j = 0; j < sizeof(check_altname)/sizeof(check_altname[0]); j++) { - if (der_heim_oid_cmp((*check_altname[j].oid)(), + if (der_heim_oid_cmp((*check_altname[j].oid)(), &gn.val[i].u.otherName.type_id) != 0) continue; - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ", + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ", check_altname[j].name); (*check_altname[j].func)(ctx, &gn.val[i].u.otherName.value); break; @@ -657,9 +657,9 @@ check_issuerAltName(hx509_validate_ctx ctx, static int -check_basicConstraints(hx509_validate_ctx ctx, +check_basicConstraints(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { BasicConstraints b; @@ -667,7 +667,7 @@ check_basicConstraints(hx509_validate_ctx ctx, int ret; check_Null(ctx, status, cf, e); - + ret = decode_BasicConstraints(e->extnValue.data, e->extnValue.length, &b, &size); if (ret) { @@ -700,9 +700,9 @@ check_basicConstraints(hx509_validate_ctx ctx, } static int -check_proxyCertInfo(hx509_validate_ctx ctx, +check_proxyCertInfo(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { check_Null(ctx, status, cf, e); @@ -711,9 +711,9 @@ check_proxyCertInfo(hx509_validate_ctx ctx, } static int -check_authorityInfoAccess(hx509_validate_ctx ctx, +check_authorityInfoAccess(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *e) { AuthorityInfoAccessSyntax aia; @@ -722,7 +722,7 @@ check_authorityInfoAccess(hx509_validate_ctx ctx, check_Null(ctx, status, cf, e); - ret = decode_AuthorityInfoAccessSyntax(e->extnValue.data, + ret = decode_AuthorityInfoAccessSyntax(e->extnValue.data, e->extnValue.length, &aia, &size); if (ret) { @@ -752,13 +752,13 @@ check_authorityInfoAccess(hx509_validate_ctx ctx, struct { const char *name; const heim_oid *(*oid)(void); - int (*func)(hx509_validate_ctx ctx, + int (*func)(hx509_validate_ctx ctx, struct cert_status *status, - enum critical_flag cf, + enum critical_flag cf, const Extension *); enum critical_flag cf; } check_extension[] = { -#define ext(name, checkname) #name, &oid_id_x509_ce_##name, check_##checkname +#define ext(name, checkname) #name, &oid_id_x509_ce_##name, check_##checkname { ext(subjectDirectoryAttributes, Null), M_N_C }, { ext(subjectKeyIdentifier, subjectKeyIdentifier), M_N_C }, { ext(keyUsage, Null), S_C }, @@ -782,20 +782,20 @@ struct { { ext(freshestCRL, Null), M_N_C }, { ext(inhibitAnyPolicy, Null), M_C }, #undef ext -#define ext(name, checkname) #name, &oid_id_pkix_pe_##name, check_##checkname +#define ext(name, checkname) #name, &oid_id_pkix_pe_##name, check_##checkname { ext(proxyCertInfo, proxyCertInfo), M_C }, { ext(authorityInfoAccess, authorityInfoAccess), M_C }, #undef ext - { "US Fed PKI - PIV Interim", oid_id_uspkicommon_piv_interim, + { "US Fed PKI - PIV Interim", oid_id_uspkicommon_piv_interim, check_Null, D_C }, - { "Netscape cert comment", oid_id_netscape_cert_comment, + { "Netscape cert comment", oid_id_netscape_cert_comment, check_Null, D_C }, { NULL } }; /** * Allocate a hx509 validation/printing context. - * + * * @param context A hx509 context. * @param ctx a new allocated hx509 validation context, free with * hx509_validate_ctx_free(). @@ -817,7 +817,7 @@ hx509_validate_ctx_init(hx509_context context, hx509_validate_ctx *ctx) /** * Set the printing functions for the validation context. - * + * * @param ctx a hx509 valication context. * @param func the printing function to usea. * @param c the context variable to the printing function. @@ -828,7 +828,7 @@ hx509_validate_ctx_init(hx509_context context, hx509_validate_ctx *ctx) */ void -hx509_validate_ctx_set_print(hx509_validate_ctx ctx, +hx509_validate_ctx_set_print(hx509_validate_ctx ctx, hx509_vprint_func func, void *c) { @@ -839,7 +839,7 @@ hx509_validate_ctx_set_print(hx509_validate_ctx ctx, /** * Add flags to control the behaivor of the hx509_validate_cert() * function. - * + * * @param ctx A hx509 validation context. * @param flags flags to add to the validation context. * @@ -856,7 +856,7 @@ hx509_validate_ctx_add_flags(hx509_validate_ctx ctx, int flags) /** * Free an hx509 validate context. - * + * * @param ctx the hx509 validate context to free. * * @ingroup hx509_print @@ -870,7 +870,7 @@ hx509_validate_ctx_free(hx509_validate_ctx ctx) /** * Validate/Print the status of the certificate. - * + * * @param context A hx509 context. * @param ctx A hx509 validation context. * @param cert the cerificate to validate/print. @@ -897,7 +897,7 @@ hx509_validate_cert(hx509_context context, if (_hx509_cert_get_version(c) != 3) validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Not version 3 certificate\n"); - + if ((t->version == NULL || *t->version < 2) && t->extensions) validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Not version 3 certificate with extensions\n"); @@ -960,7 +960,7 @@ hx509_validate_cert(hx509_context context, if (t->extensions->val[i].critical) validate_print(ctx, flags, "and is CRITICAL "); if (ctx->flags & flags) - hx509_oid_print(&t->extensions->val[i].extnID, + hx509_oid_print(&t->extensions->val[i].extnID, validate_vprint, ctx); validate_print(ctx, flags, " is\n"); continue; @@ -979,40 +979,40 @@ hx509_validate_cert(hx509_context context, if (status.isca) { if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "CA certificate have no SubjectKeyIdentifier\n"); } else { if (!status.haveAKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Is not CA and doesn't have " "AuthorityKeyIdentifier\n"); } - + if (!status.haveSKI) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Doesn't have SubjectKeyIdentifier\n"); if (status.isproxy && status.isca) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and CA at the same time!\n"); if (status.isproxy) { if (status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and have SAN\n"); if (status.haveIAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Proxy and have IAN\n"); } if (hx509_name_is_null_p(subject) && !status.haveSAN) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "NULL subject DN and doesn't have a SAN\n"); if (!status.selfsigned && !status.haveCRLDP) - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Not a CA nor PROXY and doesn't have" "CRL Dist Point\n"); @@ -1023,10 +1023,10 @@ hx509_validate_cert(hx509_context context, &c->tbsCertificate._save, &c->signatureValue); if (ret == 0) - validate_print(ctx, HX509_VALIDATE_F_VERBOSE, + validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "Self-signed certificate was self-signed\n"); else - validate_print(ctx, HX509_VALIDATE_F_VALIDATE, + validate_print(ctx, HX509_VALIDATE_F_VALIDATE, "Self-signed certificate NOT really self-signed!\n"); } diff --git a/source4/heimdal/lib/hx509/req.c b/source4/heimdal/lib/hx509/req.c index 1ffa0a53cf..9836777143 100644 --- a/source4/heimdal/lib/hx509/req.c +++ b/source4/heimdal/lib/hx509/req.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -195,14 +195,14 @@ _hx509_request_to_pkcs10(hx509_context context, &r.certificationRequestInfo.subjectPKInfo); if (ret) goto out; - r.certificationRequestInfo.attributes = + r.certificationRequestInfo.attributes = calloc(1, sizeof(*r.certificationRequestInfo.attributes)); if (r.certificationRequestInfo.attributes == NULL) { ret = ENOMEM; goto out; } - ASN1_MALLOC_ENCODE(CertificationRequestInfo, data.data, data.length, + ASN1_MALLOC_ENCODE(CertificationRequestInfo, data.data, data.length, &r.certificationRequestInfo, &size, ret); if (ret) goto out; @@ -237,7 +237,7 @@ out: } int -_hx509_request_parse(hx509_context context, +_hx509_request_parse(hx509_context context, const char *path, hx509_request *req) { @@ -319,7 +319,7 @@ _hx509_request_print(hx509_context context, hx509_request req, FILE *f) fprintf(f, "name: %s\n", subject); free(subject); } - + return 0; } diff --git a/source4/heimdal/lib/hx509/revoke.c b/source4/heimdal/lib/hx509/revoke.c index a36ec964d2..3f35b0d190 100644 --- a/source4/heimdal/lib/hx509/revoke.c +++ b/source4/heimdal/lib/hx509/revoke.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /** @@ -234,19 +234,19 @@ verify_ocsp(hx509_context context, goto out; } - ret = hx509_cert_check_eku(context, signer, + ret = hx509_cert_check_eku(context, signer, oid_id_pkix_kp_OCSPSigning(), 0); if (ret) goto out; } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + _hx509_get_cert(signer), &ocsp->ocsp.signatureAlgorithm, &ocsp->ocsp.tbsResponseData._save, &ocsp->ocsp.signature); if (ret) { - hx509_set_error_string(context, HX509_ERROR_APPEND, ret, + hx509_set_error_string(context, HX509_ERROR_APPEND, ret, "OCSP signature invalid"); goto out; } @@ -294,7 +294,7 @@ parse_ocsp_basic(const void *data, size_t length, OCSPBasicOCSPResponse *basic) return EINVAL; } - ret = der_heim_oid_cmp(&resp.responseBytes->responseType, + ret = der_heim_oid_cmp(&resp.responseBytes->responseType, oid_id_pkix_ocsp_basic()); if (ret != 0) { free_OCSPResponse(&resp); @@ -352,7 +352,7 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) if (basic.certs) { int i; - ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, + ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0, NULL, &certs); if (ret) { free_OCSPBasicOCSPResponse(&basic); @@ -361,11 +361,11 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp) for (i = 0; i < basic.certs->len; i++) { hx509_cert c; - + ret = hx509_cert_init(context, &basic.certs->val[i], &c); if (ret) continue; - + ret = hx509_certs_add(context, certs, c); hx509_cert_free(c); if (ret) @@ -420,7 +420,7 @@ hx509_revoke_add_ocsp(hx509_context context, return 0; } - data = realloc(ctx->ocsps.val, + data = realloc(ctx->ocsps.val, (ctx->ocsps.len + 1) * sizeof(ctx->ocsps.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -429,7 +429,7 @@ hx509_revoke_add_ocsp(hx509_context context, ctx->ocsps.val = data; - memset(&ctx->ocsps.val[ctx->ocsps.len], 0, + memset(&ctx->ocsps.val[ctx->ocsps.len], 0, sizeof(ctx->ocsps.val[0])); ctx->ocsps.val[ctx->ocsps.len].path = strdup(path); @@ -507,7 +507,7 @@ verify_crl(hx509_context context, } ret = _hx509_verify_signature_bitstring(context, - _hx509_get_cert(signer), + _hx509_get_cert(signer), &crl->signatureAlgorithm, &crl->tbsCertList._save, &crl->signatureValue); @@ -517,7 +517,7 @@ verify_crl(hx509_context context, goto out; } - /* + /* * If signer is not CA cert, need to check revoke status of this * CRL signing cert too, this include all parent CRL signer cert * up to the root *sigh*, assume root at least hve CERTSIGN flag @@ -540,7 +540,7 @@ verify_crl(hx509_context context, } ret = hx509_revoke_verify(context, - ctx, + ctx, certs, time_now, signer, @@ -621,7 +621,7 @@ hx509_revoke_add_crl(hx509_context context, return HX509_UNSUPPORTED_OPERATION; } - + path += 5; for (i = 0; i < ctx->crls.len; i++) { @@ -629,7 +629,7 @@ hx509_revoke_add_crl(hx509_context context, return 0; } - data = realloc(ctx->crls.val, + data = realloc(ctx->crls.val, (ctx->crls.len + 1) * sizeof(ctx->crls.val[0])); if (data == NULL) { hx509_clear_error_string(context); @@ -645,7 +645,7 @@ hx509_revoke_add_crl(hx509_context context, return ENOMEM; } - ret = load_crl(path, + ret = load_crl(path, &ctx->crls.val[ctx->crls.len].last_modfied, &ctx->crls.val[ctx->crls.len].crl); if (ret) { @@ -719,7 +719,7 @@ hx509_revoke_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -744,7 +744,7 @@ hx509_revoke_verify(hx509_context context, case choice_OCSPCertStatus_good: break; case choice_OCSPCertStatus_revoked: - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in OCSP"); return HX509_CERT_REVOKED; @@ -753,7 +753,7 @@ hx509_revoke_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > + if (ocsp->ocsp.tbsResponseData.responses.val[j].thisUpdate > now + context->ocsp_time_diff) continue; @@ -774,7 +774,7 @@ hx509_revoke_verify(hx509_context context, int diff; /* check if cert.issuer == crls.val[i].crl.issuer */ - ret = _hx509_name_cmp(&c->tbsCertificate.issuer, + ret = _hx509_name_cmp(&c->tbsCertificate.issuer, &crl->crl.tbsCertList.issuer, &diff); if (ret || diff) continue; @@ -807,7 +807,7 @@ hx509_revoke_verify(hx509_context context, if (crl->crl.tbsCertList.crlExtensions) { for (j = 0; j < crl->crl.tbsCertList.crlExtensions->len; j++) { if (crl->crl.tbsCertList.crlExtensions->val[j].critical) { - hx509_set_error_string(context, 0, + hx509_set_error_string(context, 0, HX509_CRL_UNKNOWN_EXTENSION, "Unknown CRL extension"); return HX509_CRL_UNKNOWN_EXTENSION; @@ -830,13 +830,13 @@ hx509_revoke_verify(hx509_context context, t = _hx509_Time2time_t(&crl->crl.tbsCertList.revokedCertificates->val[j].revocationDate); if (t > now) continue; - + if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions) for (k = 0; k < crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->len; k++) if (crl->crl.tbsCertList.revokedCertificates->val[j].crlEntryExtensions->val[k].critical) return HX509_CRL_UNKNOWN_EXTENSION; - - hx509_set_error_string(context, 0, + + hx509_set_error_string(context, 0, HX509_CERT_REVOKED, "Certificate revoked by issuer in CRL"); return HX509_CERT_REVOKED; @@ -848,7 +848,7 @@ hx509_revoke_verify(hx509_context context, if (context->flags & HX509_CTX_VERIFY_MISSING_OK) return 0; - hx509_set_error_string(context, HX509_ERROR_APPEND, + hx509_set_error_string(context, HX509_ERROR_APPEND, HX509_REVOKE_STATUS_MISSING, "No revoke status found for " "certificates"); @@ -874,13 +874,13 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) hx509_query q; void *d; - d = realloc(ctx->req->requestList.val, + d = realloc(ctx->req->requestList.val, sizeof(ctx->req->requestList.val[0]) * (ctx->req->requestList.len + 1)); if (d == NULL) return ENOMEM; ctx->req->requestList.val = d; - + one = &ctx->req->requestList.val[ctx->req->requestList.len]; memset(one, 0, sizeof(*one)); @@ -920,7 +920,7 @@ add_to_req(hx509_context context, void *ptr, hx509_cert cert) goto out; os.data = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data; - os.length = + os.length = p->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8; ret = _hx509_create_signature(context, @@ -994,9 +994,9 @@ hx509_ocsp_request(hx509_context context, hx509_cert_free(ctx.parent); if (ret) goto out; - + if (nonce) { - req.tbsRequest.requestExtensions = + req.tbsRequest.requestExtensions = calloc(1, sizeof(*req.tbsRequest.requestExtensions)); if (req.tbsRequest.requestExtensions == NULL) { ret = ENOMEM; @@ -1079,7 +1079,7 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) { struct revoke_ocsp ocsp; int ret, i; - + if (out == NULL) out = stdout; @@ -1122,7 +1122,7 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) break; } - fprintf(out, "producedAt: %s\n", + fprintf(out, "producedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.producedAt)); fprintf(out, "replies: %d\n", ocsp.ocsp.tbsResponseData.responses.len); @@ -1145,10 +1145,10 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out) fprintf(out, "\t%d. status: %s\n", i, status); - fprintf(out, "\tthisUpdate: %s\n", + fprintf(out, "\tthisUpdate: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); if (ocsp.ocsp.tbsResponseData.responses.val[i].nextUpdate) - fprintf(out, "\tproducedAt: %s\n", + fprintf(out, "\tproducedAt: %s\n", printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate)); } @@ -1210,7 +1210,7 @@ hx509_ocsp_verify(hx509_context context, &c->tbsCertificate.serialNumber); if (ret != 0) continue; - + /* verify issuer hashes hash */ ret = _hx509_verify_signature(context, NULL, @@ -1229,7 +1229,7 @@ hx509_ocsp_verify(hx509_context context, } /* don't allow the update to be in the future */ - if (basic.tbsResponseData.responses.val[i].thisUpdate > + if (basic.tbsResponseData.responses.val[i].thisUpdate > now + context->ocsp_time_diff) continue; @@ -1323,7 +1323,7 @@ hx509_crl_alloc(hx509_context context, hx509_crl *crl) int hx509_crl_add_revoked_certs(hx509_context context, - hx509_crl crl, + hx509_crl crl, hx509_certs certs) { return hx509_certs_merge(context, crl->revoked, certs); @@ -1386,13 +1386,13 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) } c->revokedCertificates->val = ptr; - ret = hx509_cert_get_serialnumber(cert, + ret = hx509_cert_get_serialnumber(cert, &c->revokedCertificates->val[num].userCertificate); if (ret) { hx509_clear_error_string(context); return ret; } - c->revokedCertificates->val[num].revocationDate.element = + c->revokedCertificates->val[num].revocationDate.element = choice_Time_generalTime; c->revokedCertificates->val[num].revocationDate.u.generalTime = time(NULL) - 3600 * 24; @@ -1401,7 +1401,7 @@ add_revoked(hx509_context context, void *ctx, hx509_cert cert) c->revokedCertificates->len++; return 0; -} +} /** * Sign a CRL and return an encode certificate. @@ -1479,7 +1479,7 @@ hx509_crl_sign(hx509_context context, c.tbsCertList.nextUpdate->u.generalTime = next; } - c.tbsCertList.revokedCertificates = + c.tbsCertList.revokedCertificates = calloc(1, sizeof(*c.tbsCertList.revokedCertificates)); if (c.tbsCertList.revokedCertificates == NULL) { hx509_set_error_string(context, 0, ENOMEM, "out of memory"); diff --git a/source4/heimdal/lib/hx509/sel-gram.c b/source4/heimdal/lib/hx509/sel-gram.c index 905384da55..4d9cf78c1b 100644 --- a/source4/heimdal/lib/hx509/sel-gram.c +++ b/source4/heimdal/lib/hx509/sel-gram.c @@ -1474,7 +1474,7 @@ yyreduce: case 23: #line 105 "heimdal/lib/hx509/sel-gram.y" - { + { (yyval.expr) = _hx509_make_expr(expr_FUNCTION, (yyvsp[(1) - (4)].string), (yyvsp[(3) - (4)].expr)); } break; @@ -1485,13 +1485,13 @@ yyreduce: case 25: #line 111 "heimdal/lib/hx509/sel-gram.y" - { + { (yyval.expr) = _hx509_make_expr(expr_VAR, (yyvsp[(1) - (3)].string), (yyvsp[(3) - (3)].expr)); } break; case 26: #line 113 "heimdal/lib/hx509/sel-gram.y" - { + { (yyval.expr) = _hx509_make_expr(expr_VAR, (yyvsp[(1) - (1)].string), NULL); } break; diff --git a/source4/heimdal/lib/hx509/sel-gram.y b/source4/heimdal/lib/hx509/sel-gram.y index ca34a1975f..e529479724 100644 --- a/source4/heimdal/lib/hx509/sel-gram.y +++ b/source4/heimdal/lib/hx509/sel-gram.y @@ -1,34 +1,34 @@ /* - * Copyright (c) 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ %{ @@ -87,8 +87,8 @@ words : word { $$ = _hx509_make_expr(expr_WORDS, $1, NULL); } ; comp : word '=' '=' word { $$ = _hx509_make_expr(comp_EQ, $1, $4); } - | word '!' '=' word { $$ = _hx509_make_expr(comp_NE, $1, $4); } - | word kw_TAILMATCH word { $$ = _hx509_make_expr(comp_TAILEQ, $1, $3); } + | word '!' '=' word { $$ = _hx509_make_expr(comp_NE, $1, $4); } + | word kw_TAILMATCH word { $$ = _hx509_make_expr(comp_TAILEQ, $1, $3); } | word kw_IN '(' words ')' { $$ = _hx509_make_expr(comp_IN, $1, $4); } | word kw_IN variable { $$ = _hx509_make_expr(comp_IN, $1, $3); } ; @@ -102,14 +102,14 @@ word : number { $$ = $1; } number : NUMBER { $$ = _hx509_make_expr(expr_NUMBER, $1, NULL); }; string : STRING { $$ = _hx509_make_expr(expr_STRING, $1, NULL); }; -function: IDENTIFIER '(' words ')' { +function: IDENTIFIER '(' words ')' { $$ = _hx509_make_expr(expr_FUNCTION, $1, $3); } ; variable: '%' '{' variables '}' { $$ = $3; } ; -variables: IDENTIFIER '.' variables { +variables: IDENTIFIER '.' variables { $$ = _hx509_make_expr(expr_VAR, $1, $3); } - | IDENTIFIER { + | IDENTIFIER { $$ = _hx509_make_expr(expr_VAR, $1, NULL); } ; diff --git a/source4/heimdal/lib/hx509/sel-lex.c b/source4/heimdal/lib/hx509/sel-lex.c index 8dcb374c1f..75abf27aed 100644 --- a/source4/heimdal/lib/hx509/sel-lex.c +++ b/source4/heimdal/lib/hx509/sel-lex.c @@ -478,36 +478,36 @@ char *yytext; #line 1 "sel-lex.l" #line 2 "sel-lex.l" /* - * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* $Id$ */ @@ -1875,7 +1875,7 @@ handle_string(void) } int -yywrap () +yywrap () { return 1; } @@ -1890,7 +1890,7 @@ lex_input(char *buf, int max_size) n = max_size; if (n <= 0) return YY_NULL; - + memcpy(buf, _hx509_expr_input.buf + _hx509_expr_input.offset, n); _hx509_expr_input.offset += n; diff --git a/source4/heimdal/lib/hx509/sel-lex.l b/source4/heimdal/lib/hx509/sel-lex.l index 53944897f9..e9bbbc6087 100644 --- a/source4/heimdal/lib/hx509/sel-lex.l +++ b/source4/heimdal/lib/hx509/sel-lex.l @@ -1,35 +1,35 @@ %{ /* - * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2004, 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ /* $Id$ */ @@ -112,7 +112,7 @@ handle_string(void) } int -yywrap () +yywrap () { return 1; } @@ -127,7 +127,7 @@ lex_input(char *buf, int max_size) n = max_size; if (n <= 0) return YY_NULL; - + memcpy(buf, _hx509_expr_input.buf + _hx509_expr_input.offset, n); _hx509_expr_input.offset += n; diff --git a/source4/heimdal/lib/hx509/sel.c b/source4/heimdal/lib/hx509/sel.c index 0e68f8ba5d..5932ce84c3 100644 --- a/source4/heimdal/lib/hx509/sel.c +++ b/source4/heimdal/lib/hx509/sel.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -75,7 +75,7 @@ find_variable(hx509_context context, hx509_env env, struct hx_expr *word) if (word->arg2 == NULL) return hx509_env_find_binding(context, env, word->arg1); - + env = hx509_env_find_binding(context, env, word->arg1); if (env == NULL) return NULL; @@ -101,7 +101,7 @@ eval_comp(hx509_context context, hx509_env env, struct hx_expr *expr) if (expr->op == comp_TAILEQ) { size_t len1 = strlen(s1); size_t len2 = strlen(s2); - + if (len1 < len2) return 0; ret = strcmp(s1 + (len1 - len2), s2) == 0; @@ -133,7 +133,7 @@ eval_comp(hx509_context context, hx509_env env, struct hx_expr *expr) subenv = find_variable(context, env, subexpr); if (subenv == NULL) return FALSE; - + while (subenv) { if (subenv->type != env_string) continue; @@ -166,7 +166,7 @@ _hx509_expr_eval(hx509_context context, hx509_env env, struct hx_expr *expr) case op_NOT: return ! _hx509_expr_eval(context, env, expr->arg1); case op_AND: - return _hx509_expr_eval(context, env, expr->arg1) && + return _hx509_expr_eval(context, env, expr->arg1) && _hx509_expr_eval(context, env, expr->arg2); case op_OR: return _hx509_expr_eval(context, env, expr->arg1) || @@ -226,7 +226,7 @@ _hx509_sel_yyerror (char *s) { if (_hx509_expr_input.error) free(_hx509_expr_input.error); - + _hx509_expr_input.error = strdup(s); } diff --git a/source4/heimdal/lib/hx509/sel.h b/source4/heimdal/lib/hx509/sel.h index ce6c3636bc..1dfc41818c 100644 --- a/source4/heimdal/lib/hx509/sel.h +++ b/source4/heimdal/lib/hx509/sel.h @@ -1,38 +1,38 @@ /* - * Copyright (c) 2008 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2008 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ enum hx_expr_op { - op_TRUE, + op_TRUE, op_FALSE, op_NOT, op_AND, diff --git a/source4/heimdal/lib/hx509/test_name.c b/source4/heimdal/lib/hx509/test_name.c index 7326fe632a..da83e52786 100644 --- a/source4/heimdal/lib/hx509/test_name.c +++ b/source4/heimdal/lib/hx509/test_name.c @@ -1,34 +1,34 @@ /* - * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "hx_locl.h" @@ -92,7 +92,7 @@ test_expand(hx509_context context, const char *name, const char *expected) hx509_name_free(&n); if (ret) return 1; - + ret = strcmp(s, expected) != 0; free(s); if (ret) @@ -101,6 +101,256 @@ test_expand(hx509_context context, const char *name, const char *expected) return 0; } +char certdata1[] = + "\x30\x82\x04\x1d\x30\x82\x03\x05\xa0\x03\x02\x01\x02\x02\x10\x4e" + "\x81\x2d\x8a\x82\x65\xe0\x0b\x02\xee\x3e\x35\x02\x46\xe5\x3d\x30" + "\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81" + "\x81\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31\x1b" + "\x30\x19\x06\x03\x55\x04\x08\x13\x12\x47\x72\x65\x61\x74\x65\x72" + "\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e\x06" + "\x03\x55\x04\x07\x13\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a\x30" + "\x18\x06\x03\x55\x04\x0a\x13\x11\x43\x4f\x4d\x4f\x44\x4f\x20\x43" + "\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x27\x30\x25\x06\x03\x55" + "\x04\x03\x13\x1e\x43\x4f\x4d\x4f\x44\x4f\x20\x43\x65\x72\x74\x69" + "\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x41\x75\x74\x68\x6f\x72\x69" + "\x74\x79\x30\x1e\x17\x0d\x30\x36\x31\x32\x30\x31\x30\x30\x30\x30" + "\x30\x30\x5a\x17\x0d\x32\x39\x31\x32\x33\x31\x32\x33\x35\x39\x35" + "\x39\x5a\x30\x81\x81\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02" + "\x47\x42\x31\x1b\x30\x19\x06\x03\x55\x04\x08\x13\x12\x47\x72\x65" + "\x61\x74\x65\x72\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31" + "\x10\x30\x0e\x06\x03\x55\x04\x07\x13\x07\x53\x61\x6c\x66\x6f\x72" + "\x64\x31\x1a\x30\x18\x06\x03\x55\x04\x0a\x13\x11\x43\x4f\x4d\x4f" + "\x44\x4f\x20\x43\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x27\x30" + "\x25\x06\x03\x55\x04\x03\x13\x1e\x43\x4f\x4d\x4f\x44\x4f\x20\x43" + "\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e\x20\x41\x75\x74" + "\x68\x6f\x72\x69\x74\x79\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86" + "\x48\x86\xf7\x0d\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82" + "\x01\x0a\x02\x82\x01\x01\x00\xd0\x40\x8b\x8b\x72\xe3\x91\x1b\xf7" + "\x51\xc1\x1b\x54\x04\x98\xd3\xa9\xbf\xc1\xe6\x8a\x5d\x3b\x87\xfb" + "\xbb\x88\xce\x0d\xe3\x2f\x3f\x06\x96\xf0\xa2\x29\x50\x99\xae\xdb" + "\x3b\xa1\x57\xb0\x74\x51\x71\xcd\xed\x42\x91\x4d\x41\xfe\xa9\xc8" + "\xd8\x6a\x86\x77\x44\xbb\x59\x66\x97\x50\x5e\xb4\xd4\x2c\x70\x44" + "\xcf\xda\x37\x95\x42\x69\x3c\x30\xc4\x71\xb3\x52\xf0\x21\x4d\xa1" + "\xd8\xba\x39\x7c\x1c\x9e\xa3\x24\x9d\xf2\x83\x16\x98\xaa\x16\x7c" + "\x43\x9b\x15\x5b\xb7\xae\x34\x91\xfe\xd4\x62\x26\x18\x46\x9a\x3f" + "\xeb\xc1\xf9\xf1\x90\x57\xeb\xac\x7a\x0d\x8b\xdb\x72\x30\x6a\x66" + "\xd5\xe0\x46\xa3\x70\xdc\x68\xd9\xff\x04\x48\x89\x77\xde\xb5\xe9" + "\xfb\x67\x6d\x41\xe9\xbc\x39\xbd\x32\xd9\x62\x02\xf1\xb1\xa8\x3d" + "\x6e\x37\x9c\xe2\x2f\xe2\xd3\xa2\x26\x8b\xc6\xb8\x55\x43\x88\xe1" + "\x23\x3e\xa5\xd2\x24\x39\x6a\x47\xab\x00\xd4\xa1\xb3\xa9\x25\xfe" + "\x0d\x3f\xa7\x1d\xba\xd3\x51\xc1\x0b\xa4\xda\xac\x38\xef\x55\x50" + "\x24\x05\x65\x46\x93\x34\x4f\x2d\x8d\xad\xc6\xd4\x21\x19\xd2\x8e" + "\xca\x05\x61\x71\x07\x73\x47\xe5\x8a\x19\x12\xbd\x04\x4d\xce\x4e" + "\x9c\xa5\x48\xac\xbb\x26\xf7\x02\x03\x01\x00\x01\xa3\x81\x8e\x30" + "\x81\x8b\x30\x1d\x06\x03\x55\x1d\x0e\x04\x16\x04\x14\x0b\x58\xe5" + "\x8b\xc6\x4c\x15\x37\xa4\x40\xa9\x30\xa9\x21\xbe\x47\x36\x5a\x56" + "\xff\x30\x0e\x06\x03\x55\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01" + "\x06\x30\x0f\x06\x03\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01" + "\x01\xff\x30\x49\x06\x03\x55\x1d\x1f\x04\x42\x30\x40\x30\x3e\xa0" + "\x3c\xa0\x3a\x86\x38\x68\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e" + "\x63\x6f\x6d\x6f\x64\x6f\x63\x61\x2e\x63\x6f\x6d\x2f\x43\x4f\x4d" + "\x4f\x44\x4f\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f\x6e" + "\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x2e\x63\x72\x6c\x30\x0d\x06" + "\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01" + "\x00\x3e\x98\x9e\x9b\xf6\x1b\xe9\xd7\x39\xb7\x78\xae\x1d\x72\x18" + "\x49\xd3\x87\xe4\x43\x82\xeb\x3f\xc9\xaa\xf5\xa8\xb5\xef\x55\x7c" + "\x21\x52\x65\xf9\xd5\x0d\xe1\x6c\xf4\x3e\x8c\x93\x73\x91\x2e\x02" + "\xc4\x4e\x07\x71\x6f\xc0\x8f\x38\x61\x08\xa8\x1e\x81\x0a\xc0\x2f" + "\x20\x2f\x41\x8b\x91\xdc\x48\x45\xbc\xf1\xc6\xde\xba\x76\x6b\x33" + "\xc8\x00\x2d\x31\x46\x4c\xed\xe7\x9d\xcf\x88\x94\xff\x33\xc0\x56" + "\xe8\x24\x86\x26\xb8\xd8\x38\x38\xdf\x2a\x6b\xdd\x12\xcc\xc7\x3f" + "\x47\x17\x4c\xa2\xc2\x06\x96\x09\xd6\xdb\xfe\x3f\x3c\x46\x41\xdf" + "\x58\xe2\x56\x0f\x3c\x3b\xc1\x1c\x93\x35\xd9\x38\x52\xac\xee\xc8" + "\xec\x2e\x30\x4e\x94\x35\xb4\x24\x1f\x4b\x78\x69\xda\xf2\x02\x38" + "\xcc\x95\x52\x93\xf0\x70\x25\x59\x9c\x20\x67\xc4\xee\xf9\x8b\x57" + "\x61\xf4\x92\x76\x7d\x3f\x84\x8d\x55\xb7\xe8\xe5\xac\xd5\xf1\xf5" + "\x19\x56\xa6\x5a\xfb\x90\x1c\xaf\x93\xeb\xe5\x1c\xd4\x67\x97\x5d" + "\x04\x0e\xbe\x0b\x83\xa6\x17\x83\xb9\x30\x12\xa0\xc5\x33\x15\x05" + "\xb9\x0d\xfb\xc7\x05\x76\xe3\xd8\x4a\x8d\xfc\x34\x17\xa3\xc6\x21" + "\x28\xbe\x30\x45\x31\x1e\xc7\x78\xbe\x58\x61\x38\xac\x3b\xe2\x01" + "\x65"; + +char certdata2[] = + "\x30\x82\x03\x02\x30\x82\x02\x6b\x02\x10\x39\xca\x54\x89\xfe\x50" + "\x22\x32\xfe\x32\xd9\xdb\xfb\x1b\x84\x19\x30\x0d\x06\x09\x2a\x86" + "\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30\x81\xc1\x31\x0b\x30\x09" + "\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30\x15\x06\x03\x55" + "\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e" + "\x63\x2e\x31\x3c\x30\x3a\x06\x03\x55\x04\x0b\x13\x33\x43\x6c\x61" + "\x73\x73\x20\x31\x20\x50\x75\x62\x6c\x69\x63\x20\x50\x72\x69\x6d" + "\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6f" + "\x6e\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x20\x2d\x20\x47\x32" + "\x31\x3a\x30\x38\x06\x03\x55\x04\x0b\x13\x31\x28\x63\x29\x20\x31" + "\x39\x39\x38\x20\x56\x65\x72\x69\x53\x69\x67\x6e\x2c\x20\x49\x6e" + "\x63\x2e\x20\x2d\x20\x46\x6f\x72\x20\x61\x75\x74\x68\x6f\x72\x69" + "\x7a\x65\x64\x20\x75\x73\x65\x20\x6f\x6e\x6c\x79\x31\x1f\x30\x1d" + "\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53\x69\x67\x6e\x20" + "\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72\x6b\x30\x1e\x17" + "\x0d\x39\x38\x30\x35\x31\x38\x30\x30\x30\x30\x30\x30\x5a\x17\x0d" + "\x31\x38\x30\x35\x31\x38\x32\x33\x35\x39\x35\x39\x5a\x30\x81\xc1" + "\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x55\x53\x31\x17\x30" + "\x15\x06\x03\x55\x04\x0a\x13\x0e\x56\x65\x72\x69\x53\x69\x67\x6e" + "\x2c\x20\x49\x6e\x63\x2e\x31\x3c\x30\x3a\x06\x03\x55\x04\x0b\x13" + "\x33\x43\x6c\x61\x73\x73\x20\x31\x20\x50\x75\x62\x6c\x69\x63\x20" + "\x50\x72\x69\x6d\x61\x72\x79\x20\x43\x65\x72\x74\x69\x66\x69\x63" + "\x61\x74\x69\x6f\x6e\x20\x41\x75\x74\x68\x6f\x72\x69\x74\x79\x20" + "\x2d\x20\x47\x32\x31\x3a\x30\x38\x06\x03\x55\x04\x0b\x13\x31\x28" + "\x63\x29\x20\x31\x39\x39\x38\x20\x56\x65\x72\x69\x53\x69\x67\x6e" + "\x2c\x20\x49\x6e\x63\x2e\x20\x2d\x20\x46\x6f\x72\x20\x61\x75\x74" + "\x68\x6f\x72\x69\x7a\x65\x64\x20\x75\x73\x65\x20\x6f\x6e\x6c\x79" + "\x31\x1f\x30\x1d\x06\x03\x55\x04\x0b\x13\x16\x56\x65\x72\x69\x53" + "\x69\x67\x6e\x20\x54\x72\x75\x73\x74\x20\x4e\x65\x74\x77\x6f\x72" + "\x6b\x30\x81\x9f\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01" + "\x01\x05\x00\x03\x81\x8d\x00\x30\x81\x89\x02\x81\x81\x00\xaa\xd0" + "\xba\xbe\x16\x2d\xb8\x83\xd4\xca\xd2\x0f\xbc\x76\x31\xca\x94\xd8" + "\x1d\x93\x8c\x56\x02\xbc\xd9\x6f\x1a\x6f\x52\x36\x6e\x75\x56\x0a" + "\x55\xd3\xdf\x43\x87\x21\x11\x65\x8a\x7e\x8f\xbd\x21\xde\x6b\x32" + "\x3f\x1b\x84\x34\x95\x05\x9d\x41\x35\xeb\x92\xeb\x96\xdd\xaa\x59" + "\x3f\x01\x53\x6d\x99\x4f\xed\xe5\xe2\x2a\x5a\x90\xc1\xb9\xc4\xa6" + "\x15\xcf\xc8\x45\xeb\xa6\x5d\x8e\x9c\x3e\xf0\x64\x24\x76\xa5\xcd" + "\xab\x1a\x6f\xb6\xd8\x7b\x51\x61\x6e\xa6\x7f\x87\xc8\xe2\xb7\xe5" + "\x34\xdc\x41\x88\xea\x09\x40\xbe\x73\x92\x3d\x6b\xe7\x75\x02\x03" + "\x01\x00\x01\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x81\x81\x00\x8b\xf7\x1a\x10\xce\x76\x5c\x07\xab\x83" + "\x99\xdc\x17\x80\x6f\x34\x39\x5d\x98\x3e\x6b\x72\x2c\xe1\xc7\xa2" + "\x7b\x40\x29\xb9\x78\x88\xba\x4c\xc5\xa3\x6a\x5e\x9e\x6e\x7b\xe3" + "\xf2\x02\x41\x0c\x66\xbe\xad\xfb\xae\xa2\x14\xce\x92\xf3\xa2\x34" + "\x8b\xb4\xb2\xb6\x24\xf2\xe5\xd5\xe0\xc8\xe5\x62\x6d\x84\x7b\xcb" + "\xbe\xbb\x03\x8b\x7c\x57\xca\xf0\x37\xa9\x90\xaf\x8a\xee\x03\xbe" + "\x1d\x28\x9c\xd9\x26\x76\xa0\xcd\xc4\x9d\x4e\xf0\xae\x07\x16\xd5" + "\xbe\xaf\x57\x08\x6a\xd0\xa0\x42\x42\x42\x1e\xf4\x20\xcc\xa5\x78" + "\x82\x95\x26\x38\x8a\x47"; + +char certdata3[] = + "\x30\x82\x04\x43\x30\x82\x03\x2b\xa0\x03\x02\x01\x02\x02\x01\x01" + "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x30" + "\x7f\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31\x1b" + "\x30\x19\x06\x03\x55\x04\x08\x0c\x12\x47\x72\x65\x61\x74\x65\x72" + "\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e\x06" + "\x03\x55\x04\x07\x0c\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a\x30" + "\x18\x06\x03\x55\x04\x0a\x0c\x11\x43\x6f\x6d\x6f\x64\x6f\x20\x43" + "\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x25\x30\x23\x06\x03\x55" + "\x04\x03\x0c\x1c\x54\x72\x75\x73\x74\x65\x64\x20\x43\x65\x72\x74" + "\x69\x66\x69\x63\x61\x74\x65\x20\x53\x65\x72\x76\x69\x63\x65\x73" + "\x30\x1e\x17\x0d\x30\x34\x30\x31\x30\x31\x30\x30\x30\x30\x30\x30" + "\x5a\x17\x0d\x32\x38\x31\x32\x33\x31\x32\x33\x35\x39\x35\x39\x5a" + "\x30\x7f\x31\x0b\x30\x09\x06\x03\x55\x04\x06\x13\x02\x47\x42\x31" + "\x1b\x30\x19\x06\x03\x55\x04\x08\x0c\x12\x47\x72\x65\x61\x74\x65" + "\x72\x20\x4d\x61\x6e\x63\x68\x65\x73\x74\x65\x72\x31\x10\x30\x0e" + "\x06\x03\x55\x04\x07\x0c\x07\x53\x61\x6c\x66\x6f\x72\x64\x31\x1a" + "\x30\x18\x06\x03\x55\x04\x0a\x0c\x11\x43\x6f\x6d\x6f\x64\x6f\x20" + "\x43\x41\x20\x4c\x69\x6d\x69\x74\x65\x64\x31\x25\x30\x23\x06\x03" + "\x55\x04\x03\x0c\x1c\x54\x72\x75\x73\x74\x65\x64\x20\x43\x65\x72" + "\x74\x69\x66\x69\x63\x61\x74\x65\x20\x53\x65\x72\x76\x69\x63\x65" + "\x73\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01" + "\x01\x01\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01" + "\x01\x00\xdf\x71\x6f\x36\x58\x53\x5a\xf2\x36\x54\x57\x80\xc4\x74" + "\x08\x20\xed\x18\x7f\x2a\x1d\xe6\x35\x9a\x1e\x25\xac\x9c\xe5\x96" + "\x7e\x72\x52\xa0\x15\x42\xdb\x59\xdd\x64\x7a\x1a\xd0\xb8\x7b\xdd" + "\x39\x15\xbc\x55\x48\xc4\xed\x3a\x00\xea\x31\x11\xba\xf2\x71\x74" + "\x1a\x67\xb8\xcf\x33\xcc\xa8\x31\xaf\xa3\xe3\xd7\x7f\xbf\x33\x2d" + "\x4c\x6a\x3c\xec\x8b\xc3\x92\xd2\x53\x77\x24\x74\x9c\x07\x6e\x70" + "\xfc\xbd\x0b\x5b\x76\xba\x5f\xf2\xff\xd7\x37\x4b\x4a\x60\x78\xf7" + "\xf0\xfa\xca\x70\xb4\xea\x59\xaa\xa3\xce\x48\x2f\xa9\xc3\xb2\x0b" + "\x7e\x17\x72\x16\x0c\xa6\x07\x0c\x1b\x38\xcf\xc9\x62\xb7\x3f\xa0" + "\x93\xa5\x87\x41\xf2\xb7\x70\x40\x77\xd8\xbe\x14\x7c\xe3\xa8\xc0" + "\x7a\x8e\xe9\x63\x6a\xd1\x0f\x9a\xc6\xd2\xf4\x8b\x3a\x14\x04\x56" + "\xd4\xed\xb8\xcc\x6e\xf5\xfb\xe2\x2c\x58\xbd\x7f\x4f\x6b\x2b\xf7" + "\x60\x24\x58\x24\xce\x26\xef\x34\x91\x3a\xd5\xe3\x81\xd0\xb2\xf0" + "\x04\x02\xd7\x5b\xb7\x3e\x92\xac\x6b\x12\x8a\xf9\xe4\x05\xb0\x3b" + "\x91\x49\x5c\xb2\xeb\x53\xea\xf8\x9f\x47\x86\xee\xbf\x95\xc0\xc0" + "\x06\x9f\xd2\x5b\x5e\x11\x1b\xf4\xc7\x04\x35\x29\xd2\x55\x5c\xe4" + "\xed\xeb\x02\x03\x01\x00\x01\xa3\x81\xc9\x30\x81\xc6\x30\x1d\x06" + "\x03\x55\x1d\x0e\x04\x16\x04\x14\xc5\x7b\x58\xbd\xed\xda\x25\x69" + "\xd2\xf7\x59\x16\xa8\xb3\x32\xc0\x7b\x27\x5b\xf4\x30\x0e\x06\x03" + "\x55\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\x06\x30\x0f\x06\x03" + "\x55\x1d\x13\x01\x01\xff\x04\x05\x30\x03\x01\x01\xff\x30\x81\x83" + "\x06\x03\x55\x1d\x1f\x04\x7c\x30\x7a\x30\x3c\xa0\x3a\xa0\x38\x86" + "\x36\x68\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e\x63\x6f\x6d\x6f" + "\x64\x6f\x63\x61\x2e\x63\x6f\x6d\x2f\x54\x72\x75\x73\x74\x65\x64" + "\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x65\x53\x65\x72\x76\x69" + "\x63\x65\x73\x2e\x63\x72\x6c\x30\x3a\xa0\x38\xa0\x36\x86\x34\x68" + "\x74\x74\x70\x3a\x2f\x2f\x63\x72\x6c\x2e\x63\x6f\x6d\x6f\x64\x6f" + "\x2e\x6e\x65\x74\x2f\x54\x72\x75\x73\x74\x65\x64\x43\x65\x72\x74" + "\x69\x66\x69\x63\x61\x74\x65\x53\x65\x72\x76\x69\x63\x65\x73\x2e" + "\x63\x72\x6c\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05" + "\x05\x00\x03\x82\x01\x01\x00\xc8\x93\x81\x3b\x89\xb4\xaf\xb8\x84" + "\x12\x4c\x8d\xd2\xf0\xdb\x70\xba\x57\x86\x15\x34\x10\xb9\x2f\x7f" + "\x1e\xb0\xa8\x89\x60\xa1\x8a\xc2\x77\x0c\x50\x4a\x9b\x00\x8b\xd8" + "\x8b\xf4\x41\xe2\xd0\x83\x8a\x4a\x1c\x14\x06\xb0\xa3\x68\x05\x70" + "\x31\x30\xa7\x53\x9b\x0e\xe9\x4a\xa0\x58\x69\x67\x0e\xae\x9d\xf6" + "\xa5\x2c\x41\xbf\x3c\x06\x6b\xe4\x59\xcc\x6d\x10\xf1\x96\x6f\x1f" + "\xdf\xf4\x04\x02\xa4\x9f\x45\x3e\xc8\xd8\xfa\x36\x46\x44\x50\x3f" + "\x82\x97\x91\x1f\x28\xdb\x18\x11\x8c\x2a\xe4\x65\x83\x57\x12\x12" + "\x8c\x17\x3f\x94\x36\xfe\x5d\xb0\xc0\x04\x77\x13\xb8\xf4\x15\xd5" + "\x3f\x38\xcc\x94\x3a\x55\xd0\xac\x98\xf5\xba\x00\x5f\xe0\x86\x19" + "\x81\x78\x2f\x28\xc0\x7e\xd3\xcc\x42\x0a\xf5\xae\x50\xa0\xd1\x3e" + "\xc6\xa1\x71\xec\x3f\xa0\x20\x8c\x66\x3a\x89\xb4\x8e\xd4\xd8\xb1" + "\x4d\x25\x47\xee\x2f\x88\xc8\xb5\xe1\x05\x45\xc0\xbe\x14\x71\xde" + "\x7a\xfd\x8e\x7b\x7d\x4d\x08\x96\xa5\x12\x73\xf0\x2d\xca\x37\x27" + "\x74\x12\x27\x4c\xcb\xb6\x97\xe9\xd9\xae\x08\x6d\x5a\x39\x40\xdd" + "\x05\x47\x75\x6a\x5a\x21\xb3\xa3\x18\xcf\x4e\xf7\x2e\x57\xb7\x98" + "\x70\x5e\xc8\xc4\x78\xb0\x62"; + + +static int +compare_subject(hx509_cert c1, hx509_cert c2, int *l) +{ + hx509_name n1, n2; + int ret; + + ret = hx509_cert_get_subject(c1, &n1); + if (ret) return 1; + ret = hx509_cert_get_subject(c2, &n2); + if (ret) return 1; + + *l = hx509_name_cmp(n1, n2); + hx509_name_free(&n1); + hx509_name_free(&n2); + + return 0; +} + +static int +test_compare(hx509_context context) +{ + int ret; + hx509_cert c1, c2, c3; + int l0, l1, l2, l3; + + /* check transative properties of name compare function */ + + ret = hx509_cert_init_data(context, certdata1, sizeof(certdata1) - 1, &c1); + if (ret) return 1; + + ret = hx509_cert_init_data(context, certdata2, sizeof(certdata2) - 1, &c2); + if (ret) return 1; + + ret = hx509_cert_init_data(context, certdata3, sizeof(certdata3) - 1, &c3); + if (ret) return 1; + + ret = compare_subject(c1, c1, &l0); + if (ret) return 1; + ret = compare_subject(c1, c2, &l1); + if (ret) return 1; + ret = compare_subject(c1, c3, &l2); + if (ret) return 1; + ret = compare_subject(c2, c3, &l3); + if (ret) return 1; + + if (l0 != 0) return 1; + if (l2 < l1) return 1; + if (l3 < l2) return 1; + if (l3 < l1) return 1; + + hx509_cert_free(c1); + hx509_cert_free(c2); + hx509_cert_free(c3); + + return 0; +} + + int main(int argc, char **argv) { @@ -125,6 +375,8 @@ main(int argc, char **argv) ret += test_expand(context, "UID=${uid}${uid},C=SE", "UID=lhalha,C=SE"); ret += test_expand(context, "UID=${uid}{uid},C=SE", "UID=lha{uid},C=SE"); + ret += test_compare(context); + hx509_context_free(&context); return ret; |