From 243321b4bbe273cf3a9105ca132caa2b53e2f263 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 26 Aug 2008 19:35:52 +0200
Subject: heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal
 patches

This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo.

metze
(This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53)
---
 source4/heimdal/lib/hx509/ca.c          |  2 +-
 source4/heimdal/lib/hx509/cert.c        |  2 +-
 source4/heimdal/lib/hx509/cms.c         |  2 +-
 source4/heimdal/lib/hx509/collector.c   |  2 +-
 source4/heimdal/lib/hx509/crmf.asn1     |  2 +-
 source4/heimdal/lib/hx509/crypto.c      |  2 +-
 source4/heimdal/lib/hx509/env.c         |  2 +-
 source4/heimdal/lib/hx509/error.c       |  2 +-
 source4/heimdal/lib/hx509/hx509.h       |  2 +-
 source4/heimdal/lib/hx509/hx509_err.et  |  2 +-
 source4/heimdal/lib/hx509/hx_locl.h     |  3 ++-
 source4/heimdal/lib/hx509/keyset.c      |  2 +-
 source4/heimdal/lib/hx509/ks_dir.c      |  2 +-
 source4/heimdal/lib/hx509/ks_file.c     |  2 +-
 source4/heimdal/lib/hx509/ks_keychain.c |  2 +-
 source4/heimdal/lib/hx509/ks_mem.c      |  4 ++--
 source4/heimdal/lib/hx509/ks_null.c     |  2 +-
 source4/heimdal/lib/hx509/ks_p11.c      | 13 ++++++-------
 source4/heimdal/lib/hx509/ks_p12.c      |  2 +-
 source4/heimdal/lib/hx509/lock.c        |  2 +-
 source4/heimdal/lib/hx509/name.c        |  2 +-
 source4/heimdal/lib/hx509/ocsp.asn1     |  2 +-
 source4/heimdal/lib/hx509/peer.c        |  2 +-
 source4/heimdal/lib/hx509/pkcs10.asn1   |  2 +-
 source4/heimdal/lib/hx509/print.c       |  2 +-
 source4/heimdal/lib/hx509/req.c         |  2 +-
 source4/heimdal/lib/hx509/revoke.c      |  9 +++++++--
 source4/heimdal/lib/hx509/test_name.c   |  2 +-
 28 files changed, 41 insertions(+), 36 deletions(-)

(limited to 'source4/heimdal/lib/hx509')

diff --git a/source4/heimdal/lib/hx509/ca.c b/source4/heimdal/lib/hx509/ca.c
index 55374321ea..5b4d7711e7 100644
--- a/source4/heimdal/lib/hx509/ca.c
+++ b/source4/heimdal/lib/hx509/ca.c
@@ -33,7 +33,7 @@
 
 #include "hx_locl.h"
 #include <pkinit_asn1.h>
-RCSID("$Id: ca.c 22995 2008-04-15 19:31:29Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_ca Hx509 CA functions
diff --git a/source4/heimdal/lib/hx509/cert.c b/source4/heimdal/lib/hx509/cert.c
index 3194526e34..3597896c0c 100644
--- a/source4/heimdal/lib/hx509/cert.c
+++ b/source4/heimdal/lib/hx509/cert.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: cert.c 23457 2008-07-27 12:12:56Z lha $");
+RCSID("$Id$");
 #include "crypto-headers.h"
 #include <rtbl.h>
 
diff --git a/source4/heimdal/lib/hx509/cms.c b/source4/heimdal/lib/hx509/cms.c
index 69e7730f3c..629060a253 100644
--- a/source4/heimdal/lib/hx509/cms.c
+++ b/source4/heimdal/lib/hx509/cms.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: cms.c 23268 2008-06-23 03:23:47Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_cms CMS/PKCS7 message functions.
diff --git a/source4/heimdal/lib/hx509/collector.c b/source4/heimdal/lib/hx509/collector.c
index 8b6ffcb945..d8212927e6 100644
--- a/source4/heimdal/lib/hx509/collector.c
+++ b/source4/heimdal/lib/hx509/collector.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: collector.c 20778 2007-06-01 22:04:13Z lha $");
+RCSID("$Id$");
 
 struct private_key {
     AlgorithmIdentifier alg;
diff --git a/source4/heimdal/lib/hx509/crmf.asn1 b/source4/heimdal/lib/hx509/crmf.asn1
index 97ade264ae..3d8403c8e8 100644
--- a/source4/heimdal/lib/hx509/crmf.asn1
+++ b/source4/heimdal/lib/hx509/crmf.asn1
@@ -1,4 +1,4 @@
--- $Id: crmf.asn1 17102 2006-04-18 13:05:21Z lha $
+-- $Id$
 PKCS10 DEFINITIONS ::=
 
 BEGIN
diff --git a/source4/heimdal/lib/hx509/crypto.c b/source4/heimdal/lib/hx509/crypto.c
index 9334a4a847..e16977c6bf 100644
--- a/source4/heimdal/lib/hx509/crypto.c
+++ b/source4/heimdal/lib/hx509/crypto.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: crypto.c 22855 2008-04-07 18:49:24Z lha $");
+RCSID("$Id$");
 
 struct hx509_crypto;
 
diff --git a/source4/heimdal/lib/hx509/env.c b/source4/heimdal/lib/hx509/env.c
index a124e6ea1c..9d771c506f 100644
--- a/source4/heimdal/lib/hx509/env.c
+++ b/source4/heimdal/lib/hx509/env.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: env.c 22677 2008-03-13 17:35:49Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_env Hx509 enviroment functions
diff --git a/source4/heimdal/lib/hx509/error.c b/source4/heimdal/lib/hx509/error.c
index 25119ed288..9eeecb227c 100644
--- a/source4/heimdal/lib/hx509/error.c
+++ b/source4/heimdal/lib/hx509/error.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: error.c 22332 2007-12-17 01:03:22Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_error Hx509 error reporting functions
diff --git a/source4/heimdal/lib/hx509/hx509.h b/source4/heimdal/lib/hx509/hx509.h
index d2a6b06e0c..289f8d04a7 100644
--- a/source4/heimdal/lib/hx509/hx509.h
+++ b/source4/heimdal/lib/hx509/hx509.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: hx509.h 22908 2008-04-08 08:16:32Z lha $ */
+/* $Id$ */
 
 #ifndef HEIMDAL_HX509_H
 #define HEIMDAL_HX509_H 1
diff --git a/source4/heimdal/lib/hx509/hx509_err.et b/source4/heimdal/lib/hx509/hx509_err.et
index 8fc5cb8f2f..c1dfaf587e 100644
--- a/source4/heimdal/lib/hx509/hx509_err.et
+++ b/source4/heimdal/lib/hx509/hx509_err.et
@@ -3,7 +3,7 @@
 #
 # This might look like a com_err file, but is not
 #
-id "$Id: hx509_err.et 22329 2007-12-15 05:13:14Z lha $"
+id "$Id$"
 
 error_table hx
 prefix HX509
diff --git a/source4/heimdal/lib/hx509/hx_locl.h b/source4/heimdal/lib/hx509/hx_locl.h
index d2db3354c7..4cf7a54e13 100644
--- a/source4/heimdal/lib/hx509/hx_locl.h
+++ b/source4/heimdal/lib/hx509/hx_locl.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: hx_locl.h 23189 2008-05-23 15:04:27Z lha $ */
+/* $Id$ */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -69,6 +69,7 @@
 
 #include <der.h>
 
+#define HC_DEPRECATED_CRYPTO
 #include "crypto-headers.h"
 
 struct hx509_keyset_ops;
diff --git a/source4/heimdal/lib/hx509/keyset.c b/source4/heimdal/lib/hx509/keyset.c
index 1fceb849ec..bb36221aff 100644
--- a/source4/heimdal/lib/hx509/keyset.c
+++ b/source4/heimdal/lib/hx509/keyset.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: keyset.c 22851 2008-04-07 18:49:07Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_keyset Certificate store operations
diff --git a/source4/heimdal/lib/hx509/ks_dir.c b/source4/heimdal/lib/hx509/ks_dir.c
index 0dabc78c52..17a3ae4745 100644
--- a/source4/heimdal/lib/hx509/ks_dir.c
+++ b/source4/heimdal/lib/hx509/ks_dir.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_dir.c 23460 2008-07-27 12:14:03Z lha $");
+RCSID("$Id$");
 #include <dirent.h>
 
 /*
diff --git a/source4/heimdal/lib/hx509/ks_file.c b/source4/heimdal/lib/hx509/ks_file.c
index 25ceb1c64f..bb8dce3a4e 100644
--- a/source4/heimdal/lib/hx509/ks_file.c
+++ b/source4/heimdal/lib/hx509/ks_file.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_file.c 23459 2008-07-27 12:13:31Z lha $");
+RCSID("$Id$");
 
 typedef enum { USE_PEM, USE_DER } outformat;
 
diff --git a/source4/heimdal/lib/hx509/ks_keychain.c b/source4/heimdal/lib/hx509/ks_keychain.c
index f8181975d9..e51b0ab6a0 100644
--- a/source4/heimdal/lib/hx509/ks_keychain.c
+++ b/source4/heimdal/lib/hx509/ks_keychain.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_keychain.c 22084 2007-11-16 20:12:30Z lha $");
+RCSID("$Id$");
 
 #ifdef HAVE_FRAMEWORK_SECURITY
 
diff --git a/source4/heimdal/lib/hx509/ks_mem.c b/source4/heimdal/lib/hx509/ks_mem.c
index efa19eb19c..043f19b3e4 100644
--- a/source4/heimdal/lib/hx509/ks_mem.c
+++ b/source4/heimdal/lib/hx509/ks_mem.c
@@ -195,8 +195,8 @@ mem_addkey(hx509_context context,
 	return ENOMEM;
     }
     mem->keys = ptr;
-    mem->keys[i++] = _hx509_private_key_ref(key);
-    mem->keys[i++] = NULL;
+    mem->keys[i] = _hx509_private_key_ref(key);
+    mem->keys[i + 1] = NULL;
     return 0;
 }
 
diff --git a/source4/heimdal/lib/hx509/ks_null.c b/source4/heimdal/lib/hx509/ks_null.c
index 3be259fc60..0b571c8406 100644
--- a/source4/heimdal/lib/hx509/ks_null.c
+++ b/source4/heimdal/lib/hx509/ks_null.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_null.c 20901 2007-06-04 23:14:08Z lha $");
+RCSID("$Id$");
 
 
 static int
diff --git a/source4/heimdal/lib/hx509/ks_p11.c b/source4/heimdal/lib/hx509/ks_p11.c
index bf46e6604e..19db6004ce 100644
--- a/source4/heimdal/lib/hx509/ks_p11.c
+++ b/source4/heimdal/lib/hx509/ks_p11.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_p11.c 22899 2008-04-07 18:52:36Z lha $");
+RCSID("$Id$");
 #ifdef HAVE_DLFCN_H
 #include <dlfcn.h>
 #endif
@@ -503,7 +503,7 @@ iterate_entries(hx509_context context,
 {
     CK_OBJECT_HANDLE object;
     CK_ULONG object_count;
-    int ret, i;
+    int ret, ret2, i;
 
     ret = P11FUNC(p, FindObjectsInit, (session, search_data, num_search_data));
     if (ret != CKR_OK) {
@@ -557,13 +557,12 @@ iterate_entries(hx509_context context,
 	query[i].pValue = NULL;
     }
 
-    ret = P11FUNC(p, FindObjectsFinal, (session));
-    if (ret != CKR_OK) {
-	return -2;
+    ret2 = P11FUNC(p, FindObjectsFinal, (session));
+    if (ret2 != CKR_OK) {
+	return ret2;
     }
 
-
-    return 0;
+    return ret;
 }
 		
 static BIGNUM *
diff --git a/source4/heimdal/lib/hx509/ks_p12.c b/source4/heimdal/lib/hx509/ks_p12.c
index 3ab824a330..53590c768c 100644
--- a/source4/heimdal/lib/hx509/ks_p12.c
+++ b/source4/heimdal/lib/hx509/ks_p12.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: ks_p12.c 23413 2008-07-26 18:34:53Z lha $");
+RCSID("$Id$");
 
 struct ks_pkcs12 {
     hx509_certs certs;
diff --git a/source4/heimdal/lib/hx509/lock.c b/source4/heimdal/lib/hx509/lock.c
index e835aee35a..df1acea042 100644
--- a/source4/heimdal/lib/hx509/lock.c
+++ b/source4/heimdal/lib/hx509/lock.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: lock.c 22327 2007-12-15 04:49:37Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_lock Locking and unlocking certificates and encrypted data.
diff --git a/source4/heimdal/lib/hx509/name.c b/source4/heimdal/lib/hx509/name.c
index ccc33a3e55..a34e09e847 100644
--- a/source4/heimdal/lib/hx509/name.c
+++ b/source4/heimdal/lib/hx509/name.c
@@ -33,7 +33,7 @@
 
 #include "hx_locl.h"
 #include <wind.h>
-RCSID("$Id: name.c 22677 2008-03-13 17:35:49Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_name PKIX/X.509 Names
diff --git a/source4/heimdal/lib/hx509/ocsp.asn1 b/source4/heimdal/lib/hx509/ocsp.asn1
index d8ecd66ccf..eb090a4cc7 100644
--- a/source4/heimdal/lib/hx509/ocsp.asn1
+++ b/source4/heimdal/lib/hx509/ocsp.asn1
@@ -1,5 +1,5 @@
 -- From rfc2560
--- $Id: ocsp.asn1 19576 2006-12-30 12:40:43Z lha $
+-- $Id$
 OCSP DEFINITIONS EXPLICIT TAGS::=
 
 BEGIN
diff --git a/source4/heimdal/lib/hx509/peer.c b/source4/heimdal/lib/hx509/peer.c
index eb0ecd2bde..9845ce051f 100644
--- a/source4/heimdal/lib/hx509/peer.c
+++ b/source4/heimdal/lib/hx509/peer.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: peer.c 22345 2007-12-26 19:03:51Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_peer Hx509 crypto selecting functions
diff --git a/source4/heimdal/lib/hx509/pkcs10.asn1 b/source4/heimdal/lib/hx509/pkcs10.asn1
index 518fe3bfa3..f3fe37b1bf 100644
--- a/source4/heimdal/lib/hx509/pkcs10.asn1
+++ b/source4/heimdal/lib/hx509/pkcs10.asn1
@@ -1,4 +1,4 @@
--- $Id: pkcs10.asn1 16918 2006-04-01 09:46:57Z lha $
+-- $Id$
 PKCS10 DEFINITIONS ::=
 
 BEGIN
diff --git a/source4/heimdal/lib/hx509/print.c b/source4/heimdal/lib/hx509/print.c
index c1594ff047..92d7811909 100644
--- a/source4/heimdal/lib/hx509/print.c
+++ b/source4/heimdal/lib/hx509/print.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: print.c 22538 2008-01-27 13:05:47Z lha $");
+RCSID("$Id$");
 
 /**
  * @page page_print Hx509 printing functions
diff --git a/source4/heimdal/lib/hx509/req.c b/source4/heimdal/lib/hx509/req.c
index f374044ca6..1ffa0a53cf 100644
--- a/source4/heimdal/lib/hx509/req.c
+++ b/source4/heimdal/lib/hx509/req.c
@@ -33,7 +33,7 @@
 
 #include "hx_locl.h"
 #include <pkcs10_asn1.h>
-RCSID("$Id: req.c 23413 2008-07-26 18:34:53Z lha $");
+RCSID("$Id$");
 
 struct hx509_request_data {
     hx509_name name;
diff --git a/source4/heimdal/lib/hx509/revoke.c b/source4/heimdal/lib/hx509/revoke.c
index 8325c4723d..a36ec964d2 100644
--- a/source4/heimdal/lib/hx509/revoke.c
+++ b/source4/heimdal/lib/hx509/revoke.c
@@ -50,7 +50,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: revoke.c 23413 2008-07-26 18:34:53Z lha $");
+RCSID("$Id$");
 
 struct revoke_crl {
     char *path;
@@ -1515,10 +1515,13 @@ hx509_crl_sign(hx509_context context,
 					    &c.signatureAlgorithm,
 					    &c.signatureValue);
     free(os->data);
+    if (ret) {
+	hx509_set_error_string(context, 0, ret, "Failed to sign CRL");
+	goto out;
+    }
 
     ASN1_MALLOC_ENCODE(CRLCertificateList, os->data, os->length,
 		       &c, &size, ret);
-    free_CRLCertificateList(&c);
     if (ret) {
 	hx509_set_error_string(context, 0, ret, "failed to encode CRL");
 	goto out;
@@ -1526,6 +1529,8 @@ hx509_crl_sign(hx509_context context,
     if (size != os->length)
 	_hx509_abort("internal ASN.1 encoder error");
 
+    free_CRLCertificateList(&c);
+
     return 0;
 
 out:
diff --git a/source4/heimdal/lib/hx509/test_name.c b/source4/heimdal/lib/hx509/test_name.c
index 6dcf542d01..7326fe632a 100644
--- a/source4/heimdal/lib/hx509/test_name.c
+++ b/source4/heimdal/lib/hx509/test_name.c
@@ -32,7 +32,7 @@
  */
 
 #include "hx_locl.h"
-RCSID("$Id: test_name.c 22677 2008-03-13 17:35:49Z lha $");
+RCSID("$Id$");
 
 static int
 test_name(hx509_context context, const char *name)
-- 
cgit