diff --git a/dbm/.cvsignore b/dbm/.cvsignore deleted file mode 100644 index f3c7a7c5da..0000000000 --- a/dbm/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -Makefile diff --git a/dbm/Makefile.in b/dbm/Makefile.in deleted file mode 100644 index 13779b989d..0000000000 --- a/dbm/Makefile.in +++ /dev/null @@ -1,36 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# - -DEPTH = .. -topsrcdir = @top_srcdir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -include $(DEPTH)/config/autoconf.mk - -DIRS = include src - -ifdef ENABLE_TESTS -DIRS += tests -endif - -include $(topsrcdir)/config/rules.mk - diff --git a/dbm/include/.cvsignore b/dbm/include/.cvsignore deleted file mode 100644 index f3c7a7c5da..0000000000 --- a/dbm/include/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -Makefile diff --git a/dbm/include/MANIFEST b/dbm/include/MANIFEST deleted file mode 100644 index 5626a3e87f..0000000000 --- a/dbm/include/MANIFEST +++ /dev/null @@ -1,17 +0,0 @@ -# -# This is a list of local files which get copied to the mozilla:dist directory -# - -cdefs.h -extern.h -hash.h -hsearch.h -mcom_db.h -mpool.h -ncompat.h -ndbm.h -nsres.h -page.h -queue.h -search.h -watcomfx.h diff --git a/dbm/include/Makefile.in b/dbm/include/Makefile.in deleted file mode 100644 index 86fb8f1572..0000000000 --- a/dbm/include/Makefile.in +++ /dev/null @@ -1,55 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# - -DEPTH = ../.. -topsrcdir = @top_srcdir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -include $(DEPTH)/config/autoconf.mk - -MODULE = dbm - -EXPORTS = \ - nsres.h \ - cdefs.h \ - mcom_db.h \ - ncompat.h \ - winfile.h \ - $(NULL) - -EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS)) - -PRIVATE_EXPORTS = \ - hsearch.h \ - page.h \ - extern.h \ - ndbm.h \ - queue.h \ - hash.h \ - mpool.h \ - search.h \ - $(NULL) - -PRIVATE_EXPORTS := $(addprefix $(srcdir)/, $(PRIVATE_EXPORTS)) - -include $(topsrcdir)/config/rules.mk - diff --git a/dbm/include/Makefile.win b/dbm/include/Makefile.win deleted file mode 100644 index 07fba1859e..0000000000 --- a/dbm/include/Makefile.win +++ /dev/null @@ -1,60 +0,0 @@ -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): - - -#//------------------------------------------------------------------------ -#// -#// Makefile to build the cert library -#// -#//------------------------------------------------------------------------ - -!if "$(MOZ_BITS)" == "16" -!ifndef MOZ_DEBUG -OPTIMIZER=-Os -UDEBUG -DNDEBUG -!endif -!endif - -#//------------------------------------------------------------------------ -#// -#// Specify the depth of the current directory relative to the -#// root of NS -#// -#//------------------------------------------------------------------------ -DEPTH= ..\.. - -!ifndef MAKE_OBJ_TYPE -MAKE_OBJ_TYPE=EXE -!endif - -#//------------------------------------------------------------------------ -#// -#// install headers -#// -#//------------------------------------------------------------------------ -EXPORTS=nsres.h cdefs.h mcom_db.h ncompat.h winfile.h - -#//------------------------------------------------------------------------ -#// -#// Include the common makefile rules -#// -#//------------------------------------------------------------------------ -include <$(DEPTH)/config/rules.mak> - -CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT - diff --git a/dbm/include/cdefs.h b/dbm/include/cdefs.h deleted file mode 100644 index 63c2f624a8..0000000000 --- a/dbm/include/cdefs.h +++ /dev/null @@ -1,165 +0,0 @@ -/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* ***** BEGIN LICENSE BLOCK ***** - * Version: NPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Netscape Public License - * Version 1.1 (the "License"); you may not use this file except in - * compliance with the License. You may obtain a copy of the License at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the NPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the NPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -/* - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Berkeley Software Design, Inc. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)cdefs.h 8.7 (Berkeley) 1/21/94 - */ - -#ifndef _CDEFS_H_ -#define _CDEFS_H_ - -#if defined(__cplusplus) -#define __BEGIN_DECLS extern "C" { -#define __END_DECLS } -#else -#define __BEGIN_DECLS -#define __END_DECLS -#endif - -/* - * The __CONCAT macro is used to concatenate parts of symbol names, e.g. - * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo. - * The __CONCAT macro is a bit tricky -- make sure you don't put spaces - * in between its arguments. __CONCAT can also concatenate double-quoted - * strings produced by the __STRING macro, but this only works with ANSI C. - */ -#if defined(__STDC__) || defined(__cplusplus) || defined(_WINDOWS) || defined(XP_OS2) -#define __P(protos) protos /* full-blown ANSI C */ -#define __CONCAT(x,y) x ## y -#define __STRING(x) #x - -/* On HP-UX 11.00, defines __const. */ -#ifndef __const -#define __const const /* define reserved names to standard */ -#endif /* __const */ -#define __signed signed -#define __volatile volatile -#ifndef _WINDOWS -#if defined(__cplusplus) -#define __inline inline /* convert to C++ keyword */ -#else -#if !defined(__GNUC__) && !defined(__MWERKS__) -#define __inline /* delete GCC keyword */ -#endif /* !__GNUC__ */ -#endif /* !__cplusplus */ -#endif /* !_WINDOWS */ - -#else /* !(__STDC__ || __cplusplus) */ -#define __P(protos) () /* traditional C preprocessor */ -#define __CONCAT(x,y) x/**/y -#define __STRING(x) "x" - -#ifndef __GNUC__ -#define __const /* delete pseudo-ANSI C keywords */ -#define __inline -#define __signed -#define __volatile -/* - * In non-ANSI C environments, new programs will want ANSI-only C keywords - * deleted from the program and old programs will want them left alone. - * When using a compiler other than gcc, programs using the ANSI C keywords - * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS. - * When using "gcc -traditional", we assume that this is the intent; if - * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone. - */ -#ifndef NO_ANSI_KEYWORDS -#define const /* delete ANSI C keywords */ -#define inline -#define signed -#define volatile -#endif -#endif /* !__GNUC__ */ -#endif /* !(__STDC__ || __cplusplus) */ - -/* - * GCC1 and some versions of GCC2 declare dead (non-returning) and - * pure (no side effects) functions using "volatile" and "const"; - * unfortunately, these then cause warnings under "-ansi -pedantic". - * GCC2 uses a new, peculiar __attribute__((attrs)) style. All of - * these work for GNU C++ (modulo a slight glitch in the C++ grammar - * in the distribution version of 2.5.5). - */ -#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5 -#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */ -#if defined(__GNUC__) && !defined(__STRICT_ANSI__) -#define __dead __volatile -#define __pure __const -#endif -#endif - -/* Delete pseudo-keywords wherever they are not available or needed. */ -#ifndef __dead -#define __dead -#define __pure -#endif - -#endif /* !_CDEFS_H_ */ diff --git a/dbm/include/extern.h b/dbm/include/extern.h deleted file mode 100644 index 8eabc81fea..0000000000 --- a/dbm/include/extern.h +++ /dev/null @@ -1,65 +0,0 @@ -/*- - * Copyright (c) 1991, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.4 (Berkeley) 6/16/94 - */ - -BUFHEAD *__add_ovflpage (HTAB *, BUFHEAD *); -int __addel (HTAB *, BUFHEAD *, const DBT *, const DBT *); -int __big_delete (HTAB *, BUFHEAD *); -int __big_insert (HTAB *, BUFHEAD *, const DBT *, const DBT *); -int __big_keydata (HTAB *, BUFHEAD *, DBT *, DBT *, int); -int __big_return (HTAB *, BUFHEAD *, int, DBT *, int); -int __big_split (HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *, - uint32, uint32, SPLIT_RETURN *); -int __buf_free (HTAB *, int, int); -void __buf_init (HTAB *, int); -uint32 __call_hash (HTAB *, char *, size_t); -int __delpair (HTAB *, BUFHEAD *, int); -int __expand_table (HTAB *); -int __find_bigpair (HTAB *, BUFHEAD *, int, char *, int); -uint16 __find_last_page (HTAB *, BUFHEAD **); -void __free_ovflpage (HTAB *, BUFHEAD *); -BUFHEAD *__get_buf (HTAB *, uint32, BUFHEAD *, int); -int __get_page (HTAB *, char *, uint32, int, int, int); -int __ibitmap (HTAB *, int, int, int); -uint32 __log2 (uint32); -int __put_page (HTAB *, char *, uint32, int, int); -void __reclaim_buf (HTAB *, BUFHEAD *); -int __split_page (HTAB *, uint32, uint32); - -/* Default hash routine. */ -extern uint32 (*__default_hash) (const void *, size_t); - -#ifdef HASH_STATISTICS -extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows; -#endif diff --git a/dbm/include/hash.h b/dbm/include/hash.h deleted file mode 100644 index 454a8ec42c..0000000000 --- a/dbm/include/hash.h +++ /dev/null @@ -1,337 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)hash.h 8.3 (Berkeley) 5/31/94 - */ - -/* Operations */ - -#include -#include "mcom_db.h" -typedef enum { - HASH_GET, HASH_PUT, HASH_PUTNEW, HASH_DELETE, HASH_FIRST, HASH_NEXT -} ACTION; - -/* Buffer Management structures */ -typedef struct _bufhead BUFHEAD; - -struct _bufhead { - BUFHEAD *prev; /* LRU links */ - BUFHEAD *next; /* LRU links */ - BUFHEAD *ovfl; /* Overflow page buffer header */ - uint32 addr; /* Address of this page */ - char *page; /* Actual page data */ - char is_disk; - char flags; -#define BUF_MOD 0x0001 -#define BUF_DISK 0x0002 -#define BUF_BUCKET 0x0004 -#define BUF_PIN 0x0008 -}; - -#define IS_BUCKET(X) ((X) & BUF_BUCKET) - -typedef BUFHEAD **SEGMENT; - -typedef int DBFILE_PTR; -#define NO_FILE -1 -#ifdef macintosh -#define DBFILE_OPEN(path, flag,mode) open((path), flag) -#define EXISTS(path) -#else -#define DBFILE_OPEN(path, flag,mode) open((path), (flag), (mode)) -#endif -/* Hash Table Information */ -typedef struct hashhdr { /* Disk resident portion */ - int32 magic; /* Magic NO for hash tables */ - int32 version; /* Version ID */ - uint32 lorder; /* Byte Order */ - int32 bsize; /* Bucket/Page Size */ - int32 bshift; /* Bucket shift */ - int32 dsize; /* Directory Size */ - int32 ssize; /* Segment Size */ - int32 sshift; /* Segment shift */ - int32 ovfl_point; /* Where overflow pages are being - * allocated */ - int32 last_freed; /* Last overflow page freed */ - int32 max_bucket; /* ID of Maximum bucket in use */ - int32 high_mask; /* Mask to modulo into entire table */ - int32 low_mask; /* Mask to modulo into lower half of - * table */ - int32 ffactor; /* Fill factor */ - int32 nkeys; /* Number of keys in hash table */ - int32 hdrpages; /* Size of table header */ - uint32 h_charkey; /* value of hash(CHARKEY) */ -#define NCACHED 32 /* number of bit maps and spare - * points */ - int32 spares[NCACHED];/* spare pages for overflow */ - uint16 bitmaps[NCACHED]; /* address of overflow page - * bitmaps */ -} HASHHDR; - -typedef struct htab { /* Memory resident data structure */ - HASHHDR hdr; /* Header */ - int nsegs; /* Number of allocated segments */ - int exsegs; /* Number of extra allocated - * segments */ - uint32 /* Hash function */ - (*hash)(const void *, size_t); - int flags; /* Flag values */ - DBFILE_PTR fp; /* File pointer */ - char *filename; - char *tmp_buf; /* Temporary Buffer for BIG data */ - char *tmp_key; /* Temporary Buffer for BIG keys */ - BUFHEAD *cpage; /* Current page */ - int cbucket; /* Current bucket */ - int cndx; /* Index of next item on cpage */ - int dbmerrno; /* Error Number -- for DBM - * compatability */ - int new_file; /* Indicates if fd is backing store - * or no */ - int save_file; /* Indicates whether we need to flush - * file at - * exit */ - uint32 *mapp[NCACHED]; /* Pointers to page maps */ - int nmaps; /* Initial number of bitmaps */ - int nbufs; /* Number of buffers left to - * allocate */ - BUFHEAD bufhead; /* Header of buffer lru list */ - SEGMENT *dir; /* Hash Bucket directory */ - off_t file_size; /* in bytes */ - char is_temp; /* unlink file on close */ - char updateEOF; /* force EOF update on flush */ -} HTAB; - -/* - * Constants - */ -#define DATABASE_CORRUPTED_ERROR -999 /* big ugly abort, delete database */ -#define OLD_MAX_BSIZE 65536 /* 2^16 */ -#define MAX_BSIZE 32l*1024l /* 2^15 */ -#define MIN_BUFFERS 6 -#define MINHDRSIZE 512 -#define DEF_BUFSIZE 65536l /* 64 K */ -#define DEF_BUCKET_SIZE 4096 -#define DEF_BUCKET_SHIFT 12 /* log2(BUCKET) */ -#define DEF_SEGSIZE 256 -#define DEF_SEGSIZE_SHIFT 8 /* log2(SEGSIZE) */ -#define DEF_DIRSIZE 256 -#define DEF_FFACTOR 65536l -#define MIN_FFACTOR 4 -#define SPLTMAX 8 -#define CHARKEY "%$sniglet^&" -#define NUMKEY 1038583l -#define BYTE_SHIFT 3 -#define INT_TO_BYTE 2 -#define INT_BYTE_SHIFT 5 -#define ALL_SET ((uint32)0xFFFFFFFF) -#define ALL_CLEAR 0 - -#define PTROF(X) ((ptrdiff_t)(X) == BUF_DISK ? 0 : (X)) -#define ISDISK(X) ((X) ? ((ptrdiff_t)(X) == BUF_DISK ? BUF_DISK \ - : (X)->is_disk) : 0) - -#define BITS_PER_MAP 32 - -/* Given the address of the beginning of a big map, clear/set the nth bit */ -#define CLRBIT(A, N) ((A)[(N)/BITS_PER_MAP] &= ~(1<<((N)%BITS_PER_MAP))) -#define SETBIT(A, N) ((A)[(N)/BITS_PER_MAP] |= (1<<((N)%BITS_PER_MAP))) -#define ISSET(A, N) ((A)[(N)/BITS_PER_MAP] & (1<<((N)%BITS_PER_MAP))) - -/* Overflow management */ -/* - * Overflow page numbers are allocated per split point. At each doubling of - * the table, we can allocate extra pages. So, an overflow page number has - * the top 5 bits indicate which split point and the lower 11 bits indicate - * which page at that split point is indicated (pages within split points are - * numberered starting with 1). - */ - -#define SPLITSHIFT 11 -#define SPLITMASK 0x7FF -#define SPLITNUM(N) (((uint32)(N)) >> SPLITSHIFT) -#define OPAGENUM(N) ((N) & SPLITMASK) -#define OADDR_OF(S,O) ((uint32)((uint32)(S) << SPLITSHIFT) + (O)) - -#define BUCKET_TO_PAGE(B) \ - (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B)+1))-1] : 0) -#define OADDR_TO_PAGE(B) \ - BUCKET_TO_PAGE ( (1 << SPLITNUM((B))) -1 ) + OPAGENUM((B)); - -/* - * page.h contains a detailed description of the page format. - * - * Normally, keys and data are accessed from offset tables in the top of - * each page which point to the beginning of the key and data. There are - * four flag values which may be stored in these offset tables which indicate - * the following: - * - * - * OVFLPAGE Rather than a key data pair, this pair contains - * the address of an overflow page. The format of - * the pair is: - * OVERFLOW_PAGE_NUMBER OVFLPAGE - * - * PARTIAL_KEY This must be the first key/data pair on a page - * and implies that page contains only a partial key. - * That is, the key is too big to fit on a single page - * so it starts on this page and continues on the next. - * The format of the page is: - * KEY_OFF PARTIAL_KEY OVFL_PAGENO OVFLPAGE - * - * KEY_OFF -- offset of the beginning of the key - * PARTIAL_KEY -- 1 - * OVFL_PAGENO - page number of the next overflow page - * OVFLPAGE -- 0 - * - * FULL_KEY This must be the first key/data pair on the page. It - * is used in two cases. - * - * Case 1: - * There is a complete key on the page but no data - * (because it wouldn't fit). The next page contains - * the data. - * - * Page format it: - * KEY_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE - * - * KEY_OFF -- offset of the beginning of the key - * FULL_KEY -- 2 - * OVFL_PAGENO - page number of the next overflow page - * OVFLPAGE -- 0 - * - * Case 2: - * This page contains no key, but part of a large - * data field, which is continued on the next page. - * - * Page format it: - * DATA_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE - * - * KEY_OFF -- offset of the beginning of the data on - * this page - * FULL_KEY -- 2 - * OVFL_PAGENO - page number of the next overflow page - * OVFLPAGE -- 0 - * - * FULL_KEY_DATA - * This must be the first key/data pair on the page. - * There are two cases: - * - * Case 1: - * This page contains a key and the beginning of the - * data field, but the data field is continued on the - * next page. - * - * Page format is: - * KEY_OFF FULL_KEY_DATA OVFL_PAGENO DATA_OFF - * - * KEY_OFF -- offset of the beginning of the key - * FULL_KEY_DATA -- 3 - * OVFL_PAGENO - page number of the next overflow page - * DATA_OFF -- offset of the beginning of the data - * - * Case 2: - * This page contains the last page of a big data pair. - * There is no key, only the tail end of the data - * on this page. - * - * Page format is: - * DATA_OFF FULL_KEY_DATA - * - * DATA_OFF -- offset of the beginning of the data on - * this page - * FULL_KEY_DATA -- 3 - * OVFL_PAGENO - page number of the next overflow page - * OVFLPAGE -- 0 - * - * OVFL_PAGENO and OVFLPAGE are optional (they are - * not present if there is no next page). - */ - -#define OVFLPAGE 0 -#define PARTIAL_KEY 1 -#define FULL_KEY 2 -#define FULL_KEY_DATA 3 -#define REAL_KEY 4 - -/* Short hands for accessing structure */ -#undef BSIZE -#define BSIZE hdr.bsize -#undef BSHIFT -#define BSHIFT hdr.bshift -#define DSIZE hdr.dsize -#define SGSIZE hdr.ssize -#define SSHIFT hdr.sshift -#define LORDER hdr.lorder -#define OVFL_POINT hdr.ovfl_point -#define LAST_FREED hdr.last_freed -#define MAX_BUCKET hdr.max_bucket -#define FFACTOR hdr.ffactor -#define HIGH_MASK hdr.high_mask -#define LOW_MASK hdr.low_mask -#define NKEYS hdr.nkeys -#define HDRPAGES hdr.hdrpages -#define SPARES hdr.spares -#define BITMAPS hdr.bitmaps -#define VERSION hdr.version -#define MAGIC hdr.magic -#define NEXT_FREE hdr.next_free -#define H_CHARKEY hdr.h_charkey - -extern uint32 (*__default_hash) (const void *, size_t); -void __buf_init(HTAB *hashp, int32 nbytes); -int __big_delete(HTAB *hashp, BUFHEAD *bufp); -BUFHEAD * __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage); -uint32 __call_hash(HTAB *hashp, char *k, size_t len); -#include "page.h" -extern int __big_split(HTAB *hashp, BUFHEAD *op,BUFHEAD *np, -BUFHEAD *big_keyp,uint32 addr,uint32 obucket, SPLIT_RETURN *ret); -void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp); -BUFHEAD * __add_ovflpage(HTAB *hashp, BUFHEAD *bufp); -int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val); -int __expand_table(HTAB *hashp); -uint32 __log2(uint32 num); -void __reclaim_buf(HTAB *hashp, BUFHEAD *bp); -int __get_page(HTAB *hashp, char * p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap); -int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap); -int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx); -int __buf_free(HTAB *hashp, int do_free, int to_disk); -int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size); -uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp); -int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val); -int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current); -int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx); -int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set); -int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket); diff --git a/dbm/include/hsearch.h b/dbm/include/hsearch.h deleted file mode 100644 index ff58b1c155..0000000000 --- a/dbm/include/hsearch.h +++ /dev/null @@ -1,51 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)search.h 8.1 (Berkeley) 6/4/93 - */ - -/* Backward compatibility to hsearch interface. */ -typedef struct entry { - char *key; - char *data; -} ENTRY; - -typedef enum { - FIND, ENTER -} ACTION; - -int hcreate (unsigned int); -void hdestroy (void); -ENTRY *hsearch (ENTRY, ACTION); diff --git a/dbm/include/mcom_db.h b/dbm/include/mcom_db.h deleted file mode 100644 index 252a9b2682..0000000000 --- a/dbm/include/mcom_db.h +++ /dev/null @@ -1,450 +0,0 @@ -/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* ***** BEGIN LICENSE BLOCK ***** - * Version: NPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Netscape Public License - * Version 1.1 (the "License"); you may not use this file except in - * compliance with the License. You may obtain a copy of the License at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the NPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the NPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)db.h 8.7 (Berkeley) 6/16/94 - */ - -#ifndef _DB_H_ -#define _DB_H_ - -#ifndef macintosh -#include -#endif -#include "prtypes.h" - -#include - -#ifdef __DBINTERFACE_PRIVATE - -#ifdef HAVE_SYS_CDEFS_H -#include -#else -#include "cdefs.h" -#endif - -#ifdef HAVE_SYS_BYTEORDER_H -#include -#endif - -#if defined(__linux) || defined(__BEOS__) -#include -#ifndef BYTE_ORDER -#define BYTE_ORDER __BYTE_ORDER -#define BIG_ENDIAN __BIG_ENDIAN -#define LITTLE_ENDIAN __LITTLE_ENDIAN -#endif -#endif /* __linux */ - -#ifdef __sgi -#define BYTE_ORDER BIG_ENDIAN -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */ -#endif - -#ifdef __sun -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */ - -#ifndef __SVR4 -/* compat.h is only in 4.1.3 machines. - dp */ -#include -#endif - -/* XXX - dp - * Need to find a general way of defining endian-ness in SunOS 5.3 - * SunOS 5.4 defines _BIG_ENDIAN and _LITTLE_ENDIAN - * SunOS 5.3 does nothing like this. - */ - -#ifndef BYTE_ORDER - -#if defined(_BIG_ENDIAN) -#define BYTE_ORDER BIG_ENDIAN -#elif defined(_LITTLE_ENDIAN) -#define BYTE_ORDER LITTLE_ENDIAN -#elif !defined(__SVR4) -/* 4.1.3 is always BIG_ENDIAN as it was released only on sparc platforms. */ -#define BYTE_ORDER BIG_ENDIAN -#elif !defined(vax) && !defined(ntohl) && !defined(lint) && !defined(i386) -/* 5.3 big endian. Copied this above line from sys/byteorder.h */ -/* Now we are in a 5.3 SunOS rather non 5.4 or above SunOS */ -#define BYTE_ORDER BIG_ENDIAN -#else -#define BYTE_ORDER LITTLE_ENDIAN -#endif - -#endif /* !BYTE_ORDER */ -#endif /* __sun */ - -#if defined(__hpux) || defined(__hppa) -#define BYTE_ORDER BIG_ENDIAN -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */ -#endif - -#if defined(AIXV3) || defined(AIX) -/* BYTE_ORDER, LITTLE_ENDIAN, BIG_ENDIAN are all defined here */ -#include -#endif - -/* Digital Unix */ -#ifdef __osf__ -#include -#endif - -#ifdef __alpha -#ifndef WIN32 -#else -/* Alpha NT */ -#define BYTE_ORDER LITTLE_ENDIAN -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 -#endif -#endif - -#ifdef NCR -#include -#endif - -#ifdef __QNX__ -#ifdef __QNXNTO__ -#include -#else -#define LITTLE_ENDIAN 1234 -#define BIG_ENDIAN 4321 -#define BYTE_ORDER LITTLE_ENDIAN -#endif -#endif - -#ifdef SNI -/* #include */ -#define BYTE_ORDER BIG_ENDIAN -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 -#endif - -#if defined(_WINDOWS) || defined(XP_OS2) -#ifdef BYTE_ORDER -#undef BYTE_ORDER -#endif - -#define BYTE_ORDER LITTLE_ENDIAN -#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */ -#define BIG_ENDIAN 4321 -#endif - -#ifdef macintosh -#define BIG_ENDIAN 4321 -#define LITTLE_ENDIAN 1234 -#define BYTE_ORDER BIG_ENDIAN -#endif - -#endif /* __DBINTERFACE_PRIVATE */ - -#ifdef SCO -#define MAXPATHLEN 1024 -#endif - -#include - -#if defined(_WINDOWS) || defined(XP_OS2) -#include -#include - -#ifndef XP_OS2 -#define MAXPATHLEN 1024 -#endif - -#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */ - -#ifndef STDERR_FILENO -#define STDIN_FILENO 0 /* ANSI C #defines */ -#define STDOUT_FILENO 1 -#define STDERR_FILENO 2 -#endif - -#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */ -#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR) -#endif -#endif - -#ifdef macintosh -#include -#include "xp_mcom.h" -#define O_ACCMODE 3 /* Mask for file access modes */ -#define EFTYPE 2000 -PR_BEGIN_EXTERN_C -int mkstemp(const char *path); -PR_END_EXTERN_C -#endif /* MACINTOSH */ - -#if !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2) -#include -#include -#endif - -/* define EFTYPE since most don't */ -#ifndef EFTYPE -#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */ -#endif - -#define RET_ERROR -1 /* Return values. */ -#define RET_SUCCESS 0 -#define RET_SPECIAL 1 - -#define MAX_PAGE_NUMBER 0xffffffff /* >= # of pages in a file */ - -#ifndef __sgi -typedef uint32 pgno_t; -#endif - -#define MAX_PAGE_OFFSET 65535 /* >= # of bytes in a page */ -typedef uint16 indx_t; -#define MAX_REC_NUMBER 0xffffffff /* >= # of records in a tree */ -typedef uint32 recno_t; - -/* Key/data structure -- a Data-Base Thang. */ -typedef struct { - void *data; /* data */ - size_t size; /* data length */ -} DBT; - -/* Routine flags. */ -#define R_CURSOR 1 /* del, put, seq */ -#define __R_UNUSED 2 /* UNUSED */ -#define R_FIRST 3 /* seq */ -#define R_IAFTER 4 /* put (RECNO) */ -#define R_IBEFORE 5 /* put (RECNO) */ -#define R_LAST 6 /* seq (BTREE, RECNO) */ -#define R_NEXT 7 /* seq */ -#define R_NOOVERWRITE 8 /* put */ -#define R_PREV 9 /* seq (BTREE, RECNO) */ -#define R_SETCURSOR 10 /* put (RECNO) */ -#define R_RECNOSYNC 11 /* sync (RECNO) */ - -typedef enum { DB_BTREE, DB_HASH, DB_RECNO } DBTYPE; - -typedef enum { LockOutDatabase, UnlockDatabase } DBLockFlagEnum; - -/* - * !!! - * The following flags are included in the dbopen(3) call as part of the - * open(2) flags. In order to avoid conflicts with the open flags, start - * at the top of the 16 or 32-bit number space and work our way down. If - * the open flags were significantly expanded in the future, it could be - * a problem. Wish I'd left another flags word in the dbopen call. - * - * !!! - * None of this stuff is implemented yet. The only reason that it's here - * is so that the access methods can skip copying the key/data pair when - * the DB_LOCK flag isn't set. - */ -#if UINT_MAX > 65535 -#define DB_LOCK 0x20000000 /* Do locking. */ -#define DB_SHMEM 0x40000000 /* Use shared memory. */ -#define DB_TXN 0x80000000 /* Do transactions. */ -#else -#define DB_LOCK 0x2000 /* Do locking. */ -#define DB_SHMEM 0x4000 /* Use shared memory. */ -#define DB_TXN 0x8000 /* Do transactions. */ -#endif - -/* Access method description structure. */ -typedef struct __db { - DBTYPE type; /* Underlying db type. */ - int (*close) (struct __db *); - int (*del) (const struct __db *, const DBT *, uint); - int (*get) (const struct __db *, const DBT *, DBT *, uint); - int (*put) (const struct __db *, DBT *, const DBT *, uint); - int (*seq) (const struct __db *, DBT *, DBT *, uint); - int (*sync) (const struct __db *, uint); - void *internal; /* Access method private. */ - int (*fd) (const struct __db *); -} DB; - -#define BTREEMAGIC 0x053162 -#define BTREEVERSION 3 - -/* Structure used to pass parameters to the btree routines. */ -typedef struct { -#define R_DUP 0x01 /* duplicate keys */ - uint32 flags; - uint cachesize; /* bytes to cache */ - int maxkeypage; /* maximum keys per page */ - int minkeypage; /* minimum keys per page */ - uint psize; /* page size */ - int (*compare) /* comparison function */ - (const DBT *, const DBT *); - size_t (*prefix) /* prefix function */ - (const DBT *, const DBT *); - int lorder; /* byte order */ -} BTREEINFO; - -#define HASHMAGIC 0x061561 -#define HASHVERSION 2 - -/* Structure used to pass parameters to the hashing routines. */ -typedef struct { - uint bsize; /* bucket size */ - uint ffactor; /* fill factor */ - uint nelem; /* number of elements */ - uint cachesize; /* bytes to cache */ - uint32 /* hash function */ - (*hash) (const void *, size_t); - int lorder; /* byte order */ -} HASHINFO; - -/* Structure used to pass parameters to the record routines. */ -typedef struct { -#define R_FIXEDLEN 0x01 /* fixed-length records */ -#define R_NOKEY 0x02 /* key not required */ -#define R_SNAPSHOT 0x04 /* snapshot the input */ - uint32 flags; - uint cachesize; /* bytes to cache */ - uint psize; /* page size */ - int lorder; /* byte order */ - size_t reclen; /* record length (fixed-length records) */ - uint8 bval; /* delimiting byte (variable-length records */ - char *bfname; /* btree file name */ -} RECNOINFO; - -#ifdef __DBINTERFACE_PRIVATE -/* - * Little endian <==> big endian 32-bit swap macros. - * M_32_SWAP swap a memory location - * P_32_SWAP swap a referenced memory location - * P_32_COPY swap from one location to another - */ -#define M_32_SWAP(a) { \ - uint32 _tmp = a; \ - ((char *)&a)[0] = ((char *)&_tmp)[3]; \ - ((char *)&a)[1] = ((char *)&_tmp)[2]; \ - ((char *)&a)[2] = ((char *)&_tmp)[1]; \ - ((char *)&a)[3] = ((char *)&_tmp)[0]; \ -} -#define P_32_SWAP(a) { \ - uint32 _tmp = *(uint32 *)a; \ - ((char *)a)[0] = ((char *)&_tmp)[3]; \ - ((char *)a)[1] = ((char *)&_tmp)[2]; \ - ((char *)a)[2] = ((char *)&_tmp)[1]; \ - ((char *)a)[3] = ((char *)&_tmp)[0]; \ -} -#define P_32_COPY(a, b) { \ - ((char *)&(b))[0] = ((char *)&(a))[3]; \ - ((char *)&(b))[1] = ((char *)&(a))[2]; \ - ((char *)&(b))[2] = ((char *)&(a))[1]; \ - ((char *)&(b))[3] = ((char *)&(a))[0]; \ -} - -/* - * Little endian <==> big endian 16-bit swap macros. - * M_16_SWAP swap a memory location - * P_16_SWAP swap a referenced memory location - * P_16_COPY swap from one location to another - */ -#define M_16_SWAP(a) { \ - uint16 _tmp = a; \ - ((char *)&a)[0] = ((char *)&_tmp)[1]; \ - ((char *)&a)[1] = ((char *)&_tmp)[0]; \ -} -#define P_16_SWAP(a) { \ - uint16 _tmp = *(uint16 *)a; \ - ((char *)a)[0] = ((char *)&_tmp)[1]; \ - ((char *)a)[1] = ((char *)&_tmp)[0]; \ -} -#define P_16_COPY(a, b) { \ - ((char *)&(b))[0] = ((char *)&(a))[1]; \ - ((char *)&(b))[1] = ((char *)&(a))[0]; \ -} -#endif - -PR_BEGIN_EXTERN_C -#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__) -extern DB * -#else -PR_EXTERN(DB *) -#endif -dbopen (const char *, int, int, DBTYPE, const void *); - -/* set or unset a global lock flag to disable the - * opening of any DBM file - */ -void dbSetOrClearDBLock(DBLockFlagEnum type); - -#ifdef __DBINTERFACE_PRIVATE -DB *__bt_open (const char *, int, int, const BTREEINFO *, int); -DB *__hash_open (const char *, int, int, const HASHINFO *, int); -DB *__rec_open (const char *, int, int, const RECNOINFO *, int); -void __dbpanic (DB *dbp); -#endif - -PR_END_EXTERN_C - -#endif /* !_DB_H_ */ diff --git a/dbm/include/mpool.h b/dbm/include/mpool.h deleted file mode 100644 index a2fb62b9f7..0000000000 --- a/dbm/include/mpool.h +++ /dev/null @@ -1,99 +0,0 @@ -/*- - * Copyright (c) 1991, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)mpool.h 8.2 (Berkeley) 7/14/94 - */ - -#include - -/* - * The memory pool scheme is a simple one. Each in-memory page is referenced - * by a bucket which is threaded in up to two of three ways. All active pages - * are threaded on a hash chain (hashed by page number) and an lru chain. - * Inactive pages are threaded on a free chain. Each reference to a memory - * pool is handed an opaque MPOOL cookie which stores all of this information. - */ -#define HASHSIZE 128 -#define HASHKEY(pgno) ((pgno - 1) % HASHSIZE) - -/* The BKT structures are the elements of the queues. */ -typedef struct _bkt { - CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */ - CIRCLEQ_ENTRY(_bkt) q; /* lru queue */ - void *page; /* page */ - pgno_t pgno; /* page number */ - -#define MPOOL_DIRTY 0x01 /* page needs to be written */ -#define MPOOL_PINNED 0x02 /* page is pinned into memory */ - uint8 flags; /* flags */ -} BKT; - -typedef struct MPOOL { - CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */ - /* hash queue array */ - CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE]; - pgno_t curcache; /* current number of cached pages */ - pgno_t maxcache; /* max number of cached pages */ - pgno_t npages; /* number of pages in the file */ - uint32 pagesize; /* file page size */ - int fd; /* file descriptor */ - /* page in conversion routine */ - void (*pgin) (void *, pgno_t, void *); - /* page out conversion routine */ - void (*pgout) (void *, pgno_t, void *); - void *pgcookie; /* cookie for page in/out routines */ -#ifdef STATISTICS - uint32 cachehit; - uint32 cachemiss; - uint32 pagealloc; - uint32 pageflush; - uint32 pageget; - uint32 pagenew; - uint32 pageput; - uint32 pageread; - uint32 pagewrite; -#endif -} MPOOL; - -__BEGIN_DECLS -MPOOL *mpool_open (void *, int, pgno_t, pgno_t); -void mpool_filter (MPOOL *, void (*)(void *, pgno_t, void *), - void (*)(void *, pgno_t, void *), void *); -void *mpool_new (MPOOL *, pgno_t *); -void *mpool_get (MPOOL *, pgno_t, uint); -int mpool_put (MPOOL *, void *, uint); -int mpool_sync (MPOOL *); -int mpool_close (MPOOL *); -#ifdef STATISTICS -void mpool_stat (MPOOL *); -#endif -__END_DECLS diff --git a/dbm/include/ncompat.h b/dbm/include/ncompat.h deleted file mode 100644 index c95b327feb..0000000000 --- a/dbm/include/ncompat.h +++ /dev/null @@ -1,232 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)compat.h 8.13 (Berkeley) 2/21/94 - */ - -#ifndef _COMPAT_H_ -#define _COMPAT_H_ - -#include - -/* - * If your system doesn't typedef u_long, u_short, or u_char, change - * the 0 to a 1. - */ -#if 0 -typedef unsigned char u_char; /* 4.[34]BSD names. */ -typedef unsigned int u_int; -typedef unsigned long u_long; -typedef unsigned short u_short; -#endif - -/* If your system doesn't typedef size_t, change the 0 to a 1. */ -#if 0 -typedef unsigned int size_t; /* POSIX, 4.[34]BSD names. */ -#endif - -/* If your system doesn't typedef ssize_t, change the 0 to a 1. */ -#if 0 -typedef int ssize_t; /* POSIX names. */ -#endif - -/* - * If your system doesn't have the POSIX type for a signal mask, - * change the 0 to a 1. - */ -#if 0 /* POSIX 1003.1 signal mask type. */ -typedef unsigned int sigset_t; -#endif - -/* - * If your system's vsprintf returns a char *, not an int, - * change the 0 to a 1. - */ -#if defined (__sun) && !defined(__SVR4) /* SUNOS */ -#define VSPRINTF_CHARSTAR -#endif -/* - * If you don't have POSIX 1003.1 signals, the signal code surrounding the - * temporary file creation is intended to block all of the possible signals - * long enough to create the file and unlink it. All of this stuff is - * intended to use old-style BSD calls to fake POSIX 1003.1 calls. - */ -#ifdef NO_POSIX_SIGNALS -#define sigemptyset(set) (*(set) = 0) -#define sigfillset(set) (*(set) = ~(sigset_t)0, 0) -#define sigaddset(set,signo) (*(set) |= sigmask(signo), 0) -#define sigdelset(set,signo) (*(set) &= ~sigmask(signo), 0) -#define sigismember(set,signo) ((*(set) & sigmask(signo)) != 0) - -#define SIG_BLOCK 1 -#define SIG_UNBLOCK 2 -#define SIG_SETMASK 3 - -static int __sigtemp; /* For the use of sigprocmask */ - -/* Repeated test of oset != NULL is to avoid "*0". */ -#define sigprocmask(how, set, oset) \ - ((__sigtemp = \ - (((how) == SIG_BLOCK) ? \ - sigblock(0) | *(set) : \ - (((how) == SIG_UNBLOCK) ? \ - sigblock(0) & ~(*(set)) : \ - ((how) == SIG_SETMASK ? \ - *(set) : sigblock(0))))), \ - ((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) : \ - sigsetmask(__sigtemp)), 0) -#endif - -/* - * If your system doesn't have an include file with the appropriate - * byte order set, make sure you specify the correct one. - */ -#ifndef BYTE_ORDER -#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax */ -#define BIG_ENDIAN 4321 /* MSB first: 68000, ibm, net */ -#define BYTE_ORDER BIG_ENDIAN /* Set for your system. */ -#endif - -#if defined(SYSV) || defined(SYSTEM5) || defined(__sun) -#define index(a, b) strchr(a, b) -#define rindex(a, b) strrchr(a, b) -#define bzero(a, b) memset(a, 0, b) -#define bcmp(a, b, n) memcmp(a, b, n) -#define bcopy(a, b, n) memmove(b, a, n) -#endif - -#if defined(BSD) || defined(BSD4_3) -#define strchr(a, b) index(a, b) -#define strrchr(a, b) rindex(a, b) -#define memcmp(a, b, n) bcmp(a, b, n) -#define memmove(a, b, n) bcopy(b, a, n) -#endif - -/* - * 32-bit machine. The db routines are theoretically independent of - * the size of u_shorts and u_longs, but I don't know that anyone has - * ever actually tried it. At a minimum, change the following #define's - * if you are trying to compile on a different type of system. - */ -#ifndef USHRT_MAX -#define USHRT_MAX 0xFFFF -#define ULONG_MAX 0xFFFFFFFF -#endif - -#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */ -#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR) -#endif - -#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 RE limit. */ -#define _POSIX2_RE_DUP_MAX 255 -#endif - -/* - * If you can't provide lock values in the open(2) call. Note, this - * allows races to happen. - */ -#ifndef O_EXLOCK /* 4.4BSD extension. */ -#define O_EXLOCK 0 -#endif - -#ifndef O_SHLOCK /* 4.4BSD extension. */ -#define O_SHLOCK 0 -#endif - -#ifndef EFTYPE -#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */ -#endif - -#ifndef WCOREDUMP /* 4.4BSD extension */ -#define WCOREDUMP(a) 0 -#endif - -#ifndef STDERR_FILENO -#define STDIN_FILENO 0 /* ANSI C #defines */ -#define STDOUT_FILENO 1 -#define STDERR_FILENO 2 -#endif - -#ifndef SEEK_END -#define SEEK_SET 0 /* POSIX 1003.1 seek values */ -#define SEEK_CUR 1 -#define SEEK_END 2 -#endif - -#ifndef _POSIX_VDISABLE /* POSIX 1003.1 disabling char. */ -#define _POSIX_VDISABLE 0 /* Some systems used 0. */ -#endif - -#ifndef TCSASOFT /* 4.4BSD extension. */ -#define TCSASOFT 0 -#endif - -#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 values. */ -#define _POSIX2_RE_DUP_MAX 255 -#endif - -#ifndef NULL /* ANSI C #defines NULL everywhere. */ -#define NULL 0 -#endif - -#ifndef MAX /* Usually found in . */ -#define MAX(_a,_b) ((_a)<(_b)?(_b):(_a)) -#endif -#ifndef MIN /* Usually found in . */ -#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b)) -#endif - -/* Default file permissions. */ -#ifndef DEFFILEMODE /* 4.4BSD extension. */ -#define DEFFILEMODE (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH) -#endif - -#ifndef __sun -#ifndef S_ISDIR /* POSIX 1003.1 file type tests. */ -#define S_ISDIR(m) ((m & 0170000) == 0040000) /* directory */ -#define S_ISCHR(m) ((m & 0170000) == 0020000) /* char special */ -#define S_ISBLK(m) ((m & 0170000) == 0060000) /* block special */ -#define S_ISREG(m) ((m & 0170000) == 0100000) /* regular file */ -#define S_ISFIFO(m) ((m & 0170000) == 0010000) /* fifo */ -#endif -#ifndef S_ISLNK /* BSD POSIX 1003.1 extensions */ -#define S_ISLNK(m) ((m & 0170000) == 0120000) /* symbolic link */ -#define S_ISSOCK(m) ((m & 0170000) == 0140000) /* socket */ -#endif -#endif /* __sun */ - -/* The type of a va_list. */ -#ifndef _BSD_VA_LIST_ /* 4.4BSD #define. */ -#define _BSD_VA_LIST_ char * -#endif - -#endif /* !_COMPAT_H_ */ diff --git a/dbm/include/ndbm.h b/dbm/include/ndbm.h deleted file mode 100644 index 7ad5f1a23c..0000000000 --- a/dbm/include/ndbm.h +++ /dev/null @@ -1,77 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ndbm.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _NDBM_H_ -#define _NDBM_H_ - -#include "mcom_db.h" - -/* Map dbm interface onto db(3). */ -#define DBM_RDONLY O_RDONLY - -/* Flags to dbm_store(). */ -#define DBM_INSERT 0 -#define DBM_REPLACE 1 - -/* - * The db(3) support for ndbm(3) always appends this suffix to the - * file name to avoid overwriting the user's original database. - */ -#define DBM_SUFFIX ".db" - -typedef struct { - char *dptr; - int dsize; -} datum; - -typedef DB DBM; -#define dbm_pagfno(a) DBM_PAGFNO_NOT_AVAILABLE - -__BEGIN_DECLS -void dbm_close (DBM *); -int dbm_delete (DBM *, datum); -datum dbm_fetch (DBM *, datum); -datum dbm_firstkey (DBM *); -long dbm_forder (DBM *, datum); -datum dbm_nextkey (DBM *); -DBM *dbm_open (const char *, int, int); -int dbm_store (DBM *, datum, datum, int); -int dbm_dirfno (DBM *); -__END_DECLS - -#endif /* !_NDBM_H_ */ diff --git a/dbm/include/nsres.h b/dbm/include/nsres.h deleted file mode 100644 index f3f4e2d1a9..0000000000 --- a/dbm/include/nsres.h +++ /dev/null @@ -1,41 +0,0 @@ -#ifndef NSRES_H -#define NSRES_H -#include "mcom_db.h" - -__BEGIN_DECLS - -/* C version */ -#define NSRESHANDLE void * - -typedef void (*NSRESTHREADFUNC)(void *); - -typedef struct NSRESTHREADINFO -{ - void *lock; - NSRESTHREADFUNC fn_lock; - NSRESTHREADFUNC fn_unlock; -} NSRESTHREADINFO; - -#define MAXBUFNUM 10 -#define MAXSTRINGLEN 300 - -#define NSRES_CREATE 1 -#define NSRES_OPEN 2 - - - -NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo); -NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo); -void NSResCloseTable(NSRESHANDLE handle); - -char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id, - unsigned int charsetid, char *retbuf); -int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id); -int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf); -int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, const char *string, unsigned int charset); - -__END_DECLS - - -#endif - diff --git a/dbm/include/page.h b/dbm/include/page.h deleted file mode 100644 index faf2b815bf..0000000000 --- a/dbm/include/page.h +++ /dev/null @@ -1,96 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)page.h 8.2 (Berkeley) 5/31/94 - */ - -/* - * Definitions for hashing page file format. - */ - -/* - * routines dealing with a data page - * - * page format: - * +------------------------------+ - * p | n | keyoff | datoff | keyoff | - * +------------+--------+--------+ - * | datoff | free | ptr | --> | - * +--------+---------------------+ - * | F R E E A R E A | - * +--------------+---------------+ - * | <---- - - - | data | - * +--------+-----+----+----------+ - * | key | data | key | - * +--------+----------+----------+ - * - * Pointer to the free space is always: p[p[0] + 2] - * Amount of free space on the page is: p[p[0] + 1] - */ - -/* - * How many bytes required for this pair? - * 2 shorts in the table at the top of the page + room for the - * key and room for the data - * - * We prohibit entering a pair on a page unless there is also room to append - * an overflow page. The reason for this it that you can get in a situation - * where a single key/data pair fits on a page, but you can't append an - * overflow page and later you'd have to split the key/data and handle like - * a big pair. - * You might as well do this up front. - */ -#ifndef PAGE_H -#define PAGE_H - -#define PAIRSIZE(K,D) (2*sizeof(uint16) + (K)->size + (D)->size) -#define BIGOVERHEAD (4*sizeof(uint16)) -#define KEYSIZE(K) (4*sizeof(uint16) + (K)->size); -#define OVFLSIZE (2*sizeof(uint16)) -#define FREESPACE(P) ((P)[(P)[0]+1]) -#define OFFSET(P) ((P)[(P)[0]+2]) -#define PAIRFITS(P,K,D) \ - (((P)[2] >= REAL_KEY) && \ - (PAIRSIZE((K),(D)) + OVFLSIZE) <= FREESPACE((P))) -#define PAGE_META(N) (((N)+3) * sizeof(uint16)) - -typedef struct { - BUFHEAD *newp; - BUFHEAD *oldp; - BUFHEAD *nextp; - uint16 next_addr; -} SPLIT_RETURN; -#endif - diff --git a/dbm/include/queue.h b/dbm/include/queue.h deleted file mode 100644 index 40d32ccb6e..0000000000 --- a/dbm/include/queue.h +++ /dev/null @@ -1,245 +0,0 @@ -/* - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)queue.h 8.3 (Berkeley) 12/13/93 - */ - -#ifndef _QUEUE_H_ -#define _QUEUE_H_ - -/* - * This file defines three types of data structures: lists, tail queues, - * and circular queues. - * - * A list is headed by a single forward pointer (or an array of forward - * pointers for a hash table header). The elements are doubly linked - * so that an arbitrary element can be removed without a need to - * traverse the list. New elements can be added to the list after - * an existing element or at the head of the list. A list may only be - * traversed in the forward direction. - * - * A tail queue is headed by a pair of pointers, one to the head of the - * list and the other to the tail of the list. The elements are doubly - * linked so that an arbitrary element can be removed without a need to - * traverse the list. New elements can be added to the list after - * an existing element, at the head of the list, or at the end of the - * list. A tail queue may only be traversed in the forward direction. - * - * A circle queue is headed by a pair of pointers, one to the head of the - * list and the other to the tail of the list. The elements are doubly - * linked so that an arbitrary element can be removed without a need to - * traverse the list. New elements can be added to the list before or after - * an existing element, at the head of the list, or at the end of the list. - * A circle queue may be traversed in either direction, but has a more - * complex end of list detection. - * - * For details on the use of these macros, see the queue(3) manual page. - */ - -/* - * List definitions. - */ -#define LIST_HEAD(name, type) \ -struct name { \ - struct type *lh_first; /* first element */ \ -} - -#define LIST_ENTRY(type) \ -struct { \ - struct type *le_next; /* next element */ \ - struct type **le_prev; /* address of previous next element */ \ -} - -/* - * List functions. - */ -#define LIST_INIT(head) { \ - (head)->lh_first = NULL; \ -} - -#define LIST_INSERT_AFTER(listelm, elm, field) { \ - if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \ - (listelm)->field.le_next->field.le_prev = \ - &(elm)->field.le_next; \ - (listelm)->field.le_next = (elm); \ - (elm)->field.le_prev = &(listelm)->field.le_next; \ -} - -#define LIST_INSERT_HEAD(head, elm, field) { \ - if (((elm)->field.le_next = (head)->lh_first) != NULL) \ - (head)->lh_first->field.le_prev = &(elm)->field.le_next;\ - (head)->lh_first = (elm); \ - (elm)->field.le_prev = &(head)->lh_first; \ -} - -#define LIST_REMOVE(elm, field) { \ - if ((elm)->field.le_next != NULL) \ - (elm)->field.le_next->field.le_prev = \ - (elm)->field.le_prev; \ - *(elm)->field.le_prev = (elm)->field.le_next; \ -} - -/* - * Tail queue definitions. - */ -#define TAILQ_HEAD(name, type) \ -struct name { \ - struct type *tqh_first; /* first element */ \ - struct type **tqh_last; /* addr of last next element */ \ -} - -#define TAILQ_ENTRY(type) \ -struct { \ - struct type *tqe_next; /* next element */ \ - struct type **tqe_prev; /* address of previous next element */ \ -} - -/* - * Tail queue functions. - */ -#define TAILQ_INIT(head) { \ - (head)->tqh_first = NULL; \ - (head)->tqh_last = &(head)->tqh_first; \ -} - -#define TAILQ_INSERT_HEAD(head, elm, field) { \ - if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ - (elm)->field.tqe_next->field.tqe_prev = \ - &(elm)->field.tqe_next; \ - else \ - (head)->tqh_last = &(elm)->field.tqe_next; \ - (head)->tqh_first = (elm); \ - (elm)->field.tqe_prev = &(head)->tqh_first; \ -} - -#define TAILQ_INSERT_TAIL(head, elm, field) { \ - (elm)->field.tqe_next = NULL; \ - (elm)->field.tqe_prev = (head)->tqh_last; \ - *(head)->tqh_last = (elm); \ - (head)->tqh_last = &(elm)->field.tqe_next; \ -} - -#define TAILQ_INSERT_AFTER(head, listelm, elm, field) { \ - if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ - (elm)->field.tqe_next->field.tqe_prev = \ - &(elm)->field.tqe_next; \ - else \ - (head)->tqh_last = &(elm)->field.tqe_next; \ - (listelm)->field.tqe_next = (elm); \ - (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ -} - -#define TAILQ_REMOVE(head, elm, field) { \ - if (((elm)->field.tqe_next) != NULL) \ - (elm)->field.tqe_next->field.tqe_prev = \ - (elm)->field.tqe_prev; \ - else \ - (head)->tqh_last = (elm)->field.tqe_prev; \ - *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ -} - -/* - * Circular queue definitions. - */ -#define CIRCLEQ_HEAD(name, type) \ -struct name { \ - struct type *cqh_first; /* first element */ \ - struct type *cqh_last; /* last element */ \ -} - -#define CIRCLEQ_ENTRY(type) \ -struct { \ - struct type *cqe_next; /* next element */ \ - struct type *cqe_prev; /* previous element */ \ -} - -/* - * Circular queue functions. - */ -#define CIRCLEQ_INIT(head) { \ - (head)->cqh_first = (void *)(head); \ - (head)->cqh_last = (void *)(head); \ -} - -#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) { \ - (elm)->field.cqe_next = (listelm)->field.cqe_next; \ - (elm)->field.cqe_prev = (listelm); \ - if ((listelm)->field.cqe_next == (void *)(head)) \ - (head)->cqh_last = (elm); \ - else \ - (listelm)->field.cqe_next->field.cqe_prev = (elm); \ - (listelm)->field.cqe_next = (elm); \ -} - -#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) { \ - (elm)->field.cqe_next = (listelm); \ - (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \ - if ((listelm)->field.cqe_prev == (void *)(head)) \ - (head)->cqh_first = (elm); \ - else \ - (listelm)->field.cqe_prev->field.cqe_next = (elm); \ - (listelm)->field.cqe_prev = (elm); \ -} - -#define CIRCLEQ_INSERT_HEAD(head, elm, field) { \ - (elm)->field.cqe_next = (head)->cqh_first; \ - (elm)->field.cqe_prev = (void *)(head); \ - if ((head)->cqh_last == (void *)(head)) \ - (head)->cqh_last = (elm); \ - else \ - (head)->cqh_first->field.cqe_prev = (elm); \ - (head)->cqh_first = (elm); \ -} - -#define CIRCLEQ_INSERT_TAIL(head, elm, field) { \ - (elm)->field.cqe_next = (void *)(head); \ - (elm)->field.cqe_prev = (head)->cqh_last; \ - if ((head)->cqh_first == (void *)(head)) \ - (head)->cqh_first = (elm); \ - else \ - (head)->cqh_last->field.cqe_next = (elm); \ - (head)->cqh_last = (elm); \ -} - -#define CIRCLEQ_REMOVE(head, elm, field) { \ - if ((elm)->field.cqe_next == (void *)(head)) \ - (head)->cqh_last = (elm)->field.cqe_prev; \ - else \ - (elm)->field.cqe_next->field.cqe_prev = \ - (elm)->field.cqe_prev; \ - if ((elm)->field.cqe_prev == (void *)(head)) \ - (head)->cqh_first = (elm)->field.cqe_next; \ - else \ - (elm)->field.cqe_prev->field.cqe_next = \ - (elm)->field.cqe_next; \ -} -#endif /* !_QUEUE_H_ */ diff --git a/dbm/include/search.h b/dbm/include/search.h deleted file mode 100644 index ff58b1c155..0000000000 --- a/dbm/include/search.h +++ /dev/null @@ -1,51 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)search.h 8.1 (Berkeley) 6/4/93 - */ - -/* Backward compatibility to hsearch interface. */ -typedef struct entry { - char *key; - char *data; -} ENTRY; - -typedef enum { - FIND, ENTER -} ACTION; - -int hcreate (unsigned int); -void hdestroy (void); -ENTRY *hsearch (ENTRY, ACTION); diff --git a/dbm/include/watcomfx.h b/dbm/include/watcomfx.h deleted file mode 100644 index 3020e9de91..0000000000 --- a/dbm/include/watcomfx.h +++ /dev/null @@ -1,26 +0,0 @@ -#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__) -#ifndef __WATCOM_FIX_H__ -#define __WATCOM_FIX_H__ 1 -/* - * WATCOM's C compiler doesn't default to "__cdecl" conventions for external - * symbols and functions. Rather than adding an explicit __cdecl modifier to - * every external symbol and function declaration and definition, we use the - * following pragma to (attempt to) change WATCOM c's default to __cdecl. - * These pragmas were taken from pages 180-181, 266 & 269 of the - * Watcom C/C++ version 11 User's Guide, 3rd edition. - */ -#if defined(XP_WIN16) || defined(WIN16) -#pragma aux default "_*" \ - parm caller [] \ - value struct float struct routine [ax] \ - modify [ax bx cx dx es] -#else -#pragma aux default "_*" \ - parm caller [] \ - value struct float struct routine [eax] \ - modify [eax ecx edx] -#endif -#pragma aux default far - -#endif /* once */ -#endif /* WATCOM compiler */ diff --git a/dbm/include/winfile.h b/dbm/include/winfile.h deleted file mode 100644 index 1fd54d5789..0000000000 --- a/dbm/include/winfile.h +++ /dev/null @@ -1,106 +0,0 @@ - -/* --------------------------------------------------------------------------- - Stuff to fake unix file I/O on windows boxes - ------------------------------------------------------------------------*/ - -#ifndef WINFILE_H -#define WINFILE_H - -#ifdef _WINDOWS -/* hacked out of on an SGI */ -#if defined(XP_WIN32) || defined(_WIN32) -/* 32-bit stuff here */ -#include -#include -#ifdef __MINGW32__ -#include -#include -#else -#include -#include -#endif - -typedef struct DIR_Struct { - void * directoryPtr; - WIN32_FIND_DATA data; -} DIR; - -#define _ST_FSTYPSZ 16 - -#if !defined(__BORLANDC__) && !defined(__GNUC__) - typedef unsigned long mode_t; - typedef long uid_t; - typedef long gid_t; - typedef long off_t; - typedef unsigned long nlink_t; -#endif - -typedef struct timestruc { - time_t tv_sec; /* seconds */ - long tv_nsec; /* and nanoseconds */ -} timestruc_t; - - -struct dirent { /* data from readdir() */ - ino_t d_ino; /* inode number of entry */ - off_t d_off; /* offset of disk direntory entry */ - unsigned short d_reclen; /* length of this record */ - char d_name[_MAX_FNAME]; /* name of file */ -}; - -#if !defined(__BORLANDC__) && !defined (__GNUC__) -#define S_ISDIR(s) ((s) & _S_IFDIR) -#endif - -#else /* _WIN32 */ -/* 16-bit windows stuff */ - -#include -#include -#include - - - -/* Getting cocky to support multiple file systems */ -typedef struct dirStruct_tag { - struct _find_t file_data; - char c_checkdrive; -} dirStruct; - -typedef struct DIR_Struct { - void * directoryPtr; - dirStruct data; -} DIR; - -#define _ST_FSTYPSZ 16 -typedef unsigned long mode_t; -typedef long uid_t; -typedef long gid_t; -typedef long off_t; -typedef unsigned long nlink_t; - -typedef struct timestruc { - time_t tv_sec; /* seconds */ - long tv_nsec; /* and nanoseconds */ -} timestruc_t; - -struct dirent { /* data from readdir() */ - ino_t d_ino; /* inode number of entry */ - off_t d_off; /* offset of disk direntory entry */ - unsigned short d_reclen; /* length of this record */ -#ifdef XP_WIN32 - char d_name[_MAX_FNAME]; /* name of file */ -#else - char d_name[20]; /* name of file */ -#endif -}; - -#define S_ISDIR(s) ((s) & _S_IFDIR) - -#endif /* 16-bit windows */ - -#define CONST const - -#endif /* _WINDOWS */ - -#endif /* WINFILE_H */ diff --git a/dbm/macbuild/DBM.Prefix b/dbm/macbuild/DBM.Prefix deleted file mode 100644 index bace25e50c..0000000000 --- a/dbm/macbuild/DBM.Prefix +++ /dev/null @@ -1,33 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- - * - * The contents of this file are subject to the Netscape Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - */ - -// -// DBM.Prefix -// -// Global prefix file for the non-debug DBM project. -// -// - - -#include "MacPrefix.h" -#include "DBMConfig.h" - diff --git a/dbm/macbuild/DBM.xml b/dbm/macbuild/DBM.xml deleted file mode 100644 index 3750689252..0000000000 --- a/dbm/macbuild/DBM.xml +++ /dev/null @@ -1,4326 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -]> - - - - - DBM.shlb - - - - UserSourceTrees - - - AlwaysSearchUserPathsfalse - InterpretDOSAndUnixPathsfalse - RequireFrameworkStyleIncludesfalse - UserSearchPaths - - SearchPath - Path: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path::src: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client_stubs: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SystemSearchPaths - - SearchPath - Path:MSL: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:MacOS Support: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - - - MWRuntimeSettings_WorkingDirectory - MWRuntimeSettings_CommandLine - MWRuntimeSettings_HostApplication - Path - PathFormatGeneric - PathRootAbsolute - - MWRuntimeSettings_EnvVars - - - LinkerMacOS PPC Linker - PreLinker - PostLinker - TargetnameDBM.shlb - OutputDirectory - Path: - PathFormatMacOS - PathRootProject - - SaveEntriesUsingRelativePathsfalse - - - FileMappings - - FileTypeAPPL - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeAppl - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeMMLB - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMPLF - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMWCD - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeRSRC - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cc - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cpp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.exp - Compiler - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.h - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMaketrue - - - FileTypeTEXT - FileExtension.p - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pas - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.ppu - CompilerMW Pascal PPC - EditLanguage - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.r - CompilerRez - EditLanguageRez - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.s - CompilerPPCAsm - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeXCOF - FileExtension - CompilerXCOFF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypedocu - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypersrc - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeshlb - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypestub - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileExtension.doc - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFilefalse - IgnoredByMaketrue - - - - - CacheModDatesfalse - ActivateBrowsertrue - DumpBrowserInfofalse - CacheSubprojectstrue - UseThirdPartyDebuggerfalse - DebuggerAppPath - Path - PathFormatGeneric - PathRootAbsolute - - DebuggerCmdLineArgs - DebuggerWorkingDir - Path - PathFormatGeneric - PathRootAbsolute - - - - LogSystemMessagestrue - AutoTargetDLLsfalse - StopAtWatchpointstrue - PauseWhileRunningfalse - PauseInterval5 - PauseUIFlags0 - AltExePath - Path - PathFormatGeneric - PathRootAbsolute - - StopAtTempBPOnLaunchtrue - CacheSymbolicstrue - TempBPFunctionNamemain - TempBPType0 - - - Enabledfalse - ConnectionName - DownloadPath - LaunchRemoteAppfalse - RemoteAppPath - - - OtherExecutables - - - CustomColor1 - Red0 - Green32767 - Blue0 - - CustomColor2 - Red0 - Green32767 - Blue0 - - CustomColor3 - Red0 - Green32767 - Blue0 - - CustomColor4 - Red0 - Green32767 - Blue0 - - - - MWFrontEnd_C_cplusplus0 - MWFrontEnd_C_checkprotos0 - MWFrontEnd_C_arm0 - MWFrontEnd_C_trigraphs0 - MWFrontEnd_C_onlystdkeywords0 - MWFrontEnd_C_enumsalwaysint1 - MWFrontEnd_C_mpwpointerstyle0 - MWFrontEnd_C_prefixnameDBM.Prefix - MWFrontEnd_C_ansistrict0 - MWFrontEnd_C_mpwcnewline0 - MWFrontEnd_C_wchar_type1 - MWFrontEnd_C_enableexceptions1 - MWFrontEnd_C_dontreusestrings0 - MWFrontEnd_C_poolstrings0 - MWFrontEnd_C_dontinline0 - MWFrontEnd_C_useRTTI0 - MWFrontEnd_C_multibyteaware0 - MWFrontEnd_C_unsignedchars0 - MWFrontEnd_C_autoinline0 - MWFrontEnd_C_booltruefalse0 - MWFrontEnd_C_direct_to_som0 - MWFrontEnd_C_som_env_check0 - MWFrontEnd_C_alwaysinline0 - MWFrontEnd_C_inlinelevel0 - MWFrontEnd_C_ecplusplus0 - MWFrontEnd_C_objective_c0 - MWFrontEnd_C_defer_codegen0 - - - MWWarning_C_warn_illpragma1 - MWWarning_C_warn_emptydecl1 - MWWarning_C_warn_possunwant1 - MWWarning_C_warn_unusedvar1 - MWWarning_C_warn_unusedarg1 - MWWarning_C_warn_extracomma1 - MWWarning_C_pedantic1 - MWWarning_C_warningerrors0 - MWWarning_C_warn_hidevirtual1 - MWWarning_C_warn_implicitconv0 - MWWarning_C_warn_notinlined0 - MWWarning_C_warn_structclass0 - - - MWFTP_Post_hostName - MWFTP_Post_username - MWFTP_Post_password0 - MWFTP_Post_remoteDir - MWFTP_Post_ftp_PathVersion1 - MWFTP_Post_ftp_PathType0 - MWFTP_Post_ftp_PathFormat0 - MWFTP_Post_ftp_tree - MWFTP_Post_uploadDir - MWFTP_Post_ftp_port21 - MWFTP_Post_SendBin1 - MWFTP_Post_ShouldLog1 - - - MWCommandLine_Java_clsName - MWCommandLine_Java_args - - - MWVJavaDebugging_Protocol1 - MWVJavaDebugging_JDKVersion1 - MWVJavaDebugging_TimeOut10 - MWVJavaDebugging_SupportSlowDevicesfalse - - - MWJava_Language_optimizefalse - MWJava_Language_warnDeprecatedfalse - MWJava_Language_emitMapfalse - MWJava_Language_strictFileNamesfalse - MWJava_Language_strictFileHierarchyfalse - MWJava_Language_1_1_Compatiblefalse - MWJava_Language_emitHeaders0 - MWJava_Language_headerTypeJNINativeHeaders - MWJava_Language_packageFilter - MWJava_Language_genCommentstrue - MWJava_Language_genHeadersfalse - - - MWJava_MRJAppBuilder_outFileMRJApplication - MWJava_MRJAppBuilder_mergefalse - MWJava_MRJAppBuilder_quitMenutrue - MWJava_MRJAppBuilder_growfalse - MWJava_MRJAppBuilder_stdoutTypeConsole - MWJava_MRJAppBuilder_stderrTypeConsole - MWJava_MRJAppBuilder_stdinTypeConsole - MWJava_MRJAppBuilder_appIconPVersion0 - MWJava_MRJAppBuilder_appIconPType0 - MWJava_MRJAppBuilder_appIconPFormat0 - MWJava_MRJAppBuilder_appIconPTree - MWJava_MRJAppBuilder_appIconFile - MWJava_MRJAppBuilder_splashScreenPVersion0 - MWJava_MRJAppBuilder_splashScreenPType0 - MWJava_MRJAppBuilder_splashScreenPFormat0 - MWJava_MRJAppBuilder_splashScreenPTree - MWJava_MRJAppBuilder_splashScreenPICTFile - MWJava_MRJAppBuilder_aboutName - MWJava_MRJAppBuilder_stdoutPVersion0 - MWJava_MRJAppBuilder_stdoutPType0 - MWJava_MRJAppBuilder_stdoutPFormat0 - MWJava_MRJAppBuilder_stdoutPTree - MWJava_MRJAppBuilder_stdoutFile - MWJava_MRJAppBuilder_stdoutAppendfalse - MWJava_MRJAppBuilder_stderrPType0 - MWJava_MRJAppBuilder_stderrPFormat0 - MWJava_MRJAppBuilder_stderrPTree - MWJava_MRJAppBuilder_stderrFile - MWJava_MRJAppBuilder_stderrAppendfalse - MWJava_MRJAppBuilder_stdinPType0 - MWJava_MRJAppBuilder_stdinPFormat0 - MWJava_MRJAppBuilder_stdinPTree - MWJava_MRJAppBuilder_stdinFile - - - MWJava_Output_outputtypeJarFile - MWJava_Output_outfileJavaClasses.jar - MWJava_Output_ftype1514754080 - MWJava_Output_fcreator1297570384 - MWJava_Output_compress0 - MWJava_Output_genManifest0 - MWJava_Output_trunctypeFront - MWJava_Output_deleteClasses0 - MWJava_Output_consoleApp1 - - - MWJava_Proj_projtypeApplet - MWJava_Proj_mainClassName - MWJava_Proj_HTMLAppCreator1463898714 - MWJava_Proj_HTMLAppName - MWJava_Proj_PathVersion0 - MWJava_Proj_PathType0 - MWJava_Proj_PathFormat0 - MWJava_Proj_tree - MWJava_Proj_HTMLAppWin32Name - MWJava_Proj_compress0 - MWJava_Proj_useVM1 - MWJava_Proj_vmarguments - MWJava_Proj_vmName - MWJava_Proj_simPropFile - - - MWJavaDoc_Proj_Version1 - MWJavaDoc_Proj_Depricated1 - MWJavaDoc_Proj_Author1 - MWJavaDoc_Proj_Index1 - MWJavaDoc_Proj_Tree1 - MWJavaDoc_Proj_SunResolveToSame0 - MWJavaDoc_Proj_Shortnames1 - MWJavaDoc_Proj_Folder0 - MWJavaDoc_Proj_GenerateAPILinks0 - MWJavaDoc_Proj_scopePublic - MWJavaDoc_Proj_fcreator1297303877 - MWJavaDoc_Proj_encodingName - MWJavaDoc_Proj_decodingName - MWJavaDoc_Proj_javaPackagePathhttp://java.sun.com/products/jdk/1.1/docs/api/ - - - MWMerge_MacOS_projectTypeApplication - MWMerge_MacOS_outputNameMerge Out - MWMerge_MacOS_outputCreator???? - MWMerge_MacOS_outputTypeAPPL - MWMerge_MacOS_suppressWarning0 - MWMerge_MacOS_copyFragments1 - MWMerge_MacOS_copyResources1 - MWMerge_MacOS_flattenResource0 - MWMerge_MacOS_flatFileNamea.rsrc - MWMerge_MacOS_flatFileOutputPath - Path: - PathFormatMacOS - PathRootProject - - MWMerge_MacOS_skipResources - DLGX - ckid - Proj - WSPC - - - - FileLockedfalse - ResourcesMapIsReadOnlyfalse - PrinterDriverIsMultiFinderCompatiblefalse - Invisiblefalse - HasBundlefalse - NameLockedfalse - Stationeryfalse - HasCustomIconfalse - Sharedfalse - HasBeenInitedfalse - Label0 - Comments - - - MWMacOSPackager_UsePackager0 - MWMacOSPackager_FolderToPackage - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreateClassicAlias0 - MWMacOSPackager_ClassicAliasMethodUseTargetOutput - MWMacOSPackager_ClassicAliasPath - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreatePkgInfo0 - MWMacOSPackager_PkgCreatorType???? - MWMacOSPackager_PkgFileTypeAPPL - - - MWCodeGen_PPC_structalignmentPPC - MWCodeGen_PPC_tracebacktablesNone - MWCodeGen_PPC_processorGeneric - MWCodeGen_PPC_readonlystrings1 - MWCodeGen_PPC_tocdata1 - MWCodeGen_PPC_profiler0 - MWCodeGen_PPC_fpcontract1 - MWCodeGen_PPC_schedule0 - MWCodeGen_PPC_peephole0 - MWCodeGen_PPC_processorspecific0 - MWCodeGen_PPC_altivec0 - MWCodeGen_PPC_vectortocdata0 - MWCodeGen_PPC_vrsave0 - - - MWCodeGen_MachO_structalignmentPPC - MWCodeGen_MachO_tracebacktablesNone - MWCodeGen_MachO_processorGeneric - MWCodeGen_MachO_readonlystrings0 - MWCodeGen_MachO_profiler0 - MWCodeGen_MachO_fpcontract1 - MWCodeGen_MachO_schedule0 - MWCodeGen_MachO_peephole1 - MWCodeGen_MachO_processorspecific0 - MWCodeGen_MachO_altivec0 - MWCodeGen_MachO_vrsave1 - MWCodeGen_MachO_common0 - MWCodeGen_MachO_implicit_templates1 - - - MWDisassembler_PPC_showcode1 - MWDisassembler_PPC_extended1 - MWDisassembler_PPC_mix0 - MWDisassembler_PPC_nohex0 - MWDisassembler_PPC_showdata1 - MWDisassembler_PPC_showexceptions1 - MWDisassembler_PPC_showsym0 - MWDisassembler_PPC_shownames1 - - - GlobalOptimizer_PPC_optimizationlevelLevel4 - GlobalOptimizer_PPC_optforSpeed - - - MWLinker_PPC_linksym1 - MWLinker_PPC_symfullpath1 - MWLinker_PPC_linkmap0 - MWLinker_PPC_nolinkwarnings0 - MWLinker_PPC_dontdeadstripinitcode0 - MWLinker_PPC_permitmultdefs1 - MWLinker_PPC_linkmodeFast - MWLinker_PPC_initname - MWLinker_PPC_mainname - MWLinker_PPC_termname - - - MWLinker_MachO_exportsNone - MWLinker_MachO_mainnamestart - MWLinker_MachO_currentversion0 - MWLinker_MachO_compatibleversion0 - MWLinker_MachO_symfullpath0 - MWLinker_MachO_supresswarnings0 - MWLinker_MachO_multisymerror0 - MWLinker_MachO_prebind1 - MWLinker_MachO_deadstrip1 - MWLinker_MachO_objectivecsemantics0 - MWLinker_MachO_whichfileloaded0 - MWLinker_MachO_whyfileloaded0 - MWLinker_MachO_readonlyrelocsErrors - MWLinker_MachO_undefinedsymbolsErrors - MWLinker_MachO_twolevelnamespace1 - MWLinker_MachO_stripdebugsymbols0 - - - MWProject_MachO_typeExecutable - MWProject_MachO_outfilea.exe - MWProject_MachO_filecreator???? - MWProject_MachO_filetypeMEXE - MWProject_MachO_stacksize64 - MWProject_MachO_stackaddress0 - MWProject_MachO_flatrsrc1 - MWProject_MachO_flatrsrcfilenamea.rsrc - MWProject_MachO_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_MachO_installpath./ - - - MWPEF_exportsPragma - MWPEF_libfolder0 - MWPEF_sortcodeNone - MWPEF_expandbss0 - MWPEF_sharedata0 - MWPEF_olddefversion0 - MWPEF_oldimpversion0 - MWPEF_currentversion100 - MWPEF_fragmentnameDBM - MWPEF_collapsereloads0 - - - MWProject_PPC_typeSharedLibrary - MWProject_PPC_outfileDBM.shlb - MWProject_PPC_filecreatorMOZZ - MWProject_PPC_filetypeshlb - MWProject_PPC_size0 - MWProject_PPC_minsize0 - MWProject_PPC_stacksize0 - MWProject_PPC_flags0 - MWProject_PPC_symfilename - MWProject_PPC_rsrcname - MWProject_PPC_rsrcheaderNative - MWProject_PPC_rsrctype???? - MWProject_PPC_rsrcid0 - MWProject_PPC_rsrcflags0 - MWProject_PPC_rsrcstore0 - MWProject_PPC_rsrcmerge0 - MWProject_PPC_flatrsrc0 - MWProject_PPC_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_PPC_flatrsrcfilename - - - MWAssembler_PPC_auxheader0 - MWAssembler_PPC_symmodeMac - MWAssembler_PPC_dialectPPC - MWAssembler_PPC_prefixfile - MWAssembler_PPC_typecheck0 - MWAssembler_PPC_warnings0 - MWAssembler_PPC_casesensitive0 - - - MWRez_Language_maxwidth80 - MWRez_Language_scriptRoman - MWRez_Language_alignmentAlign1 - MWRez_Language_filtermodeFilterSkip - MWRez_Language_suppresswarnings0 - MWRez_Language_escapecontrolchars1 - MWRez_Language_prefixname - MWRez_Language_filteredtypes'CODE' 'DATA' 'PICT' - - - MWWinRC_prefixname - - - MWCodeGen_X86_processorGeneric - MWCodeGen_X86_alignmentbytes8 - MWCodeGen_X86_exceptionsZeroOverhead - MWCodeGen_X86_extinst_mmx0 - MWCodeGen_X86_extinst_3dnow0 - MWCodeGen_X86_use_mmx_3dnow_convention0 - MWCodeGen_X86_machinecodelisting0 - MWCodeGen_X86_intrinsics0 - MWCodeGen_X86_syminfo0 - MWCodeGen_X86_codeviewinfo1 - MWCodeGen_X86_extinst_cmov_fcomi0 - MWCodeGen_X86_extinst_sse0 - - - PDisasmX86_showHeaderstrue - PDisasmX86_showSymTabtrue - PDisasmX86_showCodetrue - PDisasmX86_showSourcefalse - PDisasmX86_showHextrue - PDisasmX86_showRelocationtrue - PDisasmX86_showCommentsfalse - PDisasmX86_showDebugfalse - PDisasmX86_showExceptionsfalse - PDisasmX86_showDatatrue - PDisasmX86_showRawfalse - PDisasmX86_verbosefalse - - - MWDebugger_X86_Exceptions - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - - - - GlobalOptimizer_X86_optimizationlevelLevel0 - GlobalOptimizer_X86_optforSpeed - - - MWLinker_X86_entrypointusageDefault - MWLinker_X86_entrypoint - MWLinker_X86_subsystemWinGUI - MWLinker_X86_subsysmajorid4 - MWLinker_X86_subsysminorid0 - MWLinker_X86_usrmajorid0 - MWLinker_X86_usrminorid0 - MWLinker_X86_commandfile - MWLinker_X86_generatemap0 - MWLinker_X86_linksym0 - MWLinker_X86_linkCV1 - - - MWProject_X86_typeApplication - MWProject_X86_outfilenoname.exe - MWProject_X86_baseaddress4194304 - MWProject_X86_maxstacksize1024 - MWProject_X86_minstacksize4 - MWProject_X86_size1024 - MWProject_X86_minsize4 - MWProject_X86_importlib - xpidl Settings - 0001000101000000000000000000000000000000000000000000000000000000 - 0000000000000000 - - - - - Name - db.c - MacOS - Text - Debug - - - Name - hash.c - MacOS - Text - Debug - - - Name - hash_buf.c - MacOS - Text - Debug - - - Name - hsearch.c - MacOS - Text - Debug - - - Name - h_bigkey.c - MacOS - Text - Debug - - - Name - h_func.c - MacOS - Text - Debug - - - Name - h_log2.c - MacOS - Text - Debug - - - Name - h_page.c - MacOS - Text - Debug - - - Name - macstubs.c - MacOS - Text - Debug - - - Name - NSStdLibStubs - MacOS - Library - Debug - - - Name - MSL_ShLibRuntime_PPC.Lib - MacOS - Library - Debug - - - Name - MoreFiles.shlb - MacOS - Library - Debug - - - Name - NSPR20.shlb - MacOS - Library - Debug - - - Name - NSRuntime.shlb - MacOS - Library - Debug - - - Name - InterfacesStubs - MacOS - Library - Debug - - - - - Name - db.c - MacOS - - - Name - hash.c - MacOS - - - Name - hash_buf.c - MacOS - - - Name - hsearch.c - MacOS - - - Name - h_bigkey.c - MacOS - - - Name - h_func.c - MacOS - - - Name - h_log2.c - MacOS - - - Name - h_page.c - MacOS - - - Name - macstubs.c - MacOS - - - Name - NSStdLibStubs - MacOS - - - Name - NSPR20.shlb - MacOS - - - Name - NSRuntime.shlb - MacOS - - - Name - MoreFiles.shlb - MacOS - - - Name - MSL_ShLibRuntime_PPC.Lib - MacOS - - - Name - InterfacesStubs - MacOS - - - - - DBMDebug.shlb - - - - UserSourceTrees - - - AlwaysSearchUserPathsfalse - InterpretDOSAndUnixPathsfalse - RequireFrameworkStyleIncludesfalse - UserSearchPaths - - SearchPath - Path: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path::src: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client_debug: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client_stubs: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SystemSearchPaths - - SearchPath - Path:MSL: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:MacOS Support: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - - - MWRuntimeSettings_WorkingDirectory - MWRuntimeSettings_CommandLine - MWRuntimeSettings_HostApplication - Path - PathFormatGeneric - PathRootAbsolute - - MWRuntimeSettings_EnvVars - - - LinkerMacOS PPC Linker - PreLinker - PostLinker - TargetnameDBMDebug.shlb - OutputDirectory - Path: - PathFormatMacOS - PathRootProject - - SaveEntriesUsingRelativePathsfalse - - - FileMappings - - FileTypeAPPL - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeAppl - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeMMLB - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMPLF - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMWCD - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeRSRC - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cc - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cpp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.exp - Compiler - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.h - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMaketrue - - - FileTypeTEXT - FileExtension.p - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pas - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.ppu - CompilerMW Pascal PPC - EditLanguage - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.r - CompilerRez - EditLanguageRez - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.s - CompilerPPCAsm - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeXCOF - FileExtension - CompilerXCOFF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypedocu - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypersrc - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeshlb - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypestub - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileExtension.doc - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFilefalse - IgnoredByMaketrue - - - - - CacheModDatesfalse - ActivateBrowsertrue - DumpBrowserInfofalse - CacheSubprojectstrue - UseThirdPartyDebuggerfalse - DebuggerAppPath - Path - PathFormatGeneric - PathRootAbsolute - - DebuggerCmdLineArgs - DebuggerWorkingDir - Path - PathFormatGeneric - PathRootAbsolute - - - - LogSystemMessagestrue - AutoTargetDLLsfalse - StopAtWatchpointstrue - PauseWhileRunningfalse - PauseInterval5 - PauseUIFlags0 - AltExePath - Path - PathFormatGeneric - PathRootAbsolute - - StopAtTempBPOnLaunchtrue - CacheSymbolicstrue - TempBPFunctionNamemain - TempBPType0 - - - Enabledfalse - ConnectionName - DownloadPath - LaunchRemoteAppfalse - RemoteAppPath - - - OtherExecutables - - - CustomColor1 - Red0 - Green32767 - Blue0 - - CustomColor2 - Red0 - Green32767 - Blue0 - - CustomColor3 - Red0 - Green32767 - Blue0 - - CustomColor4 - Red0 - Green32767 - Blue0 - - - - MWFrontEnd_C_cplusplus0 - MWFrontEnd_C_checkprotos0 - MWFrontEnd_C_arm0 - MWFrontEnd_C_trigraphs0 - MWFrontEnd_C_onlystdkeywords0 - MWFrontEnd_C_enumsalwaysint1 - MWFrontEnd_C_mpwpointerstyle0 - MWFrontEnd_C_prefixnameDBMDebug.Prefix - MWFrontEnd_C_ansistrict0 - MWFrontEnd_C_mpwcnewline0 - MWFrontEnd_C_wchar_type1 - MWFrontEnd_C_enableexceptions0 - MWFrontEnd_C_dontreusestrings0 - MWFrontEnd_C_poolstrings0 - MWFrontEnd_C_dontinline0 - MWFrontEnd_C_useRTTI0 - MWFrontEnd_C_multibyteaware0 - MWFrontEnd_C_unsignedchars0 - MWFrontEnd_C_autoinline0 - MWFrontEnd_C_booltruefalse0 - MWFrontEnd_C_direct_to_som0 - MWFrontEnd_C_som_env_check0 - MWFrontEnd_C_alwaysinline0 - MWFrontEnd_C_inlinelevel0 - MWFrontEnd_C_ecplusplus0 - MWFrontEnd_C_objective_c0 - MWFrontEnd_C_defer_codegen0 - - - MWWarning_C_warn_illpragma1 - MWWarning_C_warn_emptydecl1 - MWWarning_C_warn_possunwant1 - MWWarning_C_warn_unusedvar1 - MWWarning_C_warn_unusedarg1 - MWWarning_C_warn_extracomma1 - MWWarning_C_pedantic1 - MWWarning_C_warningerrors0 - MWWarning_C_warn_hidevirtual1 - MWWarning_C_warn_implicitconv0 - MWWarning_C_warn_notinlined0 - MWWarning_C_warn_structclass0 - - - MWFTP_Post_hostName - MWFTP_Post_username - MWFTP_Post_password0 - MWFTP_Post_remoteDir - MWFTP_Post_ftp_PathVersion1 - MWFTP_Post_ftp_PathType0 - MWFTP_Post_ftp_PathFormat0 - MWFTP_Post_ftp_tree - MWFTP_Post_uploadDir - MWFTP_Post_ftp_port21 - MWFTP_Post_SendBin1 - MWFTP_Post_ShouldLog1 - - - MWCommandLine_Java_clsName - MWCommandLine_Java_args - - - MWVJavaDebugging_Protocol1 - MWVJavaDebugging_JDKVersion1 - MWVJavaDebugging_TimeOut10 - MWVJavaDebugging_SupportSlowDevicesfalse - - - MWJava_Language_optimizefalse - MWJava_Language_warnDeprecatedfalse - MWJava_Language_emitMapfalse - MWJava_Language_strictFileNamesfalse - MWJava_Language_strictFileHierarchyfalse - MWJava_Language_1_1_Compatiblefalse - MWJava_Language_emitHeaders0 - MWJava_Language_headerTypeJNINativeHeaders - MWJava_Language_packageFilter - MWJava_Language_genCommentstrue - MWJava_Language_genHeadersfalse - - - MWJava_MRJAppBuilder_outFileMRJApplication - MWJava_MRJAppBuilder_mergefalse - MWJava_MRJAppBuilder_quitMenutrue - MWJava_MRJAppBuilder_growfalse - MWJava_MRJAppBuilder_stdoutTypeConsole - MWJava_MRJAppBuilder_stderrTypeConsole - MWJava_MRJAppBuilder_stdinTypeConsole - MWJava_MRJAppBuilder_appIconPVersion0 - MWJava_MRJAppBuilder_appIconPType0 - MWJava_MRJAppBuilder_appIconPFormat0 - MWJava_MRJAppBuilder_appIconPTree - MWJava_MRJAppBuilder_appIconFile - MWJava_MRJAppBuilder_splashScreenPVersion0 - MWJava_MRJAppBuilder_splashScreenPType0 - MWJava_MRJAppBuilder_splashScreenPFormat0 - MWJava_MRJAppBuilder_splashScreenPTree - MWJava_MRJAppBuilder_splashScreenPICTFile - MWJava_MRJAppBuilder_aboutName - MWJava_MRJAppBuilder_stdoutPVersion0 - MWJava_MRJAppBuilder_stdoutPType0 - MWJava_MRJAppBuilder_stdoutPFormat0 - MWJava_MRJAppBuilder_stdoutPTree - MWJava_MRJAppBuilder_stdoutFile - MWJava_MRJAppBuilder_stdoutAppendfalse - MWJava_MRJAppBuilder_stderrPType0 - MWJava_MRJAppBuilder_stderrPFormat0 - MWJava_MRJAppBuilder_stderrPTree - MWJava_MRJAppBuilder_stderrFile - MWJava_MRJAppBuilder_stderrAppendfalse - MWJava_MRJAppBuilder_stdinPType0 - MWJava_MRJAppBuilder_stdinPFormat0 - MWJava_MRJAppBuilder_stdinPTree - MWJava_MRJAppBuilder_stdinFile - - - MWJava_Output_outputtypeJarFile - MWJava_Output_outfileJavaClasses.jar - MWJava_Output_ftype1514754080 - MWJava_Output_fcreator1297570384 - MWJava_Output_compress0 - MWJava_Output_genManifest0 - MWJava_Output_trunctypeFront - MWJava_Output_deleteClasses0 - MWJava_Output_consoleApp1 - - - MWJava_Proj_projtypeApplet - MWJava_Proj_mainClassName - MWJava_Proj_HTMLAppCreator1463898714 - MWJava_Proj_HTMLAppName - MWJava_Proj_PathVersion0 - MWJava_Proj_PathType0 - MWJava_Proj_PathFormat0 - MWJava_Proj_tree - MWJava_Proj_HTMLAppWin32Name - MWJava_Proj_compress0 - MWJava_Proj_useVM1 - MWJava_Proj_vmarguments - MWJava_Proj_vmName - MWJava_Proj_simPropFile - - - MWJavaDoc_Proj_Version1 - MWJavaDoc_Proj_Depricated1 - MWJavaDoc_Proj_Author1 - MWJavaDoc_Proj_Index1 - MWJavaDoc_Proj_Tree1 - MWJavaDoc_Proj_SunResolveToSame0 - MWJavaDoc_Proj_Shortnames1 - MWJavaDoc_Proj_Folder0 - MWJavaDoc_Proj_GenerateAPILinks0 - MWJavaDoc_Proj_scopePublic - MWJavaDoc_Proj_fcreator1297303877 - MWJavaDoc_Proj_encodingName - MWJavaDoc_Proj_decodingName - MWJavaDoc_Proj_javaPackagePathhttp://java.sun.com/products/jdk/1.1/docs/api/ - - - MWMerge_MacOS_projectTypeApplication - MWMerge_MacOS_outputNameMerge Out - MWMerge_MacOS_outputCreator???? - MWMerge_MacOS_outputTypeAPPL - MWMerge_MacOS_suppressWarning0 - MWMerge_MacOS_copyFragments1 - MWMerge_MacOS_copyResources1 - MWMerge_MacOS_flattenResource0 - MWMerge_MacOS_flatFileNamea.rsrc - MWMerge_MacOS_flatFileOutputPath - Path: - PathFormatMacOS - PathRootProject - - MWMerge_MacOS_skipResources - DLGX - ckid - Proj - WSPC - - - - FileLockedfalse - ResourcesMapIsReadOnlyfalse - PrinterDriverIsMultiFinderCompatiblefalse - Invisiblefalse - HasBundlefalse - NameLockedfalse - Stationeryfalse - HasCustomIconfalse - Sharedfalse - HasBeenInitedfalse - Label0 - Comments - - - MWMacOSPackager_UsePackager0 - MWMacOSPackager_FolderToPackage - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreateClassicAlias0 - MWMacOSPackager_ClassicAliasMethodUseTargetOutput - MWMacOSPackager_ClassicAliasPath - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreatePkgInfo0 - MWMacOSPackager_PkgCreatorType???? - MWMacOSPackager_PkgFileTypeAPPL - - - MWCodeGen_PPC_structalignmentPPC - MWCodeGen_PPC_tracebacktablesInline - MWCodeGen_PPC_processorGeneric - MWCodeGen_PPC_readonlystrings1 - MWCodeGen_PPC_tocdata1 - MWCodeGen_PPC_profiler0 - MWCodeGen_PPC_fpcontract1 - MWCodeGen_PPC_schedule0 - MWCodeGen_PPC_peephole0 - MWCodeGen_PPC_processorspecific0 - MWCodeGen_PPC_altivec0 - MWCodeGen_PPC_vectortocdata0 - MWCodeGen_PPC_vrsave0 - - - MWCodeGen_MachO_structalignmentPPC - MWCodeGen_MachO_tracebacktablesNone - MWCodeGen_MachO_processorGeneric - MWCodeGen_MachO_readonlystrings0 - MWCodeGen_MachO_profiler0 - MWCodeGen_MachO_fpcontract1 - MWCodeGen_MachO_schedule0 - MWCodeGen_MachO_peephole1 - MWCodeGen_MachO_processorspecific0 - MWCodeGen_MachO_altivec0 - MWCodeGen_MachO_vrsave1 - MWCodeGen_MachO_common0 - MWCodeGen_MachO_implicit_templates1 - - - MWDisassembler_PPC_showcode1 - MWDisassembler_PPC_extended1 - MWDisassembler_PPC_mix0 - MWDisassembler_PPC_nohex0 - MWDisassembler_PPC_showdata1 - MWDisassembler_PPC_showexceptions1 - MWDisassembler_PPC_showsym0 - MWDisassembler_PPC_shownames1 - - - GlobalOptimizer_PPC_optimizationlevelLevel0 - GlobalOptimizer_PPC_optforSpeed - - - MWLinker_PPC_linksym1 - MWLinker_PPC_symfullpath1 - MWLinker_PPC_linkmap0 - MWLinker_PPC_nolinkwarnings0 - MWLinker_PPC_dontdeadstripinitcode0 - MWLinker_PPC_permitmultdefs1 - MWLinker_PPC_linkmodeFast - MWLinker_PPC_initname__initialize - MWLinker_PPC_mainname - MWLinker_PPC_termname__terminate - - - MWLinker_MachO_exportsNone - MWLinker_MachO_mainnamestart - MWLinker_MachO_currentversion0 - MWLinker_MachO_compatibleversion0 - MWLinker_MachO_symfullpath0 - MWLinker_MachO_supresswarnings0 - MWLinker_MachO_multisymerror0 - MWLinker_MachO_prebind1 - MWLinker_MachO_deadstrip1 - MWLinker_MachO_objectivecsemantics0 - MWLinker_MachO_whichfileloaded0 - MWLinker_MachO_whyfileloaded0 - MWLinker_MachO_readonlyrelocsErrors - MWLinker_MachO_undefinedsymbolsErrors - MWLinker_MachO_twolevelnamespace1 - MWLinker_MachO_stripdebugsymbols0 - - - MWProject_MachO_typeExecutable - MWProject_MachO_outfilea.exe - MWProject_MachO_filecreator???? - MWProject_MachO_filetypeMEXE - MWProject_MachO_stacksize64 - MWProject_MachO_stackaddress0 - MWProject_MachO_flatrsrc1 - MWProject_MachO_flatrsrcfilenamea.rsrc - MWProject_MachO_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_MachO_installpath./ - - - MWPEF_exportsPragma - MWPEF_libfolder0 - MWPEF_sortcodeNone - MWPEF_expandbss0 - MWPEF_sharedata0 - MWPEF_olddefversion0 - MWPEF_oldimpversion0 - MWPEF_currentversion100 - MWPEF_fragmentnameDBM - MWPEF_collapsereloads0 - - - MWProject_PPC_typeSharedLibrary - MWProject_PPC_outfileDBMDebug.shlb - MWProject_PPC_filecreatorMOZZ - MWProject_PPC_filetypeshlb - MWProject_PPC_size0 - MWProject_PPC_minsize0 - MWProject_PPC_stacksize0 - MWProject_PPC_flags0 - MWProject_PPC_symfilename - MWProject_PPC_rsrcname - MWProject_PPC_rsrcheaderNative - MWProject_PPC_rsrctype???? - MWProject_PPC_rsrcid0 - MWProject_PPC_rsrcflags0 - MWProject_PPC_rsrcstore0 - MWProject_PPC_rsrcmerge0 - MWProject_PPC_flatrsrc0 - MWProject_PPC_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_PPC_flatrsrcfilename - - - MWAssembler_PPC_auxheader0 - MWAssembler_PPC_symmodeMac - MWAssembler_PPC_dialectPPC - MWAssembler_PPC_prefixfile - MWAssembler_PPC_typecheck0 - MWAssembler_PPC_warnings0 - MWAssembler_PPC_casesensitive0 - - - MWRez_Language_maxwidth80 - MWRez_Language_scriptRoman - MWRez_Language_alignmentAlign1 - MWRez_Language_filtermodeFilterSkip - MWRez_Language_suppresswarnings0 - MWRez_Language_escapecontrolchars1 - MWRez_Language_prefixname - MWRez_Language_filteredtypes'CODE' 'DATA' 'PICT' - - - MWWinRC_prefixname - - - MWCodeGen_X86_processorGeneric - MWCodeGen_X86_alignmentbytes8 - MWCodeGen_X86_exceptionsZeroOverhead - MWCodeGen_X86_extinst_mmx0 - MWCodeGen_X86_extinst_3dnow0 - MWCodeGen_X86_use_mmx_3dnow_convention0 - MWCodeGen_X86_machinecodelisting0 - MWCodeGen_X86_intrinsics0 - MWCodeGen_X86_syminfo0 - MWCodeGen_X86_codeviewinfo1 - MWCodeGen_X86_extinst_cmov_fcomi0 - MWCodeGen_X86_extinst_sse0 - - - PDisasmX86_showHeaderstrue - PDisasmX86_showSymTabtrue - PDisasmX86_showCodetrue - PDisasmX86_showSourcefalse - PDisasmX86_showHextrue - PDisasmX86_showRelocationtrue - PDisasmX86_showCommentsfalse - PDisasmX86_showDebugfalse - PDisasmX86_showExceptionsfalse - PDisasmX86_showDatatrue - PDisasmX86_showRawfalse - PDisasmX86_verbosefalse - - - MWDebugger_X86_Exceptions - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - - - - GlobalOptimizer_X86_optimizationlevelLevel0 - GlobalOptimizer_X86_optforSpeed - - - MWLinker_X86_entrypointusageDefault - MWLinker_X86_entrypoint - MWLinker_X86_subsystemWinGUI - MWLinker_X86_subsysmajorid4 - MWLinker_X86_subsysminorid0 - MWLinker_X86_usrmajorid0 - MWLinker_X86_usrminorid0 - MWLinker_X86_commandfile - MWLinker_X86_generatemap0 - MWLinker_X86_linksym0 - MWLinker_X86_linkCV1 - - - MWProject_X86_typeApplication - MWProject_X86_outfilenoname.exe - MWProject_X86_baseaddress4194304 - MWProject_X86_maxstacksize1024 - MWProject_X86_minstacksize4 - MWProject_X86_size1024 - MWProject_X86_minsize4 - MWProject_X86_importlib - xpidl Settings - 0001000101000000000000000000000000000000000000000000000000000000 - 0000000000000000 - - - - - Name - db.c - MacOS - Text - Debug - - - Name - hash.c - MacOS - Text - Debug - - - Name - hash_buf.c - MacOS - Text - Debug - - - Name - hsearch.c - MacOS - Text - Debug - - - Name - h_bigkey.c - MacOS - Text - Debug - - - Name - h_func.c - MacOS - Text - Debug - - - Name - h_log2.c - MacOS - Text - Debug - - - Name - h_page.c - MacOS - Text - Debug - - - Name - macstubs.c - MacOS - Text - Debug - - - Name - NSStdLibStubs - MacOS - Library - Debug - - - Name - MSL_ShLibRuntime_PPC.Lib - MacOS - Library - Debug - - - Name - MoreFilesDebug.shlb - MacOS - Library - Debug - - - Name - NSRuntimeDebug.shlb - MacOS - Library - Debug - - - Name - NSPR20Debug.shlb - MacOS - Library - Debug - - - Name - InterfacesStubs - MacOS - Library - Debug - - - - - Name - db.c - MacOS - - - Name - hash.c - MacOS - - - Name - hash_buf.c - MacOS - - - Name - hsearch.c - MacOS - - - Name - h_bigkey.c - MacOS - - - Name - h_func.c - MacOS - - - Name - h_log2.c - MacOS - - - Name - h_page.c - MacOS - - - Name - macstubs.c - MacOS - - - Name - NSStdLibStubs - MacOS - - - Name - NSPR20Debug.shlb - MacOS - - - Name - MoreFilesDebug.shlb - MacOS - - - Name - NSRuntimeDebug.shlb - MacOS - - - Name - MSL_ShLibRuntime_PPC.Lib - MacOS - - - Name - InterfacesStubs - MacOS - - - - - DBM.o - - - - UserSourceTrees - - - AlwaysSearchUserPathsfalse - InterpretDOSAndUnixPathsfalse - RequireFrameworkStyleIncludesfalse - UserSearchPaths - - SearchPath - Path: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path::src: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client_stubs: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SystemSearchPaths - - SearchPath - Path:MSL: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:MacOS Support: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - - - MWRuntimeSettings_WorkingDirectory - MWRuntimeSettings_CommandLine - MWRuntimeSettings_HostApplication - Path - PathFormatGeneric - PathRootAbsolute - - MWRuntimeSettings_EnvVars - - - LinkerMacOS PPC Linker - PreLinker - PostLinker - TargetnameDBM.o - OutputDirectory - Path: - PathFormatMacOS - PathRootProject - - SaveEntriesUsingRelativePathsfalse - - - FileMappings - - FileTypeAPPL - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeAppl - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeMMLB - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMPLF - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMWCD - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeRSRC - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cc - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cpp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.exp - Compiler - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.h - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMaketrue - - - FileTypeTEXT - FileExtension.p - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pas - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.ppu - CompilerMW Pascal PPC - EditLanguage - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.r - CompilerRez - EditLanguageRez - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.s - CompilerPPCAsm - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeXCOF - FileExtension - CompilerXCOFF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypedocu - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypersrc - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeshlb - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypestub - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileExtension.doc - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFilefalse - IgnoredByMaketrue - - - - - CacheModDatesfalse - ActivateBrowsertrue - DumpBrowserInfofalse - CacheSubprojectstrue - UseThirdPartyDebuggerfalse - DebuggerAppPath - Path - PathFormatGeneric - PathRootAbsolute - - DebuggerCmdLineArgs - DebuggerWorkingDir - Path - PathFormatGeneric - PathRootAbsolute - - - - LogSystemMessagestrue - AutoTargetDLLsfalse - StopAtWatchpointstrue - PauseWhileRunningfalse - PauseInterval5 - PauseUIFlags0 - AltExePath - Path - PathFormatGeneric - PathRootAbsolute - - StopAtTempBPOnLaunchtrue - CacheSymbolicstrue - TempBPFunctionNamemain - TempBPType0 - - - Enabledfalse - ConnectionName - DownloadPath - LaunchRemoteAppfalse - RemoteAppPath - - - OtherExecutables - - - CustomColor1 - Red0 - Green32767 - Blue0 - - CustomColor2 - Red0 - Green32767 - Blue0 - - CustomColor3 - Red0 - Green32767 - Blue0 - - CustomColor4 - Red0 - Green32767 - Blue0 - - - - MWFrontEnd_C_cplusplus0 - MWFrontEnd_C_checkprotos0 - MWFrontEnd_C_arm0 - MWFrontEnd_C_trigraphs0 - MWFrontEnd_C_onlystdkeywords0 - MWFrontEnd_C_enumsalwaysint1 - MWFrontEnd_C_mpwpointerstyle0 - MWFrontEnd_C_prefixnameDBM.Prefix - MWFrontEnd_C_ansistrict0 - MWFrontEnd_C_mpwcnewline0 - MWFrontEnd_C_wchar_type1 - MWFrontEnd_C_enableexceptions1 - MWFrontEnd_C_dontreusestrings0 - MWFrontEnd_C_poolstrings0 - MWFrontEnd_C_dontinline0 - MWFrontEnd_C_useRTTI0 - MWFrontEnd_C_multibyteaware0 - MWFrontEnd_C_unsignedchars0 - MWFrontEnd_C_autoinline0 - MWFrontEnd_C_booltruefalse0 - MWFrontEnd_C_direct_to_som0 - MWFrontEnd_C_som_env_check0 - MWFrontEnd_C_alwaysinline0 - MWFrontEnd_C_inlinelevel0 - MWFrontEnd_C_ecplusplus0 - MWFrontEnd_C_objective_c0 - MWFrontEnd_C_defer_codegen0 - - - MWWarning_C_warn_illpragma1 - MWWarning_C_warn_emptydecl1 - MWWarning_C_warn_possunwant1 - MWWarning_C_warn_unusedvar1 - MWWarning_C_warn_unusedarg1 - MWWarning_C_warn_extracomma1 - MWWarning_C_pedantic1 - MWWarning_C_warningerrors0 - MWWarning_C_warn_hidevirtual1 - MWWarning_C_warn_implicitconv0 - MWWarning_C_warn_notinlined0 - MWWarning_C_warn_structclass0 - - - MWFTP_Post_hostName - MWFTP_Post_username - MWFTP_Post_password0 - MWFTP_Post_remoteDir - MWFTP_Post_ftp_PathVersion1 - MWFTP_Post_ftp_PathType0 - MWFTP_Post_ftp_PathFormat0 - MWFTP_Post_ftp_tree - MWFTP_Post_uploadDir - MWFTP_Post_ftp_port21 - MWFTP_Post_SendBin1 - MWFTP_Post_ShouldLog1 - - - MWCommandLine_Java_clsName - MWCommandLine_Java_args - - - MWVJavaDebugging_Protocol1 - MWVJavaDebugging_JDKVersion1 - MWVJavaDebugging_TimeOut10 - MWVJavaDebugging_SupportSlowDevicesfalse - - - MWJava_Language_optimizefalse - MWJava_Language_warnDeprecatedfalse - MWJava_Language_emitMapfalse - MWJava_Language_strictFileNamesfalse - MWJava_Language_strictFileHierarchyfalse - MWJava_Language_1_1_Compatiblefalse - MWJava_Language_emitHeaders0 - MWJava_Language_headerTypeJNINativeHeaders - MWJava_Language_packageFilter - MWJava_Language_genCommentstrue - MWJava_Language_genHeadersfalse - - - MWJava_MRJAppBuilder_outFileMRJApplication - MWJava_MRJAppBuilder_mergefalse - MWJava_MRJAppBuilder_quitMenutrue - MWJava_MRJAppBuilder_growfalse - MWJava_MRJAppBuilder_stdoutTypeConsole - MWJava_MRJAppBuilder_stderrTypeConsole - MWJava_MRJAppBuilder_stdinTypeConsole - MWJava_MRJAppBuilder_appIconPVersion0 - MWJava_MRJAppBuilder_appIconPType0 - MWJava_MRJAppBuilder_appIconPFormat0 - MWJava_MRJAppBuilder_appIconPTree - MWJava_MRJAppBuilder_appIconFile - MWJava_MRJAppBuilder_splashScreenPVersion0 - MWJava_MRJAppBuilder_splashScreenPType0 - MWJava_MRJAppBuilder_splashScreenPFormat0 - MWJava_MRJAppBuilder_splashScreenPTree - MWJava_MRJAppBuilder_splashScreenPICTFile - MWJava_MRJAppBuilder_aboutName - MWJava_MRJAppBuilder_stdoutPVersion0 - MWJava_MRJAppBuilder_stdoutPType0 - MWJava_MRJAppBuilder_stdoutPFormat0 - MWJava_MRJAppBuilder_stdoutPTree - MWJava_MRJAppBuilder_stdoutFile - MWJava_MRJAppBuilder_stdoutAppendfalse - MWJava_MRJAppBuilder_stderrPType0 - MWJava_MRJAppBuilder_stderrPFormat0 - MWJava_MRJAppBuilder_stderrPTree - MWJava_MRJAppBuilder_stderrFile - MWJava_MRJAppBuilder_stderrAppendfalse - MWJava_MRJAppBuilder_stdinPType0 - MWJava_MRJAppBuilder_stdinPFormat0 - MWJava_MRJAppBuilder_stdinPTree - MWJava_MRJAppBuilder_stdinFile - - - MWJava_Output_outputtypeJarFile - MWJava_Output_outfileJavaClasses.jar - MWJava_Output_ftype1514754080 - MWJava_Output_fcreator1297570384 - MWJava_Output_compress0 - MWJava_Output_genManifest0 - MWJava_Output_trunctypeFront - MWJava_Output_deleteClasses0 - MWJava_Output_consoleApp1 - - - MWJava_Proj_projtypeApplet - MWJava_Proj_mainClassName - MWJava_Proj_HTMLAppCreator1463898714 - MWJava_Proj_HTMLAppName - MWJava_Proj_PathVersion0 - MWJava_Proj_PathType0 - MWJava_Proj_PathFormat0 - MWJava_Proj_tree - MWJava_Proj_HTMLAppWin32Name - MWJava_Proj_compress0 - MWJava_Proj_useVM1 - MWJava_Proj_vmarguments - MWJava_Proj_vmName - MWJava_Proj_simPropFile - - - MWJavaDoc_Proj_Version1 - MWJavaDoc_Proj_Depricated1 - MWJavaDoc_Proj_Author1 - MWJavaDoc_Proj_Index1 - MWJavaDoc_Proj_Tree1 - MWJavaDoc_Proj_SunResolveToSame0 - MWJavaDoc_Proj_Shortnames1 - MWJavaDoc_Proj_Folder0 - MWJavaDoc_Proj_GenerateAPILinks0 - MWJavaDoc_Proj_scopePublic - MWJavaDoc_Proj_fcreator1297303877 - MWJavaDoc_Proj_encodingName - MWJavaDoc_Proj_decodingName - MWJavaDoc_Proj_javaPackagePathhttp://java.sun.com/products/jdk/1.1/docs/api/ - - - MWMerge_MacOS_projectTypeApplication - MWMerge_MacOS_outputNameMerge Out - MWMerge_MacOS_outputCreator???? - MWMerge_MacOS_outputTypeAPPL - MWMerge_MacOS_suppressWarning0 - MWMerge_MacOS_copyFragments1 - MWMerge_MacOS_copyResources1 - MWMerge_MacOS_flattenResource0 - MWMerge_MacOS_flatFileNamea.rsrc - MWMerge_MacOS_flatFileOutputPath - Path: - PathFormatMacOS - PathRootProject - - MWMerge_MacOS_skipResources - DLGX - ckid - Proj - WSPC - - - - FileLockedfalse - ResourcesMapIsReadOnlyfalse - PrinterDriverIsMultiFinderCompatiblefalse - Invisiblefalse - HasBundlefalse - NameLockedfalse - Stationeryfalse - HasCustomIconfalse - Sharedfalse - HasBeenInitedfalse - Label0 - Comments - - - MWMacOSPackager_UsePackager0 - MWMacOSPackager_FolderToPackage - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreateClassicAlias0 - MWMacOSPackager_ClassicAliasMethodUseTargetOutput - MWMacOSPackager_ClassicAliasPath - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreatePkgInfo0 - MWMacOSPackager_PkgCreatorType???? - MWMacOSPackager_PkgFileTypeAPPL - - - MWCodeGen_PPC_structalignmentPPC - MWCodeGen_PPC_tracebacktablesNone - MWCodeGen_PPC_processorGeneric - MWCodeGen_PPC_readonlystrings1 - MWCodeGen_PPC_tocdata1 - MWCodeGen_PPC_profiler0 - MWCodeGen_PPC_fpcontract1 - MWCodeGen_PPC_schedule0 - MWCodeGen_PPC_peephole0 - MWCodeGen_PPC_processorspecific0 - MWCodeGen_PPC_altivec0 - MWCodeGen_PPC_vectortocdata0 - MWCodeGen_PPC_vrsave0 - - - MWCodeGen_MachO_structalignmentPPC - MWCodeGen_MachO_tracebacktablesNone - MWCodeGen_MachO_processorGeneric - MWCodeGen_MachO_readonlystrings0 - MWCodeGen_MachO_profiler0 - MWCodeGen_MachO_fpcontract1 - MWCodeGen_MachO_schedule0 - MWCodeGen_MachO_peephole1 - MWCodeGen_MachO_processorspecific0 - MWCodeGen_MachO_altivec0 - MWCodeGen_MachO_vrsave1 - MWCodeGen_MachO_common0 - MWCodeGen_MachO_implicit_templates1 - - - MWDisassembler_PPC_showcode1 - MWDisassembler_PPC_extended1 - MWDisassembler_PPC_mix0 - MWDisassembler_PPC_nohex0 - MWDisassembler_PPC_showdata1 - MWDisassembler_PPC_showexceptions1 - MWDisassembler_PPC_showsym0 - MWDisassembler_PPC_shownames1 - - - GlobalOptimizer_PPC_optimizationlevelLevel0 - GlobalOptimizer_PPC_optforSpeed - - - MWLinker_PPC_linksym1 - MWLinker_PPC_symfullpath1 - MWLinker_PPC_linkmap0 - MWLinker_PPC_nolinkwarnings0 - MWLinker_PPC_dontdeadstripinitcode0 - MWLinker_PPC_permitmultdefs0 - MWLinker_PPC_linkmodeFast - MWLinker_PPC_initname - MWLinker_PPC_mainname - MWLinker_PPC_termname - - - MWLinker_MachO_exportsNone - MWLinker_MachO_mainnamestart - MWLinker_MachO_currentversion0 - MWLinker_MachO_compatibleversion0 - MWLinker_MachO_symfullpath0 - MWLinker_MachO_supresswarnings0 - MWLinker_MachO_multisymerror0 - MWLinker_MachO_prebind1 - MWLinker_MachO_deadstrip1 - MWLinker_MachO_objectivecsemantics0 - MWLinker_MachO_whichfileloaded0 - MWLinker_MachO_whyfileloaded0 - MWLinker_MachO_readonlyrelocsErrors - MWLinker_MachO_undefinedsymbolsErrors - MWLinker_MachO_twolevelnamespace1 - MWLinker_MachO_stripdebugsymbols0 - - - MWProject_MachO_typeExecutable - MWProject_MachO_outfilea.exe - MWProject_MachO_filecreator???? - MWProject_MachO_filetypeMEXE - MWProject_MachO_stacksize64 - MWProject_MachO_stackaddress0 - MWProject_MachO_flatrsrc1 - MWProject_MachO_flatrsrcfilenamea.rsrc - MWProject_MachO_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_MachO_installpath./ - - - MWPEF_exportsPragma - MWPEF_libfolder0 - MWPEF_sortcodeNone - MWPEF_expandbss0 - MWPEF_sharedata0 - MWPEF_olddefversion0 - MWPEF_oldimpversion0 - MWPEF_currentversion0 - MWPEF_fragmentname - MWPEF_collapsereloads0 - - - MWProject_PPC_typeLibrary - MWProject_PPC_outfileDBM.o - MWProject_PPC_filecreator???? - MWProject_PPC_filetype???? - MWProject_PPC_size0 - MWProject_PPC_minsize0 - MWProject_PPC_stacksize0 - MWProject_PPC_flags0 - MWProject_PPC_symfilename - MWProject_PPC_rsrcname - MWProject_PPC_rsrcheaderNative - MWProject_PPC_rsrctype???? - MWProject_PPC_rsrcid0 - MWProject_PPC_rsrcflags0 - MWProject_PPC_rsrcstore0 - MWProject_PPC_rsrcmerge0 - MWProject_PPC_flatrsrc0 - MWProject_PPC_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_PPC_flatrsrcfilename - - - MWAssembler_PPC_auxheader0 - MWAssembler_PPC_symmodeMac - MWAssembler_PPC_dialectPPC - MWAssembler_PPC_prefixfile - MWAssembler_PPC_typecheck0 - MWAssembler_PPC_warnings0 - MWAssembler_PPC_casesensitive0 - - - MWRez_Language_maxwidth80 - MWRez_Language_scriptRoman - MWRez_Language_alignmentAlign1 - MWRez_Language_filtermodeFilterSkip - MWRez_Language_suppresswarnings0 - MWRez_Language_escapecontrolchars1 - MWRez_Language_prefixname - MWRez_Language_filteredtypes'CODE' 'DATA' 'PICT' - - - MWWinRC_prefixname - - - MWCodeGen_X86_processorGeneric - MWCodeGen_X86_alignmentbytes8 - MWCodeGen_X86_exceptionsZeroOverhead - MWCodeGen_X86_extinst_mmx0 - MWCodeGen_X86_extinst_3dnow0 - MWCodeGen_X86_use_mmx_3dnow_convention0 - MWCodeGen_X86_machinecodelisting0 - MWCodeGen_X86_intrinsics0 - MWCodeGen_X86_syminfo0 - MWCodeGen_X86_codeviewinfo1 - MWCodeGen_X86_extinst_cmov_fcomi0 - MWCodeGen_X86_extinst_sse0 - - - PDisasmX86_showHeaderstrue - PDisasmX86_showSymTabtrue - PDisasmX86_showCodetrue - PDisasmX86_showSourcefalse - PDisasmX86_showHextrue - PDisasmX86_showRelocationtrue - PDisasmX86_showCommentsfalse - PDisasmX86_showDebugfalse - PDisasmX86_showExceptionsfalse - PDisasmX86_showDatatrue - PDisasmX86_showRawfalse - PDisasmX86_verbosefalse - - - MWDebugger_X86_Exceptions - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - - - - GlobalOptimizer_X86_optimizationlevelLevel0 - GlobalOptimizer_X86_optforSpeed - - - MWLinker_X86_entrypointusageDefault - MWLinker_X86_entrypoint - MWLinker_X86_subsystemWinGUI - MWLinker_X86_subsysmajorid4 - MWLinker_X86_subsysminorid0 - MWLinker_X86_usrmajorid0 - MWLinker_X86_usrminorid0 - MWLinker_X86_commandfile - MWLinker_X86_generatemap0 - MWLinker_X86_linksym0 - MWLinker_X86_linkCV1 - - - MWProject_X86_typeApplication - MWProject_X86_outfilenoname.exe - MWProject_X86_baseaddress4194304 - MWProject_X86_maxstacksize1024 - MWProject_X86_minstacksize4 - MWProject_X86_size1024 - MWProject_X86_minsize4 - MWProject_X86_importlib - xpidl Settings - 0001000101000000000000000000000000000000000000000000000000000000 - 0000000000000000 - - - - - Name - db.c - MacOS - Text - Debug - - - Name - hash.c - MacOS - Text - Debug - - - Name - hash_buf.c - MacOS - Text - Debug - - - Name - hsearch.c - MacOS - Text - Debug - - - Name - h_bigkey.c - MacOS - Text - Debug - - - Name - h_func.c - MacOS - Text - Debug - - - Name - h_log2.c - MacOS - Text - Debug - - - Name - h_page.c - MacOS - Text - Debug - - - Name - macstubs.c - MacOS - Text - Debug - - - - - Name - db.c - MacOS - - - Name - hash.c - MacOS - - - Name - hash_buf.c - MacOS - - - Name - hsearch.c - MacOS - - - Name - h_bigkey.c - MacOS - - - Name - h_func.c - MacOS - - - Name - h_log2.c - MacOS - - - Name - h_page.c - MacOS - - - Name - macstubs.c - MacOS - - - - - DBMDebug.o - - - - UserSourceTrees - - - AlwaysSearchUserPathsfalse - InterpretDOSAndUnixPathsfalse - RequireFrameworkStyleIncludesfalse - UserSearchPaths - - SearchPath - Path: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path::src: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist:client_stubs: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:::dist: - PathFormatMacOS - PathRootProject - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SystemSearchPaths - - SearchPath - Path:MSL: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - SearchPath - Path:MacOS Support: - PathFormatMacOS - PathRootCodeWarrior - - Recursivetrue - FrameworkPathfalse - HostFlagsAll - - - - - MWRuntimeSettings_WorkingDirectory - MWRuntimeSettings_CommandLine - MWRuntimeSettings_HostApplication - Path - PathFormatGeneric - PathRootAbsolute - - MWRuntimeSettings_EnvVars - - - LinkerMacOS PPC Linker - PreLinker - PostLinker - TargetnameDBMDebug.o - OutputDirectory - Path: - PathFormatMacOS - PathRootProject - - SaveEntriesUsingRelativePathsfalse - - - FileMappings - - FileTypeAPPL - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeAppl - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeMMLB - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMPLF - FileExtension - CompilerLib Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeMWCD - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeRSRC - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.c++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cc - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.cpp - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.exp - Compiler - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.h - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMaketrue - - - FileTypeTEXT - FileExtension.p - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pas - CompilerMW Pascal PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.pch++ - CompilerMW C/C++ PPC - EditLanguageC/C++ - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.ppu - CompilerMW Pascal PPC - EditLanguage - Precompiletrue - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.r - CompilerRez - EditLanguageRez - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeTEXT - FileExtension.s - CompilerPPCAsm - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypeXCOF - FileExtension - CompilerXCOFF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypedocu - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypersrc - FileExtension - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFiletrue - IgnoredByMakefalse - - - FileTypeshlb - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileTypestub - FileExtension - CompilerPEF Import PPC - EditLanguage - Precompilefalse - Launchablefalse - ResourceFilefalse - IgnoredByMakefalse - - - FileExtension.doc - Compiler - EditLanguage - Precompilefalse - Launchabletrue - ResourceFilefalse - IgnoredByMaketrue - - - - - CacheModDatesfalse - ActivateBrowsertrue - DumpBrowserInfofalse - CacheSubprojectstrue - UseThirdPartyDebuggerfalse - DebuggerAppPath - Path - PathFormatGeneric - PathRootAbsolute - - DebuggerCmdLineArgs - DebuggerWorkingDir - Path - PathFormatGeneric - PathRootAbsolute - - - - LogSystemMessagestrue - AutoTargetDLLsfalse - StopAtWatchpointstrue - PauseWhileRunningfalse - PauseInterval5 - PauseUIFlags0 - AltExePath - Path - PathFormatGeneric - PathRootAbsolute - - StopAtTempBPOnLaunchtrue - CacheSymbolicstrue - TempBPFunctionNamemain - TempBPType0 - - - Enabledfalse - ConnectionName - DownloadPath - LaunchRemoteAppfalse - RemoteAppPath - - - OtherExecutables - - - CustomColor1 - Red0 - Green32767 - Blue0 - - CustomColor2 - Red0 - Green32767 - Blue0 - - CustomColor3 - Red0 - Green32767 - Blue0 - - CustomColor4 - Red0 - Green32767 - Blue0 - - - - MWFrontEnd_C_cplusplus0 - MWFrontEnd_C_checkprotos0 - MWFrontEnd_C_arm0 - MWFrontEnd_C_trigraphs0 - MWFrontEnd_C_onlystdkeywords0 - MWFrontEnd_C_enumsalwaysint1 - MWFrontEnd_C_mpwpointerstyle0 - MWFrontEnd_C_prefixnameDBMDebug.Prefix - MWFrontEnd_C_ansistrict0 - MWFrontEnd_C_mpwcnewline0 - MWFrontEnd_C_wchar_type1 - MWFrontEnd_C_enableexceptions1 - MWFrontEnd_C_dontreusestrings0 - MWFrontEnd_C_poolstrings0 - MWFrontEnd_C_dontinline0 - MWFrontEnd_C_useRTTI0 - MWFrontEnd_C_multibyteaware0 - MWFrontEnd_C_unsignedchars0 - MWFrontEnd_C_autoinline0 - MWFrontEnd_C_booltruefalse0 - MWFrontEnd_C_direct_to_som0 - MWFrontEnd_C_som_env_check0 - MWFrontEnd_C_alwaysinline0 - MWFrontEnd_C_inlinelevel0 - MWFrontEnd_C_ecplusplus0 - MWFrontEnd_C_objective_c0 - MWFrontEnd_C_defer_codegen0 - - - MWWarning_C_warn_illpragma1 - MWWarning_C_warn_emptydecl1 - MWWarning_C_warn_possunwant1 - MWWarning_C_warn_unusedvar1 - MWWarning_C_warn_unusedarg1 - MWWarning_C_warn_extracomma1 - MWWarning_C_pedantic1 - MWWarning_C_warningerrors0 - MWWarning_C_warn_hidevirtual1 - MWWarning_C_warn_implicitconv0 - MWWarning_C_warn_notinlined0 - MWWarning_C_warn_structclass0 - - - MWFTP_Post_hostName - MWFTP_Post_username - MWFTP_Post_password0 - MWFTP_Post_remoteDir - MWFTP_Post_ftp_PathVersion1 - MWFTP_Post_ftp_PathType0 - MWFTP_Post_ftp_PathFormat0 - MWFTP_Post_ftp_tree - MWFTP_Post_uploadDir - MWFTP_Post_ftp_port21 - MWFTP_Post_SendBin1 - MWFTP_Post_ShouldLog1 - - - MWCommandLine_Java_clsName - MWCommandLine_Java_args - - - MWVJavaDebugging_Protocol1 - MWVJavaDebugging_JDKVersion1 - MWVJavaDebugging_TimeOut10 - MWVJavaDebugging_SupportSlowDevicesfalse - - - MWJava_Language_optimizefalse - MWJava_Language_warnDeprecatedfalse - MWJava_Language_emitMapfalse - MWJava_Language_strictFileNamesfalse - MWJava_Language_strictFileHierarchyfalse - MWJava_Language_1_1_Compatiblefalse - MWJava_Language_emitHeaders0 - MWJava_Language_headerTypeJNINativeHeaders - MWJava_Language_packageFilter - MWJava_Language_genCommentstrue - MWJava_Language_genHeadersfalse - - - MWJava_MRJAppBuilder_outFileMRJApplication - MWJava_MRJAppBuilder_mergefalse - MWJava_MRJAppBuilder_quitMenutrue - MWJava_MRJAppBuilder_growfalse - MWJava_MRJAppBuilder_stdoutTypeConsole - MWJava_MRJAppBuilder_stderrTypeConsole - MWJava_MRJAppBuilder_stdinTypeConsole - MWJava_MRJAppBuilder_appIconPVersion0 - MWJava_MRJAppBuilder_appIconPType0 - MWJava_MRJAppBuilder_appIconPFormat0 - MWJava_MRJAppBuilder_appIconPTree - MWJava_MRJAppBuilder_appIconFile - MWJava_MRJAppBuilder_splashScreenPVersion0 - MWJava_MRJAppBuilder_splashScreenPType0 - MWJava_MRJAppBuilder_splashScreenPFormat0 - MWJava_MRJAppBuilder_splashScreenPTree - MWJava_MRJAppBuilder_splashScreenPICTFile - MWJava_MRJAppBuilder_aboutName - MWJava_MRJAppBuilder_stdoutPVersion0 - MWJava_MRJAppBuilder_stdoutPType0 - MWJava_MRJAppBuilder_stdoutPFormat0 - MWJava_MRJAppBuilder_stdoutPTree - MWJava_MRJAppBuilder_stdoutFile - MWJava_MRJAppBuilder_stdoutAppendfalse - MWJava_MRJAppBuilder_stderrPType0 - MWJava_MRJAppBuilder_stderrPFormat0 - MWJava_MRJAppBuilder_stderrPTree - MWJava_MRJAppBuilder_stderrFile - MWJava_MRJAppBuilder_stderrAppendfalse - MWJava_MRJAppBuilder_stdinPType0 - MWJava_MRJAppBuilder_stdinPFormat0 - MWJava_MRJAppBuilder_stdinPTree - MWJava_MRJAppBuilder_stdinFile - - - MWJava_Output_outputtypeJarFile - MWJava_Output_outfileJavaClasses.jar - MWJava_Output_ftype1514754080 - MWJava_Output_fcreator1297570384 - MWJava_Output_compress0 - MWJava_Output_genManifest0 - MWJava_Output_trunctypeFront - MWJava_Output_deleteClasses0 - MWJava_Output_consoleApp1 - - - MWJava_Proj_projtypeApplet - MWJava_Proj_mainClassName - MWJava_Proj_HTMLAppCreator1463898714 - MWJava_Proj_HTMLAppName - MWJava_Proj_PathVersion0 - MWJava_Proj_PathType0 - MWJava_Proj_PathFormat0 - MWJava_Proj_tree - MWJava_Proj_HTMLAppWin32Name - MWJava_Proj_compress0 - MWJava_Proj_useVM1 - MWJava_Proj_vmarguments - MWJava_Proj_vmName - MWJava_Proj_simPropFile - - - MWJavaDoc_Proj_Version1 - MWJavaDoc_Proj_Depricated1 - MWJavaDoc_Proj_Author1 - MWJavaDoc_Proj_Index1 - MWJavaDoc_Proj_Tree1 - MWJavaDoc_Proj_SunResolveToSame0 - MWJavaDoc_Proj_Shortnames1 - MWJavaDoc_Proj_Folder0 - MWJavaDoc_Proj_GenerateAPILinks0 - MWJavaDoc_Proj_scopePublic - MWJavaDoc_Proj_fcreator1297303877 - MWJavaDoc_Proj_encodingName - MWJavaDoc_Proj_decodingName - MWJavaDoc_Proj_javaPackagePathhttp://java.sun.com/products/jdk/1.1/docs/api/ - - - MWMerge_MacOS_projectTypeApplication - MWMerge_MacOS_outputNameMerge Out - MWMerge_MacOS_outputCreator???? - MWMerge_MacOS_outputTypeAPPL - MWMerge_MacOS_suppressWarning0 - MWMerge_MacOS_copyFragments1 - MWMerge_MacOS_copyResources1 - MWMerge_MacOS_flattenResource0 - MWMerge_MacOS_flatFileNamea.rsrc - MWMerge_MacOS_flatFileOutputPath - Path: - PathFormatMacOS - PathRootProject - - MWMerge_MacOS_skipResources - DLGX - ckid - Proj - WSPC - - - - FileLockedfalse - ResourcesMapIsReadOnlyfalse - PrinterDriverIsMultiFinderCompatiblefalse - Invisiblefalse - HasBundlefalse - NameLockedfalse - Stationeryfalse - HasCustomIconfalse - Sharedfalse - HasBeenInitedfalse - Label0 - Comments - - - MWMacOSPackager_UsePackager0 - MWMacOSPackager_FolderToPackage - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreateClassicAlias0 - MWMacOSPackager_ClassicAliasMethodUseTargetOutput - MWMacOSPackager_ClassicAliasPath - Path: - PathFormatMacOS - PathRootProject - - MWMacOSPackager_CreatePkgInfo0 - MWMacOSPackager_PkgCreatorType???? - MWMacOSPackager_PkgFileTypeAPPL - - - MWCodeGen_PPC_structalignmentPPC - MWCodeGen_PPC_tracebacktablesNone - MWCodeGen_PPC_processorGeneric - MWCodeGen_PPC_readonlystrings1 - MWCodeGen_PPC_tocdata1 - MWCodeGen_PPC_profiler0 - MWCodeGen_PPC_fpcontract1 - MWCodeGen_PPC_schedule0 - MWCodeGen_PPC_peephole0 - MWCodeGen_PPC_processorspecific0 - MWCodeGen_PPC_altivec0 - MWCodeGen_PPC_vectortocdata0 - MWCodeGen_PPC_vrsave0 - - - MWCodeGen_MachO_structalignmentPPC - MWCodeGen_MachO_tracebacktablesNone - MWCodeGen_MachO_processorGeneric - MWCodeGen_MachO_readonlystrings0 - MWCodeGen_MachO_profiler0 - MWCodeGen_MachO_fpcontract1 - MWCodeGen_MachO_schedule0 - MWCodeGen_MachO_peephole1 - MWCodeGen_MachO_processorspecific0 - MWCodeGen_MachO_altivec0 - MWCodeGen_MachO_vrsave1 - MWCodeGen_MachO_common0 - MWCodeGen_MachO_implicit_templates1 - - - MWDisassembler_PPC_showcode1 - MWDisassembler_PPC_extended1 - MWDisassembler_PPC_mix0 - MWDisassembler_PPC_nohex0 - MWDisassembler_PPC_showdata1 - MWDisassembler_PPC_showexceptions1 - MWDisassembler_PPC_showsym0 - MWDisassembler_PPC_shownames1 - - - GlobalOptimizer_PPC_optimizationlevelLevel0 - GlobalOptimizer_PPC_optforSpeed - - - MWLinker_PPC_linksym1 - MWLinker_PPC_symfullpath1 - MWLinker_PPC_linkmap0 - MWLinker_PPC_nolinkwarnings0 - MWLinker_PPC_dontdeadstripinitcode0 - MWLinker_PPC_permitmultdefs0 - MWLinker_PPC_linkmodeFast - MWLinker_PPC_initname - MWLinker_PPC_mainname - MWLinker_PPC_termname - - - MWLinker_MachO_exportsNone - MWLinker_MachO_mainnamestart - MWLinker_MachO_currentversion0 - MWLinker_MachO_compatibleversion0 - MWLinker_MachO_symfullpath0 - MWLinker_MachO_supresswarnings0 - MWLinker_MachO_multisymerror0 - MWLinker_MachO_prebind1 - MWLinker_MachO_deadstrip1 - MWLinker_MachO_objectivecsemantics0 - MWLinker_MachO_whichfileloaded0 - MWLinker_MachO_whyfileloaded0 - MWLinker_MachO_readonlyrelocsErrors - MWLinker_MachO_undefinedsymbolsErrors - MWLinker_MachO_twolevelnamespace1 - MWLinker_MachO_stripdebugsymbols0 - - - MWProject_MachO_typeExecutable - MWProject_MachO_outfilea.exe - MWProject_MachO_filecreator???? - MWProject_MachO_filetypeMEXE - MWProject_MachO_stacksize64 - MWProject_MachO_stackaddress0 - MWProject_MachO_flatrsrc1 - MWProject_MachO_flatrsrcfilenamea.rsrc - MWProject_MachO_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_MachO_installpath./ - - - MWPEF_exportsPragma - MWPEF_libfolder0 - MWPEF_sortcodeNone - MWPEF_expandbss0 - MWPEF_sharedata0 - MWPEF_olddefversion0 - MWPEF_oldimpversion0 - MWPEF_currentversion0 - MWPEF_fragmentname - MWPEF_collapsereloads0 - - - MWProject_PPC_typeLibrary - MWProject_PPC_outfileDBMDebug.o - MWProject_PPC_filecreator???? - MWProject_PPC_filetype???? - MWProject_PPC_size0 - MWProject_PPC_minsize0 - MWProject_PPC_stacksize0 - MWProject_PPC_flags0 - MWProject_PPC_symfilename - MWProject_PPC_rsrcname - MWProject_PPC_rsrcheaderNative - MWProject_PPC_rsrctype???? - MWProject_PPC_rsrcid0 - MWProject_PPC_rsrcflags0 - MWProject_PPC_rsrcstore0 - MWProject_PPC_rsrcmerge0 - MWProject_PPC_flatrsrc0 - MWProject_PPC_flatrsrcoutputdir - Path: - PathFormatMacOS - PathRootProject - - MWProject_PPC_flatrsrcfilename - - - MWAssembler_PPC_auxheader0 - MWAssembler_PPC_symmodeMac - MWAssembler_PPC_dialectPPC - MWAssembler_PPC_prefixfile - MWAssembler_PPC_typecheck0 - MWAssembler_PPC_warnings0 - MWAssembler_PPC_casesensitive0 - - - MWRez_Language_maxwidth80 - MWRez_Language_scriptRoman - MWRez_Language_alignmentAlign1 - MWRez_Language_filtermodeFilterSkip - MWRez_Language_suppresswarnings0 - MWRez_Language_escapecontrolchars1 - MWRez_Language_prefixname - MWRez_Language_filteredtypes'CODE' 'DATA' 'PICT' - - - MWWinRC_prefixname - - - MWCodeGen_X86_processorGeneric - MWCodeGen_X86_alignmentbytes8 - MWCodeGen_X86_exceptionsZeroOverhead - MWCodeGen_X86_extinst_mmx0 - MWCodeGen_X86_extinst_3dnow0 - MWCodeGen_X86_use_mmx_3dnow_convention0 - MWCodeGen_X86_machinecodelisting0 - MWCodeGen_X86_intrinsics0 - MWCodeGen_X86_syminfo0 - MWCodeGen_X86_codeviewinfo1 - MWCodeGen_X86_extinst_cmov_fcomi0 - MWCodeGen_X86_extinst_sse0 - - - PDisasmX86_showHeaderstrue - PDisasmX86_showSymTabtrue - PDisasmX86_showCodetrue - PDisasmX86_showSourcefalse - PDisasmX86_showHextrue - PDisasmX86_showRelocationtrue - PDisasmX86_showCommentsfalse - PDisasmX86_showDebugfalse - PDisasmX86_showExceptionsfalse - PDisasmX86_showDatatrue - PDisasmX86_showRawfalse - PDisasmX86_verbosefalse - - - MWDebugger_X86_Exceptions - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - 0 - - - - GlobalOptimizer_X86_optimizationlevelLevel0 - GlobalOptimizer_X86_optforSpeed - - - MWLinker_X86_entrypointusageDefault - MWLinker_X86_entrypoint - MWLinker_X86_subsystemWinGUI - MWLinker_X86_subsysmajorid4 - MWLinker_X86_subsysminorid0 - MWLinker_X86_usrmajorid0 - MWLinker_X86_usrminorid0 - MWLinker_X86_commandfile - MWLinker_X86_generatemap0 - MWLinker_X86_linksym0 - MWLinker_X86_linkCV1 - - - MWProject_X86_typeApplication - MWProject_X86_outfilenoname.exe - MWProject_X86_baseaddress4194304 - MWProject_X86_maxstacksize1024 - MWProject_X86_minstacksize4 - MWProject_X86_size1024 - MWProject_X86_minsize4 - MWProject_X86_importlib - xpidl Settings - 0001000101000000000000000000000000000000000000000000000000000000 - 0000000000000000 - - - - - Name - db.c - MacOS - Text - Debug - - - Name - hash.c - MacOS - Text - Debug - - - Name - hash_buf.c - MacOS - Text - Debug - - - Name - hsearch.c - MacOS - Text - Debug - - - Name - h_bigkey.c - MacOS - Text - Debug - - - Name - h_func.c - MacOS - Text - Debug - - - Name - h_log2.c - MacOS - Text - Debug - - - Name - h_page.c - MacOS - Text - Debug - - - Name - macstubs.c - MacOS - Text - Debug - - - - - Name - db.c - MacOS - - - Name - hash.c - MacOS - - - Name - hash_buf.c - MacOS - - - Name - hsearch.c - MacOS - - - Name - h_bigkey.c - MacOS - - - Name - h_func.c - MacOS - - - Name - h_log2.c - MacOS - - - Name - h_page.c - MacOS - - - Name - macstubs.c - MacOS - - - - - - - DBM.shlb - DBMDebug.shlb - DBM.o - DBMDebug.o - - - - dbm - - DBM.shlb - Name - db.c - MacOS - - - DBM.shlb - Name - h_bigkey.c - MacOS - - - DBM.shlb - Name - h_func.c - MacOS - - - DBM.shlb - Name - h_log2.c - MacOS - - - DBM.shlb - Name - h_page.c - MacOS - - - DBM.shlb - Name - hash.c - MacOS - - - DBM.shlb - Name - hash_buf.c - MacOS - - - DBM.shlb - Name - hsearch.c - MacOS - - - DBM.shlb - Name - macstubs.c - MacOS - - - Netscape Libraries - - DBM.shlb - Name - NSStdLibStubs - MacOS - - Optimized - - DBM.shlb - Name - NSRuntime.shlb - MacOS - - - DBM.shlb - Name - NSPR20.shlb - MacOS - - - DBM.shlb - Name - MoreFiles.shlb - MacOS - - - Debug - - DBMDebug.shlb - Name - NSRuntimeDebug.shlb - MacOS - - - DBMDebug.shlb - Name - NSPR20Debug.shlb - MacOS - - - DBMDebug.shlb - Name - MoreFilesDebug.shlb - MacOS - - - - Apple/Other Libs - - DBM.shlb - Name - MSL_ShLibRuntime_PPC.Lib - MacOS - - - DBM.shlb - Name - InterfacesStubs - MacOS - - - - - diff --git a/dbm/macbuild/DBMConfig.h b/dbm/macbuild/DBMConfig.h deleted file mode 100644 index e7ec911c68..0000000000 --- a/dbm/macbuild/DBMConfig.h +++ /dev/null @@ -1,23 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- - * - * The contents of this file are subject to the Netscape Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - */ - -#define __DBINTERFACE_PRIVATE 1 diff --git a/dbm/macbuild/DBMDebug.Prefix b/dbm/macbuild/DBMDebug.Prefix deleted file mode 100644 index 7d40bdad3f..0000000000 --- a/dbm/macbuild/DBMDebug.Prefix +++ /dev/null @@ -1,32 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- - * - * The contents of this file are subject to the Netscape Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - */ - -// -// DBMDebug.Prefix -// -// Global prefix file for the debug DBM project. -// -// - -#include "MacPrefix_debug.h" -#include "DBMConfig.h" - diff --git a/dbm/macbuild/macstubs.c b/dbm/macbuild/macstubs.c deleted file mode 100644 index bbfe69a549..0000000000 --- a/dbm/macbuild/macstubs.c +++ /dev/null @@ -1,8 +0,0 @@ - -// Hack to define a never-called routine from libdbm -#include "mcom_db.h" - -int mkstemp(const char* /*path*/) -{ - return -1; -} diff --git a/dbm/src/.cvsignore b/dbm/src/.cvsignore deleted file mode 100644 index f3c7a7c5da..0000000000 --- a/dbm/src/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -Makefile diff --git a/dbm/src/Makefile.in b/dbm/src/Makefile.in deleted file mode 100644 index 2898c52302..0000000000 --- a/dbm/src/Makefile.in +++ /dev/null @@ -1,78 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# - -DEPTH = ../.. -topsrcdir = @top_srcdir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -include $(DEPTH)/config/autoconf.mk - -LIBRARY_NAME = mozdbm_s -LIB_IS_C_ONLY = 1 - -ifeq ($(OS_ARCH),WINNT) -LIBRARY_NAME = dbm$(MOZ_BITS) -endif - -CSRCS = \ - db.c \ - h_bigkey.c \ - h_func.c \ - h_log2.c \ - h_page.c \ - hash.c \ - hash_buf.c \ - hsearch.c \ - mktemp.c \ - ndbm.c \ - strerror.c \ - nsres.c \ - $(NULL) - -ifeq ($(OS_ARCH),WINNT) -CSRCS += memmove.c snprintf.c -else -ifeq (,$(filter -DHAVE_MEMMOVE=1,$(DEFS))) -CSRCS += memmove.c -endif - -ifeq (,$(filter -DHAVE_SNPRINTF=1,$(DEFS))) -CSRCS += snprintf.c -endif -endif # WINNT - -LOCAL_INCLUDES = -I$(srcdir)/../include - -FORCE_STATIC_LIB = 1 -FORCE_USE_PIC = 1 - -include $(topsrcdir)/config/rules.mk - -DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG) -ifeq ($(OS_ARCH), Linux) -DEFINES += -D_BSD_SOURCE -endif - -ifeq ($(OS_ARCH),AIX) -OS_LIBS += -lc_r -endif - diff --git a/dbm/src/Makefile.win b/dbm/src/Makefile.win deleted file mode 100644 index 060a8c48ba..0000000000 --- a/dbm/src/Makefile.win +++ /dev/null @@ -1,96 +0,0 @@ -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): - - -#//------------------------------------------------------------------------ -#// -#// Makefile to build the cert library -#// -#//------------------------------------------------------------------------ - -!if "$(MOZ_BITS)" == "16" -!ifndef MOZ_DEBUG -OPTIMIZER=-Os -UDEBUG -DNDEBUG -!endif -!endif - -#//------------------------------------------------------------------------ -#// -#// Specify the depth of the current directory relative to the -#// root of NS -#// -#//------------------------------------------------------------------------ -DEPTH= ..\.. - -!ifndef MAKE_OBJ_TYPE -MAKE_OBJ_TYPE=EXE -!endif - -#//------------------------------------------------------------------------ -#// -#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...) -#// -#//------------------------------------------------------------------------ -LIBNAME=dbm$(MOZ_BITS) -PDBFILE=$(LIBNAME).pdb - -#//------------------------------------------------------------------------ -#// -#// Define the files necessary to build the target (ie. OBJS) -#// -#//------------------------------------------------------------------------ -OBJS= \ - .\$(OBJDIR)\db.obj \ - .\$(OBJDIR)\h_bigkey.obj \ - .\$(OBJDIR)\h_func.obj \ - .\$(OBJDIR)\h_log2.obj \ - .\$(OBJDIR)\h_page.obj \ - .\$(OBJDIR)\hash.obj \ - .\$(OBJDIR)\hash_buf.obj \ - .\$(OBJDIR)\hsearch.obj \ - .\$(OBJDIR)\memmove.obj \ - .\$(OBJDIR)\mktemp.obj \ - .\$(OBJDIR)\ndbm.obj \ - .\$(OBJDIR)\snprintf.obj \ - .\$(OBJDIR)\strerror.obj \ - .\$(OBJDIR)\nsres.obj \ - $(NULL) - -#//------------------------------------------------------------------------ -#// -#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...) -#// (these must be defined before the common makefiles are included) -#// -#//------------------------------------------------------------------------ -LIBRARY = .\$(OBJDIR)\$(LIBNAME).lib -LINCS = -I..\include - -#//------------------------------------------------------------------------ -#// -#// Include the common makefile rules -#// -#//------------------------------------------------------------------------ -include <$(DEPTH)/config/rules.mak> - -CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT -D__DBINTERFACE_PRIVATE - -install:: $(LIBRARY) - $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib - - diff --git a/dbm/src/db.c b/dbm/src/db.c deleted file mode 100644 index e4b1fff8fb..0000000000 --- a/dbm/src/db.c +++ /dev/null @@ -1,144 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)db.c 8.4 (Berkeley) 2/21/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#ifndef __DBINTERFACE_PRIVATE -#define __DBINTERFACE_PRIVATE -#endif -#ifdef macintosh -#include -#else -#include -#endif - -#include -#include -#include -#include - -#include "mcom_db.h" - -/* a global flag that locks closed all databases */ -int all_databases_locked_closed = 0; - -/* set or unset a global lock flag to disable the - * opening of any DBM file - */ -void -dbSetOrClearDBLock(DBLockFlagEnum type) -{ - if(type == LockOutDatabase) - all_databases_locked_closed = 1; - else - all_databases_locked_closed = 0; -} - -#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__) -DB * -#else -PR_IMPLEMENT(DB *) -#endif -dbopen(const char *fname, int flags,int mode, DBTYPE type, const void *openinfo) -{ - - /* lock out all file databases. Let in-memory databases through - */ - if(all_databases_locked_closed && fname) - { - errno = EINVAL; - return(NULL); - } - -#define DB_FLAGS (DB_LOCK | DB_SHMEM | DB_TXN) - - -#if 0 /* most systems dont have EXLOCK and SHLOCK */ -#define USE_OPEN_FLAGS \ - (O_CREAT | O_EXCL | O_EXLOCK | O_NONBLOCK | O_RDONLY | \ - O_RDWR | O_SHLOCK | O_TRUNC) -#else -#define USE_OPEN_FLAGS \ - (O_CREAT | O_EXCL | O_RDONLY | \ - O_RDWR | O_TRUNC) -#endif - - if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0) - switch (type) { -/* we don't need btree and recno right now */ -#if 0 - case DB_BTREE: - return (__bt_open(fname, flags & USE_OPEN_FLAGS, - mode, openinfo, flags & DB_FLAGS)); - case DB_RECNO: - return (__rec_open(fname, flags & USE_OPEN_FLAGS, - mode, openinfo, flags & DB_FLAGS)); -#endif - - case DB_HASH: - return (__hash_open(fname, flags & USE_OPEN_FLAGS, - mode, (const HASHINFO *)openinfo, flags & DB_FLAGS)); - default: - break; - } - errno = EINVAL; - return (NULL); -} - -static int -__dberr() -{ - return (RET_ERROR); -} - -/* - * __DBPANIC -- Stop. - * - * Parameters: - * dbp: pointer to the DB structure. - */ -void -__dbpanic(DB *dbp) -{ - /* The only thing that can succeed is a close. */ - dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr; - dbp->fd = (int (*)(const struct __db *))__dberr; - dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr; - dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr; - dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr; - dbp->sync = (int (*)(const struct __db *, uint))__dberr; -} diff --git a/dbm/src/h_bigkey.c b/dbm/src/h_bigkey.c deleted file mode 100644 index 855f107256..0000000000 --- a/dbm/src/h_bigkey.c +++ /dev/null @@ -1,713 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -/* - * PACKAGE: hash - * DESCRIPTION: - * Big key/data handling for the hashing package. - * - * ROUTINES: - * External - * __big_keydata - * __big_split - * __big_insert - * __big_return - * __big_delete - * __find_last_page - * Internal - * collect_key - * collect_data - */ - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP) -#include -#endif - -#include -#include -#include -#include - -#ifdef DEBUG -#include -#endif - -#include "mcom_db.h" -#include "hash.h" -#include "page.h" -/* #include "extern.h" */ - -static int collect_key __P((HTAB *, BUFHEAD *, int, DBT *, int)); -static int collect_data __P((HTAB *, BUFHEAD *, int, int)); - -/* - * Big_insert - * - * You need to do an insert and the key/data pair is too big - * - * Returns: - * 0 ==> OK - *-1 ==> ERROR - */ -extern int -__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) -{ - register uint16 *p; - uint key_size, n, val_size; - uint16 space, move_bytes, off; - char *cp, *key_data, *val_data; - - cp = bufp->page; /* Character pointer of p. */ - p = (uint16 *)cp; - - key_data = (char *)key->data; - key_size = key->size; - val_data = (char *)val->data; - val_size = val->size; - - /* First move the Key */ - for (space = FREESPACE(p) - BIGOVERHEAD; key_size; - space = FREESPACE(p) - BIGOVERHEAD) { - move_bytes = PR_MIN(space, key_size); - off = OFFSET(p) - move_bytes; - memmove(cp + off, key_data, move_bytes); - key_size -= move_bytes; - key_data += move_bytes; - n = p[0]; - p[++n] = off; - p[0] = ++n; - FREESPACE(p) = off - PAGE_META(n); - OFFSET(p) = off; - p[n] = PARTIAL_KEY; - bufp = __add_ovflpage(hashp, bufp); - if (!bufp) - return (-1); - n = p[0]; - if (!key_size) { - if (FREESPACE(p)) { - move_bytes = PR_MIN(FREESPACE(p), val_size); - off = OFFSET(p) - move_bytes; - p[n] = off; - memmove(cp + off, val_data, move_bytes); - val_data += move_bytes; - val_size -= move_bytes; - p[n - 2] = FULL_KEY_DATA; - FREESPACE(p) = FREESPACE(p) - move_bytes; - OFFSET(p) = off; - } else - p[n - 2] = FULL_KEY; - } - p = (uint16 *)bufp->page; - cp = bufp->page; - bufp->flags |= BUF_MOD; - } - - /* Now move the data */ - for (space = FREESPACE(p) - BIGOVERHEAD; val_size; - space = FREESPACE(p) - BIGOVERHEAD) { - move_bytes = PR_MIN(space, val_size); - /* - * Here's the hack to make sure that if the data ends on the - * same page as the key ends, FREESPACE is at least one. - */ - if (space == val_size && val_size == val->size) - move_bytes--; - off = OFFSET(p) - move_bytes; - memmove(cp + off, val_data, move_bytes); - val_size -= move_bytes; - val_data += move_bytes; - n = p[0]; - p[++n] = off; - p[0] = ++n; - FREESPACE(p) = off - PAGE_META(n); - OFFSET(p) = off; - if (val_size) { - p[n] = FULL_KEY; - bufp = __add_ovflpage(hashp, bufp); - if (!bufp) - return (-1); - cp = bufp->page; - p = (uint16 *)cp; - } else - p[n] = FULL_KEY_DATA; - bufp->flags |= BUF_MOD; - } - return (0); -} - -/* - * Called when bufp's page contains a partial key (index should be 1) - * - * All pages in the big key/data pair except bufp are freed. We cannot - * free bufp because the page pointing to it is lost and we can't get rid - * of its pointer. - * - * Returns: - * 0 => OK - *-1 => ERROR - */ -extern int -__big_delete(HTAB *hashp, BUFHEAD *bufp) -{ - register BUFHEAD *last_bfp, *rbufp; - uint16 *bp, pageno; - int key_done, n; - - rbufp = bufp; - last_bfp = NULL; - bp = (uint16 *)bufp->page; - pageno = 0; - key_done = 0; - - while (!key_done || (bp[2] != FULL_KEY_DATA)) { - if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) - key_done = 1; - - /* - * If there is freespace left on a FULL_KEY_DATA page, then - * the data is short and fits entirely on this page, and this - * is the last page. - */ - if (bp[2] == FULL_KEY_DATA && FREESPACE(bp)) - break; - pageno = bp[bp[0] - 1]; - rbufp->flags |= BUF_MOD; - rbufp = __get_buf(hashp, pageno, rbufp, 0); - if (last_bfp) - __free_ovflpage(hashp, last_bfp); - last_bfp = rbufp; - if (!rbufp) - return (-1); /* Error. */ - bp = (uint16 *)rbufp->page; - } - - /* - * If we get here then rbufp points to the last page of the big - * key/data pair. Bufp points to the first one -- it should now be - * empty pointing to the next page after this pair. Can't free it - * because we don't have the page pointing to it. - */ - - /* This is information from the last page of the pair. */ - n = bp[0]; - pageno = bp[n - 1]; - - /* Now, bp is the first page of the pair. */ - bp = (uint16 *)bufp->page; - if (n > 2) { - /* There is an overflow page. */ - bp[1] = pageno; - bp[2] = OVFLPAGE; - bufp->ovfl = rbufp->ovfl; - } else - /* This is the last page. */ - bufp->ovfl = NULL; - n -= 2; - bp[0] = n; - FREESPACE(bp) = hashp->BSIZE - PAGE_META(n); - OFFSET(bp) = hashp->BSIZE - 1; - - bufp->flags |= BUF_MOD; - if (rbufp) - __free_ovflpage(hashp, rbufp); - if (last_bfp != rbufp) - __free_ovflpage(hashp, last_bfp); - - hashp->NKEYS--; - return (0); -} -/* - * Returns: - * 0 = key not found - * -1 = get next overflow page - * -2 means key not found and this is big key/data - * -3 error - */ -extern int -__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size) -{ - register uint16 *bp; - register char *p; - int ksize; - uint16 bytes; - char *kkey; - - bp = (uint16 *)bufp->page; - p = bufp->page; - ksize = size; - kkey = key; - - for (bytes = hashp->BSIZE - bp[ndx]; - bytes <= size && bp[ndx + 1] == PARTIAL_KEY; - bytes = hashp->BSIZE - bp[ndx]) { - if (memcmp(p + bp[ndx], kkey, bytes)) - return (-2); - kkey += bytes; - ksize -= bytes; - bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0); - if (!bufp) - return (-3); - p = bufp->page; - bp = (uint16 *)p; - ndx = 1; - } - - if (bytes != ksize || memcmp(p + bp[ndx], kkey, bytes)) { -#ifdef HASH_STATISTICS - ++hash_collisions; -#endif - return (-2); - } else - return (ndx); -} - -/* - * Given the buffer pointer of the first overflow page of a big pair, - * find the end of the big pair - * - * This will set bpp to the buffer header of the last page of the big pair. - * It will return the pageno of the overflow page following the last page - * of the pair; 0 if there isn't any (i.e. big pair is the last key in the - * bucket) - */ -extern uint16 -__find_last_page(HTAB *hashp, BUFHEAD **bpp) -{ - BUFHEAD *bufp; - uint16 *bp, pageno; - uint n; - - bufp = *bpp; - bp = (uint16 *)bufp->page; - for (;;) { - n = bp[0]; - - /* - * This is the last page if: the tag is FULL_KEY_DATA and - * either only 2 entries OVFLPAGE marker is explicit there - * is freespace on the page. - */ - if (bp[2] == FULL_KEY_DATA && - ((n == 2) || (bp[n] == OVFLPAGE) || (FREESPACE(bp)))) - break; - - /* LJM bound the size of n to reasonable limits - */ - if(n > hashp->BSIZE/sizeof(uint16)) - return(0); - - pageno = bp[n - 1]; - bufp = __get_buf(hashp, pageno, bufp, 0); - if (!bufp) - return (0); /* Need to indicate an error! */ - bp = (uint16 *)bufp->page; - } - - *bpp = bufp; - if (bp[0] > 2) - return (bp[3]); - else - return (0); -} - -/* - * Return the data for the key/data pair that begins on this page at this - * index (index should always be 1). - */ -extern int -__big_return( - HTAB *hashp, - BUFHEAD *bufp, - int ndx, - DBT *val, - int set_current) -{ - BUFHEAD *save_p; - uint16 *bp, len, off, save_addr; - char *tp; - int save_flags; - - bp = (uint16 *)bufp->page; - while (bp[ndx + 1] == PARTIAL_KEY) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!bufp) - return (-1); - bp = (uint16 *)bufp->page; - ndx = 1; - } - - if (bp[ndx + 1] == FULL_KEY) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!bufp) - return (-1); - bp = (uint16 *)bufp->page; - save_p = bufp; - save_addr = save_p->addr; - off = bp[1]; - len = 0; - } else - if (!FREESPACE(bp)) { - /* - * This is a hack. We can't distinguish between - * FULL_KEY_DATA that contains complete data or - * incomplete data, so we require that if the data - * is complete, there is at least 1 byte of free - * space left. - */ - off = bp[bp[0]]; - len = bp[1] - off; - save_p = bufp; - save_addr = bufp->addr; - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!bufp) - return (-1); - bp = (uint16 *)bufp->page; - } else { - /* The data is all on one page. */ - tp = (char *)bp; - off = bp[bp[0]]; - val->data = (uint8 *)tp + off; - val->size = bp[1] - off; - if (set_current) { - if (bp[0] == 2) { /* No more buckets in - * chain */ - hashp->cpage = NULL; - hashp->cbucket++; - hashp->cndx = 1; - } else { - hashp->cpage = __get_buf(hashp, - bp[bp[0] - 1], bufp, 0); - if (!hashp->cpage) - return (-1); - hashp->cndx = 1; - if (!((uint16 *) - hashp->cpage->page)[0]) { - hashp->cbucket++; - hashp->cpage = NULL; - } - } - } - return (0); - } - - /* pin our saved buf so that we don't lose if - * we run out of buffers */ - save_flags = save_p->flags; - save_p->flags |= BUF_PIN; - val->size = collect_data(hashp, bufp, (int)len, set_current); - save_p->flags = save_flags; - if (val->size == (size_t)-1) - return (-1); - if (save_p->addr != save_addr) { - /* We are pretty short on buffers. */ - errno = EINVAL; /* OUT OF BUFFERS */ - return (-1); - } - memmove(hashp->tmp_buf, (save_p->page) + off, len); - val->data = (uint8 *)hashp->tmp_buf; - return (0); -} - - -/* - * Count how big the total datasize is by looping through the pages. Then - * allocate a buffer and copy the data in the second loop. NOTE: Our caller - * may already have a bp which it is holding onto. The caller is - * responsible for copying that bp into our temp buffer. 'len' is how much - * space to reserve for that buffer. - */ -static int -collect_data( - HTAB *hashp, - BUFHEAD *bufp, - int len, int set) -{ - register uint16 *bp; - BUFHEAD *save_bufp; - int save_flags; - int mylen, totlen; - - /* - * save the input buf head because we need to walk the list twice. - * pin it to make sure it doesn't leave the buffer pool. - * This has the effect of growing the buffer pool if necessary. - */ - save_bufp = bufp; - save_flags = save_bufp->flags; - save_bufp->flags |= BUF_PIN; - - /* read the length of the buffer */ - for (totlen = len; bufp ; bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) { - bp = (uint16 *)bufp->page; - mylen = hashp->BSIZE - bp[1]; - - /* if mylen ever goes negative it means that the - * page is screwed up. - */ - if (mylen < 0) { - save_bufp->flags = save_flags; - return (-1); - } - totlen += mylen; - if (bp[2] == FULL_KEY_DATA) { /* End of Data */ - break; - } - } - - if (!bufp) { - save_bufp->flags = save_flags; - return (-1); - } - - /* allocate a temp buf */ - if (hashp->tmp_buf) - free(hashp->tmp_buf); - if ((hashp->tmp_buf = (char *)malloc((size_t)totlen)) == NULL) { - save_bufp->flags = save_flags; - return (-1); - } - - /* copy the buffers back into temp buf */ - for (bufp = save_bufp; bufp ; - bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) { - bp = (uint16 *)bufp->page; - mylen = hashp->BSIZE - bp[1]; - memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen); - len += mylen; - if (bp[2] == FULL_KEY_DATA) { - break; - } - } - - /* 'clear' the pin flags */ - save_bufp->flags = save_flags; - - /* update the database cursor */ - if (set) { - hashp->cndx = 1; - if (bp[0] == 2) { /* No more buckets in chain */ - hashp->cpage = NULL; - hashp->cbucket++; - } else { - hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!hashp->cpage) - return (-1); - else if (!((uint16 *)hashp->cpage->page)[0]) { - hashp->cbucket++; - hashp->cpage = NULL; - } - } - } - return (totlen); -} - -/* - * Fill in the key and data for this big pair. - */ -extern int -__big_keydata( - HTAB *hashp, - BUFHEAD *bufp, - DBT *key, DBT *val, - int set) -{ - key->size = collect_key(hashp, bufp, 0, val, set); - if (key->size == (size_t)-1) - return (-1); - key->data = (uint8 *)hashp->tmp_key; - return (0); -} - -/* - * Count how big the total key size is by recursing through the pages. Then - * collect the data, allocate a buffer and copy the key as you recurse up. - */ -static int -collect_key( - HTAB *hashp, - BUFHEAD *bufp, - int len, - DBT *val, - int set) -{ - BUFHEAD *xbp; - char *p; - int mylen, totlen; - uint16 *bp, save_addr; - - p = bufp->page; - bp = (uint16 *)p; - mylen = hashp->BSIZE - bp[1]; - - save_addr = bufp->addr; - totlen = len + mylen; - if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) { /* End of Key. */ - if (hashp->tmp_key != NULL) - free(hashp->tmp_key); - if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL) - return (-1); - if (__big_return(hashp, bufp, 1, val, set)) - return (-1); - } else { - xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!xbp || ((totlen = - collect_key(hashp, xbp, totlen, val, set)) < 1)) - return (-1); - } - if (bufp->addr != save_addr) { - errno = EINVAL; /* MIS -- OUT OF BUFFERS */ - return (-1); - } - memmove(&hashp->tmp_key[len], (bufp->page) + bp[1], (size_t)mylen); - return (totlen); -} - -/* - * Returns: - * 0 => OK - * -1 => error - */ -extern int -__big_split( - HTAB *hashp, - BUFHEAD *op, /* Pointer to where to put keys that go in old bucket */ - BUFHEAD *np, /* Pointer to new bucket page */ - /* Pointer to first page containing the big key/data */ - BUFHEAD *big_keyp, - uint32 addr, /* Address of big_keyp */ - uint32 obucket,/* Old Bucket */ - SPLIT_RETURN *ret) -{ - register BUFHEAD *tmpp; - register uint16 *tp; - BUFHEAD *bp; - DBT key, val; - uint32 change; - uint16 free_space, n, off; - - bp = big_keyp; - - /* Now figure out where the big key/data goes */ - if (__big_keydata(hashp, big_keyp, &key, &val, 0)) - return (-1); - change = (__call_hash(hashp,(char*) key.data, key.size) != obucket); - - if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) { - if (!(ret->nextp = - __get_buf(hashp, ret->next_addr, big_keyp, 0))) - return (-1);; - } else - ret->nextp = NULL; - - /* Now make one of np/op point to the big key/data pair */ -#ifdef DEBUG - assert(np->ovfl == NULL); -#endif - if (change) - tmpp = np; - else - tmpp = op; - - tmpp->flags |= BUF_MOD; -#ifdef DEBUG1 - (void)fprintf(stderr, - "BIG_SPLIT: %d->ovfl was %d is now %d\n", tmpp->addr, - (tmpp->ovfl ? tmpp->ovfl->addr : 0), (bp ? bp->addr : 0)); -#endif - tmpp->ovfl = bp; /* one of op/np point to big_keyp */ - tp = (uint16 *)tmpp->page; - - -#if 0 /* this get's tripped on database corrupted error */ - assert(FREESPACE(tp) >= OVFLSIZE); -#endif - if(FREESPACE(tp) < OVFLSIZE) - return(DATABASE_CORRUPTED_ERROR); - - n = tp[0]; - off = OFFSET(tp); - free_space = FREESPACE(tp); - tp[++n] = (uint16)addr; - tp[++n] = OVFLPAGE; - tp[0] = n; - OFFSET(tp) = off; - FREESPACE(tp) = free_space - OVFLSIZE; - - /* - * Finally, set the new and old return values. BIG_KEYP contains a - * pointer to the last page of the big key_data pair. Make sure that - * big_keyp has no following page (2 elements) or create an empty - * following page. - */ - - ret->newp = np; - ret->oldp = op; - - tp = (uint16 *)big_keyp->page; - big_keyp->flags |= BUF_MOD; - if (tp[0] > 2) { - /* - * There may be either one or two offsets on this page. If - * there is one, then the overflow page is linked on normally - * and tp[4] is OVFLPAGE. If there are two, tp[4] contains - * the second offset and needs to get stuffed in after the - * next overflow page is added. - */ - n = tp[4]; - free_space = FREESPACE(tp); - off = OFFSET(tp); - tp[0] -= 2; - FREESPACE(tp) = free_space + OVFLSIZE; - OFFSET(tp) = off; - tmpp = __add_ovflpage(hashp, big_keyp); - if (!tmpp) - return (-1); - tp[4] = n; - } else - tmpp = big_keyp; - - if (change) - ret->newp = tmpp; - else - ret->oldp = tmpp; - return (0); -} diff --git a/dbm/src/h_func.c b/dbm/src/h_func.c deleted file mode 100644 index 5819efe234..0000000000 --- a/dbm/src/h_func.c +++ /dev/null @@ -1,211 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#ifndef macintosh -#include -#endif -#include "mcom_db.h" -#include "hash.h" -#include "page.h" -/* #include "extern.h" */ - -#if 0 -static uint32 hash1 __P((const void *, size_t)); -static uint32 hash2 __P((const void *, size_t)); -static uint32 hash3 __P((const void *, size_t)); -#endif -static uint32 hash4 __P((const void *, size_t)); - -/* Global default hash function */ -uint32 (*__default_hash) __P((const void *, size_t)) = hash4; - -/* - * HASH FUNCTIONS - * - * Assume that we've already split the bucket to which this key hashes, - * calculate that bucket, and check that in fact we did already split it. - * - * This came from ejb's hsearch. - */ - -#define PRIME1 37 -#define PRIME2 1048583 - -#if 0 -static uint32 -hash1(const void *keyarg, register size_t len) -{ - register const uint8 *key; - register uint32 h; - - /* Convert string to integer */ - for (key = (const uint8 *)keyarg, h = 0; len--;) - h = h * PRIME1 ^ (*key++ - ' '); - h %= PRIME2; - return (h); -} - -/* - * Phong's linear congruential hash - */ -#define dcharhash(h, c) ((h) = 0x63c63cd9*(h) + 0x9c39c33d + (c)) - -static uint32 -hash2(const void *keyarg, size_t len) -{ - register const uint8 *e, *key; - register uint32 h; - register uint8 c; - - key = (const uint8 *)keyarg; - e = key + len; - for (h = 0; key != e;) { - c = *key++; - if (!c && key > e) - break; - dcharhash(h, c); - } - return (h); -} - -/* - * This is INCREDIBLY ugly, but fast. We break the string up into 8 byte - * units. On the first time through the loop we get the "leftover bytes" - * (strlen % 8). On every other iteration, we perform 8 HASHC's so we handle - * all 8 bytes. Essentially, this saves us 7 cmp & branch instructions. If - * this routine is heavily used enough, it's worth the ugly coding. - * - * OZ's original sdbm hash - */ -static uint32 -hash3(const void *keyarg, register size_t len) -{ - register const uint8 *key; - register size_t loop; - register uint32 h; - -#define HASHC h = *key++ + 65599 * h - - h = 0; - key = (const uint8 *)keyarg; - if (len > 0) { - loop = (len + 8 - 1) >> 3; - - switch (len & (8 - 1)) { - case 0: - do { - HASHC; - /* FALLTHROUGH */ - case 7: - HASHC; - /* FALLTHROUGH */ - case 6: - HASHC; - /* FALLTHROUGH */ - case 5: - HASHC; - /* FALLTHROUGH */ - case 4: - HASHC; - /* FALLTHROUGH */ - case 3: - HASHC; - /* FALLTHROUGH */ - case 2: - HASHC; - /* FALLTHROUGH */ - case 1: - HASHC; - } while (--loop); - } - } - return (h); -} -#endif /* 0 */ - -/* Hash function from Chris Torek. */ -static uint32 -hash4(const void *keyarg, register size_t len) -{ - register const uint8 *key; - register size_t loop; - register uint32 h; - -#define HASH4a h = (h << 5) - h + *key++; -#define HASH4b h = (h << 5) + h + *key++; -#define HASH4 HASH4b - - h = 0; - key = (const uint8 *)keyarg; - if (len > 0) { - loop = (len + 8 - 1) >> 3; - - switch (len & (8 - 1)) { - case 0: - do { - HASH4; - /* FALLTHROUGH */ - case 7: - HASH4; - /* FALLTHROUGH */ - case 6: - HASH4; - /* FALLTHROUGH */ - case 5: - HASH4; - /* FALLTHROUGH */ - case 4: - HASH4; - /* FALLTHROUGH */ - case 3: - HASH4; - /* FALLTHROUGH */ - case 2: - HASH4; - /* FALLTHROUGH */ - case 1: - HASH4; - } while (--loop); - } - } - return (h); -} diff --git a/dbm/src/h_log2.c b/dbm/src/h_log2.c deleted file mode 100644 index 4d8b0a7156..0000000000 --- a/dbm/src/h_log2.c +++ /dev/null @@ -1,56 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#include -#ifndef macintosh -#include -#endif -#include "mcom_db.h" - -uint32 __log2(uint32 num) -{ - register uint32 i, limit; - - limit = 1; - for (i = 0; limit < num; limit = limit << 1, i++) {} - return (i); -} diff --git a/dbm/src/h_page.c b/dbm/src/h_page.c deleted file mode 100644 index e11ad9451b..0000000000 --- a/dbm/src/h_page.c +++ /dev/null @@ -1,1290 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(unix) -#define MY_LSEEK lseek -#else -#define MY_LSEEK new_lseek -extern long new_lseek(int fd, long pos, int start); -#endif - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -/* - * PACKAGE: hashing - * - * DESCRIPTION: - * Page manipulation for hashing package. - * - * ROUTINES: - * - * External - * __get_page - * __add_ovflpage - * Internal - * overflow_page - * open_temp - */ -#ifndef macintosh -#include -#endif - -#if defined(macintosh) -#include -#endif - -#include -#include -#if defined(_WIN32) || defined(_WINDOWS) -#include -#endif -#include -#include -#include -#include - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP) -#include -#endif - -#include - -#include "mcom_db.h" -#include "hash.h" -#include "page.h" -/* #include "extern.h" */ - -extern int mkstempflags(char *path, int extraFlags); - -static uint32 *fetch_bitmap __P((HTAB *, uint32)); -static uint32 first_free __P((uint32)); -static int open_temp __P((HTAB *)); -static uint16 overflow_page __P((HTAB *)); -static void squeeze_key __P((uint16 *, const DBT *, const DBT *)); -static int ugly_split - __P((HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int)); - -#define PAGE_INIT(P) { \ - ((uint16 *)(P))[0] = 0; \ - ((uint16 *)(P))[1] = hashp->BSIZE - 3 * sizeof(uint16); \ - ((uint16 *)(P))[2] = hashp->BSIZE; \ -} - -/* implement a new lseek using lseek that - * writes zero's when extending a file - * beyond the end. - */ -long new_lseek(int fd, long offset, int origin) -{ - long cur_pos=0; - long end_pos=0; - long seek_pos=0; - - if(origin == SEEK_CUR) - { - if(offset < 1) - return(lseek(fd, offset, SEEK_CUR)); - - cur_pos = lseek(fd, 0, SEEK_CUR); - - if(cur_pos < 0) - return(cur_pos); - } - - end_pos = lseek(fd, 0, SEEK_END); - if(end_pos < 0) - return(end_pos); - - if(origin == SEEK_SET) - seek_pos = offset; - else if(origin == SEEK_CUR) - seek_pos = cur_pos + offset; - else if(origin == SEEK_END) - seek_pos = end_pos + offset; - else - { - assert(0); - return(-1); - } - - /* the seek position desired is before the - * end of the file. We don't need - * to do anything special except the seek. - */ - if(seek_pos <= end_pos) - return(lseek(fd, seek_pos, SEEK_SET)); - - /* the seek position is beyond the end of the - * file. Write zero's to the end. - * - * we are already at the end of the file so - * we just need to "write()" zeros for the - * difference between seek_pos-end_pos and - * then seek to the position to finish - * the call - */ - { - char buffer[1024]; - long len = seek_pos-end_pos; - memset(&buffer, 0, 1024); - while(len > 0) - { - write(fd, (char*)&buffer, (size_t)(1024 > len ? len : 1024)); - len -= 1024; - } - return(lseek(fd, seek_pos, SEEK_SET)); - } - -} - -/* - * This is called AFTER we have verified that there is room on the page for - * the pair (PAIRFITS has returned true) so we go right ahead and start moving - * stuff on. - */ -static void -putpair(char *p, const DBT *key, DBT * val) -{ - register uint16 *bp, n, off; - - bp = (uint16 *)p; - - /* Enter the key first. */ - n = bp[0]; - - off = OFFSET(bp) - key->size; - memmove(p + off, key->data, key->size); - bp[++n] = off; - - /* Now the data. */ - off -= val->size; - memmove(p + off, val->data, val->size); - bp[++n] = off; - - /* Adjust page info. */ - bp[0] = n; - bp[n + 1] = off - ((n + 3) * sizeof(uint16)); - bp[n + 2] = off; -} - -/* - * Returns: - * 0 OK - * -1 error - */ -extern int -__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx) -{ - register uint16 *bp, newoff; - register int n; - uint16 pairlen; - - bp = (uint16 *)bufp->page; - n = bp[0]; - - if (bp[ndx + 1] < REAL_KEY) - return (__big_delete(hashp, bufp)); - if (ndx != 1) - newoff = bp[ndx - 1]; - else - newoff = hashp->BSIZE; - pairlen = newoff - bp[ndx + 1]; - - if (ndx != (n - 1)) { - /* Hard Case -- need to shuffle keys */ - register int i; - register char *src = bufp->page + (int)OFFSET(bp); - uint32 dst_offset = (uint32)OFFSET(bp) + (uint32)pairlen; - register char *dst = bufp->page + dst_offset; - uint32 length = bp[ndx + 1] - OFFSET(bp); - - /* - * +-----------+XXX+---------+XXX+---------+---------> +infinity - * | | | | - * 0 src_offset dst_offset BSIZE - * - * Dst_offset is > src_offset, so if src_offset were bad, dst_offset - * would be too, therefore we check only dst_offset. - * - * If dst_offset is >= BSIZE, either OFFSET(bp), or pairlen, or both - * is corrupted. - * - * Once we know dst_offset is < BSIZE, we can subtract it from BSIZE - * to get an upper bound on length. - */ - if(dst_offset > (uint32)hashp->BSIZE) - return(DATABASE_CORRUPTED_ERROR); - - if(length > (uint32)(hashp->BSIZE - dst_offset)) - return(DATABASE_CORRUPTED_ERROR); - - memmove(dst, src, length); - - /* Now adjust the pointers */ - for (i = ndx + 2; i <= n; i += 2) { - if (bp[i + 1] == OVFLPAGE) { - bp[i - 2] = bp[i]; - bp[i - 1] = bp[i + 1]; - } else { - bp[i - 2] = bp[i] + pairlen; - bp[i - 1] = bp[i + 1] + pairlen; - } - } - } - /* Finally adjust the page data */ - bp[n] = OFFSET(bp) + pairlen; - bp[n - 1] = bp[n + 1] + pairlen + 2 * sizeof(uint16); - bp[0] = n - 2; - hashp->NKEYS--; - - bufp->flags |= BUF_MOD; - return (0); -} -/* - * Returns: - * 0 ==> OK - * -1 ==> Error - */ -extern int -__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket) -{ - register BUFHEAD *new_bufp, *old_bufp; - register uint16 *ino; - register uint16 *tmp_uint16_array; - register char *np; - DBT key, val; - uint16 n, ndx; - int retval; - uint16 copyto, diff, moved; - size_t off; - char *op; - - copyto = (uint16)hashp->BSIZE; - off = (uint16)hashp->BSIZE; - old_bufp = __get_buf(hashp, obucket, NULL, 0); - if (old_bufp == NULL) - return (-1); - new_bufp = __get_buf(hashp, nbucket, NULL, 0); - if (new_bufp == NULL) - return (-1); - - old_bufp->flags |= (BUF_MOD | BUF_PIN); - new_bufp->flags |= (BUF_MOD | BUF_PIN); - - ino = (uint16 *)(op = old_bufp->page); - np = new_bufp->page; - - moved = 0; - - for (n = 1, ndx = 1; n < ino[0]; n += 2) { - if (ino[n + 1] < REAL_KEY) { - retval = ugly_split(hashp, obucket, old_bufp, new_bufp, - (int)copyto, (int)moved); - old_bufp->flags &= ~BUF_PIN; - new_bufp->flags &= ~BUF_PIN; - return (retval); - - } - key.data = (uint8 *)op + ino[n]; - - /* check here for ino[n] being greater than - * off. If it is then the database has - * been corrupted. - */ - if(ino[n] > off) - return(DATABASE_CORRUPTED_ERROR); - - key.size = off - ino[n]; - -#ifdef DEBUG - /* make sure the size is positive */ - assert(((int)key.size) > -1); -#endif - - if (__call_hash(hashp, (char *)key.data, key.size) == obucket) { - /* Don't switch page */ - diff = copyto - off; - if (diff) { - copyto = ino[n + 1] + diff; - memmove(op + copyto, op + ino[n + 1], - off - ino[n + 1]); - ino[ndx] = copyto + ino[n] - ino[n + 1]; - ino[ndx + 1] = copyto; - } else - copyto = ino[n + 1]; - ndx += 2; - } else { - /* Switch page */ - val.data = (uint8 *)op + ino[n + 1]; - val.size = ino[n] - ino[n + 1]; - - /* if the pair doesn't fit something is horribly - * wrong. LJM - */ - tmp_uint16_array = (uint16*)np; - if(!PAIRFITS(tmp_uint16_array, &key, &val)) - return(DATABASE_CORRUPTED_ERROR); - - putpair(np, &key, &val); - moved += 2; - } - - off = ino[n + 1]; - } - - /* Now clean up the page */ - ino[0] -= moved; - FREESPACE(ino) = copyto - sizeof(uint16) * (ino[0] + 3); - OFFSET(ino) = copyto; - -#ifdef DEBUG3 - (void)fprintf(stderr, "split %d/%d\n", - ((uint16 *)np)[0] / 2, - ((uint16 *)op)[0] / 2); -#endif - /* unpin both pages */ - old_bufp->flags &= ~BUF_PIN; - new_bufp->flags &= ~BUF_PIN; - return (0); -} - -/* - * Called when we encounter an overflow or big key/data page during split - * handling. This is special cased since we have to begin checking whether - * the key/data pairs fit on their respective pages and because we may need - * overflow pages for both the old and new pages. - * - * The first page might be a page with regular key/data pairs in which case - * we have a regular overflow condition and just need to go on to the next - * page or it might be a big key/data pair in which case we need to fix the - * big key/data pair. - * - * Returns: - * 0 ==> success - * -1 ==> failure - */ - -/* the maximum number of loops we will allow UGLY split to chew - * on before we assume the database is corrupted and throw it - * away. - */ -#define MAX_UGLY_SPLIT_LOOPS 10000 - -static int -ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, - BUFHEAD *new_bufp,/* Same as __split_page. */ int copyto, int moved) - /* int copyto; First byte on page which contains key/data values. */ - /* int moved; Number of pairs moved to new page. */ -{ - register BUFHEAD *bufp; /* Buffer header for ino */ - register uint16 *ino; /* Page keys come off of */ - register uint16 *np; /* New page */ - register uint16 *op; /* Page keys go on to if they aren't moving */ - uint32 loop_detection=0; - - BUFHEAD *last_bfp; /* Last buf header OVFL needing to be freed */ - DBT key, val; - SPLIT_RETURN ret; - uint16 n, off, ov_addr, scopyto; - char *cino; /* Character value of ino */ - int status; - - bufp = old_bufp; - ino = (uint16 *)old_bufp->page; - np = (uint16 *)new_bufp->page; - op = (uint16 *)old_bufp->page; - last_bfp = NULL; - scopyto = (uint16)copyto; /* ANSI */ - - n = ino[0] - 1; - while (n < ino[0]) { - - - /* this function goes nuts sometimes and never returns. - * I havent found the problem yet but I need a solution - * so if we loop too often we assume a database curruption error - * :LJM - */ - loop_detection++; - - if(loop_detection > MAX_UGLY_SPLIT_LOOPS) - return DATABASE_CORRUPTED_ERROR; - - if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) { - if ((status = __big_split(hashp, old_bufp, - new_bufp, bufp, bufp->addr, obucket, &ret))) - return (status); - old_bufp = ret.oldp; - if (!old_bufp) - return (-1); - op = (uint16 *)old_bufp->page; - new_bufp = ret.newp; - if (!new_bufp) - return (-1); - np = (uint16 *)new_bufp->page; - bufp = ret.nextp; - if (!bufp) - return (0); - cino = (char *)bufp->page; - ino = (uint16 *)cino; - last_bfp = ret.nextp; - } else if (ino[n + 1] == OVFLPAGE) { - ov_addr = ino[n]; - /* - * Fix up the old page -- the extra 2 are the fields - * which contained the overflow information. - */ - ino[0] -= (moved + 2); - FREESPACE(ino) = - scopyto - sizeof(uint16) * (ino[0] + 3); - OFFSET(ino) = scopyto; - - bufp = __get_buf(hashp, ov_addr, bufp, 0); - if (!bufp) - return (-1); - - ino = (uint16 *)bufp->page; - n = 1; - scopyto = hashp->BSIZE; - moved = 0; - - if (last_bfp) - __free_ovflpage(hashp, last_bfp); - last_bfp = bufp; - } - /* Move regular sized pairs of there are any */ - off = hashp->BSIZE; - for (n = 1; (n < ino[0]) && (ino[n + 1] >= REAL_KEY); n += 2) { - cino = (char *)ino; - key.data = (uint8 *)cino + ino[n]; - key.size = off - ino[n]; - val.data = (uint8 *)cino + ino[n + 1]; - val.size = ino[n] - ino[n + 1]; - off = ino[n + 1]; - - if (__call_hash(hashp, (char*)key.data, key.size) == obucket) { - /* Keep on old page */ - if (PAIRFITS(op, (&key), (&val))) - putpair((char *)op, &key, &val); - else { - old_bufp = - __add_ovflpage(hashp, old_bufp); - if (!old_bufp) - return (-1); - op = (uint16 *)old_bufp->page; - putpair((char *)op, &key, &val); - } - old_bufp->flags |= BUF_MOD; - } else { - /* Move to new page */ - if (PAIRFITS(np, (&key), (&val))) - putpair((char *)np, &key, &val); - else { - new_bufp = - __add_ovflpage(hashp, new_bufp); - if (!new_bufp) - return (-1); - np = (uint16 *)new_bufp->page; - putpair((char *)np, &key, &val); - } - new_bufp->flags |= BUF_MOD; - } - } - } - if (last_bfp) - __free_ovflpage(hashp, last_bfp); - return (0); -} - -/* - * Add the given pair to the page - * - * Returns: - * 0 ==> OK - * 1 ==> failure - */ -extern int -__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val) -{ - register uint16 *bp, *sop; - int do_expand; - - bp = (uint16 *)bufp->page; - do_expand = 0; - while (bp[0] && (bp[2] < REAL_KEY || bp[bp[0]] < REAL_KEY)) - /* Exception case */ - if (bp[2] == FULL_KEY_DATA && bp[0] == 2) - /* This is the last page of a big key/data pair - and we need to add another page */ - break; - else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!bufp) - { -#ifdef DEBUG - assert(0); -#endif - return (-1); - } - bp = (uint16 *)bufp->page; - } else - /* Try to squeeze key on this page */ - if (FREESPACE(bp) > PAIRSIZE(key, val)) { - { - squeeze_key(bp, key, val); - - /* LJM: I added this because I think it was - * left out on accident. - * if this isn't incremented nkeys will not - * be the actual number of keys in the db. - */ - hashp->NKEYS++; - return (0); - } - } else { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); - if (!bufp) - { -#ifdef DEBUG - assert(0); -#endif - return (-1); - } - bp = (uint16 *)bufp->page; - } - - if (PAIRFITS(bp, key, val)) - putpair(bufp->page, key, (DBT *)val); - else { - do_expand = 1; - bufp = __add_ovflpage(hashp, bufp); - if (!bufp) - { -#ifdef DEBUG - assert(0); -#endif - return (-1); - } - sop = (uint16 *)bufp->page; - - if (PAIRFITS(sop, key, val)) - putpair((char *)sop, key, (DBT *)val); - else - if (__big_insert(hashp, bufp, key, val)) - { -#ifdef DEBUG - assert(0); -#endif - return (-1); - } - } - bufp->flags |= BUF_MOD; - /* - * If the average number of keys per bucket exceeds the fill factor, - * expand the table. - */ - hashp->NKEYS++; - if (do_expand || - (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR)) - return (__expand_table(hashp)); - return (0); -} - -/* - * - * Returns: - * pointer on success - * NULL on error - */ -extern BUFHEAD * -__add_ovflpage(HTAB *hashp, BUFHEAD *bufp) -{ - register uint16 *sp; - uint16 ndx, ovfl_num; -#ifdef DEBUG1 - int tmp1, tmp2; -#endif - sp = (uint16 *)bufp->page; - - /* Check if we are dynamically determining the fill factor */ - if (hashp->FFACTOR == DEF_FFACTOR) { - hashp->FFACTOR = sp[0] >> 1; - if (hashp->FFACTOR < MIN_FFACTOR) - hashp->FFACTOR = MIN_FFACTOR; - } - bufp->flags |= BUF_MOD; - ovfl_num = overflow_page(hashp); -#ifdef DEBUG1 - tmp1 = bufp->addr; - tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0; -#endif - if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1))) - return (NULL); - bufp->ovfl->flags |= BUF_MOD; -#ifdef DEBUG1 - (void)fprintf(stderr, "ADDOVFLPAGE: %d->ovfl was %d is now %d\n", - tmp1, tmp2, bufp->ovfl->addr); -#endif - ndx = sp[0]; - /* - * Since a pair is allocated on a page only if there's room to add - * an overflow page, we know that the OVFL information will fit on - * the page. - */ - sp[ndx + 4] = OFFSET(sp); - sp[ndx + 3] = FREESPACE(sp) - OVFLSIZE; - sp[ndx + 1] = ovfl_num; - sp[ndx + 2] = OVFLPAGE; - sp[0] = ndx + 2; -#ifdef HASH_STATISTICS - hash_overflows++; -#endif - return (bufp->ovfl); -} - -/* - * Returns: - * 0 indicates SUCCESS - * -1 indicates FAILURE - */ -extern int -__get_page(HTAB *hashp, - char * p, - uint32 bucket, - int is_bucket, - int is_disk, - int is_bitmap) -{ - register int fd, page; - size_t size; - int rsize; - uint16 *bp; - - fd = hashp->fp; - size = hashp->BSIZE; - - if ((fd == -1) || !is_disk) { - PAGE_INIT(p); - return (0); - } - if (is_bucket) - page = BUCKET_TO_PAGE(bucket); - else - page = OADDR_TO_PAGE(bucket); - if ((MY_LSEEK(fd, (off_t)page << hashp->BSHIFT, SEEK_SET) == -1) || - ((rsize = read(fd, p, size)) == -1)) - return (-1); - - bp = (uint16 *)p; - if (!rsize) - bp[0] = 0; /* We hit the EOF, so initialize a new page */ - else - if ((unsigned)rsize != size) { - errno = EFTYPE; - return (-1); - } - - if (!is_bitmap && !bp[0]) { - PAGE_INIT(p); - } else { - -#ifdef DEBUG - if(BYTE_ORDER == LITTLE_ENDIAN) - { - int is_little_endian; - is_little_endian = BYTE_ORDER; - } - else if(BYTE_ORDER == BIG_ENDIAN) - { - int is_big_endian; - is_big_endian = BYTE_ORDER; - } - else - { - assert(0); - } -#endif - - if (hashp->LORDER != BYTE_ORDER) { - register int i, max; - - if (is_bitmap) { - max = hashp->BSIZE >> 2; /* divide by 4 */ - for (i = 0; i < max; i++) - M_32_SWAP(((int *)p)[i]); - } else { - M_16_SWAP(bp[0]); - max = bp[0] + 2; - - /* bound the size of max by - * the maximum number of entries - * in the array - */ - if((unsigned)max > (size / sizeof(uint16))) - return(DATABASE_CORRUPTED_ERROR); - - /* do the byte order swap - */ - for (i = 1; i <= max; i++) - M_16_SWAP(bp[i]); - } - } - - /* check the validity of the page here - * (after doing byte order swaping if necessary) - */ - if(!is_bitmap && bp[0] != 0) - { - uint16 num_keys = bp[0]; - uint16 offset; - uint16 i; - - /* bp[0] is supposed to be the number of - * entries currently in the page. If - * bp[0] is too large (larger than the whole - * page) then the page is corrupted - */ - if(bp[0] > (size / sizeof(uint16))) - return(DATABASE_CORRUPTED_ERROR); - - /* bound free space */ - if(FREESPACE(bp) > size) - return(DATABASE_CORRUPTED_ERROR); - - /* check each key and data offset to make - * sure they are all within bounds they - * should all be less than the previous - * offset as well. - */ - offset = size; - for(i=1 ; i <= num_keys; i+=2) - { - /* ignore overflow pages etc. */ - if(bp[i+1] >= REAL_KEY) - { - - if(bp[i] > offset || bp[i+1] > bp[i]) - return(DATABASE_CORRUPTED_ERROR); - - offset = bp[i+1]; - } - else - { - /* there are no other valid keys after - * seeing a non REAL_KEY - */ - break; - } - } - } - } - return (0); -} - -/* - * Write page p to disk - * - * Returns: - * 0 ==> OK - * -1 ==>failure - */ -extern int -__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap) -{ - register int fd, page; - size_t size; - int wsize; - off_t offset; - - size = hashp->BSIZE; - if ((hashp->fp == -1) && open_temp(hashp)) - return (-1); - fd = hashp->fp; - - if (hashp->LORDER != BYTE_ORDER) { - register int i; - register int max; - - if (is_bitmap) { - max = hashp->BSIZE >> 2; /* divide by 4 */ - for (i = 0; i < max; i++) - M_32_SWAP(((int *)p)[i]); - } else { - max = ((uint16 *)p)[0] + 2; - - /* bound the size of max by - * the maximum number of entries - * in the array - */ - if((unsigned)max > (size / sizeof(uint16))) - return(DATABASE_CORRUPTED_ERROR); - - for (i = 0; i <= max; i++) - M_16_SWAP(((uint16 *)p)[i]); - - } - } - - if (is_bucket) - page = BUCKET_TO_PAGE(bucket); - else - page = OADDR_TO_PAGE(bucket); - offset = (off_t)page << hashp->BSHIFT; - if ((MY_LSEEK(fd, offset, SEEK_SET) == -1) || - ((wsize = write(fd, p, size)) == -1)) - /* Errno is set */ - return (-1); - if ((unsigned)wsize != size) { - errno = EFTYPE; - return (-1); - } -#if defined(_WIN32) || defined(_WINDOWS) - if (offset + size > hashp->file_size) { - hashp->updateEOF = 1; - } -#endif - /* put the page back the way it was so that it isn't byteswapped - * if it remains in memory - LJM - */ - if (hashp->LORDER != BYTE_ORDER) { - register int i; - register int max; - - if (is_bitmap) { - max = hashp->BSIZE >> 2; /* divide by 4 */ - for (i = 0; i < max; i++) - M_32_SWAP(((int *)p)[i]); - } else { - uint16 *bp = (uint16 *)p; - - M_16_SWAP(bp[0]); - max = bp[0] + 2; - - /* no need to bound the size if max again - * since it was done already above - */ - - /* do the byte order re-swap - */ - for (i = 1; i <= max; i++) - M_16_SWAP(bp[i]); - } - } - - return (0); -} - -#define BYTE_MASK ((1 << INT_BYTE_SHIFT) -1) -/* - * Initialize a new bitmap page. Bitmap pages are left in memory - * once they are read in. - */ -extern int -__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx) -{ - uint32 *ip; - size_t clearbytes, clearints; - - if ((ip = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL) - return (1); - hashp->nmaps++; - clearints = ((nbits - 1) >> INT_BYTE_SHIFT) + 1; - clearbytes = clearints << INT_TO_BYTE; - (void)memset((char *)ip, 0, clearbytes); - (void)memset(((char *)ip) + clearbytes, 0xFF, - hashp->BSIZE - clearbytes); - ip[clearints - 1] = ALL_SET << (nbits & BYTE_MASK); - SETBIT(ip, 0); - hashp->BITMAPS[ndx] = (uint16)pnum; - hashp->mapp[ndx] = ip; - return (0); -} - -static uint32 -first_free(uint32 map) -{ - register uint32 i, mask; - - mask = 0x1; - for (i = 0; i < BITS_PER_MAP; i++) { - if (!(mask & map)) - return (i); - mask = mask << 1; - } - return (i); -} - -static uint16 -overflow_page(HTAB *hashp) -{ - register uint32 *freep=NULL; - register int max_free, offset, splitnum; - uint16 addr; - uint32 i; - int bit, first_page, free_bit, free_page, in_use_bits, j; -#ifdef DEBUG2 - int tmp1, tmp2; -#endif - splitnum = hashp->OVFL_POINT; - max_free = hashp->SPARES[splitnum]; - - free_page = (max_free - 1) >> (hashp->BSHIFT + BYTE_SHIFT); - free_bit = (max_free - 1) & ((hashp->BSIZE << BYTE_SHIFT) - 1); - - /* Look through all the free maps to find the first free block */ - first_page = hashp->LAST_FREED >>(hashp->BSHIFT + BYTE_SHIFT); - for ( i = first_page; i <= (unsigned)free_page; i++ ) { - if (!(freep = (uint32 *)hashp->mapp[i]) && - !(freep = fetch_bitmap(hashp, i))) - return (0); - if (i == (unsigned)free_page) - in_use_bits = free_bit; - else - in_use_bits = (hashp->BSIZE << BYTE_SHIFT) - 1; - - if (i == (unsigned)first_page) { - bit = hashp->LAST_FREED & - ((hashp->BSIZE << BYTE_SHIFT) - 1); - j = bit / BITS_PER_MAP; - bit = bit & ~(BITS_PER_MAP - 1); - } else { - bit = 0; - j = 0; - } - for (; bit <= in_use_bits; j++, bit += BITS_PER_MAP) - if (freep[j] != ALL_SET) - goto found; - } - - /* No Free Page Found */ - hashp->LAST_FREED = hashp->SPARES[splitnum]; - hashp->SPARES[splitnum]++; - offset = hashp->SPARES[splitnum] - - (splitnum ? hashp->SPARES[splitnum - 1] : 0); - -#define OVMSG "HASH: Out of overflow pages. Increase page size\n" - if (offset > SPLITMASK) { - if (++splitnum >= NCACHED) { -#ifndef macintosh - (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1); -#endif - return (0); - } - hashp->OVFL_POINT = splitnum; - hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1]; - hashp->SPARES[splitnum-1]--; - offset = 1; - } - - /* Check if we need to allocate a new bitmap page */ - if (free_bit == (hashp->BSIZE << BYTE_SHIFT) - 1) { - free_page++; - if (free_page >= NCACHED) { -#ifndef macintosh - (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1); -#endif - return (0); - } - /* - * This is tricky. The 1 indicates that you want the new page - * allocated with 1 clear bit. Actually, you are going to - * allocate 2 pages from this map. The first is going to be - * the map page, the second is the overflow page we were - * looking for. The init_bitmap routine automatically, sets - * the first bit of itself to indicate that the bitmap itself - * is in use. We would explicitly set the second bit, but - * don't have to if we tell init_bitmap not to leave it clear - * in the first place. - */ - if (__ibitmap(hashp, - (int)OADDR_OF(splitnum, offset), 1, free_page)) - return (0); - hashp->SPARES[splitnum]++; -#ifdef DEBUG2 - free_bit = 2; -#endif - offset++; - if (offset > SPLITMASK) { - if (++splitnum >= NCACHED) { -#ifndef macintosh - (void)write(STDERR_FILENO, OVMSG, - sizeof(OVMSG) - 1); -#endif - return (0); - } - hashp->OVFL_POINT = splitnum; - hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1]; - hashp->SPARES[splitnum-1]--; - offset = 0; - } - } else { - /* - * Free_bit addresses the last used bit. Bump it to address - * the first available bit. - */ - free_bit++; - SETBIT(freep, free_bit); - } - - /* Calculate address of the new overflow page */ - addr = OADDR_OF(splitnum, offset); -#ifdef DEBUG2 - (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n", - addr, free_bit, free_page); -#endif - return (addr); - -found: - bit = bit + first_free(freep[j]); - SETBIT(freep, bit); -#ifdef DEBUG2 - tmp1 = bit; - tmp2 = i; -#endif - /* - * Bits are addressed starting with 0, but overflow pages are addressed - * beginning at 1. Bit is a bit addressnumber, so we need to increment - * it to convert it to a page number. - */ - bit = 1 + bit + (i * (hashp->BSIZE << BYTE_SHIFT)); - if (bit >= hashp->LAST_FREED) - hashp->LAST_FREED = bit - 1; - - /* Calculate the split number for this page */ - for (i = 0; (i < (unsigned)splitnum) && (bit > hashp->SPARES[i]); i++) {} - offset = (i ? bit - hashp->SPARES[i - 1] : bit); - if (offset >= SPLITMASK) - return (0); /* Out of overflow pages */ - addr = OADDR_OF(i, offset); -#ifdef DEBUG2 - (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n", - addr, tmp1, tmp2); -#endif - - /* Allocate and return the overflow page */ - return (addr); -} - -/* - * Mark this overflow page as free. - */ -extern void -__free_ovflpage(HTAB *hashp, BUFHEAD *obufp) -{ - uint16 addr; - uint32 *freep; - uint32 bit_address, free_page, free_bit; - uint16 ndx; - - if(!obufp || !obufp->addr) - return; - - addr = obufp->addr; -#ifdef DEBUG1 - (void)fprintf(stderr, "Freeing %d\n", addr); -#endif - ndx = (((uint16)addr) >> SPLITSHIFT); - bit_address = - (ndx ? hashp->SPARES[ndx - 1] : 0) + (addr & SPLITMASK) - 1; - if (bit_address < (uint32)hashp->LAST_FREED) - hashp->LAST_FREED = bit_address; - free_page = (bit_address >> (hashp->BSHIFT + BYTE_SHIFT)); - free_bit = bit_address & ((hashp->BSIZE << BYTE_SHIFT) - 1); - - if (!(freep = hashp->mapp[free_page])) - freep = fetch_bitmap(hashp, free_page); - -#ifdef DEBUG - /* - * This had better never happen. It means we tried to read a bitmap - * that has already had overflow pages allocated off it, and we - * failed to read it from the file. - */ - if (!freep) - { - assert(0); - return; - } -#endif - CLRBIT(freep, free_bit); -#ifdef DEBUG2 - (void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n", - obufp->addr, free_bit, free_page); -#endif - __reclaim_buf(hashp, obufp); -} - -/* - * Returns: - * 0 success - * -1 failure - */ -static int -open_temp(HTAB *hashp) -{ -#ifdef XP_OS2 - hashp->fp = mkstemp(NULL); -#else -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) - sigset_t set, oset; -#endif -#if !defined(macintosh) - char * tmpdir; - size_t len; - char last; -#endif - static const char namestr[] = "/_hashXXXXXX"; - char filename[1024]; - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) - /* Block signals; make sure file goes away at process exit. */ - (void)sigfillset(&set); - (void)sigprocmask(SIG_BLOCK, &set, &oset); -#endif - - filename[0] = 0; -#if defined(macintosh) - strcat(filename, namestr + 1); -#else - tmpdir = getenv("TMP"); - if (!tmpdir) - tmpdir = getenv("TMPDIR"); - if (!tmpdir) - tmpdir = getenv("TEMP"); - if (!tmpdir) - tmpdir = "."; - len = strlen(tmpdir); - if (len && len < (sizeof filename - sizeof namestr)) { - strcpy(filename, tmpdir); - } - len = strlen(filename); - last = tmpdir[len - 1]; - strcat(filename, (last == '/' || last == '\\') ? namestr + 1 : namestr); -#endif - -#if defined(_WIN32) || defined(_WINDOWS) - if ((hashp->fp = mkstempflags(filename, _O_BINARY|_O_TEMPORARY)) != -1) { - if (hashp->filename) { - free(hashp->filename); - } - hashp->filename = strdup(filename); - hashp->is_temp = 1; - } -#else - if ((hashp->fp = mkstemp(filename)) != -1) { - (void)unlink(filename); -#if !defined(macintosh) - (void)fcntl(hashp->fp, F_SETFD, 1); -#endif - } -#endif - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) - (void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL); -#endif -#endif /* !OS2 */ - return (hashp->fp != -1 ? 0 : -1); -} - -/* - * We have to know that the key will fit, but the last entry on the page is - * an overflow pair, so we need to shift things. - */ -static void -squeeze_key(uint16 *sp, const DBT * key, const DBT * val) -{ - register char *p; - uint16 free_space, n, off, pageno; - - p = (char *)sp; - n = sp[0]; - free_space = FREESPACE(sp); - off = OFFSET(sp); - - pageno = sp[n - 1]; - off -= key->size; - sp[n - 1] = off; - memmove(p + off, key->data, key->size); - off -= val->size; - sp[n] = off; - memmove(p + off, val->data, val->size); - sp[0] = n + 2; - sp[n + 1] = pageno; - sp[n + 2] = OVFLPAGE; - FREESPACE(sp) = free_space - PAIRSIZE(key, val); - OFFSET(sp) = off; -} - -static uint32 * -fetch_bitmap(HTAB *hashp, uint32 ndx) -{ - if (ndx >= (unsigned)hashp->nmaps) - return (NULL); - if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL) - return (NULL); - if (__get_page(hashp, - (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) { - free(hashp->mapp[ndx]); - hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */ - return (NULL); - } - return (hashp->mapp[ndx]); -} - -#ifdef DEBUG4 -int -print_chain(int addr) -{ - BUFHEAD *bufp; - short *bp, oaddr; - - (void)fprintf(stderr, "%d ", addr); - bufp = __get_buf(hashp, addr, NULL, 0); - bp = (short *)bufp->page; - while (bp[0] && ((bp[bp[0]] == OVFLPAGE) || - ((bp[0] > 2) && bp[2] < REAL_KEY))) { - oaddr = bp[bp[0] - 1]; - (void)fprintf(stderr, "%d ", (int)oaddr); - bufp = __get_buf(hashp, (int)oaddr, bufp, 0); - bp = (short *)bufp->page; - } - (void)fprintf(stderr, "\n"); -} -#endif diff --git a/dbm/src/hash.c b/dbm/src/hash.c deleted file mode 100644 index d984c5f308..0000000000 --- a/dbm/src/hash.c +++ /dev/null @@ -1,1260 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP) -#include -#endif - -#if !defined(macintosh) -#ifdef XP_OS2_EMX -#include -#endif -#include -#endif - -#if defined(macintosh) -#include -#include -#endif - -#include -#include -#include -#include -#include - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP) -#include -#endif -#if defined(_WIN32) || defined(_WINDOWS) -#include -#endif - -#ifdef XP_OS2_VACPP -#include "types.h" -#define EPERM SOCEPERM -#endif - -#include - -#include "mcom_db.h" -#include "hash.h" -#include "page.h" - -/* -#include "extern.h" -*/ -static int alloc_segs __P((HTAB *, int)); -static int flush_meta __P((HTAB *)); -static int hash_access __P((HTAB *, ACTION, DBT *, DBT *)); -static int hash_close __P((DB *)); -static int hash_delete __P((const DB *, const DBT *, uint)); -static int hash_fd __P((const DB *)); -static int hash_get __P((const DB *, const DBT *, DBT *, uint)); -static int hash_put __P((const DB *, DBT *, const DBT *, uint)); -static void *hash_realloc __P((SEGMENT **, size_t, size_t)); -static int hash_seq __P((const DB *, DBT *, DBT *, uint)); -static int hash_sync __P((const DB *, uint)); -static int hdestroy __P((HTAB *)); -static HTAB *init_hash __P((HTAB *, const char *, HASHINFO *)); -static int init_htab __P((HTAB *, int)); -#if BYTE_ORDER == LITTLE_ENDIAN -static void swap_header __P((HTAB *)); -static void swap_header_copy __P((HASHHDR *, HASHHDR *)); -#endif - -/* Fast arithmetic, relying on powers of 2, */ -#define MOD(x, y) ((x) & ((y) - 1)) - -#define RETURN_ERROR(ERR, LOC) { save_errno = ERR; goto LOC; } - -/* Return values */ -#define SUCCESS (0) -#define DBM_ERROR (-1) -#define ABNORMAL (1) - -#ifdef HASH_STATISTICS -int hash_accesses, hash_collisions, hash_expansions, hash_overflows; -#endif - -/* A new Lou (montulli@mozilla.com) routine. - * - * The database is screwed. - * - * This closes the file, flushing buffers as appropriate. - */ -static void -__remove_database(DB *dbp) -{ - HTAB *hashp = (HTAB *)dbp->internal; - - assert(0); - - if (!hashp) - return; - hdestroy(hashp); - dbp->internal = NULL; -} - -/************************** INTERFACE ROUTINES ***************************/ -/* OPEN/CLOSE */ - - -extern DB * -__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags) -{ - HTAB *hashp=NULL; - struct stat statbuf; - DB *dbp; - int bpages, hdrsize, new_table, nsegs, save_errno; - - if ((flags & O_ACCMODE) == O_WRONLY) { - errno = EINVAL; - RETURN_ERROR(ENOMEM, error0); - } - - /* zero the statbuffer so that - * we can check it for a non-zero - * date to see if stat succeeded - */ - memset(&statbuf, 0, sizeof(struct stat)); - - if (!(hashp = (HTAB *)calloc(1, sizeof(HTAB)))) - RETURN_ERROR(ENOMEM, error0); - hashp->fp = NO_FILE; - if(file) - hashp->filename = strdup(file); - - /* - * Even if user wants write only, we need to be able to read - * the actual file, so we need to open it read/write. But, the - * field in the hashp structure needs to be accurate so that - * we can check accesses. - */ - hashp->flags = flags; - - new_table = 0; - if (!file || (flags & O_TRUNC) || (stat(file, &statbuf) && (errno == ENOENT))) - { - if (errno == ENOENT) - errno = 0; /* Just in case someone looks at errno */ - new_table = 1; - } - else if(statbuf.st_mtime && statbuf.st_size == 0) - { - /* check for a zero length file and delete it - * if it exists - */ - new_table = 1; - } - hashp->file_size = statbuf.st_size; - - if (file) { - -#if defined(_WIN32) || defined(_WINDOWS) || defined (macintosh) || defined(XP_OS2_VACPP) - if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1) - RETURN_ERROR(errno, error0); -#else - if ((hashp->fp = open(file, flags, mode)) == -1) - RETURN_ERROR(errno, error0); - (void)fcntl(hashp->fp, F_SETFD, 1); -/* We can't use fcntl because of NFS bugs. SIGH */ -#if 0 - { - struct flock fl; - memset(&fl, 0, sizeof(fl)); - fl.l_type = F_WRLCK; - if (fcntl(hashp->fp, F_SETLK, &fl) < 0) { -#ifdef DEBUG - fprintf(stderr, "unable to open %s because it's locked (flags=0x%x)\n", file, flags); -#endif - RETURN_ERROR(EACCES, error1); - } - } -#endif - -#endif - } - if (new_table) { - if (!init_hash(hashp, file, (HASHINFO *)info)) - RETURN_ERROR(errno, error1); - } else { - /* Table already exists */ - if (info && info->hash) - hashp->hash = info->hash; - else - hashp->hash = __default_hash; - - hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR)); -#if BYTE_ORDER == LITTLE_ENDIAN - swap_header(hashp); -#endif - if (hdrsize == -1) - RETURN_ERROR(errno, error1); - if (hdrsize != sizeof(HASHHDR)) - RETURN_ERROR(EFTYPE, error1); - /* Verify file type, versions and hash function */ - if (hashp->MAGIC != HASHMAGIC) - RETURN_ERROR(EFTYPE, error1); -#define OLDHASHVERSION 1 - if (hashp->VERSION != HASHVERSION && - hashp->VERSION != OLDHASHVERSION) - RETURN_ERROR(EFTYPE, error1); - if (hashp->hash(CHARKEY, sizeof(CHARKEY)) != hashp->H_CHARKEY) - RETURN_ERROR(EFTYPE, error1); - if (hashp->NKEYS < 0) { - /* - ** OOPS. Old bad database from previously busted - ** code. Blow it away. - */ - close(hashp->fp); - if (remove(file) < 0) { -#if defined(DEBUG) && defined(XP_UNIX) - fprintf(stderr, - "WARNING: You have an old bad cache.db file" - " '%s', and I couldn't remove it!\n", file); -#endif - } else { -#if defined(DEBUG) && defined(XP_UNIX) - fprintf(stderr, - "WARNING: I blew away your %s file because" - " it was bad due to a recently fixed bug\n", - file); -#endif - } - RETURN_ERROR(ENOENT, error0); - } - - /* - * Figure out how many segments we need. Max_Bucket is the - * maximum bucket number, so the number of buckets is - * max_bucket + 1. - */ - nsegs = (hashp->MAX_BUCKET + 1 + hashp->SGSIZE - 1) / - hashp->SGSIZE; - hashp->nsegs = 0; - if (alloc_segs(hashp, nsegs)) - /* - * If alloc_segs fails, table will have been destroyed - * and errno will have been set. - */ - RETURN_ERROR(ENOMEM, error0); - /* Read in bitmaps */ - bpages = (hashp->SPARES[hashp->OVFL_POINT] + - (hashp->BSIZE << BYTE_SHIFT) - 1) >> - (hashp->BSHIFT + BYTE_SHIFT); - - hashp->nmaps = bpages; - (void)memset(&hashp->mapp[0], 0, bpages * sizeof(uint32 *)); - } - - /* Initialize Buffer Manager */ - if (info && info->cachesize) - __buf_init(hashp, (int32) info->cachesize); - else - __buf_init(hashp, DEF_BUFSIZE); - - hashp->new_file = new_table; -#ifdef macintosh - hashp->save_file = file && !(hashp->flags & O_RDONLY); -#else - hashp->save_file = file && (hashp->flags & O_RDWR); -#endif - hashp->cbucket = -1; - if (!(dbp = (DB *)malloc(sizeof(DB)))) { - save_errno = errno; - hdestroy(hashp); - errno = save_errno; - RETURN_ERROR(ENOMEM, error0); - } - dbp->internal = hashp; - dbp->close = hash_close; - dbp->del = hash_delete; - dbp->fd = hash_fd; - dbp->get = hash_get; - dbp->put = hash_put; - dbp->seq = hash_seq; - dbp->sync = hash_sync; - dbp->type = DB_HASH; - -#if 0 -#if defined(DEBUG) && !defined(_WINDOWS) -{ -extern int MKLib_trace_flag; - - if(MKLib_trace_flag) - (void)fprintf(stderr, -"%s\n%s%lx\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%d\n%s%x\n%s%x\n%s%d\n%s%d\n", - "init_htab:", - "TABLE POINTER ", (unsigned long) hashp, - "BUCKET SIZE ", hashp->BSIZE, - "BUCKET SHIFT ", hashp->BSHIFT, - "DIRECTORY SIZE ", hashp->DSIZE, - "SEGMENT SIZE ", hashp->SGSIZE, - "SEGMENT SHIFT ", hashp->SSHIFT, - "FILL FACTOR ", hashp->FFACTOR, - "MAX BUCKET ", hashp->MAX_BUCKET, - "OVFL POINT ", hashp->OVFL_POINT, - "LAST FREED ", hashp->LAST_FREED, - "HIGH MASK ", hashp->HIGH_MASK, - "LOW MASK ", hashp->LOW_MASK, - "NSEGS ", hashp->nsegs, - "NKEYS ", hashp->NKEYS); -} -#endif -#endif /* 0 */ -#ifdef HASH_STATISTICS - hash_overflows = hash_accesses = hash_collisions = hash_expansions = 0; -#endif - return (dbp); - -error1: - if (hashp != NULL) - (void)close(hashp->fp); - -error0: - free(hashp); - errno = save_errno; - return (NULL); -} - -static int -hash_close(DB *dbp) -{ - HTAB *hashp; - int retval; - - if (!dbp) - return (DBM_ERROR); - - hashp = (HTAB *)dbp->internal; - if(!hashp) - return (DBM_ERROR); - - retval = hdestroy(hashp); - free(dbp); - return (retval); -} - -static int hash_fd(const DB *dbp) -{ - HTAB *hashp; - - if (!dbp) - return (DBM_ERROR); - - hashp = (HTAB *)dbp->internal; - if(!hashp) - return (DBM_ERROR); - - if (hashp->fp == -1) { - errno = ENOENT; - return (-1); - } - return (hashp->fp); -} - -/************************** LOCAL CREATION ROUTINES **********************/ -static HTAB * -init_hash(HTAB *hashp, const char *file, HASHINFO *info) -{ - struct stat statbuf; - int nelem; - - nelem = 1; - hashp->NKEYS = 0; - hashp->LORDER = BYTE_ORDER; - hashp->BSIZE = DEF_BUCKET_SIZE; - hashp->BSHIFT = DEF_BUCKET_SHIFT; - hashp->SGSIZE = DEF_SEGSIZE; - hashp->SSHIFT = DEF_SEGSIZE_SHIFT; - hashp->DSIZE = DEF_DIRSIZE; - hashp->FFACTOR = DEF_FFACTOR; - hashp->hash = __default_hash; - memset(hashp->SPARES, 0, sizeof(hashp->SPARES)); - memset(hashp->BITMAPS, 0, sizeof (hashp->BITMAPS)); - - /* Fix bucket size to be optimal for file system */ - if (file != NULL) { - if (stat(file, &statbuf)) - return (NULL); - -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(VMS) && !defined(XP_OS2) -#if defined(__QNX__) && !defined(__QNXNTO__) - hashp->BSIZE = 512; /* preferred blk size on qnx4 */ -#else - hashp->BSIZE = statbuf.st_blksize; -#endif - - /* new code added by Lou to reduce block - * size down below MAX_BSIZE - */ - if (hashp->BSIZE > MAX_BSIZE) - hashp->BSIZE = MAX_BSIZE; -#endif - hashp->BSHIFT = __log2((uint32)hashp->BSIZE); - } - - if (info) { - if (info->bsize) { - /* Round pagesize up to power of 2 */ - hashp->BSHIFT = __log2(info->bsize); - hashp->BSIZE = 1 << hashp->BSHIFT; - if (hashp->BSIZE > MAX_BSIZE) { - errno = EINVAL; - return (NULL); - } - } - if (info->ffactor) - hashp->FFACTOR = info->ffactor; - if (info->hash) - hashp->hash = info->hash; - if (info->nelem) - nelem = info->nelem; - if (info->lorder) { - if (info->lorder != BIG_ENDIAN && - info->lorder != LITTLE_ENDIAN) { - errno = EINVAL; - return (NULL); - } - hashp->LORDER = info->lorder; - } - } - /* init_htab should destroy the table and set errno if it fails */ - if (init_htab(hashp, nelem)) - return (NULL); - else - return (hashp); -} -/* - * This calls alloc_segs which may run out of memory. Alloc_segs will destroy - * the table and set errno, so we just pass the error information along. - * - * Returns 0 on No Error - */ -static int -init_htab(HTAB *hashp, int nelem) -{ - register int nbuckets, nsegs; - int l2; - - /* - * Divide number of elements by the fill factor and determine a - * desired number of buckets. Allocate space for the next greater - * power of two number of buckets. - */ - nelem = (nelem - 1) / hashp->FFACTOR + 1; - - l2 = __log2((uint32)PR_MAX(nelem, 2)); - nbuckets = 1 << l2; - - hashp->SPARES[l2] = l2 + 1; - hashp->SPARES[l2 + 1] = l2 + 1; - hashp->OVFL_POINT = l2; - hashp->LAST_FREED = 2; - - /* First bitmap page is at: splitpoint l2 page offset 1 */ - if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0)) - return (-1); - - hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1; - hashp->HIGH_MASK = (nbuckets << 1) - 1; - hashp->HDRPAGES = ((PR_MAX(sizeof(HASHHDR), MINHDRSIZE) - 1) >> - hashp->BSHIFT) + 1; - - nsegs = (nbuckets - 1) / hashp->SGSIZE + 1; - nsegs = 1 << __log2((uint32)nsegs); - - if (nsegs > hashp->DSIZE) - hashp->DSIZE = nsegs; - return (alloc_segs(hashp, nsegs)); -} - -/********************** DESTROY/CLOSE ROUTINES ************************/ - -/* - * Flushes any changes to the file if necessary and destroys the hashp - * structure, freeing all allocated space. - */ -static int -hdestroy(HTAB *hashp) -{ - int i, save_errno; - - save_errno = 0; - -#ifdef HASH_STATISTICS - (void)fprintf(stderr, "hdestroy: accesses %ld collisions %ld\n", - hash_accesses, hash_collisions); - (void)fprintf(stderr, "hdestroy: expansions %ld\n", - hash_expansions); - (void)fprintf(stderr, "hdestroy: overflows %ld\n", - hash_overflows); - (void)fprintf(stderr, "keys %ld maxp %d segmentcount %d\n", - hashp->NKEYS, hashp->MAX_BUCKET, hashp->nsegs); - - for (i = 0; i < NCACHED; i++) - (void)fprintf(stderr, - "spares[%d] = %d\n", i, hashp->SPARES[i]); -#endif - /* - * Call on buffer manager to free buffers, and if required, - * write them to disk. - */ - if (__buf_free(hashp, 1, hashp->save_file)) - save_errno = errno; - if (hashp->dir) { - free(*hashp->dir); /* Free initial segments */ - /* Free extra segments */ - while (hashp->exsegs--) - free(hashp->dir[--hashp->nsegs]); - free(hashp->dir); - } - if (flush_meta(hashp) && !save_errno) - save_errno = errno; - /* Free Bigmaps */ - for (i = 0; i < hashp->nmaps; i++) - if (hashp->mapp[i]) - free(hashp->mapp[i]); - - if (hashp->fp != -1) - (void)close(hashp->fp); - - if(hashp->filename) { -#if defined(_WIN32) || defined(_WINDOWS) || defined(XP_OS2) - if (hashp->is_temp) - (void)unlink(hashp->filename); -#endif - free(hashp->filename); - } - if (hashp->tmp_buf) - free(hashp->tmp_buf); - if (hashp->tmp_key) - free(hashp->tmp_key); - free(hashp); - if (save_errno) { - errno = save_errno; - return (DBM_ERROR); - } - return (SUCCESS); -} - -#if defined(_WIN32) || defined(_WINDOWS) -/* - * Close and reopen file to force file length update on windows. - * - * Returns: - * 0 == OK - * -1 DBM_ERROR - */ -static int -update_EOF(HTAB *hashp) -{ -#if defined(DBM_REOPEN_ON_FLUSH) - char * file = hashp->filename; - off_t file_size; - int flags; - int mode = -1; - struct stat statbuf; - - memset(&statbuf, 0, sizeof statbuf); - - /* make sure we won't lose the file by closing it. */ - if (!file || (stat(file, &statbuf) && (errno == ENOENT))) { - /* pretend we did it. */ - return 0; - } - - (void)close(hashp->fp); - - flags = hashp->flags & ~(O_TRUNC | O_CREAT | O_EXCL); - - if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1) - return -1; - file_size = lseek(hashp->fp, (off_t)0, SEEK_END); - if (file_size == -1) - return -1; - hashp->file_size = file_size; - return 0; -#else - int fd = hashp->fp; - off_t file_size = lseek(fd, (off_t)0, SEEK_END); - HANDLE handle = (HANDLE)_get_osfhandle(fd); - BOOL cool = FlushFileBuffers(handle); -#ifdef DEBUG3 - if (!cool) { - DWORD err = GetLastError(); - (void)fprintf(stderr, - "FlushFileBuffers failed, last error = %d, 0x%08x\n", - err, err); - } -#endif - if (file_size == -1) - return -1; - hashp->file_size = file_size; - return cool ? 0 : -1; -#endif -} -#endif - -/* - * Write modified pages to disk - * - * Returns: - * 0 == OK - * -1 DBM_ERROR - */ -static int -hash_sync(const DB *dbp, uint flags) -{ - HTAB *hashp; - - if (flags != 0) { - errno = EINVAL; - return (DBM_ERROR); - } - - if (!dbp) - return (DBM_ERROR); - - hashp = (HTAB *)dbp->internal; - if(!hashp) - return (DBM_ERROR); - - if (!hashp->save_file) - return (0); - if (__buf_free(hashp, 0, 1) || flush_meta(hashp)) - return (DBM_ERROR); -#if defined(_WIN32) || defined(_WINDOWS) - if (hashp->updateEOF && hashp->filename && !hashp->is_temp) { - int status = update_EOF(hashp); - hashp->updateEOF = 0; - if (status) - return status; - } -#endif - hashp->new_file = 0; - return (0); -} - -/* - * Returns: - * 0 == OK - * -1 indicates that errno should be set - */ -static int -flush_meta(HTAB *hashp) -{ - HASHHDR *whdrp; -#if BYTE_ORDER == LITTLE_ENDIAN - HASHHDR whdr; -#endif - int fp, i, wsize; - - if (!hashp->save_file) - return (0); - hashp->MAGIC = HASHMAGIC; - hashp->VERSION = HASHVERSION; - hashp->H_CHARKEY = hashp->hash(CHARKEY, sizeof(CHARKEY)); - - fp = hashp->fp; - whdrp = &hashp->hdr; -#if BYTE_ORDER == LITTLE_ENDIAN - whdrp = &whdr; - swap_header_copy(&hashp->hdr, whdrp); -#endif - if ((lseek(fp, (off_t)0, SEEK_SET) == -1) || - ((wsize = write(fp, (char*)whdrp, sizeof(HASHHDR))) == -1)) - return (-1); - else - if (wsize != sizeof(HASHHDR)) { - errno = EFTYPE; - hashp->dbmerrno = errno; - return (-1); - } - for (i = 0; i < NCACHED; i++) - if (hashp->mapp[i]) - if (__put_page(hashp, (char *)hashp->mapp[i], - hashp->BITMAPS[i], 0, 1)) - return (-1); - return (0); -} - -/*******************************SEARCH ROUTINES *****************************/ -/* - * All the access routines return - * - * Returns: - * 0 on SUCCESS - * 1 to indicate an external DBM_ERROR (i.e. key not found, etc) - * -1 to indicate an internal DBM_ERROR (i.e. out of memory, etc) - */ -static int -hash_get( - const DB *dbp, - const DBT *key, - DBT *data, - uint flag) -{ - HTAB *hashp; - int rv; - - hashp = (HTAB *)dbp->internal; - if (!hashp) - return (DBM_ERROR); - - if (flag) { - hashp->dbmerrno = errno = EINVAL; - return (DBM_ERROR); - } - - rv = hash_access(hashp, HASH_GET, (DBT *)key, data); - - if(rv == DATABASE_CORRUPTED_ERROR) - { -#if defined(unix) && defined(DEBUG) - printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); -#endif - __remove_database((DB *)dbp); - } - - return(rv); -} - -static int -hash_put( - const DB *dbp, - DBT *key, - const DBT *data, - uint flag) -{ - HTAB *hashp; - int rv; - - hashp = (HTAB *)dbp->internal; - if (!hashp) - return (DBM_ERROR); - - if (flag && flag != R_NOOVERWRITE) { - hashp->dbmerrno = errno = EINVAL; - return (DBM_ERROR); - } - if ((hashp->flags & O_ACCMODE) == O_RDONLY) { - hashp->dbmerrno = errno = EPERM; - return (DBM_ERROR); - } - - rv = hash_access(hashp, flag == R_NOOVERWRITE ? - HASH_PUTNEW : HASH_PUT, (DBT *)key, (DBT *)data); - - if(rv == DATABASE_CORRUPTED_ERROR) - { -#if defined(unix) && defined(DEBUG) - printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); -#endif - __remove_database((DB *)dbp); - } - - return(rv); -} - -static int -hash_delete( - const DB *dbp, - const DBT *key, - uint flag) /* Ignored */ -{ - HTAB *hashp; - int rv; - - hashp = (HTAB *)dbp->internal; - if (!hashp) - return (DBM_ERROR); - - if (flag && flag != R_CURSOR) { - hashp->dbmerrno = errno = EINVAL; - return (DBM_ERROR); - } - if ((hashp->flags & O_ACCMODE) == O_RDONLY) { - hashp->dbmerrno = errno = EPERM; - return (DBM_ERROR); - } - rv = hash_access(hashp, HASH_DELETE, (DBT *)key, NULL); - - if(rv == DATABASE_CORRUPTED_ERROR) - { -#if defined(unix) && defined(DEBUG) - printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); -#endif - __remove_database((DB *)dbp); - } - - return(rv); -} - -#define MAX_OVERFLOW_HASH_ACCESS_LOOPS 2000 -/* - * Assume that hashp has been set in wrapper routine. - */ -static int -hash_access( - HTAB *hashp, - ACTION action, - DBT *key, DBT *val) -{ - register BUFHEAD *rbufp; - BUFHEAD *bufp, *save_bufp; - register uint16 *bp; - register long n, ndx, off; - register size_t size; - register char *kp; - uint16 pageno; - uint32 ovfl_loop_count=0; - int32 last_overflow_page_no = -1; - -#ifdef HASH_STATISTICS - hash_accesses++; -#endif - - off = hashp->BSIZE; - size = key->size; - kp = (char *)key->data; - rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0); - if (!rbufp) - return (DATABASE_CORRUPTED_ERROR); - save_bufp = rbufp; - - /* Pin the bucket chain */ - rbufp->flags |= BUF_PIN; - for (bp = (uint16 *)rbufp->page, n = *bp++, ndx = 1; ndx < n;) - { - - if (bp[1] >= REAL_KEY) { - /* Real key/data pair */ - if (size == (unsigned long)(off - *bp) && - memcmp(kp, rbufp->page + *bp, size) == 0) - goto found; - off = bp[1]; -#ifdef HASH_STATISTICS - hash_collisions++; -#endif - bp += 2; - ndx += 2; - } else if (bp[1] == OVFLPAGE) { - - /* database corruption: overflow loop detection */ - if(last_overflow_page_no == (int32)*bp) - return (DATABASE_CORRUPTED_ERROR); - - last_overflow_page_no = *bp; - - rbufp = __get_buf(hashp, *bp, rbufp, 0); - if (!rbufp) { - save_bufp->flags &= ~BUF_PIN; - return (DBM_ERROR); - } - - ovfl_loop_count++; - if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS) - return (DATABASE_CORRUPTED_ERROR); - - /* FOR LOOP INIT */ - bp = (uint16 *)rbufp->page; - n = *bp++; - ndx = 1; - off = hashp->BSIZE; - } else if (bp[1] < REAL_KEY) { - if ((ndx = - __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0) - goto found; - if (ndx == -2) { - bufp = rbufp; - if (!(pageno = - __find_last_page(hashp, &bufp))) { - ndx = 0; - rbufp = bufp; - break; /* FOR */ - } - rbufp = __get_buf(hashp, pageno, bufp, 0); - if (!rbufp) { - save_bufp->flags &= ~BUF_PIN; - return (DBM_ERROR); - } - /* FOR LOOP INIT */ - bp = (uint16 *)rbufp->page; - n = *bp++; - ndx = 1; - off = hashp->BSIZE; - } else { - save_bufp->flags &= ~BUF_PIN; - return (DBM_ERROR); - - } - } - } - - /* Not found */ - switch (action) { - case HASH_PUT: - case HASH_PUTNEW: - if (__addel(hashp, rbufp, key, val)) { - save_bufp->flags &= ~BUF_PIN; - return (DBM_ERROR); - } else { - save_bufp->flags &= ~BUF_PIN; - return (SUCCESS); - } - case HASH_GET: - case HASH_DELETE: - default: - save_bufp->flags &= ~BUF_PIN; - return (ABNORMAL); - } - -found: - switch (action) { - case HASH_PUTNEW: - save_bufp->flags &= ~BUF_PIN; - return (ABNORMAL); - case HASH_GET: - bp = (uint16 *)rbufp->page; - if (bp[ndx + 1] < REAL_KEY) { - if (__big_return(hashp, rbufp, ndx, val, 0)) - return (DBM_ERROR); - } else { - val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1]; - val->size = bp[ndx] - bp[ndx + 1]; - } - break; - case HASH_PUT: - if ((__delpair(hashp, rbufp, ndx)) || - (__addel(hashp, rbufp, key, val))) { - save_bufp->flags &= ~BUF_PIN; - return (DBM_ERROR); - } - break; - case HASH_DELETE: - if (__delpair(hashp, rbufp, ndx)) - return (DBM_ERROR); - break; - default: - abort(); - } - save_bufp->flags &= ~BUF_PIN; - return (SUCCESS); -} - -static int -hash_seq( - const DB *dbp, - DBT *key, DBT *data, - uint flag) -{ - register uint32 bucket; - register BUFHEAD *bufp; - HTAB *hashp; - uint16 *bp, ndx; - - hashp = (HTAB *)dbp->internal; - if (!hashp) - return (DBM_ERROR); - - if (flag && flag != R_FIRST && flag != R_NEXT) { - hashp->dbmerrno = errno = EINVAL; - return (DBM_ERROR); - } -#ifdef HASH_STATISTICS - hash_accesses++; -#endif - if ((hashp->cbucket < 0) || (flag == R_FIRST)) { - hashp->cbucket = 0; - hashp->cndx = 1; - hashp->cpage = NULL; - } - - for (bp = NULL; !bp || !bp[0]; ) { - if (!(bufp = hashp->cpage)) { - for (bucket = hashp->cbucket; - bucket <= (uint32)hashp->MAX_BUCKET; - bucket++, hashp->cndx = 1) { - bufp = __get_buf(hashp, bucket, NULL, 0); - if (!bufp) - return (DBM_ERROR); - hashp->cpage = bufp; - bp = (uint16 *)bufp->page; - if (bp[0]) - break; - } - hashp->cbucket = bucket; - if (hashp->cbucket > hashp->MAX_BUCKET) { - hashp->cbucket = -1; - return (ABNORMAL); - } - } else - bp = (uint16 *)hashp->cpage->page; - -#ifdef DEBUG - assert(bp); - assert(bufp); -#endif - while (bp[hashp->cndx + 1] == OVFLPAGE) { - bufp = hashp->cpage = - __get_buf(hashp, bp[hashp->cndx], bufp, 0); - if (!bufp) - return (DBM_ERROR); - bp = (uint16 *)(bufp->page); - hashp->cndx = 1; - } - if (!bp[0]) { - hashp->cpage = NULL; - ++hashp->cbucket; - } - } - ndx = hashp->cndx; - if (bp[ndx + 1] < REAL_KEY) { - if (__big_keydata(hashp, bufp, key, data, 1)) - return (DBM_ERROR); - } else { - key->data = (uint8 *)hashp->cpage->page + bp[ndx]; - key->size = (ndx > 1 ? bp[ndx - 1] : hashp->BSIZE) - bp[ndx]; - data->data = (uint8 *)hashp->cpage->page + bp[ndx + 1]; - data->size = bp[ndx] - bp[ndx + 1]; - ndx += 2; - if (ndx > bp[0]) { - hashp->cpage = NULL; - hashp->cbucket++; - hashp->cndx = 1; - } else - hashp->cndx = ndx; - } - return (SUCCESS); -} - -/********************************* UTILITIES ************************/ - -/* - * Returns: - * 0 ==> OK - * -1 ==> Error - */ -extern int -__expand_table(HTAB *hashp) -{ - uint32 old_bucket, new_bucket; - int new_segnum, spare_ndx; - size_t dirsize; - -#ifdef HASH_STATISTICS - hash_expansions++; -#endif - new_bucket = ++hashp->MAX_BUCKET; - old_bucket = (hashp->MAX_BUCKET & hashp->LOW_MASK); - - new_segnum = new_bucket >> hashp->SSHIFT; - - /* Check if we need a new segment */ - if (new_segnum >= hashp->nsegs) { - /* Check if we need to expand directory */ - if (new_segnum >= hashp->DSIZE) { - /* Reallocate directory */ - dirsize = hashp->DSIZE * sizeof(SEGMENT *); - if (!hash_realloc(&hashp->dir, dirsize, dirsize << 1)) - return (-1); - hashp->DSIZE = dirsize << 1; - } - if ((hashp->dir[new_segnum] = - (SEGMENT)calloc((size_t)hashp->SGSIZE, sizeof(SEGMENT))) == NULL) - return (-1); - hashp->exsegs++; - hashp->nsegs++; - } - /* - * If the split point is increasing (MAX_BUCKET's log base 2 - * * increases), we need to copy the current contents of the spare - * split bucket to the next bucket. - */ - spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1)); - if (spare_ndx > hashp->OVFL_POINT) { - hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT]; - hashp->OVFL_POINT = spare_ndx; - } - - if (new_bucket > (uint32)hashp->HIGH_MASK) { - /* Starting a new doubling */ - hashp->LOW_MASK = hashp->HIGH_MASK; - hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK; - } - /* Relocate records to the new bucket */ - return (__split_page(hashp, old_bucket, new_bucket)); -} - -/* - * If realloc guarantees that the pointer is not destroyed if the realloc - * fails, then this routine can go away. - */ -static void * -hash_realloc( - SEGMENT **p_ptr, - size_t oldsize, size_t newsize) -{ - register void *p; - - if ((p = malloc(newsize))) { - memmove(p, *p_ptr, oldsize); - memset((char *)p + oldsize, 0, newsize - oldsize); - free(*p_ptr); - *p_ptr = (SEGMENT *)p; - } - return (p); -} - -extern uint32 -__call_hash(HTAB *hashp, char *k, size_t len) -{ - uint32 n, bucket; - - n = hashp->hash(k, len); - bucket = n & hashp->HIGH_MASK; - if (bucket > (uint32)hashp->MAX_BUCKET) - bucket = bucket & hashp->LOW_MASK; - return (bucket); -} - -/* - * Allocate segment table. On error, destroy the table and set errno. - * - * Returns 0 on success - */ -static int -alloc_segs( - HTAB *hashp, - int nsegs) -{ - register int i; - register SEGMENT store; - - int save_errno; - - if ((hashp->dir = - (SEGMENT *)calloc((size_t)hashp->DSIZE, sizeof(SEGMENT *))) == NULL) { - save_errno = errno; - (void)hdestroy(hashp); - errno = save_errno; - return (-1); - } - /* Allocate segments */ - if ((store = - (SEGMENT)calloc((size_t)nsegs << hashp->SSHIFT, sizeof(SEGMENT))) == NULL) { - save_errno = errno; - (void)hdestroy(hashp); - errno = save_errno; - return (-1); - } - for (i = 0; i < nsegs; i++, hashp->nsegs++) - hashp->dir[i] = &store[i << hashp->SSHIFT]; - return (0); -} - -#if BYTE_ORDER == LITTLE_ENDIAN -/* - * Hashp->hdr needs to be byteswapped. - */ -static void -swap_header_copy( - HASHHDR *srcp, HASHHDR *destp) -{ - int i; - - P_32_COPY(srcp->magic, destp->magic); - P_32_COPY(srcp->version, destp->version); - P_32_COPY(srcp->lorder, destp->lorder); - P_32_COPY(srcp->bsize, destp->bsize); - P_32_COPY(srcp->bshift, destp->bshift); - P_32_COPY(srcp->dsize, destp->dsize); - P_32_COPY(srcp->ssize, destp->ssize); - P_32_COPY(srcp->sshift, destp->sshift); - P_32_COPY(srcp->ovfl_point, destp->ovfl_point); - P_32_COPY(srcp->last_freed, destp->last_freed); - P_32_COPY(srcp->max_bucket, destp->max_bucket); - P_32_COPY(srcp->high_mask, destp->high_mask); - P_32_COPY(srcp->low_mask, destp->low_mask); - P_32_COPY(srcp->ffactor, destp->ffactor); - P_32_COPY(srcp->nkeys, destp->nkeys); - P_32_COPY(srcp->hdrpages, destp->hdrpages); - P_32_COPY(srcp->h_charkey, destp->h_charkey); - for (i = 0; i < NCACHED; i++) { - P_32_COPY(srcp->spares[i], destp->spares[i]); - P_16_COPY(srcp->bitmaps[i], destp->bitmaps[i]); - } -} - -static void -swap_header(HTAB *hashp) -{ - HASHHDR *hdrp; - int i; - - hdrp = &hashp->hdr; - - M_32_SWAP(hdrp->magic); - M_32_SWAP(hdrp->version); - M_32_SWAP(hdrp->lorder); - M_32_SWAP(hdrp->bsize); - M_32_SWAP(hdrp->bshift); - M_32_SWAP(hdrp->dsize); - M_32_SWAP(hdrp->ssize); - M_32_SWAP(hdrp->sshift); - M_32_SWAP(hdrp->ovfl_point); - M_32_SWAP(hdrp->last_freed); - M_32_SWAP(hdrp->max_bucket); - M_32_SWAP(hdrp->high_mask); - M_32_SWAP(hdrp->low_mask); - M_32_SWAP(hdrp->ffactor); - M_32_SWAP(hdrp->nkeys); - M_32_SWAP(hdrp->hdrpages); - M_32_SWAP(hdrp->h_charkey); - for (i = 0; i < NCACHED; i++) { - M_32_SWAP(hdrp->spares[i]); - M_16_SWAP(hdrp->bitmaps[i]); - } -} -#endif diff --git a/dbm/src/hash_buf.c b/dbm/src/hash_buf.c deleted file mode 100644 index d1193de6fb..0000000000 --- a/dbm/src/hash_buf.c +++ /dev/null @@ -1,414 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -/* - * PACKAGE: hash - * - * DESCRIPTION: - * Contains buffer management - * - * ROUTINES: - * External - * __buf_init - * __get_buf - * __buf_free - * __reclaim_buf - * Internal - * newbuf - */ -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP) -#include -#endif - -#include -#include -#include -#include -#include - -#ifdef DEBUG -#include -#endif - -#include "mcom_db.h" -#include "hash.h" -#include "page.h" -/* #include "extern.h" */ - -static BUFHEAD *newbuf __P((HTAB *, uint32, BUFHEAD *)); - -/* Unlink B from its place in the lru */ -#define BUF_REMOVE(B) { \ - (B)->prev->next = (B)->next; \ - (B)->next->prev = (B)->prev; \ -} - -/* Insert B after P */ -#define BUF_INSERT(B, P) { \ - (B)->next = (P)->next; \ - (B)->prev = (P); \ - (P)->next = (B); \ - (B)->next->prev = (B); \ -} - -#define MRU hashp->bufhead.next -#define LRU hashp->bufhead.prev - -#define MRU_INSERT(B) BUF_INSERT((B), &hashp->bufhead) -#define LRU_INSERT(B) BUF_INSERT((B), LRU) - -/* - * We are looking for a buffer with address "addr". If prev_bp is NULL, then - * address is a bucket index. If prev_bp is not NULL, then it points to the - * page previous to an overflow page that we are trying to find. - * - * CAVEAT: The buffer header accessed via prev_bp's ovfl field may no longer - * be valid. Therefore, you must always verify that its address matches the - * address you are seeking. - */ -extern BUFHEAD * -__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage) -/* If prev_bp set, indicates a new overflow page. */ -{ - register BUFHEAD *bp; - register uint32 is_disk_mask; - register int is_disk, segment_ndx = 0; - SEGMENT segp = 0; - - is_disk = 0; - is_disk_mask = 0; - if (prev_bp) { - bp = prev_bp->ovfl; - if (!bp || (bp->addr != addr)) - bp = NULL; - if (!newpage) - is_disk = BUF_DISK; - } else { - /* Grab buffer out of directory */ - segment_ndx = addr & (hashp->SGSIZE - 1); - - /* valid segment ensured by __call_hash() */ - segp = hashp->dir[addr >> hashp->SSHIFT]; -#ifdef DEBUG - assert(segp != NULL); -#endif - - bp = PTROF(segp[segment_ndx]); - - is_disk_mask = ISDISK(segp[segment_ndx]); - is_disk = is_disk_mask || !hashp->new_file; - } - - if (!bp) { - bp = newbuf(hashp, addr, prev_bp); - if (!bp) - return(NULL); - if(__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0)) - { - /* free bp and its page */ - if(prev_bp) - { - /* if prev_bp is set then the new page that - * failed is hooked onto prev_bp as an overflow page. - * if we don't remove the pointer to the bad page - * we may try and access it later and we will die - * horribly because it will have already been - * free'd and overwritten with bogus data. - */ - prev_bp->ovfl = NULL; - } - BUF_REMOVE(bp); - free(bp->page); - free(bp); - return (NULL); - } - - if (!prev_bp) - { -#if 0 - /* 16 bit windows and mac can't handle the - * oring of the is disk flag. - */ - segp[segment_ndx] = - (BUFHEAD *)((ptrdiff_t)bp | is_disk_mask); -#else - /* set the is_disk thing inside the structure - */ - bp->is_disk = is_disk_mask; - segp[segment_ndx] = bp; -#endif - } - } else { - BUF_REMOVE(bp); - MRU_INSERT(bp); - } - return (bp); -} - -/* - * We need a buffer for this page. Either allocate one, or evict a resident - * one (if we have as many buffers as we're allowed) and put this one in. - * - * If newbuf finds an error (returning NULL), it also sets errno. - */ -static BUFHEAD * -newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp) -{ - register BUFHEAD *bp; /* The buffer we're going to use */ - register BUFHEAD *xbp; /* Temp pointer */ - register BUFHEAD *next_xbp; - SEGMENT segp; - int segment_ndx; - uint16 oaddr, *shortp; - - oaddr = 0; - bp = LRU; - /* - * If LRU buffer is pinned, the buffer pool is too small. We need to - * allocate more buffers. - */ - if (hashp->nbufs || (bp->flags & BUF_PIN)) { - /* Allocate a new one */ - if ((bp = (BUFHEAD *)malloc(sizeof(BUFHEAD))) == NULL) - return (NULL); - - /* this memset is supposedly unnecessary but lets add - * it anyways. - */ - memset(bp, 0xff, sizeof(BUFHEAD)); - - if ((bp->page = (char *)malloc((size_t)hashp->BSIZE)) == NULL) { - free(bp); - return (NULL); - } - - /* this memset is supposedly unnecessary but lets add - * it anyways. - */ - memset(bp->page, 0xff, (size_t)hashp->BSIZE); - - if (hashp->nbufs) - hashp->nbufs--; - } else { - /* Kick someone out */ - BUF_REMOVE(bp); - /* - * If this is an overflow page with addr 0, it's already been - * flushed back in an overflow chain and initialized. - */ - if ((bp->addr != 0) || (bp->flags & BUF_BUCKET)) { - /* - * Set oaddr before __put_page so that you get it - * before bytes are swapped. - */ - shortp = (uint16 *)bp->page; - if (shortp[0]) - { - if(shortp[0] > (hashp->BSIZE / sizeof(uint16))) - { - return(NULL); - } - oaddr = shortp[shortp[0] - 1]; - } - if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page, - bp->addr, (int)IS_BUCKET(bp->flags), 0)) - return (NULL); - /* - * Update the pointer to this page (i.e. invalidate it). - * - * If this is a new file (i.e. we created it at open - * time), make sure that we mark pages which have been - * written to disk so we retrieve them from disk later, - * rather than allocating new pages. - */ - if (IS_BUCKET(bp->flags)) { - segment_ndx = bp->addr & (hashp->SGSIZE - 1); - segp = hashp->dir[bp->addr >> hashp->SSHIFT]; -#ifdef DEBUG - assert(segp != NULL); -#endif - - if (hashp->new_file && - ((bp->flags & BUF_MOD) || - ISDISK(segp[segment_ndx]))) - segp[segment_ndx] = (BUFHEAD *)BUF_DISK; - else - segp[segment_ndx] = NULL; - } - /* - * Since overflow pages can only be access by means of - * their bucket, free overflow pages associated with - * this bucket. - */ - for (xbp = bp; xbp->ovfl;) { - next_xbp = xbp->ovfl; - xbp->ovfl = 0; - xbp = next_xbp; - - /* leave pinned pages alone, we are still using - * them. */ - if (xbp->flags & BUF_PIN) { - continue; - } - - /* Check that ovfl pointer is up date. */ - if (IS_BUCKET(xbp->flags) || - (oaddr != xbp->addr)) - break; - - shortp = (uint16 *)xbp->page; - if (shortp[0]) - { - /* LJM is the number of reported - * pages way too much? - */ - if(shortp[0] > hashp->BSIZE/sizeof(uint16)) - return NULL; - /* set before __put_page */ - oaddr = shortp[shortp[0] - 1]; - } - if ((xbp->flags & BUF_MOD) && __put_page(hashp, - xbp->page, xbp->addr, 0, 0)) - return (NULL); - xbp->addr = 0; - xbp->flags = 0; - BUF_REMOVE(xbp); - LRU_INSERT(xbp); - } - } - } - - /* Now assign this buffer */ - bp->addr = addr; -#ifdef DEBUG1 - (void)fprintf(stderr, "NEWBUF1: %d->ovfl was %d is now %d\n", - bp->addr, (bp->ovfl ? bp->ovfl->addr : 0), 0); -#endif - bp->ovfl = NULL; - if (prev_bp) { - /* - * If prev_bp is set, this is an overflow page, hook it in to - * the buffer overflow links. - */ -#ifdef DEBUG1 - (void)fprintf(stderr, "NEWBUF2: %d->ovfl was %d is now %d\n", - prev_bp->addr, (prev_bp->ovfl ? bp->ovfl->addr : 0), - (bp ? bp->addr : 0)); -#endif - prev_bp->ovfl = bp; - bp->flags = 0; - } else - bp->flags = BUF_BUCKET; - MRU_INSERT(bp); - return (bp); -} - -extern void __buf_init(HTAB *hashp, int32 nbytes) -{ - BUFHEAD *bfp; - int npages; - - bfp = &(hashp->bufhead); - npages = (nbytes + hashp->BSIZE - 1) >> hashp->BSHIFT; - npages = PR_MAX(npages, MIN_BUFFERS); - - hashp->nbufs = npages; - bfp->next = bfp; - bfp->prev = bfp; - /* - * This space is calloc'd so these are already null. - * - * bfp->ovfl = NULL; - * bfp->flags = 0; - * bfp->page = NULL; - * bfp->addr = 0; - */ -} - -extern int -__buf_free(HTAB *hashp, int do_free, int to_disk) -{ - BUFHEAD *bp; - int status = -1; - - /* Need to make sure that buffer manager has been initialized */ - if (!LRU) - return (0); - for (bp = LRU; bp != &hashp->bufhead;) { - /* Check that the buffer is valid */ - if (bp->addr || IS_BUCKET(bp->flags)) { - if (to_disk && (bp->flags & BUF_MOD) && - (status = __put_page(hashp, bp->page, - bp->addr, IS_BUCKET(bp->flags), 0))) { - - if (do_free) { - if (bp->page) - free(bp->page); - BUF_REMOVE(bp); - free(bp); - } - - return (status); - } - } - /* Check if we are freeing stuff */ - if (do_free) { - if (bp->page) - free(bp->page); - BUF_REMOVE(bp); - free(bp); - bp = LRU; - } else - bp = bp->prev; - } - return (0); -} - -extern void -__reclaim_buf(HTAB *hashp, BUFHEAD *bp) -{ - bp->ovfl = 0; - bp->addr = 0; - bp->flags = 0; - BUF_REMOVE(bp); - LRU_INSERT(bp); -} diff --git a/dbm/src/hsearch.c b/dbm/src/hsearch.c deleted file mode 100644 index fb8a58bad2..0000000000 --- a/dbm/src/hsearch.c +++ /dev/null @@ -1,108 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)hsearch.c 8.4 (Berkeley) 7/21/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#ifndef macintosh -#include -#endif - -#include -#include - -#include "mcom_db.h" -#include "hsearch.h" - -static DB *dbp = NULL; -static ENTRY retval; - -extern int -hcreate(uint nel) -{ - HASHINFO info; - - info.nelem = nel; - info.bsize = 256; - info.ffactor = 8; - info.cachesize = 0; - info.hash = NULL; - info.lorder = 0; - dbp = (DB *)__hash_open(NULL, O_CREAT | O_RDWR, 0600, &info, 0); - return ((int)dbp); -} - -extern ENTRY * -hsearch(ENTRY item, ACTION action) -{ - DBT key, val; - int status; - - if (!dbp) - return (NULL); - key.data = (uint8 *)item.key; - key.size = strlen(item.key) + 1; - - if (action == ENTER) { - val.data = (uint8 *)item.data; - val.size = strlen(item.data) + 1; - status = (dbp->put)(dbp, &key, &val, R_NOOVERWRITE); - if (status) - return (NULL); - } else { - /* FIND */ - status = (dbp->get)(dbp, &key, &val, 0); - if (status) - return (NULL); - else - item.data = (char *)val.data; - } - retval.key = item.key; - retval.data = item.data; - return (&retval); -} - -extern void -hdestroy() -{ - if (dbp) { - (void)(dbp->close)(dbp); - dbp = NULL; - } -} diff --git a/dbm/src/memmove.c b/dbm/src/memmove.c deleted file mode 100644 index 70eb1e5d24..0000000000 --- a/dbm/src/memmove.c +++ /dev/null @@ -1,150 +0,0 @@ -#if defined(__sun) && !defined(__SVR4) -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Chris Torek. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#ifdef HAVE_SYS_CDEFS_H -#include -#else -#include "cdefs.h" -#endif -#include - -/* - * sizeof(word) MUST BE A POWER OF TWO - * SO THAT wmask BELOW IS ALL ONES - */ -typedef int word; /* "word" used for optimal copy speed */ - -#define wsize sizeof(word) -#define wmask (wsize - 1) - -/* - * Copy a block of memory, handling overlap. - * This is the routine that actually implements - * (the portable versions of) bcopy, memcpy, and memmove. - */ -#ifdef MEMCOPY -void * -memcpy(dst0, src0, length) -#else -#ifdef MEMMOVE -void * -memmove(dst0, src0, length) -#else -void -bcopy(src0, dst0, length) -#endif -#endif - void *dst0; - const void *src0; - register size_t length; -{ - register char *dst = dst0; - register const char *src = src0; - register size_t t; - - if (length == 0 || dst == src) /* nothing to do */ - goto done; - - /* - * Macros: loop-t-times; and loop-t-times, t>0 - */ -#define TLOOP(s) if (t) TLOOP1(s) -#define TLOOP1(s) do { s; } while (--t) - - if ((unsigned long)dst < (unsigned long)src) { - /* - * Copy forward. - */ - t = (int)src; /* only need low bits */ - if ((t | (int)dst) & wmask) { - /* - * Try to align operands. This cannot be done - * unless the low bits match. - */ - if ((t ^ (int)dst) & wmask || length < wsize) - t = length; - else - t = wsize - (t & wmask); - length -= t; - TLOOP1(*dst++ = *src++); - } - /* - * Copy whole words, then mop up any trailing bytes. - */ - t = length / wsize; - TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize); - t = length & wmask; - TLOOP(*dst++ = *src++); - } else { - /* - * Copy backwards. Otherwise essentially the same. - * Alignment works as before, except that it takes - * (t&wmask) bytes to align, not wsize-(t&wmask). - */ - src += length; - dst += length; - t = (int)src; - if ((t | (int)dst) & wmask) { - if ((t ^ (int)dst) & wmask || length <= wsize) - t = length; - else - t &= wmask; - length -= t; - TLOOP1(*--dst = *--src); - } - t = length / wsize; - TLOOP(src -= wsize; dst -= wsize; *(word *)dst = *(word *)src); - t = length & wmask; - TLOOP(*--dst = *--src); - } -done: -#if defined(MEMCOPY) || defined(MEMMOVE) - return (dst0); -#else - return; -#endif -} -#endif /* no __sgi */ - -/* Some compilers don't like an empty source file. */ -static int dummy = 0; diff --git a/dbm/src/mktemp.c b/dbm/src/mktemp.c deleted file mode 100644 index 574eb9fe59..0000000000 --- a/dbm/src/mktemp.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * Copyright (c) 1987, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#ifdef macintosh -#include -#else -#include -#include -#endif -#include -#include -#include -#include -#include "mcom_db.h" - -#if !defined(_WINDOWS) && !defined(XP_OS2_VACPP) -#include -#endif - -#ifdef XP_OS2_VACPP -#define ENOTDIR EBADPOS -#include -#include -#endif - -#ifdef _WINDOWS -#include -#include "winfile.h" -#endif - -static int _gettemp(char *path, register int *doopen, int extraFlags); - -int -mkstemp(char *path) -{ -#ifdef XP_OS2 - FILE *temp = tmpfile(); - - return (temp ? fileno(temp) : -1); -#else - int fd; - - return (_gettemp(path, &fd, 0) ? fd : -1); -#endif -} - -int -mkstempflags(char *path, int extraFlags) -{ - int fd; - - return (_gettemp(path, &fd, extraFlags) ? fd : -1); -} - -char * -mktemp(char *path) -{ - return(_gettemp(path, (int *)NULL, 0) ? path : (char *)NULL); -} - -/* NB: This routine modifies its input string, and does not always restore it. -** returns 1 on success, 0 on failure. -*/ -static int -_gettemp(char *path, register int *doopen, int extraFlags) -{ -#if !defined(_WINDOWS) || defined(_WIN32) - extern int errno; -#endif - register char *start, *trv; - struct stat sbuf; - unsigned int pid; - - pid = getpid(); - for (trv = path; *trv; ++trv); /* extra X's get set to 0's */ - while (*--trv == 'X') { - *trv = (pid % 10) + '0'; - pid /= 10; - } - - /* - * check the target directory; if you have six X's and it - * doesn't exist this runs for a *very* long time. - */ - for (start = trv + 1;; --trv) { - char saved; - if (trv <= path) - break; - saved = *trv; - if (saved == '/' || saved == '\\') { - int rv; - *trv = '\0'; - rv = stat(path, &sbuf); - *trv = saved; - if (rv) - return(0); - if (!S_ISDIR(sbuf.st_mode)) { - errno = ENOTDIR; - return(0); - } - break; - } - } - - for (;;) { - if (doopen) { - if ((*doopen = - open(path, O_CREAT|O_EXCL|O_RDWR|extraFlags, 0600)) >= 0) - return(1); - if (errno != EEXIST) - return(0); - } - else if (stat(path, &sbuf)) - return(errno == ENOENT ? 1 : 0); - - /* tricky little algorithm for backward compatibility */ - for (trv = start;;) { - if (!*trv) - return(0); - if (*trv == 'z') - *trv++ = 'a'; - else { - if (isdigit(*trv)) - *trv = 'a'; - else - ++*trv; - break; - } - } - } - /*NOTREACHED*/ -} diff --git a/dbm/src/ndbm.c b/dbm/src/ndbm.c deleted file mode 100644 index 03d5cf3812..0000000000 --- a/dbm/src/ndbm.c +++ /dev/null @@ -1,199 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Margo Seltzer. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)ndbm.c 8.4 (Berkeley) 7/21/94"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -/* - * This package provides a dbm compatible interface to the new hashing - * package described in db(3). - */ -#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(XP_OS2_VACPP) -#include -#endif - -#if defined(__linux) -#include -#endif - -#ifdef __OS2__ -#include "dirent.h" -#endif - -#include -#include - -#include "ndbm.h" -#include "hash.h" - -/* - * Returns: - * *DBM on success - * NULL on failure - */ -extern DBM * -dbm_open(const char *file, int flags, int mode) -{ - HASHINFO info; - char path[MAXPATHLEN]; - - info.bsize = 4096; - info.ffactor = 40; - info.nelem = 1; - info.cachesize = 0; - info.hash = NULL; - info.lorder = 0; - (void)strcpy(path, file); - (void)strcat(path, DBM_SUFFIX); - return ((DBM *)__hash_open(path, flags, mode, &info, 0)); -} - -extern void -dbm_close(DBM *db) -{ - (void)(db->close)(db); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ -extern datum -dbm_fetch(DBM *db, datum key) -{ - datum retval; - int status; - - status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0); - if (status) { - retval.dptr = NULL; - retval.dsize = 0; - } - return (retval); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ -extern datum -dbm_firstkey(DBM *db) -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST); - if (status) - retkey.dptr = NULL; - return (retkey); -} - -/* - * Returns: - * DATUM on success - * NULL on failure - */ -extern datum -dbm_nextkey(DBM *db) -{ - int status; - datum retdata, retkey; - - status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT); - if (status) - retkey.dptr = NULL; - return (retkey); -} -/* - * Returns: - * 0 on success - * <0 failure - */ -extern int -dbm_delete(DBM *db, datum key) -{ - int status; - - status = (db->del)(db, (DBT *)&key, 0); - if (status) - return (-1); - else - return (0); -} - -/* - * Returns: - * 0 on success - * <0 failure - * 1 if DBM_INSERT and entry exists - */ -extern int -dbm_store(DBM *db, datum key, datum content, int flags) -{ - return ((db->put)(db, (DBT *)&key, (DBT *)&content, - (flags == DBM_INSERT) ? R_NOOVERWRITE : 0)); -} - - -extern int -dbm_error(DBM *db) -{ - HTAB *hp; - - hp = (HTAB *)db->internal; - return (hp->dbmerrno); -} - -extern int -dbm_clearerr(DBM *db) -{ - HTAB *hp; - - hp = (HTAB *)db->internal; - hp->dbmerrno = 0; - return (0); -} - -extern int -dbm_dirfno(DBM *db) -{ - return(((HTAB *)db->internal)->fp); -} diff --git a/dbm/src/nsres.c b/dbm/src/nsres.c deleted file mode 100644 index 4b4dae4a22..0000000000 --- a/dbm/src/nsres.c +++ /dev/null @@ -1,305 +0,0 @@ -#include "watcomfx.h" - -#include "nsres.h" - -#include - -#include - -#include - -struct RESDATABASE -{ - DB *hdb; - NSRESTHREADINFO *threadinfo; - char * pbuf[MAXBUFNUM]; -} ; -typedef struct RESDATABASE * RESHANDLE; - -typedef struct STRINGDATA -{ - char *str; - unsigned int charsetid; -} STRINGDATA; - - -typedef unsigned int CHARSETTYPE; -#define RES_LOCK if (hres->threadinfo) hres->threadinfo->fn_lock(hres->threadinfo->lock); -#define RES_UNLOCK if (hres->threadinfo) hres->threadinfo->fn_unlock(hres->threadinfo->lock); - -int GenKeyData(const char *library, int32 id, DBT *key); - -/* - Right now, the page size used for resource is same as for Navigator cache - database - */ -HASHINFO res_hash_info = { - 32*1024, - 0, - 0, - 0, - 0, /* 64 * 1024U */ - 0}; - -int GenKeyData(const char *library, int32 id, DBT *key) -{ - char idstr[10]; - static char * strdata = NULL; - size_t len; - - if (strdata) - free (strdata); - - if (id == 0) - idstr[0] = '\0'; - else - { - sprintf(idstr, "%d", id); - /* itoa(id, idstr, 10); */ - } - - if (library == NULL) - len = strlen(idstr) + 1; - else - len = strlen(library) + strlen(idstr) + 1; - strdata = (char *) malloc (len); - strcpy(strdata, library); - strcat(strdata, idstr); - - key->size = len; - key->data = strdata; - - return 1; -} - -NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo) -{ - RESHANDLE hres; - int flag; - - flag = O_RDWR | O_CREAT; - - hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) ); - - if (threadinfo && threadinfo->lock && threadinfo->fn_lock - && threadinfo->fn_unlock) - { - hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) ); - hres->threadinfo->lock = threadinfo->lock; - hres->threadinfo->fn_lock = threadinfo->fn_lock; - hres->threadinfo->fn_unlock = threadinfo->fn_unlock; - } - - - RES_LOCK - - hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info); - - RES_UNLOCK - - if(!hres->hdb) - return NULL; - - return (NSRESHANDLE) hres; -} - -NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo) -{ - RESHANDLE hres; - int flag; - - flag = O_RDONLY; /* only open database for reading */ - - hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) ); - - if (threadinfo && threadinfo->lock && threadinfo->fn_lock - && threadinfo->fn_unlock) - { - hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) ); - hres->threadinfo->lock = threadinfo->lock; - hres->threadinfo->fn_lock = threadinfo->fn_lock; - hres->threadinfo->fn_unlock = threadinfo->fn_unlock; - } - - - RES_LOCK - - hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info); - - RES_UNLOCK - - if(!hres->hdb) - return NULL; - - return (NSRESHANDLE) hres; -} - - - -void NSResCloseTable(NSRESHANDLE handle) -{ - RESHANDLE hres; - int i; - - if (handle == NULL) - return; - hres = (RESHANDLE) handle; - - RES_LOCK - - (*hres->hdb->sync)(hres->hdb, 0); - (*hres->hdb->close)(hres->hdb); - - RES_UNLOCK - - for (i = 0; i < MAXBUFNUM; i++) - { - if (hres->pbuf[i]) - free (hres->pbuf[i]); - } - - if (hres->threadinfo) - free (hres->threadinfo); - free (hres); -} - - -char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id, - unsigned int charsetid, char *retbuf) -{ - int status; - RESHANDLE hres; - DBT key, data; - if (handle == NULL) - return NULL; - - hres = (RESHANDLE) handle; - GenKeyData(library, id, &key); - - RES_LOCK - - status = (*hres->hdb->get)(hres->hdb, &key, &data, 0); - - RES_UNLOCK - - if (retbuf) - { - memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE)); - return retbuf; - } - else - { - static int WhichString = 0; - static int bFirstTime = 1; - char *szLoadedString; - int i; - - RES_LOCK - - if (bFirstTime) { - for (i = 0; i < MAXBUFNUM; i++) - hres->pbuf[i] = (char *) malloc(MAXSTRINGLEN * sizeof(char)); - bFirstTime = 0; - } - - szLoadedString = hres->pbuf[WhichString]; - WhichString++; - - /* reset to 0, if WhichString reaches to the end */ - if (WhichString == MAXBUFNUM) - WhichString = 0; - - if (status == 0) - memcpy(szLoadedString, (char *) data.data + sizeof(CHARSETTYPE), - data.size - sizeof(CHARSETTYPE)); - else - szLoadedString[0] = 0; - - RES_UNLOCK - - return szLoadedString; - } -} - -int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id) -{ - int status; - RESHANDLE hres; - DBT key, data; - if (handle == NULL) - return 0; - hres = (RESHANDLE) handle; - GenKeyData(library, id, &key); - - RES_LOCK - - status = (*hres->hdb->get)(hres->hdb, &key, &data, 0); - - RES_UNLOCK - - return data.size - sizeof(CHARSETTYPE); -} - -int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf) -{ - int status; - RESHANDLE hres; - DBT key, data; - if (handle == NULL) - return 0; - hres = (RESHANDLE) handle; - GenKeyData(library, id, &key); - - RES_LOCK - - status = (*hres->hdb->get)(hres->hdb, &key, &data, 0); - - RES_UNLOCK - - if (retbuf) - { - memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE)); - return data.size; - } - else - return 0; -} - -int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, - const char *string, unsigned int charset) -{ - int status; - RESHANDLE hres; - DBT key, data; - char * recdata; - - if (handle == NULL) - return 0; - hres = (RESHANDLE) handle; - - GenKeyData(library, id, &key); - - data.size = sizeof(CHARSETTYPE) + (strlen(string) + 1) ; - - recdata = (char *) malloc(data.size) ; - - /* set charset to the first field of record data */ - *((CHARSETTYPE *)recdata) = (CHARSETTYPE)charset; - - /* set data field */ - memcpy(recdata+sizeof(CHARSETTYPE), string, strlen(string) + 1); - - data.data = recdata; - - RES_LOCK - - status = (*hres->hdb->put)(hres->hdb, &key, &data, 0); - - - if (recdata) - free(recdata); - - RES_UNLOCK - - return status; -} diff --git a/dbm/src/snprintf.c b/dbm/src/snprintf.c deleted file mode 100644 index 4987785723..0000000000 --- a/dbm/src/snprintf.c +++ /dev/null @@ -1,75 +0,0 @@ -#ifndef HAVE_SNPRINTF - -#include "watcomfx.h" -#include -#include -#include - -#ifdef HAVE_SYS_CDEFS_H -#include -#else -#include "cdefs.h" -#endif - -#include "prtypes.h" - -#include - -/* The OS/2 VAC compiler doesn't appear to define __STDC__ and won't let us define it either */ -#if defined(__STDC__) || defined(XP_OS2_VACPP) -#include -#else -#include -#endif - -int -#if defined(__STDC__) || defined(XP_OS2_VACPP) -snprintf(char *str, size_t n, const char *fmt, ...) -#else -snprintf(str, n, fmt, va_alist) - char *str; - size_t n; - const char *fmt; - va_dcl -#endif -{ - va_list ap; -#ifdef VSPRINTF_CHARSTAR - char *rp; -#else - int rval; -#endif -#if defined(__STDC__) || defined(XP_OS2_VACPP) - va_start(ap, fmt); -#else - va_start(ap); -#endif -#ifdef VSPRINTF_CHARSTAR - rp = vsprintf(str, fmt, ap); - va_end(ap); - return (strlen(rp)); -#else - rval = vsprintf(str, fmt, ap); - va_end(ap); - return (rval); -#endif -} - -int -vsnprintf(str, n, fmt, ap) - char *str; - size_t n; - const char *fmt; - va_list ap; -{ -#ifdef VSPRINTF_CHARSTAR - return (strlen(vsprintf(str, fmt, ap))); -#else - return (vsprintf(str, fmt, ap)); -#endif -} - -#endif /* HAVE_SNPRINTF */ - -/* Some compilers don't like an empty source file. */ -static int dummy = 0; diff --git a/dbm/src/strerror.c b/dbm/src/strerror.c deleted file mode 100644 index d1ae2666aa..0000000000 --- a/dbm/src/strerror.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)strerror.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#include "watcomfx.h" - -#include - -#ifdef _DLL -#define sys_nerr (*_sys_nerr_dll) -#endif - -#ifndef HAVE_STRERROR -#ifndef _AFXDLL -char * -strerror(num) - int num; -{ - extern int sys_nerr; - extern char *sys_errlist[]; -#define UPREFIX "Unknown error: " - static char ebuf[40] = UPREFIX; /* 64-bit number + slop */ - register unsigned int errnum; - register char *p, *t; - char tmp[40]; - - errnum = num; /* convert to unsigned */ - if (errnum < sys_nerr) - return(sys_errlist[errnum]); - - /* Do this by hand, so we don't include stdio(3). */ - t = tmp; - do { - *t++ = "0123456789"[errnum % 10]; - } while (errnum /= 10); - for (p = ebuf + sizeof(UPREFIX) - 1;;) { - *p++ = *--t; - if (t <= tmp) - break; - } - return(ebuf); -} - -#endif -#endif /* !HAVE_STRERROR */ diff --git a/dbm/tests/.cvsignore b/dbm/tests/.cvsignore deleted file mode 100644 index a21fbfc35f..0000000000 --- a/dbm/tests/.cvsignore +++ /dev/null @@ -1,3 +0,0 @@ -Makefile -lots -test.db diff --git a/dbm/tests/Makefile.in b/dbm/tests/Makefile.in deleted file mode 100644 index 96cbdf8b5b..0000000000 --- a/dbm/tests/Makefile.in +++ /dev/null @@ -1,46 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/NPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is mozilla.org code. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# - -DEPTH = ../.. -topsrcdir = @top_srcdir@ -srcdir = @srcdir@ -VPATH = @srcdir@ - -include $(DEPTH)/config/autoconf.mk - -MODULE = dbm -PROGRAM = lots$(BIN_SUFFIX) - -CSRCS = lots.c - -ifeq ($(OS_ARCH),WINNT) -EXTRA_DSO_LIBS = dbm$(MOZ_BITS) -else -EXTRA_DSO_LIBS = mozdbm_s -endif - -LIBS = $(EXTRA_DSO_LIBS) - -include $(topsrcdir)/config/rules.mk - -ifeq ($(OS_ARCH), Linux) -DEFINES += -D_BSD_SOURCE -endif diff --git a/dbm/tests/lots.c b/dbm/tests/lots.c deleted file mode 100644 index 0b3191e74f..0000000000 --- a/dbm/tests/lots.c +++ /dev/null @@ -1,639 +0,0 @@ -/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* ***** BEGIN LICENSE BLOCK ***** - * Version: NPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Netscape Public License - * Version 1.1 (the "License"); you may not use this file except in - * compliance with the License. You may obtain a copy of the License at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is mozilla.org code. - * - * The Initial Developer of the Original Code is - * Netscape Communications Corporation. - * Portions created by the Initial Developer are Copyright (C) 1998 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): - * - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the NPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the NPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -/* use sequental numbers printed to strings - * to store lots and lots of entries in the - * database. - * - * Start with 100 entries, put them and then - * read them out. Then delete the first - * half and verify that all of the first half - * is gone and then verify that the second - * half is still there. - * Then add the first half back and verify - * again. Then delete the middle third - * and verify again. - * Then increase the size by 1000 and do - * the whole add delete thing again. - * - * The data for each object is the number string translated - * to hex and replicated a random number of times. The - * number of times that the data is replicated is the first - * int32 in the data. - */ - -#include - -#include -#ifdef STDC_HEADERS -#include -#else -#include -#endif - -#ifdef HAVE_MEMORY_H -#include -#endif -#include -#include -#include "mcom_db.h" - -DB *database=0; -int MsgPriority=5; - -#if defined(_WINDOWS) && !defined(WIN32) -#define int32 long -#define uint32 unsigned long -#else -#define int32 int -#define uint32 unsigned int -#endif - -typedef enum { -USE_LARGE_KEY, -USE_SMALL_KEY -} key_type_enum; - -#define TraceMe(priority, msg) \ - do { \ - if(priority <= MsgPriority) \ - { \ - ReportStatus msg; \ - } \ - } while(0) - -int -ReportStatus(char *string, ...) -{ - va_list args; - -#ifdef STDC_HEADERS - va_start(args, string); -#else - va_start(args); -#endif - vfprintf(stderr, string, args); - va_end(args); - - fprintf (stderr, "\n"); - - return(0); -} - -int -ReportError(char *string, ...) -{ - va_list args; - -#ifdef STDC_HEADERS - va_start(args, string); -#else - va_start(args); -#endif - fprintf (stderr, "\n "); - vfprintf(stderr, string, args); - fprintf (stderr, "\n"); - va_end(args); - - return(0); -} - -DBT * MakeLargeKey(int32 num) -{ - int32 low_bits; - static DBT rv; - static char *string_rv=0; - int rep_char; - size_t size; - - if(string_rv) - free(string_rv); - - /* generate a really large text key derived from - * an int32 - */ - low_bits = (num % 10000) + 1; - - /* get the repeat char from the low 26 */ - rep_char = (char) ((low_bits % 26) + 'a'); - - /* malloc a string low_bits wide */ - size = low_bits*sizeof(char); - string_rv = (char *)malloc(size); - - memset(string_rv, rep_char, size); - - rv.data = string_rv; - rv.size = size; - - return(&rv); -} - -DBT * MakeSmallKey(int32 num) -{ - static DBT rv; - static char data_string[64]; - - rv.data = data_string; - - sprintf(data_string, "%ld", (long)num); - rv.size = strlen(data_string); - - return(&rv); - -} - -DBT * GenKey(int32 num, key_type_enum key_type) -{ - DBT *key; - - switch(key_type) - { - case USE_LARGE_KEY: - key = MakeLargeKey(num); - break; - case USE_SMALL_KEY: - key = MakeSmallKey(num); - break; - default: - abort(); - break; - } - - return(key); -} - -int -SeqDatabase() -{ - int status; - DBT key, data; - - ReportStatus("SEQuencing through database..."); - - /* seq throught the whole database */ - if(!(status = (*database->seq)(database, &key, &data, R_FIRST))) - { - while(!(status = (database->seq) (database, &key, &data, R_NEXT))); - ; /* null body */ - } - - if(status < 0) - ReportError("Error seq'ing database"); - - return(status); -} - -int -VerifyData(DBT *data, int32 num, key_type_enum key_type) -{ - int32 count, compare_num; - size_t size; - int32 *int32_array; - - /* The first int32 is count - * The other n entries should - * all equal num - */ - if(data->size < sizeof(int32)) - { - ReportError("Data size corrupted"); - return -1; - } - - memcpy(&count, data->data, sizeof(int32)); - - size = sizeof(int32)*(count+1); - - if(size != data->size) - { - ReportError("Data size corrupted"); - return -1; - } - - int32_array = (int32*)data->data; - - for(;count > 0; count--) - { - memcpy(&compare_num, &int32_array[count], sizeof(int32)); - - if(compare_num != num) - { - ReportError("Data corrupted"); - return -1; - } - } - - return(0); -} - - -/* verify that a range of number strings exist - * or don't exist. And that the data is valid - */ -#define SHOULD_EXIST 1 -#define SHOULD_NOT_EXIST 0 -int -VerifyRange(int32 low, int32 high, int32 should_exist, key_type_enum key_type) -{ - DBT *key, data; - int32 num; - int status; - - TraceMe(1, ("Verifying: %ld to %ld, using %s keys", - low, high, key_type == USE_SMALL_KEY ? "SMALL" : "LARGE")); - - for(num = low; num <= high; num++) - { - - key = GenKey(num, key_type); - - status = (*database->get)(database, key, &data, 0); - - if(status == 0) - { - /* got the item */ - if(!should_exist) - { - ReportError("Item exists but shouldn't: %ld", num); - } - else - { - /* else verify the data */ - VerifyData(&data, num, key_type); - } - } - else if(status > 0) - { - /* item not found */ - if(should_exist) - { - ReportError("Item not found but should be: %ld", num); - } - } - else - { - /* database error */ - ReportError("Database error"); - return(-1); - } - - } - - TraceMe(1, ("Correctly verified: %ld to %ld", low, high)); - - return(0); - -} - -DBT * -GenData(int32 num) -{ - int32 n; - static DBT *data=0; - int32 *int32_array; - size_t size; - - if(!data) - { - data = (DBT*)malloc(sizeof(DBT)); - data->size = 0; - data->data = 0; - } - else if(data->data) - { - free(data->data); - } - - n = rand(); - - n = n % 512; /* bound to a 2K size */ - - - size = sizeof(int32)*(n+1); - int32_array = (int32 *) malloc(size); - - memcpy(&int32_array[0], &n, sizeof(int32)); - - for(; n > 0; n--) - { - memcpy(&int32_array[n], &num, sizeof(int32)); - } - - data->data = (void*)int32_array; - data->size = size; - - return(data); -} - -#define ADD_RANGE 1 -#define DELETE_RANGE 2 - -int -AddOrDelRange(int32 low, int32 high, int action, key_type_enum key_type) -{ - DBT *key, *data; -#if 0 /* only do this if your really analy checking the puts */ - DBT tmp_data; -#endif - int32 num; - int status; - - if(action != ADD_RANGE && action != DELETE_RANGE) - assert(0); - - if(action == ADD_RANGE) - { - TraceMe(1, ("Adding: %ld to %ld: %s keys", low, high, - key_type == USE_SMALL_KEY ? "SMALL" : "LARGE")); - } - else - { - TraceMe(1, ("Deleting: %ld to %ld: %s keys", low, high, - key_type == USE_SMALL_KEY ? "SMALL" : "LARGE")); - } - - for(num = low; num <= high; num++) - { - - key = GenKey(num, key_type); - - if(action == ADD_RANGE) - { - data = GenData(num); - status = (*database->put)(database, key, data, 0); - } - else - { - status = (*database->del)(database, key, 0); - } - - if(status < 0) - { - ReportError("Database error %s item: %ld", - action == ADD_RANGE ? "ADDING" : "DELETING", - num); - } - else if(status > 0) - { - ReportError("Could not %s item: %ld", - action == ADD_RANGE ? "ADD" : "DELETE", - num); - } - else if(action == ADD_RANGE) - { -#define SYNC_EVERY_TIME -#ifdef SYNC_EVERY_TIME - status = (*database->sync)(database, 0); - if(status != 0) - ReportError("Database error syncing after add"); -#endif - -#if 0 /* only do this if your really analy checking the puts */ - - /* make sure we can still get it - */ - status = (*database->get)(database, key, &tmp_data, 0); - - if(status != 0) - { - ReportError("Database error checking item just added: %d", - num); - } - else - { - /* now verify that none of the ones we already - * put in have disappeared - */ - VerifyRange(low, num, SHOULD_EXIST, key_type); - } -#endif - - } - } - - - if(action == ADD_RANGE) - { - TraceMe(1, ("Successfully added: %ld to %ld", low, high)); - } - else - { - TraceMe(1, ("Successfully deleted: %ld to %ld", low, high)); - } - - return(0); -} - -int -TestRange(int32 low, int32 range, key_type_enum key_type) -{ - int status; int32 low_of_range1, high_of_range1; int32 low_of_range2, high_of_range2; - int32 low_of_range3, high_of_range3; - - status = AddOrDelRange(low, low+range, ADD_RANGE, key_type); - status = VerifyRange(low, low+range, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 1")); - - SeqDatabase(); - - low_of_range1 = low; - high_of_range1 = low+(range/2); - low_of_range2 = high_of_range1+1; - high_of_range2 = low+range; - status = AddOrDelRange(low_of_range1, high_of_range1, DELETE_RANGE, key_type); - status = VerifyRange(low_of_range1, high_of_range1, SHOULD_NOT_EXIST, key_type); - status = VerifyRange(low_of_range2, low_of_range2, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 2")); - - SeqDatabase(); - - status = AddOrDelRange(low_of_range1, high_of_range1, ADD_RANGE, key_type); - /* the whole thing should exist now */ - status = VerifyRange(low, low+range, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 3")); - - SeqDatabase(); - - status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type); - status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type); - status = VerifyRange(low_of_range2, high_of_range2, SHOULD_NOT_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 4")); - - SeqDatabase(); - - status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type); - /* the whole thing should exist now */ - status = VerifyRange(low, low+range, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 5")); - - SeqDatabase(); - - low_of_range1 = low; - high_of_range1 = low+(range/3); - low_of_range2 = high_of_range1+1; - high_of_range2 = high_of_range1+(range/3); - low_of_range3 = high_of_range2+1; - high_of_range3 = low+range; - /* delete range 2 */ - status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type); - status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type); - status = VerifyRange(low_of_range2, low_of_range2, SHOULD_NOT_EXIST, key_type); - status = VerifyRange(low_of_range3, low_of_range2, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 6")); - - SeqDatabase(); - - status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type); - /* the whole thing should exist now */ - status = VerifyRange(low, low+range, SHOULD_EXIST, key_type); - - TraceMe(1, ("Finished with sub test 7")); - - return(0); -} - -#define START_RANGE 109876 -int -main(int argc, char **argv) -{ - int32 i, j=0; - int quick_exit = 0; - int large_keys = 0; - HASHINFO hash_info = { - 16*1024, - 0, - 0, - 0, - 0, - 0}; - - - if(argc > 1) - { - while(argc > 1) - { - if(!strcmp(argv[argc-1], "-quick")) - quick_exit = 1; - else if(!strcmp(argv[argc-1], "-large")) - { - large_keys = 1; - } - argc--; - } - } - - database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, &hash_info); - - if(!database) - { - ReportError("Could not open database"); -#ifdef unix - perror(""); -#endif - exit(1); - } - - if(quick_exit) - { - if(large_keys) - TestRange(START_RANGE, 200, USE_LARGE_KEY); - else - TestRange(START_RANGE, 200, USE_SMALL_KEY); - - (*database->sync)(database, 0); - (*database->close)(database); - exit(0); - } - - for(i=100; i < 10000000; i+=200) - { - if(1 || j) - { - TestRange(START_RANGE, i, USE_LARGE_KEY); - j = 0; - } - else - { - TestRange(START_RANGE, i, USE_SMALL_KEY); - j = 1; - } - - if(1 == rand() % 3) - { - (*database->sync)(database, 0); - } - - if(1 == rand() % 3) - { - /* close and reopen */ - (*database->close)(database); - database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0); - if(!database) - { - ReportError("Could not reopen database"); -#ifdef unix - perror(""); -#endif - exit(1); - } - } - else - { - /* reopen database without closeing the other */ - database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0); - if(!database) - { - ReportError("Could not reopen database " - "after not closing the other"); -#ifdef unix - perror(""); -#endif - exit(1); - } - } - } - - return(0); -} diff --git a/security/dbm/Makefile b/security/dbm/Makefile deleted file mode 100644 index 34cd6d8991..0000000000 --- a/security/dbm/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -coreconf_hack: - cd ../coreconf; gmake - gmake import - -RelEng_bld: coreconf_hack - gmake diff --git a/security/dbm/config/config.mk b/security/dbm/config/config.mk deleted file mode 100644 index 7533649318..0000000000 --- a/security/dbm/config/config.mk +++ /dev/null @@ -1,67 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# These macros are defined by mozilla's configure script. -# We define them manually here. -# - -DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR - -# -# Most platforms have snprintf, so it's simpler to list the exceptions. -# -HAVE_SNPRINTF = 1 -# -# OSF1 V4.0D doesn't have snprintf but V5.0A does. -# -ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D) -HAVE_SNPRINTF = -endif -ifdef HAVE_SNPRINTF -DEFINES += -DHAVE_SNPRINTF -endif - -ifeq (,$(filter-out IRIX Linux,$(OS_TARGET))) -DEFINES += -DHAVE_SYS_CDEFS_H -endif - -ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET))) -DEFINES += -DHAVE_SYS_BYTEORDER_H -endif - -# -# None of the platforms that we are interested in need to -# define HAVE_MEMORY_H. -# diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile deleted file mode 100644 index ba4dd8ddf3..0000000000 --- a/security/dbm/include/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn deleted file mode 100644 index 886fedd988..0000000000 --- a/security/dbm/include/manifest.mn +++ /dev/null @@ -1,57 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/include - -MODULE = dbm - -EXPORTS = nsres.h \ - cdefs.h \ - mcom_db.h \ - ncompat.h \ - winfile.h \ - $(NULL) - -PRIVATE_EXPORTS = hsearch.h \ - page.h \ - extern.h \ - ndbm.h \ - queue.h \ - hash.h \ - mpool.h \ - search.h \ - $(NULL) - diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn deleted file mode 100644 index 11f4f4237c..0000000000 --- a/security/dbm/manifest.mn +++ /dev/null @@ -1,45 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = .. - -MODULE = dbm - -IMPORTS = nspr20/v4.1.2 - -RELEASE = dbm - -DIRS = include \ - src \ - $(NULL) diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile deleted file mode 100644 index 8fce983941..0000000000 --- a/security/dbm/src/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/dbm/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk deleted file mode 100644 index 370fd75d63..0000000000 --- a/security/dbm/src/config.mk +++ /dev/null @@ -1,63 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG) - -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -# -# Currently, override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PURE_LIBRARY = -PROGRAM = - -ifdef SHARED_LIBRARY - ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16 - DLLBASE=/BASE:0x30000000 - RES=$(OBJDIR)/dbm.res - RESNAME=../include/dbm.rc - endif - ifeq ($(DLL_SUFFIX),dll) - DEFINES += -D_DLL - endif -endif - -ifeq ($(OS_TARGET),AIX) - OS_LIBS += -lc_r -endif diff --git a/security/dbm/src/dirent.c b/security/dbm/src/dirent.c deleted file mode 100644 index 001a48c5c2..0000000000 --- a/security/dbm/src/dirent.c +++ /dev/null @@ -1,348 +0,0 @@ -#ifdef OS2 - -#include -#include -#include -#include - -#include -#include - -/*#ifndef __EMX__ -#include -#endif */ - -#define INCL_DOSFILEMGR -#define INCL_DOSERRORS -#include - -#if OS2 >= 2 -# define FFBUF FILEFINDBUF3 -# define Word ULONG - /* - * LS20 recommends a request count of 100, but according to the - * APAR text it does not lead to missing files, just to funny - * numbers of returned entries. - * - * LS30 HPFS386 requires a count greater than 2, or some files - * are missing (those starting with a character less that '.'). - * - * Novell looses entries which overflow the buffer. In previous - * versions of dirent2, this could have lead to missing files - * when the average length of 100 directory entries was 40 bytes - * or more (quite unlikely for files on a Novell server). - * - * Conclusion: Make sure that the entries all fit into the buffer - * and that the buffer is large enough for more than 2 entries - * (each entry is at most 300 bytes long). And ignore the LS20 - * effect. - */ -# define Count 25 -# define BufSz (25 * (sizeof(FILEFINDBUF3)+1)) -#else -# define FFBUF FILEFINDBUF -# define Word USHORT -# define BufSz 1024 -# define Count 3 -#endif - -#if defined(__IBMC__) || defined(__IBMCPP__) - #define error(rc) _doserrno = rc, errno = EOS2ERR -#elif defined(MICROSOFT) - #define error(rc) _doserrno = rc, errno = 255 -#else - #define error(rc) errno = 255 -#endif - -struct _dirdescr { - HDIR handle; /* DosFindFirst handle */ - char fstype; /* filesystem type */ - Word count; /* valid entries in */ - long number; /* absolute number of next entry */ - int index; /* relative number of next entry */ - FFBUF * next; /* pointer to next entry */ - char name[MAXPATHLEN+3]; /* directory name */ - unsigned attrmask; /* attribute mask for seekdir */ - struct dirent entry; /* buffer for directory entry */ - BYTE ffbuf[BufSz]; -}; - -/* - * Return first char of filesystem type, or 0 if unknown. - */ -static char -getFSType(const char *path) -{ - static char cache[1+26]; - char drive[3], info[512]; - Word unit, infolen; - char r; - - if (isalpha(path[0]) && path[1] == ':') { - unit = toupper(path[0]) - '@'; - path += 2; - } else { - ULONG driveMap; -#if OS2 >= 2 - if (DosQueryCurrentDisk(&unit, &driveMap)) -#else - if (DosQCurDisk(&unit, &driveMap)) -#endif - return 0; - } - - if ((path[0] == '\\' || path[0] == '/') - && (path[1] == '\\' || path[1] == '/')) - return 0; - - if (cache [unit]) - return cache [unit]; - - drive[0] = '@' + unit; - drive[1] = ':'; - drive[2] = '\0'; - infolen = sizeof info; -#if OS2 >= 2 - if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen)) - return 0; - if (infolen >= sizeof(FSQBUFFER2)) { - FSQBUFFER2 *p = (FSQBUFFER2 *)info; - r = p->szFSDName[p->cbName]; - } else -#else - if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0)) - return 0; - if (infolen >= 9) { - char *p = info + sizeof(USHORT); - p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT); - r = *p; - } else -#endif - r = 0; - return cache [unit] = r; -} - -char * -abs_path(const char *name, char *buffer, int len) -{ - char buf[4]; - if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') { - buf[0] = name[0]; - buf[1] = name[1]; - buf[2] = '.'; - buf[3] = '\0'; - name = buf; - } -#if OS2 >= 2 - if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len)) -#else - if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L)) -#endif - return NULL; - return buffer; -} - -DIR * -openxdir(const char *path, unsigned att_mask) -{ - DIR *dir; - char name[MAXPATHLEN+3]; - Word rc; - - dir = malloc(sizeof(DIR)); - if (dir == NULL) { - errno = ENOMEM; - return NULL; - } - - strncpy(name, path, MAXPATHLEN); - name[MAXPATHLEN] = '\0'; - switch (name[strlen(name)-1]) { - default: - strcat(name, "\\"); - case '\\': - case '/': - case ':': - ; - } - strcat(name, "."); - if (!abs_path(name, dir->name, MAXPATHLEN+1)) - strcpy(dir->name, name); - if (dir->name[strlen(dir->name)-1] == '\\') - strcat(dir->name, "*"); - else - strcat(dir->name, "\\*"); - - dir->fstype = getFSType(dir->name); - dir->attrmask = att_mask | A_DIR; - - dir->handle = HDIR_CREATE; - dir->count = 100; -#if OS2 >= 2 - rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask, - dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); -#else - rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask, - (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); -#endif - switch (rc) { - default: - free(dir); - error(rc); - return NULL; - case NO_ERROR: - case ERROR_NO_MORE_FILES: - ; - } - - dir->number = 0; - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - - return (DIR *)dir; -} - -DIR * -opendir(const char *pathname) -{ - return openxdir(pathname, 0); -} - -struct dirent * -readdir(DIR *dir) -{ - static int dummy_ino = 2; - - if (dir->index == dir->count) { - Word rc; - dir->count = 100; -#if OS2 >= 2 - rc = DosFindNext(dir->handle, dir->ffbuf, - sizeof dir->ffbuf, &dir->count); -#else - rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf, - sizeof dir->ffbuf, &dir->count); -#endif - if (rc) { - error(rc); - return NULL; - } - - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - } - - if (dir->index == dir->count) - return NULL; - - memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName); - dir->entry.d_name[dir->next->cchName] = '\0'; - dir->entry.d_ino = dummy_ino++; - dir->entry.d_reclen = dir->next->cchName; - dir->entry.d_namlen = dir->next->cchName; - dir->entry.d_size = dir->next->cbFile; - dir->entry.d_attribute = dir->next->attrFile; - dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite; - dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite; - - switch (dir->fstype) { - case 'F': /* FAT */ - case 'C': /* CDFS */ - if (dir->next->attrFile & FILE_DIRECTORY) - strupr(dir->entry.d_name); - else - strlwr(dir->entry.d_name); - } - -#if OS2 >= 2 - dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset); -#else - dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1); -#endif - ++dir->number; - ++dir->index; - - return &dir->entry; -} - -long -telldir(DIR *dir) -{ - return dir->number; -} - -void -seekdir(DIR *dir, long off) -{ - if (dir->number > off) { - char name[MAXPATHLEN+2]; - Word rc; - - DosFindClose(dir->handle); - - strcpy(name, dir->name); - strcat(name, "*"); - - dir->handle = HDIR_CREATE; - dir->count = 32767; -#if OS2 >= 2 - rc = DosFindFirst(name, &dir->handle, dir->attrmask, - dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD); -#else - rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask, - (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0); -#endif - switch (rc) { - default: - error(rc); - return; - case NO_ERROR: - case ERROR_NO_MORE_FILES: - ; - } - - dir->number = 0; - dir->index = 0; - dir->next = (FFBUF *)dir->ffbuf; - } - - while (dir->number < off && readdir(dir)) - ; -} - -void -closedir(DIR *dir) -{ - DosFindClose(dir->handle); - free(dir); -} - -/*****************************************************************************/ - -#ifdef TEST - -main(int argc, char **argv) -{ - int i; - DIR *dir; - struct dirent *ep; - - for (i = 1; i < argc; ++i) { - dir = opendir(argv[i]); - if (!dir) - continue; - while (ep = readdir(dir)) - if (strchr("\\/:", argv[i] [strlen(argv[i]) - 1])) - printf("%s%s\n", argv[i], ep->d_name); - else - printf("%s/%s\n", argv[i], ep->d_name); - closedir(dir); - } - - return 0; -} - -#endif - -#endif /* OS2 */ - diff --git a/security/dbm/src/dirent.h b/security/dbm/src/dirent.h deleted file mode 100644 index 07a6c0ac87..0000000000 --- a/security/dbm/src/dirent.h +++ /dev/null @@ -1,97 +0,0 @@ -#ifndef __DIRENT_H__ -#define __DIRENT_H__ -/* - * @(#)msd_dir.h 1.4 87/11/06 Public Domain. - * - * A public domain implementation of BSD directory routines for - * MS-DOS. Written by Michael Rendell ({uunet,utai}michael@garfield), - * August 1897 - * - * Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks - * and returns 2 more pieces of information - file size & attribute. - * Plus a little reshuffling of some #define's positions December 1987 - * - * Some modifications by Martin Junius 02-14-89 - * - * AK900712 - * AK910410 abs_path - make absolute path - * - */ - -#ifdef __EMX__ -#include -#else -#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC) -#include -#ifdef MAXPATHLEN - #undef MAXPATHLEN -#endif -#define MAXPATHLEN (FILENAME_MAX*4) -#define MAXNAMLEN FILENAME_MAX - -#else -#include -#endif -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* attribute stuff */ -#ifndef A_RONLY -# define A_RONLY 0x01 -# define A_HIDDEN 0x02 -# define A_SYSTEM 0x04 -# define A_LABEL 0x08 -# define A_DIR 0x10 -# define A_ARCHIVE 0x20 -#endif - -struct dirent { -#if defined(OS2) || defined(WIN32) /* use the layout of EMX to avoid trouble */ - int d_ino; /* Dummy */ - int d_reclen; /* Dummy, same as d_namlen */ - int d_namlen; /* length of name */ - char d_name[MAXNAMLEN + 1]; - unsigned long d_size; - unsigned short d_attribute; /* attributes (see above) */ - unsigned short d_time; /* modification time */ - unsigned short d_date; /* modification date */ -#else - char d_name[MAXNAMLEN + 1]; /* garentee null termination */ - char d_attribute; /* .. extension .. */ - unsigned long d_size; /* .. extension .. */ -#endif -}; - -typedef struct _dirdescr DIR; -/* the structs do not have to be defined here */ - -extern DIR *opendir(const char *); -extern DIR *openxdir(const char *, unsigned); -extern struct dirent *readdir(DIR *); -extern void seekdir(DIR *, long); -extern long telldir(DIR *); -extern void closedir(DIR *); -#define rewinddir(dirp) seekdir(dirp, 0L) - -extern char * abs_path(const char *name, char *buffer, int len); - -#ifndef S_IFMT -#define S_IFMT ( S_IFDIR | S_IFREG ) -#endif - -#ifndef S_ISDIR -#define S_ISDIR( m ) (((m) & S_IFMT) == S_IFDIR) -#endif - -#ifndef S_ISREG -#define S_ISREG( m ) (((m) & S_IFMT) == S_IFREG) -#endif - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/security/dbm/src/manifest.mn b/security/dbm/src/manifest.mn deleted file mode 100644 index 80f2abfd0e..0000000000 --- a/security/dbm/src/manifest.mn +++ /dev/null @@ -1,61 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/src - -MODULE = dbm - -# -# memmove.c, snprintf.c, and strerror.c are not in CSRCS because -# the Standard C Library has memmove and strerror and DBM is not -# using snprintf. -# - -CSRCS = db.c \ - h_bigkey.c \ - h_func.c \ - h_log2.c \ - h_page.c \ - hash.c \ - hash_buf.c \ - hsearch.c \ - mktemp.c \ - ndbm.c \ - nsres.c \ - dirent.c \ - $(NULL) - -LIBRARY_NAME = dbm diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile deleted file mode 100644 index fe132e19c5..0000000000 --- a/security/dbm/tests/Makefile +++ /dev/null @@ -1,69 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -DEPTH = ../.. -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/tests - -MODULE = dbm - -CSRCS = lots.c - -PROGRAM = lots - -include $(DEPTH)/coreconf/config.mk - -include $(DEPTH)/dbm/config/config.mk - -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX) -else -LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX) -endif - -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -LDFLAGS = $(LDOPTS) $(LIBDBM) - -include $(DEPTH)/coreconf/rules.mk - -lots.pure: lots - purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS) - -crash: crash.o $(MYLIBS) - $(CC) -o crash $(CFLAGS) $^ - -crash.pure: crash.o $(MYLIBS) - purify $(CC) -o crash.pure $(CFLAGS) $^ - diff --git a/security/nss/Makefile b/security/nss/Makefile deleted file mode 100644 index 321db9af0b..0000000000 --- a/security/nss/Makefile +++ /dev/null @@ -1,173 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -ifeq ($(OS_TARGET),WINCE) -DIRS = lib # omit cmd since wince has no command line shell -endif - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -nss_build_all: build_coreconf build_nspr build_dbm all - -build_coreconf: - cd $(CORE_DEPTH)/coreconf ; $(MAKE) - -NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status -NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure - -# -# Translate coreconf build options to NSPR configure options. -# - -ifdef BUILD_OPT -NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize -endif -ifdef USE_64 -NSPR_CONFIGURE_OPTS += --enable-64bit -endif -ifeq ($(OS_TARGET),WIN95) -NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95 -endif -ifdef USE_DEBUG_RTL -NSPR_CONFIGURE_OPTS += --enable-debug-rtl -endif -ifdef NS_USE_GCC -NSPR_COMPILERS = CC=gcc CXX=g++ -endif - -# -# Some pwd commands on Windows (for example, the pwd -# command in Cygwin) return a pathname that begins -# with a (forward) slash. When such a pathname is -# passed to Windows build tools (for example, cl), it -# is mistaken as a command-line option. If that is the case, -# we use a relative pathname as NSPR's prefix on Windows. -# - -USEABSPATH="YES" -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -ifeq (,$(findstring :,$(shell pwd))) -USEABSPATH="NO" -endif -endif -ifeq ($(USEABSPATH),"YES") -NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME) -else -NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME) -endif - -$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE) - $(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) - cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \ - $(NSPR_COMPILERS) sh ../configure \ - $(NSPR_CONFIGURE_OPTS) \ - --with-dist-prefix='$(NSPR_PREFIX)' \ - --with-dist-includedir='$(NSPR_PREFIX)/include' - -build_nspr: $(NSPR_CONFIG_STATUS) - cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE) - -build_dbm: - cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs - - - -moz_import:: -ifeq (,$(filter-out WIN%,$(OS_TARGET))) - $(NSINSTALL) -D $(DIST)/include/nspr - cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr - cp $(DIST)/../include/* $(DIST)/include -ifdef BUILD_OPT - cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib -else - cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib -endif - mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib -else -ifeq ($(OS_TARGET),OS2) - cp -rf $(DIST)/../include $(DIST) - cp -rf $(DIST)/../lib $(DIST) - cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX) -else - $(NSINSTALL) -L ../../dist include $(DIST) - $(NSINSTALL) -L ../../dist lib $(DIST) - cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX) -endif -endif - -nss_RelEng_bld: build_coreconf import all - -ifeq ($(OS_ARCH),SunOS) -solarispkg: - @echo Making Solaris packages. - rm -rf pkg/$(OBJDIR) - cp -r pkg/solaris pkg/$(OBJDIR) - $(MAKE) -C pkg/$(OBJDIR) publish -endif diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore deleted file mode 100644 index 6329db22e8..0000000000 --- a/security/nss/cmd/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.gdbinit diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile deleted file mode 100644 index 5e716b9b3e..0000000000 --- a/security/nss/cmd/Makefile +++ /dev/null @@ -1,182 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. -DEPTH = ../.. - -include manifest.mn -include $(CORE_DEPTH)/coreconf/config.mk - -# These sources were once in this directory, but now are gone. -MISSING_SOURCES = \ - addcert.c \ - berparse.c \ - cert.c \ - key.c \ - key_rand.c \ - keygen.c \ - sec_fe.c \ - sec_read.c \ - secarb.c \ - secutil.c \ - $(NULL) - -# we don't build these any more, but the sources are still here -OBSOLETE = \ - berdec.c \ - berdump.c \ - cypher.c \ - dumpcert.c \ - listcerts.c \ - mkdongle.c \ - p12exprt.c \ - p12imprt.c \ - rc4.c \ - sign.c \ - unwrap.c \ - vector.c \ - verify.c \ - wrap.c \ - $(NULL) - -# the base files for the executables -# hey -- keep these alphabetical, please -EXEC_SRCS = \ - $(NULL) - -# files that generate two separate objects and executables -# BI_SRCS = \ -# keyutil.c \ -# p7env.c \ -# tstclnt.c \ -# $(NULL) - -# -I$(CORE_DEPTH)/security/lib/cert \ -# -I$(CORE_DEPTH)/security/lib/key \ -# -I$(CORE_DEPTH)/security/lib/util \ - -INCLUDES += \ - -I$(DIST)/../public/security \ - -I./include \ - $(NULL) - -TBD_DIRS = rsh rshd rdist ssld - -# For the time being, sec stuff is export only -# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION - -US_FLAGS = -DEXPORT_VERSION -EXPORT_FLAGS = -DEXPORT_VERSION - -BASE_LIBS = \ - $(DIST)/lib/libdbm.$(LIB_SUFFIX) \ - $(DIST)/lib/libxp.$(LIB_SUFFIX) \ - $(DIST)/lib/libnspr.$(LIB_SUFFIX) \ - $(NULL) - -# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \ - -#There is a circular dependancy in security/lib, and here is a gross fix -SEC_LIBS = \ - $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \ - $(DIST)/lib/libssl.$(LIB_SUFFIX) \ - $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \ - $(DIST)/lib/libcert.$(LIB_SUFFIX) \ - $(DIST)/lib/libkey.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \ - $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \ - $(DIST)/lib/libssl.$(LIB_SUFFIX) \ - $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \ - $(DIST)/lib/libcert.$(LIB_SUFFIX) \ - $(DIST)/lib/libkey.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \ - $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \ - $(DIST)/lib/libhash.$(LIB_SUFFIX) \ - $(NULL) - -MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX) - -US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) -EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) - -REQUIRES = libxp nspr security - -CSRCS = $(EXEC_SRCS) $(BI_SRCS) - -OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o) - -PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX))) -US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX))) -EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX))) - - -NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS) -TARGETS = $(NON_DIRS) - -include $(CORE_DEPTH)/coreconf/rules.mk - - -ifneq ($(OS_TARGET),OS2) -$(OBJDIR)/%-us.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(US_FLAGS) -c $*.c - -$(OBJDIR)/%-ex.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c - -$(OBJDIR)/%.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c - -$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS) - -$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS) - -$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS) - -#install:: $(TARGETS) -# $(INSTALL) $(TARGETS) $(DIST)/bin -endif - -symbols:: - @echo "TARGETS = $(TARGETS)" diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile deleted file mode 100644 index cf741f387c..0000000000 --- a/security/nss/cmd/SSLsample/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# do these once for each target program -all default export libs program install release_export:: - $(MAKE) -f make.client $@ - $(MAKE) -f make.server $@ - -# only do these things once for the whole directory -depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show:: - $(MAKE) -f make.client $@ - - diff --git a/security/nss/cmd/SSLsample/Makefile.NSS b/security/nss/cmd/SSLsample/Makefile.NSS deleted file mode 100644 index 0a3545f4f7..0000000000 --- a/security/nss/cmd/SSLsample/Makefile.NSS +++ /dev/null @@ -1,58 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -ARCH := $(shell uname) - -ifeq ($(ARCH), SunOS) - DEFINES = -KPIC -DSVR4 -DSOLARIS -DSYSV -D__svr4 -D__svr4__ \ - -D_REENTRANT -DSOLARIS2_5 -D_SVID_GETTOD -DXP_UNIX -UDEBUG -DNDEBUG \ - -DXP_UNIX - INCPATH = -I. -I../include/dbm -I../include/nspr -I../include/security - LIBPATH = -L../lib - LIBS = -lnss -lssl -lpkcs7 -lpkcs12 -lsecmod -lcert -lkey \ - -lcrypto -lsecutil -lhash -ldbm -lplc4 -lplds4 -lnspr4 -lsocket -lnsl - CFLAGS = -g - CC = cc -endif # SunOS - -# The rules to build the sample apps appear below. - -server: - $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS) - -client: - $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS) - -clean: - rm -fr server client server.o client.o - diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h deleted file mode 100644 index bacdef6b2f..0000000000 --- a/security/nss/cmd/SSLsample/NSPRerrs.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* General NSPR 2.0 errors */ -/* Caller must #include "prerror.h" */ - -ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." ) -ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." ) -ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." ) -ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." ) -ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." ) -ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." ) -ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." ) -ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." ) -ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." ) -ER2( PR_IO_ERROR, "I/O function error." ) -ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." ) -ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." ) -ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." ) -ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." ) -ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." ) -ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." ) -ER2( PR_IS_CONNECTED_ERROR, "Already connected." ) -ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." ) -ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." ) -ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." ) -ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." ) -ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." ) -ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." ) -ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." ) -ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." ) -ER2( PR_FIND_SYMBOL_ERROR, -"Symbol not found in any of the loaded dynamic libraries." ) -ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." ) -ER2( PR_DIRECTORY_LOOKUP_ERROR, -"A directory lookup on a network address has failed." ) -ER2( PR_TPD_RANGE_ERROR, -"Attempt to access a TPD key that is out of range." ) -ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." ) -ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." ) -ER2( PR_NOT_SOCKET_ERROR, -"Network operation attempted on non-network file descriptor." ) -ER2( PR_NOT_TCP_SOCKET_ERROR, -"TCP-specific function attempted on a non-TCP file descriptor." ) -ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." ) -ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." ) -ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, -"The requested operation is not supported by the platform." ) -ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, -"The host operating system does not support the protocol requested." ) -ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." ) -ER2( PR_BUFFER_OVERFLOW_ERROR, -"The value requested is too large to be stored in the data buffer provided." ) -ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." ) -ER2( PR_RANGE_ERROR, "Unused." ) -ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." ) -ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." ) -ER2( PR_FILE_TOO_BIG_ERROR, -"Write would result in file larger than the system allows." ) -ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." ) -ER2( PR_PIPE_ERROR, "Unused." ) -ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." ) -ER2( PR_IS_DIRECTORY_ERROR, -"Cannot perform a normal file operation on a directory." ) -ER2( PR_LOOP_ERROR, "Symbolic link loop." ) -ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." ) -ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." ) -ER2( PR_NOT_DIRECTORY_ERROR, -"Cannot perform directory operation on a normal file." ) -ER2( PR_READ_ONLY_FILESYSTEM_ERROR, -"Cannot write to a read-only file system." ) -ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, -"Cannot delete a directory that is not empty." ) -ER2( PR_FILESYSTEM_MOUNTED_ERROR, -"Cannot delete or rename a file object while the file system is busy." ) -ER2( PR_NOT_SAME_DEVICE_ERROR, -"Cannot rename a file to a file system on another device." ) -ER2( PR_DIRECTORY_CORRUPTED_ERROR, -"The directory object in the file system is corrupted." ) -ER2( PR_FILE_EXISTS_ERROR, -"Cannot create or rename a filename that already exists." ) -ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, -"Directory is full. No additional filenames may be added." ) -ER2( PR_INVALID_DEVICE_STATE_ERROR, -"The required device was in an invalid state." ) -ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." ) -ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." ) -ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." ) -ER2( PR_FILE_SEEK_ERROR, "Seek error." ) -ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." ) -ER2( PR_IN_PROGRESS_ERROR, -"Operation is still in progress (probably a non-blocking connect)." ) -ER2( PR_ALREADY_INITIATED_ERROR, -"Operation has already been initiated (probably a non-blocking connect)." ) - -#ifdef PR_GROUP_EMPTY_ERROR -ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." ) -#endif - -#ifdef PR_INVALID_STATE_ERROR -ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." ) -#endif - -ER2( PR_MAX_ERROR, "Placeholder for the end of the list" ) diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README deleted file mode 100644 index 2c4c09110d..0000000000 --- a/security/nss/cmd/SSLsample/README +++ /dev/null @@ -1,43 +0,0 @@ -These sample programs can be built in either of two ways: -1) is the NSS source tree, using the coreconf build system, and -2) stand alone (as part of the NSS distribution). - -The following makefiles are used only when building in the NSS source tree -using coreconf. These are NOT part of the distribution. - -Makefile -client.mn -server.mn -config.mk -make.client -make.server - -The following makefiles are used only when building in the NSS distribution. -These files are part of the distribution. - -Makefile.NSS -nmakefile95.nss -nmakefilent.nss - - -The following source files are common to both build environments and are -part of the distribution. - -NSPRerrs.h -SECerrs.h -SSLerrs.h -client.c -getopt.c -server.c -sslerror.h - -In the NSS 2.0 distribution, the sample code and makefiles are in a -directory named "samples". The directories relevant to building -in the distributed tree are: - -./samples -./include/dbm -./include/nspr -./include/security -./lib - diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h deleted file mode 100644 index 2059df6a2b..0000000000 --- a/security/nss/cmd/SSLsample/SECerrs.h +++ /dev/null @@ -1,441 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* General security error codes */ -/* Caller must #include "secerr.h" */ - -ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0, -"An I/O error occurred during security authorization.") - -ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1, -"security library failure.") - -ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2, -"security library: received bad data.") - -ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3, -"security library: output length error.") - -ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4, -"security library has experienced an input length error.") - -ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5, -"security library: invalid arguments.") - -ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6, -"security library: invalid algorithm.") - -ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7, -"security library: invalid AVA.") - -ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8, -"Improperly formatted time string.") - -ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9, -"security library: improperly formatted DER-encoded message.") - -ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10, -"Peer's certificate has an invalid signature.") - -ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11, -"Peer's Certificate has expired.") - -ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12, -"Peer's Certificate has been revoked.") - -ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13, -"Peer's Certificate issuer is not recognized.") - -ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14, -"Peer's public key is invalid.") - -ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15, -"The security password entered is incorrect.") - -ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16, -"New password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17, -"security library: no nodelock.") - -ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18, -"security library: bad database.") - -ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19, -"security library: memory allocation failure.") - -ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20, -"Peer's certificate issuer has been marked as not trusted by the user.") - -ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21, -"Peer's certificate has been marked as not trusted by the user.") - -ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22), -"Certificate already exists in your database.") - -ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23), -"Downloaded certificate's name duplicates one already in your database.") - -ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24), -"Error adding certificate to database.") - -ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25), -"Error refiling the key for this certificate.") - -ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26), -"The private key for this certificate cannot be found in key database") - -ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27), -"This certificate is valid.") - -ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28), -"This certificate is not valid.") - -ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29), -"Cert Library: No Response") - -ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30), -"The certificate issuer's certificate has expired. Check your system date and time.") - -ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31), -"The CRL for the certificate's issuer has expired. Update it or check your system data and time.") - -ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32), -"The CRL for the certificate's issuer has an invalid signature.") - -ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33), -"New CRL has an invalid format.") - -ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34), -"Certificate extension value is invalid.") - -ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35), -"Certificate extension not found.") - -ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36), -"Issuer certificate is invalid.") - -ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37), -"Certificate path length constraint is invalid.") - -ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38), -"Certificate usages field is invalid.") - -ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39), -"**Internal ONLY module**") - -ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40), -"The key does not support the requested operation.") - -ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41), -"Certificate contains unknown critical extension.") - -ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42), -"New CRL is not later than the current one.") - -ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43), -"Not encrypted or signed: you do not yet have an email certificate.") - -ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44), -"Not encrypted: you do not have certificates for each of the recipients.") - -ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45), -"Cannot decrypt: you are not a recipient, or matching certificate and \ -private key not found.") - -ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46), -"Cannot decrypt: key encryption algorithm does not match your certificate.") - -ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47), -"Signature verification failed: no signer found, too many signers found, \ -or improper or corrupted data.") - -ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48), -"Unsupported or unknown key algorithm.") - -ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49), -"Cannot decrypt: encrypted using a disallowed algorithm or key size.") - - -/* Fortezza Alerts */ -ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50), -"Fortezza card has not been properly initialized. \ -Please remove it and return it to your issuer.") - -ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51), -"No Fortezza cards Found") - -ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52), -"No Fortezza card selected") - -ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53), -"Please select a personality to get more info on") - -ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54), -"Personality not found") - -ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55), -"No more information on that Personality") - -ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56), -"Invalid Pin") - -ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57), -"Couldn't initialize Fortezza personalities.") -/* end fortezza alerts. */ - -ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58), -"No KRL for this site's certificate has been found.") - -ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59), -"The KRL for this site's certificate has expired.") - -ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60), -"The KRL for this site's certificate has an invalid signature.") - -ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61), -"The key for this site's certificate has been revoked.") - -ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62), -"New KRL has an invalid format.") - -ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63), -"security library: need random data.") - -ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64), -"security library: no security module can perform the requested operation.") - -ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65), -"The security card or token does not exist, needs to be initialized, or has been removed.") - -ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66), -"security library: read-only database.") - -ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67), -"No slot or token was selected.") - -ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68), -"A certificate with the same nickname already exists.") - -ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69), -"A key with the same nickname already exists.") - -ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70), -"error while creating safe object") - -ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71), -"error while creating baggage object") - -ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72), -"Couldn't remove the principal") - -ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73), -"Couldn't delete the privilege") - -ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74), -"This principal doesn't have a certificate") - -ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75), -"Required algorithm is not allowed.") - -ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76), -"Error attempting to export certificates.") - -ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77), -"Error attempting to import certificates.") - -ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78), -"Unable to import. Decoding error. File not valid.") - -ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79), -"Unable to import. Invalid MAC. Incorrect password or corrupt file.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80), -"Unable to import. MAC algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81), -"Unable to import. Only password integrity and privacy modes supported.") - -ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82), -"Unable to import. File structure is corrupt.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83), -"Unable to import. Encryption algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84), -"Unable to import. File version not supported.") - -ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85), -"Unable to import. Incorrect privacy password.") - -ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86), -"Unable to import. Same nickname already exists in database.") - -ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87), -"The user pressed cancel.") - -ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88), -"Not imported, already in database.") - -ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89), -"Message not sent.") - -ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90), -"Certificate key usage inadequate for attempted operation.") - -ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91), -"Certificate type not approved for application.") - -ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92), -"Address in signing certificate does not match address in message headers.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93), -"Unable to import. Error attempting to import private key.") - -ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94), -"Unable to import. Error attempting to import certificate chain.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95), -"Unable to export. Unable to locate certificate or key by nickname.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96), -"Unable to export. Private Key could not be located and exported.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97), -"Unable to export. Unable to write the export file.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98), -"Unable to import. Unable to read the import file.") - -ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99), -"Unable to export. Key database corrupt or deleted.") - -ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100), -"Unable to generate public/private key pair.") - -ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101), -"Password entered is invalid. Please pick a different one.") - -ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102), -"Old password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103), -"Certificate nickname already in use.") - -ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104), -"Peer FORTEZZA chain has a non-FORTEZZA Certificate.") - -/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */ - -ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106), -"Invalid module name.") - -ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107), -"Invalid module path/filename") - -ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108), -"Unable to add module") - -ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109), -"Unable to delete module") - -ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110), -"New KRL is not later than the current one.") - -ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111), -"New CKL has different issuer than current CKL. Delete current CKL.") - -ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112), -"The Certifying Authority for this certificate is not permitted to issue a \ -certificate with this name.") - -ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113), -"The key revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114), -"The certificate revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115), -"The requested certificate could not be found.") - -ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116), -"The signer's certificate could not be found.") - -ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117), -"The location for the certificate status server has invalid format.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118), -"The OCSP response cannot be fully decoded; it is of an unknown type.") - -ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119), -"The OCSP server returned unexpected/invalid HTTP data.") - -ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120), -"The OCSP server found the request to be corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121), -"The OCSP server experienced an internal error.") - -ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122), -"The OCSP server suggests trying again later.") - -ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123), -"The OCSP server requires a signature on this request.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124), -"The OCSP server has refused this request as unauthorized.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125), -"The OCSP server returned an unrecognizable status.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126), -"The OCSP server has no status for the certificate.") - -ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127), -"You must enable OCSP before performing this operation.") - -ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128), -"You must set the OCSP default responder before performing this operation.") - -ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129), -"The response from the OCSP server was corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130), -"The signer of the OCSP response is not authorized to give status for \ -this certificate.") - -ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131), -"The OCSP response is not yet valid (contains a date in the future).") - -ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132), -"The OCSP response contains out-of-date information.") diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h deleted file mode 100644 index 06803b849c..0000000000 --- a/security/nss/cmd/SSLsample/SSLerrs.h +++ /dev/null @@ -1,366 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* SSL-specific security error codes */ -/* caller must include "sslerr.h" */ - -ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, -"Unable to communicate securely. Peer does not support high-grade encryption.") - -ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, -"Unable to communicate securely. Peer requires high-grade encryption which is not supported.") - -ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, -"Cannot communicate securely with peer: no common encryption algorithm(s).") - -ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, -"Unable to find the certificate or key necessary for authentication.") - -ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, -"Unable to communicate securely with peer: peers's certificate was rejected.") - -/* unused (SSL_ERROR_BASE + 5),*/ - -ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, -"The server has encountered bad data from the client.") - -ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, -"The client has encountered bad data from the server.") - -ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, -"Unsupported certificate type.") - -ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, -"Peer using unsupported version of security protocol.") - -/* unused (SSL_ERROR_BASE + 10),*/ - -ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, -"Client authentication failed: private key in key database does not match public key in certificate database.") - -ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, -"Unable to communicate securely with peer: requested domain name does not match the server's certificate.") - -/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13), - defined in sslerr.h -*/ - -ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), -"Peer only supports SSL version 2, which is locally disabled.") - - -ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), -"SSL received a record with an incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), -"SSL peer reports incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), -"SSL peer cannot verify your certificate.") - -ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), -"SSL peer rejected your certificate as revoked.") - -ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), -"SSL peer rejected your certificate as expired.") - -ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), -"Cannot connect: SSL is disabled.") - -ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), -"Cannot connect: SSL peer is in another FORTEZZA domain.") - - -ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), -"An unknown SSL cipher suite has been requested.") - -ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), -"No cipher suites are present and enabled in this program.") - -ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), -"SSL received a record with bad block padding.") - -ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), -"SSL received a record that exceeded the maximum permissible length.") - -ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), -"SSL attempted to send a record that exceeded the maximum permissible length.") - -/* - * Received a malformed (too long or short or invalid content) SSL handshake. - */ -ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), -"SSL received a malformed Hello Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), -"SSL received a malformed Client Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), -"SSL received a malformed Server Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), -"SSL received a malformed Certificate handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), -"SSL received a malformed Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), -"SSL received a malformed Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), -"SSL received a malformed Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), -"SSL received a malformed Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), -"SSL received a malformed Client Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), -"SSL received a malformed Finished handshake message.") - -/* - * Received a malformed (too long or short) SSL record. - */ -ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), -"SSL received a malformed Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), -"SSL received a malformed Alert record.") - -ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), -"SSL received a malformed Handshake record.") - -ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), -"SSL received a malformed Application Data record.") - -/* - * Received an SSL handshake that was inappropriate for the state we're in. - * E.g. Server received message from server, or wrong state in state machine. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), -"SSL received an unexpected Hello Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), -"SSL received an unexpected Client Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), -"SSL received an unexpected Server Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), -"SSL received an unexpected Certificate handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), -"SSL received an unexpected Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), -"SSL received an unexpected Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), -"SSL received an unexpected Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), -"SSL received an unexpected Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), -"SSL received an unexpected Cllient Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), -"SSL received an unexpected Finished handshake message.") - -/* - * Received an SSL record that was inappropriate for the state we're in. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), -"SSL received an unexpected Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), -"SSL received an unexpected Alert record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), -"SSL received an unexpected Handshake record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), -"SSL received an unexpected Application Data record.") - -/* - * Received record/message with unknown discriminant. - */ -ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), -"SSL received a record with an unknown content type.") - -ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), -"SSL received a handshake message with an unknown message type.") - -ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), -"SSL received an alert record with an unknown alert description.") - -/* - * Received an alert reporting what we did wrong. (more alerts above) - */ -ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), -"SSL peer has closed this connection.") - -ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), -"SSL peer was not expecting a handshake message it received.") - -ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), -"SSL peer was unable to succesfully decompress an SSL record it received.") - -ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), -"SSL peer was unable to negotiate an acceptable set of security parameters.") - -ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), -"SSL peer rejected a handshake message for unacceptable content.") - -ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), -"SSL peer does not support certificates of the type it received.") - -ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), -"SSL peer had some unspecified issue with the certificate it received.") - - -ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), -"SSL experienced a failure of its random number generator.") - -ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), -"Unable to digitally sign data required to verify your certificate.") - -ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), -"SSL was unable to extract the public key from the peer's certificate.") - -ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), -"Unspecified failure while processing SSL Server Key Exchange handshake.") - -ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), -"Unspecified failure while processing SSL Client Key Exchange handshake.") - -ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), -"Bulk data encryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), -"Bulk data decryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), -"Attempt to write encrypted data to underlying socket failed.") - -ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), -"MD5 digest function failed.") - -ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), -"SHA-1 digest function failed.") - -ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), -"MAC computation failed.") - -ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), -"Failure to create Symmetric Key context.") - -ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), -"Failure to unwrap the Symmetric key in Client Key Exchange message.") - -ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), -"SSL Server attempted to use domestic-grade public key with export cipher suite.") - -ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), -"PKCS11 code failed to translate an IV into a param.") - -ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), -"Failed to initialize the selected cipher suite.") - -ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), -"Client failed to generate session keys for SSL session.") - -ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), -"Server has no key for the attempted key exchange algorithm.") - -ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), -"PKCS#11 token was inserted or removed while operation was in progress.") - -ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), -"No PKCS#11 token could be found to do a required operation.") - -ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), -"Cannot communicate securely with peer: no common compression algorithm(s).") - -ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), -"Cannot initiate another SSL handshake until current handshake is complete.") - -ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), -"Received incorrect handshakes hash values from peer.") - -ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), -"The certificate provided cannot be used with the selected key exchange algorithm.") - -ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89), -"No certificate authority is trusted for SSL client authentication.") - -ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90), -"Client's SSL session ID not found in server's session cache.") - -ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91), -"Peer was unable to decrypt an SSL record it received.") - -ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92), -"Peer received an SSL record that was longer than is permitted.") - -ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93), -"Peer does not recognize and trust the CA that issued your certificate.") - -ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94), -"Peer received a valid certificate, but access was denied.") - -ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95), -"Peer could not decode an SSL handshake message.") - -ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96), -"Peer reports failure of signature verification or key exchange.") - -ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97), -"Peer reports negotiation not in compliance with export regulations.") - -ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98), -"Peer reports incompatible or unsupported protocol version.") - -ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99), -"Server requires ciphers more secure than those supported by client.") - -ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100), -"Peer reports it experienced an internal error.") - -ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101), -"Peer user canceled handshake.") - -ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102), -"Peer does not permit renegotiation of SSL security parameters.") - diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c deleted file mode 100644 index 0953faeae6..0000000000 --- a/security/nss/cmd/SSLsample/client.c +++ /dev/null @@ -1,451 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/**************************************************************************** - * SSL client program that sets up a connection to SSL server, transmits * - * some data and then reads the reply * - ****************************************************************************/ - -#include -#include - -#if defined(XP_UNIX) -#include -#endif - -#include "prerror.h" - -#include "pk11func.h" -#include "secitem.h" - - -#include -#include -#include -#include - -#include "nspr.h" -#include "plgetopt.h" -#include "prio.h" -#include "prnetdb.h" -#include "nss.h" - -#include "sslsample.h" - -#define RD_BUF_SIZE (60 * 1024) - -extern int ssl2CipherSuites[]; -extern int ssl3CipherSuites[]; - -GlobalThreadMgr threadMGR; -char *certNickname = NULL; -char *hostName = NULL; -char *password = NULL; -unsigned short port = 0; - -static void -Usage(const char *progName) -{ - fprintf(stderr, - "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n" - " [-w dbpasswd] [-C cipher(s)] hostname\n", - progName); - exit(1); -} - -PRFileDesc * -setupSSLSocket(PRNetAddr *addr) -{ - PRFileDesc *tcpSocket; - PRFileDesc *sslSocket; - PRSocketOptionData socketOption; - PRStatus prStatus; - SECStatus secStatus; - -#if 0 -retry: -#endif - - tcpSocket = PR_NewTCPSocket(); - if (tcpSocket == NULL) { - errWarn("PR_NewTCPSocket"); - } - - /* Make the socket blocking. */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - - prStatus = PR_SetSocketOption(tcpSocket, &socketOption); - if (prStatus != PR_SUCCESS) { - errWarn("PR_SetSocketOption"); - goto loser; - } - -#if 0 - /* Verify that a connection can be made to the socket. */ - prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT); - if (prStatus != PR_SUCCESS) { - PRErrorCode err = PR_GetError(); - if (err == PR_CONNECT_REFUSED_ERROR) { - PR_Close(tcpSocket); - PR_Sleep(PR_MillisecondsToInterval(10)); - fprintf(stderr, "Connection to port refused, retrying.\n"); - goto retry; - } - errWarn("PR_Connect"); - goto loser; - } -#endif - - /* Import the socket into the SSL layer. */ - sslSocket = SSL_ImportFD(NULL, tcpSocket); - if (!sslSocket) { - errWarn("SSL_ImportFD"); - goto loser; - } - - /* Set configuration options. */ - secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_SECURITY"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT"); - goto loser; - } - - /* Set SSL callback routines. */ - secStatus = SSL_GetClientAuthDataHook(sslSocket, - (SSLGetClientAuthData)myGetClientAuthData, - (void *)certNickname); - if (secStatus != SECSuccess) { - errWarn("SSL_GetClientAuthDataHook"); - goto loser; - } - - secStatus = SSL_AuthCertificateHook(sslSocket, - (SSLAuthCertificate)myAuthCertificate, - (void *)CERT_GetDefaultCertDB()); - if (secStatus != SECSuccess) { - errWarn("SSL_AuthCertificateHook"); - goto loser; - } - - secStatus = SSL_BadCertHook(sslSocket, - (SSLBadCertHandler)myBadCertHandler, NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_BadCertHook"); - goto loser; - } - - secStatus = SSL_HandshakeCallback(sslSocket, - (SSLHandshakeCallback)myHandshakeCallback, - NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - return sslSocket; - -loser: - - PR_Close(tcpSocket); - return NULL; -} - - -const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" }; - -SECStatus -handle_connection(PRFileDesc *sslSocket, int connection) -{ - int countRead = 0; - PRInt32 numBytes; - char *readBuffer; - - readBuffer = PORT_Alloc(RD_BUF_SIZE); - if (!readBuffer) { - exitErr("PORT_Alloc"); - } - - /* compose the http request here. */ - - numBytes = PR_Write(sslSocket, requestString, strlen(requestString)); - if (numBytes <= 0) { - errWarn("PR_Write"); - PR_Free(readBuffer); - readBuffer = NULL; - return SECFailure; - } - - /* read until EOF */ - while (PR_TRUE) { - numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE); - if (numBytes == 0) { - break; /* EOF */ - } - if (numBytes < 0) { - errWarn("PR_Read"); - break; - } - countRead += numBytes; - fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n", - connection, numBytes, countRead ); - readBuffer[numBytes] = '\0'; - fprintf(stderr, "************\n%s\n************\n", readBuffer); - } - - printSecurityInfo(sslSocket); - - PR_Free(readBuffer); - readBuffer = NULL; - - /* Caller closes the socket. */ - - fprintf(stderr, - "***** Connection %d read %d bytes total.\n", - connection, countRead); - - return SECSuccess; /* success */ -} - -/* one copy of this function is launched in a separate thread for each -** connection to be made. -*/ -SECStatus -do_connects(void *a, int connection) -{ - PRNetAddr *addr = (PRNetAddr *)a; - PRFileDesc *sslSocket; - PRHostEnt hostEntry; - char buffer[PR_NETDB_BUF_SIZE]; - PRStatus prStatus; - PRIntn hostenum; - SECStatus secStatus; - - /* Set up SSL secure socket. */ - sslSocket = setupSSLSocket(addr); - if (sslSocket == NULL) { - errWarn("setupSSLSocket"); - return SECFailure; - } - - secStatus = SSL_SetPKCS11PinArg(sslSocket, password); - if (secStatus != SECSuccess) { - errWarn("SSL_SetPKCS11PinArg"); - return secStatus; - } - - secStatus = SSL_SetURL(sslSocket, hostName); - if (secStatus != SECSuccess) { - errWarn("SSL_SetURL"); - return secStatus; - } - - /* Prepare and setup network connection. */ - prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry); - if (prStatus != PR_SUCCESS) { - errWarn("PR_GetHostByName"); - return SECFailure; - } - - hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr); - if (hostenum == -1) { - errWarn("PR_EnumerateHostEnt"); - return SECFailure; - } - - prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Connect"); - return SECFailure; - } - - /* Established SSL connection, ready to send data. */ -#if 0 - secStatus = SSL_ForceHandshake(sslSocket); - if (secStatus != SECSuccess) { - errWarn("SSL_ForceHandshake"); - return secStatus; - } -#endif - - secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE); - if (secStatus != SECSuccess) { - errWarn("SSL_ResetHandshake"); - prStatus = PR_Close(sslSocket); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Close"); - } - return secStatus; - } - - secStatus = handle_connection(sslSocket, connection); - if (secStatus != SECSuccess) { - errWarn("handle_connection"); - return secStatus; - } - - PR_Close(sslSocket); - return SECSuccess; -} - -void -client_main(unsigned short port, - int connections, - const char * hostName) -{ - int i; - SECStatus secStatus; - PRStatus prStatus; - PRInt32 rv; - PRNetAddr addr; - PRHostEnt hostEntry; - char buffer[256]; - - /* Setup network connection. */ - prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry); - if (prStatus != PR_SUCCESS) { - exitErr("PR_GetHostByName"); - } - - rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr); - if (rv < 0) { - exitErr("PR_EnumerateHostEnt"); - } - - secStatus = launch_thread(&threadMGR, do_connects, &addr, 1); - if (secStatus != SECSuccess) { - exitErr("launch_thread"); - } - - if (connections > 1) { - /* wait for the first connection to terminate, then launch the rest. */ - reap_threads(&threadMGR); - /* Start up the connections */ - for (i = 2; i <= connections; ++i) { - secStatus = launch_thread(&threadMGR, do_connects, &addr, i); - if (secStatus != SECSuccess) { - errWarn("launch_thread"); - } - } - } - - reap_threads(&threadMGR); - destroy_thread_data(&threadMGR); -} - -int -main(int argc, char **argv) -{ - char * certDir = "."; - char * progName = NULL; - int connections = 1; - char * cipherString = NULL; - SECStatus secStatus; - PLOptState * optstate; - PLOptStatus status; - - /* Call the NSPR initialization routines */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - - progName = PL_strdup(argv[0]); - - hostName = NULL; - optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch(optstate->option) { - case 'C' : cipherString = PL_strdup(optstate->value); break; - case 'c' : connections = PORT_Atoi(optstate->value); break; - case 'd' : certDir = PL_strdup(optstate->value); break; - case 'n' : certNickname = PL_strdup(optstate->value); break; - case 'p' : port = PORT_Atoi(optstate->value); break; - case 'w' : password = PL_strdup(optstate->value); break; - case '\0': hostName = PL_strdup(optstate->value); break; - default : Usage(progName); - } - } - - if (port == 0 || hostName == NULL) - Usage(progName); - - if (certDir == NULL) { - certDir = PR_smprintf("%s/.netscape", getenv("HOME")); - } - - /* Set our password function callback. */ - PK11_SetPasswordFunc(myPasswd); - - /* Initialize the NSS libraries. */ - secStatus = NSS_Init(certDir); - if (secStatus != SECSuccess) { - exitErr("NSS_Init"); - } - - /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */ - NSS_SetDomesticPolicy(); - SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE); - - /* all the SSL2 and SSL3 cipher suites are enabled by default. */ - if (cipherString) { - int ndx; - - /* disable all the ciphers, then enable the ones we want. */ - disableAllSSLCiphers(); - - while (0 != (ndx = *cipherString++)) { - int *cptr; - int cipher; - - if (! isalpha(ndx)) - Usage(progName); - cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites; - for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) - /* do nothing */; - if (cipher) { - SSL_CipherPrefSetDefault(cipher, PR_TRUE); - } - } - } - - client_main(port, connections, hostName); - - NSS_Shutdown(); - PR_Cleanup(); - return 0; -} - diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn deleted file mode 100644 index 5c7fa3d7c9..0000000000 --- a/security/nss/cmd/SSLsample/client.mn +++ /dev/null @@ -1,50 +0,0 @@ -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = nss - -EXPORTS = - -CSRCS = client.c \ - sslsample.c \ - $(NULL) - -PROGRAM = client - -REQUIRES = dbm - -IMPORTS = nss/lib/nss - -DEFINES = -DNSPR20 - diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts deleted file mode 100755 index 80be66a438..0000000000 --- a/security/nss/cmd/SSLsample/gencerts +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# -# Script to generate sample db files neccessary for SSL. - -# Directory for db's, use in all subsequent -d flags. -rm -rf SampleCertDBs -mkdir SampleCertDBs - -# Password to use. -echo sample > passfile - -# Generate the db files, using the above password. -certutil -N -d SampleCertDBs -f passfile - -# Generate the CA cert. This cert is self-signed and only useful for -# test purposes. Set the trust bits to allow it to sign SSL client/server -# certs. -certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \ - -s "CN=My Sample Root CA, O=My Organization" \ - -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \ - -d SampleCertDBs -f passfile - -# Generate the server cert. This cert is signed by the CA cert generated -# above. The CN must be hostname.domain.[com|org|net|...]. -certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \ - -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \ - -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \ - -d SampleCertDBs -f passfile - -# Generate the client cert. This cert is signed by the CA cert generated -# above. -certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \ - -s "CN=My Client Cert, O=Client Organization" \ - -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \ - -d SampleCertDBs -f passfile - -# Verify the certificates. -certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs -certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs - -# Remove unneccessary files. -rm -f passfile -rm -f tempcert* - -# You are now ready to run your client/server! Example command lines: -# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R -# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client deleted file mode 100644 index 3dd7705e32..0000000000 --- a/security/nss/cmd/SSLsample/make.client +++ /dev/null @@ -1,78 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include client.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -#include $(CORE_DEPTH)/$(MODULE)/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -#CC = cc - - diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server deleted file mode 100644 index 7969df7986..0000000000 --- a/security/nss/cmd/SSLsample/make.server +++ /dev/null @@ -1,77 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include server.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -#include $(CORE_DEPTH)/$(MODULE)/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/nss/cmd/SSLsample/nmakefile95.nss b/security/nss/cmd/SSLsample/nmakefile95.nss deleted file mode 100755 index 5684478cd7..0000000000 --- a/security/nss/cmd/SSLsample/nmakefile95.nss +++ /dev/null @@ -1,60 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# NSS 2.6.2 Sample Win95 Makefile -# -# -# This nmake file will build server.c and client.c on Windows 95. -# - -DEFINES=-D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS - -INCPATH=/I. /I..\include\dbm /I..\include\nspr /I..\include\security - -LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib - -CFLAGS=-O2 -MD -W3 -nologo - -CC=cl - -LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console - -server: - $(CC) $(CFLAGS) $(INCPATH) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS) - -client: - $(CC) $(CFLAGS) $(INCPATH) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS) - -clean: - del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj - diff --git a/security/nss/cmd/SSLsample/nmakefilent.nss b/security/nss/cmd/SSLsample/nmakefilent.nss deleted file mode 100755 index 9d2d1ccc41..0000000000 --- a/security/nss/cmd/SSLsample/nmakefilent.nss +++ /dev/null @@ -1,59 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# NSS 2.6.2 Sample NT Makefile -# -# -# This nmake file will build server.c and client.c on Windows NT 4 SP3. -# - -DEFINES=-D_X86_ -GT -DWINNT -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS -INCPATH=-I. -I..\include\dbm -I..\include\nspr -I..\include\security - -LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib - -CFLAGS=-O2 -MD -W3 -nologo - -CC=cl - -LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console - -server: - $(CC) $(CFLAGS) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS) - -client: - $(CC) $(CFLAGS) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS) - -clean: - del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj - diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c deleted file mode 100644 index 83d80fb45d..0000000000 --- a/security/nss/cmd/SSLsample/server.c +++ /dev/null @@ -1,820 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/**************************************************************************** - * SSL server program listens on a port, accepts client connection, reads * - * request and responds to it * - ****************************************************************************/ - -/* Generic header files */ - -#include -#include - -/* NSPR header files */ - -#include "nspr.h" -#include "plgetopt.h" -#include "prerror.h" -#include "prnetdb.h" - -/* NSS header files */ - -#include "pk11func.h" -#include "secitem.h" -#include "ssl.h" -#include "certt.h" -#include "nss.h" -#include "secrng.h" -#include "secder.h" -#include "key.h" -#include "sslproto.h" - -/* Custom header files */ - -#include "sslsample.h" - -#ifndef PORT_Sprintf -#define PORT_Sprintf sprintf -#endif - -#define REQUEST_CERT_ONCE 1 -#define REQUIRE_CERT_ONCE 2 -#define REQUEST_CERT_ALL 3 -#define REQUIRE_CERT_ALL 4 - -/* Global variables */ -GlobalThreadMgr threadMGR; -char *password = NULL; -CERTCertificate *cert = NULL; -SECKEYPrivateKey *privKey = NULL; -int stopping; - -static void -Usage(const char *progName) -{ - fprintf(stderr, - -"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n" -" [-c ciphers] [-d dbdir] \n" -"-3 means disable SSL v3\n" -"-r means request certificate on first handshake.\n" -"-f means require certificate on first handshake.\n" -"-R means request certificate on all handshakes.\n" -"-F means require certificate on all handshakes.\n" -"-c ciphers Letter(s) chosen from the following list\n" -"A SSL2 RC4 128 WITH MD5\n" -"B SSL2 RC4 128 EXPORT40 WITH MD5\n" -"C SSL2 RC2 128 CBC WITH MD5\n" -"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n" -"E SSL2 DES 64 CBC WITH MD5\n" -"F SSL2 DES 192 EDE3 CBC WITH MD5\n" -"\n" -"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n" -"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n" -"c SSL3 RSA WITH RC4 128 MD5\n" -"d SSL3 RSA WITH 3DES EDE CBC SHA\n" -"e SSL3 RSA WITH DES CBC SHA\n" -"f SSL3 RSA EXPORT WITH RC4 40 MD5\n" -"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n" -"h SSL3 FORTEZZA DMS WITH NULL SHA\n" -"i SSL3 RSA WITH NULL MD5\n" -"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n" -"k SSL3 RSA FIPS WITH DES CBC SHA\n" -"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n" -"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n", - progName); - exit(1); -} - -/* Function: readDataFromSocket() - * - * Purpose: Parse an HTTP request by reading data from a GET or POST. - * - */ -SECStatus -readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName) -{ - char *post; - int numBytes = 0; - int newln = 0; /* # of consecutive newlns */ - - /* Read data while it comes in from the socket. */ - while (PR_TRUE) { - buffer->index = 0; - newln = 0; - - /* Read the buffer. */ - numBytes = PR_Read(sslSocket, &buffer->data[buffer->index], - buffer->remaining); - if (numBytes <= 0) { - errWarn("PR_Read"); - return SECFailure; - } - buffer->dataEnd = buffer->dataStart + numBytes; - - /* Parse the input, starting at the beginning of the buffer. - * Stop when we detect two consecutive \n's (or \r\n's) - * as this signifies the end of the GET or POST portion. - * The posted data follows. - */ - while (buffer->index < buffer->dataEnd && newln < 2) { - int octet = buffer->data[buffer->index++]; - if (octet == '\n') { - newln++; - } else if (octet != '\r') { - newln = 0; - } - } - - /* Came to the end of the buffer, or second newline. - * If we didn't get an empty line ("\r\n\r\n"), then keep on reading. - */ - if (newln < 2) - continue; - - /* we're at the end of the HTTP request. - * If the request is a POST, then there will be one more - * line of data. - * This parsing is a hack, but ok for SSL test purposes. - */ - post = PORT_Strstr(buffer->data, "POST "); - if (!post || *post != 'P') - break; - - /* It's a post, so look for the next and final CR/LF. */ - /* We should parse content length here, but ... */ - while (buffer->index < buffer->dataEnd && newln < 3) { - int octet = buffer->data[buffer->index++]; - if (octet == '\n') { - newln++; - } - } - - if (newln == 3) - break; - } - - /* Have either (a) a complete get, (b) a complete post, (c) EOF */ - - /* Execute a "GET " operation. */ - if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) { - int fnLength; - - /* File name is the part after "GET ". */ - fnLength = strcspn(buffer->data + 5, " \r\n"); - *fileName = (char *)PORT_Alloc(fnLength + 1); - PORT_Strncpy(*fileName, buffer->data + 5, fnLength); - (*fileName)[fnLength] = '\0'; - } - - return SECSuccess; -} - -/* Function: authenticateSocket() - * - * Purpose: Configure a socket for SSL. - * - * - */ -PRFileDesc * -setupSSLSocket(PRFileDesc *tcpSocket, int requestCert) -{ - PRFileDesc *sslSocket; - SSLKEAType certKEA; - int certErr = 0; - SECStatus secStatus; - - /* Set the appropriate flags. */ - - sslSocket = SSL_ImportFD(NULL, tcpSocket); - if (sslSocket == NULL) { - errWarn("SSL_ImportFD"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet SSL_SECURITY"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, - (requestCert >= REQUEST_CERT_ONCE)); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, - (requestCert == REQUIRE_CERT_ONCE)); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE"); - goto loser; - } - - /* Set the appropriate callback routines. */ - - secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate, - CERT_GetDefaultCertDB()); - if (secStatus != SECSuccess) { - errWarn("SSL_AuthCertificateHook"); - goto loser; - } - - secStatus = SSL_BadCertHook(sslSocket, - (SSLBadCertHandler)myBadCertHandler, &certErr); - if (secStatus != SECSuccess) { - errWarn("SSL_BadCertHook"); - goto loser; - } - - secStatus = SSL_HandshakeCallback(sslSocket, - (SSLHandshakeCallback)myHandshakeCallback, - NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - secStatus = SSL_SetPKCS11PinArg(sslSocket, password); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - certKEA = NSS_FindCertKEAType(cert); - - secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA); - if (secStatus != SECSuccess) { - errWarn("SSL_ConfigSecureServer"); - goto loser; - } - - return sslSocket; - -loser: - - PR_Close(tcpSocket); - return NULL; -} - -/* Function: authenticateSocket() - * - * Purpose: Perform client authentication on the socket. - * - */ -SECStatus -authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert) -{ - CERTCertificate *cert; - SECStatus secStatus; - - /* Returns NULL if client authentication is not enabled or if the - * client had no certificate. */ - cert = SSL_PeerCertificate(sslSocket); - if (cert) { - /* Client had a certificate, so authentication is through. */ - CERT_DestroyCertificate(cert); - return SECSuccess; - } - - /* Request client to authenticate itself. */ - secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE"); - return SECFailure; - } - - /* If desired, require client to authenticate itself. Note - * SSL_REQUEST_CERTIFICATE must also be on, as above. */ - secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE"); - return SECFailure; - } - - /* Having changed socket configuration parameters, redo handshake. */ - secStatus = SSL_ReHandshake(sslSocket, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_ReHandshake"); - return SECFailure; - } - - /* Force the handshake to complete before moving on. */ - secStatus = SSL_ForceHandshake(sslSocket); - if (secStatus != SECSuccess) { - errWarn("SSL_ForceHandshake"); - return SECFailure; - } - - return SECSuccess; -} - -/* Function: writeDataToSocket - * - * Purpose: Write the client's request back to the socket. If the client - * requested a file, dump it to the socket. - * - */ -SECStatus -writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName) -{ - int headerLength; - int numBytes; - char messageBuffer[120]; - PRFileDesc *local_file_fd = NULL; - char header[] = "

Sample SSL server



"; - char filehd[] = "

The file you requested:


"; - char reqhd[] = "

This is your request:


"; - char link[] = "Try getting a file
"; - char footer[] = "

End of request.


"; - - headerLength = PORT_Strlen(defaultHeader); - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, header, PORT_Strlen(header)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - if (fileName) { - PRFileInfo info; - PRStatus prStatus; - - /* Try to open the local file named. - * If successful, then write it to the client. - */ - prStatus = PR_GetFileInfo(fileName, &info); - if (prStatus != PR_SUCCESS || - info.type != PR_FILE_FILE || - info.size < 0) { - PORT_Free(fileName); - /* Maybe a GET not sent from client.c? */ - goto writerequest; - } - - local_file_fd = PR_Open(fileName, PR_RDONLY, 0); - if (local_file_fd == NULL) { - PORT_Free(fileName); - goto writerequest; - } - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Transmit the local file prepended by the default header - * across the socket. - */ - numBytes = PR_TransmitFile(sslSocket, local_file_fd, - defaultHeader, headerLength, - PR_TRANSMITFILE_KEEP_OPEN, - PR_INTERVAL_NO_TIMEOUT); - - /* Error in transmission. */ - if (numBytes < 0) { - errWarn("PR_TransmitFile"); - /* - i = PORT_Strlen(errString); - PORT_Memcpy(buf, errString, i); - */ - /* Transmitted bytes successfully. */ - } else { - numBytes -= headerLength; - fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n", - numBytes, fileName); - } - - PORT_Free(fileName); - PR_Close(local_file_fd); - } - -writerequest: - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Write the buffer data to the socket. */ - if (buffer->index <= 0) { - /* Reached the EOF. Report incomplete transaction to socket. */ - PORT_Sprintf(messageBuffer, - "GET or POST incomplete after %d bytes.\r\n", - buffer->dataEnd); - numBytes = PR_Write(sslSocket, messageBuffer, - PORT_Strlen(messageBuffer)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - } else { - /* Display the buffer data. */ - fwrite(buffer->data, 1, buffer->index, stdout); - /* Write the buffer data to the socket. */ - numBytes = PR_Write(sslSocket, buffer->data, buffer->index); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - /* Display security information for the socket. */ - printSecurityInfo(sslSocket); - /* Write any discarded data out to the socket. */ - if (buffer->index < buffer->dataEnd) { - PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n", - buffer->dataEnd - buffer->index); - numBytes = PR_Write(sslSocket, buffer->data, - PORT_Strlen(buffer->data)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - } - } - - /* Write a footer to the socket. */ - numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Write a link to the socket. */ - numBytes = PR_Write(sslSocket, link, PORT_Strlen(link)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Complete the HTTP transaction. */ - numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Do a nice shutdown if asked. */ - if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) { - stopping = 1; - } - return SECSuccess; - -loser: - - /* Do a nice shutdown if asked. */ - if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) { - stopping = 1; - } - return SECFailure; -} - -/* Function: int handle_connection() - * - * Purpose: Thread to handle a connection to a socket. - * - */ -SECStatus -handle_connection(void *tcp_sock, int requestCert) -{ - PRFileDesc * tcpSocket = (PRFileDesc *)tcp_sock; - PRFileDesc * sslSocket = NULL; - SECStatus secStatus = SECFailure; - PRStatus prStatus; - PRSocketOptionData socketOption; - DataBuffer buffer; - char * fileName = NULL; - - /* Initialize the data buffer. */ - memset(buffer.data, 0, BUFFER_SIZE); - buffer.remaining = BUFFER_SIZE; - buffer.index = 0; - buffer.dataStart = 0; - buffer.dataEnd = 0; - - /* Make sure the socket is blocking. */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - PR_SetSocketOption(tcpSocket, &socketOption); - - sslSocket = setupSSLSocket(tcpSocket, requestCert); - if (sslSocket == NULL) { - errWarn("setupSSLSocket"); - goto cleanup; - } - - secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_ResetHandshake"); - goto cleanup; - } - - /* Read data from the socket, parse it for HTTP content. - * If the user is requesting/requiring authentication, authenticate - * the socket. Then write the result back to the socket. */ - fprintf(stdout, "\nReading data from socket...\n\n"); - secStatus = readDataFromSocket(sslSocket, &buffer, &fileName); - if (secStatus != SECSuccess) { - goto cleanup; - } - if (requestCert >= REQUEST_CERT_ALL) { - fprintf(stdout, "\nAuthentication requested.\n\n"); - secStatus = authenticateSocket(sslSocket, - (requestCert == REQUIRE_CERT_ALL)); - if (secStatus != SECSuccess) { - goto cleanup; - } - } - - fprintf(stdout, "\nWriting data to socket...\n\n"); - secStatus = writeDataToSocket(sslSocket, &buffer, fileName); - -cleanup: - - /* Close down the socket. */ - prStatus = PR_Close(tcpSocket); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Close"); - } - - return secStatus; -} - -/* Function: int accept_connection() - * - * Purpose: Thread to accept a connection to the socket. - * - */ -SECStatus -accept_connection(void *listener, int requestCert) -{ - PRFileDesc *listenSocket = (PRFileDesc*)listener; - PRNetAddr addr; - PRStatus prStatus; - - /* XXX need an SSL socket here? */ - while (!stopping) { - PRFileDesc *tcpSocket; - SECStatus result; - - fprintf(stderr, "\n\n\nAbout to call accept.\n"); - - /* Accept a connection to the socket. */ - tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT); - if (tcpSocket == NULL) { - errWarn("PR_Accept"); - break; - } - - /* Accepted the connection, now handle it. */ - result = launch_thread(&threadMGR, handle_connection, - tcpSocket, requestCert); - - if (result != SECSuccess) { - prStatus = PR_Close(tcpSocket); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Close"); - } - break; - } - } - - fprintf(stderr, "Closing listen socket.\n"); - - prStatus = PR_Close(listenSocket); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Close"); - } - return SECSuccess; -} - -/* Function: void server_main() - * - * Purpose: This is the server's main function. It configures a socket - * and listens to it. - * - */ -void -server_main( - unsigned short port, - int requestCert, - SECKEYPrivateKey * privKey, - CERTCertificate * cert, - PRBool disableSSL3) -{ - SECStatus secStatus; - PRStatus prStatus; - PRFileDesc * listenSocket; - PRNetAddr addr; - PRSocketOptionData socketOption; - - /* Create a new socket. */ - listenSocket = PR_NewTCPSocket(); - if (listenSocket == NULL) { - exitErr("PR_NewTCPSocket"); - } - - /* Set socket to be blocking - - * on some platforms the default is nonblocking. - */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - - prStatus = PR_SetSocketOption(listenSocket, &socketOption); - if (prStatus != PR_SUCCESS) { - exitErr("PR_SetSocketOption"); - } - - /* This cipher is not on by default. The Acceptance test - * would like it to be. Turn this cipher on. - */ - secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE); - if (secStatus != SECSuccess) { - exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5"); - } - - /* Configure the network connection. */ - addr.inet.family = PR_AF_INET; - addr.inet.ip = PR_INADDR_ANY; - addr.inet.port = PR_htons(port); - - /* Bind the address to the listener socket. */ - prStatus = PR_Bind(listenSocket, &addr); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Bind"); - } - - /* Listen for connection on the socket. The second argument is - * the maximum size of the queue for pending connections. - */ - prStatus = PR_Listen(listenSocket, 5); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Listen"); - } - - /* Launch thread to handle connections to the socket. */ - secStatus = launch_thread(&threadMGR, accept_connection, - listenSocket, requestCert); - if (secStatus != SECSuccess) { - PR_Close(listenSocket); - } else { - reap_threads(&threadMGR); - destroy_thread_data(&threadMGR); - } -} - -/* Function: int main() - * - * Purpose: Parses command arguments and configures SSL server. - * - */ -int -main(int argc, char **argv) -{ - char * progName = NULL; - char * nickName = NULL; - char * cipherString = NULL; - char * dir = "."; - int requestCert = 0; - unsigned short port = 0; - SECStatus secStatus; - PRBool disableSSL3 = PR_FALSE; - PLOptState * optstate; - PLOptStatus status; - - /* Zero out the thread manager. */ - PORT_Memset(&threadMGR, 0, sizeof(threadMGR)); - - progName = PL_strdup(argv[0]); - - optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch(optstate->option) { - case '3': disableSSL3 = PR_TRUE; break; - case 'F': requestCert = REQUIRE_CERT_ALL; break; - case 'R': requestCert = REQUEST_CERT_ALL; break; - case 'c': cipherString = PL_strdup(optstate->value); break; - case 'd': dir = PL_strdup(optstate->value); break; - case 'f': requestCert = REQUIRE_CERT_ONCE; break; - case 'n': nickName = PL_strdup(optstate->value); break; - case 'p': port = PORT_Atoi(optstate->value); break; - case 'r': requestCert = REQUEST_CERT_ONCE; break; - case 'w': password = PL_strdup(optstate->value); break; - default: - case '?': Usage(progName); - } - } - - if (nickName == NULL || port == 0) - Usage(progName); - - /* Call the NSPR initialization routines. */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - - /* Set the cert database password callback. */ - PK11_SetPasswordFunc(myPasswd); - - /* Initialize NSS. */ - secStatus = NSS_Init(dir); - if (secStatus != SECSuccess) { - exitErr("NSS_Init"); - } - - /* Set the policy for this server (REQUIRED - no default). */ - secStatus = NSS_SetDomesticPolicy(); - if (secStatus != SECSuccess) { - exitErr("NSS_SetDomesticPolicy"); - } - - /* XXX keep this? */ - /* all the SSL2 and SSL3 cipher suites are enabled by default. */ - if (cipherString) { - int ndx; - - /* disable all the ciphers, then enable the ones we want. */ - disableAllSSLCiphers(); - - while (0 != (ndx = *cipherString++)) { - int *cptr; - int cipher; - - if (! isalpha(ndx)) - Usage(progName); - cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites; - for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) - /* do nothing */; - if (cipher) { - SECStatus status; - status = SSL_CipherPrefSetDefault(cipher, PR_TRUE); - if (status != SECSuccess) - errWarn("SSL_CipherPrefSetDefault()"); - } - } - } - - /* Get own certificate and private key. */ - cert = PK11_FindCertFromNickname(nickName, password); - if (cert == NULL) { - exitErr("PK11_FindCertFromNickname"); - } - - privKey = PK11_FindKeyByAnyCert(cert, password); - if (privKey == NULL) { - exitErr("PK11_FindKeyByAnyCert"); - } - - /* Configure the server's cache for a multi-process application - * using default timeout values (24 hrs) and directory location (/tmp). - */ - SSL_ConfigMPServerSIDCache(256, 0, 0, NULL); - - /* Launch server. */ - server_main(port, requestCert, privKey, cert, disableSSL3); - - /* Shutdown NSS and exit NSPR gracefully. */ - NSS_Shutdown(); - PR_Cleanup(); - return 0; -} diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn deleted file mode 100644 index 3ce1181d9d..0000000000 --- a/security/nss/cmd/SSLsample/server.mn +++ /dev/null @@ -1,48 +0,0 @@ -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = nss - -EXPORTS = - -CSRCS = server.c \ - sslsample.c \ - $(NULL) - -PROGRAM = server - -REQUIRES = dbm - -DEFINES = -DNSPR20 - diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h deleted file mode 100644 index 8ad908569b..0000000000 --- a/security/nss/cmd/SSLsample/sslerror.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "nspr.h" - -struct tuple_str { - PRErrorCode errNum; - const char * errString; -}; - -typedef struct tuple_str tuple_str; - -#define ER2(a,b) {a, b}, -#define ER3(a,b,c) {a, c}, - -#include "secerr.h" -#include "sslerr.h" - -const tuple_str errStrings[] = { - -/* keep this list in asceding order of error numbers */ -#include "SSLerrs.h" -#include "SECerrs.h" -#include "NSPRerrs.h" - -}; - -const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str); - -/* Returns a UTF-8 encoded constant error string for "errNum". - * Returns NULL of errNum is unknown. - */ -const char * -SSL_Strerror(PRErrorCode errNum) { - PRInt32 low = 0; - PRInt32 high = numStrings - 1; - PRInt32 i; - PRErrorCode num; - static int initDone; - - /* make sure table is in ascending order. - * binary search depends on it. - */ - if (!initDone) { - PRErrorCode lastNum = (PRInt32)0x80000000; - for (i = low; i <= high; ++i) { - num = errStrings[i].errNum; - if (num <= lastNum) { - fprintf(stderr, -"sequence error in error strings at item %d\n" -"error %d (%s)\n" -"should come after \n" -"error %d (%s)\n", - i, lastNum, errStrings[i-1].errString, - num, errStrings[i].errString); - } - lastNum = num; - } - initDone = 1; - } - - /* Do binary search of table. */ - while (low + 1 < high) { - i = (low + high) / 2; - num = errStrings[i].errNum; - if (errNum == num) - return errStrings[i].errString; - if (errNum < num) - high = i; - else - low = i; - } - if (errNum == errStrings[low].errNum) - return errStrings[low].errString; - if (errNum == errStrings[high].errNum) - return errStrings[high].errString; - return NULL; -} diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c deleted file mode 100644 index 47b7d0d4f7..0000000000 --- a/security/nss/cmd/SSLsample/sslsample.c +++ /dev/null @@ -1,590 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "sslsample.h" -#include "sslerror.h" - -/* Declare SSL cipher suites. */ - -int ssl2CipherSuites[] = { - SSL_EN_RC4_128_WITH_MD5, /* A */ - SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */ - SSL_EN_RC2_128_CBC_WITH_MD5, /* C */ - SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */ - SSL_EN_DES_64_CBC_WITH_MD5, /* E */ - SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */ - 0 -}; - -int ssl3CipherSuites[] = { - SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */ - SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */ - SSL_RSA_WITH_RC4_128_MD5, /* c */ - SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */ - SSL_RSA_WITH_DES_CBC_SHA, /* e */ - SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */ - SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */ - SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */ - SSL_RSA_WITH_NULL_MD5, /* i */ - SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */ - SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */ - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */ - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */ - 0 -}; - -/************************************************************************** -** -** SSL callback routines. -** -**************************************************************************/ - -/* Function: char * myPasswd() - * - * Purpose: This function is our custom password handler that is called by - * SSL when retreiving private certs and keys from the database. Returns a - * pointer to a string that with a password for the database. Password pointer - * should point to dynamically allocated memory that will be freed later. - */ -char * -myPasswd(PK11SlotInfo *info, PRBool retry, void *arg) -{ - char * passwd = NULL; - - if ( (!retry) && arg ) { - passwd = PORT_Strdup((char *)arg); - } - - return passwd; -} - -/* Function: SECStatus myAuthCertificate() - * - * Purpose: This function is our custom certificate authentication handler. - * - * Note: This implementation is essentially the same as the default - * SSL_AuthCertificate(). - */ -SECStatus -myAuthCertificate(void *arg, PRFileDesc *socket, - PRBool checksig, PRBool isServer) -{ - - SECCertUsage certUsage; - CERTCertificate * cert; - void * pinArg; - char * hostName; - SECStatus secStatus; - - if (!arg || !socket) { - errWarn("myAuthCertificate"); - return SECFailure; - } - - /* Define how the cert is being used based upon the isServer flag. */ - - certUsage = isServer ? certUsageSSLClient : certUsageSSLServer; - - cert = SSL_PeerCertificate(socket); - - pinArg = SSL_RevealPinArg(socket); - - secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg, - cert, - checksig, - certUsage, - pinArg); - - /* If this is a server, we're finished. */ - if (isServer || secStatus != SECSuccess) { - CERT_DestroyCertificate(cert); - return secStatus; - } - - /* Certificate is OK. Since this is the client side of an SSL - * connection, we need to verify that the name field in the cert - * matches the desired hostname. This is our defense against - * man-in-the-middle attacks. - */ - - /* SSL_RevealURL returns a hostName, not an URL. */ - hostName = SSL_RevealURL(socket); - - if (hostName && hostName[0]) { - secStatus = CERT_VerifyCertName(cert, hostName); - } else { - PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0); - secStatus = SECFailure; - } - - if (hostName) - PR_Free(hostName); - - CERT_DestroyCertificate(cert); - return secStatus; -} - -/* Function: SECStatus myBadCertHandler() - * - * Purpose: This callback is called when the incoming certificate is not - * valid. We define a certain set of parameters that still cause the - * certificate to be "valid" for this session, and return SECSuccess to cause - * the server to continue processing the request when any of these conditions - * are met. Otherwise, SECFailure is return and the server rejects the - * request. - */ -SECStatus -myBadCertHandler(void *arg, PRFileDesc *socket) -{ - - SECStatus secStatus = SECFailure; - PRErrorCode err; - - /* log invalid cert here */ - - if (!arg) { - return secStatus; - } - - *(PRErrorCode *)arg = err = PORT_GetError(); - - /* If any of the cases in the switch are met, then we will proceed */ - /* with the processing of the request anyway. Otherwise, the default */ - /* case will be reached and we will reject the request. */ - - switch (err) { - case SEC_ERROR_INVALID_AVA: - case SEC_ERROR_INVALID_TIME: - case SEC_ERROR_BAD_SIGNATURE: - case SEC_ERROR_EXPIRED_CERTIFICATE: - case SEC_ERROR_UNKNOWN_ISSUER: - case SEC_ERROR_UNTRUSTED_CERT: - case SEC_ERROR_CERT_VALID: - case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: - case SEC_ERROR_CRL_EXPIRED: - case SEC_ERROR_CRL_BAD_SIGNATURE: - case SEC_ERROR_EXTENSION_VALUE_INVALID: - case SEC_ERROR_CA_CERT_INVALID: - case SEC_ERROR_CERT_USAGES_INVALID: - case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION: - secStatus = SECSuccess; - break; - default: - secStatus = SECFailure; - break; - } - - printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err)); - - return secStatus; -} - -/* Function: SECStatus ownGetClientAuthData() - * - * Purpose: This callback is used by SSL to pull client certificate - * information upon server request. - */ -SECStatus -myGetClientAuthData(void *arg, - PRFileDesc *socket, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey) -{ - - CERTCertificate * cert; - SECKEYPrivateKey * privKey; - char * chosenNickName = (char *)arg; - void * proto_win = NULL; - SECStatus secStatus = SECFailure; - - proto_win = SSL_RevealPinArg(socket); - - if (chosenNickName) { - cert = PK11_FindCertFromNickname(chosenNickName, proto_win); - if (cert) { - privKey = PK11_FindKeyByAnyCert(cert, proto_win); - if (privKey) { - secStatus = SECSuccess; - } else { - CERT_DestroyCertificate(cert); - } - } - } else { /* no nickname given, automatically find the right cert */ - CERTCertNicknames *names; - int i; - - names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(), - SEC_CERT_NICKNAMES_USER, proto_win); - - if (names != NULL) { - for(i = 0; i < names->numnicknames; i++ ) { - - cert = PK11_FindCertFromNickname(names->nicknames[i], - proto_win); - if (!cert) { - continue; - } - - /* Only check unexpired certs */ - if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE) - != secCertTimeValid ) { - CERT_DestroyCertificate(cert); - continue; - } - - secStatus = NSS_CmpCertChainWCANames(cert, caNames); - if (secStatus == SECSuccess) { - privKey = PK11_FindKeyByAnyCert(cert, proto_win); - if (privKey) { - break; - } - secStatus = SECFailure; - break; - } - CERT_FreeNicknames(names); - } /* for loop */ - } - } - - if (secStatus == SECSuccess) { - *pRetCert = cert; - *pRetKey = privKey; - } - - return secStatus; -} - -/* Function: SECStatus myHandshakeCallback() - * - * Purpose: Called by SSL to inform application that the handshake is - * complete. This function is mostly used on the server side of an SSL - * connection, although it is provided for a client as well. - * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake - * is used to initiate a handshake. - * - * A typical scenario would be: - * - * 1. Server accepts an SSL connection from the client without client auth. - * 2. Client sends a request. - * 3. Server determines that to service request it needs to authenticate the - * client and initiates another handshake requesting client auth. - * 4. While handshake is in progress, server can do other work or spin waiting - * for the handshake to complete. - * 5. Server is notified that handshake has been successfully completed by - * the custom handshake callback function and it can service the client's - * request. - * - * Note: This function is not implemented in this sample, as we are using - * blocking sockets. - */ -SECStatus -myHandshakeCallback(PRFileDesc *socket, void *arg) -{ - printf("Handshake has completed, ready to send data securely.\n"); - return SECSuccess; -} - - -/************************************************************************** -** -** Routines for disabling SSL ciphers. -** -**************************************************************************/ - -void -disableAllSSLCiphers(void) -{ - const PRUint16 *cipherSuites = SSL_ImplementedCiphers; - int i = SSL_NumImplementedCiphers; - SECStatus rv; - - /* disable all the SSL3 cipher suites */ - while (--i >= 0) { - PRUint16 suite = cipherSuites[i]; - rv = SSL_CipherPrefSetDefault(suite, PR_FALSE); - if (rv != SECSuccess) { - printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n", - suite, i); - errWarn("SSL_CipherPrefSetDefault"); - exit(2); - } - } -} - -/************************************************************************** -** -** Error and information routines. -** -**************************************************************************/ - -void -errWarn(char *function) -{ - PRErrorCode errorNumber = PR_GetError(); - const char * errorString = SSL_Strerror(errorNumber); - - printf("Error in function %s: %d\n - %s\n", - function, errorNumber, errorString); -} - -void -exitErr(char *function) -{ - errWarn(function); - /* Exit gracefully. */ - NSS_Shutdown(); - PR_Cleanup(); - exit(1); -} - -void -printSecurityInfo(PRFileDesc *fd) -{ - char * cp; /* bulk cipher name */ - char * ip; /* cert issuer DN */ - char * sp; /* cert subject DN */ - int op; /* High, Low, Off */ - int kp0; /* total key bits */ - int kp1; /* secret key bits */ - int result; - SSL3Statistics * ssl3stats = SSL_GetStatistics(); - - result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp); - if (result != SECSuccess) - return; - printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n" - "subject DN: %s\n" - "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip); - PR_Free(cp); - PR_Free(ip); - PR_Free(sp); - - printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n", - ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses, - ssl3stats->hch_sid_cache_not_ok); - -} - - -/************************************************************************** -** Begin thread management routines and data. -**************************************************************************/ - -void -thread_wrapper(void * arg) -{ - GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg; - perThread *slot = &threadMGR->threads[threadMGR->index]; - - /* wait for parent to finish launching us before proceeding. */ - PR_Lock(threadMGR->threadLock); - PR_Unlock(threadMGR->threadLock); - - slot->rv = (* slot->startFunc)(slot->a, slot->b); - - PR_Lock(threadMGR->threadLock); - slot->running = rs_zombie; - - /* notify the thread exit handler. */ - PR_NotifyCondVar(threadMGR->threadEndQ); - - PR_Unlock(threadMGR->threadLock); -} - -SECStatus -launch_thread(GlobalThreadMgr *threadMGR, - startFn *startFunc, - void *a, - int b) -{ - perThread *slot; - int i; - - if (!threadMGR->threadStartQ) { - threadMGR->threadLock = PR_NewLock(); - threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock); - threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock); - } - PR_Lock(threadMGR->threadLock); - while (threadMGR->numRunning >= MAX_THREADS) { - PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT); - } - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running == rs_idle) - break; - } - if (i >= threadMGR->numUsed) { - if (i >= MAX_THREADS) { - /* something's really wrong here. */ - PORT_Assert(i < MAX_THREADS); - PR_Unlock(threadMGR->threadLock); - return SECFailure; - } - ++(threadMGR->numUsed); - PORT_Assert(threadMGR->numUsed == i + 1); - slot = &threadMGR->threads[i]; - } - - slot->a = a; - slot->b = b; - slot->startFunc = startFunc; - - threadMGR->index = i; - - slot->prThread = PR_CreateThread(PR_USER_THREAD, - thread_wrapper, threadMGR, - PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, - PR_JOINABLE_THREAD, 0); - - if (slot->prThread == NULL) { - PR_Unlock(threadMGR->threadLock); - printf("Failed to launch thread!\n"); - return SECFailure; - } - - slot->inUse = 1; - slot->running = 1; - ++(threadMGR->numRunning); - PR_Unlock(threadMGR->threadLock); - printf("Launched thread in slot %d \n", threadMGR->index); - - return SECSuccess; -} - -SECStatus -reap_threads(GlobalThreadMgr *threadMGR) -{ - perThread * slot; - int i; - - if (!threadMGR->threadLock) - return 0; - PR_Lock(threadMGR->threadLock); - while (threadMGR->numRunning > 0) { - PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT); - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running == rs_zombie) { - /* Handle cleanup of thread here. */ - printf("Thread in slot %d returned %d\n", i, slot->rv); - - /* Now make sure the thread has ended OK. */ - PR_JoinThread(slot->prThread); - slot->running = rs_idle; - --threadMGR->numRunning; - - /* notify the thread launcher. */ - PR_NotifyCondVar(threadMGR->threadStartQ); - } - } - } - - /* Safety Sam sez: make sure count is right. */ - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running != rs_idle) { - fprintf(stderr, "Thread in slot %d is in state %d!\n", - i, slot->running); - } - } - PR_Unlock(threadMGR->threadLock); - return 0; -} - -void -destroy_thread_data(GlobalThreadMgr *threadMGR) -{ - PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads)); - - if (threadMGR->threadEndQ) { - PR_DestroyCondVar(threadMGR->threadEndQ); - threadMGR->threadEndQ = NULL; - } - if (threadMGR->threadStartQ) { - PR_DestroyCondVar(threadMGR->threadStartQ); - threadMGR->threadStartQ = NULL; - } - if (threadMGR->threadLock) { - PR_DestroyLock(threadMGR->threadLock); - threadMGR->threadLock = NULL; - } -} - -/************************************************************************** -** End thread management routines. -**************************************************************************/ - -void -lockedVars_Init( lockedVars * lv) -{ - lv->count = 0; - lv->waiters = 0; - lv->lock = PR_NewLock(); - lv->condVar = PR_NewCondVar(lv->lock); -} - -void -lockedVars_Destroy( lockedVars * lv) -{ - PR_DestroyCondVar(lv->condVar); - lv->condVar = NULL; - - PR_DestroyLock(lv->lock); - lv->lock = NULL; -} - -void -lockedVars_WaitForDone(lockedVars * lv) -{ - PR_Lock(lv->lock); - while (lv->count > 0) { - PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT); - } - PR_Unlock(lv->lock); -} - -int /* returns count */ -lockedVars_AddToCount(lockedVars * lv, int addend) -{ - int rv; - - PR_Lock(lv->lock); - rv = lv->count += addend; - if (rv <= 0) { - PR_NotifyCondVar(lv->condVar); - } - PR_Unlock(lv->lock); - return rv; -} diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h deleted file mode 100644 index ca6b6a4896..0000000000 --- a/security/nss/cmd/SSLsample/sslsample.h +++ /dev/null @@ -1,178 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef SSLSAMPLE_H -#define SSLSAMPLE_H - -/* Generic header files */ - -#include -#include - -/* NSPR header files */ - -#include "nspr.h" -#include "prerror.h" -#include "prnetdb.h" - -/* NSS header files */ - -#include "pk11func.h" -#include "secitem.h" -#include "ssl.h" -#include "certt.h" -#include "nss.h" -#include "secrng.h" -#include "secder.h" -#include "key.h" -#include "sslproto.h" - -/* Custom header files */ - -/* -#include "sslerror.h" -*/ - -#define BUFFER_SIZE 10240 - -/* Declare SSL cipher suites. */ - -extern int cipherSuites[]; -extern int ssl2CipherSuites[]; -extern int ssl3CipherSuites[]; - -/* Data buffer read from a socket. */ -typedef struct DataBufferStr { - char data[BUFFER_SIZE]; - int index; - int remaining; - int dataStart; - int dataEnd; -} DataBuffer; - -/* SSL callback routines. */ - -char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg); - -SECStatus myAuthCertificate(void *arg, PRFileDesc *socket, - PRBool checksig, PRBool isServer); - -SECStatus myBadCertHandler(void *arg, PRFileDesc *socket); - -SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg); - -SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey); - -/* Disable all v2/v3 SSL ciphers. */ - -void disableAllSSLCiphers(void); - - -/* Error and information utilities. */ - -void errWarn(char *function); - -void exitErr(char *function); - -void printSecurityInfo(PRFileDesc *fd); - -/* Some simple thread management routines. */ - -#define MAX_THREADS 32 - -typedef SECStatus startFn(void *a, int b); - -typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState; - -typedef struct perThreadStr { - PRFileDesc *a; - int b; - int rv; - startFn *startFunc; - PRThread *prThread; - PRBool inUse; - runState running; -} perThread; - -typedef struct GlobalThreadMgrStr { - PRLock *threadLock; - PRCondVar *threadStartQ; - PRCondVar *threadEndQ; - perThread threads[MAX_THREADS]; - int index; - int numUsed; - int numRunning; -} GlobalThreadMgr; - -void thread_wrapper(void * arg); - -SECStatus launch_thread(GlobalThreadMgr *threadMGR, - startFn *startFunc, void *a, int b); - -SECStatus reap_threads(GlobalThreadMgr *threadMGR); - -void destroy_thread_data(GlobalThreadMgr *threadMGR); - -/* Management of locked variables. */ - -struct lockedVarsStr { - PRLock * lock; - int count; - int waiters; - PRCondVar * condVar; -}; - -typedef struct lockedVarsStr lockedVars; - -void lockedVars_Init(lockedVars *lv); - -void lockedVars_Destroy(lockedVars *lv); - -void lockedVars_WaitForDone(lockedVars *lv); - -int lockedVars_AddToCount(lockedVars *lv, int addend); - -/* Buffer stuff. */ - -static const char stopCmd[] = { "GET /stop " }; -static const char defaultHeader[] = { - "HTTP/1.0 200 OK\r\n" - "Server: SSL sample server\r\n" - "Content-type: text/plain\r\n" - "\r\n" -}; - -#endif diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile deleted file mode 100644 index 8650a607d7..0000000000 --- a/security/nss/cmd/addbuiltin/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c deleted file mode 100644 index 2304e241f9..0000000000 --- a/security/nss/cmd/addbuiltin/addbuiltin.c +++ /dev/null @@ -1,355 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* - * Tool for converting builtin CA certs. - * - * $Id$ - */ - -#include "nss.h" -#include "cert.h" -#include "certdb.h" -#include "secutil.h" -#include "pk11func.h" - -void dumpbytes(unsigned char *buf, int len) -{ - int i; - for (i=0; i < len; i++) { - if ((i !=0) && ((i & 0xf) == 0)) { - printf("\n"); - } - printf("\\%03o",buf[i]); - } - printf("\n"); -} - -char *getTrustString(unsigned int trust) -{ - if (trust & CERTDB_TRUSTED) { - if (trust & CERTDB_TRUSTED_CA) { - return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED"; - } else { - return "CKT_NETSCAPE_TRUSTED"; - } - } else { - if (trust & CERTDB_TRUSTED_CA) { - return "CKT_NETSCAPE_TRUSTED_DELEGATOR"; - } else { - return "CKT_NETSCAPE_VALID"; - } - } - return "CKT_NETSCAPE_VALID"; /* not reached */ -} - -static const SEC_ASN1Template serialTemplate[] = { - { SEC_ASN1_INTEGER, offsetof(CERTCertificate,serialNumber) }, - { 0 } -}; - -static SECStatus -ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust) -{ - SECStatus rv = SECSuccess; - CERTCertificate *cert; - unsigned char sha1_hash[SHA1_LENGTH]; - unsigned char md5_hash[MD5_LENGTH]; - SECItem *serial = NULL; - - cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname); - if (!cert) { - return SECFailure; - } - serial = SEC_ASN1EncodeItem(NULL,NULL,cert,serialTemplate); - if (!serial) { - return SECFailure; - } - - printf("\n#\n# Certificate \"%s\"\n#\n",nickname); - printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"); - printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); - printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); - printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); - printf("CKA_LABEL UTF8 \"%s\"\n",nickname); - printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"); - printf("CKA_SUBJECT MULTILINE_OCTAL\n"); - dumpbytes(cert->derSubject.data,cert->derSubject.len); - printf("END\n"); - printf("CKA_ID UTF8 \"0\"\n"); - printf("CKA_ISSUER MULTILINE_OCTAL\n"); - dumpbytes(cert->derIssuer.data,cert->derIssuer.len); - printf("END\n"); - printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); - dumpbytes(serial->data,serial->len); - printf("END\n"); - printf("CKA_VALUE MULTILINE_OCTAL\n"); - dumpbytes(sdder->data,sdder->len); - printf("END\n"); - - PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len); - PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len); - printf("\n# Trust for Certificate \"%s\"\n",nickname); - printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n"); - printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); - printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); - printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); - printf("CKA_LABEL UTF8 \"%s\"\n",nickname); - printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n"); - dumpbytes(sha1_hash,SHA1_LENGTH); - printf("END\n"); - printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n"); - dumpbytes(md5_hash,MD5_LENGTH); - printf("END\n"); - - printf("CKA_ISSUER MULTILINE_OCTAL\n"); - dumpbytes(cert->derIssuer.data,cert->derIssuer.len); - printf("END\n"); - printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); - dumpbytes(serial->data,serial->len); - printf("END\n"); - - printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n", - getTrustString(trust->sslFlags)); - printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n", - getTrustString(trust->emailFlags)); - printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n", - getTrustString(trust->objectSigningFlags)); -#ifdef notdef - printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/ - printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); -#endif - - - PORT_Free(sdder->data); - return(rv); - -} - -printheader() { - printf("# \n" - "# The contents of this file are subject to the Mozilla Public\n" - "# License Version 1.1 (the \"License\"); you may not use this file\n" - "# except in compliance with the License. You may obtain a copy of\n" - "# the License at http://www.mozilla.org/MPL/\n" - "# \n" - "# Software distributed under the License is distributed on an \"AS\n" - "# IS\" basis, WITHOUT WARRANTY OF ANY KIND, either express or\n" - "# implied. See the License for the specific language governing\n" - "# rights and limitations under the License.\n" - "# \n" - "# The Original Code is the Netscape security libraries.\n" - "# \n" - "# The Initial Developer of the Original Code is Netscape\n" - "# Communications Corporation. Portions created by Netscape are \n" - "# Copyright (C) 1994-2000 Netscape Communications Corporation. All\n" - "# Rights Reserved.\n" - "# \n" - "# Contributor(s):\n" - "# \n" - "# Alternatively, the contents of this file may be used under the\n" - "# terms of the GNU General Public License Version 2 or later (the\n" - "# \"GPL\"), in which case the provisions of the GPL are applicable \n" - "# instead of those above. If you wish to allow use of your \n" - "# version of this file only under the terms of the GPL and not to\n" - "# allow others to use your version of this file under the MPL,\n" - "# indicate your decision by deleting the provisions above and\n" - "# replace them with the notice and other provisions required by\n" - "# the GPL. If you do not delete the provisions above, a recipient\n" - "# may use your version of this file under either the MPL or the\n" - "# GPL.\n" - "#\n" - "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$ $Name$\"\n" - "\n" - "#\n" - "# certdata.txt\n" - "#\n" - "# This file contains the object definitions for the certs and other\n" - "# information \"built into\" NSS.\n" - "#\n" - "# Object definitions:\n" - "#\n" - "# Certificates\n" - "#\n" - "# -- Attribute -- -- type -- -- value --\n" - "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n" - "# CKA_TOKEN CK_BBOOL CK_TRUE\n" - "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "# CKA_LABEL UTF8 (varies)\n" - "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n" - "# CKA_SUBJECT DER+base64 (varies)\n" - "# CKA_ID byte array (varies)\n" - "# CKA_ISSUER DER+base64 (varies)\n" - "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" - "# CKA_VALUE DER+base64 (varies)\n" - "# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n" - "#\n" - "# Trust\n" - "#\n" - "# -- Attribute -- -- type -- -- value --\n" - "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n" - "# CKA_TOKEN CK_BBOOL CK_TRUE\n" - "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "# CKA_LABEL UTF8 (varies)\n" - "# CKA_ISSUER DER+base64 (varies)\n" - "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" - "# CKA_CERT_HASH binary+base64 (varies)\n" - "# CKA_EXPIRES CK_DATE (not used here)\n" - "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n" - "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n" - "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n" - "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n" - "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n" - "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n" - "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n" - "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n" - "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n" - "# (other trust attributes can be defined)\n" - "#\n" - "\n" - "#\n" - "# The object to tell NSS that this is a root list and we don't\n" - "# have to go looking for others.\n" - "#\n" - "BEGINDATA\n" - "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n" - "CKA_TOKEN CK_BBOOL CK_TRUE\n" - "CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n"); -} - -static void Usage(char *progName) -{ - fprintf(stderr, "%s -n nickname -t trust\n", progName); - fprintf(stderr, - "read a der-encoded cert from stdin in, and output\n" - "it to stdout in a format suitable for the builtin root module.\n" - "example: %s -n MyCA -t \"C,C,C\" < myca.der >> certdata.txt\n" - "(pipe through atob if the cert is b64-encoded)\n"); - fprintf(stderr, "%15s nickname to assign to builtin cert.\n", - "-n nickname"); - fprintf(stderr, "%15s default trust flags (cCTpPuw).\n", - "-t trust"); - exit(-1); -} - -enum { - opt_Input = 0, - opt_Nickname, - opt_Trust -}; - -static secuCommandFlag addbuiltin_options[] = -{ - { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, - { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE } -}; - -main(int argc, char **argv) -{ - SECStatus rv; - char *nickname; - char *trusts; - char *progName; - PRFileDesc *infile; - CERTCertTrust trust = { 0 }; - SECItem derCert = { 0 }; - - secuCommand addbuiltin = { 0 }; - addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag); - addbuiltin.options = addbuiltin_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin); - - if (rv != SECSuccess) - Usage(progName); - - if (!addbuiltin.options[opt_Nickname].activated && - !addbuiltin.options[opt_Trust].activated) { - fprintf(stderr, "%s: you must specify both a nickname and trust.\n"); - Usage(progName); - } - - if (addbuiltin.options[opt_Input].activated) { - infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660); - if (!infile) { - fprintf(stderr, "%s: failed to open input file.\n"); - exit(1); - } - } else { - infile = PR_STDIN; - } - - nickname = strdup(addbuiltin.options[opt_Nickname].arg); - trusts = strdup(addbuiltin.options[opt_Trust].arg); - - NSS_NoDB_Init(NULL); - - rv = CERT_DecodeTrustString(&trust, trusts); - if (rv) { - fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName); - Usage(progName); - } - - SECU_FileToItem(&derCert, infile); - - /*printheader();*/ - - rv = ConvertCertificate(&derCert, nickname, &trust); - if (rv) { - fprintf(stderr, "%s: failed to convert certificate.\n", progName); - exit(1); - } - - NSS_Shutdown(); - - return(SECSuccess); -} diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn deleted file mode 100644 index b800ed92af..0000000000 --- a/security/nss/cmd/addbuiltin/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = \ - addbuiltin.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = addbuiltin - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile deleted file mode 100644 index ff6f06e7e5..0000000000 --- a/security/nss/cmd/atob/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c deleted file mode 100644 index 8d632b6bfd..0000000000 --- a/security/nss/cmd/atob/atob.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "plgetopt.h" -#include "secutil.h" -#include "nssb64.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -static PRInt32 -output_binary (void *arg, const unsigned char *obuf, PRInt32 size) -{ - FILE *outFile = arg; - int nb; - - nb = fwrite(obuf, 1, size, outFile); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return nb; -} - -static SECStatus -decode_file(FILE *outFile, FILE *inFile) -{ - NSSBase64Decoder *cx; - int nb; - SECStatus status = SECFailure; - char ibuf[4096]; - - cx = NSSBase64Decoder_Create(output_binary, outFile); - if (!cx) { - return -1; - } - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - /* eof */ - break; - } - } - - status = NSSBase64Decoder_Update(cx, ibuf, nb); - if (status != SECSuccess) goto loser; - } - - return NSSBase64Decoder_Destroy(cx, PR_FALSE); - - loser: - (void) NSSBase64Decoder_Destroy(cx, PR_TRUE); - return status; -} - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - SECStatus rv; - FILE *inFile, *outFile; - PLOptState *optstate; - PLOptStatus status; - - inFile = 0; - outFile = 0; - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "r"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "wb"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - } - } - if (!inFile) inFile = stdin; - if (!outFile) { -#if defined(WIN32) - int smrv = _setmode(_fileno(stdout), _O_BINARY); - if (smrv == -1) { - fprintf(stderr, - "%s: Cannot change stdout to binary mode. Use -o option instead.\n", - progName); - return smrv; - } -#endif - outFile = stdout; - } - rv = decode_file(outFile, inFile); - if (rv != SECSuccess) { - fprintf(stderr, "%s: lossage: error=%d errno=%d\n", - progName, PORT_GetError(), errno); - return -1; - } - return 0; -} diff --git a/security/nss/cmd/atob/makefile.win b/security/nss/cmd/atob/makefile.win deleted file mode 100644 index ecccc7bf38..0000000000 --- a/security/nss/cmd/atob/makefile.win +++ /dev/null @@ -1,155 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = atob -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn deleted file mode 100644 index f6c20bf193..0000000000 --- a/security/nss/cmd/atob/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = atob.c - -PROGRAM = atob - diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile deleted file mode 100644 index c99a3c0172..0000000000 --- a/security/nss/cmd/bltest/Makefile +++ /dev/null @@ -1,82 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn -#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \ -# -always-use-cache-dir $(CC) - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -#EXTRA_SHARED_LIBS += \ -# -L/usr/lib \ -# -lposix4 \ -# $(NULL) - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c deleted file mode 100644 index b3000b2579..0000000000 --- a/security/nss/cmd/bltest/blapitest.c +++ /dev/null @@ -1,2572 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include - -#include "blapi.h" -#include "secrng.h" -#include "prmem.h" -#include "prprf.h" -#include "prtime.h" -#include "prsystem.h" -#include "plstr.h" -#include "nssb64.h" -#include "secutil.h" -#include "plgetopt.h" -#include "softoken.h" -#include "nss.h" - -/* Temporary - add debugging ouput on windows for RSA to track QA failure */ -#ifdef _WIN32 -#define TRACK_BLTEST_BUG - char __bltDBG[] = "BLTEST DEBUG"; -#endif - -char *progName; -char *testdir = NULL; - -#define BLTEST_DEFAULT_CHUNKSIZE 4096 - -#define WORDSIZE sizeof(unsigned long) - -#define CHECKERROR(rv, ln) \ - if (rv) { \ - PRErrorCode prerror = PR_GetError(); \ - PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \ - prerror, SECU_Strerror(prerror), ln); \ - exit(-1); \ - } - -/* Macros for performance timing. */ -#define TIMESTART() \ - time1 = PR_IntervalNow(); - -#define TIMEFINISH(time, reps) \ - time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \ - time1 = PR_IntervalToMilliseconds(time2); \ - time = ((double)(time1))/reps; - -static void Usage() -{ -#define PRINTUSAGE(subject, option, predicate) \ - fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */ - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); - PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]"); - PRINTUSAGE("", "", "[-w wordsize] [-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for output buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-v", "file which contains initialization vector"); - PRINTUSAGE("", "-b", "size of input buffer"); - PRINTUSAGE("", "-g", "key size (in bytes)"); - PRINTUSAGE("", "-p", "do performance test"); - PRINTUSAGE("(rsa)", "-e", "rsa public exponent"); - PRINTUSAGE("(rc5)", "-r", "number of rounds"); - PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for output buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-v", "file which contains initialization vector"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-H -m mode", "Hash a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o hash]"); - PRINTUSAGE("", "", "[-b bufsize]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for hash"); - PRINTUSAGE("", "-b", "size of input buffer"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-S -m mode", "Sign a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]"); - PRINTUSAGE("", "", "[-b bufsize]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for signature"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-s", "file which contains signature of input buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-N -m mode -b bufsize", - "Create a nonce plaintext and key"); - PRINTUSAGE("", "", "[-g keysize] [-u cxreps]"); - PRINTUSAGE("", "-g", "key size (in bytes)"); - PRINTUSAGE("", "-u", "number of repetitions of context creation"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-F", "Run the FIPS self-test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test"); - fprintf(stderr, "\n"); - exit(1); -} - -/* Helper functions for ascii<-->binary conversion/reading/writing */ - -/* XXX argh */ -struct item_with_arena { - SECItem *item; - PRArenaPool *arena; -}; - -static PRInt32 -get_binary(void *arg, const unsigned char *ibuf, PRInt32 size) -{ - struct item_with_arena *it = arg; - SECItem *binary = it->item; - SECItem *tmp; - int index; - if (binary->data == NULL) { - tmp = SECITEM_AllocItem(it->arena, NULL, size); - binary->data = tmp->data; - binary->len = tmp->len; - index = 0; - } else { - SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size); - index = binary->len; - } - PORT_Memcpy(&binary->data[index], ibuf, size); - return binary->len; -} - -static SECStatus -atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena) -{ - SECStatus status; - NSSBase64Decoder *cx; - struct item_with_arena it; - int len; - binary->data = NULL; - binary->len = 0; - it.item = binary; - it.arena = arena; - len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ? - ascii->len : ascii->len-2; - cx = NSSBase64Decoder_Create(get_binary, &it); - status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len); - status = NSSBase64Decoder_Destroy(cx, PR_FALSE); - return status; -} - -static PRInt32 -output_ascii(void *arg, const char *obuf, PRInt32 size) -{ - PRFileDesc *outfile = arg; - PRInt32 nb = PR_Write(outfile, obuf, size); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - return nb; -} - -static SECStatus -btoa_file(SECItem *binary, PRFileDesc *outfile) -{ - SECStatus status; - NSSBase64Encoder *cx; - SECItem ascii; - ascii.data = NULL; - ascii.len = 0; - if (binary->len == 0) - return SECSuccess; - cx = NSSBase64Encoder_Create(output_ascii, outfile); - status = NSSBase64Encoder_Update(cx, binary->data, binary->len); - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - status = PR_Write(outfile, "\r\n", 2); - return status; -} - -SECStatus -hex_from_2char(unsigned char *c2, unsigned char *byteval) -{ - int i; - unsigned char offset; - *byteval = 0; - for (i=0; i<2; i++) { - if (c2[i] >= '0' && c2[i] <= '9') { - offset = c2[i] - '0'; - *byteval |= offset << 4*(1-i); - } else if (c2[i] >= 'a' && c2[i] <= 'f') { - offset = c2[i] - 'a'; - *byteval |= (offset + 10) << 4*(1-i); - } else if (c2[i] >= 'A' && c2[i] <= 'F') { - offset = c2[i] - 'A'; - *byteval |= (offset + 10) << 4*(1-i); - } else { - return SECFailure; - } - } - return SECSuccess; -} - -SECStatus -char2_from_hex(unsigned char byteval, unsigned char *c2) -{ - int i; - unsigned char offset; - for (i=0; i<2; i++) { - offset = (byteval >> 4*(1-i)) & 0x0f; - if (offset < 10) { - c2[i] = '0' + offset; - } else { - c2[i] = 'A' + offset - 10; - } - } - return SECSuccess; -} - -void -serialize_key(SECItem *it, int ni, PRFileDesc *file) -{ - unsigned char len[4]; - int i; - SECStatus status; - NSSBase64Encoder *cx; - SECItem ascii; - ascii.data = NULL; - ascii.len = 0; - cx = NSSBase64Encoder_Create(output_ascii, file); - for (i=0; ilen >> 24) & 0xff; - len[1] = (it->len >> 16) & 0xff; - len[2] = (it->len >> 8) & 0xff; - len[3] = (it->len & 0xff); - status = NSSBase64Encoder_Update(cx, len, 4); - status = NSSBase64Encoder_Update(cx, it->data, it->len); - } - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - status = PR_Write(file, "\r\n", 2); -} - -void -key_from_filedata(PRArenaPool *arena, SECItem *it, int ni, SECItem *filedata) -{ - int fpos = 0; - int i; - unsigned char *buf = filedata->data; - for (i=0; ilen = (buf[fpos++] & 0xff) << 24; - it->len |= (buf[fpos++] & 0xff) << 16; - it->len |= (buf[fpos++] & 0xff) << 8; - it->len |= (buf[fpos++] & 0xff); - if (it->len > 0) { - it->data = PORT_ArenaAlloc(arena, it->len); - PORT_Memcpy(it->data, &buf[fpos], it->len); - } else { - it->data = NULL; - } - fpos += it->len; - } -} - -static RSAPrivateKey * -rsakey_from_filedata(SECItem *filedata) -{ - RSAPrivateKey *key; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey)); - key->arena = arena; - key_from_filedata(arena, &key->version, 9, filedata); - return key; -} - -static PQGParams * -pqg_from_filedata(SECItem *filedata) -{ - PQGParams *pqg; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams)); - pqg->arena = arena; - key_from_filedata(arena, &pqg->prime, 3, filedata); - return pqg; -} - -static DSAPrivateKey * -dsakey_from_filedata(SECItem *filedata) -{ - DSAPrivateKey *key; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); - key->params.arena = arena; - key_from_filedata(arena, &key->params.prime, 5, filedata); - return key; -} - -static void -dump_pqg(PQGParams *pqg) -{ - SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0); - SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0); - SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0); -} - -static void -dump_dsakey(DSAPrivateKey *key) -{ - dump_pqg(&key->params); - SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0); - SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0); -} - -static void -dump_rsakey(RSAPrivateKey *key) -{ - SECU_PrintInteger(stdout, &key->version, "VERSION:", 0); - SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0); - SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0); - SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0); - SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0); - SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0); - SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0); - SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0); - SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0); -} - -typedef enum { - bltestBase64Encoded, /* Base64 encoded ASCII */ - bltestBinary, /* straight binary */ - bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */ - bltestHexStream /* 1234abCD ... */ -} bltestIOMode; - -typedef struct -{ - SECItem buf; - SECItem pBuf; - bltestIOMode mode; - PRFileDesc* file; -} bltestIO; - -typedef SECStatus (* bltestSymmCipherFn)(void *cx, - unsigned char *output, - unsigned int *outputLen, - unsigned int maxOutputLen, - const unsigned char *input, - unsigned int inputLen); - -typedef SECStatus (* bltestPubKeyCipherFn)(void *key, - SECItem *output, - const SECItem *input); - -typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest, - const unsigned char *src, - uint32 src_length); - -typedef enum { - bltestINVALID = -1, - bltestDES_ECB, /* Symmetric Key Ciphers */ - bltestDES_CBC, /* . */ - bltestDES_EDE_ECB, /* . */ - bltestDES_EDE_CBC, /* . */ - bltestRC2_ECB, /* . */ - bltestRC2_CBC, /* . */ - bltestRC4, /* . */ - bltestRC5_ECB, /* . */ - bltestRC5_CBC, /* . */ - bltestAES_ECB, /* . */ - bltestAES_CBC, /* . */ - bltestRSA, /* Public Key Ciphers */ - bltestDSA, /* . (Public Key Sig.) */ - bltestMD2, /* Hash algorithms */ - bltestMD5, /* . */ - bltestSHA1, /* . */ - bltestSHA256, /* . */ - bltestSHA384, /* . */ - bltestSHA512, /* . */ - NUMMODES -} bltestCipherMode; - -static char *mode_strings[] = -{ - "des_ecb", - "des_cbc", - "des3_ecb", - "des3_cbc", - "rc2_ecb", - "rc2_cbc", - "rc4", - "rc5_ecb", - "rc5_cbc", - "aes_ecb", - "aes_cbc", - "rsa", - /*"pqg",*/ - "dsa", - "md2", - "md5", - "sha1", - "sha256", - "sha384", - "sha512", -}; - -typedef struct -{ - bltestIO key; - bltestIO iv; -} bltestSymmKeyParams; - -typedef struct -{ - bltestIO key; - bltestIO iv; - int rounds; - int wordsize; -} bltestRC5Params; - -typedef struct -{ - bltestIO key; - int keysizeInBits; - RSAPrivateKey *rsakey; -} bltestRSAParams; - -typedef struct -{ - bltestIO key; - bltestIO pqgdata; - unsigned int j; - bltestIO keyseed; - bltestIO sigseed; - bltestIO sig; /* if doing verify, have additional input */ - PQGParams *pqg; - DSAPrivateKey *dsakey; -} bltestDSAParams; - -typedef struct -{ - bltestIO key; /* unused */ - PRBool restart; -} bltestHashParams; - -typedef union -{ - bltestIO key; - bltestSymmKeyParams sk; - bltestRC5Params rc5; - bltestRSAParams rsa; - bltestDSAParams dsa; - bltestHashParams hash; -} bltestParams; - -typedef struct -{ - PRArenaPool *arena; - /* cipher context */ - void *cx; - /* I/O streams */ - bltestIO input; - bltestIO output; - /* Cipher-specific parameters */ - bltestParams params; - /* Cipher mode */ - bltestCipherMode mode; - /* Cipher function (encrypt/decrypt/sign/verify/hash) */ - union { - bltestSymmCipherFn symmkeyCipher; - bltestPubKeyCipherFn pubkeyCipher; - bltestHashCipherFn hashCipher; - } cipher; - /* performance testing */ - int repetitions; - int cxreps; - double cxtime; - double optime; -} bltestCipherInfo; - -PRBool -is_symmkeyCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestDES_ECB && mode <= bltestAES_CBC) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_pubkeyCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestRSA && mode <= bltestDSA) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_hashCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestMD2 && mode <= bltestSHA512) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_sigCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestDSA && mode <= bltestDSA) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -cipher_requires_IV(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC || - mode == bltestRC2_CBC || mode == bltestRC5_CBC || - mode == bltestAES_CBC) - return PR_TRUE; - return PR_FALSE; -} - -SECStatus finishIO(bltestIO *output, PRFileDesc *file); - -SECStatus -setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file, - char *str, int numBytes) -{ - SECStatus rv = SECSuccess; - SECItem fileData; - SECItem *in; - unsigned char *tok; - unsigned int i, j; - - if (file && (numBytes == 0 || file == PR_STDIN)) { - /* grabbing data from a file */ - rv = SECU_FileToItem(&fileData, file); - if (rv != SECSuccess) { - PR_Close(file); - return SECFailure; - } - in = &fileData; - } else if (str) { - /* grabbing data from command line */ - fileData.data = str; - fileData.len = PL_strlen(str); - in = &fileData; - } else if (file) { - /* create nonce */ - SECITEM_AllocItem(arena, &input->buf, numBytes); - RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes); - return finishIO(input, file); - } else { - return SECFailure; - } - - switch (input->mode) { - case bltestBase64Encoded: - rv = atob(in, &input->buf, arena); - break; - case bltestBinary: - if (in->data[in->len-1] == '\n') --in->len; - if (in->data[in->len-1] == '\r') --in->len; - SECITEM_CopyItem(arena, &input->buf, in); - break; - case bltestHexSpaceDelim: - SECITEM_AllocItem(arena, &input->buf, in->len/5); - for (i=0, j=0; ilen; i+=5, j++) { - tok = &in->data[i]; - if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ') - /* bad hex token */ - break; - - rv = hex_from_2char(&tok[2], input->buf.data + j); - if (rv) - break; - } - break; - case bltestHexStream: - SECITEM_AllocItem(arena, &input->buf, in->len/2); - for (i=0, j=0; ilen; i+=2, j++) { - tok = &in->data[i]; - rv = hex_from_2char(tok, input->buf.data + j); - if (rv) - break; - } - break; - } - - if (file) - SECITEM_FreeItem(&fileData, PR_FALSE); - return rv; -} - -SECStatus -finishIO(bltestIO *output, PRFileDesc *file) -{ - SECStatus rv = SECSuccess; - PRInt32 nb; - unsigned char byteval; - SECItem *it; - char hexstr[5]; - unsigned int i; - if (output->pBuf.len > 0) { - it = &output->pBuf; - } else { - it = &output->buf; - } - switch (output->mode) { - case bltestBase64Encoded: - rv = btoa_file(it, file); - break; - case bltestBinary: - nb = PR_Write(file, it->data, it->len); - rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure; - break; - case bltestHexSpaceDelim: - hexstr[0] = '0'; - hexstr[1] = 'x'; - hexstr[4] = ' '; - for (i=0; ilen; i++) { - byteval = it->data[i]; - rv = char2_from_hex(byteval, hexstr + 2); - nb = PR_Write(file, hexstr, 5); - if (rv) - break; - } - PR_Write(file, "\n", 1); - break; - case bltestHexStream: - for (i=0; ilen; i++) { - byteval = it->data[i]; - rv = char2_from_hex(byteval, hexstr); - if (rv) - break; - nb = PR_Write(file, hexstr, 2); - } - PR_Write(file, "\n", 1); - break; - } - return rv; -} - -void -bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src) -{ - SECITEM_CopyItem(arena, &dest->buf, &src->buf); - if (src->pBuf.len > 0) { - dest->pBuf.len = src->pBuf.len; - dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data); - } - dest->mode = src->mode; - dest->file = src->file; -} - -void -misalignBuffer(PRArenaPool *arena, bltestIO *io, int off) -{ - ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE; - int length = io->buf.len; - if (offset != off) { - SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE); - io->buf.len = length + 2*WORDSIZE; /* why doesn't realloc do this? */ - /* offset may have changed? */ - offset = (ptrdiff_t)io->buf.data % WORDSIZE; - if (offset != off) { - memmove(io->buf.data + off, io->buf.data, length); - io->pBuf.data = io->buf.data + off; - io->pBuf.len = length; - } else { - io->pBuf.data = io->buf.data; - io->pBuf.len = length; - } - } else { - io->pBuf.data = io->buf.data; - io->pBuf.len = length; - } -} - -SECStatus -des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rsa_PublicKeyOp(void *key, SECItem *output, const SECItem *input) -{ - return RSA_PublicKeyOp((RSAPublicKey *)key, output->data, input->data); -} - -SECStatus -rsa_PrivateKeyOp(void *key, SECItem *output, const SECItem *input) -{ - return RSA_PrivateKeyOp((RSAPrivateKey *)key, output->data, input->data); -} - -SECStatus -dsa_signDigest(void *key, SECItem *output, const SECItem *input) -{ - return DSA_SignDigest((DSAPrivateKey *)key, output, input); -} - -SECStatus -dsa_verifyDigest(void *key, SECItem *output, const SECItem *input) -{ - return DSA_VerifyDigest((DSAPublicKey *)key, output, input); -} - -SECStatus -bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *desp = &cipherInfo->params.sk; - int minorMode; - int i; - switch (cipherInfo->mode) { - case bltestDES_ECB: minorMode = NSS_DES; break; - case bltestDES_CBC: minorMode = NSS_DES_CBC; break; - case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break; - case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data, - desp->iv.buf.data, - minorMode, encrypt); - if (cipherInfo->cxreps > 0) { - DESContext **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data, - desp->iv.buf.data, - minorMode, encrypt); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - DES_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = des_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = des_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *rc2p = &cipherInfo->params.sk; - int minorMode; - int i; - switch (cipherInfo->mode) { - case bltestRC2_ECB: minorMode = NSS_RC2; break; - case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data, - rc2p->key.buf.len, - rc2p->iv.buf.data, - minorMode, - rc2p->key.buf.len); - if (cipherInfo->cxreps > 0) { - RC2Context **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data, - rc2p->key.buf.len, - rc2p->iv.buf.data, - minorMode, - rc2p->key.buf.len); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - RC2_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = rc2_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = rc2_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - int i; - bltestSymmKeyParams *rc4p = &cipherInfo->params.sk; - cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data, - rc4p->key.buf.len); - if (cipherInfo->cxreps > 0) { - RC4Context **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data, - rc4p->key.buf.len); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - RC4_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = rc4_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = rc4_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ -#if NSS_SOFTOKEN_DOES_RC5 - PRIntervalTime time1, time2; - bltestRC5Params *rc5p = &cipherInfo->params.rc5; - int minorMode; - switch (cipherInfo->mode) { - case bltestRC5_ECB: minorMode = NSS_RC5; break; - case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break; - default: - return SECFailure; - } - TIMESTART(); - cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf, - rc5p->rounds, rc5p->wordsize, - rc5p->iv.buf.data, minorMode); - TIMEFINISH(cipherInfo->cxtime, 1.0); - if (encrypt) - cipherInfo->cipher.symmkeyCipher = RC5_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = RC5_Decrypt; - return SECSuccess; -#else - return SECFailure; -#endif -} - -SECStatus -bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *aesp = &cipherInfo->params.sk; - int minorMode; - int i; - /* XXX */ int keylen, blocklen; - keylen = aesp->key.buf.len; - blocklen = cipherInfo->input.pBuf.len; - switch (cipherInfo->mode) { - case bltestAES_ECB: minorMode = NSS_AES; break; - case bltestAES_CBC: minorMode = NSS_AES_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data, - aesp->iv.buf.data, - minorMode, encrypt, - keylen, blocklen); - if (cipherInfo->cxreps > 0) { - AESContext **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data, - aesp->iv.buf.data, - minorMode, encrypt, - keylen, blocklen); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - AES_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = aes_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = aes_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - int i; - RSAPrivateKey **dummyKey; - PRIntervalTime time1, time2; - bltestRSAParams *rsap = &cipherInfo->params.rsa; - /* RSA key gen was done during parameter setup */ - cipherInfo->cx = cipherInfo->params.rsa.rsakey; - /* For performance testing */ - if (cipherInfo->cxreps > 0) { - /* Create space for n private key objects */ - dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps * - sizeof(RSAPrivateKey *)); - /* Time n keygens, storing in the array */ - TIMESTART(); - for (i=0; icxreps; i++) - dummyKey[i] = RSA_NewKey(rsap->keysizeInBits, - &rsap->rsakey->publicExponent); - TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); - /* Free the n key objects */ - for (i=0; icxreps; i++) - PORT_FreeArena(dummyKey[i]->arena, PR_TRUE); - PORT_Free(dummyKey); - } - if (encrypt) { - /* Have to convert private key to public key. Memory - * is freed with private key's arena */ - RSAPublicKey *pubkey; - RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx; - pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena, - sizeof(RSAPublicKey)); - pubkey->modulus.len = key->modulus.len; - pubkey->modulus.data = key->modulus.data; - pubkey->publicExponent.len = key->publicExponent.len; - pubkey->publicExponent.data = key->publicExponent.data; - cipherInfo->cx = (void *)pubkey; - cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp; - } else { - cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp; - } - return SECSuccess; -} - -SECStatus -bltest_pqg_init(bltestDSAParams *dsap) -{ - SECStatus rv, res; - PQGVerify *vfy = NULL; - rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy); - CHECKERROR(rv, __LINE__); - rv = PQG_VerifyParams(dsap->pqg, vfy, &res); - CHECKERROR(res, __LINE__); - CHECKERROR(rv, __LINE__); - return rv; -} - -SECStatus -bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - int i; - DSAPrivateKey **dummyKey; - PQGParams *dummypqg; - PRIntervalTime time1, time2; - bltestDSAParams *dsap = &cipherInfo->params.dsa; - PQGVerify *ignore = NULL; - /* DSA key gen was done during parameter setup */ - cipherInfo->cx = cipherInfo->params.dsa.dsakey; - /* For performance testing */ - if (cipherInfo->cxreps > 0) { - /* Create space for n private key objects */ - dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps * - sizeof(DSAPrivateKey *)); - /* Time n keygens, storing in the array */ - TIMESTART(); - for (i=0; icxreps; i++) { - dummypqg = NULL; - PQG_ParamGen(dsap->j, &dummypqg, &ignore); - DSA_NewKey(dummypqg, &dummyKey[i]); - } - TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); - /* Free the n key objects */ - for (i=0; icxreps; i++) - PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE); - PORT_Free(dummyKey); - } - if (!dsap->pqg && dsap->pqgdata.buf.len > 0) { - dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf); - } - if (!cipherInfo->cx && dsap->key.buf.len > 0) { - cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf); - } - if (encrypt) { - cipherInfo->cipher.pubkeyCipher = dsa_signDigest; - } else { - /* Have to convert private key to public key. Memory - * is freed with private key's arena */ - DSAPublicKey *pubkey; - DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx; - pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena, - sizeof(DSAPublicKey)); - pubkey->params.prime.len = key->params.prime.len; - pubkey->params.prime.data = key->params.prime.data; - pubkey->params.subPrime.len = key->params.subPrime.len; - pubkey->params.subPrime.data = key->params.subPrime.data; - pubkey->params.base.len = key->params.base.len; - pubkey->params.base.data = key->params.base.data; - pubkey->publicValue.len = key->publicValue.len; - pubkey->publicValue.data = key->publicValue.data; - cipherInfo->cipher.pubkeyCipher = dsa_verifyDigest; - } - return SECSuccess; -} - -/* XXX unfortunately, this is not defined in blapi.h */ -SECStatus -md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - unsigned int len; - MD2Context *cx = MD2_NewContext(); - if (cx == NULL) return SECFailure; - MD2_Begin(cx); - MD2_Update(cx, src, src_length); - MD2_End(cx, dest, &len, MD2_LENGTH); - MD2_DestroyContext(cx, PR_TRUE); - return SECSuccess; -} - -SECStatus -md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - MD2Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - SECStatus rv = SECSuccess; - cx = MD2_NewContext(); - MD2_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = MD2_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - MD2_Flatten(cx, cxbytes); - cx_cpy = MD2_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName); - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - MD2_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: MD2_restart failed!\n", progName); - goto finish; - } - MD2_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - MD2_End(cx, dest, &len, MD2_LENGTH); -finish: - MD2_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv = SECSuccess; - MD5Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = MD5_NewContext(); - MD5_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = MD5_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - MD5_Flatten(cx, cxbytes); - cx_cpy = MD5_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName); - rv = SECFailure; - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - MD5_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: MD5_restart failed!\n", progName); - goto finish; - } - MD5_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - MD5_End(cx, dest, &len, MD5_LENGTH); -finish: - MD5_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv = SECSuccess; - SHA1Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = SHA1_NewContext(); - SHA1_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = SHA1_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - SHA1_Flatten(cx, cxbytes); - cx_cpy = SHA1_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName); - rv = SECFailure; - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - SHA1_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: SHA1_restart failed!\n", progName); - goto finish; - } - SHA1_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - SHA1_End(cx, dest, &len, MD5_LENGTH); -finish: - SHA1_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv = SECSuccess; - SHA256Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = SHA256_NewContext(); - SHA256_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - SHA256_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = SHA256_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - SHA256_Flatten(cx, cxbytes); - cx_cpy = SHA256_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: SHA256_Resurrect failed!\n", progName); - rv = SECFailure; - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - SHA256_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: SHA256_restart failed!\n", progName); - goto finish; - } - SHA256_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - SHA256_End(cx, dest, &len, MD5_LENGTH); -finish: - SHA256_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -SHA384_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv = SECSuccess; - SHA384Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = SHA384_NewContext(); - SHA384_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - SHA384_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = SHA384_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - SHA384_Flatten(cx, cxbytes); - cx_cpy = SHA384_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: SHA384_Resurrect failed!\n", progName); - rv = SECFailure; - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - SHA384_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: SHA384_restart failed!\n", progName); - goto finish; - } - SHA384_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - SHA384_End(cx, dest, &len, MD5_LENGTH); -finish: - SHA384_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -SHA512_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv = SECSuccess; - SHA512Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = SHA512_NewContext(); - SHA512_Begin(cx); - /* divide message by 4, restarting 3 times */ - quarter = (src_length + 3)/ 4; - for (i=0; i < 4 && src_length > 0; i++) { - SHA512_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = SHA512_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - SHA512_Flatten(cx, cxbytes); - cx_cpy = SHA512_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: SHA512_Resurrect failed!\n", progName); - rv = SECFailure; - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - SHA512_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: SHA512_restart failed!\n", progName); - goto finish; - } - SHA512_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - SHA512_End(cx, dest, &len, MD5_LENGTH); -finish: - SHA512_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file, - int keysize, int exponent) -{ - int i; - SECStatus rv = SECSuccess; - bltestRSAParams *rsap; - bltestDSAParams *dsap; - switch (cipherInfo->mode) { - case bltestRSA: - rsap = &cipherInfo->params.rsa; - if (keysize > 0) { - SECItem expitem = { 0, 0, 0 }; - SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int)); - for (i = 1; i <= sizeof(int); i++) - expitem.data[i-1] = exponent >> (8*(sizeof(int) - i)); - rsap->rsakey = RSA_NewKey(keysize * 8, &expitem); - serialize_key(&rsap->rsakey->version, 9, file); - rsap->keysizeInBits = keysize * 8; - } else { - setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0); - rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf); - rsap->keysizeInBits = rsap->rsakey->modulus.len * 8; - } - break; - case bltestDSA: - dsap = &cipherInfo->params.dsa; - if (keysize > 0) { - dsap->j = PQG_PBITS_TO_INDEX(8*keysize); - if (!dsap->pqg) - bltest_pqg_init(dsap); - rv = DSA_NewKey(dsap->pqg, &dsap->dsakey); - CHECKERROR(rv, __LINE__); - serialize_key(&dsap->dsakey->params.prime, 5, file); - } else { - setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0); - dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf); - dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len); - } - break; - default: - return SECFailure; - } - return SECSuccess; -} - -SECStatus -cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRBool restart; - switch (cipherInfo->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_des_init(cipherInfo, encrypt); - break; - case bltestRC2_ECB: - case bltestRC2_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rc2_init(cipherInfo, encrypt); - break; - case bltestRC4: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rc4_init(cipherInfo, encrypt); - break; - case bltestRC5_ECB: - case bltestRC5_CBC: -#if NSS_SOFTOKEN_DOES_RC5 - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); -#endif - return bltest_rc5_init(cipherInfo, encrypt); - break; - case bltestAES_ECB: - case bltestAES_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_aes_init(cipherInfo, encrypt); - break; - case bltestRSA: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rsa_init(cipherInfo, encrypt); - break; - case bltestDSA: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - DSA_SIGNATURE_LEN); - return bltest_dsa_init(cipherInfo, encrypt); - break; - case bltestMD2: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - MD2_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf; - return SECSuccess; - break; - case bltestMD5: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - MD5_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf; - return SECSuccess; - break; - case bltestSHA1: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - SHA1_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf; - return SECSuccess; - break; - case bltestSHA256: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - SHA256_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? SHA256_restart - : SHA256_HashBuf; - return SECSuccess; - break; - case bltestSHA384: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - SHA384_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? SHA384_restart - : SHA384_HashBuf; - return SECSuccess; - break; - case bltestSHA512: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - SHA512_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? SHA512_restart - : SHA512_HashBuf; - return SECSuccess; - break; - default: - return SECFailure; - } - return SECSuccess; -} - -SECStatus -dsaOp(bltestCipherInfo *cipherInfo) -{ - PRIntervalTime time1, time2; - SECStatus rv = SECSuccess; - int i; - int maxLen = cipherInfo->output.pBuf.len; - SECItem dummyOut = { 0, 0, 0 }; - SECITEM_AllocItem(NULL, &dummyOut, maxLen); - if (cipherInfo->cipher.pubkeyCipher == dsa_signDigest) { - if (cipherInfo->params.dsa.sigseed.buf.len > 0) { - rv = DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx, - &cipherInfo->output.pBuf, - &cipherInfo->input.pBuf, - cipherInfo->params.dsa.sigseed.buf.data); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - rv |= DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx, - &dummyOut, - &cipherInfo->input.pBuf, - cipherInfo->params.dsa.sigseed.buf.data); - } - TIMEFINISH(cipherInfo->optime, 1.0); - CHECKERROR(rv, __LINE__); - } else { - rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, - &cipherInfo->output.pBuf, - &cipherInfo->input.pBuf); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, &dummyOut, - &cipherInfo->input.pBuf); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig, - &cipherInfo->output); - } else { - rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx, - &cipherInfo->params.dsa.sig.buf, - &cipherInfo->input.pBuf); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx, - &cipherInfo->params.dsa.sig.buf, - &cipherInfo->input.pBuf); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - SECITEM_FreeItem(&dummyOut, PR_FALSE); - return rv; -} - -SECStatus -cipherDoOp(bltestCipherInfo *cipherInfo) -{ - PRIntervalTime time1, time2; - SECStatus rv = SECSuccess; - int i, len; - int maxLen = cipherInfo->output.pBuf.len; - unsigned char *dummyOut; - if (cipherInfo->mode == bltestDSA) - return dsaOp(cipherInfo); - dummyOut = PORT_Alloc(maxLen); - if (is_symmkeyCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, - cipherInfo->output.pBuf.data, - &len, maxLen, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - TIMESTART(); - for (i=0; irepetitions; i++) { - (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut, - &len, maxLen, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - - } - TIMEFINISH(cipherInfo->optime, 1.0); - } else if (is_pubkeyCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, - &cipherInfo->output.pBuf, - &cipherInfo->input.pBuf); - TIMESTART(); - for (i=0; irepetitions; i++) { - SECItem dummy; - dummy.data = dummyOut; - dummy.len = maxLen; - (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy, - &cipherInfo->input.pBuf); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } else if (is_hashCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - TIMESTART(); - for (i=0; irepetitions; i++) { - (*cipherInfo->cipher.hashCipher)(dummyOut, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - PORT_Free(dummyOut); - return rv; -} - -SECStatus -cipherFinish(bltestCipherInfo *cipherInfo) -{ - switch (cipherInfo->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE); - break; - case bltestAES_ECB: - case bltestAES_CBC: - AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE); - break; - case bltestRC2_ECB: - case bltestRC2_CBC: - RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE); - break; - case bltestRC4: - RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE); - break; -#endif - case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */ - case bltestDSA: /* will be freed with it. */ - case bltestMD2: /* hash contexts are ephemeral */ - case bltestMD5: - case bltestSHA1: - case bltestSHA256: - case bltestSHA384: - case bltestSHA512: - return SECSuccess; - break; - default: - return SECFailure; - } - return SECSuccess; -} - -void -print_exponent(SECItem *exp) -{ - int i; - int e = 0; - if (exp->len <= 4) { - for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1); - fprintf(stdout, "%12d", e); - } else { - e = 8*exp->len; - fprintf(stdout, "~2**%-8d", e); - } -} - -void -dump_performance_info(bltestCipherInfo *info, PRBool encrypt, PRBool cxonly) -{ - PRBool td = PR_TRUE; - fprintf(stdout, "#%9s", "mode"); - fprintf(stdout, "%12s", "in"); -print_td: - switch (info->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - case bltestAES_ECB: - case bltestAES_CBC: - case bltestRC2_ECB: - case bltestRC2_CBC: - case bltestRC4: - if (td) - fprintf(stdout, "%8s", "symmkey"); - else - fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - if (info->params.sk.key.buf.len > 0) - printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len); - if (info->rounds > 0) - printf("rounds=%d,", info->params.rc5.rounds); - if (info->wordsize > 0) - printf("wordsize(bytes)=%d,", info->params.rc5.wordsize); - break; -#endif - case bltestRSA: - if (td) { - fprintf(stdout, "%8s", "rsa_mod"); - fprintf(stdout, "%12s", "rsa_pe"); - } else { - fprintf(stdout, "%8d", info->params.rsa.keysizeInBits); - print_exponent(&info->params.rsa.rsakey->publicExponent); - } - break; - case bltestDSA: - if (td) - fprintf(stdout, "%8s", "pqg_mod"); - else - fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j)); - break; - case bltestMD2: - case bltestMD5: - case bltestSHA1: - case bltestSHA256: - case bltestSHA384: - case bltestSHA512: - default: - break; - } - if (!td) { - fprintf(stdout, "%8d", info->repetitions); - fprintf(stdout, "%8d", info->cxreps); - fprintf(stdout, "%12.3f", info->cxtime); - fprintf(stdout, "%12.3f", info->optime); - fprintf(stdout, "\n"); - return; - } - - fprintf(stdout, "%8s", "opreps"); - fprintf(stdout, "%8s", "cxreps"); - fprintf(stdout, "%12s", "context"); - fprintf(stdout, "%12s", "op"); - fprintf(stdout, "\n"); - fprintf(stdout, "%8s", mode_strings[info->mode]); - fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd'); - fprintf(stdout, "%12d", info->input.buf.len * info->repetitions); - - td = !td; - goto print_td; -} - -void -printmodes() -{ - bltestCipherMode mode; - int nummodes = sizeof(mode_strings) / sizeof(char *); - fprintf(stderr, "%s: Available modes (specify with -m):\n", progName); - for (mode=0; modemode = ioMode; - data->file = NULL; /* don't use -- not saving anything */ - data->pBuf.data = NULL; - data->pBuf.len = 0; - file = PR_Open(fn, PR_RDONLY, 00660); - if (file) - setupIO(arena, data, file, NULL, 0); -} - -void -get_params(PRArenaPool *arena, bltestParams *params, - bltestCipherMode mode, int j) -{ - char filename[256]; - char *modestr = mode_strings[mode]; -#if NSS_SOFTOKEN_DOES_RC5 - FILE *file; - char *mark, *param, *val; - int index = 0; -#endif - switch (mode) { - case bltestDES_CBC: - case bltestDES_EDE_CBC: - case bltestRC2_CBC: - case bltestAES_CBC: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); - load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); - case bltestDES_ECB: - case bltestDES_EDE_ECB: - case bltestRC2_ECB: - case bltestRC4: - case bltestAES_ECB: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); - load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "params", j); - file = fopen(filename, "r"); - if (!file) return; - param = malloc(100); - len = fread(param, 1, 100, file); - while (index < len) { - mark = PL_strchr(param, '='); - *mark = '\0'; - val = mark + 1; - mark = PL_strchr(val, '\n'); - *mark = '\0'; - if (PL_strcmp(param, "rounds") == 0) { - params->rc5.rounds = atoi(val); - } else if (PL_strcmp(param, "wordsize") == 0) { - params->rc5.wordsize = atoi(val); - } - index += PL_strlen(param) + PL_strlen(val) + 2; - param = mark + 1; - } - break; -#endif - case bltestRSA: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->rsa.key, filename, bltestBase64Encoded); - params->rsa.rsakey = rsakey_from_filedata(¶ms->key.buf); - break; - case bltestDSA: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->dsa.key, filename, bltestBase64Encoded); - params->dsa.dsakey = dsakey_from_filedata(¶ms->key.buf); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j); - load_file_data(arena, ¶ms->dsa.pqgdata, filename, - bltestBase64Encoded); - params->dsa.pqg = pqg_from_filedata(¶ms->dsa.pqgdata.buf); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j); - load_file_data(arena, ¶ms->dsa.keyseed, filename, - bltestBase64Encoded); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j); - load_file_data(arena, ¶ms->dsa.sigseed, filename, - bltestBase64Encoded); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j); - load_file_data(arena, ¶ms->dsa.sig, filename, bltestBase64Encoded); - break; - case bltestMD2: - case bltestMD5: - case bltestSHA1: - case bltestSHA256: - case bltestSHA384: - case bltestSHA512: - /*params->hash.restart = PR_TRUE;*/ - params->hash.restart = PR_FALSE; - break; - default: - break; - } -} - -SECStatus -verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode, - PRBool forward, SECStatus sigstatus) -{ - int res; - char *modestr = mode_strings[mode]; - res = SECITEM_CompareItem(&result->pBuf, &cmp->buf); - if (is_sigCipher(mode)) { - if (forward) { - if (res == 0) { - printf("Signature self-test for %s passed.\n", modestr); - } else { - printf("Signature self-test for %s failed!\n", modestr); - } - } else { - if (sigstatus == SECSuccess) { - printf("Verification self-test for %s passed.\n", modestr); - } else { - printf("Verification self-test for %s failed!\n", modestr); - } - } - return sigstatus; - } else if (is_hashCipher(mode)) { - if (res == 0) { - printf("Hash self-test for %s passed.\n", modestr); - } else { - printf("Hash self-test for %s failed!\n", modestr); - } - } else { - if (forward) { - if (res == 0) { - printf("Encryption self-test for %s passed.\n", modestr); - } else { - printf("Encryption self-test for %s failed!\n", modestr); - } - } else { - if (res == 0) { - printf("Decryption self-test for %s passed.\n", modestr); - } else { - printf("Decryption self-test for %s failed!\n", modestr); - } - } - } - return (res != 0); -} - -static SECStatus -blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff, - PRBool encrypt, PRBool decrypt) -{ - bltestCipherInfo cipherInfo; - bltestIO pt, ct; - bltestCipherMode mode; - bltestParams *params; - int i, j, nummodes; - char *modestr; - char filename[256]; - PRFileDesc *file; - PRArenaPool *arena; - SECItem item; - PRBool finished; - SECStatus rv = SECSuccess, srv; - - PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo)); - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - cipherInfo.arena = arena; - - finished = PR_FALSE; - nummodes = (numModes == 0) ? NUMMODES : numModes; - for (i=0; i < nummodes && !finished; i++) { - if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue; - if (numModes > 0) - mode = modes[i]; - else - mode = i; - if (mode == bltestINVALID) { - fprintf(stderr, "%s: Skipping invalid mode.\n",progName); - continue; - } - modestr = mode_strings[mode]; - cipherInfo.mode = mode; - params = &cipherInfo.params; -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Self-Testing RSA\n", __bltDBG); - } -#endif - /* get the number of tests in the directory */ - sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests"); - file = PR_Open(filename, PR_RDONLY, 00660); - if (!file) { - fprintf(stderr, "%s: File %s does not exist.\n", progName,filename); - return SECFailure; - } - rv = SECU_FileToItem(&item, file); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Loaded data from %s\n", __bltDBG, filename); - } -#endif - PR_Close(file); - /* loop over the tests in the directory */ - for (j=0; j<(int)(item.data[0] - '0'); j++) { /* XXX bug when > 10 */ -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Executing self-test #%d\n", __bltDBG, j); - } -#endif - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "plaintext", j); - load_file_data(arena, &pt, filename, (mode == bltestDSA) ? - bltestBase64Encoded : bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "ciphertext", j); - load_file_data(arena, &ct, filename, bltestBase64Encoded); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Loaded data for self-test #%d\n", __bltDBG, j); - } -#endif - get_params(arena, params, mode, j); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Got parameters for #%d\n", __bltDBG, j); - } -#endif - /* Forward Operation (Encrypt/Sign/Hash) - ** Align the input buffer (plaintext) according to request - ** then perform operation and compare to ciphertext - */ - /* XXX for now */ - rv = SECSuccess; - if (encrypt) { - bltestCopyIO(arena, &cipherInfo.input, &pt); - misalignBuffer(arena, &cipherInfo.input, inoff); - memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); - rv |= cipherInit(&cipherInfo, PR_TRUE); - misalignBuffer(arena, &cipherInfo.output, outoff); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j); - } -#endif - rv |= cipherDoOp(&cipherInfo); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Performed encrypt for #%d\n", __bltDBG, j); - } -#endif - rv |= cipherFinish(&cipherInfo); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Finished encrypt for #%d\n", __bltDBG, j); - } -#endif - rv |= verify_self_test(&cipherInfo.output, - &ct, mode, PR_TRUE, 0); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j); - } -#endif - /* If testing hash, only one op to test */ - if (is_hashCipher(mode)) - continue; - /*if (rv) return rv;*/ - } - if (!decrypt) - continue; - /* XXX for now */ - rv = SECSuccess; - /* Reverse Operation (Decrypt/Verify) - ** Align the input buffer (ciphertext) according to request - ** then perform operation and compare to plaintext - */ - if (mode != bltestDSA) - bltestCopyIO(arena, &cipherInfo.input, &ct); - else - bltestCopyIO(arena, &cipherInfo.input, &pt); - misalignBuffer(arena, &cipherInfo.input, inoff); - memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); - rv |= cipherInit(&cipherInfo, PR_FALSE); - misalignBuffer(arena, &cipherInfo.output, outoff); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j); - } -#endif - srv = SECSuccess; - srv |= cipherDoOp(&cipherInfo); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Performed decrypt for #%d\n", __bltDBG, j); - } -#endif - rv |= cipherFinish(&cipherInfo); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Finished decrypt for #%d\n", __bltDBG, j); - } -#endif - rv |= verify_self_test(&cipherInfo.output, - &pt, mode, PR_FALSE, srv); -#ifdef TRACK_BLTEST_BUG - if (mode == bltestRSA) { - fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j); - } -#endif - /*if (rv) return rv;*/ - } - } - return rv; -} - -SECStatus -dump_file(bltestCipherMode mode, char *filename) -{ - bltestIO keydata; - PRArenaPool *arena = NULL; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - if (mode == bltestRSA) { - RSAPrivateKey *key; - load_file_data(arena, &keydata, filename, bltestBase64Encoded); - key = rsakey_from_filedata(&keydata.buf); - dump_rsakey(key); - } else if (mode == bltestDSA) { -#if 0 - PQGParams *pqg; - get_file_data(filename, &item, PR_TRUE); - pqg = pqg_from_filedata(&item); - dump_pqg(pqg); -#endif - DSAPrivateKey *key; - load_file_data(arena, &keydata, filename, bltestBase64Encoded); - key = dsakey_from_filedata(&keydata.buf); - dump_dsakey(key); - } - PORT_FreeArena(arena, PR_FALSE); - return SECFailure; -} - -/* bltest commands */ -enum { - cmd_Decrypt = 0, - cmd_Encrypt, - cmd_FIPS, - cmd_Hash, - cmd_Nonce, - cmd_Dump, - cmd_Sign, - cmd_SelfTest, - cmd_Verify -}; - -/* bltest options */ -enum { - opt_B64 = 0, - opt_BufSize, - opt_Restart, - opt_SelfTestDir, - opt_Exponent, - opt_SigFile, - opt_KeySize, - opt_Hex, - opt_Input, - opt_PQGFile, - opt_Key, - opt_HexWSpc, - opt_Mode, - opt_Output, - opt_Repetitions, - opt_ZeroBuf, - opt_Rounds, - opt_Seed, - opt_SigSeedFile, - opt_CXReps, - opt_IV, - opt_WordSize, - opt_UseSeed, - opt_UseSigSeed, - opt_SeedFile, - opt_InputOffset, - opt_OutputOffset, - opt_MonteCarlo, - opt_CmdLine -}; - -static secuCommandFlag bltest_commands[] = -{ - { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE }, - { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE }, - { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag bltest_options[] = -{ - { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE }, - { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE }, - { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE }, - { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, - { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE }, - { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE }, - { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE }, - { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE }, - { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE }, - { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE }, - { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE }, - { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE }, - { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE }, - { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE }, - { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE }, - { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE }, - { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE }, - { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE }, - { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE }, - { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE }, - { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE }, - { /* opt_MonteCarlo */ '3', PR_FALSE, 0, PR_FALSE }, - { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE } -}; - -int main(int argc, char **argv) -{ - char *infileName, *outfileName, *keyfileName, *ivfileName; - SECStatus rv; - - bltestCipherInfo cipherInfo; - bltestParams *params; - PRFileDesc *file, *infile, *outfile; - char *instr = NULL; - PRArenaPool *arena; - bltestIOMode ioMode; - int keysize, bufsize, exponent; - int i, commandsEntered; - int inoff, outoff; - - secuCommand bltest; - bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag); - bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag); - bltest.commands = bltest_commands; - bltest.options = bltest_options; - - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - rv = RNG_RNGInit(); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - RNG_SystemInfoForRNG(); - - rv = SECU_ParseCommandLine(argc, argv, progName, &bltest); - - PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo)); - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - cipherInfo.arena = arena; - params = &cipherInfo.params; - /* set some defaults */ - infileName = outfileName = keyfileName = ivfileName = NULL; - - /* Check the number of commands entered on the command line. */ - commandsEntered = 0; - for (i=0; i 1 && - !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) { - fprintf(stderr, "%s: one command at a time!\n", progName); - Usage(); - } - if (commandsEntered == 0) { - fprintf(stderr, "%s: you must enter a command!\n", progName); - Usage(); - } - - if (bltest.commands[cmd_Sign].activated) - bltest.commands[cmd_Encrypt].activated = PR_TRUE; - if (bltest.commands[cmd_Verify].activated) - bltest.commands[cmd_Decrypt].activated = PR_TRUE; - if (bltest.commands[cmd_Hash].activated) - bltest.commands[cmd_Encrypt].activated = PR_TRUE; - - inoff = outoff = 0; - if (bltest.options[opt_InputOffset].activated) - inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg); - if (bltest.options[opt_OutputOffset].activated) - outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg); - - testdir = (bltest.options[opt_SelfTestDir].activated) ? - strdup(bltest.options[opt_SelfTestDir].arg) : "."; - - /* - * Handle three simple cases first - */ - - /* Do BLAPI self-test */ - if (bltest.commands[cmd_SelfTest].activated) { - PRBool encrypt = PR_TRUE, decrypt = PR_TRUE; - /* user may specified a set of ciphers to test. parse them. */ - bltestCipherMode modesToTest[NUMMODES]; - int numModesToTest = 0; - char *tok, *str; - str = bltest.options[opt_Mode].arg; - while (str) { - tok = strchr(str, ','); - if (tok) *tok = '\0'; - modesToTest[numModesToTest++] = get_mode(str); - if (tok) { - *tok = ','; - str = tok + 1; - } else { - break; - } - } - if (bltest.commands[cmd_Decrypt].activated && - !bltest.commands[cmd_Encrypt].activated) - encrypt = PR_FALSE; - if (bltest.commands[cmd_Encrypt].activated && - !bltest.commands[cmd_Decrypt].activated) - decrypt = PR_FALSE; - return blapi_selftest(modesToTest, numModesToTest, inoff, outoff, - encrypt, decrypt); - } - - /* Do FIPS self-test */ - if (bltest.commands[cmd_FIPS].activated) { - CK_RV ckrv = pk11_fipsPowerUpSelfTest(); - fprintf(stdout, "CK_RV: %ld.\n", ckrv); - return 0; - } - - /* - * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify - */ - - if ((bltest.commands[cmd_Decrypt].activated || - bltest.commands[cmd_Verify].activated) && - bltest.options[opt_BufSize].activated) { - fprintf(stderr, "%s: cannot use a nonce as input to decrypt/verify.\n", - progName); - Usage(); - } - - if (bltest.options[opt_Mode].activated) { - cipherInfo.mode = get_mode(bltest.options[opt_Mode].arg); - if (cipherInfo.mode == bltestINVALID) { - fprintf(stderr, "%s: Invalid mode \"%s\"\n", progName, - bltest.options[opt_Mode].arg); - Usage(); - } - } else { - fprintf(stderr, "%s: You must specify a cipher mode with -m.\n", - progName); - Usage(); - } - - if (bltest.options[opt_Repetitions].activated) { - cipherInfo.repetitions = PORT_Atoi(bltest.options[opt_Repetitions].arg); - } else { - cipherInfo.repetitions = 0; - } - - - if (bltest.options[opt_CXReps].activated) { - cipherInfo.cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg); - } else { - cipherInfo.cxreps = 0; - } - - /* Dump a file (rsakey, dsakey, etc.) */ - if (bltest.commands[cmd_Dump].activated) { - return dump_file(cipherInfo.mode, bltest.options[opt_Input].arg); - } - - /* default input mode is binary */ - ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded : - (bltest.options[opt_Hex].activated) ? bltestHexStream : - (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim : - bltestBinary; - - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 0; - - if (bltest.options[opt_Exponent].activated) - exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); - else - exponent = 65537; - - /* Set up an encryption key. */ - keysize = 0; - file = NULL; - if (is_symmkeyCipher(cipherInfo.mode)) { - char *keystr = NULL; /* if key is on command line */ - if (bltest.options[opt_Key].activated) { - if (bltest.options[opt_CmdLine].activated) { - keystr = bltest.options[opt_Key].arg; - } else { - file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); - } - } else { - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 8; /* use 64-bit default (DES) */ - /* save the random key for reference */ - file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660); - } - params->key.mode = ioMode; - setupIO(cipherInfo.arena, ¶ms->key, file, keystr, keysize); - if (file) - PR_Close(file); - } else if (is_pubkeyCipher(cipherInfo.mode)) { - if (bltest.options[opt_Key].activated) { - file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); - } else { - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 64; /* use 512-bit default */ - file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660); - } - params->key.mode = bltestBase64Encoded; - pubkeyInitKey(&cipherInfo, file, keysize, exponent); - PR_Close(file); - } - - /* set up an initialization vector. */ - if (cipher_requires_IV(cipherInfo.mode)) { - char *ivstr = NULL; - bltestSymmKeyParams *skp; - file = NULL; - if (cipherInfo.mode == bltestRC5_CBC) - skp = (bltestSymmKeyParams *)¶ms->rc5; - else - skp = ¶ms->sk; - if (bltest.options[opt_IV].activated) { - if (bltest.options[opt_CmdLine].activated) { - ivstr = bltest.options[opt_IV].arg; - } else { - file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660); - } - } else { - /* save the random iv for reference */ - file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660); - } - memset(&skp->iv, 0, sizeof skp->iv); - skp->iv.mode = ioMode; - setupIO(cipherInfo.arena, &skp->iv, file, ivstr, keysize); - if (file) - PR_Close(file); - } - - if (bltest.commands[cmd_Verify].activated) { - if (!bltest.options[opt_SigFile].activated) { - fprintf(stderr, "%s: You must specify a signature file with -f.\n", - progName); - exit(-1); - } - file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660); - memset(&cipherInfo.params.dsa.sig, 0, sizeof(bltestIO)); - cipherInfo.params.dsa.sig.mode = ioMode; - setupIO(cipherInfo.arena, &cipherInfo.params.dsa.sig, file, NULL, 0); - } - - if (bltest.options[opt_PQGFile].activated) { - file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660); - params->dsa.pqgdata.mode = bltestBase64Encoded; - setupIO(cipherInfo.arena, ¶ms->dsa.pqgdata, file, NULL, 0); - } - - /* Set up the input buffer */ - if (bltest.options[opt_Input].activated) { - if (bltest.options[opt_CmdLine].activated) { - instr = bltest.options[opt_Input].arg; - infile = NULL; - } else { - /* form file name from testdir and input arg. */ - char * filename = bltest.options[opt_Input].arg; - if (bltest.options[opt_SelfTestDir].activated && - testdir && filename && filename[0] != '/') - filename = PR_smprintf("%s/tests/%s/%s", testdir, - mode_strings[cipherInfo.mode], filename); - infile = PR_Open(filename, PR_RDONLY, 00660); - } - } else if (bltest.options[opt_BufSize].activated) { - /* save the random plaintext for reference */ - infile = PR_Open("tmp.in", PR_WRONLY|PR_CREATE_FILE, 00660); - } else { - infile = PR_STDIN; - } - if (!infile) { - fprintf(stderr, "%s: Failed to open input file.\n", progName); - exit(-1); - } - cipherInfo.input.mode = ioMode; - - /* Set up the output stream */ - if (bltest.options[opt_Output].activated) { - /* form file name from testdir and input arg. */ - char * filename = bltest.options[opt_Output].arg; - if (bltest.options[opt_SelfTestDir].activated && - testdir && filename && filename[0] != '/') - filename = PR_smprintf("%s/tests/%s/%s", testdir, - mode_strings[cipherInfo.mode], filename); - outfile = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660); - } else { - outfile = PR_STDOUT; - } - if (!outfile) { - fprintf(stderr, "%s: Failed to open output file.\n", progName); - exit(-1); - } - cipherInfo.output.mode = ioMode; - if (bltest.options[opt_SelfTestDir].activated && ioMode == bltestBinary) - cipherInfo.output.mode = bltestBase64Encoded; - - if (is_hashCipher(cipherInfo.mode)) - cipherInfo.params.hash.restart = bltest.options[opt_Restart].activated; - - bufsize = 0; - if (bltest.options[opt_BufSize].activated) - bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg); - - /*infile = NULL;*/ - setupIO(cipherInfo.arena, &cipherInfo.input, infile, instr, bufsize); - misalignBuffer(cipherInfo.arena, &cipherInfo.input, inoff); - - cipherInit(&cipherInfo, bltest.commands[cmd_Encrypt].activated); - misalignBuffer(cipherInfo.arena, &cipherInfo.output, outoff); - - if (!bltest.commands[cmd_Nonce].activated) { - if (bltest.options[opt_MonteCarlo].activated) { - int mciter; - for (mciter=0; mciter<10000; mciter++) { - cipherDoOp(&cipherInfo); - memcpy(cipherInfo.input.buf.data, - cipherInfo.output.buf.data, - cipherInfo.input.buf.len); - } - } else { - cipherDoOp(&cipherInfo); - } - cipherFinish(&cipherInfo); - finishIO(&cipherInfo.output, outfile); - } - - if (cipherInfo.repetitions > 0 || cipherInfo.cxreps > 0) - dump_performance_info(&cipherInfo, - bltest.commands[cmd_Encrypt].activated, - (cipherInfo.repetitions == 0)); - - if (infile && infile != PR_STDIN) - PR_Close(infile); - if (outfile && outfile != PR_STDOUT) - PR_Close(outfile); - PORT_FreeArena(cipherInfo.arena, PR_TRUE); - - /*NSS_Shutdown();*/ - - return SECSuccess; -} diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn deleted file mode 100644 index 2bbe109995..0000000000 --- a/security/nss/cmd/bltest/manifest.mn +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -MODULE = nss - -REQUIRES = seccmd dbm - -INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken - -PROGRAM = bltest - - USE_STATIC_LIBS = 1 - -EXPORTS = \ - $(NULL) - -PRIVATE_EXPORTS = \ - $(NULL) - -CSRCS = \ - blapitest.c \ - $(NULL) - diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README deleted file mode 100644 index 9982a2f150..0000000000 --- a/security/nss/cmd/bltest/tests/README +++ /dev/null @@ -1,49 +0,0 @@ -This directory contains a set of tests for each cipher supported by -BLAPI. Each subdirectory contains known plaintext and ciphertext pairs -(and keys and/or iv's if needed). The tests can be run as a full set -with: - bltest -T -or as subsets, for example: - bltest -T -m des_ecb,md2,rsa - -In each subdirectory, the plaintext, key, and iv are ascii, and treated -as such. The ciphertext is base64-encoded to avoid the hassle of binary -files. - -To add a test, incremement the value in the numtests file. Create a -plaintext, key, and iv file, such that the name of the file is -incrememted one from the last set of tests. For example, if you are -adding the second test, put your data in files named plaintext1, key1, -and iv1 (ignoring key and iv if they are not needed, of course). Make -sure your key and iv are the correct number of bytes for your cipher (a -trailing \n is okay, but any other trailing bytes will be used!). Once -you have your input data, create output data by running bltest on a -trusted implementation. For example, for a new DES ECB test, run - bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the -tests/des_ecb directory. Then run - bltest -T des_ecb from the cmd/bltest directory in the tree of the -implementation you want to test. - -Note that the -a option above is important, it tells bltest to expect -the input to be straight ASCII, and not base64 encoded binary! - -Special cases: - -RC5: -RC5 can take additional parameters, the number of rounds to perform and -the wordsize to use. The number of rounds is between is between 0 and -255, and the wordsize is either is either 16, 32, or 64 bits (at this -time only 32-bit is supported). These parameters are specified in a -paramsN file, where N is an index as above. The format of the file is -"rounds=R\nwordsize=W\n". - -public key modes (RSA and DSA): -Asymmetric key ciphers use keys with special properties, so creating a -key file with "Mozilla!" in it will not get you very far! To create a -public key, run bltest with the plaintext you want to encrypt, using a -trusted implementation. bltest will generate a key and store it in -"tmp.key", rename that file to keyN. For example: - bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a - mv tmp.key key0 - -[note: specifying a keysize (-g) when using RSA is important!] diff --git a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 deleted file mode 100644 index 040a397d75..0000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -oJLgOzZ1GiWt3DGo2sPKaA== diff --git a/security/nss/cmd/bltest/tests/aes_cbc/iv0 b/security/nss/cmd/bltest/tests/aes_cbc/iv0 deleted file mode 100644 index 4e65bc0347..0000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -qwertyuiopasdfgh diff --git a/security/nss/cmd/bltest/tests/aes_cbc/key0 b/security/nss/cmd/bltest/tests/aes_cbc/key0 deleted file mode 100644 index 13911cc29a..0000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -fedcba9876543210 diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 b/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 deleted file mode 100644 index 8d6a8d555b..0000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -0123456789abcdef diff --git a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 deleted file mode 100644 index d6818c1d0b..0000000000 --- a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -PVuaCIiaKQhblgFCbVMTTg== diff --git a/security/nss/cmd/bltest/tests/aes_ecb/key0 b/security/nss/cmd/bltest/tests/aes_ecb/key0 deleted file mode 100644 index 13911cc29a..0000000000 --- a/security/nss/cmd/bltest/tests/aes_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -fedcba9876543210 diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/aes_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 b/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 deleted file mode 100644 index 8d6a8d555b..0000000000 --- a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -0123456789abcdef diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 deleted file mode 100644 index 61dae3192e..0000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -KV3MDNGKWOc= diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0 deleted file mode 100644 index 97b5955f78..0000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0 deleted file mode 100644 index 588efd1118..0000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -abcdefghijklmnopqrstuvwx diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 deleted file mode 100644 index 76dc820d3b..0000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -RgckVNh4QcM= diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0 deleted file mode 100644 index 588efd1118..0000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -abcdefghijklmnopqrstuvwx diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 deleted file mode 100644 index 67d2ad1aac..0000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -Perdg9FMYQ4= diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0 deleted file mode 100644 index 97b5955f78..0000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 deleted file mode 100644 index 8be22fa5c6..0000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -3bNoWzzNiFc= diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0 deleted file mode 100644 index 8e7150562e..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg== diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0 deleted file mode 100644 index e582eeb044..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/key0 +++ /dev/null @@ -1,6 +0,0 @@ -AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s -Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA -Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc -xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW -ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv -3hwP/HsuO0mLJgYU diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0 deleted file mode 100644 index 6eea359dbd..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/keyseed0 +++ /dev/null @@ -1 +0,0 @@ -AAAAAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0 deleted file mode 100644 index 48fbdb6fde..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -qZk+NkcGgWq6PiVxeFDCbJzQ2J0= diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0 deleted file mode 100644 index f16326cccb..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/pqg0 +++ /dev/null @@ -1,4 +0,0 @@ -AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s -Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA -Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc -xC6fb0ZLCIzFcq9T5teIAg== diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0 deleted file mode 100644 index 05d7fd2d65..0000000000 --- a/security/nss/cmd/bltest/tests/dsa/sigseed0 +++ /dev/null @@ -1 +0,0 @@ -aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0 deleted file mode 100644 index 22e1fc496c..0000000000 --- a/security/nss/cmd/bltest/tests/md2/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -CS/UNcrWhB5Knt7Gf8Tz3Q== diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/md2/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0 deleted file mode 100644 index dce2994ba5..0000000000 --- a/security/nss/cmd/bltest/tests/md2/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -16-bytes to MD2. diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0 deleted file mode 100644 index ea11ee523b..0000000000 --- a/security/nss/cmd/bltest/tests/md5/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -XN8lnQuWAiMqmSGfvd8Hdw== diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/md5/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0 deleted file mode 100644 index 5ae3875e2a..0000000000 --- a/security/nss/cmd/bltest/tests/md5/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -63-byte input to MD5 can be a bit tricky, but no problems here. diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 deleted file mode 100644 index d964ef8644..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -3ki6eVsWpY8= diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0 deleted file mode 100644 index 97b5955f78..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 deleted file mode 100644 index 337d307655..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -WT+tc4fANhQ= diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0 deleted file mode 100644 index 004f13472a..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -34sTZJtr20k= diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1 deleted file mode 100644 index 6050da4c68..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/ciphertext1 +++ /dev/null @@ -1 +0,0 @@ -34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M= diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/key1 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests deleted file mode 100644 index 0cfbf08886..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/numtests +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1 deleted file mode 100644 index d41abc7b84..0000000000 --- a/security/nss/cmd/bltest/tests/rc4/plaintext1 +++ /dev/null @@ -1 +0,0 @@ -Mozilla!Mozilla!Mozilla!Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 deleted file mode 100644 index 544713b339..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -qsv4Fn2J6d0= diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0 deleted file mode 100644 index 97b5955f78..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0 deleted file mode 100644 index d68e0362d5..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/params0 +++ /dev/null @@ -1,2 +0,0 @@ -rounds=10 -wordsize=4 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 deleted file mode 100644 index 133777dd08..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -4ZKK/1v5Ohc= diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0 deleted file mode 100644 index 65513c116c..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0 deleted file mode 100644 index d68e0362d5..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/params0 +++ /dev/null @@ -1,2 +0,0 @@ -rounds=10 -wordsize=4 diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 deleted file mode 100644 index 5513e438c0..0000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0 deleted file mode 100644 index 943ea599ae..0000000000 --- a/security/nss/cmd/bltest/tests/rsa/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as= diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0 deleted file mode 100644 index 1352fe9866..0000000000 --- a/security/nss/cmd/bltest/tests/rsa/key0 +++ /dev/null @@ -1,4 +0,0 @@ -AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA -IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39 -oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA -EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ== diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/rsa/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0 deleted file mode 100644 index d915bc88c4..0000000000 --- a/security/nss/cmd/bltest/tests/rsa/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -512bitsforRSAPublicKeyEncryption diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0 deleted file mode 100644 index 1fe4bd2bd4..0000000000 --- a/security/nss/cmd/bltest/tests/sha1/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -cDSMAygXMPIJZC5bntZ4ZhecQ9g= diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests deleted file mode 100644 index d00491fd7e..0000000000 --- a/security/nss/cmd/bltest/tests/sha1/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0 deleted file mode 100644 index 863e79c65b..0000000000 --- a/security/nss/cmd/bltest/tests/sha1/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -A cage went in search of a bird. diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext0 b/security/nss/cmd/bltest/tests/sha256/ciphertext0 deleted file mode 100644 index 07e2ff14fa..0000000000 --- a/security/nss/cmd/bltest/tests/sha256/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0= diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext1 b/security/nss/cmd/bltest/tests/sha256/ciphertext1 deleted file mode 100644 index 2ab6e1da58..0000000000 --- a/security/nss/cmd/bltest/tests/sha256/ciphertext1 +++ /dev/null @@ -1 +0,0 @@ -JI1qYdIGOLjlwCaTDD5gOaM85Flk/yFn9uzt1BnbBsE= diff --git a/security/nss/cmd/bltest/tests/sha256/numtests b/security/nss/cmd/bltest/tests/sha256/numtests deleted file mode 100644 index 0cfbf08886..0000000000 --- a/security/nss/cmd/bltest/tests/sha256/numtests +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext0 b/security/nss/cmd/bltest/tests/sha256/plaintext0 deleted file mode 100644 index 8baef1b4ab..0000000000 --- a/security/nss/cmd/bltest/tests/sha256/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -abc diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext1 b/security/nss/cmd/bltest/tests/sha256/plaintext1 deleted file mode 100644 index afb5dce5d4..0000000000 --- a/security/nss/cmd/bltest/tests/sha256/plaintext1 +++ /dev/null @@ -1 +0,0 @@ -abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext0 b/security/nss/cmd/bltest/tests/sha384/ciphertext0 deleted file mode 100644 index c94f91e22a..0000000000 --- a/security/nss/cmd/bltest/tests/sha384/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -ywB1P0WjXou1oD1pmsZQBycsMqsO3tFjGotgWkP/W+2AhgcroefMI1i67KE0yCWn diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext1 b/security/nss/cmd/bltest/tests/sha384/ciphertext1 deleted file mode 100644 index 833f06d844..0000000000 --- a/security/nss/cmd/bltest/tests/sha384/ciphertext1 +++ /dev/null @@ -1 +0,0 @@ -CTMMM/cRR+g9GS/Hgs0bR1MRGxc7OwXSL6CAhuOw9xL8x8caVX4tuWbD6fqRdGA5 diff --git a/security/nss/cmd/bltest/tests/sha384/numtests b/security/nss/cmd/bltest/tests/sha384/numtests deleted file mode 100644 index 0cfbf08886..0000000000 --- a/security/nss/cmd/bltest/tests/sha384/numtests +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext0 b/security/nss/cmd/bltest/tests/sha384/plaintext0 deleted file mode 100644 index 8baef1b4ab..0000000000 --- a/security/nss/cmd/bltest/tests/sha384/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -abc diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext1 b/security/nss/cmd/bltest/tests/sha384/plaintext1 deleted file mode 100644 index 94fcc2b297..0000000000 --- a/security/nss/cmd/bltest/tests/sha384/plaintext1 +++ /dev/null @@ -1 +0,0 @@ -abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext0 b/security/nss/cmd/bltest/tests/sha512/ciphertext0 deleted file mode 100644 index 8b626e2379..0000000000 --- a/security/nss/cmd/bltest/tests/sha512/ciphertext0 +++ /dev/null @@ -1,2 +0,0 @@ -3a81oZNherrMQXNJriBBMRLm+k6JqX6iCp7u5ktV05ohkpkqJ0/BqDa6PCOj/uu9 -RU1EI2Q86A4qmslPpUyknw== diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext1 b/security/nss/cmd/bltest/tests/sha512/ciphertext1 deleted file mode 100644 index c02d1752d0..0000000000 --- a/security/nss/cmd/bltest/tests/sha512/ciphertext1 +++ /dev/null @@ -1,2 +0,0 @@ -jpWbddrjE9qM9PcoFPwUP493ecbrn3+hcpmurbaIkBhQHSieSQD35DMbmd7EtUM6 -x9Mp7rbdJlReluVbh0vpCQ== diff --git a/security/nss/cmd/bltest/tests/sha512/numtests b/security/nss/cmd/bltest/tests/sha512/numtests deleted file mode 100644 index 0cfbf08886..0000000000 --- a/security/nss/cmd/bltest/tests/sha512/numtests +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext0 b/security/nss/cmd/bltest/tests/sha512/plaintext0 deleted file mode 100644 index 8baef1b4ab..0000000000 --- a/security/nss/cmd/bltest/tests/sha512/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -abc diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext1 b/security/nss/cmd/bltest/tests/sha512/plaintext1 deleted file mode 100644 index 94fcc2b297..0000000000 --- a/security/nss/cmd/bltest/tests/sha512/plaintext1 +++ /dev/null @@ -1 +0,0 @@ -abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile deleted file mode 100644 index 763faa2535..0000000000 --- a/security/nss/cmd/btoa/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c deleted file mode 100644 index d58805c655..0000000000 --- a/security/nss/cmd/btoa/btoa.c +++ /dev/null @@ -1,196 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "plgetopt.h" -#include "secutil.h" -#include "nssb64.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -static PRInt32 -output_ascii (void *arg, const char *obuf, PRInt32 size) -{ - FILE *outFile = arg; - int nb; - - nb = fwrite(obuf, 1, size, outFile); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return nb; -} - -static SECStatus -encode_file(FILE *outFile, FILE *inFile) -{ - NSSBase64Encoder *cx; - int nb; - SECStatus status = SECFailure; - unsigned char ibuf[4096]; - - cx = NSSBase64Encoder_Create(output_ascii, outFile); - if (!cx) { - return -1; - } - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - /* eof */ - break; - } - } - - status = NSSBase64Encoder_Update(cx, ibuf, nb); - if (status != SECSuccess) goto loser; - } - - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - if (status != SECSuccess) - return status; - - /* - * Add a trailing CRLF. Note this must be done *after* the call - * to Destroy above (because only then are we sure all data has - * been written out). - */ - fwrite("\r\n", 1, 2, outFile); - return SECSuccess; - - loser: - (void) NSSBase64Encoder_Destroy(cx, PR_TRUE); - return status; -} - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - SECStatus rv; - FILE *inFile, *outFile; - PLOptState *optstate; - PLOptStatus status; - - inFile = 0; - outFile = 0; - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - default: - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "rb"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - } - } - if (status == PL_OPT_BAD) - Usage(progName); - if (!inFile) { -#if defined(WIN32) - /* If we're going to read binary data from stdin, we must put stdin - ** into O_BINARY mode or else incoming \r\n's will become \n's. - */ - - int smrv = _setmode(_fileno(stdin), _O_BINARY); - if (smrv == -1) { - fprintf(stderr, - "%s: Cannot change stdin to binary mode. Use -i option instead.\n", - progName); - return smrv; - } -#endif - inFile = stdin; - } - if (!outFile) - outFile = stdout; - rv = encode_file(outFile, inFile); - if (rv != SECSuccess) { - fprintf(stderr, "%s: lossage: error=%d errno=%d\n", - progName, PORT_GetError(), errno); - return -1; - } - return 0; -} diff --git a/security/nss/cmd/btoa/makefile.win b/security/nss/cmd/btoa/makefile.win deleted file mode 100644 index 28d3ee8733..0000000000 --- a/security/nss/cmd/btoa/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = btoa -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn deleted file mode 100644 index b82b26a5cd..0000000000 --- a/security/nss/cmd/btoa/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# MODULE is implicitly REQUIRED, doesn't need to be listed below. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = btoa.c - -PROGRAM = btoa - diff --git a/security/nss/cmd/certcgi/HOWTO.txt b/security/nss/cmd/certcgi/HOWTO.txt deleted file mode 100644 index f02ad32fd4..0000000000 --- a/security/nss/cmd/certcgi/HOWTO.txt +++ /dev/null @@ -1,168 +0,0 @@ - How to setup your very own Cert-O-Matic Root CA server - -***** BEGIN LICENSE BLOCK ***** -Version: MPL 1.1/GPL 2.0/LGPL 2.1 - -The contents of this file are subject to the Mozilla Public License Version -1.1 (the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at -http://www.mozilla.org/MPL/ - -Software distributed under the License is distributed on an "AS IS" basis, -WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -for the specific language governing rights and limitations under the -License. - -The Original Code is Netscape security libraries. - -The Initial Developer of the Original Code is Netscape Communications -Corporation. Portions created by the Initial Developer are -Copyright (C) 2001 the Initial Developer. All Rights Reserved. - -Contributor(s): - -Alternatively, the contents of this file may be used under the terms of -either the GNU General Public License Version 2 or later (the "GPL"), or -the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -in which case the provisions of the GPL or the LGPL are applicable instead -of those above. If you wish to allow use of your version of this file only -under the terms of either the GPL or the LGPL, and not to allow others to -use your version of this file under the terms of the MPL, indicate your -decision by deleting the provisions above and replace them with the notice -and other provisions required by the GPL or the LGPL. If you do not delete -the provisions above, a recipient may use your version of this file under -the terms of any one of the MPL, the GPL or the LGPL. - -***** END LICENSE BLOCK ***** - - How to setup your very own Cert-O-Matic Root CA server - -The program certcgi is part of a small test CA that is used inside -Netscape by the NSS development team. That CA is affectionately known -as "Cert-O-Matic" or "Cert-O-Matic II". It presently runs on a server -named interzone.mcom.com inside Netscape's firewall. - -If you wish to setup your own Cert-O-Matic, here are directions. - -Disclaimer: This program does not follow good practices for root CAs. -It should be used only for playing/testing and never for production use. -Remember, you've been warned! - -Cert-O-Matic consists of some html files, shell scripts, one executable -program that uses NSS and NSPR, the usual set of NSS .db files, and a file -in which to remember the serial number of the last cert issued. The -html files and the source to the executable program are in this directory. -Sample shell scripts are shown below. - -The shell scripts and executable program run as CGI "scripts". The -entire thing runs on an ordinary http web server. It would also run on -an https web server. The shell scripts and html files must be -customized for the server on which they run. - -The package assumes you have a "document root" directory $DOCROOT, and a -"cgi-bin" directory $CGIBIN. In this example, the document root is -assumed to be located in /var/www/htdocs, and the cgi-bin directory in -/var/www/cgi-bin. - -The server is assumed to run all cgi scripts as the user "nobody". -The names of the cgi scripts run directly by the server all end in .cgi -because some servers like it that way. - -Instructions: - -- Create directory $DOCROOT/certomatic -- Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic - ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html -- Edit the html files, substituting the name of your own server for the - server named in those files. -- In some web page (e.g. your server's home page), provide an html link to - $DOCROOT/certomatic/index.html. This is where users start to get their - own certs from certomatic. -- give these files and directories appropriate permissions. - -- Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin - make sure that $CGIBIN/certomatic is writable by "nobody" - -- Create a new set of NSS db files there with the following command: - - certutil -N -d $CGIBIN/certomatic - -- when certutil prompts you for the password, enter the word foo - because that is compiled into the certcgi program. - -- Create the new Root CA cert with this command - - certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \ - -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \ - -g 1024 -m 10001 -v 60 - - (adjust the -g, -m and -v parameters to taste. -s and -x must be as -shown.) - -- dump out the new root CA cert in base64 encoding: - - certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \ - $CGIBIN/certomatic/root.cacert - -- In $CGIBIN/certomatic/bin add two shell scripts - one to download the - root CA cert on demand, and one to run the certcgi program. - -download.cgi, the script to install the root CA cert into a browser on -demand, is this: - -#!/bin/sh -echo "Content-type: application/x-x509-ca-cert" -echo -cat $CGIBIN/certomatic/root.cacert - -You'll have to put the real path into that cat command because CGIBIN -won't be defined when this script is run by the server. - -certcgi.cgi, the script to run the certcgi program is similar to this: - -#!/bin/sh -cd $CGIBIN/certomatic/bin -LD_LIBRARY_PATH=$PLATFORM/lib -export LD_LIBRARY_PATH -$PLATFORM/bin/certcgi $* 2>&1 - -Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and -$PLATFORM/bin is where certcgi is located. PLATFORM is not defined when -the server runs this script, so you'll have to substitute the right value -in your script. certcgi requires that the working directory be one level -below the NSS DBs, that is, the DBs are accessed in the directory "..". - -You'll want to provide an html link somewhere to the script that downloads -the root.cacert file. You'll probably want to put that next to the link -that loads the index.html page. On interzone, this is done with the -following html: - -Cert-O-Matic II Root CA server -

-Download and trust Root CA -certificate - -The index.html file in this directory invokes the certcgi.cgi script with -the form post method, so if you change the name of the certcgi.cgi script, -you'll also have to change the index.html file in $DOCROOT/certomatic - -The 4 files used by the certcgi program (the 3 NSS DBs, and the serial -number file) are not required to live in $CGIBIN/certomatic, but they are -required to live in $CWD/.. when certcgi starts. - -Known bugs: - -1. Because multiple of these CAs exist simultaneously, it would be best if -they didn't all have to be called "Cert-O-Matic II", but that string is -presently hard coded into certcgi.c. - -2. the html files in this directory contain numerous extraneous

tags -which appear to use the post method and have action URLS that are never -actually used. burp.cgi and echoform.cgi are never actually used. This -should be cleaned up. - -3. The html files use tags which are supported only in Netscape -Navigator and Netscape Communication 4.x browsers. The html files do -not work as intended with Netscape 6.x, Mozilla or Microsoft IE browsers. -The html files should be fixed to work with all those named browsers. - diff --git a/security/nss/cmd/certcgi/Makefile b/security/nss/cmd/certcgi/Makefile deleted file mode 100644 index 573c12cac1..0000000000 --- a/security/nss/cmd/certcgi/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/certcgi/ca.html b/security/nss/cmd/certcgi/ca.html deleted file mode 100644 index b9ffd8238d..0000000000 --- a/security/nss/cmd/certcgi/ca.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - - Use the Cert-O-matic certificate to issue the cert

- Use a - CA long - automatically generated chain ending with the Cert-O-Matic Cert - (18 maximum)

- Use a - CA long - user input chain ending in the Cert-O-Matic Cert.

- diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html deleted file mode 100644 index 43042cb64d..0000000000 --- a/security/nss/cmd/certcgi/ca_form.html +++ /dev/null @@ -1,385 +0,0 @@ - - -
- - - - - - - - - - - - - -
- Common Name:

- 		- Mail:

- RFC 1274 - e-mail
- Organization:

- Organizational Unit:

- RFC 1274 UID:

- Locality:

- State or Province:

- Country:

- - - - - - - -
- Serial Number:

-
- Auto Generate

-
- - Use this value:

-
- X.509 version:

-
- Version 1

-
- Version 3

 - Key Type:

-
- RSA

-
- DSA

- DN:

- -

-
-

- - - - - - - - - - - - - - - - - -
- Netscape Certificate Type:

- Activate extension:

- Critical: - 		- SSL Client

- SSL Server

- S/MIME

- Object Signing

- Reserved for future use (bit 4)

- SSL CA

- S/MIME CA

- Object Signing CA

-
- Netscape Base URL:

- Activate extension:

- Critical: - 		- -
- Netscape Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape Certificate Renewal URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Policy URL:

- Activate extension:

- Critical: - 		- -
- Netscape SSL Server Name:

- Activate extension:

- Critical: - 		- -
- Netscape Comment:

- Activate extension:

- Critical: - 		- -
-

-
-

- - - - - - - - - - - - - - - - - - - - - - - -
- Key Usage:

- Activate extension:

- Critical: - 		- Digital Signature

- Non Repudiation

- Key Encipherment

- Data Encipherment

- Key Agreement

- Key Certificate Signing

- CRL Signing

-
- Extended Key Usage:

- Activate extension:

- Critical: - 		- Server Auth

- Client Auth

- Code Signing

- Email Protection

- Timestamp

- OCSP Responder

- Step-up

-
- Basic Constraints:

- Activate extension:

- Critical: - 		- CA:

-
True

-
False

- - Include Path length:

-
- Authority Key Identifier:

- Activate extension: - 		- Key Identider

- Issuer Name and Serial number

-
- Subject Key Identifier:

- Activate extension: - 		- Key Identifier: -

- This is an:

-

ascii text value

-

hex value

-

- Private Key Usage Period:

- Activate extension:

- Critical: - 		- Use:

-
Not Before

-
Not After

-
Both

- Not to be used to sign before:

-
Set to time of certificate issue

-
Use This value

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

- Not to be used to sign after:

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

-
- Subject Alternative Name:

- Activate extension:

- Critical: - 		- - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID - Netscape Certificate Nickname
- Name: - Binary Encoded:

-
-
- Issuer Alternative Name:

- Activate extension:

- Critical: - 		- Use the Subject Alternative Name from the Issuers Certificate

- Use this Name: - - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

-
-
- Name Constraints:

- Activate extension:

- 		- - - -
- Name Constraints:

- - -

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

- Constraint type:

-

permited

-

excluded

- Minimum:

- Maximum:

- - - -
-
-
- - - - - - - - - - diff --git a/security/nss/cmd/certcgi/certcgi.c b/security/nss/cmd/certcgi/certcgi.c deleted file mode 100644 index 5806307d8b..0000000000 --- a/security/nss/cmd/certcgi/certcgi.c +++ /dev/null @@ -1,2431 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* Cert-O-Matic CGI */ - - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "cert.h" -#include "cryptohi.h" -#include "secoid.h" -#include "secder.h" -#include "genname.h" -#include "xconst.h" -#include "secutil.h" -#include "pqgutil.h" -#include "certxutl.h" -#include "secrng.h" /* for RNG_ */ -#include "nss.h" - - -/* #define TEST 1 */ -/* #define FILEOUT 1 */ -/* #define OFFLINE 1 */ -#define START_FIELDS 100 -#define PREFIX_LEN 6 -#define SERIAL_FILE "../serial" -#define DB_DIRECTORY ".." - -static char *progName; - -typedef struct PairStr Pair; - -struct PairStr { - char *name; - char *data; -}; - - -char prefix[PREFIX_LEN]; - - -const SEC_ASN1Template CERTIA5TypeTemplate[] = { - { SEC_ASN1_IA5_STRING } -}; - - - -SECKEYPrivateKey *privkeys[9] = {NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL}; - - -#ifdef notdef -const SEC_ASN1Template CERT_GeneralNameTemplate[] = { - { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate } -}; -#endif - - -static void -error_out(char *error_string) -{ - printf("Content-type: text/plain\n\n"); - printf(error_string); - fflush(stderr); - fflush(stdout); - exit(1); -} - -static void -error_allocate(void) -{ - error_out("ERROR: Unable to allocate memory"); -} - - -static char * -make_copy_string(char *read_pos, - int length, - char sentinal_value) - /* copys string from to a new string it creates and - returns a pointer to the new string */ -{ - int remaining = length; - char *write_pos; - char *new; - - new = write_pos = (char *) PORT_Alloc (length); - if (new == NULL) { - error_allocate(); - } - while (*read_pos != sentinal_value) { - if (remaining == 1) { - remaining += length; - length = length * 2; - new = PORT_Realloc(new,length); - if (new == NULL) { - error_allocate(); - } - write_pos = new + length - remaining; - } - *write_pos = *read_pos; - ++write_pos; - ++read_pos; - remaining = remaining - 1; - } - *write_pos = '\0'; - return new; -} - - -static char * -PasswordStub(PK11SlotInfo *slot, - void *cx) -{ - return NULL; -} - - -static SECStatus -clean_input(Pair *data) - /* converts the non-alphanumeric characters in a form post - from hex codes back to characters */ -{ - int length; - int hi_digit; - int low_digit; - char character; - char *begin_pos; - char *read_pos; - char *write_pos; - PRBool name = PR_TRUE; - - begin_pos = data->name; - while (begin_pos != NULL) { - length = strlen(begin_pos); - read_pos = write_pos = begin_pos; - while ((read_pos - begin_pos) < length) { - if (*read_pos == '+') { - *read_pos = ' '; - } - if (*read_pos == '%') { - hi_digit = *(read_pos + 1); - low_digit = *(read_pos +2); - read_pos += 3; - if (isdigit(hi_digit)){ - hi_digit = hi_digit - '0'; - } else { - hi_digit = toupper(hi_digit); - if (isxdigit(hi_digit)) { - hi_digit = (hi_digit - 'A') + 10; - } else { - error_out("ERROR: Form data incorrectly formated"); - } - } - if (isdigit(low_digit)){ - low_digit = low_digit - '0'; - } else { - low_digit = toupper(low_digit); - if ((low_digit >='A') && (low_digit <= 'F')) { - low_digit = (low_digit - 'A') + 10; - } else { - error_out("ERROR: Form data incorrectly formated"); - } - } - character = (hi_digit << 4) | low_digit; - if (character != 10) { - *write_pos = character; - ++write_pos; - } - } else { - *write_pos = *read_pos; - ++write_pos; - ++read_pos; - } - } - *write_pos = '\0'; - if (name == PR_TRUE) { - begin_pos = data->data; - name = PR_FALSE; - } else { - data++; - begin_pos = data->name; - name = PR_TRUE; - } - } - return SECSuccess; -} - -static char * -make_name(char *new_data) - /* gets the next field name in the input string and returns - a pointer to a string containing a copy of it */ -{ - int length = 20; - char *name; - - name = make_copy_string(new_data, length, '='); - return name; -} - -static char * -make_data(char *new_data) - /* gets the data for the next field in the input string - and returns a pointer to a string containing it */ -{ - int length = 100; - char *data; - char *read_pos; - - read_pos = new_data; - while (*(read_pos - 1) != '=') { - ++read_pos; - } - data = make_copy_string(read_pos, length, '&'); - return data; -} - - -static Pair -make_pair(char *new_data) - /* makes a pair name/data pair from the input string */ -{ - Pair temp; - - temp.name = make_name(new_data); - temp.data = make_data(new_data); - return temp; -} - - - -static Pair * -make_datastruct(char *data, int len) - /* parses the input from the form post into a data - structure of field name/data pairs */ -{ - Pair *datastruct; - Pair *current; - char *curr_pos; - int fields = START_FIELDS; - int remaining = START_FIELDS; - - curr_pos = data; - datastruct = current = (Pair *) PORT_Alloc(fields * sizeof(Pair)); - if (datastruct == NULL) { - error_allocate(); - } - while (curr_pos - data < len) { - if (remaining == 1) { - remaining += fields; - fields = fields * 2; - datastruct = (Pair *) PORT_Realloc - (datastruct, fields * sizeof(Pair)); - if (datastruct == NULL) { - error_allocate(); - } - current = datastruct + (fields - remaining); - } - *current = make_pair(curr_pos); - while (*curr_pos != '&') { - ++curr_pos; - } - ++curr_pos; - ++current; - remaining = remaining - 1; - } - current->name = NULL; - return datastruct; -} - -static char * -return_name(Pair *data_struct, - int n) - /* returns a pointer to the name of the nth - (starting from 0) item in the data structure */ -{ - char *name; - - if ((data_struct + n)->name != NULL) { - name = (data_struct + n)->name; - return name; - } else { - return NULL; - } -} - -static char * -return_data(Pair *data_struct,int n) - /* returns a pointer to the data of the nth (starting from 0) - itme in the data structure */ -{ - char *data; - - data = (data_struct + n)->data; - return data; -} - - -static char * -add_prefix(char *field_name) -{ - extern char prefix[PREFIX_LEN]; - int i = 0; - char *rv; - char *write; - - rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1); - for(i = 0; i < PORT_Strlen(prefix); i++) { - *write = prefix[i]; - write++; - } - *write = '\0'; - rv = PORT_Strcat(rv,field_name); - return rv; -} - - -static char * -find_field(Pair *data, - char *field_name, - PRBool add_pre) - /* returns a pointer to the data of the first pair - thats name matches the string it is passed */ -{ - int i = 0; - char *retrieved; - int found = 0; - - if (add_pre) { - field_name = add_prefix(field_name); - } - while(return_name(data, i) != NULL) { - if (PORT_Strcmp(return_name(data, i), field_name) == 0) { - retrieved = return_data(data, i); - found = 1; - break; - } - i++; - } - if (!found) { - retrieved = NULL; - } - return retrieved; -} - -static PRBool -find_field_bool(Pair *data, - char *fieldname, - PRBool add_pre) -{ - char *rv; - - rv = find_field(data, fieldname, add_pre); - - if ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) { - return PR_TRUE; - } else { - return PR_FALSE; - } -} - -static char * -update_data_by_name(Pair *data, - char *field_name, - char *new_data) - /* replaces the data in the data structure associated with - a name with new data, returns null if not found */ -{ - int i = 0; - int found = 0; - int length = 100; - char *new; - - while (return_name(data, i) != NULL) { - if (PORT_Strcmp(return_name(data, i), field_name) == 0) { - new = make_copy_string( new_data, length, '\0'); - PORT_Free(return_data(data, i)); - found = 1; - (*(data + i)).data = new; - break; - } - i++; - } - if (!found) { - new = NULL; - } - return new; -} - -static char * -update_data_by_index(Pair *data, - int n, - char *new_data) - /* replaces the data of a particular index in the data structure */ -{ - int length = 100; - char *new; - - new = make_copy_string(new_data, length, '\0'); - PORT_Free(return_data(data, n)); - (*(data + n)).data = new; - return new; -} - - -static Pair * -add_field(Pair *data, - char* field_name, - char* field_data) - /* adds a new name/data pair to the data structure */ -{ - int i = 0; - int j; - int name_length = 100; - int data_length = 100; - - while(return_name(data, i) != NULL) { - i++; - } - j = START_FIELDS; - while ( j < (i + 1) ) { - j = j * 2; - } - if (j == (i + 1)) { - data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair)); - if (data == NULL) { - error_allocate(); - } - } - (*(data + i)).name = make_copy_string(field_name, name_length, '\0'); - (*(data + i)).data = make_copy_string(field_data, data_length, '\0'); - (data + i + 1)->name = NULL; - return data; -} - - -static CERTCertificateRequest * -makeCertReq(Pair *form_data, - int which_priv_key) - /* makes and encodes a certrequest */ -{ - - PK11SlotInfo *slot; - CERTCertificateRequest *certReq = NULL; - CERTSubjectPublicKeyInfo *spki; - SECKEYPrivateKey *privkey = NULL; - SECKEYPublicKey *pubkey = NULL; - CERTName *name; - char *key; - extern SECKEYPrivateKey *privkeys[9]; - int keySizeInBits; - char *challenge = "foo"; - SECStatus rv = SECSuccess; - PQGParams *pqgParams = NULL; - PQGVerify *pqgVfy = NULL; - - name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE)); - if (name == NULL) { - error_out("ERROR: Unable to create Subject Name"); - } - key = find_field(form_data, "key", PR_TRUE); - if (key == NULL) { - switch (*find_field(form_data, "keysize", PR_TRUE)) { - case '0': - keySizeInBits = 2048; - break; - case '1': - keySizeInBits = 1024; - break; - case '2': - keySizeInBits = 512; - break; - default: - error_out("ERROR: Unsupported Key length selected"); - } - if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) { - rv = PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy); - if (rv != SECSuccess) { - error_out("ERROR: Unable to generate PQG parameters"); - } - slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL); - privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, - pqgParams,&pubkey, PR_FALSE, - PR_TRUE, NULL); - } else { - privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL); - } - privkeys[which_priv_key] = privkey; - spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey); - } else { - spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge, - NULL); - if (spki == NULL) { - error_out("ERROR: Unable to decode Public Key and Challenge String"); - } - } - certReq = CERT_CreateCertificateRequest(name, spki, NULL); - if (certReq == NULL) { - error_out("ERROR: Unable to create Certificate Request"); - } - if (pubkey != NULL) { - SECKEY_DestroyPublicKey(pubkey); - } - if (spki != NULL) { - SECKEY_DestroySubjectPublicKeyInfo(spki); - } - if (pqgParams != NULL) { - PQG_DestroyParams(pqgParams); - } - if (pqgVfy != NULL) { - PQG_DestroyVerify(pqgVfy); - } - return certReq; -} - - - -static CERTCertificate * -MakeV1Cert(CERTCertDBHandle *handle, - CERTCertificateRequest *req, - char *issuerNameStr, - PRBool selfsign, - int serialNumber, - int warpmonths, - Pair *data) -{ - CERTCertificate *issuerCert = NULL; - CERTValidity *validity; - CERTCertificate *cert = NULL; - PRExplodedTime printableTime; - PRTime now, - after; - SECStatus rv; - - - - if ( !selfsign ) { - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - if (!issuerCert) { - error_out("ERROR: Could not find issuer's certificate"); - return NULL; - } - } - if (find_field_bool(data, "manValidity", PR_TRUE)) { - rv = DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE)); - } else { - now = PR_Now(); - } - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - if ( warpmonths ) { - printableTime.tm_month += warpmonths; - now = PR_ImplodeTime (&printableTime); - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - } - if (find_field_bool(data, "manValidity", PR_TRUE)) { - rv = DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE)); - PR_ExplodeTime (after, PR_GMTParameters, &printableTime); - } else { - printableTime.tm_month += 3; - after = PR_ImplodeTime (&printableTime); - } - /* note that the time is now in micro-second unit */ - validity = CERT_CreateValidity (now, after); - - if ( selfsign ) { - cert = CERT_CreateCertificate - (serialNumber,&(req->subject), validity, req); - } else { - cert = CERT_CreateCertificate - (serialNumber,&(issuerCert->subject), validity, req); - } - - CERT_DestroyValidity(validity); - if ( issuerCert ) { - CERT_DestroyCertificate (issuerCert); - } - return(cert); -} - -static int -get_serial_number(Pair *data) -{ - int serial = 0; - int error; - char *filename = SERIAL_FILE; - char *SN; - FILE *serialFile; - - - if (find_field_bool(data, "serial-auto", PR_TRUE)) { - serialFile = fopen(filename, "r"); - if (serialFile != NULL) { - fread(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to read serial number file"); - } - if (serial == 4294967295) { - serial = 21; - } - fclose(serialFile); - ++serial; - serialFile = fopen(filename,"w"); - if (serialFile == NULL) { - error_out("ERROR: Unable to open serial number file for writing"); - } - fwrite(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to write to serial number file"); - } - } else { - fclose(serialFile); - serialFile = fopen(filename,"w"); - if (serialFile == NULL) { - error_out("ERROR: Unable to open serial number file"); - } - serial = 21; - fwrite(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to write to serial number file"); - } - error = ferror(serialFile); - if (error != 0) { - error_out("ERROR: Unable to write to serial file"); - } - } - fclose(serialFile); - } else { - SN = find_field(data, "serial_value", PR_TRUE); - while (*SN != '\0') { - serial = serial * 16; - if ((*SN >= 'A') && (*SN <='F')) { - serial += *SN - 'A' + 10; - } else { - if ((*SN >= 'a') && (*SN <='f')) { - serial += *SN - 'a' + 10; - } else { - serial += *SN - '0'; - } - } - ++SN; - } - } - return serial; -} - - - -typedef SECStatus (* EXTEN_VALUE_ENCODER) - (PRArenaPool *extHandle, void *value, SECItem *encodedValue); - -static SECStatus -EncodeAndAddExtensionValue( - PRArenaPool *arena, - void *extHandle, - void *value, - PRBool criticality, - int extenType, - EXTEN_VALUE_ENCODER EncodeValueFn) -{ - SECItem encodedValue; - SECStatus rv; - - - encodedValue.data = NULL; - encodedValue.len = 0; - rv = (*EncodeValueFn)(arena, value, &encodedValue); - if (rv != SECSuccess) { - error_out("ERROR: Unable to encode extension value"); - } - rv = CERT_AddExtension - (extHandle, extenType, &encodedValue, criticality, PR_TRUE); - return (rv); -} - - - -static SECStatus -AddKeyUsage (void *extHandle, - Pair *data) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - - if (find_field_bool(data,"keyUsage-digitalSignature", PR_TRUE)){ - keyUsage |= (0x80 >> 0); - } - if (find_field_bool(data,"keyUsage-nonRepudiation", PR_TRUE)){ - keyUsage |= (0x80 >> 1); - } - if (find_field_bool(data,"keyUsage-keyEncipherment", PR_TRUE)){ - keyUsage |= (0x80 >> 2); - } - if (find_field_bool(data,"keyUsage-dataEncipherment", PR_TRUE)){ - keyUsage |= (0x80 >> 3); - } - if (find_field_bool(data,"keyUsage-keyAgreement", PR_TRUE)){ - keyUsage |= (0x80 >> 4); - } - if (find_field_bool(data,"keyUsage-keyCertSign", PR_TRUE)) { - keyUsage |= (0x80 >> 5); - } - if (find_field_bool(data,"keyUsage-cRLSign", PR_TRUE)) { - keyUsage |= (0x80 >> 6); - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, - (find_field_bool(data, "keyUsage-crit", PR_TRUE)))); - -} - -static CERTOidSequence * -CreateOidSequence(void) -{ - CERTOidSequence *rv = (CERTOidSequence *)NULL; - PRArenaPool *arena = (PRArenaPool *)NULL; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if( (PRArenaPool *)NULL == arena ) { - goto loser; - } - - rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); - if( (CERTOidSequence *)NULL == rv ) { - goto loser; - } - - rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *)); - if( (SECItem **)NULL == rv->oids ) { - goto loser; - } - - rv->arena = arena; - return rv; - - loser: - if( (PRArenaPool *)NULL != arena ) { - PORT_FreeArena(arena, PR_FALSE); - } - - return (CERTOidSequence *)NULL; -} - -static SECStatus -AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) -{ - SECItem **oids; - PRUint32 count = 0; - SECOidData *od; - - od = SECOID_FindOIDByTag(oidTag); - if( (SECOidData *)NULL == od ) { - return SECFailure; - } - - for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) { - count++; - } - - /* ArenaZRealloc */ - - { - PRUint32 i; - - oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2)); - if( (SECItem **)NULL == oids ) { - return SECFailure; - } - - for( i = 0; i < count; i++ ) { - oids[i] = os->oids[i]; - } - - /* ArenaZFree(os->oids); */ - } - - os->oids = oids; - os->oids[count] = &od->oid; - - return SECSuccess; -} - -static SECItem * -EncodeOidSequence(CERTOidSequence *os) -{ - SECItem *rv; - extern const SEC_ASN1Template CERT_OidSeqTemplate[]; - - rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem)); - if( (SECItem *)NULL == rv ) { - goto loser; - } - - if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) { - goto loser; - } - - return rv; - - loser: - return (SECItem *)NULL; -} - -static SECStatus -AddExtKeyUsage(void *extHandle, Pair *data) -{ - SECStatus rv; - CERTOidSequence *os; - SECItem *value; - PRBool crit; - - os = CreateOidSequence(); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - if( find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); - if( SECSuccess != rv ) goto loser; - } - - value = EncodeOidSequence(os); - - crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE); - - rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value, - crit, PR_TRUE); - /*FALLTHROUGH*/ - loser: - CERT_DestroyOidSequence(os); - return rv; -} - -static SECStatus -AddSubKeyID(void *extHandle, - Pair *data, - CERTCertificate *subjectCert) -{ - SECItem encodedValue; - SECStatus rv; - char *read; - char *write; - char *first; - char character; - int high_digit = 0, - low_digit = 0; - int len; - PRBool odd = PR_FALSE; - - - encodedValue.data = NULL; - encodedValue.len = 0; - first = read = write = find_field(data,"subjectKeyIdentifier-text", - PR_TRUE); - len = PORT_Strlen(first); - odd = ((len % 2) != 0 ) ? PR_TRUE : PR_FALSE; - if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) { - if (odd) { - error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string"); - } - while (*read != '\0') { - if (!isxdigit(*read)) { - error_out("ERROR: Improperly formated subject key identifier"); - } - *read = toupper(*read); - if ((*read >= 'A') && (*read <= 'F')) { - high_digit = *read - 'A' + 10; - } else { - high_digit = *read - '0'; - } - ++read; - if (!isxdigit(*read)) { - error_out("ERROR: Improperly formated subject key identifier"); - } - *read = toupper(*read); - if ((*read >= 'A') && (*read <= 'F')) { - low_digit = *(read) - 'A' + 10; - } else { - low_digit = *(read) - '0'; - } - character = (high_digit << 4) | low_digit; - *write = character; - ++write; - ++read; - } - *write = '\0'; - len = write - first; - } - subjectCert->subjectKeyID.data = (unsigned char *) find_field - (data,"subjectKeyIdentifier-text", PR_TRUE); - subjectCert->subjectKeyID.len = len; - rv = CERT_EncodeSubjectKeyID - (NULL, find_field(data,"subjectKeyIdentifier-text", PR_TRUE), - len, &encodedValue); - if (rv) { - return (rv); - } - return (CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_KEY_ID, - &encodedValue, PR_FALSE, PR_TRUE)); -} - - -static SECStatus -AddAuthKeyID (void *extHandle, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle) -{ - CERTAuthKeyID *authKeyID = NULL; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - CERTCertificate *issuerCert = NULL; - CERTGeneralName *genNames; - CERTName *directoryName = NULL; - - - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - error_allocate(); - } - - authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID)); - if (authKeyID == NULL) { - error_allocate(); - } - if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier", - PR_TRUE)) { - authKeyID->keyID.data = PORT_ArenaAlloc (arena, PORT_Strlen - ((char *)issuerCert->subjectKeyID.data)); - if (authKeyID->keyID.data == NULL) { - error_allocate(); - } - PORT_Memcpy (authKeyID->keyID.data, issuerCert->subjectKeyID.data, - authKeyID->keyID.len = - PORT_Strlen((char *)issuerCert->subjectKeyID.data)); - } else { - - PORT_Assert (arena); - genNames = (CERTGeneralName *) PORT_ArenaZAlloc (arena, (sizeof(CERTGeneralName))); - if (genNames == NULL){ - error_allocate(); - } - genNames->l.next = genNames->l.prev = &(genNames->l); - genNames->type = certDirectoryName; - - directoryName = CERT_AsciiToName(issuerCert->subjectName); - if (!directoryName) { - error_out("ERROR: Unable to create Directory Name"); - } - rv = CERT_CopyName (arena, &genNames->name.directoryName, - directoryName); - CERT_DestroyName (directoryName); - if (rv != SECSuccess) { - error_out("ERROR: Unable to copy Directory Name"); - } - authKeyID->authCertIssuer = genNames; - if (authKeyID->authCertIssuer == NULL && SECFailure == - PORT_GetError ()) { - error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension"); - } - authKeyID->authCertSerialNumber = issuerCert->serialNumber; - } - rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE, - SEC_OID_X509_AUTH_KEY_ID, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAuthKeyID); - if (arena) { - PORT_FreeArena (arena, PR_FALSE); - } - return (rv); -} - - -static SECStatus -AddPrivKeyUsagePeriod(void *extHandle, - Pair *data, - CERTCertificate *cert) -{ - char *notBeforeStr; - char *notAfterStr; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - PKUPEncodedContext *pkup; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - error_allocate(); - } - pkup = PORT_ArenaZAlloc (arena, sizeof (PKUPEncodedContext)); - if (pkup == NULL) { - error_allocate(); - } - notBeforeStr = (char *) PORT_Alloc(16 ); - notAfterStr = (char *) PORT_Alloc(16 ); - *notBeforeStr = '\0'; - *notAfterStr = '\0'; - pkup->arena = arena; - pkup->notBefore.len = 0; - pkup->notBefore.data = NULL; - pkup->notAfter.len = 0; - pkup->notAfter.data = NULL; - if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) || - find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { - pkup->notBefore.len = 15; - pkup->notBefore.data = (unsigned char *)notBeforeStr; - if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual", - PR_TRUE)) { - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-year", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-month", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-day", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-hour", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-minute", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-second", - PR_TRUE)); - if ((*(notBeforeStr + 14) != '\0') || - (!isdigit(*(notBeforeStr + 13))) || - (*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') || - (!isdigit(*(notBeforeStr + 11))) || - (*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') || - (!isdigit(*(notBeforeStr + 9))) || - (*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') || - (!isdigit(*(notBeforeStr + 7))) || - (*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') || - (!isdigit(*(notBeforeStr + 5))) || - (*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') || - (!isdigit(*(notBeforeStr + 3))) || - (!isdigit(*(notBeforeStr + 2))) || - (!isdigit(*(notBeforeStr + 1))) || - (!isdigit(*(notBeforeStr + 0))) || - (*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') || - (*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') || - (*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) { - error_out("ERROR: Improperly formated private key usage period"); - } - *(notBeforeStr + 14) = 'Z'; - *(notBeforeStr + 15) = '\0'; - } else { - if ((*(cert->validity.notBefore.data) > '5') || - ((*(cert->validity.notBefore.data) == '5') && - (*(cert->validity.notBefore.data + 1) != '0'))) { - PORT_Strcat(notBeforeStr, "19"); - } else { - PORT_Strcat(notBeforeStr, "20"); - } - PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data); - } - } - if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) || - find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { - pkup->notAfter.len = 15; - pkup->notAfter.data = (unsigned char *)notAfterStr; - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-year", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-month", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-day", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-hour", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-minute", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-second", - PR_TRUE)); - if ((*(notAfterStr + 14) != '\0') || - (!isdigit(*(notAfterStr + 13))) || - (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') || - (!isdigit(*(notAfterStr + 11))) || - (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') || - (!isdigit(*(notAfterStr + 9))) || - (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') || - (!isdigit(*(notAfterStr + 7))) || - (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') || - (!isdigit(*(notAfterStr + 5))) || - (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') || - (!isdigit(*(notAfterStr + 3))) || - (!isdigit(*(notAfterStr + 2))) || - (!isdigit(*(notAfterStr + 1))) || - (!isdigit(*(notAfterStr + 0))) || - (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') || - (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') || - (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) { - error_out("ERROR: Improperly formated private key usage period"); - } - *(notAfterStr + 14) = 'Z'; - *(notAfterStr + 15) = '\0'; - } - - PORT_Assert (arena); - - rv = EncodeAndAddExtensionValue(arena, extHandle, pkup, - find_field_bool(data, - "privKeyUsagePeriod-crit", - PR_TRUE), - SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD, - (EXTEN_VALUE_ENCODER) - CERT_EncodePublicKeyUsagePeriod); - if (arena) { - PORT_FreeArena (arena, PR_FALSE); - } - if (notBeforeStr != NULL) { - PORT_Free(notBeforeStr); - } - if (notAfterStr != NULL) { - PORT_Free(notAfterStr); - } - return (rv); -} - -static SECStatus -AddBasicConstraint(void *extHandle, - Pair *data) -{ - CERTBasicConstraints basicConstraint; - SECItem encodedValue; - SECStatus rv; - - encodedValue.data = NULL; - encodedValue.len = 0; - basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; - basicConstraint.isCA = (find_field_bool(data,"basicConstraints-cA-radio-CA", - PR_TRUE)); - if (find_field_bool(data,"basicConstraints-pathLengthConstraint", PR_TRUE)){ - basicConstraint.pathLenConstraint = atoi - (find_field(data,"basicConstraints-pathLengthConstraint-text", - PR_TRUE)); - } - - rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, - &encodedValue); - if (rv) - return (rv); - rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, - &encodedValue, - (find_field_bool(data,"basicConstraints-crit", - PR_TRUE)), PR_TRUE); - - PORT_Free (encodedValue.data); - return (rv); -} - - - -static SECStatus -AddNscpCertType (void *extHandle, - Pair *data) -{ - SECItem bitStringValue; - unsigned char CertType = 0x0; - - if (find_field_bool(data,"netscape-cert-type-ssl-client", PR_TRUE)){ - CertType |= (0x80 >> 0); - } - if (find_field_bool(data,"netscape-cert-type-ssl-server", PR_TRUE)){ - CertType |= (0x80 >> 1); - } - if (find_field_bool(data,"netscape-cert-type-smime", PR_TRUE)){ - CertType |= (0x80 >> 2); - } - if (find_field_bool(data,"netscape-cert-type-object-signing", PR_TRUE)){ - CertType |= (0x80 >> 3); - } - if (find_field_bool(data,"netscape-cert-type-reserved", PR_TRUE)){ - CertType |= (0x80 >> 4); - } - if (find_field_bool(data,"netscape-cert-type-ssl-ca", PR_TRUE)) { - CertType |= (0x80 >> 5); - } - if (find_field_bool(data,"netscape-cert-type-smime-ca", PR_TRUE)) { - CertType |= (0x80 >> 6); - } - if (find_field_bool(data,"netscape-cert-type-object-signing-ca", PR_TRUE)) { - CertType |= (0x80 >> 7); - } - - bitStringValue.data = &CertType; - bitStringValue.len = 1; - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, - (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE)))); -} - - -static SECStatus -add_IA5StringExtension(void *extHandle, - char *string, - PRBool crit, - int idtag) -{ - SECItem encodedValue; - SECStatus rv; - - encodedValue.data = NULL; - encodedValue.len = 0; - - rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue); - if (rv) { - return (rv); - } - return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE)); -} - -static SECItem * -string_to_oid(char *string) -{ - int i; - int length = 20; - int remaining; - int first_value; - int second_value; - int value; - int oidLength; - unsigned char *oidString; - unsigned char *write; - unsigned char *read; - unsigned char *temp; - SECItem *oid; - - - remaining = length; - i = 0; - while (*string == ' ') { - string++; - } - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - } else { - error_out("ERROR: Improperly formated OID"); - } - first_value = atoi(string); - if (first_value < 0 || first_value > 2) { - error_out("ERROR: Improperly formated OID"); - } - string += i + 1; - i = 0; - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - } else { - error_out("ERROR: Improperly formated OID"); - } - second_value = atoi(string); - if (second_value < 0 || second_value > 39) { - error_out("ERROR: Improperly formated OID"); - } - oidString = PORT_ZAlloc(2); - *oidString = (first_value * 40) + second_value; - *(oidString + 1) = '\0'; - oidLength = 1; - string += i + 1; - i = 0; - temp = write = PORT_ZAlloc(length); - while (*string != '\0') { - value = 0; - while(isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '\0') { - value = atoi(string); - string += i; - } else { - if (*(string + i) == '.') { - *(string + i) = '\0'; - value = atoi(string); - string += i + 1; - } else { - *(string + i) = '\0'; - i++; - value = atoi(string); - while (*(string + i) == ' ') - i++; - if (*(string + i) != '\0') { - error_out("ERROR: Improperly formated OID"); - } - } - } - i = 0; - while (value != 0) { - if (remaining < 1) { - remaining += length; - length = length * 2; - temp = PORT_Realloc(temp, length); - write = temp + length - remaining; - } - *write = (value & 0x7f) | (0x80); - write++; - remaining--; - value = value >> 7; - } - *temp = *temp & (0x7f); - oidLength += write - temp; - oidString = PORT_Realloc(oidString, (oidLength + 1)); - read = write - 1; - write = oidLength + oidString - 1; - for (i = 0; i < (length - remaining); i++) { - *write = *read; - write--; - read++; - } - write = temp; - remaining = length; - } - *(oidString + oidLength) = '\0'; - oid = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - oid->data = oidString; - oid->len = oidLength; - PORT_Free(temp); - return oid; -} - -static SECItem * -string_to_ipaddress(char *string) -{ - int i = 0; - int value; - int j = 0; - SECItem *ipaddress; - - - while (*string == ' ') { - string++; - } - ipaddress = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - ipaddress->data = PORT_ZAlloc(9); - while (*string != '\0' && j < 8) { - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - value = atoi(string); - string = string + i + 1; - i = 0; - } else { - if (*(string + i) == '\0') { - value = atoi(string); - string = string + i; - i = 0; - } else { - *(string + i) = '\0'; - while (*(string + i) == ' ') { - i++; - } - if (*(string + i) == '\0') { - value = atoi(string); - string = string + i; - i = 0; - } else { - error_out("ERROR: Improperly formated IP Address"); - } - } - } - if (value >= 0 || value < 256) { - *(ipaddress->data + j) = value; - } else { - error_out("ERROR: Improperly formated IP Address"); - } - j++; - } - *(ipaddress->data + j) = '\0'; - if (j != 4 && j != 8) { - error_out("ERROR: Improperly formated IP Address"); - } - ipaddress->len = j; - return ipaddress; -} - -static SECItem * -string_to_binary(char *string) -{ - SECItem *rv; - int high_digit; - int low_digit; - - rv = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - if (rv == NULL) { - error_allocate(); - } - rv->data = (unsigned char *) PORT_ZAlloc((PORT_Strlen(string))/3 + 2); - while (!isxdigit(*string)) { - string++; - } - rv->len = 0; - while (*string != '\0') { - if (isxdigit(*string)) { - if (*string >= '0' && *string <= '9') { - high_digit = *string - '0'; - } else { - *string = toupper(*string); - high_digit = *string - 'A'; - } - string++; - if (*string >= '0' && *string <= '9') { - low_digit = *string - '0'; - } else { - *string = toupper(*string); - low_digit = *string = 'A'; - } - (rv->len)++; - } else { - if (*string == ':') { - string++; - } else { - if (*string == ' ') { - while (*string == ' ') { - string++; - } - } - if (*string != '\0') { - error_out("ERROR: Improperly formated binary encoding"); - } - } - } - } - - return rv; -} - -static SECStatus -MakeGeneralName(char *name, - CERTGeneralName *genName, - PRArenaPool *arena) -{ - SECItem *oid; - SECOidData *oidData; - SECItem *ipaddress; - SECItem *temp = NULL; - int i; - int nameType; - PRBool binary = PR_FALSE; - SECStatus rv = SECSuccess; - PRBool nickname; - - PORT_Assert(genName); - PORT_Assert(arena); - nameType = *(name + PORT_Strlen(name) - 1) - '0'; - if (nameType == 0 && *(name +PORT_Strlen(name) - 2) == '1') { - nickname = PR_TRUE; - nameType = certOtherName; - } - if (nameType < 1 || nameType > 9) { - error_out("ERROR: Unknown General Name Type"); - } - *(name + PORT_Strlen(name) - 4) = '\0'; - genName->type = nameType; - - switch (genName->type) { - case certURI: - case certRFC822Name: - case certDNSName: { - genName->name.other.data = (unsigned char *)name; - genName->name.other.len = PORT_Strlen(name); - break; - } - - case certIPAddress: { - ipaddress = string_to_ipaddress(name); - genName->name.other.data = ipaddress->data; - genName->name.other.len = ipaddress->len; - break; - } - - case certRegisterID: { - oid = string_to_oid(name); - genName->name.other.data = oid->data; - genName->name.other.len = oid->len; - break; - } - - case certEDIPartyName: - case certX400Address: { - - genName->name.other.data = PORT_ArenaAlloc (arena, - PORT_Strlen (name) + 2); - if (genName->name.other.data == NULL) { - error_allocate(); - } - - PORT_Memcpy (genName->name.other.data + 2, name, PORT_Strlen (name)); - /* This may not be accurate for all cases. - For now, use this tag type */ - genName->name.other.data[0] = (char)(((genName->type - 1) & - 0x1f)| 0x80); - genName->name.other.data[1] = (char)PORT_Strlen (name); - genName->name.other.len = PORT_Strlen (name) + 2; - break; - } - - case certOtherName: { - i = 0; - if (!nickname) { - while (!isdigit(*(name + PORT_Strlen(name) - i))) { - i++; - } - if (*(name + PORT_Strlen(name) - i) == '1') { - binary = PR_TRUE; - } else { - binary = PR_FALSE; - } - while (*(name + PORT_Strlen(name) - i) != '-') { - i++; - } - *(name + PORT_Strlen(name) - i - 1) = '\0'; - i = 0; - while (*(name + i) != '-') { - i++; - } - *(name + i - 1) = '\0'; - oid = string_to_oid(name + i + 2); - } else { - oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME); - oid = &oidData->oid; - while (*(name + PORT_Strlen(name) - i) != '-') { - i++; - } - *(name + PORT_Strlen(name) - i) = '\0'; - } - genName->name.OthName.oid.data = oid->data; - genName->name.OthName.oid.len = oid->len; - if (binary) { - temp = string_to_binary(name); - genName->name.OthName.name.data = temp->data; - genName->name.OthName.name.len = temp->len; - } else { - temp = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - if (temp == NULL) { - error_allocate(); - } - temp->data = (unsigned char *)name; - temp->len = PORT_Strlen(name); - SEC_ASN1EncodeItem (arena, &(genName->name.OthName.name), temp, - CERTIA5TypeTemplate); - } - PORT_Free(temp); - break; - } - - case certDirectoryName: { - CERTName *directoryName = NULL; - - directoryName = CERT_AsciiToName (name); - if (!directoryName) { - error_out("ERROR: Improperly formated alternative name"); - break; - } - rv = CERT_CopyName (arena, &genName->name.directoryName, - directoryName); - CERT_DestroyName (directoryName); - - break; - } - } - genName->l.next = &(genName->l); - genName->l.prev = &(genName->l); - return rv; -} - - -static CERTGeneralName * -MakeAltName(Pair *data, - char *which, - PRArenaPool *arena) -{ - CERTGeneralName *SubAltName; - CERTGeneralName *current; - CERTGeneralName *newname; - char *name = NULL; - SECStatus rv = SECSuccess; - int len; - - - len = PORT_Strlen(which); - name = find_field(data, which, PR_TRUE); - SubAltName = current = (CERTGeneralName *) PORT_ZAlloc - (sizeof(CERTGeneralName)); - if (current == NULL) { - error_allocate(); - } - while (name != NULL) { - - rv = MakeGeneralName(name, current, arena); - - if (rv != SECSuccess) { - break; - } - if (*(which + len -1) < '9') { - *(which + len - 1) = *(which + len - 1) + 1; - } else { - if (isdigit(*(which + len - 2) )) { - *(which + len - 2) = *(which + len - 2) + 1; - *(which + len - 1) = '0'; - } else { - *(which + len - 1) = '1'; - *(which + len) = '0'; - *(which + len + 1) = '\0'; - len++; - } - } - len = PORT_Strlen(which); - name = find_field(data, which, PR_TRUE); - if (name != NULL) { - newname = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName)); - if (newname == NULL) { - error_allocate(); - } - current->l.next = &(newname->l); - newname->l.prev = &(current->l); - current = newname; - newname = NULL; - } else { - current->l.next = &(SubAltName->l); - SubAltName->l.prev = &(current->l); - } - } - if (rv == SECFailure) { - return NULL; - } - return SubAltName; -} - -static CERTNameConstraints * -MakeNameConstraints(Pair *data, - PRArenaPool *arena) -{ - CERTNameConstraints *NameConstraints; - CERTNameConstraint *current = NULL; - CERTNameConstraint *last_permited = NULL; - CERTNameConstraint *last_excluded = NULL; - char *constraint = NULL; - char *which; - SECStatus rv = SECSuccess; - int len; - int i; - long max; - long min; - PRBool permited; - - - NameConstraints = (CERTNameConstraints *) PORT_ZAlloc - (sizeof(CERTNameConstraints)); - which = make_copy_string("NameConstraintSelect0", 25,'\0'); - len = PORT_Strlen(which); - constraint = find_field(data, which, PR_TRUE); - NameConstraints->permited = NameConstraints->excluded = NULL; - while (constraint != NULL) { - current = (CERTNameConstraint *) PORT_ZAlloc - (sizeof(CERTNameConstraint)); - if (current == NULL) { - error_allocate(); - } - i = 0; - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - max = (long) atoi(constraint + PORT_Strlen(constraint) + 3); - if (max > 0) { - (void) SEC_ASN1EncodeInteger(arena, ¤t->max, max); - } - i = 0; - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - min = (long) atoi(constraint + PORT_Strlen(constraint) + 3); - (void) SEC_ASN1EncodeInteger(arena, ¤t->min, min); - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') { - permited = PR_TRUE; - } else { - permited = PR_FALSE; - } - rv = MakeGeneralName(constraint, &(current->name), arena); - - if (rv != SECSuccess) { - break; - } - if (*(which + len - 1) < '9') { - *(which + len - 1) = *(which + len - 1) + 1; - } else { - if (isdigit(*(which + len - 2) )) { - *(which + len - 2) = *(which + len - 2) + 1; - *(which + len - 1) = '0'; - } else { - *(which + len - 1) = '1'; - *(which + len) = '0'; - *(which + len + 1) = '\0'; - len++; - } - } - len = PORT_Strlen(which); - if (permited) { - if (NameConstraints->permited == NULL) { - NameConstraints->permited = last_permited = current; - } - last_permited->l.next = &(current->l); - current->l.prev = &(last_permited->l); - last_permited = current; - } else { - if (NameConstraints->excluded == NULL) { - NameConstraints->excluded = last_excluded = current; - } - last_excluded->l.next = &(current->l); - current->l.prev = &(last_excluded->l); - last_excluded = current; - } - constraint = find_field(data, which, PR_TRUE); - if (constraint != NULL) { - current = (CERTNameConstraint *) PORT_ZAlloc(sizeof(CERTNameConstraint)); - if (current == NULL) { - error_allocate(); - } - } - } - if (NameConstraints->permited != NULL) { - last_permited->l.next = &(NameConstraints->permited->l); - NameConstraints->permited->l.prev = &(last_permited->l); - } - if (NameConstraints->excluded != NULL) { - last_excluded->l.next = &(NameConstraints->excluded->l); - NameConstraints->excluded->l.prev = &(last_excluded->l); - } - if (which != NULL) { - PORT_Free(which); - } - if (rv == SECFailure) { - return NULL; - } - return NameConstraints; -} - - - -static SECStatus -AddAltName(void *extHandle, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle, - int type) -{ - PRBool autoIssuer = PR_FALSE; - PRArenaPool *arena = NULL; - CERTGeneralName *genName = NULL; - CERTName *directoryName = NULL; - char *which = NULL; - char *name = NULL; - SECStatus rv = SECSuccess; - SECItem *issuersAltName = NULL; - CERTCertificate *issuerCert = NULL; - void *mark = NULL; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - error_allocate(); - } - if (type == 0) { - which = make_copy_string("SubAltNameSelect0", 20,'\0'); - genName = MakeAltName(data, which, arena); - } else { - if (autoIssuer) { - autoIssuer = find_field_bool(data,"IssuerAltNameSourceRadio-auto", - PR_TRUE); - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - rv = cert_FindExtension((*issuerCert).extensions, - SEC_OID_X509_SUBJECT_ALT_NAME, - issuersAltName); - if (issuersAltName == NULL) { - name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4); - PORT_Strcpy(name, (*issuerCert).subjectName); - PORT_Strcat(name, " - 5"); - } - } else { - which = make_copy_string("IssuerAltNameSelect0", 20,'\0'); - genName = MakeAltName(data, which, arena); - } - } - if (type == 0) { - EncodeAndAddExtensionValue(arena, extHandle, genName, - find_field_bool(data, "SubAltName-crit", - PR_TRUE), - SEC_OID_X509_SUBJECT_ALT_NAME, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAltNameExtension); - - } else { - if (autoIssuer && (name == NULL)) { - rv = CERT_AddExtension - (extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName, - find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE); - } else { - EncodeAndAddExtensionValue(arena, extHandle, genName, - find_field_bool(data, - "IssuerAltName-crit", - PR_TRUE), - SEC_OID_X509_ISSUER_ALT_NAME, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAltNameExtension); - } - } - if (which != NULL) { - PORT_Free(which); - } - if (issuerCert != NULL) { - CERT_DestroyCertificate(issuerCert); - } -#if 0 - if (arena != NULL) { - PORT_ArenaRelease (arena, mark); - } -#endif - return rv; -} - - -static SECStatus -AddNameConstraints(void *extHandle, - Pair *data) -{ - PRBool autoIssuer = PR_FALSE; - PRArenaPool *arena = NULL; - CERTNameConstraints *constraints = NULL; - char *constraint = NULL; - SECStatus rv = SECSuccess; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - error_allocate(); - } - constraints = MakeNameConstraints(data, arena); - if (constraints != NULL) { - EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE, - SEC_OID_X509_NAME_CONSTRAINTS, - (EXTEN_VALUE_ENCODER) - CERT_EncodeNameConstraintsExtension); - } - if (arena != NULL) { - PORT_ArenaRelease (arena, NULL); - } - return rv; -} - - -static SECStatus -add_extensions(CERTCertificate *subjectCert, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle) -{ - void *extHandle; - SECStatus rv = SECSuccess; - - - extHandle = CERT_StartCertExtensions (subjectCert); - if (extHandle == NULL) { - error_out("ERROR: Unable to get certificates extension handle"); - } - if (find_field_bool(data, "keyUsage", PR_TRUE)) { - rv = AddKeyUsage(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Key Usage extension"); - } - } - - if( find_field_bool(data, "extKeyUsage", PR_TRUE) ) { - rv = AddExtKeyUsage(extHandle, data); - if( SECSuccess != rv ) { - error_out("ERROR: Unable to add Extended Key Usage extension"); - } - } - - if (find_field_bool(data, "basicConstraints", PR_TRUE)) { - rv = AddBasicConstraint(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Basic Constraint extension"); - } - } - if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) { - rv = AddSubKeyID(extHandle, data, subjectCert); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Subject Key Identifier Extension"); - } - } - if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) { - rv = AddAuthKeyID (extHandle, data, issuerNameStr, handle); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Authority Key Identifier extension"); - } - } - if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) { - rv = AddPrivKeyUsagePeriod (extHandle, data, subjectCert); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Private Key Usage Period extension"); - } - } - if (find_field_bool(data, "SubAltName", PR_TRUE)) { - rv = AddAltName (extHandle, data, NULL, NULL, 0); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Subject Alternative Name extension"); - } - } - if (find_field_bool(data, "IssuerAltName", PR_TRUE)) { - rv = AddAltName (extHandle, data, issuerNameStr, handle, 1); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Issuer Alternative Name Extension"); - } - } - if (find_field_bool(data, "NameConstraints", PR_TRUE)) { - rv = AddNameConstraints(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Name Constraints Extension"); - } - } - if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) { - rv = AddNscpCertType(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Certificate Type Extension"); - } - } - if (find_field_bool(data, "netscape-base-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, "netscape-base-url-text", - PR_TRUE), - find_field_bool(data, - "netscape-base-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_BASE_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Base URL Extension"); - } - } - if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-revocation-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-revocation-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_REVOCATION_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Revocation URL Extension"); - } - } - if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ca-revocation-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-ca-revocation-url-crit" - , PR_TRUE), - SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape CA Revocation URL Extension"); - } - } - if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-cert-renewal-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-cert-renewal-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension"); - } - } - if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ca-policy-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-ca-policy-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_CA_POLICY_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape CA Policy URL Extension"); - } - } - if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ssl-server-name-text", - PR_TRUE), - find_field_bool - (data, "netscape-ssl-server-name-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape SSL Server Name Extension"); - } - } - if (find_field_bool(data, "netscape-comment", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, "netscape-comment-text", - PR_TRUE), - find_field_bool(data, - "netscape-comment-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_COMMENT); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Comment Extension"); - } - } - CERT_FinishExtensions(extHandle); - return (rv); -} - - - -char * -return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data) -{ - char *rv; - - /* don't clobber our poor smart card */ - if (retry == PR_TRUE) { - return NULL; - } - rv = PORT_Alloc(4); - PORT_Strcpy(rv, "foo"); - return rv; -} - - -SECKEYPrivateKey * -FindPrivateKeyFromNameStr(char *name, - CERTCertDBHandle *certHandle) -{ - SECKEYPrivateKey *key; - CERTCertificate *cert; - CERTCertificate *p11Cert; - SECStatus status = SECSuccess; - - - /* We don't presently have a PK11 function to find a cert by - ** subject name. - ** We do have a function to find a cert in the internal slot's - ** cert db by subject name, but it doesn't setup the slot info. - ** So, this HACK works, but should be replaced as soon as we - ** have a function to search for certs accross slots by subject name. - */ - cert = CERT_FindCertByNameString(certHandle, name); - if (cert == NULL || cert->nickname == NULL) { - error_out("ERROR: Unable to retrieve issuers certificate"); - } - p11Cert = PK11_FindCertFromNickname(cert->nickname, NULL); - if (p11Cert == NULL) { - error_out("ERROR: Unable to retrieve issuers certificate"); - } - key = PK11_FindKeyByAnyCert(p11Cert, NULL); - return key; -} - -static SECItem * -SignCert(CERTCertificate *cert, - char *issuerNameStr, - Pair *data, - CERTCertDBHandle *handle, - int which_key) -{ - SECItem der; - SECItem *result = NULL; - SECKEYPrivateKey *caPrivateKey = NULL; - SECStatus rv; - PRArenaPool *arena; - SECOidTag algID; - - if (which_key == 0) { - caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle); - } else { - caPrivateKey = privkeys[which_key - 1]; - } - if (caPrivateKey == NULL) { - error_out("ERROR: unable to retrieve issuers key"); - } - - arena = cert->arena; - - switch(caPrivateKey->keyType) { - case rsaKey: - algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - error_out("ERROR: Unknown key type for issuer."); - goto done; - break; - } - - rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0); - if (rv != SECSuccess) { - error_out("ERROR: Could not set signature algorithm id."); - } - - if (find_field_bool(data,"ver-1", PR_TRUE)) { - *(cert->version.data) = 0; - cert->version.len = 1; - } else { - *(cert->version.data) = 2; - cert->version.len = 1; - } - der.data = NULL; - der.len = 0; - (void) SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate); - if (der.data == NULL) { - error_out("ERROR: Could not encode certificate.\n"); - } - rv = SEC_DerSignData (arena, &(cert->derCert), der.data, der.len, caPrivateKey, - algID); - if (rv != SECSuccess) { - error_out("ERROR: Could not sign encoded certificate data.\n"); - } -done: - SECKEY_DestroyPrivateKey(caPrivateKey); - return &(cert->derCert); -} - - -int -main(int argc, char **argv) -{ - int length = 500; - int remaining = 500; - int n; - int fields = 3; - int i; - int serial; - int chainLen; - int which_key; - char *pos; -#ifdef OFFLINE - char *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iydzPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXcsAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZaOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dtrue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoiceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24"; -#else - char *form_output; -#endif - char *issuerNameStr; - char *certName; - char *DBdir = DB_DIRECTORY; - char *prefixs[10] = {"CA#1-", "CA#2-", "CA#3-", - "CA#4-", "CA#5-", "CA#6-", - "CA#7-", "CA#8-", "CA#9-", ""}; - Pair *form_data; - CERTCertificate *cert; - CERTCertDBHandle *handle; - CERTCertificateRequest *certReq = NULL; - int warpmonths = 0; - SECItem *certDER; -#ifdef FILEOUT - FILE *outfile; -#endif - SECStatus status = SECSuccess; - extern char prefix[PREFIX_LEN]; - SEC_PKCS7ContentInfo *certChain; - SECItem *encodedCertChain; - PRBool UChain = PR_FALSE; - - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - -#ifdef TEST - sleep(20); -#endif - SECU_ConfigDirectory(DBdir); - - PK11_SetPasswordFunc(return_dbpasswd); - status = NSS_InitReadWrite(DBdir); - if (status != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - handle = CERT_GetDefaultCertDB(); - - prefix[0]= '\0'; -#if !defined(OFFLINE) - form_output = (char*) PORT_Alloc(length); - if (form_output == NULL) { - error_allocate(); - } - pos = form_output; - while (feof(stdin) == 0 ) { - if (remaining <= 1) { - remaining += length; - length = length * 2; - form_output = PORT_Realloc(form_output, (length)); - if (form_output == NULL) { - error_allocate(); - } - pos = form_output + length - remaining; - } - n = fread(pos, 1, (size_t) (remaining - 1), stdin); - pos += n; - remaining -= n; - } - *pos = '&'; - pos++; - length = pos - form_output; -#else - length = PORT_Strlen(form_output); -#endif -#ifdef FILEOUT - printf("Content-type: text/plain\n\n"); - fwrite(form_output, 1, (size_t)length, stdout); - printf("\n"); -#endif -#ifdef FILEOUT - fwrite(form_output, 1, (size_t)length, stdout); - printf("\n"); - fflush(stdout); -#endif - form_data = make_datastruct(form_output, length); - status = clean_input(form_data); -#if !defined(OFFLINE) - PORT_Free(form_output); -#endif -#ifdef FILEOUT - i = 0; - while(return_name(form_data, i) != NULL) { - printf("%s",return_name(form_data,i)); - printf("=\n"); - printf("%s",return_data(form_data,i)); - printf("\n"); - i++; - } - printf("I got that done, woo hoo\n"); - fflush(stdout); -#endif - issuerNameStr = PORT_Alloc(200); - if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain", - PR_FALSE)) { - UChain = PR_TRUE; - chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE)); - PORT_Strcpy(prefix, prefixs[0]); - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=Cert-O-Matic II, O=Cert-O-Matic II"); - if (chainLen == 0) { - UChain = PR_FALSE; - } - } else { - if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain", - PR_FALSE)) { - PORT_Strcpy(prefix,prefixs[9]); - chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE)); - if (chainLen < 1 || chainLen > 18) { - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=CA18, O=Cert-O-Matic II"); - } - issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA"); - issuerNameStr = PORT_Strcat(issuerNameStr, - find_field(form_data,"autoCAs", PR_FALSE)); - issuerNameStr = PORT_Strcat(issuerNameStr,", O=Cert-O-Matic II"); - } else { - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=Cert-O-Matic II, O=Cert-O-Matic II"); - } - chainLen = 0; - } - - i = -1; - which_key = 0; - do { - extern SECStatus cert_GetKeyID(CERTCertificate *cert); - i++; - if (i != 0 && UChain) { - PORT_Strcpy(prefix, prefixs[i]); - } - /* find_field(form_data,"subject", PR_TRUE); */ - certReq = makeCertReq(form_data, which_key); -#ifdef OFFLINE - serial = 900; -#else - serial = get_serial_number(form_data); -#endif - cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE, - serial, warpmonths, form_data); - if (certReq != NULL) { - CERT_DestroyCertificateRequest(certReq); - } - if (find_field_bool(form_data,"ver-3", PR_TRUE)) { - status = add_extensions(cert, form_data, issuerNameStr, handle); - if (status != SECSuccess) { - error_out("ERROR: Unable to add extensions"); - } - } - status = cert_GetKeyID(cert); - if (status == SECFailure) { - error_out("ERROR: Unable to get Key ID."); - } - certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key); - CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE); - issuerNameStr = find_field(form_data, "subject", PR_TRUE); - /* SECITEM_FreeItem(certDER, PR_TRUE); */ - CERT_DestroyCertificate(cert); - if (i == (chainLen - 1)) { - i = 8; - } - ++which_key; - } while (i < 9 && UChain); - - - -#ifdef FILEOUT - outfile = fopen("../certout", "wb"); -#endif - certName = find_field(form_data, "subject", PR_FALSE); - cert = CERT_FindCertByNameString(handle, certName); - certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, handle); - if (certChain == NULL) { - error_out("ERROR: No certificates in cert chain"); - } - encodedCertChain = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, - NULL); - if (encodedCertChain) { -#if !defined(FILEOUT) - printf("Content-type: application/x-x509-user-cert\r\n"); - printf("Content-length: %d\r\n\r\n", encodedCertChain->len); - fwrite (encodedCertChain->data, 1, encodedCertChain->len, stdout); -#else - fwrite (encodedCertChain->data, 1, encodedCertChain->len, outfile); -#endif - - } else { - error_out("Error: Unable to DER encode certificate"); - } -#ifdef FILEOUT - printf("\nI got here!\n"); - fflush(outfile); - fclose(outfile); -#endif - fflush(stdout); - return 0; -} - diff --git a/security/nss/cmd/certcgi/index.html b/security/nss/cmd/certcgi/index.html deleted file mode 100644 index 0bd79f3ce7..0000000000 --- a/security/nss/cmd/certcgi/index.html +++ /dev/null @@ -1,956 +0,0 @@ - - - - - - - -Cert-O-Matic - - - - - diff --git a/security/nss/cmd/certcgi/main.html b/security/nss/cmd/certcgi/main.html deleted file mode 100644 index 50e138aeeb..0000000000 --- a/security/nss/cmd/certcgi/main.html +++ /dev/null @@ -1,105 +0,0 @@ - - - - Main Layer for CertOMatic - - -
- - - - - - - - - - - - - - - - - - - - - - -
- Common Name:

- 		- Organization:

- MAIL= - - E= - - - - Organizational Unit:

- UID=

- Locality:

- State or Province:

- Country:

- Serial Number: -
Auto Generate -
- Use this hex value: 

-
- X.509 version: -
Version 1 -
Version 3

- Key Type: -
RSA -
DSA

- Intermediate CA Key Sizes: -
-
- Validity: -
- Generate Automatically -
Use these values: -
Not Before:  -
Not After:    -
         - YYMMDDhhmm[ss]{Z|+hhmm|-hhmm} -
- DN:

-
- diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn deleted file mode 100644 index 9d659f8215..0000000000 --- a/security/nss/cmd/certcgi/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIREd. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = certcgi.c - -PROGRAM = certcgi - -USE_STATIC_LIBS = 1 - diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html deleted file mode 100644 index de939eecb5..0000000000 --- a/security/nss/cmd/certcgi/nscp_ext_form.html +++ /dev/null @@ -1,113 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - -
- Netscape Certificate Type:

- Activate extension:

- Critical: - 		- SSL Client

- SSL Server

- S/MIME

- Object Signing

- Reserved for future use (bit 4)

- SSL CA

- S/MIME CA

- Object Signing CA

-
- Netscape Base URL:

- Activate extension:

- Critical: - 		- -
- Netscape Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape Certificate Renewal URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Policy URL:

- Activate extension:

- Critical: - 		- -
- Netscape SSL Server Name:

- Activate extension:

- Critical: - 		- -
- Netscape Comment:

- Activate extension:

- Critical: - 		- -
- - diff --git a/security/nss/cmd/certcgi/stnd_ext_form.html b/security/nss/cmd/certcgi/stnd_ext_form.html deleted file mode 100644 index ece9b2ff70..0000000000 --- a/security/nss/cmd/certcgi/stnd_ext_form.html +++ /dev/null @@ -1,247 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Key Usage:

- Activate extension:

- Critical: - 		- Digital Signature

- Non Repudiation

- Key Encipherment

- Data Encipherment

- Key Agreement

- Key Certificate Signing

- CRL Signing

-
- Extended Key Usage:

- Activate extension:

- Critical: - 		- Server Auth

- Client Auth

- Code Signing

- Email Protection

- Timestamp

- OCSP Responder

- Step-up

-
- Basic Constraints:

- Activate extension:

- Critical: - 		- CA:

-
True

-
False

- - Include Path length:

-
- Authority Key Identifier:

- Activate extension: - 		- Key Identider

- Issuer Name and Serial number

-
- Subject Key Identifier:

- Activate extension: - 		- Key Identifier: -

- This is an:

-

ascii text value

-

hex value

-

- Private Key Usage Period:

- Activate extension:

- Critical: - 		- Use:

-
Not Before

-
Not After

-
Both

- Not to be used to sign before:

-
Set to time of certificate issue

-
Use This value

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

- Not to be used to sign after:

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

-
- Subject Alternative Name:

- Activate extension:

- Critical: - 		- - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID - Netscape Certificate Nickname
- Name: - Binary Encoded:

-
-
- Issuer Alternative Name:

- Activate extension:

- Critical: - 		- Use the Subject Alternative Name from the Issuers Certificate

- Use this Name: - - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

-
-
- Name Constraints:

- Activate extension:

- 		- - - -
- Name Constraints:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

- Constraint type:

-

permited

-

excluded

- Minimum:

- Maximum:

-
-
- - - - - - - - - - diff --git a/security/nss/cmd/certutil/Makefile b/security/nss/cmd/certutil/Makefile deleted file mode 100644 index 8650a607d7..0000000000 --- a/security/nss/cmd/certutil/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c deleted file mode 100644 index a32d2fd65f..0000000000 --- a/security/nss/cmd/certutil/certutil.c +++ /dev/null @@ -1,2781 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** certutil.c -** -** utility for managing certificates and the cert database -** -*/ -#include -#include - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "secasn1.h" -#include "cert.h" -#include "cryptohi.h" -#include "secoid.h" -#include "certdb.h" -#include "nss.h" - -#define MIN_KEY_BITS 512 -#define MAX_KEY_BITS 2048 -#define DEFAULT_KEY_BITS 1024 - -#define GEN_BREAK(e) rv=e; break; - - -extern SECKEYPrivateKey *CERTUTIL_GeneratePrivateKey(KeyType keytype, - PK11SlotInfo *slot, - int rsasize, - int publicExponent, - char *noise, - SECKEYPublicKey **pubkeyp, - char *pqgFile, - secuPWData *pwdata); - -static char *progName; - -static CERTGeneralName * -GetGeneralName (PRArenaPool *arena) -{ - CERTGeneralName *namesList = NULL; - CERTGeneralName *current; - CERTGeneralName *tail = NULL; - SECStatus rv = SECSuccess; - int intValue; - char buffer[512]; - void *mark; - - PORT_Assert (arena); - mark = PORT_ArenaMark (arena); - do { - puts ("\nSelect one of the following general name type: \n"); - puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n"); - puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n"); - puts ("\t7 - uniformResourceidentifier\n\t8 - ipAddress\n\t9 - registerID\n"); - puts ("\tOther - omit\n\t\tChoice:"); - scanf ("%d", &intValue); - if (intValue >= certOtherName || intValue <= certRegisterID) { - if (namesList == NULL) { - namesList = current = tail = (CERTGeneralName *) PORT_ArenaAlloc - (arena, sizeof (CERTGeneralName)); - } else { - current = (CERTGeneralName *) PORT_ArenaAlloc(arena, - sizeof (CERTGeneralName)); - } - if (current == NULL) { - GEN_BREAK (SECFailure); - } - } else { - break; - } - current->type = intValue; - puts ("\nEnter data:"); - fflush (stdout); - gets (buffer); - switch (current->type) { - case certURI: - case certDNSName: - case certRFC822Name: - current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer)); - if (current->name.other.data == NULL) { - GEN_BREAK (SECFailure); - } - PORT_Memcpy - (current->name.other.data, buffer, current->name.other.len = strlen(buffer)); - break; - - case certEDIPartyName: - case certIPAddress: - case certOtherName: - case certRegisterID: - case certX400Address: { - - current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer) + 2); - if (current->name.other.data == NULL) { - GEN_BREAK (SECFailure); - } - - PORT_Memcpy (current->name.other.data + 2, buffer, strlen (buffer)); - /* This may not be accurate for all cases. For now, use this tag type */ - current->name.other.data[0] = (char)(((current->type - 1) & 0x1f)| 0x80); - current->name.other.data[1] = (char)strlen (buffer); - current->name.other.len = strlen (buffer) + 2; - break; - } - - case certDirectoryName: { - CERTName *directoryName = NULL; - - directoryName = CERT_AsciiToName (buffer); - if (!directoryName) { - fprintf(stderr, "certutil: improperly formatted name: \"%s\"\n", buffer); - break; - } - - rv = CERT_CopyName (arena, ¤t->name.directoryName, directoryName); - CERT_DestroyName (directoryName); - - break; - } - } - if (rv != SECSuccess) - break; - current->l.next = &(namesList->l); - current->l.prev = &(tail->l); - tail->l.next = &(current->l); - tail = current; - - }while (1); - - if (rv != SECSuccess) { - PORT_SetError (rv); - PORT_ArenaRelease (arena, mark); - namesList = NULL; - } - return (namesList); -} - -static SECStatus -GetString(PRArenaPool *arena, char *prompt, SECItem *value) -{ - char buffer[251]; - - value->data = NULL; - value->len = 0; - - puts (prompt); - gets (buffer); - if (strlen (buffer) > 0) { - value->data = PORT_ArenaAlloc (arena, strlen (buffer)); - if (value->data == NULL) { - PORT_SetError (SEC_ERROR_NO_MEMORY); - return (SECFailure); - } - PORT_Memcpy (value->data, buffer, value->len = strlen(buffer)); - } - return (SECSuccess); -} - -static CERTCertificateRequest * -GetCertRequest(PRFileDesc *inFile, PRBool ascii) -{ - CERTCertificateRequest *certReq = NULL; - CERTSignedData signedData; - PRArenaPool *arena = NULL; - SECItem reqDER; - SECStatus rv; - - reqDER.data = NULL; - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - GEN_BREAK (SECFailure); - } - - rv = SECU_ReadDERFromFile(&reqDER, inFile, ascii); - if (rv) - break; - certReq = (CERTCertificateRequest*) PORT_ArenaZAlloc - (arena, sizeof(CERTCertificateRequest)); - if (!certReq) - break; - certReq->arena = arena; - - /* Since cert request is a signed data, must decode to get the inner - data - */ - PORT_Memset(&signedData, 0, sizeof(signedData)); - rv = SEC_ASN1DecodeItem(arena, &signedData, - SEC_ASN1_GET(CERT_SignedDataTemplate), &reqDER); - if (rv) - break; - - rv = SEC_ASN1DecodeItem(arena, certReq, - SEC_ASN1_GET(CERT_CertificateRequestTemplate), &signedData.data); - } while (0); - - if (!rv) { - rv = CERT_VerifySignedDataWithPubKeyInfo(&signedData, - &certReq->subjectPublicKeyInfo, - NULL /* wincx */); - } - - if (rv) { - PRErrorCode perr = PR_GetError(); - fprintf(stderr, "%s: unable to decode DER cert request (%s)\n", progName, - SECU_Strerror(perr)); - } - return (certReq); -} - -static PRBool -GetYesNo(char *prompt) -{ - char buf[3]; - - PR_Sync(PR_STDIN); - PR_Write(PR_STDOUT, prompt, strlen(prompt)+1); - PR_Read(PR_STDIN, buf, sizeof(buf)); - return (buf[0] == 'y' || buf[0] == 'Y') ? PR_TRUE : PR_FALSE; -#if 0 - char charValue; - - puts (prompt); - scanf ("%c", &charValue); - if (charValue != 'y' && charValue != 'Y') - return (0); - return (1); -#endif -} - -static SECStatus -AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts, - PRFileDesc *inFile, PRBool ascii, PRBool emailcert, void *pwdata) -{ - CERTCertTrust *trust = NULL; - CERTCertificate *cert = NULL, *tempCert = NULL; - SECItem certDER; - SECStatus rv; - - certDER.data = NULL; - do { - /* Read in the entire file specified with the -i argument */ - rv = SECU_ReadDERFromFile(&certDER, inFile, ascii); - if (rv != SECSuccess) { - SECU_PrintError(progName, "unable to read input file"); - break; - } - - /* Read in an ASCII cert and return a CERTCertificate */ - cert = CERT_DecodeCertFromPackage((char *)certDER.data, certDER.len); - if (!cert) { - SECU_PrintError(progName, "could not obtain certificate from file"); - GEN_BREAK(SECFailure); - } - - /* Create a cert trust to pass to SEC_AddPermCertificate */ - trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); - if (!trust) { - SECU_PrintError(progName, "unable to allocate cert trust"); - GEN_BREAK(SECFailure); - } - - rv = CERT_DecodeTrustString(trust, trusts); - if (rv) { - SECU_PrintError(progName, "unable to decode trust string"); - GEN_BREAK(SECFailure); - } - - if (!PK11_IsFriendly(slot)) { - rv = PK11_Authenticate(slot, PR_TRUE, pwdata); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not authenticate to token or database"); - GEN_BREAK(SECFailure); - } - } - - rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not add certificate to token or database"); - GEN_BREAK(SECFailure); - } - - rv = CERT_ChangeCertTrust(handle, cert, trust); - if (rv != SECSuccess) { - SECU_PrintError(progName, "could not change trust on certificate"); - GEN_BREAK(SECFailure); - } - - if ( emailcert ) { - CERT_SaveSMimeProfile(cert, NULL, pwdata); - } - - } while (0); - - CERT_DestroyCertificate (cert); - PORT_Free(trust); - PORT_Free(certDER.data); - - return rv; -} - -static SECStatus -CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType, - CERTName *subject, char *phone, int ascii, const char *emailAddrs, - PRFileDesc *outFile) -{ - CERTSubjectPublicKeyInfo *spki; - CERTCertificateRequest *cr; - SECItem *encoding; - SECItem result; - SECStatus rv; - PRArenaPool *arena; - PRInt32 numBytes; - - /* Create info about public key */ - spki = SECKEY_CreateSubjectPublicKeyInfo(pubk); - if (!spki) { - SECU_PrintError(progName, "unable to create subject public key"); - return SECFailure; - } - - /* Generate certificate request */ - cr = CERT_CreateCertificateRequest(subject, spki, 0); - if (!cr) { - SECU_PrintError(progName, "unable to make certificate request"); - return SECFailure; - } - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - SECU_PrintError(progName, "out of memory"); - return SECFailure; - } - - /* Der encode the request */ - encoding = SEC_ASN1EncodeItem(arena, NULL, cr, - SEC_ASN1_GET(CERT_CertificateRequestTemplate)); - if (encoding == NULL) { - SECU_PrintError(progName, "der encoding of request failed"); - return SECFailure; - } - - /* Sign the request */ - switch (keyType) { - case rsaKey: - rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, - privk, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION); - break; - case dsaKey: - rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, - privk, SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST); - break; - default: - SECU_PrintError(progName, "Must use rsa or dsa key type"); - return SECFailure; - } - - if (rv) { - SECU_PrintError(progName, "signing of data failed"); - return SECFailure; - } - - /* Encode request in specified format */ - if (ascii) { - char *obuf; - char *name, *email, *org, *state, *country; - SECItem *it; - int total; - - it = &result; - - obuf = BTOA_ConvertItemToAscii(it); - total = PL_strlen(obuf); - - name = CERT_GetCommonName(subject); - if (!name) { - fprintf(stderr, "You must specify a common name\n"); - return SECFailure; - } - - if (!phone) - phone = strdup("(not specified)"); - - email = CERT_GetCertEmailAddress(subject); - if (!email) - email = strdup("(not specified)"); - - org = CERT_GetOrgName(subject); - if (!org) - org = strdup("(not specified)"); - - state = CERT_GetStateName(subject); - if (!state) - state = strdup("(not specified)"); - - country = CERT_GetCountryName(subject); - if (!country) - country = strdup("(not specified)"); - - PR_fprintf(outFile, - "\nCertificate request generated by Netscape certutil\n"); - PR_fprintf(outFile, "Phone: %s\n\n", phone); - PR_fprintf(outFile, "Common Name: %s\n", name); - PR_fprintf(outFile, "Email: %s\n", email); - PR_fprintf(outFile, "Organization: %s\n", org); - PR_fprintf(outFile, "State: %s\n", state); - PR_fprintf(outFile, "Country: %s\n\n", country); - - PR_fprintf(outFile, "%s\n", NS_CERTREQ_HEADER); - numBytes = PR_Write(outFile, obuf, total); - if (numBytes != total) { - SECU_PrintSystemError(progName, "write error"); - return SECFailure; - } - PR_fprintf(outFile, "\n%s\n", NS_CERTREQ_TRAILER); - } else { - numBytes = PR_Write(outFile, result.data, result.len); - if (numBytes != (int)result.len) { - SECU_PrintSystemError(progName, "write error"); - return SECFailure; - } - } - return SECSuccess; -} - -static SECStatus -ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts) -{ - SECStatus rv; - CERTCertificate *cert; - CERTCertTrust *trust; - - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - return SECFailure; - } - - trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); - if (!trust) { - SECU_PrintError(progName, "unable to allocate cert trust"); - return SECFailure; - } - - /* This function only decodes these characters: pPwcTCu, */ - rv = CERT_DecodeTrustString(trust, trusts); - if (rv) { - SECU_PrintError(progName, "unable to decode trust string"); - return SECFailure; - } - - rv = CERT_ChangeCertTrust(handle, cert, trust); - if (rv) { - SECU_PrintError(progName, "unable to modify trust attributes"); - return SECFailure; - } - CERT_DestroyCertificate(cert); - - return SECSuccess; -} - -static SECStatus -printCertCB(CERTCertificate *cert, void *arg) -{ - SECStatus rv; - SECItem data; - CERTCertTrust *trust = (CERTCertTrust *)arg; - - data.data = cert->derCert.data; - data.len = cert->derCert.len; - - rv = SECU_PrintSignedData(stdout, &data, "Certificate", 0, - SECU_PrintCertificate); - if (rv) { - SECU_PrintError(progName, "problem printing certificate"); - return(SECFailure); - } - if (trust) { - SECU_PrintTrustFlags(stdout, trust, - "Certificate Trust Flags", 1); - } else if (cert->trust) { - SECU_PrintTrustFlags(stdout, cert->trust, - "Certificate Trust Flags", 1); - } - - printf("\n"); - - return(SECSuccess); -} - -static SECStatus -DumpChain(CERTCertDBHandle *handle, char *name) -{ - CERTCertificate *the_cert; - CERTCertificateList *chain; - int i, j; - the_cert = PK11_FindCertFromNickname(name, NULL); - if (!the_cert) { - SECU_PrintError(progName, "Could not find: %s\n", name); - return SECFailure; - } - chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE); - CERT_DestroyCertificate(the_cert); - if (!chain) { - SECU_PrintError(progName, "Could not obtain chain for: %s\n", name); - return SECFailure; - } - for (i=chain->len-1; i>=0; i--) { - CERTCertificate *c; - c = CERT_FindCertByDERCert(handle, &chain->certs[i]); - for (j=i; jlen-1; j++) printf(" "); - printf("\"%s\" [%s]\n\n", c->nickname, c->subjectName); - CERT_DestroyCertificate(c); - } - CERT_DestroyCertificateList(chain); - return SECSuccess; -} - -static SECStatus -listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot, - PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg) -{ - SECItem data; - PRInt32 numBytes; - SECStatus rv = SECFailure; - - /* List certs on a non-internal slot. */ - if (!PK11_IsFriendly(slot) && PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, pwarg); - if (name) { - CERTCertificate *the_cert; - the_cert = PK11_FindCertFromNickname(name, NULL); - if (!the_cert) { - SECU_PrintError(progName, "Could not find: %s\n", name); - return SECFailure; - } - data.data = the_cert->derCert.data; - data.len = the_cert->derCert.len; - if (ascii) { - PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER, - BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER); - rv = SECSuccess; - } else if (raw) { - numBytes = PR_Write(outfile, data.data, data.len); - if (numBytes != data.len) { - SECU_PrintSystemError(progName, "error writing raw cert"); - rv = SECFailure; - } - rv = SECSuccess; - } else { - rv = printCertCB(the_cert, the_cert->trust); - } - CERT_DestroyCertificate(the_cert); - } else { - CERTCertList *certs; - CERTCertListNode *node; - - certs = PK11_ListCertsInSlot(slot); - if (certs) { - for (node = CERT_LIST_HEAD(certs); !CERT_LIST_END(node,certs); - node = CERT_LIST_NEXT(node)) { - SECU_PrintCertNickname(node->cert,stdout); - } - CERT_DestroyCertList(certs); - rv = SECSuccess; - } - } - if (rv) { - SECU_PrintError(progName, "problem printing certificate nicknames"); - return SECFailure; - } - - return SECSuccess; /* not rv ?? */ -} - -static SECStatus -ListCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot, - PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata) -{ - SECStatus rv; - - if (slot == NULL) { - CERTCertList *list; - CERTCertListNode *node; - - list = PK11_ListCerts(PK11CertListUnique, pwdata); - for (node = CERT_LIST_HEAD(list); !CERT_LIST_END(node, list); - node = CERT_LIST_NEXT(node)) - { - SECU_PrintCertNickname(node->cert, stdout); - } - CERT_DestroyCertList(list); - return SECSuccess; - } else { - rv = listCerts(handle,name,slot,raw,ascii,outfile,pwdata); - } - return rv; -} - -static SECStatus -DeleteCert(CERTCertDBHandle *handle, char *name) -{ - SECStatus rv; - CERTCertificate *cert; - - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - return SECFailure; - } - - rv = SEC_DeletePermCertificate(cert); - CERT_DestroyCertificate(cert); - if (rv) { - SECU_PrintError(progName, "unable to delete certificate"); - return SECFailure; - } - - return SECSuccess; -} - -static SECStatus -ValidateCert(CERTCertDBHandle *handle, char *name, char *date, - char *certUsage, PRBool checkSig, PRBool logit, secuPWData *pwdata) -{ - SECStatus rv; - CERTCertificate *cert = NULL; - int64 timeBoundary; - SECCertificateUsage usage; - CERTVerifyLog reallog; - CERTVerifyLog *log = NULL; - - switch (*certUsage) { - case 'C': - usage = certificateUsageSSLClient; - break; - case 'V': - usage = certificateUsageSSLServer; - break; - case 'S': - usage = certificateUsageEmailSigner; - break; - case 'R': - usage = certificateUsageEmailRecipient; - break; - default: - PORT_SetError (SEC_ERROR_INVALID_ARGS); - return (SECFailure); - } - do { - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - GEN_BREAK (SECFailure) - } - - if (date != NULL) { - rv = DER_AsciiToTime(&timeBoundary, date); - if (rv) { - SECU_PrintError(progName, "invalid input date"); - GEN_BREAK (SECFailure) - } - } else { - timeBoundary = PR_Now(); - } - - if ( logit ) { - log = &reallog; - - log->count = 0; - log->head = NULL; - log->tail = NULL; - log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( log->arena == NULL ) { - SECU_PrintError(progName, "out of memory"); - GEN_BREAK (SECFailure) - } - } - - rv = CERT_VerifyCertificate(handle, cert, checkSig, usage, - timeBoundary, pwdata, log, &usage); - if ( log ) { - if ( log->head == NULL ) { - fprintf(stdout, "%s: certificate is valid\n", progName); - GEN_BREAK (SECSuccess) - } else { - char *name; - CERTVerifyLogNode *node; - - node = log->head; - while ( node ) { - if ( node->cert->nickname != NULL ) { - name = node->cert->nickname; - } else { - name = node->cert->subjectName; - } - fprintf(stderr, "%s : %s\n", name, - SECU_Strerror(node->error)); - CERT_DestroyCertificate(node->cert); - node = node->next; - } - } - } else { - if (rv != SECSuccess) { - PRErrorCode perr = PORT_GetError(); - fprintf(stdout, "%s: certificate is invalid: %s\n", - progName, SECU_Strerror(perr)); - GEN_BREAK (SECFailure) - } - fprintf(stdout, "%s: certificate is valid\n", progName); - GEN_BREAK (SECSuccess) - } - } while (0); - - if (cert) { - CERT_DestroyCertificate(cert); - } - - return (rv); -} - - -static SECStatus -printKeyCB(SECKEYPublicKey *key, SECItem *data, void *arg) -{ - if (key->keyType == rsaKey) { - fprintf(stdout, "RSA Public-Key:\n"); - SECU_PrintInteger(stdout, &key->u.rsa.modulus, "modulus", 1); - } else { - fprintf(stdout, "DSA Public-Key:\n"); - SECU_PrintInteger(stdout, &key->u.dsa.publicValue, "publicValue", 1); - } - return SECSuccess; -} - -/* callback for listing certs through pkcs11 */ -static SECStatus -secu_PrintKey(FILE *out, int count, SECKEYPrivateKey *key) -{ - char *name; - - name = PK11_GetPrivateKeyNickname(key); - if (name == NULL) { - /* should look up associated cert */ - name = PORT_Strdup("< orphaned >"); - } - fprintf(out, "<%d> %s\n", count, name); - PORT_Free(name); - - return SECSuccess; -} - -static SECStatus -listKeys(PK11SlotInfo *slot, KeyType keyType, void *pwarg) -{ - SECKEYPrivateKeyList *list; - SECKEYPrivateKeyListNode *node; - int count; - - if (PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, pwarg); - - list = PK11_ListPrivateKeysInSlot(slot); - if (list == NULL) { - SECU_PrintError(progName, "problem listing keys"); - return SECFailure; - } - for (count=0, node=PRIVKEY_LIST_HEAD(list) ; !PRIVKEY_LIST_END(node,list); - node= PRIVKEY_LIST_NEXT(node),count++) { - secu_PrintKey(stdout, count, node->key); - } - SECKEY_DestroyPrivateKeyList(list); - - if (count == 0) { - fprintf(stderr, "%s: no keys found\n", progName); - return SECFailure; - } - return SECSuccess; -} - -static SECStatus -ListKeys(PK11SlotInfo *slot, char *keyname, int index, - KeyType keyType, PRBool dopriv, secuPWData *pwdata) -{ - SECStatus rv = SECSuccess; - - if (slot == NULL) { - PK11SlotList *list; - PK11SlotListElement *le; - - list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,pwdata); - if (list) for (le = list->head; le; le = le->next) { - rv = listKeys(le->slot,keyType,pwdata); - } - } else { - rv = listKeys(slot,keyType,pwdata); - } - return rv; -} - -static SECStatus -DeleteKey(char *nickname, secuPWData *pwdata) -{ - SECStatus rv; - CERTCertificate *cert; - PK11SlotInfo *slot; - - slot = PK11_GetInternalKeySlot(); - if (PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, pwdata); - cert = PK11_FindCertFromNickname(nickname, pwdata); - if (!cert) { - PK11_FreeSlot(slot); - return SECFailure; - } - rv = PK11_DeleteTokenCertAndKey(cert, pwdata); - if (rv != SECSuccess) { - SECU_PrintError("problem deleting private key \"%s\"\n", nickname); - } - CERT_DestroyCertificate(cert); - PK11_FreeSlot(slot); - return rv; -} - - -/* - * L i s t M o d u l e s - * - * Print a list of the PKCS11 modules that are - * available. This is useful for smartcard people to - * make sure they have the drivers loaded. - * - */ -static SECStatus -ListModules(void) -{ - PK11SlotList *list; - PK11SlotListElement *le; - - /* get them all! */ - list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,NULL); - if (list == NULL) return SECFailure; - - /* look at each slot*/ - for (le = list->head ; le; le = le->next) { - printf ("\n"); - printf (" slot: %s\n", PK11_GetSlotName(le->slot)); - printf (" token: %s\n", PK11_GetTokenName(le->slot)); - } - PK11_FreeSlotList(list); - - return SECSuccess; -} - -static void -Usage(char *progName) -{ -#define FPS fprintf(stderr, - FPS "Type %s -H for more detailed descriptions\n", progName); - FPS "Usage: %s -N [-d certdir] [-P dbprefix] [-f pwfile]\n", progName); - FPS "Usage: %s -T [-d certdir] [-P dbprefix] [-h token-name] [-f pwfile]\n", progName); - FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", - progName); - FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n" - "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" - "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5]\n" - "\t\t [-6] [-7 emailAddrs]\n", - progName); - FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", - progName); - FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n" - "\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n" - "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|rsa|all]\n", - progName); - FPS "\t\t [-f pwfile] [-X] [-d certdir] [-P dbprefix]\n"); - FPS "\t%s -L [-n cert-name] [-X] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName); - FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n", - progName); - FPS "\t%s -O -n cert-name [-X] [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n" - "\t\t [-y emailAddrs] [-k key-type] [-h token-name] [-f pwfile] [-g key-size]\n", - progName); - FPS "\t%s -V -n cert-name -u usage [-b time] [-e] \n" - "\t\t[-X] [-d certdir] [-P dbprefix]\n", - progName); - FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n" - "\t\t [-k key-type] [-h token-name] [-g key-size]\n" - "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" - "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n" - "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6] [-7 emailAddrs]\n", - progName); - FPS "\t%s -U [-X] [-d certdir] [-P dbprefix]\n", progName); - exit(1); -} - -static void LongUsage(char *progName) -{ - - FPS "%-15s Add a certificate to the database (create if needed)\n", - "-A"); - FPS "%-15s Add an Email certificate to the database (create if needed)\n", - "-E"); - FPS "%-20s Specify the nickname of the certificate to add\n", - " -n cert-name"); - FPS "%-20s Set the certificate trust attributes:\n", - " -t trustargs"); - FPS "%-25s p \t valid peer\n", ""); - FPS "%-25s P \t trusted peer (implies p)\n", ""); - FPS "%-25s c \t valid CA\n", ""); - FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", ""); - FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", ""); - FPS "%-25s u \t user cert\n", ""); - FPS "%-25s w \t send warning\n", ""); -#ifdef DEBUG_NSSTEAM_ONLY - FPS "%-25s g \t make step-up cert\n", ""); -#endif /* DEBUG_NSSTEAM_ONLY */ - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n", - " -a"); - FPS "%-20s Specify the certificate file (default is stdin)\n", - " -i input"); - FPS "\n"); - - FPS "%-15s Create a new binary certificate from a BINARY cert request\n", - "-C"); - FPS "%-20s The nickname of the issuer cert\n", - " -c issuer-name"); - FPS "%-20s The BINARY certificate request file\n", - " -i cert-request "); - FPS "%-20s Output binary cert to this file (default is stdout)\n", - " -o output-cert"); - FPS "%-20s Self sign\n", - " -x"); - FPS "%-20s Cert serial number\n", - " -m serial-number"); - FPS "%-20s Time Warp\n", - " -w warp-months"); - FPS "%-20s Months valid (default is 3)\n", - " -v months-valid"); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Create key usage extension\n", - " -1 "); - FPS "%-20s Create basic constraint extension\n", - " -2 "); - FPS "%-20s Create authority key ID extension\n", - " -3 "); - FPS "%-20s Create crl distribution point extension\n", - " -4 "); - FPS "%-20s Create netscape cert type extension\n", - " -5 "); - FPS "%-20s Create extended key usage extension\n", - " -6 "); - FPS "\n"); - - FPS "%-15s Generate a new key pair\n", - "-G"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Key size in bits, (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n", - " -y exp"); - FPS "%-20s Specify the password file\n", - " -f password-file"); - FPS "%-20s Specify the noise file to be used\n", - " -z noisefile"); - FPS "%-20s read PQG value from pqgfile (dsa only)\n", - " -q pqgfile"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Delete a certificate from the database\n", - "-D"); - FPS "%-20s The nickname of the cert to delete\n", - " -n cert-name"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/ - "-U"); - FPS "%-20s Module database directory (default is '~/.netscape')\n", - " -d moddir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s force the database to open R/W\n", - " -X"); - FPS "\n"); - - FPS "%-15s List all keys\n", /*, or print out a single named key\n",*/ - "-K"); - FPS "%-20s Name of token in which to look for keys (default is internal," - " use \"all\" to list keys on all tokens)\n", - " -h token-name "); - FPS "%-20s Type of key pair to list (\"all\", \"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Specify the password file\n", - " -f password-file"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s force the database to open R/W\n", - " -X"); - FPS "\n"); - - FPS "%-15s List all certs, or print out a single named cert\n", - "-L"); - FPS "%-20s Pretty print named cert (list all if unspecified)\n", - " -n cert-name"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s force the database to open R/W\n", - " -X"); - FPS "%-20s For single cert, print binary DER encoding\n", - " -r"); - FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n", - " -a"); - FPS "\n"); - - FPS "%-15s Modify trust attributes of certificate\n", - "-M"); - FPS "%-20s The nickname of the cert to modify\n", - " -n cert-name"); - FPS "%-20s Set the certificate trust attributes (see -A above)\n", - " -t trustargs"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Create a new certificate database\n", - "-N"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - FPS "%-15s Reset the Key database or token\n", - "-T"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Token to reset (default is internal)\n", - " -h token-name"); - FPS "\n"); - - FPS "\n"); - FPS "%-15s Print the chain of a certificate\n", - "-O"); - FPS "%-20s The nickname of the cert to modify\n", - " -n cert-name"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s force the database to open R/W\n", - " -X"); - FPS "\n"); - - FPS "%-15s Generate a certificate request (stdout)\n", - "-R"); - FPS "%-20s Specify the subject name (using RFC1485)\n", - " -s subject"); - FPS "%-20s Output the cert request to this file\n", - " -o output-req"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", - " -p phone"); - FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n", - " -a"); - FPS "\n"); - - FPS "%-15s Validate a certificate\n", - "-V"); - FPS "%-20s The nickname of the cert to Validate\n", - " -n cert-name"); - FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n", - " -b time"); - FPS "%-20s Check certificate signature \n", - " -e "); - FPS "%-20s Specify certificate usage:\n", " -u certusage"); - FPS "%-25s C \t SSL Client\n", ""); - FPS "%-25s V \t SSL Server\n", ""); - FPS "%-25s S \t Email signer\n", ""); - FPS "%-25s R \t Email Recipient\n", ""); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s force the database to open R/W\n", - " -X"); - FPS "\n"); - - FPS "%-15s Make a certificate and add to database\n", - "-S"); - FPS "%-20s Specify the nickname of the cert\n", - " -n key-name"); - FPS "%-20s Specify the subject name (using RFC1485)\n", - " -s subject"); - FPS "%-20s The nickname of the issuer cert\n", - " -c issuer-name"); - FPS "%-20s Set the certificate trust attributes (see -A above)\n", - " -t trustargs"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Self sign\n", - " -x"); - FPS "%-20s Cert serial number\n", - " -m serial-number"); - FPS "%-20s Time Warp\n", - " -w warp-months"); - FPS "%-20s Months valid (default is 3)\n", - " -v months-valid"); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", - " -p phone"); - FPS "%-20s Create key usage extension\n", - " -1 "); - FPS "%-20s Create basic constraint extension\n", - " -2 "); - FPS "%-20s Create authority key ID extension\n", - " -3 "); - FPS "%-20s Create crl distribution point extension\n", - " -4 "); - FPS "%-20s Create netscape cert type extension\n", - " -5 "); - FPS "%-20s Create extended key usage extension\n", - " -6 "); - FPS "\n"); - - exit(1); -#undef FPS -} - - -static CERTCertificate * -MakeV1Cert( CERTCertDBHandle * handle, - CERTCertificateRequest *req, - char * issuerNickName, - PRBool selfsign, - unsigned int serialNumber, - int warpmonths, - int validitylength) -{ - CERTCertificate *issuerCert = NULL; - CERTValidity *validity; - CERTCertificate *cert = NULL; - PRExplodedTime printableTime; - PRTime now, after; - - if ( !selfsign ) { - issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName); - if (!issuerCert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - issuerNickName); - return NULL; - } - } - - now = PR_Now(); - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - if ( warpmonths ) { - printableTime.tm_month += warpmonths; - now = PR_ImplodeTime (&printableTime); - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - } - printableTime.tm_month += validitylength; - printableTime.tm_month += 3; - after = PR_ImplodeTime (&printableTime); - - /* note that the time is now in micro-second unit */ - validity = CERT_CreateValidity (now, after); - - cert = CERT_CreateCertificate(serialNumber, - (selfsign ? &req->subject - : &issuerCert->subject), - validity, req); - - CERT_DestroyValidity(validity); - if ( issuerCert ) { - CERT_DestroyCertificate (issuerCert); - } - - return(cert); -} - -static SECStatus -AddKeyUsage (void *extHandle) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - char buffer[5]; - int value; - - while (1) { - fprintf(stdout, "%-25s 0 - Digital Signature\n", ""); - fprintf(stdout, "%-25s 1 - Non-repudiation\n", ""); - fprintf(stdout, "%-25s 2 - Key encipherment\n", ""); - fprintf(stdout, "%-25s 3 - Data encipherment\n", ""); - fprintf(stdout, "%-25s 4 - Key agreement\n", ""); - fprintf(stdout, "%-25s 5 - Cert signing key\n", ""); - fprintf(stdout, "%-25s 6 - CRL signing key\n", ""); - fprintf(stdout, "%-25s Other to finish\n", ""); - if (gets (buffer)) { - value = atoi (buffer); - if (value < 0 || value > 6) - break; - keyUsage |= (0x80 >> value); - } - else { /* gets() returns NULL on EOF or error */ - break; - } - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE)); - -} - - -static CERTOidSequence * -CreateOidSequence(void) -{ - CERTOidSequence *rv = (CERTOidSequence *)NULL; - PRArenaPool *arena = (PRArenaPool *)NULL; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if( (PRArenaPool *)NULL == arena ) { - goto loser; - } - - rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); - if( (CERTOidSequence *)NULL == rv ) { - goto loser; - } - - rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *)); - if( (SECItem **)NULL == rv->oids ) { - goto loser; - } - - rv->arena = arena; - return rv; - - loser: - if( (PRArenaPool *)NULL != arena ) { - PORT_FreeArena(arena, PR_FALSE); - } - - return (CERTOidSequence *)NULL; -} - -static void -DestroyOidSequence(CERTOidSequence *os) -{ - if (os->arena) { - PORT_FreeArena(os->arena, PR_FALSE); - } -} - -static SECStatus -AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) -{ - SECItem **oids; - PRUint32 count = 0; - SECOidData *od; - - od = SECOID_FindOIDByTag(oidTag); - if( (SECOidData *)NULL == od ) { - return SECFailure; - } - - for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) { - count++; - } - - /* ArenaZRealloc */ - - { - PRUint32 i; - - oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2)); - if( (SECItem **)NULL == oids ) { - return SECFailure; - } - - for( i = 0; i < count; i++ ) { - oids[i] = os->oids[i]; - } - - /* ArenaZFree(os->oids); */ - } - - os->oids = oids; - os->oids[count] = &od->oid; - - return SECSuccess; -} - -SEC_ASN1_MKSUB(SEC_ObjectIDTemplate); - -const SEC_ASN1Template CERT_OidSeqTemplate[] = { - { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, - offsetof(CERTOidSequence, oids), - SEC_ASN1_SUB(SEC_ObjectIDTemplate) } -}; - - -static SECItem * -EncodeOidSequence(CERTOidSequence *os) -{ - SECItem *rv; - - rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem)); - if( (SECItem *)NULL == rv ) { - goto loser; - } - - if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) { - goto loser; - } - - return rv; - - loser: - return (SECItem *)NULL; -} - -static SECStatus -AddExtKeyUsage (void *extHandle) -{ - char buffer[5]; - int value; - CERTOidSequence *os; - SECStatus rv; - SECItem *item; - - os = CreateOidSequence(); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - while (1) { - fprintf(stdout, "%-25s 0 - Server Auth\n", ""); - fprintf(stdout, "%-25s 1 - Client Auth\n", ""); - fprintf(stdout, "%-25s 2 - Code Signing\n", ""); - fprintf(stdout, "%-25s 3 - Email Protection\n", ""); - fprintf(stdout, "%-25s 4 - Timestamp\n", ""); - fprintf(stdout, "%-25s 5 - OCSP Responder\n", ""); -#ifdef DEBUG_NSSTEAM_ONLY - fprintf(stdout, "%-25s 6 - Step-up\n", ""); -#endif /* DEBUG_NSSTEAM_ONLY */ - fprintf(stdout, "%-25s Other to finish\n", ""); - - gets(buffer); - value = atoi(buffer); - - switch( value ) { - case 0: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); - break; - case 1: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); - break; - case 2: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); - break; - case 3: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); - break; - case 4: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); - break; - case 5: - rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); - break; -#ifdef DEBUG_NSSTEAM_ONLY - case 6: - rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); - break; -#endif /* DEBUG_NSSTEAM_ONLY */ - default: - goto endloop; - } - - if( SECSuccess != rv ) goto loser; - } - - endloop:; - item = EncodeOidSequence(os); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item, - ((buffer[0] == 'y' || buffer[0] == 'Y') - ? PR_TRUE : PR_FALSE), PR_TRUE); - /*FALLTHROUGH*/ - loser: - DestroyOidSequence(os); - return rv; -} - -static SECStatus -AddNscpCertType (void *extHandle) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - char buffer[5]; - int value; - - while (1) { - fprintf(stdout, "%-25s 0 - SSL Client\n", ""); - fprintf(stdout, "%-25s 1 - SSL Server\n", ""); - fprintf(stdout, "%-25s 2 - S/MIME\n", ""); - fprintf(stdout, "%-25s 3 - Object Signing\n", ""); - fprintf(stdout, "%-25s 4 - Reserved for futuer use\n", ""); - fprintf(stdout, "%-25s 5 - SSL CA\n", ""); - fprintf(stdout, "%-25s 6 - S/MIME CA\n", ""); - fprintf(stdout, "%-25s 7 - Object Signing CA\n", ""); - fprintf(stdout, "%-25s Other to finish\n", ""); - gets (buffer); - value = atoi (buffer); - if (value < 0 || value > 7) - break; - keyUsage |= (0x80 >> value); - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE)); - -} - - -static SECStatus -AddEmailSubjectAlt(void *extHandle, const char *emailAddrs) -{ - SECItem item = { 0, NULL, 0 }; - void *value; - CERTGeneralName *emailList = NULL; - CERTGeneralName *current; - PRCList *prev = NULL; - PRArenaPool *arena; - const char *cp; - char *tbuf; - SECStatus rv = SECSuccess; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - return SECFailure; - } - - /* - * walk down the comma separated list of email addresses. NOTE: there is - * no sanity checks to see if the email address look like email addresses. - */ - for (cp=emailAddrs; cp; cp = PORT_Strchr(cp,',')) { - int len; - char *end; - - if (*cp == ',') { - cp++; - } - end = PORT_Strchr(cp,','); - len = end ? end-cp : PORT_Strlen(cp); - if (len <= 0) { - continue; - } - tbuf = PORT_ArenaAlloc(arena,len+1); - PORT_Memcpy(tbuf,cp,len); - tbuf[len] = 0; - current = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName)); - if (!current) { - rv = SECFailure; - break; - } - if (prev) { - current->l.prev = prev; - prev->next = &(current->l); - } else { - emailList = current; - } - current->type = certRFC822Name; - current->name.other.data = (unsigned char *)tbuf; - current->name.other.len = PORT_Strlen(tbuf); - prev = &(current->l); - } - if (rv != SECSuccess) { - goto loser; - } - /* no email address */ - if (!emailList) { - /*rv=SECSuccess; We know rv is SECSuccess because of the previous if*/ - goto done; - } - emailList->l.prev = prev; - current->l.next = &(emailList->l); - - CERT_EncodeAltNameExtension(arena, emailList, &item); - rv = CERT_AddExtension (extHandle, SEC_OID_X509_SUBJECT_ALT_NAME, &item, - PR_FALSE, PR_TRUE); -done: -loser: - PORT_FreeArena(arena, PR_FALSE); - return rv; - -} - -typedef SECStatus (* EXTEN_VALUE_ENCODER) - (PRArenaPool *extHandle, void *value, SECItem *encodedValue); - -static SECStatus -EncodeAndAddExtensionValue( - PRArenaPool * arena, - void * extHandle, - void * value, - PRBool criticality, - int extenType, - EXTEN_VALUE_ENCODER EncodeValueFn) -{ - SECItem encodedValue; - SECStatus rv; - - - encodedValue.data = NULL; - encodedValue.len = 0; - do { - rv = (*EncodeValueFn)(arena, value, &encodedValue); - if (rv != SECSuccess) - break; - - rv = CERT_AddExtension - (extHandle, extenType, &encodedValue, criticality,PR_TRUE); - } while (0); - - return (rv); -} - -static SECStatus -AddBasicConstraint(void *extHandle) -{ - CERTBasicConstraints basicConstraint; - SECItem encodedValue; - SECStatus rv; - char buffer[10]; - - encodedValue.data = NULL; - encodedValue.len = 0; - do { - basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; - puts ("Is this a CA certificate [y/n]?"); - gets (buffer); - basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ? - PR_TRUE : PR_FALSE; - - puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:"); - gets (buffer); - if (PORT_Strlen (buffer) > 0) - basicConstraint.pathLenConstraint = atoi (buffer); - - rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, &encodedValue); - if (rv) - return (rv); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - rv = CERT_AddExtension - (extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, - &encodedValue, (buffer[0] == 'y' || buffer[0] == 'Y') ? - PR_TRUE : PR_FALSE ,PR_TRUE); - } while (0); - PORT_Free (encodedValue.data); - return (rv); -} - -static SECItem * -SignCert(CERTCertDBHandle *handle, -CERTCertificate *cert, PRBool selfsign, -SECKEYPrivateKey *privKey, char *issuerNickName, void *pwarg) -{ - SECItem der; - SECItem *result = NULL; - SECKEYPrivateKey *caPrivateKey = NULL; - SECStatus rv; - PRArenaPool *arena; - SECOidTag algID; - void *dummy; - - if( !selfsign ) { - CERTCertificate *issuer = PK11_FindCertFromNickname(issuerNickName, pwarg); - if( (CERTCertificate *)NULL == issuer ) { - SECU_PrintError(progName, "unable to find issuer with nickname %s", - issuerNickName); - return (SECItem *)NULL; - } - - privKey = caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg); - CERT_DestroyCertificate(issuer); - if (caPrivateKey == NULL) { - SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName); - return NULL; - } - } - - arena = cert->arena; - - switch(privKey->keyType) { - case rsaKey: - algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - fprintf(stderr, "Unknown key type for issuer."); - goto done; - break; - } - - rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0); - if (rv != SECSuccess) { - fprintf(stderr, "Could not set signature algorithm id."); - goto done; - } - - /* we only deal with cert v3 here */ - *(cert->version.data) = 2; - cert->version.len = 1; - - der.len = 0; - der.data = NULL; - dummy = SEC_ASN1EncodeItem (arena, &der, cert, - SEC_ASN1_GET(CERT_CertificateTemplate)); - if (!dummy) { - fprintf (stderr, "Could not encode certificate.\n"); - goto done; - } - - result = (SECItem *) PORT_ArenaZAlloc (arena, sizeof (SECItem)); - if (result == NULL) { - fprintf (stderr, "Could not allocate item for certificate data.\n"); - goto done; - } - - rv = SEC_DerSignData (arena, result, der.data, der.len, privKey, - algID); - if (rv != SECSuccess) { - fprintf (stderr, "Could not sign encoded certificate data.\n"); - PORT_Free(result); - result = NULL; - goto done; - } - cert->derCert = *result; -done: - if (caPrivateKey) { - SECKEY_DestroyPrivateKey(caPrivateKey); - } - return result; -} - -static SECStatus -AddAuthKeyID (void *extHandle) -{ - CERTAuthKeyID *authKeyID = NULL; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - char buffer[512]; - - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - SECU_PrintError(progName, "out of memory"); - GEN_BREAK (SECFailure); - } - - if (GetYesNo ("Enter value for the authKeyID extension [y/n]?\n") == 0) - break; - - authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID)); - if (authKeyID == NULL) { - GEN_BREAK (SECFailure); - } - - rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:", - &authKeyID->keyID); - if (rv != SECSuccess) - break; - authKeyID->authCertIssuer = GetGeneralName (arena); - if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError ()) - break; - - - rv = GetString (arena, "Enter value for the authCertSerial field, enter to omit:", - &authKeyID->authCertSerialNumber); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = EncodeAndAddExtensionValue - (arena, extHandle, authKeyID, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE, - SEC_OID_X509_AUTH_KEY_ID, - (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID); - if (rv) - break; - - } while (0); - if (arena) - PORT_FreeArena (arena, PR_FALSE); - return (rv); -} - -static SECStatus -AddCrlDistPoint(void *extHandle) -{ - PRArenaPool *arena = NULL; - CERTCrlDistributionPoints *crlDistPoints = NULL; - CRLDistributionPoint *current; - SECStatus rv = SECSuccess; - int count = 0, intValue; - char buffer[5]; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) - return (SECFailure); - - do { - current = NULL; - current = PORT_ArenaZAlloc (arena, sizeof (*current)); - if (current == NULL) { - GEN_BREAK (SECFailure); - } - - /* Get the distributionPointName fields - this field is optional */ - puts ("Enter the type of the distribution point name:\n"); - puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: "); - scanf ("%d", &intValue); - switch (intValue) { - case generalName: - current->distPointType = intValue; - current->distPoint.fullName = GetGeneralName (arena); - rv = PORT_GetError(); - break; - - case relativeDistinguishedName: { - CERTName *name; - char buffer[512]; - - current->distPointType = intValue; - puts ("Enter the relative name: "); - fflush (stdout); - gets (buffer); - /* For simplicity, use CERT_AsciiToName to converse from a string - to NAME, but we only interest in the first RDN */ - name = CERT_AsciiToName (buffer); - if (!name) { - GEN_BREAK (SECFailure); - } - rv = CERT_CopyRDN (arena, ¤t->distPoint.relativeName, name->rdns[0]); - CERT_DestroyName (name); - break; - } - } - if (rv != SECSuccess) - break; - - /* Get the reason flags */ - puts ("\nSelect one of the following for the reason flags\n"); - puts ("\t0 - unused\n\t1 - keyCompromise\n\t2 - caCompromise\n\t3 - affiliationChanged\n"); - puts ("\t4 - superseded\n\t5 - cessationOfOperation\n\t6 - certificateHold\n"); - puts ("\tother - omit\t\tChoice: "); - - scanf ("%d", &intValue); - if (intValue >= 0 && intValue <8) { - current->reasons.data = PORT_ArenaAlloc (arena, sizeof(char)); - if (current->reasons.data == NULL) { - GEN_BREAK (SECFailure); - } - *current->reasons.data = (char)(0x80 >> intValue); - current->reasons.len = 1; - } - puts ("Enter value for the CRL Issuer name:\n"); - current->crlIssuer = GetGeneralName (arena); - if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure) - break; - - if (crlDistPoints == NULL) { - crlDistPoints = PORT_ArenaZAlloc (arena, sizeof (*crlDistPoints)); - if (crlDistPoints == NULL) { - GEN_BREAK (SECFailure); - } - } - - crlDistPoints->distPoints = PORT_ArenaGrow (arena, - crlDistPoints->distPoints, - sizeof (*crlDistPoints->distPoints) * count, - sizeof (*crlDistPoints->distPoints) *(count + 1)); - if (crlDistPoints->distPoints == NULL) { - GEN_BREAK (SECFailure); - } - - crlDistPoints->distPoints[count] = current; - ++count; - if (GetYesNo ("Enter more value for the CRL distribution point extension [y/n]\n") == 0) { - /* Add null to the end of the crlDistPoints to mark end of data */ - crlDistPoints->distPoints = PORT_ArenaGrow(arena, - crlDistPoints->distPoints, - sizeof (*crlDistPoints->distPoints) * count, - sizeof (*crlDistPoints->distPoints) *(count + 1)); - crlDistPoints->distPoints[count] = NULL; - break; - } - - - } while (1); - - if (rv == SECSuccess) { - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints, - (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE, - SEC_OID_X509_CRL_DIST_POINTS, - (EXTEN_VALUE_ENCODER) CERT_EncodeCRLDistributionPoints); - } - if (arena) - PORT_FreeArena (arena, PR_FALSE); - return (rv); -} - -static SECStatus -CreateCert( - CERTCertDBHandle *handle, - char * issuerNickName, - PRFileDesc *inFile, - PRFileDesc *outFile, - SECKEYPrivateKey *selfsignprivkey, - void *pwarg, - unsigned int serialNumber, - int warpmonths, - int validitylength, - const char *emailAddrs, - PRBool ascii, - PRBool selfsign, - PRBool keyUsage, - PRBool extKeyUsage, - PRBool basicConstraint, - PRBool authKeyID, - PRBool crlDistPoints, - PRBool nscpCertType) -{ - void * extHandle; - SECItem * certDER; - PRArenaPool *arena = NULL; - CERTCertificate *subjectCert = NULL; - CERTCertificateRequest *certReq = NULL; - SECStatus rv = SECSuccess; - SECItem reqDER; - - reqDER.data = NULL; - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) { - GEN_BREAK (SECFailure); - } - - /* Create a certrequest object from the input cert request der */ - certReq = GetCertRequest(inFile, ascii); - if (certReq == NULL) { - GEN_BREAK (SECFailure) - } - - subjectCert = MakeV1Cert (handle, certReq, issuerNickName, selfsign, - serialNumber, warpmonths, validitylength); - if (subjectCert == NULL) { - GEN_BREAK (SECFailure) - } - - extHandle = CERT_StartCertExtensions (subjectCert); - if (extHandle == NULL) { - GEN_BREAK (SECFailure) - } - - /* Add key usage extension */ - if (keyUsage) { - rv = AddKeyUsage(extHandle); - if (rv) - break; - } - - /* Add extended key usage extension */ - if (extKeyUsage) { - rv = AddExtKeyUsage(extHandle); - if (rv) - break; - } - - /* Add basic constraint extension */ - if (basicConstraint) { - rv = AddBasicConstraint(extHandle); - if (rv) - break; - } - - if (authKeyID) { - rv = AddAuthKeyID (extHandle); - if (rv) - break; - } - - - if (crlDistPoints) { - rv = AddCrlDistPoint (extHandle); - if (rv) - break; - } - - if (nscpCertType) { - rv = AddNscpCertType(extHandle); - if (rv) - break; - } - - if (emailAddrs != NULL) { - rv = AddEmailSubjectAlt(extHandle,emailAddrs); - if (rv) - break; - } - - CERT_FinishExtensions(extHandle); - - certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName,pwarg); - - if (certDER) { - if (ascii) { - PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CERT_HEADER, - BTOA_DataToAscii(certDER->data, certDER->len), NS_CERT_TRAILER); - } else { - PR_Write(outFile, certDER->data, certDER->len); - } - } - - } while (0); - CERT_DestroyCertificateRequest (certReq); - CERT_DestroyCertificate (subjectCert); - PORT_FreeArena (arena, PR_FALSE); - if (rv != SECSuccess) { - PRErrorCode perr = PR_GetError(); - fprintf(stderr, "%s: unable to create cert (%s)\n", progName, - SECU_Strerror(perr)); - } - return (rv); -} - -/* Certutil commands */ -enum { - cmd_AddCert = 0, - cmd_CreateNewCert, - cmd_DeleteCert, - cmd_AddEmailCert, - cmd_DeleteKey, - cmd_GenKeyPair, - cmd_PrintHelp, - cmd_ListKeys, - cmd_ListCerts, - cmd_ModifyCertTrust, - cmd_NewDBs, - cmd_DumpChain, - cmd_CertReq, - cmd_CreateAndAddCert, - cmd_TokenReset, - cmd_ListModules, - cmd_CheckCertValidity, - cmd_ChangePassword, - cmd_Version -}; - -/* Certutil options */ -enum { - opt_SSOPass = 0, - opt_AddKeyUsageExt, - opt_AddBasicConstraintExt, - opt_AddAuthorityKeyIDExt, - opt_AddCRLDistPtsExt, - opt_AddNSCertTypeExt, - opt_AddExtKeyUsageExt, - opt_ExtendedEmailAddrs, - opt_ASCIIForIO, - opt_ValidityTime, - opt_IssuerName, - opt_CertDir, - opt_VerifySig, - opt_PasswordFile, - opt_KeySize, - opt_TokenName, - opt_InputFile, - opt_KeyIndex, - opt_KeyType, - opt_DetailedInfo, - opt_SerialNumber, - opt_Nickname, - opt_OutputFile, - opt_PhoneNumber, - opt_DBPrefix, - opt_PQGFile, - opt_BinaryDER, - opt_Subject, - opt_Trust, - opt_Usage, - opt_Validity, - opt_OffsetMonths, - opt_SelfSign, - opt_RW, - opt_Exponent, - opt_NoiseFile -}; - -static secuCommandFlag certutil_commands[] = -{ - { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE }, - { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE }, - { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE }, - { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DumpChain */ 'O', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE }, - { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag certutil_options[] = -{ - { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE }, - { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE }, - { /* opt_ExtendedEmailAddrs */ '7', PR_TRUE, 0, PR_FALSE }, - { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE }, - { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE }, - { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE }, - { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, - { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE }, - { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE }, - { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE }, - { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE }, - { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE }, - { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE }, - { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE }, - { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE }, - { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE }, - { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, - { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE }, - { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE }, - { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE }, - { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE }, - { /* opt_RW */ 'X', PR_FALSE, 0, PR_FALSE }, - { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE }, - { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE } -}; - -int -main(int argc, char **argv) -{ - CERTCertDBHandle *certHandle; - PK11SlotInfo *slot = NULL; - CERTName * subject = 0; - PRFileDesc *inFile = PR_STDIN; - PRFileDesc *outFile = 0; - char * certfile = "tempcert"; - char * certreqfile = "tempcertreq"; - char * slotname = "internal"; - char * certPrefix = ""; - KeyType keytype = rsaKey; - /*char * keyslot = NULL;*/ - /*char * keynickname = NULL;*/ - char * name = NULL; - int keysize = DEFAULT_KEY_BITS; - int publicExponent = 0x010001; - unsigned int serialNumber = 0; - int warpmonths = 0; - int validitylength = 0; - int commandsEntered = 0; - char commandToRun = '\0'; - secuPWData pwdata = { PW_NONE, 0 }; - PRBool readOnly = PR_FALSE; - - SECKEYPrivateKey *privkey = NULL; - SECKEYPublicKey *pubkey = NULL; - - int i; - SECStatus rv; - - secuCommand certutil; - certutil.numCommands = sizeof(certutil_commands) / sizeof(secuCommandFlag); - certutil.numOptions = sizeof(certutil_options) / sizeof(secuCommandFlag); - certutil.commands = certutil_commands; - certutil.options = certutil_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &certutil); - - if (rv != SECSuccess) - Usage(progName); - - if (certutil.commands[cmd_PrintHelp].activated) - LongUsage(progName); - - if (certutil.options[opt_PasswordFile].arg) { - pwdata.source = PW_FROMFILE; - pwdata.data = certutil.options[opt_PasswordFile].arg; - } - - if (certutil.options[opt_CertDir].activated) - SECU_ConfigDirectory(certutil.options[opt_CertDir].arg); - - if (certutil.options[opt_KeySize].activated) { - keysize = PORT_Atoi(certutil.options[opt_KeySize].arg); - if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) { - PR_fprintf(PR_STDERR, - "%s -g: Keysize must be between %d and %d.\n", - MIN_KEY_BITS, MAX_KEY_BITS); - return 255; - } - } - - /* -h specify token name */ - if (certutil.options[opt_TokenName].activated) { - if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0) - slotname = NULL; - else - slotname = PL_strdup(certutil.options[opt_TokenName].arg); - } - - /* -k key type */ - if (certutil.options[opt_KeyType].activated) { - if (PL_strcmp(certutil.options[opt_KeyType].arg, "rsa") == 0) { - keytype = rsaKey; - } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "dsa") == 0) { - keytype = dsaKey; - } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "all") == 0) { - keytype = nullKey; - } else { - PR_fprintf(PR_STDERR, "%s -k: %s is not a recognized type.\n", - progName, certutil.options[opt_KeyType].arg); - return 255; - } - } - - /* -m serial number */ - if (certutil.options[opt_SerialNumber].activated) { - int sn = PORT_Atoi(certutil.options[opt_SerialNumber].arg); - if (sn < 0) { - PR_fprintf(PR_STDERR, "%s -m: %s is not a valid serial number.\n", - progName, certutil.options[opt_SerialNumber].arg); - return 255; - } - serialNumber = sn; - } - - /* -P certdb name prefix */ - if (certutil.options[opt_DBPrefix].activated) - certPrefix = strdup(certutil.options[opt_DBPrefix].arg); - - /* -q PQG file */ - if (certutil.options[opt_PQGFile].activated) { - if (keytype != dsaKey) { - PR_fprintf(PR_STDERR, "%s -q: PQG file is for DSA key (-k dsa).\n)", - progName); - return 255; - } - } - - /* -s subject name */ - if (certutil.options[opt_Subject].activated) { - subject = CERT_AsciiToName(certutil.options[opt_Subject].arg); - if (!subject) { - PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n", - progName, certutil.options[opt_Subject].arg); - return 255; - } - } - - /* -v validity period */ - if (certutil.options[opt_Validity].activated) { - validitylength = PORT_Atoi(certutil.options[opt_Validity].arg); - if (validitylength < 0) { - PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n", - progName, certutil.options[opt_Validity].arg); - return 255; - } - } - - /* -w warp months */ - if (certutil.options[opt_OffsetMonths].activated) - warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg); - - /* -y public exponent (for RSA) */ - if (certutil.options[opt_Exponent].activated) { - publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg); - if ((publicExponent != 3) && - (publicExponent != 17) && - (publicExponent != 65537)) { - PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.", - progName, publicExponent); - PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n"); - return 255; - } - } - - /* Check number of commands entered. */ - commandsEntered = 0; - for (i=0; i< certutil.numCommands; i++) { - if (certutil.commands[i].activated) { - commandToRun = certutil.commands[i].flag; - commandsEntered++; - } - if (commandsEntered > 1) - break; - } - if (commandsEntered > 1) { - PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName); - PR_fprintf(PR_STDERR, "You entered: "); - for (i=0; i< certutil.numCommands; i++) { - if (certutil.commands[i].activated) - PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag); - } - PR_fprintf(PR_STDERR, "\n"); - return 255; - } - if (commandsEntered == 0) { - PR_fprintf(PR_STDERR, "%s: you must enter a command!\n", progName); - Usage(progName); - } - - if (certutil.commands[cmd_ListCerts].activated || - certutil.commands[cmd_PrintHelp].activated || - certutil.commands[cmd_ListKeys].activated || - certutil.commands[cmd_ListModules].activated || - certutil.commands[cmd_CheckCertValidity].activated || - certutil.commands[cmd_Version].activated ) { - readOnly = !certutil.options[opt_RW].activated; - } - - /* -A, -D, -F, -M, -S, -V, and all require -n */ - if ((certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_DeleteCert].activated || - certutil.commands[cmd_DeleteKey].activated || - certutil.commands[cmd_ModifyCertTrust].activated || - certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CheckCertValidity].activated) && - !certutil.options[opt_Nickname].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: nickname is required for this command (-n).\n", - progName, commandToRun); - return 255; - } - - /* -A, -E, -M, -S require trust */ - if ((certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_AddEmailCert].activated || - certutil.commands[cmd_ModifyCertTrust].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_Trust].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: trust is required for this command (-t).\n", - progName, commandToRun); - return 255; - } - - /* if -L is given raw or ascii mode, it must be for only one cert. */ - if (certutil.commands[cmd_ListCerts].activated && - (certutil.options[opt_ASCIIForIO].activated || - certutil.options[opt_BinaryDER].activated) && - !certutil.options[opt_Nickname].activated) { - PR_fprintf(PR_STDERR, - "%s: nickname is required to dump cert in raw or ascii mode.\n", - progName); - return 255; - } - - /* -L can only be in (raw || ascii). */ - if (certutil.commands[cmd_ListCerts].activated && - certutil.options[opt_ASCIIForIO].activated && - certutil.options[opt_BinaryDER].activated) { - PR_fprintf(PR_STDERR, - "%s: cannot specify both -r and -a when dumping cert.\n", - progName); - return 255; - } - - /* For now, deny -C -x combination */ - if (certutil.commands[cmd_CreateNewCert].activated && - certutil.options[opt_SelfSign].activated) { - PR_fprintf(PR_STDERR, - "%s: self-signing a cert request is not supported.\n", - progName); - return 255; - } - - /* If making a cert request, need a subject. */ - if ((certutil.commands[cmd_CertReq].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_Subject].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: subject is required to create a cert request.\n", - progName, commandToRun); - return 255; - } - - /* If making a cert, need a serial number. */ - if ((certutil.commands[cmd_CreateNewCert].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_SerialNumber].activated) { - /* Make a default serial number from the current time. */ - PRTime now = PR_Now(); - LL_USHR(now, now, 19); - LL_L2UI(serialNumber, now); - } - - /* Validation needs the usage to validate for. */ - if (certutil.commands[cmd_CheckCertValidity].activated && - !certutil.options[opt_Usage].activated) { - PR_fprintf(PR_STDERR, - "%s -V: specify a usage to validate the cert for (-u).\n", - progName); - return 255; - } - - /* To make a cert, need either a issuer or to self-sign it. */ - if (certutil.commands[cmd_CreateAndAddCert].activated && - !(certutil.options[opt_IssuerName].activated || - certutil.options[opt_SelfSign].activated)) { - PR_fprintf(PR_STDERR, - "%s -S: must specify issuer (-c) or self-sign (-x).\n", - progName); - return 255; - } - - /* Using slotname == NULL for listing keys and certs on all slots, - * but only that. */ - if (!(certutil.commands[cmd_ListKeys].activated || - certutil.commands[cmd_DumpChain].activated || - certutil.commands[cmd_ListCerts].activated) && slotname == NULL) { - PR_fprintf(PR_STDERR, - "%s -%c: cannot use \"-h all\" for this command.\n", - progName, commandToRun); - return 255; - } - - /* Using keytype == nullKey for list all key types, but only that. */ - if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) { - PR_fprintf(PR_STDERR, - "%s -%c: cannot use \"-k all\" for this command.\n", - progName, commandToRun); - return 255; - } - - /* -S open outFile, temporary file for cert request. */ - if (certutil.commands[cmd_CreateAndAddCert].activated) { - outFile = PR_Open(certreqfile, PR_RDWR | PR_CREATE_FILE, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, - "%s -o: unable to open \"%s\" for writing (%ld, %ld)\n", - progName, certreqfile, - PR_GetError(), PR_GetOSError()); - return 255; - } - } - - /* Open the input file. */ - if (certutil.options[opt_InputFile].activated) { - inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, - "%s: unable to open \"%s\" for reading (%ld, %ld).\n", - progName, certutil.options[opt_InputFile].arg, - PR_GetError(), PR_GetOSError()); - return 255; - } - } - - /* Open the output file. */ - if (certutil.options[opt_OutputFile].activated && !outFile) { - outFile = PR_Open(certutil.options[opt_OutputFile].arg, - PR_CREATE_FILE | PR_RDWR, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, - "%s: unable to open \"%s\" for writing (%ld, %ld).\n", - progName, certutil.options[opt_OutputFile].arg, - PR_GetError(), PR_GetOSError()); - return 255; - } - } - - name = SECU_GetOptionArg(&certutil, opt_Nickname); - - PK11_SetPasswordFunc(SECU_GetModulePassword); - - /* Initialize NSPR and NSS. */ - PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix, - "secmod.db", readOnly ? NSS_INIT_READONLY: 0); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - rv = SECFailure; - goto shutdown; - } - certHandle = CERT_GetDefaultCertDB(); - - if (certutil.commands[cmd_Version].activated) { - int version = CERT_GetDBContentVersion(certHandle); - printf("Certificate database content version: %d\n", version); - } - - if (PL_strcmp(slotname, "internal") == 0) - slot = PK11_GetInternalKeySlot(); - else if (slotname != NULL) - slot = PK11_FindSlotByName(slotname); - - /* If creating new database, initialize the password. */ - if (certutil.commands[cmd_NewDBs].activated) { - SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg); - } - - /* The following 8 options are mutually exclusive with all others. */ - - /* List certs (-L) */ - if (certutil.commands[cmd_ListCerts].activated) { - rv = ListCerts(certHandle, name, slot, - certutil.options[opt_BinaryDER].activated, - certutil.options[opt_ASCIIForIO].activated, - (outFile) ? outFile : PR_STDOUT, &pwdata); - goto shutdown; - } - if (certutil.commands[cmd_DumpChain].activated) { - rv = DumpChain(certHandle, name); - goto shutdown; - } - /* XXX needs work */ - /* List keys (-K) */ - if (certutil.commands[cmd_ListKeys].activated) { - rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/, - &pwdata); - goto shutdown; - } - /* List modules (-U) */ - if (certutil.commands[cmd_ListModules].activated) { - rv = ListModules(); - goto shutdown; - } - /* Delete cert (-D) */ - if (certutil.commands[cmd_DeleteCert].activated) { - rv = DeleteCert(certHandle, name); - goto shutdown; - } - /* Delete key (-F) */ - if (certutil.commands[cmd_DeleteKey].activated) { - rv = DeleteKey(name, &pwdata); - goto shutdown; - } - /* Modify trust attribute for cert (-M) */ - if (certutil.commands[cmd_ModifyCertTrust].activated) { - rv = ChangeTrustAttributes(certHandle, name, - certutil.options[opt_Trust].arg); - goto shutdown; - } - /* Change key db password (-W) (future - change pw to slot?) */ - if (certutil.commands[cmd_ChangePassword].activated) { - rv = SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg); - goto shutdown; - } - /* Reset the a token */ - if (certutil.commands[cmd_TokenReset].activated) { - char *sso_pass = ""; - - if (certutil.options[opt_SSOPass].activated) { - sso_pass = certutil.options[opt_SSOPass].arg; - } - rv = PK11_ResetToken(slot,sso_pass); - - goto shutdown; - } - /* Check cert validity against current time (-V) */ - if (certutil.commands[cmd_CheckCertValidity].activated) { - /* XXX temporary hack for fips - must log in to get priv key */ - if (certutil.options[opt_VerifySig].activated) { - if (PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, &pwdata); - } - rv = ValidateCert(certHandle, name, - certutil.options[opt_ValidityTime].arg, - certutil.options[opt_Usage].arg, - certutil.options[opt_VerifySig].activated, - certutil.options[opt_DetailedInfo].activated, - &pwdata); - goto shutdown; - } - - /* - * Key generation - */ - - /* These commands require keygen. */ - if (certutil.commands[cmd_CertReq].activated || - certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_GenKeyPair].activated) { - /* XXX Give it a nickname. */ - privkey = - CERTUTIL_GeneratePrivateKey(keytype, slot, keysize, - publicExponent, - certutil.options[opt_NoiseFile].arg, - &pubkey, - certutil.options[opt_PQGFile].arg, - &pwdata); - if (privkey == NULL) { - SECU_PrintError(progName, "unable to generate key(s)\n"); - rv = SECFailure; - goto shutdown; - } - privkey->wincx = &pwdata; - PORT_Assert(pubkey != NULL); - - /* If all that was needed was keygen, exit. */ - if (certutil.commands[cmd_GenKeyPair].activated) { - rv = SECSuccess; - goto shutdown; - } - } - - /* - * Certificate request - */ - - /* Make a cert request (-R or -S). */ - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CertReq].activated) { - rv = CertReq(privkey, pubkey, keytype, subject, - certutil.options[opt_PhoneNumber].arg, - certutil.options[opt_ASCIIForIO].activated, - certutil.options[opt_ExtendedEmailAddrs].arg, - outFile ? outFile : PR_STDOUT); - if (rv) - goto shutdown; - privkey->wincx = &pwdata; - } - - /* - * Certificate creation - */ - - /* If making and adding a cert, load the cert request file - * and output the cert to another file. - */ - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PR_Close(outFile); - inFile = PR_Open(certreqfile, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certreqfile, PR_GetError(), PR_GetOSError()); - rv = SECFailure; - goto shutdown; - } - outFile = PR_Open(certfile, PR_RDWR | PR_CREATE_FILE, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certfile, PR_GetError(), PR_GetOSError()); - rv = SECFailure; - goto shutdown; - } - } - - /* Create a certificate (-C or -S). */ - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CreateNewCert].activated) { - rv = CreateCert(certHandle, - certutil.options[opt_IssuerName].arg, - inFile, outFile, privkey, &pwdata, - serialNumber, warpmonths, validitylength, - certutil.options[opt_ExtendedEmailAddrs].arg, - certutil.options[opt_ASCIIForIO].activated, - certutil.options[opt_SelfSign].activated, - certutil.options[opt_AddKeyUsageExt].activated, - certutil.options[opt_AddExtKeyUsageExt].activated, - certutil.options[opt_AddBasicConstraintExt].activated, - certutil.options[opt_AddAuthorityKeyIDExt].activated, - certutil.options[opt_AddCRLDistPtsExt].activated, - certutil.options[opt_AddNSCertTypeExt].activated); - if (rv) - goto shutdown; - } - - /* - * Adding a cert to the database (or slot) - */ - - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PORT_Assert(inFile != PR_STDIN); - PR_Close(inFile); - PR_Close(outFile); - inFile = PR_Open(certfile, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certfile, PR_GetError(), PR_GetOSError()); - rv = SECFailure; - goto shutdown; - } - } - - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_AddEmailCert].activated) { - rv = AddCert(slot, certHandle, name, - certutil.options[opt_Trust].arg, - inFile, - certutil.options[opt_ASCIIForIO].activated, - certutil.commands[cmd_AddEmailCert].activated,&pwdata); - if (rv) - goto shutdown; - } - - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PORT_Assert(inFile != PR_STDIN); - PR_Close(inFile); - PR_Delete(certfile); - PR_Delete(certreqfile); - } - -shutdown: - if (slot) { - PK11_FreeSlot(slot); - } - if (privkey) { - SECKEY_DestroyPrivateKey(privkey); - } - if (pubkey) { - SECKEY_DestroyPublicKey(pubkey); - } - NSS_Shutdown(); - - if (rv == SECSuccess) { - return 0; - } else { - return 255; - } -} diff --git a/security/nss/cmd/certutil/keystuff.c b/security/nss/cmd/certutil/keystuff.c deleted file mode 100644 index 317443a27b..0000000000 --- a/security/nss/cmd/certutil/keystuff.c +++ /dev/null @@ -1,411 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#include -#include -#endif - -#if defined(XP_WIN) || defined (XP_PC) -#include -#include -#endif - -#if defined(__sun) && !defined(SVR4) -extern int fclose(FILE*); -extern int fprintf(FILE *, char *, ...); -extern int isatty(int); -extern char *sys_errlist[]; -#define strerror(errno) sys_errlist[errno] -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "secrng.h" -#include "pqgutil.h" - -#define NUM_KEYSTROKES 120 -#define RAND_BUF_SIZE 60 - -#define ERROR_BREAK rv = SECFailure;break; - -const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) }, - { 0, } -}; - -/* returns 0 for success, -1 for failure (EOF encountered) */ -static int -UpdateRNG(void) -{ - char * randbuf; - int fd, i, count; - int c; - int rv = 0; -#ifdef XP_UNIX - cc_t orig_cc_min; - cc_t orig_cc_time; - tcflag_t orig_lflag; - struct termios tio; -#endif - -#define FPS fprintf(stderr, - FPS "\n"); - FPS "A random seed must be generated that will be used in the\n"); - FPS "creation of your key. One of the easiest ways to create a\n"); - FPS "random seed is to use the timing of keystrokes on a keyboard.\n"); - FPS "\n"); - FPS "To begin, type keys on the keyboard until this progress meter\n"); - FPS "is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n"); - FPS "\n"); - FPS "\n"); - FPS "Continue typing until the progress meter is full:\n\n"); - FPS "| |\r"); - - /* turn off echo on stdin & return on 1 char instead of NL */ - fd = fileno(stdin); - -#if defined(XP_UNIX) && !defined(VMS) - tcgetattr(fd, &tio); - orig_lflag = tio.c_lflag; - orig_cc_min = tio.c_cc[VMIN]; - orig_cc_time = tio.c_cc[VTIME]; - tio.c_lflag &= ~ECHO; - tio.c_lflag &= ~ICANON; - tio.c_cc[VMIN] = 1; - tio.c_cc[VTIME] = 0; - tcsetattr(fd, TCSAFLUSH, &tio); -#endif - - /* Get random noise from keyboard strokes */ - randbuf = (char *) PORT_Alloc(RAND_BUF_SIZE); - count = 0; - while (count < NUM_KEYSTROKES+1) { -#ifdef VMS - c = GENERIC_GETCHAR_NOECHO(); -#elif XP_UNIX - c = getc(stdin); -#else - c = getch(); -#endif - if (c == EOF) { - rv = -1; - break; - } - PK11_RandomUpdate(randbuf, sizeof(randbuf)); - if (c != randbuf[0]) { - randbuf[0] = c; - FPS "\r|"); - for (i=0; iarena = arena; - - buf = (char *)ATOB_AsciiToData(str, &len); - if ((buf == NULL) || (len == 0)) - goto loser; - - status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len); - if (status != SECSuccess) - goto loser; - - return params; - -loser: - if (arena != NULL) - PORT_FreeArena(arena, PR_FALSE); - return NULL; -} - -void -CERTUTIL_DestroyParamsPQG(SECKEYPQGParams *params) -{ - if (params->arena) { - PORT_FreeArena(params->arena, PR_FALSE); - } -} - -static int -pqg_prime_bits(char *str) -{ - SECKEYPQGParams *params = NULL; - int primeBits = 0, i; - - params = decode_pqg_params(str); - if (params == NULL) - goto done; /* lose */ - - for (i = 0; params->prime.data[i] == 0; i++) - /* empty */; - primeBits = (params->prime.len - i) * 8; - -done: - if (params != NULL) - CERTUTIL_DestroyParamsPQG(params); - return primeBits; -} - -static char * -SECU_GetpqgString(char *filename) -{ - char phrase[400]; - FILE *fh; - char *rv; - - fh = fopen(filename,"r"); - rv = fgets (phrase, sizeof(phrase), fh); - - fclose(fh); - if (phrase[strlen(phrase)-1] == '\n') - phrase[strlen(phrase)-1] = '\0'; - if (rv) { - return (char*) PORT_Strdup(phrase); - } - fprintf(stderr,"pqg file contain no data\n"); - return NULL; -} - -SECKEYPQGParams* -getpqgfromfile(int keyBits, char *pqgFile) -{ - char *end, *str, *pqgString; - int primeBits; - - pqgString = SECU_GetpqgString(pqgFile); - if (pqgString) - str = PORT_Strdup(pqgString); - else - return NULL; - - do { - end = PORT_Strchr(str, ','); - if (end) - *end = '\0'; - primeBits = pqg_prime_bits(str); - if (keyBits == primeBits) - goto found_match; - str = end + 1; - } while (end); - - PORT_Free(pqgString); - PORT_Free(str); - return NULL; - -found_match: - PORT_Free(pqgString); - PORT_Free(str); - return decode_pqg_params(str); -} - -void CERTUTIL_FileForRNG(char *noise) -{ - char buf[2048]; - PRFileDesc *fd; - PRInt32 count; - - fd = PR_OpenFile(noise,PR_RDONLY,0666); - if (!fd) return; - - do { - count = PR_Read(fd,buf,sizeof(buf)); - if (count > 0) { - PK11_RandomUpdate(buf,count); - } - } while (count > 0); - - PR_Close(fd); - -} - -SECKEYPrivateKey * -CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size, - int publicExponent, char *noise, - SECKEYPublicKey **pubkeyp, char *pqgFile, - secuPWData *pwdata) -{ - CK_MECHANISM_TYPE mechanism; - SECOidTag algtag; - PK11RSAGenParams rsaparams; - SECKEYPQGParams *dsaparams = NULL; - void *params; - PRArenaPool *dsaparena; - - /* - * Do some random-number initialization. - */ - - if (noise) { - CERTUTIL_FileForRNG(noise); - } else { - int rv = UpdateRNG(); - if (rv) { - PORT_SetError(PR_END_OF_FILE_ERROR); - return NULL; - } - } - - switch (keytype) { - case rsaKey: - rsaparams.keySizeInBits = size; - rsaparams.pe = publicExponent; - mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; - algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - params = &rsaparams; - break; - case dsaKey: - mechanism = CKM_DSA_KEY_PAIR_GEN; - algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - if (pqgFile) { - dsaparams = getpqgfromfile(size, pqgFile); - } else { - dsaparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (dsaparena == NULL) return NULL; - dsaparams = PORT_ArenaZAlloc(dsaparena, sizeof(SECKEYPQGParams)); - if (dsaparams == NULL) return NULL; - dsaparams->arena = dsaparena; - SECITEM_AllocItem(dsaparena, &dsaparams->prime, sizeof P); - SECITEM_AllocItem(dsaparena, &dsaparams->subPrime, sizeof Q); - SECITEM_AllocItem(dsaparena, &dsaparams->base, sizeof G); - PORT_Memcpy(dsaparams->prime.data, P, dsaparams->prime.len); - PORT_Memcpy(dsaparams->subPrime.data, Q, dsaparams->subPrime.len); - PORT_Memcpy(dsaparams->base.data, G, dsaparams->base.len); - } - params = dsaparams; - break; - default: - return NULL; - } - - if (slot == NULL) - return NULL; - - if (PK11_Authenticate(slot, PR_TRUE, pwdata) != SECSuccess) - return NULL; - - fprintf(stderr, "\n\n"); - fprintf(stderr, "Generating key. This may take a few moments...\n\n"); - - return PK11_GenerateKeyPair(slot, mechanism, params, pubkeyp, - PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, - pwdata /*wincx*/); -} diff --git a/security/nss/cmd/certutil/makefile.win b/security/nss/cmd/certutil/makefile.win deleted file mode 100644 index 26cdc0651a..0000000000 --- a/security/nss/cmd/certutil/makefile.win +++ /dev/null @@ -1,155 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -PROGRAM = certutil -PROGRAM = $(OBJDIR)\$(PROGRAM).exe - -include <$(DEPTH)\config\config.mak> - - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/certutil/manifest.mn b/security/nss/cmd/certutil/manifest.mn deleted file mode 100644 index 9bf7af5b86..0000000000 --- a/security/nss/cmd/certutil/manifest.mn +++ /dev/null @@ -1,52 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = \ - certutil.c \ - keystuff.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = certutil - -#USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/checkcert/Makefile b/security/nss/cmd/checkcert/Makefile deleted file mode 100644 index 573c12cac1..0000000000 --- a/security/nss/cmd/checkcert/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/checkcert/checkcert.c b/security/nss/cmd/checkcert/checkcert.c deleted file mode 100644 index 0cd5e61aad..0000000000 --- a/security/nss/cmd/checkcert/checkcert.c +++ /dev/null @@ -1,640 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "plgetopt.h" -#include "cert.h" -#include "secoid.h" -#include "cryptohi.h" - -/* maximum supported modulus length in bits (indicate problem if over this) */ -#define MAX_MODULUS (1024) - - -static void Usage(char *progName) -{ - fprintf(stderr, "Usage: %s [aAvf] [certtocheck] [issuingcert]\n", - progName); - fprintf(stderr, "%-20s Cert to check is base64 encoded\n", - "-a"); - fprintf(stderr, "%-20s Issuer's cert is base64 encoded\n", - "-A"); - fprintf(stderr, "%-20s Verbose (indicate decoding progress etc.)\n", - "-v"); - fprintf(stderr, "%-20s Force sanity checks even if pretty print fails.\n", - "-f"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - fprintf(stderr, "%-20s Specify the input type (no default)\n", - "-t type"); - exit(-1); -} - - -/* - * Check integer field named fieldName, printing out results and - * returning the length of the integer in bits - */ - -static -int checkInteger(SECItem *intItem, char *fieldName, int verbose) -{ - int len, bitlen; - if (verbose) { - printf("Checking %s\n", fieldName); - } - - len = intItem->len; - - if (len && (intItem->data[0] & 0x80)) { - printf("PROBLEM: %s is NEGATIVE 2's-complement integer.\n", - fieldName); - } - - - /* calculate bit length and check for unnecessary leading zeros */ - bitlen = len << 3; - if (len > 1 && intItem->data[0] == 0) { - /* leading zero byte(s) */ - if (!(intItem->data[1] & 0x80)) { - printf("PROBLEM: %s has unneeded leading zeros. Violates DER.\n", - fieldName); - } - /* strip leading zeros in length calculation */ - { - int i=0; - while (bitlen > 8 && intItem->data[i] == 0) { - bitlen -= 8; - i++; - } - } - } - return bitlen; -} - - - - -static -void checkName(CERTName *n, char *fieldName, int verbose) -{ - char *v=0; - if (verbose) { - printf("Checking %s\n", fieldName); - } - - v = CERT_GetCountryName(n); - if (!v) { - printf("PROBLEM: %s lacks Country Name (C)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetOrgName(n); - if (!v) { - printf("PROBLEM: %s lacks Organization Name (O)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetOrgUnitName(n); - if (!v) { - printf("WARNING: %s lacks Organization Unit Name (OU)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetCommonName(n); - if (!v) { - printf("PROBLEM: %s lacks Common Name (CN)\n", - fieldName); - } - PORT_Free(v); -} - - - - -/* - * Private version of verification that checks for agreement between - * signature algorithm oid (at the SignedData level) and oid in DigestInfo. - * - */ - - -/* Returns the tag for the hash algorithm in the given signature algorithm */ - static - int hashAlg(int sigAlgTag) { - int rv; - switch(sigAlgTag) { - case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION: - rv = SEC_OID_MD2; - break; - case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION: - rv = SEC_OID_MD5; - break; - case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: - rv = SEC_OID_SHA1; - break; - default: - rv = -1; - } - return rv; - } - - - -struct VFYContextStr { - int alg; - unsigned char digest[32]; - void *hasher; - void (*begin)(void *); - void (*update)(void *, unsigned char*, unsigned); - SECStatus (*end)(void *, unsigned char*, unsigned int*, unsigned); - void (*destroy)(void *, PRBool); -}; - - -static -SECStatus -OurVerifyData(unsigned char *buf, int len, SECKEYPublicKey *key, - SECItem *sig, SECAlgorithmID *sigAlgorithm) -{ - SECStatus rv; - VFYContext *cx; - SECOidData *sigAlgOid, *oiddata; - int sigAlgTag; - int hashAlgTag; - int showDigestOid=0; - - cx = VFY_CreateContext(key, sig, SECOID_GetAlgorithmTag(sigAlgorithm), - NULL); - if (cx == NULL) - return SECFailure; - - sigAlgOid = SECOID_FindOID(&sigAlgorithm->algorithm); - if (sigAlgOid == 0) - return SECFailure; - sigAlgTag = sigAlgOid->offset; - - hashAlgTag = hashAlg(sigAlgTag); - if (hashAlgTag == -1) { - printf("PROBLEM: Unsupported Digest Algorithm in DigestInfo"); - showDigestOid = 1; - } else if (hashAlgTag != cx->alg) { - printf("PROBLEM: Digest OID in DigestInfo is incompatible " - "with Signature Algorithm\n"); - showDigestOid = 1; - } - - if (showDigestOid) { - oiddata = SECOID_FindOIDByTag(cx->alg); - if ( oiddata ) { - printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc); - } else { - SECU_PrintAsHex(stdout, - &oiddata->oid, "PROBLEM: UNKNOWN OID", 0); - } - } - - rv = VFY_Begin(cx); - if (rv == SECSuccess) { - rv = VFY_Update(cx, buf, len); - if (rv == SECSuccess) - rv = VFY_End(cx); - } - - VFY_DestroyContext(cx, PR_TRUE); - return rv; -} - - - -static -SECStatus -OurVerifySignedData(CERTSignedData *sd, CERTCertificate *cert) -{ - SECItem sig; - SECKEYPublicKey *pubKey = 0; - SECStatus rv; - - /* check the certificate's validity */ - rv = CERT_CertTimesValid(cert); - if ( rv ) { - return(SECFailure); - } - - /* get cert's public key */ - pubKey = CERT_ExtractPublicKey(cert); - if ( !pubKey ) { - return(SECFailure); - } - - /* check the signature */ - sig = sd->signature; - DER_ConvertBitString(&sig); - rv = OurVerifyData(sd->data.data, sd->data.len, pubKey, &sig, - &sd->signatureAlgorithm); - - SECKEY_DestroyPublicKey(pubKey); - - if ( rv ) { - return(SECFailure); - } - - return(SECSuccess); -} - - - - -static -CERTCertificate *createEmptyCertificate(void) -{ - PRArenaPool *arena = 0; - CERTCertificate *c = 0; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - return 0; - } - - - c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate)); - - if (c) { - c->referenceCount = 1; - c->arena = arena; - } else { - PORT_FreeArena(arena,PR_TRUE); - } - - return c; -} - - - - -int main(int argc, char **argv) -{ - int rv, verbose=0, force=0; - int ascii=0, issuerAscii=0; - char *progName=0; - PRFileDesc *inFile=0, *issuerCertFile=0; - SECItem derCert, derIssuerCert; - PRArenaPool *arena=0; - CERTSignedData *signedData=0; - CERTCertificate *cert=0, *issuerCert=0; - SECKEYPublicKey *rsapubkey=0; - SECAlgorithmID md5WithRSAEncryption, md2WithRSAEncryption; - SECAlgorithmID sha1WithRSAEncryption, rsaEncryption; - SECItem spk; - int selfSigned=0; - int invalid=0; - char *inFileName = NULL, *issuerCertFileName = NULL; - PLOptState *optstate; - PLOptStatus status; - - PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption)); - PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption)); - PORT_Memset(&sha1WithRSAEncryption, 0, sizeof(sha1WithRSAEncryption)); - PORT_Memset(&rsaEncryption, 0, sizeof(rsaEncryption)); - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - optstate = PL_CreateOptState(argc, argv, "aAvf"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case 'v': - verbose = 1; - break; - - case 'f': - force = 1; - break; - - case 'a': - ascii = 1; - break; - - case 'A': - issuerAscii = 1; - break; - - case '\0': - if (!inFileName) - inFileName = PL_strdup(optstate->value); - else if (!issuerCertFileName) - issuerCertFileName = PL_strdup(optstate->value); - else - Usage(progName); - break; - } - } - - if (!inFileName || !issuerCertFileName || status == PL_OPT_BAD) { - /* insufficient or excess args */ - Usage(progName); - } - - inFile = PR_Open(inFileName, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, inFileName); - exit(1); - } - - issuerCertFile = PR_Open(issuerCertFileName, PR_RDONLY, 0); - if (!issuerCertFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, issuerCertFileName); - exit(1); - } - - if (SECU_ReadDERFromFile(&derCert, inFile, ascii) != SECSuccess) { - printf("Couldn't read input certificate as DER binary or base64\n"); - exit(1); - } - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == 0) { - fprintf(stderr,"%s: can't allocate scratch arena!", progName); - exit(1); - } - - if (issuerCertFile) { - CERTSignedData *issuerCertSD=0; - if (SECU_ReadDERFromFile(&derIssuerCert, issuerCertFile, issuerAscii) - != SECSuccess) { - printf("Couldn't read issuer certificate as DER binary or base64.\n"); - exit(1); - } - issuerCertSD = (CERTSignedData *) PORT_ArenaZAlloc(arena, - sizeof(CERTSignedData)); - if (!issuerCertSD) { - fprintf(stderr,"%s: can't allocate issuer signed data!", progName); - exit(1); - } - rv = SEC_ASN1DecodeItem(arena, issuerCertSD, - SEC_ASN1_GET(CERT_SignedDataTemplate), - &derIssuerCert); - if (rv) { - fprintf(stderr, "%s: Issuer cert isn't X509 SIGNED Data?\n", - progName); - exit(1); - } - issuerCert = createEmptyCertificate(); - if (!issuerCert) { - printf("%s: can't allocate space for issuer cert.", progName); - exit(1); - } - rv = SEC_ASN1DecodeItem(arena, issuerCert, - SEC_ASN1_GET(CERT_CertificateTemplate), - &issuerCertSD->data); - if (rv) { - printf("%s: Does not appear to be an X509 Certificate.\n", - progName); - exit(1); - } - } - - signedData = (CERTSignedData *) PORT_ArenaZAlloc(arena,sizeof(CERTSignedData)); - if (!signedData) { - fprintf(stderr,"%s: can't allocate signedData!", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, signedData, - SEC_ASN1_GET(CERT_SignedDataTemplate), - &derCert); - if (rv) { - fprintf(stderr, "%s: Does not appear to be X509 SIGNED Data.\n", - progName); - exit(1); - } - - if (verbose) { - printf("Decoded ok as X509 SIGNED data.\n"); - } - - cert = createEmptyCertificate(); - if (!cert) { - fprintf(stderr, "%s: can't allocate cert", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, cert, - SEC_ASN1_GET(CERT_CertificateTemplate), - &signedData->data); - if (rv) { - fprintf(stderr, "%s: Does not appear to be an X509 Certificate.\n", - progName); - exit(1); - } - - - if (verbose) { - printf("Decoded ok as an X509 certificate.\n"); - } - - - rv = SECU_PrintSignedData(stdout, &derCert, "Certificate", 0, - SECU_PrintCertificate); - - if (rv) { - fprintf(stderr, "%s: Unable to pretty print cert. Error: %d\n", - progName, PORT_GetError()); - if (!force) { - exit(1); - } - } - - - /* Do various checks on the cert */ - - printf("\n"); - - /* Check algorithms */ - SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption, - SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption, - SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption, - SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &rsaEncryption, - SEC_OID_PKCS1_RSA_ENCRYPTION, NULL); - - { - int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &md5WithRSAEncryption) == 0); - int isMD2RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &md2WithRSAEncryption) == 0); - int isSHA1RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &sha1WithRSAEncryption) == 0); - - if (verbose) { - printf("\nDoing algorithm checks.\n"); - } - - if (!(isMD5RSA || isMD2RSA || isSHA1RSA)) { - printf("PROBLEM: Signature not PKCS1 MD5, MD2, or SHA1 + RSA.\n"); - } else if (!isMD5RSA) { - printf("WARNING: Signature not PKCS1 MD5 with RSA Encryption\n"); - } - - if (SECOID_CompareAlgorithmID(&cert->signature, - &signedData->signatureAlgorithm)) { - printf("PROBLEM: Algorithm in sig and certInfo don't match.\n"); - } - } - - if (SECOID_CompareAlgorithmID(&cert->subjectPublicKeyInfo.algorithm, - &rsaEncryption)) { - printf("PROBLEM: Public key algorithm is not PKCS1 RSA Encryption.\n"); - } - - /* Check further public key properties */ - spk = cert->subjectPublicKeyInfo.subjectPublicKey; - DER_ConvertBitString(&spk); - - if (verbose) { - printf("\nsubjectPublicKey DER\n"); - rv = DER_PrettyPrint(stdout, &spk, PR_FALSE); - printf("\n"); - } - - rsapubkey = (SECKEYPublicKey *) - PORT_ArenaZAlloc(arena,sizeof(SECKEYPublicKey)); - if (!rsapubkey) { - fprintf(stderr, "%s: rsapubkey allocation failed.\n", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, rsapubkey, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), &spk); - if (rv) { - printf("PROBLEM: subjectPublicKey is not a DER PKCS1 RSAPublicKey.\n"); - } else { - int mlen; - int pubexp; - if (verbose) { - printf("Decoded RSA Public Key ok. Doing key checks.\n"); - } - PORT_Assert(rsapubkey->keyType == rsaKey); /* XXX RSA */ - mlen = checkInteger(&rsapubkey->u.rsa.modulus, "Modulus", verbose); - printf("INFO: Public Key modulus length in bits: %d\n", mlen); - if (mlen > MAX_MODULUS) { - printf("PROBLEM: Modulus length exceeds %d bits.\n", - MAX_MODULUS); - } - if (mlen < 512) { - printf("WARNING: Short modulus.\n"); - } - if (mlen != (1 << (ffs(mlen)-1))) { - printf("WARNING: Unusual modulus length (not a power of two).\n"); - } - checkInteger(&rsapubkey->u.rsa.publicExponent, "Public Exponent", - verbose); - pubexp = DER_GetInteger(&rsapubkey->u.rsa.publicExponent); - if (pubexp != 17 && pubexp != 3 && pubexp != 65537) { - printf("WARNING: Public exponent not any of: 3, 17, 65537\n"); - } - } - - - /* Name checks */ - checkName(&cert->issuer, "Issuer Name", verbose); - checkName(&cert->subject, "Subject Name", verbose); - - if (issuerCert) { - SECComparison c = - CERT_CompareName(&cert->issuer, &issuerCert->subject); - if (c) { - printf("PROBLEM: Issuer Name and Subject in Issuing Cert differ\n"); - } - } - - /* Check if self-signed */ - selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0); - if (selfSigned) { - printf("INFO: Certificate is self signed.\n"); - } else { - printf("INFO: Certificate is NOT self-signed.\n"); - } - - - /* Validity time check */ - if (CERT_CertTimesValid(cert) == SECSuccess) { - printf("INFO: Inside validity period of certificate.\n"); - } else { - printf("PROBLEM: Not in validity period of certificate.\n"); - invalid = 1; - } - - /* Signature check if self-signed */ - if (selfSigned && !invalid) { - if (rsapubkey->u.rsa.modulus.len) { - SECStatus ver; - if (verbose) { - printf("Checking self signature.\n"); - } - ver = OurVerifySignedData(signedData, cert); - if (ver != SECSuccess) { - printf("PROBLEM: Verification of self-signature failed!\n"); - } else { - printf("INFO: Self-signature verifies ok.\n"); - } - } else { - printf("INFO: Not checking signature due to key problems.\n"); - } - } else if (!selfSigned && !invalid && issuerCert) { - SECStatus ver; - ver = OurVerifySignedData(signedData, issuerCert); - if (ver != SECSuccess) { - printf("PROBLEM: Verification of issuer's signature failed!\n"); - } else { - printf("INFO: Issuer's signature verifies ok.\n"); - } - } else { - printf("INFO: Not checking signature.\n"); - } - - return 0; -} - - - diff --git a/security/nss/cmd/checkcert/makefile.win b/security/nss/cmd/checkcert/makefile.win deleted file mode 100644 index ff1fe62a74..0000000000 --- a/security/nss/cmd/checkcert/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = checkcert -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/checkcert/manifest.mn b/security/nss/cmd/checkcert/manifest.mn deleted file mode 100644 index 470c203ecf..0000000000 --- a/security/nss/cmd/checkcert/manifest.mn +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = checkcert.c - -PROGRAM = checkcert diff --git a/security/nss/cmd/cmdlib/Makefile b/security/nss/cmd/cmdlib/Makefile deleted file mode 100644 index 0769c80a37..0000000000 --- a/security/nss/cmd/cmdlib/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - diff --git a/security/nss/cmd/cmdlib/cmdline.c b/security/nss/cmd/cmdlib/cmdline.c deleted file mode 100644 index 84ad35be30..0000000000 --- a/security/nss/cmd/cmdlib/cmdline.c +++ /dev/null @@ -1,474 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include - -#include "cmdutil.h" - -static int s_indent_size = 4; - -void -CMD_SetIndentSize(int size) -{ - s_indent_size = size; -} - -#if 0 -static void -indent(PRFileDesc *out, int level) -{ - int i, j; - for (i=0; ifile = (outfile) ? outfile : PR_STDOUT; - ps->width = (width > 0) ? width : 80; - ps->indent = (indent > 0) ? indent : 0; - ps->linepos = 0; -} - -static void -print_ps_indent(cmdPrintState *ps) -{ - int j; - if (ps->linepos != 0) { - PR_fprintf(ps->file, "\n"); - ps->linepos = 0; - } - for (j=0; j<=ps->indent; j++) PR_fprintf(ps->file, " "); - ps->linepos = ps->indent; -} - -static void -print_ps_to_indent(cmdPrintState *ps) -{ - if (ps->linepos > ps->indent) - PR_fprintf(ps->file, "\n"); - while (ps->linepos <= ps->indent) { - PR_fprintf(ps->file, " "); - ps->linepos++; - } -} - -static void -nprintbuf(cmdPrintState *ps, char *buf, int start, int len) -{ - int j; - for (j=start; jfile, "\n"); - ps->linepos = 0; - print_ps_indent(ps); - } else { - PR_fprintf(ps->file, "%c", buf[j]); - ps->linepos++; - } - } -} - -static void -nprintf(cmdPrintState *ps, char *msg, ...) -{ - char buf[256]; - int i, len, grouplen; - PRBool openquote, openbracket, openparen, openangle, itsaword; - va_list args; - va_start(args, msg); - vsprintf(buf, msg, args); - len = strlen(buf); - /* print_ps_indent(ps); */ - if (len < ps->width - ps->linepos) { - nprintbuf(ps, buf, 0, len + 1); - return; - } - /* group in this order: " [ ( < word > ) ] " */ - i=0; - openquote=openbracket=openparen=openangle=itsaword=PR_FALSE; - while (iwidth - ps->linepos) { - nprintbuf(ps, buf, i, grouplen); - } else if (grouplen < ps->width - ps->indent) { - print_ps_indent(ps); - nprintbuf(ps, buf, i, grouplen); - } else { - /* it's just too darn long. what to do? */ - } - i += grouplen; - openquote=openbracket=openparen=openangle=itsaword=PR_FALSE; - } - va_end(args); -} - -void -CMD_PrintUsageString(cmdPrintState *ps, char *str) -{ - nprintf(ps, "%s", str); -} - -/* void because it exits with Usage() if failure */ -static void -command_line_okay(cmdCommand *cmd, char *progName) -{ - int i, c = -1; - /* user asked for help. hope somebody gives it to them. */ - if (cmd->opt[0].on) return; - /* check that the command got all of its needed options */ - for (i=0; incmd; i++) { - if (cmd->cmd[i].on) { - if (c > 0) { - fprintf(stderr, - "%s: only one command can be given at a time.\n", - progName); - CMD_Usage(progName, cmd); - } else { - c = i; - } - } - } - if (cmd->cmd[c].argUse == CMDArgReq && cmd->cmd[c].arg == NULL) { - /* where's the arg when you need it... */ - fprintf(stderr, "%s: command --%s requires an argument.\n", - progName, cmd->cmd[c].s); - fprintf(stderr, "type \"%s --%s --help\" for help.\n", - progName, cmd->cmd[c].s); - CMD_Usage(progName, cmd); - } - for (i=0; inopt; i++) { - if (cmd->cmd[c].req & CMDBIT(i)) { - /* command requires this option */ - if (!cmd->opt[i].on) { - /* but it ain't there */ - fprintf(stderr, "%s: command --%s requires option --%s.\n", - progName, cmd->cmd[c].s, cmd->opt[i].s); - } else { - /* okay, its there, but does it have an arg? */ - if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) { - fprintf(stderr, "%s: option --%s requires an argument.\n", - progName, cmd->opt[i].s); - } - } - } else if (cmd->cmd[c].opt & CMDBIT(i)) { - /* this option is optional */ - if (cmd->opt[i].on) { - /* okay, its there, but does it have an arg? */ - if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) { - fprintf(stderr, "%s: option --%s requires an argument.\n", - progName, cmd->opt[i].s); - } - } - } else { - /* command knows nothing about it */ - if (cmd->opt[i].on) { - /* so why the h--- is it on? */ - fprintf(stderr, "%s: option --%s not used with command --%s.\n", - progName, cmd->opt[i].s, cmd->cmd[c].s); - } - } - } -} - -static char * -get_arg(char *curopt, char **nextopt, int argc, int *index) -{ - char *str; - if (curopt) { - str = curopt; - } else { - if (*index + 1 >= argc) return NULL; - /* not really an argument but another flag */ - if (nextopt[*index+1][0] == '-') return NULL; - str = nextopt[++(*index)]; - } - /* parse the option */ - return strdup(str); -} - -int -CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd) -{ - int i, j, k; - int cmdToRun = -1; - char *flag; - i=1; - if (argc <= 1) return -2; /* gross hack for cmdless things like atob */ - do { - flag = argv[i]; - if (strlen(flag) < 2) /* huh? */ - return -1; - if (flag[0] != '-') - return -1; - /* ignore everything after lone "--" (app-specific weirdness there) */ - if (strcmp(flag, "--") == 0) - return cmdToRun; - /* single hyphen means short alias (single-char) */ - if (flag[1] != '-') { - j=1; - /* collect a set of opts, ex. -abc */ - while (flag[j] != '\0') { - PRBool found = PR_FALSE; - /* walk the command set looking for match */ - for (k=0; kncmd; k++) { - if (flag[j] == cmd->cmd[k].c) { - /* done - only take one command at a time */ - if (j > 1) return -1; - cmd->cmd[k].on = found = PR_TRUE; - cmdToRun = k; - if (cmd->cmd[k].argUse != CMDNoArg) - cmd->cmd[k].arg = get_arg(NULL, argv, argc, &i); - goto next_flag; - } - } - /* wasn't found in commands, try options */ - for (k=0; knopt; k++) { - if (flag[j] == cmd->opt[k].c) { - /* collect this option and keep going */ - cmd->opt[k].on = found = PR_TRUE; - if (flag[j+1] == '\0') { - if (cmd->opt[k].argUse != CMDNoArg) - cmd->opt[k].arg = get_arg(NULL, argv, argc, &i); - goto next_flag; - } - } - } - j++; - if (!found) return -1; - } - } else { /* long alias, ex. --list */ - char *fl = NULL, *arg = NULL; - PRBool hyphened = PR_FALSE; - fl = &flag[2]; - arg = strchr(fl, '='); - if (arg) { - *arg++ = '\0'; - } else { - arg = strchr(fl, '-'); - if (arg) { - hyphened = PR_TRUE; /* watch this, see below */ - *arg++ = '\0'; - } - } - for (k=0; kncmd; k++) { - if (strcmp(fl, cmd->cmd[k].s) == 0) { - cmd->cmd[k].on = PR_TRUE; - cmdToRun = k; - if (cmd->cmd[k].argUse != CMDNoArg || hyphened) { - cmd->cmd[k].arg = get_arg(arg, argv, argc, &i); - } - if (arg) arg[-1] = '='; - goto next_flag; - } - } - for (k=0; knopt; k++) { - if (strcmp(fl, cmd->opt[k].s) == 0) { - cmd->opt[k].on = PR_TRUE; - if (cmd->opt[k].argUse != CMDNoArg || hyphened) { - cmd->opt[k].arg = get_arg(arg, argv, argc, &i); - } - if (arg) arg[-1] = '='; - goto next_flag; - } - } - return -1; - } -next_flag: - i++; - } while (i < argc); - command_line_okay(cmd, progName); - return cmdToRun; -} - -void -CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback usage) -{ - int i, j; - PRBool oneCommand = PR_FALSE; - cmdPrintState ps; - init_print_ps(&ps, PR_STDERR, 80, 0); - nprintf(&ps, "\n%s: ", progName); - /* prints app-specific header */ - ps.indent = strlen(progName) + 4; - usage(&ps, 0, PR_FALSE, PR_TRUE, PR_FALSE); - for (i=0; incmd; i++) if (cmd->cmd[i].on) oneCommand = PR_TRUE; - for (i=0; incmd; i++) { - if ((oneCommand && cmd->cmd[i].on) || !oneCommand) { - ps.indent = 0; - print_ps_indent(&ps); - if (cmd->cmd[i].c != 0) { - nprintf(&ps, "-%c, ", cmd->cmd[i].c); - nprintf(&ps, "--%-16s ", cmd->cmd[i].s); - } else { - nprintf(&ps, "--%-20s ", cmd->cmd[i].s); - } - ps.indent += 20; - usage(&ps, i, PR_TRUE, PR_FALSE, PR_FALSE); - for (j=0; jnopt; j++) { - if (cmd->cmd[i].req & CMDBIT(j)) { - ps.indent = 0; - print_ps_indent(&ps); - nprintf(&ps, "%3s* ", ""); - if (cmd->opt[j].c != 0) { - nprintf(&ps, "-%c, ", cmd->opt[j].c); - nprintf(&ps, "--%-16s ", cmd->opt[j].s); - } else { - nprintf(&ps, "--%-20s ", cmd->opt[j].s); - } - ps.indent += 29; - usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE); - } - } - for (j=0; jnopt; j++) { - if (cmd->cmd[i].opt & CMDBIT(j)) { - ps.indent = 0; - print_ps_indent(&ps); - nprintf(&ps, "%5s", ""); - if (cmd->opt[j].c != 0) { - nprintf(&ps, "-%c, ", cmd->opt[j].c); - nprintf(&ps, "--%-16s ", cmd->opt[j].s); - } else { - nprintf(&ps, "--%-20s ", cmd->opt[j].s); - } - ps.indent += 29; - usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE); - } - } - } - nprintf(&ps, "\n"); - } - ps.indent = 0; - nprintf(&ps, "\n* - required flag for command\n\n"); - /* prints app-specific footer */ - usage(&ps, 0, PR_FALSE, PR_FALSE, PR_TRUE); - /*nprintf(&ps, "\n\n");*/ - exit(1); -} - -void -CMD_Usage(char *progName, cmdCommand *cmd) -{ - int i, j, inc; - PRBool first; - cmdPrintState ps; - init_print_ps(&ps, PR_STDERR, 80, 0); - nprintf(&ps, "%s", progName); - ps.indent = strlen(progName) + 1; - print_ps_to_indent(&ps); - for (i=0; incmd; i++) { - if (cmd->cmd[i].c != 0) { - nprintf(&ps, "-%c", cmd->cmd[i].c); - inc = 4; - } else { - nprintf(&ps, "--%s", cmd->cmd[i].s); - inc = 4 + strlen(cmd->cmd[i].s); - } - first = PR_TRUE; - ps.indent += inc; - print_ps_to_indent(&ps); - for (j=0; jnopt; j++) { - if (cmd->cmd[i].req & CMDBIT(j)) { - if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) { - if (first) { - nprintf(&ps, "-"); - first = !first; - } - nprintf(&ps, "%c", cmd->opt[j].c); - } - } - } - for (j=0; jnopt; j++) { - if (cmd->cmd[i].req & CMDBIT(j)) { - if (cmd->opt[j].c != 0) - nprintf(&ps, "-%c ", cmd->opt[j].c); - else - nprintf(&ps, "--%s ", cmd->opt[j].s); - if (cmd->opt[j].argUse != CMDNoArg) - nprintf(&ps, "%s ", cmd->opt[j].s); - } - } - first = PR_TRUE; - for (j=0; jnopt; j++) { - if (cmd->cmd[i].opt & CMDBIT(j)) { - if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) { - if (first) { - nprintf(&ps, "[-"); - first = !first; - } - nprintf(&ps, "%c", cmd->opt[j].c); - } - } - } - if (!first) nprintf(&ps, "] "); - for (j=0; jnopt; j++) { - if (cmd->cmd[i].opt & CMDBIT(j) && - cmd->opt[j].argUse != CMDNoArg) { - if (cmd->opt[j].c != 0) - nprintf(&ps, "[-%c %s] ", cmd->opt[j].c, cmd->opt[j].s); - else - nprintf(&ps, "[--%s %s] ", cmd->opt[j].s, cmd->opt[j].s); - } - } - ps.indent -= inc; - print_ps_indent(&ps); - } - ps.indent = 0; - nprintf(&ps, "\n"); - exit(1); -} diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h deleted file mode 100644 index 69d3f2657d..0000000000 --- a/security/nss/cmd/cmdlib/cmdutil.h +++ /dev/null @@ -1,115 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef _CMDUTIL_H_ -#define _CMDUTIL_H_ - -#include -#include "nspr.h" -#include "nssbase.h" - -typedef int -(* CMD_PPFunc)(PRFileDesc *out, NSSItem *item, char *msg, int level); - - -/* - * Command Line Parsing routines - * - * The attempt here is to provide common functionality for command line - * parsing across an array of tools. The tools should obey the historical - * rules of: - * - * (1) one command per line, - * (2) the command should be uppercase, - * (3) options should be lowercase, - * (4) a short usage statement is presented in case of error, - * (5) a long usage statement is given by -? or --help - */ - -/* To aid in formatting usage output. XXX Uh, why exposed? */ -typedef struct cmdPrintStateStr cmdPrintState; - -typedef enum { - CMDArgReq = 0, - CMDArgOpt, - CMDNoArg -} CMDArg; - -struct cmdCommandLineArgStr { - char c; /* one-character alias for flag */ - char *s; /* string alias for flag */ - CMDArg argUse; /* flag takes an argument */ - char *arg; /* argument given for flag */ - PRBool on; /* flag was issued at command-line */ - int req; /* required arguments for commands */ - int opt; /* optional arguments for commands */ -}; - -struct cmdCommandLineOptStr { - char c; /* one-character alias for flag */ - char *s; /* string alias for flag */ - CMDArg argUse; /* flag takes an argument */ - char *arg; /* argument given for flag */ - PRBool on; /* flag was issued at command-line */ -}; - -typedef struct cmdCommandLineArgStr cmdCommandLineArg; -typedef struct cmdCommandLineOptStr cmdCommandLineOpt; - -struct cmdCommandStr { - int ncmd; - int nopt; - cmdCommandLineArg *cmd; - cmdCommandLineOpt *opt; -}; - -typedef struct cmdCommandStr cmdCommand; - -int -CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd); - -typedef void -(* cmdUsageCallback)(cmdPrintState *, int, PRBool, PRBool, PRBool); - -#define CMDBIT(n) (1<derSubject, type); - if (crl ==NULL) - SECU_PrintError - (progName, "could not find %s's CRL", name); - CERT_DestroyCertificate (cert); - return (crl); -} - -static void DisplayCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType) -{ - CERTCertificate *cert = NULL; - CERTSignedCrl *crl = NULL; - - crl = FindCRL (certHandle, nickName, crlType); - - if (crl) { - SECU_PrintCRLInfo (stdout, &crl->crl, "CRL Info:\n", 0); - SEC_DestroyCrl (crl); - } -} - -static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType, PRBool deletecrls) -{ - CERTCrlHeadNode *crlList = NULL; - CERTCrlNode *crlNode = NULL; - CERTName *name = NULL; - PRArenaPool *arena = NULL; - SECStatus rv; - - do { - arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE); - if (arena == NULL) { - fprintf(stderr, "%s: fail to allocate memory\n", progName); - break; - } - - name = PORT_ArenaZAlloc (arena, sizeof(*name)); - if (name == NULL) { - fprintf(stderr, "%s: fail to allocate memory\n", progName); - break; - } - name->arena = arena; - - rv = SEC_LookupCrls (certHandle, &crlList, crlType); - if (rv != SECSuccess) { - fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName, - SECU_Strerror(PORT_GetError())); - break; - } - - /* just in case */ - if (!crlList) - break; - - crlNode = crlList->first; - - fprintf (stdout, "\n"); - fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type"); - while (crlNode) { - char* asciiname = NULL; - name = &crlNode->crl->crl.name; - if (!name){ - fprintf(stderr, "%s: fail to get the CRL issuer name (%s)\n", progName, - SECU_Strerror(PORT_GetError())); - break; - } - - asciiname = CERT_NameToAscii(name); - fprintf (stdout, "\n%-40s %-5s\n", asciiname, "CRL"); - if (asciiname) { - PORT_Free(asciiname); - } - if ( PR_TRUE == deletecrls) { - CERTSignedCrl* acrl = NULL; - SECItem* issuer = &crlNode->crl->crl.derName; - acrl = SEC_FindCrlByName(certHandle, issuer, crlType); - if (acrl) - { - SEC_DeletePermCRL(acrl); - } - } - crlNode = crlNode->next; - } - - } while (0); - if (crlList) - PORT_FreeArena (crlList->arena, PR_FALSE); - PORT_FreeArena (arena, PR_FALSE); -} - -static void ListCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType) -{ - if (nickName == NULL) - ListCRLNames (certHandle, crlType, PR_FALSE); - else - DisplayCRL (certHandle, nickName, crlType); -} - - - -static SECStatus DeleteCRL (CERTCertDBHandle *certHandle, char *name, int type) -{ - CERTSignedCrl *crl = NULL; - SECStatus rv = SECFailure; - - crl = FindCRL (certHandle, name, type); - if (!crl) { - SECU_PrintError - (progName, "could not find the issuer %s's CRL", name); - return SECFailure; - } - rv = SEC_DeletePermCRL (crl); - if (rv != SECSuccess) { - SECU_PrintError - (progName, "fail to delete the issuer %s's CRL from the perm database (reason: %s)", - name, SECU_Strerror(PORT_GetError())); - return SECFailure; - } - return (rv); -} - -SECStatus ImportCRL (CERTCertDBHandle *certHandle, char *url, int type, - PRFileDesc *inFile, PRInt32 importOptions, PRInt32 decodeOptions) -{ - CERTCertificate *cert = NULL; - CERTSignedCrl *crl = NULL; - SECItem crlDER; - PK11SlotInfo* slot = NULL; - int rv; - PRIntervalTime starttime, endtime, elapsed; - PRUint32 mins, secs, msecs; - - crlDER.data = NULL; - - - /* Read in the entire file specified with the -f argument */ - rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE); - if (rv != SECSuccess) { - SECU_PrintError(progName, "unable to read input file"); - return (SECFailure); - } - - decodeOptions |= CRL_DECODE_DONT_COPY_DER; - - slot = PK11_GetInternalKeySlot(); - - starttime = PR_IntervalNow(); - crl = PK11_ImportCRL(slot, &crlDER, url, type, - NULL, importOptions, NULL, decodeOptions); - endtime = PR_IntervalNow(); - elapsed = endtime - starttime; - mins = PR_IntervalToSeconds(elapsed) / 60; - secs = PR_IntervalToSeconds(elapsed) % 60; - msecs = PR_IntervalToMilliseconds(elapsed) % 1000; - printf("Elapsed : %2d:%2d.%3d\n", mins, secs, msecs); - if (!crl) { - const char *errString; - - errString = SECU_Strerror(PORT_GetError()); - if ( errString && PORT_Strlen (errString) == 0) - SECU_PrintError - (progName, "CRL is not imported (error: input CRL is not up to date.)"); - else - SECU_PrintError - (progName, "unable to import CRL"); - } - SEC_DestroyCrl (crl); - if (slot) { - PK11_FreeSlot(slot); - } - return (rv); -} - - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s -L [-n nickname] [-d keydir] [-P dbprefix] [-t crlType]\n" - " %s -D -n nickname [-d keydir] [-P dbprefix]\n" - " %s -I -i crl -t crlType [-u url] [-d keydir] [-P dbprefix] [-B]\n" - " %s -E -t crlType [-d keydir] [-P dbprefix]\n" - " %s -T\n", progName, progName, progName, progName, progName); - - fprintf (stderr, "%-15s List CRL\n", "-L"); - fprintf(stderr, "%-20s Specify the nickname of the CA certificate\n", - "-n nickname"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n", - "-P dbprefix"); - - fprintf (stderr, "%-15s Delete a CRL from the cert database\n", "-D"); - fprintf(stderr, "%-20s Specify the nickname for the CA certificate\n", - "-n nickname"); - fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n", - "-P dbprefix"); - - fprintf (stderr, "%-15s Erase all CRLs of specified type from hte cert database\n", "-E"); - fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n", - "-P dbprefix"); - - fprintf (stderr, "%-15s Import a CRL to the cert database\n", "-I"); - fprintf(stderr, "%-20s Specify the file which contains the CRL to import\n", - "-i crl"); - fprintf(stderr, "%-20s Specify the url.\n", "-u url"); - fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - fprintf(stderr, "%-20s Cert & Key database prefix (default is \"\")\n", - "-P dbprefix"); -#ifdef DEBUG - fprintf (stderr, "%-15s Test . Only for debugging purposes. See source code\n", "-T"); -#endif - fprintf(stderr, "%-20s CRL Types (default is SEC_CRL_TYPE):\n", " "); - fprintf(stderr, "%-20s \t 0 - SEC_KRL_TYPE\n", " "); - fprintf(stderr, "%-20s \t 1 - SEC_CRL_TYPE\n", " "); - fprintf(stderr, "\n%-20s Bypass CA certificate checks.\n", "-B"); - fprintf(stderr, "\n%-20s Partial decode for faster operation.\n", "-p"); - fprintf(stderr, "%-20s Repeat the operation.\n", "-r "); - - exit(-1); -} - -int main(int argc, char **argv) -{ - SECItem privKeyDER; - CERTCertDBHandle *certHandle; - FILE *certFile; - PRFileDesc *inFile; - int listCRL; - int importCRL; - int deleteCRL; - int rv; - char *nickName; - char *url; - char *dbPrefix = ""; - int crlType; - PLOptState *optstate; - PLOptStatus status; - SECStatus secstatus; - PRBool bypassChecks = PR_FALSE; - PRInt32 decodeOptions = CRL_DECODE_DEFAULT_OPTIONS; - PRInt32 importOptions = CRL_IMPORT_DEFAULT_OPTIONS; - PRBool test = PR_FALSE; - PRBool erase = PR_FALSE; - PRInt32 i = 0; - PRInt32 iterations = 1; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = 0; - deleteCRL = importCRL = listCRL = 0; - certFile = NULL; - inFile = NULL; - nickName = url = NULL; - privKeyDER.data = NULL; - certHandle = NULL; - crlType = SEC_CRL_TYPE; - /* - * Parse command line arguments - */ - optstate = PL_CreateOptState(argc, argv, "BCDILP:d:i:n:pt:u:TEr:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'T': - test = PR_TRUE; - break; - - case 'E': - erase = PR_TRUE; - break; - - case 'B': - importOptions |= CRL_IMPORT_BYPASS_CHECKS; - break; - - case 'C': - listCRL = 1; - break; - - case 'D': - deleteCRL = 1; - break; - - case 'I': - importCRL = 1; - break; - - case 'L': - listCRL = 1; - break; - - case 'P': - dbPrefix = strdup(optstate->value); - break; - - case 'd': - SECU_ConfigDirectory(optstate->value); - break; - - case 'i': - inFile = PR_Open(optstate->value, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - PL_DestroyOptState(optstate); - return -1; - } - break; - - case 'n': - nickName = strdup(optstate->value); - break; - - case 'p': - decodeOptions |= CRL_DECODE_SKIP_ENTRIES; - break; - - case 'r': { - const char* str = optstate->value; - if (str && atoi(str)>0) - iterations = atoi(str); - } - break; - - case 't': { - char *type; - - type = strdup(optstate->value); - crlType = atoi (type); - if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) { - fprintf(stderr, "%s: invalid crl type\n", progName); - PL_DestroyOptState(optstate); - return -1; - } - break; - - case 'u': - url = strdup(optstate->value); - break; - } - } - } - PL_DestroyOptState(optstate); - - if (deleteCRL && !nickName) Usage (progName); - if (!(listCRL || deleteCRL || importCRL || test || erase)) Usage (progName); - if (importCRL && !inFile) Usage (progName); - - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - secstatus = NSS_Initialize(SECU_ConfigDirectory(NULL), dbPrefix, dbPrefix, - "secmod.db", 0); - if (secstatus != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - - certHandle = CERT_GetDefaultCertDB(); - if (certHandle == NULL) { - SECU_PrintError(progName, "unable to open the cert db"); - NSS_Shutdown(); - return (-1); - } - - for (i=0; i - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = crlutil -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/crlutil/manifest.mn b/security/nss/cmd/crlutil/manifest.mn deleted file mode 100644 index 169deb28a3..0000000000 --- a/security/nss/cmd/crlutil/manifest.mn +++ /dev/null @@ -1,53 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = crlutil.c - -# this has to be different for NT and UNIX. -# PROGRAM = ./$(OBJDIR)/crlutil.exe -PROGRAM = crlutil - -#USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/crmf-cgi/Makefile b/security/nss/cmd/crmf-cgi/Makefile deleted file mode 100644 index 23cb6f6b53..0000000000 --- a/security/nss/cmd/crmf-cgi/Makefile +++ /dev/null @@ -1,81 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -EXTRA_LIBS += $(DIST)/lib/crmf.lib -else -EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) -endif -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk - diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/nss/cmd/crmf-cgi/config.mk deleted file mode 100644 index bcbaa28041..0000000000 --- a/security/nss/cmd/crmf-cgi/config.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(PROGRAM) -SHARED_LIBRARY = -IMPORT_LIBRARY = -LIBRARY = - diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c deleted file mode 100644 index 72199cfd5b..0000000000 --- a/security/nss/cmd/crmf-cgi/crmfcgi.c +++ /dev/null @@ -1,1124 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "seccomon.h" -#include "nss.h" -#include "key.h" -#include "cert.h" -#include "pk11func.h" -#include "secmod.h" -#include "cmmf.h" -#include "crmf.h" -#include "base64.h" -#include "secasn1.h" -#include "cryptohi.h" -#include -#include -#include - -#define DEFAULT_ALLOC_SIZE 200 -#define DEFAULT_CGI_VARS 20 - -typedef struct CGIVariableStr { - char *name; - char *value; -} CGIVariable; - -typedef struct CGIVarTableStr { - CGIVariable **variables; - int numVars; - int numAlloc; -} CGIVarTable; - -typedef struct CertResponseInfoStr { - CERTCertificate *cert; - long certReqID; -} CertResponseInfo; - -typedef struct ChallengeCreationInfoStr { - long random; - SECKEYPublicKey *pubKey; -} ChallengeCreationInfo; - -char *missingVar = NULL; - -/* - * Error values. - */ -typedef enum { - NO_ERROR = 0, - NSS_INIT_FAILED, - AUTH_FAILED, - REQ_CGI_VAR_NOT_PRESENT, - CRMF_REQ_NOT_PRESENT, - BAD_ASCII_FOR_REQ, - CGI_VAR_MISSING, - COULD_NOT_FIND_CA, - COULD_NOT_DECODE_REQS, - OUT_OF_MEMORY, - ERROR_RETRIEVING_REQUEST_MSG, - ERROR_RETRIEVING_CERT_REQUEST, - ERROR_RETRIEVING_SUBJECT_FROM_REQ, - ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ, - ERROR_CREATING_NEW_CERTIFICATE, - COULD_NOT_START_EXTENSIONS, - ERROR_RETRIEVING_EXT_FROM_REQ, - ERROR_ADDING_EXT_TO_CERT, - ERROR_ENDING_EXTENSIONS, - COULD_NOT_FIND_ISSUER_PRIVATE_KEY, - UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER, - ERROR_SETTING_SIGN_ALG, - ERROR_ENCODING_NEW_CERT, - ERROR_SIGNING_NEW_CERT, - ERROR_CREATING_CERT_REP_CONTENT, - ERROR_CREATING_SINGLE_CERT_RESPONSE, - ERROR_SETTING_CERT_RESPONSES, - ERROR_CREATING_CA_LIST, - ERROR_ADDING_ISSUER_TO_CA_LIST, - ERROR_ENCODING_CERT_REP_CONTENT, - NO_POP_FOR_REQUEST, - UNSUPPORTED_POP, - ERROR_RETRIEVING_POP_SIGN_KEY, - ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY, - ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY, - DO_CHALLENGE_RESPONSE, - ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT, - ERROR_ENCODING_CERT_REQ_FOR_POP, - ERROR_VERIFYING_SIGNATURE_POP, - ERROR_RETRIEVING_PUB_KEY_FOR_CHALL, - ERROR_CREATING_EMPTY_CHAL_CONTENT, - ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER, - ERROR_SETTING_CHALLENGE, - ERROR_ENCODING_CHALL, - ERROR_CONVERTING_CHALL_TO_BASE64, - ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN, - ERROR_CREATING_KEY_RESP_FROM_DER, - ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE, - ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED, - ERROR_GETTING_KEY_ENCIPHERMENT, - ERROR_NO_POP_FOR_PRIVKEY, - ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE -} ErrorCode; - -const char * -CGITableFindValue(CGIVarTable *varTable, const char *key); - -void -spitOutHeaders(void) -{ - printf("Content-type: text/html\n\n"); -} - -void -dumpRequest(CGIVarTable *varTable) -{ - int i; - CGIVariable *var; - - printf ("\n"); - printf ("" - "\n"); - for (i=0; inumVars; i++) { - var = varTable->variables[i]; - printf ("\n", - var->name, var->value); - } - printf("
Variable Name
Value
%s
%s
\n"); -} - -void -echo_request(CGIVarTable *varTable) -{ - spitOutHeaders(); - printf("CGI Echo Page\n" - "

Got the following request

\n"); - dumpRequest(varTable); - printf(""); -} - -void -processVariable(CGIVariable *var) -{ - char *plusSign, *percentSign; - - /*First look for all of the '+' and convert them to spaces */ - plusSign = var->value; - while ((plusSign=strchr(plusSign, '+')) != NULL) { - *plusSign = ' '; - } - percentSign = var->value; - while ((percentSign=strchr(percentSign, '%')) != NULL) { - char string[3]; - int value; - - string[0] = percentSign[1]; - string[1] = percentSign[2]; - string[2] = '\0'; - - sscanf(string,"%x", &value); - *percentSign = (char)value; - memmove(&percentSign[1], &percentSign[3], 1+strlen(&percentSign[3])); - } -} - -char * -parseNextVariable(CGIVarTable *varTable, char *form_output) -{ - char *ampersand, *equal; - CGIVariable *var; - - if (varTable->numVars == varTable->numAlloc) { - CGIVariable **newArr = realloc(varTable->variables, - (varTable->numAlloc + DEFAULT_CGI_VARS)*sizeof(CGIVariable*)); - if (newArr == NULL) { - return NULL; - } - varTable->variables = newArr; - varTable->numAlloc += DEFAULT_CGI_VARS; - } - equal = strchr(form_output, '='); - if (equal == NULL) { - return NULL; - } - ampersand = strchr(equal, '&'); - if (ampersand == NULL) { - return NULL; - } - equal[0] = '\0'; - if (ampersand != NULL) { - ampersand[0] = '\0'; - } - var = malloc(sizeof(CGIVariable)); - var->name = form_output; - var->value = &equal[1]; - varTable->variables[varTable->numVars] = var; - varTable->numVars++; - processVariable(var); - return (ampersand != NULL) ? &ersand[1] : NULL; -} - -void -ParseInputVariables(CGIVarTable *varTable, char *form_output) -{ - varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS); - varTable->numVars = 0; - varTable->numAlloc = DEFAULT_CGI_VARS; - while (form_output && form_output[0] != '\0') { - form_output = parseNextVariable(varTable, form_output); - } -} - -const char * -CGITableFindValue(CGIVarTable *varTable, const char *key) -{ - const char *retVal = NULL; - int i; - - for (i=0; inumVars; i++) { - if (strcmp(varTable->variables[i]->name, key) == 0) { - retVal = varTable->variables[i]->value; - break; - } - } - return retVal; -} - -char* -passwordCallback(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - const char *passwd; - if (retry) { - return NULL; - } - passwd = CGITableFindValue((CGIVarTable*)arg, "dbPassword"); - if (passwd == NULL) { - return NULL; - } - return PORT_Strdup(passwd); -} - -ErrorCode -initNSS(CGIVarTable *varTable) -{ - const char *nssDir; - PK11SlotInfo *keySlot; - SECStatus rv; - - nssDir = CGITableFindValue(varTable,"NSSDirectory"); - if (nssDir == NULL) { - missingVar = "NSSDirectory"; - return REQ_CGI_VAR_NOT_PRESENT; - } - rv = NSS_Init(nssDir); - if (rv != SECSuccess) { - return NSS_INIT_FAILED; - } - PK11_SetPasswordFunc(passwordCallback); - keySlot = PK11_GetInternalKeySlot(); - rv = PK11_Authenticate(keySlot, PR_FALSE, varTable); - PK11_FreeSlot(keySlot); - if (rv != SECSuccess) { - return AUTH_FAILED; - } - return NO_ERROR; -} - -void -dumpErrorMessage(ErrorCode errNum) -{ - spitOutHeaders(); - printf("Error

Error processing " - "data

Received the error %d

", errNum); - if (errNum == REQ_CGI_VAR_NOT_PRESENT) { - printf ("The missing variable is %s.", missingVar); - } - printf ("More useful information here in the future."); -} - -ErrorCode -initOldCertReq(CERTCertificateRequest *oldCertReq, - CERTName *subject, CERTSubjectPublicKeyInfo *spki) -{ - PRArenaPool *poolp; - - poolp = oldCertReq->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SEC_ASN1EncodeInteger(poolp, &oldCertReq->version, - SEC_CERTIFICATE_VERSION_3); - CERT_CopyName(poolp, &oldCertReq->subject, subject); - SECKEY_CopySubjectPublicKeyInfo(poolp, &oldCertReq->subjectPublicKeyInfo, - spki); - oldCertReq->attributes = NULL; - return NO_ERROR; -} - -ErrorCode -addExtensions(CERTCertificate *newCert, CRMFCertRequest *certReq) -{ - int numExtensions, i; - void *extHandle; - ErrorCode rv = NO_ERROR; - CRMFCertExtension *ext; - SECStatus srv; - - numExtensions = CRMF_CertRequestGetNumberOfExtensions(certReq); - if (numExtensions == 0) { - /* No extensions to add */ - return NO_ERROR; - } - extHandle = CERT_StartCertExtensions(newCert); - if (extHandle == NULL) { - rv = COULD_NOT_START_EXTENSIONS; - goto loser; - } - for (i=0; idata, der->len); - PR_Close(outfile); - -} - -ErrorCode -createNewCert(CERTCertificate**issuedCert,CERTCertificateRequest *oldCertReq, - CRMFCertReqMsg *currReq, CRMFCertRequest *certReq, - CERTCertificate *issuerCert, CGIVarTable *varTable) -{ - CERTCertificate *newCert = NULL; - CERTValidity *validity; - PRExplodedTime printableTime; - PRTime now, after; - ErrorCode rv=NO_ERROR; - SECKEYPrivateKey *issuerPrivKey; - SECItem derCert = { 0 }; - SECOidTag signTag; - SECStatus srv; - long version; - - now = PR_Now(); - PR_ExplodeTime(now, PR_GMTParameters, &printableTime); - printableTime.tm_month += 9; - after = PR_ImplodeTime(&printableTime); - validity = CERT_CreateValidity(now, after); - newCert = *issuedCert = - CERT_CreateCertificate(rand(), &(issuerCert->subject), validity, - oldCertReq); - if (newCert == NULL) { - rv = ERROR_CREATING_NEW_CERTIFICATE; - goto loser; - } - rv = addExtensions(newCert, certReq); - if (rv != NO_ERROR) { - goto loser; - } - issuerPrivKey = PK11_FindKeyByAnyCert(issuerCert, varTable); - if (issuerPrivKey == NULL) { - rv = COULD_NOT_FIND_ISSUER_PRIVATE_KEY; - } - switch(issuerPrivKey->keyType) { - case rsaKey: - signTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - signTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - rv = UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER; - goto loser; - } - srv = SECOID_SetAlgorithmID(newCert->arena, &newCert->signature, - signTag, 0); - if (srv != SECSuccess) { - rv = ERROR_SETTING_SIGN_ALG; - goto loser; - } - srv = CRMF_CertRequestGetCertTemplateVersion(certReq, &version); - if (srv != SECSuccess) { - /* No version included in the request */ - *(newCert->version.data) = SEC_CERTIFICATE_VERSION_3; - } else { - SECITEM_FreeItem(&newCert->version, PR_FALSE); - SEC_ASN1EncodeInteger(newCert->arena, &newCert->version, version); - } - SEC_ASN1EncodeItem(newCert->arena, &derCert, newCert, - CERT_CertificateTemplate); - if (derCert.data == NULL) { - rv = ERROR_ENCODING_NEW_CERT; - goto loser; - } - srv = SEC_DerSignData(newCert->arena, &(newCert->derCert), derCert.data, - derCert.len, issuerPrivKey, signTag); - if (srv != SECSuccess) { - rv = ERROR_SIGNING_NEW_CERT; - goto loser; - } -#ifdef WRITE_OUT_RESPONSE - writeOutItem("newcert.der", &newCert->derCert); -#endif - return NO_ERROR; - loser: - *issuedCert = NULL; - if (newCert) { - CERT_DestroyCertificate(newCert); - } - return rv; - -} - -void -formatCMMFResponse(char *nickname, char *base64Response) -{ - char *currLine, *nextLine; - - printf("var retVal = crypto.importUserCertificates(\"%s\",\n", nickname); - currLine = base64Response; - while (1) { - nextLine = strchr(currLine, '\n'); - if (nextLine == NULL) { - /* print out the last line here. */ - printf ("\"%s\",\n", currLine); - break; - } - nextLine[0] = '\0'; - printf("\"%s\\n\"+\n", currLine); - currLine = nextLine+1; - } - printf("true);\n" - "if(retVal == '') {\n" - "\tdocument.write(\"

New Certificate Succesfully Imported.

\");\n" - "} else {\n" - "\tdocument.write(\"

Unable to import New Certificate

\");\n" - "\tdocument.write(\"crypto.importUserCertificates returned \");\n" - "\tdocument.write(retVal);\n" - "\tdocument.write(\"\");\n" - "}\n"); -} - -void -spitOutCMMFResponse(char *nickname, char *base64Response) -{ - spitOutHeaders(); - printf("\n\nCMMF Resonse Page\n\n\n" - "

CMMF Response Page

\n" - "\n\n"); -} - -char* -getNickname(CERTCertificate *cert) -{ - char *nickname; - - if (cert->nickname != NULL) { - return cert->nickname; - } - nickname = CERT_GetCommonName(&cert->subject); - if (nickname != NULL) { - return nickname; - } - return CERT_NameToAscii(&cert->subject); -} - -ErrorCode -createCMMFResponse(CertResponseInfo *issuedCerts, int numCerts, - CERTCertificate *issuerCert, char **base64der) -{ - CMMFCertRepContent *certRepContent=NULL; - ErrorCode rv = NO_ERROR; - CMMFCertResponse **responses, *currResponse; - CERTCertList *caList; - int i; - SECStatus srv; - PRArenaPool *poolp; - SECItem *der; - - certRepContent = CMMF_CreateCertRepContent(); - if (certRepContent == NULL) { - rv = ERROR_CREATING_CERT_REP_CONTENT; - goto loser; - } - responses = PORT_NewArray(CMMFCertResponse*, numCerts); - if (responses == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - for (i=0; idata, der->len); - return NO_ERROR; - loser: - return rv; -} - -ErrorCode -issueCerts(CertResponseInfo *issuedCerts, int numCerts, - CERTCertificate *issuerCert) -{ - ErrorCode rv; - char *base64Response; - - rv = createCMMFResponse(issuedCerts, numCerts, issuerCert, &base64Response); - if (rv != NO_ERROR) { - goto loser; - } - spitOutCMMFResponse(getNickname(issuedCerts[0].cert),base64Response); - return NO_ERROR; - loser: - return rv; -} - -ErrorCode -verifySignature(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert) -{ - SECStatus srv; - ErrorCode rv = NO_ERROR; - CRMFPOPOSigningKey *signKey = NULL; - SECAlgorithmID *algID = NULL; - SECItem *signature = NULL; - SECKEYPublicKey *pubKey = NULL; - SECItem *reqDER = NULL; - - srv = CRMF_CertReqMsgGetPOPOSigningKey(currReq, &signKey); - if (srv != SECSuccess || signKey == NULL) { - rv = ERROR_RETRIEVING_POP_SIGN_KEY; - goto loser; - } - algID = CRMF_POPOSigningKeyGetAlgID(signKey); - if (algID == NULL) { - rv = ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY; - goto loser; - } - signature = CRMF_POPOSigningKeyGetSignature(signKey); - if (signature == NULL) { - rv = ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY; - goto loser; - } - /* Make the length the number of bytes instead of bits */ - signature->len = (signature->len+7)/8; - pubKey = CERT_ExtractPublicKey(newCert); - if (pubKey == NULL) { - rv = ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT; - goto loser; - } - reqDER = SEC_ASN1EncodeItem(NULL, NULL, certReq, CRMFCertRequestTemplate); - if (reqDER == NULL) { - rv = ERROR_ENCODING_CERT_REQ_FOR_POP; - goto loser; - } - srv = VFY_VerifyData(reqDER->data, reqDER->len, pubKey, signature, - SECOID_FindOIDTag(&algID->algorithm), varTable); - if (srv != SECSuccess) { - rv = ERROR_VERIFYING_SIGNATURE_POP; - goto loser; - } - /* Fall thru in successfull case. */ - loser: - if (pubKey != NULL) { - SECKEY_DestroyPublicKey(pubKey); - } - if (reqDER != NULL) { - SECITEM_FreeItem(reqDER, PR_TRUE); - } - if (signature != NULL) { - SECITEM_FreeItem(signature, PR_TRUE); - } - if (algID != NULL) { - SECOID_DestroyAlgorithmID(algID, PR_TRUE); - } - if (signKey != NULL) { - CRMF_DestroyPOPOSigningKey(signKey); - } - return rv; -} - -ErrorCode -doChallengeResponse(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert, - ChallengeCreationInfo *challs, int *numChall) -{ - CRMFPOPOPrivKey *privKey = NULL; - CRMFPOPOPrivKeyChoice privKeyChoice; - SECStatus srv; - ErrorCode rv = NO_ERROR; - - srv = CRMF_CertReqMsgGetPOPKeyEncipherment(currReq, &privKey); - if (srv != SECSuccess || privKey == NULL) { - rv = ERROR_GETTING_KEY_ENCIPHERMENT; - goto loser; - } - privKeyChoice = CRMF_POPOPrivKeyGetChoice(privKey); - CRMF_DestroyPOPOPrivKey(privKey); - switch (privKeyChoice) { - case crmfSubsequentMessage: - challs = &challs[*numChall]; - challs->random = rand(); - challs->pubKey = CERT_ExtractPublicKey(newCert); - if (challs->pubKey == NULL) { - rv = ERROR_RETRIEVING_PUB_KEY_FOR_CHALL; - goto loser; - } - (*numChall)++; - rv = DO_CHALLENGE_RESPONSE; - break; - case crmfThisMessage: - /* There'd better be a PKIArchiveControl in this message */ - if (!CRMF_CertRequestIsControlPresent(certReq, - crmfPKIArchiveOptionsControl)) { - rv = ERROR_NO_POP_FOR_PRIVKEY; - goto loser; - } - break; - default: - rv = ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE; - goto loser; - } -loser: - return rv; -} - -ErrorCode -doProofOfPossession(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert, - ChallengeCreationInfo *challs, int *numChall) -{ - CRMFPOPChoice popChoice; - ErrorCode rv = NO_ERROR; - - popChoice = CRMF_CertReqMsgGetPOPType(currReq); - if (popChoice == crmfNoPOPChoice) { - rv = NO_POP_FOR_REQUEST; - goto loser; - } - switch (popChoice) { - case crmfSignature: - rv = verifySignature(varTable, currReq, certReq, newCert); - break; - case crmfKeyEncipherment: - rv = doChallengeResponse(varTable, currReq, certReq, newCert, - challs, numChall); - break; - case crmfRAVerified: - case crmfKeyAgreement: - default: - rv = UNSUPPORTED_POP; - goto loser; - } - loser: - return rv; -} - -void -convertB64ToJS(char *base64) -{ - int i; - - for (i=0; base64[i] != '\0'; i++) { - if (base64[i] == '\n') { - printf ("\\n"); - }else { - printf ("%c", base64[i]); - } - } -} - -void -formatChallenge(char *chall64, char *certRepContentDER, - ChallengeCreationInfo *challInfo, int numChalls) -{ - printf ("function respondToChallenge() {\n" - " var chalForm = document.chalForm;\n\n" - " chalForm.CertRepContent.value = '"); - convertB64ToJS(certRepContentDER); - printf ("';\n" - " chalForm.ChallResponse.value = crypto.popChallengeResponse('"); - convertB64ToJS(chall64); - printf("');\n" - " chalForm.submit();\n" - "}\n"); - -} - -void -spitOutChallenge(char *chall64, char *certRepContentDER, - ChallengeCreationInfo *challInfo, int numChalls, - char *nickname) -{ - int i; - - spitOutHeaders(); - printf("\n" - "\n" - "Challenge Page\n" - "\n" - "\n" - "\n" - "

Cartman is now responding to the Challenge " - "presented by the CGI

\n" - "\n" - "\n" - "\n"); - for (i=0;i\n", - i+1, challInfo[i].random); - } - printf("\n", nickname); - printf("\n\n"); -} - -ErrorCode -issueChallenge(CertResponseInfo *issuedCerts, int numCerts, - ChallengeCreationInfo *challInfo, int numChalls, - CERTCertificate *issuer, CGIVarTable *varTable) -{ - ErrorCode rv = NO_ERROR; - CMMFPOPODecKeyChallContent *chalContent = NULL; - int i; - SECStatus srv; - PRArenaPool *poolp; - CERTGeneralName *genName; - SECItem *challDER = NULL; - char *chall64, *certRepContentDER; - - rv = createCMMFResponse(issuedCerts, numCerts, issuer, - &certRepContentDER); - if (rv != NO_ERROR) { - goto loser; - } - chalContent = CMMF_CreatePOPODecKeyChallContent(); - if (chalContent == NULL) { - rv = ERROR_CREATING_EMPTY_CHAL_CONTENT; - goto loser; - } - poolp = PORT_NewArena(1024); - if (poolp == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - genName = CERT_GetCertificateNames(issuer, poolp); - if (genName == NULL) { - rv = ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER; - goto loser; - } - for (i=0;idata, challDER->len); - SECITEM_FreeItem(challDER, PR_TRUE); - if (chall64 == NULL) { - rv = ERROR_CONVERTING_CHALL_TO_BASE64; - goto loser; - } - spitOutChallenge(chall64, certRepContentDER, challInfo, numChalls, - getNickname(issuedCerts[0].cert)); - loser: - return rv; -} - - -ErrorCode -processRequest(CGIVarTable *varTable) -{ - CERTCertDBHandle *certdb; - SECKEYKeyDBHandle *keydb; - CRMFCertReqMessages *certReqs = NULL; - const char *crmfReq; - const char *caNickname; - CERTCertificate *caCert = NULL; - CertResponseInfo *issuedCerts = NULL; - CERTSubjectPublicKeyInfo spki = { 0 }; - ErrorCode rv=NO_ERROR; - PRBool doChallengeResponse = PR_FALSE; - SECItem der = { 0 }; - SECStatus srv; - CERTCertificateRequest oldCertReq = { 0 }; - CRMFCertReqMsg **reqMsgs = NULL,*currReq = NULL; - CRMFCertRequest **reqs = NULL, *certReq = NULL; - CERTName subject = { 0 }; - int numReqs,i; - ChallengeCreationInfo *challInfo=NULL; - int numChalls = 0; - - certdb = CERT_GetDefaultCertDB(); - keydb = SECKEY_GetDefaultKeyDB(); - crmfReq = CGITableFindValue(varTable, "CRMFRequest"); - if (crmfReq == NULL) { - rv = CGI_VAR_MISSING; - missingVar = "CRMFRequest"; - goto loser; - } - caNickname = CGITableFindValue(varTable, "CANickname"); - if (caNickname == NULL) { - rv = CGI_VAR_MISSING; - missingVar = "CANickname"; - goto loser; - } - caCert = CERT_FindCertByNickname(certdb, caNickname); - if (caCert == NULL) { - rv = COULD_NOT_FIND_CA; - goto loser; - } - srv = ATOB_ConvertAsciiToItem(&der, crmfReq); - if (srv != SECSuccess) { - rv = BAD_ASCII_FOR_REQ; - goto loser; - } - certReqs = CRMF_CreateCertReqMessagesFromDER(der.data, der.len); - SECITEM_FreeItem(&der, PR_FALSE); - if (certReqs == NULL) { - rv = COULD_NOT_DECODE_REQS; - goto loser; - } - numReqs = CRMF_CertReqMessagesGetNumMessages(certReqs); - issuedCerts = PORT_ZNewArray(CertResponseInfo, numReqs); - challInfo = PORT_ZNewArray(ChallengeCreationInfo, numReqs); - if (issuedCerts == NULL || challInfo == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - reqMsgs = PORT_ZNewArray(CRMFCertReqMsg*, numReqs); - reqs = PORT_ZNewArray(CRMFCertRequest*, numReqs); - if (reqMsgs == NULL || reqs == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - for (i=0; i= form_output_len) { - form_output_len += DEFAULT_ALLOC_SIZE; - form_output = PORT_Realloc(form_output, form_output_len+1); - } - form_output_used += fread(&form_output[form_output_used], sizeof(char), - DEFAULT_ALLOC_SIZE, stdin); - } - ParseInputVariables(&varTable, form_output); - certRepContent = CGITableFindValue(&varTable, "CertRepContent"); - if (certRepContent == NULL) { - errNum = initNSS(&varTable); - if (errNum != 0) { - goto loser; - } - errNum = processRequest(&varTable); - } else { - errNum = processChallengeResponse(&varTable, certRepContent); - } - if (errNum != NO_ERROR) { - goto loser; - } - goto done; -loser: - dumpErrorMessage(errNum); -done: - free (form_output); - return 0; -} - diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.html b/security/nss/cmd/crmf-cgi/crmfcgi.html deleted file mode 100644 index e91923ecee..0000000000 --- a/security/nss/cmd/crmf-cgi/crmfcgi.html +++ /dev/null @@ -1,165 +0,0 @@ - - - - -CRMF Test Page for PSM - - - -

CRMF Test page for PSM

-This page is designed to be used in combination with the executable -produced by ns/security/cmd/crmf-cgi in a CGI environment. In order -to successfully use this page, modify its action to post to a a server -where you have installed the crmfcgi executable and you'll be able to -test the functionality. -
-
-

Certificate Database information

-First, enter all the information for the CGI to use for initializing -NSS. The CGI will use the directory entered below as the directory -where to look for the certificate and key databases. -
-Path for NSS Config: 
-
-Enter the password for the certificate database found in the direcotry -above. -
-Database Password:   
-
-Now enter the nickname of the certificate to use for signing the -certificate issued during this test. -
-CA Nickname:         
-
-

Now, figure out which type of key generation you want to test:

- - -
- -
- - diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn deleted file mode 100644 index 3a34963270..0000000000 --- a/security/nss/cmd/crmf-cgi/manifest.mn +++ /dev/null @@ -1,61 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. -MODULE = sectools - -EXPORTS = \ - $(NULL) - -CSRCS = \ - crmfcgi.c \ - $(NULL) - - -REQUIRES = nss dbm seccmd - -ifdef ATTACH_CGI -DEFINES += -DATTACH_CGI -endif - -ifdef WRITE_OUT_RESPONSE -DEFINES += -DWRITE_OUT_RESPONSE -endif - -PROGRAM = crmfcgi - -USE_STATIC_LIBS = 1 - -INCLUDES = - -DEFINES = -DNSPR20 diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile deleted file mode 100644 index 5df669763f..0000000000 --- a/security/nss/cmd/crmftest/Makefile +++ /dev/null @@ -1,99 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### -include config.mk - -ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2) -OS_LIBS += -lsvld -endif - -ifeq ($(OS_TARGET)$(OS_RELEASE), SunOS5.6) -OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl -endif - -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -EXTRA_LIBS += $(DIST)/lib/crmf.lib -else -EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) -endif - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -LDDIST = $(DIST)/lib - -ifeq (,$(filter-out WIN%,$(OS_TARGET))) -EXTRA_LIBS += $(LDDIST)/sectool.lib -endif - -lame: - echo $(CPU_ARCH) - -include ../platrules.mk diff --git a/security/nss/cmd/crmftest/config.mk b/security/nss/cmd/crmftest/config.mk deleted file mode 100644 index 7343609f80..0000000000 --- a/security/nss/cmd/crmftest/config.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(PROGRAM) -SHARED_LIBRARY = -IMPORT_LIBRARY = -LIBRARY = - diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn deleted file mode 100644 index cd52750947..0000000000 --- a/security/nss/cmd/crmftest/manifest.mn +++ /dev/null @@ -1,53 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. -DEPTH = . - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -EXPORTS = \ - $(NULL) - -CSRCS = \ - testcrmf.c \ - $(NULL) - - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm - -PROGRAM = crmftest - diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c deleted file mode 100644 index e9bb08bdb8..0000000000 --- a/security/nss/cmd/crmftest/testcrmf.c +++ /dev/null @@ -1,1533 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "crmf.h" -#include "secrng.h" -#include "secpkcs5.h" -#include "pk11func.h" -#include "pkcs11.h" -#include "secmod.h" -#include "secmodi.h" -#include "key.h" -#include "prio.h" -#include "pqggen.h" -#include "cmmf.h" -#include "seccomon.h" -#include "secmod.h" -#include "prlock.h" -#include "secmodi.h" -#include "pkcs11.h" -#include "pk11func.h" -#include "secitem.h" -#include "key.h" -#include "rsa.h" -#include "secpkcs5.h" -#include "secasn1.h" -#include "sechash.h" -#include "cert.h" -#include "secerr.h" -#include -#include "prprf.h" -#if !defined(XP_UNIX) && !defined(LINUX) -extern int getopt(int, char **, char*); -extern char *optarg; -#endif -#define MAX_KEY_LEN 512 - -int64 notBefore; -char *personalCert = NULL; -char *recoveryEncrypter = NULL; -char *caCertName = NULL; - -CERTCertDBHandle *db; -SECKEYKeyDBHandle *keydb; - -void -debug_test(SECItem *src, char *filePath) -{ - PRFileDesc *fileDesc; - - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not cretae file %s.\n", filePath); - return; - } - PR_Write(fileDesc, src->data, src->len); - -} - -SECStatus -get_serial_number(long *dest) -{ - RNGContext *rng; - SECStatus rv; - - if (dest == NULL) { - return SECFailure; - } - rng = RNG_CreateContext(); - if (rng == NULL) { - *dest = 0; - return SECFailure; - } - rv = RNG_GenerateRandomBytes(rng, (void*)dest, sizeof(long)); - RNG_DestroyContext(rng, PR_TRUE); - return SECSuccess; -} - -char * -promptForPassword (PK11SlotInfo *slot, PRBool retry, void *cx) -{ - char passWord[80]; - char *retPass = NULL; - - if (retry) { - printf ("Incorrect password. Please re-enter the password.\n"); - } - printf ("WARNING: Password will be echoed to the screen.\n"); - printf ("Please enter the password for slot \"%s\":", - PK11_GetTokenName(slot)); - scanf ("%s", passWord); - retPass = PORT_Strdup(passWord); - return retPass; -} - -PK11RSAGenParams * -GetRSAParams(void) -{ - PK11RSAGenParams *rsaParams; - - rsaParams = PORT_ZNew(PK11RSAGenParams); - - if (rsaParams == NULL) - return NULL; - - rsaParams->keySizeInBits = MAX_KEY_LEN; - rsaParams->pe = 0x1001; - - return rsaParams; - -} - -SECStatus -SetSlotPassword(PK11SlotInfo *slot) -{ - char userPin[80]; - - printf ("Initialization of PIN's for your Database.\n"); - printf ("------------------------------------------\n"); - printf ("Please enter the PIN's for your Database.\n"); - printf ("Warning: ALL PIN'S WILL BE ECHOED TO SCREEN!!!\n"); - printf ("Now enter the PIN for the user: "); - scanf ("%s", userPin); - return PK11_InitPin (slot, NULL, userPin); -} - -PQGParams* -GetDSAParams(void) -{ - PQGParams *params = NULL; - PQGVerify *vfy = NULL; - - SECStatus rv; - - rv = PQG_ParamGen(0, ¶ms, &vfy); - if (rv != SECSuccess) { - return NULL; - } - PQG_DestroyVerify(vfy); - return params; -} - -CERTSubjectPublicKeyInfo * -GetSubjectPubKeyInfo(SECKEYPrivateKey **destPrivKey, - SECKEYPublicKey **destPubKey) { - CERTSubjectPublicKeyInfo *spki = NULL; - SECKEYPrivateKey *privKey = NULL; - SECKEYPublicKey *pubKey = NULL; - PK11SlotInfo *keySlot = NULL; - PK11SlotInfo *cryptoSlot = NULL; - PK11RSAGenParams *rsaParams = NULL; - PQGParams *dsaParams = NULL; - - keySlot = PK11_GetInternalKeySlot(); - PK11_Authenticate(keySlot, PR_FALSE, NULL); - cryptoSlot = PK11_GetInternalSlot(); - PK11_Authenticate(cryptoSlot, PR_FALSE, NULL); - PK11_FreeSlot(cryptoSlot); - rsaParams = GetRSAParams(); - privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN, - (void*)rsaParams, &pubKey, PR_FALSE, - PR_FALSE, NULL); -/* dsaParams = GetDSAParams(); - if (dsaParams == NULL) { - PK11_FreeSlot(keySlot); - return NULL; - } - privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN, - (void*)dsaParams, &pubKey, PR_FALSE, - PR_FALSE, NULL);*/ - PK11_FreeSlot(keySlot); - if (privKey == NULL || pubKey == NULL) { - if (pubKey) { - SECKEY_DestroyPublicKey(pubKey); - } - if (privKey) { - SECKEY_DestroyPrivateKey(privKey); - } - return NULL; - } - - spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey); - *destPrivKey = privKey; - *destPubKey = pubKey; - return spki; -} - - -SECStatus -InitPKCS11(void) -{ - PK11SlotInfo *cryptoSlot, *keySlot; - - PK11_SetPasswordFunc(promptForPassword); - - cryptoSlot = PK11_GetInternalSlot(); - keySlot = PK11_GetInternalKeySlot(); - - if (PK11_NeedUserInit(cryptoSlot) && PK11_NeedLogin(cryptoSlot)) { - if (SetSlotPassword (cryptoSlot) != SECSuccess) { - printf ("Initializing the PIN's failed.\n"); - return SECFailure; - } - } - - if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) { - if (SetSlotPassword (keySlot) != SECSuccess) { - printf ("Initializing the PIN's failed.\n"); - return SECFailure; - } - } - - PK11_FreeSlot(cryptoSlot); - PK11_FreeSlot(keySlot); - return SECSuccess; -} - - -void -WriteItOut (void *arg, const char *buf, unsigned long len) -{ - PRFileDesc *fileDesc = (PRFileDesc*)arg; - - PR_Write(fileDesc, (void*)buf, len); -} - -SECItem -GetRandomBitString(void) -{ -#define NUM_BITS 800 -#define BITS_IN_BYTE 8 - SECItem bitString; - int numBytes = NUM_BITS/BITS_IN_BYTE; - unsigned char *bits = PORT_ZNewArray(unsigned char, numBytes); - RNGContext *rng; - - rng = RNG_CreateContext(); - RNG_GenerateRandomBytes(rng, (void*)bits, numBytes); - RNG_DestroyContext(rng, PR_TRUE); - bitString.data = bits; - bitString.len = NUM_BITS; - bitString.type = siBuffer; - return bitString; -} - -CRMFCertExtCreationInfo* -GetExtensions(void) -{ - CRMFCertExtCreationInfo *extInfo; - CRMFCertExtension *currExt; - CRMFCertExtension *extension; - SECItem data; - PRBool prFalse = PR_FALSE; - unsigned char keyUsage[4]; - - data.len = 4; - data.data = keyUsage; - keyUsage[0] = 0x03; - keyUsage[1] = 0x02; - keyUsage[2] = 0x07; - keyUsage[3] = KU_DIGITAL_SIGNATURE; - extension = CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE,prFalse, - &data); - extInfo = PORT_ZNew(CRMFCertExtCreationInfo); - extInfo->numExtensions = 1; - extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1); - extInfo->extensions[0] = extension; - return extInfo; -} - -void -FreeExtInfo(CRMFCertExtCreationInfo *extInfo) -{ - int i; - - for (i=0; inumExtensions; i++) { - CRMF_DestroyCertExtension(extInfo->extensions[i]); - } - PORT_Free(extInfo->extensions); - PORT_Free(extInfo); -} - -int -CreateCertRequest (CRMFCertRequest **inCertReq, SECKEYPrivateKey **privKey, - SECKEYPublicKey **pubKey) -{ - long serialNumber; - long version = 3; - char *issuerStr = PORT_Strdup ("CN=Javi's CA Shack, O=Information Systems"); - char *subjectStr = PORT_Strdup ("CN=Javi's CA Shack ID, O=Engineering, " - "C=US"); - CRMFCertRequest *certReq; - SECAlgorithmID * algID; - CERTName *issuer, *subject; - CRMFValidityCreationInfo validity; - CERTSubjectPublicKeyInfo *spki; - SECStatus rv; - SECOidTag tag, tag2; - SECItem issuerUID, subjectUID; - CRMFCertExtCreationInfo *extInfo; - CRMFEncryptedKey *encKey; - CERTCertificate *caCert; - CRMFPKIArchiveOptions *pkiArchOpt; - - *inCertReq = NULL; - certReq = CRMF_CreateCertRequest(0x0ff02345); - if (certReq == NULL) { - printf ("Could not initialize a certificate request.\n"); - return 1; - } - rv = CRMF_CertRequestSetTemplateField (certReq, crmfVersion, (void*)(&version)); - if (rv != SECSuccess) { - printf("Could not add the version number to the " - "Certificate Request.\n"); - CRMF_DestroyCertRequest(certReq); - return 2; - } - - if (get_serial_number(&serialNumber) != SECSuccess) { - printf ("Could not generate a serial number for cert request.\n"); - CRMF_DestroyCertRequest(certReq); - return 3; - } - - rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber, - (void*)(&serialNumber)); - if (rv != SECSuccess) { - printf ("Could not add serial number to certificate template\n."); - CRMF_DestroyCertRequest(certReq); - return 4; - } - - issuer = CERT_AsciiToName(issuerStr); - if (issuer == NULL) { - printf ("Could not create CERTName structure from %s.\n", issuerStr); - CRMF_DestroyCertRequest(certReq); - return 5; - } - rv = CRMF_CertRequestSetTemplateField (certReq, crmfIssuer, (void*) issuer); - PORT_Free(issuerStr); - CERT_DestroyName(issuer); - if (rv != SECSuccess) { - printf ("Could not add issuer to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 6; - } - - subject = CERT_AsciiToName(subjectStr); - if (subject == NULL) { - printf ("Could not create CERTName structure from %s.\n", subjectStr); - CRMF_DestroyCertRequest(certReq); - return 7; - } - PORT_Free(subjectStr); - rv = CRMF_CertRequestSetTemplateField (certReq, crmfSubject, (void*)subject); - if (rv != SECSuccess) { - printf ("Could not add subject to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 8; - } - CERT_DestroyName(subject); - - algID = - SEC_PKCS5CreateAlgorithmID (SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC, - NULL, 1); - if (algID == NULL) { - printf ("Couldn't create algorithm ID\n"); - CRMF_DestroyCertRequest(certReq); - return 9; - } - rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID); - SECOID_DestroyAlgorithmID(algID, PR_TRUE); - if (rv != SECSuccess) { - printf ("Could not add the signing algorithm to the cert template.\n"); - CRMF_DestroyCertRequest(certReq); - return 10; - } - - validity.notBefore = ¬Before; - validity.notAfter = NULL; - notBefore = PR_Now(); - rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity)); - if (rv != SECSuccess) { - printf ("Could not add validity to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 11; - } - - spki = GetSubjectPubKeyInfo(privKey, pubKey); - if (spki == NULL) { - printf ("Could not create a Subject Public Key Info to add\n"); - CRMF_DestroyCertRequest(certReq); - return 12; - } - rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki); - SECKEY_DestroySubjectPublicKeyInfo(spki); - if (rv != SECSuccess) { - printf ("Could not add the public key to the template\n"); - CRMF_DestroyCertRequest(certReq); - return 13; - } - - caCert = - CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName); - if (caCert == NULL) { - printf ("Could not find the certificate for %s\n", caCertName); - CRMF_DestroyCertRequest(certReq); - return 50; - } - - issuerUID = GetRandomBitString(); - subjectUID = GetRandomBitString(); - CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID, (void*)&issuerUID); - CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID); - PORT_Free(issuerUID.data); - PORT_Free(subjectUID.data); - extInfo = GetExtensions(); - CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo); - FreeExtInfo(extInfo); - encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(*privKey, caCert); - CERT_DestroyCertificate(caCert); - if (encKey == NULL) { - printf ("Could not create Encrypted Key with Encrypted Value.\n"); - return 14; - } - pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey); - CRMF_DestroyEncryptedKey(encKey); - if (pkiArchOpt == NULL) { - printf ("Could not create PKIArchiveOptions.\n"); - return 15; - } - rv = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt); - CRMF_DestroyPKIArchiveOptions(pkiArchOpt); - if (rv != SECSuccess) { - printf ("Could not add the PKIArchiveControl to Cert Request.\n"); - return 16; - } - *inCertReq = certReq; - return 0; -} - -int -Encode (CRMFCertReqMsg *inCertReq, - CRMFCertReqMsg *secondReq, char *configdir) -{ -#define PATH_LEN 150 -#define CRMF_FILE "CertReqMessages.der" - char filePath[PATH_LEN]; - PRFileDesc *fileDesc; - SECStatus rv; - int irv = 0; - CRMFCertReqMsg *msgArr[3]; - CRMFCertReqMsg *newMsg; - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - irv = 14; - goto finish; - } -/* rv = CRMF_EncodeCertReqMsg (inCertReq, WriteItOut, (void*)fileDesc);*/ - msgArr[0] = inCertReq; - msgArr[1] = secondReq; - msgArr[2] = NULL; - rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc); - if (rv != SECSuccess) { - printf ("An error occurred while encoding.\n"); - irv = 15; - goto finish; - } - finish: - PR_Close(fileDesc); - return irv; -} - -int -AddProofOfPossession(CRMFCertReqMsg *certReqMsg, SECKEYPrivateKey *privKey, - SECKEYPublicKey *pubKey, CRMFPOPChoice inPOPChoice) -{ - - switch(inPOPChoice){ - case crmfSignature: - CRMF_CertReqMsgSetSignaturePOP(certReqMsg, privKey, pubKey, NULL, NULL, - NULL); - break; - case crmfRAVerified: - CRMF_CertReqMsgSetRAVerifiedPOP(certReqMsg); - break; - case crmfKeyEncipherment: - CRMF_CertReqMsgSetKeyEnciphermentPOP(certReqMsg, - crmfSubsequentMessage, - crmfChallengeResp, NULL); - break; - case crmfKeyAgreement: - { - SECItem pendejo; - unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 }; - - pendejo.data = lame; - pendejo.len = 5; - - CRMF_CertReqMsgSetKeyAgreementPOP(certReqMsg, crmfThisMessage, - crmfNoSubseqMess, &pendejo); - } - break; - default: - return 1; - } - return 0; -} - -#define BUFF_SIZE 150 - -int -Decode(char *configdir) -{ - char filePath[PATH_LEN]; - unsigned char buffer[BUFF_SIZE]; - char *asn1Buff; - PRFileDesc *fileDesc; - PRInt32 fileLen = 0; - PRInt32 bytesRead; - CRMFCertReqMsg *certReqMsg; - CRMFCertRequest *certReq; - CRMFGetValidity validity= {NULL, NULL}; - CRMFCertReqMessages *certReqMsgs; - int numMsgs, i; - long lame; - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE); - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - while (1) { - bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE); - if (bytesRead <= 0) break; - fileLen += bytesRead; - } - if (bytesRead < 0) { - printf ("Error while getting the length of the file %s\n", filePath); - return 200; - } - - PR_Close(fileDesc); - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - asn1Buff = PORT_ZNewArray(char, fileLen); - bytesRead = PR_Read(fileDesc, asn1Buff, fileLen); - if (bytesRead != fileLen) { - printf ("Error while reading in the contents of %s\n", filePath); - return 201; - } - /*certReqMsg = CRMF_CreateCertReqMsgFromDER(asn1Buff, fileLen); - if (certReqMsg == NULL) { - printf ("Error while decoding the CertReqMsg\n"); - return 202; - } - certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg); -*/ - certReqMsgs = CRMF_CreateCertReqMessagesFromDER(asn1Buff, fileLen); - if (certReqMsgs == NULL) { - printf ("Error decoding CertReqMessages.\n"); - return 202; - } - numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs); - if (numMsgs <= 0) { - printf ("WARNING: The DER contained %d messages.\n", numMsgs); - } - for (i=0; i < numMsgs; i++) { - certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i); - if (certReqMsg == NULL) { - printf ("ERROR: Could not access the message at index %d of %s\n", - i, filePath); - } - CRMF_CertReqMsgGetID(certReqMsg, &lame); - certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg); - CRMF_CertRequestGetCertTemplateValidity(certReq, &validity); - CRMF_DestroyGetValidity(&validity); - CRMF_DestroyCertRequest(certReq); - CRMF_DestroyCertReqMsg(certReqMsg); - } - CRMF_DestroyCertReqMessages(certReqMsgs); - PORT_Free(asn1Buff); - return 0; -} - -void -GetBitsFromFile(char *filePath, SECItem *fileBits) -{ - PRFileDesc *fileDesc; - int bytesRead, fileLen=0; - char buffer[BUFF_SIZE], *asn1Buf; - - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - while (1) { - bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE); - if (bytesRead <= 0) break; - fileLen += bytesRead; - } - if (bytesRead < 0) { - printf ("Error while getting the length of file %s.\n", filePath); - goto loser; - } - PR_Close(fileDesc); - - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - asn1Buf = PORT_ZNewArray(char, fileLen); - if (asn1Buf == NULL) { - printf ("Out of memory in function GetBitsFromFile\n"); - goto loser; - } - bytesRead = PR_Read(fileDesc, asn1Buf, fileLen); - if (bytesRead != fileLen) { - printf ("Error while reading the contents of %s\n", filePath); - goto loser; - } - fileBits->data = (unsigned char*)asn1Buf; - fileBits->len = fileLen; - return; - loser: - if (asn1Buf) { - PORT_Free(asn1Buf); - } - fileBits->data = NULL; - fileBits->len = 0; -} - -int -DecodeCMMFCertRepContent(char *derFile) -{ - int fileLen=0; - char *asn1Buf; - SECItem fileBits; - CMMFCertRepContent *certRepContent; - - - GetBitsFromFile(derFile, &fileBits); - if (fileBits.data == NULL) { - printf("Could not get bits from file %s\n", derFile); - return 304; - } - asn1Buf = (char*)fileBits.data; - fileLen = fileBits.len; - certRepContent = CMMF_CreateCertRepContentFromDER(db, asn1Buf, fileLen); - if (certRepContent == NULL) { - printf ("Error while decoding %s\n", derFile); - return 303; - } - CMMF_DestroyCertRepContent(certRepContent); - PORT_Free(asn1Buf); - return 0; -} - -int -DoCMMFStuff(char *configdir) -{ - CMMFCertResponse *certResp=NULL, *certResp2=NULL, *certResponses[3]; - CMMFCertRepContent *certRepContent=NULL; - CERTCertificate *cert=NULL, *caCert=NULL; - CERTCertList *list=NULL; - PRFileDesc *fileDesc=NULL; - char filePath[PATH_LEN]; - int rv = 0; - long random; - CMMFKeyRecRepContent *repContent=NULL; - SECKEYPrivateKey *privKey = NULL; - SECKEYPublicKey *caPubKey; - SECStatus srv; - SECItem fileBits; - - certResp = CMMF_CreateCertResponse(0xff123); - CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted); - cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert); - if (cert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - rv = 416; - goto finish; - } - CMMF_CertResponseSetCertificate(certResp, cert); - certResp2 = CMMF_CreateCertResponse(0xff122); - CMMF_CertResponseSetPKIStatusInfoStatus(certResp2, cmmfGranted); - CMMF_CertResponseSetCertificate(certResp2, cert); - - certResponses[0] = certResp; - certResponses[1] = NULL; - certResponses[2] = NULL; - - certRepContent = CMMF_CreateCertRepContent(); - CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1); - - list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner); - CMMF_CertRepContentSetCAPubs(certRepContent, list); - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - rv = 400; - goto finish; - } - - srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut, - (void*)fileDesc); - PORT_Assert (srv == SECSuccess); - PR_Close(fileDesc); - rv = DecodeCMMFCertRepContent(filePath); - if (rv != 0) { - goto finish; - } - random = 0xa4e7; - caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName); - if (caCert == NULL) { - printf ("Could not get the certifcate for %s\n", caCertName); - rv = 411; - goto finish; - } - repContent = CMMF_CreateKeyRecRepContent(); - if (repContent == NULL) { - printf ("Could not allocate a CMMFKeyRecRepContent structure\n"); - rv = 407; - goto finish; - } - srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent, - cmmfGrantedWithMods); - if (srv != SECSuccess) { - printf ("Error trying to set PKIStatusInfo for " - "CMMFKeyRecRepContent.\n"); - rv = 406; - goto finish; - } - srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert); - if (srv != SECSuccess) { - printf ("Error trying to set the new signing certificate for " - "key recovery\n"); - rv = 408; - goto finish; - } - srv = CMMF_KeyRecRepContentSetCACerts(repContent, list); - if (srv != SECSuccess) { - printf ("Errory trying to add the list of CA certs to the " - "CMMFKeyRecRepContent structure.\n"); - rv = 409; - goto finish; - } - privKey = PK11_FindKeyByAnyCert(cert, NULL); - if (privKey == NULL) { - printf ("Could not get the private key associated with the\n" - "certificate %s\n", personalCert); - rv = 410; - goto finish; - } - caPubKey = CERT_ExtractPublicKey(caCert); - if (caPubKey == NULL) { - printf ("Could not extract the public from the " - "certificate for \n%s\n", caCertName); - rv = 412; - goto finish; - } - CERT_DestroyCertificate(caCert); - caCert = NULL; - srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey, - caPubKey); - SECKEY_DestroyPrivateKey(privKey); - SECKEY_DestroyPublicKey(caPubKey); - if (srv != SECSuccess) { - printf ("Could not set the Certified Key Pair\n"); - rv = 413; - goto finish; - } - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, - "KeyRecRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - rv = 414; - goto finish; - } - - srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut, - (void*)fileDesc); - PORT_Assert (srv == SECSuccess); - PR_Close(fileDesc); - CMMF_DestroyKeyRecRepContent(repContent); - GetBitsFromFile(filePath, &fileBits); - repContent = - CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data, - fileBits.len); - if (repContent == NULL) { - printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n" - "\t%s\n", filePath); - rv = 415; - goto finish; - } - finish: - if (repContent) { - CMMF_DestroyKeyRecRepContent(repContent); - } - if (cert) { - CERT_DestroyCertificate(cert); - } - if (list) { - CERT_DestroyCertList(list); - } - if (certResp) { - CMMF_DestroyCertResponse(certResp); - } - if (certResp2) { - CMMF_DestroyCertResponse(certResp2); - } - if (certRepContent) { - CMMF_DestroyCertRepContent(certRepContent); - } - return rv; -} - -static CK_MECHANISM_TYPE -mapWrapKeyType(KeyType keyType) -{ - switch (keyType) { - case rsaKey: - return CKM_RSA_PKCS; - default: - break; - } - return CKM_INVALID_MECHANISM; -} - -#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/ - -int -DoKeyRecovery(char *configdir, SECKEYPrivateKey *privKey) -{ - SECKEYPublicKey *pubKey; - PK11SlotInfo *slot; - CK_OBJECT_HANDLE id; - CK_MECHANISM mech = { CKM_INVALID_MECHANISM, NULL, 0}; - unsigned char *known_message = (unsigned char*)"Known Crypto Message"; - unsigned char plaintext[KNOWN_MESSAGE_LENGTH]; - char filePath[PATH_LEN]; - CK_RV crv; - unsigned char *ciphertext; - CK_ULONG max_bytes_encrypted, bytes_encrypted; - unsigned char *text_compared; - CK_ULONG bytes_compared, bytes_decrypted; - SECKEYPrivateKey *unwrappedPrivKey, *caPrivKey; - CMMFKeyRecRepContent *keyRecRep; - SECStatus rv; - CERTCertificate *caCert, *myCert; - SECKEYPublicKey *caPubKey; - PRFileDesc *fileDesc; - SECItem fileBits, nickname; - CMMFCertifiedKeyPair *certKeyPair; - - /*caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName);*/ - myCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert); - if (myCert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - return 700; - } - caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - recoveryEncrypter); - if (caCert == NULL) { - printf ("Could not find the certificate for %s\n", recoveryEncrypter); - return 701; - } - caPubKey = CERT_ExtractPublicKey(caCert); - pubKey = SECKEY_ConvertToPublicKey(privKey); - max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey); - slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL); - id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE); - switch(privKey->keyType) { - case rsaKey: - mech.mechanism = CKM_RSA_PKCS; - break; - case dsaKey: - mech.mechanism = CKM_DSA; - break; - case dhKey: - mech.mechanism = CKM_DH_PKCS_DERIVE; - break; - default: - printf ("Bad Key type in key recovery.\n"); - return 512; - - } - PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id); - if (crv != CKR_OK) { - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - printf ("C_EncryptInit failed in KeyRecovery\n"); - return 500; - } - ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted); - if (ciphertext == NULL) { - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - printf ("Could not allocate memory for ciphertext.\n"); - return 501; - } - bytes_encrypted = max_bytes_encrypted; - crv = PK11_GETTAB(slot)->C_Encrypt(slot->session, - known_message, - KNOWN_MESSAGE_LENGTH, - ciphertext, - &bytes_encrypted); - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - if (crv != CKR_OK) { - PORT_Free(ciphertext); - return 502; - } - /* Always use the smaller of these two values . . . */ - bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH ) - ? KNOWN_MESSAGE_LENGTH - : bytes_encrypted; - - /* If there was a failure, the plaintext */ - /* goes at the end, therefore . . . */ - text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH ) - ? (ciphertext + bytes_encrypted - - KNOWN_MESSAGE_LENGTH ) - : ciphertext; - - keyRecRep = CMMF_CreateKeyRecRepContent(); - if (keyRecRep == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not allocate a CMMFKeyRecRepContent structre.\n"); - return 503; - } - rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep, - cmmfGranted); - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not set the status for the KeyRecRepContent\n"); - return 504; - } - /* The myCert here should correspond to the certificate corresponding - * to the private key, but for this test any certificate will do. - */ - rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert, - privKey, caPubKey); - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not set the Certified Key Pair\n"); - return 505; - } - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, - "KeyRecRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not open file %s\n", filePath); - return 506; - } - rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc); - CMMF_DestroyKeyRecRepContent(keyRecRep); - PR_Close(fileDesc); - - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Error while encoding CMMFKeyRecRepContent\n"); - return 507; - } - GetBitsFromFile(filePath, &fileBits); - if (fileBits.data == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Could not get the bits from file %s\n", filePath); - return 508; - } - keyRecRep = - CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data, - fileBits.len); - if (keyRecRep == NULL) { - printf ("Could not decode the KeyRecRepContent in file %s\n", - filePath); - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - return 509; - } - caPrivKey = PK11_FindKeyByAnyCert(caCert, NULL); - if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) != - cmmfGranted) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("A bad status came back with the " - "KeyRecRepContent structure\n"); - return 510; - } -#define NICKNAME "Key Recovery Test Key" - nickname.data = (unsigned char*)NICKNAME; - nickname.len = PORT_Strlen(NICKNAME); - certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0); - CMMF_DestroyKeyRecRepContent(keyRecRep); - rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair, - caPrivKey, - &nickname, - PK11_GetInternalKeySlot(), - db, - &unwrappedPrivKey, NULL); - CMMF_DestroyCertifiedKeyPair(certKeyPair); - if (rv != SECSuccess) { - printf ("Unwrapping the private key failed.\n"); - return 511; - } - /*Now let's try to decrypt the ciphertext with the "recovered" key*/ - PK11_EnterSlotMonitor(slot); - crv = - PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session, - &mech, - unwrappedPrivKey->pkcs11ID); - if (crv != CKR_OK) { - PK11_ExitSlotMonitor(slot); - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Decrypting with the recovered key failed.\n"); - return 513; - } - bytes_decrypted = KNOWN_MESSAGE_LENGTH; - crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session, - ciphertext, - bytes_encrypted, plaintext, - &bytes_decrypted); - SECKEY_DestroyPrivateKey(unwrappedPrivKey); - PK11_ExitSlotMonitor(slot); - PORT_Free(ciphertext); - if (crv != CKR_OK) { - PK11_FreeSlot(slot); - printf ("Decrypting the ciphertext with recovered key failed.\n"); - return 514; - } - if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) || - (PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) { - PK11_FreeSlot(slot); - printf ("The recovered plaintext does not equal the known message:\n" - "\tKnown message: %s\n" - "\tRecovered plaintext: %s\n", known_message, plaintext); - return 515; - } - return 0; -} - -int -DoChallengeResponse(char *configdir, SECKEYPrivateKey *privKey, - SECKEYPublicKey *pubKey) -{ - CMMFPOPODecKeyChallContent *chalContent = NULL; - CMMFPOPODecKeyRespContent *respContent = NULL; - CERTCertificate *myCert = NULL; - CERTGeneralName *myGenName = NULL; - PRArenaPool *poolp = NULL; - SECItem DecKeyChallBits; - long *randomNums; - int numChallengesFound=0; - int numChallengesSet = 1,i; - long retrieved; - char filePath[PATH_LEN]; - RNGContext *rng; - SECStatus rv; - PRFileDesc *fileDesc; - SECItem *publicValue, *keyID; - SECKEYPrivateKey *foundPrivKey; - - chalContent = CMMF_CreatePOPODecKeyChallContent(); - myCert = CERT_FindCertByNickname(db, personalCert); - if (myCert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - return 900; - } - poolp = PORT_NewArena(1024); - if (poolp == NULL) { - printf("Could no allocate a new arena in DoChallengeResponse\n"); - return 901; - } - myGenName = CERT_GetCertificateNames(myCert, poolp); - if (myGenName == NULL) { - printf ("Could not get the general names for %s certificate\n", - personalCert); - return 902; - } - randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet); - rng = RNG_CreateContext(); - RNG_GenerateRandomBytes(rng, randomNums, numChallengesSet*sizeof(long)); - for (i=0; ipkcs11Slot,keyID, NULL); - if (foundPrivKey == NULL) { - printf ("Could not find the private key corresponding to the public" - " value.\n"); - return 910; - } - rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i, - foundPrivKey); - if (rv != SECSuccess) { - printf ("Could not decrypt the challenge at index %d\n", i); - return 911; - } - rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i, - &retrieved); - if (rv != SECSuccess) { - printf ("Could not get the random number from the challenge at " - "index %d\n", i); - return 912; - } - if (retrieved != randomNums[i]) { - printf ("Retrieved the number (%d), expected (%d)\n", retrieved, - randomNums[i]); - return 913; - } - } - CMMF_DestroyPOPODecKeyChallContent(chalContent); - PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der", - configdir); - fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - return 914; - } - rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet, - WriteItOut, fileDesc); - PR_Close(fileDesc); - if (rv != 0) { - printf ("Could not encode the POPODecKeyRespContent\n"); - return 915; - } - GetBitsFromFile(filePath, &DecKeyChallBits); - respContent = - CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data, - DecKeyChallBits.len); - if (respContent == NULL) { - printf ("Could not decode the contents of the file %s\n", filePath); - return 916; - } - numChallengesFound = - CMMF_POPODecKeyRespContentGetNumResponses(respContent); - if (numChallengesFound != numChallengesSet) { - printf ("Number of responses found (%d) does not match the number " - "of challenges set (%d)\n", - numChallengesFound, numChallengesSet); - return 917; - } - for (i=0; i -#include - -#include "secutil.h" -#include "cdbhdl.h" -#include "certdb.h" -#include "cert.h" -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -static char *progName; - -/* placeholders for pointer error types */ -static void *WrongEntry; -static void *NoNickname; -static void *NoSMime; - -enum { - GOBOTH = 0, - GORIGHT, - GOLEFT -}; - -typedef struct -{ - PRBool verbose; - PRBool dograph; - PRFileDesc *out; - PRFileDesc *graphfile; - int dbErrors[10]; -} dbDebugInfo; - -/* - * A list node for a cert db entry. The index is a unique identifier - * to use for creating generic maps of a db. This struct handles - * the cert, nickname, and smime db entry types, as all three have a - * single handle to a subject entry. - * This structure is pointed to by certDBEntryListNode->appData. - */ -typedef struct -{ - PRArenaPool *arena; - int index; - certDBEntryListNode *pSubject; -} certDBEntryMap; - -/* - * Subject entry is special case, it has bidirectional handles. One - * subject entry can point to several certs (using the same DN), and - * a nickname and/or smime entry. - * This structure is pointed to by certDBEntryListNode->appData. - */ -typedef struct -{ - PRArenaPool *arena; - int index; - int numCerts; - certDBEntryListNode **pCerts; - certDBEntryListNode *pNickname; - certDBEntryListNode *pSMime; -} certDBSubjectEntryMap; - -/* - * A map of a certdb. - */ -typedef struct -{ - int numCerts; - int numSubjects; - int numNicknames; - int numSMime; - certDBEntryListNode certs; /* pointer to head of cert list */ - certDBEntryListNode subjects; /* pointer to head of subject list */ - certDBEntryListNode nicknames; /* pointer to head of nickname list */ - certDBEntryListNode smime; /* pointer to head of smime list */ -} certDBArray; - -/* Cast list to the base element, a certDBEntryListNode. */ -#define LISTNODE_CAST(node) \ - ((certDBEntryListNode *)(node)) - -static void -Usage(char *progName) -{ -#define FPS fprintf(stderr, - FPS "Type %s -H for more detailed descriptions\n", progName); - FPS "Usage: %s -D [-d certdir] [-i dbname] [-m] [-v [-f dumpfile]]\n", - progName); - FPS " %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n", - progName); - exit(-1); -} - -static void -LongUsage(char *progName) -{ - FPS "%-15s Display this help message.\n", - "-H"); - FPS "%-15s Dump analysis. No changes will be made to the database.\n", - "-D"); - FPS "%-15s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-15s Input cert database name (default is cert7.db)\n", - " -i dbname"); - FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n", - " -m"); - FPS "%-15s This will produce an index graph of your cert db and send\n", - ""); - FPS "%-15s it to Netscape for analysis. Personal info will be removed.\n", - ""); - FPS "%-15s Verbose mode. Dumps the entire contents of your cert7.db.\n", - " -v"); - FPS "%-15s File to dump verbose output into.\n", - " -f dumpfile"); - FPS "%-15s Repair the database. The program will look for broken\n", - "-R"); - FPS "%-15s dependencies between subject entries and certificates,\n", - ""); - FPS "%-15s between nickname entries and subjects, and between SMIME\n", - ""); - FPS "%-15s profiles and subjects. Any duplicate entries will be\n", - ""); - FPS "%-15s removed, any missing entries will be created.\n", - ""); - FPS "%-15s File to store new database in (default is new_cert7.db)\n", - " -o newdbname"); - FPS "%-15s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-15s Input cert database name (default is cert7.db)\n", - " -i dbname"); - FPS "%-15s Prompt before removing any certificates.\n", - " -p"); - FPS "%-15s Keep all possible certificates. Only remove certificates\n", - " -a"); - FPS "%-15s which prevent creation of a consistent database. Thus any\n", - ""); - FPS "%-15s expired or redundant entries will be kept.\n", - ""); - FPS "%-15s Keep redundant nickname/email entries. It is possible\n", - " -r"); - FPS "%-15s only one such entry will be usable.\n", - ""); - FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n", - " -s"); - FPS "%-15s cert. An empty profile will be created.\n", - ""); - FPS "%-15s Keep expired certificates.\n", - " -x"); - FPS "%-15s Verbose mode - report all activity while recovering db.\n", - " -v"); - FPS "%-15s File to dump verbose output into.\n", - " -f dumpfile"); - FPS "\n"); - exit(-1); -#undef FPS -} - -/******************************************************************* - * - * Functions for dbck. - * - ******************************************************************/ - -void -printHexString(PRFileDesc *out, SECItem *hexval) -{ - int i; - for (i = 0; i < hexval->len; i++) { - if (i != hexval->len - 1) { - PR_fprintf(out, "%02x:", hexval->data[i]); - } else { - PR_fprintf(out, "%02x", hexval->data[i]); - } - } - PR_fprintf(out, "\n"); -} - -typedef enum { -/* 0*/ NoSubjectForCert = 0, -/* 1*/ SubjectHasNoKeyForCert, -/* 2*/ NoNicknameOrSMimeForSubject, -/* 3*/ WrongNicknameForSubject, -/* 4*/ NoNicknameEntry, -/* 5*/ WrongSMimeForSubject, -/* 6*/ NoSMimeEntry, -/* 7*/ NoSubjectForNickname, -/* 8*/ NoSubjectForSMime, -/* 9*/ NicknameAndSMimeEntry -} dbErrorType; - -static char *dbErrorString[] = { -/* 0*/ "\nDid not find a subject entry for this certificate.", -/* 1*/ "\nSubject has certKey which is not in db.", -/* 2*/ "\nSubject does not have a nickname or email address.", -/* 3*/ "\nUsing this subject's nickname, found a nickname entry for a different subject.", -/* 4*/ "\nDid not find a nickname entry for this subject.", -/* 5*/ "\nUsing this subject's email, found an S/MIME entry for a different subject.", -/* 6*/ "\nDid not find an S/MIME entry for this subject.", -/* 7*/ "\nDid not find a subject entry for this nickname.", -/* 8*/ "\nDid not find a subject entry for this S/MIME profile.", -}; - -SECStatus -dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile) -{ - int userCert = 0; - CERTCertTrust *trust = cert->trust; - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - if (num >= 0) { - PR_fprintf(outfile, "Certificate: %3d\n", num); - } else { - PR_fprintf(outfile, "Certificate:\n"); - } - PR_fprintf(outfile, "----------------\n"); - if (userCert) - PR_fprintf(outfile, "(User Cert)\n"); - PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName); - PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName); - PR_fprintf(outfile, "## SERIAL NUMBER: "); - printHexString(outfile, &cert->serialNumber); - { /* XXX should be separate function. */ - int64 timeBefore, timeAfter; - PRExplodedTime beforePrintable, afterPrintable; - char *beforestr, *afterstr; - DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore); - DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter); - PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); - PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable); - beforestr = PORT_Alloc(100); - afterstr = PORT_Alloc(100); - PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable); - PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable); - PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr); - } - PR_fprintf(outfile, "\n"); - return SECSuccess; -} - -SECStatus -dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile) -{ - CERTCertificate *cert; - cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL); - if (!cert) { - fprintf(stderr, "Failed to decode certificate.\n"); - return SECFailure; - } - cert->trust = &entry->trust; - dumpCertificate(cert, num, outfile); - CERT_DestroyCertificate(cert); - return SECSuccess; -} - -SECStatus -dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile) -{ - char *subjectName; - subjectName = CERT_DerNameToAscii(&entry->derSubject); - PR_fprintf(outfile, "Subject: %3d\n", num); - PR_fprintf(outfile, "------------\n"); - PR_fprintf(outfile, "## %s\n", subjectName); - if (entry->nickname) - PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname); - if (entry->emailAddr) - PR_fprintf(outfile, "## Subject email address: %s\n", - entry->emailAddr); - PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts); - PR_fprintf(outfile, "\n"); - PORT_Free(subjectName); - return SECSuccess; -} - -SECStatus -dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile) -{ - PR_fprintf(outfile, "Nickname: %3d\n", num); - PR_fprintf(outfile, "-------------\n"); - PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname); - return SECSuccess; -} - -SECStatus -dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile) -{ - PR_fprintf(outfile, "S/MIME Profile: %3d\n", num); - PR_fprintf(outfile, "-------------------\n"); - PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr); - PR_fprintf(outfile, "## OPTIONS: "); - printHexString(outfile, &entry->smimeOptions); - PR_fprintf(outfile, "## TIMESTAMP: "); - printHexString(outfile, &entry->optionsDate); - PR_fprintf(outfile, "\n"); - return SECSuccess; -} - -SECStatus -mapCertEntries(certDBArray *dbArray) -{ - certDBEntryCert *certEntry; - certDBEntrySubject *subjectEntry; - certDBEntryListNode *certNode, *subjNode; - certDBSubjectEntryMap *smap; - certDBEntryMap *map; - PRArenaPool *tmparena; - SECItem derSubject; - SECItem certKey; - PRCList *cElem, *sElem; - int i; - - /* Arena for decoded entries */ - tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (tmparena == NULL) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - return SECFailure; - } - - /* Iterate over cert entries and map them to subject entries. - * NOTE: mapSubjectEntries must be called first to alloc memory - * for array of subject->cert map. - */ - for (cElem = PR_LIST_HEAD(&dbArray->certs.link); - cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { - certNode = LISTNODE_CAST(cElem); - certEntry = (certDBEntryCert *)&certNode->entry; - map = (certDBEntryMap *)certNode->appData; - CERT_NameFromDERCert(&certEntry->derCert, &derSubject); - CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey); - /* Loop over found subjects for cert's DN. */ - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - subjNode = LISTNODE_CAST(sElem); - subjectEntry = (certDBEntrySubject *)&subjNode->entry; - if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) { - /* Found matching subject name, create link. */ - map->pSubject = subjNode; - /* Make sure subject entry has cert's key. */ - for (i=0; incerts; i++) { - if (SECITEM_ItemsAreEqual(&certKey, - &subjectEntry->certKeys[i])) { - /* Found matching cert key. */ - smap = (certDBSubjectEntryMap *)subjNode->appData; - smap->pCerts[i] = certNode; - break; - } - } - } - } - } - PORT_FreeArena(tmparena, PR_FALSE); - return SECSuccess; -} - -SECStatus -mapSubjectEntries(certDBArray *dbArray) -{ - certDBEntrySubject *subjectEntry; - certDBEntryNickname *nicknameEntry; - certDBEntrySMime *smimeEntry; - certDBEntryListNode *subjNode, *nickNode, *smimeNode; - certDBSubjectEntryMap *subjMap; - certDBEntryMap *nickMap, *smimeMap; - PRCList *sElem, *nElem, *mElem; - - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - /* Iterate over subject entries and map subjects to nickname - * and smime entries. The cert<->subject map will be handled - * by a subsequent call to mapCertEntries. - */ - subjNode = LISTNODE_CAST(sElem); - subjectEntry = (certDBEntrySubject *)&subjNode->entry; - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - /* need to alloc memory here for array of matching certs. */ - subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena, - subjectEntry->ncerts*sizeof(int)); - subjMap->numCerts = subjectEntry->ncerts; - if (subjectEntry->nickname) { - /* Subject should have a nickname entry, so create a link. */ - for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); - nElem != &dbArray->nicknames.link; - nElem = PR_NEXT_LINK(nElem)) { - /* Look for subject's nickname in nickname entries. */ - nickNode = LISTNODE_CAST(nElem); - nicknameEntry = (certDBEntryNickname *)&nickNode->entry; - nickMap = (certDBEntryMap *)nickNode->appData; - if (PL_strcmp(subjectEntry->nickname, - nicknameEntry->nickname) == 0) { - /* Found a nickname entry for subject's nickname. */ - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &nicknameEntry->subjectName)) { - /* Nickname and subject match. */ - subjMap->pNickname = nickNode; - nickMap->pSubject = subjNode; - } else { - /* Nickname entry found is for diff. subject. */ - subjMap->pNickname = WrongEntry; - } - } - } - } else { - subjMap->pNickname = NoNickname; - } - if (subjectEntry->emailAddr) { - /* Subject should have an smime entry, so create a link. */ - for (mElem = PR_LIST_HEAD(&dbArray->smime.link); - mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { - /* Look for subject's email in S/MIME entries. */ - smimeNode = LISTNODE_CAST(mElem); - smimeEntry = (certDBEntrySMime *)&smimeNode->entry; - smimeMap = (certDBEntryMap *)smimeNode->appData; - if (PL_strcmp(subjectEntry->emailAddr, - smimeEntry->emailAddr) == 0) { - /* Found a S/MIME entry for subject's email. */ - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &smimeEntry->subjectName)) { - /* S/MIME entry and subject match. */ - subjMap->pSMime = smimeNode; - smimeMap->pSubject = subjNode; - } else { - /* S/MIME entry found is for diff. subject. */ - subjMap->pSMime = WrongEntry; - } - } - } - } else { - subjMap->pSMime = NoSMime; - } - } - return SECSuccess; -} - -void -printnode(dbDebugInfo *info, const char *str, int num) -{ - if (!info->dograph) - return; - if (num < 0) { - PR_fprintf(info->graphfile, str); - } else { - PR_fprintf(info->graphfile, str, num); - } -} - -PRBool -map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent) -{ - if (mapPtr == NULL) { - if (indent > 0) - printnode(info, " ", -1); - if (indent >= 0) - printnode(info, "******************* ", -1); - return PR_FALSE; - } else if (mapPtr == WrongEntry) { - if (indent > 0) - printnode(info, " ", -1); - if (indent >= 0) - printnode(info, "??????????????????? ", -1); - return PR_FALSE; - } else { - return PR_TRUE; - } -} - -/* these call each other */ -void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, - int direction); -void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, - int direction); -void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, - int direction, int optindex, int opttype); -void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, - int direction); - -/* Given an smime entry, print its unique identifier. If GOLEFT is - * specified, print the cert<-subject<-smime map, else just print - * the smime entry. - */ -void -print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - /* Need to output subject and cert first, see print_subject_graph */ - subjNode = smimeMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 1)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GOLEFT, - smimeMap->index, certDBEntryTypeSMimeProfile); - } else { - printnode(info, "<---- S/MIME %5d ", smimeMap->index); - } - } else { - printnode(info, "S/MIME %5d ", smimeMap->index); - } -} - -/* Given a nickname entry, print its unique identifier. If GOLEFT is - * specified, print the cert<-subject<-nickname map, else just print - * the nickname entry. - */ -void -print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - /* Need to output subject and cert first, see print_subject_graph */ - subjNode = nickMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 1)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GOLEFT, - nickMap->index, certDBEntryTypeNickname); - } else { - printnode(info, "<---- Nickname %5d ", nickMap->index); - } - } else { - printnode(info, "Nickname %5d ", nickMap->index); - } -} - -/* Given a subject entry, if going right print the graph of the nickname|smime - * that it maps to (by its unique identifier); and if going left - * print the list of certs that it points to. - */ -void -print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, - int direction, int optindex, int opttype) -{ - certDBEntryMap *map; - certDBEntryListNode *node; - int i; - /* The first line of output always contains the cert id, subject id, - * and nickname|smime id. Subsequent lines may contain additional - * cert id's for the subject if going left or both directions. - * Ex. of printing the graph for a subject entry: - * Cert 3 <- Subject 5 -> Nickname 32 - * Cert 8 / - * Cert 9 / - * means subject 5 has 3 certs, 3, 8, and 9, and corresponds - * to nickname entry 32. - * To accomplish the above, it is required to dump the entire first - * line left-to-right, regardless of the input direction, and then - * finish up any remaining cert entries. Hence the code is uglier - * than one may expect. - */ - if (direction == GOLEFT || direction == GOBOTH) { - /* In this case, nothing should be output until the first cert is - * located and output (cert 3 in the above example). - */ - if (subjMap->numCerts == 0 || subjMap->pCerts == NULL) - /* XXX uh-oh */ - return; - /* get the first cert and dump it. */ - node = subjMap->pCerts[0]; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going left here stops. */ - print_cert_graph(info, map, GOLEFT); - } - /* Now it is safe to output the subject id. */ - if (direction == GOLEFT) - printnode(info, "Subject %5d <---- ", subjMap->index); - else /* direction == GOBOTH */ - printnode(info, "Subject %5d ----> ", subjMap->index); - } - if (direction == GORIGHT || direction == GOBOTH) { - /* Okay, now output the nickname|smime for this subject. */ - if (direction != GOBOTH) /* handled above */ - printnode(info, "Subject %5d ----> ", subjMap->index); - if (subjMap->pNickname) { - node = subjMap->pNickname; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going right here stops. */ - print_nickname_graph(info, map, GORIGHT); - } - } - if (subjMap->pSMime) { - node = subjMap->pSMime; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going right here stops. */ - print_smime_graph(info, map, GORIGHT); - } - } - if (!subjMap->pNickname && !subjMap->pSMime) { - printnode(info, "******************* ", -1); - } - } - if (direction != GORIGHT) { /* going right has only one cert */ - if (opttype == certDBEntryTypeNickname) - printnode(info, "Nickname %5d ", optindex); - else if (opttype == certDBEntryTypeSMimeProfile) - printnode(info, "S/MIME %5d ", optindex); - for (i=1 /* 1st one already done */; inumCerts; i++) { - printnode(info, "\n", -1); /* start a new line */ - node = subjMap->pCerts[i]; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going left here stops. */ - print_cert_graph(info, map, GOLEFT); - printnode(info, "/", -1); - } - } - } -} - -/* Given a cert entry, print its unique identifer. If GORIGHT is specified, - * print the cert->subject->nickname|smime map, else just print - * the cert entry. - */ -void -print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - printnode(info, "Cert %5d <---- ", certMap->index); - /* only want cert entry, terminate here. */ - return; - } - /* Keep going right then. */ - printnode(info, "Cert %5d ----> ", certMap->index); - subjNode = certMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 0)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GORIGHT, -1, -1); - } -} - -SECStatus -computeDBGraph(certDBArray *dbArray, dbDebugInfo *info) -{ - PRCList *cElem, *sElem, *nElem, *mElem; - certDBEntryListNode *node; - certDBEntryMap *map; - certDBSubjectEntryMap *subjMap; - - /* Graph is of this form: - * - * certs: - * cert ---> subject ---> (nickname|smime) - * - * subjects: - * cert <--- subject ---> (nickname|smime) - * - * nicknames and smime: - * cert <--- subject <--- (nickname|smime) - */ - - /* Print cert graph. */ - for (cElem = PR_LIST_HEAD(&dbArray->certs.link); - cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { - /* Print graph of everything to right of cert entry. */ - node = LISTNODE_CAST(cElem); - map = (certDBEntryMap *)node->appData; - print_cert_graph(info, map, GORIGHT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print subject graph. */ - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - /* Print graph of everything to both sides of subject entry. */ - node = LISTNODE_CAST(sElem); - subjMap = (certDBSubjectEntryMap *)node->appData; - print_subject_graph(info, subjMap, GOBOTH, -1, -1); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print nickname graph. */ - for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); - nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) { - /* Print graph of everything to left of nickname entry. */ - node = LISTNODE_CAST(nElem); - map = (certDBEntryMap *)node->appData; - print_nickname_graph(info, map, GOLEFT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print smime graph. */ - for (mElem = PR_LIST_HEAD(&dbArray->smime.link); - mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { - /* Print graph of everything to left of smime entry. */ - node = LISTNODE_CAST(mElem); - if (node == NULL) break; - map = (certDBEntryMap *)node->appData; - print_smime_graph(info, map, GOLEFT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - return SECSuccess; -} - -/* - * List the entries in the db, showing handles between entry types. - */ -void -verboseOutput(certDBArray *dbArray, dbDebugInfo *info) -{ - int i, ref; - PRCList *elem; - certDBEntryListNode *node; - certDBEntryMap *map; - certDBSubjectEntryMap *smap; - certDBEntrySubject *subjectEntry; - - /* List certs */ - for (elem = PR_LIST_HEAD(&dbArray->certs.link); - elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out); - /* walk the cert handle to it's subject entry */ - if (map_handle_is_ok(info, map->pSubject, -1)) { - smap = (certDBSubjectEntryMap *)map->pSubject->appData; - ref = smap->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - /* List subjects */ - for (elem = PR_LIST_HEAD(&dbArray->subjects.link); - elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - subjectEntry = (certDBEntrySubject *)&node->entry; - smap = (certDBSubjectEntryMap *)node->appData; - dumpSubjectEntry(subjectEntry, smap->index, info->out); - /* iterate over subject's certs */ - for (i=0; inumCerts; i++) { - /* walk each subject handle to it's cert entries */ - if (map_handle_is_ok(info, smap->pCerts[i], -1)) { - ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index; - PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref); - } else { - PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i); - } - } - if (subjectEntry->nickname) { - /* walk each subject handle to it's nickname entry */ - if (map_handle_is_ok(info, smap->pNickname, -1)) { - ref = ((certDBEntryMap *)smap->pNickname->appData)->index; - PR_fprintf(info->out, "-->(nickname %d)\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n"); - } - } - if (subjectEntry->emailAddr) { - /* walk each subject handle to it's smime entry */ - if (map_handle_is_ok(info, smap->pSMime, -1)) { - ref = ((certDBEntryMap *)smap->pSMime->appData)->index; - PR_fprintf(info->out, "-->(s/mime %d)\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n"); - } - } - PR_fprintf(info->out, "\n\n"); - } - for (elem = PR_LIST_HEAD(&dbArray->nicknames.link); - elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index, - info->out); - if (map_handle_is_ok(info, map->pSubject, -1)) { - ref = ((certDBEntryMap *)map->pSubject->appData)->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - for (elem = PR_LIST_HEAD(&dbArray->smime.link); - elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out); - if (map_handle_is_ok(info, map->pSubject, -1)) { - ref = ((certDBEntryMap *)map->pSubject->appData)->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - PR_fprintf(info->out, "\n\n"); -} - -char *errResult[] = { - "Certificate entries that had no subject entry.", - "Certificate entries that had no key in their subject entry.", - "Subject entries that had no nickname or email address.", - "Redundant nicknames (subjects with the same nickname).", - "Subject entries that had no nickname entry.", - "Redundant email addresses (subjects with the same email address).", - "Subject entries that had no S/MIME entry.", - "Nickname entries that had no subject entry.", - "S/MIME entries that had no subject entry.", -}; - -int -fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type, - certDBEntryListNode *list) -{ - PRCList *elem; - certDBEntryListNode *node; - certDBEntryMap *mnode; - certDBSubjectEntryMap *smnode; - PRArenaPool *arena; - int count = 0; - /* Initialize a dummy entry in the list. The list head will be the - * next element, so this element is skipped by for loops. - */ - PR_INIT_CLIST((PRCList *)list); - /* Collect all of the cert db entries for this type into a list. */ - SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList, - (PRCList *)list); - for (elem = PR_LIST_HEAD(&list->link); - elem != &list->link; elem = PR_NEXT_LINK(elem)) { - /* Iterate over the entries and ... */ - node = (certDBEntryListNode *)elem; - if (type != certDBEntryTypeSubject) { - arena = PORT_NewArena(sizeof(*mnode)); - mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode)); - mnode->arena = arena; - /* ... assign a unique index number to each node, and ... */ - mnode->index = count; - /* ... set the map pointer for the node. */ - node->appData = (void *)mnode; - } else { - /* allocate some room for the cert pointers also */ - arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *)); - smnode = (certDBSubjectEntryMap *) - PORT_ArenaZAlloc(arena, sizeof(*smnode)); - smnode->arena = arena; - smnode->index = count; - node->appData = (void *)smnode; - } - count++; - } - return count; -} - -void -freeDBEntryList(PRCList *list) -{ - PRCList *next, *elem; - certDBEntryListNode *node; - certDBEntryMap *map; - - for (elem = PR_LIST_HEAD(list); elem != list;) { - next = PR_NEXT_LINK(elem); - node = (certDBEntryListNode *)elem; - map = (certDBEntryMap *)node->appData; - PR_REMOVE_LINK(&node->link); - PORT_FreeArena(map->arena, PR_TRUE); - PORT_FreeArena(node->entry.common.arena, PR_TRUE); - elem = next; - } -} - -void -DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile) -{ - int i, nCertsFound, nSubjFound, nErr; - int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime; - PRCList *elem; - char c; - dbDebugInfo info; - certDBArray dbArray; - - PORT_Memset(&dbArray, 0, sizeof(dbArray)); - PORT_Memset(&info, 0, sizeof(info)); - info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ; - info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ; - info.out = (out) ? out : PR_STDOUT; - info.graphfile = mailfile; - - /* Fill the array structure with cert/subject/nickname/smime entries. */ - dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert, - &dbArray.certs); - dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject, - &dbArray.subjects); - dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname, - &dbArray.nicknames); - dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile, - &dbArray.smime); - - /* Compute the map between the database entries. */ - mapSubjectEntries(&dbArray); - mapCertEntries(&dbArray); - computeDBGraph(&dbArray, &info); - - /* Store the totals for later reference. */ - nCerts = dbArray.numCerts; - nSubjects = dbArray.numSubjects; - nNicknames = dbArray.numNicknames; - nSMime = dbArray.numSMime; - nSubjCerts = 0; - for (elem = PR_LIST_HEAD(&dbArray.subjects.link); - elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) { - certDBSubjectEntryMap *smap; - smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData; - nSubjCerts += smap->numCerts; - } - - if (info.verbose) { - /* Dump the database contents. */ - verboseOutput(&dbArray, &info); - } - - freeDBEntryList(&dbArray.certs.link); - freeDBEntryList(&dbArray.subjects.link); - freeDBEntryList(&dbArray.nicknames.link); - freeDBEntryList(&dbArray.smime.link); - - PR_fprintf(info.out, "\n"); - PR_fprintf(info.out, "Database statistics:\n"); - PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n", - nCerts); - PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n", - nSubjects); - PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n", - nSubjCerts); - PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n", - nNicknames); - PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n", - nSMime); - PR_fprintf(info.out, "\n"); - - nErr = 0; - for (i=0; isubjectName) { - return NULL; - } - - tmp1 = PORT_Strstr(cert->subjectName, "E="); - tmp2 = PORT_Strstr(cert->subjectName, "MAIL="); - /* XXX Nelson has cert for KTrilli which does not have either - * of above but is email cert (has cert->emailAddr). - */ - if (!tmp1 && !tmp2 && !cert->emailAddr) { - return NULL; - } - - /* Server or CA cert, not personal email. */ - isCA = CERT_IsCACert(cert, NULL); - if (isCA) - return NULL; - - /* XXX CERT_IsCACert advertises checking the key usage ext., - but doesn't appear to. */ - /* Check the key usage extension. */ - if (cert->keyUsagePresent) { - /* Must at least be able to sign or encrypt (not neccesarily - * both if it is one of a dual cert). - */ - if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) || - (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT))) - return NULL; - - /* CA cert, not personal email. */ - if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN)) - return NULL; - } - - if (cert->emailAddr) { - email = PORT_Strdup(cert->emailAddr); - } else { - if (tmp1) - tmp1 += 2; /* "E=" */ - else - tmp1 = tmp2 + 5; /* "MAIL=" */ - len = strcspn(tmp1, ", "); - email = (char*)PORT_Alloc(len+1); - PORT_Strncpy(email, tmp1, len); - email[len] = '\0'; - } - - return email; -} - -SECStatus -deleteit(CERTCertificate *cert, void *arg) -{ - return SEC_DeletePermCertificate(cert); -} - -/* Different than DeleteCertificate - has the added bonus of removing - * all certs with the same DN. - */ -SECStatus -deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert, - PRFileDesc *outfile) -{ -#if 0 - certDBEntrySubject *subjectEntry; - certDBEntryNickname *nicknameEntry; - certDBEntrySMime *smimeEntry; - int i; -#endif - - if (outfile) { - PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n"); - PR_fprintf(outfile, "Deleting redundant certificate:\n"); - dumpCertificate(cert, -1, outfile); - } - - CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL); -#if 0 - CERT_LockDB(handle); - subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject); - /* It had better be there, or created a bad db. */ - PORT_Assert(subjectEntry); - for (i=0; incerts; i++) { - DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]); - } - DeleteDBSubjectEntry(handle, &cert->derSubject); - if (subjectEntry->emailAddr) { - smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr); - if (smimeEntry) { - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &smimeEntry->subjectName)) - /* Only delete it if it's for this subject! */ - DeleteDBSMimeEntry(handle, subjectEntry->emailAddr); - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - } - } - if (subjectEntry->nickname) { - nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname); - if (nicknameEntry) { - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &nicknameEntry->subjectName)) - /* Only delete it if it's for this subject! */ - DeleteDBNicknameEntry(handle, subjectEntry->nickname); - SEC_DestroyDBEntry((certDBEntry*)nicknameEntry); - } - } - SEC_DestroyDBEntry((certDBEntry*)subjectEntry); - CERT_UnlockDB(handle); -#endif - return SECSuccess; -} - -void -getCertsToDelete(char *numlist, int len, int *certNums, int nCerts) -{ - int j, num; - char *numstr, *numend, *end; - - numstr = numlist; - end = numstr + len - 1; - while (numstr != end) { - numend = strpbrk(numstr, ", \n"); - *numend = '\0'; - if (PORT_Strlen(numstr) == 0) - return; - num = PORT_Atoi(numstr); - if (numstr == numlist) - certNums[0] = num; - for (j=1; jpromptUser[errtype] == PR_FALSE) - return (info->removeType[errtype]); - switch (errtype) { - case dbInvalidCert: - PR_fprintf(PR_STDOUT, "******** Expired ********\n"); - PR_fprintf(PR_STDOUT, "Cert has expired.\n\n"); - dumpCertificate(certs[0], -1, PR_STDOUT); - PR_fprintf(PR_STDOUT, - "Keep it? (y/n - this one, Y/N - all expired certs) [n] "); - break; - case dbNoSMimeProfile: - PR_fprintf(PR_STDOUT, "******** No Profile ********\n"); - PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n"); - dumpCertificate(certs[0], -1, PR_STDOUT); - PR_fprintf(PR_STDOUT, - "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] "); - break; - case dbOlderCert: - PR_fprintf(PR_STDOUT, "******* Redundant nickname/email *******\n\n"); - PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n"); - for (i=0; ipromptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_TRUE; - return PR_TRUE; - } - getCertsToDelete(response, nb, certNums, nCerts); - return PR_TRUE; - } - /* User doesn't want to be prompted for this type anymore. */ - if (response[0] == 'Y') { - info->promptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_FALSE; - return PR_FALSE; - } else if (response[0] == 'N') { - info->promptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_TRUE; - return PR_TRUE; - } - return (response[0] != 'y') ? PR_TRUE : PR_FALSE; -} - -SECStatus -addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info, - CERTCertDBHandle *oldhandle) -{ - SECStatus rv = SECSuccess; - PRBool allowOverride; - PRBool userCert; - SECCertTimeValidity validity; - CERTCertificate *oldCert = NULL; - CERTCertificate *dbCert = NULL; - CERTCertificate *newCert = NULL; - CERTCertTrust *trust; - certDBEntrySMime *smimeEntry = NULL; - char *email = NULL; - char *nickname = NULL; - int nCertsForSubject = 1; - - oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE, - certEntry->nickname); - if (!oldCert) { - info->dbErrors[dbBadCertificate]++; - SEC_DestroyDBEntry((certDBEntry*)certEntry); - return SECSuccess; - } - - oldCert->dbEntry = certEntry; - oldCert->trust = &certEntry->trust; - oldCert->dbhandle = oldhandle; - - trust = oldCert->trust; - - info->nOldCerts++; - - if (info->verbose) - PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n"); - - if (oldCert->nickname) - nickname = PORT_Strdup(oldCert->nickname); - - /* Always keep user certs. Skip ahead. */ - /* XXX if someone sends themselves a signed message, it is possible - for their cert to be imported as an "other" cert, not a user cert. - this mucks with smime entries... */ - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - if (userCert) - goto createcert; - - /* If user chooses so, ignore expired certificates. */ - allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) || - (oldCert->keyUsage == certUsageSSLServerWithStepUp)); - validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride); - /* If cert expired and user wants to delete it, ignore it. */ - if ((validity != secCertTimeValid) && - userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) { - info->dbErrors[dbInvalidCert]++; - if (info->verbose) { - PR_fprintf(info->out, "Deleting expired certificate:\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } - - /* New database will already have default certs, don't attempt - to overwrite them. */ - dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert); - if (dbCert) { - info->nCerts++; - if (info->verbose) { - PR_fprintf(info->out, "Added certificate to database:\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } - - /* Determine if cert is S/MIME and get its email if so. */ - email = IsEmailCert(oldCert); - - /* - XXX Just create empty profiles? - if (email) { - SECItem *profile = CERT_FindSMimeProfile(oldCert); - if (!profile && - userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) { - info->dbErrors[dbNoSMimeProfile]++; - if (info->verbose) { - PR_fprintf(info->out, - "Deleted cert missing S/MIME profile.\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } else { - SECITEM_FreeItem(profile); - } - } - */ - -createcert: - - /* Sometimes happens... */ - if (!nickname && userCert) - nickname = PORT_Strdup(oldCert->subjectName); - - /* Create a new certificate, copy of the old one. */ - newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert, - nickname, PR_FALSE, PR_TRUE); - if (!newCert) { - PR_fprintf(PR_STDERR, "Unable to create new certificate.\n"); - dumpCertificate(oldCert, -1, PR_STDERR); - info->dbErrors[dbBadCertificate]++; - goto cleanup; - } - - /* Add the cert to the new database. */ - rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust); - if (rv) { - PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n"); - dumpCertificate(oldCert, -1, PR_STDERR); - info->dbErrors[dbCertNotWrittenToDB]++; - goto cleanup; - } - - if (info->verbose) { - PR_fprintf(info->out, "Added certificate to database:\n"); - dumpCertificate(oldCert, -1, info->out); - } - - /* If the cert is an S/MIME cert, and the first with it's subject, - * modify the subject entry to include the email address, - * CERT_AddTempCertToPerm does not do email addresses and S/MIME entries. - */ - if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */ -#if 0 - UpdateSubjectWithEmailAddr(newCert, email); -#endif - SECItem emailProfile, profileTime; - rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime); - /* calls UpdateSubjectWithEmailAddr */ - if (rv == SECSuccess) - rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime); - } - - info->nCerts++; - -cleanup: - - if (nickname) - PORT_Free(nickname); - if (email) - PORT_Free(email); - if (oldCert) - CERT_DestroyCertificate(oldCert); - if (dbCert) - CERT_DestroyCertificate(dbCert); - if (newCert) - CERT_DestroyCertificate(newCert); - if (smimeEntry) - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - return SECSuccess; -} - -#if 0 -SECStatus -copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata) -{ - SECStatus rv; - CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata; - certDBEntryCommon common; - SECItem dbkey; - - common.type = type; - common.version = CERT_DB_FILE_VERSION; - common.flags = data->data[2]; - common.arena = NULL; - - dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN; - dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char)); - PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len); - dbkey.data[0] = type; - - rv = WriteDBEntry(newdb, &common, &dbkey, data); - - PORT_Free(dbkey.data); - return rv; -} -#endif - -int -certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2) -{ - return !CERT_IsNewer(*cert1, *cert2); -} - -int -findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum, - certDBArray *dbArray, dbRestoreInfo *info, - int *subjectWithSMime, int *smimeForSubject) -{ - int newestSubject; - int subjectsForEmail[50]; - int i, j, ns, sNum; - certDBEntryListNode *subjects = &dbArray->subjects; - certDBEntryListNode *smime = &dbArray->smime; - certDBEntrySubject *subjectEntry1, *subjectEntry2; - certDBEntrySMime *smimeEntry; - CERTCertificate **certs; - CERTCertificate *cert; - CERTCertTrust *trust; - PRBool userCert; - int *certNums; - - ns = 0; - subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum]; - subjectsForEmail[ns++] = subjectNum; - - *subjectWithSMime = -1; - *smimeForSubject = -1; - newestSubject = subjectNum; - - cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]); - if (cert) { - trust = cert->trust; - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - CERT_DestroyCertificate(cert); - } - - /* Loop over the remaining subjects. */ - for (i=subjectNum+1; iemailAddr && - PORT_Strcmp(subjectEntry1->emailAddr, - subjectEntry2->emailAddr) == 0) { - /* Found a subject using the same email address. */ - subjectsForEmail[ns++] = i; - } - } - - /* Find the S/MIME entry for this email address. */ - for (i=0; icommon.arena == NULL) - continue; - if (PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) { - /* Find which of the subjects uses this S/MIME entry. */ - for (j=0; jsubjectName, - &subjectEntry2->derSubject)) { - /* Found the subject corresponding to the S/MIME entry. */ - *subjectWithSMime = sNum; - *smimeForSubject = i; - } - } - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - PORT_Memset(smimeEntry, 0, sizeof(certDBEntry)); - break; - } - } - - if (ns <= 1) - return subjectNum; - - if (userCert) - return *subjectWithSMime; - - /* Now find which of the subjects has the newest cert. */ - certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*)); - certNums = (int*)PORT_Alloc((ns+1)*sizeof(int)); - certNums[0] = 0; - for (i=0; icertKeys[0]); - certNums[i+1] = i; - } - /* Sort the array by validity. */ - qsort(certs, ns, sizeof(CERTCertificate*), - (int (*)(const void *, const void *))certIsOlder); - newestSubject = -1; - for (i=0; iderSubject, - &certs[0]->derSubject)) - newestSubject = sNum; - else - SEC_DestroyDBEntry((certDBEntry*)subjectEntry1); - } - if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) { - for (i=1; i= 0 && certNums[i] != certNums[0]) { - deleteAllEntriesForCert(handle, certs[certNums[i]], info->out); - info->dbErrors[dbOlderCert]++; - } - } - } - CERT_DestroyCertArray(certs, ns); - return newestSubject; -} - -CERTCertDBHandle * -DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname, - PRFileDesc *outfile, PRBool removeExpired, - PRBool requireProfile, PRBool singleEntry, - PRBool promptUser) -{ - SECStatus rv; - dbRestoreInfo info; - certDBEntryContentVersion *oldContentVersion; - certDBArray dbArray; - int i; - - PORT_Memset(&dbArray, 0, sizeof(dbArray)); - PORT_Memset(&info, 0, sizeof(info)); - info.verbose = (outfile) ? PR_TRUE : PR_FALSE; - info.out = (outfile) ? outfile : PR_STDOUT; - info.removeType[dbInvalidCert] = removeExpired; - info.removeType[dbNoSMimeProfile] = requireProfile; - info.removeType[dbOlderCert] = singleEntry; - info.promptUser[dbInvalidCert] = promptUser; - info.promptUser[dbNoSMimeProfile] = promptUser; - info.promptUser[dbOlderCert] = promptUser; - - /* Allocate a handle to fill with CERT_OpenCertDB below. */ - info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle)); - if (!info.handle) { - fprintf(stderr, "unable to get database handle"); - return NULL; - } - - /* Create a certdb with the most recent set of roots. */ - rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE); - - if (rv) { - fprintf(stderr, "could not open certificate database"); - goto loser; - } - - /* Create certificate, subject, nickname, and email records. - * mcom_db seems to have a sequential access bug. Though reads and writes - * should be allowed during traversal, they seem to screw up the sequence. - * So, stuff all the cert entries into an array, and loop over the array - * doing read/writes in the db. - */ - fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs); - for (elem = PR_LIST_HEAD(&dbArray->certs.link); - elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle); - /* entries get destroyed in addCertToDB */ - } -#if 0 - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile, - copyDBEntry, info.handle); -#endif - - /* Fix up the pointers between (nickname|S/MIME) --> (subject). - * Create S/MIME entries for S/MIME certs. - * Have the S/MIME entry point to the last-expiring cert using - * an email address. - */ -#if 0 - CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info); -#endif - - freeDBEntryList(&dbArray.certs.link); - - /* Copy over the version record. */ - /* XXX Already exists - and _must_ be correct... */ - /* - versionEntry = ReadDBVersionEntry(oldhandle); - rv = WriteDBVersionEntry(info.handle, versionEntry); - */ - - /* Copy over the content version record. */ - /* XXX Can probably get useful info from old content version? - * Was this db created before/after this tool? etc. - */ -#if 0 - oldContentVersion = ReadDBContentVersionEntry(oldhandle); - CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle); -#endif - -#if 0 - /* Copy over the CRL & KRL records. */ - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation, - copyDBEntry, info.handle); - /* XXX Only one KRL, just do db->get? */ - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation, - copyDBEntry, info.handle); -#endif - - PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts); - - PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts); - PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n", - info.dbErrors[dbInvalidCert]); - PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n", - info.dbErrors[dbNoSMimeProfile]); - PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n", - info.dbErrors[dbOlderCert]); - PR_fprintf(info.out, " Rejected %d corrupt certificates.\n", - info.dbErrors[dbBadCertificate]); - PR_fprintf(info.out, " Rejected %d certificates which did not write to the DB.\n", - info.dbErrors[dbCertNotWrittenToDB]); - - if (rv) - goto loser; - - return info.handle; - -loser: - if (info.handle) - PORT_Free(info.handle); - return NULL; -} -#endif /* DORECOVER */ - -enum { - cmd_Debug = 0, - cmd_LongUsage, - cmd_Recover -}; - -enum { - opt_KeepAll = 0, - opt_CertDir, - opt_Dumpfile, - opt_InputDB, - opt_OutputDB, - opt_Mailfile, - opt_Prompt, - opt_KeepRedundant, - opt_KeepNoSMimeProfile, - opt_Verbose, - opt_KeepExpired -}; - -static secuCommandFlag dbck_commands[] = -{ - { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag dbck_options[] = -{ - { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE }, - { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE }, - { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE } -}; - -int -main(int argc, char **argv) -{ - CERTCertDBHandle *certHandle; - - PRFileInfo fileInfo; - PRFileDesc *mailfile = NULL; - PRFileDesc *dumpfile = NULL; - - char * pathname = 0; - char * fullname = 0; - char * newdbname = 0; - - PRBool removeExpired, requireProfile, singleEntry; - - SECStatus rv; - - secuCommand dbck; - dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag); - dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag); - dbck.commands = dbck_commands; - dbck.options = dbck_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &dbck); - - if (rv != SECSuccess) - Usage(progName); - - if (dbck.commands[cmd_LongUsage].activated) - LongUsage(progName); - - if (!dbck.commands[cmd_Debug].activated && - !dbck.commands[cmd_Recover].activated) { - PR_fprintf(PR_STDERR, "Please specify -D or -R.\n"); - Usage(progName); - } - - removeExpired = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepExpired].activated); - - requireProfile = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepNoSMimeProfile].activated); - - singleEntry = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepRedundant].activated); - - if (dbck.options[opt_OutputDB].activated) { - newdbname = PL_strdup(dbck.options[opt_OutputDB].arg); - } else { - newdbname = PL_strdup("new_cert7.db"); - } - - /* Create a generic graph of the database. */ - if (dbck.options[opt_Mailfile].activated) { - mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660); - if (!mailfile) { - fprintf(stderr, "Unable to create mailfile.\n"); - return -1; - } - } - - /* Dump all debugging info while running. */ - if (dbck.options[opt_Verbose].activated) { - if (dbck.options[opt_Dumpfile].activated) { - dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg, - PR_RDWR | PR_CREATE_FILE, 00660); - } - if (!dumpfile) { - fprintf(stderr, "Unable to create dumpfile.\n"); - return -1; - } - } - - /* Set the cert database directory. */ - if (dbck.options[opt_CertDir].activated) { - SECU_ConfigDirectory(dbck.options[opt_CertDir].arg); - } - - PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SEC_Init(); - - certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle)); - if (!certHandle) { - SECU_PrintError(progName, "unable to get database handle"); - return -1; - } - - /* Open the possibly corrupt database. */ - if (dbck.options[opt_InputDB].activated) { - pathname = SECU_ConfigDirectory(NULL); - fullname = PR_smprintf("%s/%s", pathname, - dbck.options[opt_InputDB].arg); - if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { - fprintf(stderr, "Unable to read file \"%s\".\n", fullname); - return -1; - } - rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE); - } else { - /* Use the default. */ - fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION); - if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { - fprintf(stderr, "Unable to read file \"%s\".\n", fullname); - return -1; - } - rv = CERT_OpenCertDB(certHandle, PR_TRUE, - SECU_CertDBNameCallback, NULL); - } - - if (rv) { - SECU_PrintError(progName, "unable to open cert database"); - return -1; - } - - if (dbck.commands[cmd_Debug].activated) { - DBCK_DebugDB(certHandle, dumpfile, mailfile); - return 0; - } - -#ifdef DORECOVER - if (dbck.commands[cmd_Recover].activated) { - DBCK_ReconstructDBFromCerts(certHandle, newdbname, - dumpfile, removeExpired, - requireProfile, singleEntry, - dbck.options[opt_Prompt].activated); - return 0; - } -#endif - - if (mailfile) - PR_Close(mailfile); - if (dumpfile) - PR_Close(dumpfile); - if (certHandle) { - CERT_ClosePermCertDB(certHandle); - PORT_Free(certHandle); - } - return -1; -} diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn deleted file mode 100644 index 74e66c49e0..0000000000 --- a/security/nss/cmd/dbck/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = \ - dbck.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = dbck diff --git a/security/nss/cmd/dbtest/Makefile b/security/nss/cmd/dbtest/Makefile deleted file mode 100644 index 0d4b54c29b..0000000000 --- a/security/nss/cmd/dbtest/Makefile +++ /dev/null @@ -1,86 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -ifdef XP_OS2_VACPP -CFLAGS += -I../modutil -endif - -ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE -ifndef BUILD_OPT -LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no -OS_CFLAGS += -D_CONSOLE -endif -endif - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - -#include ../platlibs.mk - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk - diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c deleted file mode 100644 index 047b86f28d..0000000000 --- a/security/nss/cmd/dbtest/dbtest.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * Sonja Mirtitsch Sun Microsystems - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** dbtest.c -** -** QA test for cert and key databases, especially to open -** database readonly (NSS_INIT_READONLY) and force initializations -** even if the databases cannot be opened (NSS_INIT_FORCEOPEN) -** -*/ -#include -#include - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "certdb.h" -#include "nss.h" -#include "../modutil/modutil.h" - -#include "plgetopt.h" - -static char *progName; - -char *dbDir = NULL; - -static char *dbName[]={"secmod.db", "cert7.db", "key3.db"}; -static char* dbprefix = ""; -static char* secmodName = "secmod.db"; -PRBool verbose; - - -static void Usage(const char *progName) -{ - printf("Usage: %s [-r] [-f] [-d dbdir ] \n", - progName); - printf("%-20s open database readonly (NSS_INIT_READONLY)\n", "-r"); - printf("%-20s Continue to force initializations even if the\n", "-f"); - printf("%-20s databases cannot be opened (NSS_INIT_FORCEOPEN)\n", " "); - printf("%-20s Directory with cert database (default is .\n", - "-d certdir"); - exit(1); -} - -int main(int argc, char **argv) -{ - PLOptState *optstate; - PLOptStatus optstatus; - - PRUint32 flags = 0; - PRBool useCommandLinePassword = PR_FALSE; - Error ret; - SECStatus rv; - char * dbString = NULL; - int i; - - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - optstate = PL_CreateOptState(argc, argv, "rfd:h"); - - while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case 'h': - default : Usage(progName); break; - - case 'r': flags |= NSS_INIT_READONLY; break; - - case 'f': flags |= NSS_INIT_FORCEOPEN; break; - - case 'd': - dbDir = PORT_Strdup(optstate->value); - break; - - } - } - if (optstatus == PL_OPT_BAD) - Usage(progName); - - if (!dbDir) { - dbDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */ - } - dbDir = SECU_ConfigDirectory(dbDir); - PR_fprintf(PR_STDERR, "dbdir selected is %s\n\n", dbDir); - - if( dbDir[0] == '\0') { - PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir); - ret= DIR_DOESNT_EXIST_ERR; - goto loser; - } - - - PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 0); - - /* get the status of the directory and databases and output message */ - if(PR_Access(dbDir, PR_ACCESS_EXISTS) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir); - } else if(PR_Access(dbDir, PR_ACCESS_READ_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dbDir); - } else { - if( !( flags & NSS_INIT_READONLY ) && - PR_Access(dbDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dbDir); - } - for (i=0;i<3;i++) { - dbString=PR_smprintf("%s/%s",dbDir,dbName[i]); - PR_fprintf(PR_STDOUT, "database checked is %s\n",dbString); - if(PR_Access(dbString, PR_ACCESS_EXISTS) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_DOESNT_EXIST_ERR], - dbString); - } else if(PR_Access(dbString, PR_ACCESS_READ_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], - dbString); - } else if( !( flags & NSS_INIT_READONLY ) && - PR_Access(dbString, PR_ACCESS_WRITE_OK) != PR_SUCCESS) { - PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR], - dbString); - } - } - } - - rv = NSS_Initialize(SECU_ConfigDirectory(dbDir), dbprefix, dbprefix, - secmodName, flags); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - ret=NSS_INITIALIZE_FAILED_ERR; - } else { - ret=SUCCESS; - } - -loser: - return ret; -} - diff --git a/security/nss/cmd/dbtest/makefile.win b/security/nss/cmd/dbtest/makefile.win deleted file mode 100644 index 5a60fd0af1..0000000000 --- a/security/nss/cmd/dbtest/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = dbtest -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/dbtest/manifest.mn b/security/nss/cmd/dbtest/manifest.mn deleted file mode 100644 index 0f6888088f..0000000000 --- a/security/nss/cmd/dbtest/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -# DIRS = - -CSRCS = dbtest.c - -PROGRAM = dbtest - diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile deleted file mode 100644 index 573c12cac1..0000000000 --- a/security/nss/cmd/derdump/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c deleted file mode 100644 index 603d5f772a..0000000000 --- a/security/nss/cmd/derdump/derdump.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "nss.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fprintf(FILE *, char *, ...); -#endif -#endif -#include "plgetopt.h" - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-r] [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n", - "-r"); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - int option; - FILE *outFile; - PRFileDesc *inFile; - SECItem der; - SECStatus rv; - int16 xp_error; - PRBool raw = PR_FALSE; - PLOptState *optstate; - PLOptStatus status; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - inFile = 0; - outFile = 0; - optstate = PL_CreateOptState(argc, argv, "i:o:r"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case 'i': - inFile = PR_Open(optstate->value, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - - case 'r': - raw = PR_TRUE; - break; - - default: - Usage(progName); - break; - } - } - if (status == PL_OPT_BAD) - Usage(progName); - - if (!inFile) inFile = PR_STDIN; - if (!outFile) outFile = stdout; - - rv = NSS_NoDB_Init(NULL); /* XXX */ - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - - rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE); - if (rv == SECSuccess) { - rv = DER_PrettyPrint(outFile, &der, raw); - if (rv == SECSuccess) - return 0; - } - - xp_error = PORT_GetError(); - if (xp_error) { - SECU_PrintError(progName, "error %d", xp_error); - } - if (errno) { - SECU_PrintSystemError(progName, "errno=%d", errno); - } - return 1; -} diff --git a/security/nss/cmd/derdump/makefile.win b/security/nss/cmd/derdump/makefile.win deleted file mode 100644 index 9a9d4edef3..0000000000 --- a/security/nss/cmd/derdump/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = derdump -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn deleted file mode 100644 index d9252cd0d2..0000000000 --- a/security/nss/cmd/derdump/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = derdump.c - -PROGRAM = derdump diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile deleted file mode 100644 index 573c12cac1..0000000000 --- a/security/nss/cmd/digest/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c deleted file mode 100644 index b9987265b7..0000000000 --- a/security/nss/cmd/digest/digest.c +++ /dev/null @@ -1,250 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "pk11func.h" -#include "secoid.h" - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#include "plgetopt.h" - -static SECOidData * -HashTypeToOID(HASH_HashType hashtype) -{ - SECOidTag hashtag; - - if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL) - return NULL; - - switch (hashtype) { - case HASH_AlgMD2: - hashtag = SEC_OID_MD2; - break; - case HASH_AlgMD5: - hashtag = SEC_OID_MD5; - break; - case HASH_AlgSHA1: - hashtag = SEC_OID_SHA1; - break; - default: - fprintf(stderr, "A new hash type has been added to HASH_HashType.\n"); - fprintf(stderr, "This program needs to be updated!\n"); - return NULL; - } - - return SECOID_FindOIDByTag(hashtag); -} - -static SECOidData * -HashNameToOID(const char *hashName) -{ - HASH_HashType htype; - SECOidData *hashOID; - - for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) { - hashOID = HashTypeToOID(htype); - if (PORT_Strcasecmp(hashName, hashOID->desc) == 0) - break; - } - - if (htype == HASH_AlgTOTAL) - return NULL; - - return hashOID; -} - -static void -Usage(char *progName) -{ - HASH_HashType htype; - - fprintf(stderr, - "Usage: %s -t type [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Specify the digest method (must be one of\n", - "-t type"); - fprintf(stderr, "%-20s ", ""); - for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) { - fprintf(stderr, HashTypeToOID(htype)->desc); - if (htype == (HASH_AlgTOTAL - 2)) - fprintf(stderr, " or "); - else if (htype != (HASH_AlgTOTAL - 1)) - fprintf(stderr, ", "); - } - fprintf(stderr, " (case ignored))\n"); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -static int -DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID) -{ - int nb; - unsigned char ibuf[4096], digest[32]; - PK11Context *hashcx; - unsigned int len; - SECStatus rv; - - hashcx = PK11_CreateDigestContext(hashOID->offset); - if (hashcx == NULL) { - return -1; - } - PK11_DigestBegin(hashcx); - - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - PK11_DestroyContext(hashcx,PR_TRUE); - return -1; - } - /* eof */ - break; - } - } - rv = PK11_DigestOp(hashcx, ibuf, nb); - if (rv != SECSuccess) { - PK11_DestroyContext(hashcx, PR_TRUE); - return -1; - } - } - - rv = PK11_DigestFinal(hashcx, digest, &len, 32); - PK11_DestroyContext(hashcx, PR_TRUE); - - if (rv != SECSuccess) return -1; - - nb = fwrite(digest, 1, len, outFile); - if (nb != len) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return 0; -} - -#include "nss.h" - -int -main(int argc, char **argv) -{ - char *progName; - int opt; - FILE *inFile, *outFile; - char *hashName; - SECOidData *hashOID; - PLOptState *optstate; - PLOptStatus status; - SECStatus rv; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - inFile = NULL; - outFile = NULL; - hashName = NULL; - - rv = NSS_Init("/tmp"); - if (rv != SECSuccess) { - fprintf(stderr, "%s: NSS_Init failed in directory %s\n", - progName, "/tmp"); - return -1; - } - - /* - * Parse command line arguments - */ - optstate = PL_CreateOptState(argc, argv, "t:i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "r"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - - case 't': - hashName = strdup(optstate->value); - break; - } - } - - if (!hashName) Usage(progName); - - if (!inFile) inFile = stdin; - if (!outFile) outFile = stdout; - - hashOID = HashNameToOID(hashName); - if (hashOID == NULL) { - fprintf(stderr, "%s: invalid digest type\n", progName); - Usage(progName); - } - - if (DigestFile(outFile, inFile, hashOID)) { - fprintf(stderr, "%s: problem digesting data (%s)\n", - progName, SECU_Strerror(PORT_GetError())); - return -1; - } - - return 0; -} diff --git a/security/nss/cmd/digest/makefile.win b/security/nss/cmd/digest/makefile.win deleted file mode 100644 index e8ec27ca2d..0000000000 --- a/security/nss/cmd/digest/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = digest -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn deleted file mode 100644 index c84152d01d..0000000000 --- a/security/nss/cmd/digest/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = digest.c - -PROGRAM = digest - diff --git a/security/nss/cmd/ilock/Makefile b/security/nss/cmd/ilock/Makefile deleted file mode 100644 index 4e39ffc3ff..0000000000 --- a/security/nss/cmd/ilock/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/ilock/ilock.c b/security/nss/cmd/ilock/ilock.c deleted file mode 100644 index 3e2390b8df..0000000000 --- a/security/nss/cmd/ilock/ilock.c +++ /dev/null @@ -1,199 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape Portable Runtime (NSPR). - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** File: ilock.c -** Description: ilock.c is a unit test for nssilock. ilock.c -** tests the basic operation of nssilock. It should not be -** considered a complete test suite. -** -** To check that logging works, before running this test, -** define the following environment variables: -** -** -** -** -** -*/ - -#include -#include -#include -#include -#include - - -/* -** Test harness infrastructure -*/ -PRLogModuleInfo *lm; -PRLogModuleLevel msgLevel = PR_LOG_NONE; -PRIntn debug = 0; -PRUint32 failed_already = 0; -/* end Test harness infrastructure */ - -PRIntn optIterations = 1; /* default iterations */ - -PRIntn main(PRIntn argc, char *argv[]) -{ - PRIntn i; - { - /* - ** Get command line options - */ - PLOptStatus os; - PLOptState *opt = PL_CreateOptState(argc, argv, "hdvi:"); - - while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) - { - if (PL_OPT_BAD == os) continue; - switch (opt->option) - { - case 'd': /* debug */ - debug = 1; - msgLevel = PR_LOG_ERROR; - break; - case 'v': /* verbose mode */ - msgLevel = PR_LOG_DEBUG; - break; - case 'i': /* number of iterations */ - optIterations = atol( opt->value ); - if ( 0 == optIterations ) optIterations = 1; /* coerce default on zero */ - break; - default: - break; - } - } - PL_DestroyOptState(opt); - } - - for ( i = 0 ; i < optIterations ; i++ ) { - /* First, test Lock */ - { - PZLock *pl; - PZMonitor *pm; - PZCondVar *cv; - PRStatus rc; - - pl = PZ_NewLock( nssILockOther ); - if ( NULL == pl ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_Lock( pl ); - - rc = PZ_Unlock( pl ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_DestroyLock( pl ); - - /* now, test CVar */ - /* re-create the lock we just destroyed */ - pl = PZ_NewLock( nssILockOther ); - if ( NULL == pl ) { - failed_already = PR_TRUE; - goto Finished; - } - - cv = PZ_NewCondVar( pl ); - if ( NULL == cv ) { - failed_already = PR_TRUE; - goto Finished; - } - - PZ_Lock( pl ); - rc = PZ_NotifyCondVar( cv ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - - rc = PZ_NotifyAllCondVar( cv ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - - rc = PZ_WaitCondVar( cv, PR_SecondsToInterval(1)); - if ( PR_FAILURE == rc ) { - if ( PR_UNKNOWN_ERROR != PR_GetError()) { - failed_already = PR_TRUE; - goto Finished; - } - } - PZ_Unlock( pl ); - PZ_DestroyCondVar( cv ); - - /* Now, test Monitor */ - pm = PZ_NewMonitor( nssILockOther ); - if ( NULL == pm ) { - failed_already = PR_TRUE; - goto Finished; - } - - PZ_EnterMonitor( pm ); - - rc = PZ_Notify( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_NotifyAll( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_Wait( pm, PR_INTERVAL_NO_WAIT ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_ExitMonitor( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_DestroyMonitor( pm ); - } - } /* --- end for() --- */ - - -Finished: - if (debug) printf("%s\n", (failed_already)? "FAIL" : "PASS"); - return( (failed_already == PR_TRUE )? 1 : 0 ); -} /* main() */ -/* end ilock.c */ - diff --git a/security/nss/cmd/ilock/manifest.mn b/security/nss/cmd/ilock/manifest.mn deleted file mode 100644 index 4a8f7988c1..0000000000 --- a/security/nss/cmd/ilock/manifest.mn +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = ilock.c - -PROGRAM = ilock -# PROGRAM = ./$(OBJDIR)/ilock.exe - diff --git a/security/nss/cmd/include/secnew.h b/security/nss/cmd/include/secnew.h deleted file mode 100644 index eb4c30acd5..0000000000 --- a/security/nss/cmd/include/secnew.h +++ /dev/null @@ -1,163 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifndef __secnew_h_ -#define __secnew_h_ - -#include - -typedef struct BERTemplateStr BERTemplate; -typedef struct BERParseStr BERParse; -typedef struct SECArbStr SECArb; - -/* - * An array of these structures define an encoding for an object using - * DER. The array is terminated with an entry where kind == 0. - */ -struct BERTemplateStr { - /* Kind of item to decode/encode */ - unsigned long kind; - - /* - * Offset from base of structure to SECItem that will hold - * decoded/encoded value. - */ - unsigned short offset; - - /* - * Used with DER_SET or DER_SEQUENCE. If not zero then points to a - * sub-template. The sub-template is filled in and completed before - * continuing on. - */ - BERTemplate *sub; - - /* - * Argument value, dependent on kind. Size of structure to allocate - * when kind==DER_POINTER For Context-Specific Implicit types its the - * underlying type to use. - */ - unsigned long arg; -}; - -/* - * an arbitrary object - */ -struct SECArbStr { - unsigned long tag; /* NOTE: does not support high tag form */ - unsigned long length; /* as reported in stream */ - union { - SECItem item; - struct { - int numSubs; - SECArb **subs; - } cons; - } body; -}; - -/* - * Decode a piece of der encoded data. - * "dest" points to a structure that will be filled in with the - * decoding results. - * "t" is a template structure which defines the shape of the - * expected data. - * "src" is the ber encoded data. - */ - -extern SECStatus BER_Decode(PRArenaPool * arena, void *dest, BERTemplate *t, - SECArb *arb); - - -/* - * Encode a data structure into DER. - * "dest" will be filled in (and memory allocated) to hold the der - * encoded structure in "src" - * "t" is a template structure which defines the shape of the - * stored data - * "src" is a pointer to the structure that will be encoded - */ - -extern SECStatus BER_Encode(PRArenaPool *arena, SECItem *dest, BERTemplate *t, - void *src); - -/* - * Client provided function that will get called with all the bytes - * passing through the parser - */ -typedef void (*BERFilterProc)(void *instance, unsigned char *buf, int length); - -/* - * Client provided function that can will be called after the tag and - * length information has been collected. It can be set up to be called - * either before or after the data has been colleced. - */ -typedef void (*BERNotifyProc)( - void *instance, SECArb *arb, int depth, PRBool before); - -extern BERParse *BER_ParseInit(PRArenaPool *arena, PRBool forceDER); -extern SECArb *BER_ParseFini(BERParse *h); -extern SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len); - -extern void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance); -extern void BER_SetLeafStorage(BERParse *h, PRBool keep); -extern void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance, - PRBool beforeData); - -/* - * A BERUnparseProc is used as a callback to put the encoded SECArb tree - * tree to some stream. It returns PR_TRUE if the unparsing is to be - * aborted. - */ -typedef SECStatus (*BERUnparseProc)( - void *instance, unsigned char *data, int length, SECArb* arb); - -/* - * BER_Unparse walks the SECArb tree calling the BERUnparseProc with - * various pieces. It returns SECFailure if there was an error during that - * tree walk. - */ -extern SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance); - -/* - * BER_ResolveLengths does a recursive walk through the tree generating - * non-zero entries for the length field of each node. It will fail if it - * discoveres a non-constructed node with a unknown length data field. - * Leaves are supposed to be of known length. - */ -extern SECStatus BER_ResolveLengths(SECArb *arb); - -/* - * BER_PRettyPrintArb will write an ASCII version of the tree to the FILE - * out. - */ -extern SECStatus BER_PrettyPrintArb(FILE *out, SECArb* a); - -#endif /* __secnew_h_ */ diff --git a/security/nss/cmd/keyutil/Makefile b/security/nss/cmd/keyutil/Makefile deleted file mode 100644 index a2ed814bef..0000000000 --- a/security/nss/cmd/keyutil/Makefile +++ /dev/null @@ -1,73 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk diff --git a/security/nss/cmd/keyutil/keyutil.c b/security/nss/cmd/keyutil/keyutil.c deleted file mode 100644 index 65e6ad8b0c..0000000000 --- a/security/nss/cmd/keyutil/keyutil.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#include -#include -#endif - -#include "secopt.h" - -#if defined(XP_WIN) -#include -#include -#endif - -#if defined(__sun) && !defined(SVR4) -extern int fclose(FILE*); -extern int fprintf(FILE *, char *, ...); -extern int getopt(int, char**, char*); -extern int isatty(int); -extern char *optarg; -extern char *sys_errlist[]; -#define strerror(errno) sys_errlist[errno] -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -static char *progName; - -static SECStatus -ListKeys(SECKEYKeyDBHandle *handle, FILE *out) -{ - int rt; - - rt = SECU_PrintKeyNames(handle, out); - if (rt) { - SECU_PrintError(progName, "unable to list nicknames"); - return SECFailure; - } - return SECSuccess; -} - -static SECStatus -DumpPublicKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *privKey; - SECKEYLowPublicKey *publicKey; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - privKey = SECU_GetPrivateKey(handle, nickname); - if (!privKey) { - return SECFailure; - } - - publicKey = SECKEY_LowConvertToPublicKey(privKey); - - /* Output public key (in the clear) */ - switch(publicKey->keyType) { - case rsaKey: - fprintf(out, "RSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent, - "publicExponent", 1); - break; - case dsaKey: - fprintf(out, "DSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime, - "subPrime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -DumpPrivateKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *key; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - key = SECU_GetPrivateKey(handle, nickname); - if (!key) { - SECU_PrintError(progName, "error retrieving key"); - return SECFailure; - } - - switch(key->keyType) { - case rsaKey: - fprintf(out, "RSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.privateExponent, - "privateExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1); - SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent1", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1); - SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1); - break; - case dsaKey: - fprintf(out, "DSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1); - SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -ChangePassword(SECKEYKeyDBHandle *handle) -{ - SECStatus rv; - - /* Write out database with a new password */ - rv = SECU_ChangeKeyDBPassword(handle, NULL); - if (rv) { - SECU_PrintError(progName, "unable to change key password"); - } - return rv; -} - -static SECStatus -DeletePrivateKey (SECKEYKeyDBHandle *keyHandle, char *nickName) -{ - SECStatus rv; - - rv = SECU_DeleteKeyByName (keyHandle, nickName); - if (rv != SECSuccess) - fprintf(stderr, "%s: problem deleting private key (%s)\n", - progName, SECU_Strerror(PR_GetError())); - return (rv); - -} - - -static void -Usage(const char *progName) -{ - fprintf(stderr, - "Usage: %s -p name [-d keydir]\n", progName); - fprintf(stderr, - " %s -P name [-d keydir]\n", progName); - fprintf(stderr, - " %s -D name [-d keydir]\n", progName); - fprintf(stderr, - " %s -l [-d keydir]\n", progName); - fprintf(stderr, - " %s -c [-d keydir]\n", progName); - - fprintf(stderr, "%-20s Pretty print public key info for named key\n", - "-p nickname"); - fprintf(stderr, "%-20s Pretty print private key info for named key\n", - "-P nickname"); - fprintf(stderr, "%-20s Delete named private key from the key database\n", - "-D nickname"); - fprintf(stderr, "%-20s List the nicknames for the keys in a database\n", - "-l"); - fprintf(stderr, "%-20s Change the key database password\n", - "-c"); - fprintf(stderr, "\n"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - - exit(-1); -} - -int main(int argc, char **argv) -{ - int o, changePassword, deleteKey, dumpPublicKey, dumpPrivateKey, list; - char *nickname; - SECStatus rv; - SECKEYKeyDBHandle *keyHandle; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - changePassword = deleteKey = dumpPublicKey = dumpPrivateKey = list = 0; - nickname = NULL; - - while ((o = getopt(argc, argv, "ADP:cd:glp:")) != -1) { - switch (o) { - case '?': - Usage(progName); - break; - - case 'A': - fprintf(stderr, "%s: Can no longer add a key.", progName); - fprintf(stderr, " Use pkcs12 to import a key.\n\n"); - Usage(progName); - break; - - case 'D': - deleteKey = 1; - nickname = optarg; - break; - - case 'P': - dumpPrivateKey = 1; - nickname = optarg; - break; - - case 'c': - changePassword = 1; - break; - - case 'd': - SECU_ConfigDirectory(optarg); - break; - - case 'g': - fprintf(stderr, "%s: Can no longer generate a key.", progName); - fprintf(stderr, " Use certutil to generate a cert request.\n\n"); - Usage(progName); - break; - - case 'l': - list = 1; - break; - - case 'p': - dumpPublicKey = 1; - nickname = optarg; - break; - } - } - - if (dumpPublicKey+changePassword+dumpPrivateKey+list+deleteKey != 1) - Usage(progName); - - if ((list || changePassword) && nickname) - Usage(progName); - - if ((dumpPublicKey || dumpPrivateKey || deleteKey) && !nickname) - Usage(progName); - - - /* Call the libsec initialization routines */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SEC_Init(); - - /* - * XXX Note that the following opens the key database writable. - * If dumpPublicKey or dumpPrivateKey or list, though, we only want - * to open it read-only. There needs to be a better interface - * to the initialization routines so that we can specify which way - * to open it. - */ - rv = SECU_PKCS11Init(); - if (rv != SECSuccess) { - SECU_PrintError(progName, "SECU_PKCS11Init failed"); - return -1; - } - - keyHandle = SECKEY_GetDefaultKeyDB(); - if (keyHandle == NULL) { - SECU_PrintError(progName, "could not open key database"); - return -1; - } - - if (dumpPublicKey) { - rv = DumpPublicKey(keyHandle, nickname, stdout); - } else - if (changePassword) { - rv = ChangePassword(keyHandle); - } else - if (dumpPrivateKey) { - rv = DumpPrivateKey(keyHandle, nickname, stdout); - } else - if (list) { - rv = ListKeys(keyHandle, stdout); - } else - if (deleteKey) { - rv = DeletePrivateKey(keyHandle, nickname); - } - - - return rv ? -1 : 0; -} diff --git a/security/nss/cmd/keyutil/manifest.mn b/security/nss/cmd/keyutil/manifest.mn deleted file mode 100644 index e20a3d3308..0000000000 --- a/security/nss/cmd/keyutil/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = \ - keyutil.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - - -PROGRAM = keyutil diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile deleted file mode 100644 index 0769c80a37..0000000000 --- a/security/nss/cmd/lib/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h deleted file mode 100644 index 5e2cd793ed..0000000000 --- a/security/nss/cmd/lib/NSPRerrs.h +++ /dev/null @@ -1,150 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* General NSPR 2.0 errors */ -/* Caller must #include "prerror.h" */ - -ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." ) -ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." ) -ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." ) -ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." ) -ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." ) -ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." ) -ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." ) -ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." ) -ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." ) -ER2( PR_IO_ERROR, "I/O function error." ) -ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." ) -ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." ) -ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." ) -ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." ) -ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." ) -ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." ) -ER2( PR_IS_CONNECTED_ERROR, "Already connected." ) -ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." ) -ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." ) -ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." ) -ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." ) -ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." ) -ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." ) -ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." ) -ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." ) -ER2( PR_FIND_SYMBOL_ERROR, -"Symbol not found in any of the loaded dynamic libraries." ) -ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." ) -ER2( PR_DIRECTORY_LOOKUP_ERROR, -"A directory lookup on a network address has failed." ) -ER2( PR_TPD_RANGE_ERROR, -"Attempt to access a TPD key that is out of range." ) -ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." ) -ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." ) -ER2( PR_NOT_SOCKET_ERROR, -"Network operation attempted on non-network file descriptor." ) -ER2( PR_NOT_TCP_SOCKET_ERROR, -"TCP-specific function attempted on a non-TCP file descriptor." ) -ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." ) -ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." ) -ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, -"The requested operation is not supported by the platform." ) -ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, -"The host operating system does not support the protocol requested." ) -ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." ) -ER2( PR_BUFFER_OVERFLOW_ERROR, -"The value requested is too large to be stored in the data buffer provided." ) -ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." ) -ER2( PR_RANGE_ERROR, "Unused." ) -ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." ) -ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." ) -ER2( PR_FILE_TOO_BIG_ERROR, -"Write would result in file larger than the system allows." ) -ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." ) -ER2( PR_PIPE_ERROR, "Unused." ) -ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." ) -ER2( PR_IS_DIRECTORY_ERROR, -"Cannot perform a normal file operation on a directory." ) -ER2( PR_LOOP_ERROR, "Symbolic link loop." ) -ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." ) -ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." ) -ER2( PR_NOT_DIRECTORY_ERROR, -"Cannot perform directory operation on a normal file." ) -ER2( PR_READ_ONLY_FILESYSTEM_ERROR, -"Cannot write to a read-only file system." ) -ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, -"Cannot delete a directory that is not empty." ) -ER2( PR_FILESYSTEM_MOUNTED_ERROR, -"Cannot delete or rename a file object while the file system is busy." ) -ER2( PR_NOT_SAME_DEVICE_ERROR, -"Cannot rename a file to a file system on another device." ) -ER2( PR_DIRECTORY_CORRUPTED_ERROR, -"The directory object in the file system is corrupted." ) -ER2( PR_FILE_EXISTS_ERROR, -"Cannot create or rename a filename that already exists." ) -ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, -"Directory is full. No additional filenames may be added." ) -ER2( PR_INVALID_DEVICE_STATE_ERROR, -"The required device was in an invalid state." ) -ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." ) -ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." ) -ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." ) -ER2( PR_FILE_SEEK_ERROR, "Seek error." ) -ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." ) -ER2( PR_IN_PROGRESS_ERROR, -"Operation is still in progress (probably a non-blocking connect)." ) -ER2( PR_ALREADY_INITIATED_ERROR, -"Operation has already been initiated (probably a non-blocking connect)." ) - -#ifdef PR_GROUP_EMPTY_ERROR -ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." ) -#endif - -#ifdef PR_INVALID_STATE_ERROR -ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." ) -#endif - -#ifdef PR_NETWORK_DOWN_ERROR -ER2( PR_NETWORK_DOWN_ERROR, "Network is down." ) -#endif - -#ifdef PR_SOCKET_SHUTDOWN_ERROR -ER2( PR_SOCKET_SHUTDOWN_ERROR, "The socket was previously shut down." ) -#endif - -#ifdef PR_CONNECT_ABORTED_ERROR -ER2( PR_CONNECT_ABORTED_ERROR, "TCP Connection aborted." ) -#endif - -#ifdef PR_HOST_UNREACHABLE_ERROR -ER2( PR_HOST_UNREACHABLE_ERROR, "Host is unreachable." ) -#endif - -/* always last */ -ER2( PR_MAX_ERROR, "Placeholder for the end of the list" ) diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h deleted file mode 100644 index 9496b74e5b..0000000000 --- a/security/nss/cmd/lib/SECerrs.h +++ /dev/null @@ -1,462 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* General security error codes */ -/* Caller must #include "secerr.h" */ - -ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0, -"An I/O error occurred during security authorization.") - -ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1, -"security library failure.") - -ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2, -"security library: received bad data.") - -ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3, -"security library: output length error.") - -ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4, -"security library has experienced an input length error.") - -ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5, -"security library: invalid arguments.") - -ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6, -"security library: invalid algorithm.") - -ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7, -"security library: invalid AVA.") - -ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8, -"Improperly formatted time string.") - -ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9, -"security library: improperly formatted DER-encoded message.") - -ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10, -"Peer's certificate has an invalid signature.") - -ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11, -"Peer's Certificate has expired.") - -ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12, -"Peer's Certificate has been revoked.") - -ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13, -"Peer's Certificate issuer is not recognized.") - -ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14, -"Peer's public key is invalid.") - -ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15, -"The security password entered is incorrect.") - -ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16, -"New password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17, -"security library: no nodelock.") - -ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18, -"security library: bad database.") - -ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19, -"security library: memory allocation failure.") - -ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20, -"Peer's certificate issuer has been marked as not trusted by the user.") - -ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21, -"Peer's certificate has been marked as not trusted by the user.") - -ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22), -"Certificate already exists in your database.") - -ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23), -"Downloaded certificate's name duplicates one already in your database.") - -ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24), -"Error adding certificate to database.") - -ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25), -"Error refiling the key for this certificate.") - -ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26), -"The private key for this certificate cannot be found in key database") - -ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27), -"This certificate is valid.") - -ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28), -"This certificate is not valid.") - -ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29), -"Cert Library: No Response") - -ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30), -"The certificate issuer's certificate has expired. Check your system date and time.") - -ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31), -"The CRL for the certificate's issuer has expired. Update it or check your system data and time.") - -ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32), -"The CRL for the certificate's issuer has an invalid signature.") - -ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33), -"New CRL has an invalid format.") - -ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34), -"Certificate extension value is invalid.") - -ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35), -"Certificate extension not found.") - -ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36), -"Issuer certificate is invalid.") - -ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37), -"Certificate path length constraint is invalid.") - -ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38), -"Certificate usages field is invalid.") - -ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39), -"**Internal ONLY module**") - -ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40), -"The key does not support the requested operation.") - -ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41), -"Certificate contains unknown critical extension.") - -ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42), -"New CRL is not later than the current one.") - -ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43), -"Not encrypted or signed: you do not yet have an email certificate.") - -ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44), -"Not encrypted: you do not have certificates for each of the recipients.") - -ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45), -"Cannot decrypt: you are not a recipient, or matching certificate and \ -private key not found.") - -ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46), -"Cannot decrypt: key encryption algorithm does not match your certificate.") - -ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47), -"Signature verification failed: no signer found, too many signers found, \ -or improper or corrupted data.") - -ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48), -"Unsupported or unknown key algorithm.") - -ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49), -"Cannot decrypt: encrypted using a disallowed algorithm or key size.") - - -/* Fortezza Alerts */ -ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50), -"Fortezza card has not been properly initialized. \ -Please remove it and return it to your issuer.") - -ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51), -"No Fortezza cards Found") - -ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52), -"No Fortezza card selected") - -ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53), -"Please select a personality to get more info on") - -ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54), -"Personality not found") - -ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55), -"No more information on that Personality") - -ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56), -"Invalid Pin") - -ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57), -"Couldn't initialize Fortezza personalities.") -/* end fortezza alerts. */ - -ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58), -"No KRL for this site's certificate has been found.") - -ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59), -"The KRL for this site's certificate has expired.") - -ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60), -"The KRL for this site's certificate has an invalid signature.") - -ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61), -"The key for this site's certificate has been revoked.") - -ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62), -"New KRL has an invalid format.") - -ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63), -"security library: need random data.") - -ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64), -"security library: no security module can perform the requested operation.") - -ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65), -"The security card or token does not exist, needs to be initialized, or has been removed.") - -ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66), -"security library: read-only database.") - -ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67), -"No slot or token was selected.") - -ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68), -"A certificate with the same nickname already exists.") - -ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69), -"A key with the same nickname already exists.") - -ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70), -"error while creating safe object") - -ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71), -"error while creating baggage object") - -ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72), -"Couldn't remove the principal") - -ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73), -"Couldn't delete the privilege") - -ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74), -"This principal doesn't have a certificate") - -ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75), -"Required algorithm is not allowed.") - -ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76), -"Error attempting to export certificates.") - -ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77), -"Error attempting to import certificates.") - -ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78), -"Unable to import. Decoding error. File not valid.") - -ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79), -"Unable to import. Invalid MAC. Incorrect password or corrupt file.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80), -"Unable to import. MAC algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81), -"Unable to import. Only password integrity and privacy modes supported.") - -ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82), -"Unable to import. File structure is corrupt.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83), -"Unable to import. Encryption algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84), -"Unable to import. File version not supported.") - -ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85), -"Unable to import. Incorrect privacy password.") - -ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86), -"Unable to import. Same nickname already exists in database.") - -ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87), -"The user pressed cancel.") - -ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88), -"Not imported, already in database.") - -ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89), -"Message not sent.") - -ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90), -"Certificate key usage inadequate for attempted operation.") - -ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91), -"Certificate type not approved for application.") - -ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92), -"Address in signing certificate does not match address in message headers.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93), -"Unable to import. Error attempting to import private key.") - -ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94), -"Unable to import. Error attempting to import certificate chain.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95), -"Unable to export. Unable to locate certificate or key by nickname.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96), -"Unable to export. Private Key could not be located and exported.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97), -"Unable to export. Unable to write the export file.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98), -"Unable to import. Unable to read the import file.") - -ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99), -"Unable to export. Key database corrupt or deleted.") - -ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100), -"Unable to generate public/private key pair.") - -ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101), -"Password entered is invalid. Please pick a different one.") - -ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102), -"Old password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103), -"Certificate nickname already in use.") - -ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104), -"Peer FORTEZZA chain has a non-FORTEZZA Certificate.") - -ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, (SEC_ERROR_BASE + 105), -"A sensitive key cannot be moved to the slot where it is needed.") - -ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106), -"Invalid module name.") - -ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107), -"Invalid module path/filename") - -ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108), -"Unable to add module") - -ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109), -"Unable to delete module") - -ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110), -"New KRL is not later than the current one.") - -ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111), -"New CKL has different issuer than current CKL. Delete current CKL.") - -ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112), -"The Certifying Authority for this certificate is not permitted to issue a \ -certificate with this name.") - -ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113), -"The key revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114), -"The certificate revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115), -"The requested certificate could not be found.") - -ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116), -"The signer's certificate could not be found.") - -ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117), -"The location for the certificate status server has invalid format.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118), -"The OCSP response cannot be fully decoded; it is of an unknown type.") - -ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119), -"The OCSP server returned unexpected/invalid HTTP data.") - -ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120), -"The OCSP server found the request to be corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121), -"The OCSP server experienced an internal error.") - -ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122), -"The OCSP server suggests trying again later.") - -ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123), -"The OCSP server requires a signature on this request.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124), -"The OCSP server has refused this request as unauthorized.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125), -"The OCSP server returned an unrecognizable status.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126), -"The OCSP server has no status for the certificate.") - -ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127), -"You must enable OCSP before performing this operation.") - -ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128), -"You must set the OCSP default responder before performing this operation.") - -ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129), -"The response from the OCSP server was corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130), -"The signer of the OCSP response is not authorized to give status for \ -this certificate.") - -ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131), -"The OCSP response is not yet valid (contains a date in the future).") - -ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132), -"The OCSP response contains out-of-date information.") - -ER3(SEC_ERROR_DIGEST_NOT_FOUND, (SEC_ERROR_BASE + 133), -"The CMS or PKCS #7 Digest was not found in signed message.") - -ER3(SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, (SEC_ERROR_BASE + 134), -"The CMS or PKCS #7 Message type is unsupported.") - -ER3(SEC_ERROR_MODULE_STUCK, (SEC_ERROR_BASE + 135), -"PKCS #11 module could not be removed because it is still in use.") - -ER3(SEC_ERROR_BAD_TEMPLATE, (SEC_ERROR_BASE + 136), -"Could not decode ASN.1 data. Specified template was invalid.") - -ER3(SEC_ERROR_CRL_NOT_FOUND, (SEC_ERROR_BASE + 137), -"No matching CRL was found.") - -ER3(SEC_ERROR_REUSED_ISSUER_AND_SERIAL, (SEC_ERROR_BASE + 138), -"You are attempting to import a cert with the same issuer/serial as \ -an existing cert, but that is not the same cert.") - diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h deleted file mode 100644 index 06803b849c..0000000000 --- a/security/nss/cmd/lib/SSLerrs.h +++ /dev/null @@ -1,366 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* SSL-specific security error codes */ -/* caller must include "sslerr.h" */ - -ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, -"Unable to communicate securely. Peer does not support high-grade encryption.") - -ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, -"Unable to communicate securely. Peer requires high-grade encryption which is not supported.") - -ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, -"Cannot communicate securely with peer: no common encryption algorithm(s).") - -ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, -"Unable to find the certificate or key necessary for authentication.") - -ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, -"Unable to communicate securely with peer: peers's certificate was rejected.") - -/* unused (SSL_ERROR_BASE + 5),*/ - -ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, -"The server has encountered bad data from the client.") - -ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, -"The client has encountered bad data from the server.") - -ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, -"Unsupported certificate type.") - -ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, -"Peer using unsupported version of security protocol.") - -/* unused (SSL_ERROR_BASE + 10),*/ - -ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, -"Client authentication failed: private key in key database does not match public key in certificate database.") - -ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, -"Unable to communicate securely with peer: requested domain name does not match the server's certificate.") - -/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13), - defined in sslerr.h -*/ - -ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), -"Peer only supports SSL version 2, which is locally disabled.") - - -ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), -"SSL received a record with an incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), -"SSL peer reports incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), -"SSL peer cannot verify your certificate.") - -ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), -"SSL peer rejected your certificate as revoked.") - -ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), -"SSL peer rejected your certificate as expired.") - -ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), -"Cannot connect: SSL is disabled.") - -ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), -"Cannot connect: SSL peer is in another FORTEZZA domain.") - - -ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), -"An unknown SSL cipher suite has been requested.") - -ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), -"No cipher suites are present and enabled in this program.") - -ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), -"SSL received a record with bad block padding.") - -ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), -"SSL received a record that exceeded the maximum permissible length.") - -ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), -"SSL attempted to send a record that exceeded the maximum permissible length.") - -/* - * Received a malformed (too long or short or invalid content) SSL handshake. - */ -ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), -"SSL received a malformed Hello Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), -"SSL received a malformed Client Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), -"SSL received a malformed Server Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), -"SSL received a malformed Certificate handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), -"SSL received a malformed Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), -"SSL received a malformed Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), -"SSL received a malformed Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), -"SSL received a malformed Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), -"SSL received a malformed Client Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), -"SSL received a malformed Finished handshake message.") - -/* - * Received a malformed (too long or short) SSL record. - */ -ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), -"SSL received a malformed Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), -"SSL received a malformed Alert record.") - -ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), -"SSL received a malformed Handshake record.") - -ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), -"SSL received a malformed Application Data record.") - -/* - * Received an SSL handshake that was inappropriate for the state we're in. - * E.g. Server received message from server, or wrong state in state machine. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), -"SSL received an unexpected Hello Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), -"SSL received an unexpected Client Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), -"SSL received an unexpected Server Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), -"SSL received an unexpected Certificate handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), -"SSL received an unexpected Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), -"SSL received an unexpected Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), -"SSL received an unexpected Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), -"SSL received an unexpected Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), -"SSL received an unexpected Cllient Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), -"SSL received an unexpected Finished handshake message.") - -/* - * Received an SSL record that was inappropriate for the state we're in. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), -"SSL received an unexpected Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), -"SSL received an unexpected Alert record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), -"SSL received an unexpected Handshake record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), -"SSL received an unexpected Application Data record.") - -/* - * Received record/message with unknown discriminant. - */ -ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), -"SSL received a record with an unknown content type.") - -ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), -"SSL received a handshake message with an unknown message type.") - -ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), -"SSL received an alert record with an unknown alert description.") - -/* - * Received an alert reporting what we did wrong. (more alerts above) - */ -ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), -"SSL peer has closed this connection.") - -ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), -"SSL peer was not expecting a handshake message it received.") - -ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), -"SSL peer was unable to succesfully decompress an SSL record it received.") - -ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), -"SSL peer was unable to negotiate an acceptable set of security parameters.") - -ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), -"SSL peer rejected a handshake message for unacceptable content.") - -ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), -"SSL peer does not support certificates of the type it received.") - -ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), -"SSL peer had some unspecified issue with the certificate it received.") - - -ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), -"SSL experienced a failure of its random number generator.") - -ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), -"Unable to digitally sign data required to verify your certificate.") - -ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), -"SSL was unable to extract the public key from the peer's certificate.") - -ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), -"Unspecified failure while processing SSL Server Key Exchange handshake.") - -ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), -"Unspecified failure while processing SSL Client Key Exchange handshake.") - -ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), -"Bulk data encryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), -"Bulk data decryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), -"Attempt to write encrypted data to underlying socket failed.") - -ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), -"MD5 digest function failed.") - -ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), -"SHA-1 digest function failed.") - -ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), -"MAC computation failed.") - -ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), -"Failure to create Symmetric Key context.") - -ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), -"Failure to unwrap the Symmetric key in Client Key Exchange message.") - -ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), -"SSL Server attempted to use domestic-grade public key with export cipher suite.") - -ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), -"PKCS11 code failed to translate an IV into a param.") - -ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), -"Failed to initialize the selected cipher suite.") - -ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), -"Client failed to generate session keys for SSL session.") - -ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), -"Server has no key for the attempted key exchange algorithm.") - -ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), -"PKCS#11 token was inserted or removed while operation was in progress.") - -ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), -"No PKCS#11 token could be found to do a required operation.") - -ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), -"Cannot communicate securely with peer: no common compression algorithm(s).") - -ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), -"Cannot initiate another SSL handshake until current handshake is complete.") - -ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), -"Received incorrect handshakes hash values from peer.") - -ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), -"The certificate provided cannot be used with the selected key exchange algorithm.") - -ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89), -"No certificate authority is trusted for SSL client authentication.") - -ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90), -"Client's SSL session ID not found in server's session cache.") - -ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91), -"Peer was unable to decrypt an SSL record it received.") - -ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92), -"Peer received an SSL record that was longer than is permitted.") - -ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93), -"Peer does not recognize and trust the CA that issued your certificate.") - -ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94), -"Peer received a valid certificate, but access was denied.") - -ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95), -"Peer could not decode an SSL handshake message.") - -ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96), -"Peer reports failure of signature verification or key exchange.") - -ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97), -"Peer reports negotiation not in compliance with export regulations.") - -ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98), -"Peer reports incompatible or unsupported protocol version.") - -ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99), -"Server requires ciphers more secure than those supported by client.") - -ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100), -"Peer reports it experienced an internal error.") - -ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101), -"Peer user canceled handshake.") - -ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102), -"Peer does not permit renegotiation of SSL security parameters.") - diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c deleted file mode 100644 index c040ab2b12..0000000000 --- a/security/nss/cmd/lib/berparse.c +++ /dev/null @@ -1,404 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -typedef enum { - tagDone, lengthDone, leafDone, compositeDone, - notDone, - parseError, parseComplete -} ParseState; - -typedef unsigned char Byte; -typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len); -typedef struct { - SECArb arb; - int pos; /* length from global start to item start */ - SECArb *parent; -} ParseStackElem; - -struct BERParseStr { - PRArenaPool *his; - PRArenaPool *mine; - ParseProc proc; - int stackDepth; - ParseStackElem *stackPtr; - ParseStackElem *stack; - int pending; /* bytes remaining to complete this part */ - int pos; /* running length of consumed characters */ - ParseState state; - PRBool keepLeaves; - PRBool derOnly; - BERFilterProc filter; - void *filterArg; - BERNotifyProc before; - void *beforeArg; - BERNotifyProc after; - void *afterArg; -}; - -#define UNKNOWN -1 - -static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len) -{ - unsigned char c = *(*buf)++; - (*len)--; - h->pos++; - if (h->filter) - (*h->filter)(h->filterArg, &c, 1); - return c; -} - -static void ParseTag(BERParse *h, unsigned char **buf, int *len) -{ - SECArb* arb = &(h->stackPtr->arb); - arb->tag = NextChar(h, buf, len); - - PORT_Assert(h->state == notDone); - - /* - * NOTE: This does not handle the high-tag-number form - */ - if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return; - } - - h->pending = UNKNOWN; - arb->length = UNKNOWN; - if (arb->tag & DER_CONSTRUCTED) { - arb->body.cons.numSubs = 0; - arb->body.cons.subs = NULL; - } else { - arb->body.item.len = UNKNOWN; - arb->body.item.data = NULL; - } - - h->state = tagDone; -} - -static void ParseLength(BERParse *h, unsigned char **buf, int *len) -{ - Byte b; - SECArb *arb = &(h->stackPtr->arb); - - PORT_Assert(h->state == notDone); - - if (h->pending == UNKNOWN) { - b = NextChar(h, buf, len); - if ((b & 0x80) == 0) { /* short form */ - arb->length = b; - /* - * if the tag and the length are both zero bytes, then this - * should be the marker showing end of list for the - * indefinite length composite - */ - if (arb->length == 0 && arb->tag == 0) - h->state = compositeDone; - else - h->state = lengthDone; - return; - } - - h->pending = b & 0x7f; - /* 0 implies this is an indefinite length */ - if (h->pending > 4) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return; - } - arb->length = 0; - } - - while ((*len > 0) && (h->pending > 0)) { - b = NextChar(h, buf, len); - arb->length = (arb->length << 8) + b; - h->pending--; - } - if (h->pending == 0) { - if (h->derOnly && (arb->length == 0)) - h->state = parseError; - else - h->state = lengthDone; - } - return; -} - -static void ParseLeaf(BERParse *h, unsigned char **buf, int *len) -{ - int count; - SECArb *arb = &(h->stackPtr->arb); - - PORT_Assert(h->state == notDone); - PORT_Assert(h->pending >= 0); - - if (*len < h->pending) - count = *len; - else - count = h->pending; - - if (h->keepLeaves) - memcpy(arb->body.item.data + arb->body.item.len, *buf, count); - if (h->filter) - (*h->filter)(h->filterArg, *buf, count); - *buf += count; - *len -= count; - arb->body.item.len += count; - h->pending -= count; - h->pos += count; - if (h->pending == 0) { - h->state = leafDone; - } - return; -} - -static void CreateArbNode(BERParse *h) -{ - SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb)); - - *arb = h->stackPtr->arb; - - /* - * Special case closing the root - */ - if (h->stackPtr == h->stack) { - PORT_Assert(arb->tag & DER_CONSTRUCTED); - h->state = parseComplete; - } else { - SECArb *parent = h->stackPtr->parent; - parent->body.cons.subs = DS_ArenaGrow( - h->his, parent->body.cons.subs, - (parent->body.cons.numSubs) * sizeof(SECArb*), - (parent->body.cons.numSubs + 1) * sizeof(SECArb*)); - parent->body.cons.subs[parent->body.cons.numSubs] = arb; - parent->body.cons.numSubs++; - h->proc = ParseTag; - h->state = notDone; - h->pending = UNKNOWN; - } - if (h->after) - (*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE); -} - -SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len) -{ - if (h->state == parseError) return PR_TRUE; - - while (len) { - (*h->proc)(h, &buf, &len); - if (h->state == parseComplete) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - if (h->state == parseError) return PR_TRUE; - PORT_Assert(h->state != parseComplete); - - if (h->state <= compositeDone) { - if (h->proc == ParseTag) { - PORT_Assert(h->state == tagDone); - h->proc = ParseLength; - h->state = notDone; - } else if (h->proc == ParseLength) { - SECArb *arb = &(h->stackPtr->arb); - PORT_Assert(h->state == lengthDone || h->state == compositeDone); - - if (h->before) - (*h->before)(h->beforeArg, arb, - h->stackPtr - h->stack, PR_TRUE); - - /* - * Check to see if this is the end of an indefinite - * length composite - */ - if (h->state == compositeDone) { - SECArb *parent = h->stackPtr->parent; - PORT_Assert(parent); - PORT_Assert(parent->tag & DER_CONSTRUCTED); - if (parent->length != 0) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - /* - * NOTE: This does not check for an indefinite length - * composite being contained inside a definite length - * composite. It is not clear that is legal. - */ - h->stackPtr--; - CreateArbNode(h); - } else { - h->stackPtr->pos = h->pos; - - - if (arb->tag & DER_CONSTRUCTED) { - SECArb *parent; - /* - * Make sure there is room on the stack before we - * stick anything else there. - */ - PORT_Assert(h->stackPtr - h->stack < h->stackDepth); - if (h->stackPtr - h->stack == h->stackDepth - 1) { - int newDepth = h->stackDepth * 2; - h->stack = DS_ArenaGrow(h->mine, h->stack, - sizeof(ParseStackElem) * h->stackDepth, - sizeof(ParseStackElem) * newDepth); - h->stackPtr = h->stack + h->stackDepth + 1; - h->stackDepth = newDepth; - } - parent = &(h->stackPtr->arb); - h->stackPtr++; - h->stackPtr->parent = parent; - h->proc = ParseTag; - h->state = notDone; - h->pending = UNKNOWN; - } else { - if (arb->length < 0) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - arb->body.item.len = 0; - if (arb->length > 0 && h->keepLeaves) { - arb->body.item.data = - PORT_ArenaAlloc(h->his, arb->length); - } else { - arb->body.item.data = NULL; - } - h->proc = ParseLeaf; - h->state = notDone; - h->pending = arb->length; - } - } - } else { - ParseStackElem *parent; - PORT_Assert(h->state = leafDone); - PORT_Assert(h->proc == ParseLeaf); - - for (;;) { - CreateArbNode(h); - if (h->stackPtr == h->stack) - break; - parent = (h->stackPtr - 1); - PORT_Assert(parent->arb.tag & DER_CONSTRUCTED); - if (parent->arb.length == 0) /* need explicit end */ - break; - if (parent->pos + parent->arb.length > h->pos) - break; - if (parent->pos + parent->arb.length < h->pos) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - h->stackPtr = parent; - } - } - - } - } - return PR_FALSE; -} -BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly) -{ - BERParse *h; - PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (temp == NULL) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - return NULL; - } - h = PORT_ArenaAlloc(temp, sizeof(BERParse)); - if (h == NULL) { - PORT_FreeArena(temp, PR_FALSE); - PORT_SetError(SEC_ERROR_NO_MEMORY); - return NULL; - } - h->his = arena; - h->mine = temp; - h->proc = ParseTag; - h->stackDepth = 20; - h->stack = PORT_ArenaZAlloc(h->mine, - sizeof(ParseStackElem) * h->stackDepth); - h->stackPtr = h->stack; - h->state = notDone; - h->pos = 0; - h->keepLeaves = PR_TRUE; - h->before = NULL; - h->after = NULL; - h->filter = NULL; - h->derOnly = derOnly; - return h; -} - -SECArb *BER_ParseFini(BERParse *h) -{ - PRArenaPool *myArena = h->mine; - SECArb *arb; - - if (h->state != parseComplete) { - arb = NULL; - } else { - arb = PORT_ArenaAlloc(h->his, sizeof(SECArb)); - *arb = h->stackPtr->arb; - } - - PORT_FreeArena(myArena, PR_FALSE); - - return arb; -} - - -void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance) -{ - h->filter = proc; - h->filterArg = instance; -} - -void BER_SetLeafStorage(BERParse *h, PRBool keep) -{ - h->keepLeaves = keep; -} - -void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance, - PRBool beforeData) -{ - if (beforeData) { - h->before = proc; - h->beforeArg = instance; - } else { - h->after = proc; - h->afterArg = instance; - } -} - - - diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk deleted file mode 100644 index 0a00dc61e6..0000000000 --- a/security/nss/cmd/lib/config.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PROGRAM = - diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c deleted file mode 100644 index 7f699dec4f..0000000000 --- a/security/nss/cmd/lib/derprint.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" -#include "secoid.h" - -#ifdef __sun -extern int fprintf(FILE *strm, const char *format, .../* args */); -extern int fflush(FILE *stream); -#endif - -#define RIGHT_MARGIN 24 -/*#define RAW_BYTES 1 */ - -static int prettyColumn = 0; - -static int -getInteger256(unsigned char *data, unsigned int nb) -{ - int val; - - switch (nb) { - case 1: - val = data[0]; - break; - case 2: - val = (data[0] << 8) | data[1]; - break; - case 3: - val = (data[0] << 16) | (data[1] << 8) | data[2]; - break; - case 4: - val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3]; - break; - default: - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - return val; -} - -static int -prettyNewline(FILE *out) -{ - int rv; - - if (prettyColumn != -1) { - rv = fprintf(out, "\n"); - prettyColumn = -1; - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - return 0; -} - -static int -prettyIndent(FILE *out, unsigned level) -{ - unsigned int i; - int rv; - - if (prettyColumn == -1) { - prettyColumn = level; - for (i = 0; i < level; i++) { - rv = fprintf(out, " "); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - } - - return 0; -} - -static int -prettyPrintByte(FILE *out, unsigned char item, unsigned int level) -{ - int rv; - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - rv = fprintf(out, "%02x ", item); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - prettyColumn++; - if (prettyColumn >= RIGHT_MARGIN) { - return prettyNewline(out); - } - - return 0; -} - -static int -prettyPrintLeaf(FILE *out, unsigned char *data, - unsigned int len, unsigned int lv) -{ - unsigned int i; - int rv; - - for (i = 0; i < len; i++) { - rv = prettyPrintByte(out, *data++, lv); - if (rv < 0) - return rv; - } - return prettyNewline(out); -} - -static int -prettyPrintStringStart(FILE *out, unsigned char *str, - unsigned int len, unsigned int level) -{ -#define BUF_SIZE 100 - unsigned char buf[BUF_SIZE]; - int rv; - - if (len >= BUF_SIZE) - len = BUF_SIZE - 1; - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - memcpy(buf, str, len); - buf[len] = '\000'; - - rv = fprintf(out, "\"%s\"", buf); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - return 0; -#undef BUF_SIZE -} - -static int -prettyPrintString(FILE *out, unsigned char *str, - unsigned int len, unsigned int level, PRBool raw) -{ - int rv; - - rv = prettyPrintStringStart(out, str, len, level); - if (rv < 0) - return rv; - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - if (raw) { - rv = prettyPrintLeaf(out, str, len, level); - if (rv < 0) - return rv; - } - - return 0; -} - -static int -prettyPrintTime(FILE *out, unsigned char *str, - unsigned int len, unsigned int level, PRBool raw, PRBool utc) -{ - SECItem time_item; - int rv; - - rv = prettyPrintStringStart(out, str, len, level); - if (rv < 0) - return rv; - - time_item.data = str; - time_item.len = len; - - rv = fprintf(out, " ("); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - if (utc) - SECU_PrintUTCTime(out, &time_item, NULL, 0); - else - SECU_PrintGeneralizedTime(out, &time_item, NULL, 0); - - rv = fprintf(out, ")"); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - if (raw) { - rv = prettyPrintLeaf(out, str, len, level); - if (rv < 0) - return rv; - } - - return 0; -} - -static int -prettyPrintObjectID(FILE *out, unsigned char *data, - unsigned int len, unsigned int level, PRBool raw) -{ - SECOidData *oiddata; - SECItem oiditem; - unsigned int i; - unsigned long val; - int rv; - - - /* - * First print the Object Id in numeric format - */ - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - val = data[0]; - i = val % 40; - val = val / 40; - rv = fprintf(out, "%lu %u ", val, i); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - val = 0; - for (i = 1; i < len; ++i) { - unsigned long j; - - j = data[i]; - val = (val << 7) | (j & 0x7f); - if (j & 0x80) - continue; - rv = fprintf(out, "%lu ", val); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - val = 0; - } - - /* - * Now try to look it up and print a symbolic version. - */ - oiditem.data = data; - oiditem.len = len; - oiddata = SECOID_FindOID(&oiditem); - if (oiddata != NULL) { - i = PORT_Strlen(oiddata->desc); - if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) { - rv = prettyNewline(out); - if (rv < 0) - return rv; - } - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - rv = fprintf(out, "(%s)", oiddata->desc); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - - /* - * Finally, on a new line, print the raw bytes (if requested). - */ - if (raw) { - rv = prettyNewline(out); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - for (i = 0; i < len; i++) { - rv = prettyPrintByte(out, *data++, level); - if (rv < 0) - return rv; - } - } - - return prettyNewline(out); -} - -static char *prettyTagType [32] = { - "End of Contents", - "Boolean", - "Integer", - "Bit String", - "Octet String", - "NULL", - "Object Identifier", - "0x07", - "0x08", - "0x09", - "Enumerated", - "0x0B", - "UTF8 String", - "0x0D", - "0x0E", - "0x0F", - "Sequence", - "Set", - "0x12", - "Printable String", - "T61 String", - "0x15", - "IA5 String", - "UTC Time", - "Generalized Time", - "0x19", - "Visible String", - "0x1B", - "Universal String", - "0x1D", - "BMP String", - "High-Tag-Number" -}; - -static int -prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end, - unsigned char *codep, unsigned int level, PRBool raw) -{ - int rv; - unsigned char code, tagnum; - - if (src >= end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - code = *src; - tagnum = code & SEC_ASN1_TAGNUM_MASK; - - /* - * NOTE: This code does not (yet) handle the high-tag-number form! - */ - if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - if (raw) - rv = prettyPrintByte(out, code, level); - else - rv = prettyIndent(out, level); - - if (rv < 0) - return rv; - - if (code & SEC_ASN1_CONSTRUCTED) { - rv = fprintf(out, "C-"); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - - switch (code & SEC_ASN1_CLASS_MASK) { - case SEC_ASN1_UNIVERSAL: - rv = fprintf(out, "%s ", prettyTagType[tagnum]); - break; - case SEC_ASN1_APPLICATION: - rv = fprintf(out, "Application: %d ", tagnum); - break; - case SEC_ASN1_CONTEXT_SPECIFIC: - rv = fprintf(out, "[%d] ", tagnum); - break; - case SEC_ASN1_PRIVATE: - rv = fprintf(out, "Private: %d ", tagnum); - break; - } - - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - *codep = code; - - return 1; -} - -static int -prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end, - int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw) -{ - unsigned char lbyte; - int lenLen; - int rv; - - if (data >= end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - rv = fprintf(out, " "); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - *indefinitep = PR_FALSE; - - lbyte = *data++; - if (lbyte >= 0x80) { - /* Multibyte length */ - unsigned nb = (unsigned) (lbyte & 0x7f); - if (nb > 4) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - if (nb > 0) { - int il; - - if ((data + nb) > end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - il = getInteger256(data, nb); - if (il < 0) return -1; - *lenp = (unsigned) il; - } else { - *lenp = 0; - *indefinitep = PR_TRUE; - } - lenLen = nb + 1; - if (raw) { - int i; - - rv = prettyPrintByte(out, lbyte, lv); - if (rv < 0) - return rv; - for (i = 0; i < nb; i++) { - rv = prettyPrintByte(out, data[i], lv); - if (rv < 0) - return rv; - } - } - } else { - *lenp = lbyte; - lenLen = 1; - if (raw) { - rv = prettyPrintByte(out, lbyte, lv); - if (rv < 0) - return rv; - } - } - if (*indefinitep) - rv = fprintf(out, "(indefinite)\n"); - else - rv = fprintf(out, "(%d)\n", *lenp); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - prettyColumn = -1; - return lenLen; -} - -static int -prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end, - unsigned int lv, PRBool raw) -{ - int slen; - int lenLen; - unsigned char *orig = data; - int rv; - - while (data < end) { - unsigned char code; - PRBool indefinite; - - slen = prettyPrintTag(out, data, end, &code, lv, raw); - if (slen < 0) - return slen; - data += slen; - - lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw); - if (lenLen < 0) - return lenLen; - data += lenLen; - - /* - * Just quit now if slen more bytes puts us off the end. - */ - if ((data + slen) > end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - if (code & SEC_ASN1_CONSTRUCTED) { - if (slen > 0 || indefinite) { - slen = prettyPrintItem(out, data, - slen == 0 ? end : data + slen, - lv+1, raw); - if (slen < 0) - return slen; - data += slen; - } - } else if (code == 0) { - if (slen != 0 || lenLen != 1) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - break; - } else { - switch (code) { - case SEC_ASN1_PRINTABLE_STRING: - case SEC_ASN1_IA5_STRING: - case SEC_ASN1_VISIBLE_STRING: - rv = prettyPrintString(out, data, slen, lv+1, raw); - if (rv < 0) - return rv; - break; - case SEC_ASN1_UTC_TIME: - rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE); - if (rv < 0) - return rv; - break; - case SEC_ASN1_GENERALIZED_TIME: - rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE); - if (rv < 0) - return rv; - break; - case SEC_ASN1_OBJECT_ID: - rv = prettyPrintObjectID(out, data, slen, lv+1, raw); - if (rv < 0) - return rv; - break; - case SEC_ASN1_BOOLEAN: /* could do nicer job */ - case SEC_ASN1_INTEGER: /* could do nicer job */ - case SEC_ASN1_BIT_STRING: /* could do nicer job */ - case SEC_ASN1_OCTET_STRING: - case SEC_ASN1_NULL: - case SEC_ASN1_ENUMERATED: /* could do nicer job, as INTEGER */ - case SEC_ASN1_UTF8_STRING: - case SEC_ASN1_T61_STRING: /* print as printable string? */ - case SEC_ASN1_UNIVERSAL_STRING: - case SEC_ASN1_BMP_STRING: - default: - rv = prettyPrintLeaf(out, data, slen, lv+1); - if (rv < 0) - return rv; - break; - } - data += slen; - } - } - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - return data - orig; -} - -SECStatus -DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw) -{ - int rv; - - prettyColumn = -1; - - rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw); - if (rv < 0) - return SECFailure; - return SECSuccess; -} diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c deleted file mode 100644 index 3fce2c7c2c..0000000000 --- a/security/nss/cmd/lib/ffs.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifdef XP_PC - -int ffs( unsigned int i) -{ - int rv = 1; - - if (!i) return 0; - - while (!(i & 1)) { - i >>= 1; - ++rv; - } - - return rv; -} -#endif diff --git a/security/nss/cmd/lib/makefile.win b/security/nss/cmd/lib/makefile.win deleted file mode 100644 index 92081a2f83..0000000000 --- a/security/nss/cmd/lib/makefile.win +++ /dev/null @@ -1,66 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -include - -include <$(DEPTH)\config\config.mak> - -# include files are aought in LINCS and INCS. -# LINCS are generated from REQUIRES in manigest.mn -INCS = $(INCS) \ - -I..\include \ - -I..\..\lib\cert \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)\dist\public\security \ - -I$(DEPTH)\dist\public\nspr \ - -I$(DEPTH)\cmd\winfe \ - $(NULL) - -LCFLAGS = -DUSE_SSL -DEXPORT_VERSION - -PDBFILE = $(LIBNAME).pdb - -# work around a bug in rules.mak -LIBRARY_SUFFIX = $(MOZ_BITS) - -include <$(DEPTH)\config\rules.mak> - -install:: $(LIBRARY) -# $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib - - -symbols:: - @echo "LIBRARY_NAME is $(LIBRARY_NAME)" - @echo "LIBRARY is $(LIBRARY)" diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn deleted file mode 100644 index 56ed326acb..0000000000 --- a/security/nss/cmd/lib/manifest.mn +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -LIBRARY_NAME = sectool - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = seccmd - -DEFINES = -DNSPR20 - -EXPORTS = secutil.h \ - $(NULL) - -CSRCS = secutil.c \ - secpwd.c \ - derprint.c \ - secerror.c \ - seccnames.c \ - ffs.c \ - $(NULL) - -REQUIRES = nss nspr dbm - diff --git a/security/nss/cmd/lib/seccnames.c b/security/nss/cmd/lib/seccnames.c deleted file mode 100644 index a1857dc0ef..0000000000 --- a/security/nss/cmd/lib/seccnames.c +++ /dev/null @@ -1,204 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* -** secutil.c - various functions used by security stuff -** -*/ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" -#include "prerror.h" -#include "prprf.h" -#include "plgetopt.h" - -#include "secutil.h" -#include "secpkcs7.h" -#include "secrng.h" -#if !defined(_WIN32_WCE) -#include -#endif -#include - -#ifdef XP_UNIX -#include -#endif - -/* for SEC_TraverseNames */ -#include "cert.h" -#include "certt.h" -#include "certdb.h" - -typedef struct { - char * name; - CERTCertTrust trust; -} certNameAndTrustEntry; - -typedef struct { - int numCerts; - certNameAndTrustEntry *nameAndTrustEntries; -} certNameAndTrustList; - -SECStatus -sec_CountCerts(CERTCertificate *cert, SECItem *unknown, void *arg) -{ - (*(int*)arg)++; - return SECSuccess; -} - -SECStatus -sec_CollectCertNamesAndTrust(CERTCertificate *cert, SECItem *unknown, void *arg) -{ - certNameAndTrustList *pCertNames = (certNameAndTrustList*)arg; - char *name; - int i; - - i = pCertNames->numCerts; - name = cert->nickname ? cert->nickname : cert->emailAddr; - - if (name) - pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(name); - else - pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(""); - - PORT_Memcpy(&pCertNames->nameAndTrustEntries[i].trust, cert->trust, sizeof(*cert->trust)); - - pCertNames->numCerts++; - - return SECSuccess; -} - - -static int -sec_name_and_trust_compare_by_name(const void *p1, const void *p2) -{ - certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1; - certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2; - return PORT_Strcmp(e1->name, e2->name); -} - -static int -sec_combine_trust_flags(CERTCertTrust *trust) -{ - if (trust == NULL) - return 0; - return trust->sslFlags | trust->emailFlags | trust->objectSigningFlags; -} - -static int -sec_name_and_trust_compare_by_trust(const void *p1, const void *p2) -{ - certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1; - certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2; - int e1_is_ca, e2_is_ca; - int e1_is_user, e2_is_user; - int rv; - - e1_is_ca = (sec_combine_trust_flags(&e1->trust) & CERTDB_VALID_CA) != 0; - e2_is_ca = (sec_combine_trust_flags(&e2->trust) & CERTDB_VALID_CA) != 0; - e1_is_user = (sec_combine_trust_flags(&e1->trust) & CERTDB_USER) != 0; - e2_is_user = (sec_combine_trust_flags(&e2->trust) & CERTDB_USER) != 0; - - /* first, sort by user status, then CA status, */ - /* then by actual comparison of CA flags, then by name */ - if ((rv = (e2_is_user - e1_is_user)) == 0 && (rv = (e1_is_ca - e2_is_ca)) == 0) - if (e1_is_ca || (rv = memcmp(&e1->trust, &e2->trust, sizeof(CERTCertTrust))) == 0) - return PORT_Strcmp(e1->name, e2->name); - else - return rv; - else - return rv; -} - -SECStatus -SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc *out, - PRBool sortByName, PRBool sortByTrust) -{ - certNameAndTrustList certNames = { 0, NULL }; - int numCerts, i; - SECStatus rv; - int (*comparefn)(const void *, const void *); - char trusts[30]; - - numCerts = 0; - - rv = SEC_TraversePermCerts(handle, sec_CountCerts, &numCerts); - if (rv != SECSuccess) - return SECFailure; - - certNames.nameAndTrustEntries = - (certNameAndTrustEntry *)PORT_Alloc(numCerts * sizeof(certNameAndTrustEntry)); - if (certNames.nameAndTrustEntries == NULL) - return SECFailure; - - rv = SEC_TraversePermCerts(handle, sec_CollectCertNamesAndTrust, &certNames); - if (rv != SECSuccess) - return SECFailure; - - if (sortByName) - comparefn = sec_name_and_trust_compare_by_name; - else if (sortByTrust) - comparefn = sec_name_and_trust_compare_by_trust; - else - comparefn = NULL; - - if (comparefn) - qsort(certNames.nameAndTrustEntries, certNames.numCerts, - sizeof(certNameAndTrustEntry), comparefn); - - PR_fprintf(out, "\n%-60s %-5s\n\n", "Certificate Name", "Trust Attributes"); - for (i = 0; i < certNames.numCerts; i++) { - PORT_Memset (trusts, 0, sizeof(trusts)); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.sslFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.emailFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.objectSigningFlags); - PR_fprintf(out, "%-60s %-5s\n", - certNames.nameAndTrustEntries[i].name, trusts); - } - PR_fprintf(out, "\n"); - PR_fprintf(out, "p Valid peer\n"); - PR_fprintf(out, "P Trusted peer (implies p)\n"); - PR_fprintf(out, "c Valid CA\n"); - PR_fprintf(out, "T Trusted CA to issue client certs (implies c)\n"); - PR_fprintf(out, "C Trusted CA to certs(only server certs for ssl) (implies c)\n"); - PR_fprintf(out, "u User cert\n"); - PR_fprintf(out, "w Send warning\n"); - - for (i = 0; i < certNames.numCerts; i++) - PORT_Free(certNames.nameAndTrustEntries[i].name); - PORT_Free(certNames.nameAndTrustEntries); - - return rv; -} diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c deleted file mode 100644 index 857704b79d..0000000000 --- a/security/nss/cmd/lib/secerror.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "nspr.h" - -struct tuple_str { - PRErrorCode errNum; - const char * errString; -}; - -typedef struct tuple_str tuple_str; - -#define ER2(a,b) {a, b}, -#define ER3(a,b,c) {a, c}, - -#include "secerr.h" -#include "sslerr.h" - -const tuple_str errStrings[] = { - -/* keep this list in asceding order of error numbers */ -#include "SSLerrs.h" -#include "SECerrs.h" -#include "NSPRerrs.h" - -}; - -const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str); - -/* Returns a UTF-8 encoded constant error string for "errNum". - * Returns NULL of errNum is unknown. - */ -const char * -SECU_Strerror(PRErrorCode errNum) { - PRInt32 low = 0; - PRInt32 high = numStrings - 1; - PRInt32 i; - PRErrorCode num; - static int initDone; - - /* make sure table is in ascending order. - * binary search depends on it. - */ - if (!initDone) { - PRErrorCode lastNum = ((PRInt32)0x80000000); - for (i = low; i <= high; ++i) { - num = errStrings[i].errNum; - if (num <= lastNum) { - fprintf(stderr, -"sequence error in error strings at item %d\n" -"error %d (%s)\n" -"should come after \n" -"error %d (%s)\n", - i, lastNum, errStrings[i-1].errString, - num, errStrings[i].errString); - } - lastNum = num; - } - initDone = 1; - } - - /* Do binary search of table. */ - while (low + 1 < high) { - i = (low + high) / 2; - num = errStrings[i].errNum; - if (errNum == num) - return errStrings[i].errString; - if (errNum < num) - high = i; - else - low = i; - } - if (errNum == errStrings[low].errNum) - return errStrings[low].errString; - if (errNum == errStrings[high].errNum) - return errStrings[high].errString; - return NULL; -} diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c deleted file mode 100644 index 9a505a7201..0000000000 --- a/security/nss/cmd/lib/secpwd.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -/* - * NOTE: The contents of this file are NOT used by the client. - * (They are part of the security library as a whole, but they are - * NOT USED BY THE CLIENT.) Do not change things on behalf of the - * client (like localizing strings), or add things that are only - * for the client (put them elsewhere). - */ - - -#ifdef XP_UNIX -#include -#include -#endif - -#if( defined(_WINDOWS) && !defined(_WIN32_WCE)) || defined(XP_OS2_VACPP) -#include -#include -#define QUIET_FGETS quiet_fgets -static char * quiet_fgets (char *buf, int length, FILE *input); -#else -#define QUIET_FGETS fgets -#endif - -static void echoOff(int fd) -{ -#if defined(XP_UNIX) && !defined(VMS) - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag &= ~ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -#endif -} - -static void echoOn(int fd) -{ -#if defined(XP_UNIX) && !defined(VMS) - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag |= ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -#endif -} - -char *SEC_GetPassword(FILE *input, FILE *output, char *prompt, - PRBool (*ok)(char *)) -{ -#if defined(_WINDOWS) - int isTTY = (input == stdin); -#define echoOn(x) -#define echoOff(x) -#else - int infd = fileno(input); - int isTTY = isatty(infd); -#endif - char phrase[200]; - - for (;;) { - /* Prompt for password */ - if (isTTY) { - fprintf(output, "%s", prompt); - fflush (output); - echoOff(infd); - } - - QUIET_FGETS ( phrase, sizeof(phrase), input); - - if (isTTY) { - fprintf(output, "\n"); - echoOn(infd); - } - - /* stomp on newline */ - phrase[PORT_Strlen(phrase)-1] = 0; - - /* Validate password */ - if (!(*ok)(phrase)) { - /* Not weird enough */ - if (!isTTY) return 0; - fprintf(output, "Password must be at least 8 characters long with one or more\n"); - fprintf(output, "non-alphabetic characters\n"); - continue; - } - return (char*) PORT_Strdup(phrase); - } -} - - - -PRBool SEC_CheckPassword(char *cp) -{ - int len; - char *end; - - len = PORT_Strlen(cp); - if (len < 8) { - return PR_FALSE; - } - end = cp + len; - while (cp < end) { - unsigned char ch = *cp++; - if (!((ch >= 'A') && (ch <= 'Z')) && - !((ch >= 'a') && (ch <= 'z'))) { - /* pass phrase has at least one non alphabetic in it */ - return PR_TRUE; - } - } - return PR_FALSE; -} - -PRBool SEC_BlindCheckPassword(char *cp) -{ - if (cp != NULL) { - return PR_TRUE; - } - return PR_FALSE; -} - -/* Get a password from the input terminal, without echoing */ - -#if defined(_WINDOWS) || defined(XP_OS2_VACPP) -static char * quiet_fgets (char *buf, int length, FILE *input) - { - int c; - char *end = buf; - - /* fflush (input); */ - memset (buf, 0, length); - -#ifndef XP_OS2_VACPP - if (input != stdin) { - return fgets(buf,length,input); - } -#else - if (!isatty(fileno(input))) { - return fgets(buf,length,input); - } -#endif - - while (1) - { -#if defined (_WIN32_WCE) - c = getchar(); /* gets a character from stdin */ -#else - c = getch(); /* getch gets a character from the console */ -#endif - if (c == '\b') - { - if (end > buf) - end--; - } - - else if (--length > 0) - *end++ = c; - - if (!c || c == '\n' || c == '\r') - break; - } - - return buf; - } -#endif diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c deleted file mode 100644 index f205105e51..0000000000 --- a/security/nss/cmd/lib/secutil.c +++ /dev/null @@ -1,2617 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* -** secutil.c - various functions used by security stuff -** -*/ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" -#include "prerror.h" -#include "prprf.h" -#include "plgetopt.h" -#include "prenv.h" - -#include "secutil.h" -#include "secpkcs7.h" -#include "secrng.h" -#include -#if !defined(_WIN32_WCE) -#include -#include -#endif - -#ifdef XP_UNIX -#include -#endif - -/* for SEC_TraverseNames */ -#include "cert.h" -#include "certt.h" -#include "certdb.h" - -/* #include "secmod.h" */ -#include "pk11func.h" -#include "secoid.h" - -static char consoleName[] = { -#ifdef XP_UNIX -#ifdef VMS - "TT" -#else - "/dev/tty" -#endif -#else -#ifdef XP_OS2 - "\\DEV\\CON" -#else - "CON:" -#endif -#endif -}; - -char * -SECU_GetString(int16 error_number) -{ - - static char errString[80]; - sprintf(errString, "Unknown error string (%d)", error_number); - return errString; -} - -void -SECU_PrintError(char *progName, char *msg, ...) -{ - va_list args; - PRErrorCode err = PORT_GetError(); - const char * errString = SECU_Strerror(err); - - va_start(args, msg); - - fprintf(stderr, "%s: ", progName); - vfprintf(stderr, msg, args); - if (errString != NULL && PORT_Strlen(errString) > 0) - fprintf(stderr, ": %s\n", errString); - else - fprintf(stderr, ": error %d\n", (int)err); - - va_end(args); -} - -void -SECU_PrintSystemError(char *progName, char *msg, ...) -{ - va_list args; - - va_start(args, msg); - fprintf(stderr, "%s: ", progName); - vfprintf(stderr, msg, args); -#if defined(_WIN32_WCE) - fprintf(stderr, ": %d\n", PR_GetOSError()); -#else - fprintf(stderr, ": %s\n", strerror(errno)); -#endif - va_end(args); -} - -static void -secu_ClearPassword(char *p) -{ - if (p) { - PORT_Memset(p, 0, PORT_Strlen(p)); - PORT_Free(p); - } -} - -char * -SECU_GetPasswordString(void *arg, char *prompt) -{ -#ifndef _WINDOWS - char *p = NULL; - FILE *input, *output; - - /* open terminal */ - input = fopen(consoleName, "r"); - if (input == NULL) { - fprintf(stderr, "Error opening input terminal for read\n"); - return NULL; - } - - output = fopen(consoleName, "w"); - if (output == NULL) { - fprintf(stderr, "Error opening output terminal for write\n"); - return NULL; - } - - p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword); - - - fclose(input); - fclose(output); - - return p; - -#else - /* Win32 version of above. opening the console may fail - on windows95, and certainly isn't necessary.. */ - - char *p = NULL; - - p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword); - return p; - -#endif -} - - -/* - * p a s s w o r d _ h a r d c o d e - * - * A function to use the password passed in the -f(pwfile) argument - * of the command line. - * After use once, null it out otherwise PKCS11 calls us forever.? - * - */ -char * -SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - unsigned char phrase[200]; - PRFileDesc *fd; - PRInt32 nb; - char *pwFile = arg; - int i; - - if (!pwFile) - return 0; - - if (retry) { - return 0; /* no good retrying - the files contents will be the same */ - } - - fd = PR_Open(pwFile, PR_RDONLY, 0); - if (!fd) { - fprintf(stderr, "No password file \"%s\" exists.\n", pwFile); - return NULL; - } - - nb = PR_Read(fd, phrase, sizeof(phrase)); - - PR_Close(fd); - /* handle the Windows EOL case */ - i = 0; - while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++; - phrase[i] = '\0'; - if (nb == 0) { - fprintf(stderr,"password file contains no data\n"); - return NULL; - } - return (char*) PORT_Strdup((char*)phrase); -} - -char * -SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - char prompt[255]; - secuPWData *pwdata = (secuPWData *)arg; - secuPWData pwnull = { PW_NONE, 0 }; - char *pw; - - if (pwdata == NULL) - pwdata = &pwnull; - - if (retry && pwdata->source != PW_NONE) { - PR_fprintf(PR_STDERR, "incorrect password entered at command line.\n"); - return NULL; - } - - switch (pwdata->source) { - case PW_NONE: - sprintf(prompt, "Enter Password or Pin for \"%s\":", - PK11_GetTokenName(slot)); - return SECU_GetPasswordString(NULL, prompt); - case PW_FROMFILE: - /* Instead of opening and closing the file every time, get the pw - * once, then keep it in memory (duh). - */ - pw = SECU_FilePasswd(slot, retry, pwdata->data); - pwdata->source = PW_PLAINTEXT; - pwdata->data = PL_strdup(pw); - /* it's already been dup'ed */ - return pw; - case PW_PLAINTEXT: - return PL_strdup(pwdata->data); - default: - break; - } - - PR_fprintf(PR_STDERR, "Password check failed: No password found.\n"); - return NULL; -} - -char * -secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - char *p0 = NULL; - char *p1 = NULL; - FILE *input, *output; - secuPWData *pwdata = arg; - - if (pwdata->source == PW_FROMFILE) { - return SECU_FilePasswd(slot, retry, pwdata->data); - } - if (pwdata->source == PW_PLAINTEXT) { - return PL_strdup(pwdata->data); - } - - /* PW_NONE - get it from tty */ - /* open terminal */ -#ifdef _WINDOWS - input = stdin; -#else - input = fopen(consoleName, "r"); -#endif - if (input == NULL) { - PR_fprintf(PR_STDERR, "Error opening input terminal for read\n"); - return NULL; - } - - /* we have no password, so initialize database with one */ - PR_fprintf(PR_STDERR, - "Enter a password which will be used to encrypt your keys.\n" - "The password should be at least 8 characters long,\n" - "and should contain at least one non-alphabetic character.\n\n"); - - output = fopen(consoleName, "w"); - if (output == NULL) { - PR_fprintf(PR_STDERR, "Error opening output terminal for write\n"); - return NULL; - } - - - for (;;) { - if (p0) - PORT_Free(p0); - p0 = SEC_GetPassword(input, output, "Enter new password: ", - SEC_BlindCheckPassword); - - if (p1) - PORT_Free(p1); - p1 = SEC_GetPassword(input, output, "Re-enter password: ", - SEC_BlindCheckPassword); - if (p0 && p1 && !PORT_Strcmp(p0, p1)) { - break; - } - PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n"); - } - - /* clear out the duplicate password string */ - secu_ClearPassword(p1); - - fclose(input); - fclose(output); - - return p0; -} - -SECStatus -SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile) -{ - SECStatus rv; - secuPWData pwdata, newpwdata; - char *oldpw = NULL, *newpw = NULL; - - if (passwd) { - pwdata.source = PW_PLAINTEXT; - pwdata.data = passwd; - } else if (pwFile) { - pwdata.source = PW_FROMFILE; - pwdata.data = pwFile; - } else { - pwdata.source = PW_NONE; - pwdata.data = NULL; - } - - if (PK11_NeedUserInit(slot)) { - newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata); - rv = PK11_InitPin(slot, (char*)NULL, newpw); - goto done; - } - - for (;;) { - oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata); - - if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { - if (pwdata.source == PW_NONE) { - PR_fprintf(PR_STDERR, "Invalid password. Try again.\n"); - } else { - PR_fprintf(PR_STDERR, "Invalid password.\n"); - PORT_Memset(oldpw, 0, PL_strlen(oldpw)); - PORT_Free(oldpw); - return SECFailure; - } - } else - break; - - PORT_Free(oldpw); - } - - newpwdata.source = PW_NONE; - newpwdata.data = NULL; - - newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata); - - if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, "Failed to change password.\n"); - return SECFailure; - } - - PORT_Memset(oldpw, 0, PL_strlen(oldpw)); - PORT_Free(oldpw); - - PR_fprintf(PR_STDOUT, "Password changed successfully.\n"); - -done: - PORT_Memset(newpw, 0, PL_strlen(newpw)); - PORT_Free(newpw); - return SECSuccess; -} - -struct matchobj { - SECItem index; - char *nname; - PRBool found; -}; - -char * -SECU_DefaultSSLDir(void) -{ - char *dir; - static char sslDir[1000]; - - dir = PR_GetEnv("SSL_DIR"); - if (!dir) - return NULL; - - sprintf(sslDir, "%s", dir); - - if (sslDir[strlen(sslDir)-1] == '/') - sslDir[strlen(sslDir)-1] = 0; - - return sslDir; -} - -char * -SECU_AppendFilenameToDir(char *dir, char *filename) -{ - static char path[1000]; - - if (dir[strlen(dir)-1] == '/') - sprintf(path, "%s%s", dir, filename); - else - sprintf(path, "%s/%s", dir, filename); - return path; -} - -char * -SECU_ConfigDirectory(const char* base) -{ - static PRBool initted = PR_FALSE; - const char *dir = ".netscape"; - char *home; - static char buf[1000]; - - if (initted) return buf; - - - if (base == NULL || *base == 0) { - home = PR_GetEnv("HOME"); - if (!home) home = ""; - - if (*home && home[strlen(home) - 1] == '/') - sprintf (buf, "%.900s%s", home, dir); - else - sprintf (buf, "%.900s/%s", home, dir); - } else { - sprintf(buf, "%.900s", base); - if (buf[strlen(buf) - 1] == '/') - buf[strlen(buf) - 1] = 0; - } - - - initted = PR_TRUE; - return buf; -} - -/*Turn off SSL for now */ -/* This gets called by SSL when server wants our cert & key */ -int -SECU_GetClientAuthData(void *arg, PRFileDesc *fd, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey) -{ - SECKEYPrivateKey *key; - CERTCertificate *cert; - int errsave; - - if (arg == NULL) { - fprintf(stderr, "no key/cert name specified for client auth\n"); - return -1; - } - cert = PK11_FindCertFromNickname(arg, NULL); - errsave = PORT_GetError(); - if (!cert) { - if (errsave == SEC_ERROR_BAD_PASSWORD) - fprintf(stderr, "Bad password\n"); - else if (errsave > 0) - fprintf(stderr, "Unable to read cert (error %d)\n", errsave); - else if (errsave == SEC_ERROR_BAD_DATABASE) - fprintf(stderr, "Unable to get cert from database (%d)\n", errsave); - else - fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave); - return -1; - } - - key = PK11_FindKeyByAnyCert(arg,NULL); - if (!key) { - fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError()); - return -1; - } - - - *pRetCert = cert; - *pRetKey = key; - - return 0; -} - -SECStatus -secu_StdinToItem(SECItem *dst) -{ - unsigned char buf[1000]; - PRInt32 numBytes; - PRBool notDone = PR_TRUE; - - dst->len = 0; - dst->data = NULL; - - while (notDone) { - numBytes = PR_Read(PR_STDIN, buf, sizeof(buf)); - - if (numBytes < 0) { - PORT_SetError(PR_IO_ERROR); - return SECFailure; - } - - if (numBytes == 0) - break; - - if (buf[numBytes-1] == '\n') { - buf[numBytes-1] = '\0'; - notDone = PR_FALSE; - } - - if (dst->data) { - dst->data = (unsigned char*)PORT_Realloc(dst->data, - dst->len+numBytes); - PORT_Memcpy(dst->data+dst->len, buf, numBytes); - } else { - dst->data = (unsigned char*)PORT_Alloc(numBytes); - PORT_Memcpy(dst->data, buf, numBytes); - } - dst->len += numBytes; - } - - return SECSuccess; -} - -SECStatus -SECU_FileToItem(SECItem *dst, PRFileDesc *src) -{ - PRFileInfo info; - PRInt32 numBytes; - PRStatus prStatus; - - if (src == PR_STDIN) - return secu_StdinToItem(dst); - - prStatus = PR_GetOpenFileInfo(src, &info); - - if (prStatus != PR_SUCCESS) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - - /* XXX workaround for 3.1, not all utils zero dst before sending */ - dst->data = 0; - if (!SECITEM_AllocItem(NULL, dst, info.size)) - goto loser; - - numBytes = PR_Read(src, dst->data, info.size); - if (numBytes != info.size) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - - return SECSuccess; -loser: - SECITEM_FreeItem(dst, PR_FALSE); - return SECFailure; -} - -SECStatus -SECU_TextFileToItem(SECItem *dst, PRFileDesc *src) -{ - PRFileInfo info; - PRInt32 numBytes; - PRStatus prStatus; - unsigned char *buf; - - if (src == PR_STDIN) - return secu_StdinToItem(dst); - - prStatus = PR_GetOpenFileInfo(src, &info); - - if (prStatus != PR_SUCCESS) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - - buf = (unsigned char*)PORT_Alloc(info.size); - if (!buf) - return SECFailure; - - numBytes = PR_Read(src, buf, info.size); - if (numBytes != info.size) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - - if (buf[numBytes-1] == '\n') numBytes--; -#ifdef _WINDOWS - if (buf[numBytes-1] == '\r') numBytes--; -#endif - - /* XXX workaround for 3.1, not all utils zero dst before sending */ - dst->data = 0; - if (!SECITEM_AllocItem(NULL, dst, numBytes)) - goto loser; - - memcpy(dst->data, buf, numBytes); - - PORT_Free(buf); - return SECSuccess; -loser: - PORT_Free(buf); - return SECFailure; -} - -SECStatus -SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii) -{ - SECStatus rv; - char *asc, *body, *trailer; - if (ascii) { - /* First convert ascii to binary */ - SECItem filedata; - - /* Read in ascii data */ - rv = SECU_FileToItem(&filedata, inFile); - asc = (char *)filedata.data; - if (!asc) { - fprintf(stderr, "unable to read data from input file\n"); - return SECFailure; - } - - /* check for headers and trailers and remove them */ - if ((body = strstr(asc, "-----BEGIN")) != NULL) { - body = PORT_Strchr(body, '\n') + 1; - trailer = strstr(body, "-----END"); - if (trailer != NULL) { - *trailer = '\0'; - } else { - fprintf(stderr, "input has header but no trailer\n"); - return SECFailure; - } - } else { - body = asc; - } - - /* Convert to binary */ - rv = ATOB_ConvertAsciiToItem(der, body); - if (rv) { - fprintf(stderr, "error converting ascii to binary (%s)\n", - SECU_Strerror(PORT_GetError())); - return SECFailure; - } - PORT_Free(asc); - } else { - /* Read in binary der */ - rv = SECU_FileToItem(der, inFile); - if (rv) { - fprintf(stderr, "error converting der (%s)\n", - SECU_Strerror(PORT_GetError())); - return SECFailure; - } - } - return SECSuccess; -} - -#define INDENT_MULT 4 -void -SECU_Indent(FILE *out, int level) -{ - int i; - for (i = 0; i < level; i++) { - fprintf(out, " "); - } -} - -static void secu_Newline(FILE *out) -{ - fprintf(out, "\n"); -} - -void -SECU_PrintAsHex(FILE *out, SECItem *data, const char *m, int level) -{ - unsigned i; - int column; - PRBool isString = PR_TRUE; - - if ( m ) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - level++; - } - - SECU_Indent(out, level); column = level*INDENT_MULT; - for (i = 0; i < data->len; i++) { - unsigned char val = data->data[i]; - - if (isString && val && !isprint(val)) { - isString = PR_FALSE; - } - if (i != data->len - 1) { - fprintf(out, "%02x:", data->data[i]); - column += 4; - } else { - fprintf(out, "%02x", data->data[i]); - column += 3; - break; - } - if (column > 76) { - secu_Newline(out); - SECU_Indent(out, level); column = level*INDENT_MULT; - } - } - if (isString) { - secu_Newline(out); - SECU_Indent(out, level); column = level*INDENT_MULT; - for (i = 0; i < data->len; i++) { - unsigned char val = data->data[i]; - - if (val) { - fprintf(out,"%c",val); - column++; - } else { - column = 77; - } - if (column > 76) { - secu_Newline(out); - SECU_Indent(out, level); column = level*INDENT_MULT; - } - } - } - - level--; - if (column != level*INDENT_MULT) { - secu_Newline(out); - } -} - -static const char *hex = "0123456789abcdef"; - -static const char printable[257] = { - "................" /* 0x */ - "................" /* 1x */ - " !\"#$%&'()*+,-./" /* 2x */ - "0123456789:;<=>?" /* 3x */ - "@ABCDEFGHIJKLMNO" /* 4x */ - "PQRSTUVWXYZ[\\]^_" /* 5x */ - "`abcdefghijklmno" /* 6x */ - "pqrstuvwxyz{|}~." /* 7x */ - "................" /* 8x */ - "................" /* 9x */ - "................" /* ax */ - "................" /* bx */ - "................" /* cx */ - "................" /* dx */ - "................" /* ex */ - "................" /* fx */ -}; - -void -SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len) -{ - const unsigned char *cp = (const unsigned char *)vp; - char buf[80]; - char *bp; - char *ap; - - fprintf(out, "%s [Len: %d]\n", msg, len); - memset(buf, ' ', sizeof buf); - bp = buf; - ap = buf + 50; - while (--len >= 0) { - unsigned char ch = *cp++; - *bp++ = hex[(ch >> 4) & 0xf]; - *bp++ = hex[ch & 0xf]; - *bp++ = ' '; - *ap++ = printable[ch]; - if (ap - buf >= 66) { - *ap = 0; - fprintf(out, " %s\n", buf); - memset(buf, ' ', sizeof buf); - bp = buf; - ap = buf + 50; - } - } - if (bp > buf) { - *ap = 0; - fprintf(out, " %s\n", buf); - } -} - -void -SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level) -{ - int iv; - - if (i->len > 4) { - SECU_PrintAsHex(out, i, m, level); - } else { - iv = DER_GetInteger(i); - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: %d (0x%x)\n", m, iv, iv); - } else { - fprintf(out, "%d (0x%x)\n", iv, iv); - } - } -} - -void -SECU_PrintString(FILE *out, SECItem *i, char *m, int level) -{ - char *string; - unsigned char *data = i->data; - int len = i->len; - int lenlen; - int tag; - - string = PORT_ZAlloc(i->len+1); - - tag = *data++; len--; - if (data[1] & 0x80) { - lenlen = data[1] & 0x1f; - } else { - lenlen = 1; - } - data += lenlen; len -= lenlen; - if (len <= 0) return; - PORT_Memcpy(string,data,len); - - /* should check the validity of tag, and convert the string as necessary */ - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: \"%s\"\n", m, string); - } else { - fprintf(out, "\"%s\"\n", string); - } -} - -static void -secu_PrintBoolean(FILE *out, SECItem *i, char *m, int level) -{ - int val = 0; - - if ( i->data ) { - val = i->data[0]; - } - - if (m) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); level++; - } - if ( val ) { - SECU_Indent(out, level); fprintf(out, "%s\n", "True"); - } else { - SECU_Indent(out, level); fprintf(out, "%s\n", "False"); - } -} - -/* - * Format and print "time". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -static void -secu_PrintTime(FILE *out, int64 time, char *m, int level) -{ - PRExplodedTime printableTime; - char *timeString; - - /* Convert to local time */ - PR_ExplodeTime(time, PR_GMTParameters, &printableTime); - - timeString = PORT_Alloc(100); - if (timeString == NULL) - return; - - if (m != NULL) { - SECU_Indent(out, level); - fprintf(out, "%s: ", m); - } - - PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime); - fprintf(out, timeString); - - if (m != NULL) - fprintf(out, "\n"); - - PORT_Free(timeString); -} - -/* - * Format and print the UTC Time "t". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -void -SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level) -{ - int64 time; - SECStatus rv; - - rv = DER_UTCTimeToTime(&time, t); - if (rv != SECSuccess) - return; - - secu_PrintTime(out, time, m, level); -} - -/* - * Format and print the Generalized Time "t". If the tag message "m" - * is not NULL, * do indent formatting based on "level" and add a newline - * afterward; otherwise just print the formatted time string only. - */ -void -SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level) -{ - int64 time; - SECStatus rv; - - - rv = DER_GeneralizedTimeToTime(&time, t); - if (rv != SECSuccess) - return; - - secu_PrintTime(out, time, m, level); -} - -static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level); - -void -SECU_PrintSet(FILE *out, SECItem *t, char *m, int level) -{ - int type= t->data[0] & SEC_ASN1_TAGNUM_MASK; - int start; - unsigned char *bp; - - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: ", m); - } - - fprintf(out,"%s {\n", type == SEC_ASN1_SET ? "Set" : "Sequence"); /* } */ - - start = 2; - if (t->data[1] & 0x80) { - start += (t->data[1] & 0x7f); - } - for (bp=&t->data[start]; bp < &t->data[t->len]; ) { - SECItem tmp; - unsigned int i,len,lenlen; - - if (bp[1] & 0x80) { - lenlen = bp[1] & 0x1f; - len = 0; - for (i=0; i < lenlen; i++) { - len = len * 255 + bp[2+i]; - } - } else { - lenlen = 1; - len = bp[1]; - } - tmp.len = len+lenlen+1; - if (tmp.len > &t->data[t->len] - bp) { - tmp.len = &t->data[t->len] - bp; - } - tmp.data = bp; - bp += tmp.len; - secu_PrintAny(out,&tmp,NULL,level+1); - } - /* { */SECU_Indent(out, level); fprintf(out, "}\n"); -} - -static void -secu_PrintContextSpecific(FILE *out, SECItem *i, char *m, int level) -{ - int type= i->data[0] & SEC_ASN1_TAGNUM_MASK; - SECItem tmp; - int start; - - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: ", m); - } - - fprintf(out,"[%d]\n", type); - start = 2; - if (i->data[1] & 0x80) { - start = (i->data[1] & 0x7f) +1; - } - tmp.data = &i->data[start]; - tmp.len = i->len -start; - SECU_PrintAsHex(out, &tmp, m, level+1); -} - -static void -secu_PrintOctetString(FILE *out, SECItem *i, char *m, int level) -{ - SECItem tmp; - int start; - - start = 2; - if (i->data[1] & 0x80) { - start = (i->data[1] & 0x7f) +1; - } - tmp.data = &i->data[start]; - tmp.len = i->len - start; - SECU_PrintAsHex(out, &tmp, m, level); -} - -static void -secu_PrintBitString(FILE *out, SECItem *i, char *m, int level) -{ - SECItem tmp; - int start; - int unused_bits; - - start = 2; - if (i->data[1] & 0x80) { - start = (i->data[1] & 0x7f) + 1; - } - unused_bits = i->data[start++]; - tmp.data = &i->data[start]; - tmp.len = i->len - start; - SECU_PrintAsHex(out, &tmp, m, level); - if (unused_bits) { - SECU_Indent(out, level + 1); - fprintf(out, "(%d least significant bits unused)\n", unused_bits); - } -} - -static void -secu_PrintUniversal(FILE *out, SECItem *i, char *m, int level) -{ - switch (i->data[0] & SEC_ASN1_TAGNUM_MASK) { - case SEC_ASN1_INTEGER: - SECU_PrintInteger(out, i, m, level); - break; - case SEC_ASN1_OBJECT_ID: - SECU_PrintObjectID(out, i, m, level); - break; - case SEC_ASN1_BOOLEAN: - secu_PrintBoolean(out, i, m, level); - break; - case SEC_ASN1_UTF8_STRING: - case SEC_ASN1_PRINTABLE_STRING: - case SEC_ASN1_VISIBLE_STRING: - case SEC_ASN1_BMP_STRING: - case SEC_ASN1_IA5_STRING: - case SEC_ASN1_T61_STRING: - case SEC_ASN1_UNIVERSAL_STRING: - SECU_PrintString(out, i, m, level); - break; - case SEC_ASN1_GENERALIZED_TIME: - SECU_PrintGeneralizedTime(out, i, m, level); - break; - case SEC_ASN1_UTC_TIME: - SECU_PrintUTCTime(out, i, m, level); - break; - case SEC_ASN1_NULL: - SECU_Indent(out, level); fprintf(out, "%s: NULL\n", m); - break; - case SEC_ASN1_SET: - case SEC_ASN1_SEQUENCE: - SECU_PrintSet(out, i, m, level); - break; - case SEC_ASN1_OCTET_STRING: - secu_PrintOctetString(out, i, m, level); - break; - case SEC_ASN1_BIT_STRING: - secu_PrintBitString(out, i, m, level); - break; - default: - SECU_PrintAsHex(out, i, m, level); - break; - } -} - -static void -secu_PrintAny(FILE *out, SECItem *i, char *m, int level) -{ - if ( i && i->len && i->data ) { - switch (i->data[0] & SEC_ASN1_CLASS_MASK) { - case SEC_ASN1_CONTEXT_SPECIFIC: - secu_PrintContextSpecific(out, i, m, level); - break; - case SEC_ASN1_UNIVERSAL: - secu_PrintUniversal(out, i, m, level); - break; - default: - SECU_PrintAsHex(out, i, m, level); - break; - } - } -} - -static int -secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintUTCTime(out, &v->notBefore, "Not Before", level+1); - SECU_PrintUTCTime(out, &v->notAfter, "Not After", level+1); - return 0; -} - -void -SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level) -{ - const char *name; - SECOidData *oiddata; - - oiddata = SECOID_FindOID(oid); - if (oiddata == NULL) { - SECU_PrintAsHex(out, oid, m, level); - return; - } - name = oiddata->desc; - - SECU_Indent(out, level); - if (m != NULL) - fprintf(out, "%s: ", m); - fprintf(out, "%s\n", name); -} - -void -SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level) -{ - SECU_PrintObjectID(out, &a->algorithm, m, level); - - if (a->parameters.len == 0 - || (a->parameters.len == 2 - && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) { - /* No arguments or NULL argument */ - } else { - /* Print args to algorithm */ - SECU_PrintAsHex(out, &a->parameters, "Args", level+1); - } -} - -static void -secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level) -{ - SECItem *value; - int i; - char om[100]; - - if (m) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - } - - /* - * Should make this smarter; look at the type field and then decode - * and print the value(s) appropriately! - */ - SECU_PrintObjectID(out, &(attr->type), "Type", level+1); - if (attr->values != NULL) { - i = 0; - while ((value = attr->values[i++]) != NULL) { - sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : ""); - if (attr->encoded || attr->typeTag == NULL) { - SECU_PrintAsHex(out, value, om, level+1); - } else { - switch (attr->typeTag->offset) { - default: - SECU_PrintAsHex(out, value, om, level+1); - break; - case SEC_OID_PKCS9_CONTENT_TYPE: - SECU_PrintObjectID(out, value, om, level+1); - break; - case SEC_OID_PKCS9_SIGNING_TIME: - SECU_PrintUTCTime(out, value, om, level+1); - break; - } - } - } - } -} - -static void -secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level) -{ -#if 0 /* - * um, yeah, that might be nice, but if you look at the callers - * you will see that they do not *set* this, so this will not work! - * Instead, somebody needs to fix the callers to be smarter about - * public key stuff, if that is important. - */ - PORT_Assert(pk->keyType == rsaKey); -#endif - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1); - SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1); -} - -static void -secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1); - SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1); - SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1); - SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1); -} - -static int -secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena, - CERTSubjectPublicKeyInfo *i, char *msg, int level) -{ - SECKEYPublicKey *pk; - int rv; - - SECU_Indent(out, level); fprintf(out, "%s:\n", msg); - SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1); - - pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey)); - if (!pk) - return PORT_GetError(); - - DER_ConvertBitString(&i->subjectPublicKey); - switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) { - case SEC_OID_PKCS1_RSA_ENCRYPTION: - rv = SEC_ASN1DecodeItem(arena, pk, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), - &i->subjectPublicKey); - if (rv) - return rv; - secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1); - break; - case SEC_OID_ANSIX9_DSA_SIGNATURE: - rv = SEC_ASN1DecodeItem(arena, pk, - SEC_ASN1_GET(SECKEY_DSAPublicKeyTemplate), - &i->subjectPublicKey); - if (rv) - return rv; - secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1); - break; - default: - fprintf(out, "bad SPKI algorithm type\n"); - return 0; - } - - return 0; -} - -static SECStatus -secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level) -{ - SECItem decodedValue; - SECStatus rv; - int64 invalidTime; - char *formattedTime = NULL; - - decodedValue.data = NULL; - rv = SEC_ASN1DecodeItem (NULL, &decodedValue, - SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), - value); - if (rv == SECSuccess) { - rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue); - if (rv == SECSuccess) { - formattedTime = CERT_GenTime2FormattedAscii - (invalidTime, "%a %b %d %H:%M:%S %Y"); - SECU_Indent(out, level +1); - fprintf (out, "%s: %s\n", msg, formattedTime); - PORT_Free (formattedTime); - } - } - PORT_Free (decodedValue.data); - return (rv); -} - -static SECStatus -PrintExtKeyUsageExten (FILE *out, SECItem *value, char *msg, int level) -{ - CERTOidSequence *os; - SECItem **op; - - SECU_Indent(out, level); fprintf(out, "Extended Key Usage Extension:\n"); - - os = CERT_DecodeOidSequence(value); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - for( op = os->oids; *op; op++ ) { - SECOidData *od = SECOID_FindOID(*op); - - if( (SECOidData *)NULL == od ) { - SECU_Indent(out, level+1); - SECU_PrintAsHex(out, *op, "Unknown:", level+2); - secu_Newline(out); - continue; - } - - SECU_Indent(out, level+1); - if( od->desc ) fprintf(out, "%s", od->desc); - else SECU_PrintAsHex(out, &od->oid, "", level+2); - - secu_Newline(out); - } - - return SECSuccess; -} - -char * -itemToString(SECItem *item) -{ - char *string; - - string = PORT_ZAlloc(item->len+1); - if (string == NULL) return NULL; - PORT_Memcpy(string,item->data,item->len); - string[item->len] = 0; - return string; -} - -static SECStatus -secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,char *msg,int level) -{ - CERTUserNotice *userNotice; - SECItem **itemList = NULL; - char *string; - - SECU_PrintObjectID(out, &policyQualifier->qualifierID , - "Policy Qualifier Name", level); - - switch (policyQualifier->oid) { - case SEC_OID_PKIX_USER_NOTICE_QUALIFIER: - userNotice = CERT_DecodeUserNotice(&policyQualifier->qualifierValue); - if (userNotice) { - if (userNotice->noticeReference.organization.len != 0) { - string=itemToString(&userNotice->noticeReference.organization); - itemList = userNotice->noticeReference.noticeNumbers; - while (*itemList) { - SECU_PrintInteger(out,*itemList,string,level+1); - itemList++; - } - PORT_Free(string); - } - if (userNotice->displayText.len != 0) { - SECU_PrintString(out,&userNotice->displayText, - "Display Text", level+1); - } - break; - } - /* fall through on error */ - case SEC_OID_PKIX_CPS_POINTER_QUALIFIER: - default: - secu_PrintAny(out, &policyQualifier->qualifierValue, "Policy Qualifier Data", level+1); - break; - } - - return SECSuccess; - -} - -static SECStatus -secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level) -{ - CERTPolicyQualifier **policyQualifiers; - - policyQualifiers = policyInfo->policyQualifiers; - SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level); - - while (*policyQualifiers != NULL) { - secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1); - policyQualifiers++; - } - return SECSuccess; - -} - -static SECStatus -secu_PrintPolicy(FILE *out, SECItem *value, char *msg, int level) -{ - CERTCertificatePolicies *policies = NULL; - CERTPolicyInfo **policyInfos; - - if (msg) { - SECU_Indent(out, level); - fprintf(out,"%s: \n",msg); - level++; - } - policies = CERT_DecodeCertificatePoliciesExtension(value); - if (policies == NULL) { - SECU_PrintAsHex(out, value, "Invalid Policy Data", level); - return SECFailure; - } - - policyInfos = policies->policyInfos; - while (*policyInfos != NULL) { - secu_PrintPolicyInfo(out,*policyInfos,"",level); - policyInfos++; - } - - CERT_DestroyCertificatePoliciesExtension(policies); - return SECSuccess; -} - -char *nsTypeBits[] = { -"SSL Client","SSL Server","S/MIME","Object Signing","Reserved","SSL CA","S/MIME CA","ObjectSigning CA" }; - -static SECStatus -secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) { - CERTBasicConstraints constraints; - SECStatus rv; - - SECU_Indent(out, level); - if (msg) { - fprintf(out,"%s: ",msg); - } - rv = CERT_DecodeBasicConstraintValue(&constraints,value); - if (rv == SECSuccess && constraints.isCA) { - fprintf(out,"Is a CA with a maximum path length of %d.\n", - constraints.pathLenConstraint); - } else { - fprintf(out,"Is not a CA.\n"); - } - return SECSuccess; -} - -static SECStatus -secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level) { - char NS_Type=0; - int len, i, found=0; - - if (value->data[1] & 0x80) { - len = 3; - } else { - len = value->data[1]; - } - if ((value->data[0] != SEC_ASN1_BIT_STRING) || (len < 2)) { - secu_PrintAny(out, value, "Data", level); - return SECSuccess; - } - NS_Type=value->data[3]; - - - if (msg) { - SECU_Indent(out, level); - fprintf(out,"%s: ",msg); - } else { - SECU_Indent(out, level); - fprintf(out,"Netscape Certificate Type: "); - } - for (i=0; i < 8; i++) { - if ( (0x80 >> i) & NS_Type) { - fprintf(out,"%c%s",found?',':'<',nsTypeBits[i]); - found = 1; - } - } - if (found) { fprintf(out,">\n"); } else { fprintf(out,"none\n"); } - return SECSuccess; -} - -void -SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions, - char *msg, int level) -{ - SECOidTag oidTag; - - if ( extensions ) { - SECU_Indent(out, level); fprintf(out, "%s:\n", msg); - - while ( *extensions ) { - SECItem *tmpitem; - SECU_Indent(out, level+1); fprintf(out, "Name:\n"); - - tmpitem = &(*extensions)->id; - SECU_PrintObjectID(out, tmpitem, NULL, level+2); - - tmpitem = &(*extensions)->critical; - if ( tmpitem->len ) { - secu_PrintBoolean(out, tmpitem, "Critical", level+1); - } - - oidTag = SECOID_FindOIDTag (&((*extensions)->id)); - tmpitem = &((*extensions)->value); - - switch (oidTag) { - case SEC_OID_X509_INVALID_DATE: - case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME: - secu_PrintX509InvalidDate(out, tmpitem, "Date", level + 1); - break; - case SEC_OID_X509_CERTIFICATE_POLICIES: - secu_PrintPolicy(out, tmpitem, "Data", level +1); - break; - case SEC_OID_NS_CERT_EXT_BASE_URL: - case SEC_OID_NS_CERT_EXT_REVOCATION_URL: - case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL: - case SEC_OID_NS_CERT_EXT_CA_CRL_URL: - case SEC_OID_NS_CERT_EXT_CA_CERT_URL: - case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL: - case SEC_OID_NS_CERT_EXT_CA_POLICY_URL: - case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL: - case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL: - case SEC_OID_OCSP_RESPONDER: - SECU_PrintString(out,tmpitem, "URL", level+1); - break; - case SEC_OID_NS_CERT_EXT_COMMENT: - SECU_PrintString(out,tmpitem, "Comment", level+1); - break; - case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME: - SECU_PrintString(out,tmpitem, "ServerName", level+1); - break; - case SEC_OID_NS_CERT_EXT_CERT_TYPE: - secu_PrintNSCertType(out,tmpitem,"Data",level+1); - break; - case SEC_OID_X509_BASIC_CONSTRAINTS: - secu_PrintBasicConstraints(out,tmpitem,"Data",level+1); - break; - - case SEC_OID_X509_SUBJECT_ALT_NAME: - case SEC_OID_X509_ISSUER_ALT_NAME: - /* - * We should add at least some of the more interesting cases - * here, but need to have subroutines to back them up. - */ - case SEC_OID_NS_CERT_EXT_NETSCAPE_OK: - case SEC_OID_NS_CERT_EXT_ISSUER_LOGO: - case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO: - case SEC_OID_NS_CERT_EXT_ENTITY_LOGO: - case SEC_OID_NS_CERT_EXT_USER_PICTURE: - case SEC_OID_NS_KEY_USAGE_GOVT_APPROVED: - - /* x.509 v3 Extensions */ - case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR: - case SEC_OID_X509_SUBJECT_KEY_ID: - case SEC_OID_X509_KEY_USAGE: - case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD: - case SEC_OID_X509_NAME_CONSTRAINTS: - case SEC_OID_X509_CRL_DIST_POINTS: - case SEC_OID_X509_POLICY_MAPPINGS: - case SEC_OID_X509_POLICY_CONSTRAINTS: - case SEC_OID_X509_AUTH_KEY_ID: - goto defualt; - - case SEC_OID_X509_EXT_KEY_USAGE: - PrintExtKeyUsageExten(out, tmpitem, "", level+1); - break; - - case SEC_OID_X509_AUTH_INFO_ACCESS: - case SEC_OID_X509_CRL_NUMBER: - case SEC_OID_X509_REASON_CODE: - - /* PKIX OIDs */ - case SEC_OID_PKIX_OCSP: - case SEC_OID_PKIX_OCSP_BASIC_RESPONSE: - case SEC_OID_PKIX_OCSP_NONCE: - case SEC_OID_PKIX_OCSP_CRL: - case SEC_OID_PKIX_OCSP_RESPONSE: - case SEC_OID_PKIX_OCSP_NO_CHECK: - case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF: - case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR: - case SEC_OID_PKIX_REGCTRL_REGTOKEN: - case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR: - case SEC_OID_PKIX_REGCTRL_PKIPUBINFO: - case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS: - case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID: - case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY: - case SEC_OID_PKIX_REGINFO_UTF8_PAIRS: - case SEC_OID_PKIX_REGINFO_CERT_REQUEST: - case SEC_OID_EXT_KEY_USAGE_SERVER_AUTH: - case SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH: - case SEC_OID_EXT_KEY_USAGE_CODE_SIGN: - case SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT: - case SEC_OID_EXT_KEY_USAGE_TIME_STAMP: - - default: - defualt: - secu_PrintAny(out, tmpitem, "Data", level+1); - break; - } - - secu_Newline(out); - extensions++; - } - } -} - - -void -SECU_PrintName(FILE *out, CERTName *name, char *msg, int level) -{ - char *str; - - SECU_Indent(out, level); fprintf(out, "%s: ", msg); - - str = CERT_NameToAscii(name); - if (!str) - str = "!Invalid AVA!"; - fprintf(out, str); - - secu_Newline(out); -} - -void -printflags(char *trusts, unsigned int flags) -{ - if (flags & CERTDB_VALID_CA) - if (!(flags & CERTDB_TRUSTED_CA) && - !(flags & CERTDB_TRUSTED_CLIENT_CA)) - PORT_Strcat(trusts, "c"); - if (flags & CERTDB_VALID_PEER) - if (!(flags & CERTDB_TRUSTED)) - PORT_Strcat(trusts, "p"); - if (flags & CERTDB_TRUSTED_CA) - PORT_Strcat(trusts, "C"); - if (flags & CERTDB_TRUSTED_CLIENT_CA) - PORT_Strcat(trusts, "T"); - if (flags & CERTDB_TRUSTED) - PORT_Strcat(trusts, "P"); - if (flags & CERTDB_USER) - PORT_Strcat(trusts, "u"); - if (flags & CERTDB_SEND_WARN) - PORT_Strcat(trusts, "w"); - if (flags & CERTDB_INVISIBLE_CA) - PORT_Strcat(trusts, "I"); - if (flags & CERTDB_GOVT_APPROVED_CA) - PORT_Strcat(trusts, "G"); - return; -} - -/* callback for listing certs through pkcs11 */ -SECStatus -SECU_PrintCertNickname(CERTCertificate *cert, void *data) -{ - CERTCertTrust *trust; - FILE *out; - char trusts[30]; - char *name; - - PORT_Memset (trusts, 0, sizeof (trusts)); - out = (FILE *)data; - - name = cert->nickname; - if ( name == NULL ) { - name = cert->emailAddr; - } - if ( name == NULL ) { - name = "(NULL)"; - } - - trust = cert->trust; - if (trust) { - printflags(trusts, trust->sslFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->emailFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->objectSigningFlags); - } else { - PORT_Memcpy(trusts,",,",3); - } - fprintf(out, "%-60s %-5s\n", name, trusts); - - return (SECSuccess); -} - -int /* sometimes a PRErrorCode, other times a SECStatus. Sigh. */ -SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERTCertificateRequest *cr; - int rv = SEC_ERROR_NO_MEMORY; - - if (!arena) - return rv; - - /* Decode certificate request */ - cr = PORT_ArenaZNew(arena, CERTCertificateRequest); - if (!cr) - goto loser; - cr->arena = arena; - rv = SEC_QuickDERDecodeItem(arena, cr, - SEC_ASN1_GET(CERT_CertificateRequestTemplate), der); - if (rv) - goto loser; - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &cr->version, "Version", level+1); - SECU_PrintName(out, &cr->subject, "Subject", level+1); - rv = secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo, - "Subject Public Key Info", level+1); - if (rv) - goto loser; - if (cr->attributes) - secu_PrintAny(out, cr->attributes[0], "Attributes", level+1); - -loser: - PORT_FreeArena(arena, PR_FALSE); - return rv; -} - -int -SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERTCertificate *c; - int rv = SEC_ERROR_NO_MEMORY; - int iv; - - if (!arena) - return rv; - - /* Decode certificate */ - c = PORT_ArenaZNew(arena, CERTCertificate); - if (!c) - goto loser; - c->arena = arena; - rv = SEC_ASN1DecodeItem(arena, c, - SEC_ASN1_GET(CERT_CertificateTemplate), der); - if (rv) - goto loser; - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - iv = c->version.len ? DER_GetInteger(&c->version) : 0; /* version is optional */ - SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv); - - SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1); - SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1); - SECU_PrintName(out, &c->issuer, "Issuer", level+1); - secu_PrintValidity(out, &c->validity, "Validity", level+1); - SECU_PrintName(out, &c->subject, "Subject", level+1); - rv = secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo, - "Subject Public Key Info", level+1); - if (rv) - goto loser; - SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1); - SECU_PrintFingerprints(out, &c->derCert, "Fingerprint", level); -loser: - PORT_FreeArena(arena, PR_FALSE); - return rv; -} - -int -SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SECKEYPublicKey key; - int rv = SEC_ERROR_NO_MEMORY; - - if (!arena) - return rv; - - PORT_Memset(&key, 0, sizeof(key)); - rv = SEC_ASN1DecodeItem(arena, &key, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der); - if (!rv) { - /* Pretty print it out */ - secu_PrintRSAPublicKey(out, &key, m, level); - } - - PORT_FreeArena(arena, PR_FALSE); - return rv; -} - -#ifdef HAVE_EPV_TEMPLATE -int -SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SECKEYEncryptedPrivateKeyInfo key; - int rv = SEC_ERROR_NO_MEMORY; - - if (!arena) - return rv; - - PORT_Memset(&key, 0, sizeof(key)); - rv = SEC_ASN1DecodeItem(arena, &key, - SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der); - if (rv) - goto loser; - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm", - level+1); - SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1); -loser: - PORT_FreeArena(arena, PR_TRUE); - return rv; -} -#endif - -int -SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level) -{ - unsigned char fingerprint[20]; - char *fpStr = NULL; - SECItem fpItem; - /* print MD5 fingerprint */ - memset(fingerprint, 0, sizeof fingerprint); - PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len); - fpItem.data = fingerprint; - fpItem.len = MD5_LENGTH; - fpStr = CERT_Hexify(&fpItem, 1); - SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m); - SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr); - PORT_Free(fpStr); - fpStr = NULL; - /* print SHA1 fingerprint */ - memset(fingerprint, 0, sizeof fingerprint); - PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len); - fpItem.data = fingerprint; - fpItem.len = SHA1_LENGTH; - fpStr = CERT_Hexify(&fpItem, 1); - SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m); - SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr); - PORT_Free(fpStr); - fprintf(out, "\n"); - return 0; -} - -/* -** PKCS7 Support -*/ - -/* forward declaration */ -static int -secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int); - -/* -** secu_PrintPKCS7EncContent -** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it) -*/ -static void -secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src, - char *m, int level) -{ - if (src->contentTypeTag == NULL) - src->contentTypeTag = SECOID_FindOID(&(src->contentType)); - - SECU_Indent(out, level); - fprintf(out, "%s:\n", m); - SECU_Indent(out, level + 1); - fprintf(out, "Content Type: %s\n", - (src->contentTypeTag != NULL) ? src->contentTypeTag->desc - : "Unknown"); - SECU_PrintAlgorithmID(out, &(src->contentEncAlg), - "Content Encryption Algorithm", level+1); - SECU_PrintAsHex(out, &(src->encContent), - "Encrypted Content", level+1); -} - -/* -** secu_PrintRecipientInfo -** Prints a PKCS7RecipientInfo type -*/ -static void -secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m, - int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(info->version), "Version", level + 1); - - SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", - level + 1); - SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), - "Serial Number", level + 1); - - /* Parse and display encrypted key */ - SECU_PrintAlgorithmID(out, &(info->keyEncAlg), - "Key Encryption Algorithm", level + 1); - SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1); -} - -/* -** secu_PrintSignerInfo -** Prints a PKCS7SingerInfo type -*/ -static void -secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level) -{ - SEC_PKCS7Attribute *attr; - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(info->version), "Version", level + 1); - - SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", - level + 1); - SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), - "Serial Number", level + 1); - - SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm", - level + 1); - - if (info->authAttr != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Authenticated Attributes:\n"); - iv = 0; - while ((attr = info->authAttr[iv++]) != NULL) { - sprintf(om, "Attribute (%d)", iv); - secu_PrintAttribute(out, attr, om, level + 2); - } - } - - /* Parse and display signature */ - SECU_PrintAlgorithmID(out, &(info->digestEncAlg), - "Digest Encryption Algorithm", level + 1); - SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1); - - if (info->unAuthAttr != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Unauthenticated Attributes:\n"); - iv = 0; - while ((attr = info->unAuthAttr[iv++]) != NULL) { - sprintf(om, "Attribute (%x)", iv); - secu_PrintAttribute(out, attr, om, level + 2); - } - } -} - -/* callers of this function must make sure that the CERTSignedCrl - from which they are extracting the CERTCrl has been fully-decoded. - Otherwise it will not have the entries even though the CRL may have - some */ - -void -SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level) -{ - CERTCrlEntry *entry; - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm", - level + 1); - SECU_PrintName(out, &(crl->name), "Name", level + 1); - SECU_PrintUTCTime(out, &(crl->lastUpdate), "Last Update", level + 1); - SECU_PrintUTCTime(out, &(crl->nextUpdate), "Next Update", level + 1); - - if (crl->entries != NULL) { - iv = 0; - while ((entry = crl->entries[iv++]) != NULL) { - sprintf(om, "Entry (%x):\n", iv); - SECU_Indent(out, level + 1); fprintf(out, om); - SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number", - level + 2); - SECU_PrintUTCTime(out, &(entry->revocationDate), "Revocation Date", - level + 2); - SECU_PrintExtensions - (out, entry->extensions, "Signed CRL Entries Extensions", level + 1); - } - } - SECU_PrintExtensions - (out, crl->extensions, "Signed CRL Extension", level + 1); -} - -/* -** secu_PrintPKCS7Signed -** Pretty print a PKCS7 signed data type (up to version 1). -*/ -static int -secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src, - const char *m, int level) -{ - SECAlgorithmID *digAlg; /* digest algorithms */ - SECItem *aCert; /* certificate */ - CERTSignedCrl *aCrl; /* certificate revocation list */ - SEC_PKCS7SignerInfo *sigInfo; /* signer information */ - int rv, iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list digest algorithms (if any) */ - if (src->digestAlgorithms != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n"); - iv = 0; - while ((digAlg = src->digestAlgorithms[iv++]) != NULL) { - sprintf(om, "Digest Algorithm (%x)", iv); - SECU_PrintAlgorithmID(out, digAlg, om, level + 2); - } - } - - /* Now for the content */ - rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo), - "Content Information", level + 1); - if (rv != 0) - return rv; - - /* Parse and list certificates (if any) */ - if (src->rawCerts != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n"); - iv = 0; - while ((aCert = src->rawCerts[iv++]) != NULL) { - sprintf(om, "Certificate (%x)", iv); - rv = SECU_PrintSignedData(out, aCert, om, level + 2, - SECU_PrintCertificate); - if (rv) - return rv; - } - } - - /* Parse and list CRL's (if any) */ - if (src->crls != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signed Revocation Lists:\n"); - iv = 0; - while ((aCrl = src->crls[iv++]) != NULL) { - sprintf(om, "Signed Revocation List (%x)", iv); - SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om); - SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, - "Signature Algorithm", level+3); - DER_ConvertBitString(&aCrl->signatureWrap.signature); - SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature", - level+3); - SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", - level + 3); - } - } - - /* Parse and list signatures (if any) */ - if (src->signerInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signer Information List:\n"); - iv = 0; - while ((sigInfo = src->signerInfos[iv++]) != NULL) { - sprintf(om, "Signer Information (%x)", iv); - secu_PrintSignerInfo(out, sigInfo, om, level + 2); - } - } - - return 0; -} - -/* -** secu_PrintPKCS7Enveloped -** Pretty print a PKCS7 enveloped data type (up to version 1). -*/ -static void -secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src, - const char *m, int level) -{ - SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */ - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list recipients (this is not optional) */ - if (src->recipientInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Recipient Information List:\n"); - iv = 0; - while ((recInfo = src->recipientInfos[iv++]) != NULL) { - sprintf(om, "Recipient Information (%x)", iv); - secu_PrintRecipientInfo(out, recInfo, om, level + 2); - } - } - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); -} - -/* -** secu_PrintPKCS7SignedEnveloped -** Pretty print a PKCS7 singed and enveloped data type (up to version 1). -*/ -static int -secu_PrintPKCS7SignedAndEnveloped(FILE *out, - SEC_PKCS7SignedAndEnvelopedData *src, - const char *m, int level) -{ - SECAlgorithmID *digAlg; /* pointer for digest algorithms */ - SECItem *aCert; /* pointer for certificate */ - CERTSignedCrl *aCrl; /* pointer for certificate revocation list */ - SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */ - SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */ - int rv, iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list recipients (this is not optional) */ - if (src->recipientInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Recipient Information List:\n"); - iv = 0; - while ((recInfo = src->recipientInfos[iv++]) != NULL) { - sprintf(om, "Recipient Information (%x)", iv); - secu_PrintRecipientInfo(out, recInfo, om, level + 2); - } - } - - /* Parse and list digest algorithms (if any) */ - if (src->digestAlgorithms != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n"); - iv = 0; - while ((digAlg = src->digestAlgorithms[iv++]) != NULL) { - sprintf(om, "Digest Algorithm (%x)", iv); - SECU_PrintAlgorithmID(out, digAlg, om, level + 2); - } - } - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); - - /* Parse and list certificates (if any) */ - if (src->rawCerts != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n"); - iv = 0; - while ((aCert = src->rawCerts[iv++]) != NULL) { - sprintf(om, "Certificate (%x)", iv); - rv = SECU_PrintSignedData(out, aCert, om, level + 2, - SECU_PrintCertificate); - if (rv) - return rv; - } - } - - /* Parse and list CRL's (if any) */ - if (src->crls != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signed Revocation Lists:\n"); - iv = 0; - while ((aCrl = src->crls[iv++]) != NULL) { - sprintf(om, "Signed Revocation List (%x)", iv); - SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om); - SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, - "Signature Algorithm", level+3); - DER_ConvertBitString(&aCrl->signatureWrap.signature); - SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature", - level+3); - SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", - level + 3); - } - } - - /* Parse and list signatures (if any) */ - if (src->signerInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signer Information List:\n"); - iv = 0; - while ((sigInfo = src->signerInfos[iv++]) != NULL) { - sprintf(om, "Signer Information (%x)", iv); - secu_PrintSignerInfo(out, sigInfo, om, level + 2); - } - } - - return 0; -} - -int -SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERTCrl *c = NULL; - int rv = SEC_ERROR_NO_MEMORY; - - if (!arena) - return rv; - do { - /* Decode CRL */ - c = PORT_ArenaZNew(arena, CERTCrl); - if (!c) - break; - - rv = SEC_ASN1DecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der); - if (rv != SECSuccess) - break; - SECU_PrintCRLInfo (out, c, m, level); - } while (0); - PORT_FreeArena (arena, PR_FALSE); - return rv; -} - - -/* -** secu_PrintPKCS7Encrypted -** Pretty print a PKCS7 encrypted data type (up to version 1). -*/ -static void -secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src, - const char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); -} - -/* -** secu_PrintPKCS7Digested -** Pretty print a PKCS7 digested data type (up to version 1). -*/ -static void -secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src, - const char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm", - level + 1); - secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information", - level + 1); - SECU_PrintAsHex(out, &src->digest, "Digest", level + 1); -} - -/* -** secu_PrintPKCS7ContentInfo -** Takes a SEC_PKCS7ContentInfo type and sends the contents to the -** appropriate function -*/ -static int -secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src, - char *m, int level) -{ - const char *desc; - SECOidTag kind; - int rv; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - level++; - - if (src->contentTypeTag == NULL) - src->contentTypeTag = SECOID_FindOID(&(src->contentType)); - - if (src->contentTypeTag == NULL) { - desc = "Unknown"; - kind = SEC_OID_PKCS7_DATA; - } else { - desc = src->contentTypeTag->desc; - kind = src->contentTypeTag->offset; - } - - if (src->content.data == NULL) { - SECU_Indent(out, level); fprintf(out, "%s:\n", desc); - level++; - SECU_Indent(out, level); fprintf(out, "\n"); - return 0; - } - - rv = 0; - switch (kind) { - case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */ - rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level); - break; - - case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */ - secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level); - break; - - case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */ - rv = secu_PrintPKCS7SignedAndEnveloped(out, - src->content.signedAndEnvelopedData, - desc, level); - break; - - case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */ - secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level); - break; - - case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */ - secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level); - break; - - default: - SECU_PrintAsHex(out, src->content.data, desc, level); - break; - } - - return rv; -} - -/* -** SECU_PrintPKCS7ContentInfo -** Decode and print any major PKCS7 data type (up to version 1). -*/ -int -SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level) -{ - SEC_PKCS7ContentInfo *cinfo; - int rv; - - cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL); - if (cinfo != NULL) { - /* Send it to recursive parsing and printing module */ - rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level); - SEC_PKCS7DestroyContentInfo(cinfo); - } else { - rv = -1; - } - - return rv; -} - -/* -** End of PKCS7 functions -*/ - -void -printFlags(FILE *out, unsigned int flags, int level) -{ - if ( flags & CERTDB_VALID_PEER ) { - SECU_Indent(out, level); fprintf(out, "Valid Peer\n"); - } - if ( flags & CERTDB_TRUSTED ) { - SECU_Indent(out, level); fprintf(out, "Trusted\n"); - } - if ( flags & CERTDB_SEND_WARN ) { - SECU_Indent(out, level); fprintf(out, "Warn When Sending\n"); - } - if ( flags & CERTDB_VALID_CA ) { - SECU_Indent(out, level); fprintf(out, "Valid CA\n"); - } - if ( flags & CERTDB_TRUSTED_CA ) { - SECU_Indent(out, level); fprintf(out, "Trusted CA\n"); - } - if ( flags & CERTDB_NS_TRUSTED_CA ) { - SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n"); - } - if ( flags & CERTDB_USER ) { - SECU_Indent(out, level); fprintf(out, "User\n"); - } - if ( flags & CERTDB_TRUSTED_CLIENT_CA ) { - SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n"); - } -#ifdef DEBUG - if ( flags & CERTDB_GOVT_APPROVED_CA ) { - SECU_Indent(out, level); fprintf(out, "Step-up\n"); - } -#endif /* DEBUG */ -} - -void -SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n"); - printFlags(out, trust->sslFlags, level+2); - SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n"); - printFlags(out, trust->emailFlags, level+2); - SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n"); - printFlags(out, trust->objectSigningFlags, level+2); -} - -int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, - int level, SECU_PPFunc inner) -{ - PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - CERTSignedData *sd; - int rv = SEC_ERROR_NO_MEMORY; - - if (!arena) - return rv; - - /* Strip off the signature */ - sd = PORT_ArenaZNew(arena, CERTSignedData); - if (!sd) - goto loser; - - rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate), - der); - if (rv) - goto loser; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - rv = (*inner)(out, &sd->data, "Data", level+1); - if (rv) - goto loser; - - SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm", - level+1); - DER_ConvertBitString(&sd->signature); - SECU_PrintAsHex(out, &sd->signature, "Signature", level+1); -loser: - PORT_FreeArena(arena, PR_FALSE); - return rv; - -} - - -#ifdef AIX -int _OS_SELECT (int nfds, void *readfds, void *writefds, - void *exceptfds, struct timeval *timeout) { - return select (nfds,readfds,writefds,exceptfds,timeout); -} -#endif - -SECItem * -SECU_GetPBEPassword(void *arg) -{ - char *p = NULL; - SECItem *pwitem = NULL; - - p = SECU_GetPasswordString(arg,"Password: "); - - /* NOTE: This function is obviously unfinished. */ - - if ( pwitem == NULL ) { - fprintf(stderr, "Error hashing password\n"); - return NULL; - } - - return pwitem; -} - -SECStatus -SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd) -{ - PRBool found; - PLOptState *optstate; - PLOptStatus status; - char *optstring; - int i, j; - - optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions); - j = 0; - - for (i=0; inumCommands; i++) { - optstring[j++] = cmd->commands[i].flag; - } - for (i=0; inumOptions; i++) { - optstring[j++] = cmd->options[i].flag; - if (cmd->options[i].needsArg) - optstring[j++] = ':'; - } - optstring[j] = '\0'; - optstate = PL_CreateOptState(argc, argv, optstring); - - /* Parse command line arguments */ - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - - /* Wasn't really an option, just standalone arg. */ - if (optstate->option == '\0') - continue; - - found = PR_FALSE; - - for (i=0; inumCommands; i++) { - if (cmd->commands[i].flag == optstate->option) { - cmd->commands[i].activated = PR_TRUE; - if (optstate->value) { - cmd->commands[i].arg = (char *)optstate->value; - } - found = PR_TRUE; - break; - } - } - - if (found) - continue; - - for (i=0; inumOptions; i++) { - if (cmd->options[i].flag == optstate->option) { - cmd->options[i].activated = PR_TRUE; - if (optstate->value) { - cmd->options[i].arg = (char *)optstate->value; - } - found = PR_TRUE; - break; - } - } - - if (!found) - return SECFailure; - } - if (status == PL_OPT_BAD) - return SECFailure; - return SECSuccess; -} - -char * -SECU_GetOptionArg(secuCommand *cmd, int optionNum) -{ - if (optionNum < 0 || optionNum >= cmd->numOptions) - return NULL; - if (cmd->options[optionNum].activated) - return PL_strdup(cmd->options[optionNum].arg); - else - return NULL; -} - -static char SECUErrorBuf[64]; - -char * -SECU_ErrorStringRaw(int16 err) -{ - if (err == 0) - sprintf(SECUErrorBuf, ""); - else if (err == SEC_ERROR_BAD_DATA) - sprintf(SECUErrorBuf, "Bad data"); - else if (err == SEC_ERROR_BAD_DATABASE) - sprintf(SECUErrorBuf, "Problem with database"); - else if (err == SEC_ERROR_BAD_DER) - sprintf(SECUErrorBuf, "Problem with DER"); - else if (err == SEC_ERROR_BAD_KEY) - sprintf(SECUErrorBuf, "Problem with key"); - else if (err == SEC_ERROR_BAD_PASSWORD) - sprintf(SECUErrorBuf, "Incorrect password"); - else if (err == SEC_ERROR_BAD_SIGNATURE) - sprintf(SECUErrorBuf, "Bad signature"); - else if (err == SEC_ERROR_EXPIRED_CERTIFICATE) - sprintf(SECUErrorBuf, "Expired certificate"); - else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID) - sprintf(SECUErrorBuf, "Invalid extension value"); - else if (err == SEC_ERROR_INPUT_LEN) - sprintf(SECUErrorBuf, "Problem with input length"); - else if (err == SEC_ERROR_INVALID_ALGORITHM) - sprintf(SECUErrorBuf, "Invalid algorithm"); - else if (err == SEC_ERROR_INVALID_ARGS) - sprintf(SECUErrorBuf, "Invalid arguments"); - else if (err == SEC_ERROR_INVALID_AVA) - sprintf(SECUErrorBuf, "Invalid AVA"); - else if (err == SEC_ERROR_INVALID_TIME) - sprintf(SECUErrorBuf, "Invalid time"); - else if (err == SEC_ERROR_IO) - sprintf(SECUErrorBuf, "Security I/O error"); - else if (err == SEC_ERROR_LIBRARY_FAILURE) - sprintf(SECUErrorBuf, "Library failure"); - else if (err == SEC_ERROR_NO_MEMORY) - sprintf(SECUErrorBuf, "Out of memory"); - else if (err == SEC_ERROR_OLD_CRL) - sprintf(SECUErrorBuf, "CRL is older than the current one"); - else if (err == SEC_ERROR_OUTPUT_LEN) - sprintf(SECUErrorBuf, "Problem with output length"); - else if (err == SEC_ERROR_UNKNOWN_ISSUER) - sprintf(SECUErrorBuf, "Unknown issuer"); - else if (err == SEC_ERROR_UNTRUSTED_CERT) - sprintf(SECUErrorBuf, "Untrusted certificate"); - else if (err == SEC_ERROR_UNTRUSTED_ISSUER) - sprintf(SECUErrorBuf, "Untrusted issuer"); - else if (err == SSL_ERROR_BAD_CERTIFICATE) - sprintf(SECUErrorBuf, "Bad certificate"); - else if (err == SSL_ERROR_BAD_CLIENT) - sprintf(SECUErrorBuf, "Bad client"); - else if (err == SSL_ERROR_BAD_SERVER) - sprintf(SECUErrorBuf, "Bad server"); - else if (err == SSL_ERROR_EXPORT_ONLY_SERVER) - sprintf(SECUErrorBuf, "Export only server"); - else if (err == SSL_ERROR_NO_CERTIFICATE) - sprintf(SECUErrorBuf, "No certificate"); - else if (err == SSL_ERROR_NO_CYPHER_OVERLAP) - sprintf(SECUErrorBuf, "No cypher overlap"); - else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE) - sprintf(SECUErrorBuf, "Unsupported certificate type"); - else if (err == SSL_ERROR_UNSUPPORTED_VERSION) - sprintf(SECUErrorBuf, "Unsupported version"); - else if (err == SSL_ERROR_US_ONLY_SERVER) - sprintf(SECUErrorBuf, "U.S. only server"); - else if (err == PR_IO_ERROR) - sprintf(SECUErrorBuf, "I/O error"); - - else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) - sprintf (SECUErrorBuf, "Expired Issuer Certificate"); - else if (err == SEC_ERROR_REVOKED_CERTIFICATE) - sprintf (SECUErrorBuf, "Revoked certificate"); - else if (err == SEC_ERROR_NO_KEY) - sprintf (SECUErrorBuf, "No private key in database for this cert"); - else if (err == SEC_ERROR_CERT_NOT_VALID) - sprintf (SECUErrorBuf, "Certificate is not valid"); - else if (err == SEC_ERROR_EXTENSION_NOT_FOUND) - sprintf (SECUErrorBuf, "Certificate extension was not found"); - else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID) - sprintf (SECUErrorBuf, "Certificate extension value invalid"); - else if (err == SEC_ERROR_CA_CERT_INVALID) - sprintf (SECUErrorBuf, "Issuer certificate is invalid"); - else if (err == SEC_ERROR_CERT_USAGES_INVALID) - sprintf (SECUErrorBuf, "Certificate usages is invalid"); - else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) - sprintf (SECUErrorBuf, "Certificate has unknown critical extension"); - else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE) - sprintf (SECUErrorBuf, "Bad PKCS7 signature"); - else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE) - sprintf (SECUErrorBuf, "Certificate not approved for this operation"); - else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE) - sprintf (SECUErrorBuf, "Certificate not approved for this operation"); - - return SECUErrorBuf; -} - -char * -SECU_ErrorString(int16 err) -{ - char *error_string; - - *SECUErrorBuf = 0; - SECU_ErrorStringRaw (err); - - if (*SECUErrorBuf == 0) { - error_string = SECU_GetString(err); - if (error_string == NULL || *error_string == '\0') - sprintf(SECUErrorBuf, "No error string found for %d.", err); - else - return error_string; - } - - return SECUErrorBuf; -} - - -void -SECU_PrintPRandOSError(char *progName) -{ - char buffer[513]; - PRInt32 errLen = PR_GetErrorTextLength(); - if (errLen > 0 && errLen < sizeof buffer) { - PR_GetErrorText(buffer); - } - SECU_PrintError(progName, "NSS_Initialize failed"); - if (errLen > 0 && errLen < sizeof buffer) { - PR_fprintf(PR_STDERR, "\t%s\n", buffer); - } -} diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h deleted file mode 100644 index 69d9865d39..0000000000 --- a/security/nss/cmd/lib/secutil.h +++ /dev/null @@ -1,327 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifndef _SEC_UTIL_H_ -#define _SEC_UTIL_H_ - -#include "seccomon.h" -#include "secitem.h" -#include "prerror.h" -#include "base64.h" -#include "key.h" -#include "secpkcs7.h" -#include "secasn1.h" -#include "secder.h" -#include - -#define SEC_CT_PRIVATE_KEY "private-key" -#define SEC_CT_PUBLIC_KEY "public-key" -#define SEC_CT_CERTIFICATE "certificate" -#define SEC_CT_CERTIFICATE_REQUEST "certificate-request" -#define SEC_CT_PKCS7 "pkcs7" -#define SEC_CT_CRL "crl" - -#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----" -#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----" - -#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----" -#define NS_CERT_TRAILER "-----END CERTIFICATE-----" - -/* From libsec/pcertdb.c --- it's not declared in sec.h */ -extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle, - SECItem *derCert, char *nickname, CERTCertTrust *trust); - - -#ifdef SECUTIL_NEW -typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item, - char *msg, int level); -#else -typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level); -#endif - -typedef struct { - enum { - PW_NONE = 0, - PW_FROMFILE = 1, - PW_PLAINTEXT = 2 - } source; - char *data; -} secuPWData; - -/* -** Change a password on a token, or initialize a token with a password -** if it does not already have one. -** Use passwd to send the password in plaintext, pwFile to specify a -** file containing the password, or NULL for both to prompt the user. -*/ -SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile); - -/* These were stolen from the old sec.h... */ -/* -** Check a password for legitimacy. Passwords must be at least 8 -** characters long and contain one non-alphabetic. Return DSTrue if the -** password is ok, DSFalse otherwise. -*/ -extern PRBool SEC_CheckPassword(char *password); - -/* -** Blind check of a password. Complement to SEC_CheckPassword which -** ignores length and content type, just retuning DSTrue is the password -** exists, DSFalse if NULL -*/ -extern PRBool SEC_BlindCheckPassword(char *password); - -/* -** Get a password. -** First prompt with "msg" on "out", then read the password from "in". -** The password is then checked using "chkpw". -*/ -extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg, - PRBool (*chkpw)(char *)); - -char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg); - -char *SECU_GetPasswordString(void *arg, char *prompt); - -/* -** Write a dongle password. -** Uses MD5 to hash constant system data (hostname, etc.), and then -** creates RC4 key to encrypt a password "pw" into a file "fd". -*/ -extern SECStatus SEC_WriteDongleFile(int fd, char *pw); - -/* -** Get a dongle password. -** Uses MD5 to hash constant system data (hostname, etc.), and then -** creates RC4 key to decrypt and return a password from file "fd". -*/ -extern char *SEC_ReadDongleFile(int fd); - - -/* End stolen headers */ - -/* Just sticks the two strings together with a / if needed */ -char *SECU_AppendFilenameToDir(char *dir, char *filename); - -/* Returns result of getenv("SSL_DIR") or NULL */ -extern char *SECU_DefaultSSLDir(void); - -/* -** Should be called once during initialization to set the default -** directory for looking for cert.db, key.db, and cert-nameidx.db files -** Removes trailing '/' in 'base' -** If 'base' is NULL, defaults to set to .netscape in home directory. -*/ -extern char *SECU_ConfigDirectory(const char* base); - -/* -** Basic callback function for SSL_GetClientAuthDataHook -*/ -extern int -SECU_GetClientAuthData(void *arg, PRFileDesc *fd, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey); - -/* print out an error message */ -extern void SECU_PrintError(char *progName, char *msg, ...); - -/* print out a system error message */ -extern void SECU_PrintSystemError(char *progName, char *msg, ...); - -/* Return informative error string */ -extern const char * SECU_Strerror(PRErrorCode errNum); - -/* Read the contents of a file into a SECItem */ -extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src); -extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src); - -/* Read in a DER from a file, may be ascii */ -extern SECStatus -SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii); - -/* Indent based on "level" */ -extern void SECU_Indent(FILE *out, int level); - -/* Print integer value and hex */ -extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level); - -/* Print ObjectIdentifier symbolically */ -extern void SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level); - -/* Print AlgorithmIdentifier symbolically */ -extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, - int level); - -/* Print SECItem as hex */ -extern void SECU_PrintAsHex(FILE *out, SECItem *i, const char *m, int level); - -/* dump a buffer in hex and ASCII */ -extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len); - -/* - * Format and print the UTC Time "t". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level); - -/* - * Format and print the Generalized Time "t". If the tag message "m" - * is not NULL, * do indent formatting based on "level" and add a newline - * afterward; otherwise just print the formatted time string only. - */ -extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, - int level); - -/* callback for listing certs through pkcs11 */ -extern SECStatus SECU_PrintCertNickname(CERTCertificate *cert, void *data); - -/* Dump all certificate nicknames in a database */ -extern SECStatus -SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out, - PRBool sortByName, PRBool sortByTrust); - -/* See if nickname already in database. Return 1 true, 0 false, -1 error */ -int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname); - -/* Dump contents of cert req */ -extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, - int level); - -/* Dump contents of certificate */ -extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level); - -/* print trust flags on a cert */ -extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level); - -/* Dump contents of public key */ -extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level); - -#ifdef HAVE_EPV_TEMPLATE -/* Dump contents of private key */ -extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level); -#endif - -/* Print the MD5 and SHA1 fingerprints of a cert */ -extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, - int level); - -/* Pretty-print any PKCS7 thing */ -extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, - int level); - -/* Init PKCS11 stuff */ -extern SECStatus SECU_PKCS11Init(PRBool readOnly); - -/* Dump contents of signed data */ -extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level, - SECU_PPFunc inner); - -extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level); - -extern void -SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level); - -extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions, - char *msg, int level); - -extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level); - -#ifdef SECU_GetPassword -/* Convert a High public Key to a Low public Key */ -extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey); -#endif - -extern SECItem *SECU_GetPBEPassword(void *arg); - -extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg); - -extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw); -extern void SEC_Init(void); - -extern char *SECU_SECModDBName(void); - -extern void SECU_PrintPRandOSError(char *progName); - -/* - * - * Utilities for parsing security tools command lines - * - */ - -/* A single command flag */ -typedef struct { - char flag; - PRBool needsArg; - char *arg; - PRBool activated; -} secuCommandFlag; - -/* A full array of command/option flags */ -typedef struct -{ - int numCommands; - int numOptions; - - secuCommandFlag *commands; - secuCommandFlag *options; -} secuCommand; - -/* fill the "arg" and "activated" fields for each flag */ -SECStatus -SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd); -char * -SECU_GetOptionArg(secuCommand *cmd, int optionNum); - -/* - * - * Error messaging - * - */ - -/* Return informative error string */ -char *SECU_ErrorString(int16 err); - -/* Return informative error string. Does not call XP_GetString */ -char *SECU_ErrorStringRaw(int16 err); - -void printflags(char *trusts, unsigned int flags); - -#ifndef XP_UNIX -extern int ffs(unsigned int i); -#endif - -#include "secerr.h" -#include "sslerr.h" - -#endif /* _SEC_UTIL_H_ */ diff --git a/security/nss/cmd/makefile.inc b/security/nss/cmd/makefile.inc deleted file mode 100644 index 029576e7c9..0000000000 --- a/security/nss/cmd/makefile.inc +++ /dev/null @@ -1,84 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -INCLUDES += \ - -I$(DEPTH)/security/lib/cert \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - -I../include \ - $(NULL) - - -# For the time being, sec stuff is export only -# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION - -US_FLAGS = -DEXPORT_VERSION -EXPORT_FLAGS = -DEXPORT_VERSION - -BASE_LIBS = \ - $(DIST)/lib/libdbm.a \ - $(DIST)/lib/libxp.a \ - $(DIST)/lib/libnspr21.a \ - $(NULL) - - -#There is a circular dependancy in security/lib, and here is a gross fix -SEC_LIBS = \ - $(DIST)/lib/libsecnav.a \ - $(DIST)/lib/libssl.a \ - $(DIST)/lib/libpkcs7.a \ - $(DIST)/lib/libcert.a \ - $(DIST)/lib/libkey.a \ - $(DIST)/lib/libsecmod.a \ - $(DIST)/lib/libcrypto.a \ - $(DIST)/lib/libsecutil.a \ - $(DIST)/lib/libssl.a \ - $(DIST)/lib/libpkcs7.a \ - $(DIST)/lib/libcert.a \ - $(DIST)/lib/libkey.a \ - $(DIST)/lib/libsecmod.a \ - $(DIST)/lib/libcrypto.a \ - $(DIST)/lib/libsecutil.a \ - $(DIST)/lib/libhash.a \ - $(NULL) - -MYLIBDIR= ../lib/$(OBJDIR) -MYLIB = $(MYLIBDIR)/libsectool.a - -US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) -EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) - -# this hack is necessary because rules.mk doesn't put anything like $(LIBS) -# on the link command line (!?!?!?!) -LDFLAGS += $(EX_LIBS) - diff --git a/security/nss/cmd/makefile.win b/security/nss/cmd/makefile.win deleted file mode 100644 index 5e506590b1..0000000000 --- a/security/nss/cmd/makefile.win +++ /dev/null @@ -1,48 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -include <$(DEPTH)\config\config.mak> - -include <$(DEPTH)\config\rules.mak> - -objs: $(OBJS) - -programs: $(PROGRAM) - -syms: - @echo "OBJS is $(OBJS)" - @echo "INCS is $(INCS)" - diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile deleted file mode 100644 index 36bf774fb0..0000000000 --- a/security/nss/cmd/makepqg/Makefile +++ /dev/null @@ -1,77 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - - diff --git a/security/nss/cmd/makepqg/makefile.win b/security/nss/cmd/makepqg/makefile.win deleted file mode 100644 index 462448d73c..0000000000 --- a/security/nss/cmd/makepqg/makefile.win +++ /dev/null @@ -1,156 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -PROGRAM = makepqg -PROGRAM = $(OBJDIR)\$(PROGRAM).exe - -include <$(DEPTH)\config\config.mak> - - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I$(DEPTH)/security/lib/crypto \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c deleted file mode 100644 index 028ef72594..0000000000 --- a/security/nss/cmd/makepqg/makepqg.c +++ /dev/null @@ -1,290 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "nss.h" -#include "secutil.h" -#include "secitem.h" -#include "pk11func.h" -#include "pk11pqg.h" -#include "pqgutil.h" -#include "secrng.h" - -#if defined(XP_UNIX) -#include -#endif - -#include "plgetopt.h" - -#define BPB 8 /* bits per byte. */ - -char *progName; - - -const SEC_ASN1Template seckey_PQGParamsTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) }, - { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) }, - { 0, } -}; - - - -void -Usage(void) -{ - fprintf(stderr, "Usage: %s\n", progName); - fprintf(stderr, -"-a Output DER-encoded PQG params, BTOA encoded.\n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-b Output DER-encoded PQG params in binary\n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-r Output P, Q and G in ASCII hexadecimal. \n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-g bits Generate SEED this many bits long.\n" -); - exit(-1); - -} - -int -outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw, - FILE * outFile) -{ - PRArenaPool * arena = NULL; - char * PQG; - SECItem encodedParams; - - if (output_raw) { - SECItem item; - - PK11_PQG_GetPrimeFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Prime", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PK11_PQG_GetSubPrimeFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Subprime", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PK11_PQG_GetBaseFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Base", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - fprintf(outFile, "\n"); - return 0; - } - - encodedParams.data = NULL; - encodedParams.len = 0; - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams, - seckey_PQGParamsTemplate); - if (output_binary) { - fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile); - printf("\n"); - return 0; - } - - /* must be output ASCII */ - PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len); - - fprintf(outFile,"%s",PQG); - printf("\n"); - return 0; -} - -int -outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw, - FILE * outFile) -{ - if (output_raw) { - SECItem item; - unsigned int counter; - - PK11_PQG_GetHFromVerify(pqgVerify, &item); - SECU_PrintInteger(outFile, &item, "h", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PK11_PQG_GetSeedFromVerify(pqgVerify, &item); - SECU_PrintInteger(outFile, &item, "SEED", 1); - fprintf(outFile, " g: %d\n", item.len * BPB); - SECITEM_FreeItem(&item, PR_FALSE); - - counter = PK11_PQG_GetCounterFromVerify(pqgVerify); - fprintf(outFile, " counter: %d\n", counter); - fprintf(outFile, "\n"); - return 0; - } - return 0; -} - -int -main(int argc, char **argv) -{ - FILE * outFile = NULL; - PQGParams * pqgParams = NULL; - PQGVerify * pqgVerify = NULL; - int keySizeInBits = 1024; - int j; - int o; - int g = 0; - SECStatus rv = 0; - SECStatus passed = 0; - PRBool output_ascii = PR_FALSE; - PRBool output_binary = PR_FALSE; - PRBool output_raw = PR_FALSE; - PLOptState *optstate; - PLOptStatus status; - - - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "l:abro:g:" ); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - - case 'l': - keySizeInBits = atoi(optstate->value); - break; - - case 'a': - output_ascii = PR_TRUE; - break; - - case 'b': - output_binary = PR_TRUE; - break; - - case 'r': - output_raw = PR_TRUE; - break; - - case 'o': - outFile = fopen(optstate->value, "wb"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - rv = -1; - } - break; - - case 'g': - g = atoi(optstate->value); - break; - - default: - case '?': - Usage(); - break; - - } - } - - if (rv != 0) { - return rv; - } - - /* exactly 1 of these options must be set. */ - if (1 != ((output_ascii != PR_FALSE) + - (output_binary != PR_FALSE) + - (output_raw != PR_FALSE))) { - Usage(); - } - - j = PQG_PBITS_TO_INDEX(keySizeInBits); - if (j < 0) { - fprintf(stderr, "%s: Illegal prime length, \n" - "\tacceptable values are between 512 and 1024,\n" - "\tand divisible by 64\n", progName); - return -1; - } - if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) { - fprintf(stderr, "%s: Illegal g bits, \n" - "\tacceptable values are between 160 and 2040,\n" - "\tand divisible by 8\n", progName); - return -1; - } - - if (outFile == NULL) { - outFile = stdout; - } - - - NSS_NoDB_Init(NULL); - - if (g) - rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8), - &pqgParams, &pqgVerify); - else - rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify); - - if (rv != SECSuccess || pqgParams == NULL) { - fprintf(stderr, "%s: PQG parameter generation failed.\n", progName); - goto loser; - } - fprintf(stderr, "%s: PQG parameter generation completed.\n", progName); - - o = outputPQGParams(pqgParams, output_binary, output_raw, outFile); - o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile); - - rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed); - if (rv != SECSuccess) { - fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName); - goto loser; - } - if (passed != SECSuccess) { - fprintf(stderr, "%s: PQG parameters failed verification.\n", progName); - goto loser; - } - fprintf(stderr, "%s: PQG parameters passed verification.\n", progName); - - PK11_PQG_DestroyParams(pqgParams); - PK11_PQG_DestroyVerify(pqgVerify); - return 0; - -loser: - PK11_PQG_DestroyParams(pqgParams); - PK11_PQG_DestroyVerify(pqgVerify); - return 1; -} diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn deleted file mode 100644 index 3287970948..0000000000 --- a/security/nss/cmd/makepqg/manifest.mn +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = nss seccmd dbm - -# DIRS = - -CSRCS = makepqg.c - -PROGRAM = makepqg - -#USE_STATIC_LIBS = 1 - diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh deleted file mode 100644 index 98cb7fa9da..0000000000 --- a/security/nss/cmd/makepqg/testit.ksh +++ /dev/null @@ -1,41 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -COUNTER=75 -while [ $COUNTER -ge "1" ] -do - COUNTER=$(eval expr $COUNTER - 1) - echo $COUNTER - */makepqg.exe -r -l 640 -g 160 || exit 1 -done - diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn deleted file mode 100644 index 799fa2ef20..0000000000 --- a/security/nss/cmd/manifest.mn +++ /dev/null @@ -1,88 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEPTH = ../.. -# MODULE = seccmd - -REQUIRES = nss nspr libdbm - -DIRS = lib \ - zlib \ - atob \ - bltest \ - btoa \ - certcgi \ - certutil \ - checkcert \ - crlutil \ - dbtest \ - derdump \ - digest \ - makepqg \ - ocspclnt \ - oidcalc \ - p7content \ - p7env \ - p7sign \ - p7verify \ - pk12util \ - pp \ - rngtest \ - rsaperf \ - sdrtest \ - selfserv \ - signtool \ - signver \ - smimetools \ - SSLsample \ - ssltap \ - strsclnt \ - swfort \ - tstclnt \ - modutil \ - $(NULL) - -TEMPORARILY_DONT_BUILD = \ - $(NULL) - -# rsaperf \ -# -# needs to look at what needs to happen to make jar build in -# the binary release environment. -# -# perror requires lib/strerror.c which requires the client code installed -# to build (requires allxpstr.h) -# -DONT_BULD = jar \ - perror \ -$(NULL) diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile deleted file mode 100644 index 3d2bbb4125..0000000000 --- a/security/nss/cmd/modutil/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - -# -# Cancel the built-in implicit yacc and lex rules. -# - -%.c: %.y -%.c: %.l diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README deleted file mode 100644 index 12d192c9ff..0000000000 --- a/security/nss/cmd/modutil/README +++ /dev/null @@ -1,7 +0,0 @@ - CRYPTOGRAPHIC MODULE UTILITY (modutil) - VERSION 1.0 - =============================================== - -The file specification.html documentats the software. - -The file pk11jar.html documents the PKCS #11 JAR format. diff --git a/security/nss/cmd/modutil/config.mk b/security/nss/cmd/modutil/config.mk deleted file mode 100644 index 9f0cdf1e49..0000000000 --- a/security/nss/cmd/modutil/config.mk +++ /dev/null @@ -1,77 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Set the LDFLAGS value to encompass all normal link options, all # -# library names, and all special system linking options # -####################################################################### - -LDFLAGS = \ - $(DYNAMIC_LIB_PATH) \ - $(LDOPTS) \ - $(LIBSECTOOLS) \ - $(LIBSECMOD) \ - $(LIBHASH) \ - $(LIBCERT) \ - $(LIBKEY) \ - $(LIBCRYPTO) \ - $(LIBSECUTIL) \ - $(LIBDBM) \ - $(LIBPLC3) \ - $(LIBPLDS3) \ - $(LIBPR3) \ - $(DLLSYSTEM) \ - $(LIBJAR) \ - $(LIBZLIB) \ - $(LIBPKCS7) \ - $(LIBPLC3) - -# Strip out the symbols -ifdef BUILD_OPT - ifneq (,$(filter-out WIN%,$(OS_TARGET))) - LDFLAGS += -s - endif -endif - -####################################################################### -# Adjust specific variables for all platforms # -####################################################################### - - -ifeq (,$(filter-out WIN%,$(OS_TARGET))) - PACKAGE_FILES = license.txt README.TXT specification.html pk11jar.html modutil.exe -else - PACKAGE_FILES = license.doc README specification.html pk11jar.html modutil -endif - -ARCHIVE_NAME = modutil_$(OS_TARGET)$(OS_RELEASE) diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h deleted file mode 100644 index 560e317dbd..0000000000 --- a/security/nss/cmd/modutil/error.h +++ /dev/null @@ -1,182 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef MODUTIL_ERROR_H -#define MODUTIL_ERROR_H - -typedef enum { - NO_ERR=0, - INVALID_USAGE_ERR, - UNEXPECTED_ARG_ERR, - UNKNOWN_OPTION_ERR, - MULTIPLE_COMMAND_ERR, - OPTION_NEEDS_ARG_ERR, - DUPLICATE_OPTION_ERR, - MISSING_PARAM_ERR, - INVALID_FIPS_ARG, - NO_COMMAND_ERR, - NO_DBDIR_ERR, - FIPS_SWITCH_FAILED_ERR, - FIPS_ALREADY_ON_ERR, - FIPS_ALREADY_OFF_ERR, - FILE_ALREADY_EXISTS_ERR, - FILE_DOESNT_EXIST_ERR, - FILE_NOT_READABLE_ERR, - FILE_NOT_WRITEABLE_ERR, - DIR_DOESNT_EXIST_ERR, - DIR_NOT_READABLE_ERR, - DIR_NOT_WRITEABLE_ERR, - INVALID_CONSTANT_ERR, - ADD_MODULE_FAILED_ERR, - ADD_MODULE_FAILED_STATUS_ERR, - OUT_OF_MEM_ERR, - DELETE_INTERNAL_ERR, - DELETE_FAILED_ERR, - NO_LIST_LOCK_ERR, - NO_MODULE_LIST_ERR, - NO_SUCH_MODULE_ERR, - MOD_INFO_ERR, - SLOT_INFO_ERR, - TOKEN_INFO_ERR, - NO_SUCH_TOKEN_ERR, - CHANGEPW_FAILED_ERR, - BAD_PW_ERR, - DB_ACCESS_ERR, - AUTHENTICATION_FAILED_ERR, - NO_SUCH_SLOT_ERR, - ENABLE_FAILED_ERR, - UPDATE_MOD_FAILED_ERR, - DEFAULT_FAILED_ERR, - UNDEFAULT_FAILED_ERR, - STDIN_READ_ERR, - UNSPECIFIED_ERR, - NOCERTDB_MISUSE_ERR, - NSS_INITIALIZE_FAILED_ERR, - - LAST_ERR /* must be last */ -} Error; -#define SUCCESS NO_ERR - -/* !!! Should move this into its own .c and un-static it. */ -static char *errStrings[] = { - "Operation completed successfully.\n", - "ERROR: Invalid command line.\n", - "ERROR: Not expecting argument \"%s\".\n", - "ERROR: Unknown option: %s.\n", - "ERROR: %s: multiple commands are not allowed on the command line.\n", - "ERROR: %s: option needs an argument.\n", - "ERROR: %s: option cannot be given more than once.\n", - "ERROR: Command \"%s\" requires parameter \"%s\".\n", - "ERROR: Argument to -fips must be \"true\" or \"false\".\n", - "ERROR: No command was specified.\n", - "ERROR: Cannot determine database directory: use the -dbdir option.\n", - "ERROR: Unable to switch FIPS modes.\n", - "FIPS mode already enabled.\n", - "FIPS mode already disabled.\n", - "ERROR: File \"%s\" already exists.\n", - "ERROR: File \"%s\" does not exist.\n", - "ERROR: File \"%s\" is not readable.\n", - "ERROR: File \"%s\" is not writeable.\n", - "ERROR: Directory \"%s\" does not exist.\n", - "ERROR: Directory \"%s\" is not readable.\n", - "ERROR: Directory \"%s\" is not writeable.\n", - "\"%s\" is not a recognized value.\n", - "ERROR: Failed to add module \"%s\".\n", - "ERROR: Failed to add module \"%s\". Probable cause : \"%s\".\n", - "ERROR: Out of memory.\n", - "ERROR: Cannot delete internal module.\n", - "ERROR: Failed to delete module \"%s\".\n", - "ERROR: Unable to obtain lock on module list.\n", - "ERROR: Unable to obtain module list.\n", - "ERROR: Module \"%s\" not found in database.\n", - "ERROR: Unable to get information about module \"%s\".\n", - "ERROR: Unable to get information about slot \"%s\".\n", - "ERROR: Unable to get information about token \"%s\".\n", - "ERROR: Token \"%s\" not found.\n", - "ERROR: Unable to change password on token \"%s\".\n", - "ERROR: Incorrect password.\n", - "ERROR: Unable to access database \"%s\".\n", - "ERROR: Unable to authenticate to token \"%s\".\n", - "ERROR: Slot \"%s\" not found.\n", - "ERROR: Failed to %s slot \"%s\".\n", - "ERROR: Failed to update module \"%s\".\n", - "ERROR: Failed to change defaults.\n", - "ERROR: Failed to change default.\n", - "ERROR: Unable to read from standard input.\n", - "ERROR: Unknown error occurred.\n", - "ERROR: -nocertdb option can only be used with the -jar command.\n" - "ERROR: NSS_Initialize() failed.\n" -}; - -typedef enum { - FIPS_ENABLED_MSG=0, - FIPS_DISABLED_MSG, - USING_DBDIR_MSG, - CREATING_DB_MSG, - ADD_MODULE_SUCCESS_MSG, - DELETE_SUCCESS_MSG, - CHANGEPW_SUCCESS_MSG, - BAD_PW_MSG, - PW_MATCH_MSG, - DONE_MSG, - ENABLE_SUCCESS_MSG, - DEFAULT_SUCCESS_MSG, - UNDEFAULT_SUCCESS_MSG, - BROWSER_RUNNING_MSG, - ABORTING_MSG, - - LAST_MSG /* must be last */ -} Message; - -static char *msgStrings[] = { - "FIPS mode enabled.\n", - "FIPS mode disabled.\n", - "Using database directory %s...\n", - "Creating \"%s\"...", - "Module \"%s\" added to database.\n", - "Module \"%s\" deleted from database.\n", - "Token \"%s\" password changed successfully.\n", - "Incorrect password, try again...\n", - "Passwords do not match, try again...\n", - "done.\n", - "Slot \"%s\" %s.\n", - "Successfully changed defaults.\n", - "Successfully changed defaults.\n", -"\nWARNING: Performing this operation while the browser is running could cause" -"\ncorruption of your security databases. If the browser is currently running," -"\nyou should exit browser before continuing this operation. Type " -"\n'q ' to abort, or to continue: ", - "\nAborting...\n" -}; - -#endif /* MODUTIL_ERROR_H */ diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c deleted file mode 100644 index e6b90ded30..0000000000 --- a/security/nss/cmd/modutil/install-ds.c +++ /dev/null @@ -1,1541 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "install-ds.h" -#include -#include -#include -#include - -#define PORT_Strcasecmp PL_strcasecmp - -#define MODULE_FILE_STRING "ModuleFile" -#define MODULE_NAME_STRING "ModuleName" -#define MECH_FLAGS_STRING "DefaultMechanismFlags" -#define CIPHER_FLAGS_STRING "DefaultCipherFlags" -#define FILES_STRING "Files" -#define FORWARD_COMPATIBLE_STRING "ForwardCompatible" -#define PLATFORMS_STRING "Platforms" -#define RELATIVE_DIR_STRING "RelativePath" -#define ABSOLUTE_DIR_STRING "AbsolutePath" -#define FILE_PERMISSIONS_STRING "FilePermissions" -#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform" -#define EXECUTABLE_STRING "Executable" - -#define DEFAULT_PERMISSIONS 0777 - -#define PLATFORM_SEPARATOR_CHAR ':' - -/* Error codes */ -enum { - BOGUS_RELATIVE_DIR=0, - BOGUS_ABSOLUTE_DIR, - BOGUS_FILE_PERMISSIONS, - NO_RELATIVE_DIR, - NO_ABSOLUTE_DIR, - EMPTY_PLATFORM_STRING, - BOGUS_PLATFORM_STRING, - REPEAT_MODULE_FILE, - REPEAT_MODULE_NAME, - BOGUS_MODULE_FILE, - BOGUS_MODULE_NAME, - REPEAT_MECH, - BOGUS_MECH_FLAGS, - REPEAT_CIPHER, - BOGUS_CIPHER_FLAGS, - REPEAT_FILES, - REPEAT_EQUIV, - BOGUS_EQUIV, - EQUIV_TOO_MUCH_INFO, - NO_FILES, - NO_MODULE_FILE, - NO_MODULE_NAME, - NO_PLATFORMS, - EQUIV_LOOP, - UNKNOWN_MODULE_FILE -}; - -/* Indexed by the above error codes */ -static const char *errString[] = { - "%s: Invalid relative directory", - "%s: Invalid absolute directory", - "%s: Invalid file permissions", - "%s: No relative directory specified", - "%s: No absolute directory specified", - "Empty string given for platform name", - "%s: invalid platform string", - "More than one ModuleFile entry given for platform %s", - "More than one ModuleName entry given for platform %s", - "Invalid ModuleFile specification for platform %s", - "Invalid ModuleName specification for platform %s", - "More than one DefaultMechanismFlags entry given for platform %s", - "Invalid DefaultMechanismFlags specification for platform %s", - "More than one DefaultCipherFlags entry given for platform %s", - "Invalid DefaultCipherFlags entry given for platform %s", - "More than one Files entry given for platform %s", - "More than one EquivalentPlatform entry given for platform %s", - "Invalid EquivalentPlatform specification for platform %s", - "Module %s uses an EquivalentPlatform but also specifies its own" - " information", - "No Files specification in module %s", - "No ModuleFile specification in module %s", - "No ModuleName specification in module %s", - "No Platforms specification in installer script", - "Platform %s has an equivalency loop", - "Module file \"%s\" in platform \"%s\" does not exist" -}; - -static char* PR_Strdup(const char* str); - -#define PAD(x) {int i; for(i=0;ijarPath=NULL; - _this->relativePath=NULL; - _this->absolutePath=NULL; - _this->executable=PR_FALSE; - _this->permissions=0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_File -// Class: Pk11Install_File -// Notes: Destructor. -*/ -void -Pk11Install_File_delete(Pk11Install_File* _this) -{ - Pk11Install_File_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_File -*/ -void -Pk11Install_File_Cleanup(Pk11Install_File* _this) -{ - if(_this->jarPath) { - PR_Free(_this->jarPath); - _this->jarPath = NULL; - } - if(_this->relativePath) { - PR_Free(_this->relativePath); - _this->relativePath = NULL; - } - if(_this->absolutePath) { - PR_Free(_this->absolutePath); - _this->absolutePath = NULL; - } - - _this->permissions = 0; - _this->executable = PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_File -// Notes: Creates a file data structure from a syntax tree. -// Returns: NULL for success, otherwise an error message. -*/ -char* -Pk11Install_File_Generate(Pk11Install_File* _this, - const Pk11Install_Pair *pair) -{ - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Pair *subpair; - Pk11Install_ListIter *subiter; - Pk11Install_Value *subval; - char* errStr; - char *endp; - PRBool gotPerms; - - iter=NULL; - subiter=NULL; - errStr=NULL; - gotPerms=PR_FALSE; - - /* Clear out old values */ - Pk11Install_File_Cleanup(_this); - - _this->jarPath = PR_Strdup(pair->key); - - /* Go through all the pairs under this file heading */ - iter = Pk11Install_ListIter_new(pair->list); - for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type == PAIR_VALUE) { - subpair = val->pair; - - /* Relative directory */ - if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR], - _this->jarPath); - goto loser; - } - _this->relativePath = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - - /* Absolute directory */ - } else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR], - _this->jarPath); - goto loser; - } - _this->absolutePath = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - - /* file permissions */ - } else if( !PORT_Strcasecmp(subpair->key, - FILE_PERMISSIONS_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS], - _this->jarPath); - goto loser; - } - _this->permissions = (int) strtol(subval->string, &endp, 8); - if(*endp != '\0' || subval->string == "\0") { - errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS], - _this->jarPath); - goto loser; - } - gotPerms = PR_TRUE; - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - } - } else { - if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) { - _this->executable = PR_TRUE; - } - } - } - - /* Default permission value */ - if(!gotPerms) { - _this->permissions = DEFAULT_PERMISSIONS; - } - - /* Make sure we got all the information */ - if(!_this->relativePath && !_this->absolutePath) { - errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath); - goto loser; - } -#if 0 - if(!_this->relativePath ) { - errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath); - goto loser; - } - if(!_this->absolutePath) { - errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath); - goto loser; - } -#endif - -loser: - if(iter) { - Pk11Install_ListIter_delete(iter); - PR_Free(iter); - } - if(subiter) { - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_File -*/ -void -Pk11Install_File_Print(Pk11Install_File* _this, int pad) -{ - PAD(pad); printf("jarPath: %s\n", - _this->jarPath ? _this->jarPath : ""); - PAD(pad); printf("relativePath: %s\n", - _this->relativePath ? _this->relativePath: ""); - PAD(pad); printf("absolutePath: %s\n", - _this->absolutePath ? _this->absolutePath: ""); - PAD(pad); printf("permissions: %o\n", _this->permissions); -} - -Pk11Install_PlatformName* -Pk11Install_PlatformName_new() -{ - Pk11Install_PlatformName* new_this; - new_this = (Pk11Install_PlatformName*) - PR_Malloc(sizeof(Pk11Install_PlatformName)); - Pk11Install_PlatformName_init(new_this); - return new_this; -} - -void -Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this) -{ - _this->OS = NULL; - _this->verString = NULL; - _this->numDigits = 0; - _this->arch = NULL; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_PlatformName -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this) -{ - Pk11Install_PlatformName_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this) -{ - if(_this->OS) { - PR_Free(_this->OS); - _this->OS = NULL; - } - if(_this->verString) { - int i; - for (i=0; i<_this->numDigits; i++) { - PR_Free(_this->verString[i]); - } - PR_Free(_this->verString); - _this->verString = NULL; - } - if(_this->arch) { - PR_Free(_this->arch); - _this->arch = NULL; - } - _this->numDigits = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_PlatformName -// Notes: Extracts the information from a platform string. -*/ -char* -Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this, - const char *str) -{ - char *errStr; - char *copy; - char *end, *start; /* start and end of a section (OS, version, arch)*/ - char *pend, *pstart; /* start and end of one portion of version*/ - char *endp; /* used by strtol*/ - int periods, i; - - errStr=NULL; - copy=NULL; - - if(!str) { - errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]); - goto loser; - } - copy = PR_Strdup(str); - - /* - // Get the OS - */ - end = strchr(copy, PLATFORM_SEPARATOR_CHAR); - if(!end || end==copy) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *end = '\0'; - - _this->OS = PR_Strdup(copy); - - /* - // Get the digits of the version of form: x.x.x (arbitrary number of digits) - */ - - start = end+1; - end = strchr(start, PLATFORM_SEPARATOR_CHAR); - if(!end) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *end = '\0'; - - if(end!=start) { - /* Find out how many periods*/ - periods = 0; - pstart = start; - while( (pend=strchr(pstart, '.')) ) { - periods++; - pstart = pend+1; - } - _this->numDigits= 1+ periods; - _this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits); - - pstart = start; - i = 0; - /* Get the digits before each period*/ - while( (pend=strchr(pstart, '.')) ) { - if(pend == pstart) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *pend = '\0'; - _this->verString[i] = PR_Strdup(pstart); - endp = pend; - if(endp==pstart || (*endp != '\0')) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - pstart = pend+1; - i++; - } - /* Last digit comes after the last period*/ - if(*pstart == '\0') { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - _this->verString[i] = PR_Strdup(pstart); - /* - if(endp==pstart || (*endp != '\0')) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - */ - } else { - _this->verString = NULL; - _this->numDigits = 0; - } - - /* - // Get the architecture - */ - start = end+1; - if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - _this->arch = PR_Strdup(start); - - if(copy) { - PR_Free(copy); - } - return NULL; -loser: - if(_this->OS) { - PR_Free(_this->OS); - _this->OS = NULL; - } - if(_this->verString) { - for (i=0; i<_this->numDigits; i++) { - PR_Free(_this->verString[i]); - } - PR_Free(_this->verString); - _this->verString = NULL; - } - _this->numDigits = 0; - if(_this->arch) { - PR_Free(_this->arch); - _this->arch = NULL; - } - - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator == -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS, arch, and version -*/ -PRBool -Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - int i; - - if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) { - return PR_FALSE; - } - - if( PORT_Strcasecmp(_this->OS, cmp->OS) || - PORT_Strcasecmp(_this->arch, cmp->arch) || - _this->numDigits != cmp->numDigits ) { - return PR_FALSE; - } - - for(i=0; i < _this->numDigits; i++) { - if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) { - return PR_FALSE; - } - } - return PR_TRUE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator <= -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS and arch and a lower -// or equal release. -*/ -PRBool -Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - return (Pk11Install_PlatformName_equal(_this,cmp) || - Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator < -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS and arch and a greater -// release. -*/ -PRBool -Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - int i, scmp; - - if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) { - return PR_FALSE; - } - - if( PORT_Strcasecmp(_this->OS, cmp->OS) ) { - return PR_FALSE; - } - if( PORT_Strcasecmp(_this->arch, cmp->arch) ) { - return PR_FALSE; - } - - for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) { - scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]); - if (scmp > 0) { - return PR_FALSE; - } else if (scmp < 0) { - return PR_TRUE; - } - } - /* All the digits they have in common are the same. */ - if(_this->numDigits < cmp->numDigits) { - return PR_TRUE; - } - - return PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetString -// Class: Pk11Install_PlatformName -// Returns: String composed of OS, release, and architecture separated -// by the separator char. Memory is allocated by this function -// but is the responsibility of the caller to de-allocate. -*/ -char* -Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this) -{ - char *ret; - char *ver; - char *OS_; - char *arch_; - - OS_=NULL; - arch_=NULL; - - OS_ = _this->OS ? _this->OS : ""; - arch_ = _this->arch ? _this->arch : ""; - - ver = Pk11Install_PlatformName_GetVerString(_this); - ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver, - PLATFORM_SEPARATOR_CHAR, arch_); - - PR_Free(ver); - - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetVerString -// Class: Pk11Install_PlatformName -// Returns: The version string for this platform, in the form x.x.x with an -// arbitrary number of digits. Memory allocated by function, -// must be de-allocated by caller. -*/ -char* -Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this) -{ - char *tmp; - char *ret; - int i; - char buf[80]; - - tmp = (char*)PR_Malloc(80*_this->numDigits+1); - tmp[0] = '\0'; - - for(i=0; i < _this->numDigits-1; i++) { - sprintf(buf, "%s.", _this->verString[i]); - strcat(tmp, buf); - } - if(i < _this->numDigits) { - sprintf(buf, "%s", _this->verString[i]); - strcat(tmp, buf); - } - - ret = PR_Strdup(tmp); - free(tmp); - - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad) -{ - PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : ""); - PAD(pad); printf("Digits: "); - if(_this->numDigits == 0) { - printf("None\n"); - } else { - printf("%s\n", Pk11Install_PlatformName_GetVerString(_this)); - } - PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : ""); -} - -Pk11Install_Platform* -Pk11Install_Platform_new() -{ - Pk11Install_Platform* new_this; - new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform)); - Pk11Install_Platform_init(new_this); - return new_this; -} - -void -Pk11Install_Platform_init(Pk11Install_Platform* _this) -{ - Pk11Install_PlatformName_init(&_this->name); - Pk11Install_PlatformName_init(&_this->equivName); - _this->equiv = NULL; - _this->usesEquiv = PR_FALSE; - _this->moduleFile = NULL; - _this->moduleName = NULL; - _this->modFile = -1; - _this->mechFlags = 0; - _this->cipherFlags = 0; - _this->files = NULL; - _this->numFiles = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_Platform -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_delete(Pk11Install_Platform* _this) -{ - Pk11Install_Platform_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this) -{ - int i; - if(_this->moduleFile) { - PR_Free(_this->moduleFile); - _this->moduleFile = NULL; - } - if(_this->moduleName) { - PR_Free(_this->moduleName); - _this->moduleName = NULL; - } - if(_this->files) { - for (i=0;i<_this->numFiles;i++) { - Pk11Install_File_delete(&_this->files[i]); - } - PR_Free(_this->files); - _this->files = NULL; - } - _this->equiv = NULL; - _this->usesEquiv = PR_FALSE; - _this->modFile = -1; - _this->numFiles = 0; - _this->mechFlags = _this->cipherFlags = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_Platform -// Notes: Creates a platform data structure from a syntax tree. -// Returns: NULL for success, otherwise an error message. -*/ -char* -Pk11Install_Platform_Generate(Pk11Install_Platform* _this, - const Pk11Install_Pair *pair) -{ - char* errStr; - char* endptr; - char* tmp; - int i; - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Value *subval; - Pk11Install_Pair *subpair; - Pk11Install_ListIter *subiter; - PRBool gotModuleFile, gotModuleName, gotMech, - gotCipher, gotFiles, gotEquiv; - - errStr=NULL; - iter=subiter=NULL; - val=subval=NULL; - subpair=NULL; - gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE; - Pk11Install_Platform_Cleanup(_this); - - errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key); - if(errStr) { - tmp = PR_smprintf("%s: %s", pair->key, errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - - iter = Pk11Install_ListIter_new(pair->list); - for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type==PAIR_VALUE) { - subpair = val->pair; - - if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) { - if(gotModuleFile) { - errStr = PR_smprintf(errString[REPEAT_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->moduleFile = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - gotModuleFile = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){ - if(gotModuleName) { - errStr = PR_smprintf(errString[REPEAT_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->moduleName = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - gotModuleName = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) { - endptr=NULL; - - if(gotMech) { - errStr = PR_smprintf(errString[REPEAT_MECH], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->mechFlags = strtol(subval->string, &endptr, 0); - if(*endptr!='\0' || (endptr==subval->string) ) { - errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter=NULL; - gotMech = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) { - endptr=NULL; - - if(gotCipher) { - errStr = PR_smprintf(errString[REPEAT_CIPHER], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->cipherFlags = strtol(subval->string, &endptr, 0); - if(*endptr!='\0' || (endptr==subval->string) ) { - errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter=NULL; - gotCipher = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) { - if(gotFiles) { - errStr = PR_smprintf(errString[REPEAT_FILES], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - _this->numFiles = subpair->list->numPairs; - _this->files = (Pk11Install_File*) - PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles); - for(i=0; i < _this->numFiles; i++, - Pk11Install_ListIter_nextItem(subiter)) { - Pk11Install_File_init(&_this->files[i]); - val = subiter->current; - if(val && (val->type==PAIR_VALUE)) { - errStr = Pk11Install_File_Generate(&_this->files[i],val->pair); - if(errStr) { - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name),errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - } - } - gotFiles = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, - EQUIVALENT_PLATFORM_STRING)) { - if(gotEquiv) { - errStr = PR_smprintf(errString[REPEAT_EQUIV], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE) ) { - errStr = PR_smprintf(errString[BOGUS_EQUIV], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - errStr = Pk11Install_PlatformName_Generate(&_this->equivName, - subval->string); - if(errStr) { - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name), errStr); - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name), errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - _this->usesEquiv = PR_TRUE; - } - } - } - - /* Make sure we either have an EquivalentPlatform or all the other info */ - if(_this->usesEquiv && - (gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) { - errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotFiles && !_this->usesEquiv) { - errStr = PR_smprintf(errString[NO_FILES], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotModuleFile && !_this->usesEquiv) { - errStr= PR_smprintf(errString[NO_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotModuleName && !_this->usesEquiv) { - errStr = PR_smprintf(errString[NO_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - - /* Point the modFile pointer to the correct file */ - if(gotModuleFile) { - for(i=0; i < _this->numFiles; i++) { - if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) { - _this->modFile = i; - break; - } - } - if(_this->modFile==-1) { - errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE], - _this->moduleFile, - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - } - -loser: - if(iter) { - PR_Free(iter); - } - if(subiter) { - PR_Free(subiter); - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad) -{ - int i; - - PAD(pad); printf("Name:\n"); - Pk11Install_PlatformName_Print(&_this->name,pad+PADINC); - PAD(pad); printf("equivName:\n"); - Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC); - PAD(pad); - if(_this->usesEquiv) { - printf("Uses equiv, which points to:\n"); - Pk11Install_Platform_Print(_this->equiv,pad+PADINC); - } else { - printf("Doesn't use equiv\n"); - } - PAD(pad); - printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile - : ""); - PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags); - PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags); - PAD(pad); printf("Files:\n"); - for(i=0; i < _this->numFiles; i++) { - Pk11Install_File_Print(&_this->files[i],pad+PADINC); - PAD(pad); printf("--------------------\n"); - } -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Pk11Install_Info -// Class: Pk11Install_Info -*/ -Pk11Install_Info* -Pk11Install_Info_new() -{ - Pk11Install_Info* new_this; - new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info)); - Pk11Install_Info_init(new_this); - return new_this; -} - -void -Pk11Install_Info_init(Pk11Install_Info* _this) -{ - _this->platforms = NULL; - _this->numPlatforms = 0; - _this->forwardCompatible = NULL; - _this->numForwardCompatible = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_Info -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_delete(Pk11Install_Info* _this) -{ - Pk11Install_Info_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_Cleanup(Pk11Install_Info* _this) -{ - int i; - if(_this->platforms) { - for (i=0;i<_this->numPlatforms;i++) { - Pk11Install_Platform_delete(&_this->platforms[i]); - } - PR_Free(&_this->platforms); - _this->platforms = NULL; - _this->numPlatforms = 0; - } - - if(_this->forwardCompatible) { - for (i=0;i<_this->numForwardCompatible;i++) { - Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]); - } - PR_Free(&_this->forwardCompatible); - _this->numForwardCompatible = 0; - } -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_Info -// Takes: Pk11Install_ValueList *list, the top-level list -// resulting from parsing an installer file. -// Returns: char*, NULL if successful, otherwise an error string. -// Caller is responsible for freeing memory. -*/ -char* -Pk11Install_Info_Generate(Pk11Install_Info* _this, - const Pk11Install_ValueList *list) -{ - char *errStr; - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Pair *pair; - Pk11Install_ListIter *subiter; - Pk11Install_Value *subval; - Pk11Install_Platform *first, *second; - int i, j; - - errStr=NULL; - iter=subiter=NULL; - Pk11Install_Info_Cleanup(_this); - - iter = Pk11Install_ListIter_new(list); - for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type == PAIR_VALUE) { - pair = val->pair; - - if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) { - subiter = Pk11Install_ListIter_new(pair->list); - _this->numForwardCompatible = pair->list->numStrings; - _this->forwardCompatible = (Pk11Install_PlatformName*) - PR_Malloc(sizeof(Pk11Install_PlatformName)* - _this->numForwardCompatible); - for(i=0; i < _this->numForwardCompatible; i++, - Pk11Install_ListIter_nextItem(subiter)) { - subval = subiter->current; - if(subval->type == STRING_VALUE) { - errStr = Pk11Install_PlatformName_Generate( - &_this->forwardCompatible[i], subval->string); - if(errStr) { - goto loser; - } - } - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) { - subiter = Pk11Install_ListIter_new(pair->list); - _this->numPlatforms = pair->list->numPairs; - _this->platforms = (Pk11Install_Platform*) - PR_Malloc(sizeof(Pk11Install_Platform)* - _this->numPlatforms); - for(i=0; i < _this->numPlatforms; i++, - Pk11Install_ListIter_nextItem(subiter)) { - Pk11Install_Platform_init(&_this->platforms[i]); - subval = subiter->current; - if(subval->type == PAIR_VALUE) { - errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair); - if(errStr) { - goto loser; - } - } - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } - } - } - - if(_this->numPlatforms == 0) { - errStr = PR_smprintf(errString[NO_PLATFORMS]); - goto loser; - } - -/* - // - // Now process equivalent platforms - // - - // First the naive pass -*/ - for(i=0; i < _this->numPlatforms; i++) { - if(_this->platforms[i].usesEquiv) { - _this->platforms[i].equiv = NULL; - for(j=0; j < _this->numPlatforms; j++) { - if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName, - &_this->platforms[j].name)) { - if(i==j) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - _this->platforms[i].equiv = &_this->platforms[j]; - break; - } - } - if(_this->platforms[i].equiv == NULL) { - errStr = PR_smprintf(errString[BOGUS_EQUIV], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - } - } - -/* - // Now the intelligent pass, which will also detect loops. - // We will send two pointers through the linked list of equivalent - // platforms. Both start with the current node. "first" traverses - // two nodes for each iteration. "second" lags behind, only traversing - // one node per iteration. Eventually one of two things will happen: - // first will hit the end of the list (a platform that doesn't use - // an equivalency), or first will equal second if there is a loop. -*/ - for(i=0; i < _this->numPlatforms; i++) { - if(_this->platforms[i].usesEquiv) { - second = _this->platforms[i].equiv; - if(!second->usesEquiv) { - /* The first link is the terminal node */ - continue; - } - first = second->equiv; - while(first->usesEquiv) { - if(first == second) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - first = first->equiv; - if(!first->usesEquiv) { - break; - } - if(first == second) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - second = second->equiv; - first = first->equiv; - } - _this->platforms[i].equiv = first; - } - } - -loser: - if(iter) { - Pk11Install_ListIter_delete(iter); - PR_Free(iter); - iter = NULL; - } - if(subiter) { - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetBestPlatform -// Class: Pk11Install_Info -// Takes: char *myPlatform, the platform we are currently running -// on. -*/ -Pk11Install_Platform* -Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform) -{ - Pk11Install_PlatformName plat; - char *errStr; - int i, j; - - errStr=NULL; - - Pk11Install_PlatformName_init(&plat); - if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) { - PR_smprintf_free(errStr); - return NULL; - } - - /* First try real platforms */ - for(i=0; i < _this->numPlatforms; i++) { - if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) { - if(_this->platforms[i].equiv) { - return _this->platforms[i].equiv; - } - else { - return &_this->platforms[i]; - } - } - } - - /* Now try forward compatible platforms */ - for(i=0; i < _this->numForwardCompatible; i++) { - if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) { - break; - } - } - if(i == _this->numForwardCompatible) { - return NULL; - } - - /* Got a forward compatible name, find the actual platform. */ - for(j=0; j < _this->numPlatforms; j++) { - if(Pk11Install_PlatformName_equal(&_this->platforms[j].name, - &_this->forwardCompatible[i])) { - if(_this->platforms[j].equiv) { - return _this->platforms[j].equiv; - } else { - return &_this->platforms[j]; - } - } - } - - return NULL; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_Print(Pk11Install_Info* _this, int pad) -{ - int i; - - PAD(pad); printf("Forward Compatible:\n"); - for(i = 0; i < _this->numForwardCompatible; i++) { - Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC); - PAD(pad); printf("-------------------\n"); - } - PAD(pad); printf("Platforms:\n"); - for( i = 0; i < _this->numPlatforms; i++) { - Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC); - PAD(pad); printf("-------------------\n"); - } -} - -/* -////////////////////////////////////////////////////////////////////////// -*/ -static char* -PR_Strdup(const char* str) -{ - char *tmp; - tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1)); - strcpy(tmp, str); - return tmp; -} - -/* The global value list, the top of the tree */ -Pk11Install_ValueList* Pk11Install_valueList=NULL; - -/****************************************************************************/ -void -Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this, - Pk11Install_Value *item) -{ - _this->numItems++; - if (item->type == STRING_VALUE) { - _this->numStrings++; - } else { - _this->numPairs++; - } - item->next = _this->head; - _this->head = item; -} - -/****************************************************************************/ -Pk11Install_ListIter* -Pk11Install_ListIter_new_default() -{ - Pk11Install_ListIter* new_this; - new_this = (Pk11Install_ListIter*) - PR_Malloc(sizeof(Pk11Install_ListIter)); - Pk11Install_ListIter_init(new_this); - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_init(Pk11Install_ListIter* _this) -{ - _this->list = NULL; - _this->current = NULL; -} - -/****************************************************************************/ -Pk11Install_ListIter* -Pk11Install_ListIter_new(const Pk11Install_ValueList *_list) -{ - Pk11Install_ListIter* new_this; - new_this = (Pk11Install_ListIter*) - PR_Malloc(sizeof(Pk11Install_ListIter)); - new_this->list = _list; - new_this->current = _list->head; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_delete(Pk11Install_ListIter* _this) -{ - _this->list=NULL; - _this->current=NULL; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_reset(Pk11Install_ListIter* _this) -{ - if(_this->list) { - _this->current = _this->list->head; - } -} - -/*************************************************************************/ -Pk11Install_Value* -Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this) -{ - if(_this->current) { - _this->current = _this->current->next; - } - - return _this->current; -} - -/****************************************************************************/ -Pk11Install_ValueList* -Pk11Install_ValueList_new() -{ - Pk11Install_ValueList* new_this; - new_this = (Pk11Install_ValueList*) - PR_Malloc(sizeof(Pk11Install_ValueList)); - new_this->numItems = 0; - new_this->numPairs = 0; - new_this->numStrings = 0; - new_this->head = NULL; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ValueList_delete(Pk11Install_ValueList* _this) -{ - - Pk11Install_Value *tmp; - Pk11Install_Value *list; - list = _this->head; - - while(list != NULL) { - tmp = list; - list = list->next; - PR_Free(tmp); - } - PR_Free(_this); -} - -/****************************************************************************/ -Pk11Install_Value* -Pk11Install_Value_new_default() -{ - Pk11Install_Value* new_this; - new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value)); - new_this->type = STRING_VALUE; - new_this->string = NULL; - new_this->pair = NULL; - new_this->next = NULL; - return new_this; -} - -/****************************************************************************/ -Pk11Install_Value* -Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr) -{ - Pk11Install_Value* new_this; - new_this = Pk11Install_Value_new_default(); - new_this->type = _type; - if(_type == STRING_VALUE) { - new_this->pair = NULL; - new_this->string = ptr.string; - } else { - new_this->string = NULL; - new_this->pair = ptr.pair; - } - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_Value_delete(Pk11Install_Value* _this) -{ - if(_this->type == STRING_VALUE) { - PR_Free(_this->string); - } else { - PR_Free(_this->pair); - } -} - -/****************************************************************************/ -Pk11Install_Pair* -Pk11Install_Pair_new_default() -{ - return Pk11Install_Pair_new(NULL,NULL); -} - -/****************************************************************************/ -Pk11Install_Pair* -Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list) -{ - Pk11Install_Pair* new_this; - new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair)); - new_this->key = _key; - new_this->list = _list; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_Pair_delete(Pk11Install_Pair* _this) -{ - PR_Free(_this->key); - Pk11Install_ValueList_delete(_this->list); - PR_Free(_this->list); -} - -/*************************************************************************/ -void -Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad) -{ - while (_this) { - /*PAD(pad); printf("**Pair\n"); - PAD(pad); printf("***Key====\n");*/ - PAD(pad); printf("%s {\n", _this->key); - /*PAD(pad); printf("====\n");*/ - /*PAD(pad); printf("***ValueList\n");*/ - Pk11Install_ValueList_Print(_this->list,pad+PADINC); - PAD(pad); printf("}\n"); - } -} - -/*************************************************************************/ -void -Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad) -{ - Pk11Install_Value *v; - - /*PAD(pad);printf("**Value List**\n");*/ - for(v = _this->head; v != NULL; v=v->next) { - Pk11Install_Value_Print(v,pad); - } -} - -/*************************************************************************/ -void -Pk11Install_Value_Print(Pk11Install_Value* _this, int pad) -{ - /*PAD(pad); printf("**Value, type=%s\n", - type==STRING_VALUE ? "string" : "pair");*/ - if(_this->type==STRING_VALUE) { - /*PAD(pad+PADINC); printf("====\n");*/ - PAD(pad); printf("%s\n", _this->string); - /*PAD(pad+PADINC); printf("====\n");*/ - } else { - Pk11Install_Pair_Print(_this->pair,pad+PADINC); - } -} diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h deleted file mode 100644 index 2311f09287..0000000000 --- a/security/nss/cmd/modutil/install-ds.h +++ /dev/null @@ -1,290 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef INSTALL_DS_H -#define INSTALL_DS_H - -#include -#include -#include - -extern PRFileDesc *Pk11Install_FD; -extern int Pk11Install_yylex(); -extern int Pk11Install_yylinenum; -extern char *Pk11Install_yyerrstr; - -typedef enum { STRING_VALUE, PAIR_VALUE } ValueType; - -typedef struct Pk11Install_Pair_str Pk11Install_Pair; -typedef union Pk11Install_Pointer_str Pk11Install_Pointer; -typedef struct Pk11Install_Value_str Pk11Install_Value; -typedef struct Pk11Install_ValueList_str Pk11Install_ValueList; -typedef struct Pk11Install_ListIter_str Pk11Install_ListIter; -typedef struct Pk11Install_File_str Pk11Install_File; -typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName; -typedef struct Pk11Install_Platform_str Pk11Install_Platform; -typedef struct Pk11Install_Info_str Pk11Install_Info; - -extern Pk11Install_Pointer Pk11Install_yylval; -extern Pk11Install_ValueList* Pk11Install_valueList; - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Pair -////////////////////////////////////////////////////////////////////////// -*/ - -struct Pk11Install_Pair_str { - char * key; - Pk11Install_ValueList *list; - -}; - -Pk11Install_Pair* -Pk11Install_Pair_new_default(); -Pk11Install_Pair* -Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list); -void -Pk11Install_Pair_delete(Pk11Install_Pair* _this); -void -Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad); - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Pointer -////////////////////////////////////////////////////////////////////////// -*/ -union Pk11Install_Pointer_str { - Pk11Install_ValueList *list; - Pk11Install_Value *value; - Pk11Install_Pair *pair; - char *string; -}; - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Value -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_Value_str { - - ValueType type; - char *string; - Pk11Install_Pair *pair; - struct Pk11Install_Value_str *next; -}; - -Pk11Install_Value* -Pk11Install_Value_new_default(); -Pk11Install_Value* -Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr); -void -Pk11Install_Value_delete(Pk11Install_Value* _this); -void -Pk11Install_Value_Print(Pk11Install_Value* _this, int pad); - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_ValueList -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_ValueList_str { - int numItems; - int numPairs; - int numStrings; - Pk11Install_Value *head; -}; - -Pk11Install_ValueList* -Pk11Install_ValueList_new(); -void -Pk11Install_ValueList_delete(Pk11Install_ValueList* _this); -void -Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this, - Pk11Install_Value* item); -void -Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad); - - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_ListIter -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_ListIter_str { - const Pk11Install_ValueList *list; - Pk11Install_Value *current; -}; - -Pk11Install_ListIter* -Pk11Install_ListIter_new_default(); -void -Pk11Install_ListIter_init(Pk11Install_ListIter* _this); -Pk11Install_ListIter* -Pk11Install_ListIter_new(const Pk11Install_ValueList* _list); -void -Pk11Install_ListIter_delete(Pk11Install_ListIter* _this); -void -Pk11Install_ListIter_reset(Pk11Install_ListIter* _this); -Pk11Install_Value* -Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this); - -/************************************************************************ - * - * Pk11Install_File - */ -struct Pk11Install_File_str { - char *jarPath; - char *relativePath; - char *absolutePath; - PRBool executable; - int permissions; -}; - -Pk11Install_File* -Pk11Install_File_new(); -void -Pk11Install_File_init(Pk11Install_File* _this); -void -Pk11Install_file_delete(Pk11Install_File* _this); -/*// Parses a syntax tree to obtain all attributes. -// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_File_Generate(Pk11Install_File* _this, - const Pk11Install_Pair* pair); -void -Pk11Install_File_Print(Pk11Install_File* _this, int pad); -void -Pk11Install_File_Cleanup(Pk11Install_File* _this); - -/************************************************************************ - * - * Pk11Install_PlatformName - */ -struct Pk11Install_PlatformName_str { - char *OS; - char **verString; - int numDigits; - char *arch; -}; - -Pk11Install_PlatformName* -Pk11Install_PlatformName_new(); -void -Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this); -void -Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this); -char* -Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this, - const char* str); -char* -Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this); -char* -Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this); -void -Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad); -void -Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this); -PRBool -Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); -PRBool -Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); -PRBool -Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); - -/************************************************************************ - * - * Pk11Install_Platform - */ -struct Pk11Install_Platform_str { - Pk11Install_PlatformName name; - Pk11Install_PlatformName equivName; - struct Pk11Install_Platform_str *equiv; - PRBool usesEquiv; - char *moduleFile; - char *moduleName; - int modFile; - unsigned long mechFlags; - unsigned long cipherFlags; - Pk11Install_File *files; - int numFiles; -}; - -Pk11Install_Platform* -Pk11Install_Platform_new(); -void -Pk11Install_Platform_init(Pk11Install_Platform* _this); -void -Pk11Install_Platform_delete(Pk11Install_Platform* _this); -/*// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_Platform_Generate(Pk11Install_Platform* _this, - const Pk11Install_Pair *pair); -void -Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad); -void -Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this); - -/************************************************************************ - * - * Pk11Install_Info - */ -struct Pk11Install_Info_str { - Pk11Install_Platform *platforms; - int numPlatforms; - Pk11Install_PlatformName *forwardCompatible; - int numForwardCompatible; -}; - -Pk11Install_Info* -Pk11Install_Info_new(); -void -Pk11Install_Info_init(); -void -Pk11Install_Info_delete(Pk11Install_Info* _this); -/*// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_Info_Generate(Pk11Install_Info* _this, - const Pk11Install_ValueList *list); - /*// Returns NULL if there is no matching platform*/ -Pk11Install_Platform* -Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform); -void -Pk11Install_Info_Print(Pk11Install_Info* _this, int pad); -void -Pk11Install_Info_Cleanup(Pk11Install_Info* _this); - -#endif /* INSTALL_DS_H */ diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c deleted file mode 100644 index c6f55be01c..0000000000 --- a/security/nss/cmd/modutil/install.c +++ /dev/null @@ -1,985 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "install.h" -#include "install-ds.h" -#include -#include -#include -#include -#include -#include - -#ifdef XP_UNIX -/* for chmod */ -#include -#include -#endif - -/*extern "C" {*/ -#include -/*}*/ - -extern /*"C"*/ -int Pk11Install_AddNewModule(char* moduleName, char* dllPath, - unsigned long defaultMechanismFlags, - unsigned long cipherEnableFlags); -extern /*"C"*/ -short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, - PRBool query); -extern /*"C"*/ -const char* mySECU_ErrorString(int16); -extern -int Pk11Install_yyparse(); - -#define INSTALL_METAINFO_TAG "Pkcs11_install_script" -#define SCRIPT_TEMP_FILE "pkcs11inst.tmp" -#define ROOT_MARKER "%root%" -#define TEMP_MARKER "%temp%" -#define PRINTF_ROOT_MARKER "%%root%%" -#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir" -#define JAR_BASE_END (JAR_BASE+100) - -static PRLock* errorHandlerLock=NULL; -static Pk11Install_ErrorHandler errorHandler=NULL; -static char* PR_Strdup(const char* str); -static int rm_dash_r (char *path); -static int make_dirs(char *path, int file_perms); -static int dir_perms(int perms); - -static Pk11Install_Error DoInstall(JAR *jar, const char *installDir, - const char* tempDir, Pk11Install_Platform *platform, - PRFileDesc *feedback, PRBool noverify); - -static char *errorString[]= { - "Operation was successful", /* PK11_INSTALL_NO_ERROR */ - "Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */ - "File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */ - "File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */ - "%s", /* PK11_INSTALL_ERROR_STRING */ - "Error in JAR file %s: %s", /* PK11_INSTALL_JAR_ERROR */ - "No Pkcs11_install_script specified in JAR metainfo file", - /* PK11_INSTALL_NO_INSTALLER_SCRIPT */ - "Could not delete temporary file \"%s\"", - /*PK11_INSTALL_DELETE_TEMP_FILE */ - "Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/ - "%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */ - "Error in script: %s", - "Unable to obtain system platform information", - "Installer script has no information about the current platform (%s)", - "Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER, - "Module File \"%s\" not found", - "Error occurred installing module \"%s\" into database", - "Error extracting \"%s\" from JAR file: %s", - "Directory \"%s\" is not writeable", - "Could not create directory \"%s\"", - "Could not remove directory \"%s\"", - "Unable to execute \"%s\"", - "Unable to wait for process \"%s\"", - "\"%s\" returned error code %d", - "User aborted operation", - "Unspecified error" -}; - -enum { - INSTALLED_FILE_MSG=0, - INSTALLED_MODULE_MSG, - INSTALLER_SCRIPT_NAME, - MY_PLATFORM_IS, - USING_PLATFORM, - PARSED_INSTALL_SCRIPT, - EXEC_FILE_MSG, - EXEC_SUCCESS, - INSTALLATION_COMPLETE_MSG, - USER_ABORT -}; - -static char *msgStrings[] = { - "Installed file %s to %s\n", - "Installed module \"%s\" into module database\n", - "Using installer script \"%s\"\n", - "Current platform is %s\n", - "Using installation parameters for platform %s\n", - "Successfully parsed installation script\n", - "Executing \"%s\"...\n", - "\"%s\" executed successfully\n", - "\nInstallation completed successfully\n", - "\nAborting...\n" -}; - -/************************************************************************** - * S t r i n g N o d e - */ -typedef struct StringNode_str { - char *str; - struct StringNode_str* next; -} StringNode; - -StringNode* StringNode_new() -{ - StringNode* new_this; - new_this = (StringNode*)malloc(sizeof(StringNode)); - new_this->str=NULL; - new_this->next=NULL; - return new_this; -} - -void StringNode_delete(StringNode* s) -{ - if(s->str) { - PR_Free(s->str); - s->str=NULL; - } -} - -/************************************************************************* - * S t r i n g L i s t - */ -typedef struct StringList_str { - StringNode* head; - StringNode* tail; -} StringList; - -void StringList_new(StringList* list) -{ - list->head=NULL; - list->tail=NULL; -} - -void StringList_delete(StringList* list) -{ - StringNode *tmp; - while(list->head) { - tmp = list->head; - list->head = list->head->next; - StringNode_delete(tmp); - } -} - -void -StringList_Append(StringList* list, char* str) -{ - if(!str) { - return; - } - - if(!list->tail) { - /* This is the first element */ - list->head = list->tail = StringNode_new(); - } else { - list->tail->next = StringNode_new(); - list->tail = list->tail->next; - } - - list->tail->str = PR_Strdup(str); - list->tail->next = NULL; /* just to be sure */ -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r - * - * Sets the error handler to be used by the library. Returns the current - * error handler function. - */ -Pk11Install_ErrorHandler -Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler) -{ - Pk11Install_ErrorHandler old; - - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } - - PR_Lock(errorHandlerLock); - - old = errorHandler; - errorHandler = handler; - - PR_Unlock(errorHandlerLock); - - return old; -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ I n i t - * - * Does initialization that otherwise would be done on the fly. Only - * needs to be called by multithreaded apps, before they make any calls - * to this library. - */ -void -Pk11Install_Init() -{ - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ R e l e a s e - * - * Releases static data structures used by the library. Don't use the - * library after calling this, unless you call Pk11Install_Init() - * first. This function doesn't have to be called at all unless you're - * really anal about freeing memory before your program exits. - */ -void -Pk11Install_Release() -{ - if(errorHandlerLock) { - PR_Free(errorHandlerLock); - errorHandlerLock = NULL; - } -} - -/************************************************************************* - * - * e r r o r - * - * Takes an error code and its arguments, creates the error string, - * and sends the string to the handler function if it exists. - */ - -#ifdef OSF1 -/* stdarg has already been pulled in from NSPR */ -#undef va_start -#undef va_end -#undef va_arg -#include -#else -#include -#endif - -#ifdef OSF1 -static void -error(long va_alist, ...) -#else -static void -error(Pk11Install_Error errcode, ...) -#endif -{ - - va_list ap; - char *errstr; - Pk11Install_ErrorHandler handler; - - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } - - PR_Lock(errorHandlerLock); - - handler = errorHandler; - - PR_Unlock(errorHandlerLock); - - if(handler) { -#ifdef OSF1 - va_start(ap); - errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap); -#else - va_start(ap, errcode); - errstr = PR_vsmprintf(errorString[errcode], ap); -#endif - handler(errstr); - PR_smprintf_free(errstr); - va_end(ap); - } -} - -/************************************************************************* - * - * j a r _ c a l l b a c k - */ -static int -jar_callback(int status, JAR *foo, const char *bar, char *pathname, - char *errortext) { - char *string; - - string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext, - pathname); - error(PK11_INSTALL_ERROR_STRING, string); - PR_smprintf_free(string); - return 0; -} - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ D o I n s t a l l - * - * jarFile is the path of a JAR in the PKCS #11 module JAR format. - * installDir is the directory relative to which files will be - * installed. - */ -Pk11Install_Error -Pk11Install_DoInstall(char *jarFile, const char *installDir, - const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify) -{ - JAR *jar; - char *installer; - unsigned long installer_len; - int status; - Pk11Install_Error ret; - PRBool made_temp_file; - Pk11Install_Info installInfo; - Pk11Install_Platform *platform; - char* errMsg; - char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH], - arch[SYS_INFO_BUFFER_LENGTH]; - char *myPlatform; - - jar=NULL; - ret = PK11_INSTALL_UNSPECIFIED; - made_temp_file=PR_FALSE; - errMsg=NULL; - Pk11Install_Info_init(&installInfo); - - /* - printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n", - jarFile, installDir, tempDir); - */ - - /* - * Check out jarFile and installDir for validity - */ - if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir); - return PK11_INSTALL_DIR_DOESNT_EXIST; - } - if(!tempDir) { - tempDir = "."; - } - if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir); - return PK11_INSTALL_DIR_DOESNT_EXIST; - } - if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir); - return PK11_INSTALL_DIR_NOT_WRITEABLE; - } - if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) { - error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile); - return PK11_INSTALL_FILE_DOESNT_EXIST; - } - if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) { - error(PK11_INSTALL_FILE_NOT_READABLE, jarFile); - return PK11_INSTALL_FILE_NOT_READABLE; - } - - /* - * Extract the JAR file - */ - jar = JAR_new(); - JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback); - - if(noverify) { - status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url"); - } else { - status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url"); - } - if( (status < 0) || (jar->valid < 0) ) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_ERROR, jarFile, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret=PK11_INSTALL_JAR_ERROR; - goto loser; - } - /*printf("passed the archive\n");*/ - - /* - * Show the user security information, allow them to abort or continue - */ - if( Pk11Install_UserVerifyJar(jar, PR_STDOUT, - force?PR_FALSE:PR_TRUE) && !force) { - if(feedback) { - PR_fprintf(feedback, msgStrings[USER_ABORT]); - } - ret=PK11_INSTALL_USER_ABORT; - goto loser; - } - - /* - * Get the name of the installation file - */ - if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer, - (unsigned long*)&installer_len) ) { - error(PK11_INSTALL_NO_INSTALLER_SCRIPT); - ret=PK11_INSTALL_NO_INSTALLER_SCRIPT; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer); - } - - /* - * Extract the installation file - */ - if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) { - if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) { - error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE); - ret=PK11_INSTALL_DELETE_TEMP_FILE; - goto loser; - } - } - if(noverify) { - status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE); - } else { - status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE); - } - if(status) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_EXTRACT, installer, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret = PK11_INSTALL_JAR_EXTRACT; - goto loser; - } else { - made_temp_file = PR_TRUE; - } - - /* - * Parse the installation file into a syntax tree - */ - Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0); - if(!Pk11Install_FD) { - error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE); - ret=PK11_INSTALL_OPEN_SCRIPT_FILE; - goto loser; - } - if(Pk11Install_yyparse()) { - error(PK11_INSTALL_SCRIPT_PARSE, installer, - Pk11Install_yyerrstr ? Pk11Install_yyerrstr : ""); - ret=PK11_INSTALL_SCRIPT_PARSE; - goto loser; - } - -#if 0 - /* for debugging */ - Pk11Install_valueList->Print(0); -#endif - - /* - * From the syntax tree, build a semantic structure - */ - errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList); - if(errMsg) { - error(PK11_INSTALL_SEMANTIC, errMsg); - ret=PK11_INSTALL_SEMANTIC; - goto loser; - } -#if 0 - installInfo.Print(0); -#endif - - if(feedback) { - PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]); - } - - /* - * Figure out which platform to use - */ - { - sysname[0] = release[0] = arch[0] = '\0'; - - if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) || - (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) || - (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) ) { - error(PK11_INSTALL_SYSINFO); - ret=PK11_INSTALL_SYSINFO; - goto loser; - } - myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch); - platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform); - if(!platform) { - error(PK11_INSTALL_NO_PLATFORM, myPlatform); - PR_smprintf_free(myPlatform); - ret=PK11_INSTALL_NO_PLATFORM; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform); - PR_fprintf(feedback, msgStrings[USING_PLATFORM], - Pk11Install_PlatformName_GetString(&platform->name)); - } - PR_smprintf_free(myPlatform); - } - - /* Run the install for that platform */ - ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify); - if(ret) { - goto loser; - } - - ret = PK11_INSTALL_SUCCESS; -loser: - if(Pk11Install_valueList) { - Pk11Install_ValueList_delete(Pk11Install_valueList); - PR_Free(Pk11Install_valueList); - Pk11Install_valueList = NULL; - } - if(jar) { - JAR_destroy(jar); - } - if(made_temp_file) { - PR_Delete(SCRIPT_TEMP_FILE); - } - if(errMsg) { - PR_smprintf_free(errMsg); - } - return ret; -} - -/* -///////////////////////////////////////////////////////////////////////// -// actually run the installation, copying files to and fro -*/ -static Pk11Install_Error -DoInstall(JAR *jar, const char *installDir, const char *tempDir, - Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify) -{ - Pk11Install_File *file; - Pk11Install_Error ret; - char *reldir; - char *dest; - char *modDest; - char *cp; - int i; - int status; - char *tempname, *temp; - StringList executables; - StringNode *execNode; - PRProcessAttr *attr; - PRProcess *proc; - char *argv[2]; - char *envp[1]; - int errcode; - - ret=PK11_INSTALL_UNSPECIFIED; - reldir=NULL; - dest=NULL; - modDest=NULL; - tempname=NULL; - - StringList_new(&executables); - /* - // Create Temporary directory - */ - tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME); - if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) { - /* Left over from previous run? Delete it. */ - rm_dash_r(tempname); - } - if(PR_MkDir(tempname, 0700) != PR_SUCCESS) { - error(PK11_INSTALL_CREATE_DIR, tempname); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - - /* - // Install all the files - */ - for(i=0; i < platform->numFiles; i++) { - file = &platform->files[i]; - - if(file->relativePath) { - PRBool foundMarker = PR_FALSE; - reldir = PR_Strdup(file->relativePath); - - /* Replace all the markers with the directories for which they stand */ - while(1) { - if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) { - /* Has a %root% marker */ - *cp = '\0'; - temp = PR_smprintf("%s%s%s", reldir, installDir, - cp+strlen(ROOT_MARKER)); - PR_Free(reldir); - reldir = temp; - foundMarker = PR_TRUE; - } else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) { - /* Has a %temp% marker */ - *cp = '\0'; - temp = PR_smprintf("%s%s%s", reldir, tempname, - cp+strlen(TEMP_MARKER)); - PR_Free(reldir); - reldir = temp; - foundMarker = PR_TRUE; - } else { - break; - } - } - if(!foundMarker) { - /* Has no markers...this isn't really a relative directory */ - error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath); - ret = PK11_INSTALL_BOGUS_REL_DIR; - goto loser; - } - dest = reldir; - reldir = NULL; - } else if(file->absolutePath) { - dest = PR_Strdup(file->absolutePath); - } - - /* Remember if this is the module file, we'll need to add it later */ - if(i == platform->modFile) { - modDest = PR_Strdup(dest); - } - - /* Remember is this is an executable, we'll need to run it later */ - if(file->executable) { - StringList_Append(&executables,dest); - /*executables.Append(dest);*/ - } - - /* Make sure the directory we are targetting exists */ - if( make_dirs(dest, file->permissions) ) { - ret=PK11_INSTALL_CREATE_DIR; - goto loser; - } - - /* Actually extract the file onto the filesystem */ - if(noverify) { - status = JAR_extract(jar, (char*)file->jarPath, dest); - } else { - status = JAR_verified_extract(jar, (char*)file->jarPath, dest); - } - if(status) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_EXTRACT, file->jarPath, - JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_EXTRACT, file->jarPath, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret=PK11_INSTALL_JAR_EXTRACT; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG], - file->jarPath, dest); - } - - /* no NSPR command to change permissions? */ -#ifdef XP_UNIX - chmod(dest, file->permissions); -#endif - - /* Memory clean-up tasks */ - if(reldir) { - PR_Free(reldir); - reldir = NULL; - } - if(dest) { - PR_Free(dest); - dest = NULL; - } - } - /* Make sure we found the module file */ - if(!modDest) { - /* Internal problem here, since every platform is supposed to have - a module file */ - error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName); - ret=PK11_INSTALL_NO_MOD_FILE; - goto loser; - } - - /* - // Execute any executable files - */ - { - argv[1] = NULL; - envp[0] = NULL; - for(execNode = executables.head; execNode; execNode = execNode->next) { - attr = PR_NewProcessAttr(); - argv[0] = PR_Strdup(execNode->str); - - /* Announce our intentions */ - if(feedback) { - PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str); - } - - /* start the process */ - if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) { - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - error(PK11_INSTALL_EXEC_FILE, execNode->str); - ret=PK11_INSTALL_EXEC_FILE; - goto loser; - } - - /* wait for it to finish */ - if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) { - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - error(PK11_INSTALL_WAIT_PROCESS, execNode->str); - ret=PK11_INSTALL_WAIT_PROCESS; - goto loser; - } - - /* What happened? */ - if(errcode) { - /* process returned an error */ - error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode); - } else if(feedback) { - /* process ran successfully */ - PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str); - } - - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - } - } - - /* - // Add the module - */ - status = Pk11Install_AddNewModule((char*)platform->moduleName, - (char*)modDest, platform->mechFlags, platform->cipherFlags ); - - if(status != SECSuccess) { - error(PK11_INSTALL_ADD_MODULE, platform->moduleName); - ret=PK11_INSTALL_ADD_MODULE; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG], - platform->moduleName); - } - - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]); - } - - ret = PK11_INSTALL_SUCCESS; - -loser: - if(reldir) { - PR_Free(reldir); - } - if(dest) { - PR_Free(dest); - } - if(modDest) { - PR_Free(modDest); - } - if(tempname) { - PRFileInfo info; - if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) { - if((info.type == PR_FILE_DIRECTORY)) { - /* Recursively remove temporary directory */ - if(rm_dash_r(tempname)) { - error(PK11_INSTALL_REMOVE_DIR, - tempname); - ret=PK11_INSTALL_REMOVE_DIR; - } - - } - } - PR_Free(tempname); - } - StringList_delete(&executables); - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -*/ -static char* -PR_Strdup(const char* str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/* - * r m _ d a s h _ r - * - * Remove a file, or a directory recursively. - * - */ -static int -rm_dash_r (char *path) -{ - PRDir *dir; - PRDirEntry *entry; - PRFileInfo fileinfo; - char filename[240]; - - if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) { - /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/ - return -1; - } - if(fileinfo.type == PR_FILE_DIRECTORY) { - - dir = PR_OpenDir(path); - if(!dir) { - return -1; - } - - /* Recursively delete all entries in the directory */ - while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) { - sprintf(filename, "%s/%s", path, entry->name); - if(rm_dash_r(filename)) return -1; - } - - if(PR_CloseDir(dir) != PR_SUCCESS) { - return -1; - } - - /* Delete the directory itself */ - if(PR_RmDir(path) != PR_SUCCESS) { - return -1; - } - } else { - if(PR_Delete(path) != PR_SUCCESS) { - return -1; - } - } - return 0; -} - -/*************************************************************************** - * - * m a k e _ d i r s - * - * Ensure that the directory portion of the path exists. This may require - * making the directory, and its parent, and its parent's parent, etc. - */ -static int -make_dirs(char *path, int file_perms) -{ - char *Path; - char *start; - char *sep; - int ret = 0; - PRFileInfo info; - - if(!path) { - return 0; - } - - Path = PR_Strdup(path); - start = strpbrk(Path, "/\\"); - if(!start) { - return 0; - } - start++; /* start right after first slash */ - - /* Each time through the loop add one more directory. */ - while( (sep=strpbrk(start, "/\\")) ) { - *sep = '\0'; - - if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) { - /* No such dir, we have to create it */ - if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) { - error(PK11_INSTALL_CREATE_DIR, Path); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - } else { - /* something exists by this name, make sure it's a directory */ - if( info.type != PR_FILE_DIRECTORY ) { - error(PK11_INSTALL_CREATE_DIR, Path); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - } - - /* If this is the lowest directory level, make sure it is writeable */ - if(!strpbrk(sep+1, "/\\")) { - if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) { - error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path); - ret = PK11_INSTALL_DIR_NOT_WRITEABLE; - goto loser; - } - } - - start = sep+1; /* start after the next slash */ - *sep = '/'; - } - -loser: - PR_Free(Path); - return ret; -} - -/************************************************************************* - * d i r _ p e r m s - * - * Guesses the desired permissions on a directory based on the permissions - * of a file that will be stored in it. Give read, write, and - * execute to the owner (so we can create the file), read and - * execute to anyone who has read permissions on the file, and write - * to anyone who has write permissions on the file. - */ -static int -dir_perms(int perms) -{ - int ret = 0; - - /* owner */ - ret |= 0700; - - /* group */ - if(perms & 0040) { - /* read on the file -> read and execute on the directory */ - ret |= 0050; - } - if(perms & 0020) { - /* write on the file -> write on the directory */ - ret |= 0020; - } - - /* others */ - if(perms & 0004) { - /* read on the file -> read and execute on the directory */ - ret |= 0005; - } - if(perms & 0002) { - /* write on the file -> write on the directory */ - ret |= 0002; - } - - return ret; -} diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h deleted file mode 100644 index 3874ed77ef..0000000000 --- a/security/nss/cmd/modutil/install.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef PK11INSTALL_H -#define PK11INSTALL_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef void (*Pk11Install_ErrorHandler)(char *); - -typedef enum { - PK11_INSTALL_NO_ERROR=0, - PK11_INSTALL_DIR_DOESNT_EXIST, - PK11_INSTALL_FILE_DOESNT_EXIST, - PK11_INSTALL_FILE_NOT_READABLE, - PK11_INSTALL_ERROR_STRING, - PK11_INSTALL_JAR_ERROR, - PK11_INSTALL_NO_INSTALLER_SCRIPT, - PK11_INSTALL_DELETE_TEMP_FILE, - PK11_INSTALL_OPEN_SCRIPT_FILE, - PK11_INSTALL_SCRIPT_PARSE, - PK11_INSTALL_SEMANTIC, - PK11_INSTALL_SYSINFO, - PK11_INSTALL_NO_PLATFORM, - PK11_INSTALL_BOGUS_REL_DIR, - PK11_INSTALL_NO_MOD_FILE, - PK11_INSTALL_ADD_MODULE, - PK11_INSTALL_JAR_EXTRACT, - PK11_INSTALL_DIR_NOT_WRITEABLE, - PK11_INSTALL_CREATE_DIR, - PK11_INSTALL_REMOVE_DIR, - PK11_INSTALL_EXEC_FILE, - PK11_INSTALL_WAIT_PROCESS, - PK11_INSTALL_PROC_ERROR, - PK11_INSTALL_USER_ABORT, - PK11_INSTALL_UNSPECIFIED -} Pk11Install_Error; -#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ I n i t - * - * Does initialization that otherwise would be done on the fly. Only - * needs to be called by multithreaded apps, before they make any calls - * to this library. - */ -void -Pk11Install_Init(); - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r - * - * Sets the error handler to be used by the library. Returns the current - * error handler function. - */ -Pk11Install_ErrorHandler -Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler); - - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ R e l e a s e - * - * Releases static data structures used by the library. Don't use the - * library after calling this, unless you call Pk11Install_Init() - * first. This function doesn't have to be called at all unless you're - * really anal about freeing memory before your program exits. - */ -void -Pk11Install_Release(); - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ D o I n s t a l l - * - * jarFile is the path of a JAR in the PKCS #11 module JAR format. - * installDir is the directory relative to which files will be - * installed. - * feedback is a file descriptor to which to write informative (not error) - * status messages: what files are being installed, what modules are being - * installed. If feedback==NULL, no messages will be displayed. - * If force != 0, interactive prompts will be suppressed. - * If noverify == PR_TRUE, signatures won't be checked on the JAR file. - */ -Pk11Install_Error -Pk11Install_DoInstall(char *jarFile, const char *installDir, - const char *tempDir, PRFileDesc *feedback, short force, - PRBool noverify); - -#ifdef __cplusplus -} -#endif - -#endif /*PK11INSTALL_H*/ diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c deleted file mode 100644 index 16f81b6eb2..0000000000 --- a/security/nss/cmd/modutil/installparse.c +++ /dev/null @@ -1,429 +0,0 @@ -#ifndef lint -char yysccsid[] = "@(#)yaccpar 1.4 (Berkeley) 02/25/90"; -#endif -#line 37 "installparse.y" - -#define yyparse Pk11Install_yyparse -#define yylex Pk11Install_yylex -#define yyerror Pk11Install_yyerror -#define yychar Pk11Install_yychar -#define yyval Pk11Install_yyval -#define yylval Pk11Install_yylval -#define yydebug Pk11Install_yydebug -#define yynerrs Pk11Install_yynerrs -#define yyerrflag Pk11Install_yyerrflag -#define yyss Pk11Install_yyss -#define yyssp Pk11Install_yyssp -#define yyvs Pk11Install_yyvs -#define yyvsp Pk11Install_yyvsp -#define yylhs Pk11Install_yylhs -#define yylen Pk11Install_yylen -#define yydefred Pk11Install_yydefred -#define yydgoto Pk11Install_yydgoto -#define yysindex Pk11Install_yysindex -#define yyrindex Pk11Install_yyrindex -#define yygindex Pk11Install_yygindex -#define yytable Pk11Install_yytable -#define yycheck Pk11Install_yycheck -#define yyname Pk11Install_yyname -#define yyrule Pk11Install_yyrule - -/* C Stuff */ -#include "install-ds.h" -#include - -#define YYSTYPE Pk11Install_Pointer -extern char *Pk11Install_yytext; -char *Pk11Install_yyerrstr=NULL; - -#line 40 "ytab.c" -#define OPENBRACE 257 -#define CLOSEBRACE 258 -#define STRING 259 -#define YYERRCODE 256 -short yylhs[] = { -1, - 0, 1, 1, 2, 2, 3, 4, -}; -short yylen[] = { 2, - 1, 2, 0, 1, 1, 4, 1, -}; -short yydefred[] = { 0, - 0, 0, 1, 0, 4, 0, 2, 0, 0, 6, -}; -short yydgoto[] = { 2, - 3, 4, 5, 6, -}; -short yysindex[] = { -257, - 0, 0, 0, -257, 0, -252, 0, -257, -251, 0, -}; -short yyrindex[] = { 6, - 1, 0, 0, 3, 0, 0, 0, -250, 0, 0, -}; -short yygindex[] = { 0, - -4, 0, 0, 0, -}; -#define YYTABLESIZE 261 -short yytable[] = { 7, - 5, 1, 3, 9, 8, 3, 10, 3, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 7, 5, 5, - 3, -}; -short yycheck[] = { 4, - 0, 259, 0, 8, 257, 0, 258, 258, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, 257, 258, 259, - 258, -}; -#define YYFINAL 2 -#ifndef YYDEBUG -#define YYDEBUG 0 -#endif -#define YYMAXTOKEN 259 -#if YYDEBUG -char *yyname[] = { -"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING", -}; -char *yyrule[] = { -"$accept : toplist", -"toplist : valuelist", -"valuelist : value valuelist", -"valuelist :", -"value : key_value_pair", -"value : STRING", -"key_value_pair : key OPENBRACE valuelist CLOSEBRACE", -"key : STRING", -}; -#endif -#ifndef YYSTYPE -typedef int YYSTYPE; -#endif -#define yyclearin (yychar=(-1)) -#define yyerrok (yyerrflag=0) -#ifndef YYSTACKSIZE -#ifdef YYMAXDEPTH -#define YYSTACKSIZE YYMAXDEPTH -#else -#define YYSTACKSIZE 300 -#endif -#endif -int yydebug; -int yynerrs; -int yyerrflag; -int yychar; -short *yyssp; -YYSTYPE *yyvsp; -YYSTYPE yyval; -YYSTYPE yylval; -#define yystacksize YYSTACKSIZE -short yyss[YYSTACKSIZE]; -YYSTYPE yyvs[YYSTACKSIZE]; -#line 118 "installparse.y" -/*----------------------- Program Section --------------------------------*/ - -/*************************************************************************/ -void -Pk11Install_yyerror(char *message) -{ - char *tmp; - if(Pk11Install_yyerrstr) { - tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr, - Pk11Install_yylinenum, message); - PR_smprintf_free(Pk11Install_yyerrstr); - } else { - tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message); - } - Pk11Install_yyerrstr=tmp; -} -#line 191 "ytab.c" -#define YYABORT goto yyabort -#define YYACCEPT goto yyaccept -#define YYERROR goto yyerrlab -int -yyparse() -{ - register int yym, yyn, yystate; -#if YYDEBUG - register char *yys; - extern char *getenv(); - - if (yys = getenv("YYDEBUG")) - { - yyn = *yys; - if (yyn >= '0' && yyn <= '9') - yydebug = yyn - '0'; - } -#endif - - yynerrs = 0; - yyerrflag = 0; - yychar = (-1); - - yyssp = yyss; - yyvsp = yyvs; - *yyssp = yystate = 0; - -yyloop: - if (yyn = yydefred[yystate]) goto yyreduce; - if (yychar < 0) - { - if ((yychar = yylex()) < 0) yychar = 0; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, reading %d (%s)\n", yystate, - yychar, yys); - } -#endif - } - if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yychar) - { -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, shifting to state %d\n", - yystate, yytable[yyn]); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate = yytable[yyn]; - *++yyvsp = yylval; - yychar = (-1); - if (yyerrflag > 0) --yyerrflag; - goto yyloop; - } - if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yychar) - { - yyn = yytable[yyn]; - goto yyreduce; - } - if (yyerrflag) goto yyinrecovery; -#ifdef lint - goto yynewerror; -#endif -yynewerror: - yyerror("syntax error"); -#ifdef lint - goto yyerrlab; -#endif -yyerrlab: - ++yynerrs; -yyinrecovery: - if (yyerrflag < 3) - { - yyerrflag = 3; - for (;;) - { - if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE) - { -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, error recovery shifting\ - to state %d\n", *yyssp, yytable[yyn]); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate = yytable[yyn]; - *++yyvsp = yylval; - goto yyloop; - } - else - { -#if YYDEBUG - if (yydebug) - printf("yydebug: error recovery discarding state %d\n", - *yyssp); -#endif - if (yyssp <= yyss) goto yyabort; - --yyssp; - --yyvsp; - } - } - } - else - { - if (yychar == 0) goto yyabort; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, error recovery discards token %d (%s)\n", - yystate, yychar, yys); - } -#endif - yychar = (-1); - goto yyloop; - } -yyreduce: -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, reducing by rule %d (%s)\n", - yystate, yyn, yyrule[yyn]); -#endif - yym = yylen[yyn]; - yyval = yyvsp[1-yym]; - switch (yyn) - { -case 1: -#line 84 "installparse.y" -{ - Pk11Install_valueList = yyvsp[0].list; -} -break; -case 2: -#line 89 "installparse.y" -{ - Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value); - yyval .list = yyvsp[0].list; -} -break; -case 3: -#line 94 "installparse.y" -{ - yyval .list = Pk11Install_ValueList_new(); -} -break; -case 4: -#line 99 "installparse.y" -{ - yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]); -} -break; -case 5: -#line 103 "installparse.y" -{ - yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]); -} -break; -case 6: -#line 108 "installparse.y" -{ - yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list); -} -break; -case 7: -#line 113 "installparse.y" -{ - yyval .string = yyvsp[0].string; -} -break; -#line 374 "ytab.c" - } - yyssp -= yym; - yystate = *yyssp; - yyvsp -= yym; - yym = yylhs[yyn]; - if (yystate == 0 && yym == 0) - { -#ifdef YYDEBUG - if (yydebug) - printf("yydebug: after reduction, shifting from state 0 to\ - state %d\n", YYFINAL); -#endif - yystate = YYFINAL; - *++yyssp = YYFINAL; - *++yyvsp = yyval; - if (yychar < 0) - { - if ((yychar = yylex()) < 0) yychar = 0; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, reading %d (%s)\n", - YYFINAL, yychar, yys); - } -#endif - } - if (yychar == 0) goto yyaccept; - goto yyloop; - } - if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yystate) - yystate = yytable[yyn]; - else - yystate = yydgoto[yym]; -#ifdef YYDEBUG - if (yydebug) - printf("yydebug: after reduction, shifting from state %d \ -to state %d\n", *yyssp, yystate); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate; - *++yyvsp = yyval; - goto yyloop; -yyoverflow: - yyerror("yacc stack overflow"); -yyabort: - return (1); -yyaccept: - return (0); -} diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h deleted file mode 100644 index 75686d4fdd..0000000000 --- a/security/nss/cmd/modutil/installparse.h +++ /dev/null @@ -1,3 +0,0 @@ -#define OPENBRACE 257 -#define CLOSEBRACE 258 -#define STRING 259 diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l deleted file mode 100644 index 6befe16cbb..0000000000 --- a/security/nss/cmd/modutil/installparse.l +++ /dev/null @@ -1,166 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - - -/* lex file for analyzing PKCS #11 Module installation instructions */ - -/*----------------------------- Definitions ---------------------------*/ -%{ -#include - -#include "install-ds.h" /* defines tokens and data structures */ -#include "installparse.h" /* produced by yacc -d */ -#include -static char *putSimpleString(char*); /* return copy of string */ -static char *putComplexString(char*); /* strip out quotes, deal with */ - /* escaped characters */ - -void Pk11Install_yyerror(char *); - -/* Overrides to use NSPR */ -#define malloc PR_Malloc -#define realloc PR_Realloc -#define free PR_Free - -int Pk11Install_yylinenum=1; -static char *err; - -#define YY_NEVER_INTERACTIVE 1 -#define yyunput Pkcs11Install_yyunput - -/* This is the default YY_INPUT modified for NSPR */ -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) { \ - char c; \ - int n; \ - for ( n = 0; n < max_size && \ - PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \ - buf[n] = c; \ - } \ - if ( c == '\n' ) { \ - buf[n++] = c; \ - } \ - result = n; \ - } else { \ - result = PR_Read(Pk11Install_FD, buf, max_size); \ - } - -%} - -/*** Regular expression definitions ***/ -/* simple_string has no whitespace, quotes, or braces */ -simple_string [^ \t\r\n\""{""}"]+ - -/* complex_string is enclosed in quotes. Inside the quotes, quotes and - backslashes must be backslash-escaped. No newlines or carriage returns - are allowed inside the quotes. Otherwise, anything goes. */ -complex_string \"([^\"\\\r\n]|(\\\")|(\\\\))+\" - -/* Standard whitespace */ -whitespace [ \t\r]+ - -other . - -/*---------------------------- Actions --------------------------------*/ -%% - -"{" return OPENBRACE; -"}" return CLOSEBRACE; -{simple_string} {Pk11Install_yylval.string = - putSimpleString(Pk11Install_yytext); - return STRING;} -{complex_string} {Pk11Install_yylval.string = - putComplexString(Pk11Install_yytext); - return STRING;} - -"\n" Pk11Install_yylinenum++; - -{whitespace} ; - -{other} {err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext); - Pk11Install_yyerror(err); - PR_smprintf_free(err); - return 1; - } - -%% -/*------------------------ Program Section ----------------------------*/ - -PRFileDesc *Pk11Install_FD=NULL; - -/*************************************************************************/ -/* dummy function required by lex */ -int Pk11Install_yywrap(void) { return 1;} - -/*************************************************************************/ -/* Return a copy of the given string */ -static char* -putSimpleString(char *str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/*************************************************************************/ -/* Strip out quotes, replace escaped characters with what they stand for. - This function assumes that what is passed in is actually a complex - string, so error checking is lax. */ -static char* -putComplexString(char *str) -{ - int size, i,j; - char *tmp; - - if(!str) { - return NULL; - } - size = strlen(str); - - /* Allocate the new space. This string will actually be too big, - since quotes and backslashes will be stripped out. But that's ok. */ - tmp = (char*) PR_Malloc(size+1); - - /* Copy it over */ - for(i=0, j=0; i < size; i++) { - if(str[i]=='\"') { - continue; /* skip un-escaped quotes */ - } else if(str[i]=='\\') { - ++i; /* escaped character. skip the backslash */ - } - tmp[j++] = str[i]; - } - tmp[j] = '\0'; - - return tmp; -} diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y deleted file mode 100644 index 6a32e25ab8..0000000000 --- a/security/nss/cmd/modutil/installparse.y +++ /dev/null @@ -1,133 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* yacc file for parsing PKCS #11 module installation instructions */ -/*------------------------ Definition Section ---------------------------*/ - -%{ -#define yyparse Pk11Install_yyparse -#define yylex Pk11Install_yylex -#define yyerror Pk11Install_yyerror -#define yychar Pk11Install_yychar -#define yyval Pk11Install_yyval -#define yylval Pk11Install_yylval -#define yydebug Pk11Install_yydebug -#define yynerrs Pk11Install_yynerrs -#define yyerrflag Pk11Install_yyerrflag -#define yyss Pk11Install_yyss -#define yyssp Pk11Install_yyssp -#define yyvs Pk11Install_yyvs -#define yyvsp Pk11Install_yyvsp -#define yylhs Pk11Install_yylhs -#define yylen Pk11Install_yylen -#define yydefred Pk11Install_yydefred -#define yydgoto Pk11Install_yydgoto -#define yysindex Pk11Install_yysindex -#define yyrindex Pk11Install_yyrindex -#define yygindex Pk11Install_yygindex -#define yytable Pk11Install_yytable -#define yycheck Pk11Install_yycheck -#define yyname Pk11Install_yyname -#define yyrule Pk11Install_yyrule - -/* C Stuff */ -#include "install-ds.h" -#include - -#define YYSTYPE Pk11Install_Pointer -extern char *Pk11Install_yytext; -char *Pk11Install_yyerrstr=NULL; - -%} - -/* Tokens */ -%token OPENBRACE -%token CLOSEBRACE -%token STRING -%start toplist - -%% - -/*--------------------------- Productions -------------------------------*/ - -toplist : valuelist -{ - Pk11Install_valueList = $1.list; -} - -valuelist : value valuelist -{ - Pk11Install_ValueList_AddItem($2.list,$1.value); - $$.list = $2.list; -} -| -{ - $$.list = Pk11Install_ValueList_new(); -}; - -value : key_value_pair -{ - $$.value= Pk11Install_Value_new(PAIR_VALUE,$1); -} -| STRING -{ - $$.value= Pk11Install_Value_new(STRING_VALUE, $1); -}; - -key_value_pair : key OPENBRACE valuelist CLOSEBRACE -{ - $$.pair = Pk11Install_Pair_new($1.string,$3.list); -}; - -key : STRING -{ - $$.string = $1.string; -}; - -%% -/*----------------------- Program Section --------------------------------*/ - -/*************************************************************************/ -void -Pk11Install_yyerror(char *message) -{ - char *tmp; - if(Pk11Install_yyerrstr) { - tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr, - Pk11Install_yylinenum, message); - PR_smprintf_free(Pk11Install_yyerrstr); - } else { - tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message); - } - Pk11Install_yyerrstr=tmp; -} diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c deleted file mode 100644 index e6eaa384b8..0000000000 --- a/security/nss/cmd/modutil/instsec.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include -#include -#include -#include -#include - -/* These are installation functions that make calls to the security library. - * We don't want to include security include files in the C++ code too much. - */ - -static char* PR_fgets(char *buf, int size, PRFileDesc *file); - -/*************************************************************************** - * - * P k 1 1 I n s t a l l _ A d d N e w M o d u l e - */ -int -Pk11Install_AddNewModule(char* moduleName, char* dllPath, - unsigned long defaultMechanismFlags, - unsigned long cipherEnableFlags) -{ - return (SECMOD_AddNewModule(moduleName, dllPath, - SECMOD_PubMechFlagstoInternal(defaultMechanismFlags), - SECMOD_PubCipherFlagstoInternal(cipherEnableFlags)) - == SECSuccess) ? 0 : -1; -} - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r - * - * Gives the user feedback on the signatures of a JAR files, asks them - * whether they actually want to continue. - * Assumes the jar structure has already been created and is valid. - * Returns 0 if the user wants to continue the installation, nonzero - * if the user wishes to abort. - */ -short -Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query) -{ - JAR_Context *ctx; - JAR_Cert *fing; - JAR_Item *item; - char stdinbuf[80]; - int count=0; - - CERTCertificate *cert, *prev=NULL; - - PR_fprintf(out, "\nThis installation JAR file was signed by:\n"); - - ctx = JAR_find(jar, NULL, jarTypeSign); - - while(JAR_find_next(ctx, &item) >= 0 ) { - fing = (JAR_Cert*) item->data; - cert = fing->cert; - if(cert==prev) { - continue; - } - - count++; - PR_fprintf(out, "----------------------------------------------\n"); - if(cert) { - if(cert->nickname) { - PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname); - } - if(cert->subjectName) { - PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); } - if(cert->issuerName) { - PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName); - } - } else { - PR_fprintf(out, "No matching certificate could be found.\n"); - } - PR_fprintf(out, "----------------------------------------------\n\n"); - - prev=cert; - } - - JAR_find_end(ctx); - - if(count==0) { - PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n"); - } - - if(query) { - PR_fprintf(out, -"Do you wish to continue this installation? (y/n) "); - - if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) { - char *response; - - if( (response=strtok(stdinbuf, " \t\n\r")) ) { - if( !PL_strcasecmp(response, "y") || - !PL_strcasecmp(response, "yes") ) { - return 0; - } - } - } - } - - return 1; -} - -/************************************************************************** - * - * P R _ f g e t s - * - * fgets implemented with NSPR. - */ -static char* -PR_fgets(char *buf, int size, PRFileDesc *file) -{ - int i; - int status; - char c; - - i=0; - while(i < size-1) { - status = PR_Read(file, (void*) &c, 1); - if(status==-1) { - return NULL; - } else if(status==0) { - break; - } - buf[i++] = c; - if(c=='\n') { - break; - } - } - buf[i]='\0'; - - return buf; -} - -/************************************************************************** - * - * m y S E C U _ E r r o r S t r i n g - * - */ -const char* mySECU_ErrorString(int16 errnum) -{ - return SECU_Strerror(errnum); -} diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c deleted file mode 100644 index 3943503db4..0000000000 --- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c +++ /dev/null @@ -1,1691 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#define yy_create_buffer Pk11Install_yy_create_buffer -#define yy_delete_buffer Pk11Install_yy_delete_buffer -#define yy_scan_buffer Pk11Install_yy_scan_buffer -#define yy_scan_string Pk11Install_yy_scan_string -#define yy_scan_bytes Pk11Install_yy_scan_bytes -#define yy_flex_debug Pk11Install_yy_flex_debug -#define yy_init_buffer Pk11Install_yy_init_buffer -#define yy_flush_buffer Pk11Install_yy_flush_buffer -#define yy_load_buffer_state Pk11Install_yy_load_buffer_state -#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer -#define yyin Pk11Install_yyin -#define yyleng Pk11Install_yyleng -#define yylex Pk11Install_yylex -#define yyout Pk11Install_yyout -#define yyrestart Pk11Install_yyrestart -#define yytext Pk11Install_yytext -#define yywrap Pk11Install_yywrap - -#line 20 "lex.Pk11Install_yy.c" -/* A lexical scanner generated by flex */ - -/* Scanner skeleton version: - * $Header$ - */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 - -#include - - -/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */ -#ifdef c_plusplus -#ifndef __cplusplus -#define __cplusplus -#endif -#endif - - -#ifdef __cplusplus - -#include -//#include - -/* Use prototypes in function declarations. */ -#define YY_USE_PROTOS - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_PROTOS -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef __TURBOC__ - #pragma warn -rch - #pragma warn -use -#include -#include -#define YY_USE_CONST -#define YY_USE_PROTOS -#endif - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - - -#ifdef YY_USE_PROTOS -#define YY_PROTO(proto) proto -#else -#define YY_PROTO(proto) () -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN yy_start = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START ((yy_start - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart( yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#define YY_BUF_SIZE 16384 - -typedef struct yy_buffer_state *YY_BUFFER_STATE; - -extern int yyleng; -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - -/* The funky do-while in the following #define is used to turn the definition - * int a single C statement (which needs a semi-colon terminator). This - * avoids problems with code like: - * - * if ( condition_holds ) - * yyless( 5 ); - * else - * do_something_else(); - * - * Prior to using the do-while the compiler would get upset at the - * "else" because it interpreted the "if" statement as being all - * done when it reached the ';' after the yyless() call. - */ - -/* Return all but the first 'n' matched characters back to the input stream. */ - -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - *yy_cp = yy_hold_char; \ - YY_RESTORE_YY_MORE_OFFSET \ - yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, yytext_ptr ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ -typedef unsigned int yy_size_t; - - -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - }; - -static YY_BUFFER_STATE yy_current_buffer = 0; - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - */ -#define YY_CURRENT_BUFFER yy_current_buffer - - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; - -static int yy_n_chars; /* number of characters read into yy_ch_buf */ - - -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 1; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart YY_PROTO(( FILE *input_file )); - -void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer )); -void yy_load_buffer_state YY_PROTO(( void )); -YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size )); -void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b )); -void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file )); -void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b )); -#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer ) - -YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size )); -YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str )); -YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len )); - -static void *yy_flex_alloc YY_PROTO(( yy_size_t )); -static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t )); -static void yy_flex_free YY_PROTO(( void * )); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! yy_current_buffer ) \ - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ - yy_current_buffer->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! yy_current_buffer ) \ - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ - yy_current_buffer->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (yy_current_buffer->yy_at_bol) - -typedef unsigned char YY_CHAR; -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; -typedef int yy_state_type; -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state YY_PROTO(( void )); -static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state )); -static int yy_get_next_buffer YY_PROTO(( void )); -static void yy_fatal_error YY_PROTO(( yyconst char msg[] )); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - yytext_ptr = yy_bp; \ - yyleng = (int) (yy_cp - yy_bp); \ - yy_hold_char = *yy_cp; \ - *yy_cp = '\0'; \ - yy_c_buf_p = yy_cp; - -#define YY_NUM_RULES 8 -#define YY_END_OF_BUFFER 9 -static yyconst short int yy_accept[16] = - { 0, - 0, 0, 9, 3, 6, 5, 7, 1, 2, 3, - 6, 0, 0, 4, 0 - } ; - -static yyconst int yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 4, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 5, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 6, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 7, 1, 8, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst int yy_meta[9] = - { 0, - 1, 2, 3, 4, 3, 1, 5, 5 - } ; - -static yyconst short int yy_base[19] = - { 0, - 0, 0, 19, 0, 0, 21, 12, 21, 21, 0, - 0, 4, 6, 21, 21, 13, 11, 15 - } ; - -static yyconst short int yy_def[19] = - { 0, - 15, 1, 15, 16, 17, 15, 18, 15, 15, 16, - 17, 18, 15, 15, 0, 15, 15, 15 - } ; - -static yyconst short int yy_nxt[30] = - { 0, - 4, 5, 6, 5, 7, 4, 8, 9, 14, 13, - 12, 12, 11, 10, 11, 12, 12, 13, 15, 12, - 3, 15, 15, 15, 15, 15, 15, 15, 15 - } ; - -static yyconst short int yy_chk[30] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 12, 12, - 13, 13, 17, 16, 17, 18, 18, 7, 3, 18, - 15, 15, 15, 15, 15, 15, 15, 15, 15 - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "installparse.l" -#define INITIAL 0 -/* lex file for analyzing PKCS #11 Module installation instructions */ -/*----------------------------- Definitions ---------------------------*/ -#line 5 "installparse.l" -#include - -#include "install-ds.h" /* defines tokens and data structures */ -#include "installparse.h" /* produced by yacc -d */ -#include -static char *putSimpleString(char*); /* return copy of string */ -static char *putComplexString(char*); /* strip out quotes, deal with */ - /* escaped characters */ - -void Pk11Install_yyerror(char *); - -/* Overrides to use NSPR */ -#define malloc PR_Malloc -#define realloc PR_Realloc -#define free PR_Free - -int Pk11Install_yylinenum=1; -static char *err; - -#define YY_NEVER_INTERACTIVE 1 -#define yyunput Pkcs11Install_yyunput - -/* This is the default YY_INPUT modified for NSPR */ -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) { \ - char c; \ - int n; \ - for ( n = 0; n < max_size && \ - PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \ - buf[n] = c; \ - } \ - if ( c == '\n' ) { \ - buf[n++] = c; \ - } \ - result = n; \ - } else { \ - result = PR_Read(Pk11Install_FD, buf, max_size); \ - } - -/*** Regular expression definitions ***/ -/* simple_string has no whitespace, quotes, or braces */ -/* complex_string is enclosed in quotes. Inside the quotes, quotes and - backslashes must be backslash-escaped. Otherwise, anything goes. */ -/* Standard whitespace */ -/*---------------------------- Actions --------------------------------*/ -#line 437 "lex.Pk11Install_yy.cpp" - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap YY_PROTO(( void )); -#else -extern int yywrap YY_PROTO(( void )); -#endif -#endif - -#ifndef YY_NO_UNPUT -static void yyunput YY_PROTO(( int c, char *buf_ptr )); -#endif - -#ifndef yytext_ptr -static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int )); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen YY_PROTO(( yyconst char * )); -#endif - -#ifndef YY_NO_INPUT -#ifdef __cplusplus -static int yyinput YY_PROTO(( void )); -#else -static int input YY_PROTO(( void )); -#endif -#endif - -#if YY_STACK_USED -static int yy_start_stack_ptr = 0; -static int yy_start_stack_depth = 0; -static int *yy_start_stack = 0; -#ifndef YY_NO_PUSH_STATE -static void yy_push_state YY_PROTO(( int new_state )); -#endif -#ifndef YY_NO_POP_STATE -static void yy_pop_state YY_PROTO(( void )); -#endif -#ifndef YY_NO_TOP_STATE -static int yy_top_state YY_PROTO(( void )); -#endif - -#else -#define YY_NO_PUSH_STATE 1 -#define YY_NO_POP_STATE 1 -#define YY_NO_TOP_STATE 1 -#endif - -#ifdef YY_MALLOC_DECL -YY_MALLOC_DECL -#else -#if __STDC__ -#ifndef __cplusplus -#include -#endif -#else -/* Just try to get by without declaring the routines. This will fail - * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int) - * or sizeof(void*) != sizeof(int). - */ -#endif -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ - -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) \ - { \ - int c = '*', n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \ - && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL int yylex YY_PROTO(( void )) -#endif - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -YY_DECL - { - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 60 "installparse.l" - - -#line 591 "lex.Pk11Install_yy.cpp" - - if ( yy_init ) - { - yy_init = 0; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! yy_start ) - yy_start = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! yy_current_buffer ) - yy_current_buffer = - yy_create_buffer( yyin, YY_BUF_SIZE ); - - yy_load_buffer_state(); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = yy_c_buf_p; - - /* Support of yytext. */ - *yy_cp = yy_hold_char; - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = yy_start; -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 21 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = yy_last_accepting_cpos; - yy_current_state = yy_last_accepting_state; - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - - -do_action: /* This label is used only to access EOF actions. */ - - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = yy_hold_char; - yy_cp = yy_last_accepting_cpos; - yy_current_state = yy_last_accepting_state; - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 62 "installparse.l" -return OPENBRACE; - YY_BREAK -case 2: -YY_RULE_SETUP -#line 63 "installparse.l" -return CLOSEBRACE; - YY_BREAK -case 3: -YY_RULE_SETUP -#line 64 "installparse.l" -{Pk11Install_yylval.string = - putSimpleString(Pk11Install_yytext); - return STRING;} - YY_BREAK -case 4: -YY_RULE_SETUP -#line 67 "installparse.l" -{Pk11Install_yylval.string = - putComplexString(Pk11Install_yytext); - return STRING;} - YY_BREAK -case 5: -YY_RULE_SETUP -#line 71 "installparse.l" -Pk11Install_yylinenum++; - YY_BREAK -case 6: -YY_RULE_SETUP -#line 73 "installparse.l" -; - YY_BREAK -case 7: -YY_RULE_SETUP -#line 75 "installparse.l" -{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext); - Pk11Install_yyerror(err); - PR_smprintf_free(err); - return 1; - } - YY_BREAK -case 8: -YY_RULE_SETUP -#line 81 "installparse.l" -ECHO; - YY_BREAK -#line 722 "lex.Pk11Install_yy.cpp" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = yy_hold_char; - YY_RESTORE_YY_MORE_OFFSET - - if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between yy_current_buffer and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - yy_n_chars = yy_current_buffer->yy_n_chars; - yy_current_buffer->yy_input_file = yyin; - yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state(); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = yytext_ptr + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++yy_c_buf_p; - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = yy_c_buf_p; - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer() ) - { - case EOB_ACT_END_OF_FILE: - { - yy_did_buffer_switch_on_eof = 0; - - if ( yywrap() ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - yy_c_buf_p = yytext_ptr + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! yy_did_buffer_switch_on_eof ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - yy_c_buf_p = - yytext_ptr + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state(); - - yy_cp = yy_c_buf_p; - yy_bp = yytext_ptr + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - yy_c_buf_p = - &yy_current_buffer->yy_ch_buf[yy_n_chars]; - - yy_current_state = yy_get_previous_state(); - - yy_cp = yy_c_buf_p; - yy_bp = yytext_ptr + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ - } /* end of yylex */ - - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ - -static int yy_get_next_buffer() - { - register char *dest = yy_current_buffer->yy_ch_buf; - register char *source = yytext_ptr; - register int number_to_move, i; - int ret_val; - - if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( yy_current_buffer->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - yy_current_buffer->yy_n_chars = yy_n_chars = 0; - - else - { - int num_to_read = - yy_current_buffer->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ -#ifdef YY_USES_REJECT - YY_FATAL_ERROR( -"input buffer overflow, can't enlarge buffer because scanner uses REJECT" ); -#else - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = yy_current_buffer; - - int yy_c_buf_p_offset = - (int) (yy_c_buf_p - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yy_flex_realloc( (void *) b->yy_ch_buf, - b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = yy_current_buffer->yy_buf_size - - number_to_move - 1; -#endif - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]), - yy_n_chars, num_to_read ); - - yy_current_buffer->yy_n_chars = yy_n_chars; - } - - if ( yy_n_chars == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart( yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - yy_current_buffer->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - yy_n_chars += number_to_move; - yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR; - yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR; - - yytext_ptr = &yy_current_buffer->yy_ch_buf[0]; - - return ret_val; - } - - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - -static yy_state_type yy_get_previous_state() - { - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = yy_start; - - for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; - } - - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - -#ifdef YY_USE_PROTOS -static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state ) -#else -static yy_state_type yy_try_NUL_trans( yy_current_state ) -yy_state_type yy_current_state; -#endif - { - register int yy_is_jam; - register char *yy_cp = yy_c_buf_p; - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 15); - - return yy_is_jam ? 0 : yy_current_state; - } - - -#ifndef YY_NO_UNPUT -#ifdef YY_USE_PROTOS -static void yyunput( int c, register char *yy_bp ) -#else -static void yyunput( c, yy_bp ) -int c; -register char *yy_bp; -#endif - { - register char *yy_cp = yy_c_buf_p; - - /* undo effects of setting up yytext */ - *yy_cp = yy_hold_char; - - if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = yy_n_chars + 2; - register char *dest = &yy_current_buffer->yy_ch_buf[ - yy_current_buffer->yy_buf_size + 2]; - register char *source = - &yy_current_buffer->yy_ch_buf[number_to_move]; - - while ( source > yy_current_buffer->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - yy_current_buffer->yy_n_chars = - yy_n_chars = yy_current_buffer->yy_buf_size; - - if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - - yytext_ptr = yy_bp; - yy_hold_char = *yy_cp; - yy_c_buf_p = yy_cp; - } -#endif /* ifndef YY_NO_UNPUT */ - - -#ifdef __cplusplus -static int yyinput() -#else -static int input() -#endif - { - int c; - - *yy_c_buf_p = yy_hold_char; - - if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] ) - /* This was really a NUL. */ - *yy_c_buf_p = '\0'; - - else - { /* need more input */ - int offset = yy_c_buf_p - yytext_ptr; - ++yy_c_buf_p; - - switch ( yy_get_next_buffer() ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart( yyin ); - - /* fall through */ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap() ) - return EOF; - - if ( ! yy_did_buffer_switch_on_eof ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - yy_c_buf_p = yytext_ptr + offset; - break; - } - } - } - - c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */ - *yy_c_buf_p = '\0'; /* preserve yytext */ - yy_hold_char = *++yy_c_buf_p; - - - return c; - } - - -#ifdef YY_USE_PROTOS -void yyrestart( FILE *input_file ) -#else -void yyrestart( input_file ) -FILE *input_file; -#endif - { - if ( ! yy_current_buffer ) - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); - - yy_init_buffer( yy_current_buffer, input_file ); - yy_load_buffer_state(); - } - - -#ifdef YY_USE_PROTOS -void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer ) -#else -void yy_switch_to_buffer( new_buffer ) -YY_BUFFER_STATE new_buffer; -#endif - { - if ( yy_current_buffer == new_buffer ) - return; - - if ( yy_current_buffer ) - { - /* Flush out information for old buffer. */ - *yy_c_buf_p = yy_hold_char; - yy_current_buffer->yy_buf_pos = yy_c_buf_p; - yy_current_buffer->yy_n_chars = yy_n_chars; - } - - yy_current_buffer = new_buffer; - yy_load_buffer_state(); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - yy_did_buffer_switch_on_eof = 1; - } - - -#ifdef YY_USE_PROTOS -void yy_load_buffer_state( void ) -#else -void yy_load_buffer_state() -#endif - { - yy_n_chars = yy_current_buffer->yy_n_chars; - yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos; - yyin = yy_current_buffer->yy_input_file; - yy_hold_char = *yy_c_buf_p; - } - - -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_create_buffer( FILE *file, int size ) -#else -YY_BUFFER_STATE yy_create_buffer( file, size ) -FILE *file; -int size; -#endif - { - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer( b, file ); - - return b; - } - - -#ifdef YY_USE_PROTOS -void yy_delete_buffer( YY_BUFFER_STATE b ) -#else -void yy_delete_buffer( b ) -YY_BUFFER_STATE b; -#endif - { - if ( ! b ) - return; - - if ( b == yy_current_buffer ) - yy_current_buffer = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yy_flex_free( (void *) b->yy_ch_buf ); - - yy_flex_free( (void *) b ); - } - - -#ifndef YY_ALWAYS_INTERACTIVE -#ifndef YY_NEVER_INTERACTIVE -extern int isatty YY_PROTO(( int )); -#endif -#endif - -#ifdef YY_USE_PROTOS -void yy_init_buffer( YY_BUFFER_STATE b, FILE *file ) -#else -void yy_init_buffer( b, file ) -YY_BUFFER_STATE b; -FILE *file; -#endif - - - { - yy_flush_buffer( b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - -#if YY_ALWAYS_INTERACTIVE - b->yy_is_interactive = 1; -#else -#if YY_NEVER_INTERACTIVE - b->yy_is_interactive = 0; -#else - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; -#endif -#endif - } - - -#ifdef YY_USE_PROTOS -void yy_flush_buffer( YY_BUFFER_STATE b ) -#else -void yy_flush_buffer( b ) -YY_BUFFER_STATE b; -#endif - - { - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == yy_current_buffer ) - yy_load_buffer_state(); - } - - -#ifndef YY_NO_SCAN_BUFFER -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size ) -#else -YY_BUFFER_STATE yy_scan_buffer( base, size ) -char *base; -yy_size_t size; -#endif - { - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer( b ); - - return b; - } -#endif - - -#ifndef YY_NO_SCAN_STRING -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str ) -#else -YY_BUFFER_STATE yy_scan_string( yy_str ) -yyconst char *yy_str; -#endif - { - int len; - for ( len = 0; yy_str[len]; ++len ) - ; - - return yy_scan_bytes( yy_str, len ); - } -#endif - - -#ifndef YY_NO_SCAN_BYTES -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len ) -#else -YY_BUFFER_STATE yy_scan_bytes( bytes, len ) -yyconst char *bytes; -int len; -#endif - { - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = len + 2; - buf = (char *) yy_flex_alloc( n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < len; ++i ) - buf[i] = bytes[i]; - - buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer( buf, n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; - } -#endif - - -#ifndef YY_NO_PUSH_STATE -#ifdef YY_USE_PROTOS -static void yy_push_state( int new_state ) -#else -static void yy_push_state( new_state ) -int new_state; -#endif - { - if ( yy_start_stack_ptr >= yy_start_stack_depth ) - { - yy_size_t new_size; - - yy_start_stack_depth += YY_START_STACK_INCR; - new_size = yy_start_stack_depth * sizeof( int ); - - if ( ! yy_start_stack ) - yy_start_stack = (int *) yy_flex_alloc( new_size ); - - else - yy_start_stack = (int *) yy_flex_realloc( - (void *) yy_start_stack, new_size ); - - if ( ! yy_start_stack ) - YY_FATAL_ERROR( - "out of memory expanding start-condition stack" ); - } - - yy_start_stack[yy_start_stack_ptr++] = YY_START; - - BEGIN(new_state); - } -#endif - - -#ifndef YY_NO_POP_STATE -static void yy_pop_state() - { - if ( --yy_start_stack_ptr < 0 ) - YY_FATAL_ERROR( "start-condition stack underflow" ); - - BEGIN(yy_start_stack[yy_start_stack_ptr]); - } -#endif - - -#ifndef YY_NO_TOP_STATE -static int yy_top_state() - { - return yy_start_stack[yy_start_stack_ptr - 1]; - } -#endif - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -#ifdef YY_USE_PROTOS -static void yy_fatal_error( yyconst char msg[] ) -#else -static void yy_fatal_error( msg ) -char msg[]; -#endif - { - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); - } - - - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - yytext[yyleng] = yy_hold_char; \ - yy_c_buf_p = yytext + n; \ - yy_hold_char = *yy_c_buf_p; \ - *yy_c_buf_p = '\0'; \ - yyleng = n; \ - } \ - while ( 0 ) - - -/* Internal utility routines. */ - -#ifndef yytext_ptr -#ifdef YY_USE_PROTOS -static void yy_flex_strncpy( char *s1, yyconst char *s2, int n ) -#else -static void yy_flex_strncpy( s1, s2, n ) -char *s1; -yyconst char *s2; -int n; -#endif - { - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; - } -#endif - -#ifdef YY_NEED_STRLEN -#ifdef YY_USE_PROTOS -static int yy_flex_strlen( yyconst char *s ) -#else -static int yy_flex_strlen( s ) -yyconst char *s; -#endif - { - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; - } -#endif - - -#ifdef YY_USE_PROTOS -static void *yy_flex_alloc( yy_size_t size ) -#else -static void *yy_flex_alloc( size ) -yy_size_t size; -#endif - { - return (void *) malloc( size ); - } - -#ifdef YY_USE_PROTOS -static void *yy_flex_realloc( void *ptr, yy_size_t size ) -#else -static void *yy_flex_realloc( ptr, size ) -void *ptr; -yy_size_t size; -#endif - { - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); - } - -#ifdef YY_USE_PROTOS -static void yy_flex_free( void *ptr ) -#else -static void yy_flex_free( ptr ) -void *ptr; -#endif - { - free( ptr ); - } - -#if YY_MAIN -int main() - { - yylex(); - return 0; - } -#endif -#line 81 "installparse.l" - -/*------------------------ Program Section ----------------------------*/ - -PRFileDesc *Pk11Install_FD=NULL; - -/*************************************************************************/ -/* dummy function required by lex */ -int Pk11Install_yywrap(void) { return 1;} - -/*************************************************************************/ -/* Return a copy of the given string */ -static char* -putSimpleString(char *str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/*************************************************************************/ -/* Strip out quotes, replace escaped characters with what they stand for. - This function assumes that what is passed in is actually a complex - string, so error checking is lax. */ -static char* -putComplexString(char *str) -{ - int size, i,j; - char *tmp; - - if(!str) { - return NULL; - } - size = strlen(str); - - /* Allocate the new space. This string will actually be too big, - since quotes and backslashes will be stripped out. But that's ok. */ - tmp = (char*) PR_Malloc(size+1); - - /* Copy it over */ - for(i=0, j=0; i < size; i++) { - if(str[i]=='\"') { - continue; /* skip un-escaped quotes */ - } else if(str[i]=='\\') { - ++i; /* escaped character. skip the backslash */ - } - tmp[j++] = str[i]; - } - tmp[j] = '\0'; - - return tmp; -} diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn deleted file mode 100644 index a28e9a738d..0000000000 --- a/security/nss/cmd/modutil/manifest.mn +++ /dev/null @@ -1,60 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = sectools - -EXPORTS = - -CSRCS = modutil.c \ - pk11.c \ - instsec.c \ - install.c \ - installparse.c \ - install-ds.c \ - lex.Pk11Install_yy.c \ - $(NULL) - -CPPSRCS = - -PROGRAM = modutil - -REQUIRES = seccmd nss dbm - -DEFINES = -DNSPR20 - -# sigh -INCLUDES += -I$(CORE_DEPTH)/nss/lib/pk11wrap - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c deleted file mode 100644 index 2f1886b47e..0000000000 --- a/security/nss/cmd/modutil/modutil.c +++ /dev/null @@ -1,974 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "modutil.h" -#include "install.h" -#include -#include "secrng.h" -#include "certdb.h" /* for CERT_DB_FILE_VERSION */ -#include "nss.h" - -static void install_error(char *message); -static char* PR_fgets(char *buf, int size, PRFileDesc *file); -static char *progName; - - -/* This enum must be kept in sync with the commandNames list */ -typedef enum { - NO_COMMAND, - ADD_COMMAND, - CHANGEPW_COMMAND, - CREATE_COMMAND, - DEFAULT_COMMAND, - DELETE_COMMAND, - DISABLE_COMMAND, - ENABLE_COMMAND, - FIPS_COMMAND, - JAR_COMMAND, - LIST_COMMAND, - RAW_LIST_COMMAND, - RAW_ADD_COMMAND, - UNDEFAULT_COMMAND -} Command; - -/* This list must be kept in sync with the Command enum */ -static char *commandNames[] = { - "(no command)", - "-add", - "-changepw", - "-create", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-jar", - "-list", - "-rawlist", - "-rawadd", - "-undefault" -}; - - -/* this enum must be kept in sync with the optionStrings list */ -typedef enum { - ADD_ARG=0, - RAW_ADD_ARG, - CHANGEPW_ARG, - CIPHERS_ARG, - CREATE_ARG, - DBDIR_ARG, - DBPREFIX_ARG, - DEFAULT_ARG, - DELETE_ARG, - DISABLE_ARG, - ENABLE_ARG, - FIPS_ARG, - FORCE_ARG, - JAR_ARG, - LIBFILE_ARG, - LIST_ARG, - RAW_LIST_ARG, - MECHANISMS_ARG, - NEWPWFILE_ARG, - PWFILE_ARG, - SLOT_ARG, - UNDEFAULT_ARG, - INSTALLDIR_ARG, - TEMPDIR_ARG, - SECMOD_ARG, - NOCERTDB_ARG, - STRING_ARG, - - NUM_ARGS /* must be last */ -} Arg; - -/* This list must be kept in sync with the Arg enum */ -static char *optionStrings[] = { - "-add", - "-rawadd", - "-changepw", - "-ciphers", - "-create", - "-dbdir", - "-dbprefix", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-force", - "-jar", - "-libfile", - "-list", - "-rawlist", - "-mechanisms", - "-newpwfile", - "-pwfile", - "-slot", - "-undefault", - "-installdir", - "-tempdir", - "-secmod", - "-nocertdb", - "-string", -}; - -/* Increment i if doing so would have i still be less than j. If you - are able to do this, return 0. Otherwise return 1. */ -#define TRY_INC(i,j) ( ((i+1) -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "error.h" - -Error FipsMode(char *arg); -Error AddModule(char *moduleName, char *libFile, char *ciphers, - char *mechanisms, char* modparms); -Error DeleteModule(char *moduleName); -Error ListModule(char *moduleName); -Error ListModules(); -Error ChangePW(char *tokenName, char *pwFile, char *newpwFile); -Error EnableModule(char *moduleName, char *slotName, PRBool enable); -Error RawAddModule(char *dbmodulespec, char *modulespec); -Error RawListModule(char *modulespec); -Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms); -Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms); -void out_of_memory(void); - -#endif /*MODUTIL_H*/ diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c deleted file mode 100644 index b0c4cd4878..0000000000 --- a/security/nss/cmd/modutil/pk11.c +++ /dev/null @@ -1,864 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "modutil.h" -#include "secmodti.h" -#include "pk11func.h" - -extern PK11DefaultArrayEntry PK11_DefaultArray[]; -extern int num_pk11_default_mechanisms; -extern SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo*, PK11DefaultArrayEntry*, - PRBool); - -/************************************************************************* - * - * F i p s M o d e - * If arg=="true", enable FIPS mode on the internal module. If arg=="false", - * disable FIPS mode on the internal module. - */ -Error -FipsMode(char *arg) -{ - - char *internal_name; - - if(!PORT_Strcasecmp(arg, "true")) { - if(!PK11_IsFIPS()) { - internal_name = PR_smprintf("%s", - SECMOD_GetInternalModule()->commonName); - if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) { - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); - return FIPS_SWITCH_FAILED_ERR; - } - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]); - } else { - PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]); - return FIPS_ALREADY_ON_ERR; - } - } else if(!PORT_Strcasecmp(arg, "false")) { - if(PK11_IsFIPS()) { - internal_name = PR_smprintf("%s", - SECMOD_GetInternalModule()->commonName); - if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) { - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); - return FIPS_SWITCH_FAILED_ERR; - } - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]); - } else { - PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]); - return FIPS_ALREADY_OFF_ERR; - } - } else { - PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]); - return INVALID_FIPS_ARG; - } - - return SUCCESS; -} - -/************************************************************************ - * Cipher and Mechanism name-bitmask translation tables - */ - -typedef struct { - char *name; - unsigned long mask; -} MaskString; - -static MaskString mechanismStrings[] = { - {"RSA", PUBLIC_MECH_RSA_FLAG}, - {"DSA", PUBLIC_MECH_DSA_FLAG}, - {"RC2", PUBLIC_MECH_RC2_FLAG}, - {"RC4", PUBLIC_MECH_RC4_FLAG}, - {"RC5", PUBLIC_MECH_RC5_FLAG}, - {"DES", PUBLIC_MECH_DES_FLAG}, - {"DH", PUBLIC_MECH_DH_FLAG}, - {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG}, - {"SHA1", PUBLIC_MECH_SHA1_FLAG}, - {"MD5", PUBLIC_MECH_MD5_FLAG}, - {"MD2", PUBLIC_MECH_MD2_FLAG}, - {"SSL", PUBLIC_MECH_SSL_FLAG}, - {"TLS", PUBLIC_MECH_TLS_FLAG}, - {"RANDOM", PUBLIC_MECH_RANDOM_FLAG}, - {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG} -}; -static int numMechanismStrings = - sizeof(mechanismStrings) / sizeof(mechanismStrings[0]); - -static MaskString cipherStrings[] = { - {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG} -}; -static int numCipherStrings = - sizeof(cipherStrings) / sizeof(cipherStrings[0]); - -/* Maximum length of a colon-separated list of all the strings in an - * array. */ -#define MAX_STRING_LIST_LEN 240 /* or less */ - -/************************************************************************ - * - * g e t F l a g s F r o m S t r i n g - * - * Parses a mechanism list passed on the command line and converts it - * to an unsigned long bitmask. - * string is a colon-separated string of constants - * array is an array of MaskStrings. - * elements is the number of elements in array. - */ -static unsigned long -getFlagsFromString(char *string, MaskString array[], int elements) -{ - unsigned long ret = 0; - short i = 0; - char *cp; - char *buf; - char *end; - - if(!string || !string[0]) { - return ret; - } - - /* Make a temporary copy of the string */ - buf = PR_Malloc(strlen(string)+1); - if(!buf) { - out_of_memory(); - } - strcpy(buf, string); - - /* Look at each element of the list passed in */ - for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) { - /* Look at the string up to the next colon */ - end = strchr(cp, ':'); - if(end) { - *end = '\0'; - } - - /* Find which element this is */ - for(i=0; i < elements; i++) { - if( !PORT_Strcasecmp(cp, array[i].name) ) { - break; - } - } - if(i == elements) { - /* Skip a bogus string, but print a warning message */ - PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp); - continue; - } - ret |= array[i].mask; - } - - PR_Free(buf); - return ret; -} - -/********************************************************************** - * - * g e t S t r i n g F r o m F l a g s - * - * The return string's memory is owned by this function. Copy it - * if you need it permanently or you want to change it. - */ -static char * -getStringFromFlags(unsigned long flags, MaskString array[], int elements) -{ - static char buf[MAX_STRING_LIST_LEN]; - int i; - int count=0; - - buf[0] = '\0'; - for(i=0; inext) { - ++count; - if(count!=1) { - PR_fprintf(PR_STDOUT, "\n"); - } - - PR_fprintf(PR_STDOUT, "%3d. %s\n", count, mlp->module->commonName); - - if(mlp->module->dllName) { - PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", mlp->module->dllName); - } - - if(mlp->module->slotCount == 0) { - PR_fprintf(PR_STDOUT, - "\t slots: There are no slots attached to this module\n"); - } else { - PR_fprintf(PR_STDOUT, - "\t slots: %d slot%s attached\n", mlp->module->slotCount, - (mlp->module->slotCount==1 ? "" : "s") ); - } - - if(mlp->module->loaded == 0) { - PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n"); - } else { - PR_fprintf(PR_STDOUT, "\tstatus: loaded\n"); - } - - /* Print slot and token names */ - for (i = 0; i < mlp->module->slotCount; i++) { - PK11SlotInfo *slot = mlp->module->slots[i]; - - PR_fprintf(PR_STDOUT, "\n"); - PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot)); - PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot)); - } - } - - PR_fprintf(PR_STDOUT, - "-----------------------------------------------------------\n"); - - ret = SUCCESS; - -loser: - SECMOD_ReleaseReadLock(lock); - return ret; -} - -/* Strings describing PK11DisableReasons */ -static char *disableReasonStr[] = { - "no reason", - "user disabled", - "could not initialize token", - "could not verify token", - "token not present" -}; -static int numDisableReasonStr = - sizeof(disableReasonStr) / sizeof(disableReasonStr[0]); - -/*********************************************************************** - * - * L i s t M o d u l e - * - * Lists detailed information about the named module. - */ -Error -ListModule(char *moduleName) -{ - SECMODModule *module; - PK11SlotInfo *slot; - int slotnum; - CK_INFO modinfo; - CK_SLOT_INFO slotinfo; - CK_TOKEN_INFO tokeninfo; - char *ciphers, *mechanisms; - PK11DisableReasons reason; - Error rv = SUCCESS; - - if(!moduleName) { - return SUCCESS; - } - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - if(PK11_GetModInfo(module, &modinfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName); - return MOD_INFO_ERR; - } - - /* Module info */ - PR_fprintf(PR_STDOUT, - "\n-----------------------------------------------------------\n"); - PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName); - if(module->internal || !module->dllName) { - PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n"); - } else { - PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName); - } - - PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID); - PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription); - PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n", - modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor); - PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n", - modinfo.libraryVersion.major, modinfo.libraryVersion.minor); - - /* Get cipher and mechanism flags */ - ciphers = getStringFromFlags(module->ssl[0], cipherStrings, - numCipherStrings); - if(ciphers[0] == '\0') { - ciphers = "None"; - } - PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers); - mechanisms = NULL; - if(module->slotCount > 0) { - mechanisms = getStringFromFlags(module->slots[0]->defaultFlags, - mechanismStrings, numMechanismStrings); - } - if(mechanisms[0] =='\0') { - mechanisms = "None"; - } - PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms); - -#define PAD " " - - /* Loop over each slot */ - for(slotnum=0; slotnum < module->slotCount; slotnum++) { - slot = module->slots[slotnum]; - if(PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR], - PK11_GetSlotName(slot)); - rv = SLOT_INFO_ERR; - continue; - } - - /* Slot Info */ - PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot)); - mechanisms = getStringFromFlags(slot->defaultFlags, - mechanismStrings, numMechanismStrings); - if(mechanisms[0] =='\0') { - mechanisms = "None"; - } - PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms); - PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n", - slotinfo.manufacturerID); - if(slot->isHW) { - PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"Type: Software\n"); - } - PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n", - slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor); - PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n", - slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor); - if(slot->disabled) { - reason = PK11_GetDisabledReason(slot); - if(reason < numDisableReasonStr) { - PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n", - disableReasonStr[reason]); - } else { - PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n"); - } - } else { - PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n"); - } - - if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR], - slot->token_name); - rv = TOKEN_INFO_ERR; - continue; - } - - /* Token Info */ - PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n", - tokeninfo.label); - PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n", - tokeninfo.manufacturerID); - PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model); - PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n", - tokeninfo.serialNumber); - PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n", - tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor); - PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n", - tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor); - if(tokeninfo.flags & CKF_WRITE_PROTECTED) { - PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n"); - } - if(tokeninfo.flags & CKF_LOGIN_REQUIRED) { - PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n"); - } else { - PR_fprintf(PR_STDOUT, PAD - "Login Type: Public (no login required)\n"); - } - if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) { - PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n"); - } - } - PR_fprintf(PR_STDOUT, - "\n-----------------------------------------------------------\n"); - return rv; -} - -/************************************************************************ - * - * C h a n g e P W - */ -Error -ChangePW(char *tokenName, char *pwFile, char *newpwFile) -{ - char *oldpw=NULL, *newpw=NULL, *newpw2=NULL; - PK11SlotInfo *slot; - Error ret=UNSPECIFIED_ERR; - PRBool matching; - - slot = PK11_FindSlotByName(tokenName); - if(!slot) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName); - return NO_SUCH_TOKEN_ERR; - } - - PK11_SetPasswordFunc(SECU_GetModulePassword); - - /* Get old password */ - if(! PK11_NeedUserInit(slot)) { - if(pwFile) { - oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile); - if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]); - ret=BAD_PW_ERR; - goto loser; - } - } else { - for(matching=PR_FALSE; !matching; ) { - oldpw = SECU_GetPasswordString(NULL, "Enter old password: "); - if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) { - matching = PR_TRUE; - } else { - PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]); - } - } - } - } - - /* Get new password */ - if(newpwFile) { - newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile); - } else { - for(matching=PR_FALSE; !matching; ) { - newpw = SECU_GetPasswordString(NULL, "Enter new password: "); - newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: "); - if(strcmp(newpw, newpw2)) { - PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]); - } else { - matching = PR_TRUE; - } - } - } - - /* Change the password */ - if(PK11_NeedUserInit(slot)) { - if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); - ret = CHANGEPW_FAILED_ERR; - goto loser; - } - } else { - if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); - ret = CHANGEPW_FAILED_ERR; - goto loser; - } - } - - PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName); - ret = SUCCESS; - -loser: - if(oldpw) { - memset(oldpw, 0, strlen(oldpw)); - PORT_Free(oldpw); - } - if(newpw) { - memset(newpw, 0, strlen(newpw)); - PORT_Free(newpw); - } - if(newpw2) { - memset(newpw2, 0, strlen(newpw)); - PORT_Free(newpw2); - } - return ret; -} - -/*********************************************************************** - * - * E n a b l e M o d u l e - * - * If enable==PR_TRUE, enables the module or slot. - * If enable==PR_FALSE, disables the module or slot. - * moduleName is the name of the module. - * slotName is the name of the slot. It is optional. - */ -Error -EnableModule(char *moduleName, char *slotName, PRBool enable) -{ - int i; - SECMODModule *module; - PK11SlotInfo *slot = NULL; - PRBool found = PR_FALSE; - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - for(i=0; i < module->slotCount; i++) { - slot = module->slots[i]; - if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) { - /* Not the right slot */ - continue; - } - if(enable) { - if(! PK11_UserEnableSlot(slot)) { - PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], - "enable", PK11_GetSlotName(slot)); - return ENABLE_FAILED_ERR; - } else { - found = PR_TRUE; - PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG], - PK11_GetSlotName(slot), "enabled"); - } - } else { - if(! PK11_UserDisableSlot(slot)) { - PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], - "disable", PK11_GetSlotName(slot)); - return ENABLE_FAILED_ERR; - } else { - found = PR_TRUE; - PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG], - PK11_GetSlotName(slot), "disabled"); - } - } - } - - if(slotName && !found) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName); - return NO_SUCH_SLOT_ERR; - } - - /* Delete and re-add module to save changes */ - if( SECMOD_UpdateModule(module) != SECSuccess ) { - PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName); - return UPDATE_MOD_FAILED_ERR; - } - - return SUCCESS; -} - -/************************************************************************* - * - * S e t D e f a u l t M o d u l e - * - */ -Error -SetDefaultModule(char *moduleName, char *slotName, char *mechanisms) -{ - SECMODModule *module; - PK11SlotInfo *slot; - int s, i; - unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings, - numMechanismStrings); - PRBool found = PR_FALSE; - Error errcode = UNSPECIFIED_ERR; - - mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags); - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - errcode = NO_SUCH_MODULE_ERR; - goto loser; - } - - /* Go through each slot */ - for(s=0; s < module->slotCount; s++) { - slot = module->slots[s]; - - if ((slotName != NULL) && - !((strcmp(PK11_GetSlotName(slot),slotName) == 0) || - (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) { - /* we are only interested in changing the one slot */ - continue; - } - - found = PR_TRUE; - - /* Go through each mechanism */ - for(i=0; i < num_pk11_default_mechanisms; i++) { - if(PK11_DefaultArray[i].flag & mechFlags) { - /* Enable this default mechanism */ - PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), - PR_TRUE); - } - } - } - if (slotName && !found) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName); - errcode = NO_SUCH_SLOT_ERR; - goto loser; - } - - /* Delete and re-add module to save changes */ - if( SECMOD_UpdateModule(module) != SECSuccess ) { - PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR], - moduleName); - errcode = DEFAULT_FAILED_ERR; - goto loser; - } - - PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]); - - errcode = SUCCESS; -loser: - return errcode; -} - -/************************************************************************ - * - * U n s e t D e f a u l t M o d u l e - */ -Error -UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms) -{ - SECMODModule * module; - PK11SlotInfo *slot; - int s, i; - unsigned long mechFlags = getFlagsFromString(mechanisms, - mechanismStrings, numMechanismStrings); - PRBool found = PR_FALSE; - - mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags); - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - for(s=0; s < module->slotCount; s++) { - slot = module->slots[s]; - if ((slotName != NULL) && - !((strcmp(PK11_GetSlotName(slot),slotName) == 0) || - (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) { - /* we are only interested in changing the one slot */ - continue; - } - for(i=0; i - - -PKCS #11 JAR Format - - -

PKCS #11 JAR Format

- -

PKCS #11 modules can be packaged into JAR files that support automatic -installation onto the filesystem and into the security module database. -The JAR file should contain: -

    -
  • All files that will be installed onto the target machine. This will -include at least the PKCS #11 module library file (.DLL or .so), and -may also include any other file that should be installed (such as -documentation). -
  • A script to perform the installation. -
-The script can be in one of two forms. If the JAR file is to be -run by Communicator (or any program that interprets Javascript), the -instructions will be in the form of a SmartUpdate script. -Documentation - on creating this script can be found on DevEdge. - -

If the -JAR file is to be run by a server, modutil, or any other program that -doesn't interpret Javascript, a special information file must be included -in the format described in this document. - -

Declaring the Script in the Manifest File

-The script can have any name, but it must be declared in the manifest file -of the JAR archive. The metainfo tag for this is -Pkcs11_install_script. Meta-information is put in the manifest -file by putting it in a file which is passed to -Signtool. For example, -suppose the PKCS #11 installer script is in the file pk11install. -In Signtool's metainfo file, you would have a line like this: -
-+ Pkcs11_install_script: pk11install
-
- -

Sample Script File

-
-ForwardCompatible { IRIX:6.2:mips Solaris:5.5.1:sparc }
-Platforms {
-	WINNT::x86 {
-		ModuleName { "Fortezza Module" }
-		ModuleFile { win32/fort32.dll }
-		DefaultMechanismFlags{0x0001}
-		DefaultCipherFlags{0x0001}
-		Files {
-			win32/setup.exe {
-				Executable
-				RelativePath { %temp%/setup.exe }
-			}
-			win32/setup.hlp {
-				RelativePath { %temp%/setup.hlp }
-			}
-			win32/setup.cab {
-				RelativePath { %temp%/setup.cab }
-			}
-		}
-	}
-	WIN95::x86 {
-		EquivalentPlatform {WINNT::x86}
-	}
-	Solaris:5.5.1:sparc {
-		ModuleName { "Fortezza UNIX Module" }
-		ModuleFile { unix/fort.so }
-		DefaultMechanismFlags{0x0001}
-		CipherEnableFlags{0x0001}
-		Files {
-			unix/fort.so {
-				RelativePath{%root%/lib/fort.so}
-				AbsolutePath{/usr/local/netscape/lib/fort.so}
-				FilePermissions{555}
-			}
-			xplat/instr.html {
-				RelativePath{%root%/docs/inst.html}
-				AbsolutePath{/usr/local/netscape/docs/inst.html}
-				FilePermissions{555}
-			}
-		}
-	}
-	IRIX:6.2:mips {
-		EquivalentPlatform { Solaris:5.5.1:sparc }
-	}
-}
-
- -
- -

Script File Grammar

-
---> valuelist
-
-valuelist --> value valuelist
-              <null>
-
-value --> key_value_pair
-          string
-
-key_value_pair --> key { valuelist }
-
-key --> string
-
-string --> simple_string
-           "complex_string"
-
-simple_string --> [^ \t\n\""{""}"]+ (no whitespace, quotes, or braces)
-
-complex_string --> ([^\"\\\r\n]|(\\\")|(\\\\))+ (quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)
-
-Outside of complex strings, all whitespace (space, tab, newline) is considered -equal and is used only to delimit tokens. - -
- -

Keys

-Keys are case-insensitive. -

Global Keys

-
-
ForwardCompatible -
Gives a list of platforms that are forward compatible. If the current -platform cannot be found in the list of supported platforms, then the -ForwardCompatible list will be checked for any platforms that have the same -OS and architecture and an earlier version. If one is found, its -attributes will be used for the current platform. -
Platforms (required) -
Gives a list of platforms. Each entry in the list is itself a key-value -pair: -the key is the name of the platform, and the valuelist contains various -attributes of the platform. The ModuleName, ModuleFile, and Files attributes -must be specified, unless an EquivalentPlatform attribute is specified. -The platform string is in the following -format: system name:os release:architecture. The installer -will obtain these values from NSPR. os release is an empty -string on non-UNIX operating systems. The following system names and platforms -are currently defined by NSPR: -
    -
  • AIX (rs6000) -
  • BSDI (x86) -
  • FREEBSD (x86) -
  • HPUX (hppa1.1) -
  • IRIX (mips) -
  • LINUX (ppc, alpha, x86) -
  • MacOS (PowerPC) (Note: NSPR actually defines the OS as -"Mac OS". The -space makes the name unsuitable for being embedded in identifiers. Until -NSPR changes, you will have to add some special code to deal with this case. -) -
  • NCR (x86) -
  • NEC (mips) -
  • OS2 (x86) -
  • OSF (alpha) -
  • ReliantUNIX (mips) -
  • SCO (x86) -
  • SOLARIS (sparc) -
  • SONY (mips) -
  • SUNOS (sparc) -
  • UnixWare (x86) -
  • WIN16 (x86) -
  • WIN95 (x86) -
  • WINNT (x86) -
- -Examples of valid platform strings: IRIX:6.2:mips, Solaris:5.5.1:sparc, -Linux:2.0.32:x86, WIN95::x86. -
- -

Per-Platform Keys

-These keys only have meaning within the value list of an entry in -the Platforms list. -
-
ModuleName (required) -
Gives the common name for the module. This name will be used to -reference the module from Communicator, modutil, servers, or any other -program that uses the Netscape security module database. -
ModuleFile (required) -
Names the PKCS #11 module file (DLL or .so) for this platform. The name -is given as the relative path of the file within the JAR archive. -
Files (required) -
Lists the files that should be installed for this module. Each entry -in the file list is a key-value pair: the key is the path of the file in -the JAR archive, and -the valuelist contains attributes of the file. At least RelativePath and -AbsoluteDir must be specified in this valuelist. -
DefaultMechanismFlags -
This key-value pair specifies -of which mechanisms this module will be a default provider. It is a bitstring -specified in hexadecimal (0x) format. It is constructed as a bitwise OR -of the following constants. If the DefaultMechanismFlags -entry is omitted, the value will default to 0x0. -
-RSA:			0x0000 0001
-DSA:			0x0000 0002
-RC2:			0x0000 0004
-RC4:			0x0000 0008
-DES:			0x0000 0010
-DH:			0x0000 0020
-FORTEZZA:		0x0000 0040
-RC5:			0x0000 0080
-SHA1:			0x0000 0100
-MD5:			0x0000 0200
-MD2:			0x0000 0400
-RANDOM:			0x0800 0000
-FRIENDLY:		0x1000 0000
-OWN_PW_DEFAULTS:	0x2000 0000
-DISABLE:		0x4000 0000
-
-
CipherEnableFlags -
This key-value pair specifies -which SSL ciphers will be enabled. It is a bitstring specified in -hexadecimal (0x) format. It is constructed as a bitwise OR of the following -constants. If the CipherEnableFlags entry is omitted, the -value will default to 0x0. -
-FORTEZZA:		0x0000 0001
-
-
EquivalentPlatform -
Specifies that the attributes of the named platform should also be used -for the current platform. Saves typing when there is more than one platform -that uses the same settings. -
- -

Per-File Keys

-These keys only have meaning within the valuelist of an entry in a -Files list. At least one of RelativePath and -AbsolutePath must be specified. If both are specified, the -relative path will be tried first and the absolute path used only if no -relative root directory is provided by the installer program. -
-
RelativePath -
Specifies the destination directory of the file, relative to some directory -decided at install-time. Two variables can be used in the relative -path, "%root%" and "%temp%". "%root%" will be replaced at run-time with -the directory relative to which files should be installed; for -example, it may be the server's root directory or Communicator's root -directory. "%temp%" is a directory that will be created at the beginning -of the installation and destroyed at the end of the installation. Its purpose -is to hold executable files (such as setup programs), or files that are -used by these programs. For example, a Windows installation might consist -of a setup.exe installation program, a help file, and a .cab file -containing compressed information. All these files could be installed into the -temporary directory. Files destined for the temporary directory are guaranteed -to be in place before any executable file is run, and will not be deleted -until all executable files have finished. -
AbsoluteDir -
Specifies the destination directory of the file as an absolute path. -This will only be used if the installer is unable to determine a -relative directory. -
Executable -
This string specifies that the file is to be executed during the -course of the -installation. Typically this would be used for a setup program provided -by a module vendor, such as a self-extracting setup.exe. -More than one file can be specified as executable, in which case they will -be run in the order they are specified in the script file. -
FilePermissions -
This string is interpreted as a string of octal digits, according to the -standard UNIX format. It is a bitwise OR of the following constants: -
-user read:         400
-user write:        200
-user execute:      100
-group read:        040
-group write:       020
-group execute:     010
-other read:        004
-other write:       002
-other execute:     001
-
-Some platforms may not understand these permissions. They will only be -applied insofar as makes sense for the current platform. If this attribute -is omitted, a default of 777 is assumed. - - - diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk deleted file mode 100644 index b346625132..0000000000 --- a/security/nss/cmd/modutil/rules.mk +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Some versions of yacc generate files that include platform-specific -# system headers. For example, the yacc in Solaris 2.6 inserts -# #include -# which does not exist on NT. For portability, always use Berkeley -# yacc (such as the yacc in Linux) to generate files. -# - -generate: installparse.c installparse.l - -installparse.c: - yacc -p Pk11Install_yy -d installparse.y - mv y.tab.c installparse.c - mv y.tab.h installparse.h - -installparse.l: - lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l - @echo - @echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**" - -install.c: install-ds.h install.h diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html deleted file mode 100644 index 48a1ab7cdc..0000000000 --- a/security/nss/cmd/modutil/specification.html +++ /dev/null @@ -1,351 +0,0 @@ - - - -Modutil Specification - - -

PKCS #11 Module Management Utility -
Specification

- - - - -

Capabilities

-
    -
  • Add a PKCS #11 module, specifying a name and library file. -(-add) -
  • Add a PKCS #11 module from a server-formatted JAR file. -(-jar) -
  • Change the password on or initialize a token. -(-changepw) -
  • Create databases (secmod[ule].db, key3.db, cert7.db) from scratch. -(-create) -
  • Switch to and from FIPS-140-1 compliant mode. -(-fips) -
  • Delete a PKCS #11 module. (-delete) -
  • List installed PKCS #11 modules. (-list) -
  • List detailed info on a particular module and its tokens, including -whether needs login, is hardware, needs user init -(-list) -
  • Specify which modules should be the default provider of various -cryptographic operations.(-default, --undefault) -
  • Disable and enable slots, find out whether and why they are disabled. -(-disable, -enable, --list) -
- -
- - - - -

Usage

-modutil [command] [options] -

At most one command can be specified. With no arguments, -modutil prints a usage message. -

Commands:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CommandDescription
--add module name -libfile library file - [-ciphers cipher enable list] - [-mechanisms default mechanism list] -Adds a new module to the database with the given name. - -

library file is the path of the DLL or other library file -containing the module's implementation of the PKCS #11 interface. - -

cipher enable flags is a colon-separated list of ciphers -that will be enabled on this module. The list should be enclosed within quotes -if necessary to prevent shell interpretation. The following ciphers are -currently available: -

    -
  • FORTEZZA -
- -

default mechanism flags is a colon-separated list of -mechanisms for which this module should be the default provider. The -list should be enclosed within quotes if necessary to prevent shell -interpretation. This -list does not enable the mechanisms; it only specifies that this module -will be a default provider for the listed mechanisms. If more than -one module claims to be a default provider for a given mechanism, it is -undefined which will actually be chosen to provide that mechanism. The -following mechanisms are currently available: -

    -
  • RSA -
  • DSA -
  • RC2 -
  • RC4 -
  • RC5 -
  • DES -
  • DH -
  • FORTEZZA -
  • SHA1 -
  • MD5 -
  • MD2 -
  • RANDOM (random number generation) -
  • FRIENDLY (certificates are publicly-readable) -
-
-changepw token name -[-pwfile old password file] -[-newpwfile new password file]Changes the password on the named token. If the token has not been -initialized, this command will initialize the PIN. -If a password file is given, the password will be read from that file; -otherwise, the password will be obtained interactively. -Storing passwords in a file is much less secure than supplying them -interactively. -

The password on the Netscape internal module cannot be changed if -the -nocertdb option is specified. -

-createCreates a new secmod[ule].db, key3.db, and cert7.db in the directory -specified with the --dbdir option, if one is specified. If no directory is -specified, UNIX systems will use the user's .netscape directory, while other -systems will return with an error message. If any of these databases already -exist in the chosen directory, an error message is returned. -

If used with -nocertdb, only secmod[ule].db will be created; -cert7.db and key3.db will not be created. -

-default module name --mechanisms mechanism list -Specifies that the given module will be a default provider of the -listed mechanisms. The mechanism list is the same as in the -add -command. -
-delete module nameDeletes the named module from the database
-disable module name -[-slot slot name]Disables the named slot. If no slot is specified, all slots on -the module are disabled.
-enable module name -[-slot slot name]Enables the named slot. If no slot is specified, all slots on -the module are enabled.
-fips [true | false]Enables or disables FIPS mode on the internal module. Passing -true enables FIPS mode, passing false disables -FIPS mode.
-forceDisables interactive prompts, so modutil can be run in a script. -Should only be used by experts, since the prompts may relate to security -or database integrity. Before using this option, test the command -interactively once to see the warnings that are produced.
-jar JAR file --installdir root installation directory -[-tempdir temporary directory]Adds a new module from the given JAR file. The JAR file uses the -server PKCS #11 JAR format to describe the names of -any files that need to be installed, the name of the module, mechanism flags, -and cipher flags. The root installation directory -is the directory relative to which files will be installed. This should be a - directory -under which it would be natural to store dynamic library files, such as -a server's root directory, or Communicator's root directory. -The temporary directory is where temporary modutil files -will be created in the course of the installation. If no temporary directory -is specified, the current directory will be used. -

If used with the -nocertdb option, the signatures on the JAR -file will not be checked.

-list [module name]Without an argument, lists the PKCS #11 modules present in the module -database. -
-
-% modutil -list
-Using database directory /u/nicolson/.netscape...
-
-Listing of PKCS #11 Modules
------------------------------------------------------------
-  1. Netscape Internal PKCS #11 Module
-         slots: 2 slots attached
-        status: loaded
-
-         slot: Communicator Internal Cryptographic Services Version 4.0
-        token: Communicator Generic Crypto Svcs
-
-         slot: Communicator User Private Key and Certificate Services
-        token: Communicator Certificate DB
------------------------------------------------------------
-
-
-

With an argument, provides a detailed description of the named module -and its slots and tokens. -

-
-% modutil -list "Netscape Internal PKCS #11 Module"
-Using database directory /u/nicolson/.netscape...
-
------------------------------------------------------------
-Name: Netscape Internal PKCS #11 Module
-Library file: **Internal ONLY module**
-Manufacturer: Netscape Communications Corp    
-Description: Communicator Internal Crypto Svc
-PKCS #11 Version 2.0
-Library Version: 4.0
-Cipher Enable Flags: None
-Default Mechanism Flags: RSA:DSA:RC2:RC4:DES:SHA1:MD5:MD2
-
-  Slot: Communicator Internal Cryptographic Services Version 4.0
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 4.1
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Generic Crypto Svcs
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 4.0
-  Token Firmware Version: 0.0
-  Access: Write Protected
-  Login Type: Public (no login required)
-  User Pin: NOT Initialized
-
-  Slot: Communicator User Private Key and Certificate Services
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 3.0
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Certificate DB     
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 7.0
-  Token Firmware Version: 0.0
-  Access: NOT Write Protected
-  Login Type: Login required
-  User Pin: Initialized
-
------------------------------------------------------------
-
-
-
-undefault module name --mechanisms mechanism listSpecifies that the given module will NOT be a default provider of -the listed mechanisms. This command clears the default mechanism flags -for the given module.
- - - - -

Options:

- - - - - - - - - - - - - - - -
OptionDescription
-dbdir directorySpecifies which directory holds the module database. On UNIX systems, -the user's netscape directory is the default. On other systems, there is -no default, and this option must be used.
-nocertdbDo not open the certificate or key databases. This has several effects. -With the -create command, this means that only a secmod.db file -will be created; cert7.db and key3.db will not be created. With the --jar command, signatures on the JAR file will not be checked. -With the -changepw command, the password on the Netscape internal -module cannot be set or changed, since this password is stored in key3.db. -
- - - diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile deleted file mode 100644 index 490f738e55..0000000000 --- a/security/nss/cmd/ocspclnt/Makefile +++ /dev/null @@ -1,73 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn deleted file mode 100644 index 68a84b8c78..0000000000 --- a/security/nss/cmd/ocspclnt/manifest.mn +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = nss - -CSRCS = \ - ocspclnt.c \ - $(NULL) - -# headers for the MODULE (defined above) are implicitly required. -REQUIRES = dbm seccmd - -# WINNT uses EXTRA_LIBS as the list of libs to link in. -# Unix uses OS_LIBS for that purpose. -# We can solve this via conditional makefile code, but -# can't do this in manifest.mn because OS_ARCH isn't defined there. -# So, look in the local Makefile for the defines for the list of libs. - -PROGRAM = ocspclnt - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c deleted file mode 100644 index a5a1448c64..0000000000 --- a/security/nss/cmd/ocspclnt/ocspclnt.c +++ /dev/null @@ -1,1219 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* - * Test program for client-side OCSP. - * - * $Id$ - */ - -#include "secutil.h" -#include "nspr.h" -#include "plgetopt.h" -#include "nss.h" -#include "cert.h" -#include "ocsp.h" -#include "xconst.h" /* - * XXX internal header file; needed to get at - * cert_DecodeAuthInfoAccessExtension -- would be - * nice to not need this, but that would require - * better/different APIs. - */ - -#ifndef NO_PP /* - * Compile with this every once in a while to be - * sure that no dependencies on it get added - * outside of the pretty-printing routines. - */ -#include "ocspti.h" /* internals for pretty-printing routines *only* */ -#endif /* NO_PP */ - -#define DEFAULT_DB_DIR "~/.netscape" - - -static void -synopsis (char *program_name) -{ - PRFileDesc *pr_stderr; - - pr_stderr = PR_STDERR; - PR_fprintf (pr_stderr, "Usage:"); - PR_fprintf (pr_stderr, - "\t%s -p [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -P [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -r [-L] [-s ] [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -R [-l ] [-s ] [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -S [-l -t ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t\t [-s ] [-w