From f85b74f39ada41c16a1e19714d7a4158067edae5 Mon Sep 17 00:00:00 2001
From: cvs2hg
Date: Tue, 3 Jan 2006 23:02:12 +0000
Subject: [PATCH] fixup commit for tag 'SVRCORE_4_0_1_RTM'
---
dbm/.cvsignore | 1 -
dbm/Makefile.in | 53 -
dbm/include/.cvsignore | 1 -
dbm/include/Makefile.in | 71 -
dbm/include/Makefile.win | 77 -
dbm/include/cdefs.h | 126 -
dbm/include/extern.h | 65 -
dbm/include/hash.h | 337 -
dbm/include/hsearch.h | 51 -
dbm/include/mcom_db.h | 424 -
dbm/include/mpool.h | 99 -
dbm/include/ncompat.h | 232 -
dbm/include/ndbm.h | 77 -
dbm/include/nsres.h | 41 -
dbm/include/page.h | 96 -
dbm/include/queue.h | 245 -
dbm/include/search.h | 51 -
dbm/include/watcomfx.h | 26 -
dbm/include/winfile.h | 112 -
dbm/src/.cvsignore | 1 -
dbm/src/Makefile.in | 95 -
dbm/src/Makefile.win | 113 -
dbm/src/db.c | 144 -
dbm/src/h_bigkey.c | 713 -
dbm/src/h_func.c | 211 -
dbm/src/h_log2.c | 56 -
dbm/src/h_page.c | 1290 -
dbm/src/hash.c | 1179 -
dbm/src/hash_buf.c | 414 -
dbm/src/hsearch.c | 108 -
dbm/src/memmove.c | 150 -
dbm/src/mktemp.c | 166 -
dbm/src/ndbm.c | 195 -
dbm/src/nsres.c | 305 -
dbm/src/snprintf.c | 75 -
dbm/src/strerror.c | 78 -
dbm/tests/.cvsignore | 3 -
dbm/tests/Makefile.in | 62 -
dbm/tests/dbmtest.pkg | 2 -
dbm/tests/lots.c | 638 -
.../perf/perf.sh => coreconf/makefile.win} | 94 +-
.../config.mk => coreconf/nsinstall/nfspwd} | 24 +-
.../nsinstall/nfspwd.pl} | 21 +-
security/dbm/Makefile | 80 -
security/dbm/config/config.mk | 67 -
security/dbm/include/Makefile | 76 -
security/dbm/include/manifest.mn | 57 -
security/dbm/manifest.mn | 45 -
security/dbm/src/Makefile | 76 -
security/dbm/src/config.mk | 63 -
security/dbm/src/dirent.c | 348 -
security/dbm/src/dirent.h | 97 -
security/dbm/src/manifest.mn | 61 -
security/dbm/tests/Makefile | 69 -
security/nss/Makefile | 172 -
security/nss/cmd/.cvsignore | 1 -
security/nss/cmd/Makefile | 190 -
security/nss/cmd/SSLsample/Makefile | 48 -
security/nss/cmd/SSLsample/NSPRerrs.h | 136 -
security/nss/cmd/SSLsample/README | 35 -
security/nss/cmd/SSLsample/SECerrs.h | 444 -
security/nss/cmd/SSLsample/SSLerrs.h | 369 -
security/nss/cmd/SSLsample/client.c | 456 -
security/nss/cmd/SSLsample/client.mn | 54 -
security/nss/cmd/SSLsample/gencerts | 81 -
security/nss/cmd/SSLsample/make.client | 81 -
security/nss/cmd/SSLsample/make.server | 80 -
security/nss/cmd/SSLsample/server.c | 821 -
security/nss/cmd/SSLsample/server.mn | 52 -
security/nss/cmd/SSLsample/sslerror.h | 113 -
security/nss/cmd/SSLsample/sslsample.c | 594 -
security/nss/cmd/SSLsample/sslsample.h | 180 -
security/nss/cmd/addbuiltin/Makefile | 80 -
security/nss/cmd/addbuiltin/addbuiltin.c | 389 -
security/nss/cmd/addbuiltin/manifest.mn | 52 -
security/nss/cmd/atob/Makefile | 80 -
security/nss/cmd/atob/atob.c | 180 -
security/nss/cmd/atob/manifest.mn | 54 -
security/nss/cmd/bltest/Makefile | 86 -
security/nss/cmd/bltest/blapitest.c | 3570 --
security/nss/cmd/bltest/manifest.mn | 62 -
security/nss/cmd/bltest/tests/README | 49 -
.../nss/cmd/bltest/tests/aes_cbc/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/aes_cbc/iv0 | 1 -
security/nss/cmd/bltest/tests/aes_cbc/key0 | 1 -
.../nss/cmd/bltest/tests/aes_cbc/numtests | 1 -
.../nss/cmd/bltest/tests/aes_cbc/plaintext0 | 1 -
.../nss/cmd/bltest/tests/aes_ecb/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/aes_ecb/key0 | 1 -
.../nss/cmd/bltest/tests/aes_ecb/numtests | 1 -
.../nss/cmd/bltest/tests/aes_ecb/plaintext0 | 1 -
.../nss/cmd/bltest/tests/des3_cbc/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/des3_cbc/iv0 | 1 -
security/nss/cmd/bltest/tests/des3_cbc/key0 | 1 -
.../nss/cmd/bltest/tests/des3_cbc/numtests | 1 -
.../nss/cmd/bltest/tests/des3_cbc/plaintext0 | 1 -
.../nss/cmd/bltest/tests/des3_ecb/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/des3_ecb/key0 | 1 -
.../nss/cmd/bltest/tests/des3_ecb/numtests | 1 -
.../nss/cmd/bltest/tests/des3_ecb/plaintext0 | 1 -
.../nss/cmd/bltest/tests/des_cbc/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/des_cbc/iv0 | 1 -
security/nss/cmd/bltest/tests/des_cbc/key0 | 1 -
.../nss/cmd/bltest/tests/des_cbc/numtests | 1 -
.../nss/cmd/bltest/tests/des_cbc/plaintext0 | 1 -
.../nss/cmd/bltest/tests/des_ecb/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/des_ecb/key0 | 1 -
.../nss/cmd/bltest/tests/des_ecb/numtests | 1 -
.../nss/cmd/bltest/tests/des_ecb/plaintext0 | 1 -
security/nss/cmd/bltest/tests/dsa/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/dsa/key0 | 6 -
security/nss/cmd/bltest/tests/dsa/keyseed0 | 1 -
security/nss/cmd/bltest/tests/dsa/numtests | 1 -
security/nss/cmd/bltest/tests/dsa/plaintext0 | 1 -
security/nss/cmd/bltest/tests/dsa/pqg0 | 4 -
security/nss/cmd/bltest/tests/dsa/sigseed0 | 1 -
security/nss/cmd/bltest/tests/ecdsa/README | 22 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext0 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext1 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext10 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext11 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext12 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext13 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext14 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext15 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext16 | 3 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext17 | 3 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext18 | 3 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext19 | 3 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext2 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext20 | 3 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext3 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext4 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext5 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext6 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext7 | 1 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext8 | 2 -
.../nss/cmd/bltest/tests/ecdsa/ciphertext9 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key0 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key1 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key10 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key11 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key12 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key13 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key14 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key15 | 4 -
security/nss/cmd/bltest/tests/ecdsa/key16 | 4 -
security/nss/cmd/bltest/tests/ecdsa/key17 | 4 -
security/nss/cmd/bltest/tests/ecdsa/key18 | 5 -
security/nss/cmd/bltest/tests/ecdsa/key19 | 5 -
security/nss/cmd/bltest/tests/ecdsa/key2 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key20 | 5 -
security/nss/cmd/bltest/tests/ecdsa/key3 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key4 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key5 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key6 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key7 | 2 -
security/nss/cmd/bltest/tests/ecdsa/key8 | 3 -
security/nss/cmd/bltest/tests/ecdsa/key9 | 3 -
security/nss/cmd/bltest/tests/ecdsa/numtests | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext0 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext1 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext10 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext11 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext12 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext13 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext14 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext15 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext16 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext17 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext18 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext19 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext2 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext20 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext3 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext4 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext5 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext6 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext7 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext8 | 1 -
.../nss/cmd/bltest/tests/ecdsa/plaintext9 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed0 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed1 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed10 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed11 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed12 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed13 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed14 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed15 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed16 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed17 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed18 | 2 -
security/nss/cmd/bltest/tests/ecdsa/sigseed19 | 2 -
security/nss/cmd/bltest/tests/ecdsa/sigseed2 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed20 | 2 -
security/nss/cmd/bltest/tests/ecdsa/sigseed3 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed4 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed5 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed6 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed7 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed8 | 1 -
security/nss/cmd/bltest/tests/ecdsa/sigseed9 | 1 -
security/nss/cmd/bltest/tests/md2/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/md2/numtests | 1 -
security/nss/cmd/bltest/tests/md2/plaintext0 | 1 -
security/nss/cmd/bltest/tests/md5/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/md5/numtests | 1 -
security/nss/cmd/bltest/tests/md5/plaintext0 | 1 -
.../nss/cmd/bltest/tests/rc2_cbc/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rc2_cbc/iv0 | 1 -
security/nss/cmd/bltest/tests/rc2_cbc/key0 | 1 -
.../nss/cmd/bltest/tests/rc2_cbc/numtests | 1 -
.../nss/cmd/bltest/tests/rc2_cbc/plaintext0 | 1 -
.../nss/cmd/bltest/tests/rc2_ecb/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rc2_ecb/key0 | 1 -
.../nss/cmd/bltest/tests/rc2_ecb/numtests | 1 -
.../nss/cmd/bltest/tests/rc2_ecb/plaintext0 | 1 -
security/nss/cmd/bltest/tests/rc4/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rc4/ciphertext1 | 1 -
security/nss/cmd/bltest/tests/rc4/key0 | 1 -
security/nss/cmd/bltest/tests/rc4/key1 | 1 -
security/nss/cmd/bltest/tests/rc4/numtests | 1 -
security/nss/cmd/bltest/tests/rc4/plaintext0 | 1 -
security/nss/cmd/bltest/tests/rc4/plaintext1 | 1 -
.../nss/cmd/bltest/tests/rc5_cbc/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rc5_cbc/iv0 | 1 -
security/nss/cmd/bltest/tests/rc5_cbc/key0 | 1 -
.../nss/cmd/bltest/tests/rc5_cbc/numtests | 1 -
security/nss/cmd/bltest/tests/rc5_cbc/params0 | 2 -
.../nss/cmd/bltest/tests/rc5_cbc/plaintext0 | 1 -
.../nss/cmd/bltest/tests/rc5_ecb/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rc5_ecb/key0 | 1 -
.../nss/cmd/bltest/tests/rc5_ecb/numtests | 1 -
security/nss/cmd/bltest/tests/rc5_ecb/params0 | 2 -
.../nss/cmd/bltest/tests/rc5_ecb/plaintext0 | 1 -
security/nss/cmd/bltest/tests/rsa/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/rsa/key0 | 4 -
security/nss/cmd/bltest/tests/rsa/numtests | 1 -
security/nss/cmd/bltest/tests/rsa/plaintext0 | 1 -
.../nss/cmd/bltest/tests/sha1/ciphertext0 | 1 -
security/nss/cmd/bltest/tests/sha1/numtests | 1 -
security/nss/cmd/bltest/tests/sha1/plaintext0 | 1 -
.../nss/cmd/bltest/tests/sha256/ciphertext0 | 1 -
.../nss/cmd/bltest/tests/sha256/ciphertext1 | 1 -
security/nss/cmd/bltest/tests/sha256/numtests | 1 -
.../nss/cmd/bltest/tests/sha256/plaintext0 | 1 -
.../nss/cmd/bltest/tests/sha256/plaintext1 | 1 -
.../nss/cmd/bltest/tests/sha384/ciphertext0 | 1 -
.../nss/cmd/bltest/tests/sha384/ciphertext1 | 1 -
security/nss/cmd/bltest/tests/sha384/numtests | 1 -
.../nss/cmd/bltest/tests/sha384/plaintext0 | 1 -
.../nss/cmd/bltest/tests/sha384/plaintext1 | 1 -
.../nss/cmd/bltest/tests/sha512/ciphertext0 | 2 -
.../nss/cmd/bltest/tests/sha512/ciphertext1 | 2 -
security/nss/cmd/bltest/tests/sha512/numtests | 1 -
.../nss/cmd/bltest/tests/sha512/plaintext0 | 1 -
.../nss/cmd/bltest/tests/sha512/plaintext1 | 1 -
security/nss/cmd/btoa/Makefile | 79 -
security/nss/cmd/btoa/btoa.c | 213 -
security/nss/cmd/btoa/manifest.mn | 53 -
security/nss/cmd/certcgi/HOWTO.txt | 168 -
security/nss/cmd/certcgi/Makefile | 80 -
security/nss/cmd/certcgi/ca.html | 51 -
security/nss/cmd/certcgi/ca_form.html | 388 -
security/nss/cmd/certcgi/certcgi.c | 2415 -
security/nss/cmd/certcgi/index.html | 959 -
security/nss/cmd/certcgi/main.html | 108 -
security/nss/cmd/certcgi/manifest.mn | 54 -
security/nss/cmd/certcgi/nscp_ext_form.html | 116 -
security/nss/cmd/certcgi/stnd_ext_form.html | 250 -
security/nss/cmd/certutil/Makefile | 80 -
security/nss/cmd/certutil/certutil.c | 3162 -
security/nss/cmd/certutil/keystuff.c | 583 -
security/nss/cmd/certutil/manifest.mn | 60 -
security/nss/cmd/checkcert/Makefile | 80 -
security/nss/cmd/checkcert/checkcert.c | 642 -
security/nss/cmd/checkcert/manifest.mn | 51 -
security/nss/cmd/crlutil/Makefile | 85 -
security/nss/cmd/crlutil/crlgen.c | 1627 -
security/nss/cmd/crlutil/crlgen.h | 182 -
security/nss/cmd/crlutil/crlgen_lex.c | 1783 -
security/nss/cmd/crlutil/crlgen_lex_fix.sed | 4 -
security/nss/cmd/crlutil/crlgen_lex_orig.l | 177 -
security/nss/cmd/crlutil/crlutil.c | 1020 -
security/nss/cmd/crlutil/manifest.mn | 57 -
security/nss/cmd/crmf-cgi/Makefile | 85 -
security/nss/cmd/crmf-cgi/crmfcgi.c | 1127 -
security/nss/cmd/crmf-cgi/crmfcgi.html | 168 -
security/nss/cmd/crmf-cgi/manifest.mn | 65 -
security/nss/cmd/crmftest/Makefile | 96 -
security/nss/cmd/crmftest/manifest.mn | 57 -
security/nss/cmd/crmftest/testcrmf.c | 1697 -
security/nss/cmd/dbck/Makefile | 79 -
security/nss/cmd/dbck/dbck.c | 1879 -
security/nss/cmd/dbck/manifest.mn | 53 -
security/nss/cmd/dbtest/Makefile | 92 -
security/nss/cmd/dbtest/dbtest.c | 183 -
security/nss/cmd/dbtest/manifest.mn | 54 -
security/nss/cmd/derdump/Makefile | 80 -
security/nss/cmd/derdump/derdump.c | 137 -
security/nss/cmd/derdump/manifest.mn | 53 -
security/nss/cmd/digest/Makefile | 80 -
security/nss/cmd/digest/digest.c | 256 -
security/nss/cmd/digest/manifest.mn | 54 -
security/nss/cmd/fipstest/Makefile | 86 -
security/nss/cmd/fipstest/aes.sh | 94 -
security/nss/cmd/fipstest/ecdsa.sh | 29 -
security/nss/cmd/fipstest/fipstest.c | 3411 --
security/nss/cmd/fipstest/hmac.sh | 20 -
security/nss/cmd/fipstest/manifest.mn | 55 -
security/nss/cmd/fipstest/sha.sh | 46 -
security/nss/cmd/fipstest/tdea.sh | 87 -
security/nss/cmd/lib/Makefile | 82 -
security/nss/cmd/lib/NSPRerrs.h | 153 -
security/nss/cmd/lib/SECerrs.h | 506 -
security/nss/cmd/lib/SSLerrs.h | 372 -
security/nss/cmd/lib/berparse.c | 407 -
security/nss/cmd/lib/config.mk | 47 -
security/nss/cmd/lib/derprint.c | 622 -
security/nss/cmd/lib/ffs.c | 51 -
security/nss/cmd/lib/manifest.mn | 64 -
security/nss/cmd/lib/moreoids.c | 180 -
security/nss/cmd/lib/pppolicy.c | 299 -
security/nss/cmd/lib/secerror.c | 110 -
security/nss/cmd/lib/secpwd.c | 205 -
security/nss/cmd/lib/secutil.c | 3685 --
security/nss/cmd/lib/secutil.h | 424 -
security/nss/cmd/makepqg/Makefile | 81 -
security/nss/cmd/makepqg/makepqg.c | 363 -
security/nss/cmd/makepqg/manifest.mn | 51 -
security/nss/cmd/makepqg/testit.ksh | 45 -
security/nss/cmd/manifest.mn | 97 -
security/nss/cmd/modutil/Makefile | 84 -
security/nss/cmd/modutil/README | 7 -
security/nss/cmd/modutil/error.h | 185 -
security/nss/cmd/modutil/install-ds.c | 1544 -
security/nss/cmd/modutil/install-ds.h | 293 -
security/nss/cmd/modutil/install.c | 988 -
security/nss/cmd/modutil/install.h | 133 -
security/nss/cmd/modutil/installparse.c | 429 -
security/nss/cmd/modutil/installparse.h | 3 -
security/nss/cmd/modutil/installparse.l | 169 -
security/nss/cmd/modutil/installparse.y | 136 -
security/nss/cmd/modutil/instsec.c | 181 -
security/nss/cmd/modutil/lex.Pk11Install_yy.c | 1694 -
security/nss/cmd/modutil/manifest.mn | 66 -
security/nss/cmd/modutil/modutil.c | 973 -
security/nss/cmd/modutil/modutil.h | 70 -
security/nss/cmd/modutil/pk11.c | 949 -
security/nss/cmd/modutil/pk11jar.html | 312 -
security/nss/cmd/modutil/rules.mk | 58 -
security/nss/cmd/modutil/specification.html | 354 -
security/nss/cmd/ocspclnt/Makefile | 77 -
security/nss/cmd/ocspclnt/manifest.mn | 58 -
security/nss/cmd/ocspclnt/ocspclnt.c | 1225 -
security/nss/cmd/oidcalc/Makefile | 80 -
security/nss/cmd/oidcalc/manifest.mn | 51 -
security/nss/cmd/oidcalc/oidcalc.c | 120 -
security/nss/cmd/p7content/Makefile | 79 -
security/nss/cmd/p7content/manifest.mn | 47 -
security/nss/cmd/p7content/p7content.c | 274 -
security/nss/cmd/p7env/Makefile | 79 -
security/nss/cmd/p7env/manifest.mn | 47 -
security/nss/cmd/p7env/p7env.c | 275 -
security/nss/cmd/p7sign/Makefile | 79 -
security/nss/cmd/p7sign/manifest.mn | 47 -
security/nss/cmd/p7sign/p7sign.c | 294 -
security/nss/cmd/p7verify/Makefile | 79 -
security/nss/cmd/p7verify/manifest.mn | 47 -
security/nss/cmd/p7verify/p7verify.c | 308 -
security/nss/cmd/pk11util/Makefile | 80 -
security/nss/cmd/pk11util/manifest.mn | 55 -
security/nss/cmd/pk11util/pk11table.c | 1403 -
security/nss/cmd/pk11util/pk11util.c | 2182 -
security/nss/cmd/pk11util/pk11util.h | 165 -
security/nss/cmd/pk11util/scripts/dosign | 162 -
security/nss/cmd/pk11util/scripts/hssign | 48 -
security/nss/cmd/pk11util/scripts/lcert | 35 -
security/nss/cmd/pk11util/scripts/mechanisms | 11 -
security/nss/cmd/pk11util/scripts/pLabel1 | 6 -
security/nss/cmd/pk11util/scripts/pMechanisms | 8 -
security/nss/cmd/pk11util/scripts/pcert | 30 -
security/nss/cmd/pk11util/scripts/pkey | Bin 1543 -> 0 bytes
security/nss/cmd/pk12util/Makefile | 80 -
security/nss/cmd/pk12util/manifest.mn | 59 -
security/nss/cmd/pk12util/pk12util.c | 1007 -
security/nss/cmd/pk12util/pk12util.h | 72 -
security/nss/cmd/platlibs.mk | 235 -
security/nss/cmd/platrules.mk | 51 -
security/nss/cmd/pp/Makefile | 79 -
security/nss/cmd/pp/manifest.mn | 51 -
security/nss/cmd/pp/pp.c | 190 -
security/nss/cmd/pwdecrypt/Makefile | 77 -
security/nss/cmd/pwdecrypt/manifest.mn | 58 -
security/nss/cmd/pwdecrypt/pwdecrypt.c | 358 -
security/nss/cmd/rsaperf/Makefile | 88 -
security/nss/cmd/rsaperf/defkey.c | 205 -
security/nss/cmd/rsaperf/manifest.mn | 56 -
security/nss/cmd/rsaperf/rsaperf.c | 712 -
security/nss/cmd/samples/cert | 15 -
security/nss/cmd/samples/cert0 | Bin 505 -> 0 bytes
security/nss/cmd/samples/cert1 | Bin 515 -> 0 bytes
security/nss/cmd/samples/cert2 | Bin 528 -> 0 bytes
security/nss/cmd/samples/pkcs7.ber | Bin 1771 -> 0 bytes
security/nss/cmd/samples/pkcs7bday.ber | Bin 1881 -> 0 bytes
security/nss/cmd/samples/pkcs7cnet.ber | Bin 3330 -> 0 bytes
security/nss/cmd/samples/pkcs7news.ber | Bin 255328 -> 0 bytes
security/nss/cmd/samples/x509v3.der | Bin 463 -> 0 bytes
security/nss/cmd/samples/x509v3.txt | 10 -
security/nss/cmd/sdrtest/Makefile | 77 -
security/nss/cmd/sdrtest/manifest.mn | 58 -
security/nss/cmd/sdrtest/sdrtest.c | 410 -
security/nss/cmd/selfserv/Makefile | 78 -
security/nss/cmd/selfserv/manifest.mn | 56 -
security/nss/cmd/selfserv/selfserv.c | 2013 -
security/nss/cmd/shlibsign/Makefile | 97 -
security/nss/cmd/shlibsign/mangle/Makefile | 79 -
security/nss/cmd/shlibsign/mangle/mangle.c | 169 -
security/nss/cmd/shlibsign/mangle/manifest.mn | 56 -
security/nss/cmd/shlibsign/manifest.mn | 62 -
security/nss/cmd/shlibsign/shlibsign.c | 435 -
security/nss/cmd/shlibsign/sign.cmd | 21 -
security/nss/cmd/shlibsign/sign.sh | 56 -
security/nss/cmd/signtool/Makefile | 75 -
security/nss/cmd/signtool/README | 128 -
security/nss/cmd/signtool/certgen.c | 746 -
security/nss/cmd/signtool/javascript.c | 1867 -
security/nss/cmd/signtool/list.c | 280 -
security/nss/cmd/signtool/manifest.mn | 61 -
security/nss/cmd/signtool/sign.c | 902 -
security/nss/cmd/signtool/signtool.c | 1100 -
security/nss/cmd/signtool/signtool.h | 145 -
security/nss/cmd/signtool/util.c | 1009 -
security/nss/cmd/signtool/verify.c | 371 -
security/nss/cmd/signtool/zip.c | 721 -
security/nss/cmd/signtool/zip.h | 103 -
security/nss/cmd/signver/Makefile | 75 -
security/nss/cmd/signver/examples/1/form.pl | 54 -
.../cmd/signver/examples/1/signedForm.html | 87 -
.../cmd/signver/examples/1/signedForm.nt.html | 87 -
.../nss/cmd/signver/examples/1/signedForm.pl | 92 -
security/nss/cmd/signver/manifest.mn | 58 -
security/nss/cmd/signver/pk7print.c | 894 -
security/nss/cmd/signver/signver.c | 422 -
security/nss/cmd/smimetools/Makefile | 81 -
security/nss/cmd/smimetools/cmsutil.c | 1620 -
security/nss/cmd/smimetools/manifest.mn | 49 -
security/nss/cmd/smimetools/rules.mk | 40 -
security/nss/cmd/smimetools/smime | 581 -
security/nss/cmd/ssltap/Makefile | 83 -
security/nss/cmd/ssltap/manifest.mn | 55 -
security/nss/cmd/ssltap/ssltap-manual.html | 202 -
security/nss/cmd/ssltap/ssltap.c | 1420 -
security/nss/cmd/strsclnt/Makefile | 79 -
security/nss/cmd/strsclnt/manifest.mn | 51 -
security/nss/cmd/strsclnt/strsclnt.c | 1485 -
security/nss/cmd/symkeyutil/Makefile | 80 -
security/nss/cmd/symkeyutil/manifest.mn | 55 -
security/nss/cmd/symkeyutil/symkey.man | 182 -
security/nss/cmd/symkeyutil/symkeyutil.c | 1129 -
security/nss/cmd/tests/Makefile | 77 -
security/nss/cmd/tests/manifest.mn | 53 -
security/nss/cmd/tests/remtest.c | 165 -
security/nss/cmd/tstclnt/Makefile | 88 -
security/nss/cmd/tstclnt/manifest.mn | 58 -
security/nss/cmd/tstclnt/tstclnt.c | 948 -
security/nss/cmd/vfychain/Makefile | 86 -
security/nss/cmd/vfychain/manifest.mn | 55 -
security/nss/cmd/vfychain/vfychain.c | 332 -
security/nss/cmd/vfyserv/Makefile | 88 -
security/nss/cmd/vfyserv/manifest.mn | 55 -
security/nss/cmd/vfyserv/vfyserv.c | 495 -
security/nss/cmd/vfyserv/vfyserv.h | 180 -
security/nss/cmd/vfyserv/vfyutil.c | 618 -
security/nss/cmd/zlib/Makefile | 88 -
security/nss/cmd/zlib/README | 125 -
security/nss/cmd/zlib/adler32.c | 149 -
security/nss/cmd/zlib/compress.c | 79 -
security/nss/cmd/zlib/config.mk | 48 -
security/nss/cmd/zlib/crc32.c | 423 -
security/nss/cmd/zlib/crc32.h | 441 -
security/nss/cmd/zlib/deflate.c | 1736 -
security/nss/cmd/zlib/deflate.h | 331 -
security/nss/cmd/zlib/example.c | 565 -
security/nss/cmd/zlib/gzio.c | 1026 -
security/nss/cmd/zlib/infback.c | 623 -
security/nss/cmd/zlib/inffast.c | 318 -
security/nss/cmd/zlib/inffast.h | 11 -
security/nss/cmd/zlib/inffixed.h | 94 -
security/nss/cmd/zlib/inflate.c | 1368 -
security/nss/cmd/zlib/inflate.h | 115 -
security/nss/cmd/zlib/inftrees.c | 329 -
security/nss/cmd/zlib/inftrees.h | 55 -
security/nss/cmd/zlib/manifest.mn | 68 -
security/nss/cmd/zlib/minigzip.c | 322 -
security/nss/cmd/zlib/trees.c | 1219 -
security/nss/cmd/zlib/trees.h | 128 -
security/nss/cmd/zlib/uncompr.c | 61 -
security/nss/cmd/zlib/zconf.h | 332 -
security/nss/cmd/zlib/zlib.h | 1357 -
security/nss/cmd/zlib/zutil.c | 318 -
security/nss/cmd/zlib/zutil.h | 269 -
security/nss/lib/Makefile | 95 -
security/nss/lib/asn1/Makefile | 44 -
security/nss/lib/asn1/asn1.c | 1730 -
security/nss/lib/asn1/asn1.h | 882 -
security/nss/lib/asn1/asn1m.h | 83 -
security/nss/lib/asn1/asn1t.h | 169 -
security/nss/lib/asn1/config.mk | 52 -
security/nss/lib/asn1/manifest.mn | 59 -
security/nss/lib/asn1/nssasn1t.h | 70 -
security/nss/lib/base/Makefile | 44 -
security/nss/lib/base/arena.c | 1145 -
security/nss/lib/base/base.h | 1411 -
security/nss/lib/base/baset.h | 161 -
security/nss/lib/base/config.mk | 52 -
security/nss/lib/base/error.c | 286 -
security/nss/lib/base/errorval.c | 96 -
security/nss/lib/base/hash.c | 407 -
security/nss/lib/base/hashops.c | 120 -
security/nss/lib/base/item.c | 244 -
security/nss/lib/base/libc.c | 200 -
security/nss/lib/base/list.c | 436 -
security/nss/lib/base/manifest.mn | 68 -
security/nss/lib/base/nssbase.h | 170 -
security/nss/lib/base/nssbaset.h | 156 -
security/nss/lib/base/tracker.c | 546 -
security/nss/lib/base/utf8.c | 762 -
security/nss/lib/certdb/.cvsignore | 1 -
security/nss/lib/certdb/Makefile | 80 -
security/nss/lib/certdb/alg1485.c | 1219 -
security/nss/lib/certdb/cert.h | 1528 -
security/nss/lib/certdb/certdb.c | 2982 -
security/nss/lib/certdb/certdb.h | 171 -
security/nss/lib/certdb/certi.h | 247 -
security/nss/lib/certdb/certt.h | 887 -
security/nss/lib/certdb/certv3.c | 400 -
security/nss/lib/certdb/certxutl.c | 529 -
security/nss/lib/certdb/certxutl.h | 82 -
security/nss/lib/certdb/config.mk | 47 -
security/nss/lib/certdb/crl.c | 3003 -
security/nss/lib/certdb/genname.c | 1832 -
security/nss/lib/certdb/genname.h | 138 -
security/nss/lib/certdb/manifest.mn | 72 -
security/nss/lib/certdb/polcyxtn.c | 568 -
security/nss/lib/certdb/secname.c | 704 -
security/nss/lib/certdb/stanpcertdb.c | 989 -
security/nss/lib/certdb/xauthkid.c | 158 -
security/nss/lib/certdb/xbsconst.c | 177 -
security/nss/lib/certdb/xconst.c | 298 -
security/nss/lib/certdb/xconst.h | 72 -
security/nss/lib/certhigh/Makefile | 80 -
security/nss/lib/certhigh/certhigh.c | 1204 -
security/nss/lib/certhigh/certhtml.c | 599 -
security/nss/lib/certhigh/certreq.c | 350 -
security/nss/lib/certhigh/certvfy.c | 2078 -
security/nss/lib/certhigh/config.mk | 47 -
security/nss/lib/certhigh/crlv2.c | 141 -
security/nss/lib/certhigh/manifest.mn | 63 -
security/nss/lib/certhigh/ocsp.c | 3998 --
security/nss/lib/certhigh/ocsp.h | 537 -
security/nss/lib/certhigh/ocspt.h | 62 -
security/nss/lib/certhigh/ocspti.h | 408 -
security/nss/lib/certhigh/xcrldist.c | 233 -
security/nss/lib/ckfw/Makefile | 66 -
security/nss/lib/ckfw/builtins/Makefile | 102 -
security/nss/lib/ckfw/builtins/README | 48 -
security/nss/lib/ckfw/builtins/anchor.c | 53 -
security/nss/lib/ckfw/builtins/bfind.c | 286 -
security/nss/lib/ckfw/builtins/binst.c | 133 -
security/nss/lib/ckfw/builtins/bobject.c | 258 -
security/nss/lib/ckfw/builtins/bsession.c | 111 -
security/nss/lib/ckfw/builtins/bslot.c | 127 -
security/nss/lib/ckfw/builtins/btoken.c | 187 -
security/nss/lib/ckfw/builtins/builtins.h | 107 -
security/nss/lib/ckfw/builtins/certdata.c | 12872 ----
security/nss/lib/ckfw/builtins/certdata.perl | 299 -
security/nss/lib/ckfw/builtins/certdata.txt | 13070 ----
security/nss/lib/ckfw/builtins/ckbiver.c | 58 -
security/nss/lib/ckfw/builtins/config.mk | 71 -
security/nss/lib/ckfw/builtins/constants.c | 97 -
security/nss/lib/ckfw/builtins/manifest.mn | 65 -
security/nss/lib/ckfw/builtins/nssckbi.def | 58 -
security/nss/lib/ckfw/builtins/nssckbi.h | 90 -
security/nss/lib/ckfw/builtins/nssckbi.rc | 97 -
security/nss/lib/ckfw/capi/Makefile | 105 -
security/nss/lib/ckfw/capi/README | 7 -
security/nss/lib/ckfw/capi/anchor.c | 55 -
security/nss/lib/ckfw/capi/cfind.c | 618 -
security/nss/lib/ckfw/capi/cinst.c | 148 -
security/nss/lib/ckfw/capi/ckcapi.h | 309 -
security/nss/lib/ckfw/capi/ckcapiver.c | 59 -
security/nss/lib/ckfw/capi/cobject.c | 2346 -
security/nss/lib/ckfw/capi/config.mk | 71 -
security/nss/lib/ckfw/capi/constants.c | 98 -
security/nss/lib/ckfw/capi/crsa.c | 748 -
security/nss/lib/ckfw/capi/csession.c | 131 -
security/nss/lib/ckfw/capi/cslot.c | 129 -
security/nss/lib/ckfw/capi/ctoken.c | 246 -
security/nss/lib/ckfw/capi/manifest.mn | 66 -
security/nss/lib/ckfw/capi/nsscapi.def | 58 -
security/nss/lib/ckfw/capi/nsscapi.h | 75 -
security/nss/lib/ckfw/capi/nsscapi.rc | 97 -
security/nss/lib/ckfw/capi/staticobj.c | 74 -
security/nss/lib/ckfw/ck.api | 575 -
security/nss/lib/ckfw/ck.h | 124 -
security/nss/lib/ckfw/ckapi.perl | 515 -
security/nss/lib/ckfw/ckfw.h | 2450 -
security/nss/lib/ckfw/ckfwm.h | 164 -
security/nss/lib/ckfw/ckfwtm.h | 59 -
security/nss/lib/ckfw/ckmd.h | 68 -
security/nss/lib/ckfw/ckt.h | 40 -
security/nss/lib/ckfw/config.mk | 58 -
security/nss/lib/ckfw/crypto.c | 377 -
security/nss/lib/ckfw/dbm/Makefile | 38 -
security/nss/lib/ckfw/dbm/anchor.c | 50 -
security/nss/lib/ckfw/dbm/ckdbm.h | 281 -
security/nss/lib/ckfw/dbm/config.mk | 37 -
security/nss/lib/ckfw/dbm/db.c | 1065 -
security/nss/lib/ckfw/dbm/find.c | 166 -
security/nss/lib/ckfw/dbm/instance.c | 196 -
security/nss/lib/ckfw/dbm/manifest.mn | 54 -
security/nss/lib/ckfw/dbm/object.c | 204 -
security/nss/lib/ckfw/dbm/session.c | 298 -
security/nss/lib/ckfw/dbm/slot.c | 214 -
security/nss/lib/ckfw/dbm/token.c | 315 -
security/nss/lib/ckfw/find.c | 413 -
security/nss/lib/ckfw/hash.c | 337 -
security/nss/lib/ckfw/instance.c | 1367 -
security/nss/lib/ckfw/manifest.mn | 83 -
security/nss/lib/ckfw/mechanism.c | 1218 -
security/nss/lib/ckfw/mutex.c | 314 -
security/nss/lib/ckfw/nsprstub.c | 520 -
security/nss/lib/ckfw/nssck.api | 1890 -
security/nss/lib/ckfw/nssckepv.h | 42 -
security/nss/lib/ckfw/nssckft.h | 43 -
security/nss/lib/ckfw/nssckfw.h | 526 -
security/nss/lib/ckfw/nssckfwc.h | 1049 -
security/nss/lib/ckfw/nssckfwt.h | 146 -
security/nss/lib/ckfw/nssckg.h | 42 -
security/nss/lib/ckfw/nssckmdt.h | 1981 -
security/nss/lib/ckfw/nssckt.h | 45 -
security/nss/lib/ckfw/nssmkey/Makefile | 105 -
security/nss/lib/ckfw/nssmkey/README | 21 -
security/nss/lib/ckfw/nssmkey/ckmk.h | 236 -
security/nss/lib/ckfw/nssmkey/ckmkver.c | 59 -
security/nss/lib/ckfw/nssmkey/config.mk | 57 -
security/nss/lib/ckfw/nssmkey/manchor.c | 55 -
security/nss/lib/ckfw/nssmkey/manifest.mn | 66 -
security/nss/lib/ckfw/nssmkey/mconstants.c | 96 -
security/nss/lib/ckfw/nssmkey/mfind.c | 404 -
security/nss/lib/ckfw/nssmkey/minst.c | 148 -
security/nss/lib/ckfw/nssmkey/mobject.c | 1959 -
security/nss/lib/ckfw/nssmkey/mrsa.c | 547 -
security/nss/lib/ckfw/nssmkey/msession.c | 131 -
security/nss/lib/ckfw/nssmkey/mslot.c | 129 -
security/nss/lib/ckfw/nssmkey/mtoken.c | 246 -
security/nss/lib/ckfw/nssmkey/nssmkey.def | 58 -
security/nss/lib/ckfw/nssmkey/nssmkey.h | 75 -
security/nss/lib/ckfw/nssmkey/staticobj.c | 74 -
security/nss/lib/ckfw/object.c | 1056 -
security/nss/lib/ckfw/session.c | 2503 -
security/nss/lib/ckfw/sessobj.c | 1102 -
security/nss/lib/ckfw/slot.c | 759 -
security/nss/lib/ckfw/token.c | 1907 -
security/nss/lib/ckfw/wrap.c | 5682 --
security/nss/lib/crmf/Makefile | 81 -
security/nss/lib/crmf/asn1cmn.c | 253 -
security/nss/lib/crmf/challcli.c | 287 -
security/nss/lib/crmf/cmmf.h | 1122 -
security/nss/lib/crmf/cmmfasn1.c | 164 -
security/nss/lib/crmf/cmmfchal.c | 322 -
security/nss/lib/crmf/cmmfi.h | 130 -
security/nss/lib/crmf/cmmfit.h | 148 -
security/nss/lib/crmf/cmmfrec.c | 351 -
security/nss/lib/crmf/cmmfresp.c | 315 -
security/nss/lib/crmf/cmmft.h | 105 -
security/nss/lib/crmf/config.mk | 48 -
security/nss/lib/crmf/crmf.h | 1782 -
security/nss/lib/crmf/crmfcont.c | 1175 -
security/nss/lib/crmf/crmfdec.c | 393 -
security/nss/lib/crmf/crmfenc.c | 87 -
security/nss/lib/crmf/crmffut.h | 393 -
security/nss/lib/crmf/crmfget.c | 481 -
security/nss/lib/crmf/crmfi.h | 190 -
security/nss/lib/crmf/crmfit.h | 219 -
security/nss/lib/crmf/crmfpop.c | 608 -
security/nss/lib/crmf/crmfreq.c | 684 -
security/nss/lib/crmf/crmft.h | 220 -
security/nss/lib/crmf/crmftmpl.c | 302 -
security/nss/lib/crmf/encutil.c | 66 -
security/nss/lib/crmf/manifest.mn | 75 -
security/nss/lib/crmf/respcli.c | 169 -
security/nss/lib/crmf/respcmn.c | 424 -
security/nss/lib/crmf/servget.c | 1011 -
security/nss/lib/cryptohi/Makefile | 81 -
security/nss/lib/cryptohi/config.mk | 47 -
security/nss/lib/cryptohi/cryptohi.h | 275 -
security/nss/lib/cryptohi/cryptoht.h | 48 -
security/nss/lib/cryptohi/dsautil.c | 300 -
security/nss/lib/cryptohi/hasht.h | 102 -
security/nss/lib/cryptohi/key.h | 43 -
security/nss/lib/cryptohi/keyhi.h | 290 -
security/nss/lib/cryptohi/keyt.h | 43 -
security/nss/lib/cryptohi/keythi.h | 258 -
security/nss/lib/cryptohi/manifest.mn | 67 -
security/nss/lib/cryptohi/sechash.c | 381 -
security/nss/lib/cryptohi/sechash.h | 86 -
security/nss/lib/cryptohi/seckey.c | 2334 -
security/nss/lib/cryptohi/secsign.c | 513 -
security/nss/lib/cryptohi/secvfy.c | 512 -
security/nss/lib/dev/Makefile | 57 -
security/nss/lib/dev/ckhelper.c | 728 -
security/nss/lib/dev/ckhelper.h | 197 -
security/nss/lib/dev/config.mk | 52 -
security/nss/lib/dev/dev.h | 1004 -
security/nss/lib/dev/devm.h | 245 -
security/nss/lib/dev/devmod.c | 878 -
security/nss/lib/dev/devslot.c | 852 -
security/nss/lib/dev/devt.h | 202 -
security/nss/lib/dev/devtm.h | 61 -
security/nss/lib/dev/devtoken.c | 1722 -
security/nss/lib/dev/devutil.c | 1454 -
security/nss/lib/dev/manifest.mn | 70 -
security/nss/lib/dev/nssdev.h | 75 -
security/nss/lib/dev/nssdevt.h | 72 -
security/nss/lib/freebl/GF2m_ecl.c | 540 -
security/nss/lib/freebl/GF2m_ecl.h | 97 -
security/nss/lib/freebl/GFp_ecl.c | 648 -
security/nss/lib/freebl/GFp_ecl.h | 127 -
security/nss/lib/freebl/Makefile | 537 -
security/nss/lib/freebl/aeskeywrap.c | 413 -
security/nss/lib/freebl/alg2268.c | 515 -
security/nss/lib/freebl/alghmac.c | 193 -
security/nss/lib/freebl/alghmac.h | 96 -
security/nss/lib/freebl/arcfive.c | 117 -
security/nss/lib/freebl/arcfour-amd64-gas.s | 116 -
security/nss/lib/freebl/arcfour-amd64-sun.s | 116 -
security/nss/lib/freebl/arcfour.c | 639 -
security/nss/lib/freebl/blapi.h | 1062 -
security/nss/lib/freebl/blapit.h | 372 -
security/nss/lib/freebl/config.mk | 112 -
security/nss/lib/freebl/des.c | 689 -
security/nss/lib/freebl/des.h | 75 -
security/nss/lib/freebl/desblapi.c | 301 -
security/nss/lib/freebl/dh.c | 388 -
security/nss/lib/freebl/dsa.c | 450 -
security/nss/lib/freebl/ec.c | 1053 -
security/nss/lib/freebl/ec.h | 52 -
security/nss/lib/freebl/ecl/Makefile | 227 -
security/nss/lib/freebl/ecl/README | 330 -
security/nss/lib/freebl/ecl/README.FP | 317 -
security/nss/lib/freebl/ecl/ec2.h | 126 -
security/nss/lib/freebl/ecl/ec2_163.c | 259 -
security/nss/lib/freebl/ecl/ec2_193.c | 276 -
security/nss/lib/freebl/ecl/ec2_233.c | 299 -
security/nss/lib/freebl/ecl/ec2_aff.c | 347 -
security/nss/lib/freebl/ecl/ec2_mont.c | 277 -
security/nss/lib/freebl/ecl/ec2_proj.c | 369 -
security/nss/lib/freebl/ecl/ec_naf.c | 103 -
security/nss/lib/freebl/ecl/ecl-curve.h | 648 -
security/nss/lib/freebl/ecl/ecl-exp.h | 196 -
security/nss/lib/freebl/ecl/ecl-priv.h | 219 -
security/nss/lib/freebl/ecl/ecl.c | 426 -
security/nss/lib/freebl/ecl/ecl.h | 91 -
security/nss/lib/freebl/ecl/ecl_curve.c | 122 -
security/nss/lib/freebl/ecl/ecl_gf.c | 339 -
security/nss/lib/freebl/ecl/ecl_mult.c | 356 -
security/nss/lib/freebl/ecl/ecp.h | 140 -
security/nss/lib/freebl/ecl/ecp_192.c | 229 -
security/nss/lib/freebl/ecl/ecp_224.c | 306 -
security/nss/lib/freebl/ecl/ecp_aff.c | 357 -
security/nss/lib/freebl/ecl/ecp_fp.c | 568 -
security/nss/lib/freebl/ecl/ecp_fp.h | 406 -
security/nss/lib/freebl/ecl/ecp_fp160.c | 179 -
security/nss/lib/freebl/ecl/ecp_fp192.c | 177 -
security/nss/lib/freebl/ecl/ecp_fp224.c | 190 -
security/nss/lib/freebl/ecl/ecp_fpinc.c | 855 -
security/nss/lib/freebl/ecl/ecp_jac.c | 553 -
security/nss/lib/freebl/ecl/ecp_jm.c | 321 -
security/nss/lib/freebl/ecl/ecp_mont.c | 192 -
security/nss/lib/freebl/ecl/tests/ec2_test.c | 473 -
security/nss/lib/freebl/ecl/tests/ec_naft.c | 151 -
security/nss/lib/freebl/ecl/tests/ecp_fpt.c | 1123 -
security/nss/lib/freebl/ecl/tests/ecp_test.c | 435 -
security/nss/lib/freebl/freebl.def | 58 -
security/nss/lib/freebl/freebl.rc | 101 -
security/nss/lib/freebl/freeblver.c | 56 -
security/nss/lib/freebl/ldvector.c | 238 -
security/nss/lib/freebl/loader.c | 1616 -
security/nss/lib/freebl/loader.h | 464 -
security/nss/lib/freebl/mac_rand.c | 318 -
security/nss/lib/freebl/manifest.mn | 186 -
security/nss/lib/freebl/mapfile.Solaris | 43 -
security/nss/lib/freebl/md2.c | 296 -
security/nss/lib/freebl/md5.c | 595 -
security/nss/lib/freebl/mknewpc2.c | 242 -
security/nss/lib/freebl/mksp.c | 159 -
security/nss/lib/freebl/mpi/Makefile | 279 -
security/nss/lib/freebl/mpi/Makefile.os2 | 280 -
security/nss/lib/freebl/mpi/Makefile.win | 280 -
security/nss/lib/freebl/mpi/README | 799 -
security/nss/lib/freebl/mpi/all-tests | 115 -
security/nss/lib/freebl/mpi/doc/LICENSE | 11 -
security/nss/lib/freebl/mpi/doc/LICENSE-MPL | 32 -
security/nss/lib/freebl/mpi/doc/basecvt.pod | 63 -
security/nss/lib/freebl/mpi/doc/build | 66 -
security/nss/lib/freebl/mpi/doc/div.txt | 101 -
security/nss/lib/freebl/mpi/doc/expt.txt | 132 -
security/nss/lib/freebl/mpi/doc/gcd.pod | 27 -
security/nss/lib/freebl/mpi/doc/invmod.pod | 33 -
security/nss/lib/freebl/mpi/doc/isprime.pod | 62 -
security/nss/lib/freebl/mpi/doc/lap.pod | 35 -
security/nss/lib/freebl/mpi/doc/mpi-test.pod | 49 -
security/nss/lib/freebl/mpi/doc/mul.txt | 114 -
security/nss/lib/freebl/mpi/doc/pi.txt | 90 -
security/nss/lib/freebl/mpi/doc/prime.txt | 6542 --
security/nss/lib/freebl/mpi/doc/prng.pod | 41 -
security/nss/lib/freebl/mpi/doc/redux.txt | 121 -
security/nss/lib/freebl/mpi/doc/sqrt.txt | 87 -
security/nss/lib/freebl/mpi/doc/square.txt | 109 -
security/nss/lib/freebl/mpi/doc/timing.txt | 250 -
security/nss/lib/freebl/mpi/hpma512.s | 640 -
security/nss/lib/freebl/mpi/hppa20.s | 929 -
security/nss/lib/freebl/mpi/hppatch.adb | 54 -
security/nss/lib/freebl/mpi/logtab.h | 62 -
security/nss/lib/freebl/mpi/make-logtab | 64 -
security/nss/lib/freebl/mpi/make-test-arrays | 133 -
security/nss/lib/freebl/mpi/mdxptest.c | 342 -
security/nss/lib/freebl/mpi/montmulf.c | 329 -
security/nss/lib/freebl/mpi/montmulf.h | 103 -
security/nss/lib/freebl/mpi/montmulf.il | 141 -
security/nss/lib/freebl/mpi/montmulf.s | 1967 -
security/nss/lib/freebl/mpi/montmulfv8.il | 141 -
security/nss/lib/freebl/mpi/montmulfv8.s | 1847 -
security/nss/lib/freebl/mpi/montmulfv9.il | 126 -
security/nss/lib/freebl/mpi/montmulfv9.s | 2377 -
security/nss/lib/freebl/mpi/mp_comba.c | 1306 -
.../nss/lib/freebl/mpi/mp_comba_amd64_sun.s | 16097 -----
security/nss/lib/freebl/mpi/mp_gf2m-priv.h | 102 -
security/nss/lib/freebl/mpi/mp_gf2m.c | 600 -
security/nss/lib/freebl/mpi/mp_gf2m.h | 63 -
security/nss/lib/freebl/mpi/mpcpucache.c | 773 -
.../nss/lib/freebl/mpi/mpcpucache_amd64.s | 891 -
security/nss/lib/freebl/mpi/mpcpucache_x86.s | 931 -
security/nss/lib/freebl/mpi/mpi-config.h | 112 -
security/nss/lib/freebl/mpi/mpi-priv.h | 318 -
security/nss/lib/freebl/mpi/mpi-test.c | 1986 -
security/nss/lib/freebl/mpi/mpi.c | 4847 --
security/nss/lib/freebl/mpi/mpi.h | 336 -
security/nss/lib/freebl/mpi/mpi_amd64.c | 65 -
security/nss/lib/freebl/mpi/mpi_amd64_gas.s | 418 -
security/nss/lib/freebl/mpi/mpi_amd64_sun.s | 418 -
security/nss/lib/freebl/mpi/mpi_hp.c | 115 -
security/nss/lib/freebl/mpi/mpi_i86pc.s | 342 -
security/nss/lib/freebl/mpi/mpi_mips.s | 502 -
security/nss/lib/freebl/mpi/mpi_sparc.c | 361 -
security/nss/lib/freebl/mpi/mpi_x86.asm | 356 -
security/nss/lib/freebl/mpi/mpi_x86.s | 345 -
security/nss/lib/freebl/mpi/mplogic.c | 465 -
security/nss/lib/freebl/mpi/mplogic.h | 85 -
security/nss/lib/freebl/mpi/mpmontg.c | 1210 -
security/nss/lib/freebl/mpi/mpprime.c | 626 -
security/nss/lib/freebl/mpi/mpprime.h | 70 -
security/nss/lib/freebl/mpi/mpv_sparc.c | 253 -
security/nss/lib/freebl/mpi/mpv_sparcv8.s | 1639 -
security/nss/lib/freebl/mpi/mpv_sparcv8x.s | 175 -
security/nss/lib/freebl/mpi/mpv_sparcv9.s | 1673 -
security/nss/lib/freebl/mpi/mpvalpha.c | 214 -
security/nss/lib/freebl/mpi/mulsqr.c | 115 -
security/nss/lib/freebl/mpi/multest | 111 -
security/nss/lib/freebl/mpi/primes.c | 874 -
security/nss/lib/freebl/mpi/stats | 74 -
security/nss/lib/freebl/mpi/target.mk | 231 -
security/nss/lib/freebl/mpi/test-arrays.txt | 90 -
security/nss/lib/freebl/mpi/test-info.c | 194 -
security/nss/lib/freebl/mpi/tests/LICENSE | 6 -
security/nss/lib/freebl/mpi/tests/LICENSE-MPL | 32 -
security/nss/lib/freebl/mpi/tests/mptest-1.c | 75 -
security/nss/lib/freebl/mpi/tests/mptest-2.c | 86 -
security/nss/lib/freebl/mpi/tests/mptest-3.c | 131 -
security/nss/lib/freebl/mpi/tests/mptest-3a.c | 144 -
security/nss/lib/freebl/mpi/tests/mptest-4.c | 126 -
security/nss/lib/freebl/mpi/tests/mptest-4a.c | 138 -
security/nss/lib/freebl/mpi/tests/mptest-4b.c | 135 -
security/nss/lib/freebl/mpi/tests/mptest-5.c | 103 -
security/nss/lib/freebl/mpi/tests/mptest-5a.c | 165 -
security/nss/lib/freebl/mpi/tests/mptest-6.c | 111 -
security/nss/lib/freebl/mpi/tests/mptest-7.c | 107 -
security/nss/lib/freebl/mpi/tests/mptest-8.c | 98 -
security/nss/lib/freebl/mpi/tests/mptest-9.c | 116 -
security/nss/lib/freebl/mpi/tests/mptest-b.c | 220 -
security/nss/lib/freebl/mpi/tests/pi1k.txt | 1 -
security/nss/lib/freebl/mpi/tests/pi2k.txt | 1 -
security/nss/lib/freebl/mpi/tests/pi5k.txt | 1 -
security/nss/lib/freebl/mpi/timetest | 135 -
security/nss/lib/freebl/mpi/types.pl | 162 -
security/nss/lib/freebl/mpi/utils/LICENSE | 4 -
security/nss/lib/freebl/mpi/utils/LICENSE-MPL | 32 -
security/nss/lib/freebl/mpi/utils/PRIMES | 41 -
security/nss/lib/freebl/mpi/utils/README | 241 -
security/nss/lib/freebl/mpi/utils/basecvt.c | 100 -
security/nss/lib/freebl/mpi/utils/bbs_rand.c | 96 -
security/nss/lib/freebl/mpi/utils/bbs_rand.h | 57 -
security/nss/lib/freebl/mpi/utils/bbsrand.c | 67 -
security/nss/lib/freebl/mpi/utils/dec2hex.c | 71 -
security/nss/lib/freebl/mpi/utils/exptmod.c | 83 -
security/nss/lib/freebl/mpi/utils/fact.c | 115 -
security/nss/lib/freebl/mpi/utils/gcd.c | 119 -
security/nss/lib/freebl/mpi/utils/hex2dec.c | 71 -
security/nss/lib/freebl/mpi/utils/identest.c | 79 -
security/nss/lib/freebl/mpi/utils/invmod.c | 92 -
security/nss/lib/freebl/mpi/utils/isprime.c | 121 -
security/nss/lib/freebl/mpi/utils/lap.c | 121 -
security/nss/lib/freebl/mpi/utils/makeprime.c | 147 -
security/nss/lib/freebl/mpi/utils/metime.c | 136 -
security/nss/lib/freebl/mpi/utils/pi.c | 197 -
security/nss/lib/freebl/mpi/utils/primegen.c | 201 -
security/nss/lib/freebl/mpi/utils/prng.c | 90 -
security/nss/lib/freebl/mpi/utils/ptab.pl | 61 -
security/nss/lib/freebl/mpi/utils/sieve.c | 268 -
security/nss/lib/freebl/mpi/vis_32.il | 1324 -
security/nss/lib/freebl/mpi/vis_64.il | 1030 -
security/nss/lib/freebl/mpi/vis_proto.h | 267 -
security/nss/lib/freebl/os2_rand.c | 333 -
security/nss/lib/freebl/pqg.c | 671 -
security/nss/lib/freebl/prng_fips1861.c | 586 -
security/nss/lib/freebl/rawhash.c | 164 -
security/nss/lib/freebl/ret_cr16.s | 54 -
security/nss/lib/freebl/rijndael.c | 1155 -
security/nss/lib/freebl/rijndael.h | 95 -
security/nss/lib/freebl/rijndael32.tab | 1215 -
security/nss/lib/freebl/rijndael_tables.c | 246 -
security/nss/lib/freebl/rsa.c | 960 -
security/nss/lib/freebl/secmpi.h | 61 -
security/nss/lib/freebl/secrng.h | 85 -
security/nss/lib/freebl/sha-fast-amd64-sun.s | 2142 -
security/nss/lib/freebl/sha.c | 161 -
security/nss/lib/freebl/sha.h | 49 -
security/nss/lib/freebl/sha512.c | 1389 -
security/nss/lib/freebl/sha_fast.c | 472 -
security/nss/lib/freebl/sha_fast.h | 178 -
security/nss/lib/freebl/shsign.h | 47 -
security/nss/lib/freebl/shvfy.c | 295 -
security/nss/lib/freebl/sysrand.c | 49 -
security/nss/lib/freebl/tlsprfalg.c | 164 -
security/nss/lib/freebl/unix_rand.c | 996 -
security/nss/lib/freebl/win_rand.c | 548 -
security/nss/lib/jar/Makefile | 43 -
security/nss/lib/jar/config.mk | 47 -
security/nss/lib/jar/jar-ds.c | 73 -
security/nss/lib/jar/jar-ds.h | 109 -
security/nss/lib/jar/jar.c | 834 -
security/nss/lib/jar/jar.h | 481 -
security/nss/lib/jar/jarevil.c | 577 -
security/nss/lib/jar/jarevil.h | 79 -
security/nss/lib/jar/jarfile.c | 1154 -
security/nss/lib/jar/jarfile.h | 117 -
security/nss/lib/jar/jarint.c | 84 -
security/nss/lib/jar/jarint.h | 119 -
security/nss/lib/jar/jarjart.c | 360 -
security/nss/lib/jar/jarjart.h | 75 -
security/nss/lib/jar/jarnav.c | 110 -
security/nss/lib/jar/jarsign.c | 374 -
security/nss/lib/jar/jarver.c | 2023 -
security/nss/lib/jar/jzconf.h | 190 -
security/nss/lib/jar/jzlib.h | 896 -
security/nss/lib/jar/manifest.mn | 58 -
security/nss/lib/manifest.mn | 69 -
security/nss/lib/nss/Makefile | 80 -
security/nss/lib/nss/config.mk | 133 -
security/nss/lib/nss/manifest.mn | 59 -
security/nss/lib/nss/nss.def | 880 -
security/nss/lib/nss/nss.h | 208 -
security/nss/lib/nss/nss.rc | 101 -
security/nss/lib/nss/nssinit.c | 676 -
security/nss/lib/nss/nssrenam.h | 53 -
security/nss/lib/nss/nssver.c | 56 -
security/nss/lib/pk11wrap/Makefile | 103 -
security/nss/lib/pk11wrap/config.mk | 47 -
security/nss/lib/pk11wrap/debug_module.c | 2212 -
security/nss/lib/pk11wrap/dev3hack.c | 316 -
security/nss/lib/pk11wrap/dev3hack.h | 66 -
security/nss/lib/pk11wrap/manifest.mn | 88 -
security/nss/lib/pk11wrap/pk11akey.c | 2095 -
security/nss/lib/pk11wrap/pk11auth.c | 760 -
security/nss/lib/pk11wrap/pk11cert.c | 2437 -
security/nss/lib/pk11wrap/pk11cxt.c | 1062 -
security/nss/lib/pk11wrap/pk11err.c | 154 -
security/nss/lib/pk11wrap/pk11func.h | 46 -
security/nss/lib/pk11wrap/pk11init.h | 55 -
security/nss/lib/pk11wrap/pk11kea.c | 239 -
security/nss/lib/pk11wrap/pk11list.c | 127 -
security/nss/lib/pk11wrap/pk11load.c | 433 -
security/nss/lib/pk11wrap/pk11mech.c | 1788 -
security/nss/lib/pk11wrap/pk11nobj.c | 805 -
security/nss/lib/pk11wrap/pk11obj.c | 1695 -
security/nss/lib/pk11wrap/pk11pars.c | 427 -
security/nss/lib/pk11wrap/pk11pbe.c | 844 -
security/nss/lib/pk11wrap/pk11pk12.c | 558 -
security/nss/lib/pk11wrap/pk11pqg.c | 387 -
security/nss/lib/pk11wrap/pk11pqg.h | 155 -
security/nss/lib/pk11wrap/pk11priv.h | 226 -
security/nss/lib/pk11wrap/pk11pub.h | 700 -
security/nss/lib/pk11wrap/pk11sdr.c | 322 -
security/nss/lib/pk11wrap/pk11sdr.h | 59 -
security/nss/lib/pk11wrap/pk11skey.c | 2167 -
security/nss/lib/pk11wrap/pk11slot.c | 2298 -
security/nss/lib/pk11wrap/pk11util.c | 1440 -
security/nss/lib/pk11wrap/secmod.h | 171 -
security/nss/lib/pk11wrap/secmodi.h | 161 -
security/nss/lib/pk11wrap/secmodt.h | 465 -
security/nss/lib/pk11wrap/secmodti.h | 223 -
security/nss/lib/pk11wrap/secpkcs5.h | 90 -
security/nss/lib/pkcs12/Makefile | 81 -
security/nss/lib/pkcs12/config.mk | 48 -
security/nss/lib/pkcs12/manifest.mn | 62 -
security/nss/lib/pkcs12/p12.h | 208 -
security/nss/lib/pkcs12/p12creat.c | 254 -
security/nss/lib/pkcs12/p12d.c | 3472 --
security/nss/lib/pkcs12/p12dec.c | 696 -
security/nss/lib/pkcs12/p12e.c | 2368 -
security/nss/lib/pkcs12/p12exp.c | 1410 -
security/nss/lib/pkcs12/p12local.c | 1371 -
security/nss/lib/pkcs12/p12local.h | 91 -
security/nss/lib/pkcs12/p12plcy.c | 201 -
security/nss/lib/pkcs12/p12plcy.h | 63 -
security/nss/lib/pkcs12/p12t.h | 187 -
security/nss/lib/pkcs12/p12tmpl.c | 323 -
security/nss/lib/pkcs12/pkcs12.h | 74 -
security/nss/lib/pkcs12/pkcs12t.h | 398 -
security/nss/lib/pkcs7/Makefile | 80 -
security/nss/lib/pkcs7/certread.c | 558 -
security/nss/lib/pkcs7/config.mk | 46 -
security/nss/lib/pkcs7/manifest.mn | 64 -
security/nss/lib/pkcs7/p7common.c | 750 -
security/nss/lib/pkcs7/p7create.c | 1323 -
security/nss/lib/pkcs7/p7decode.c | 2062 -
security/nss/lib/pkcs7/p7encode.c | 1342 -
security/nss/lib/pkcs7/p7local.c | 1451 -
security/nss/lib/pkcs7/p7local.h | 179 -
security/nss/lib/pkcs7/pkcs7t.h | 299 -
security/nss/lib/pkcs7/secmime.c | 904 -
security/nss/lib/pkcs7/secmime.h | 195 -
security/nss/lib/pkcs7/secpkcs7.h | 626 -
security/nss/lib/pki/Makefile | 44 -
security/nss/lib/pki/asymmkey.c | 434 -
security/nss/lib/pki/certdecode.c | 121 -
security/nss/lib/pki/certificate.c | 1154 -
security/nss/lib/pki/config.mk | 52 -
security/nss/lib/pki/cryptocontext.c | 1006 -
security/nss/lib/pki/doc/standiag.png | Bin 20475 -> 0 bytes
security/nss/lib/pki/doc/standoc.html | 474 -
security/nss/lib/pki/manifest.mn | 75 -
security/nss/lib/pki/nsspki.h | 3195 -
security/nss/lib/pki/nsspkit.h | 274 -
security/nss/lib/pki/pki.h | 248 -
security/nss/lib/pki/pki3hack.c | 1228 -
security/nss/lib/pki/pki3hack.h | 197 -
security/nss/lib/pki/pkibase.c | 1452 -
security/nss/lib/pki/pkim.h | 726 -
security/nss/lib/pki/pkistore.c | 706 -
security/nss/lib/pki/pkistore.h | 191 -
security/nss/lib/pki/pkit.h | 219 -
security/nss/lib/pki/pkitm.h | 123 -
security/nss/lib/pki/symmkey.c | 300 -
security/nss/lib/pki/tdcache.c | 1177 -
security/nss/lib/pki/trustdomain.c | 1403 -
security/nss/lib/pki1/Makefile | 50 -
security/nss/lib/pki1/atav.c | 1824 -
security/nss/lib/pki1/config.mk | 51 -
security/nss/lib/pki1/genname.c | 97 -
security/nss/lib/pki1/gnseq.c | 74 -
security/nss/lib/pki1/manifest.mn | 69 -
security/nss/lib/pki1/name.c | 80 -
security/nss/lib/pki1/nsspki1.h | 2872 -
security/nss/lib/pki1/nsspki1t.h | 205 -
security/nss/lib/pki1/oid.c | 1618 -
security/nss/lib/pki1/oiddata.c | 2937 -
security/nss/lib/pki1/oiddata.h | 214 -
security/nss/lib/pki1/oidgen.perl | 318 -
security/nss/lib/pki1/oids.txt | 2119 -
security/nss/lib/pki1/pki1.h | 3037 -
security/nss/lib/pki1/pki1t.h | 107 -
security/nss/lib/pki1/rdn.c | 76 -
security/nss/lib/pki1/rdnseq.c | 74 -
security/nss/lib/smime/Makefile | 80 -
security/nss/lib/smime/cms.h | 1141 -
security/nss/lib/smime/cmsarray.c | 219 -
security/nss/lib/smime/cmsasn1.c | 578 -
security/nss/lib/smime/cmsattr.c | 461 -
security/nss/lib/smime/cmscinfo.c | 360 -
security/nss/lib/smime/cmscipher.c | 788 -
security/nss/lib/smime/cmsdecode.c | 742 -
security/nss/lib/smime/cmsdigdata.c | 231 -
security/nss/lib/smime/cmsdigest.c | 294 -
security/nss/lib/smime/cmsencdata.c | 280 -
security/nss/lib/smime/cmsencode.c | 745 -
security/nss/lib/smime/cmsenvdata.c | 421 -
security/nss/lib/smime/cmslocal.h | 346 -
security/nss/lib/smime/cmsmessage.c | 321 -
security/nss/lib/smime/cmspubkey.c | 565 -
security/nss/lib/smime/cmsrecinfo.c | 743 -
security/nss/lib/smime/cmsreclist.c | 193 -
security/nss/lib/smime/cmsreclist.h | 62 -
security/nss/lib/smime/cmssigdata.c | 1146 -
security/nss/lib/smime/cmssiginfo.c | 1037 -
security/nss/lib/smime/cmst.h | 534 -
security/nss/lib/smime/cmsutil.c | 401 -
security/nss/lib/smime/config.mk | 99 -
security/nss/lib/smime/manifest.mn | 81 -
security/nss/lib/smime/smime.def | 268 -
security/nss/lib/smime/smime.h | 156 -
security/nss/lib/smime/smime.rc | 101 -
security/nss/lib/smime/smimemessage.c | 218 -
security/nss/lib/smime/smimesym.c | 8 -
security/nss/lib/smime/smimeutil.c | 784 -
security/nss/lib/smime/smimever.c | 56 -
security/nss/lib/softoken/Makefile | 95 -
security/nss/lib/softoken/cdbhdl.h | 89 -
security/nss/lib/softoken/config.mk | 101 -
security/nss/lib/softoken/dbinit.c | 449 -
security/nss/lib/softoken/dbmshim.c | 664 -
security/nss/lib/softoken/ecdecode.c | 687 -
security/nss/lib/softoken/fipstest.c | 1494 -
security/nss/lib/softoken/fipstokn.c | 1102 -
security/nss/lib/softoken/keydb.c | 2885 -
security/nss/lib/softoken/keydbi.h | 86 -
security/nss/lib/softoken/lowcert.c | 646 -
security/nss/lib/softoken/lowkey.c | 492 -
security/nss/lib/softoken/lowkeyi.h | 274 -
security/nss/lib/softoken/lowkeyti.h | 163 -
security/nss/lib/softoken/lowpbe.c | 1185 -
security/nss/lib/softoken/lowpbe.h | 135 -
security/nss/lib/softoken/manifest.mn | 88 -
security/nss/lib/softoken/padbuf.c | 80 -
security/nss/lib/softoken/pcert.h | 249 -
security/nss/lib/softoken/pcertdb.c | 5370 --
security/nss/lib/softoken/pcertt.h | 446 -
security/nss/lib/softoken/pk11db.c | 1019 -
security/nss/lib/softoken/pk11pars.h | 869 -
security/nss/lib/softoken/pkcs11.c | 5157 --
security/nss/lib/softoken/pkcs11.h | 323 -
security/nss/lib/softoken/pkcs11c.c | 5708 --
security/nss/lib/softoken/pkcs11f.h | 937 -
security/nss/lib/softoken/pkcs11i.h | 730 -
security/nss/lib/softoken/pkcs11n.h | 246 -
security/nss/lib/softoken/pkcs11ni.h | 52 -
security/nss/lib/softoken/pkcs11p.h | 54 -
security/nss/lib/softoken/pkcs11t.h | 1747 -
security/nss/lib/softoken/pkcs11u.c | 3476 --
security/nss/lib/softoken/pkcs11u.h | 52 -
security/nss/lib/softoken/rsawrapr.c | 879 -
security/nss/lib/softoken/softkver.c | 56 -
security/nss/lib/softoken/softoken.h | 164 -
security/nss/lib/softoken/softokn.def | 61 -
security/nss/lib/softoken/softokn.rc | 101 -
security/nss/lib/softoken/softoknt.h | 64 -
security/nss/lib/softoken/tlsprf.c | 215 -
security/nss/lib/ssl/Makefile | 91 -
security/nss/lib/ssl/authcert.c | 122 -
security/nss/lib/ssl/cmpcert.c | 123 -
security/nss/lib/ssl/config.mk | 125 -
security/nss/lib/ssl/derive.c | 481 -
security/nss/lib/ssl/emulate.c | 636 -
security/nss/lib/ssl/manifest.mn | 90 -
security/nss/lib/ssl/notes.txt | 166 -
security/nss/lib/ssl/nsskea.c | 78 -
security/nss/lib/ssl/os2_err.c | 313 -
security/nss/lib/ssl/os2_err.h | 86 -
security/nss/lib/ssl/preenc.h | 146 -
security/nss/lib/ssl/prelib.c | 67 -
security/nss/lib/ssl/ssl.def | 128 -
security/nss/lib/ssl/ssl.h | 479 -
security/nss/lib/ssl/ssl.rc | 101 -
security/nss/lib/ssl/ssl3con.c | 8064 ---
security/nss/lib/ssl/ssl3ecc.c | 655 -
security/nss/lib/ssl/ssl3gthr.c | 239 -
security/nss/lib/ssl/ssl3prot.h | 303 -
security/nss/lib/ssl/sslauth.c | 270 -
security/nss/lib/ssl/sslcon.c | 3804 --
security/nss/lib/ssl/ssldef.c | 252 -
security/nss/lib/ssl/sslenum.c | 134 -
security/nss/lib/ssl/sslerr.c | 74 -
security/nss/lib/ssl/sslerr.h | 193 -
security/nss/lib/ssl/sslgathr.c | 483 -
security/nss/lib/ssl/sslimpl.h | 1393 -
security/nss/lib/ssl/sslinfo.c | 275 -
security/nss/lib/ssl/sslmutex.c | 673 -
security/nss/lib/ssl/sslmutex.h | 151 -
security/nss/lib/ssl/sslnonce.c | 375 -
security/nss/lib/ssl/sslproto.h | 208 -
security/nss/lib/ssl/sslreveal.c | 100 -
security/nss/lib/ssl/sslsecur.c | 1348 -
security/nss/lib/ssl/sslsnce.c | 1699 -
security/nss/lib/ssl/sslsock.c | 2111 -
security/nss/lib/ssl/sslt.h | 173 -
security/nss/lib/ssl/ssltrace.c | 272 -
security/nss/lib/ssl/sslver.c | 56 -
security/nss/lib/ssl/unix_err.c | 550 -
security/nss/lib/ssl/unix_err.h | 90 -
security/nss/lib/ssl/win32err.c | 379 -
security/nss/lib/ssl/win32err.h | 84 -
security/nss/lib/util/Makefile | 88 -
security/nss/lib/util/base64.h | 74 -
security/nss/lib/util/ciferfam.h | 90 -
security/nss/lib/util/config.mk | 47 -
security/nss/lib/util/derdec.c | 555 -
security/nss/lib/util/derenc.c | 507 -
security/nss/lib/util/dersubr.c | 266 -
security/nss/lib/util/dertime.c | 403 -
security/nss/lib/util/manifest.mn | 100 -
security/nss/lib/util/nssb64.h | 127 -
security/nss/lib/util/nssb64d.c | 864 -
security/nss/lib/util/nssb64e.c | 765 -
security/nss/lib/util/nssb64t.h | 48 -
security/nss/lib/util/nssilckt.h | 224 -
security/nss/lib/util/nssilock.c | 522 -
security/nss/lib/util/nssilock.h | 319 -
security/nss/lib/util/nsslocks.c | 112 -
security/nss/lib/util/nsslocks.h | 70 -
security/nss/lib/util/nssrwlk.c | 514 -
security/nss/lib/util/nssrwlk.h | 163 -
security/nss/lib/util/nssrwlkt.h | 50 -
security/nss/lib/util/portreg.c | 321 -
security/nss/lib/util/portreg.h | 96 -
security/nss/lib/util/pqgutil.c | 270 -
security/nss/lib/util/pqgutil.h | 130 -
security/nss/lib/util/quickder.c | 912 -
security/nss/lib/util/secalgid.c | 182 -
security/nss/lib/util/secasn1.h | 310 -
security/nss/lib/util/secasn1d.c | 3300 --
security/nss/lib/util/secasn1e.c | 1647 -
security/nss/lib/util/secasn1t.h | 300 -
security/nss/lib/util/secasn1u.c | 131 -
security/nss/lib/util/seccomon.h | 115 -
security/nss/lib/util/secder.h | 223 -
security/nss/lib/util/secdert.h | 173 -
security/nss/lib/util/secdig.c | 237 -
security/nss/lib/util/secdig.h | 138 -
security/nss/lib/util/secdigt.h | 60 -
security/nss/lib/util/secerr.h | 213 -
security/nss/lib/util/secinit.c | 53 -
security/nss/lib/util/secitem.c | 313 -
security/nss/lib/util/secitem.h | 122 -
security/nss/lib/util/secoid.c | 1848 -
security/nss/lib/util/secoid.h | 129 -
security/nss/lib/util/secoidt.h | 432 -
security/nss/lib/util/secplcy.c | 117 -
security/nss/lib/util/secplcy.h | 136 -
security/nss/lib/util/secport.c | 607 -
security/nss/lib/util/secport.h | 263 -
security/nss/lib/util/sectime.c | 260 -
security/nss/lib/util/utf8.c | 1833 -
security/nss/lib/util/watcomfx.h | 62 -
security/nss/manifest.mn | 47 -
security/nss/pkg/Makefile | 59 -
security/nss/pkg/linux/Makefile | 121 -
security/nss/pkg/linux/sun-nss.spec | 84 -
security/nss/pkg/solaris/Makefile | 125 -
security/nss/pkg/solaris/Makefile-devl.com | 69 -
security/nss/pkg/solaris/Makefile-devl.targ | 62 -
security/nss/pkg/solaris/Makefile-tlsu.com | 69 -
security/nss/pkg/solaris/Makefile-tlsu.targ | 70 -
security/nss/pkg/solaris/Makefile.com | 70 -
security/nss/pkg/solaris/Makefile.targ | 70 -
security/nss/pkg/solaris/SUNWtls/Makefile | 52 -
security/nss/pkg/solaris/SUNWtls/pkgdepend | 64 -
security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl | 70 -
.../nss/pkg/solaris/SUNWtls/prototype_com | 77 -
.../nss/pkg/solaris/SUNWtls/prototype_i386 | 90 -
.../nss/pkg/solaris/SUNWtls/prototype_sparc | 103 -
security/nss/pkg/solaris/SUNWtlsd/Makefile | 52 -
security/nss/pkg/solaris/SUNWtlsd/pkgdepend | 59 -
.../nss/pkg/solaris/SUNWtlsd/pkginfo.tmpl | 70 -
security/nss/pkg/solaris/SUNWtlsd/prototype | 163 -
security/nss/pkg/solaris/SUNWtlsu/Makefile | 52 -
security/nss/pkg/solaris/SUNWtlsu/pkgdepend | 58 -
.../nss/pkg/solaris/SUNWtlsu/pkginfo.tmpl | 70 -
.../nss/pkg/solaris/SUNWtlsu/prototype_com | 73 -
.../nss/pkg/solaris/SUNWtlsu/prototype_i386 | 78 -
.../nss/pkg/solaris/SUNWtlsu/prototype_sparc | 78 -
security/nss/pkg/solaris/bld_awk_pkginfo.ksh | 141 -
.../nss/pkg/solaris/common_files/copyright | 36 -
security/nss/pkg/solaris/proto64.mk | 50 -
security/nss/tests/all.sh | 106 -
security/nss/tests/cert/cert.sh | 807 -
security/nss/tests/cert/eccert.sh | 886 -
security/nss/tests/cipher/cipher.sh | 119 -
security/nss/tests/cipher/cipher.txt | 35 -
security/nss/tests/cipher/dsa.txt | 8 -
security/nss/tests/cipher/hash.txt | 8 -
security/nss/tests/cipher/performance.sh | 148 -
security/nss/tests/cipher/rsa.txt | 8 -
security/nss/tests/cipher/symmkey.txt | 23 -
security/nss/tests/clean_tbx | 172 -
security/nss/tests/cmdtests/cmdtests.sh | 133 -
security/nss/tests/common/Makefile | 53 -
security/nss/tests/common/cleanup.sh | 44 -
security/nss/tests/common/init.sh | 496 -
security/nss/tests/common/results_header.html | 6 -
security/nss/tests/core_watch | 45 -
security/nss/tests/crmf/crmf.sh | 121 -
security/nss/tests/dbtests/dbtests.sh | 236 -
security/nss/tests/dll_version.sh | 50 -
security/nss/tests/doc/clean.gif | Bin 5503 -> 0 bytes
security/nss/tests/doc/nssqa.txt | 108 -
.../nss/tests/doc/platform_specific_problems | 110 -
security/nss/tests/doc/qa_wrapper.html | 269 -
security/nss/tests/fips/fips.sh | 219 -
security/nss/tests/fixtests.sh | 117 -
security/nss/tests/header | 1636 -
security/nss/tests/jss_dll_version.sh | 22 -
security/nss/tests/jssdir | 28 -
security/nss/tests/jssqa | 220 -
security/nss/tests/mksymlinks | 115 -
security/nss/tests/nssdir | 28 -
security/nss/tests/nsspath | 12 -
security/nss/tests/nssqa | 286 -
security/nss/tests/path_uniq | 107 -
.../nss/tests/pkcs11/netscape/suites/Makefile | 80 -
.../tests/pkcs11/netscape/suites/config.mk | 46 -
.../tests/pkcs11/netscape/suites/manifest.mn | 41 -
.../pkcs11/netscape/suites/security/Makefile | 80 -
.../pkcs11/netscape/suites/security/config.mk | 58 -
.../netscape/suites/security/manifest.mn | 44 -
.../netscape/suites/security/pkcs11/Makefile | 81 -
.../netscape/suites/security/pkcs11/config.mk | 61 -
.../suites/security/pkcs11/manifest.mn | 50 -
.../suites/security/pkcs11/pk11test.c | 1363 -
.../suites/security/pkcs11/pk11test.h | 114 -
.../suites/security/pkcs11/pk11test.htp | 53 -
.../netscape/suites/security/pkcs11/pkcs11.h | 193 -
.../suites/security/pkcs11/pkcs11.reg | 964 -
.../suites/security/pkcs11/pkcs11.rep | 161 -
.../netscape/suites/security/pkcs11/rules.mk | 38 -
.../netscape/suites/security/ssl/Makefile | 82 -
.../netscape/suites/security/ssl/README | 11 -
.../netscape/suites/security/ssl/cert7.db | Bin 90112 -> 0 bytes
.../netscape/suites/security/ssl/config.mk | 66 -
.../netscape/suites/security/ssl/key3.db | Bin 16384 -> 0 bytes
.../netscape/suites/security/ssl/manifest.mn | 57 -
.../netscape/suites/security/ssl/ssl.reg | 49198 ----------------
.../netscape/suites/security/ssl/sslc.c | 296 -
.../netscape/suites/security/ssl/sslc.h | 99 -
.../netscape/suites/security/ssl/ssls.c | 108 -
.../netscape/suites/security/ssl/ssls.h | 130 -
.../netscape/suites/security/ssl/sslt.c | 1186 -
.../netscape/suites/security/ssl/sslt.h | 241 -
.../netscape/suites/security/ssl/sslt.htp | 139 -
.../netscape/suites/security/ssl/sslt.rep | 421 -
.../tests/pkcs11/netscape/trivial/.cvsignore | 6 -
.../tests/pkcs11/netscape/trivial/Makefile.in | 180 -
.../tests/pkcs11/netscape/trivial/README.txt | 56 -
.../tests/pkcs11/netscape/trivial/acconfig.h | 39 -
.../tests/pkcs11/netscape/trivial/config.h.in | 28 -
.../tests/pkcs11/netscape/trivial/configure | 1906 -
.../pkcs11/netscape/trivial/configure.in | 180 -
.../tests/pkcs11/netscape/trivial/install-sh | 251 -
.../tests/pkcs11/netscape/trivial/trivial.c | 1316 -
security/nss/tests/pkits/pkits.sh | 2065 -
security/nss/tests/platformlist | 11 -
security/nss/tests/platformlist.tbx | 14 -
security/nss/tests/qa_stage | 336 -
security/nss/tests/qa_stat | 938 -
security/nss/tests/qaclean | 144 -
security/nss/tests/run_niscc.sh | 487 -
security/nss/tests/sdr/sdr.sh | 131 -
security/nss/tests/set_environment | 234 -
security/nss/tests/smime/alice.txt | 6 -
security/nss/tests/smime/bob.txt | 6 -
security/nss/tests/smime/ecsmime.sh | 260 -
security/nss/tests/smime/smime.sh | 233 -
security/nss/tests/ssl/ecssl.sh | 350 -
security/nss/tests/ssl/ecsslauth.txt | 50 -
security/nss/tests/ssl/ecsslcov.txt | 94 -
security/nss/tests/ssl/ecsslstress.txt | 26 -
security/nss/tests/ssl/ssl.sh | 683 -
security/nss/tests/ssl/ssl_dist_stress.sh | 345 -
security/nss/tests/ssl/sslauth.txt | 31 -
security/nss/tests/ssl/sslcov.txt | 48 -
security/nss/tests/ssl/sslreq.dat | 2 -
security/nss/tests/ssl/sslreq.txt | 2 -
security/nss/tests/ssl/sslstress.txt | 14 -
security/nss/tests/tools/ectools.sh | 210 -
security/nss/tests/tools/sign.html | 5 -
security/nss/tests/tools/signjs.html | 8 -
security/nss/tests/tools/tools.sh | 217 -
security/nss/trademarks.txt | 130 -
1389 files changed, 78 insertions(+), 600334 deletions(-)
delete mode 100644 dbm/.cvsignore
delete mode 100644 dbm/Makefile.in
delete mode 100644 dbm/include/.cvsignore
delete mode 100644 dbm/include/Makefile.in
delete mode 100644 dbm/include/Makefile.win
delete mode 100644 dbm/include/cdefs.h
delete mode 100644 dbm/include/extern.h
delete mode 100644 dbm/include/hash.h
delete mode 100644 dbm/include/hsearch.h
delete mode 100644 dbm/include/mcom_db.h
delete mode 100644 dbm/include/mpool.h
delete mode 100644 dbm/include/ncompat.h
delete mode 100644 dbm/include/ndbm.h
delete mode 100644 dbm/include/nsres.h
delete mode 100644 dbm/include/page.h
delete mode 100644 dbm/include/queue.h
delete mode 100644 dbm/include/search.h
delete mode 100644 dbm/include/watcomfx.h
delete mode 100644 dbm/include/winfile.h
delete mode 100644 dbm/src/.cvsignore
delete mode 100644 dbm/src/Makefile.in
delete mode 100644 dbm/src/Makefile.win
delete mode 100644 dbm/src/db.c
delete mode 100644 dbm/src/h_bigkey.c
delete mode 100644 dbm/src/h_func.c
delete mode 100644 dbm/src/h_log2.c
delete mode 100644 dbm/src/h_page.c
delete mode 100644 dbm/src/hash.c
delete mode 100644 dbm/src/hash_buf.c
delete mode 100644 dbm/src/hsearch.c
delete mode 100644 dbm/src/memmove.c
delete mode 100644 dbm/src/mktemp.c
delete mode 100644 dbm/src/ndbm.c
delete mode 100644 dbm/src/nsres.c
delete mode 100644 dbm/src/snprintf.c
delete mode 100644 dbm/src/strerror.c
delete mode 100644 dbm/tests/.cvsignore
delete mode 100644 dbm/tests/Makefile.in
delete mode 100644 dbm/tests/dbmtest.pkg
delete mode 100644 dbm/tests/lots.c
rename security/{nss/tests/perf/perf.sh => coreconf/makefile.win} (52%)
mode change 100755 => 100644
rename security/{nss/cmd/crmf-cgi/config.mk => coreconf/nsinstall/nfspwd} (84%)
mode change 100644 => 100755
rename security/{nss/cmd/crmftest/config.mk => coreconf/nsinstall/nfspwd.pl} (84%)
delete mode 100644 security/dbm/Makefile
delete mode 100644 security/dbm/config/config.mk
delete mode 100644 security/dbm/include/Makefile
delete mode 100644 security/dbm/include/manifest.mn
delete mode 100644 security/dbm/manifest.mn
delete mode 100644 security/dbm/src/Makefile
delete mode 100644 security/dbm/src/config.mk
delete mode 100644 security/dbm/src/dirent.c
delete mode 100644 security/dbm/src/dirent.h
delete mode 100644 security/dbm/src/manifest.mn
delete mode 100644 security/dbm/tests/Makefile
delete mode 100644 security/nss/Makefile
delete mode 100644 security/nss/cmd/.cvsignore
delete mode 100644 security/nss/cmd/Makefile
delete mode 100644 security/nss/cmd/SSLsample/Makefile
delete mode 100644 security/nss/cmd/SSLsample/NSPRerrs.h
delete mode 100644 security/nss/cmd/SSLsample/README
delete mode 100644 security/nss/cmd/SSLsample/SECerrs.h
delete mode 100644 security/nss/cmd/SSLsample/SSLerrs.h
delete mode 100644 security/nss/cmd/SSLsample/client.c
delete mode 100644 security/nss/cmd/SSLsample/client.mn
delete mode 100755 security/nss/cmd/SSLsample/gencerts
delete mode 100644 security/nss/cmd/SSLsample/make.client
delete mode 100644 security/nss/cmd/SSLsample/make.server
delete mode 100644 security/nss/cmd/SSLsample/server.c
delete mode 100644 security/nss/cmd/SSLsample/server.mn
delete mode 100644 security/nss/cmd/SSLsample/sslerror.h
delete mode 100644 security/nss/cmd/SSLsample/sslsample.c
delete mode 100644 security/nss/cmd/SSLsample/sslsample.h
delete mode 100644 security/nss/cmd/addbuiltin/Makefile
delete mode 100644 security/nss/cmd/addbuiltin/addbuiltin.c
delete mode 100644 security/nss/cmd/addbuiltin/manifest.mn
delete mode 100644 security/nss/cmd/atob/Makefile
delete mode 100644 security/nss/cmd/atob/atob.c
delete mode 100644 security/nss/cmd/atob/manifest.mn
delete mode 100644 security/nss/cmd/bltest/Makefile
delete mode 100644 security/nss/cmd/bltest/blapitest.c
delete mode 100644 security/nss/cmd/bltest/manifest.mn
delete mode 100644 security/nss/cmd/bltest/tests/README
delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/iv0
delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/key0
delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/numtests
delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/aes_ecb/key0
delete mode 100644 security/nss/cmd/bltest/tests/aes_ecb/numtests
delete mode 100644 security/nss/cmd/bltest/tests/aes_ecb/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/iv0
delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/key0
delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/numtests
delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/key0
delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/numtests
delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/iv0
delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/key0
delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/numtests
delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/key0
delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/numtests
delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/key0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/keyseed0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/numtests
delete mode 100644 security/nss/cmd/bltest/tests/dsa/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/pqg0
delete mode 100644 security/nss/cmd/bltest/tests/dsa/sigseed0
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/README
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext1
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext10
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext11
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext12
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext13
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext14
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext15
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext16
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext17
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext18
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext19
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext2
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext20
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext3
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext4
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext5
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext6
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext7
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext8
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/ciphertext9
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key0
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key1
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key10
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key11
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key12
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key13
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key14
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key15
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key16
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key17
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key18
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key19
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key2
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key20
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key3
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key4
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key5
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key6
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key7
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key8
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/key9
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/numtests
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext1
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext10
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext11
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext12
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext13
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext14
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext15
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext16
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext17
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext18
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext19
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext2
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext20
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext3
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext4
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext5
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext6
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext7
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext8
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/plaintext9
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed0
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed1
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed10
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed11
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed12
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed13
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed14
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed15
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed16
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed17
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed18
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed19
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed2
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed20
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed3
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed4
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed5
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed6
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed7
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed8
delete mode 100644 security/nss/cmd/bltest/tests/ecdsa/sigseed9
delete mode 100644 security/nss/cmd/bltest/tests/md2/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/md2/numtests
delete mode 100644 security/nss/cmd/bltest/tests/md2/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/md5/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/md5/numtests
delete mode 100644 security/nss/cmd/bltest/tests/md5/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/iv0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/key0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/key0
delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rc4/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rc4/ciphertext1
delete mode 100644 security/nss/cmd/bltest/tests/rc4/key0
delete mode 100644 security/nss/cmd/bltest/tests/rc4/key1
delete mode 100644 security/nss/cmd/bltest/tests/rc4/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rc4/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rc4/plaintext1
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/iv0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/key0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/params0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/key0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/params0
delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/rsa/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/rsa/key0
delete mode 100644 security/nss/cmd/bltest/tests/rsa/numtests
delete mode 100644 security/nss/cmd/bltest/tests/rsa/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/sha1/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/sha1/numtests
delete mode 100644 security/nss/cmd/bltest/tests/sha1/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/sha256/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/sha256/ciphertext1
delete mode 100644 security/nss/cmd/bltest/tests/sha256/numtests
delete mode 100644 security/nss/cmd/bltest/tests/sha256/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/sha256/plaintext1
delete mode 100644 security/nss/cmd/bltest/tests/sha384/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/sha384/ciphertext1
delete mode 100644 security/nss/cmd/bltest/tests/sha384/numtests
delete mode 100644 security/nss/cmd/bltest/tests/sha384/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/sha384/plaintext1
delete mode 100644 security/nss/cmd/bltest/tests/sha512/ciphertext0
delete mode 100644 security/nss/cmd/bltest/tests/sha512/ciphertext1
delete mode 100644 security/nss/cmd/bltest/tests/sha512/numtests
delete mode 100644 security/nss/cmd/bltest/tests/sha512/plaintext0
delete mode 100644 security/nss/cmd/bltest/tests/sha512/plaintext1
delete mode 100644 security/nss/cmd/btoa/Makefile
delete mode 100644 security/nss/cmd/btoa/btoa.c
delete mode 100644 security/nss/cmd/btoa/manifest.mn
delete mode 100644 security/nss/cmd/certcgi/HOWTO.txt
delete mode 100644 security/nss/cmd/certcgi/Makefile
delete mode 100644 security/nss/cmd/certcgi/ca.html
delete mode 100644 security/nss/cmd/certcgi/ca_form.html
delete mode 100644 security/nss/cmd/certcgi/certcgi.c
delete mode 100644 security/nss/cmd/certcgi/index.html
delete mode 100644 security/nss/cmd/certcgi/main.html
delete mode 100644 security/nss/cmd/certcgi/manifest.mn
delete mode 100644 security/nss/cmd/certcgi/nscp_ext_form.html
delete mode 100644 security/nss/cmd/certcgi/stnd_ext_form.html
delete mode 100644 security/nss/cmd/certutil/Makefile
delete mode 100644 security/nss/cmd/certutil/certutil.c
delete mode 100644 security/nss/cmd/certutil/keystuff.c
delete mode 100644 security/nss/cmd/certutil/manifest.mn
delete mode 100644 security/nss/cmd/checkcert/Makefile
delete mode 100644 security/nss/cmd/checkcert/checkcert.c
delete mode 100644 security/nss/cmd/checkcert/manifest.mn
delete mode 100644 security/nss/cmd/crlutil/Makefile
delete mode 100644 security/nss/cmd/crlutil/crlgen.c
delete mode 100644 security/nss/cmd/crlutil/crlgen.h
delete mode 100644 security/nss/cmd/crlutil/crlgen_lex.c
delete mode 100644 security/nss/cmd/crlutil/crlgen_lex_fix.sed
delete mode 100644 security/nss/cmd/crlutil/crlgen_lex_orig.l
delete mode 100644 security/nss/cmd/crlutil/crlutil.c
delete mode 100644 security/nss/cmd/crlutil/manifest.mn
delete mode 100644 security/nss/cmd/crmf-cgi/Makefile
delete mode 100644 security/nss/cmd/crmf-cgi/crmfcgi.c
delete mode 100644 security/nss/cmd/crmf-cgi/crmfcgi.html
delete mode 100644 security/nss/cmd/crmf-cgi/manifest.mn
delete mode 100644 security/nss/cmd/crmftest/Makefile
delete mode 100644 security/nss/cmd/crmftest/manifest.mn
delete mode 100644 security/nss/cmd/crmftest/testcrmf.c
delete mode 100644 security/nss/cmd/dbck/Makefile
delete mode 100644 security/nss/cmd/dbck/dbck.c
delete mode 100644 security/nss/cmd/dbck/manifest.mn
delete mode 100644 security/nss/cmd/dbtest/Makefile
delete mode 100644 security/nss/cmd/dbtest/dbtest.c
delete mode 100644 security/nss/cmd/dbtest/manifest.mn
delete mode 100644 security/nss/cmd/derdump/Makefile
delete mode 100644 security/nss/cmd/derdump/derdump.c
delete mode 100644 security/nss/cmd/derdump/manifest.mn
delete mode 100644 security/nss/cmd/digest/Makefile
delete mode 100644 security/nss/cmd/digest/digest.c
delete mode 100644 security/nss/cmd/digest/manifest.mn
delete mode 100755 security/nss/cmd/fipstest/Makefile
delete mode 100644 security/nss/cmd/fipstest/aes.sh
delete mode 100644 security/nss/cmd/fipstest/ecdsa.sh
delete mode 100644 security/nss/cmd/fipstest/fipstest.c
delete mode 100755 security/nss/cmd/fipstest/hmac.sh
delete mode 100644 security/nss/cmd/fipstest/manifest.mn
delete mode 100644 security/nss/cmd/fipstest/sha.sh
delete mode 100644 security/nss/cmd/fipstest/tdea.sh
delete mode 100644 security/nss/cmd/lib/Makefile
delete mode 100644 security/nss/cmd/lib/NSPRerrs.h
delete mode 100644 security/nss/cmd/lib/SECerrs.h
delete mode 100644 security/nss/cmd/lib/SSLerrs.h
delete mode 100644 security/nss/cmd/lib/berparse.c
delete mode 100644 security/nss/cmd/lib/config.mk
delete mode 100644 security/nss/cmd/lib/derprint.c
delete mode 100644 security/nss/cmd/lib/ffs.c
delete mode 100644 security/nss/cmd/lib/manifest.mn
delete mode 100644 security/nss/cmd/lib/moreoids.c
delete mode 100644 security/nss/cmd/lib/pppolicy.c
delete mode 100644 security/nss/cmd/lib/secerror.c
delete mode 100644 security/nss/cmd/lib/secpwd.c
delete mode 100644 security/nss/cmd/lib/secutil.c
delete mode 100644 security/nss/cmd/lib/secutil.h
delete mode 100644 security/nss/cmd/makepqg/Makefile
delete mode 100644 security/nss/cmd/makepqg/makepqg.c
delete mode 100644 security/nss/cmd/makepqg/manifest.mn
delete mode 100644 security/nss/cmd/makepqg/testit.ksh
delete mode 100644 security/nss/cmd/manifest.mn
delete mode 100644 security/nss/cmd/modutil/Makefile
delete mode 100644 security/nss/cmd/modutil/README
delete mode 100644 security/nss/cmd/modutil/error.h
delete mode 100644 security/nss/cmd/modutil/install-ds.c
delete mode 100644 security/nss/cmd/modutil/install-ds.h
delete mode 100644 security/nss/cmd/modutil/install.c
delete mode 100644 security/nss/cmd/modutil/install.h
delete mode 100644 security/nss/cmd/modutil/installparse.c
delete mode 100644 security/nss/cmd/modutil/installparse.h
delete mode 100644 security/nss/cmd/modutil/installparse.l
delete mode 100644 security/nss/cmd/modutil/installparse.y
delete mode 100644 security/nss/cmd/modutil/instsec.c
delete mode 100644 security/nss/cmd/modutil/lex.Pk11Install_yy.c
delete mode 100644 security/nss/cmd/modutil/manifest.mn
delete mode 100644 security/nss/cmd/modutil/modutil.c
delete mode 100644 security/nss/cmd/modutil/modutil.h
delete mode 100644 security/nss/cmd/modutil/pk11.c
delete mode 100644 security/nss/cmd/modutil/pk11jar.html
delete mode 100644 security/nss/cmd/modutil/rules.mk
delete mode 100644 security/nss/cmd/modutil/specification.html
delete mode 100644 security/nss/cmd/ocspclnt/Makefile
delete mode 100644 security/nss/cmd/ocspclnt/manifest.mn
delete mode 100644 security/nss/cmd/ocspclnt/ocspclnt.c
delete mode 100644 security/nss/cmd/oidcalc/Makefile
delete mode 100644 security/nss/cmd/oidcalc/manifest.mn
delete mode 100644 security/nss/cmd/oidcalc/oidcalc.c
delete mode 100644 security/nss/cmd/p7content/Makefile
delete mode 100644 security/nss/cmd/p7content/manifest.mn
delete mode 100644 security/nss/cmd/p7content/p7content.c
delete mode 100644 security/nss/cmd/p7env/Makefile
delete mode 100644 security/nss/cmd/p7env/manifest.mn
delete mode 100644 security/nss/cmd/p7env/p7env.c
delete mode 100644 security/nss/cmd/p7sign/Makefile
delete mode 100644 security/nss/cmd/p7sign/manifest.mn
delete mode 100644 security/nss/cmd/p7sign/p7sign.c
delete mode 100644 security/nss/cmd/p7verify/Makefile
delete mode 100644 security/nss/cmd/p7verify/manifest.mn
delete mode 100644 security/nss/cmd/p7verify/p7verify.c
delete mode 100644 security/nss/cmd/pk11util/Makefile
delete mode 100644 security/nss/cmd/pk11util/manifest.mn
delete mode 100644 security/nss/cmd/pk11util/pk11table.c
delete mode 100644 security/nss/cmd/pk11util/pk11util.c
delete mode 100644 security/nss/cmd/pk11util/pk11util.h
delete mode 100644 security/nss/cmd/pk11util/scripts/dosign
delete mode 100644 security/nss/cmd/pk11util/scripts/hssign
delete mode 100644 security/nss/cmd/pk11util/scripts/lcert
delete mode 100644 security/nss/cmd/pk11util/scripts/mechanisms
delete mode 100644 security/nss/cmd/pk11util/scripts/pLabel1
delete mode 100644 security/nss/cmd/pk11util/scripts/pMechanisms
delete mode 100644 security/nss/cmd/pk11util/scripts/pcert
delete mode 100644 security/nss/cmd/pk11util/scripts/pkey
delete mode 100644 security/nss/cmd/pk12util/Makefile
delete mode 100644 security/nss/cmd/pk12util/manifest.mn
delete mode 100644 security/nss/cmd/pk12util/pk12util.c
delete mode 100644 security/nss/cmd/pk12util/pk12util.h
delete mode 100644 security/nss/cmd/platlibs.mk
delete mode 100644 security/nss/cmd/platrules.mk
delete mode 100644 security/nss/cmd/pp/Makefile
delete mode 100644 security/nss/cmd/pp/manifest.mn
delete mode 100644 security/nss/cmd/pp/pp.c
delete mode 100644 security/nss/cmd/pwdecrypt/Makefile
delete mode 100644 security/nss/cmd/pwdecrypt/manifest.mn
delete mode 100644 security/nss/cmd/pwdecrypt/pwdecrypt.c
delete mode 100644 security/nss/cmd/rsaperf/Makefile
delete mode 100644 security/nss/cmd/rsaperf/defkey.c
delete mode 100644 security/nss/cmd/rsaperf/manifest.mn
delete mode 100644 security/nss/cmd/rsaperf/rsaperf.c
delete mode 100644 security/nss/cmd/samples/cert
delete mode 100644 security/nss/cmd/samples/cert0
delete mode 100644 security/nss/cmd/samples/cert1
delete mode 100644 security/nss/cmd/samples/cert2
delete mode 100644 security/nss/cmd/samples/pkcs7.ber
delete mode 100644 security/nss/cmd/samples/pkcs7bday.ber
delete mode 100644 security/nss/cmd/samples/pkcs7cnet.ber
delete mode 100644 security/nss/cmd/samples/pkcs7news.ber
delete mode 100644 security/nss/cmd/samples/x509v3.der
delete mode 100644 security/nss/cmd/samples/x509v3.txt
delete mode 100644 security/nss/cmd/sdrtest/Makefile
delete mode 100644 security/nss/cmd/sdrtest/manifest.mn
delete mode 100644 security/nss/cmd/sdrtest/sdrtest.c
delete mode 100644 security/nss/cmd/selfserv/Makefile
delete mode 100644 security/nss/cmd/selfserv/manifest.mn
delete mode 100644 security/nss/cmd/selfserv/selfserv.c
delete mode 100644 security/nss/cmd/shlibsign/Makefile
delete mode 100644 security/nss/cmd/shlibsign/mangle/Makefile
delete mode 100644 security/nss/cmd/shlibsign/mangle/mangle.c
delete mode 100644 security/nss/cmd/shlibsign/mangle/manifest.mn
delete mode 100644 security/nss/cmd/shlibsign/manifest.mn
delete mode 100644 security/nss/cmd/shlibsign/shlibsign.c
delete mode 100644 security/nss/cmd/shlibsign/sign.cmd
delete mode 100644 security/nss/cmd/shlibsign/sign.sh
delete mode 100644 security/nss/cmd/signtool/Makefile
delete mode 100644 security/nss/cmd/signtool/README
delete mode 100644 security/nss/cmd/signtool/certgen.c
delete mode 100644 security/nss/cmd/signtool/javascript.c
delete mode 100644 security/nss/cmd/signtool/list.c
delete mode 100644 security/nss/cmd/signtool/manifest.mn
delete mode 100644 security/nss/cmd/signtool/sign.c
delete mode 100644 security/nss/cmd/signtool/signtool.c
delete mode 100644 security/nss/cmd/signtool/signtool.h
delete mode 100644 security/nss/cmd/signtool/util.c
delete mode 100644 security/nss/cmd/signtool/verify.c
delete mode 100644 security/nss/cmd/signtool/zip.c
delete mode 100644 security/nss/cmd/signtool/zip.h
delete mode 100644 security/nss/cmd/signver/Makefile
delete mode 100755 security/nss/cmd/signver/examples/1/form.pl
delete mode 100644 security/nss/cmd/signver/examples/1/signedForm.html
delete mode 100644 security/nss/cmd/signver/examples/1/signedForm.nt.html
delete mode 100755 security/nss/cmd/signver/examples/1/signedForm.pl
delete mode 100644 security/nss/cmd/signver/manifest.mn
delete mode 100644 security/nss/cmd/signver/pk7print.c
delete mode 100644 security/nss/cmd/signver/signver.c
delete mode 100644 security/nss/cmd/smimetools/Makefile
delete mode 100644 security/nss/cmd/smimetools/cmsutil.c
delete mode 100644 security/nss/cmd/smimetools/manifest.mn
delete mode 100644 security/nss/cmd/smimetools/rules.mk
delete mode 100755 security/nss/cmd/smimetools/smime
delete mode 100644 security/nss/cmd/ssltap/Makefile
delete mode 100644 security/nss/cmd/ssltap/manifest.mn
delete mode 100644 security/nss/cmd/ssltap/ssltap-manual.html
delete mode 100644 security/nss/cmd/ssltap/ssltap.c
delete mode 100644 security/nss/cmd/strsclnt/Makefile
delete mode 100644 security/nss/cmd/strsclnt/manifest.mn
delete mode 100644 security/nss/cmd/strsclnt/strsclnt.c
delete mode 100644 security/nss/cmd/symkeyutil/Makefile
delete mode 100644 security/nss/cmd/symkeyutil/manifest.mn
delete mode 100644 security/nss/cmd/symkeyutil/symkey.man
delete mode 100644 security/nss/cmd/symkeyutil/symkeyutil.c
delete mode 100644 security/nss/cmd/tests/Makefile
delete mode 100644 security/nss/cmd/tests/manifest.mn
delete mode 100644 security/nss/cmd/tests/remtest.c
delete mode 100644 security/nss/cmd/tstclnt/Makefile
delete mode 100644 security/nss/cmd/tstclnt/manifest.mn
delete mode 100644 security/nss/cmd/tstclnt/tstclnt.c
delete mode 100644 security/nss/cmd/vfychain/Makefile
delete mode 100644 security/nss/cmd/vfychain/manifest.mn
delete mode 100644 security/nss/cmd/vfychain/vfychain.c
delete mode 100644 security/nss/cmd/vfyserv/Makefile
delete mode 100644 security/nss/cmd/vfyserv/manifest.mn
delete mode 100644 security/nss/cmd/vfyserv/vfyserv.c
delete mode 100644 security/nss/cmd/vfyserv/vfyserv.h
delete mode 100644 security/nss/cmd/vfyserv/vfyutil.c
delete mode 100644 security/nss/cmd/zlib/Makefile
delete mode 100644 security/nss/cmd/zlib/README
delete mode 100644 security/nss/cmd/zlib/adler32.c
delete mode 100644 security/nss/cmd/zlib/compress.c
delete mode 100644 security/nss/cmd/zlib/config.mk
delete mode 100644 security/nss/cmd/zlib/crc32.c
delete mode 100644 security/nss/cmd/zlib/crc32.h
delete mode 100644 security/nss/cmd/zlib/deflate.c
delete mode 100644 security/nss/cmd/zlib/deflate.h
delete mode 100644 security/nss/cmd/zlib/example.c
delete mode 100644 security/nss/cmd/zlib/gzio.c
delete mode 100644 security/nss/cmd/zlib/infback.c
delete mode 100644 security/nss/cmd/zlib/inffast.c
delete mode 100644 security/nss/cmd/zlib/inffast.h
delete mode 100644 security/nss/cmd/zlib/inffixed.h
delete mode 100644 security/nss/cmd/zlib/inflate.c
delete mode 100644 security/nss/cmd/zlib/inflate.h
delete mode 100644 security/nss/cmd/zlib/inftrees.c
delete mode 100644 security/nss/cmd/zlib/inftrees.h
delete mode 100644 security/nss/cmd/zlib/manifest.mn
delete mode 100644 security/nss/cmd/zlib/minigzip.c
delete mode 100644 security/nss/cmd/zlib/trees.c
delete mode 100644 security/nss/cmd/zlib/trees.h
delete mode 100644 security/nss/cmd/zlib/uncompr.c
delete mode 100644 security/nss/cmd/zlib/zconf.h
delete mode 100644 security/nss/cmd/zlib/zlib.h
delete mode 100644 security/nss/cmd/zlib/zutil.c
delete mode 100644 security/nss/cmd/zlib/zutil.h
delete mode 100644 security/nss/lib/Makefile
delete mode 100644 security/nss/lib/asn1/Makefile
delete mode 100644 security/nss/lib/asn1/asn1.c
delete mode 100644 security/nss/lib/asn1/asn1.h
delete mode 100644 security/nss/lib/asn1/asn1m.h
delete mode 100644 security/nss/lib/asn1/asn1t.h
delete mode 100644 security/nss/lib/asn1/config.mk
delete mode 100644 security/nss/lib/asn1/manifest.mn
delete mode 100644 security/nss/lib/asn1/nssasn1t.h
delete mode 100644 security/nss/lib/base/Makefile
delete mode 100644 security/nss/lib/base/arena.c
delete mode 100644 security/nss/lib/base/base.h
delete mode 100644 security/nss/lib/base/baset.h
delete mode 100644 security/nss/lib/base/config.mk
delete mode 100644 security/nss/lib/base/error.c
delete mode 100644 security/nss/lib/base/errorval.c
delete mode 100644 security/nss/lib/base/hash.c
delete mode 100644 security/nss/lib/base/hashops.c
delete mode 100644 security/nss/lib/base/item.c
delete mode 100644 security/nss/lib/base/libc.c
delete mode 100644 security/nss/lib/base/list.c
delete mode 100644 security/nss/lib/base/manifest.mn
delete mode 100644 security/nss/lib/base/nssbase.h
delete mode 100644 security/nss/lib/base/nssbaset.h
delete mode 100644 security/nss/lib/base/tracker.c
delete mode 100644 security/nss/lib/base/utf8.c
delete mode 100644 security/nss/lib/certdb/.cvsignore
delete mode 100644 security/nss/lib/certdb/Makefile
delete mode 100644 security/nss/lib/certdb/alg1485.c
delete mode 100644 security/nss/lib/certdb/cert.h
delete mode 100644 security/nss/lib/certdb/certdb.c
delete mode 100644 security/nss/lib/certdb/certdb.h
delete mode 100644 security/nss/lib/certdb/certi.h
delete mode 100644 security/nss/lib/certdb/certt.h
delete mode 100644 security/nss/lib/certdb/certv3.c
delete mode 100644 security/nss/lib/certdb/certxutl.c
delete mode 100644 security/nss/lib/certdb/certxutl.h
delete mode 100644 security/nss/lib/certdb/config.mk
delete mode 100644 security/nss/lib/certdb/crl.c
delete mode 100644 security/nss/lib/certdb/genname.c
delete mode 100644 security/nss/lib/certdb/genname.h
delete mode 100644 security/nss/lib/certdb/manifest.mn
delete mode 100644 security/nss/lib/certdb/polcyxtn.c
delete mode 100644 security/nss/lib/certdb/secname.c
delete mode 100644 security/nss/lib/certdb/stanpcertdb.c
delete mode 100644 security/nss/lib/certdb/xauthkid.c
delete mode 100644 security/nss/lib/certdb/xbsconst.c
delete mode 100644 security/nss/lib/certdb/xconst.c
delete mode 100644 security/nss/lib/certdb/xconst.h
delete mode 100644 security/nss/lib/certhigh/Makefile
delete mode 100644 security/nss/lib/certhigh/certhigh.c
delete mode 100644 security/nss/lib/certhigh/certhtml.c
delete mode 100644 security/nss/lib/certhigh/certreq.c
delete mode 100644 security/nss/lib/certhigh/certvfy.c
delete mode 100644 security/nss/lib/certhigh/config.mk
delete mode 100644 security/nss/lib/certhigh/crlv2.c
delete mode 100644 security/nss/lib/certhigh/manifest.mn
delete mode 100644 security/nss/lib/certhigh/ocsp.c
delete mode 100644 security/nss/lib/certhigh/ocsp.h
delete mode 100644 security/nss/lib/certhigh/ocspt.h
delete mode 100644 security/nss/lib/certhigh/ocspti.h
delete mode 100644 security/nss/lib/certhigh/xcrldist.c
delete mode 100644 security/nss/lib/ckfw/Makefile
delete mode 100644 security/nss/lib/ckfw/builtins/Makefile
delete mode 100644 security/nss/lib/ckfw/builtins/README
delete mode 100644 security/nss/lib/ckfw/builtins/anchor.c
delete mode 100644 security/nss/lib/ckfw/builtins/bfind.c
delete mode 100644 security/nss/lib/ckfw/builtins/binst.c
delete mode 100644 security/nss/lib/ckfw/builtins/bobject.c
delete mode 100644 security/nss/lib/ckfw/builtins/bsession.c
delete mode 100644 security/nss/lib/ckfw/builtins/bslot.c
delete mode 100644 security/nss/lib/ckfw/builtins/btoken.c
delete mode 100644 security/nss/lib/ckfw/builtins/builtins.h
delete mode 100644 security/nss/lib/ckfw/builtins/certdata.c
delete mode 100644 security/nss/lib/ckfw/builtins/certdata.perl
delete mode 100644 security/nss/lib/ckfw/builtins/certdata.txt
delete mode 100644 security/nss/lib/ckfw/builtins/ckbiver.c
delete mode 100644 security/nss/lib/ckfw/builtins/config.mk
delete mode 100644 security/nss/lib/ckfw/builtins/constants.c
delete mode 100644 security/nss/lib/ckfw/builtins/manifest.mn
delete mode 100644 security/nss/lib/ckfw/builtins/nssckbi.def
delete mode 100644 security/nss/lib/ckfw/builtins/nssckbi.h
delete mode 100644 security/nss/lib/ckfw/builtins/nssckbi.rc
delete mode 100644 security/nss/lib/ckfw/capi/Makefile
delete mode 100644 security/nss/lib/ckfw/capi/README
delete mode 100644 security/nss/lib/ckfw/capi/anchor.c
delete mode 100644 security/nss/lib/ckfw/capi/cfind.c
delete mode 100644 security/nss/lib/ckfw/capi/cinst.c
delete mode 100644 security/nss/lib/ckfw/capi/ckcapi.h
delete mode 100644 security/nss/lib/ckfw/capi/ckcapiver.c
delete mode 100644 security/nss/lib/ckfw/capi/cobject.c
delete mode 100644 security/nss/lib/ckfw/capi/config.mk
delete mode 100644 security/nss/lib/ckfw/capi/constants.c
delete mode 100644 security/nss/lib/ckfw/capi/crsa.c
delete mode 100644 security/nss/lib/ckfw/capi/csession.c
delete mode 100644 security/nss/lib/ckfw/capi/cslot.c
delete mode 100644 security/nss/lib/ckfw/capi/ctoken.c
delete mode 100644 security/nss/lib/ckfw/capi/manifest.mn
delete mode 100644 security/nss/lib/ckfw/capi/nsscapi.def
delete mode 100644 security/nss/lib/ckfw/capi/nsscapi.h
delete mode 100644 security/nss/lib/ckfw/capi/nsscapi.rc
delete mode 100644 security/nss/lib/ckfw/capi/staticobj.c
delete mode 100644 security/nss/lib/ckfw/ck.api
delete mode 100644 security/nss/lib/ckfw/ck.h
delete mode 100644 security/nss/lib/ckfw/ckapi.perl
delete mode 100644 security/nss/lib/ckfw/ckfw.h
delete mode 100644 security/nss/lib/ckfw/ckfwm.h
delete mode 100644 security/nss/lib/ckfw/ckfwtm.h
delete mode 100644 security/nss/lib/ckfw/ckmd.h
delete mode 100644 security/nss/lib/ckfw/ckt.h
delete mode 100644 security/nss/lib/ckfw/config.mk
delete mode 100644 security/nss/lib/ckfw/crypto.c
delete mode 100644 security/nss/lib/ckfw/dbm/Makefile
delete mode 100644 security/nss/lib/ckfw/dbm/anchor.c
delete mode 100644 security/nss/lib/ckfw/dbm/ckdbm.h
delete mode 100644 security/nss/lib/ckfw/dbm/config.mk
delete mode 100644 security/nss/lib/ckfw/dbm/db.c
delete mode 100644 security/nss/lib/ckfw/dbm/find.c
delete mode 100644 security/nss/lib/ckfw/dbm/instance.c
delete mode 100644 security/nss/lib/ckfw/dbm/manifest.mn
delete mode 100644 security/nss/lib/ckfw/dbm/object.c
delete mode 100644 security/nss/lib/ckfw/dbm/session.c
delete mode 100644 security/nss/lib/ckfw/dbm/slot.c
delete mode 100644 security/nss/lib/ckfw/dbm/token.c
delete mode 100644 security/nss/lib/ckfw/find.c
delete mode 100644 security/nss/lib/ckfw/hash.c
delete mode 100644 security/nss/lib/ckfw/instance.c
delete mode 100644 security/nss/lib/ckfw/manifest.mn
delete mode 100644 security/nss/lib/ckfw/mechanism.c
delete mode 100644 security/nss/lib/ckfw/mutex.c
delete mode 100644 security/nss/lib/ckfw/nsprstub.c
delete mode 100644 security/nss/lib/ckfw/nssck.api
delete mode 100644 security/nss/lib/ckfw/nssckepv.h
delete mode 100644 security/nss/lib/ckfw/nssckft.h
delete mode 100644 security/nss/lib/ckfw/nssckfw.h
delete mode 100644 security/nss/lib/ckfw/nssckfwc.h
delete mode 100644 security/nss/lib/ckfw/nssckfwt.h
delete mode 100644 security/nss/lib/ckfw/nssckg.h
delete mode 100644 security/nss/lib/ckfw/nssckmdt.h
delete mode 100644 security/nss/lib/ckfw/nssckt.h
delete mode 100644 security/nss/lib/ckfw/nssmkey/Makefile
delete mode 100644 security/nss/lib/ckfw/nssmkey/README
delete mode 100644 security/nss/lib/ckfw/nssmkey/ckmk.h
delete mode 100644 security/nss/lib/ckfw/nssmkey/ckmkver.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/config.mk
delete mode 100644 security/nss/lib/ckfw/nssmkey/manchor.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/manifest.mn
delete mode 100644 security/nss/lib/ckfw/nssmkey/mconstants.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/mfind.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/minst.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/mobject.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/mrsa.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/msession.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/mslot.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/mtoken.c
delete mode 100644 security/nss/lib/ckfw/nssmkey/nssmkey.def
delete mode 100644 security/nss/lib/ckfw/nssmkey/nssmkey.h
delete mode 100644 security/nss/lib/ckfw/nssmkey/staticobj.c
delete mode 100644 security/nss/lib/ckfw/object.c
delete mode 100644 security/nss/lib/ckfw/session.c
delete mode 100644 security/nss/lib/ckfw/sessobj.c
delete mode 100644 security/nss/lib/ckfw/slot.c
delete mode 100644 security/nss/lib/ckfw/token.c
delete mode 100644 security/nss/lib/ckfw/wrap.c
delete mode 100644 security/nss/lib/crmf/Makefile
delete mode 100644 security/nss/lib/crmf/asn1cmn.c
delete mode 100644 security/nss/lib/crmf/challcli.c
delete mode 100644 security/nss/lib/crmf/cmmf.h
delete mode 100644 security/nss/lib/crmf/cmmfasn1.c
delete mode 100644 security/nss/lib/crmf/cmmfchal.c
delete mode 100644 security/nss/lib/crmf/cmmfi.h
delete mode 100644 security/nss/lib/crmf/cmmfit.h
delete mode 100644 security/nss/lib/crmf/cmmfrec.c
delete mode 100644 security/nss/lib/crmf/cmmfresp.c
delete mode 100644 security/nss/lib/crmf/cmmft.h
delete mode 100644 security/nss/lib/crmf/config.mk
delete mode 100644 security/nss/lib/crmf/crmf.h
delete mode 100644 security/nss/lib/crmf/crmfcont.c
delete mode 100644 security/nss/lib/crmf/crmfdec.c
delete mode 100644 security/nss/lib/crmf/crmfenc.c
delete mode 100644 security/nss/lib/crmf/crmffut.h
delete mode 100644 security/nss/lib/crmf/crmfget.c
delete mode 100644 security/nss/lib/crmf/crmfi.h
delete mode 100644 security/nss/lib/crmf/crmfit.h
delete mode 100644 security/nss/lib/crmf/crmfpop.c
delete mode 100644 security/nss/lib/crmf/crmfreq.c
delete mode 100644 security/nss/lib/crmf/crmft.h
delete mode 100644 security/nss/lib/crmf/crmftmpl.c
delete mode 100644 security/nss/lib/crmf/encutil.c
delete mode 100644 security/nss/lib/crmf/manifest.mn
delete mode 100644 security/nss/lib/crmf/respcli.c
delete mode 100644 security/nss/lib/crmf/respcmn.c
delete mode 100644 security/nss/lib/crmf/servget.c
delete mode 100644 security/nss/lib/cryptohi/Makefile
delete mode 100644 security/nss/lib/cryptohi/config.mk
delete mode 100644 security/nss/lib/cryptohi/cryptohi.h
delete mode 100644 security/nss/lib/cryptohi/cryptoht.h
delete mode 100644 security/nss/lib/cryptohi/dsautil.c
delete mode 100644 security/nss/lib/cryptohi/hasht.h
delete mode 100644 security/nss/lib/cryptohi/key.h
delete mode 100644 security/nss/lib/cryptohi/keyhi.h
delete mode 100644 security/nss/lib/cryptohi/keyt.h
delete mode 100644 security/nss/lib/cryptohi/keythi.h
delete mode 100644 security/nss/lib/cryptohi/manifest.mn
delete mode 100644 security/nss/lib/cryptohi/sechash.c
delete mode 100644 security/nss/lib/cryptohi/sechash.h
delete mode 100644 security/nss/lib/cryptohi/seckey.c
delete mode 100644 security/nss/lib/cryptohi/secsign.c
delete mode 100644 security/nss/lib/cryptohi/secvfy.c
delete mode 100644 security/nss/lib/dev/Makefile
delete mode 100644 security/nss/lib/dev/ckhelper.c
delete mode 100644 security/nss/lib/dev/ckhelper.h
delete mode 100644 security/nss/lib/dev/config.mk
delete mode 100644 security/nss/lib/dev/dev.h
delete mode 100644 security/nss/lib/dev/devm.h
delete mode 100644 security/nss/lib/dev/devmod.c
delete mode 100644 security/nss/lib/dev/devslot.c
delete mode 100644 security/nss/lib/dev/devt.h
delete mode 100644 security/nss/lib/dev/devtm.h
delete mode 100644 security/nss/lib/dev/devtoken.c
delete mode 100644 security/nss/lib/dev/devutil.c
delete mode 100644 security/nss/lib/dev/manifest.mn
delete mode 100644 security/nss/lib/dev/nssdev.h
delete mode 100644 security/nss/lib/dev/nssdevt.h
delete mode 100644 security/nss/lib/freebl/GF2m_ecl.c
delete mode 100644 security/nss/lib/freebl/GF2m_ecl.h
delete mode 100644 security/nss/lib/freebl/GFp_ecl.c
delete mode 100644 security/nss/lib/freebl/GFp_ecl.h
delete mode 100644 security/nss/lib/freebl/Makefile
delete mode 100644 security/nss/lib/freebl/aeskeywrap.c
delete mode 100644 security/nss/lib/freebl/alg2268.c
delete mode 100644 security/nss/lib/freebl/alghmac.c
delete mode 100644 security/nss/lib/freebl/alghmac.h
delete mode 100644 security/nss/lib/freebl/arcfive.c
delete mode 100644 security/nss/lib/freebl/arcfour-amd64-gas.s
delete mode 100644 security/nss/lib/freebl/arcfour-amd64-sun.s
delete mode 100644 security/nss/lib/freebl/arcfour.c
delete mode 100644 security/nss/lib/freebl/blapi.h
delete mode 100644 security/nss/lib/freebl/blapit.h
delete mode 100644 security/nss/lib/freebl/config.mk
delete mode 100644 security/nss/lib/freebl/des.c
delete mode 100644 security/nss/lib/freebl/des.h
delete mode 100644 security/nss/lib/freebl/desblapi.c
delete mode 100644 security/nss/lib/freebl/dh.c
delete mode 100644 security/nss/lib/freebl/dsa.c
delete mode 100644 security/nss/lib/freebl/ec.c
delete mode 100644 security/nss/lib/freebl/ec.h
delete mode 100644 security/nss/lib/freebl/ecl/Makefile
delete mode 100644 security/nss/lib/freebl/ecl/README
delete mode 100644 security/nss/lib/freebl/ecl/README.FP
delete mode 100644 security/nss/lib/freebl/ecl/ec2.h
delete mode 100644 security/nss/lib/freebl/ecl/ec2_163.c
delete mode 100644 security/nss/lib/freebl/ecl/ec2_193.c
delete mode 100644 security/nss/lib/freebl/ecl/ec2_233.c
delete mode 100644 security/nss/lib/freebl/ecl/ec2_aff.c
delete mode 100644 security/nss/lib/freebl/ecl/ec2_mont.c
delete mode 100644 security/nss/lib/freebl/ecl/ec2_proj.c
delete mode 100644 security/nss/lib/freebl/ecl/ec_naf.c
delete mode 100644 security/nss/lib/freebl/ecl/ecl-curve.h
delete mode 100644 security/nss/lib/freebl/ecl/ecl-exp.h
delete mode 100644 security/nss/lib/freebl/ecl/ecl-priv.h
delete mode 100644 security/nss/lib/freebl/ecl/ecl.c
delete mode 100644 security/nss/lib/freebl/ecl/ecl.h
delete mode 100644 security/nss/lib/freebl/ecl/ecl_curve.c
delete mode 100644 security/nss/lib/freebl/ecl/ecl_gf.c
delete mode 100644 security/nss/lib/freebl/ecl/ecl_mult.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp.h
delete mode 100644 security/nss/lib/freebl/ecl/ecp_192.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_224.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_aff.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fp.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fp.h
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fp160.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fp192.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fp224.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_fpinc.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_jac.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_jm.c
delete mode 100644 security/nss/lib/freebl/ecl/ecp_mont.c
delete mode 100644 security/nss/lib/freebl/ecl/tests/ec2_test.c
delete mode 100644 security/nss/lib/freebl/ecl/tests/ec_naft.c
delete mode 100644 security/nss/lib/freebl/ecl/tests/ecp_fpt.c
delete mode 100644 security/nss/lib/freebl/ecl/tests/ecp_test.c
delete mode 100644 security/nss/lib/freebl/freebl.def
delete mode 100644 security/nss/lib/freebl/freebl.rc
delete mode 100644 security/nss/lib/freebl/freeblver.c
delete mode 100644 security/nss/lib/freebl/ldvector.c
delete mode 100644 security/nss/lib/freebl/loader.c
delete mode 100644 security/nss/lib/freebl/loader.h
delete mode 100644 security/nss/lib/freebl/mac_rand.c
delete mode 100644 security/nss/lib/freebl/manifest.mn
delete mode 100644 security/nss/lib/freebl/mapfile.Solaris
delete mode 100644 security/nss/lib/freebl/md2.c
delete mode 100644 security/nss/lib/freebl/md5.c
delete mode 100644 security/nss/lib/freebl/mknewpc2.c
delete mode 100644 security/nss/lib/freebl/mksp.c
delete mode 100644 security/nss/lib/freebl/mpi/Makefile
delete mode 100644 security/nss/lib/freebl/mpi/Makefile.os2
delete mode 100644 security/nss/lib/freebl/mpi/Makefile.win
delete mode 100644 security/nss/lib/freebl/mpi/README
delete mode 100755 security/nss/lib/freebl/mpi/all-tests
delete mode 100644 security/nss/lib/freebl/mpi/doc/LICENSE
delete mode 100644 security/nss/lib/freebl/mpi/doc/LICENSE-MPL
delete mode 100644 security/nss/lib/freebl/mpi/doc/basecvt.pod
delete mode 100755 security/nss/lib/freebl/mpi/doc/build
delete mode 100644 security/nss/lib/freebl/mpi/doc/div.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/expt.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/gcd.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/invmod.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/isprime.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/lap.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/mpi-test.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/mul.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/pi.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/prime.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/prng.pod
delete mode 100644 security/nss/lib/freebl/mpi/doc/redux.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/sqrt.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/square.txt
delete mode 100644 security/nss/lib/freebl/mpi/doc/timing.txt
delete mode 100644 security/nss/lib/freebl/mpi/hpma512.s
delete mode 100644 security/nss/lib/freebl/mpi/hppa20.s
delete mode 100644 security/nss/lib/freebl/mpi/hppatch.adb
delete mode 100644 security/nss/lib/freebl/mpi/logtab.h
delete mode 100755 security/nss/lib/freebl/mpi/make-logtab
delete mode 100755 security/nss/lib/freebl/mpi/make-test-arrays
delete mode 100644 security/nss/lib/freebl/mpi/mdxptest.c
delete mode 100644 security/nss/lib/freebl/mpi/montmulf.c
delete mode 100644 security/nss/lib/freebl/mpi/montmulf.h
delete mode 100644 security/nss/lib/freebl/mpi/montmulf.il
delete mode 100644 security/nss/lib/freebl/mpi/montmulf.s
delete mode 100644 security/nss/lib/freebl/mpi/montmulfv8.il
delete mode 100644 security/nss/lib/freebl/mpi/montmulfv8.s
delete mode 100644 security/nss/lib/freebl/mpi/montmulfv9.il
delete mode 100644 security/nss/lib/freebl/mpi/montmulfv9.s
delete mode 100644 security/nss/lib/freebl/mpi/mp_comba.c
delete mode 100644 security/nss/lib/freebl/mpi/mp_comba_amd64_sun.s
delete mode 100644 security/nss/lib/freebl/mpi/mp_gf2m-priv.h
delete mode 100644 security/nss/lib/freebl/mpi/mp_gf2m.c
delete mode 100644 security/nss/lib/freebl/mpi/mp_gf2m.h
delete mode 100644 security/nss/lib/freebl/mpi/mpcpucache.c
delete mode 100644 security/nss/lib/freebl/mpi/mpcpucache_amd64.s
delete mode 100644 security/nss/lib/freebl/mpi/mpcpucache_x86.s
delete mode 100644 security/nss/lib/freebl/mpi/mpi-config.h
delete mode 100644 security/nss/lib/freebl/mpi/mpi-priv.h
delete mode 100644 security/nss/lib/freebl/mpi/mpi-test.c
delete mode 100644 security/nss/lib/freebl/mpi/mpi.c
delete mode 100644 security/nss/lib/freebl/mpi/mpi.h
delete mode 100644 security/nss/lib/freebl/mpi/mpi_amd64.c
delete mode 100644 security/nss/lib/freebl/mpi/mpi_amd64_gas.s
delete mode 100644 security/nss/lib/freebl/mpi/mpi_amd64_sun.s
delete mode 100644 security/nss/lib/freebl/mpi/mpi_hp.c
delete mode 100644 security/nss/lib/freebl/mpi/mpi_i86pc.s
delete mode 100644 security/nss/lib/freebl/mpi/mpi_mips.s
delete mode 100644 security/nss/lib/freebl/mpi/mpi_sparc.c
delete mode 100644 security/nss/lib/freebl/mpi/mpi_x86.asm
delete mode 100644 security/nss/lib/freebl/mpi/mpi_x86.s
delete mode 100644 security/nss/lib/freebl/mpi/mplogic.c
delete mode 100644 security/nss/lib/freebl/mpi/mplogic.h
delete mode 100644 security/nss/lib/freebl/mpi/mpmontg.c
delete mode 100644 security/nss/lib/freebl/mpi/mpprime.c
delete mode 100644 security/nss/lib/freebl/mpi/mpprime.h
delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparc.c
delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparcv8.s
delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparcv8x.s
delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparcv9.s
delete mode 100644 security/nss/lib/freebl/mpi/mpvalpha.c
delete mode 100644 security/nss/lib/freebl/mpi/mulsqr.c
delete mode 100755 security/nss/lib/freebl/mpi/multest
delete mode 100644 security/nss/lib/freebl/mpi/primes.c
delete mode 100755 security/nss/lib/freebl/mpi/stats
delete mode 100644 security/nss/lib/freebl/mpi/target.mk
delete mode 100644 security/nss/lib/freebl/mpi/test-arrays.txt
delete mode 100644 security/nss/lib/freebl/mpi/test-info.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/LICENSE
delete mode 100644 security/nss/lib/freebl/mpi/tests/LICENSE-MPL
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-1.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-2.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-3.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-3a.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4a.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4b.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-5.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-5a.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-6.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-7.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-8.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-9.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-b.c
delete mode 100644 security/nss/lib/freebl/mpi/tests/pi1k.txt
delete mode 100644 security/nss/lib/freebl/mpi/tests/pi2k.txt
delete mode 100644 security/nss/lib/freebl/mpi/tests/pi5k.txt
delete mode 100755 security/nss/lib/freebl/mpi/timetest
delete mode 100755 security/nss/lib/freebl/mpi/types.pl
delete mode 100644 security/nss/lib/freebl/mpi/utils/LICENSE
delete mode 100644 security/nss/lib/freebl/mpi/utils/LICENSE-MPL
delete mode 100644 security/nss/lib/freebl/mpi/utils/PRIMES
delete mode 100644 security/nss/lib/freebl/mpi/utils/README
delete mode 100644 security/nss/lib/freebl/mpi/utils/basecvt.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/bbs_rand.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/bbs_rand.h
delete mode 100644 security/nss/lib/freebl/mpi/utils/bbsrand.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/dec2hex.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/exptmod.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/fact.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/gcd.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/hex2dec.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/identest.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/invmod.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/isprime.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/lap.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/makeprime.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/metime.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/pi.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/primegen.c
delete mode 100644 security/nss/lib/freebl/mpi/utils/prng.c
delete mode 100755 security/nss/lib/freebl/mpi/utils/ptab.pl
delete mode 100644 security/nss/lib/freebl/mpi/utils/sieve.c
delete mode 100644 security/nss/lib/freebl/mpi/vis_32.il
delete mode 100644 security/nss/lib/freebl/mpi/vis_64.il
delete mode 100644 security/nss/lib/freebl/mpi/vis_proto.h
delete mode 100644 security/nss/lib/freebl/os2_rand.c
delete mode 100644 security/nss/lib/freebl/pqg.c
delete mode 100644 security/nss/lib/freebl/prng_fips1861.c
delete mode 100644 security/nss/lib/freebl/rawhash.c
delete mode 100644 security/nss/lib/freebl/ret_cr16.s
delete mode 100644 security/nss/lib/freebl/rijndael.c
delete mode 100644 security/nss/lib/freebl/rijndael.h
delete mode 100644 security/nss/lib/freebl/rijndael32.tab
delete mode 100644 security/nss/lib/freebl/rijndael_tables.c
delete mode 100644 security/nss/lib/freebl/rsa.c
delete mode 100644 security/nss/lib/freebl/secmpi.h
delete mode 100644 security/nss/lib/freebl/secrng.h
delete mode 100644 security/nss/lib/freebl/sha-fast-amd64-sun.s
delete mode 100644 security/nss/lib/freebl/sha.c
delete mode 100644 security/nss/lib/freebl/sha.h
delete mode 100644 security/nss/lib/freebl/sha512.c
delete mode 100644 security/nss/lib/freebl/sha_fast.c
delete mode 100644 security/nss/lib/freebl/sha_fast.h
delete mode 100644 security/nss/lib/freebl/shsign.h
delete mode 100644 security/nss/lib/freebl/shvfy.c
delete mode 100644 security/nss/lib/freebl/sysrand.c
delete mode 100644 security/nss/lib/freebl/tlsprfalg.c
delete mode 100644 security/nss/lib/freebl/unix_rand.c
delete mode 100644 security/nss/lib/freebl/win_rand.c
delete mode 100644 security/nss/lib/jar/Makefile
delete mode 100644 security/nss/lib/jar/config.mk
delete mode 100644 security/nss/lib/jar/jar-ds.c
delete mode 100644 security/nss/lib/jar/jar-ds.h
delete mode 100644 security/nss/lib/jar/jar.c
delete mode 100644 security/nss/lib/jar/jar.h
delete mode 100644 security/nss/lib/jar/jarevil.c
delete mode 100644 security/nss/lib/jar/jarevil.h
delete mode 100644 security/nss/lib/jar/jarfile.c
delete mode 100644 security/nss/lib/jar/jarfile.h
delete mode 100644 security/nss/lib/jar/jarint.c
delete mode 100644 security/nss/lib/jar/jarint.h
delete mode 100644 security/nss/lib/jar/jarjart.c
delete mode 100644 security/nss/lib/jar/jarjart.h
delete mode 100644 security/nss/lib/jar/jarnav.c
delete mode 100644 security/nss/lib/jar/jarsign.c
delete mode 100644 security/nss/lib/jar/jarver.c
delete mode 100644 security/nss/lib/jar/jzconf.h
delete mode 100644 security/nss/lib/jar/jzlib.h
delete mode 100644 security/nss/lib/jar/manifest.mn
delete mode 100644 security/nss/lib/manifest.mn
delete mode 100644 security/nss/lib/nss/Makefile
delete mode 100644 security/nss/lib/nss/config.mk
delete mode 100644 security/nss/lib/nss/manifest.mn
delete mode 100644 security/nss/lib/nss/nss.def
delete mode 100644 security/nss/lib/nss/nss.h
delete mode 100644 security/nss/lib/nss/nss.rc
delete mode 100644 security/nss/lib/nss/nssinit.c
delete mode 100644 security/nss/lib/nss/nssrenam.h
delete mode 100644 security/nss/lib/nss/nssver.c
delete mode 100644 security/nss/lib/pk11wrap/Makefile
delete mode 100644 security/nss/lib/pk11wrap/config.mk
delete mode 100644 security/nss/lib/pk11wrap/debug_module.c
delete mode 100644 security/nss/lib/pk11wrap/dev3hack.c
delete mode 100644 security/nss/lib/pk11wrap/dev3hack.h
delete mode 100644 security/nss/lib/pk11wrap/manifest.mn
delete mode 100644 security/nss/lib/pk11wrap/pk11akey.c
delete mode 100644 security/nss/lib/pk11wrap/pk11auth.c
delete mode 100644 security/nss/lib/pk11wrap/pk11cert.c
delete mode 100644 security/nss/lib/pk11wrap/pk11cxt.c
delete mode 100644 security/nss/lib/pk11wrap/pk11err.c
delete mode 100644 security/nss/lib/pk11wrap/pk11func.h
delete mode 100644 security/nss/lib/pk11wrap/pk11init.h
delete mode 100644 security/nss/lib/pk11wrap/pk11kea.c
delete mode 100644 security/nss/lib/pk11wrap/pk11list.c
delete mode 100644 security/nss/lib/pk11wrap/pk11load.c
delete mode 100644 security/nss/lib/pk11wrap/pk11mech.c
delete mode 100644 security/nss/lib/pk11wrap/pk11nobj.c
delete mode 100644 security/nss/lib/pk11wrap/pk11obj.c
delete mode 100644 security/nss/lib/pk11wrap/pk11pars.c
delete mode 100644 security/nss/lib/pk11wrap/pk11pbe.c
delete mode 100644 security/nss/lib/pk11wrap/pk11pk12.c
delete mode 100644 security/nss/lib/pk11wrap/pk11pqg.c
delete mode 100644 security/nss/lib/pk11wrap/pk11pqg.h
delete mode 100644 security/nss/lib/pk11wrap/pk11priv.h
delete mode 100644 security/nss/lib/pk11wrap/pk11pub.h
delete mode 100644 security/nss/lib/pk11wrap/pk11sdr.c
delete mode 100644 security/nss/lib/pk11wrap/pk11sdr.h
delete mode 100644 security/nss/lib/pk11wrap/pk11skey.c
delete mode 100644 security/nss/lib/pk11wrap/pk11slot.c
delete mode 100644 security/nss/lib/pk11wrap/pk11util.c
delete mode 100644 security/nss/lib/pk11wrap/secmod.h
delete mode 100644 security/nss/lib/pk11wrap/secmodi.h
delete mode 100644 security/nss/lib/pk11wrap/secmodt.h
delete mode 100644 security/nss/lib/pk11wrap/secmodti.h
delete mode 100644 security/nss/lib/pk11wrap/secpkcs5.h
delete mode 100644 security/nss/lib/pkcs12/Makefile
delete mode 100644 security/nss/lib/pkcs12/config.mk
delete mode 100644 security/nss/lib/pkcs12/manifest.mn
delete mode 100644 security/nss/lib/pkcs12/p12.h
delete mode 100644 security/nss/lib/pkcs12/p12creat.c
delete mode 100644 security/nss/lib/pkcs12/p12d.c
delete mode 100644 security/nss/lib/pkcs12/p12dec.c
delete mode 100644 security/nss/lib/pkcs12/p12e.c
delete mode 100644 security/nss/lib/pkcs12/p12exp.c
delete mode 100644 security/nss/lib/pkcs12/p12local.c
delete mode 100644 security/nss/lib/pkcs12/p12local.h
delete mode 100644 security/nss/lib/pkcs12/p12plcy.c
delete mode 100644 security/nss/lib/pkcs12/p12plcy.h
delete mode 100644 security/nss/lib/pkcs12/p12t.h
delete mode 100644 security/nss/lib/pkcs12/p12tmpl.c
delete mode 100644 security/nss/lib/pkcs12/pkcs12.h
delete mode 100644 security/nss/lib/pkcs12/pkcs12t.h
delete mode 100644 security/nss/lib/pkcs7/Makefile
delete mode 100644 security/nss/lib/pkcs7/certread.c
delete mode 100644 security/nss/lib/pkcs7/config.mk
delete mode 100644 security/nss/lib/pkcs7/manifest.mn
delete mode 100644 security/nss/lib/pkcs7/p7common.c
delete mode 100644 security/nss/lib/pkcs7/p7create.c
delete mode 100644 security/nss/lib/pkcs7/p7decode.c
delete mode 100644 security/nss/lib/pkcs7/p7encode.c
delete mode 100644 security/nss/lib/pkcs7/p7local.c
delete mode 100644 security/nss/lib/pkcs7/p7local.h
delete mode 100644 security/nss/lib/pkcs7/pkcs7t.h
delete mode 100644 security/nss/lib/pkcs7/secmime.c
delete mode 100644 security/nss/lib/pkcs7/secmime.h
delete mode 100644 security/nss/lib/pkcs7/secpkcs7.h
delete mode 100644 security/nss/lib/pki/Makefile
delete mode 100644 security/nss/lib/pki/asymmkey.c
delete mode 100644 security/nss/lib/pki/certdecode.c
delete mode 100644 security/nss/lib/pki/certificate.c
delete mode 100644 security/nss/lib/pki/config.mk
delete mode 100644 security/nss/lib/pki/cryptocontext.c
delete mode 100644 security/nss/lib/pki/doc/standiag.png
delete mode 100644 security/nss/lib/pki/doc/standoc.html
delete mode 100644 security/nss/lib/pki/manifest.mn
delete mode 100644 security/nss/lib/pki/nsspki.h
delete mode 100644 security/nss/lib/pki/nsspkit.h
delete mode 100644 security/nss/lib/pki/pki.h
delete mode 100644 security/nss/lib/pki/pki3hack.c
delete mode 100644 security/nss/lib/pki/pki3hack.h
delete mode 100644 security/nss/lib/pki/pkibase.c
delete mode 100644 security/nss/lib/pki/pkim.h
delete mode 100644 security/nss/lib/pki/pkistore.c
delete mode 100644 security/nss/lib/pki/pkistore.h
delete mode 100644 security/nss/lib/pki/pkit.h
delete mode 100644 security/nss/lib/pki/pkitm.h
delete mode 100644 security/nss/lib/pki/symmkey.c
delete mode 100644 security/nss/lib/pki/tdcache.c
delete mode 100644 security/nss/lib/pki/trustdomain.c
delete mode 100644 security/nss/lib/pki1/Makefile
delete mode 100644 security/nss/lib/pki1/atav.c
delete mode 100644 security/nss/lib/pki1/config.mk
delete mode 100644 security/nss/lib/pki1/genname.c
delete mode 100644 security/nss/lib/pki1/gnseq.c
delete mode 100644 security/nss/lib/pki1/manifest.mn
delete mode 100644 security/nss/lib/pki1/name.c
delete mode 100644 security/nss/lib/pki1/nsspki1.h
delete mode 100644 security/nss/lib/pki1/nsspki1t.h
delete mode 100644 security/nss/lib/pki1/oid.c
delete mode 100644 security/nss/lib/pki1/oiddata.c
delete mode 100644 security/nss/lib/pki1/oiddata.h
delete mode 100755 security/nss/lib/pki1/oidgen.perl
delete mode 100644 security/nss/lib/pki1/oids.txt
delete mode 100644 security/nss/lib/pki1/pki1.h
delete mode 100644 security/nss/lib/pki1/pki1t.h
delete mode 100644 security/nss/lib/pki1/rdn.c
delete mode 100644 security/nss/lib/pki1/rdnseq.c
delete mode 100644 security/nss/lib/smime/Makefile
delete mode 100644 security/nss/lib/smime/cms.h
delete mode 100644 security/nss/lib/smime/cmsarray.c
delete mode 100644 security/nss/lib/smime/cmsasn1.c
delete mode 100644 security/nss/lib/smime/cmsattr.c
delete mode 100644 security/nss/lib/smime/cmscinfo.c
delete mode 100644 security/nss/lib/smime/cmscipher.c
delete mode 100644 security/nss/lib/smime/cmsdecode.c
delete mode 100644 security/nss/lib/smime/cmsdigdata.c
delete mode 100644 security/nss/lib/smime/cmsdigest.c
delete mode 100644 security/nss/lib/smime/cmsencdata.c
delete mode 100644 security/nss/lib/smime/cmsencode.c
delete mode 100644 security/nss/lib/smime/cmsenvdata.c
delete mode 100644 security/nss/lib/smime/cmslocal.h
delete mode 100644 security/nss/lib/smime/cmsmessage.c
delete mode 100644 security/nss/lib/smime/cmspubkey.c
delete mode 100644 security/nss/lib/smime/cmsrecinfo.c
delete mode 100644 security/nss/lib/smime/cmsreclist.c
delete mode 100644 security/nss/lib/smime/cmsreclist.h
delete mode 100644 security/nss/lib/smime/cmssigdata.c
delete mode 100644 security/nss/lib/smime/cmssiginfo.c
delete mode 100644 security/nss/lib/smime/cmst.h
delete mode 100644 security/nss/lib/smime/cmsutil.c
delete mode 100644 security/nss/lib/smime/config.mk
delete mode 100644 security/nss/lib/smime/manifest.mn
delete mode 100644 security/nss/lib/smime/smime.def
delete mode 100644 security/nss/lib/smime/smime.h
delete mode 100644 security/nss/lib/smime/smime.rc
delete mode 100644 security/nss/lib/smime/smimemessage.c
delete mode 100644 security/nss/lib/smime/smimesym.c
delete mode 100644 security/nss/lib/smime/smimeutil.c
delete mode 100644 security/nss/lib/smime/smimever.c
delete mode 100644 security/nss/lib/softoken/Makefile
delete mode 100644 security/nss/lib/softoken/cdbhdl.h
delete mode 100644 security/nss/lib/softoken/config.mk
delete mode 100644 security/nss/lib/softoken/dbinit.c
delete mode 100644 security/nss/lib/softoken/dbmshim.c
delete mode 100644 security/nss/lib/softoken/ecdecode.c
delete mode 100644 security/nss/lib/softoken/fipstest.c
delete mode 100644 security/nss/lib/softoken/fipstokn.c
delete mode 100644 security/nss/lib/softoken/keydb.c
delete mode 100644 security/nss/lib/softoken/keydbi.h
delete mode 100644 security/nss/lib/softoken/lowcert.c
delete mode 100644 security/nss/lib/softoken/lowkey.c
delete mode 100644 security/nss/lib/softoken/lowkeyi.h
delete mode 100644 security/nss/lib/softoken/lowkeyti.h
delete mode 100644 security/nss/lib/softoken/lowpbe.c
delete mode 100644 security/nss/lib/softoken/lowpbe.h
delete mode 100644 security/nss/lib/softoken/manifest.mn
delete mode 100644 security/nss/lib/softoken/padbuf.c
delete mode 100644 security/nss/lib/softoken/pcert.h
delete mode 100644 security/nss/lib/softoken/pcertdb.c
delete mode 100644 security/nss/lib/softoken/pcertt.h
delete mode 100644 security/nss/lib/softoken/pk11db.c
delete mode 100644 security/nss/lib/softoken/pk11pars.h
delete mode 100644 security/nss/lib/softoken/pkcs11.c
delete mode 100644 security/nss/lib/softoken/pkcs11.h
delete mode 100644 security/nss/lib/softoken/pkcs11c.c
delete mode 100644 security/nss/lib/softoken/pkcs11f.h
delete mode 100644 security/nss/lib/softoken/pkcs11i.h
delete mode 100644 security/nss/lib/softoken/pkcs11n.h
delete mode 100644 security/nss/lib/softoken/pkcs11ni.h
delete mode 100644 security/nss/lib/softoken/pkcs11p.h
delete mode 100644 security/nss/lib/softoken/pkcs11t.h
delete mode 100644 security/nss/lib/softoken/pkcs11u.c
delete mode 100644 security/nss/lib/softoken/pkcs11u.h
delete mode 100644 security/nss/lib/softoken/rsawrapr.c
delete mode 100644 security/nss/lib/softoken/softkver.c
delete mode 100644 security/nss/lib/softoken/softoken.h
delete mode 100644 security/nss/lib/softoken/softokn.def
delete mode 100644 security/nss/lib/softoken/softokn.rc
delete mode 100644 security/nss/lib/softoken/softoknt.h
delete mode 100644 security/nss/lib/softoken/tlsprf.c
delete mode 100644 security/nss/lib/ssl/Makefile
delete mode 100644 security/nss/lib/ssl/authcert.c
delete mode 100644 security/nss/lib/ssl/cmpcert.c
delete mode 100644 security/nss/lib/ssl/config.mk
delete mode 100644 security/nss/lib/ssl/derive.c
delete mode 100644 security/nss/lib/ssl/emulate.c
delete mode 100644 security/nss/lib/ssl/manifest.mn
delete mode 100644 security/nss/lib/ssl/notes.txt
delete mode 100644 security/nss/lib/ssl/nsskea.c
delete mode 100644 security/nss/lib/ssl/os2_err.c
delete mode 100644 security/nss/lib/ssl/os2_err.h
delete mode 100644 security/nss/lib/ssl/preenc.h
delete mode 100644 security/nss/lib/ssl/prelib.c
delete mode 100644 security/nss/lib/ssl/ssl.def
delete mode 100644 security/nss/lib/ssl/ssl.h
delete mode 100644 security/nss/lib/ssl/ssl.rc
delete mode 100644 security/nss/lib/ssl/ssl3con.c
delete mode 100644 security/nss/lib/ssl/ssl3ecc.c
delete mode 100644 security/nss/lib/ssl/ssl3gthr.c
delete mode 100644 security/nss/lib/ssl/ssl3prot.h
delete mode 100644 security/nss/lib/ssl/sslauth.c
delete mode 100644 security/nss/lib/ssl/sslcon.c
delete mode 100644 security/nss/lib/ssl/ssldef.c
delete mode 100644 security/nss/lib/ssl/sslenum.c
delete mode 100644 security/nss/lib/ssl/sslerr.c
delete mode 100644 security/nss/lib/ssl/sslerr.h
delete mode 100644 security/nss/lib/ssl/sslgathr.c
delete mode 100644 security/nss/lib/ssl/sslimpl.h
delete mode 100644 security/nss/lib/ssl/sslinfo.c
delete mode 100644 security/nss/lib/ssl/sslmutex.c
delete mode 100644 security/nss/lib/ssl/sslmutex.h
delete mode 100644 security/nss/lib/ssl/sslnonce.c
delete mode 100644 security/nss/lib/ssl/sslproto.h
delete mode 100644 security/nss/lib/ssl/sslreveal.c
delete mode 100644 security/nss/lib/ssl/sslsecur.c
delete mode 100644 security/nss/lib/ssl/sslsnce.c
delete mode 100644 security/nss/lib/ssl/sslsock.c
delete mode 100644 security/nss/lib/ssl/sslt.h
delete mode 100644 security/nss/lib/ssl/ssltrace.c
delete mode 100644 security/nss/lib/ssl/sslver.c
delete mode 100644 security/nss/lib/ssl/unix_err.c
delete mode 100644 security/nss/lib/ssl/unix_err.h
delete mode 100644 security/nss/lib/ssl/win32err.c
delete mode 100644 security/nss/lib/ssl/win32err.h
delete mode 100644 security/nss/lib/util/Makefile
delete mode 100644 security/nss/lib/util/base64.h
delete mode 100644 security/nss/lib/util/ciferfam.h
delete mode 100644 security/nss/lib/util/config.mk
delete mode 100644 security/nss/lib/util/derdec.c
delete mode 100644 security/nss/lib/util/derenc.c
delete mode 100644 security/nss/lib/util/dersubr.c
delete mode 100644 security/nss/lib/util/dertime.c
delete mode 100644 security/nss/lib/util/manifest.mn
delete mode 100644 security/nss/lib/util/nssb64.h
delete mode 100644 security/nss/lib/util/nssb64d.c
delete mode 100644 security/nss/lib/util/nssb64e.c
delete mode 100644 security/nss/lib/util/nssb64t.h
delete mode 100644 security/nss/lib/util/nssilckt.h
delete mode 100644 security/nss/lib/util/nssilock.c
delete mode 100644 security/nss/lib/util/nssilock.h
delete mode 100644 security/nss/lib/util/nsslocks.c
delete mode 100644 security/nss/lib/util/nsslocks.h
delete mode 100644 security/nss/lib/util/nssrwlk.c
delete mode 100644 security/nss/lib/util/nssrwlk.h
delete mode 100644 security/nss/lib/util/nssrwlkt.h
delete mode 100644 security/nss/lib/util/portreg.c
delete mode 100644 security/nss/lib/util/portreg.h
delete mode 100644 security/nss/lib/util/pqgutil.c
delete mode 100644 security/nss/lib/util/pqgutil.h
delete mode 100644 security/nss/lib/util/quickder.c
delete mode 100644 security/nss/lib/util/secalgid.c
delete mode 100644 security/nss/lib/util/secasn1.h
delete mode 100644 security/nss/lib/util/secasn1d.c
delete mode 100644 security/nss/lib/util/secasn1e.c
delete mode 100644 security/nss/lib/util/secasn1t.h
delete mode 100644 security/nss/lib/util/secasn1u.c
delete mode 100644 security/nss/lib/util/seccomon.h
delete mode 100644 security/nss/lib/util/secder.h
delete mode 100644 security/nss/lib/util/secdert.h
delete mode 100644 security/nss/lib/util/secdig.c
delete mode 100644 security/nss/lib/util/secdig.h
delete mode 100644 security/nss/lib/util/secdigt.h
delete mode 100644 security/nss/lib/util/secerr.h
delete mode 100644 security/nss/lib/util/secinit.c
delete mode 100644 security/nss/lib/util/secitem.c
delete mode 100644 security/nss/lib/util/secitem.h
delete mode 100644 security/nss/lib/util/secoid.c
delete mode 100644 security/nss/lib/util/secoid.h
delete mode 100644 security/nss/lib/util/secoidt.h
delete mode 100644 security/nss/lib/util/secplcy.c
delete mode 100644 security/nss/lib/util/secplcy.h
delete mode 100644 security/nss/lib/util/secport.c
delete mode 100644 security/nss/lib/util/secport.h
delete mode 100644 security/nss/lib/util/sectime.c
delete mode 100644 security/nss/lib/util/utf8.c
delete mode 100644 security/nss/lib/util/watcomfx.h
delete mode 100644 security/nss/manifest.mn
delete mode 100644 security/nss/pkg/Makefile
delete mode 100644 security/nss/pkg/linux/Makefile
delete mode 100644 security/nss/pkg/linux/sun-nss.spec
delete mode 100644 security/nss/pkg/solaris/Makefile
delete mode 100755 security/nss/pkg/solaris/Makefile-devl.com
delete mode 100755 security/nss/pkg/solaris/Makefile-devl.targ
delete mode 100755 security/nss/pkg/solaris/Makefile-tlsu.com
delete mode 100755 security/nss/pkg/solaris/Makefile-tlsu.targ
delete mode 100644 security/nss/pkg/solaris/Makefile.com
delete mode 100644 security/nss/pkg/solaris/Makefile.targ
delete mode 100644 security/nss/pkg/solaris/SUNWtls/Makefile
delete mode 100644 security/nss/pkg/solaris/SUNWtls/pkgdepend
delete mode 100644 security/nss/pkg/solaris/SUNWtls/pkginfo.tmpl
delete mode 100644 security/nss/pkg/solaris/SUNWtls/prototype_com
delete mode 100644 security/nss/pkg/solaris/SUNWtls/prototype_i386
delete mode 100644 security/nss/pkg/solaris/SUNWtls/prototype_sparc
delete mode 100755 security/nss/pkg/solaris/SUNWtlsd/Makefile
delete mode 100755 security/nss/pkg/solaris/SUNWtlsd/pkgdepend
delete mode 100755 security/nss/pkg/solaris/SUNWtlsd/pkginfo.tmpl
delete mode 100755 security/nss/pkg/solaris/SUNWtlsd/prototype
delete mode 100755 security/nss/pkg/solaris/SUNWtlsu/Makefile
delete mode 100755 security/nss/pkg/solaris/SUNWtlsu/pkgdepend
delete mode 100755 security/nss/pkg/solaris/SUNWtlsu/pkginfo.tmpl
delete mode 100755 security/nss/pkg/solaris/SUNWtlsu/prototype_com
delete mode 100644 security/nss/pkg/solaris/SUNWtlsu/prototype_i386
delete mode 100644 security/nss/pkg/solaris/SUNWtlsu/prototype_sparc
delete mode 100644 security/nss/pkg/solaris/bld_awk_pkginfo.ksh
delete mode 100644 security/nss/pkg/solaris/common_files/copyright
delete mode 100644 security/nss/pkg/solaris/proto64.mk
delete mode 100755 security/nss/tests/all.sh
delete mode 100755 security/nss/tests/cert/cert.sh
delete mode 100644 security/nss/tests/cert/eccert.sh
delete mode 100755 security/nss/tests/cipher/cipher.sh
delete mode 100644 security/nss/tests/cipher/cipher.txt
delete mode 100644 security/nss/tests/cipher/dsa.txt
delete mode 100644 security/nss/tests/cipher/hash.txt
delete mode 100755 security/nss/tests/cipher/performance.sh
delete mode 100644 security/nss/tests/cipher/rsa.txt
delete mode 100644 security/nss/tests/cipher/symmkey.txt
delete mode 100755 security/nss/tests/clean_tbx
delete mode 100644 security/nss/tests/cmdtests/cmdtests.sh
delete mode 100644 security/nss/tests/common/Makefile
delete mode 100755 security/nss/tests/common/cleanup.sh
delete mode 100644 security/nss/tests/common/init.sh
delete mode 100644 security/nss/tests/common/results_header.html
delete mode 100755 security/nss/tests/core_watch
delete mode 100644 security/nss/tests/crmf/crmf.sh
delete mode 100755 security/nss/tests/dbtests/dbtests.sh
delete mode 100755 security/nss/tests/dll_version.sh
delete mode 100644 security/nss/tests/doc/clean.gif
delete mode 100755 security/nss/tests/doc/nssqa.txt
delete mode 100644 security/nss/tests/doc/platform_specific_problems
delete mode 100755 security/nss/tests/doc/qa_wrapper.html
delete mode 100755 security/nss/tests/fips/fips.sh
delete mode 100755 security/nss/tests/fixtests.sh
delete mode 100644 security/nss/tests/header
delete mode 100755 security/nss/tests/jss_dll_version.sh
delete mode 100755 security/nss/tests/jssdir
delete mode 100755 security/nss/tests/jssqa
delete mode 100755 security/nss/tests/mksymlinks
delete mode 100755 security/nss/tests/nssdir
delete mode 100755 security/nss/tests/nsspath
delete mode 100755 security/nss/tests/nssqa
delete mode 100755 security/nss/tests/path_uniq
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/Makefile
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/config.mk
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/manifest.mn
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/Makefile
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/config.mk
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/README
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/.cvsignore
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/Makefile.in
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/README.txt
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/acconfig.h
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/config.h.in
delete mode 100755 security/nss/tests/pkcs11/netscape/trivial/configure
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/configure.in
delete mode 100755 security/nss/tests/pkcs11/netscape/trivial/install-sh
delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/trivial.c
delete mode 100755 security/nss/tests/pkits/pkits.sh
delete mode 100644 security/nss/tests/platformlist
delete mode 100644 security/nss/tests/platformlist.tbx
delete mode 100755 security/nss/tests/qa_stage
delete mode 100755 security/nss/tests/qa_stat
delete mode 100755 security/nss/tests/qaclean
delete mode 100755 security/nss/tests/run_niscc.sh
delete mode 100755 security/nss/tests/sdr/sdr.sh
delete mode 100644 security/nss/tests/set_environment
delete mode 100644 security/nss/tests/smime/alice.txt
delete mode 100644 security/nss/tests/smime/bob.txt
delete mode 100644 security/nss/tests/smime/ecsmime.sh
delete mode 100755 security/nss/tests/smime/smime.sh
delete mode 100644 security/nss/tests/ssl/ecssl.sh
delete mode 100644 security/nss/tests/ssl/ecsslauth.txt
delete mode 100644 security/nss/tests/ssl/ecsslcov.txt
delete mode 100644 security/nss/tests/ssl/ecsslstress.txt
delete mode 100755 security/nss/tests/ssl/ssl.sh
delete mode 100755 security/nss/tests/ssl/ssl_dist_stress.sh
delete mode 100644 security/nss/tests/ssl/sslauth.txt
delete mode 100644 security/nss/tests/ssl/sslcov.txt
delete mode 100644 security/nss/tests/ssl/sslreq.dat
delete mode 100644 security/nss/tests/ssl/sslreq.txt
delete mode 100644 security/nss/tests/ssl/sslstress.txt
delete mode 100644 security/nss/tests/tools/ectools.sh
delete mode 100644 security/nss/tests/tools/sign.html
delete mode 100644 security/nss/tests/tools/signjs.html
delete mode 100644 security/nss/tests/tools/tools.sh
delete mode 100755 security/nss/trademarks.txt
diff --git a/dbm/.cvsignore b/dbm/.cvsignore
deleted file mode 100644
index f3c7a7c5da..0000000000
--- a/dbm/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/Makefile.in b/dbm/Makefile.in
deleted file mode 100644
index 7c0c92e993..0000000000
--- a/dbm/Makefile.in
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH = ..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE = dbm
-DIRS = include src
-
-ifdef ENABLE_TESTS
-DIRS += tests
-endif
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/.cvsignore b/dbm/include/.cvsignore
deleted file mode 100644
index f3c7a7c5da..0000000000
--- a/dbm/include/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/include/Makefile.in b/dbm/include/Makefile.in
deleted file mode 100644
index 343a08807c..0000000000
--- a/dbm/include/Makefile.in
+++ /dev/null
@@ -1,71 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE = dbm
-
-EXPORTS = \
- nsres.h \
- cdefs.h \
- mcom_db.h \
- ncompat.h \
- winfile.h \
- $(NULL)
-
-EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))
-
-PRIVATE_EXPORTS = \
- hsearch.h \
- page.h \
- extern.h \
- ndbm.h \
- queue.h \
- hash.h \
- mpool.h \
- search.h \
- $(NULL)
-
-PRIVATE_EXPORTS := $(addprefix $(srcdir)/, $(PRIVATE_EXPORTS))
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/include/Makefile.win b/dbm/include/Makefile.win
deleted file mode 100644
index df31e52737..0000000000
--- a/dbm/include/Makefile.win
+++ /dev/null
@@ -1,77 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// install headers
-#//
-#//------------------------------------------------------------------------
-EXPORTS=nsres.h cdefs.h mcom_db.h ncompat.h winfile.h
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT
-
diff --git a/dbm/include/cdefs.h b/dbm/include/cdefs.h
deleted file mode 100644
index 6df5a80e37..0000000000
--- a/dbm/include/cdefs.h
+++ /dev/null
@@ -1,126 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Berkeley Software Design, Inc.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. ***REMOVED*** - see
- * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)cdefs.h 8.7 (Berkeley) 1/21/94
- */
-
-#ifndef _CDEFS_H_
-#define _CDEFS_H_
-
-#if defined(__cplusplus)
-#define __BEGIN_DECLS extern "C" {
-#define __END_DECLS }
-#else
-#define __BEGIN_DECLS
-#define __END_DECLS
-#endif
-
-/*
- * The __CONCAT macro is used to concatenate parts of symbol names, e.g.
- * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
- * The __CONCAT macro is a bit tricky -- make sure you don't put spaces
- * in between its arguments. __CONCAT can also concatenate double-quoted
- * strings produced by the __STRING macro, but this only works with ANSI C.
- */
-#if defined(__STDC__) || defined(__cplusplus) || defined(_WINDOWS) || defined(XP_OS2)
-#define __P(protos) protos /* full-blown ANSI C */
-#define __CONCAT(x,y) x ## y
-#define __STRING(x) #x
-
-/* On HP-UX 11.00, defines __const. */
-#ifndef __const
-#define __const const /* define reserved names to standard */
-#endif /* __const */
-#define __signed signed
-#define __volatile volatile
-#ifndef _WINDOWS
-#if defined(__cplusplus)
-#define __inline inline /* convert to C++ keyword */
-#else
-#if !defined(__GNUC__) && !defined(__MWERKS__)
-#define __inline /* delete GCC keyword */
-#endif /* !__GNUC__ */
-#endif /* !__cplusplus */
-#endif /* !_WINDOWS */
-
-#else /* !(__STDC__ || __cplusplus) */
-#define __P(protos) () /* traditional C preprocessor */
-#define __CONCAT(x,y) x/**/y
-#define __STRING(x) "x"
-
-#ifndef __GNUC__
-#define __const /* delete pseudo-ANSI C keywords */
-#define __inline
-#define __signed
-#define __volatile
-/*
- * In non-ANSI C environments, new programs will want ANSI-only C keywords
- * deleted from the program and old programs will want them left alone.
- * When using a compiler other than gcc, programs using the ANSI C keywords
- * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
- * When using "gcc -traditional", we assume that this is the intent; if
- * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
- */
-#ifndef NO_ANSI_KEYWORDS
-#define const /* delete ANSI C keywords */
-#define inline
-#define signed
-#define volatile
-#endif
-#endif /* !__GNUC__ */
-#endif /* !(__STDC__ || __cplusplus) */
-
-/*
- * GCC1 and some versions of GCC2 declare dead (non-returning) and
- * pure (no side effects) functions using "volatile" and "const";
- * unfortunately, these then cause warnings under "-ansi -pedantic".
- * GCC2 uses a new, peculiar __attribute__((attrs)) style. All of
- * these work for GNU C++ (modulo a slight glitch in the C++ grammar
- * in the distribution version of 2.5.5).
- */
-#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
-#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */
-#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-#define __dead __volatile
-#define __pure __const
-#endif
-#endif
-
-/* Delete pseudo-keywords wherever they are not available or needed. */
-#ifndef __dead
-#define __dead
-#define __pure
-#endif
-
-#endif /* !_CDEFS_H_ */
diff --git a/dbm/include/extern.h b/dbm/include/extern.h
deleted file mode 100644
index 8eabc81fea..0000000000
--- a/dbm/include/extern.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)extern.h 8.4 (Berkeley) 6/16/94
- */
-
-BUFHEAD *__add_ovflpage (HTAB *, BUFHEAD *);
-int __addel (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int __big_delete (HTAB *, BUFHEAD *);
-int __big_insert (HTAB *, BUFHEAD *, const DBT *, const DBT *);
-int __big_keydata (HTAB *, BUFHEAD *, DBT *, DBT *, int);
-int __big_return (HTAB *, BUFHEAD *, int, DBT *, int);
-int __big_split (HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *,
- uint32, uint32, SPLIT_RETURN *);
-int __buf_free (HTAB *, int, int);
-void __buf_init (HTAB *, int);
-uint32 __call_hash (HTAB *, char *, size_t);
-int __delpair (HTAB *, BUFHEAD *, int);
-int __expand_table (HTAB *);
-int __find_bigpair (HTAB *, BUFHEAD *, int, char *, int);
-uint16 __find_last_page (HTAB *, BUFHEAD **);
-void __free_ovflpage (HTAB *, BUFHEAD *);
-BUFHEAD *__get_buf (HTAB *, uint32, BUFHEAD *, int);
-int __get_page (HTAB *, char *, uint32, int, int, int);
-int __ibitmap (HTAB *, int, int, int);
-uint32 __log2 (uint32);
-int __put_page (HTAB *, char *, uint32, int, int);
-void __reclaim_buf (HTAB *, BUFHEAD *);
-int __split_page (HTAB *, uint32, uint32);
-
-/* Default hash routine. */
-extern uint32 (*__default_hash) (const void *, size_t);
-
-#ifdef HASH_STATISTICS
-extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
diff --git a/dbm/include/hash.h b/dbm/include/hash.h
deleted file mode 100644
index 454a8ec42c..0000000000
--- a/dbm/include/hash.h
+++ /dev/null
@@ -1,337 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)hash.h 8.3 (Berkeley) 5/31/94
- */
-
-/* Operations */
-
-#include
-#include "mcom_db.h"
-typedef enum {
- HASH_GET, HASH_PUT, HASH_PUTNEW, HASH_DELETE, HASH_FIRST, HASH_NEXT
-} ACTION;
-
-/* Buffer Management structures */
-typedef struct _bufhead BUFHEAD;
-
-struct _bufhead {
- BUFHEAD *prev; /* LRU links */
- BUFHEAD *next; /* LRU links */
- BUFHEAD *ovfl; /* Overflow page buffer header */
- uint32 addr; /* Address of this page */
- char *page; /* Actual page data */
- char is_disk;
- char flags;
-#define BUF_MOD 0x0001
-#define BUF_DISK 0x0002
-#define BUF_BUCKET 0x0004
-#define BUF_PIN 0x0008
-};
-
-#define IS_BUCKET(X) ((X) & BUF_BUCKET)
-
-typedef BUFHEAD **SEGMENT;
-
-typedef int DBFILE_PTR;
-#define NO_FILE -1
-#ifdef macintosh
-#define DBFILE_OPEN(path, flag,mode) open((path), flag)
-#define EXISTS(path)
-#else
-#define DBFILE_OPEN(path, flag,mode) open((path), (flag), (mode))
-#endif
-/* Hash Table Information */
-typedef struct hashhdr { /* Disk resident portion */
- int32 magic; /* Magic NO for hash tables */
- int32 version; /* Version ID */
- uint32 lorder; /* Byte Order */
- int32 bsize; /* Bucket/Page Size */
- int32 bshift; /* Bucket shift */
- int32 dsize; /* Directory Size */
- int32 ssize; /* Segment Size */
- int32 sshift; /* Segment shift */
- int32 ovfl_point; /* Where overflow pages are being
- * allocated */
- int32 last_freed; /* Last overflow page freed */
- int32 max_bucket; /* ID of Maximum bucket in use */
- int32 high_mask; /* Mask to modulo into entire table */
- int32 low_mask; /* Mask to modulo into lower half of
- * table */
- int32 ffactor; /* Fill factor */
- int32 nkeys; /* Number of keys in hash table */
- int32 hdrpages; /* Size of table header */
- uint32 h_charkey; /* value of hash(CHARKEY) */
-#define NCACHED 32 /* number of bit maps and spare
- * points */
- int32 spares[NCACHED];/* spare pages for overflow */
- uint16 bitmaps[NCACHED]; /* address of overflow page
- * bitmaps */
-} HASHHDR;
-
-typedef struct htab { /* Memory resident data structure */
- HASHHDR hdr; /* Header */
- int nsegs; /* Number of allocated segments */
- int exsegs; /* Number of extra allocated
- * segments */
- uint32 /* Hash function */
- (*hash)(const void *, size_t);
- int flags; /* Flag values */
- DBFILE_PTR fp; /* File pointer */
- char *filename;
- char *tmp_buf; /* Temporary Buffer for BIG data */
- char *tmp_key; /* Temporary Buffer for BIG keys */
- BUFHEAD *cpage; /* Current page */
- int cbucket; /* Current bucket */
- int cndx; /* Index of next item on cpage */
- int dbmerrno; /* Error Number -- for DBM
- * compatability */
- int new_file; /* Indicates if fd is backing store
- * or no */
- int save_file; /* Indicates whether we need to flush
- * file at
- * exit */
- uint32 *mapp[NCACHED]; /* Pointers to page maps */
- int nmaps; /* Initial number of bitmaps */
- int nbufs; /* Number of buffers left to
- * allocate */
- BUFHEAD bufhead; /* Header of buffer lru list */
- SEGMENT *dir; /* Hash Bucket directory */
- off_t file_size; /* in bytes */
- char is_temp; /* unlink file on close */
- char updateEOF; /* force EOF update on flush */
-} HTAB;
-
-/*
- * Constants
- */
-#define DATABASE_CORRUPTED_ERROR -999 /* big ugly abort, delete database */
-#define OLD_MAX_BSIZE 65536 /* 2^16 */
-#define MAX_BSIZE 32l*1024l /* 2^15 */
-#define MIN_BUFFERS 6
-#define MINHDRSIZE 512
-#define DEF_BUFSIZE 65536l /* 64 K */
-#define DEF_BUCKET_SIZE 4096
-#define DEF_BUCKET_SHIFT 12 /* log2(BUCKET) */
-#define DEF_SEGSIZE 256
-#define DEF_SEGSIZE_SHIFT 8 /* log2(SEGSIZE) */
-#define DEF_DIRSIZE 256
-#define DEF_FFACTOR 65536l
-#define MIN_FFACTOR 4
-#define SPLTMAX 8
-#define CHARKEY "%$sniglet^&"
-#define NUMKEY 1038583l
-#define BYTE_SHIFT 3
-#define INT_TO_BYTE 2
-#define INT_BYTE_SHIFT 5
-#define ALL_SET ((uint32)0xFFFFFFFF)
-#define ALL_CLEAR 0
-
-#define PTROF(X) ((ptrdiff_t)(X) == BUF_DISK ? 0 : (X))
-#define ISDISK(X) ((X) ? ((ptrdiff_t)(X) == BUF_DISK ? BUF_DISK \
- : (X)->is_disk) : 0)
-
-#define BITS_PER_MAP 32
-
-/* Given the address of the beginning of a big map, clear/set the nth bit */
-#define CLRBIT(A, N) ((A)[(N)/BITS_PER_MAP] &= ~(1<<((N)%BITS_PER_MAP)))
-#define SETBIT(A, N) ((A)[(N)/BITS_PER_MAP] |= (1<<((N)%BITS_PER_MAP)))
-#define ISSET(A, N) ((A)[(N)/BITS_PER_MAP] & (1<<((N)%BITS_PER_MAP)))
-
-/* Overflow management */
-/*
- * Overflow page numbers are allocated per split point. At each doubling of
- * the table, we can allocate extra pages. So, an overflow page number has
- * the top 5 bits indicate which split point and the lower 11 bits indicate
- * which page at that split point is indicated (pages within split points are
- * numberered starting with 1).
- */
-
-#define SPLITSHIFT 11
-#define SPLITMASK 0x7FF
-#define SPLITNUM(N) (((uint32)(N)) >> SPLITSHIFT)
-#define OPAGENUM(N) ((N) & SPLITMASK)
-#define OADDR_OF(S,O) ((uint32)((uint32)(S) << SPLITSHIFT) + (O))
-
-#define BUCKET_TO_PAGE(B) \
- (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B)+1))-1] : 0)
-#define OADDR_TO_PAGE(B) \
- BUCKET_TO_PAGE ( (1 << SPLITNUM((B))) -1 ) + OPAGENUM((B));
-
-/*
- * page.h contains a detailed description of the page format.
- *
- * Normally, keys and data are accessed from offset tables in the top of
- * each page which point to the beginning of the key and data. There are
- * four flag values which may be stored in these offset tables which indicate
- * the following:
- *
- *
- * OVFLPAGE Rather than a key data pair, this pair contains
- * the address of an overflow page. The format of
- * the pair is:
- * OVERFLOW_PAGE_NUMBER OVFLPAGE
- *
- * PARTIAL_KEY This must be the first key/data pair on a page
- * and implies that page contains only a partial key.
- * That is, the key is too big to fit on a single page
- * so it starts on this page and continues on the next.
- * The format of the page is:
- * KEY_OFF PARTIAL_KEY OVFL_PAGENO OVFLPAGE
- *
- * KEY_OFF -- offset of the beginning of the key
- * PARTIAL_KEY -- 1
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * FULL_KEY This must be the first key/data pair on the page. It
- * is used in two cases.
- *
- * Case 1:
- * There is a complete key on the page but no data
- * (because it wouldn't fit). The next page contains
- * the data.
- *
- * Page format it:
- * KEY_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- * KEY_OFF -- offset of the beginning of the key
- * FULL_KEY -- 2
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * Case 2:
- * This page contains no key, but part of a large
- * data field, which is continued on the next page.
- *
- * Page format it:
- * DATA_OFF FULL_KEY OVFL_PAGENO OVFL_PAGE
- *
- * KEY_OFF -- offset of the beginning of the data on
- * this page
- * FULL_KEY -- 2
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * FULL_KEY_DATA
- * This must be the first key/data pair on the page.
- * There are two cases:
- *
- * Case 1:
- * This page contains a key and the beginning of the
- * data field, but the data field is continued on the
- * next page.
- *
- * Page format is:
- * KEY_OFF FULL_KEY_DATA OVFL_PAGENO DATA_OFF
- *
- * KEY_OFF -- offset of the beginning of the key
- * FULL_KEY_DATA -- 3
- * OVFL_PAGENO - page number of the next overflow page
- * DATA_OFF -- offset of the beginning of the data
- *
- * Case 2:
- * This page contains the last page of a big data pair.
- * There is no key, only the tail end of the data
- * on this page.
- *
- * Page format is:
- * DATA_OFF FULL_KEY_DATA
- *
- * DATA_OFF -- offset of the beginning of the data on
- * this page
- * FULL_KEY_DATA -- 3
- * OVFL_PAGENO - page number of the next overflow page
- * OVFLPAGE -- 0
- *
- * OVFL_PAGENO and OVFLPAGE are optional (they are
- * not present if there is no next page).
- */
-
-#define OVFLPAGE 0
-#define PARTIAL_KEY 1
-#define FULL_KEY 2
-#define FULL_KEY_DATA 3
-#define REAL_KEY 4
-
-/* Short hands for accessing structure */
-#undef BSIZE
-#define BSIZE hdr.bsize
-#undef BSHIFT
-#define BSHIFT hdr.bshift
-#define DSIZE hdr.dsize
-#define SGSIZE hdr.ssize
-#define SSHIFT hdr.sshift
-#define LORDER hdr.lorder
-#define OVFL_POINT hdr.ovfl_point
-#define LAST_FREED hdr.last_freed
-#define MAX_BUCKET hdr.max_bucket
-#define FFACTOR hdr.ffactor
-#define HIGH_MASK hdr.high_mask
-#define LOW_MASK hdr.low_mask
-#define NKEYS hdr.nkeys
-#define HDRPAGES hdr.hdrpages
-#define SPARES hdr.spares
-#define BITMAPS hdr.bitmaps
-#define VERSION hdr.version
-#define MAGIC hdr.magic
-#define NEXT_FREE hdr.next_free
-#define H_CHARKEY hdr.h_charkey
-
-extern uint32 (*__default_hash) (const void *, size_t);
-void __buf_init(HTAB *hashp, int32 nbytes);
-int __big_delete(HTAB *hashp, BUFHEAD *bufp);
-BUFHEAD * __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage);
-uint32 __call_hash(HTAB *hashp, char *k, size_t len);
-#include "page.h"
-extern int __big_split(HTAB *hashp, BUFHEAD *op,BUFHEAD *np,
-BUFHEAD *big_keyp,uint32 addr,uint32 obucket, SPLIT_RETURN *ret);
-void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp);
-BUFHEAD * __add_ovflpage(HTAB *hashp, BUFHEAD *bufp);
-int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val);
-int __expand_table(HTAB *hashp);
-uint32 __log2(uint32 num);
-void __reclaim_buf(HTAB *hashp, BUFHEAD *bp);
-int __get_page(HTAB *hashp, char * p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap);
-int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap);
-int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx);
-int __buf_free(HTAB *hashp, int do_free, int to_disk);
-int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size);
-uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp);
-int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val);
-int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current);
-int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx);
-int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set);
-int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket);
diff --git a/dbm/include/hsearch.h b/dbm/include/hsearch.h
deleted file mode 100644
index ff58b1c155..0000000000
--- a/dbm/include/hsearch.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)search.h 8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
- char *key;
- char *data;
-} ENTRY;
-
-typedef enum {
- FIND, ENTER
-} ACTION;
-
-int hcreate (unsigned int);
-void hdestroy (void);
-ENTRY *hsearch (ENTRY, ACTION);
diff --git a/dbm/include/mcom_db.h b/dbm/include/mcom_db.h
deleted file mode 100644
index d265f43225..0000000000
--- a/dbm/include/mcom_db.h
+++ /dev/null
@@ -1,424 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. ***REMOVED*** - see
- * ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)db.h 8.7 (Berkeley) 6/16/94
- */
-
-#ifndef _DB_H_
-#define _DB_H_
-
-
-#ifdef WINCE
-#define off_t long
-#endif
-
-#ifndef macintosh
-#include
-#endif
-#include "prtypes.h"
-
-#include
-
-#ifdef __DBINTERFACE_PRIVATE
-
-#ifdef HAVE_SYS_CDEFS_H
-#include
-#else
-#include "cdefs.h"
-#endif
-
-#ifdef HAVE_SYS_BYTEORDER_H
-#include
-#endif
-
-#if defined(__linux) || defined(__BEOS__)
-#include
-#ifndef BYTE_ORDER
-#define BYTE_ORDER __BYTE_ORDER
-#define BIG_ENDIAN __BIG_ENDIAN
-#define LITTLE_ENDIAN __LITTLE_ENDIAN
-#endif
-#endif /* __linux */
-
-#ifdef __sgi
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#endif
-
-#ifdef __sun
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-
-#ifndef __SVR4
-/* compat.h is only in 4.1.3 machines. - dp */
-#include
-#endif
-
-/* XXX - dp
- * Need to find a general way of defining endian-ness in SunOS 5.3
- * SunOS 5.4 defines _BIG_ENDIAN and _LITTLE_ENDIAN
- * SunOS 5.3 does nothing like this.
- */
-
-#ifndef BYTE_ORDER
-
-#if defined(_BIG_ENDIAN)
-#define BYTE_ORDER BIG_ENDIAN
-#elif defined(_LITTLE_ENDIAN)
-#define BYTE_ORDER LITTLE_ENDIAN
-#elif !defined(__SVR4)
-/* 4.1.3 is always BIG_ENDIAN as it was released only on sparc platforms. */
-#define BYTE_ORDER BIG_ENDIAN
-#elif !defined(vax) && !defined(ntohl) && !defined(lint) && !defined(i386)
-/* 5.3 big endian. Copied this above line from sys/byteorder.h */
-/* Now we are in a 5.3 SunOS rather non 5.4 or above SunOS */
-#define BYTE_ORDER BIG_ENDIAN
-#else
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-
-#endif /* !BYTE_ORDER */
-#endif /* __sun */
-
-#if defined(__hpux) || defined(__hppa)
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#endif
-
-#if defined(AIXV3) || defined(AIX)
-/* BYTE_ORDER, LITTLE_ENDIAN, BIG_ENDIAN are all defined here */
-#include
-#endif
-
-/* Digital Unix */
-#ifdef __osf__
-#include
-#endif
-
-#ifdef __alpha
-#ifndef WIN32
-#else
-/* Alpha NT */
-#define BYTE_ORDER LITTLE_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#endif
-#endif
-
-#ifdef NCR
-#include
-#endif
-
-#ifdef __QNX__
-#ifdef __QNXNTO__
-#include
-#else
-#define LITTLE_ENDIAN 1234
-#define BIG_ENDIAN 4321
-#define BYTE_ORDER LITTLE_ENDIAN
-#endif
-#endif
-
-#ifdef SNI
-/* #include */
-#define BYTE_ORDER BIG_ENDIAN
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#endif
-
-#if defined(_WINDOWS) || defined(XP_OS2_VACPP)
-#ifdef BYTE_ORDER
-#undef BYTE_ORDER
-#endif
-
-#define BYTE_ORDER LITTLE_ENDIAN
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax, all NT risc */
-#define BIG_ENDIAN 4321
-#endif
-
-#ifdef macintosh
-#define BIG_ENDIAN 4321
-#define LITTLE_ENDIAN 1234
-#define BYTE_ORDER BIG_ENDIAN
-#endif
-
-#endif /* __DBINTERFACE_PRIVATE */
-
-#ifdef SCO
-#define MAXPATHLEN 1024
-#endif
-
-#include
-
-#if defined(_WINDOWS) || defined(XP_OS2)
-#include
-#include
-
-#ifndef XP_OS2
-#define MAXPATHLEN 1024
-#endif
-
-#ifdef XP_OS2_VACPP
-#include
-#define MAXPATHLEN CCHMAXPATH
-#define EPERM EINVAL
-#define ENOTDIR EBADPOS
-#define S_ISDIR(s) ((s) & S_IFDIR)
-#endif
-
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-
-#ifndef STDERR_FILENO
-#define STDIN_FILENO 0 /* ANSI C #defines */
-#define STDOUT_FILENO 1
-#define STDERR_FILENO 2
-#endif
-
-#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
-#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-#endif
-
-#ifdef macintosh
-#include
-#include "xp_mcom.h"
-#define O_ACCMODE 3 /* Mask for file access modes */
-#define EFTYPE 2000
-PR_BEGIN_EXTERN_C
-int mkstemp(const char *path);
-PR_END_EXTERN_C
-#endif /* MACINTOSH */
-
-#if !defined(_WINDOWS) && !defined(macintosh)
-#include
-#include
-#endif
-
-/* define EFTYPE since most don't */
-#ifndef EFTYPE
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-#endif
-
-#define RET_ERROR -1 /* Return values. */
-#define RET_SUCCESS 0
-#define RET_SPECIAL 1
-
-#define MAX_PAGE_NUMBER 0xffffffff /* >= # of pages in a file */
-
-#ifndef __sgi
-typedef uint32 pgno_t;
-#endif
-
-#define MAX_PAGE_OFFSET 65535 /* >= # of bytes in a page */
-typedef uint16 indx_t;
-#define MAX_REC_NUMBER 0xffffffff /* >= # of records in a tree */
-typedef uint32 recno_t;
-
-/* Key/data structure -- a Data-Base Thang. */
-typedef struct {
- void *data; /* data */
- size_t size; /* data length */
-} DBT;
-
-/* Routine flags. */
-#define R_CURSOR 1 /* del, put, seq */
-#define __R_UNUSED 2 /* UNUSED */
-#define R_FIRST 3 /* seq */
-#define R_IAFTER 4 /* put (RECNO) */
-#define R_IBEFORE 5 /* put (RECNO) */
-#define R_LAST 6 /* seq (BTREE, RECNO) */
-#define R_NEXT 7 /* seq */
-#define R_NOOVERWRITE 8 /* put */
-#define R_PREV 9 /* seq (BTREE, RECNO) */
-#define R_SETCURSOR 10 /* put (RECNO) */
-#define R_RECNOSYNC 11 /* sync (RECNO) */
-
-typedef enum { DB_BTREE, DB_HASH, DB_RECNO } DBTYPE;
-
-typedef enum { LockOutDatabase, UnlockDatabase } DBLockFlagEnum;
-
-/*
- * !!!
- * The following flags are included in the dbopen(3) call as part of the
- * open(2) flags. In order to avoid conflicts with the open flags, start
- * at the top of the 16 or 32-bit number space and work our way down. If
- * the open flags were significantly expanded in the future, it could be
- * a problem. Wish I'd left another flags word in the dbopen call.
- *
- * !!!
- * None of this stuff is implemented yet. The only reason that it's here
- * is so that the access methods can skip copying the key/data pair when
- * the DB_LOCK flag isn't set.
- */
-#if UINT_MAX > 65535
-#define DB_LOCK 0x20000000 /* Do locking. */
-#define DB_SHMEM 0x40000000 /* Use shared memory. */
-#define DB_TXN 0x80000000 /* Do transactions. */
-#else
-#define DB_LOCK 0x2000 /* Do locking. */
-#define DB_SHMEM 0x4000 /* Use shared memory. */
-#define DB_TXN 0x8000 /* Do transactions. */
-#endif
-
-/* Access method description structure. */
-typedef struct __db {
- DBTYPE type; /* Underlying db type. */
- int (*close) (struct __db *);
- int (*del) (const struct __db *, const DBT *, uint);
- int (*get) (const struct __db *, const DBT *, DBT *, uint);
- int (*put) (const struct __db *, DBT *, const DBT *, uint);
- int (*seq) (const struct __db *, DBT *, DBT *, uint);
- int (*sync) (const struct __db *, uint);
- void *internal; /* Access method private. */
- int (*fd) (const struct __db *);
-} DB;
-
-#define BTREEMAGIC 0x053162
-#define BTREEVERSION 3
-
-/* Structure used to pass parameters to the btree routines. */
-typedef struct {
-#define R_DUP 0x01 /* duplicate keys */
- uint32 flags;
- uint cachesize; /* bytes to cache */
- int maxkeypage; /* maximum keys per page */
- int minkeypage; /* minimum keys per page */
- uint psize; /* page size */
- int (*compare) /* comparison function */
- (const DBT *, const DBT *);
- size_t (*prefix) /* prefix function */
- (const DBT *, const DBT *);
- int lorder; /* byte order */
-} BTREEINFO;
-
-#define HASHMAGIC 0x061561
-#define HASHVERSION 2
-
-/* Structure used to pass parameters to the hashing routines. */
-typedef struct {
- uint bsize; /* bucket size */
- uint ffactor; /* fill factor */
- uint nelem; /* number of elements */
- uint cachesize; /* bytes to cache */
- uint32 /* hash function */
- (*hash) (const void *, size_t);
- int lorder; /* byte order */
-} HASHINFO;
-
-/* Structure used to pass parameters to the record routines. */
-typedef struct {
-#define R_FIXEDLEN 0x01 /* fixed-length records */
-#define R_NOKEY 0x02 /* key not required */
-#define R_SNAPSHOT 0x04 /* snapshot the input */
- uint32 flags;
- uint cachesize; /* bytes to cache */
- uint psize; /* page size */
- int lorder; /* byte order */
- size_t reclen; /* record length (fixed-length records) */
- uint8 bval; /* delimiting byte (variable-length records */
- char *bfname; /* btree file name */
-} RECNOINFO;
-
-#ifdef __DBINTERFACE_PRIVATE
-/*
- * Little endian <==> big endian 32-bit swap macros.
- * M_32_SWAP swap a memory location
- * P_32_SWAP swap a referenced memory location
- * P_32_COPY swap from one location to another
- */
-#define M_32_SWAP(a) { \
- uint32 _tmp = a; \
- ((char *)&a)[0] = ((char *)&_tmp)[3]; \
- ((char *)&a)[1] = ((char *)&_tmp)[2]; \
- ((char *)&a)[2] = ((char *)&_tmp)[1]; \
- ((char *)&a)[3] = ((char *)&_tmp)[0]; \
-}
-#define P_32_SWAP(a) { \
- uint32 _tmp = *(uint32 *)a; \
- ((char *)a)[0] = ((char *)&_tmp)[3]; \
- ((char *)a)[1] = ((char *)&_tmp)[2]; \
- ((char *)a)[2] = ((char *)&_tmp)[1]; \
- ((char *)a)[3] = ((char *)&_tmp)[0]; \
-}
-#define P_32_COPY(a, b) { \
- ((char *)&(b))[0] = ((char *)&(a))[3]; \
- ((char *)&(b))[1] = ((char *)&(a))[2]; \
- ((char *)&(b))[2] = ((char *)&(a))[1]; \
- ((char *)&(b))[3] = ((char *)&(a))[0]; \
-}
-
-/*
- * Little endian <==> big endian 16-bit swap macros.
- * M_16_SWAP swap a memory location
- * P_16_SWAP swap a referenced memory location
- * P_16_COPY swap from one location to another
- */
-#define M_16_SWAP(a) { \
- uint16 _tmp = a; \
- ((char *)&a)[0] = ((char *)&_tmp)[1]; \
- ((char *)&a)[1] = ((char *)&_tmp)[0]; \
-}
-#define P_16_SWAP(a) { \
- uint16 _tmp = *(uint16 *)a; \
- ((char *)a)[0] = ((char *)&_tmp)[1]; \
- ((char *)a)[1] = ((char *)&_tmp)[0]; \
-}
-#define P_16_COPY(a, b) { \
- ((char *)&(b))[0] = ((char *)&(a))[1]; \
- ((char *)&(b))[1] = ((char *)&(a))[0]; \
-}
-#endif
-
-PR_BEGIN_EXTERN_C
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-extern DB *
-#else
-PR_EXTERN(DB *)
-#endif
-dbopen (const char *, int, int, DBTYPE, const void *);
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void dbSetOrClearDBLock(DBLockFlagEnum type);
-
-#ifdef __DBINTERFACE_PRIVATE
-DB *__bt_open (const char *, int, int, const BTREEINFO *, int);
-DB *__hash_open (const char *, int, int, const HASHINFO *, int);
-DB *__rec_open (const char *, int, int, const RECNOINFO *, int);
-void __dbpanic (DB *dbp);
-#endif
-
-PR_END_EXTERN_C
-
-#endif /* !_DB_H_ */
diff --git a/dbm/include/mpool.h b/dbm/include/mpool.h
deleted file mode 100644
index a2fb62b9f7..0000000000
--- a/dbm/include/mpool.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)mpool.h 8.2 (Berkeley) 7/14/94
- */
-
-#include
-
-/*
- * The memory pool scheme is a simple one. Each in-memory page is referenced
- * by a bucket which is threaded in up to two of three ways. All active pages
- * are threaded on a hash chain (hashed by page number) and an lru chain.
- * Inactive pages are threaded on a free chain. Each reference to a memory
- * pool is handed an opaque MPOOL cookie which stores all of this information.
- */
-#define HASHSIZE 128
-#define HASHKEY(pgno) ((pgno - 1) % HASHSIZE)
-
-/* The BKT structures are the elements of the queues. */
-typedef struct _bkt {
- CIRCLEQ_ENTRY(_bkt) hq; /* hash queue */
- CIRCLEQ_ENTRY(_bkt) q; /* lru queue */
- void *page; /* page */
- pgno_t pgno; /* page number */
-
-#define MPOOL_DIRTY 0x01 /* page needs to be written */
-#define MPOOL_PINNED 0x02 /* page is pinned into memory */
- uint8 flags; /* flags */
-} BKT;
-
-typedef struct MPOOL {
- CIRCLEQ_HEAD(_lqh, _bkt) lqh; /* lru queue head */
- /* hash queue array */
- CIRCLEQ_HEAD(_hqh, _bkt) hqh[HASHSIZE];
- pgno_t curcache; /* current number of cached pages */
- pgno_t maxcache; /* max number of cached pages */
- pgno_t npages; /* number of pages in the file */
- uint32 pagesize; /* file page size */
- int fd; /* file descriptor */
- /* page in conversion routine */
- void (*pgin) (void *, pgno_t, void *);
- /* page out conversion routine */
- void (*pgout) (void *, pgno_t, void *);
- void *pgcookie; /* cookie for page in/out routines */
-#ifdef STATISTICS
- uint32 cachehit;
- uint32 cachemiss;
- uint32 pagealloc;
- uint32 pageflush;
- uint32 pageget;
- uint32 pagenew;
- uint32 pageput;
- uint32 pageread;
- uint32 pagewrite;
-#endif
-} MPOOL;
-
-__BEGIN_DECLS
-MPOOL *mpool_open (void *, int, pgno_t, pgno_t);
-void mpool_filter (MPOOL *, void (*)(void *, pgno_t, void *),
- void (*)(void *, pgno_t, void *), void *);
-void *mpool_new (MPOOL *, pgno_t *);
-void *mpool_get (MPOOL *, pgno_t, uint);
-int mpool_put (MPOOL *, void *, uint);
-int mpool_sync (MPOOL *);
-int mpool_close (MPOOL *);
-#ifdef STATISTICS
-void mpool_stat (MPOOL *);
-#endif
-__END_DECLS
diff --git a/dbm/include/ncompat.h b/dbm/include/ncompat.h
deleted file mode 100644
index c95b327feb..0000000000
--- a/dbm/include/ncompat.h
+++ /dev/null
@@ -1,232 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)compat.h 8.13 (Berkeley) 2/21/94
- */
-
-#ifndef _COMPAT_H_
-#define _COMPAT_H_
-
-#include
-
-/*
- * If your system doesn't typedef u_long, u_short, or u_char, change
- * the 0 to a 1.
- */
-#if 0
-typedef unsigned char u_char; /* 4.[34]BSD names. */
-typedef unsigned int u_int;
-typedef unsigned long u_long;
-typedef unsigned short u_short;
-#endif
-
-/* If your system doesn't typedef size_t, change the 0 to a 1. */
-#if 0
-typedef unsigned int size_t; /* POSIX, 4.[34]BSD names. */
-#endif
-
-/* If your system doesn't typedef ssize_t, change the 0 to a 1. */
-#if 0
-typedef int ssize_t; /* POSIX names. */
-#endif
-
-/*
- * If your system doesn't have the POSIX type for a signal mask,
- * change the 0 to a 1.
- */
-#if 0 /* POSIX 1003.1 signal mask type. */
-typedef unsigned int sigset_t;
-#endif
-
-/*
- * If your system's vsprintf returns a char *, not an int,
- * change the 0 to a 1.
- */
-#if defined (__sun) && !defined(__SVR4) /* SUNOS */
-#define VSPRINTF_CHARSTAR
-#endif
-/*
- * If you don't have POSIX 1003.1 signals, the signal code surrounding the
- * temporary file creation is intended to block all of the possible signals
- * long enough to create the file and unlink it. All of this stuff is
- * intended to use old-style BSD calls to fake POSIX 1003.1 calls.
- */
-#ifdef NO_POSIX_SIGNALS
-#define sigemptyset(set) (*(set) = 0)
-#define sigfillset(set) (*(set) = ~(sigset_t)0, 0)
-#define sigaddset(set,signo) (*(set) |= sigmask(signo), 0)
-#define sigdelset(set,signo) (*(set) &= ~sigmask(signo), 0)
-#define sigismember(set,signo) ((*(set) & sigmask(signo)) != 0)
-
-#define SIG_BLOCK 1
-#define SIG_UNBLOCK 2
-#define SIG_SETMASK 3
-
-static int __sigtemp; /* For the use of sigprocmask */
-
-/* Repeated test of oset != NULL is to avoid "*0". */
-#define sigprocmask(how, set, oset) \
- ((__sigtemp = \
- (((how) == SIG_BLOCK) ? \
- sigblock(0) | *(set) : \
- (((how) == SIG_UNBLOCK) ? \
- sigblock(0) & ~(*(set)) : \
- ((how) == SIG_SETMASK ? \
- *(set) : sigblock(0))))), \
- ((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) : \
- sigsetmask(__sigtemp)), 0)
-#endif
-
-/*
- * If your system doesn't have an include file with the appropriate
- * byte order set, make sure you specify the correct one.
- */
-#ifndef BYTE_ORDER
-#define LITTLE_ENDIAN 1234 /* LSB first: i386, vax */
-#define BIG_ENDIAN 4321 /* MSB first: 68000, ibm, net */
-#define BYTE_ORDER BIG_ENDIAN /* Set for your system. */
-#endif
-
-#if defined(SYSV) || defined(SYSTEM5) || defined(__sun)
-#define index(a, b) strchr(a, b)
-#define rindex(a, b) strrchr(a, b)
-#define bzero(a, b) memset(a, 0, b)
-#define bcmp(a, b, n) memcmp(a, b, n)
-#define bcopy(a, b, n) memmove(b, a, n)
-#endif
-
-#if defined(BSD) || defined(BSD4_3)
-#define strchr(a, b) index(a, b)
-#define strrchr(a, b) rindex(a, b)
-#define memcmp(a, b, n) bcmp(a, b, n)
-#define memmove(a, b, n) bcopy(b, a, n)
-#endif
-
-/*
- * 32-bit machine. The db routines are theoretically independent of
- * the size of u_shorts and u_longs, but I don't know that anyone has
- * ever actually tried it. At a minimum, change the following #define's
- * if you are trying to compile on a different type of system.
- */
-#ifndef USHRT_MAX
-#define USHRT_MAX 0xFFFF
-#define ULONG_MAX 0xFFFFFFFF
-#endif
-
-#ifndef O_ACCMODE /* POSIX 1003.1 access mode mask. */
-#define O_ACCMODE (O_RDONLY|O_WRONLY|O_RDWR)
-#endif
-
-#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 RE limit. */
-#define _POSIX2_RE_DUP_MAX 255
-#endif
-
-/*
- * If you can't provide lock values in the open(2) call. Note, this
- * allows races to happen.
- */
-#ifndef O_EXLOCK /* 4.4BSD extension. */
-#define O_EXLOCK 0
-#endif
-
-#ifndef O_SHLOCK /* 4.4BSD extension. */
-#define O_SHLOCK 0
-#endif
-
-#ifndef EFTYPE
-#define EFTYPE EINVAL /* POSIX 1003.1 format errno. */
-#endif
-
-#ifndef WCOREDUMP /* 4.4BSD extension */
-#define WCOREDUMP(a) 0
-#endif
-
-#ifndef STDERR_FILENO
-#define STDIN_FILENO 0 /* ANSI C #defines */
-#define STDOUT_FILENO 1
-#define STDERR_FILENO 2
-#endif
-
-#ifndef SEEK_END
-#define SEEK_SET 0 /* POSIX 1003.1 seek values */
-#define SEEK_CUR 1
-#define SEEK_END 2
-#endif
-
-#ifndef _POSIX_VDISABLE /* POSIX 1003.1 disabling char. */
-#define _POSIX_VDISABLE 0 /* Some systems used 0. */
-#endif
-
-#ifndef TCSASOFT /* 4.4BSD extension. */
-#define TCSASOFT 0
-#endif
-
-#ifndef _POSIX2_RE_DUP_MAX /* POSIX 1003.2 values. */
-#define _POSIX2_RE_DUP_MAX 255
-#endif
-
-#ifndef NULL /* ANSI C #defines NULL everywhere. */
-#define NULL 0
-#endif
-
-#ifndef MAX /* Usually found in . */
-#define MAX(_a,_b) ((_a)<(_b)?(_b):(_a))
-#endif
-#ifndef MIN /* Usually found in . */
-#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b))
-#endif
-
-/* Default file permissions. */
-#ifndef DEFFILEMODE /* 4.4BSD extension. */
-#define DEFFILEMODE (S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH)
-#endif
-
-#ifndef __sun
-#ifndef S_ISDIR /* POSIX 1003.1 file type tests. */
-#define S_ISDIR(m) ((m & 0170000) == 0040000) /* directory */
-#define S_ISCHR(m) ((m & 0170000) == 0020000) /* char special */
-#define S_ISBLK(m) ((m & 0170000) == 0060000) /* block special */
-#define S_ISREG(m) ((m & 0170000) == 0100000) /* regular file */
-#define S_ISFIFO(m) ((m & 0170000) == 0010000) /* fifo */
-#endif
-#ifndef S_ISLNK /* BSD POSIX 1003.1 extensions */
-#define S_ISLNK(m) ((m & 0170000) == 0120000) /* symbolic link */
-#define S_ISSOCK(m) ((m & 0170000) == 0140000) /* socket */
-#endif
-#endif /* __sun */
-
-/* The type of a va_list. */
-#ifndef _BSD_VA_LIST_ /* 4.4BSD #define. */
-#define _BSD_VA_LIST_ char *
-#endif
-
-#endif /* !_COMPAT_H_ */
diff --git a/dbm/include/ndbm.h b/dbm/include/ndbm.h
deleted file mode 100644
index 7ad5f1a23c..0000000000
--- a/dbm/include/ndbm.h
+++ /dev/null
@@ -1,77 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)ndbm.h 8.1 (Berkeley) 6/2/93
- */
-
-#ifndef _NDBM_H_
-#define _NDBM_H_
-
-#include "mcom_db.h"
-
-/* Map dbm interface onto db(3). */
-#define DBM_RDONLY O_RDONLY
-
-/* Flags to dbm_store(). */
-#define DBM_INSERT 0
-#define DBM_REPLACE 1
-
-/*
- * The db(3) support for ndbm(3) always appends this suffix to the
- * file name to avoid overwriting the user's original database.
- */
-#define DBM_SUFFIX ".db"
-
-typedef struct {
- char *dptr;
- int dsize;
-} datum;
-
-typedef DB DBM;
-#define dbm_pagfno(a) DBM_PAGFNO_NOT_AVAILABLE
-
-__BEGIN_DECLS
-void dbm_close (DBM *);
-int dbm_delete (DBM *, datum);
-datum dbm_fetch (DBM *, datum);
-datum dbm_firstkey (DBM *);
-long dbm_forder (DBM *, datum);
-datum dbm_nextkey (DBM *);
-DBM *dbm_open (const char *, int, int);
-int dbm_store (DBM *, datum, datum, int);
-int dbm_dirfno (DBM *);
-__END_DECLS
-
-#endif /* !_NDBM_H_ */
diff --git a/dbm/include/nsres.h b/dbm/include/nsres.h
deleted file mode 100644
index f3f4e2d1a9..0000000000
--- a/dbm/include/nsres.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#ifndef NSRES_H
-#define NSRES_H
-#include "mcom_db.h"
-
-__BEGIN_DECLS
-
-/* C version */
-#define NSRESHANDLE void *
-
-typedef void (*NSRESTHREADFUNC)(void *);
-
-typedef struct NSRESTHREADINFO
-{
- void *lock;
- NSRESTHREADFUNC fn_lock;
- NSRESTHREADFUNC fn_unlock;
-} NSRESTHREADINFO;
-
-#define MAXBUFNUM 10
-#define MAXSTRINGLEN 300
-
-#define NSRES_CREATE 1
-#define NSRES_OPEN 2
-
-
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo);
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo);
-void NSResCloseTable(NSRESHANDLE handle);
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id,
- unsigned int charsetid, char *retbuf);
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id);
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf);
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id, const char *string, unsigned int charset);
-
-__END_DECLS
-
-
-#endif
-
diff --git a/dbm/include/page.h b/dbm/include/page.h
deleted file mode 100644
index faf2b815bf..0000000000
--- a/dbm/include/page.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)page.h 8.2 (Berkeley) 5/31/94
- */
-
-/*
- * Definitions for hashing page file format.
- */
-
-/*
- * routines dealing with a data page
- *
- * page format:
- * +------------------------------+
- * p | n | keyoff | datoff | keyoff |
- * +------------+--------+--------+
- * | datoff | free | ptr | --> |
- * +--------+---------------------+
- * | F R E E A R E A |
- * +--------------+---------------+
- * | <---- - - - | data |
- * +--------+-----+----+----------+
- * | key | data | key |
- * +--------+----------+----------+
- *
- * Pointer to the free space is always: p[p[0] + 2]
- * Amount of free space on the page is: p[p[0] + 1]
- */
-
-/*
- * How many bytes required for this pair?
- * 2 shorts in the table at the top of the page + room for the
- * key and room for the data
- *
- * We prohibit entering a pair on a page unless there is also room to append
- * an overflow page. The reason for this it that you can get in a situation
- * where a single key/data pair fits on a page, but you can't append an
- * overflow page and later you'd have to split the key/data and handle like
- * a big pair.
- * You might as well do this up front.
- */
-#ifndef PAGE_H
-#define PAGE_H
-
-#define PAIRSIZE(K,D) (2*sizeof(uint16) + (K)->size + (D)->size)
-#define BIGOVERHEAD (4*sizeof(uint16))
-#define KEYSIZE(K) (4*sizeof(uint16) + (K)->size);
-#define OVFLSIZE (2*sizeof(uint16))
-#define FREESPACE(P) ((P)[(P)[0]+1])
-#define OFFSET(P) ((P)[(P)[0]+2])
-#define PAIRFITS(P,K,D) \
- (((P)[2] >= REAL_KEY) && \
- (PAIRSIZE((K),(D)) + OVFLSIZE) <= FREESPACE((P)))
-#define PAGE_META(N) (((N)+3) * sizeof(uint16))
-
-typedef struct {
- BUFHEAD *newp;
- BUFHEAD *oldp;
- BUFHEAD *nextp;
- uint16 next_addr;
-} SPLIT_RETURN;
-#endif
-
diff --git a/dbm/include/queue.h b/dbm/include/queue.h
deleted file mode 100644
index 40d32ccb6e..0000000000
--- a/dbm/include/queue.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/*
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)queue.h 8.3 (Berkeley) 12/13/93
- */
-
-#ifndef _QUEUE_H_
-#define _QUEUE_H_
-
-/*
- * This file defines three types of data structures: lists, tail queues,
- * and circular queues.
- *
- * A list is headed by a single forward pointer (or an array of forward
- * pointers for a hash table header). The elements are doubly linked
- * so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element or at the head of the list. A list may only be
- * traversed in the forward direction.
- *
- * A tail queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list after
- * an existing element, at the head of the list, or at the end of the
- * list. A tail queue may only be traversed in the forward direction.
- *
- * A circle queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before or after
- * an existing element, at the head of the list, or at the end of the list.
- * A circle queue may be traversed in either direction, but has a more
- * complex end of list detection.
- *
- * For details on the use of these macros, see the queue(3) manual page.
- */
-
-/*
- * List definitions.
- */
-#define LIST_HEAD(name, type) \
-struct name { \
- struct type *lh_first; /* first element */ \
-}
-
-#define LIST_ENTRY(type) \
-struct { \
- struct type *le_next; /* next element */ \
- struct type **le_prev; /* address of previous next element */ \
-}
-
-/*
- * List functions.
- */
-#define LIST_INIT(head) { \
- (head)->lh_first = NULL; \
-}
-
-#define LIST_INSERT_AFTER(listelm, elm, field) { \
- if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \
- (listelm)->field.le_next->field.le_prev = \
- &(elm)->field.le_next; \
- (listelm)->field.le_next = (elm); \
- (elm)->field.le_prev = &(listelm)->field.le_next; \
-}
-
-#define LIST_INSERT_HEAD(head, elm, field) { \
- if (((elm)->field.le_next = (head)->lh_first) != NULL) \
- (head)->lh_first->field.le_prev = &(elm)->field.le_next;\
- (head)->lh_first = (elm); \
- (elm)->field.le_prev = &(head)->lh_first; \
-}
-
-#define LIST_REMOVE(elm, field) { \
- if ((elm)->field.le_next != NULL) \
- (elm)->field.le_next->field.le_prev = \
- (elm)->field.le_prev; \
- *(elm)->field.le_prev = (elm)->field.le_next; \
-}
-
-/*
- * Tail queue definitions.
- */
-#define TAILQ_HEAD(name, type) \
-struct name { \
- struct type *tqh_first; /* first element */ \
- struct type **tqh_last; /* addr of last next element */ \
-}
-
-#define TAILQ_ENTRY(type) \
-struct { \
- struct type *tqe_next; /* next element */ \
- struct type **tqe_prev; /* address of previous next element */ \
-}
-
-/*
- * Tail queue functions.
- */
-#define TAILQ_INIT(head) { \
- (head)->tqh_first = NULL; \
- (head)->tqh_last = &(head)->tqh_first; \
-}
-
-#define TAILQ_INSERT_HEAD(head, elm, field) { \
- if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
- (elm)->field.tqe_next->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (head)->tqh_first = (elm); \
- (elm)->field.tqe_prev = &(head)->tqh_first; \
-}
-
-#define TAILQ_INSERT_TAIL(head, elm, field) { \
- (elm)->field.tqe_next = NULL; \
- (elm)->field.tqe_prev = (head)->tqh_last; \
- *(head)->tqh_last = (elm); \
- (head)->tqh_last = &(elm)->field.tqe_next; \
-}
-
-#define TAILQ_INSERT_AFTER(head, listelm, elm, field) { \
- if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
- (elm)->field.tqe_next->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (listelm)->field.tqe_next = (elm); \
- (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
-}
-
-#define TAILQ_REMOVE(head, elm, field) { \
- if (((elm)->field.tqe_next) != NULL) \
- (elm)->field.tqe_next->field.tqe_prev = \
- (elm)->field.tqe_prev; \
- else \
- (head)->tqh_last = (elm)->field.tqe_prev; \
- *(elm)->field.tqe_prev = (elm)->field.tqe_next; \
-}
-
-/*
- * Circular queue definitions.
- */
-#define CIRCLEQ_HEAD(name, type) \
-struct name { \
- struct type *cqh_first; /* first element */ \
- struct type *cqh_last; /* last element */ \
-}
-
-#define CIRCLEQ_ENTRY(type) \
-struct { \
- struct type *cqe_next; /* next element */ \
- struct type *cqe_prev; /* previous element */ \
-}
-
-/*
- * Circular queue functions.
- */
-#define CIRCLEQ_INIT(head) { \
- (head)->cqh_first = (void *)(head); \
- (head)->cqh_last = (void *)(head); \
-}
-
-#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) { \
- (elm)->field.cqe_next = (listelm)->field.cqe_next; \
- (elm)->field.cqe_prev = (listelm); \
- if ((listelm)->field.cqe_next == (void *)(head)) \
- (head)->cqh_last = (elm); \
- else \
- (listelm)->field.cqe_next->field.cqe_prev = (elm); \
- (listelm)->field.cqe_next = (elm); \
-}
-
-#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) { \
- (elm)->field.cqe_next = (listelm); \
- (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \
- if ((listelm)->field.cqe_prev == (void *)(head)) \
- (head)->cqh_first = (elm); \
- else \
- (listelm)->field.cqe_prev->field.cqe_next = (elm); \
- (listelm)->field.cqe_prev = (elm); \
-}
-
-#define CIRCLEQ_INSERT_HEAD(head, elm, field) { \
- (elm)->field.cqe_next = (head)->cqh_first; \
- (elm)->field.cqe_prev = (void *)(head); \
- if ((head)->cqh_last == (void *)(head)) \
- (head)->cqh_last = (elm); \
- else \
- (head)->cqh_first->field.cqe_prev = (elm); \
- (head)->cqh_first = (elm); \
-}
-
-#define CIRCLEQ_INSERT_TAIL(head, elm, field) { \
- (elm)->field.cqe_next = (void *)(head); \
- (elm)->field.cqe_prev = (head)->cqh_last; \
- if ((head)->cqh_first == (void *)(head)) \
- (head)->cqh_first = (elm); \
- else \
- (head)->cqh_last->field.cqe_next = (elm); \
- (head)->cqh_last = (elm); \
-}
-
-#define CIRCLEQ_REMOVE(head, elm, field) { \
- if ((elm)->field.cqe_next == (void *)(head)) \
- (head)->cqh_last = (elm)->field.cqe_prev; \
- else \
- (elm)->field.cqe_next->field.cqe_prev = \
- (elm)->field.cqe_prev; \
- if ((elm)->field.cqe_prev == (void *)(head)) \
- (head)->cqh_first = (elm)->field.cqe_next; \
- else \
- (elm)->field.cqe_prev->field.cqe_next = \
- (elm)->field.cqe_next; \
-}
-#endif /* !_QUEUE_H_ */
diff --git a/dbm/include/search.h b/dbm/include/search.h
deleted file mode 100644
index ff58b1c155..0000000000
--- a/dbm/include/search.h
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)search.h 8.1 (Berkeley) 6/4/93
- */
-
-/* Backward compatibility to hsearch interface. */
-typedef struct entry {
- char *key;
- char *data;
-} ENTRY;
-
-typedef enum {
- FIND, ENTER
-} ACTION;
-
-int hcreate (unsigned int);
-void hdestroy (void);
-ENTRY *hsearch (ENTRY, ACTION);
diff --git a/dbm/include/watcomfx.h b/dbm/include/watcomfx.h
deleted file mode 100644
index 3020e9de91..0000000000
--- a/dbm/include/watcomfx.h
+++ /dev/null
@@ -1,26 +0,0 @@
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions. Rather than adding an explicit __cdecl modifier to
- * every external symbol and function declaration and definition, we use the
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16)
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [ax] \
- modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [eax] \
- modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/dbm/include/winfile.h b/dbm/include/winfile.h
deleted file mode 100644
index 36b59f7212..0000000000
--- a/dbm/include/winfile.h
+++ /dev/null
@@ -1,112 +0,0 @@
-
-/* ---------------------------------------------------------------------------
- Stuff to fake unix file I/O on windows boxes
- ------------------------------------------------------------------------*/
-
-#ifndef WINFILE_H
-#define WINFILE_H
-
-#ifdef _WINDOWS
-/* hacked out of on an SGI */
-#if defined(XP_WIN32) || defined(_WIN32)
-/* 32-bit stuff here */
-#include
-#include
-#ifdef __MINGW32__
-#include
-#include
-#else
-#include
-#include
-#endif
-
-typedef struct DIR_Struct {
- void * directoryPtr;
- WIN32_FIND_DATA data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-
-#if !defined(__BORLANDC__) && !defined(__GNUC__)
- typedef unsigned long mode_t;
- typedef long uid_t;
- typedef long gid_t;
-
-#ifdef WINCE
- typedef long ino_t;
-#else
- typedef long off_t;
-#endif
-
- typedef unsigned long nlink_t;
-#endif
-
-typedef struct timestruc {
- time_t tv_sec; /* seconds */
- long tv_nsec; /* and nanoseconds */
-} timestruc_t;
-
-
-struct dirent { /* data from readdir() */
- ino_t d_ino; /* inode number of entry */
- off_t d_off; /* offset of disk direntory entry */
- unsigned short d_reclen; /* length of this record */
- char d_name[_MAX_FNAME]; /* name of file */
-};
-
-#if !defined(__BORLANDC__) && !defined (__GNUC__)
-#define S_ISDIR(s) ((s) & _S_IFDIR)
-#endif
-
-#else /* _WIN32 */
-/* 16-bit windows stuff */
-
-#include
-#include
-#include
-
-
-
-/* Getting cocky to support multiple file systems */
-typedef struct dirStruct_tag {
- struct _find_t file_data;
- char c_checkdrive;
-} dirStruct;
-
-typedef struct DIR_Struct {
- void * directoryPtr;
- dirStruct data;
-} DIR;
-
-#define _ST_FSTYPSZ 16
-typedef unsigned long mode_t;
-typedef long uid_t;
-typedef long gid_t;
-typedef long off_t;
-typedef unsigned long nlink_t;
-
-typedef struct timestruc {
- time_t tv_sec; /* seconds */
- long tv_nsec; /* and nanoseconds */
-} timestruc_t;
-
-struct dirent { /* data from readdir() */
- ino_t d_ino; /* inode number of entry */
- off_t d_off; /* offset of disk direntory entry */
- unsigned short d_reclen; /* length of this record */
-#ifdef XP_WIN32
- char d_name[_MAX_FNAME]; /* name of file */
-#else
- char d_name[20]; /* name of file */
-#endif
-};
-
-#define S_ISDIR(s) ((s) & _S_IFDIR)
-
-#endif /* 16-bit windows */
-
-#define CONST const
-
-#endif /* _WINDOWS */
-
-#endif /* WINFILE_H */
diff --git a/dbm/src/.cvsignore b/dbm/src/.cvsignore
deleted file mode 100644
index f3c7a7c5da..0000000000
--- a/dbm/src/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/dbm/src/Makefile.in b/dbm/src/Makefile.in
deleted file mode 100644
index 2f7476d8c8..0000000000
--- a/dbm/src/Makefile.in
+++ /dev/null
@@ -1,95 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-LIBRARY_NAME = mozdbm_s
-LIB_IS_C_ONLY = 1
-
-ifeq ($(OS_ARCH),WINNT)
-LIBRARY_NAME = dbm$(MOZ_BITS)
-endif
-
-CSRCS = \
- db.c \
- h_bigkey.c \
- h_func.c \
- h_log2.c \
- h_page.c \
- hash.c \
- hash_buf.c \
- hsearch.c \
- mktemp.c \
- ndbm.c \
- strerror.c \
- nsres.c \
- $(NULL)
-
-ifeq ($(OS_ARCH),WINNT)
-CSRCS += memmove.c snprintf.c
-else
-ifeq (,$(filter -DHAVE_MEMMOVE=1,$(ACDEFINES)))
-CSRCS += memmove.c
-endif
-
-ifeq (,$(filter -DHAVE_SNPRINTF=1,$(ACDEFINES)))
-CSRCS += snprintf.c
-endif
-endif # WINNT
-
-LOCAL_INCLUDES = -I$(srcdir)/../include
-
-FORCE_STATIC_LIB = 1
-FORCE_USE_PIC = 1
-
-include $(topsrcdir)/config/rules.mk
-
-DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
-
-ifeq ($(OS_ARCH),WINCE)
-DEFINES += -D__STDC__ -DDBM_REOPEN_ON_FLUSH
-endif
-
-ifeq ($(OS_ARCH),AIX)
-OS_LIBS += -lc_r
-endif
-
diff --git a/dbm/src/Makefile.win b/dbm/src/Makefile.win
deleted file mode 100644
index 91bdf7d209..0000000000
--- a/dbm/src/Makefile.win
+++ /dev/null
@@ -1,113 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-
-#//------------------------------------------------------------------------
-#//
-#// Makefile to build the cert library
-#//
-#//------------------------------------------------------------------------
-
-!if "$(MOZ_BITS)" == "16"
-!ifndef MOZ_DEBUG
-OPTIMIZER=-Os -UDEBUG -DNDEBUG
-!endif
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..
-
-!ifndef MAKE_OBJ_TYPE
-MAKE_OBJ_TYPE=EXE
-!endif
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-LIBNAME=dbm$(MOZ_BITS)
-PDBFILE=$(LIBNAME).pdb
-
-#//------------------------------------------------------------------------
-#//
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS= \
- .\$(OBJDIR)\db.obj \
- .\$(OBJDIR)\h_bigkey.obj \
- .\$(OBJDIR)\h_func.obj \
- .\$(OBJDIR)\h_log2.obj \
- .\$(OBJDIR)\h_page.obj \
- .\$(OBJDIR)\hash.obj \
- .\$(OBJDIR)\hash_buf.obj \
- .\$(OBJDIR)\hsearch.obj \
- .\$(OBJDIR)\memmove.obj \
- .\$(OBJDIR)\mktemp.obj \
- .\$(OBJDIR)\ndbm.obj \
- .\$(OBJDIR)\snprintf.obj \
- .\$(OBJDIR)\strerror.obj \
- .\$(OBJDIR)\nsres.obj \
- $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-LIBRARY = .\$(OBJDIR)\$(LIBNAME).lib
-LINCS = -I..\include
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/config/rules.mak>
-
-CFLAGS = $(CFLAGS) -DMOZILLA_CLIENT -D__DBINTERFACE_PRIVATE
-
-install:: $(LIBRARY)
- $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
diff --git a/dbm/src/db.c b/dbm/src/db.c
deleted file mode 100644
index 6650cd2de1..0000000000
--- a/dbm/src/db.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)db.c 8.4 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef __DBINTERFACE_PRIVATE
-#define __DBINTERFACE_PRIVATE
-#endif
-#ifdef macintosh
-#include
-#else
-#include
-#endif
-
-#include
-#include
-#include
-#include
-
-#include "mcom_db.h"
-
-/* a global flag that locks closed all databases */
-int all_databases_locked_closed = 0;
-
-/* set or unset a global lock flag to disable the
- * opening of any DBM file
- */
-void
-dbSetOrClearDBLock(DBLockFlagEnum type)
-{
- if(type == LockOutDatabase)
- all_databases_locked_closed = 1;
- else
- all_databases_locked_closed = 0;
-}
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-DB *
-#else
-PR_IMPLEMENT(DB *)
-#endif
-dbopen(const char *fname, int flags,int mode, DBTYPE type, const void *openinfo)
-{
-
- /* lock out all file databases. Let in-memory databases through
- */
- if(all_databases_locked_closed && fname)
- {
- errno = EINVAL;
- return(NULL);
- }
-
-#define DB_FLAGS (DB_LOCK | DB_SHMEM | DB_TXN)
-
-
-#if 0 /* most systems don't have EXLOCK and SHLOCK */
-#define USE_OPEN_FLAGS \
- (O_CREAT | O_EXCL | O_EXLOCK | O_NONBLOCK | O_RDONLY | \
- O_RDWR | O_SHLOCK | O_TRUNC)
-#else
-#define USE_OPEN_FLAGS \
- (O_CREAT | O_EXCL | O_RDONLY | \
- O_RDWR | O_TRUNC)
-#endif
-
- if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
- switch (type) {
-/* we don't need btree and recno right now */
-#if 0
- case DB_BTREE:
- return (__bt_open(fname, flags & USE_OPEN_FLAGS,
- mode, openinfo, flags & DB_FLAGS));
- case DB_RECNO:
- return (__rec_open(fname, flags & USE_OPEN_FLAGS,
- mode, openinfo, flags & DB_FLAGS));
-#endif
-
- case DB_HASH:
- return (__hash_open(fname, flags & USE_OPEN_FLAGS,
- mode, (const HASHINFO *)openinfo, flags & DB_FLAGS));
- default:
- break;
- }
- errno = EINVAL;
- return (NULL);
-}
-
-static int
-__dberr()
-{
- return (RET_ERROR);
-}
-
-/*
- * __DBPANIC -- Stop.
- *
- * Parameters:
- * dbp: pointer to the DB structure.
- */
-void
-__dbpanic(DB *dbp)
-{
- /* The only thing that can succeed is a close. */
- dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr;
- dbp->fd = (int (*)(const struct __db *))__dberr;
- dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr;
- dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr;
- dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr;
- dbp->sync = (int (*)(const struct __db *, uint))__dberr;
-}
diff --git a/dbm/src/h_bigkey.c b/dbm/src/h_bigkey.c
deleted file mode 100644
index 855f107256..0000000000
--- a/dbm/src/h_bigkey.c
+++ /dev/null
@@ -1,713 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- * DESCRIPTION:
- * Big key/data handling for the hashing package.
- *
- * ROUTINES:
- * External
- * __big_keydata
- * __big_split
- * __big_insert
- * __big_return
- * __big_delete
- * __find_last_page
- * Internal
- * collect_key
- * collect_data
- */
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#include
-#include
-#include
-#include
-
-#ifdef DEBUG
-#include
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static int collect_key __P((HTAB *, BUFHEAD *, int, DBT *, int));
-static int collect_data __P((HTAB *, BUFHEAD *, int, int));
-
-/*
- * Big_insert
- *
- * You need to do an insert and the key/data pair is too big
- *
- * Returns:
- * 0 ==> OK
- *-1 ==> ERROR
- */
-extern int
-__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val)
-{
- register uint16 *p;
- uint key_size, n, val_size;
- uint16 space, move_bytes, off;
- char *cp, *key_data, *val_data;
-
- cp = bufp->page; /* Character pointer of p. */
- p = (uint16 *)cp;
-
- key_data = (char *)key->data;
- key_size = key->size;
- val_data = (char *)val->data;
- val_size = val->size;
-
- /* First move the Key */
- for (space = FREESPACE(p) - BIGOVERHEAD; key_size;
- space = FREESPACE(p) - BIGOVERHEAD) {
- move_bytes = PR_MIN(space, key_size);
- off = OFFSET(p) - move_bytes;
- memmove(cp + off, key_data, move_bytes);
- key_size -= move_bytes;
- key_data += move_bytes;
- n = p[0];
- p[++n] = off;
- p[0] = ++n;
- FREESPACE(p) = off - PAGE_META(n);
- OFFSET(p) = off;
- p[n] = PARTIAL_KEY;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- return (-1);
- n = p[0];
- if (!key_size) {
- if (FREESPACE(p)) {
- move_bytes = PR_MIN(FREESPACE(p), val_size);
- off = OFFSET(p) - move_bytes;
- p[n] = off;
- memmove(cp + off, val_data, move_bytes);
- val_data += move_bytes;
- val_size -= move_bytes;
- p[n - 2] = FULL_KEY_DATA;
- FREESPACE(p) = FREESPACE(p) - move_bytes;
- OFFSET(p) = off;
- } else
- p[n - 2] = FULL_KEY;
- }
- p = (uint16 *)bufp->page;
- cp = bufp->page;
- bufp->flags |= BUF_MOD;
- }
-
- /* Now move the data */
- for (space = FREESPACE(p) - BIGOVERHEAD; val_size;
- space = FREESPACE(p) - BIGOVERHEAD) {
- move_bytes = PR_MIN(space, val_size);
- /*
- * Here's the hack to make sure that if the data ends on the
- * same page as the key ends, FREESPACE is at least one.
- */
- if (space == val_size && val_size == val->size)
- move_bytes--;
- off = OFFSET(p) - move_bytes;
- memmove(cp + off, val_data, move_bytes);
- val_size -= move_bytes;
- val_data += move_bytes;
- n = p[0];
- p[++n] = off;
- p[0] = ++n;
- FREESPACE(p) = off - PAGE_META(n);
- OFFSET(p) = off;
- if (val_size) {
- p[n] = FULL_KEY;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- return (-1);
- cp = bufp->page;
- p = (uint16 *)cp;
- } else
- p[n] = FULL_KEY_DATA;
- bufp->flags |= BUF_MOD;
- }
- return (0);
-}
-
-/*
- * Called when bufp's page contains a partial key (index should be 1)
- *
- * All pages in the big key/data pair except bufp are freed. We cannot
- * free bufp because the page pointing to it is lost and we can't get rid
- * of its pointer.
- *
- * Returns:
- * 0 => OK
- *-1 => ERROR
- */
-extern int
-__big_delete(HTAB *hashp, BUFHEAD *bufp)
-{
- register BUFHEAD *last_bfp, *rbufp;
- uint16 *bp, pageno;
- int key_done, n;
-
- rbufp = bufp;
- last_bfp = NULL;
- bp = (uint16 *)bufp->page;
- pageno = 0;
- key_done = 0;
-
- while (!key_done || (bp[2] != FULL_KEY_DATA)) {
- if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA)
- key_done = 1;
-
- /*
- * If there is freespace left on a FULL_KEY_DATA page, then
- * the data is short and fits entirely on this page, and this
- * is the last page.
- */
- if (bp[2] == FULL_KEY_DATA && FREESPACE(bp))
- break;
- pageno = bp[bp[0] - 1];
- rbufp->flags |= BUF_MOD;
- rbufp = __get_buf(hashp, pageno, rbufp, 0);
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- last_bfp = rbufp;
- if (!rbufp)
- return (-1); /* Error. */
- bp = (uint16 *)rbufp->page;
- }
-
- /*
- * If we get here then rbufp points to the last page of the big
- * key/data pair. Bufp points to the first one -- it should now be
- * empty pointing to the next page after this pair. Can't free it
- * because we don't have the page pointing to it.
- */
-
- /* This is information from the last page of the pair. */
- n = bp[0];
- pageno = bp[n - 1];
-
- /* Now, bp is the first page of the pair. */
- bp = (uint16 *)bufp->page;
- if (n > 2) {
- /* There is an overflow page. */
- bp[1] = pageno;
- bp[2] = OVFLPAGE;
- bufp->ovfl = rbufp->ovfl;
- } else
- /* This is the last page. */
- bufp->ovfl = NULL;
- n -= 2;
- bp[0] = n;
- FREESPACE(bp) = hashp->BSIZE - PAGE_META(n);
- OFFSET(bp) = hashp->BSIZE - 1;
-
- bufp->flags |= BUF_MOD;
- if (rbufp)
- __free_ovflpage(hashp, rbufp);
- if (last_bfp != rbufp)
- __free_ovflpage(hashp, last_bfp);
-
- hashp->NKEYS--;
- return (0);
-}
-/*
- * Returns:
- * 0 = key not found
- * -1 = get next overflow page
- * -2 means key not found and this is big key/data
- * -3 error
- */
-extern int
-__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size)
-{
- register uint16 *bp;
- register char *p;
- int ksize;
- uint16 bytes;
- char *kkey;
-
- bp = (uint16 *)bufp->page;
- p = bufp->page;
- ksize = size;
- kkey = key;
-
- for (bytes = hashp->BSIZE - bp[ndx];
- bytes <= size && bp[ndx + 1] == PARTIAL_KEY;
- bytes = hashp->BSIZE - bp[ndx]) {
- if (memcmp(p + bp[ndx], kkey, bytes))
- return (-2);
- kkey += bytes;
- ksize -= bytes;
- bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0);
- if (!bufp)
- return (-3);
- p = bufp->page;
- bp = (uint16 *)p;
- ndx = 1;
- }
-
- if (bytes != ksize || memcmp(p + bp[ndx], kkey, bytes)) {
-#ifdef HASH_STATISTICS
- ++hash_collisions;
-#endif
- return (-2);
- } else
- return (ndx);
-}
-
-/*
- * Given the buffer pointer of the first overflow page of a big pair,
- * find the end of the big pair
- *
- * This will set bpp to the buffer header of the last page of the big pair.
- * It will return the pageno of the overflow page following the last page
- * of the pair; 0 if there isn't any (i.e. big pair is the last key in the
- * bucket)
- */
-extern uint16
-__find_last_page(HTAB *hashp, BUFHEAD **bpp)
-{
- BUFHEAD *bufp;
- uint16 *bp, pageno;
- uint n;
-
- bufp = *bpp;
- bp = (uint16 *)bufp->page;
- for (;;) {
- n = bp[0];
-
- /*
- * This is the last page if: the tag is FULL_KEY_DATA and
- * either only 2 entries OVFLPAGE marker is explicit there
- * is freespace on the page.
- */
- if (bp[2] == FULL_KEY_DATA &&
- ((n == 2) || (bp[n] == OVFLPAGE) || (FREESPACE(bp))))
- break;
-
- /* LJM bound the size of n to reasonable limits
- */
- if(n > hashp->BSIZE/sizeof(uint16))
- return(0);
-
- pageno = bp[n - 1];
- bufp = __get_buf(hashp, pageno, bufp, 0);
- if (!bufp)
- return (0); /* Need to indicate an error! */
- bp = (uint16 *)bufp->page;
- }
-
- *bpp = bufp;
- if (bp[0] > 2)
- return (bp[3]);
- else
- return (0);
-}
-
-/*
- * Return the data for the key/data pair that begins on this page at this
- * index (index should always be 1).
- */
-extern int
-__big_return(
- HTAB *hashp,
- BUFHEAD *bufp,
- int ndx,
- DBT *val,
- int set_current)
-{
- BUFHEAD *save_p;
- uint16 *bp, len, off, save_addr;
- char *tp;
- int save_flags;
-
- bp = (uint16 *)bufp->page;
- while (bp[ndx + 1] == PARTIAL_KEY) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- ndx = 1;
- }
-
- if (bp[ndx + 1] == FULL_KEY) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- save_p = bufp;
- save_addr = save_p->addr;
- off = bp[1];
- len = 0;
- } else
- if (!FREESPACE(bp)) {
- /*
- * This is a hack. We can't distinguish between
- * FULL_KEY_DATA that contains complete data or
- * incomplete data, so we require that if the data
- * is complete, there is at least 1 byte of free
- * space left.
- */
- off = bp[bp[0]];
- len = bp[1] - off;
- save_p = bufp;
- save_addr = bufp->addr;
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- return (-1);
- bp = (uint16 *)bufp->page;
- } else {
- /* The data is all on one page. */
- tp = (char *)bp;
- off = bp[bp[0]];
- val->data = (uint8 *)tp + off;
- val->size = bp[1] - off;
- if (set_current) {
- if (bp[0] == 2) { /* No more buckets in
- * chain */
- hashp->cpage = NULL;
- hashp->cbucket++;
- hashp->cndx = 1;
- } else {
- hashp->cpage = __get_buf(hashp,
- bp[bp[0] - 1], bufp, 0);
- if (!hashp->cpage)
- return (-1);
- hashp->cndx = 1;
- if (!((uint16 *)
- hashp->cpage->page)[0]) {
- hashp->cbucket++;
- hashp->cpage = NULL;
- }
- }
- }
- return (0);
- }
-
- /* pin our saved buf so that we don't lose if
- * we run out of buffers */
- save_flags = save_p->flags;
- save_p->flags |= BUF_PIN;
- val->size = collect_data(hashp, bufp, (int)len, set_current);
- save_p->flags = save_flags;
- if (val->size == (size_t)-1)
- return (-1);
- if (save_p->addr != save_addr) {
- /* We are pretty short on buffers. */
- errno = EINVAL; /* OUT OF BUFFERS */
- return (-1);
- }
- memmove(hashp->tmp_buf, (save_p->page) + off, len);
- val->data = (uint8 *)hashp->tmp_buf;
- return (0);
-}
-
-
-/*
- * Count how big the total datasize is by looping through the pages. Then
- * allocate a buffer and copy the data in the second loop. NOTE: Our caller
- * may already have a bp which it is holding onto. The caller is
- * responsible for copying that bp into our temp buffer. 'len' is how much
- * space to reserve for that buffer.
- */
-static int
-collect_data(
- HTAB *hashp,
- BUFHEAD *bufp,
- int len, int set)
-{
- register uint16 *bp;
- BUFHEAD *save_bufp;
- int save_flags;
- int mylen, totlen;
-
- /*
- * save the input buf head because we need to walk the list twice.
- * pin it to make sure it doesn't leave the buffer pool.
- * This has the effect of growing the buffer pool if necessary.
- */
- save_bufp = bufp;
- save_flags = save_bufp->flags;
- save_bufp->flags |= BUF_PIN;
-
- /* read the length of the buffer */
- for (totlen = len; bufp ; bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
- bp = (uint16 *)bufp->page;
- mylen = hashp->BSIZE - bp[1];
-
- /* if mylen ever goes negative it means that the
- * page is screwed up.
- */
- if (mylen < 0) {
- save_bufp->flags = save_flags;
- return (-1);
- }
- totlen += mylen;
- if (bp[2] == FULL_KEY_DATA) { /* End of Data */
- break;
- }
- }
-
- if (!bufp) {
- save_bufp->flags = save_flags;
- return (-1);
- }
-
- /* allocate a temp buf */
- if (hashp->tmp_buf)
- free(hashp->tmp_buf);
- if ((hashp->tmp_buf = (char *)malloc((size_t)totlen)) == NULL) {
- save_bufp->flags = save_flags;
- return (-1);
- }
-
- /* copy the buffers back into temp buf */
- for (bufp = save_bufp; bufp ;
- bufp = __get_buf(hashp, bp[bp[0]-1], bufp, 0)) {
- bp = (uint16 *)bufp->page;
- mylen = hashp->BSIZE - bp[1];
- memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen);
- len += mylen;
- if (bp[2] == FULL_KEY_DATA) {
- break;
- }
- }
-
- /* 'clear' the pin flags */
- save_bufp->flags = save_flags;
-
- /* update the database cursor */
- if (set) {
- hashp->cndx = 1;
- if (bp[0] == 2) { /* No more buckets in chain */
- hashp->cpage = NULL;
- hashp->cbucket++;
- } else {
- hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!hashp->cpage)
- return (-1);
- else if (!((uint16 *)hashp->cpage->page)[0]) {
- hashp->cbucket++;
- hashp->cpage = NULL;
- }
- }
- }
- return (totlen);
-}
-
-/*
- * Fill in the key and data for this big pair.
- */
-extern int
-__big_keydata(
- HTAB *hashp,
- BUFHEAD *bufp,
- DBT *key, DBT *val,
- int set)
-{
- key->size = collect_key(hashp, bufp, 0, val, set);
- if (key->size == (size_t)-1)
- return (-1);
- key->data = (uint8 *)hashp->tmp_key;
- return (0);
-}
-
-/*
- * Count how big the total key size is by recursing through the pages. Then
- * collect the data, allocate a buffer and copy the key as you recurse up.
- */
-static int
-collect_key(
- HTAB *hashp,
- BUFHEAD *bufp,
- int len,
- DBT *val,
- int set)
-{
- BUFHEAD *xbp;
- char *p;
- int mylen, totlen;
- uint16 *bp, save_addr;
-
- p = bufp->page;
- bp = (uint16 *)p;
- mylen = hashp->BSIZE - bp[1];
-
- save_addr = bufp->addr;
- totlen = len + mylen;
- if (bp[2] == FULL_KEY || bp[2] == FULL_KEY_DATA) { /* End of Key. */
- if (hashp->tmp_key != NULL)
- free(hashp->tmp_key);
- if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL)
- return (-1);
- if (__big_return(hashp, bufp, 1, val, set))
- return (-1);
- } else {
- xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!xbp || ((totlen =
- collect_key(hashp, xbp, totlen, val, set)) < 1))
- return (-1);
- }
- if (bufp->addr != save_addr) {
- errno = EINVAL; /* MIS -- OUT OF BUFFERS */
- return (-1);
- }
- memmove(&hashp->tmp_key[len], (bufp->page) + bp[1], (size_t)mylen);
- return (totlen);
-}
-
-/*
- * Returns:
- * 0 => OK
- * -1 => error
- */
-extern int
-__big_split(
- HTAB *hashp,
- BUFHEAD *op, /* Pointer to where to put keys that go in old bucket */
- BUFHEAD *np, /* Pointer to new bucket page */
- /* Pointer to first page containing the big key/data */
- BUFHEAD *big_keyp,
- uint32 addr, /* Address of big_keyp */
- uint32 obucket,/* Old Bucket */
- SPLIT_RETURN *ret)
-{
- register BUFHEAD *tmpp;
- register uint16 *tp;
- BUFHEAD *bp;
- DBT key, val;
- uint32 change;
- uint16 free_space, n, off;
-
- bp = big_keyp;
-
- /* Now figure out where the big key/data goes */
- if (__big_keydata(hashp, big_keyp, &key, &val, 0))
- return (-1);
- change = (__call_hash(hashp,(char*) key.data, key.size) != obucket);
-
- if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) {
- if (!(ret->nextp =
- __get_buf(hashp, ret->next_addr, big_keyp, 0)))
- return (-1);;
- } else
- ret->nextp = NULL;
-
- /* Now make one of np/op point to the big key/data pair */
-#ifdef DEBUG
- assert(np->ovfl == NULL);
-#endif
- if (change)
- tmpp = np;
- else
- tmpp = op;
-
- tmpp->flags |= BUF_MOD;
-#ifdef DEBUG1
- (void)fprintf(stderr,
- "BIG_SPLIT: %d->ovfl was %d is now %d\n", tmpp->addr,
- (tmpp->ovfl ? tmpp->ovfl->addr : 0), (bp ? bp->addr : 0));
-#endif
- tmpp->ovfl = bp; /* one of op/np point to big_keyp */
- tp = (uint16 *)tmpp->page;
-
-
-#if 0 /* this get's tripped on database corrupted error */
- assert(FREESPACE(tp) >= OVFLSIZE);
-#endif
- if(FREESPACE(tp) < OVFLSIZE)
- return(DATABASE_CORRUPTED_ERROR);
-
- n = tp[0];
- off = OFFSET(tp);
- free_space = FREESPACE(tp);
- tp[++n] = (uint16)addr;
- tp[++n] = OVFLPAGE;
- tp[0] = n;
- OFFSET(tp) = off;
- FREESPACE(tp) = free_space - OVFLSIZE;
-
- /*
- * Finally, set the new and old return values. BIG_KEYP contains a
- * pointer to the last page of the big key_data pair. Make sure that
- * big_keyp has no following page (2 elements) or create an empty
- * following page.
- */
-
- ret->newp = np;
- ret->oldp = op;
-
- tp = (uint16 *)big_keyp->page;
- big_keyp->flags |= BUF_MOD;
- if (tp[0] > 2) {
- /*
- * There may be either one or two offsets on this page. If
- * there is one, then the overflow page is linked on normally
- * and tp[4] is OVFLPAGE. If there are two, tp[4] contains
- * the second offset and needs to get stuffed in after the
- * next overflow page is added.
- */
- n = tp[4];
- free_space = FREESPACE(tp);
- off = OFFSET(tp);
- tp[0] -= 2;
- FREESPACE(tp) = free_space + OVFLSIZE;
- OFFSET(tp) = off;
- tmpp = __add_ovflpage(hashp, big_keyp);
- if (!tmpp)
- return (-1);
- tp[4] = n;
- } else
- tmpp = big_keyp;
-
- if (change)
- ret->newp = tmpp;
- else
- ret->oldp = tmpp;
- return (0);
-}
diff --git a/dbm/src/h_func.c b/dbm/src/h_func.c
deleted file mode 100644
index 5819efe234..0000000000
--- a/dbm/src/h_func.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include
-#endif
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-#if 0
-static uint32 hash1 __P((const void *, size_t));
-static uint32 hash2 __P((const void *, size_t));
-static uint32 hash3 __P((const void *, size_t));
-#endif
-static uint32 hash4 __P((const void *, size_t));
-
-/* Global default hash function */
-uint32 (*__default_hash) __P((const void *, size_t)) = hash4;
-
-/*
- * HASH FUNCTIONS
- *
- * Assume that we've already split the bucket to which this key hashes,
- * calculate that bucket, and check that in fact we did already split it.
- *
- * This came from ejb's hsearch.
- */
-
-#define PRIME1 37
-#define PRIME2 1048583
-
-#if 0
-static uint32
-hash1(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register uint32 h;
-
- /* Convert string to integer */
- for (key = (const uint8 *)keyarg, h = 0; len--;)
- h = h * PRIME1 ^ (*key++ - ' ');
- h %= PRIME2;
- return (h);
-}
-
-/*
- * Phong's linear congruential hash
- */
-#define dcharhash(h, c) ((h) = 0x63c63cd9*(h) + 0x9c39c33d + (c))
-
-static uint32
-hash2(const void *keyarg, size_t len)
-{
- register const uint8 *e, *key;
- register uint32 h;
- register uint8 c;
-
- key = (const uint8 *)keyarg;
- e = key + len;
- for (h = 0; key != e;) {
- c = *key++;
- if (!c && key > e)
- break;
- dcharhash(h, c);
- }
- return (h);
-}
-
-/*
- * This is INCREDIBLY ugly, but fast. We break the string up into 8 byte
- * units. On the first time through the loop we get the "leftover bytes"
- * (strlen % 8). On every other iteration, we perform 8 HASHC's so we handle
- * all 8 bytes. Essentially, this saves us 7 cmp & branch instructions. If
- * this routine is heavily used enough, it's worth the ugly coding.
- *
- * OZ's original sdbm hash
- */
-static uint32
-hash3(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register size_t loop;
- register uint32 h;
-
-#define HASHC h = *key++ + 65599 * h
-
- h = 0;
- key = (const uint8 *)keyarg;
- if (len > 0) {
- loop = (len + 8 - 1) >> 3;
-
- switch (len & (8 - 1)) {
- case 0:
- do {
- HASHC;
- /* FALLTHROUGH */
- case 7:
- HASHC;
- /* FALLTHROUGH */
- case 6:
- HASHC;
- /* FALLTHROUGH */
- case 5:
- HASHC;
- /* FALLTHROUGH */
- case 4:
- HASHC;
- /* FALLTHROUGH */
- case 3:
- HASHC;
- /* FALLTHROUGH */
- case 2:
- HASHC;
- /* FALLTHROUGH */
- case 1:
- HASHC;
- } while (--loop);
- }
- }
- return (h);
-}
-#endif /* 0 */
-
-/* Hash function from Chris Torek. */
-static uint32
-hash4(const void *keyarg, register size_t len)
-{
- register const uint8 *key;
- register size_t loop;
- register uint32 h;
-
-#define HASH4a h = (h << 5) - h + *key++;
-#define HASH4b h = (h << 5) + h + *key++;
-#define HASH4 HASH4b
-
- h = 0;
- key = (const uint8 *)keyarg;
- if (len > 0) {
- loop = (len + 8 - 1) >> 3;
-
- switch (len & (8 - 1)) {
- case 0:
- do {
- HASH4;
- /* FALLTHROUGH */
- case 7:
- HASH4;
- /* FALLTHROUGH */
- case 6:
- HASH4;
- /* FALLTHROUGH */
- case 5:
- HASH4;
- /* FALLTHROUGH */
- case 4:
- HASH4;
- /* FALLTHROUGH */
- case 3:
- HASH4;
- /* FALLTHROUGH */
- case 2:
- HASH4;
- /* FALLTHROUGH */
- case 1:
- HASH4;
- } while (--loop);
- }
- }
- return (h);
-}
diff --git a/dbm/src/h_log2.c b/dbm/src/h_log2.c
deleted file mode 100644
index 4d8b0a7156..0000000000
--- a/dbm/src/h_log2.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include
-#ifndef macintosh
-#include
-#endif
-#include "mcom_db.h"
-
-uint32 __log2(uint32 num)
-{
- register uint32 i, limit;
-
- limit = 1;
- for (i = 0; limit < num; limit = limit << 1, i++) {}
- return (i);
-}
diff --git a/dbm/src/h_page.c b/dbm/src/h_page.c
deleted file mode 100644
index e11ad9451b..0000000000
--- a/dbm/src/h_page.c
+++ /dev/null
@@ -1,1290 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(unix)
-#define MY_LSEEK lseek
-#else
-#define MY_LSEEK new_lseek
-extern long new_lseek(int fd, long pos, int start);
-#endif
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hashing
- *
- * DESCRIPTION:
- * Page manipulation for hashing package.
- *
- * ROUTINES:
- *
- * External
- * __get_page
- * __add_ovflpage
- * Internal
- * overflow_page
- * open_temp
- */
-#ifndef macintosh
-#include
-#endif
-
-#if defined(macintosh)
-#include
-#endif
-
-#include
-#include
-#if defined(_WIN32) || defined(_WINDOWS)
-#include
-#endif
-#include
-#include
-#include
-#include
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#include
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-extern int mkstempflags(char *path, int extraFlags);
-
-static uint32 *fetch_bitmap __P((HTAB *, uint32));
-static uint32 first_free __P((uint32));
-static int open_temp __P((HTAB *));
-static uint16 overflow_page __P((HTAB *));
-static void squeeze_key __P((uint16 *, const DBT *, const DBT *));
-static int ugly_split
- __P((HTAB *, uint32, BUFHEAD *, BUFHEAD *, int, int));
-
-#define PAGE_INIT(P) { \
- ((uint16 *)(P))[0] = 0; \
- ((uint16 *)(P))[1] = hashp->BSIZE - 3 * sizeof(uint16); \
- ((uint16 *)(P))[2] = hashp->BSIZE; \
-}
-
-/* implement a new lseek using lseek that
- * writes zero's when extending a file
- * beyond the end.
- */
-long new_lseek(int fd, long offset, int origin)
-{
- long cur_pos=0;
- long end_pos=0;
- long seek_pos=0;
-
- if(origin == SEEK_CUR)
- {
- if(offset < 1)
- return(lseek(fd, offset, SEEK_CUR));
-
- cur_pos = lseek(fd, 0, SEEK_CUR);
-
- if(cur_pos < 0)
- return(cur_pos);
- }
-
- end_pos = lseek(fd, 0, SEEK_END);
- if(end_pos < 0)
- return(end_pos);
-
- if(origin == SEEK_SET)
- seek_pos = offset;
- else if(origin == SEEK_CUR)
- seek_pos = cur_pos + offset;
- else if(origin == SEEK_END)
- seek_pos = end_pos + offset;
- else
- {
- assert(0);
- return(-1);
- }
-
- /* the seek position desired is before the
- * end of the file. We don't need
- * to do anything special except the seek.
- */
- if(seek_pos <= end_pos)
- return(lseek(fd, seek_pos, SEEK_SET));
-
- /* the seek position is beyond the end of the
- * file. Write zero's to the end.
- *
- * we are already at the end of the file so
- * we just need to "write()" zeros for the
- * difference between seek_pos-end_pos and
- * then seek to the position to finish
- * the call
- */
- {
- char buffer[1024];
- long len = seek_pos-end_pos;
- memset(&buffer, 0, 1024);
- while(len > 0)
- {
- write(fd, (char*)&buffer, (size_t)(1024 > len ? len : 1024));
- len -= 1024;
- }
- return(lseek(fd, seek_pos, SEEK_SET));
- }
-
-}
-
-/*
- * This is called AFTER we have verified that there is room on the page for
- * the pair (PAIRFITS has returned true) so we go right ahead and start moving
- * stuff on.
- */
-static void
-putpair(char *p, const DBT *key, DBT * val)
-{
- register uint16 *bp, n, off;
-
- bp = (uint16 *)p;
-
- /* Enter the key first. */
- n = bp[0];
-
- off = OFFSET(bp) - key->size;
- memmove(p + off, key->data, key->size);
- bp[++n] = off;
-
- /* Now the data. */
- off -= val->size;
- memmove(p + off, val->data, val->size);
- bp[++n] = off;
-
- /* Adjust page info. */
- bp[0] = n;
- bp[n + 1] = off - ((n + 3) * sizeof(uint16));
- bp[n + 2] = off;
-}
-
-/*
- * Returns:
- * 0 OK
- * -1 error
- */
-extern int
-__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx)
-{
- register uint16 *bp, newoff;
- register int n;
- uint16 pairlen;
-
- bp = (uint16 *)bufp->page;
- n = bp[0];
-
- if (bp[ndx + 1] < REAL_KEY)
- return (__big_delete(hashp, bufp));
- if (ndx != 1)
- newoff = bp[ndx - 1];
- else
- newoff = hashp->BSIZE;
- pairlen = newoff - bp[ndx + 1];
-
- if (ndx != (n - 1)) {
- /* Hard Case -- need to shuffle keys */
- register int i;
- register char *src = bufp->page + (int)OFFSET(bp);
- uint32 dst_offset = (uint32)OFFSET(bp) + (uint32)pairlen;
- register char *dst = bufp->page + dst_offset;
- uint32 length = bp[ndx + 1] - OFFSET(bp);
-
- /*
- * +-----------+XXX+---------+XXX+---------+---------> +infinity
- * | | | |
- * 0 src_offset dst_offset BSIZE
- *
- * Dst_offset is > src_offset, so if src_offset were bad, dst_offset
- * would be too, therefore we check only dst_offset.
- *
- * If dst_offset is >= BSIZE, either OFFSET(bp), or pairlen, or both
- * is corrupted.
- *
- * Once we know dst_offset is < BSIZE, we can subtract it from BSIZE
- * to get an upper bound on length.
- */
- if(dst_offset > (uint32)hashp->BSIZE)
- return(DATABASE_CORRUPTED_ERROR);
-
- if(length > (uint32)(hashp->BSIZE - dst_offset))
- return(DATABASE_CORRUPTED_ERROR);
-
- memmove(dst, src, length);
-
- /* Now adjust the pointers */
- for (i = ndx + 2; i <= n; i += 2) {
- if (bp[i + 1] == OVFLPAGE) {
- bp[i - 2] = bp[i];
- bp[i - 1] = bp[i + 1];
- } else {
- bp[i - 2] = bp[i] + pairlen;
- bp[i - 1] = bp[i + 1] + pairlen;
- }
- }
- }
- /* Finally adjust the page data */
- bp[n] = OFFSET(bp) + pairlen;
- bp[n - 1] = bp[n + 1] + pairlen + 2 * sizeof(uint16);
- bp[0] = n - 2;
- hashp->NKEYS--;
-
- bufp->flags |= BUF_MOD;
- return (0);
-}
-/*
- * Returns:
- * 0 ==> OK
- * -1 ==> Error
- */
-extern int
-__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket)
-{
- register BUFHEAD *new_bufp, *old_bufp;
- register uint16 *ino;
- register uint16 *tmp_uint16_array;
- register char *np;
- DBT key, val;
- uint16 n, ndx;
- int retval;
- uint16 copyto, diff, moved;
- size_t off;
- char *op;
-
- copyto = (uint16)hashp->BSIZE;
- off = (uint16)hashp->BSIZE;
- old_bufp = __get_buf(hashp, obucket, NULL, 0);
- if (old_bufp == NULL)
- return (-1);
- new_bufp = __get_buf(hashp, nbucket, NULL, 0);
- if (new_bufp == NULL)
- return (-1);
-
- old_bufp->flags |= (BUF_MOD | BUF_PIN);
- new_bufp->flags |= (BUF_MOD | BUF_PIN);
-
- ino = (uint16 *)(op = old_bufp->page);
- np = new_bufp->page;
-
- moved = 0;
-
- for (n = 1, ndx = 1; n < ino[0]; n += 2) {
- if (ino[n + 1] < REAL_KEY) {
- retval = ugly_split(hashp, obucket, old_bufp, new_bufp,
- (int)copyto, (int)moved);
- old_bufp->flags &= ~BUF_PIN;
- new_bufp->flags &= ~BUF_PIN;
- return (retval);
-
- }
- key.data = (uint8 *)op + ino[n];
-
- /* check here for ino[n] being greater than
- * off. If it is then the database has
- * been corrupted.
- */
- if(ino[n] > off)
- return(DATABASE_CORRUPTED_ERROR);
-
- key.size = off - ino[n];
-
-#ifdef DEBUG
- /* make sure the size is positive */
- assert(((int)key.size) > -1);
-#endif
-
- if (__call_hash(hashp, (char *)key.data, key.size) == obucket) {
- /* Don't switch page */
- diff = copyto - off;
- if (diff) {
- copyto = ino[n + 1] + diff;
- memmove(op + copyto, op + ino[n + 1],
- off - ino[n + 1]);
- ino[ndx] = copyto + ino[n] - ino[n + 1];
- ino[ndx + 1] = copyto;
- } else
- copyto = ino[n + 1];
- ndx += 2;
- } else {
- /* Switch page */
- val.data = (uint8 *)op + ino[n + 1];
- val.size = ino[n] - ino[n + 1];
-
- /* if the pair doesn't fit something is horribly
- * wrong. LJM
- */
- tmp_uint16_array = (uint16*)np;
- if(!PAIRFITS(tmp_uint16_array, &key, &val))
- return(DATABASE_CORRUPTED_ERROR);
-
- putpair(np, &key, &val);
- moved += 2;
- }
-
- off = ino[n + 1];
- }
-
- /* Now clean up the page */
- ino[0] -= moved;
- FREESPACE(ino) = copyto - sizeof(uint16) * (ino[0] + 3);
- OFFSET(ino) = copyto;
-
-#ifdef DEBUG3
- (void)fprintf(stderr, "split %d/%d\n",
- ((uint16 *)np)[0] / 2,
- ((uint16 *)op)[0] / 2);
-#endif
- /* unpin both pages */
- old_bufp->flags &= ~BUF_PIN;
- new_bufp->flags &= ~BUF_PIN;
- return (0);
-}
-
-/*
- * Called when we encounter an overflow or big key/data page during split
- * handling. This is special cased since we have to begin checking whether
- * the key/data pairs fit on their respective pages and because we may need
- * overflow pages for both the old and new pages.
- *
- * The first page might be a page with regular key/data pairs in which case
- * we have a regular overflow condition and just need to go on to the next
- * page or it might be a big key/data pair in which case we need to fix the
- * big key/data pair.
- *
- * Returns:
- * 0 ==> success
- * -1 ==> failure
- */
-
-/* the maximum number of loops we will allow UGLY split to chew
- * on before we assume the database is corrupted and throw it
- * away.
- */
-#define MAX_UGLY_SPLIT_LOOPS 10000
-
-static int
-ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp,
- BUFHEAD *new_bufp,/* Same as __split_page. */ int copyto, int moved)
- /* int copyto; First byte on page which contains key/data values. */
- /* int moved; Number of pairs moved to new page. */
-{
- register BUFHEAD *bufp; /* Buffer header for ino */
- register uint16 *ino; /* Page keys come off of */
- register uint16 *np; /* New page */
- register uint16 *op; /* Page keys go on to if they aren't moving */
- uint32 loop_detection=0;
-
- BUFHEAD *last_bfp; /* Last buf header OVFL needing to be freed */
- DBT key, val;
- SPLIT_RETURN ret;
- uint16 n, off, ov_addr, scopyto;
- char *cino; /* Character value of ino */
- int status;
-
- bufp = old_bufp;
- ino = (uint16 *)old_bufp->page;
- np = (uint16 *)new_bufp->page;
- op = (uint16 *)old_bufp->page;
- last_bfp = NULL;
- scopyto = (uint16)copyto; /* ANSI */
-
- n = ino[0] - 1;
- while (n < ino[0]) {
-
-
- /* this function goes nuts sometimes and never returns.
- * I havent found the problem yet but I need a solution
- * so if we loop too often we assume a database curruption error
- * :LJM
- */
- loop_detection++;
-
- if(loop_detection > MAX_UGLY_SPLIT_LOOPS)
- return DATABASE_CORRUPTED_ERROR;
-
- if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) {
- if ((status = __big_split(hashp, old_bufp,
- new_bufp, bufp, bufp->addr, obucket, &ret)))
- return (status);
- old_bufp = ret.oldp;
- if (!old_bufp)
- return (-1);
- op = (uint16 *)old_bufp->page;
- new_bufp = ret.newp;
- if (!new_bufp)
- return (-1);
- np = (uint16 *)new_bufp->page;
- bufp = ret.nextp;
- if (!bufp)
- return (0);
- cino = (char *)bufp->page;
- ino = (uint16 *)cino;
- last_bfp = ret.nextp;
- } else if (ino[n + 1] == OVFLPAGE) {
- ov_addr = ino[n];
- /*
- * Fix up the old page -- the extra 2 are the fields
- * which contained the overflow information.
- */
- ino[0] -= (moved + 2);
- FREESPACE(ino) =
- scopyto - sizeof(uint16) * (ino[0] + 3);
- OFFSET(ino) = scopyto;
-
- bufp = __get_buf(hashp, ov_addr, bufp, 0);
- if (!bufp)
- return (-1);
-
- ino = (uint16 *)bufp->page;
- n = 1;
- scopyto = hashp->BSIZE;
- moved = 0;
-
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- last_bfp = bufp;
- }
- /* Move regular sized pairs of there are any */
- off = hashp->BSIZE;
- for (n = 1; (n < ino[0]) && (ino[n + 1] >= REAL_KEY); n += 2) {
- cino = (char *)ino;
- key.data = (uint8 *)cino + ino[n];
- key.size = off - ino[n];
- val.data = (uint8 *)cino + ino[n + 1];
- val.size = ino[n] - ino[n + 1];
- off = ino[n + 1];
-
- if (__call_hash(hashp, (char*)key.data, key.size) == obucket) {
- /* Keep on old page */
- if (PAIRFITS(op, (&key), (&val)))
- putpair((char *)op, &key, &val);
- else {
- old_bufp =
- __add_ovflpage(hashp, old_bufp);
- if (!old_bufp)
- return (-1);
- op = (uint16 *)old_bufp->page;
- putpair((char *)op, &key, &val);
- }
- old_bufp->flags |= BUF_MOD;
- } else {
- /* Move to new page */
- if (PAIRFITS(np, (&key), (&val)))
- putpair((char *)np, &key, &val);
- else {
- new_bufp =
- __add_ovflpage(hashp, new_bufp);
- if (!new_bufp)
- return (-1);
- np = (uint16 *)new_bufp->page;
- putpair((char *)np, &key, &val);
- }
- new_bufp->flags |= BUF_MOD;
- }
- }
- }
- if (last_bfp)
- __free_ovflpage(hashp, last_bfp);
- return (0);
-}
-
-/*
- * Add the given pair to the page
- *
- * Returns:
- * 0 ==> OK
- * 1 ==> failure
- */
-extern int
-__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT * val)
-{
- register uint16 *bp, *sop;
- int do_expand;
-
- bp = (uint16 *)bufp->page;
- do_expand = 0;
- while (bp[0] && (bp[2] < REAL_KEY || bp[bp[0]] < REAL_KEY))
- /* Exception case */
- if (bp[2] == FULL_KEY_DATA && bp[0] == 2)
- /* This is the last page of a big key/data pair
- and we need to add another page */
- break;
- else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- bp = (uint16 *)bufp->page;
- } else
- /* Try to squeeze key on this page */
- if (FREESPACE(bp) > PAIRSIZE(key, val)) {
- {
- squeeze_key(bp, key, val);
-
- /* LJM: I added this because I think it was
- * left out on accident.
- * if this isn't incremented nkeys will not
- * be the actual number of keys in the db.
- */
- hashp->NKEYS++;
- return (0);
- }
- } else {
- bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- bp = (uint16 *)bufp->page;
- }
-
- if (PAIRFITS(bp, key, val))
- putpair(bufp->page, key, (DBT *)val);
- else {
- do_expand = 1;
- bufp = __add_ovflpage(hashp, bufp);
- if (!bufp)
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- sop = (uint16 *)bufp->page;
-
- if (PAIRFITS(sop, key, val))
- putpair((char *)sop, key, (DBT *)val);
- else
- if (__big_insert(hashp, bufp, key, val))
- {
-#ifdef DEBUG
- assert(0);
-#endif
- return (-1);
- }
- }
- bufp->flags |= BUF_MOD;
- /*
- * If the average number of keys per bucket exceeds the fill factor,
- * expand the table.
- */
- hashp->NKEYS++;
- if (do_expand ||
- (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR))
- return (__expand_table(hashp));
- return (0);
-}
-
-/*
- *
- * Returns:
- * pointer on success
- * NULL on error
- */
-extern BUFHEAD *
-__add_ovflpage(HTAB *hashp, BUFHEAD *bufp)
-{
- register uint16 *sp;
- uint16 ndx, ovfl_num;
-#ifdef DEBUG1
- int tmp1, tmp2;
-#endif
- sp = (uint16 *)bufp->page;
-
- /* Check if we are dynamically determining the fill factor */
- if (hashp->FFACTOR == DEF_FFACTOR) {
- hashp->FFACTOR = sp[0] >> 1;
- if (hashp->FFACTOR < MIN_FFACTOR)
- hashp->FFACTOR = MIN_FFACTOR;
- }
- bufp->flags |= BUF_MOD;
- ovfl_num = overflow_page(hashp);
-#ifdef DEBUG1
- tmp1 = bufp->addr;
- tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0;
-#endif
- if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1)))
- return (NULL);
- bufp->ovfl->flags |= BUF_MOD;
-#ifdef DEBUG1
- (void)fprintf(stderr, "ADDOVFLPAGE: %d->ovfl was %d is now %d\n",
- tmp1, tmp2, bufp->ovfl->addr);
-#endif
- ndx = sp[0];
- /*
- * Since a pair is allocated on a page only if there's room to add
- * an overflow page, we know that the OVFL information will fit on
- * the page.
- */
- sp[ndx + 4] = OFFSET(sp);
- sp[ndx + 3] = FREESPACE(sp) - OVFLSIZE;
- sp[ndx + 1] = ovfl_num;
- sp[ndx + 2] = OVFLPAGE;
- sp[0] = ndx + 2;
-#ifdef HASH_STATISTICS
- hash_overflows++;
-#endif
- return (bufp->ovfl);
-}
-
-/*
- * Returns:
- * 0 indicates SUCCESS
- * -1 indicates FAILURE
- */
-extern int
-__get_page(HTAB *hashp,
- char * p,
- uint32 bucket,
- int is_bucket,
- int is_disk,
- int is_bitmap)
-{
- register int fd, page;
- size_t size;
- int rsize;
- uint16 *bp;
-
- fd = hashp->fp;
- size = hashp->BSIZE;
-
- if ((fd == -1) || !is_disk) {
- PAGE_INIT(p);
- return (0);
- }
- if (is_bucket)
- page = BUCKET_TO_PAGE(bucket);
- else
- page = OADDR_TO_PAGE(bucket);
- if ((MY_LSEEK(fd, (off_t)page << hashp->BSHIFT, SEEK_SET) == -1) ||
- ((rsize = read(fd, p, size)) == -1))
- return (-1);
-
- bp = (uint16 *)p;
- if (!rsize)
- bp[0] = 0; /* We hit the EOF, so initialize a new page */
- else
- if ((unsigned)rsize != size) {
- errno = EFTYPE;
- return (-1);
- }
-
- if (!is_bitmap && !bp[0]) {
- PAGE_INIT(p);
- } else {
-
-#ifdef DEBUG
- if(BYTE_ORDER == LITTLE_ENDIAN)
- {
- int is_little_endian;
- is_little_endian = BYTE_ORDER;
- }
- else if(BYTE_ORDER == BIG_ENDIAN)
- {
- int is_big_endian;
- is_big_endian = BYTE_ORDER;
- }
- else
- {
- assert(0);
- }
-#endif
-
- if (hashp->LORDER != BYTE_ORDER) {
- register int i, max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- M_16_SWAP(bp[0]);
- max = bp[0] + 2;
-
- /* bound the size of max by
- * the maximum number of entries
- * in the array
- */
- if((unsigned)max > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- /* do the byte order swap
- */
- for (i = 1; i <= max; i++)
- M_16_SWAP(bp[i]);
- }
- }
-
- /* check the validity of the page here
- * (after doing byte order swaping if necessary)
- */
- if(!is_bitmap && bp[0] != 0)
- {
- uint16 num_keys = bp[0];
- uint16 offset;
- uint16 i;
-
- /* bp[0] is supposed to be the number of
- * entries currently in the page. If
- * bp[0] is too large (larger than the whole
- * page) then the page is corrupted
- */
- if(bp[0] > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- /* bound free space */
- if(FREESPACE(bp) > size)
- return(DATABASE_CORRUPTED_ERROR);
-
- /* check each key and data offset to make
- * sure they are all within bounds they
- * should all be less than the previous
- * offset as well.
- */
- offset = size;
- for(i=1 ; i <= num_keys; i+=2)
- {
- /* ignore overflow pages etc. */
- if(bp[i+1] >= REAL_KEY)
- {
-
- if(bp[i] > offset || bp[i+1] > bp[i])
- return(DATABASE_CORRUPTED_ERROR);
-
- offset = bp[i+1];
- }
- else
- {
- /* there are no other valid keys after
- * seeing a non REAL_KEY
- */
- break;
- }
- }
- }
- }
- return (0);
-}
-
-/*
- * Write page p to disk
- *
- * Returns:
- * 0 ==> OK
- * -1 ==>failure
- */
-extern int
-__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap)
-{
- register int fd, page;
- size_t size;
- int wsize;
- off_t offset;
-
- size = hashp->BSIZE;
- if ((hashp->fp == -1) && open_temp(hashp))
- return (-1);
- fd = hashp->fp;
-
- if (hashp->LORDER != BYTE_ORDER) {
- register int i;
- register int max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- max = ((uint16 *)p)[0] + 2;
-
- /* bound the size of max by
- * the maximum number of entries
- * in the array
- */
- if((unsigned)max > (size / sizeof(uint16)))
- return(DATABASE_CORRUPTED_ERROR);
-
- for (i = 0; i <= max; i++)
- M_16_SWAP(((uint16 *)p)[i]);
-
- }
- }
-
- if (is_bucket)
- page = BUCKET_TO_PAGE(bucket);
- else
- page = OADDR_TO_PAGE(bucket);
- offset = (off_t)page << hashp->BSHIFT;
- if ((MY_LSEEK(fd, offset, SEEK_SET) == -1) ||
- ((wsize = write(fd, p, size)) == -1))
- /* Errno is set */
- return (-1);
- if ((unsigned)wsize != size) {
- errno = EFTYPE;
- return (-1);
- }
-#if defined(_WIN32) || defined(_WINDOWS)
- if (offset + size > hashp->file_size) {
- hashp->updateEOF = 1;
- }
-#endif
- /* put the page back the way it was so that it isn't byteswapped
- * if it remains in memory - LJM
- */
- if (hashp->LORDER != BYTE_ORDER) {
- register int i;
- register int max;
-
- if (is_bitmap) {
- max = hashp->BSIZE >> 2; /* divide by 4 */
- for (i = 0; i < max; i++)
- M_32_SWAP(((int *)p)[i]);
- } else {
- uint16 *bp = (uint16 *)p;
-
- M_16_SWAP(bp[0]);
- max = bp[0] + 2;
-
- /* no need to bound the size if max again
- * since it was done already above
- */
-
- /* do the byte order re-swap
- */
- for (i = 1; i <= max; i++)
- M_16_SWAP(bp[i]);
- }
- }
-
- return (0);
-}
-
-#define BYTE_MASK ((1 << INT_BYTE_SHIFT) -1)
-/*
- * Initialize a new bitmap page. Bitmap pages are left in memory
- * once they are read in.
- */
-extern int
-__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx)
-{
- uint32 *ip;
- size_t clearbytes, clearints;
-
- if ((ip = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
- return (1);
- hashp->nmaps++;
- clearints = ((nbits - 1) >> INT_BYTE_SHIFT) + 1;
- clearbytes = clearints << INT_TO_BYTE;
- (void)memset((char *)ip, 0, clearbytes);
- (void)memset(((char *)ip) + clearbytes, 0xFF,
- hashp->BSIZE - clearbytes);
- ip[clearints - 1] = ALL_SET << (nbits & BYTE_MASK);
- SETBIT(ip, 0);
- hashp->BITMAPS[ndx] = (uint16)pnum;
- hashp->mapp[ndx] = ip;
- return (0);
-}
-
-static uint32
-first_free(uint32 map)
-{
- register uint32 i, mask;
-
- mask = 0x1;
- for (i = 0; i < BITS_PER_MAP; i++) {
- if (!(mask & map))
- return (i);
- mask = mask << 1;
- }
- return (i);
-}
-
-static uint16
-overflow_page(HTAB *hashp)
-{
- register uint32 *freep=NULL;
- register int max_free, offset, splitnum;
- uint16 addr;
- uint32 i;
- int bit, first_page, free_bit, free_page, in_use_bits, j;
-#ifdef DEBUG2
- int tmp1, tmp2;
-#endif
- splitnum = hashp->OVFL_POINT;
- max_free = hashp->SPARES[splitnum];
-
- free_page = (max_free - 1) >> (hashp->BSHIFT + BYTE_SHIFT);
- free_bit = (max_free - 1) & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
- /* Look through all the free maps to find the first free block */
- first_page = hashp->LAST_FREED >>(hashp->BSHIFT + BYTE_SHIFT);
- for ( i = first_page; i <= (unsigned)free_page; i++ ) {
- if (!(freep = (uint32 *)hashp->mapp[i]) &&
- !(freep = fetch_bitmap(hashp, i)))
- return (0);
- if (i == (unsigned)free_page)
- in_use_bits = free_bit;
- else
- in_use_bits = (hashp->BSIZE << BYTE_SHIFT) - 1;
-
- if (i == (unsigned)first_page) {
- bit = hashp->LAST_FREED &
- ((hashp->BSIZE << BYTE_SHIFT) - 1);
- j = bit / BITS_PER_MAP;
- bit = bit & ~(BITS_PER_MAP - 1);
- } else {
- bit = 0;
- j = 0;
- }
- for (; bit <= in_use_bits; j++, bit += BITS_PER_MAP)
- if (freep[j] != ALL_SET)
- goto found;
- }
-
- /* No Free Page Found */
- hashp->LAST_FREED = hashp->SPARES[splitnum];
- hashp->SPARES[splitnum]++;
- offset = hashp->SPARES[splitnum] -
- (splitnum ? hashp->SPARES[splitnum - 1] : 0);
-
-#define OVMSG "HASH: Out of overflow pages. Increase page size\n"
- if (offset > SPLITMASK) {
- if (++splitnum >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- hashp->OVFL_POINT = splitnum;
- hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
- hashp->SPARES[splitnum-1]--;
- offset = 1;
- }
-
- /* Check if we need to allocate a new bitmap page */
- if (free_bit == (hashp->BSIZE << BYTE_SHIFT) - 1) {
- free_page++;
- if (free_page >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG, sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- /*
- * This is tricky. The 1 indicates that you want the new page
- * allocated with 1 clear bit. Actually, you are going to
- * allocate 2 pages from this map. The first is going to be
- * the map page, the second is the overflow page we were
- * looking for. The init_bitmap routine automatically, sets
- * the first bit of itself to indicate that the bitmap itself
- * is in use. We would explicitly set the second bit, but
- * don't have to if we tell init_bitmap not to leave it clear
- * in the first place.
- */
- if (__ibitmap(hashp,
- (int)OADDR_OF(splitnum, offset), 1, free_page))
- return (0);
- hashp->SPARES[splitnum]++;
-#ifdef DEBUG2
- free_bit = 2;
-#endif
- offset++;
- if (offset > SPLITMASK) {
- if (++splitnum >= NCACHED) {
-#ifndef macintosh
- (void)write(STDERR_FILENO, OVMSG,
- sizeof(OVMSG) - 1);
-#endif
- return (0);
- }
- hashp->OVFL_POINT = splitnum;
- hashp->SPARES[splitnum] = hashp->SPARES[splitnum-1];
- hashp->SPARES[splitnum-1]--;
- offset = 0;
- }
- } else {
- /*
- * Free_bit addresses the last used bit. Bump it to address
- * the first available bit.
- */
- free_bit++;
- SETBIT(freep, free_bit);
- }
-
- /* Calculate address of the new overflow page */
- addr = OADDR_OF(splitnum, offset);
-#ifdef DEBUG2
- (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
- addr, free_bit, free_page);
-#endif
- return (addr);
-
-found:
- bit = bit + first_free(freep[j]);
- SETBIT(freep, bit);
-#ifdef DEBUG2
- tmp1 = bit;
- tmp2 = i;
-#endif
- /*
- * Bits are addressed starting with 0, but overflow pages are addressed
- * beginning at 1. Bit is a bit addressnumber, so we need to increment
- * it to convert it to a page number.
- */
- bit = 1 + bit + (i * (hashp->BSIZE << BYTE_SHIFT));
- if (bit >= hashp->LAST_FREED)
- hashp->LAST_FREED = bit - 1;
-
- /* Calculate the split number for this page */
- for (i = 0; (i < (unsigned)splitnum) && (bit > hashp->SPARES[i]); i++) {}
- offset = (i ? bit - hashp->SPARES[i - 1] : bit);
- if (offset >= SPLITMASK)
- return (0); /* Out of overflow pages */
- addr = OADDR_OF(i, offset);
-#ifdef DEBUG2
- (void)fprintf(stderr, "OVERFLOW_PAGE: ADDR: %d BIT: %d PAGE %d\n",
- addr, tmp1, tmp2);
-#endif
-
- /* Allocate and return the overflow page */
- return (addr);
-}
-
-/*
- * Mark this overflow page as free.
- */
-extern void
-__free_ovflpage(HTAB *hashp, BUFHEAD *obufp)
-{
- uint16 addr;
- uint32 *freep;
- uint32 bit_address, free_page, free_bit;
- uint16 ndx;
-
- if(!obufp || !obufp->addr)
- return;
-
- addr = obufp->addr;
-#ifdef DEBUG1
- (void)fprintf(stderr, "Freeing %d\n", addr);
-#endif
- ndx = (((uint16)addr) >> SPLITSHIFT);
- bit_address =
- (ndx ? hashp->SPARES[ndx - 1] : 0) + (addr & SPLITMASK) - 1;
- if (bit_address < (uint32)hashp->LAST_FREED)
- hashp->LAST_FREED = bit_address;
- free_page = (bit_address >> (hashp->BSHIFT + BYTE_SHIFT));
- free_bit = bit_address & ((hashp->BSIZE << BYTE_SHIFT) - 1);
-
- if (!(freep = hashp->mapp[free_page]))
- freep = fetch_bitmap(hashp, free_page);
-
-#ifdef DEBUG
- /*
- * This had better never happen. It means we tried to read a bitmap
- * that has already had overflow pages allocated off it, and we
- * failed to read it from the file.
- */
- if (!freep)
- {
- assert(0);
- return;
- }
-#endif
- CLRBIT(freep, free_bit);
-#ifdef DEBUG2
- (void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n",
- obufp->addr, free_bit, free_page);
-#endif
- __reclaim_buf(hashp, obufp);
-}
-
-/*
- * Returns:
- * 0 success
- * -1 failure
- */
-static int
-open_temp(HTAB *hashp)
-{
-#ifdef XP_OS2
- hashp->fp = mkstemp(NULL);
-#else
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- sigset_t set, oset;
-#endif
-#if !defined(macintosh)
- char * tmpdir;
- size_t len;
- char last;
-#endif
- static const char namestr[] = "/_hashXXXXXX";
- char filename[1024];
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- /* Block signals; make sure file goes away at process exit. */
- (void)sigfillset(&set);
- (void)sigprocmask(SIG_BLOCK, &set, &oset);
-#endif
-
- filename[0] = 0;
-#if defined(macintosh)
- strcat(filename, namestr + 1);
-#else
- tmpdir = getenv("TMP");
- if (!tmpdir)
- tmpdir = getenv("TMPDIR");
- if (!tmpdir)
- tmpdir = getenv("TEMP");
- if (!tmpdir)
- tmpdir = ".";
- len = strlen(tmpdir);
- if (len && len < (sizeof filename - sizeof namestr)) {
- strcpy(filename, tmpdir);
- }
- len = strlen(filename);
- last = tmpdir[len - 1];
- strcat(filename, (last == '/' || last == '\\') ? namestr + 1 : namestr);
-#endif
-
-#if defined(_WIN32) || defined(_WINDOWS)
- if ((hashp->fp = mkstempflags(filename, _O_BINARY|_O_TEMPORARY)) != -1) {
- if (hashp->filename) {
- free(hashp->filename);
- }
- hashp->filename = strdup(filename);
- hashp->is_temp = 1;
- }
-#else
- if ((hashp->fp = mkstemp(filename)) != -1) {
- (void)unlink(filename);
-#if !defined(macintosh)
- (void)fcntl(hashp->fp, F_SETFD, 1);
-#endif
- }
-#endif
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
- (void)sigprocmask(SIG_SETMASK, &oset, (sigset_t *)NULL);
-#endif
-#endif /* !OS2 */
- return (hashp->fp != -1 ? 0 : -1);
-}
-
-/*
- * We have to know that the key will fit, but the last entry on the page is
- * an overflow pair, so we need to shift things.
- */
-static void
-squeeze_key(uint16 *sp, const DBT * key, const DBT * val)
-{
- register char *p;
- uint16 free_space, n, off, pageno;
-
- p = (char *)sp;
- n = sp[0];
- free_space = FREESPACE(sp);
- off = OFFSET(sp);
-
- pageno = sp[n - 1];
- off -= key->size;
- sp[n - 1] = off;
- memmove(p + off, key->data, key->size);
- off -= val->size;
- sp[n] = off;
- memmove(p + off, val->data, val->size);
- sp[0] = n + 2;
- sp[n + 1] = pageno;
- sp[n + 2] = OVFLPAGE;
- FREESPACE(sp) = free_space - PAIRSIZE(key, val);
- OFFSET(sp) = off;
-}
-
-static uint32 *
-fetch_bitmap(HTAB *hashp, uint32 ndx)
-{
- if (ndx >= (unsigned)hashp->nmaps)
- return (NULL);
- if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL)
- return (NULL);
- if (__get_page(hashp,
- (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) {
- free(hashp->mapp[ndx]);
- hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */
- return (NULL);
- }
- return (hashp->mapp[ndx]);
-}
-
-#ifdef DEBUG4
-int
-print_chain(int addr)
-{
- BUFHEAD *bufp;
- short *bp, oaddr;
-
- (void)fprintf(stderr, "%d ", addr);
- bufp = __get_buf(hashp, addr, NULL, 0);
- bp = (short *)bufp->page;
- while (bp[0] && ((bp[bp[0]] == OVFLPAGE) ||
- ((bp[0] > 2) && bp[2] < REAL_KEY))) {
- oaddr = bp[bp[0] - 1];
- (void)fprintf(stderr, "%d ", (int)oaddr);
- bufp = __get_buf(hashp, (int)oaddr, bufp, 0);
- bp = (short *)bufp->page;
- }
- (void)fprintf(stderr, "\n");
-}
-#endif
diff --git a/dbm/src/hash.c b/dbm/src/hash.c
deleted file mode 100644
index 0058cf3d6e..0000000000
--- a/dbm/src/hash.c
+++ /dev/null
@@ -1,1179 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#if !defined(macintosh)
-#ifdef XP_OS2_EMX
-#include
-#endif
-#include
-#endif
-
-#if defined(macintosh)
-#include
-#include
-#endif
-
-#include
-#include
-#include
-#include
-#include
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include
-#endif
-#if defined(_WIN32) || defined(_WINDOWS)
-#include
-#endif
-
-#include
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-
-/*
-#include "extern.h"
-*/
-static int alloc_segs __P((HTAB *, int));
-static int flush_meta __P((HTAB *));
-static int hash_access __P((HTAB *, ACTION, DBT *, DBT *));
-static int hash_close __P((DB *));
-static int hash_delete __P((const DB *, const DBT *, uint));
-static int hash_fd __P((const DB *));
-static int hash_get __P((const DB *, const DBT *, DBT *, uint));
-static int hash_put __P((const DB *, DBT *, const DBT *, uint));
-static void *hash_realloc __P((SEGMENT **, size_t, size_t));
-static int hash_seq __P((const DB *, DBT *, DBT *, uint));
-static int hash_sync __P((const DB *, uint));
-static int hdestroy __P((HTAB *));
-static HTAB *init_hash __P((HTAB *, const char *, HASHINFO *));
-static int init_htab __P((HTAB *, int));
-#if BYTE_ORDER == LITTLE_ENDIAN
-static void swap_header __P((HTAB *));
-static void swap_header_copy __P((HASHHDR *, HASHHDR *));
-#endif
-
-/* Fast arithmetic, relying on powers of 2, */
-#define MOD(x, y) ((x) & ((y) - 1))
-
-#define RETURN_ERROR(ERR, LOC) { save_errno = ERR; goto LOC; }
-
-/* Return values */
-#define SUCCESS (0)
-#define DBM_ERROR (-1)
-#define ABNORMAL (1)
-
-#ifdef HASH_STATISTICS
-int hash_accesses, hash_collisions, hash_expansions, hash_overflows;
-#endif
-
-/* A new Lou (montulli@mozilla.com) routine.
- *
- * The database is screwed.
- *
- * This closes the file, flushing buffers as appropriate.
- */
-static void
-__remove_database(DB *dbp)
-{
- HTAB *hashp = (HTAB *)dbp->internal;
-
- assert(0);
-
- if (!hashp)
- return;
- hdestroy(hashp);
- dbp->internal = NULL;
-}
-
-/************************** INTERFACE ROUTINES ***************************/
-/* OPEN/CLOSE */
-
-
-extern DB *
-__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags)
-{
- HTAB *hashp=NULL;
- struct stat statbuf;
- DB *dbp;
- int bpages, hdrsize, new_table, nsegs, save_errno;
-
- if ((flags & O_ACCMODE) == O_WRONLY) {
- errno = EINVAL;
- return NULL;
- }
-
- /* zero the statbuffer so that
- * we can check it for a non-zero
- * date to see if stat succeeded
- */
- memset(&statbuf, 0, sizeof(struct stat));
-
- if (!(hashp = (HTAB *)calloc(1, sizeof(HTAB)))) {
- errno = ENOMEM;
- return NULL;
- }
- hashp->fp = NO_FILE;
- if(file)
- hashp->filename = strdup(file);
-
- /*
- * Even if user wants write only, we need to be able to read
- * the actual file, so we need to open it read/write. But, the
- * field in the hashp structure needs to be accurate so that
- * we can check accesses.
- */
- hashp->flags = flags;
-
- new_table = 0;
- if (!file || (flags & O_TRUNC) || (stat(file, &statbuf) && (errno == ENOENT)))
- {
- if (errno == ENOENT)
- errno = 0; /* Just in case someone looks at errno */
- new_table = 1;
- }
- else if(statbuf.st_mtime && statbuf.st_size == 0)
- {
- /* check for a zero length file and delete it
- * if it exists
- */
- new_table = 1;
- }
- hashp->file_size = statbuf.st_size;
-
- if (file) {
-#if defined(_WIN32) || defined(_WINDOWS) || defined (macintosh) || defined(XP_OS2)
- if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
- RETURN_ERROR(errno, error1);
-#else
- if ((hashp->fp = open(file, flags, mode)) == -1)
- RETURN_ERROR(errno, error1);
- (void)fcntl(hashp->fp, F_SETFD, 1);
-#endif
- }
- if (new_table) {
- if (!init_hash(hashp, file, (HASHINFO *)info))
- RETURN_ERROR(errno, error1);
- } else {
- /* Table already exists */
- if (info && info->hash)
- hashp->hash = info->hash;
- else
- hashp->hash = __default_hash;
-
- hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR));
- if (hdrsize == -1)
- RETURN_ERROR(errno, error1);
- if (hdrsize != sizeof(HASHHDR))
- RETURN_ERROR(EFTYPE, error1);
-#if BYTE_ORDER == LITTLE_ENDIAN
- swap_header(hashp);
-#endif
- /* Verify file type, versions and hash function */
- if (hashp->MAGIC != HASHMAGIC)
- RETURN_ERROR(EFTYPE, error1);
-#define OLDHASHVERSION 1
- if (hashp->VERSION != HASHVERSION &&
- hashp->VERSION != OLDHASHVERSION)
- RETURN_ERROR(EFTYPE, error1);
- if (hashp->hash(CHARKEY, sizeof(CHARKEY)) != hashp->H_CHARKEY)
- RETURN_ERROR(EFTYPE, error1);
- if (hashp->NKEYS < 0) /* Old bad database. */
- RETURN_ERROR(EFTYPE, error1);
-
- /*
- * Figure out how many segments we need. Max_Bucket is the
- * maximum bucket number, so the number of buckets is
- * max_bucket + 1.
- */
- nsegs = (hashp->MAX_BUCKET + 1 + hashp->SGSIZE - 1) /
- hashp->SGSIZE;
- hashp->nsegs = 0;
- if (alloc_segs(hashp, nsegs))
- /* If alloc_segs fails, errno will have been set. */
- RETURN_ERROR(errno, error1);
- /* Read in bitmaps */
- bpages = (hashp->SPARES[hashp->OVFL_POINT] +
- (hashp->BSIZE << BYTE_SHIFT) - 1) >>
- (hashp->BSHIFT + BYTE_SHIFT);
-
- hashp->nmaps = bpages;
- (void)memset(&hashp->mapp[0], 0, bpages * sizeof(uint32 *));
- }
-
- /* Initialize Buffer Manager */
- if (info && info->cachesize)
- __buf_init(hashp, (int32) info->cachesize);
- else
- __buf_init(hashp, DEF_BUFSIZE);
-
- hashp->new_file = new_table;
-#ifdef macintosh
- hashp->save_file = file && !(hashp->flags & O_RDONLY);
-#else
- hashp->save_file = file && (hashp->flags & O_RDWR);
-#endif
- hashp->cbucket = -1;
- if (!(dbp = (DB *)malloc(sizeof(DB)))) {
- RETURN_ERROR(ENOMEM, error1);
- }
- dbp->internal = hashp;
- dbp->close = hash_close;
- dbp->del = hash_delete;
- dbp->fd = hash_fd;
- dbp->get = hash_get;
- dbp->put = hash_put;
- dbp->seq = hash_seq;
- dbp->sync = hash_sync;
- dbp->type = DB_HASH;
-
-#ifdef HASH_STATISTICS
- hash_overflows = hash_accesses = hash_collisions = hash_expansions = 0;
-#endif
- return (dbp);
-
-error1:
- hdestroy(hashp);
- errno = save_errno;
- return (NULL);
-}
-
-static int
-hash_close(DB *dbp)
-{
- HTAB *hashp;
- int retval;
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- retval = hdestroy(hashp);
- free(dbp);
- return (retval);
-}
-
-static int hash_fd(const DB *dbp)
-{
- HTAB *hashp;
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- if (hashp->fp == -1) {
- errno = ENOENT;
- return (-1);
- }
- return (hashp->fp);
-}
-
-/************************** LOCAL CREATION ROUTINES **********************/
-static HTAB *
-init_hash(HTAB *hashp, const char *file, HASHINFO *info)
-{
- struct stat statbuf;
- int nelem;
-
- nelem = 1;
- hashp->NKEYS = 0;
- hashp->LORDER = BYTE_ORDER;
- hashp->BSIZE = DEF_BUCKET_SIZE;
- hashp->BSHIFT = DEF_BUCKET_SHIFT;
- hashp->SGSIZE = DEF_SEGSIZE;
- hashp->SSHIFT = DEF_SEGSIZE_SHIFT;
- hashp->DSIZE = DEF_DIRSIZE;
- hashp->FFACTOR = DEF_FFACTOR;
- hashp->hash = __default_hash;
- memset(hashp->SPARES, 0, sizeof(hashp->SPARES));
- memset(hashp->BITMAPS, 0, sizeof (hashp->BITMAPS));
-
- /* Fix bucket size to be optimal for file system */
- if (file != NULL) {
- if (stat(file, &statbuf))
- return (NULL);
-
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(VMS) && !defined(XP_OS2)
-#if defined(__QNX__) && !defined(__QNXNTO__)
- hashp->BSIZE = 512; /* preferred blk size on qnx4 */
-#else
- hashp->BSIZE = statbuf.st_blksize;
-#endif
-
- /* new code added by Lou to reduce block
- * size down below MAX_BSIZE
- */
- if (hashp->BSIZE > MAX_BSIZE)
- hashp->BSIZE = MAX_BSIZE;
-#endif
- hashp->BSHIFT = __log2((uint32)hashp->BSIZE);
- }
-
- if (info) {
- if (info->bsize) {
- /* Round pagesize up to power of 2 */
- hashp->BSHIFT = __log2(info->bsize);
- hashp->BSIZE = 1 << hashp->BSHIFT;
- if (hashp->BSIZE > MAX_BSIZE) {
- errno = EINVAL;
- return (NULL);
- }
- }
- if (info->ffactor)
- hashp->FFACTOR = info->ffactor;
- if (info->hash)
- hashp->hash = info->hash;
- if (info->nelem)
- nelem = info->nelem;
- if (info->lorder) {
- if (info->lorder != BIG_ENDIAN &&
- info->lorder != LITTLE_ENDIAN) {
- errno = EINVAL;
- return (NULL);
- }
- hashp->LORDER = info->lorder;
- }
- }
- /* init_htab sets errno if it fails */
- if (init_htab(hashp, nelem))
- return (NULL);
- else
- return (hashp);
-}
-/*
- * This calls alloc_segs which may run out of memory. Alloc_segs will
- * set errno, so we just pass the error information along.
- *
- * Returns 0 on No Error
- */
-static int
-init_htab(HTAB *hashp, int nelem)
-{
- register int nbuckets, nsegs;
- int l2;
-
- /*
- * Divide number of elements by the fill factor and determine a
- * desired number of buckets. Allocate space for the next greater
- * power of two number of buckets.
- */
- nelem = (nelem - 1) / hashp->FFACTOR + 1;
-
- l2 = __log2((uint32)PR_MAX(nelem, 2));
- nbuckets = 1 << l2;
-
- hashp->SPARES[l2] = l2 + 1;
- hashp->SPARES[l2 + 1] = l2 + 1;
- hashp->OVFL_POINT = l2;
- hashp->LAST_FREED = 2;
-
- /* First bitmap page is at: splitpoint l2 page offset 1 */
- if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0))
- return (-1);
-
- hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1;
- hashp->HIGH_MASK = (nbuckets << 1) - 1;
- hashp->HDRPAGES = ((PR_MAX(sizeof(HASHHDR), MINHDRSIZE) - 1) >>
- hashp->BSHIFT) + 1;
-
- nsegs = (nbuckets - 1) / hashp->SGSIZE + 1;
- nsegs = 1 << __log2((uint32)nsegs);
-
- if (nsegs > hashp->DSIZE)
- hashp->DSIZE = nsegs;
- return (alloc_segs(hashp, nsegs));
-}
-
-/********************** DESTROY/CLOSE ROUTINES ************************/
-
-/*
- * Flushes any changes to the file if necessary and destroys the hashp
- * structure, freeing all allocated space.
- */
-static int
-hdestroy(HTAB *hashp)
-{
- int i, save_errno;
-
- save_errno = 0;
-
-#ifdef HASH_STATISTICS
- (void)fprintf(stderr, "hdestroy: accesses %ld collisions %ld\n",
- hash_accesses, hash_collisions);
- (void)fprintf(stderr, "hdestroy: expansions %ld\n",
- hash_expansions);
- (void)fprintf(stderr, "hdestroy: overflows %ld\n",
- hash_overflows);
- (void)fprintf(stderr, "keys %ld maxp %d segmentcount %d\n",
- hashp->NKEYS, hashp->MAX_BUCKET, hashp->nsegs);
-
- for (i = 0; i < NCACHED; i++)
- (void)fprintf(stderr,
- "spares[%d] = %d\n", i, hashp->SPARES[i]);
-#endif
- /*
- * Call on buffer manager to free buffers, and if required,
- * write them to disk.
- */
- if (__buf_free(hashp, 1, hashp->save_file))
- save_errno = errno;
- if (hashp->dir) {
- free(*hashp->dir); /* Free initial segments */
- /* Free extra segments */
- while (hashp->exsegs--)
- free(hashp->dir[--hashp->nsegs]);
- free(hashp->dir);
- }
- if (flush_meta(hashp) && !save_errno)
- save_errno = errno;
- /* Free Bigmaps */
- for (i = 0; i < hashp->nmaps; i++)
- if (hashp->mapp[i])
- free(hashp->mapp[i]);
-
- if (hashp->fp != -1)
- (void)close(hashp->fp);
-
- if(hashp->filename) {
-#if defined(_WIN32) || defined(_WINDOWS) || defined(XP_OS2)
- if (hashp->is_temp)
- (void)unlink(hashp->filename);
-#endif
- free(hashp->filename);
- }
- if (hashp->tmp_buf)
- free(hashp->tmp_buf);
- if (hashp->tmp_key)
- free(hashp->tmp_key);
- free(hashp);
- if (save_errno) {
- errno = save_errno;
- return (DBM_ERROR);
- }
- return (SUCCESS);
-}
-
-#if defined(_WIN32) || defined(_WINDOWS)
-/*
- * Close and reopen file to force file length update on windows.
- *
- * Returns:
- * 0 == OK
- * -1 DBM_ERROR
- */
-static int
-update_EOF(HTAB *hashp)
-{
-#if defined(DBM_REOPEN_ON_FLUSH)
- char * file = hashp->filename;
- off_t file_size;
- int flags;
- int mode = -1;
- struct stat statbuf;
-
- memset(&statbuf, 0, sizeof statbuf);
-
- /* make sure we won't lose the file by closing it. */
- if (!file || (stat(file, &statbuf) && (errno == ENOENT))) {
- /* pretend we did it. */
- return 0;
- }
-
- (void)close(hashp->fp);
-
- flags = hashp->flags & ~(O_TRUNC | O_CREAT | O_EXCL);
-
- if ((hashp->fp = DBFILE_OPEN(file, flags | O_BINARY, mode)) == -1)
- return -1;
- file_size = lseek(hashp->fp, (off_t)0, SEEK_END);
- if (file_size == -1)
- return -1;
- hashp->file_size = file_size;
- return 0;
-#else
- int fd = hashp->fp;
- off_t file_size = lseek(fd, (off_t)0, SEEK_END);
- HANDLE handle = (HANDLE)_get_osfhandle(fd);
- BOOL cool = FlushFileBuffers(handle);
-#ifdef DEBUG3
- if (!cool) {
- DWORD err = GetLastError();
- (void)fprintf(stderr,
- "FlushFileBuffers failed, last error = %d, 0x%08x\n",
- err, err);
- }
-#endif
- if (file_size == -1)
- return -1;
- hashp->file_size = file_size;
- return cool ? 0 : -1;
-#endif
-}
-#endif
-
-/*
- * Write modified pages to disk
- *
- * Returns:
- * 0 == OK
- * -1 DBM_ERROR
- */
-static int
-hash_sync(const DB *dbp, uint flags)
-{
- HTAB *hashp;
-
- if (flags != 0) {
- errno = EINVAL;
- return (DBM_ERROR);
- }
-
- if (!dbp)
- return (DBM_ERROR);
-
- hashp = (HTAB *)dbp->internal;
- if(!hashp)
- return (DBM_ERROR);
-
- if (!hashp->save_file)
- return (0);
- if (__buf_free(hashp, 0, 1) || flush_meta(hashp))
- return (DBM_ERROR);
-#if defined(_WIN32) || defined(_WINDOWS)
- if (hashp->updateEOF && hashp->filename && !hashp->is_temp) {
- int status = update_EOF(hashp);
- hashp->updateEOF = 0;
- if (status)
- return status;
- }
-#endif
- hashp->new_file = 0;
- return (0);
-}
-
-/*
- * Returns:
- * 0 == OK
- * -1 indicates that errno should be set
- */
-static int
-flush_meta(HTAB *hashp)
-{
- HASHHDR *whdrp;
-#if BYTE_ORDER == LITTLE_ENDIAN
- HASHHDR whdr;
-#endif
- int fp, i, wsize;
-
- if (!hashp->save_file)
- return (0);
- hashp->MAGIC = HASHMAGIC;
- hashp->VERSION = HASHVERSION;
- hashp->H_CHARKEY = hashp->hash(CHARKEY, sizeof(CHARKEY));
-
- fp = hashp->fp;
- whdrp = &hashp->hdr;
-#if BYTE_ORDER == LITTLE_ENDIAN
- whdrp = &whdr;
- swap_header_copy(&hashp->hdr, whdrp);
-#endif
- if ((lseek(fp, (off_t)0, SEEK_SET) == -1) ||
- ((wsize = write(fp, (char*)whdrp, sizeof(HASHHDR))) == -1))
- return (-1);
- else
- if (wsize != sizeof(HASHHDR)) {
- errno = EFTYPE;
- hashp->dbmerrno = errno;
- return (-1);
- }
- for (i = 0; i < NCACHED; i++)
- if (hashp->mapp[i])
- if (__put_page(hashp, (char *)hashp->mapp[i],
- hashp->BITMAPS[i], 0, 1))
- return (-1);
- return (0);
-}
-
-/*******************************SEARCH ROUTINES *****************************/
-/*
- * All the access routines return
- *
- * Returns:
- * 0 on SUCCESS
- * 1 to indicate an external DBM_ERROR (i.e. key not found, etc)
- * -1 to indicate an internal DBM_ERROR (i.e. out of memory, etc)
- */
-static int
-hash_get(
- const DB *dbp,
- const DBT *key,
- DBT *data,
- uint flag)
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
-
- rv = hash_access(hashp, HASH_GET, (DBT *)key, data);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-static int
-hash_put(
- const DB *dbp,
- DBT *key,
- const DBT *data,
- uint flag)
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_NOOVERWRITE) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
- if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
- hashp->dbmerrno = errno = EPERM;
- return (DBM_ERROR);
- }
-
- rv = hash_access(hashp, flag == R_NOOVERWRITE ?
- HASH_PUTNEW : HASH_PUT, (DBT *)key, (DBT *)data);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-static int
-hash_delete(
- const DB *dbp,
- const DBT *key,
- uint flag) /* Ignored */
-{
- HTAB *hashp;
- int rv;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_CURSOR) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
- if ((hashp->flags & O_ACCMODE) == O_RDONLY) {
- hashp->dbmerrno = errno = EPERM;
- return (DBM_ERROR);
- }
- rv = hash_access(hashp, HASH_DELETE, (DBT *)key, NULL);
-
- if(rv == DATABASE_CORRUPTED_ERROR)
- {
-#if defined(unix) && defined(DEBUG)
- printf("\n\nDBM Database has been corrupted, tell Lou...\n\n");
-#endif
- __remove_database((DB *)dbp);
- }
-
- return(rv);
-}
-
-#define MAX_OVERFLOW_HASH_ACCESS_LOOPS 2000
-/*
- * Assume that hashp has been set in wrapper routine.
- */
-static int
-hash_access(
- HTAB *hashp,
- ACTION action,
- DBT *key, DBT *val)
-{
- register BUFHEAD *rbufp;
- BUFHEAD *bufp, *save_bufp;
- register uint16 *bp;
- register long n, ndx, off;
- register size_t size;
- register char *kp;
- uint16 pageno;
- uint32 ovfl_loop_count=0;
- int32 last_overflow_page_no = -1;
-
-#ifdef HASH_STATISTICS
- hash_accesses++;
-#endif
-
- off = hashp->BSIZE;
- size = key->size;
- kp = (char *)key->data;
- rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0);
- if (!rbufp)
- return (DATABASE_CORRUPTED_ERROR);
- save_bufp = rbufp;
-
- /* Pin the bucket chain */
- rbufp->flags |= BUF_PIN;
- for (bp = (uint16 *)rbufp->page, n = *bp++, ndx = 1; ndx < n;)
- {
-
- if (bp[1] >= REAL_KEY) {
- /* Real key/data pair */
- if (size == (unsigned long)(off - *bp) &&
- memcmp(kp, rbufp->page + *bp, size) == 0)
- goto found;
- off = bp[1];
-#ifdef HASH_STATISTICS
- hash_collisions++;
-#endif
- bp += 2;
- ndx += 2;
- } else if (bp[1] == OVFLPAGE) {
-
- /* database corruption: overflow loop detection */
- if(last_overflow_page_no == (int32)*bp)
- return (DATABASE_CORRUPTED_ERROR);
-
- last_overflow_page_no = *bp;
-
- rbufp = __get_buf(hashp, *bp, rbufp, 0);
- if (!rbufp) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
-
- ovfl_loop_count++;
- if(ovfl_loop_count > MAX_OVERFLOW_HASH_ACCESS_LOOPS)
- return (DATABASE_CORRUPTED_ERROR);
-
- /* FOR LOOP INIT */
- bp = (uint16 *)rbufp->page;
- n = *bp++;
- ndx = 1;
- off = hashp->BSIZE;
- } else if (bp[1] < REAL_KEY) {
- if ((ndx =
- __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0)
- goto found;
- if (ndx == -2) {
- bufp = rbufp;
- if (!(pageno =
- __find_last_page(hashp, &bufp))) {
- ndx = 0;
- rbufp = bufp;
- break; /* FOR */
- }
- rbufp = __get_buf(hashp, pageno, bufp, 0);
- if (!rbufp) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
- /* FOR LOOP INIT */
- bp = (uint16 *)rbufp->page;
- n = *bp++;
- ndx = 1;
- off = hashp->BSIZE;
- } else {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
-
- }
- }
- }
-
- /* Not found */
- switch (action) {
- case HASH_PUT:
- case HASH_PUTNEW:
- if (__addel(hashp, rbufp, key, val)) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- } else {
- save_bufp->flags &= ~BUF_PIN;
- return (SUCCESS);
- }
- case HASH_GET:
- case HASH_DELETE:
- default:
- save_bufp->flags &= ~BUF_PIN;
- return (ABNORMAL);
- }
-
-found:
- switch (action) {
- case HASH_PUTNEW:
- save_bufp->flags &= ~BUF_PIN;
- return (ABNORMAL);
- case HASH_GET:
- bp = (uint16 *)rbufp->page;
- if (bp[ndx + 1] < REAL_KEY) {
- if (__big_return(hashp, rbufp, ndx, val, 0))
- return (DBM_ERROR);
- } else {
- val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1];
- val->size = bp[ndx] - bp[ndx + 1];
- }
- break;
- case HASH_PUT:
- if ((__delpair(hashp, rbufp, ndx)) ||
- (__addel(hashp, rbufp, key, val))) {
- save_bufp->flags &= ~BUF_PIN;
- return (DBM_ERROR);
- }
- break;
- case HASH_DELETE:
- if (__delpair(hashp, rbufp, ndx))
- return (DBM_ERROR);
- break;
- default:
- abort();
- }
- save_bufp->flags &= ~BUF_PIN;
- return (SUCCESS);
-}
-
-static int
-hash_seq(
- const DB *dbp,
- DBT *key, DBT *data,
- uint flag)
-{
- register uint32 bucket;
- register BUFHEAD *bufp;
- HTAB *hashp;
- uint16 *bp, ndx;
-
- hashp = (HTAB *)dbp->internal;
- if (!hashp)
- return (DBM_ERROR);
-
- if (flag && flag != R_FIRST && flag != R_NEXT) {
- hashp->dbmerrno = errno = EINVAL;
- return (DBM_ERROR);
- }
-#ifdef HASH_STATISTICS
- hash_accesses++;
-#endif
- if ((hashp->cbucket < 0) || (flag == R_FIRST)) {
- hashp->cbucket = 0;
- hashp->cndx = 1;
- hashp->cpage = NULL;
- }
-
- for (bp = NULL; !bp || !bp[0]; ) {
- if (!(bufp = hashp->cpage)) {
- for (bucket = hashp->cbucket;
- bucket <= (uint32)hashp->MAX_BUCKET;
- bucket++, hashp->cndx = 1) {
- bufp = __get_buf(hashp, bucket, NULL, 0);
- if (!bufp)
- return (DBM_ERROR);
- hashp->cpage = bufp;
- bp = (uint16 *)bufp->page;
- if (bp[0])
- break;
- }
- hashp->cbucket = bucket;
- if (hashp->cbucket > hashp->MAX_BUCKET) {
- hashp->cbucket = -1;
- return (ABNORMAL);
- }
- } else
- bp = (uint16 *)hashp->cpage->page;
-
-#ifdef DEBUG
- assert(bp);
- assert(bufp);
-#endif
- while (bp[hashp->cndx + 1] == OVFLPAGE) {
- bufp = hashp->cpage =
- __get_buf(hashp, bp[hashp->cndx], bufp, 0);
- if (!bufp)
- return (DBM_ERROR);
- bp = (uint16 *)(bufp->page);
- hashp->cndx = 1;
- }
- if (!bp[0]) {
- hashp->cpage = NULL;
- ++hashp->cbucket;
- }
- }
- ndx = hashp->cndx;
- if (bp[ndx + 1] < REAL_KEY) {
- if (__big_keydata(hashp, bufp, key, data, 1))
- return (DBM_ERROR);
- } else {
- key->data = (uint8 *)hashp->cpage->page + bp[ndx];
- key->size = (ndx > 1 ? bp[ndx - 1] : hashp->BSIZE) - bp[ndx];
- data->data = (uint8 *)hashp->cpage->page + bp[ndx + 1];
- data->size = bp[ndx] - bp[ndx + 1];
- ndx += 2;
- if (ndx > bp[0]) {
- hashp->cpage = NULL;
- hashp->cbucket++;
- hashp->cndx = 1;
- } else
- hashp->cndx = ndx;
- }
- return (SUCCESS);
-}
-
-/********************************* UTILITIES ************************/
-
-/*
- * Returns:
- * 0 ==> OK
- * -1 ==> Error
- */
-extern int
-__expand_table(HTAB *hashp)
-{
- uint32 old_bucket, new_bucket;
- int new_segnum, spare_ndx;
- size_t dirsize;
-
-#ifdef HASH_STATISTICS
- hash_expansions++;
-#endif
- new_bucket = ++hashp->MAX_BUCKET;
- old_bucket = (hashp->MAX_BUCKET & hashp->LOW_MASK);
-
- new_segnum = new_bucket >> hashp->SSHIFT;
-
- /* Check if we need a new segment */
- if (new_segnum >= hashp->nsegs) {
- /* Check if we need to expand directory */
- if (new_segnum >= hashp->DSIZE) {
- /* Reallocate directory */
- dirsize = hashp->DSIZE * sizeof(SEGMENT *);
- if (!hash_realloc(&hashp->dir, dirsize, dirsize << 1))
- return (-1);
- hashp->DSIZE = dirsize << 1;
- }
- if ((hashp->dir[new_segnum] =
- (SEGMENT)calloc((size_t)hashp->SGSIZE, sizeof(SEGMENT))) == NULL)
- return (-1);
- hashp->exsegs++;
- hashp->nsegs++;
- }
- /*
- * If the split point is increasing (MAX_BUCKET's log base 2
- * * increases), we need to copy the current contents of the spare
- * split bucket to the next bucket.
- */
- spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1));
- if (spare_ndx > hashp->OVFL_POINT) {
- hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT];
- hashp->OVFL_POINT = spare_ndx;
- }
-
- if (new_bucket > (uint32)hashp->HIGH_MASK) {
- /* Starting a new doubling */
- hashp->LOW_MASK = hashp->HIGH_MASK;
- hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK;
- }
- /* Relocate records to the new bucket */
- return (__split_page(hashp, old_bucket, new_bucket));
-}
-
-/*
- * If realloc guarantees that the pointer is not destroyed if the realloc
- * fails, then this routine can go away.
- */
-static void *
-hash_realloc(
- SEGMENT **p_ptr,
- size_t oldsize, size_t newsize)
-{
- register void *p;
-
- if ((p = malloc(newsize))) {
- memmove(p, *p_ptr, oldsize);
- memset((char *)p + oldsize, 0, newsize - oldsize);
- free(*p_ptr);
- *p_ptr = (SEGMENT *)p;
- }
- return (p);
-}
-
-extern uint32
-__call_hash(HTAB *hashp, char *k, size_t len)
-{
- uint32 n, bucket;
-
- n = hashp->hash(k, len);
- bucket = n & hashp->HIGH_MASK;
- if (bucket > (uint32)hashp->MAX_BUCKET)
- bucket = bucket & hashp->LOW_MASK;
- return (bucket);
-}
-
-/*
- * Allocate segment table. On error, set errno.
- *
- * Returns 0 on success
- */
-static int
-alloc_segs(
- HTAB *hashp,
- int nsegs)
-{
- register int i;
- register SEGMENT store;
-
- if ((hashp->dir =
- (SEGMENT *)calloc((size_t)hashp->DSIZE, sizeof(SEGMENT *))) == NULL) {
- errno = ENOMEM;
- return (-1);
- }
- /* Allocate segments */
- if ((store =
- (SEGMENT)calloc((size_t)nsegs << hashp->SSHIFT, sizeof(SEGMENT))) == NULL) {
- errno = ENOMEM;
- return (-1);
- }
- for (i = 0; i < nsegs; i++, hashp->nsegs++)
- hashp->dir[i] = &store[i << hashp->SSHIFT];
- return (0);
-}
-
-#if BYTE_ORDER == LITTLE_ENDIAN
-/*
- * Hashp->hdr needs to be byteswapped.
- */
-static void
-swap_header_copy(
- HASHHDR *srcp, HASHHDR *destp)
-{
- int i;
-
- P_32_COPY(srcp->magic, destp->magic);
- P_32_COPY(srcp->version, destp->version);
- P_32_COPY(srcp->lorder, destp->lorder);
- P_32_COPY(srcp->bsize, destp->bsize);
- P_32_COPY(srcp->bshift, destp->bshift);
- P_32_COPY(srcp->dsize, destp->dsize);
- P_32_COPY(srcp->ssize, destp->ssize);
- P_32_COPY(srcp->sshift, destp->sshift);
- P_32_COPY(srcp->ovfl_point, destp->ovfl_point);
- P_32_COPY(srcp->last_freed, destp->last_freed);
- P_32_COPY(srcp->max_bucket, destp->max_bucket);
- P_32_COPY(srcp->high_mask, destp->high_mask);
- P_32_COPY(srcp->low_mask, destp->low_mask);
- P_32_COPY(srcp->ffactor, destp->ffactor);
- P_32_COPY(srcp->nkeys, destp->nkeys);
- P_32_COPY(srcp->hdrpages, destp->hdrpages);
- P_32_COPY(srcp->h_charkey, destp->h_charkey);
- for (i = 0; i < NCACHED; i++) {
- P_32_COPY(srcp->spares[i], destp->spares[i]);
- P_16_COPY(srcp->bitmaps[i], destp->bitmaps[i]);
- }
-}
-
-static void
-swap_header(HTAB *hashp)
-{
- HASHHDR *hdrp;
- int i;
-
- hdrp = &hashp->hdr;
-
- M_32_SWAP(hdrp->magic);
- M_32_SWAP(hdrp->version);
- M_32_SWAP(hdrp->lorder);
- M_32_SWAP(hdrp->bsize);
- M_32_SWAP(hdrp->bshift);
- M_32_SWAP(hdrp->dsize);
- M_32_SWAP(hdrp->ssize);
- M_32_SWAP(hdrp->sshift);
- M_32_SWAP(hdrp->ovfl_point);
- M_32_SWAP(hdrp->last_freed);
- M_32_SWAP(hdrp->max_bucket);
- M_32_SWAP(hdrp->high_mask);
- M_32_SWAP(hdrp->low_mask);
- M_32_SWAP(hdrp->ffactor);
- M_32_SWAP(hdrp->nkeys);
- M_32_SWAP(hdrp->hdrpages);
- M_32_SWAP(hdrp->h_charkey);
- for (i = 0; i < NCACHED; i++) {
- M_32_SWAP(hdrp->spares[i]);
- M_16_SWAP(hdrp->bitmaps[i]);
- }
-}
-#endif
diff --git a/dbm/src/hash_buf.c b/dbm/src/hash_buf.c
deleted file mode 100644
index d1193de6fb..0000000000
--- a/dbm/src/hash_buf.c
+++ /dev/null
@@ -1,414 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * PACKAGE: hash
- *
- * DESCRIPTION:
- * Contains buffer management
- *
- * ROUTINES:
- * External
- * __buf_init
- * __get_buf
- * __buf_free
- * __reclaim_buf
- * Internal
- * newbuf
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#include
-#include
-#include
-#include
-#include
-
-#ifdef DEBUG
-#include
-#endif
-
-#include "mcom_db.h"
-#include "hash.h"
-#include "page.h"
-/* #include "extern.h" */
-
-static BUFHEAD *newbuf __P((HTAB *, uint32, BUFHEAD *));
-
-/* Unlink B from its place in the lru */
-#define BUF_REMOVE(B) { \
- (B)->prev->next = (B)->next; \
- (B)->next->prev = (B)->prev; \
-}
-
-/* Insert B after P */
-#define BUF_INSERT(B, P) { \
- (B)->next = (P)->next; \
- (B)->prev = (P); \
- (P)->next = (B); \
- (B)->next->prev = (B); \
-}
-
-#define MRU hashp->bufhead.next
-#define LRU hashp->bufhead.prev
-
-#define MRU_INSERT(B) BUF_INSERT((B), &hashp->bufhead)
-#define LRU_INSERT(B) BUF_INSERT((B), LRU)
-
-/*
- * We are looking for a buffer with address "addr". If prev_bp is NULL, then
- * address is a bucket index. If prev_bp is not NULL, then it points to the
- * page previous to an overflow page that we are trying to find.
- *
- * CAVEAT: The buffer header accessed via prev_bp's ovfl field may no longer
- * be valid. Therefore, you must always verify that its address matches the
- * address you are seeking.
- */
-extern BUFHEAD *
-__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage)
-/* If prev_bp set, indicates a new overflow page. */
-{
- register BUFHEAD *bp;
- register uint32 is_disk_mask;
- register int is_disk, segment_ndx = 0;
- SEGMENT segp = 0;
-
- is_disk = 0;
- is_disk_mask = 0;
- if (prev_bp) {
- bp = prev_bp->ovfl;
- if (!bp || (bp->addr != addr))
- bp = NULL;
- if (!newpage)
- is_disk = BUF_DISK;
- } else {
- /* Grab buffer out of directory */
- segment_ndx = addr & (hashp->SGSIZE - 1);
-
- /* valid segment ensured by __call_hash() */
- segp = hashp->dir[addr >> hashp->SSHIFT];
-#ifdef DEBUG
- assert(segp != NULL);
-#endif
-
- bp = PTROF(segp[segment_ndx]);
-
- is_disk_mask = ISDISK(segp[segment_ndx]);
- is_disk = is_disk_mask || !hashp->new_file;
- }
-
- if (!bp) {
- bp = newbuf(hashp, addr, prev_bp);
- if (!bp)
- return(NULL);
- if(__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0))
- {
- /* free bp and its page */
- if(prev_bp)
- {
- /* if prev_bp is set then the new page that
- * failed is hooked onto prev_bp as an overflow page.
- * if we don't remove the pointer to the bad page
- * we may try and access it later and we will die
- * horribly because it will have already been
- * free'd and overwritten with bogus data.
- */
- prev_bp->ovfl = NULL;
- }
- BUF_REMOVE(bp);
- free(bp->page);
- free(bp);
- return (NULL);
- }
-
- if (!prev_bp)
- {
-#if 0
- /* 16 bit windows and mac can't handle the
- * oring of the is disk flag.
- */
- segp[segment_ndx] =
- (BUFHEAD *)((ptrdiff_t)bp | is_disk_mask);
-#else
- /* set the is_disk thing inside the structure
- */
- bp->is_disk = is_disk_mask;
- segp[segment_ndx] = bp;
-#endif
- }
- } else {
- BUF_REMOVE(bp);
- MRU_INSERT(bp);
- }
- return (bp);
-}
-
-/*
- * We need a buffer for this page. Either allocate one, or evict a resident
- * one (if we have as many buffers as we're allowed) and put this one in.
- *
- * If newbuf finds an error (returning NULL), it also sets errno.
- */
-static BUFHEAD *
-newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp)
-{
- register BUFHEAD *bp; /* The buffer we're going to use */
- register BUFHEAD *xbp; /* Temp pointer */
- register BUFHEAD *next_xbp;
- SEGMENT segp;
- int segment_ndx;
- uint16 oaddr, *shortp;
-
- oaddr = 0;
- bp = LRU;
- /*
- * If LRU buffer is pinned, the buffer pool is too small. We need to
- * allocate more buffers.
- */
- if (hashp->nbufs || (bp->flags & BUF_PIN)) {
- /* Allocate a new one */
- if ((bp = (BUFHEAD *)malloc(sizeof(BUFHEAD))) == NULL)
- return (NULL);
-
- /* this memset is supposedly unnecessary but lets add
- * it anyways.
- */
- memset(bp, 0xff, sizeof(BUFHEAD));
-
- if ((bp->page = (char *)malloc((size_t)hashp->BSIZE)) == NULL) {
- free(bp);
- return (NULL);
- }
-
- /* this memset is supposedly unnecessary but lets add
- * it anyways.
- */
- memset(bp->page, 0xff, (size_t)hashp->BSIZE);
-
- if (hashp->nbufs)
- hashp->nbufs--;
- } else {
- /* Kick someone out */
- BUF_REMOVE(bp);
- /*
- * If this is an overflow page with addr 0, it's already been
- * flushed back in an overflow chain and initialized.
- */
- if ((bp->addr != 0) || (bp->flags & BUF_BUCKET)) {
- /*
- * Set oaddr before __put_page so that you get it
- * before bytes are swapped.
- */
- shortp = (uint16 *)bp->page;
- if (shortp[0])
- {
- if(shortp[0] > (hashp->BSIZE / sizeof(uint16)))
- {
- return(NULL);
- }
- oaddr = shortp[shortp[0] - 1];
- }
- if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page,
- bp->addr, (int)IS_BUCKET(bp->flags), 0))
- return (NULL);
- /*
- * Update the pointer to this page (i.e. invalidate it).
- *
- * If this is a new file (i.e. we created it at open
- * time), make sure that we mark pages which have been
- * written to disk so we retrieve them from disk later,
- * rather than allocating new pages.
- */
- if (IS_BUCKET(bp->flags)) {
- segment_ndx = bp->addr & (hashp->SGSIZE - 1);
- segp = hashp->dir[bp->addr >> hashp->SSHIFT];
-#ifdef DEBUG
- assert(segp != NULL);
-#endif
-
- if (hashp->new_file &&
- ((bp->flags & BUF_MOD) ||
- ISDISK(segp[segment_ndx])))
- segp[segment_ndx] = (BUFHEAD *)BUF_DISK;
- else
- segp[segment_ndx] = NULL;
- }
- /*
- * Since overflow pages can only be access by means of
- * their bucket, free overflow pages associated with
- * this bucket.
- */
- for (xbp = bp; xbp->ovfl;) {
- next_xbp = xbp->ovfl;
- xbp->ovfl = 0;
- xbp = next_xbp;
-
- /* leave pinned pages alone, we are still using
- * them. */
- if (xbp->flags & BUF_PIN) {
- continue;
- }
-
- /* Check that ovfl pointer is up date. */
- if (IS_BUCKET(xbp->flags) ||
- (oaddr != xbp->addr))
- break;
-
- shortp = (uint16 *)xbp->page;
- if (shortp[0])
- {
- /* LJM is the number of reported
- * pages way too much?
- */
- if(shortp[0] > hashp->BSIZE/sizeof(uint16))
- return NULL;
- /* set before __put_page */
- oaddr = shortp[shortp[0] - 1];
- }
- if ((xbp->flags & BUF_MOD) && __put_page(hashp,
- xbp->page, xbp->addr, 0, 0))
- return (NULL);
- xbp->addr = 0;
- xbp->flags = 0;
- BUF_REMOVE(xbp);
- LRU_INSERT(xbp);
- }
- }
- }
-
- /* Now assign this buffer */
- bp->addr = addr;
-#ifdef DEBUG1
- (void)fprintf(stderr, "NEWBUF1: %d->ovfl was %d is now %d\n",
- bp->addr, (bp->ovfl ? bp->ovfl->addr : 0), 0);
-#endif
- bp->ovfl = NULL;
- if (prev_bp) {
- /*
- * If prev_bp is set, this is an overflow page, hook it in to
- * the buffer overflow links.
- */
-#ifdef DEBUG1
- (void)fprintf(stderr, "NEWBUF2: %d->ovfl was %d is now %d\n",
- prev_bp->addr, (prev_bp->ovfl ? bp->ovfl->addr : 0),
- (bp ? bp->addr : 0));
-#endif
- prev_bp->ovfl = bp;
- bp->flags = 0;
- } else
- bp->flags = BUF_BUCKET;
- MRU_INSERT(bp);
- return (bp);
-}
-
-extern void __buf_init(HTAB *hashp, int32 nbytes)
-{
- BUFHEAD *bfp;
- int npages;
-
- bfp = &(hashp->bufhead);
- npages = (nbytes + hashp->BSIZE - 1) >> hashp->BSHIFT;
- npages = PR_MAX(npages, MIN_BUFFERS);
-
- hashp->nbufs = npages;
- bfp->next = bfp;
- bfp->prev = bfp;
- /*
- * This space is calloc'd so these are already null.
- *
- * bfp->ovfl = NULL;
- * bfp->flags = 0;
- * bfp->page = NULL;
- * bfp->addr = 0;
- */
-}
-
-extern int
-__buf_free(HTAB *hashp, int do_free, int to_disk)
-{
- BUFHEAD *bp;
- int status = -1;
-
- /* Need to make sure that buffer manager has been initialized */
- if (!LRU)
- return (0);
- for (bp = LRU; bp != &hashp->bufhead;) {
- /* Check that the buffer is valid */
- if (bp->addr || IS_BUCKET(bp->flags)) {
- if (to_disk && (bp->flags & BUF_MOD) &&
- (status = __put_page(hashp, bp->page,
- bp->addr, IS_BUCKET(bp->flags), 0))) {
-
- if (do_free) {
- if (bp->page)
- free(bp->page);
- BUF_REMOVE(bp);
- free(bp);
- }
-
- return (status);
- }
- }
- /* Check if we are freeing stuff */
- if (do_free) {
- if (bp->page)
- free(bp->page);
- BUF_REMOVE(bp);
- free(bp);
- bp = LRU;
- } else
- bp = bp->prev;
- }
- return (0);
-}
-
-extern void
-__reclaim_buf(HTAB *hashp, BUFHEAD *bp)
-{
- bp->ovfl = 0;
- bp->addr = 0;
- bp->flags = 0;
- BUF_REMOVE(bp);
- LRU_INSERT(bp);
-}
diff --git a/dbm/src/hsearch.c b/dbm/src/hsearch.c
deleted file mode 100644
index fb8a58bad2..0000000000
--- a/dbm/src/hsearch.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)hsearch.c 8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifndef macintosh
-#include
-#endif
-
-#include
-#include
-
-#include "mcom_db.h"
-#include "hsearch.h"
-
-static DB *dbp = NULL;
-static ENTRY retval;
-
-extern int
-hcreate(uint nel)
-{
- HASHINFO info;
-
- info.nelem = nel;
- info.bsize = 256;
- info.ffactor = 8;
- info.cachesize = 0;
- info.hash = NULL;
- info.lorder = 0;
- dbp = (DB *)__hash_open(NULL, O_CREAT | O_RDWR, 0600, &info, 0);
- return ((int)dbp);
-}
-
-extern ENTRY *
-hsearch(ENTRY item, ACTION action)
-{
- DBT key, val;
- int status;
-
- if (!dbp)
- return (NULL);
- key.data = (uint8 *)item.key;
- key.size = strlen(item.key) + 1;
-
- if (action == ENTER) {
- val.data = (uint8 *)item.data;
- val.size = strlen(item.data) + 1;
- status = (dbp->put)(dbp, &key, &val, R_NOOVERWRITE);
- if (status)
- return (NULL);
- } else {
- /* FIND */
- status = (dbp->get)(dbp, &key, &val, 0);
- if (status)
- return (NULL);
- else
- item.data = (char *)val.data;
- }
- retval.key = item.key;
- retval.data = item.data;
- return (&retval);
-}
-
-extern void
-hdestroy()
-{
- if (dbp) {
- (void)(dbp->close)(dbp);
- dbp = NULL;
- }
-}
diff --git a/dbm/src/memmove.c b/dbm/src/memmove.c
deleted file mode 100644
index 70eb1e5d24..0000000000
--- a/dbm/src/memmove.c
+++ /dev/null
@@ -1,150 +0,0 @@
-#if defined(__sun) && !defined(__SVR4)
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Chris Torek.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include
-#else
-#include "cdefs.h"
-#endif
-#include
-
-/*
- * sizeof(word) MUST BE A POWER OF TWO
- * SO THAT wmask BELOW IS ALL ONES
- */
-typedef int word; /* "word" used for optimal copy speed */
-
-#define wsize sizeof(word)
-#define wmask (wsize - 1)
-
-/*
- * Copy a block of memory, handling overlap.
- * This is the routine that actually implements
- * (the portable versions of) bcopy, memcpy, and memmove.
- */
-#ifdef MEMCOPY
-void *
-memcpy(dst0, src0, length)
-#else
-#ifdef MEMMOVE
-void *
-memmove(dst0, src0, length)
-#else
-void
-bcopy(src0, dst0, length)
-#endif
-#endif
- void *dst0;
- const void *src0;
- register size_t length;
-{
- register char *dst = dst0;
- register const char *src = src0;
- register size_t t;
-
- if (length == 0 || dst == src) /* nothing to do */
- goto done;
-
- /*
- * Macros: loop-t-times; and loop-t-times, t>0
- */
-#define TLOOP(s) if (t) TLOOP1(s)
-#define TLOOP1(s) do { s; } while (--t)
-
- if ((unsigned long)dst < (unsigned long)src) {
- /*
- * Copy forward.
- */
- t = (int)src; /* only need low bits */
- if ((t | (int)dst) & wmask) {
- /*
- * Try to align operands. This cannot be done
- * unless the low bits match.
- */
- if ((t ^ (int)dst) & wmask || length < wsize)
- t = length;
- else
- t = wsize - (t & wmask);
- length -= t;
- TLOOP1(*dst++ = *src++);
- }
- /*
- * Copy whole words, then mop up any trailing bytes.
- */
- t = length / wsize;
- TLOOP(*(word *)dst = *(word *)src; src += wsize; dst += wsize);
- t = length & wmask;
- TLOOP(*dst++ = *src++);
- } else {
- /*
- * Copy backwards. Otherwise essentially the same.
- * Alignment works as before, except that it takes
- * (t&wmask) bytes to align, not wsize-(t&wmask).
- */
- src += length;
- dst += length;
- t = (int)src;
- if ((t | (int)dst) & wmask) {
- if ((t ^ (int)dst) & wmask || length <= wsize)
- t = length;
- else
- t &= wmask;
- length -= t;
- TLOOP1(*--dst = *--src);
- }
- t = length / wsize;
- TLOOP(src -= wsize; dst -= wsize; *(word *)dst = *(word *)src);
- t = length & wmask;
- TLOOP(*--dst = *--src);
- }
-done:
-#if defined(MEMCOPY) || defined(MEMMOVE)
- return (dst0);
-#else
- return;
-#endif
-}
-#endif /* no __sgi */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/mktemp.c b/dbm/src/mktemp.c
deleted file mode 100644
index 78cbc9edb3..0000000000
--- a/dbm/src/mktemp.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * Copyright (c) 1987, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#ifdef macintosh
-#include
-#else
-#include
-#include
-#endif
-#include
-#include
-#include
-#include
-#include "mcom_db.h"
-
-#if !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#ifdef XP_OS2_VACPP
-#include
-#endif
-
-#ifdef _WINDOWS
-#include
-#include "winfile.h"
-#endif
-
-static int _gettemp(char *path, register int *doopen, int extraFlags);
-
-int
-mkstemp(char *path)
-{
-#ifdef XP_OS2
- FILE *temp = tmpfile();
-
- return (temp ? fileno(temp) : -1);
-#else
- int fd;
-
- return (_gettemp(path, &fd, 0) ? fd : -1);
-#endif
-}
-
-int
-mkstempflags(char *path, int extraFlags)
-{
- int fd;
-
- return (_gettemp(path, &fd, extraFlags) ? fd : -1);
-}
-
-char *
-mktemp(char *path)
-{
- return(_gettemp(path, (int *)NULL, 0) ? path : (char *)NULL);
-}
-
-/* NB: This routine modifies its input string, and does not always restore it.
-** returns 1 on success, 0 on failure.
-*/
-static int
-_gettemp(char *path, register int *doopen, int extraFlags)
-{
-#if !defined(_WINDOWS) || defined(_WIN32)
- extern int errno;
-#endif
- register char *start, *trv;
- struct stat sbuf;
- unsigned int pid;
-
- pid = getpid();
- for (trv = path; *trv; ++trv); /* extra X's get set to 0's */
- while (*--trv == 'X') {
- *trv = (pid % 10) + '0';
- pid /= 10;
- }
-
- /*
- * check the target directory; if you have six X's and it
- * doesn't exist this runs for a *very* long time.
- */
- for (start = trv + 1;; --trv) {
- char saved;
- if (trv <= path)
- break;
- saved = *trv;
- if (saved == '/' || saved == '\\') {
- int rv;
- *trv = '\0';
- rv = stat(path, &sbuf);
- *trv = saved;
- if (rv)
- return(0);
- if (!S_ISDIR(sbuf.st_mode)) {
- errno = ENOTDIR;
- return(0);
- }
- break;
- }
- }
-
- for (;;) {
- if (doopen) {
- if ((*doopen =
- open(path, O_CREAT|O_EXCL|O_RDWR|extraFlags, 0600)) >= 0)
- return(1);
- if (errno != EEXIST)
- return(0);
- }
- else if (stat(path, &sbuf))
- return(errno == ENOENT ? 1 : 0);
-
- /* tricky little algorithm for backward compatibility */
- for (trv = start;;) {
- if (!*trv)
- return(0);
- if (*trv == 'z')
- *trv++ = 'a';
- else {
- if (isdigit(*trv))
- *trv = 'a';
- else
- ++*trv;
- break;
- }
- }
- }
- /*NOTREACHED*/
-}
diff --git a/dbm/src/ndbm.c b/dbm/src/ndbm.c
deleted file mode 100644
index ca008de0c3..0000000000
--- a/dbm/src/ndbm.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * This code is derived from software contributed to Berkeley by
- * Margo Seltzer.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)ndbm.c 8.4 (Berkeley) 7/21/94";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-/*
- * This package provides a dbm compatible interface to the new hashing
- * package described in db(3).
- */
-#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(XP_OS2_VACPP)
-#include
-#endif
-
-#if defined(__linux)
-#include
-#endif
-
-#include
-#include
-
-#include "ndbm.h"
-#include "hash.h"
-
-/*
- * Returns:
- * *DBM on success
- * NULL on failure
- */
-extern DBM *
-dbm_open(const char *file, int flags, int mode)
-{
- HASHINFO info;
- char path[MAXPATHLEN];
-
- info.bsize = 4096;
- info.ffactor = 40;
- info.nelem = 1;
- info.cachesize = 0;
- info.hash = NULL;
- info.lorder = 0;
- (void)strcpy(path, file);
- (void)strcat(path, DBM_SUFFIX);
- return ((DBM *)__hash_open(path, flags, mode, &info, 0));
-}
-
-extern void
-dbm_close(DBM *db)
-{
- (void)(db->close)(db);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_fetch(DBM *db, datum key)
-{
- datum retval;
- int status;
-
- status = (db->get)(db, (DBT *)&key, (DBT *)&retval, 0);
- if (status) {
- retval.dptr = NULL;
- retval.dsize = 0;
- }
- return (retval);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_firstkey(DBM *db)
-{
- int status;
- datum retdata, retkey;
-
- status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_FIRST);
- if (status)
- retkey.dptr = NULL;
- return (retkey);
-}
-
-/*
- * Returns:
- * DATUM on success
- * NULL on failure
- */
-extern datum
-dbm_nextkey(DBM *db)
-{
- int status;
- datum retdata, retkey;
-
- status = (db->seq)(db, (DBT *)&retkey, (DBT *)&retdata, R_NEXT);
- if (status)
- retkey.dptr = NULL;
- return (retkey);
-}
-/*
- * Returns:
- * 0 on success
- * <0 failure
- */
-extern int
-dbm_delete(DBM *db, datum key)
-{
- int status;
-
- status = (db->del)(db, (DBT *)&key, 0);
- if (status)
- return (-1);
- else
- return (0);
-}
-
-/*
- * Returns:
- * 0 on success
- * <0 failure
- * 1 if DBM_INSERT and entry exists
- */
-extern int
-dbm_store(DBM *db, datum key, datum content, int flags)
-{
- return ((db->put)(db, (DBT *)&key, (DBT *)&content,
- (flags == DBM_INSERT) ? R_NOOVERWRITE : 0));
-}
-
-
-extern int
-dbm_error(DBM *db)
-{
- HTAB *hp;
-
- hp = (HTAB *)db->internal;
- return (hp->dbmerrno);
-}
-
-extern int
-dbm_clearerr(DBM *db)
-{
- HTAB *hp;
-
- hp = (HTAB *)db->internal;
- hp->dbmerrno = 0;
- return (0);
-}
-
-extern int
-dbm_dirfno(DBM *db)
-{
- return(((HTAB *)db->internal)->fp);
-}
diff --git a/dbm/src/nsres.c b/dbm/src/nsres.c
deleted file mode 100644
index 4b4dae4a22..0000000000
--- a/dbm/src/nsres.c
+++ /dev/null
@@ -1,305 +0,0 @@
-#include "watcomfx.h"
-
-#include "nsres.h"
-
-#include
-
-#include
-
-#include
-
-struct RESDATABASE
-{
- DB *hdb;
- NSRESTHREADINFO *threadinfo;
- char * pbuf[MAXBUFNUM];
-} ;
-typedef struct RESDATABASE * RESHANDLE;
-
-typedef struct STRINGDATA
-{
- char *str;
- unsigned int charsetid;
-} STRINGDATA;
-
-
-typedef unsigned int CHARSETTYPE;
-#define RES_LOCK if (hres->threadinfo) hres->threadinfo->fn_lock(hres->threadinfo->lock);
-#define RES_UNLOCK if (hres->threadinfo) hres->threadinfo->fn_unlock(hres->threadinfo->lock);
-
-int GenKeyData(const char *library, int32 id, DBT *key);
-
-/*
- Right now, the page size used for resource is same as for Navigator cache
- database
- */
-HASHINFO res_hash_info = {
- 32*1024,
- 0,
- 0,
- 0,
- 0, /* 64 * 1024U */
- 0};
-
-int GenKeyData(const char *library, int32 id, DBT *key)
-{
- char idstr[10];
- static char * strdata = NULL;
- size_t len;
-
- if (strdata)
- free (strdata);
-
- if (id == 0)
- idstr[0] = '\0';
- else
- {
- sprintf(idstr, "%d", id);
- /* itoa(id, idstr, 10); */
- }
-
- if (library == NULL)
- len = strlen(idstr) + 1;
- else
- len = strlen(library) + strlen(idstr) + 1;
- strdata = (char *) malloc (len);
- strcpy(strdata, library);
- strcat(strdata, idstr);
-
- key->size = len;
- key->data = strdata;
-
- return 1;
-}
-
-NSRESHANDLE NSResCreateTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
- RESHANDLE hres;
- int flag;
-
- flag = O_RDWR | O_CREAT;
-
- hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) );
-
- if (threadinfo && threadinfo->lock && threadinfo->fn_lock
- && threadinfo->fn_unlock)
- {
- hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
- hres->threadinfo->lock = threadinfo->lock;
- hres->threadinfo->fn_lock = threadinfo->fn_lock;
- hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
- }
-
-
- RES_LOCK
-
- hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
- RES_UNLOCK
-
- if(!hres->hdb)
- return NULL;
-
- return (NSRESHANDLE) hres;
-}
-
-NSRESHANDLE NSResOpenTable(const char *filename, NSRESTHREADINFO *threadinfo)
-{
- RESHANDLE hres;
- int flag;
-
- flag = O_RDONLY; /* only open database for reading */
-
- hres = (RESHANDLE) calloc ( 1, sizeof(struct RESDATABASE) );
-
- if (threadinfo && threadinfo->lock && threadinfo->fn_lock
- && threadinfo->fn_unlock)
- {
- hres->threadinfo = (NSRESTHREADINFO *) malloc( sizeof(NSRESTHREADINFO) );
- hres->threadinfo->lock = threadinfo->lock;
- hres->threadinfo->fn_lock = threadinfo->fn_lock;
- hres->threadinfo->fn_unlock = threadinfo->fn_unlock;
- }
-
-
- RES_LOCK
-
- hres->hdb = dbopen(filename, flag, 0644, DB_HASH, &res_hash_info);
-
- RES_UNLOCK
-
- if(!hres->hdb)
- return NULL;
-
- return (NSRESHANDLE) hres;
-}
-
-
-
-void NSResCloseTable(NSRESHANDLE handle)
-{
- RESHANDLE hres;
- int i;
-
- if (handle == NULL)
- return;
- hres = (RESHANDLE) handle;
-
- RES_LOCK
-
- (*hres->hdb->sync)(hres->hdb, 0);
- (*hres->hdb->close)(hres->hdb);
-
- RES_UNLOCK
-
- for (i = 0; i < MAXBUFNUM; i++)
- {
- if (hres->pbuf[i])
- free (hres->pbuf[i]);
- }
-
- if (hres->threadinfo)
- free (hres->threadinfo);
- free (hres);
-}
-
-
-char *NSResLoadString(NSRESHANDLE handle, const char * library, int32 id,
- unsigned int charsetid, char *retbuf)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return NULL;
-
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- if (retbuf)
- {
- memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
- return retbuf;
- }
- else
- {
- static int WhichString = 0;
- static int bFirstTime = 1;
- char *szLoadedString;
- int i;
-
- RES_LOCK
-
- if (bFirstTime) {
- for (i = 0; i < MAXBUFNUM; i++)
- hres->pbuf[i] = (char *) malloc(MAXSTRINGLEN * sizeof(char));
- bFirstTime = 0;
- }
-
- szLoadedString = hres->pbuf[WhichString];
- WhichString++;
-
- /* reset to 0, if WhichString reaches to the end */
- if (WhichString == MAXBUFNUM)
- WhichString = 0;
-
- if (status == 0)
- memcpy(szLoadedString, (char *) data.data + sizeof(CHARSETTYPE),
- data.size - sizeof(CHARSETTYPE));
- else
- szLoadedString[0] = 0;
-
- RES_UNLOCK
-
- return szLoadedString;
- }
-}
-
-int32 NSResGetSize(NSRESHANDLE handle, const char *library, int32 id)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- return data.size - sizeof(CHARSETTYPE);
-}
-
-int32 NSResLoadResource(NSRESHANDLE handle, const char *library, int32 id, char *retbuf)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
- GenKeyData(library, id, &key);
-
- RES_LOCK
-
- status = (*hres->hdb->get)(hres->hdb, &key, &data, 0);
-
- RES_UNLOCK
-
- if (retbuf)
- {
- memcpy(retbuf, (char *)data.data + sizeof(CHARSETTYPE), data.size - sizeof(CHARSETTYPE));
- return data.size;
- }
- else
- return 0;
-}
-
-int NSResAddString(NSRESHANDLE handle, const char *library, int32 id,
- const char *string, unsigned int charset)
-{
- int status;
- RESHANDLE hres;
- DBT key, data;
- char * recdata;
-
- if (handle == NULL)
- return 0;
- hres = (RESHANDLE) handle;
-
- GenKeyData(library, id, &key);
-
- data.size = sizeof(CHARSETTYPE) + (strlen(string) + 1) ;
-
- recdata = (char *) malloc(data.size) ;
-
- /* set charset to the first field of record data */
- *((CHARSETTYPE *)recdata) = (CHARSETTYPE)charset;
-
- /* set data field */
- memcpy(recdata+sizeof(CHARSETTYPE), string, strlen(string) + 1);
-
- data.data = recdata;
-
- RES_LOCK
-
- status = (*hres->hdb->put)(hres->hdb, &key, &data, 0);
-
-
- if (recdata)
- free(recdata);
-
- RES_UNLOCK
-
- return status;
-}
diff --git a/dbm/src/snprintf.c b/dbm/src/snprintf.c
deleted file mode 100644
index 4987785723..0000000000
--- a/dbm/src/snprintf.c
+++ /dev/null
@@ -1,75 +0,0 @@
-#ifndef HAVE_SNPRINTF
-
-#include "watcomfx.h"
-#include
-#include
-#include
-
-#ifdef HAVE_SYS_CDEFS_H
-#include
-#else
-#include "cdefs.h"
-#endif
-
-#include "prtypes.h"
-
-#include
-
-/* The OS/2 VAC compiler doesn't appear to define __STDC__ and won't let us define it either */
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-#include
-#else
-#include
-#endif
-
-int
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
-snprintf(char *str, size_t n, const char *fmt, ...)
-#else
-snprintf(str, n, fmt, va_alist)
- char *str;
- size_t n;
- const char *fmt;
- va_dcl
-#endif
-{
- va_list ap;
-#ifdef VSPRINTF_CHARSTAR
- char *rp;
-#else
- int rval;
-#endif
-#if defined(__STDC__) || defined(XP_OS2_VACPP)
- va_start(ap, fmt);
-#else
- va_start(ap);
-#endif
-#ifdef VSPRINTF_CHARSTAR
- rp = vsprintf(str, fmt, ap);
- va_end(ap);
- return (strlen(rp));
-#else
- rval = vsprintf(str, fmt, ap);
- va_end(ap);
- return (rval);
-#endif
-}
-
-int
-vsnprintf(str, n, fmt, ap)
- char *str;
- size_t n;
- const char *fmt;
- va_list ap;
-{
-#ifdef VSPRINTF_CHARSTAR
- return (strlen(vsprintf(str, fmt, ap)));
-#else
- return (vsprintf(str, fmt, ap));
-#endif
-}
-
-#endif /* HAVE_SNPRINTF */
-
-/* Some compilers don't like an empty source file. */
-static int dummy = 0;
diff --git a/dbm/src/strerror.c b/dbm/src/strerror.c
deleted file mode 100644
index d1ae2666aa..0000000000
--- a/dbm/src/strerror.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright (c) 1988, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#if defined(LIBC_SCCS) && !defined(lint)
-static char sccsid[] = "@(#)strerror.c 8.1 (Berkeley) 6/4/93";
-#endif /* LIBC_SCCS and not lint */
-
-#include "watcomfx.h"
-
-#include
-
-#ifdef _DLL
-#define sys_nerr (*_sys_nerr_dll)
-#endif
-
-#ifndef HAVE_STRERROR
-#ifndef _AFXDLL
-char *
-strerror(num)
- int num;
-{
- extern int sys_nerr;
- extern char *sys_errlist[];
-#define UPREFIX "Unknown error: "
- static char ebuf[40] = UPREFIX; /* 64-bit number + slop */
- register unsigned int errnum;
- register char *p, *t;
- char tmp[40];
-
- errnum = num; /* convert to unsigned */
- if (errnum < sys_nerr)
- return(sys_errlist[errnum]);
-
- /* Do this by hand, so we don't include stdio(3). */
- t = tmp;
- do {
- *t++ = "0123456789"[errnum % 10];
- } while (errnum /= 10);
- for (p = ebuf + sizeof(UPREFIX) - 1;;) {
- *p++ = *--t;
- if (t <= tmp)
- break;
- }
- return(ebuf);
-}
-
-#endif
-#endif /* !HAVE_STRERROR */
diff --git a/dbm/tests/.cvsignore b/dbm/tests/.cvsignore
deleted file mode 100644
index a21fbfc35f..0000000000
--- a/dbm/tests/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-Makefile
-lots
-test.db
diff --git a/dbm/tests/Makefile.in b/dbm/tests/Makefile.in
deleted file mode 100644
index ffb83f29b3..0000000000
--- a/dbm/tests/Makefile.in
+++ /dev/null
@@ -1,62 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is mozilla.org code.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1998
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH = ../..
-topsrcdir = @top_srcdir@
-srcdir = @srcdir@
-VPATH = @srcdir@
-
-include $(DEPTH)/config/autoconf.mk
-
-MODULE = dbm
-
-PACKAGE_FILE = dbmtest.pkg
-
-PROGRAM = lots$(BIN_SUFFIX)
-
-CSRCS = lots.c
-
-ifeq ($(OS_ARCH),WINNT)
-EXTRA_DSO_LIBS = dbm$(MOZ_BITS)
-else
-EXTRA_DSO_LIBS = mozdbm_s
-endif
-
-LIBS = $(EXTRA_DSO_LIBS)
-
-include $(topsrcdir)/config/rules.mk
-
diff --git a/dbm/tests/dbmtest.pkg b/dbm/tests/dbmtest.pkg
deleted file mode 100644
index abd564bedf..0000000000
--- a/dbm/tests/dbmtest.pkg
+++ /dev/null
@@ -1,2 +0,0 @@
-[gecko-tests]
-dist/bin/lots@BINS@
diff --git a/dbm/tests/lots.c b/dbm/tests/lots.c
deleted file mode 100644
index 20b86c5943..0000000000
--- a/dbm/tests/lots.c
+++ /dev/null
@@ -1,638 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1998
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* use sequental numbers printed to strings
- * to store lots and lots of entries in the
- * database.
- *
- * Start with 100 entries, put them and then
- * read them out. Then delete the first
- * half and verify that all of the first half
- * is gone and then verify that the second
- * half is still there.
- * Then add the first half back and verify
- * again. Then delete the middle third
- * and verify again.
- * Then increase the size by 1000 and do
- * the whole add delete thing again.
- *
- * The data for each object is the number string translated
- * to hex and replicated a random number of times. The
- * number of times that the data is replicated is the first
- * int32 in the data.
- */
-
-#include
-
-#include
-#ifdef STDC_HEADERS
-#include
-#else
-#include
-#endif
-
-#ifdef HAVE_MEMORY_H
-#include
-#endif
-#include
-#include
-#include "mcom_db.h"
-
-DB *database=0;
-int MsgPriority=5;
-
-#if defined(_WINDOWS) && !defined(WIN32)
-#define int32 long
-#define uint32 unsigned long
-#else
-#define int32 int
-#define uint32 unsigned int
-#endif
-
-typedef enum {
-USE_LARGE_KEY,
-USE_SMALL_KEY
-} key_type_enum;
-
-#define TraceMe(priority, msg) \
- do { \
- if(priority <= MsgPriority) \
- { \
- ReportStatus msg; \
- } \
- } while(0)
-
-int
-ReportStatus(char *string, ...)
-{
- va_list args;
-
-#ifdef STDC_HEADERS
- va_start(args, string);
-#else
- va_start(args);
-#endif
- vfprintf(stderr, string, args);
- va_end(args);
-
- fprintf (stderr, "\n");
-
- return(0);
-}
-
-int
-ReportError(char *string, ...)
-{
- va_list args;
-
-#ifdef STDC_HEADERS
- va_start(args, string);
-#else
- va_start(args);
-#endif
- fprintf (stderr, "\n ");
- vfprintf(stderr, string, args);
- fprintf (stderr, "\n");
- va_end(args);
-
- return(0);
-}
-
-DBT * MakeLargeKey(int32 num)
-{
- int32 low_bits;
- static DBT rv;
- static char *string_rv=0;
- int rep_char;
- size_t size;
-
- if(string_rv)
- free(string_rv);
-
- /* generate a really large text key derived from
- * an int32
- */
- low_bits = (num % 10000) + 1;
-
- /* get the repeat char from the low 26 */
- rep_char = (char) ((low_bits % 26) + 'a');
-
- /* malloc a string low_bits wide */
- size = low_bits*sizeof(char);
- string_rv = (char *)malloc(size);
-
- memset(string_rv, rep_char, size);
-
- rv.data = string_rv;
- rv.size = size;
-
- return(&rv);
-}
-
-DBT * MakeSmallKey(int32 num)
-{
- static DBT rv;
- static char data_string[64];
-
- rv.data = data_string;
-
- sprintf(data_string, "%ld", (long)num);
- rv.size = strlen(data_string);
-
- return(&rv);
-
-}
-
-DBT * GenKey(int32 num, key_type_enum key_type)
-{
- DBT *key;
-
- switch(key_type)
- {
- case USE_LARGE_KEY:
- key = MakeLargeKey(num);
- break;
- case USE_SMALL_KEY:
- key = MakeSmallKey(num);
- break;
- default:
- abort();
- break;
- }
-
- return(key);
-}
-
-int
-SeqDatabase()
-{
- int status;
- DBT key, data;
-
- ReportStatus("SEQuencing through database...");
-
- /* seq throught the whole database */
- if(!(status = (*database->seq)(database, &key, &data, R_FIRST)))
- {
- while(!(status = (database->seq) (database, &key, &data, R_NEXT)));
- ; /* null body */
- }
-
- if(status < 0)
- ReportError("Error seq'ing database");
-
- return(status);
-}
-
-int
-VerifyData(DBT *data, int32 num, key_type_enum key_type)
-{
- int32 count, compare_num;
- size_t size;
- int32 *int32_array;
-
- /* The first int32 is count
- * The other n entries should
- * all equal num
- */
- if(data->size < sizeof(int32))
- {
- ReportError("Data size corrupted");
- return -1;
- }
-
- memcpy(&count, data->data, sizeof(int32));
-
- size = sizeof(int32)*(count+1);
-
- if(size != data->size)
- {
- ReportError("Data size corrupted");
- return -1;
- }
-
- int32_array = (int32*)data->data;
-
- for(;count > 0; count--)
- {
- memcpy(&compare_num, &int32_array[count], sizeof(int32));
-
- if(compare_num != num)
- {
- ReportError("Data corrupted");
- return -1;
- }
- }
-
- return(0);
-}
-
-
-/* verify that a range of number strings exist
- * or don't exist. And that the data is valid
- */
-#define SHOULD_EXIST 1
-#define SHOULD_NOT_EXIST 0
-int
-VerifyRange(int32 low, int32 high, int32 should_exist, key_type_enum key_type)
-{
- DBT *key, data;
- int32 num;
- int status;
-
- TraceMe(1, ("Verifying: %ld to %ld, using %s keys",
- low, high, key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
-
- for(num = low; num <= high; num++)
- {
-
- key = GenKey(num, key_type);
-
- status = (*database->get)(database, key, &data, 0);
-
- if(status == 0)
- {
- /* got the item */
- if(!should_exist)
- {
- ReportError("Item exists but shouldn't: %ld", num);
- }
- else
- {
- /* else verify the data */
- VerifyData(&data, num, key_type);
- }
- }
- else if(status > 0)
- {
- /* item not found */
- if(should_exist)
- {
- ReportError("Item not found but should be: %ld", num);
- }
- }
- else
- {
- /* database error */
- ReportError("Database error");
- return(-1);
- }
-
- }
-
- TraceMe(1, ("Correctly verified: %ld to %ld", low, high));
-
- return(0);
-
-}
-
-DBT *
-GenData(int32 num)
-{
- int32 n;
- static DBT *data=0;
- int32 *int32_array;
- size_t size;
-
- if(!data)
- {
- data = (DBT*)malloc(sizeof(DBT));
- data->size = 0;
- data->data = 0;
- }
- else if(data->data)
- {
- free(data->data);
- }
-
- n = rand();
-
- n = n % 512; /* bound to a 2K size */
-
-
- size = sizeof(int32)*(n+1);
- int32_array = (int32 *) malloc(size);
-
- memcpy(&int32_array[0], &n, sizeof(int32));
-
- for(; n > 0; n--)
- {
- memcpy(&int32_array[n], &num, sizeof(int32));
- }
-
- data->data = (void*)int32_array;
- data->size = size;
-
- return(data);
-}
-
-#define ADD_RANGE 1
-#define DELETE_RANGE 2
-
-int
-AddOrDelRange(int32 low, int32 high, int action, key_type_enum key_type)
-{
- DBT *key, *data;
-#if 0 /* only do this if your really analy checking the puts */
- DBT tmp_data;
-#endif
- int32 num;
- int status;
-
- if(action != ADD_RANGE && action != DELETE_RANGE)
- assert(0);
-
- if(action == ADD_RANGE)
- {
- TraceMe(1, ("Adding: %ld to %ld: %s keys", low, high,
- key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
- }
- else
- {
- TraceMe(1, ("Deleting: %ld to %ld: %s keys", low, high,
- key_type == USE_SMALL_KEY ? "SMALL" : "LARGE"));
- }
-
- for(num = low; num <= high; num++)
- {
-
- key = GenKey(num, key_type);
-
- if(action == ADD_RANGE)
- {
- data = GenData(num);
- status = (*database->put)(database, key, data, 0);
- }
- else
- {
- status = (*database->del)(database, key, 0);
- }
-
- if(status < 0)
- {
- ReportError("Database error %s item: %ld",
- action == ADD_RANGE ? "ADDING" : "DELETING",
- num);
- }
- else if(status > 0)
- {
- ReportError("Could not %s item: %ld",
- action == ADD_RANGE ? "ADD" : "DELETE",
- num);
- }
- else if(action == ADD_RANGE)
- {
-#define SYNC_EVERY_TIME
-#ifdef SYNC_EVERY_TIME
- status = (*database->sync)(database, 0);
- if(status != 0)
- ReportError("Database error syncing after add");
-#endif
-
-#if 0 /* only do this if your really analy checking the puts */
-
- /* make sure we can still get it
- */
- status = (*database->get)(database, key, &tmp_data, 0);
-
- if(status != 0)
- {
- ReportError("Database error checking item just added: %d",
- num);
- }
- else
- {
- /* now verify that none of the ones we already
- * put in have disappeared
- */
- VerifyRange(low, num, SHOULD_EXIST, key_type);
- }
-#endif
-
- }
- }
-
-
- if(action == ADD_RANGE)
- {
- TraceMe(1, ("Successfully added: %ld to %ld", low, high));
- }
- else
- {
- TraceMe(1, ("Successfully deleted: %ld to %ld", low, high));
- }
-
- return(0);
-}
-
-int
-TestRange(int32 low, int32 range, key_type_enum key_type)
-{
- int status; int32 low_of_range1, high_of_range1; int32 low_of_range2, high_of_range2;
- int32 low_of_range3, high_of_range3;
-
- status = AddOrDelRange(low, low+range, ADD_RANGE, key_type);
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 1"));
-
- SeqDatabase();
-
- low_of_range1 = low;
- high_of_range1 = low+(range/2);
- low_of_range2 = high_of_range1+1;
- high_of_range2 = low+range;
- status = AddOrDelRange(low_of_range1, high_of_range1, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_NOT_EXIST, key_type);
- status = VerifyRange(low_of_range2, low_of_range2, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 2"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range1, high_of_range1, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 3"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
- status = VerifyRange(low_of_range2, high_of_range2, SHOULD_NOT_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 4"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 5"));
-
- SeqDatabase();
-
- low_of_range1 = low;
- high_of_range1 = low+(range/3);
- low_of_range2 = high_of_range1+1;
- high_of_range2 = high_of_range1+(range/3);
- low_of_range3 = high_of_range2+1;
- high_of_range3 = low+range;
- /* delete range 2 */
- status = AddOrDelRange(low_of_range2, high_of_range2, DELETE_RANGE, key_type);
- status = VerifyRange(low_of_range1, high_of_range1, SHOULD_EXIST, key_type);
- status = VerifyRange(low_of_range2, low_of_range2, SHOULD_NOT_EXIST, key_type);
- status = VerifyRange(low_of_range3, low_of_range2, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 6"));
-
- SeqDatabase();
-
- status = AddOrDelRange(low_of_range2, high_of_range2, ADD_RANGE, key_type);
- /* the whole thing should exist now */
- status = VerifyRange(low, low+range, SHOULD_EXIST, key_type);
-
- TraceMe(1, ("Finished with sub test 7"));
-
- return(0);
-}
-
-#define START_RANGE 109876
-int
-main(int argc, char **argv)
-{
- int32 i, j=0;
- int quick_exit = 0;
- int large_keys = 0;
- HASHINFO hash_info = {
- 16*1024,
- 0,
- 0,
- 0,
- 0,
- 0};
-
-
- if(argc > 1)
- {
- while(argc > 1)
- {
- if(!strcmp(argv[argc-1], "-quick"))
- quick_exit = 1;
- else if(!strcmp(argv[argc-1], "-large"))
- {
- large_keys = 1;
- }
- argc--;
- }
- }
-
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, &hash_info);
-
- if(!database)
- {
- ReportError("Could not open database");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
-
- if(quick_exit)
- {
- if(large_keys)
- TestRange(START_RANGE, 200, USE_LARGE_KEY);
- else
- TestRange(START_RANGE, 200, USE_SMALL_KEY);
-
- (*database->sync)(database, 0);
- (*database->close)(database);
- exit(0);
- }
-
- for(i=100; i < 10000000; i+=200)
- {
- if(1 || j)
- {
- TestRange(START_RANGE, i, USE_LARGE_KEY);
- j = 0;
- }
- else
- {
- TestRange(START_RANGE, i, USE_SMALL_KEY);
- j = 1;
- }
-
- if(1 == rand() % 3)
- {
- (*database->sync)(database, 0);
- }
-
- if(1 == rand() % 3)
- {
- /* close and reopen */
- (*database->close)(database);
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
- if(!database)
- {
- ReportError("Could not reopen database");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
- }
- else
- {
- /* reopen database without closeing the other */
- database = dbopen("test.db", O_RDWR | O_CREAT, 0644, DB_HASH, 0);
- if(!database)
- {
- ReportError("Could not reopen database "
- "after not closing the other");
-#ifdef unix
- perror("");
-#endif
- exit(1);
- }
- }
- }
-
- return(0);
-}
diff --git a/security/nss/tests/perf/perf.sh b/security/coreconf/makefile.win
old mode 100755
new mode 100644
similarity index 52%
rename from security/nss/tests/perf/perf.sh
rename to security/coreconf/makefile.win
index 7fee17c1e4..6f3e244b4d
--- a/security/nss/tests/perf/perf.sh
+++ b/security/coreconf/makefile.win
@@ -1,5 +1,4 @@
-#! /bin/sh
-#
+#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
@@ -36,57 +35,70 @@
#
# ***** END LICENSE BLOCK *****
-########################################################################
#
-# mozilla/security/nss/tests/perf/perf.sh
+# An NMAKE file to set up and adjust coreconf's build system for
+# Client build. Client build should invoke NMAKE on this file
+# instead of invoking gmake directly.
#
-# script run from the nightly NSS QA to measure nss performance
-# needs to work on all Unix and Windows platforms
+
+NS_DEPTH = ..
+include <$(NS_DEPTH)\config\config.mak>
+#include <$(NS_DEPTH)\config\rules.mak>
+
#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
+# Backslashes are escape characters to gmake, so flip all backslashes
+# in $(MOZ_TOOLS) to forward slashes and pass that to gmake.
#
-########################################################################
-############################## perf_init ##############################
-# local shell function to initialize this script
-########################################################################
+GMAKE = $(MOZ_TOOLS)\bin\gmake.exe MOZ_TOOLS_FLIPPED=$(MOZ_TOOLS:\=/)
-perf_init()
-{
- SCRIPTNAME="perf.sh"
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . ./init.sh
- fi
- SCRIPTNAME="perf.sh"
- PERFDIR=${HOSTDIR}/perf
- mkdir -p ${PERFDIR}
-}
+GMAKE = $(GMAKE) PR_CLIENT_BUILD=1 PR_CLIENT_BUILD_WINDOWS=1
-perf_init
-RSAPERF_OUT=`rsaperf -i 300 -s -n none`
-RSAPERF_OUT=`echo $RSAPERF_OUT | sed \
- -e "s/^/RSAPERF: $OBJDIR /" \
- -e 's/microseconds/us/' \
- -e 's/milliseconds/ms/' \
- -e 's/seconds/s/' \
- -e 's/ minutes, and /_min_/'`
+#
+# The Client's debug build uses MSVC's debug runtime library (/MDd).
+#
+
+!ifdef MOZ_DEBUG
+GMAKE = $(GMAKE) USE_DEBUG_RTL=1
+!else
+GMAKE = $(GMAKE) BUILD_OPT=1
+!endif
-echo "$RSAPERF_OUT"
+!if "$(MOZ_BITS)" == "16"
+GMAKE = $(GMAKE) OS_TARGET=WIN16
+!else
+GMAKE = $(GMAKE) OS_TARGET=WIN95
+!ifdef MOZ_DEBUG
+PR_OBJDIR = WIN954.0_DBG.OBJD
+!else
+PR_OBJDIR = WIN954.0_OPT.OBJ
+!endif
+!endif
-#FIXME
-#export RSAPERF_OUT
#
-#perl -e '
+# The rules. Simply invoke gmake with the same target
+# for Win16, use the watcom compiler with the MSVC headers and libs
+#
-#@rsaperf=split(/ /, $ENV{RSAPERF_OUT});
+# this rule is needed so that nmake with no explicit target will only build
+# all, and not build all the targets named below in succession!
+default:: all
-#echo "${RSAPERF_OUT}" | read IT_NUM T1 T2 TOT_TIM TOT_TIM_U \
- #T3 T4 T5 AVRG_TIM AVRG_TIM_U
+# a rule like this one must only be used for explicitly named targets!
+all depend export libs install clobber clobber_all clean::
+!if "$(MOZ_BITS)" == "16"
+ set PATH=%WATCPATH%
+ set INCLUDE=%MSVC_INC%
+ set LIB=%MSVC_LIB%
+!endif
+ $(GMAKE) $@
+!if "$(MOZ_BITS)" == "16"
+ set PATH=%MSVCPATH%
+ set INCLUDE=%MSVC_INC%
+ set LIB=%MSVC_LIB%
+!endif
-#300 iterations in 8.881 seconds one operation every 29606 microseconds
+show:
+ @echo "MAKEFLAGS = $(MAKEFLAGS)"
diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/coreconf/nsinstall/nfspwd
old mode 100644
new mode 100755
similarity index 84%
rename from security/nss/cmd/crmf-cgi/config.mk
rename to security/coreconf/nsinstall/nfspwd
index f3a06d153b..66345aa071
--- a/security/nss/cmd/crmf-cgi/config.mk
+++ b/security/coreconf/nsinstall/nfspwd
@@ -1,4 +1,5 @@
-#
+#! perl
+#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
@@ -35,14 +36,15 @@
#
# ***** END LICENSE BLOCK *****
+require "fastcwd.pl";
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
-
+$_ = &fastcwd;
+if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
+ print("$_\n");
+} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
+ && readlink("/u/$user") eq "/usr/people/$user") {
+ print("/u/$user/$rest\n");
+} else {
+ chop($host = `hostname`);
+ print("/h/$host$_\n");
+}
diff --git a/security/nss/cmd/crmftest/config.mk b/security/coreconf/nsinstall/nfspwd.pl
similarity index 84%
rename from security/nss/cmd/crmftest/config.mk
rename to security/coreconf/nsinstall/nfspwd.pl
index ea8b592d6f..66345aa071 100644
--- a/security/nss/cmd/crmftest/config.mk
+++ b/security/coreconf/nsinstall/nfspwd.pl
@@ -1,3 +1,4 @@
+#! perl
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
@@ -35,13 +36,15 @@
#
# ***** END LICENSE BLOCK *****
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
+require "fastcwd.pl";
+$_ = &fastcwd;
+if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) {
+ print("$_\n");
+} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o)
+ && readlink("/u/$user") eq "/usr/people/$user") {
+ print("/u/$user/$rest\n");
+} else {
+ chop($host = `hostname`);
+ print("/h/$host$_\n");
+}
diff --git a/security/dbm/Makefile b/security/dbm/Makefile
deleted file mode 100644
index 34cd6d8991..0000000000
--- a/security/dbm/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-coreconf_hack:
- cd ../coreconf; gmake
- gmake import
-
-RelEng_bld: coreconf_hack
- gmake
diff --git a/security/dbm/config/config.mk b/security/dbm/config/config.mk
deleted file mode 100644
index 7533649318..0000000000
--- a/security/dbm/config/config.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# These macros are defined by mozilla's configure script.
-# We define them manually here.
-#
-
-DEFINES += -DSTDC_HEADERS -DHAVE_STRERROR
-
-#
-# Most platforms have snprintf, so it's simpler to list the exceptions.
-#
-HAVE_SNPRINTF = 1
-#
-# OSF1 V4.0D doesn't have snprintf but V5.0A does.
-#
-ifeq ($(OS_TARGET)$(OS_RELEASE),OSF1V4.0D)
-HAVE_SNPRINTF =
-endif
-ifdef HAVE_SNPRINTF
-DEFINES += -DHAVE_SNPRINTF
-endif
-
-ifeq (,$(filter-out IRIX Linux,$(OS_TARGET)))
-DEFINES += -DHAVE_SYS_CDEFS_H
-endif
-
-ifeq (,$(filter-out DGUX NCR ReliantUNIX SCO_SV SCOOS UNIXWARE,$(OS_TARGET)))
-DEFINES += -DHAVE_SYS_BYTEORDER_H
-endif
-
-#
-# None of the platforms that we are interested in need to
-# define HAVE_MEMORY_H.
-#
diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile
deleted file mode 100644
index ba4dd8ddf3..0000000000
--- a/security/dbm/include/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn
deleted file mode 100644
index 886fedd988..0000000000
--- a/security/dbm/include/manifest.mn
+++ /dev/null
@@ -1,57 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-
-VPATH = $(CORE_DEPTH)/../dbm/include
-
-MODULE = dbm
-
-EXPORTS = nsres.h \
- cdefs.h \
- mcom_db.h \
- ncompat.h \
- winfile.h \
- $(NULL)
-
-PRIVATE_EXPORTS = hsearch.h \
- page.h \
- extern.h \
- ndbm.h \
- queue.h \
- hash.h \
- mpool.h \
- search.h \
- $(NULL)
-
diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn
deleted file mode 100644
index d4065f761a..0000000000
--- a/security/dbm/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ..
-
-MODULE = dbm
-
-IMPORTS = nspr20/v4.4.1
-
-RELEASE = dbm
-
-DIRS = include \
- src \
- $(NULL)
diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile
deleted file mode 100644
index 8fce983941..0000000000
--- a/security/dbm/src/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/dbm/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk
deleted file mode 100644
index 370fd75d63..0000000000
--- a/security/dbm/src/config.mk
+++ /dev/null
@@ -1,63 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG)
-
-INCLUDES += -I$(CORE_DEPTH)/../dbm/include
-
-#
-# Currently, override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PURE_LIBRARY =
-PROGRAM =
-
-ifdef SHARED_LIBRARY
- ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
- DLLBASE=/BASE:0x30000000
- RES=$(OBJDIR)/dbm.res
- RESNAME=../include/dbm.rc
- endif
- ifeq ($(DLL_SUFFIX),dll)
- DEFINES += -D_DLL
- endif
-endif
-
-ifeq ($(OS_TARGET),AIX)
- OS_LIBS += -lc_r
-endif
diff --git a/security/dbm/src/dirent.c b/security/dbm/src/dirent.c
deleted file mode 100644
index 001a48c5c2..0000000000
--- a/security/dbm/src/dirent.c
+++ /dev/null
@@ -1,348 +0,0 @@
-#ifdef OS2
-
-#include
-#include
-#include
-#include
-
-#include
-#include
-
-/*#ifndef __EMX__
-#include
-#endif */
-
-#define INCL_DOSFILEMGR
-#define INCL_DOSERRORS
-#include
-
-#if OS2 >= 2
-# define FFBUF FILEFINDBUF3
-# define Word ULONG
- /*
- * LS20 recommends a request count of 100, but according to the
- * APAR text it does not lead to missing files, just to funny
- * numbers of returned entries.
- *
- * LS30 HPFS386 requires a count greater than 2, or some files
- * are missing (those starting with a character less that '.').
- *
- * Novell looses entries which overflow the buffer. In previous
- * versions of dirent2, this could have lead to missing files
- * when the average length of 100 directory entries was 40 bytes
- * or more (quite unlikely for files on a Novell server).
- *
- * Conclusion: Make sure that the entries all fit into the buffer
- * and that the buffer is large enough for more than 2 entries
- * (each entry is at most 300 bytes long). And ignore the LS20
- * effect.
- */
-# define Count 25
-# define BufSz (25 * (sizeof(FILEFINDBUF3)+1))
-#else
-# define FFBUF FILEFINDBUF
-# define Word USHORT
-# define BufSz 1024
-# define Count 3
-#endif
-
-#if defined(__IBMC__) || defined(__IBMCPP__)
- #define error(rc) _doserrno = rc, errno = EOS2ERR
-#elif defined(MICROSOFT)
- #define error(rc) _doserrno = rc, errno = 255
-#else
- #define error(rc) errno = 255
-#endif
-
-struct _dirdescr {
- HDIR handle; /* DosFindFirst handle */
- char fstype; /* filesystem type */
- Word count; /* valid entries in */
- long number; /* absolute number of next entry */
- int index; /* relative number of next entry */
- FFBUF * next; /* pointer to next entry */
- char name[MAXPATHLEN+3]; /* directory name */
- unsigned attrmask; /* attribute mask for seekdir */
- struct dirent entry; /* buffer for directory entry */
- BYTE ffbuf[BufSz];
-};
-
-/*
- * Return first char of filesystem type, or 0 if unknown.
- */
-static char
-getFSType(const char *path)
-{
- static char cache[1+26];
- char drive[3], info[512];
- Word unit, infolen;
- char r;
-
- if (isalpha(path[0]) && path[1] == ':') {
- unit = toupper(path[0]) - '@';
- path += 2;
- } else {
- ULONG driveMap;
-#if OS2 >= 2
- if (DosQueryCurrentDisk(&unit, &driveMap))
-#else
- if (DosQCurDisk(&unit, &driveMap))
-#endif
- return 0;
- }
-
- if ((path[0] == '\\' || path[0] == '/')
- && (path[1] == '\\' || path[1] == '/'))
- return 0;
-
- if (cache [unit])
- return cache [unit];
-
- drive[0] = '@' + unit;
- drive[1] = ':';
- drive[2] = '\0';
- infolen = sizeof info;
-#if OS2 >= 2
- if (DosQueryFSAttach(drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen))
- return 0;
- if (infolen >= sizeof(FSQBUFFER2)) {
- FSQBUFFER2 *p = (FSQBUFFER2 *)info;
- r = p->szFSDName[p->cbName];
- } else
-#else
- if (DosQFSAttach((PSZ)drive, 0, FSAIL_QUERYNAME, (PVOID)info, &infolen, 0))
- return 0;
- if (infolen >= 9) {
- char *p = info + sizeof(USHORT);
- p += sizeof(USHORT) + *(USHORT *)p + 1 + sizeof(USHORT);
- r = *p;
- } else
-#endif
- r = 0;
- return cache [unit] = r;
-}
-
-char *
-abs_path(const char *name, char *buffer, int len)
-{
- char buf[4];
- if (isalpha(name[0]) && name[1] == ':' && name[2] == '\0') {
- buf[0] = name[0];
- buf[1] = name[1];
- buf[2] = '.';
- buf[3] = '\0';
- name = buf;
- }
-#if OS2 >= 2
- if (DosQueryPathInfo((PSZ)name, FIL_QUERYFULLNAME, buffer, len))
-#else
- if (DosQPathInfo((PSZ)name, FIL_QUERYFULLNAME, (PBYTE)buffer, len, 0L))
-#endif
- return NULL;
- return buffer;
-}
-
-DIR *
-openxdir(const char *path, unsigned att_mask)
-{
- DIR *dir;
- char name[MAXPATHLEN+3];
- Word rc;
-
- dir = malloc(sizeof(DIR));
- if (dir == NULL) {
- errno = ENOMEM;
- return NULL;
- }
-
- strncpy(name, path, MAXPATHLEN);
- name[MAXPATHLEN] = '\0';
- switch (name[strlen(name)-1]) {
- default:
- strcat(name, "\\");
- case '\\':
- case '/':
- case ':':
- ;
- }
- strcat(name, ".");
- if (!abs_path(name, dir->name, MAXPATHLEN+1))
- strcpy(dir->name, name);
- if (dir->name[strlen(dir->name)-1] == '\\')
- strcat(dir->name, "*");
- else
- strcat(dir->name, "\\*");
-
- dir->fstype = getFSType(dir->name);
- dir->attrmask = att_mask | A_DIR;
-
- dir->handle = HDIR_CREATE;
- dir->count = 100;
-#if OS2 >= 2
- rc = DosFindFirst(dir->name, &dir->handle, dir->attrmask,
- dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
-#else
- rc = DosFindFirst((PSZ)dir->name, &dir->handle, dir->attrmask,
- (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
-#endif
- switch (rc) {
- default:
- free(dir);
- error(rc);
- return NULL;
- case NO_ERROR:
- case ERROR_NO_MORE_FILES:
- ;
- }
-
- dir->number = 0;
- dir->index = 0;
- dir->next = (FFBUF *)dir->ffbuf;
-
- return (DIR *)dir;
-}
-
-DIR *
-opendir(const char *pathname)
-{
- return openxdir(pathname, 0);
-}
-
-struct dirent *
-readdir(DIR *dir)
-{
- static int dummy_ino = 2;
-
- if (dir->index == dir->count) {
- Word rc;
- dir->count = 100;
-#if OS2 >= 2
- rc = DosFindNext(dir->handle, dir->ffbuf,
- sizeof dir->ffbuf, &dir->count);
-#else
- rc = DosFindNext(dir->handle, (PFILEFINDBUF)dir->ffbuf,
- sizeof dir->ffbuf, &dir->count);
-#endif
- if (rc) {
- error(rc);
- return NULL;
- }
-
- dir->index = 0;
- dir->next = (FFBUF *)dir->ffbuf;
- }
-
- if (dir->index == dir->count)
- return NULL;
-
- memcpy(dir->entry.d_name, dir->next->achName, dir->next->cchName);
- dir->entry.d_name[dir->next->cchName] = '\0';
- dir->entry.d_ino = dummy_ino++;
- dir->entry.d_reclen = dir->next->cchName;
- dir->entry.d_namlen = dir->next->cchName;
- dir->entry.d_size = dir->next->cbFile;
- dir->entry.d_attribute = dir->next->attrFile;
- dir->entry.d_time = *(USHORT *)&dir->next->ftimeLastWrite;
- dir->entry.d_date = *(USHORT *)&dir->next->fdateLastWrite;
-
- switch (dir->fstype) {
- case 'F': /* FAT */
- case 'C': /* CDFS */
- if (dir->next->attrFile & FILE_DIRECTORY)
- strupr(dir->entry.d_name);
- else
- strlwr(dir->entry.d_name);
- }
-
-#if OS2 >= 2
- dir->next = (FFBUF *)((BYTE *)dir->next + dir->next->oNextEntryOffset);
-#else
- dir->next = (FFBUF *)((BYTE *)dir->next->achName + dir->next->cchName + 1);
-#endif
- ++dir->number;
- ++dir->index;
-
- return &dir->entry;
-}
-
-long
-telldir(DIR *dir)
-{
- return dir->number;
-}
-
-void
-seekdir(DIR *dir, long off)
-{
- if (dir->number > off) {
- char name[MAXPATHLEN+2];
- Word rc;
-
- DosFindClose(dir->handle);
-
- strcpy(name, dir->name);
- strcat(name, "*");
-
- dir->handle = HDIR_CREATE;
- dir->count = 32767;
-#if OS2 >= 2
- rc = DosFindFirst(name, &dir->handle, dir->attrmask,
- dir->ffbuf, sizeof dir->ffbuf, &dir->count, FIL_STANDARD);
-#else
- rc = DosFindFirst((PSZ)name, &dir->handle, dir->attrmask,
- (PFILEFINDBUF)dir->ffbuf, sizeof dir->ffbuf, &dir->count, 0);
-#endif
- switch (rc) {
- default:
- error(rc);
- return;
- case NO_ERROR:
- case ERROR_NO_MORE_FILES:
- ;
- }
-
- dir->number = 0;
- dir->index = 0;
- dir->next = (FFBUF *)dir->ffbuf;
- }
-
- while (dir->number < off && readdir(dir))
- ;
-}
-
-void
-closedir(DIR *dir)
-{
- DosFindClose(dir->handle);
- free(dir);
-}
-
-/*****************************************************************************/
-
-#ifdef TEST
-
-main(int argc, char **argv)
-{
- int i;
- DIR *dir;
- struct dirent *ep;
-
- for (i = 1; i < argc; ++i) {
- dir = opendir(argv[i]);
- if (!dir)
- continue;
- while (ep = readdir(dir))
- if (strchr("\\/:", argv[i] [strlen(argv[i]) - 1]))
- printf("%s%s\n", argv[i], ep->d_name);
- else
- printf("%s/%s\n", argv[i], ep->d_name);
- closedir(dir);
- }
-
- return 0;
-}
-
-#endif
-
-#endif /* OS2 */
-
diff --git a/security/dbm/src/dirent.h b/security/dbm/src/dirent.h
deleted file mode 100644
index 07a6c0ac87..0000000000
--- a/security/dbm/src/dirent.h
+++ /dev/null
@@ -1,97 +0,0 @@
-#ifndef __DIRENT_H__
-#define __DIRENT_H__
-/*
- * @(#)msd_dir.h 1.4 87/11/06 Public Domain.
- *
- * A public domain implementation of BSD directory routines for
- * MS-DOS. Written by Michael Rendell ({uunet,utai}michael@garfield),
- * August 1897
- *
- * Extended by Peter Lim (lim@mullian.oz) to overcome some MS DOS quirks
- * and returns 2 more pieces of information - file size & attribute.
- * Plus a little reshuffling of some #define's positions December 1987
- *
- * Some modifications by Martin Junius 02-14-89
- *
- * AK900712
- * AK910410 abs_path - make absolute path
- *
- */
-
-#ifdef __EMX__
-#include
-#else
-#if defined(__IBMC__) || defined(__IBMCPP__) || defined(XP_W32_MSVC)
-#include
-#ifdef MAXPATHLEN
- #undef MAXPATHLEN
-#endif
-#define MAXPATHLEN (FILENAME_MAX*4)
-#define MAXNAMLEN FILENAME_MAX
-
-#else
-#include
-#endif
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* attribute stuff */
-#ifndef A_RONLY
-# define A_RONLY 0x01
-# define A_HIDDEN 0x02
-# define A_SYSTEM 0x04
-# define A_LABEL 0x08
-# define A_DIR 0x10
-# define A_ARCHIVE 0x20
-#endif
-
-struct dirent {
-#if defined(OS2) || defined(WIN32) /* use the layout of EMX to avoid trouble */
- int d_ino; /* Dummy */
- int d_reclen; /* Dummy, same as d_namlen */
- int d_namlen; /* length of name */
- char d_name[MAXNAMLEN + 1];
- unsigned long d_size;
- unsigned short d_attribute; /* attributes (see above) */
- unsigned short d_time; /* modification time */
- unsigned short d_date; /* modification date */
-#else
- char d_name[MAXNAMLEN + 1]; /* garentee null termination */
- char d_attribute; /* .. extension .. */
- unsigned long d_size; /* .. extension .. */
-#endif
-};
-
-typedef struct _dirdescr DIR;
-/* the structs do not have to be defined here */
-
-extern DIR *opendir(const char *);
-extern DIR *openxdir(const char *, unsigned);
-extern struct dirent *readdir(DIR *);
-extern void seekdir(DIR *, long);
-extern long telldir(DIR *);
-extern void closedir(DIR *);
-#define rewinddir(dirp) seekdir(dirp, 0L)
-
-extern char * abs_path(const char *name, char *buffer, int len);
-
-#ifndef S_IFMT
-#define S_IFMT ( S_IFDIR | S_IFREG )
-#endif
-
-#ifndef S_ISDIR
-#define S_ISDIR( m ) (((m) & S_IFMT) == S_IFDIR)
-#endif
-
-#ifndef S_ISREG
-#define S_ISREG( m ) (((m) & S_IFMT) == S_IFREG)
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/dbm/src/manifest.mn b/security/dbm/src/manifest.mn
deleted file mode 100644
index 80f2abfd0e..0000000000
--- a/security/dbm/src/manifest.mn
+++ /dev/null
@@ -1,61 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-
-VPATH = $(CORE_DEPTH)/../dbm/src
-
-MODULE = dbm
-
-#
-# memmove.c, snprintf.c, and strerror.c are not in CSRCS because
-# the Standard C Library has memmove and strerror and DBM is not
-# using snprintf.
-#
-
-CSRCS = db.c \
- h_bigkey.c \
- h_func.c \
- h_log2.c \
- h_page.c \
- hash.c \
- hash_buf.c \
- hsearch.c \
- mktemp.c \
- ndbm.c \
- nsres.c \
- dirent.c \
- $(NULL)
-
-LIBRARY_NAME = dbm
diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile
deleted file mode 100644
index fe132e19c5..0000000000
--- a/security/dbm/tests/Makefile
+++ /dev/null
@@ -1,69 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-DEPTH = ../..
-CORE_DEPTH = ../..
-
-VPATH = $(CORE_DEPTH)/../dbm/tests
-
-MODULE = dbm
-
-CSRCS = lots.c
-
-PROGRAM = lots
-
-include $(DEPTH)/coreconf/config.mk
-
-include $(DEPTH)/dbm/config/config.mk
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX)
-else
-LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX)
-endif
-
-INCLUDES += -I$(CORE_DEPTH)/../dbm/include
-
-LDFLAGS = $(LDOPTS) $(LIBDBM)
-
-include $(DEPTH)/coreconf/rules.mk
-
-lots.pure: lots
- purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS)
-
-crash: crash.o $(MYLIBS)
- $(CC) -o crash $(CFLAGS) $^
-
-crash.pure: crash.o $(MYLIBS)
- purify $(CC) -o crash.pure $(CFLAGS) $^
-
diff --git a/security/nss/Makefile b/security/nss/Makefile
deleted file mode 100644
index b6e9e64b45..0000000000
--- a/security/nss/Makefile
+++ /dev/null
@@ -1,172 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-ifeq ($(OS_TARGET),WINCE)
-DIRS = lib # omit cmd since wince has no command line shell
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-nss_build_all: build_coreconf build_nspr build_dbm all
-
-build_coreconf:
- cd $(CORE_DEPTH)/coreconf ; $(MAKE)
-
-NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status
-NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure
-
-#
-# Translate coreconf build options to NSPR configure options.
-#
-
-ifdef BUILD_OPT
-NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize
-endif
-ifdef USE_64
-NSPR_CONFIGURE_OPTS += --enable-64bit
-endif
-ifeq ($(OS_TARGET),WIN95)
-NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95
-endif
-ifdef USE_DEBUG_RTL
-NSPR_CONFIGURE_OPTS += --enable-debug-rtl
-endif
-ifdef NS_USE_GCC
-NSPR_COMPILERS = CC=gcc CXX=g++
-endif
-
-#
-# Some pwd commands on Windows (for example, the pwd
-# command in Cygwin) return a pathname that begins
-# with a (forward) slash. When such a pathname is
-# passed to Windows build tools (for example, cl), it
-# is mistaken as a command-line option. If that is the case,
-# we use a relative pathname as NSPR's prefix on Windows.
-#
-
-USEABSPATH="YES"
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-ifeq (,$(findstring :,$(shell pwd)))
-USEABSPATH="NO"
-endif
-endif
-ifeq ($(USEABSPATH),"YES")
-NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME)
-else
-NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME)
-endif
-
-$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE)
- $(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \
- $(NSPR_COMPILERS) sh ../configure \
- $(NSPR_CONFIGURE_OPTS) \
- --with-dist-prefix='$(NSPR_PREFIX)' \
- --with-dist-includedir='$(NSPR_PREFIX)/include'
-
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-build_dbm:
- cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
-
-
-
-moz_import::
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
- $(NSINSTALL) -D $(DIST)/include/nspr
- cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr
- cp $(DIST)/../include/* $(DIST)/include
-ifdef BUILD_OPT
- cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib
-else
- cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib
-endif
- mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib
-else
-ifeq ($(OS_TARGET),OS2)
- cp -rf $(DIST)/../include $(DIST)
- cp -rf $(DIST)/../lib $(DIST)
- cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-else
- $(NSINSTALL) -L ../../dist include $(DIST)
- $(NSINSTALL) -L ../../dist lib $(DIST)
- cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-endif
-endif
-
-nss_RelEng_bld: build_coreconf import build_dbm all
-
-package:
- $(MAKE) -C pkg publish
diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore
deleted file mode 100644
index 6329db22e8..0000000000
--- a/security/nss/cmd/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-.gdbinit
diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile
deleted file mode 100644
index 5369d89044..0000000000
--- a/security/nss/cmd/Makefile
+++ /dev/null
@@ -1,190 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-ifndef USE_SYSTEM_ZLIB
-ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
-endif
-
-# These sources were once in this directory, but now are gone.
-MISSING_SOURCES = \
- addcert.c \
- berparse.c \
- cert.c \
- key.c \
- key_rand.c \
- keygen.c \
- sec_fe.c \
- sec_read.c \
- secarb.c \
- secutil.c \
- $(NULL)
-
-# we don't build these any more, but the sources are still here
-OBSOLETE = \
- berdec.c \
- berdump.c \
- cypher.c \
- dumpcert.c \
- listcerts.c \
- mkdongle.c \
- p12exprt.c \
- p12imprt.c \
- rc4.c \
- sign.c \
- unwrap.c \
- vector.c \
- verify.c \
- wrap.c \
- $(NULL)
-
-# the base files for the executables
-# hey -- keep these alphabetical, please
-EXEC_SRCS = \
- $(NULL)
-
-# files that generate two separate objects and executables
-# BI_SRCS = \
-# keyutil.c \
-# p7env.c \
-# tstclnt.c \
-# $(NULL)
-
-# -I$(CORE_DEPTH)/security/lib/cert \
-# -I$(CORE_DEPTH)/security/lib/key \
-# -I$(CORE_DEPTH)/security/lib/util \
-
-INCLUDES += \
- -I$(DIST)/../public/security \
- -I./include \
- $(NULL)
-
-TBD_DIRS = rsh rshd rdist ssld
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(DIST)/lib/libxp.$(LIB_SUFFIX) \
- $(DIST)/lib/libnspr.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libhash.$(LIB_SUFFIX) \
- $(NULL)
-
-MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-REQUIRES = libxp nspr security
-
-CSRCS = $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-
-ifneq ($(OS_TARGET),OS2)
-$(OBJDIR)/%-us.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(US_FLAGS) -c $*.c
-
-$(OBJDIR)/%-ex.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(OBJDIR)/%.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS)
-
-$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-#install:: $(TARGETS)
-# $(INSTALL) $(TARGETS) $(DIST)/bin
-endif
-
-symbols::
- @echo "TARGETS = $(TARGETS)"
diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile
deleted file mode 100644
index f62d2a3d09..0000000000
--- a/security/nss/cmd/SSLsample/Makefile
+++ /dev/null
@@ -1,48 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# do these once for each target program
-all default export libs program install release_export::
- $(MAKE) -f make.client $@
- $(MAKE) -f make.server $@
-
-# only do these things once for the whole directory
-depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show::
- $(MAKE) -f make.client $@
-
-
diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h
deleted file mode 100644
index 8a6a49f633..0000000000
--- a/security/nss/cmd/SSLsample/NSPRerrs.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README
deleted file mode 100644
index 5672cfac8f..0000000000
--- a/security/nss/cmd/SSLsample/README
+++ /dev/null
@@ -1,35 +0,0 @@
-These sample programs can be built in either of two ways:
-1) is the NSS source tree, using the coreconf build system, and
-2) stand alone (as part of the NSS distribution).
-
-The following makefiles are used only when building in the NSS source tree
-using coreconf. These are NOT part of the distribution.
-
-Makefile
-client.mn
-server.mn
-config.mk
-make.client
-make.server
-
-The following source files are common to both build environments and are
-part of the distribution.
-
-NSPRerrs.h
-SECerrs.h
-SSLerrs.h
-client.c
-getopt.c
-server.c
-sslerror.h
-
-In the NSS 2.0 distribution, the sample code and makefiles are in a
-directory named "samples". The directories relevant to building
-in the distributed tree are:
-
-./samples
-./include/dbm
-./include/nspr
-./include/security
-./lib
-
diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h
deleted file mode 100644
index 90f7a2e9f1..0000000000
--- a/security/nss/cmd/SSLsample/SECerrs.h
+++ /dev/null
@@ -1,444 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h
deleted file mode 100644
index f502c523e6..0000000000
--- a/security/nss/cmd/SSLsample/SSLerrs.h
+++ /dev/null
@@ -1,369 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
deleted file mode 100644
index ffb7d9d385..0000000000
--- a/security/nss/cmd/SSLsample/client.c
+++ /dev/null
@@ -1,456 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/****************************************************************************
- * SSL client program that sets up a connection to SSL server, transmits *
- * some data and then reads the reply *
- ****************************************************************************/
-
-#include
-#include
-
-#if defined(XP_UNIX)
-#include
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-
-
-#include
-#include
-#include
-#include
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "sslsample.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
- " [-w dbpasswd] [-C cipher(s)] hostname\n",
- progName);
- exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
- PRFileDesc *tcpSocket;
- PRFileDesc *sslSocket;
- PRSocketOptionData socketOption;
- PRStatus prStatus;
- SECStatus secStatus;
-
-#if 0
-retry:
-#endif
-
- tcpSocket = PR_NewTCPSocket();
- if (tcpSocket == NULL) {
- errWarn("PR_NewTCPSocket");
- }
-
- /* Make the socket blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption");
- goto loser;
- }
-
-#if 0
- /* Verify that a connection can be made to the socket. */
- prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- PRErrorCode err = PR_GetError();
- if (err == PR_CONNECT_REFUSED_ERROR) {
- PR_Close(tcpSocket);
- PR_Sleep(PR_MillisecondsToInterval(10));
- fprintf(stderr, "Connection to port refused, retrying.\n");
- goto retry;
- }
- errWarn("PR_Connect");
- goto loser;
- }
-#endif
-
- /* Import the socket into the SSL layer. */
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (!sslSocket) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- /* Set configuration options. */
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
- goto loser;
- }
-
- /* Set SSL callback routines. */
- secStatus = SSL_GetClientAuthDataHook(sslSocket,
- (SSLGetClientAuthData)myGetClientAuthData,
- (void *)certNickname);
- if (secStatus != SECSuccess) {
- errWarn("SSL_GetClientAuthDataHook");
- goto loser;
- }
-
- secStatus = SSL_AuthCertificateHook(sslSocket,
- (SSLAuthCertificate)myAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
- int countRead = 0;
- PRInt32 numBytes;
- char *readBuffer;
-
- readBuffer = PORT_Alloc(RD_BUF_SIZE);
- if (!readBuffer) {
- exitErr("PORT_Alloc");
- }
-
- /* compose the http request here. */
-
- numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
- if (numBytes <= 0) {
- errWarn("PR_Write");
- PR_Free(readBuffer);
- readBuffer = NULL;
- return SECFailure;
- }
-
- /* read until EOF */
- while (PR_TRUE) {
- numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
- if (numBytes == 0) {
- break; /* EOF */
- }
- if (numBytes < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += numBytes;
- fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n",
- connection, numBytes, countRead );
- readBuffer[numBytes] = '\0';
- fprintf(stderr, "************\n%s\n************\n", readBuffer);
- }
-
- printSecurityInfo(sslSocket);
-
- PR_Free(readBuffer);
- readBuffer = NULL;
-
- /* Caller closes the socket. */
-
- fprintf(stderr,
- "***** Connection %d read %d bytes total.\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
- PRNetAddr *addr = (PRNetAddr *)a;
- PRFileDesc *sslSocket;
- PRHostEnt hostEntry;
- char buffer[PR_NETDB_BUF_SIZE];
- PRStatus prStatus;
- PRIntn hostenum;
- SECStatus secStatus;
-
- /* Set up SSL secure socket. */
- sslSocket = setupSSLSocket(addr);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- return SECFailure;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetPKCS11PinArg");
- return secStatus;
- }
-
- secStatus = SSL_SetURL(sslSocket, hostName);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetURL");
- return secStatus;
- }
-
- /* Prepare and setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_GetHostByName");
- return SECFailure;
- }
-
- hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
- if (hostenum == -1) {
- errWarn("PR_EnumerateHostEnt");
- return SECFailure;
- }
-
- prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Connect");
- return SECFailure;
- }
-
- /* Established SSL connection, ready to send data. */
-#if 0
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return secStatus;
- }
-#endif
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- prStatus = PR_Close(sslSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
- return secStatus;
- }
-
- secStatus = handle_connection(sslSocket, connection);
- if (secStatus != SECSuccess) {
- errWarn("handle_connection");
- return secStatus;
- }
-
- PR_Close(sslSocket);
- return SECSuccess;
-}
-
-void
-client_main(unsigned short port,
- int connections,
- const char * hostName)
-{
- int i;
- SECStatus secStatus;
- PRStatus prStatus;
- PRInt32 rv;
- PRNetAddr addr;
- PRHostEnt hostEntry;
- char buffer[256];
-
- /* Setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_GetHostByName");
- }
-
- rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
- if (rv < 0) {
- exitErr("PR_EnumerateHostEnt");
- }
-
- secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
- if (secStatus != SECSuccess) {
- exitErr("launch_thread");
- }
-
- if (connections > 1) {
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads(&threadMGR);
- /* Start up the connections */
- for (i = 2; i <= connections; ++i) {
- secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
- if (secStatus != SECSuccess) {
- errWarn("launch_thread");
- }
- }
- }
-
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
- char * certDir = ".";
- char * progName = NULL;
- int connections = 1;
- char * cipherString = NULL;
- SECStatus secStatus;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- progName = PL_strdup(argv[0]);
-
- hostName = NULL;
- optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case 'C' : cipherString = PL_strdup(optstate->value); break;
- case 'c' : connections = PORT_Atoi(optstate->value); break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'n' : certNickname = PL_strdup(optstate->value); break;
- case 'p' : port = PORT_Atoi(optstate->value); break;
- case 'w' : password = PL_strdup(optstate->value); break;
- case '\0': hostName = PL_strdup(optstate->value); break;
- default : Usage(progName);
- }
- }
-
- if (port == 0 || hostName == NULL)
- Usage(progName);
-
- if (certDir == NULL) {
- certDir = PR_smprintf("%s/.netscape", getenv("HOME"));
- }
-
- /* Set our password function callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize the NSS libraries. */
- secStatus = NSS_Init(certDir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */
- NSS_SetDomesticPolicy();
- SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- }
- }
- }
-
- client_main(port, connections, hostName);
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
-
diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn
deleted file mode 100644
index 4ede63e2dc..0000000000
--- a/security/nss/cmd/SSLsample/client.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = client.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = client
-
-REQUIRES = dbm
-
-IMPORTS = nss/lib/nss
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts
deleted file mode 100755
index 61f13e5fab..0000000000
--- a/security/nss/cmd/SSLsample/gencerts
+++ /dev/null
@@ -1,81 +0,0 @@
-#!/bin/sh
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-# Directory for db's, use in all subsequent -d flags.
-rm -rf SampleCertDBs
-mkdir SampleCertDBs
-
-# Password to use.
-echo sample > passfile
-
-# Generate the db files, using the above password.
-certutil -N -d SampleCertDBs -f passfile
-
-# Generate the CA cert. This cert is self-signed and only useful for
-# test purposes. Set the trust bits to allow it to sign SSL client/server
-# certs.
-certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \
- -s "CN=My Sample Root CA, O=My Organization" \
- -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the server cert. This cert is signed by the CA cert generated
-# above. The CN must be hostname.domain.[com|org|net|...].
-certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \
- -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \
- -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the client cert. This cert is signed by the CA cert generated
-# above.
-certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \
- -s "CN=My Client Cert, O=Client Organization" \
- -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \
- -d SampleCertDBs -f passfile
-
-# Verify the certificates.
-certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs
-certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs
-
-# Remove unneccessary files.
-rm -f passfile
-rm -f tempcert*
-
-# You are now ready to run your client/server! Example command lines:
-# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R
-# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com
diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client
deleted file mode 100644
index 4bf4c40cd7..0000000000
--- a/security/nss/cmd/SSLsample/make.client
+++ /dev/null
@@ -1,81 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include client.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-#CC = cc
-
-
diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server
deleted file mode 100644
index ce90a2f86c..0000000000
--- a/security/nss/cmd/SSLsample/make.server
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include server.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c
deleted file mode 100644
index 5965d4723f..0000000000
--- a/security/nss/cmd/SSLsample/server.c
+++ /dev/null
@@ -1,821 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/****************************************************************************
- * SSL server program listens on a port, accepts client connection, reads *
- * request and responds to it *
- ****************************************************************************/
-
-/* Generic header files */
-
-#include
-#include
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-#include "sslsample.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#define REQUEST_CERT_ONCE 1
-#define REQUIRE_CERT_ONCE 2
-#define REQUEST_CERT_ALL 3
-#define REQUIRE_CERT_ALL 4
-
-/* Global variables */
-GlobalThreadMgr threadMGR;
-char *password = NULL;
-CERTCertificate *cert = NULL;
-SECKEYPrivateKey *privKey = NULL;
-int stopping;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
-
-"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n"
-" [-c ciphers] [-d dbdir] \n"
-"-3 means disable SSL v3\n"
-"-r means request certificate on first handshake.\n"
-"-f means require certificate on first handshake.\n"
-"-R means request certificate on all handshakes.\n"
-"-F means require certificate on all handshakes.\n"
-"-c ciphers Letter(s) chosen from the following list\n"
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n",
- progName);
- exit(1);
-}
-
-/* Function: readDataFromSocket()
- *
- * Purpose: Parse an HTTP request by reading data from a GET or POST.
- *
- */
-SECStatus
-readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName)
-{
- char *post;
- int numBytes = 0;
- int newln = 0; /* # of consecutive newlns */
-
- /* Read data while it comes in from the socket. */
- while (PR_TRUE) {
- buffer->index = 0;
- newln = 0;
-
- /* Read the buffer. */
- numBytes = PR_Read(sslSocket, &buffer->data[buffer->index],
- buffer->remaining);
- if (numBytes <= 0) {
- errWarn("PR_Read");
- return SECFailure;
- }
- buffer->dataEnd = buffer->dataStart + numBytes;
-
- /* Parse the input, starting at the beginning of the buffer.
- * Stop when we detect two consecutive \n's (or \r\n's)
- * as this signifies the end of the GET or POST portion.
- * The posted data follows.
- */
- while (buffer->index < buffer->dataEnd && newln < 2) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- } else if (octet != '\r') {
- newln = 0;
- }
- }
-
- /* Came to the end of the buffer, or second newline.
- * If we didn't get an empty line ("\r\n\r\n"), then keep on reading.
- */
- if (newln < 2)
- continue;
-
- /* we're at the end of the HTTP request.
- * If the request is a POST, then there will be one more
- * line of data.
- * This parsing is a hack, but ok for SSL test purposes.
- */
- post = PORT_Strstr(buffer->data, "POST ");
- if (!post || *post != 'P')
- break;
-
- /* It's a post, so look for the next and final CR/LF. */
- /* We should parse content length here, but ... */
- while (buffer->index < buffer->dataEnd && newln < 3) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- }
- }
-
- if (newln == 3)
- break;
- }
-
- /* Have either (a) a complete get, (b) a complete post, (c) EOF */
-
- /* Execute a "GET " operation. */
- if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) {
- int fnLength;
-
- /* File name is the part after "GET ". */
- fnLength = strcspn(buffer->data + 5, " \r\n");
- *fileName = (char *)PORT_Alloc(fnLength + 1);
- PORT_Strncpy(*fileName, buffer->data + 5, fnLength);
- (*fileName)[fnLength] = '\0';
- }
-
- return SECSuccess;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Configure a socket for SSL.
- *
- *
- */
-PRFileDesc *
-setupSSLSocket(PRFileDesc *tcpSocket, int requestCert)
-{
- PRFileDesc *sslSocket;
- SSLKEAType certKEA;
- int certErr = 0;
- SECStatus secStatus;
-
- /* Set the appropriate flags. */
-
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (sslSocket == NULL) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE,
- (requestCert >= REQUEST_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE,
- (requestCert == REQUIRE_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- goto loser;
- }
-
- /* Set the appropriate callback routines. */
-
- secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate,
- CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, &certErr);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- certKEA = NSS_FindCertKEAType(cert);
-
- secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ConfigSecureServer");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Perform client authentication on the socket.
- *
- */
-SECStatus
-authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert)
-{
- CERTCertificate *cert;
- SECStatus secStatus;
-
- /* Returns NULL if client authentication is not enabled or if the
- * client had no certificate. */
- cert = SSL_PeerCertificate(sslSocket);
- if (cert) {
- /* Client had a certificate, so authentication is through. */
- CERT_DestroyCertificate(cert);
- return SECSuccess;
- }
-
- /* Request client to authenticate itself. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- return SECFailure;
- }
-
- /* If desired, require client to authenticate itself. Note
- * SSL_REQUEST_CERTIFICATE must also be on, as above. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- return SECFailure;
- }
-
- /* Having changed socket configuration parameters, redo handshake. */
- secStatus = SSL_ReHandshake(sslSocket, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ReHandshake");
- return SECFailure;
- }
-
- /* Force the handshake to complete before moving on. */
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* Function: writeDataToSocket
- *
- * Purpose: Write the client's request back to the socket. If the client
- * requested a file, dump it to the socket.
- *
- */
-SECStatus
-writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName)
-{
- int headerLength;
- int numBytes;
- char messageBuffer[120];
- PRFileDesc *local_file_fd = NULL;
- char header[] = "
";
-
- headerLength = PORT_Strlen(defaultHeader);
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, header, PORT_Strlen(header));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- if (fileName) {
- PRFileInfo info;
- PRStatus prStatus;
-
- /* Try to open the local file named.
- * If successful, then write it to the client.
- */
- prStatus = PR_GetFileInfo(fileName, &info);
- if (prStatus != PR_SUCCESS ||
- info.type != PR_FILE_FILE ||
- info.size < 0) {
- PORT_Free(fileName);
- /* Maybe a GET not sent from client.c? */
- goto writerequest;
- }
-
- local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
- if (local_file_fd == NULL) {
- PORT_Free(fileName);
- goto writerequest;
- }
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Transmit the local file prepended by the default header
- * across the socket.
- */
- numBytes = PR_TransmitFile(sslSocket, local_file_fd,
- defaultHeader, headerLength,
- PR_TRANSMITFILE_KEEP_OPEN,
- PR_INTERVAL_NO_TIMEOUT);
-
- /* Error in transmission. */
- if (numBytes < 0) {
- errWarn("PR_TransmitFile");
- /*
- i = PORT_Strlen(errString);
- PORT_Memcpy(buf, errString, i);
- */
- /* Transmitted bytes successfully. */
- } else {
- numBytes -= headerLength;
- fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n",
- numBytes, fileName);
- }
-
- PORT_Free(fileName);
- PR_Close(local_file_fd);
- }
-
-writerequest:
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write the buffer data to the socket. */
- if (buffer->index <= 0) {
- /* Reached the EOF. Report incomplete transaction to socket. */
- PORT_Sprintf(messageBuffer,
- "GET or POST incomplete after %d bytes.\r\n",
- buffer->dataEnd);
- numBytes = PR_Write(sslSocket, messageBuffer,
- PORT_Strlen(messageBuffer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- } else {
- /* Display the buffer data. */
- fwrite(buffer->data, 1, buffer->index, stdout);
- /* Write the buffer data to the socket. */
- numBytes = PR_Write(sslSocket, buffer->data, buffer->index);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- /* Display security information for the socket. */
- printSecurityInfo(sslSocket);
- /* Write any discarded data out to the socket. */
- if (buffer->index < buffer->dataEnd) {
- PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n",
- buffer->dataEnd - buffer->index);
- numBytes = PR_Write(sslSocket, buffer->data,
- PORT_Strlen(buffer->data));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- }
- }
-
- /* Write a footer to the socket. */
- numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write a link to the socket. */
- numBytes = PR_Write(sslSocket, link, PORT_Strlen(link));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Complete the HTTP transaction. */
- numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECSuccess;
-
-loser:
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECFailure;
-}
-
-/* Function: int handle_connection()
- *
- * Purpose: Thread to handle a connection to a socket.
- *
- */
-SECStatus
-handle_connection(void *tcp_sock, int requestCert)
-{
- PRFileDesc * tcpSocket = (PRFileDesc *)tcp_sock;
- PRFileDesc * sslSocket = NULL;
- SECStatus secStatus = SECFailure;
- PRStatus prStatus;
- PRSocketOptionData socketOption;
- DataBuffer buffer;
- char * fileName = NULL;
-
- /* Initialize the data buffer. */
- memset(buffer.data, 0, BUFFER_SIZE);
- buffer.remaining = BUFFER_SIZE;
- buffer.index = 0;
- buffer.dataStart = 0;
- buffer.dataEnd = 0;
-
- /* Make sure the socket is blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcpSocket, &socketOption);
-
- sslSocket = setupSSLSocket(tcpSocket, requestCert);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- goto cleanup;
- }
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
-
- /* Read data from the socket, parse it for HTTP content.
- * If the user is requesting/requiring authentication, authenticate
- * the socket. Then write the result back to the socket. */
- fprintf(stdout, "\nReading data from socket...\n\n");
- secStatus = readDataFromSocket(sslSocket, &buffer, &fileName);
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- if (requestCert >= REQUEST_CERT_ALL) {
- fprintf(stdout, "\nAuthentication requested.\n\n");
- secStatus = authenticateSocket(sslSocket,
- (requestCert == REQUIRE_CERT_ALL));
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- }
-
- fprintf(stdout, "\nWriting data to socket...\n\n");
- secStatus = writeDataToSocket(sslSocket, &buffer, fileName);
-
-cleanup:
-
- /* Close down the socket. */
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
-
- return secStatus;
-}
-
-/* Function: int accept_connection()
- *
- * Purpose: Thread to accept a connection to the socket.
- *
- */
-SECStatus
-accept_connection(void *listener, int requestCert)
-{
- PRFileDesc *listenSocket = (PRFileDesc*)listener;
- PRNetAddr addr;
- PRStatus prStatus;
-
- /* XXX need an SSL socket here? */
- while (!stopping) {
- PRFileDesc *tcpSocket;
- SECStatus result;
-
- fprintf(stderr, "\n\n\nAbout to call accept.\n");
-
- /* Accept a connection to the socket. */
- tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (tcpSocket == NULL) {
- errWarn("PR_Accept");
- break;
- }
-
- /* Accepted the connection, now handle it. */
- result = launch_thread(&threadMGR, handle_connection,
- tcpSocket, requestCert);
-
- if (result != SECSuccess) {
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- break;
- }
- }
-
- fprintf(stderr, "Closing listen socket.\n");
-
- prStatus = PR_Close(listenSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- return SECSuccess;
-}
-
-/* Function: void server_main()
- *
- * Purpose: This is the server's main function. It configures a socket
- * and listens to it.
- *
- */
-void
-server_main(
- unsigned short port,
- int requestCert,
- SECKEYPrivateKey * privKey,
- CERTCertificate * cert,
- PRBool disableSSL3)
-{
- SECStatus secStatus;
- PRStatus prStatus;
- PRFileDesc * listenSocket;
- PRNetAddr addr;
- PRSocketOptionData socketOption;
-
- /* Create a new socket. */
- listenSocket = PR_NewTCPSocket();
- if (listenSocket == NULL) {
- exitErr("PR_NewTCPSocket");
- }
-
- /* Set socket to be blocking -
- * on some platforms the default is nonblocking.
- */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(listenSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_SetSocketOption");
- }
-
- /* This cipher is not on by default. The Acceptance test
- * would like it to be. Turn this cipher on.
- */
- secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
- if (secStatus != SECSuccess) {
- exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
- }
-
- /* Configure the network connection. */
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
-
- /* Bind the address to the listener socket. */
- prStatus = PR_Bind(listenSocket, &addr);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Bind");
- }
-
- /* Listen for connection on the socket. The second argument is
- * the maximum size of the queue for pending connections.
- */
- prStatus = PR_Listen(listenSocket, 5);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Listen");
- }
-
- /* Launch thread to handle connections to the socket. */
- secStatus = launch_thread(&threadMGR, accept_connection,
- listenSocket, requestCert);
- if (secStatus != SECSuccess) {
- PR_Close(listenSocket);
- } else {
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
- }
-}
-
-/* Function: int main()
- *
- * Purpose: Parses command arguments and configures SSL server.
- *
- */
-int
-main(int argc, char **argv)
-{
- char * progName = NULL;
- char * nickName = NULL;
- char * cipherString = NULL;
- char * dir = ".";
- int requestCert = 0;
- unsigned short port = 0;
- SECStatus secStatus;
- PRBool disableSSL3 = PR_FALSE;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Zero out the thread manager. */
- PORT_Memset(&threadMGR, 0, sizeof(threadMGR));
-
- progName = PL_strdup(argv[0]);
-
- optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case '3': disableSSL3 = PR_TRUE; break;
- case 'F': requestCert = REQUIRE_CERT_ALL; break;
- case 'R': requestCert = REQUEST_CERT_ALL; break;
- case 'c': cipherString = PL_strdup(optstate->value); break;
- case 'd': dir = PL_strdup(optstate->value); break;
- case 'f': requestCert = REQUIRE_CERT_ONCE; break;
- case 'n': nickName = PL_strdup(optstate->value); break;
- case 'p': port = PORT_Atoi(optstate->value); break;
- case 'r': requestCert = REQUEST_CERT_ONCE; break;
- case 'w': password = PL_strdup(optstate->value); break;
- default:
- case '?': Usage(progName);
- }
- }
-
- if (nickName == NULL || port == 0)
- Usage(progName);
-
- /* Call the NSPR initialization routines. */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* Set the cert database password callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize NSS. */
- secStatus = NSS_Init(dir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* Set the policy for this server (REQUIRED - no default). */
- secStatus = NSS_SetDomesticPolicy();
- if (secStatus != SECSuccess) {
- exitErr("NSS_SetDomesticPolicy");
- }
-
- /* XXX keep this? */
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- if (status != SECSuccess)
- errWarn("SSL_CipherPrefSetDefault()");
- }
- }
- }
-
- /* Get own certificate and private key. */
- cert = PK11_FindCertFromNickname(nickName, password);
- if (cert == NULL) {
- exitErr("PK11_FindCertFromNickname");
- }
-
- privKey = PK11_FindKeyByAnyCert(cert, password);
- if (privKey == NULL) {
- exitErr("PK11_FindKeyByAnyCert");
- }
-
- /* Configure the server's cache for a multi-process application
- * using default timeout values (24 hrs) and directory location (/tmp).
- */
- SSL_ConfigMPServerSIDCache(256, 0, 0, NULL);
-
- /* Launch server. */
- server_main(port, requestCert, privKey, cert, disableSSL3);
-
- /* Shutdown NSS and exit NSPR gracefully. */
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn
deleted file mode 100644
index 50ec860c7f..0000000000
--- a/security/nss/cmd/SSLsample/server.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-EXPORTS =
-
-CSRCS = server.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = server
-
-REQUIRES = dbm
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h
deleted file mode 100644
index aa64dc4d65..0000000000
--- a/security/nss/cmd/SSLsample/sslerror.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include
-#include
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SSL_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = (PRInt32)0x80000000;
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
deleted file mode 100644
index 422d453de5..0000000000
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ /dev/null
@@ -1,594 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "sslsample.h"
-#include "sslerror.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- -1, /* SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA a */
- -1, /* SSL_FORTEZZA_DMS_WITH_RC4_128_SHA * b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- -1, /* SSL_FORTEZZA_DMS_WITH_NULL_SHA, * h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- 0
-};
-
-/**************************************************************************
-**
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- *
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PORT_Strdup((char *)arg);
- }
-
- return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- *
- * Note: This implementation is essentially the same as the default
- * SSL_AuthCertificate().
- */
-SECStatus
-myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer)
-{
-
- SECCertUsage certUsage;
- CERTCertificate * cert;
- void * pinArg;
- char * hostName;
- SECStatus secStatus;
-
- if (!arg || !socket) {
- errWarn("myAuthCertificate");
- return SECFailure;
- }
-
- /* Define how the cert is being used based upon the isServer flag. */
-
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- cert = SSL_PeerCertificate(socket);
-
- pinArg = SSL_RevealPinArg(socket);
-
- secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
- cert,
- checksig,
- certUsage,
- pinArg);
-
- /* If this is a server, we're finished. */
- if (isServer || secStatus != SECSuccess) {
- CERT_DestroyCertificate(cert);
- return secStatus;
- }
-
- /* Certificate is OK. Since this is the client side of an SSL
- * connection, we need to verify that the name field in the cert
- * matches the desired hostname. This is our defense against
- * man-in-the-middle attacks.
- */
-
- /* SSL_RevealURL returns a hostName, not an URL. */
- hostName = SSL_RevealURL(socket);
-
- if (hostName && hostName[0]) {
- secStatus = CERT_VerifyCertName(cert, hostName);
- } else {
- PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
- secStatus = SECFailure;
- }
-
- if (hostName)
- PR_Free(hostName);
-
- CERT_DestroyCertificate(cert);
- return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the
- * request.
- */
-SECStatus
-myBadCertHandler(void *arg, PRFileDesc *socket)
-{
-
- SECStatus secStatus = SECFailure;
- PRErrorCode err;
-
- /* log invalid cert here */
-
- if (!arg) {
- return secStatus;
- }
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- /* If any of the cases in the switch are met, then we will proceed */
- /* with the processing of the request anyway. Otherwise, the default */
- /* case will be reached and we will reject the request. */
-
- switch (err) {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- secStatus = SECSuccess;
- break;
- default:
- secStatus = SECFailure;
- break;
- }
-
- printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err));
-
- return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate
- * information upon server request.
- */
-SECStatus
-myGetClientAuthData(void *arg,
- PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
-
- CERTCertificate * cert;
- SECKEYPrivateKey * privKey;
- char * chosenNickName = (char *)arg;
- void * proto_win = NULL;
- SECStatus secStatus = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if (cert) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- secStatus = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no nickname given, automatically find the right cert */
- CERTCertNicknames *names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
-
- if (names != NULL) {
- for(i = 0; i < names->numnicknames; i++ ) {
-
- cert = PK11_FindCertFromNickname(names->nicknames[i],
- proto_win);
- if (!cert) {
- continue;
- }
-
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
- != secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
-
- secStatus = NSS_CmpCertChainWCANames(cert, caNames);
- if (secStatus == SECSuccess) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- break;
- }
- secStatus = SECFailure;
- break;
- }
- } /* for loop */
- CERT_FreeNicknames(names);
- }
- }
-
- if (secStatus == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privKey;
- }
-
- return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus
-myHandshakeCallback(PRFileDesc *socket, void *arg)
-{
- printf("Handshake has completed, ready to send data securely.\n");
- return SECSuccess;
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/**************************************************************************
-**
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
- PRErrorCode errorNumber = PR_GetError();
- const char * errorString = SSL_Strerror(errorNumber);
-
- printf("Error in function %s: %d\n - %s\n",
- function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
- errWarn(function);
- /* Exit gracefully. */
- /* ignoring return value of NSS_Shutdown as code exits with 1*/
- (void) NSS_Shutdown();
- PR_Cleanup();
- exit(1);
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- char * cp; /* bulk cipher name */
- char * ip; /* cert issuer DN */
- char * sp; /* cert subject DN */
- int op; /* High, Low, Off */
- int kp0; /* total key bits */
- int kp1; /* secret key bits */
- int result;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
- result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
- if (result != SECSuccess)
- return;
- printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
- "subject DN: %s\n"
- "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip);
- PR_Free(cp);
- PR_Free(ip);
- PR_Free(sp);
-
- printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
- GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
- perThread *slot = &threadMGR->threads[threadMGR->index];
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadMGR->threadLock);
- PR_Unlock(threadMGR->threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
- PR_Lock(threadMGR->threadLock);
- slot->running = rs_zombie;
-
- /* notify the thread exit handler. */
- PR_NotifyCondVar(threadMGR->threadEndQ);
-
- PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc,
- void *a,
- int b)
-{
- perThread *slot;
- int i;
-
- if (!threadMGR->threadStartQ) {
- threadMGR->threadLock = PR_NewLock();
- threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
- threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock);
- }
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning >= MAX_THREADS) {
- PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_idle)
- break;
- }
- if (i >= threadMGR->numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadMGR->threadLock);
- return SECFailure;
- }
- ++(threadMGR->numUsed);
- PORT_Assert(threadMGR->numUsed == i + 1);
- slot = &threadMGR->threads[i];
- }
-
- slot->a = a;
- slot->b = b;
- slot->startFunc = startFunc;
-
- threadMGR->index = i;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, threadMGR,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_JOINABLE_THREAD, 0);
-
- if (slot->prThread == NULL) {
- PR_Unlock(threadMGR->threadLock);
- printf("Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++(threadMGR->numRunning);
- PR_Unlock(threadMGR->threadLock);
- printf("Launched thread in slot %d \n", threadMGR->index);
-
- return SECSuccess;
-}
-
-SECStatus
-reap_threads(GlobalThreadMgr *threadMGR)
-{
- perThread * slot;
- int i;
-
- if (!threadMGR->threadLock)
- return 0;
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning > 0) {
- PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_zombie) {
- /* Handle cleanup of thread here. */
- printf("Thread in slot %d returned %d\n", i, slot->rv);
-
- /* Now make sure the thread has ended OK. */
- PR_JoinThread(slot->prThread);
- slot->running = rs_idle;
- --threadMGR->numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadMGR->threadStartQ);
- }
- }
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running != rs_idle) {
- fprintf(stderr, "Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadMGR->threadLock);
- return 0;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
- PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
- if (threadMGR->threadEndQ) {
- PR_DestroyCondVar(threadMGR->threadEndQ);
- threadMGR->threadEndQ = NULL;
- }
- if (threadMGR->threadStartQ) {
- PR_DestroyCondVar(threadMGR->threadStartQ);
- threadMGR->threadStartQ = NULL;
- }
- if (threadMGR->threadLock) {
- PR_DestroyLock(threadMGR->threadLock);
- threadMGR->threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h
deleted file mode 100644
index f1ce3a6196..0000000000
--- a/security/nss/cmd/SSLsample/sslsample.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include
-#include
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
- char data[BUFFER_SIZE];
- int index;
- int remaining;
- int dataStart;
- int dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(PRFileDesc *fd);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- int b;
- int rv;
- startFn *startFunc;
- PRThread *prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
- PRLock *threadLock;
- PRCondVar *threadStartQ;
- PRCondVar *threadEndQ;
- perThread threads[MAX_THREADS];
- int index;
- int numUsed;
- int numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: SSL sample server\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#endif
diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile
deleted file mode 100644
index fe7991878f..0000000000
--- a/security/nss/cmd/addbuiltin/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c
deleted file mode 100644
index 94de6f4907..0000000000
--- a/security/nss/cmd/addbuiltin/addbuiltin.c
+++ /dev/null
@@ -1,389 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Tool for converting builtin CA certs.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "nss.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-#if defined(WIN32)
-#include
-#include
-#endif
-
-void dumpbytes(unsigned char *buf, int len)
-{
- int i;
- for (i=0; i < len; i++) {
- if ((i !=0) && ((i & 0xf) == 0)) {
- printf("\n");
- }
- printf("\\%03o",buf[i]);
- }
- printf("\n");
-}
-
-char *getTrustString(unsigned int trust)
-{
- if (trust & CERTDB_TRUSTED) {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
- } else {
- return "CKT_NETSCAPE_TRUSTED";
- }
- } else {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
- } else {
- return "CKT_NETSCAPE_VALID";
- }
- }
- return "CKT_NETSCAPE_VALID"; /* not reached */
-}
-
-static const SEC_ASN1Template serialTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(CERTCertificate,serialNumber) },
- { 0 }
-};
-
-static SECStatus
-ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
-{
- SECStatus rv = SECSuccess;
- CERTCertificate *cert;
- unsigned char sha1_hash[SHA1_LENGTH];
- unsigned char md5_hash[MD5_LENGTH];
- SECItem *serial = NULL;
-
- cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
- if (!cert) {
- return SECFailure;
- }
- serial = SEC_ASN1EncodeItem(NULL,NULL,cert,serialTemplate);
- if (!serial) {
- return SECFailure;
- }
-
- printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
- printf("CKA_SUBJECT MULTILINE_OCTAL\n");
- dumpbytes(cert->derSubject.data,cert->derSubject.len);
- printf("END\n");
- printf("CKA_ID UTF8 \"0\"\n");
- printf("CKA_ISSUER MULTILINE_OCTAL\n");
- dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
- printf("END\n");
- printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
- dumpbytes(serial->data,serial->len);
- printf("END\n");
- printf("CKA_VALUE MULTILINE_OCTAL\n");
- dumpbytes(sdder->data,sdder->len);
- printf("END\n");
-
- PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
- PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
- printf("\n# Trust for Certificate \"%s\"\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
- dumpbytes(sha1_hash,SHA1_LENGTH);
- printf("END\n");
- printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
- dumpbytes(md5_hash,MD5_LENGTH);
- printf("END\n");
-
- printf("CKA_ISSUER MULTILINE_OCTAL\n");
- dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
- printf("END\n");
- printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
- dumpbytes(serial->data,serial->len);
- printf("END\n");
-
- printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
- getTrustString(trust->sslFlags));
- printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
- getTrustString(trust->emailFlags));
- printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
- getTrustString(trust->objectSigningFlags));
-#ifdef notdef
- printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
- printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-#endif
- printf("CKA_TRUST_STEP_UP_APPROVED CK_BBOOL %s\n",
- trust->sslFlags & CERTDB_GOVT_APPROVED_CA ?
- "CK_TRUE" : "CK_FALSE");
-
-
- PORT_Free(sdder->data);
- return(rv);
-
-}
-
-void printheader() {
- printf("# \n"
-"# ***** BEGIN LICENSE BLOCK *****\n"
-"# Version: MPL 1.1/GPL 2.0/LGPL 2.1\n"
-"#\n"
-"# The contents of this file are subject to the Mozilla Public License Version\n"
-"# 1.1 (the \"License\"); you may not use this file except in compliance with\n"
-"# the License. You may obtain a copy of the License at\n"
-"# http://www.mozilla.org/MPL/\n"
-"#\n"
-"# Software distributed under the License is distributed on an \"AS IS\" basis,\n"
-"# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License\n"
-"# for the specific language governing rights and limitations under the\n"
-"# License.\n"
-"#\n"
-"# The Original Code is the Netscape security libraries..\n"
-"#\n"
-"# The Initial Developer of the Original Code is\n"
-"# Netscape Communications Corporation.\n"
-"# Portions created by the Initial Developer are Copyright (C) 1994-2000\n"
-"# the Initial Developer. All Rights Reserved.\n"
-"#\n"
-"# Contributor(s):\n"
-"#\n"
-"# Alternatively, the contents of this file may be used under the terms of\n"
-"# either the GNU General Public License Version 2 or later (the \"GPL\"), or\n"
-"# the GNU Lesser General Public License Version 2.1 or later (the \"LGPL\"),\n"
-"# in which case the provisions of the GPL or the LGPL are applicable instead\n"
-"# of those above. If you wish to allow use of your version of this file only\n"
-"# under the terms of either the GPL or the LGPL, and not to allow others to\n"
-"# use your version of this file under the terms of the MPL, indicate your\n"
-"# decision by deleting the provisions above and replace them with the notice\n"
-"# and other provisions required by the GPL or the LGPL. If you do not delete\n"
-"# the provisions above, a recipient may use your version of this file under\n"
-"# the terms of any one of the MPL, the GPL or the LGPL.\n"
-"#\n"
-"# ***** END LICENSE BLOCK *****\n"
- "#\n"
- "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$\"\n"
- "\n"
- "#\n"
- "# certdata.txt\n"
- "#\n"
- "# This file contains the object definitions for the certs and other\n"
- "# information \"built into\" NSS.\n"
- "#\n"
- "# Object definitions:\n"
- "#\n"
- "# Certificates\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"
- "# CKA_SUBJECT DER+base64 (varies)\n"
- "# CKA_ID byte array (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_VALUE DER+base64 (varies)\n"
- "# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n"
- "#\n"
- "# Trust\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_CERT_HASH binary+base64 (varies)\n"
- "# CKA_EXPIRES CK_DATE (not used here)\n"
- "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n"
- "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n"
- "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n"
- "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n"
- "# (other trust attributes can be defined)\n"
- "#\n"
- "\n"
- "#\n"
- "# The object to tell NSS that this is a root list and we don't\n"
- "# have to go looking for others.\n"
- "#\n"
- "BEGINDATA\n"
- "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
- "CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n");
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr, "%s -n nickname -t trust [-i certfile]\n", progName);
- fprintf(stderr,
- "\tRead a der-encoded cert from certfile or stdin, and output\n"
- "\tit to stdout in a format suitable for the builtin root module.\n"
- "\tExample: %s -n MyCA -t \"C,C,C\" -i myca.der >> certdata.txt\n"
- "\t(pipe through atob if the cert is b64-encoded)\n", progName);
- fprintf(stderr, "%-15s nickname to assign to builtin cert.\n",
- "-n nickname");
- fprintf(stderr, "%-15s trust flags (cCTpPuw).\n", "-t trust");
- fprintf(stderr, "%-15s file to read (default stdin)\n", "-i certfile");
- exit(-1);
-}
-
-enum {
- opt_Input = 0,
- opt_Nickname,
- opt_Trust
-};
-
-static secuCommandFlag addbuiltin_options[] =
-{
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- SECStatus rv;
- char *nickname;
- char *trusts;
- char *progName;
- PRFileDesc *infile;
- CERTCertTrust trust = { 0 };
- SECItem derCert = { 0 };
-
- secuCommand addbuiltin = { 0 };
- addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
- addbuiltin.options = addbuiltin_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (!addbuiltin.options[opt_Nickname].activated &&
- !addbuiltin.options[opt_Trust].activated) {
- fprintf(stderr, "%s: you must specify both a nickname and trust.\n",
- progName);
- Usage(progName);
- }
-
- if (addbuiltin.options[opt_Input].activated) {
- infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
- if (!infile) {
- fprintf(stderr, "%s: failed to open input file.\n", progName);
- exit(1);
- }
- } else {
-#if defined(WIN32)
- /* If we're going to read binary data from stdin, we must put stdin
- ** into O_BINARY mode or else incoming \r\n's will become \n's,
- ** and latin-1 characters will be altered.
- */
-
- int smrv = _setmode(_fileno(stdin), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
- progName);
- exit(1);
- }
-#endif
- infile = PR_STDIN;
- }
-
- nickname = strdup(addbuiltin.options[opt_Nickname].arg);
- trusts = strdup(addbuiltin.options[opt_Trust].arg);
-
- NSS_NoDB_Init(NULL);
-
- rv = CERT_DecodeTrustString(&trust, trusts);
- if (rv) {
- fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
- Usage(progName);
- }
-
- SECU_FileToItem(&derCert, infile);
-
- /*printheader();*/
-
- rv = ConvertCertificate(&derCert, nickname, &trust);
- if (rv) {
- fprintf(stderr, "%s: failed to convert certificate.\n", progName);
- exit(1);
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return(SECSuccess);
-}
diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn
deleted file mode 100644
index 0729834a72..0000000000
--- a/security/nss/cmd/addbuiltin/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- addbuiltin.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd
-
-PROGRAM = addbuiltin
-
diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile
deleted file mode 100644
index 61e2cb3598..0000000000
--- a/security/nss/cmd/atob/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c
deleted file mode 100644
index e5fad05ecf..0000000000
--- a/security/nss/cmd/atob/atob.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_binary (void *arg, const unsigned char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-decode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Decoder *cx;
- int nb;
- SECStatus status = SECFailure;
- char ibuf[4096];
-
- cx = NSSBase64Decoder_Create(output_binary, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Decoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- return NSSBase64Decoder_Destroy(cx, PR_FALSE);
-
- loser:
- (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (!inFile) inFile = stdin;
- if (!outFile) {
-#if defined(WIN32)
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
-#endif
- outFile = stdout;
- }
- rv = decode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn
deleted file mode 100644
index 363cad1923..0000000000
--- a/security/nss/cmd/atob/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = atob.c
-
-PROGRAM = atob
-
diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile
deleted file mode 100644
index 115886cd75..0000000000
--- a/security/nss/cmd/bltest/Makefile
+++ /dev/null
@@ -1,86 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-# -always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-# -L/usr/lib \
-# -lposix4 \
-# $(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c
deleted file mode 100644
index 72182a1276..0000000000
--- a/security/nss/cmd/bltest/blapitest.c
+++ /dev/null
@@ -1,3570 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- * Douglas Stebila , Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include
-#include
-
-#include "blapi.h"
-#include "secrng.h"
-#include "prmem.h"
-#include "prprf.h"
-#include "prtime.h"
-#include "prsystem.h"
-#include "plstr.h"
-#include "nssb64.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "softoken.h"
-#include "nspr.h"
-#include "nss.h"
-
-#ifdef NSS_ENABLE_ECC
-#include "ecl-curve.h"
-SECStatus EC_DecodeParams(const SECItem *encodedParams,
- ECParams **ecparams);
-SECStatus EC_CopyParams(PRArenaPool *arena, ECParams *dstParams,
- const ECParams *srcParams);
-SECStatus secoid_Init(void);
-#endif
-
-/* Temporary - add debugging ouput on windows for RSA to track QA failure */
-#ifdef _WIN32
-#define TRACK_BLTEST_BUG
- char __bltDBG[] = "BLTEST DEBUG";
-#endif
-
-char *progName;
-char *testdir = NULL;
-
-#define BLTEST_DEFAULT_CHUNKSIZE 4096
-
-#define WORDSIZE sizeof(unsigned long)
-
-#define CHECKERROR(rv, ln) \
- if (rv) { \
- PRErrorCode prerror = PR_GetError(); \
- PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \
- prerror, SECU_Strerror(prerror), ln); \
- exit(-1); \
- }
-
-/* Macros for performance timing. */
-#define TIMESTART() \
- time1 = PR_IntervalNow();
-
-#define TIMEFINISH(time, reps) \
- time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \
- time1 = PR_IntervalToMilliseconds(time2); \
- time = ((double)(time1))/reps;
-
-#define TIMEMARK(seconds) \
- time1 = PR_SecondsToInterval(seconds); \
- { \
- PRInt64 tmp, L100; \
- LL_I2L(L100, 100); \
- if (time2 == 0) { \
- time2 = 1; \
- } \
- LL_DIV(tmp, time1, time2); \
- if (tmp < 10) { \
- if (tmp == 0) { \
- opsBetweenChecks = 1; \
- } else { \
- LL_L2I(opsBetweenChecks, tmp); \
- } \
- } else { \
- opsBetweenChecks = 10; \
- } \
- } \
- time2 = time1; \
- time1 = PR_IntervalNow();
-
-#define TIMETOFINISH() \
- PR_IntervalNow() - time1 >= time2
-
-static void Usage()
-{
-#define PRINTUSAGE(subject, option, predicate) \
- fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]");
- PRINTUSAGE("", "", "[-w wordsize] [-p repetitions | -5 time_interval]");
- PRINTUSAGE("", "", "[-4 th_num]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads");
- PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)");
- PRINTUSAGE("(rsa)", "-e", "rsa public exponent");
- PRINTUSAGE("(rc5)", "-r", "number of rounds");
- PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads");
- PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-H -m mode", "Hash a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o hash]");
- PRINTUSAGE("", "", "[-b bufsize]");
- PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for hash");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads");
- PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-S -m mode", "Sign a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]");
- PRINTUSAGE("", "", "[-b bufsize]");
-#ifdef NSS_ENABLE_ECC
- PRINTUSAGE("", "", "[-n curvename]");
-#endif
- PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for signature");
- PRINTUSAGE("", "-k", "file which contains key");
-#ifdef NSS_ENABLE_ECC
- PRINTUSAGE("", "-n", "name of curve for EC key generation; one of:");
- PRINTUSAGE("", "", " sect163k1, nistk163, sect163r1, sect163r2,");
- PRINTUSAGE("", "", " nistb163, sect193r1, sect193r2, sect233k1, nistk233,");
- PRINTUSAGE("", "", " sect233r1, nistb233, sect239k1, sect283k1, nistk283,");
- PRINTUSAGE("", "", " sect283r1, nistb283, sect409k1, nistk409, sect409r1,");
- PRINTUSAGE("", "", " nistb409, sect571k1, nistk571, sect571r1, nistb571,");
- PRINTUSAGE("", "", " secp169k1, secp160r1, secp160r2, secp192k1, secp192r1,");
- PRINTUSAGE("", "", " nistp192, secp224k1, secp224r1, nistp224, secp256k1,");
- PRINTUSAGE("", "", " secp256r1, nistp256, secp384r1, nistp384, secp521r1,");
- PRINTUSAGE("", "", " nistp521, prime192v1, prime192v2, prime192v3,");
- PRINTUSAGE("", "", " prime239v1, prime239v2, prime239v3, c2pnb163v1,");
- PRINTUSAGE("", "", " c2pnb163v2, c2pnb163v3, c2pnb176v1, c2tnb191v1,");
- PRINTUSAGE("", "", " c2tnb191v2, c2tnb191v3, c2onb191v4, c2onb191v5,");
- PRINTUSAGE("", "", " c2pnb208w1, c2tnb239v1, c2tnb239v2, c2tnb239v3,");
- PRINTUSAGE("", "", " c2onb239v4, c2onb239v5, c2pnb272w1, c2pnb304w1,");
- PRINTUSAGE("", "", " c2tnb359w1, c2pnb368w1, c2tnb431r1, secp112r1,");
- PRINTUSAGE("", "", " secp112r2, secp128r1, secp128r2, sect113r1, sect113r2,");
- PRINTUSAGE("", "", " sect131r1, sect131r2");
-#endif
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads");
- PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]");
- PRINTUSAGE("", "", "[-p repetitions | -5 time_interval] [-4 th_num]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-s", "file which contains signature of input buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("", "-4", "run test in multithread mode. th_num number of parallel threads");
- PRINTUSAGE("", "-5", "run test for specified time interval(in seconds)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-N -m mode -b bufsize",
- "Create a nonce plaintext and key");
- PRINTUSAGE("", "", "[-g keysize] [-u cxreps]");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-u", "number of repetitions of context creation");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-F", "Run the FIPS self-test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test");
- fprintf(stderr, "\n");
- exit(1);
-}
-
-/* Helper functions for ascii<-->binary conversion/reading/writing */
-
-/* XXX argh */
-struct item_with_arena {
- SECItem *item;
- PRArenaPool *arena;
-};
-
-static PRInt32
-get_binary(void *arg, const unsigned char *ibuf, PRInt32 size)
-{
- struct item_with_arena *it = arg;
- SECItem *binary = it->item;
- SECItem *tmp;
- int index;
- if (binary->data == NULL) {
- tmp = SECITEM_AllocItem(it->arena, NULL, size);
- binary->data = tmp->data;
- binary->len = tmp->len;
- index = 0;
- } else {
- SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size);
- index = binary->len;
- }
- PORT_Memcpy(&binary->data[index], ibuf, size);
- return binary->len;
-}
-
-static SECStatus
-atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena)
-{
- SECStatus status;
- NSSBase64Decoder *cx;
- struct item_with_arena it;
- int len;
- binary->data = NULL;
- binary->len = 0;
- it.item = binary;
- it.arena = arena;
- len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ?
- ascii->len : ascii->len-2;
- cx = NSSBase64Decoder_Create(get_binary, &it);
- status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len);
- status = NSSBase64Decoder_Destroy(cx, PR_FALSE);
- return status;
-}
-
-static PRInt32
-output_ascii(void *arg, const char *obuf, PRInt32 size)
-{
- PRFileDesc *outfile = arg;
- PRInt32 nb = PR_Write(outfile, obuf, size);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
- return nb;
-}
-
-static SECStatus
-btoa_file(SECItem *binary, PRFileDesc *outfile)
-{
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- if (binary->len == 0)
- return SECSuccess;
- cx = NSSBase64Encoder_Create(output_ascii, outfile);
- status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(outfile, "\r\n", 2);
- return status;
-}
-
-SECStatus
-hex_from_2char(unsigned char *c2, unsigned char *byteval)
-{
- int i;
- unsigned char offset;
- *byteval = 0;
- for (i=0; i<2; i++) {
- if (c2[i] >= '0' && c2[i] <= '9') {
- offset = c2[i] - '0';
- *byteval |= offset << 4*(1-i);
- } else if (c2[i] >= 'a' && c2[i] <= 'f') {
- offset = c2[i] - 'a';
- *byteval |= (offset + 10) << 4*(1-i);
- } else if (c2[i] >= 'A' && c2[i] <= 'F') {
- offset = c2[i] - 'A';
- *byteval |= (offset + 10) << 4*(1-i);
- } else {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-char2_from_hex(unsigned char byteval, unsigned char *c2)
-{
- int i;
- unsigned char offset;
- for (i=0; i<2; i++) {
- offset = (byteval >> 4*(1-i)) & 0x0f;
- if (offset < 10) {
- c2[i] = '0' + offset;
- } else {
- c2[i] = 'A' + offset - 10;
- }
- }
- return SECSuccess;
-}
-
-void
-serialize_key(SECItem *it, int ni, PRFileDesc *file)
-{
- unsigned char len[4];
- int i;
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- cx = NSSBase64Encoder_Create(output_ascii, file);
- for (i=0; ilen >> 24) & 0xff;
- len[1] = (it->len >> 16) & 0xff;
- len[2] = (it->len >> 8) & 0xff;
- len[3] = (it->len & 0xff);
- status = NSSBase64Encoder_Update(cx, len, 4);
- status = NSSBase64Encoder_Update(cx, it->data, it->len);
- }
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(file, "\r\n", 2);
-}
-
-void
-key_from_filedata(PRArenaPool *arena, SECItem *it, int ns, int ni, SECItem *filedata)
-{
- int fpos = 0;
- int i, len;
- unsigned char *buf = filedata->data;
- for (i=0; i 0) {
- it->len = len;
- it->data = PORT_ArenaAlloc(arena, it->len);
- PORT_Memcpy(it->data, &buf[fpos], it->len);
- } else {
- it->len = 0;
- it->data = NULL;
- }
- it++;
- }
- fpos += len;
- }
-}
-
-static RSAPrivateKey *
-rsakey_from_filedata(SECItem *filedata)
-{
- RSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
- key->arena = arena;
- key_from_filedata(arena, &key->version, 0, 9, filedata);
- return key;
-}
-
-static PQGParams *
-pqg_from_filedata(SECItem *filedata)
-{
- PQGParams *pqg;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- pqg->arena = arena;
- key_from_filedata(arena, &pqg->prime, 0, 3, filedata);
- return pqg;
-}
-
-static DSAPrivateKey *
-dsakey_from_filedata(SECItem *filedata)
-{
- DSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
- key->params.arena = arena;
- key_from_filedata(arena, &key->params.prime, 0, 5, filedata);
- return key;
-}
-
-#ifdef NSS_ENABLE_ECC
-static ECPrivateKey *
-eckey_from_filedata(SECItem *filedata)
-{
- ECPrivateKey *key;
- PRArenaPool *arena;
- SECStatus rv;
- ECParams *tmpECParams = NULL;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (ECPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(ECPrivateKey));
- /* read and convert params */
- key->ecParams.arena = arena;
- key_from_filedata(arena, &key->ecParams.DEREncoding, 0, 1, filedata);
- rv = secoid_Init();
- CHECKERROR(rv, __LINE__);
- rv = EC_DecodeParams(&key->ecParams.DEREncoding, &tmpECParams);
- CHECKERROR(rv, __LINE__);
- rv = EC_CopyParams(key->ecParams.arena, &key->ecParams, tmpECParams);
- CHECKERROR(rv, __LINE__);
- rv = SECOID_Shutdown();
- CHECKERROR(rv, __LINE__);
- PORT_FreeArena(tmpECParams->arena, PR_TRUE);
- /* read key */
- key_from_filedata(arena, &key->publicValue, 1, 3, filedata);
- return key;
-}
-
-typedef struct curveNameTagPairStr {
- char *curveName;
- SECOidTag curveOidTag;
-} CurveNameTagPair;
-
-#define DEFAULT_CURVE_OID_TAG SEC_OID_SECG_EC_SECP192R1
-/* #define DEFAULT_CURVE_OID_TAG SEC_OID_SECG_EC_SECP160R1 */
-
-static CurveNameTagPair nameTagPair[] =
-{
- { "sect163k1", SEC_OID_SECG_EC_SECT163K1},
- { "nistk163", SEC_OID_SECG_EC_SECT163K1},
- { "sect163r1", SEC_OID_SECG_EC_SECT163R1},
- { "sect163r2", SEC_OID_SECG_EC_SECT163R2},
- { "nistb163", SEC_OID_SECG_EC_SECT163R2},
- { "sect193r1", SEC_OID_SECG_EC_SECT193R1},
- { "sect193r2", SEC_OID_SECG_EC_SECT193R2},
- { "sect233k1", SEC_OID_SECG_EC_SECT233K1},
- { "nistk233", SEC_OID_SECG_EC_SECT233K1},
- { "sect233r1", SEC_OID_SECG_EC_SECT233R1},
- { "nistb233", SEC_OID_SECG_EC_SECT233R1},
- { "sect239k1", SEC_OID_SECG_EC_SECT239K1},
- { "sect283k1", SEC_OID_SECG_EC_SECT283K1},
- { "nistk283", SEC_OID_SECG_EC_SECT283K1},
- { "sect283r1", SEC_OID_SECG_EC_SECT283R1},
- { "nistb283", SEC_OID_SECG_EC_SECT283R1},
- { "sect409k1", SEC_OID_SECG_EC_SECT409K1},
- { "nistk409", SEC_OID_SECG_EC_SECT409K1},
- { "sect409r1", SEC_OID_SECG_EC_SECT409R1},
- { "nistb409", SEC_OID_SECG_EC_SECT409R1},
- { "sect571k1", SEC_OID_SECG_EC_SECT571K1},
- { "nistk571", SEC_OID_SECG_EC_SECT571K1},
- { "sect571r1", SEC_OID_SECG_EC_SECT571R1},
- { "nistb571", SEC_OID_SECG_EC_SECT571R1},
- { "secp160k1", SEC_OID_SECG_EC_SECP160K1},
- { "secp160r1", SEC_OID_SECG_EC_SECP160R1},
- { "secp160r2", SEC_OID_SECG_EC_SECP160R2},
- { "secp192k1", SEC_OID_SECG_EC_SECP192K1},
- { "secp192r1", SEC_OID_SECG_EC_SECP192R1},
- { "nistp192", SEC_OID_SECG_EC_SECP192R1},
- { "secp224k1", SEC_OID_SECG_EC_SECP224K1},
- { "secp224r1", SEC_OID_SECG_EC_SECP224R1},
- { "nistp224", SEC_OID_SECG_EC_SECP224R1},
- { "secp256k1", SEC_OID_SECG_EC_SECP256K1},
- { "secp256r1", SEC_OID_SECG_EC_SECP256R1},
- { "nistp256", SEC_OID_SECG_EC_SECP256R1},
- { "secp384r1", SEC_OID_SECG_EC_SECP384R1},
- { "nistp384", SEC_OID_SECG_EC_SECP384R1},
- { "secp521r1", SEC_OID_SECG_EC_SECP521R1},
- { "nistp521", SEC_OID_SECG_EC_SECP521R1},
-
- { "prime192v1", SEC_OID_ANSIX962_EC_PRIME192V1 },
- { "prime192v2", SEC_OID_ANSIX962_EC_PRIME192V2 },
- { "prime192v3", SEC_OID_ANSIX962_EC_PRIME192V3 },
- { "prime239v1", SEC_OID_ANSIX962_EC_PRIME239V1 },
- { "prime239v2", SEC_OID_ANSIX962_EC_PRIME239V2 },
- { "prime239v3", SEC_OID_ANSIX962_EC_PRIME239V3 },
-
- { "c2pnb163v1", SEC_OID_ANSIX962_EC_C2PNB163V1 },
- { "c2pnb163v2", SEC_OID_ANSIX962_EC_C2PNB163V2 },
- { "c2pnb163v3", SEC_OID_ANSIX962_EC_C2PNB163V3 },
- { "c2pnb176v1", SEC_OID_ANSIX962_EC_C2PNB176V1 },
- { "c2tnb191v1", SEC_OID_ANSIX962_EC_C2TNB191V1 },
- { "c2tnb191v2", SEC_OID_ANSIX962_EC_C2TNB191V2 },
- { "c2tnb191v3", SEC_OID_ANSIX962_EC_C2TNB191V3 },
- { "c2onb191v4", SEC_OID_ANSIX962_EC_C2ONB191V4 },
- { "c2onb191v5", SEC_OID_ANSIX962_EC_C2ONB191V5 },
- { "c2pnb208w1", SEC_OID_ANSIX962_EC_C2PNB208W1 },
- { "c2tnb239v1", SEC_OID_ANSIX962_EC_C2TNB239V1 },
- { "c2tnb239v2", SEC_OID_ANSIX962_EC_C2TNB239V2 },
- { "c2tnb239v3", SEC_OID_ANSIX962_EC_C2TNB239V3 },
- { "c2onb239v4", SEC_OID_ANSIX962_EC_C2ONB239V4 },
- { "c2onb239v5", SEC_OID_ANSIX962_EC_C2ONB239V5 },
- { "c2pnb272w1", SEC_OID_ANSIX962_EC_C2PNB272W1 },
- { "c2pnb304w1", SEC_OID_ANSIX962_EC_C2PNB304W1 },
- { "c2tnb359v1", SEC_OID_ANSIX962_EC_C2TNB359V1 },
- { "c2pnb368w1", SEC_OID_ANSIX962_EC_C2PNB368W1 },
- { "c2tnb431r1", SEC_OID_ANSIX962_EC_C2TNB431R1 },
-
- { "secp112r1", SEC_OID_SECG_EC_SECP112R1},
- { "secp112r2", SEC_OID_SECG_EC_SECP112R2},
- { "secp128r1", SEC_OID_SECG_EC_SECP128R1},
- { "secp128r2", SEC_OID_SECG_EC_SECP128R2},
-
- { "sect113r1", SEC_OID_SECG_EC_SECT113R1},
- { "sect113r2", SEC_OID_SECG_EC_SECT113R2},
- { "sect131r1", SEC_OID_SECG_EC_SECT131R1},
- { "sect131r2", SEC_OID_SECG_EC_SECT131R2},
-};
-
-static SECKEYECParams *
-getECParams(char *curve)
-{
- SECKEYECParams *ecparams;
- SECOidData *oidData = NULL;
- SECOidTag curveOidTag = SEC_OID_UNKNOWN; /* default */
- int i, numCurves;
-
- if (curve != NULL) {
- numCurves = sizeof(nameTagPair)/sizeof(CurveNameTagPair);
- for (i = 0; ((i < numCurves) && (curveOidTag == SEC_OID_UNKNOWN));
- i++) {
- if (PL_strcmp(curve, nameTagPair[i].curveName) == 0)
- curveOidTag = nameTagPair[i].curveOidTag;
- }
- }
-
- /* Return NULL if curve name is not recognized */
- if ((curveOidTag == SEC_OID_UNKNOWN) ||
- (oidData = SECOID_FindOIDByTag(curveOidTag)) == NULL) {
- fprintf(stderr, "Unrecognized elliptic curve %s\n", curve);
- return NULL;
- }
-
- ecparams = SECITEM_AllocItem(NULL, NULL, (2 + oidData->oid.len));
-
- /*
- * ecparams->data needs to contain the ASN encoding of an object ID (OID)
- * representing the named curve. The actual OID is in
- * oidData->oid.data so we simply prepend 0x06 and OID length
- */
- ecparams->data[0] = SEC_ASN1_OBJECT_ID;
- ecparams->data[1] = oidData->oid.len;
- memcpy(ecparams->data + 2, oidData->oid.data, oidData->oid.len);
-
- return ecparams;
-}
-#endif /* NSS_ENABLE_ECC */
-
-static void
-dump_pqg(PQGParams *pqg)
-{
- SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0);
-}
-
-static void
-dump_dsakey(DSAPrivateKey *key)
-{
- dump_pqg(&key->params);
- SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
- SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
-}
-
-#ifdef NSS_ENABLE_ECC
-static void
-dump_ecp(ECParams *ecp)
-{
- /* TODO other fields */
- SECU_PrintInteger(stdout, &ecp->base, "BASE POINT:", 0);
-}
-
-static void
-dump_eckey(ECPrivateKey *key)
-{
- dump_ecp(&key->ecParams);
- SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
- SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
-}
-#endif
-
-static void
-dump_rsakey(RSAPrivateKey *key)
-{
- SECU_PrintInteger(stdout, &key->version, "VERSION:", 0);
- SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0);
- SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0);
- SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0);
- SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0);
- SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0);
- SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0);
- SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0);
- SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0);
-}
-
-typedef enum {
- bltestBase64Encoded, /* Base64 encoded ASCII */
- bltestBinary, /* straight binary */
- bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */
- bltestHexStream /* 1234abCD ... */
-} bltestIOMode;
-
-typedef struct
-{
- SECItem buf;
- SECItem pBuf;
- bltestIOMode mode;
- PRFileDesc* file;
-} bltestIO;
-
-typedef SECStatus (* bltestSymmCipherFn)(void *cx,
- unsigned char *output,
- unsigned int *outputLen,
- unsigned int maxOutputLen,
- const unsigned char *input,
- unsigned int inputLen);
-
-typedef SECStatus (* bltestPubKeyCipherFn)(void *key,
- SECItem *output,
- const SECItem *input);
-
-typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest,
- const unsigned char *src,
- uint32 src_length);
-
-typedef enum {
- bltestINVALID = -1,
- bltestDES_ECB, /* Symmetric Key Ciphers */
- bltestDES_CBC, /* . */
- bltestDES_EDE_ECB, /* . */
- bltestDES_EDE_CBC, /* . */
- bltestRC2_ECB, /* . */
- bltestRC2_CBC, /* . */
- bltestRC4, /* . */
- bltestRC5_ECB, /* . */
- bltestRC5_CBC, /* . */
- bltestAES_ECB, /* . */
- bltestAES_CBC, /* . */
- bltestRSA, /* Public Key Ciphers */
-#ifdef NSS_ENABLE_ECC
- bltestECDSA, /* . (Public Key Sig.) */
-#endif
- bltestDSA, /* . */
- bltestMD2, /* Hash algorithms */
- bltestMD5, /* . */
- bltestSHA1, /* . */
- bltestSHA256, /* . */
- bltestSHA384, /* . */
- bltestSHA512, /* . */
- NUMMODES
-} bltestCipherMode;
-
-static char *mode_strings[] =
-{
- "des_ecb",
- "des_cbc",
- "des3_ecb",
- "des3_cbc",
- "rc2_ecb",
- "rc2_cbc",
- "rc4",
- "rc5_ecb",
- "rc5_cbc",
- "aes_ecb",
- "aes_cbc",
- "rsa",
-#ifdef NSS_ENABLE_ECC
- "ecdsa",
-#endif
- /*"pqg",*/
- "dsa",
- "md2",
- "md5",
- "sha1",
- "sha256",
- "sha384",
- "sha512",
-};
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
-} bltestSymmKeyParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
- int rounds;
- int wordsize;
-} bltestRC5Params;
-
-typedef struct
-{
- bltestIO key;
- int keysizeInBits;
- RSAPrivateKey *rsakey;
-} bltestRSAParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO pqgdata;
- unsigned int j;
- bltestIO keyseed;
- bltestIO sigseed;
- bltestIO sig; /* if doing verify, have additional input */
- PQGParams *pqg;
- DSAPrivateKey *dsakey;
-} bltestDSAParams;
-
-#ifdef NSS_ENABLE_ECC
-typedef struct
-{
- bltestIO key;
- char *curveName;
- bltestIO sigseed;
- bltestIO sig; /* if doing verify, have additional input */
- ECPrivateKey *eckey;
-} bltestECDSAParams;
-#endif
-
-typedef struct
-{
- bltestIO key; /* unused */
- PRBool restart;
-} bltestHashParams;
-
-typedef union
-{
- bltestIO key;
- bltestSymmKeyParams sk;
- bltestRC5Params rc5;
- bltestRSAParams rsa;
- bltestDSAParams dsa;
-#ifdef NSS_ENABLE_ECC
- bltestECDSAParams ecdsa;
-#endif
- bltestHashParams hash;
-} bltestParams;
-
-typedef struct bltestCipherInfoStr bltestCipherInfo;
-
-struct bltestCipherInfoStr {
- PRArenaPool *arena;
- /* link to next in multithreaded test */
- bltestCipherInfo *next;
- PRThread *cipherThread;
-
- /* MonteCarlo test flag*/
- PRBool mCarlo;
- /* cipher context */
- void *cx;
- /* I/O streams */
- bltestIO input;
- bltestIO output;
- /* Cipher-specific parameters */
- bltestParams params;
- /* Cipher mode */
- bltestCipherMode mode;
- /* Cipher function (encrypt/decrypt/sign/verify/hash) */
- union {
- bltestSymmCipherFn symmkeyCipher;
- bltestPubKeyCipherFn pubkeyCipher;
- bltestHashCipherFn hashCipher;
- } cipher;
- /* performance testing */
- int repetitionsToPerfom;
- int seconds;
- int repetitions;
- int cxreps;
- double cxtime;
- double optime;
-};
-
-PRBool
-is_symmkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestDES_ECB && mode <= bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_pubkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestRSA && mode <= bltestDSA)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_hashCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestMD2 && mode <= bltestSHA512)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_sigCipher(bltestCipherMode mode)
-{
- /* change as needed! */
-#ifdef NSS_ENABLE_ECC
- if (mode >= bltestECDSA && mode <= bltestDSA)
-#else
- if (mode >= bltestDSA && mode <= bltestDSA)
-#endif
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-cipher_requires_IV(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC ||
- mode == bltestRC2_CBC || mode == bltestRC5_CBC ||
- mode == bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-SECStatus finishIO(bltestIO *output, PRFileDesc *file);
-
-SECStatus
-setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file,
- char *str, int numBytes)
-{
- SECStatus rv = SECSuccess;
- SECItem fileData;
- SECItem *in;
- unsigned char *tok;
- unsigned int i, j;
-
- if (file && (numBytes == 0 || file == PR_STDIN)) {
- /* grabbing data from a file */
- rv = SECU_FileToItem(&fileData, file);
- if (rv != SECSuccess) {
- PR_Close(file);
- return SECFailure;
- }
- in = &fileData;
- } else if (str) {
- /* grabbing data from command line */
- fileData.data = str;
- fileData.len = PL_strlen(str);
- in = &fileData;
- } else if (file) {
- /* create nonce */
- SECITEM_AllocItem(arena, &input->buf, numBytes);
- RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes);
- return finishIO(input, file);
- } else {
- return SECFailure;
- }
-
- switch (input->mode) {
- case bltestBase64Encoded:
- rv = atob(in, &input->buf, arena);
- break;
- case bltestBinary:
- if (in->data[in->len-1] == '\n') --in->len;
- if (in->data[in->len-1] == '\r') --in->len;
- SECITEM_CopyItem(arena, &input->buf, in);
- break;
- case bltestHexSpaceDelim:
- SECITEM_AllocItem(arena, &input->buf, in->len/5);
- for (i=0, j=0; ilen; i+=5, j++) {
- tok = &in->data[i];
- if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ')
- /* bad hex token */
- break;
-
- rv = hex_from_2char(&tok[2], input->buf.data + j);
- if (rv)
- break;
- }
- break;
- case bltestHexStream:
- SECITEM_AllocItem(arena, &input->buf, in->len/2);
- for (i=0, j=0; ilen; i+=2, j++) {
- tok = &in->data[i];
- rv = hex_from_2char(tok, input->buf.data + j);
- if (rv)
- break;
- }
- break;
- }
-
- if (file)
- SECITEM_FreeItem(&fileData, PR_FALSE);
- return rv;
-}
-
-SECStatus
-finishIO(bltestIO *output, PRFileDesc *file)
-{
- SECStatus rv = SECSuccess;
- PRInt32 nb;
- unsigned char byteval;
- SECItem *it;
- char hexstr[5];
- unsigned int i;
- if (output->pBuf.len > 0) {
- it = &output->pBuf;
- } else {
- it = &output->buf;
- }
- switch (output->mode) {
- case bltestBase64Encoded:
- rv = btoa_file(it, file);
- break;
- case bltestBinary:
- nb = PR_Write(file, it->data, it->len);
- rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure;
- break;
- case bltestHexSpaceDelim:
- hexstr[0] = '0';
- hexstr[1] = 'x';
- hexstr[4] = ' ';
- for (i=0; ilen; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr + 2);
- nb = PR_Write(file, hexstr, 5);
- if (rv)
- break;
- }
- PR_Write(file, "\n", 1);
- break;
- case bltestHexStream:
- for (i=0; ilen; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr);
- if (rv)
- break;
- nb = PR_Write(file, hexstr, 2);
- }
- PR_Write(file, "\n", 1);
- break;
- }
- return rv;
-}
-
-void
-bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src)
-{
- SECITEM_CopyItem(arena, &dest->buf, &src->buf);
- if (src->pBuf.len > 0) {
- dest->pBuf.len = src->pBuf.len;
- dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data);
- }
- dest->mode = src->mode;
- dest->file = src->file;
-}
-
-void
-misalignBuffer(PRArenaPool *arena, bltestIO *io, int off)
-{
- ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- int length = io->buf.len;
- if (offset != off) {
- SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE);
- io->buf.len = length + 2*WORDSIZE; /* why doesn't realloc do this? */
- /* offset may have changed? */
- offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- if (offset != off) {
- memmove(io->buf.data + off, io->buf.data, length);
- io->pBuf.data = io->buf.data + off;
- io->pBuf.len = length;
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
-}
-
-SECStatus
-des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rsa_PublicKeyOp(void *key, SECItem *output, const SECItem *input)
-{
- return RSA_PublicKeyOp((RSAPublicKey *)key, output->data, input->data);
-}
-
-SECStatus
-rsa_PrivateKeyOp(void *key, SECItem *output, const SECItem *input)
-{
- return RSA_PrivateKeyOp((RSAPrivateKey *)key, output->data, input->data);
-}
-
-SECStatus
-dsa_signDigest(void *key, SECItem *output, const SECItem *input)
-{
- return DSA_SignDigest((DSAPrivateKey *)key, output, input);
-}
-
-SECStatus
-dsa_verifyDigest(void *key, SECItem *output, const SECItem *input)
-{
- return DSA_VerifyDigest((DSAPublicKey *)key, output, input);
-}
-
-#ifdef NSS_ENABLE_ECC
-SECStatus
-ecdsa_signDigest(void *key, SECItem *output, const SECItem *input)
-{
- return ECDSA_SignDigest((ECPrivateKey *)key, output, input);
-}
-
-SECStatus
-ecdsa_verifyDigest(void *key, SECItem *output, const SECItem *input)
-{
- return ECDSA_VerifyDigest((ECPublicKey *)key, output, input);
-}
-#endif
-
-SECStatus
-bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *desp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestDES_ECB: minorMode = NSS_DES; break;
- case bltestDES_CBC: minorMode = NSS_DES_CBC; break;
- case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break;
- case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- if (cipherInfo->cxreps > 0) {
- DESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *));
- TIMESTART();
- for (i=0; icxreps; i++) {
- dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; icxreps; i++) {
- DES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = des_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = des_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *rc2p = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestRC2_ECB: minorMode = NSS_RC2; break;
- case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC2Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *));
- TIMESTART();
- for (i=0; icxreps; i++) {
- dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; icxreps; i++) {
- RC2_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc2_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc2_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- int i;
- bltestSymmKeyParams *rc4p = &cipherInfo->params.sk;
- cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC4Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *));
- TIMESTART();
- for (i=0; icxreps; i++) {
- dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; icxreps; i++) {
- RC4_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc4_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc4_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-#if NSS_SOFTOKEN_DOES_RC5
- PRIntervalTime time1, time2;
- bltestRC5Params *rc5p = &cipherInfo->params.rc5;
- int minorMode;
- switch (cipherInfo->mode) {
- case bltestRC5_ECB: minorMode = NSS_RC5; break;
- case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break;
- default:
- return SECFailure;
- }
- TIMESTART();
- cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf,
- rc5p->rounds, rc5p->wordsize,
- rc5p->iv.buf.data, minorMode);
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = RC5_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = RC5_Decrypt;
- return SECSuccess;
-#else
- return SECFailure;
-#endif
-}
-
-SECStatus
-bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- bltestSymmKeyParams *aesp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- int keylen = aesp->key.buf.len;
- int blocklen = AES_BLOCK_SIZE;
- PRIntervalTime time1, time2;
-
- switch (cipherInfo->mode) {
- case bltestAES_ECB: minorMode = NSS_AES; break;
- case bltestAES_CBC: minorMode = NSS_AES_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- if (cipherInfo->cxreps > 0) {
- AESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *));
- TIMESTART();
- for (i=0; icxreps; i++) {
- dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; icxreps; i++) {
- AES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = aes_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = aes_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- RSAPrivateKey **dummyKey;
- PRIntervalTime time1, time2;
- bltestRSAParams *rsap = &cipherInfo->params.rsa;
- /* RSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.rsa.rsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps *
- sizeof(RSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; icxreps; i++)
- dummyKey[i] = RSA_NewKey(rsap->keysizeInBits,
- &rsap->rsakey->publicExponent);
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; icxreps; i++)
- PORT_FreeArena(dummyKey[i]->arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (encrypt) {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- RSAPublicKey *pubkey;
- RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx;
- pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena,
- sizeof(RSAPublicKey));
- pubkey->modulus.len = key->modulus.len;
- pubkey->modulus.data = key->modulus.data;
- pubkey->publicExponent.len = key->publicExponent.len;
- pubkey->publicExponent.data = key->publicExponent.data;
- cipherInfo->cx = (void *)pubkey;
- cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp;
- } else {
- cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp;
- }
- return SECSuccess;
-}
-
-SECStatus
-bltest_pqg_init(bltestDSAParams *dsap)
-{
- SECStatus rv, res;
- PQGVerify *vfy = NULL;
- rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy);
- CHECKERROR(rv, __LINE__);
- rv = PQG_VerifyParams(dsap->pqg, vfy, &res);
- CHECKERROR(res, __LINE__);
- CHECKERROR(rv, __LINE__);
- return rv;
-}
-
-SECStatus
-bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- DSAPrivateKey **dummyKey;
- PQGParams *dummypqg;
- PRIntervalTime time1, time2;
- bltestDSAParams *dsap = &cipherInfo->params.dsa;
- PQGVerify *ignore = NULL;
- /* DSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.dsa.dsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps *
- sizeof(DSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; icxreps; i++) {
- dummypqg = NULL;
- PQG_ParamGen(dsap->j, &dummypqg, &ignore);
- DSA_NewKey(dummypqg, &dummyKey[i]);
- }
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; icxreps; i++)
- PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (!dsap->pqg && dsap->pqgdata.buf.len > 0) {
- dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf);
- }
- if (!cipherInfo->cx && dsap->key.buf.len > 0) {
- cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf);
- }
- if (encrypt) {
- cipherInfo->cipher.pubkeyCipher = dsa_signDigest;
- } else {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- DSAPublicKey *pubkey;
- DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx;
- pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena,
- sizeof(DSAPublicKey));
- pubkey->params.prime.len = key->params.prime.len;
- pubkey->params.prime.data = key->params.prime.data;
- pubkey->params.subPrime.len = key->params.subPrime.len;
- pubkey->params.subPrime.data = key->params.subPrime.data;
- pubkey->params.base.len = key->params.base.len;
- pubkey->params.base.data = key->params.base.data;
- pubkey->publicValue.len = key->publicValue.len;
- pubkey->publicValue.data = key->publicValue.data;
- cipherInfo->cipher.pubkeyCipher = dsa_verifyDigest;
- }
- return SECSuccess;
-}
-
-#ifdef NSS_ENABLE_ECC
-SECStatus
-bltest_ecdsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- ECPrivateKey **dummyKey;
- PRIntervalTime time1, time2;
- bltestECDSAParams *ecdsap = &cipherInfo->params.ecdsa;
- /* ECDSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.ecdsa.eckey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (ECPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps *
- sizeof(ECPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; icxreps; i++) {
- EC_NewKey(&ecdsap->eckey->ecParams, &dummyKey[i]);
- }
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; icxreps; i++)
- PORT_FreeArena(dummyKey[i]->ecParams.arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (!cipherInfo->cx && ecdsap->key.buf.len > 0) {
- cipherInfo->cx = eckey_from_filedata(&ecdsap->key.buf);
- }
- if (encrypt) {
- cipherInfo->cipher.pubkeyCipher = ecdsa_signDigest;
- } else {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- ECPublicKey *pubkey;
- ECPrivateKey *key = (ECPrivateKey *)cipherInfo->cx;
- pubkey = (ECPublicKey *)PORT_ArenaZAlloc(key->ecParams.arena,
- sizeof(ECPublicKey));
- pubkey->ecParams.type = key->ecParams.type;
- pubkey->ecParams.fieldID.size = key->ecParams.fieldID.size;
- pubkey->ecParams.fieldID.type = key->ecParams.fieldID.type;
- pubkey->ecParams.fieldID.u.prime.len = key->ecParams.fieldID.u.prime.len;
- pubkey->ecParams.fieldID.u.prime.data = key->ecParams.fieldID.u.prime.data;
- pubkey->ecParams.fieldID.k1 = key->ecParams.fieldID.k1;
- pubkey->ecParams.fieldID.k2 = key->ecParams.fieldID.k2;
- pubkey->ecParams.fieldID.k3 = key->ecParams.fieldID.k3;
- pubkey->ecParams.curve.a.len = key->ecParams.curve.a.len;
- pubkey->ecParams.curve.a.data = key->ecParams.curve.a.data;
- pubkey->ecParams.curve.b.len = key->ecParams.curve.b.len;
- pubkey->ecParams.curve.b.data = key->ecParams.curve.b.data;
- pubkey->ecParams.curve.seed.len = key->ecParams.curve.seed.len;
- pubkey->ecParams.curve.seed.data = key->ecParams.curve.seed.data;
- pubkey->ecParams.base.len = key->ecParams.base.len;
- pubkey->ecParams.base.data = key->ecParams.base.data;
- pubkey->ecParams.order.len = key->ecParams.order.len;
- pubkey->ecParams.order.data = key->ecParams.order.data;
- pubkey->ecParams.cofactor = key->ecParams.cofactor;
- pubkey->ecParams.DEREncoding.len = key->ecParams.DEREncoding.len;
- pubkey->ecParams.DEREncoding.data = key->ecParams.DEREncoding.data;
- pubkey->ecParams.name= key->ecParams.name;
- pubkey->publicValue.len = key->publicValue.len;
- pubkey->publicValue.data = key->publicValue.data;
- cipherInfo->cipher.pubkeyCipher = ecdsa_verifyDigest;
- }
- return SECSuccess;
-}
-#endif
-
-/* XXX unfortunately, this is not defined in blapi.h */
-SECStatus
-md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- unsigned int len;
- MD2Context *cx = MD2_NewContext();
- if (cx == NULL) return SECFailure;
- MD2_Begin(cx);
- MD2_Update(cx, src, src_length);
- MD2_End(cx, dest, &len, MD2_LENGTH);
- MD2_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-SECStatus
-md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- MD2Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- SECStatus rv = SECSuccess;
- cx = MD2_NewContext();
- MD2_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD2_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD2_Flatten(cx, cxbytes);
- cx_cpy = MD2_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD2_restart failed!\n", progName);
- goto finish;
- }
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD2_End(cx, dest, &len, MD2_LENGTH);
-finish:
- MD2_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- MD5Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = MD5_NewContext();
- MD5_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD5_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD5_Flatten(cx, cxbytes);
- cx_cpy = MD5_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD5_restart failed!\n", progName);
- goto finish;
- }
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD5_End(cx, dest, &len, MD5_LENGTH);
-finish:
- MD5_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA1Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA1_NewContext();
- SHA1_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA1_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA1_Flatten(cx, cxbytes);
- cx_cpy = SHA1_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA1_restart failed!\n", progName);
- goto finish;
- }
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA1_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA1_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA256_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA256Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA256_NewContext();
- SHA256_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA256_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA256_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA256_Flatten(cx, cxbytes);
- cx_cpy = SHA256_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA256_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA256_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA256_restart failed!\n", progName);
- goto finish;
- }
- SHA256_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA256_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA256_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA384_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA384Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA384_NewContext();
- SHA384_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA384_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA384_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA384_Flatten(cx, cxbytes);
- cx_cpy = SHA384_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA384_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA384_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA384_restart failed!\n", progName);
- goto finish;
- }
- SHA384_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA384_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA384_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SHA512_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv = SECSuccess;
- SHA512Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA512_NewContext();
- SHA512_Begin(cx);
- /* divide message by 4, restarting 3 times */
- quarter = (src_length + 3)/ 4;
- for (i=0; i < 4 && src_length > 0; i++) {
- SHA512_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA512_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA512_Flatten(cx, cxbytes);
- cx_cpy = SHA512_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA512_Resurrect failed!\n", progName);
- rv = SECFailure;
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA512_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA512_restart failed!\n", progName);
- goto finish;
- }
- SHA512_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA512_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA512_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file,
-#ifdef NSS_ENABLE_ECC
- int keysize, int exponent, char *curveName)
-#else
- int keysize, int exponent)
-#endif
-{
- int i;
- SECStatus rv = SECSuccess;
- bltestRSAParams *rsap;
- bltestDSAParams *dsap;
-#ifdef NSS_ENABLE_ECC
- bltestECDSAParams *ecdsap;
- SECItem *tmpECParamsDER;
- ECParams *tmpECParams = NULL;
- SECItem ecSerialize[3];
-#endif
- switch (cipherInfo->mode) {
- case bltestRSA:
- rsap = &cipherInfo->params.rsa;
- if (keysize > 0) {
- SECItem expitem = { 0, 0, 0 };
- SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int));
- for (i = 1; i <= sizeof(int); i++)
- expitem.data[i-1] = exponent >> (8*(sizeof(int) - i));
- rsap->rsakey = RSA_NewKey(keysize * 8, &expitem);
- serialize_key(&rsap->rsakey->version, 9, file);
- rsap->keysizeInBits = keysize * 8;
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf);
- rsap->keysizeInBits = rsap->rsakey->modulus.len * 8;
- }
- break;
- case bltestDSA:
- dsap = &cipherInfo->params.dsa;
- if (keysize > 0) {
- dsap->j = PQG_PBITS_TO_INDEX(8*keysize);
- if (!dsap->pqg)
- bltest_pqg_init(dsap);
- rv = DSA_NewKey(dsap->pqg, &dsap->dsakey);
- CHECKERROR(rv, __LINE__);
- serialize_key(&dsap->dsakey->params.prime, 5, file);
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf);
- dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len);
- }
- break;
-#ifdef NSS_ENABLE_ECC
- case bltestECDSA:
- ecdsap = &cipherInfo->params.ecdsa;
- if (curveName != NULL) {
- tmpECParamsDER = getECParams(curveName);
- rv = secoid_Init();
- CHECKERROR(rv, __LINE__);
- rv = EC_DecodeParams(tmpECParamsDER, &tmpECParams) == SECFailure;
- CHECKERROR(rv, __LINE__);
- rv = EC_NewKey(tmpECParams, &ecdsap->eckey);
- CHECKERROR(rv, __LINE__);
- ecSerialize[0].type = tmpECParamsDER->type;
- ecSerialize[0].data = tmpECParamsDER->data;
- ecSerialize[0].len = tmpECParamsDER->len;
- ecSerialize[1].type = ecdsap->eckey->publicValue.type;
- ecSerialize[1].data = ecdsap->eckey->publicValue.data;
- ecSerialize[1].len = ecdsap->eckey->publicValue.len;
- ecSerialize[2].type = ecdsap->eckey->privateValue.type;
- ecSerialize[2].data = ecdsap->eckey->privateValue.data;
- ecSerialize[2].len = ecdsap->eckey->privateValue.len;
- serialize_key(&(ecSerialize[0]), 3, file);
- free(tmpECParamsDER);
- PORT_FreeArena(tmpECParams->arena, PR_TRUE);
- rv = SECOID_Shutdown();
- CHECKERROR(rv, __LINE__);
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- ecdsap->eckey = eckey_from_filedata(&cipherInfo->params.key.buf);
- }
- break;
-#endif
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRBool restart;
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_des_init(cipherInfo, encrypt);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc2_init(cipherInfo, encrypt);
- break;
- case bltestRC4:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc4_init(cipherInfo, encrypt);
- break;
- case bltestRC5_ECB:
- case bltestRC5_CBC:
-#if NSS_SOFTOKEN_DOES_RC5
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
-#endif
- return bltest_rc5_init(cipherInfo, encrypt);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_aes_init(cipherInfo, encrypt);
- break;
- case bltestRSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rsa_init(cipherInfo, encrypt);
- break;
- case bltestDSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- DSA_SIGNATURE_LEN);
- return bltest_dsa_init(cipherInfo, encrypt);
- break;
-#ifdef NSS_ENABLE_ECC
- case bltestECDSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- 2 * MAX_ECKEY_LEN);
- return bltest_ecdsa_init(cipherInfo, encrypt);
- break;
-#endif
- case bltestMD2:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD2_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf;
- return SECSuccess;
- break;
- case bltestMD5:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD5_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA1:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA1_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA256:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA256_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA256_restart
- : SHA256_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA384:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA384_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA384_restart
- : SHA384_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA512:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA512_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? SHA512_restart
- : SHA512_HashBuf;
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-dsaOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv = SECSuccess;
- int i;
- int maxLen = cipherInfo->output.pBuf.len;
- SECItem dummyOut = { 0, 0, 0 };
- SECITEM_AllocItem(NULL, &dummyOut, maxLen);
- if (cipherInfo->cipher.pubkeyCipher == dsa_signDigest) {
- if (cipherInfo->params.dsa.sigseed.buf.len > 0) {
- bltestDSAParams *dsa = &cipherInfo->params.dsa;
- DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx;
-
- TIMESTART();
- rv = DSA_SignDigestWithSeed(key,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf,
- dsa->sigseed.buf.data);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = DSA_SignDigestWithSeed(key, &dummyOut,
- &cipherInfo->input.pBuf,
- dsa->sigseed.buf.data);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = DSA_SignDigestWithSeed(key, &dummyOut,
- &cipherInfo->input.pBuf,
- dsa->sigseed.buf.data);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else {
- TIMESTART();
- rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig,
- &cipherInfo->output);
- } else {
- TIMESTART();
- rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- SECITEM_FreeItem(&dummyOut, PR_FALSE);
- return rv;
-}
-
-#ifdef NSS_ENABLE_ECC
-SECStatus
-ecdsaOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv = SECSuccess;
- int i;
- int maxLen = cipherInfo->output.pBuf.len;
- SECItem dummyOut = { 0, 0, 0 };
- SECITEM_AllocItem(NULL, &dummyOut, maxLen);
- if (cipherInfo->cipher.pubkeyCipher == ecdsa_signDigest) {
- if (cipherInfo->params.ecdsa.sigseed.buf.len > 0) {
- ECPrivateKey *key = (ECPrivateKey *)cipherInfo->cx;
- bltestECDSAParams *ecdsa = &cipherInfo->params.ecdsa;
-
- TIMESTART();
- rv = ECDSA_SignDigestWithSeed(key,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf,
- ecdsa->sigseed.buf.data,
- ecdsa->sigseed.buf.len);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = ECDSA_SignDigestWithSeed(key, &dummyOut,
- &cipherInfo->input.pBuf,
- ecdsa->sigseed.buf.data,
- ecdsa->sigseed.buf.len);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = ECDSA_SignDigestWithSeed(key, &dummyOut,
- &cipherInfo->input.pBuf,
- ecdsa->sigseed.buf.data,
- ecdsa->sigseed.buf.len);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else {
- TIMESTART();
- rv = ECDSA_SignDigest((ECPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = ECDSA_SignDigest((ECPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = ECDSA_SignDigest((ECPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- bltestCopyIO(cipherInfo->arena, &cipherInfo->params.ecdsa.sig,
- &cipherInfo->output);
- } else {
- TIMESTART();
- rv = ECDSA_VerifyDigest((ECPublicKey *)cipherInfo->cx,
- &cipherInfo->params.ecdsa.sig.buf,
- &cipherInfo->input.pBuf);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- rv = ECDSA_VerifyDigest((ECPublicKey *)cipherInfo->cx,
- &cipherInfo->params.ecdsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- rv = ECDSA_VerifyDigest((ECPublicKey *)cipherInfo->cx,
- &cipherInfo->params.ecdsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- SECITEM_FreeItem(&dummyOut, PR_FALSE);
- return rv;
-}
-#endif
-
-SECStatus
-cipherDoOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv = SECSuccess;
- int i, len;
- int maxLen = cipherInfo->output.pBuf.len;
- unsigned char *dummyOut;
- if (cipherInfo->mode == bltestDSA)
- return dsaOp(cipherInfo);
-#ifdef NSS_ENABLE_ECC
- else if (cipherInfo->mode == bltestECDSA)
- return ecdsaOp(cipherInfo);
-#endif
- dummyOut = PORT_Alloc(maxLen);
- if (is_symmkeyCipher(cipherInfo->mode)) {
- TIMESTART();
- rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx,
- cipherInfo->output.pBuf.data,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom; i++,
- cipherInfo->repetitions++) {
- (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
-
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- bltestIO *input = &cipherInfo->input;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx,
- dummyOut,
- &len, maxLen,
- input->pBuf.data,
- input->pBuf.len);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_pubkeyCipher(cipherInfo->mode)) {
- TIMESTART();
- rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- SECItem dummy;
- dummy.data = dummyOut;
- dummy.len = maxLen;
- (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- SECItem dummy;
- dummy.data = dummyOut;
- dummy.len = maxLen;
- (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, &dummy,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_hashCipher(cipherInfo->mode)) {
- TIMESTART();
- rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- cipherInfo->repetitions = 0;
- if (cipherInfo->repetitionsToPerfom != 0) {
- TIMESTART();
- for (i=0; irepetitionsToPerfom;
- i++, cipherInfo->repetitions++) {
- (*cipherInfo->cipher.hashCipher)(dummyOut,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- CHECKERROR(rv, __LINE__);
- }
- } else {
- int opsBetweenChecks = 0;
- TIMEMARK(cipherInfo->seconds);
- while (! (TIMETOFINISH())) {
- int j = 0;
- for (;j < opsBetweenChecks;j++) {
- bltestIO *input = &cipherInfo->input;
- (*cipherInfo->cipher.hashCipher)(dummyOut,
- input->pBuf.data,
- input->pBuf.len);
- CHECKERROR(rv, __LINE__);
- }
- cipherInfo->repetitions += j;
- }
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- PORT_Free(dummyOut);
- return rv;
-}
-
-SECStatus
-cipherFinish(bltestCipherInfo *cipherInfo)
-{
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC4:
- RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE);
- break;
-#endif
- case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */
- case bltestDSA: /* will be freed with it. */
-#ifdef NSS_ENABLE_ECC
- case bltestECDSA:
-#endif
- case bltestMD2: /* hash contexts are ephemeral */
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-void
-print_exponent(SECItem *exp)
-{
- int i;
- int e = 0;
- if (exp->len <= 4) {
- for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1);
- fprintf(stdout, "%12d", e);
- } else {
- e = 8*exp->len;
- fprintf(stdout, "~2**%-8d", e);
- }
-}
-
-static void
-splitToReportUnit(PRInt64 res, int *resArr, int *del, int size)
-{
- PRInt64 remaining = res, tmp = 0;
- PRInt64 Ldel;
- int i = -1;
-
- while (remaining > 0 && ++i < size) {
- LL_I2L(Ldel, del[i]);
- LL_MOD(tmp, remaining, Ldel);
- LL_L2I(resArr[i], tmp);
- LL_DIV(remaining, remaining, Ldel);
- }
-}
-
-static char*
-getHighUnitBytes(PRInt64 res)
-{
- int spl[] = {0, 0, 0, 0};
- int del[] = {1024, 1024, 1024, 1024};
- char *marks[] = {"b", "Kb", "Mb", "Gb"};
- int i = 3;
-
- splitToReportUnit(res, spl, del, 4);
-
- for (;i>0;i--) {
- if (spl[i] != 0) {
- break;
- }
- }
-
- return PR_smprintf("%d%s", spl[i], marks[i]);
-}
-
-
-static void
-printPR_smpString(const char *sformat, char *reportStr,
- const char *nformat, PRInt64 rNum)
-{
- if (reportStr) {
- fprintf(stdout, sformat, reportStr);
- PR_smprintf_free(reportStr);
- } else {
- int prnRes;
- LL_L2I(prnRes, rNum);
- fprintf(stdout, nformat, rNum);
- }
-}
-
-static char*
-getHighUnitOps(PRInt64 res)
-{
- int spl[] = {0, 0, 0, 0};
- int del[] = {1000, 1000, 1000, 1000};
- char *marks[] = {"", "T", "M", "B"};
- int i = 3;
-
- splitToReportUnit(res, spl, del, 4);
-
- for (;i>0;i--) {
- if (spl[i] != 0) {
- break;
- }
- }
-
- return PR_smprintf("%d%s", spl[i], marks[i]);
-}
-
-void
-dump_performance_info(bltestCipherInfo *infoList, double totalTimeInt,
- PRBool encrypt, PRBool cxonly)
-{
- bltestCipherInfo *info = infoList;
-
- PRInt64 totalIn = 0;
- PRBool td = PR_TRUE;
-
- int repetitions = 0;
- int cxreps = 0;
- double cxtime = 0;
- double optime = 0;
- while (info != NULL) {
- repetitions += info->repetitions;
- cxreps += info->cxreps;
- cxtime += info->cxtime;
- optime += info->optime;
- totalIn += info->input.buf.len * info->repetitions;
-
- info = info->next;
- }
- info = infoList;
-
- fprintf(stdout, "#%9s", "mode");
- fprintf(stdout, "%12s", "in");
-print_td:
- switch (info->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- case bltestAES_ECB:
- case bltestAES_CBC:
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- case bltestRC4:
- if (td)
- fprintf(stdout, "%8s", "symmkey");
- else
- fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- if (info->params.sk.key.buf.len > 0)
- printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len);
- if (info->rounds > 0)
- printf("rounds=%d,", info->params.rc5.rounds);
- if (info->wordsize > 0)
- printf("wordsize(bytes)=%d,", info->params.rc5.wordsize);
- break;
-#endif
- case bltestRSA:
- if (td) {
- fprintf(stdout, "%8s", "rsa_mod");
- fprintf(stdout, "%12s", "rsa_pe");
- } else {
- fprintf(stdout, "%8d", info->params.rsa.keysizeInBits);
- print_exponent(&info->params.rsa.rsakey->publicExponent);
- }
- break;
- case bltestDSA:
- if (td)
- fprintf(stdout, "%8s", "pqg_mod");
- else
- fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j));
- break;
-#ifdef NSS_ENABLE_ECC
- case bltestECDSA:
- if (td)
- fprintf(stdout, "%12s", "ec_curve");
- else
- fprintf(stdout, "%12s",
- ecCurve_map[info->params.ecdsa.eckey->ecParams.name]->text);
- break;
-#endif
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- default:
- break;
- }
- if (!td) {
- PRInt64 totalThroughPut;
-
- printPR_smpString("%8s", getHighUnitOps(repetitions),
- "%8d", repetitions);
-
- printPR_smpString("%8s", getHighUnitOps(cxreps), "%8d", cxreps);
-
- fprintf(stdout, "%12.3f", cxtime);
- fprintf(stdout, "%12.3f", optime);
- fprintf(stdout, "%12.03f", totalTimeInt / 1000);
-
- totalThroughPut = (PRInt64)(totalIn / totalTimeInt * 1000);
- printPR_smpString("%12s", getHighUnitBytes(totalThroughPut),
- "%12d", totalThroughPut);
-
- fprintf(stdout, "\n");
- return;
- }
-
- fprintf(stdout, "%8s", "opreps");
- fprintf(stdout, "%8s", "cxreps");
- fprintf(stdout, "%12s", "context");
- fprintf(stdout, "%12s", "op");
- fprintf(stdout, "%12s", "time(sec)");
- fprintf(stdout, "%12s", "thrgput");
- fprintf(stdout, "\n");
- fprintf(stdout, "%8s", mode_strings[info->mode]);
- fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd');
- printPR_smpString("%12s", getHighUnitBytes(totalIn), "%12d", totalIn);
-
- td = !td;
- goto print_td;
-}
-
-void
-printmodes()
-{
- bltestCipherMode mode;
- int nummodes = sizeof(mode_strings) / sizeof(char *);
- fprintf(stderr, "%s: Available modes (specify with -m):\n", progName);
- for (mode=0; modemode = ioMode;
- data->file = NULL; /* don't use -- not saving anything */
- data->pBuf.data = NULL;
- data->pBuf.len = 0;
- file = PR_Open(fn, PR_RDONLY, 00660);
- if (file)
- setupIO(arena, data, file, NULL, 0);
-}
-
-void
-get_params(PRArenaPool *arena, bltestParams *params,
- bltestCipherMode mode, int j)
-{
- char filename[256];
- char *modestr = mode_strings[mode];
-#if NSS_SOFTOKEN_DOES_RC5
- FILE *file;
- char *mark, *param, *val;
- int index = 0;
-#endif
- switch (mode) {
- case bltestDES_CBC:
- case bltestDES_EDE_CBC:
- case bltestRC2_CBC:
- case bltestAES_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary);
- case bltestDES_ECB:
- case bltestDES_EDE_ECB:
- case bltestRC2_ECB:
- case bltestRC4:
- case bltestAES_ECB:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, ¶ms->sk.key, filename, bltestBinary);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, ¶ms->sk.key, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "params", j);
- file = fopen(filename, "r");
- if (!file) return;
- param = malloc(100);
- len = fread(param, 1, 100, file);
- while (index < len) {
- mark = PL_strchr(param, '=');
- *mark = '\0';
- val = mark + 1;
- mark = PL_strchr(val, '\n');
- *mark = '\0';
- if (PL_strcmp(param, "rounds") == 0) {
- params->rc5.rounds = atoi(val);
- } else if (PL_strcmp(param, "wordsize") == 0) {
- params->rc5.wordsize = atoi(val);
- }
- index += PL_strlen(param) + PL_strlen(val) + 2;
- param = mark + 1;
- }
- break;
-#endif
- case bltestRSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, ¶ms->rsa.key, filename, bltestBase64Encoded);
- params->rsa.rsakey = rsakey_from_filedata(¶ms->key.buf);
- break;
- case bltestDSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, ¶ms->dsa.key, filename, bltestBase64Encoded);
- params->dsa.dsakey = dsakey_from_filedata(¶ms->key.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j);
- load_file_data(arena, ¶ms->dsa.pqgdata, filename,
- bltestBase64Encoded);
- params->dsa.pqg = pqg_from_filedata(¶ms->dsa.pqgdata.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j);
- load_file_data(arena, ¶ms->dsa.keyseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j);
- load_file_data(arena, ¶ms->dsa.sigseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j);
- load_file_data(arena, ¶ms->dsa.sig, filename, bltestBase64Encoded);
- break;
-#ifdef NSS_ENABLE_ECC
- case bltestECDSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, ¶ms->ecdsa.key, filename, bltestBase64Encoded);
- params->ecdsa.eckey = eckey_from_filedata(¶ms->key.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j);
- load_file_data(arena, ¶ms->ecdsa.sigseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j);
- load_file_data(arena, ¶ms->ecdsa.sig, filename, bltestBase64Encoded);
- break;
-#endif
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- case bltestSHA256:
- case bltestSHA384:
- case bltestSHA512:
- /*params->hash.restart = PR_TRUE;*/
- params->hash.restart = PR_FALSE;
- break;
- default:
- break;
- }
-}
-
-SECStatus
-verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode,
- PRBool forward, SECStatus sigstatus)
-{
- int res;
- char *modestr = mode_strings[mode];
- res = SECITEM_CompareItem(&result->pBuf, &cmp->buf);
- if (is_sigCipher(mode)) {
- if (forward) {
- if (res == 0) {
- printf("Signature self-test for %s passed.\n", modestr);
- } else {
- printf("Signature self-test for %s failed!\n", modestr);
- }
- } else {
- if (sigstatus == SECSuccess) {
- printf("Verification self-test for %s passed.\n", modestr);
- } else {
- printf("Verification self-test for %s failed!\n", modestr);
- }
- }
- return sigstatus;
- } else if (is_hashCipher(mode)) {
- if (res == 0) {
- printf("Hash self-test for %s passed.\n", modestr);
- } else {
- printf("Hash self-test for %s failed!\n", modestr);
- }
- } else {
- if (forward) {
- if (res == 0) {
- printf("Encryption self-test for %s passed.\n", modestr);
- } else {
- printf("Encryption self-test for %s failed!\n", modestr);
- }
- } else {
- if (res == 0) {
- printf("Decryption self-test for %s passed.\n", modestr);
- } else {
- printf("Decryption self-test for %s failed!\n", modestr);
- }
- }
- }
- return (res != 0);
-}
-
-static SECStatus
-blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
- PRBool encrypt, PRBool decrypt)
-{
- bltestCipherInfo cipherInfo;
- bltestIO pt, ct;
- bltestCipherMode mode;
- bltestParams *params;
- int i, j, nummodes, numtests;
- char *modestr;
- char filename[256];
- PRFileDesc *file;
- PRArenaPool *arena;
- SECItem item;
- PRBool finished;
- SECStatus rv = SECSuccess, srv;
-
- PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- cipherInfo.arena = arena;
-
- finished = PR_FALSE;
- nummodes = (numModes == 0) ? NUMMODES : numModes;
- for (i=0; i < nummodes && !finished; i++) {
- if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue;
- if (numModes > 0)
- mode = modes[i];
- else
- mode = i;
- if (mode == bltestINVALID) {
- fprintf(stderr, "%s: Skipping invalid mode.\n",progName);
- continue;
- }
- modestr = mode_strings[mode];
- cipherInfo.mode = mode;
- params = &cipherInfo.params;
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Self-Testing RSA\n", __bltDBG);
- }
-#endif
- /* get the number of tests in the directory */
- sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests");
- file = PR_Open(filename, PR_RDONLY, 00660);
- if (!file) {
- fprintf(stderr, "%s: File %s does not exist.\n", progName,filename);
- return SECFailure;
- }
- rv = SECU_FileToItem(&item, file);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Loaded data from %s\n", __bltDBG, filename);
- }
-#endif
- PR_Close(file);
- /* loop over the tests in the directory */
- numtests = 0;
- for (j=0; jmCarlo == PR_TRUE) {
- int mciter;
- for (mciter=0; mciter<10000; mciter++) {
- cipherDoOp(cipherInfo);
- memcpy(cipherInfo->input.buf.data,
- cipherInfo->output.buf.data,
- cipherInfo->input.buf.len);
- }
- } else {
- cipherDoOp(cipherInfo);
- }
- cipherFinish(cipherInfo);
-}
-
-/* bltest commands */
-enum {
- cmd_Decrypt = 0,
- cmd_Encrypt,
- cmd_FIPS,
- cmd_Hash,
- cmd_Nonce,
- cmd_Dump,
- cmd_Sign,
- cmd_SelfTest,
- cmd_Verify
-};
-
-/* bltest options */
-enum {
- opt_B64 = 0,
- opt_BufSize,
- opt_Restart,
- opt_SelfTestDir,
- opt_Exponent,
- opt_SigFile,
- opt_KeySize,
- opt_Hex,
- opt_Input,
- opt_PQGFile,
- opt_Key,
- opt_HexWSpc,
- opt_Mode,
-#ifdef NSS_ENABLE_ECC
- opt_CurveName,
-#endif
- opt_Output,
- opt_Repetitions,
- opt_ZeroBuf,
- opt_Rounds,
- opt_Seed,
- opt_SigSeedFile,
- opt_CXReps,
- opt_IV,
- opt_WordSize,
- opt_UseSeed,
- opt_UseSigSeed,
- opt_SeedFile,
- opt_InputOffset,
- opt_OutputOffset,
- opt_MonteCarlo,
- opt_ThreadNum,
- opt_SecondsToRun,
- opt_CmdLine
-};
-
-static secuCommandFlag bltest_commands[] =
-{
- { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE },
- { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag bltest_options[] =
-{
- { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE },
- { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE },
- { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE },
- { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE },
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE },
- { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE },
- { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE },
-#ifdef NSS_ENABLE_ECC
- { /* opt_CurveName */ 'n', PR_TRUE, 0, PR_FALSE },
-#endif
- { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE },
- { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE },
- { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE },
- { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE },
- { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE },
- { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE },
- { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE },
- { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE },
- { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE },
- { /* opt_MonteCarlo */ '3', PR_FALSE, 0, PR_FALSE },
- { /* opt_ThreadNum */ '4', PR_TRUE, 0, PR_FALSE },
- { /* opt_SecondsToRun */ '5', PR_TRUE, 0, PR_FALSE },
- { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- char *infileName, *outfileName, *keyfileName, *ivfileName;
- SECStatus rv = SECFailure;
-
- double totalTime;
- PRIntervalTime time1, time2;
- PRFileDesc *outfile;
- bltestCipherInfo *cipherInfoListHead, *cipherInfo;
- bltestIOMode ioMode;
- int bufsize, exponent, curThrdNum;
-#ifdef NSS_ENABLE_ECC
- char *curveName = NULL;
-#endif
- int i, commandsEntered;
- int inoff, outoff;
- int threads = 1;
-
- secuCommand bltest;
- bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag);
- bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag);
- bltest.commands = bltest_commands;
- bltest.options = bltest_options;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- rv = RNG_RNGInit();
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
- RNG_SystemInfoForRNG();
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &bltest);
- if (rv == SECFailure) {
- fprintf(stderr, "%s: command line parsing error!\n", progName);
- goto print_usage;
- }
- rv = SECFailure;
-
- cipherInfo = PORT_ZNew(bltestCipherInfo);
- cipherInfoListHead = cipherInfo;
- /* set some defaults */
- infileName = outfileName = keyfileName = ivfileName = NULL;
-
- /* Check the number of commands entered on the command line. */
- commandsEntered = 0;
- for (i=0; i 1 &&
- !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) {
- fprintf(stderr, "%s: one command at a time!\n", progName);
- goto print_usage;
- }
-
- if (commandsEntered == 0) {
- fprintf(stderr, "%s: you must enter a command!\n", progName);
- goto print_usage;
- }
-
- if (bltest.commands[cmd_Sign].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Verify].activated)
- bltest.commands[cmd_Decrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Hash].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
-
- inoff = outoff = 0;
- if (bltest.options[opt_InputOffset].activated)
- inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg);
- if (bltest.options[opt_OutputOffset].activated)
- outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg);
-
- testdir = (bltest.options[opt_SelfTestDir].activated) ?
- strdup(bltest.options[opt_SelfTestDir].arg) : ".";
-
- /*
- * Handle three simple cases first
- */
-
- /* Do BLAPI self-test */
- if (bltest.commands[cmd_SelfTest].activated) {
- PRBool encrypt = PR_TRUE, decrypt = PR_TRUE;
- /* user may specified a set of ciphers to test. parse them. */
- bltestCipherMode modesToTest[NUMMODES];
- int numModesToTest = 0;
- char *tok, *str;
- str = bltest.options[opt_Mode].arg;
- while (str) {
- tok = strchr(str, ',');
- if (tok) *tok = '\0';
- modesToTest[numModesToTest++] = get_mode(str);
- if (tok) {
- *tok = ',';
- str = tok + 1;
- } else {
- break;
- }
- }
- if (bltest.commands[cmd_Decrypt].activated &&
- !bltest.commands[cmd_Encrypt].activated)
- encrypt = PR_FALSE;
- if (bltest.commands[cmd_Encrypt].activated &&
- !bltest.commands[cmd_Decrypt].activated)
- decrypt = PR_FALSE;
- rv = blapi_selftest(modesToTest, numModesToTest, inoff, outoff,
- encrypt, decrypt);
- PORT_Free(cipherInfo);
- return rv;
- }
-
- /* Do FIPS self-test */
- if (bltest.commands[cmd_FIPS].activated) {
- CK_RV ckrv = sftk_fipsPowerUpSelfTest();
- fprintf(stdout, "CK_RV: %ld.\n", ckrv);
- PORT_Free(cipherInfo);
- if (ckrv == CKR_OK)
- return SECSuccess;
- return SECFailure;
- }
-
- /*
- * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify
- */
-
- if ((bltest.commands[cmd_Decrypt].activated ||
- bltest.commands[cmd_Verify].activated) &&
- bltest.options[opt_BufSize].activated) {
- fprintf(stderr, "%s: Cannot use a nonce as input to decrypt/verify.\n",
- progName);
- goto print_usage;
- }
-
- if (bltest.options[opt_Mode].activated) {
- cipherInfo->mode = get_mode(bltest.options[opt_Mode].arg);
- if (cipherInfo->mode == bltestINVALID) {
- goto print_usage;
- }
- } else {
- fprintf(stderr, "%s: You must specify a cipher mode with -m.\n",
- progName);
- goto print_usage;
- }
-
-
- if (bltest.options[opt_Repetitions].activated &&
- bltest.options[opt_SecondsToRun].activated) {
- fprintf(stderr, "%s: Operation time should be defined in either "
- "repetitions(-p) or seconds(-5) not both",
- progName);
- goto print_usage;
- }
-
- if (bltest.options[opt_Repetitions].activated) {
- cipherInfo->repetitionsToPerfom =
- PORT_Atoi(bltest.options[opt_Repetitions].arg);
- } else {
- cipherInfo->repetitionsToPerfom = 0;
- }
-
- if (bltest.options[opt_SecondsToRun].activated) {
- cipherInfo->seconds = PORT_Atoi(bltest.options[opt_SecondsToRun].arg);
- } else {
- cipherInfo->seconds = 0;
- }
-
-
- if (bltest.options[opt_CXReps].activated) {
- cipherInfo->cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg);
- } else {
- cipherInfo->cxreps = 0;
- }
-
- if (bltest.options[opt_ThreadNum].activated) {
- threads = PORT_Atoi(bltest.options[opt_ThreadNum].arg);
- if (threads <= 0) {
- threads = 1;
- }
- }
-
- /* Dump a file (rsakey, dsakey, etc.) */
- if (bltest.commands[cmd_Dump].activated) {
- rv = dump_file(cipherInfo->mode, bltest.options[opt_Input].arg);
- PORT_Free(cipherInfo);
- return rv;
- }
-
- /* default input mode is binary */
- ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded :
- (bltest.options[opt_Hex].activated) ? bltestHexStream :
- (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim :
- bltestBinary;
-
- if (bltest.options[opt_Exponent].activated)
- exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
- else
- exponent = 65537;
-
-#ifdef NSS_ENABLE_ECC
- if (bltest.options[opt_CurveName].activated)
- curveName = PORT_Strdup(bltest.options[opt_CurveName].arg);
- else
- curveName = NULL;
-#endif
-
- if (bltest.commands[cmd_Verify].activated &&
- !bltest.options[opt_SigFile].activated) {
- fprintf(stderr, "%s: You must specify a signature file with -f.\n",
- progName);
-
- print_usage:
- PORT_Free(cipherInfo);
- Usage();
- }
-
- if (bltest.options[opt_MonteCarlo].activated) {
- cipherInfo->mCarlo = PR_TRUE;
- } else {
- cipherInfo->mCarlo = PR_FALSE;
- }
-
- for (curThrdNum = 0;curThrdNum < threads;curThrdNum++) {
- int keysize = 0;
- PRFileDesc *file = NULL, *infile;
- bltestParams *params;
- char *instr = NULL;
- PRArenaPool *arena;
-
- if (curThrdNum > 0) {
- bltestCipherInfo *newCInfo = PORT_ZNew(bltestCipherInfo);
- if (!newCInfo) {
- fprintf(stderr, "%s: Can not allocate memory.\n", progName);
- goto exit_point;
- }
- newCInfo->mode = cipherInfo->mode;
- newCInfo->mCarlo = cipherInfo->mCarlo;
- newCInfo->repetitionsToPerfom =
- cipherInfo->repetitionsToPerfom;
- newCInfo->seconds = cipherInfo->seconds;
- newCInfo->cxreps = cipherInfo->cxreps;
- cipherInfo->next = newCInfo;
- cipherInfo = newCInfo;
- }
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- if (!arena) {
- fprintf(stderr, "%s: Can not allocate memory.\n", progName);
- goto exit_point;
- }
- cipherInfo->arena = arena;
- params = &cipherInfo->params;
-
- /* Set up an encryption key. */
- keysize = 0;
- file = NULL;
- if (is_symmkeyCipher(cipherInfo->mode)) {
- char *keystr = NULL; /* if key is on command line */
- if (bltest.options[opt_Key].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- keystr = bltest.options[opt_Key].arg;
- } else {
- file = PR_Open(bltest.options[opt_Key].arg,
- PR_RDONLY, 00660);
- }
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 8; /* use 64-bit default (DES) */
- /* save the random key for reference */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = ioMode;
- setupIO(cipherInfo->arena, ¶ms->key, file, keystr, keysize);
- if (file)
- PR_Close(file);
- } else if (is_pubkeyCipher(cipherInfo->mode)) {
- if (bltest.options[opt_Key].activated) {
- file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 64; /* use 512-bit default */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = bltestBase64Encoded;
-#ifdef NSS_ENABLE_ECC
- pubkeyInitKey(cipherInfo, file, keysize, exponent, curveName);
-#else
- pubkeyInitKey(cipherInfo, file, keysize, exponent);
-#endif
- PR_Close(file);
- }
-
- /* set up an initialization vector. */
- if (cipher_requires_IV(cipherInfo->mode)) {
- char *ivstr = NULL;
- bltestSymmKeyParams *skp;
- file = NULL;
- if (cipherInfo->mode == bltestRC5_CBC)
- skp = (bltestSymmKeyParams *)¶ms->rc5;
- else
- skp = ¶ms->sk;
- if (bltest.options[opt_IV].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- ivstr = bltest.options[opt_IV].arg;
- } else {
- file = PR_Open(bltest.options[opt_IV].arg,
- PR_RDONLY, 00660);
- }
- } else {
- /* save the random iv for reference */
- file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- memset(&skp->iv, 0, sizeof skp->iv);
- skp->iv.mode = ioMode;
- setupIO(cipherInfo->arena, &skp->iv, file, ivstr, keysize);
- if (file) {
- PR_Close(file);
- }
- }
-
- if (bltest.commands[cmd_Verify].activated) {
- file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660);
- if (cipherInfo->mode == bltestDSA) {
- memset(&cipherInfo->params.dsa.sig, 0, sizeof(bltestIO));
- cipherInfo->params.dsa.sig.mode = ioMode;
- setupIO(cipherInfo->arena, &cipherInfo->params.dsa.sig,
- file, NULL, 0);
-#ifdef NSS_ENABLE_ECC
- } else if (cipherInfo->mode == bltestECDSA) {
- memset(&cipherInfo->params.ecdsa.sig, 0, sizeof(bltestIO));
- cipherInfo->params.ecdsa.sig.mode = ioMode;
- setupIO(cipherInfo->arena, &cipherInfo->params.ecdsa.sig,
- file, NULL, 0);
-#endif
- }
- if (file) {
- PR_Close(file);
- }
- }
-
- if (bltest.options[opt_PQGFile].activated) {
- file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660);
- params->dsa.pqgdata.mode = bltestBase64Encoded;
- setupIO(cipherInfo->arena, ¶ms->dsa.pqgdata, file, NULL, 0);
- if (file) {
- PR_Close(file);
- }
- }
-
- /* Set up the input buffer */
- if (bltest.options[opt_Input].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- instr = bltest.options[opt_Input].arg;
- infile = NULL;
- } else {
- /* form file name from testdir and input arg. */
- char * filename = bltest.options[opt_Input].arg;
- if (bltest.options[opt_SelfTestDir].activated &&
- testdir && filename && filename[0] != '/') {
- filename = PR_smprintf("%s/tests/%s/%s", testdir,
- mode_strings[cipherInfo->mode],
- filename);
- if (!filename) {
- fprintf(stderr, "%s: Can not allocate memory.\n",
- progName);
- goto exit_point;
- }
- infile = PR_Open(filename, PR_RDONLY, 00660);
- PR_smprintf_free(filename);
- } else {
- infile = PR_Open(filename, PR_RDONLY, 00660);
- }
- }
- } else if (bltest.options[opt_BufSize].activated) {
- /* save the random plaintext for reference */
- char *tmpFName = PR_smprintf("tmp.in.%d", curThrdNum);
- if (!tmpFName) {
- fprintf(stderr, "%s: Can not allocate memory.\n", progName);
- goto exit_point;
- }
- infile = PR_Open(tmpFName, PR_WRONLY|PR_CREATE_FILE, 00660);
- PR_smprintf_free(tmpFName);
- } else {
- infile = PR_STDIN;
- }
- if (!infile) {
- fprintf(stderr, "%s: Failed to open input file.\n", progName);
- goto exit_point;
- }
- cipherInfo->input.mode = ioMode;
-
- /* Set up the output stream */
- if (bltest.options[opt_Output].activated) {
- /* form file name from testdir and input arg. */
- char * filename = bltest.options[opt_Output].arg;
- if (bltest.options[opt_SelfTestDir].activated &&
- testdir && filename && filename[0] != '/') {
- filename = PR_smprintf("%s/tests/%s/%s", testdir,
- mode_strings[cipherInfo->mode],
- filename);
- if (!filename) {
- fprintf(stderr, "%s: Can not allocate memory.\n", progName);
- goto exit_point;
- }
- outfile = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
- PR_smprintf_free(filename);
- } else {
- outfile = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- } else {
- outfile = PR_STDOUT;
- }
- if (!outfile) {
- fprintf(stderr, "%s: Failed to open output file.\n", progName);
- rv = SECFailure;
- goto exit_point;
- }
- cipherInfo->output.mode = ioMode;
- if (bltest.options[opt_SelfTestDir].activated && ioMode == bltestBinary)
- cipherInfo->output.mode = bltestBase64Encoded;
-
- if (is_hashCipher(cipherInfo->mode))
- cipherInfo->params.hash.restart =
- bltest.options[opt_Restart].activated;
-
- bufsize = 0;
- if (bltest.options[opt_BufSize].activated)
- bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg);
-
- /*infile = NULL;*/
- setupIO(cipherInfo->arena, &cipherInfo->input, infile, instr, bufsize);
- if (infile && infile != PR_STDIN)
- PR_Close(infile);
- misalignBuffer(cipherInfo->arena, &cipherInfo->input, inoff);
-
- cipherInit(cipherInfo, bltest.commands[cmd_Encrypt].activated);
- misalignBuffer(cipherInfo->arena, &cipherInfo->output, outoff);
- }
-
- if (!bltest.commands[cmd_Nonce].activated) {
- TIMESTART();
- cipherInfo = cipherInfoListHead;
- while (cipherInfo != NULL) {
- cipherInfo->cipherThread =
- PR_CreateThread(PR_USER_THREAD,
- ThreadExecTest,
- cipherInfo,
- PR_PRIORITY_NORMAL,
- PR_GLOBAL_THREAD,
- PR_JOINABLE_THREAD,
- 0);
- cipherInfo = cipherInfo->next;
- }
-
- cipherInfo = cipherInfoListHead;
- while (cipherInfo != NULL) {
- PR_JoinThread(cipherInfo->cipherThread);
- finishIO(&cipherInfo->output, outfile);
- cipherInfo = cipherInfo->next;
- }
- TIMEFINISH(totalTime, 1);
- }
-
- cipherInfo = cipherInfoListHead;
- if (cipherInfo->repetitions > 0 || cipherInfo->cxreps > 0 ||
- threads > 1)
- dump_performance_info(cipherInfoListHead, totalTime,
- bltest.commands[cmd_Encrypt].activated,
- (cipherInfo->repetitions == 0));
-
- rv = SECSuccess;
-
- exit_point:
- if (outfile && outfile != PR_STDOUT)
- PR_Close(outfile);
- cipherInfo = cipherInfoListHead;
- while (cipherInfo != NULL) {
- bltestCipherInfo *tmpInfo = cipherInfo;
-
- if (cipherInfo->arena)
- PORT_FreeArena(cipherInfo->arena, PR_TRUE);
- cipherInfo = cipherInfo->next;
- PORT_Free(tmpInfo);
- }
-
- /*NSS_Shutdown();*/
-
- return SECSuccess;
-}
diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn
deleted file mode 100644
index 1fd6325a78..0000000000
--- a/security/nss/cmd/bltest/manifest.mn
+++ /dev/null
@@ -1,62 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = seccmd dbm softoken
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-PROGRAM = bltest
-
- USE_STATIC_LIBS = 1
-
-EXPORTS = \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-CSRCS = \
- blapitest.c \
- $(NULL)
-
-ifdef NSS_ENABLE_ECC
-DEFINES += -DNSS_ENABLE_ECC
-endif
-
diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README
deleted file mode 100644
index 9982a2f150..0000000000
--- a/security/nss/cmd/bltest/tests/README
+++ /dev/null
@@ -1,49 +0,0 @@
-This directory contains a set of tests for each cipher supported by
-BLAPI. Each subdirectory contains known plaintext and ciphertext pairs
-(and keys and/or iv's if needed). The tests can be run as a full set
-with:
- bltest -T
-or as subsets, for example:
- bltest -T -m des_ecb,md2,rsa
-
-In each subdirectory, the plaintext, key, and iv are ascii, and treated
-as such. The ciphertext is base64-encoded to avoid the hassle of binary
-files.
-
-To add a test, incremement the value in the numtests file. Create a
-plaintext, key, and iv file, such that the name of the file is
-incrememted one from the last set of tests. For example, if you are
-adding the second test, put your data in files named plaintext1, key1,
-and iv1 (ignoring key and iv if they are not needed, of course). Make
-sure your key and iv are the correct number of bytes for your cipher (a
-trailing \n is okay, but any other trailing bytes will be used!). Once
-you have your input data, create output data by running bltest on a
-trusted implementation. For example, for a new DES ECB test, run
- bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a in the
-tests/des_ecb directory. Then run
- bltest -T des_ecb from the cmd/bltest directory in the tree of the
-implementation you want to test.
-
-Note that the -a option above is important, it tells bltest to expect
-the input to be straight ASCII, and not base64 encoded binary!
-
-Special cases:
-
-RC5:
-RC5 can take additional parameters, the number of rounds to perform and
-the wordsize to use. The number of rounds is between is between 0 and
-255, and the wordsize is either is either 16, 32, or 64 bits (at this
-time only 32-bit is supported). These parameters are specified in a
-paramsN file, where N is an index as above. The format of the file is
-"rounds=R\nwordsize=W\n".
-
-public key modes (RSA and DSA):
-Asymmetric key ciphers use keys with special properties, so creating a
-key file with "Mozilla!" in it will not get you very far! To create a
-public key, run bltest with the plaintext you want to encrypt, using a
-trusted implementation. bltest will generate a key and store it in
-"tmp.key", rename that file to keyN. For example:
- bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
- mv tmp.key key0
-
-[note: specifying a keysize (-g) when using RSA is important!]
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
deleted file mode 100644
index 040a397d75..0000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-oJLgOzZ1GiWt3DGo2sPKaA==
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/iv0 b/security/nss/cmd/bltest/tests/aes_cbc/iv0
deleted file mode 100644
index 4e65bc0347..0000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-qwertyuiopasdfgh
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/key0 b/security/nss/cmd/bltest/tests/aes_cbc/key0
deleted file mode 100644
index 13911cc29a..0000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 b/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
deleted file mode 100644
index 8d6a8d555b..0000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
deleted file mode 100644
index d6818c1d0b..0000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-PVuaCIiaKQhblgFCbVMTTg==
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/key0 b/security/nss/cmd/bltest/tests/aes_ecb/key0
deleted file mode 100644
index 13911cc29a..0000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 b/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
deleted file mode 100644
index 8d6a8d555b..0000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
deleted file mode 100644
index 61dae3192e..0000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-KV3MDNGKWOc=
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0
deleted file mode 100644
index 97b5955f78..0000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0
deleted file mode 100644
index 588efd1118..0000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
deleted file mode 100644
index 76dc820d3b..0000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-RgckVNh4QcM=
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0
deleted file mode 100644
index 588efd1118..0000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
deleted file mode 100644
index 67d2ad1aac..0000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-Perdg9FMYQ4=
diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0
deleted file mode 100644
index 97b5955f78..0000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
deleted file mode 100644
index 8be22fa5c6..0000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3bNoWzzNiFc=
diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0
deleted file mode 100644
index 8e7150562e..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==
diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0
deleted file mode 100644
index e582eeb044..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/key0
+++ /dev/null
@@ -1,6 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW
-ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv
-3hwP/HsuO0mLJgYU
diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0
deleted file mode 100644
index 6eea359dbd..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/keyseed0
+++ /dev/null
@@ -1 +0,0 @@
-AAAAAAAAAAAAAAAAAAAAAAAAAAA=
diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0
deleted file mode 100644
index f16326cccb..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/pqg0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAg==
diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/dsa/sigseed0
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/README b/security/nss/cmd/bltest/tests/ecdsa/README
deleted file mode 100644
index 764aeec810..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/README
+++ /dev/null
@@ -1,22 +0,0 @@
-0 secp160k1
-1 secp160r1
-2 secp160r2
-3 nistk163
-4 sect163r1
-5 nistb163
-6 secp192k1
-7 nistp192
-8 secp224k1
-9 nistp224
-10 nistk233
-11 nistb233
-12 nistp256
-13 nistk283
-14 nistb283
-15 nistp384
-16 nistk409
-17 nistb409
-18 nistk571
-19 nistb571
-# the following tests are not yet implemented
-#20 nistp521
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext0 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext0
deleted file mode 100644
index 14d8e0ece7..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-GoWqve3YezF7HOABQjioFL/3oq32oM9pHsGTQTJE7aFE62nItVqAdg==
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext1 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext1
deleted file mode 100644
index 4484aae614..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-PM6xHbiwP6Xcb44mg7BHtaJvd8PkxgvHAB1sh2cF0so3naFf0Tj6vQ==
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext10 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext10
deleted file mode 100644
index a956d53a61..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext10
+++ /dev/null
@@ -1,2 +0,0 @@
-AF3bbyED08NTrUgKmag9HiuUbaW0skXA/Bp9RPjRAD6M0rp3nvLDKozI940jxPP1
-nWpHF7VcyCVzJeV6
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext11 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext11
deleted file mode 100644
index 8cc2c26234..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext11
+++ /dev/null
@@ -1,2 +0,0 @@
-AOLrxy4FWd29ToUjOwLs6GyQ+dYZN6NkZ8oVO6dsAEXt55ePlCWZbOtmk6v9PrNG
-JOsY/MHnGhDeAGRl
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext12 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext12
deleted file mode 100644
index 5a05a78637..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext12
+++ /dev/null
@@ -1,2 +0,0 @@
-aQHMte9cFByD9Ff3rZOPOtPI75luPoxemmgjXIgh/9jEeoTdDk8xuAYQUkayCfs+
-DpDaGnOLkfAyZ8GcuaCujg==
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext13 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext13
deleted file mode 100644
index 690c00a715..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext13
+++ /dev/null
@@ -1,2 +0,0 @@
-AaeVCRJQPbpTqa1+zLd/8xAbkz3KKTr0dlS4tuGC8hc9j5esAeEv+7IklbA3v5Jz
-jC+nJy4p81iNO5E9H8nfGGckfQSiFzHG
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext14 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext14
deleted file mode 100644
index fe527c6256..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext14
+++ /dev/null
@@ -1,2 +0,0 @@
-AgU0N7zJPg/1UxmCWD5Z+DqDqkRKjy4heFgayCyopb/u4XErAZArgsjashAxzMKC
-PSDJasPT90T5Va8sNtjXtSpHWxc2roV9
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext15 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext15
deleted file mode 100644
index d1090942a2..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext15
+++ /dev/null
@@ -1,2 +0,0 @@
-NXo8is+7lAoOwWGt7+GBbT/UX8LGs8TXEHBI+tX9311pJ4J3pfBYobgN0ZK6ZBtp
-dS6PkrPaQp0S9nrfTOS5uAH95eD1eymRfCbOnjTUKzLuIn53V17vRjdcDtLzrhzX
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext16 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext16
deleted file mode 100644
index d5fe14482a..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext16
+++ /dev/null
@@ -1,3 +0,0 @@
-ADhxjBz/ACTy4GJlL0tYZpyNpC4DsXND9lJuU7x9N7g6gkpJyBPw3vBYU1olw6PH
-dnegpgAm4Gh6MCsZB4KBcLwl1wjt4B3p2eqEqDYn5fiie5f4XuRomvI92jR5Sb+I
-nBLCHIppt/Q=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext17 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext17
deleted file mode 100644
index 486bf664f9..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext17
+++ /dev/null
@@ -1,3 +0,0 @@
-AGhHQ6kfdZRgu1svQTXEIewvFVglnUy6ANPumyUbM14AEfRkCUNa1uzvhV1sbWYj
-qT3egQCA9MTjThDNJeDOvvL6hVVOryUv4+C3RtkpQGCtdml+CSsjVTej8h9JbMds
-Dme40b2G6fE=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext18 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext18
deleted file mode 100644
index 7eeef38118..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext18
+++ /dev/null
@@ -1,3 +0,0 @@
-AGBuqk48tufy0bKEWpu+xEHsmi+6KCfdwOSRwLDnpVetGe9AWknHDzeTSwe0QxcE
-RsEkUZGDpxfzUlCLSSSU+ErrYY/uyLV2AJTb3prB6A2YNwdmFGeRbDoxeOu7FuQA
-3gxBQhR+TGMuskeM+BdHFmFrwvTTdHCGzjTBa5S8mbgEJTfeik/it28T/9i+duZ8
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext19 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext19
deleted file mode 100644
index ef8e5f3818..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext19
+++ /dev/null
@@ -1,3 +0,0 @@
-AaiotJfCiWU1d2LFe+t0CcWHDSF7EOlApWYJ+RNRSq8TbkXJIzi6abbb7BovtRwf
-i/COYwjS7OnkFQ6x5Pdrb7OZ0dTAdDRXAKtXWSKR20Y4fhnx/HUxisFwKrsCEQ3O
-uVtwDG8rh5V8zjBnCEcs5Iy9CsklucibR0PIyglVmW+ZuY42YNebuOC2VUKqHNF7
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext2 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext2
deleted file mode 100644
index a3837a4105..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext2
+++ /dev/null
@@ -1 +0,0 @@
-Vli8Hau3xL8oder6ZdM9Y3fMd92jbguiMq6F+9CUjlUQXy5EwAVGeg==
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext20 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext20
deleted file mode 100644
index 67c99244a0..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext20
+++ /dev/null
@@ -1,3 +0,0 @@
-ALAM5hGnex7TvBbSEzDlfv+n5g7aWyRyZsBbl2Y6wW1plSovbq2GcV6w1ZV1Vlot
-70zbqkKyNApvTi3xoD4Ens6pAeLMYDILwaQhnyJZWQv3etbWqUKJZNgfH1IDj03k
-n9hbjYLX3y4bc4CnrhOiv5Ab34s7M8wUYcjC+DbHwhLl/S6N
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext3 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext3
deleted file mode 100644
index e9a480882b..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext3
+++ /dev/null
@@ -1 +0,0 @@
-AFohw5TN/dpmqbhp/T4z1Rl1boAUA6r9eEPJbYN0zf+eHZzyvezxqjxU
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext4 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext4
deleted file mode 100644
index 57ce239ab3..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext4
+++ /dev/null
@@ -1 +0,0 @@
-AtJdCPXn5yQW34jekhsnsNmaMOeeA3KIVl1d2+7pb6QycUAzYccgwSrp
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext5 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext5
deleted file mode 100644
index e476c80bfc..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext5
+++ /dev/null
@@ -1 +0,0 @@
-AzEg0sOGHwxd0o3cv+o9dsRPOzXMAdpgtI6O0uUmVN2+a5qI5FYQlItz
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext6 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext6
deleted file mode 100644
index bdea7171d0..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext6
+++ /dev/null
@@ -1 +0,0 @@
-5+HDXH/ieN8Bzxd3dfxKZoqbbhsm7jyeqWdemt6Xy0kx+7zwSYsh9Ng5KRdy6wtA
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext7 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext7
deleted file mode 100644
index 3273fd9f73..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext7
+++ /dev/null
@@ -1 +0,0 @@
-WcS9umnUASP0X6lHvkWJwPY37ZVvAMLBERHLjL3Vzg6QVjwcS8kDVortTFei3aTx
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext8 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext8
deleted file mode 100644
index 636392e435..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext8
+++ /dev/null
@@ -1,2 +0,0 @@
-ItpmPaGAaoe2feXPbh5+EASLGnEzyYbEnwJ+JFNSOQcoY4a/cMV2rn8FYyBsEDiZ
-LPDBU0i2uOg=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/ciphertext9 b/security/nss/cmd/bltest/tests/ecdsa/ciphertext9
deleted file mode 100644
index 0c43fa3d79..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/ciphertext9
+++ /dev/null
@@ -1,2 +0,0 @@
-QjzCVGRUjulOLqeBqC5xpY0GWomOrmQUCtImY0czn98a/jHrdgsSRKiMHukBUxM1
-TIRGjkV2L+A=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key0 b/security/nss/cmd/bltest/tests/ecdsa/key0
deleted file mode 100644
index 7c6d61b361..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key0
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAkAAAApBPiF0ntSFtn41JULxlA1l/lHE/zUPGJWkCqtdOryS6yD
-WFCoF/IHwHsAAAAUcw+b2b1AJUlmezgu5EjmAGPC0YQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key1 b/security/nss/cmd/bltest/tests/ecdsa/key1
deleted file mode 100644
index 049aa1edbc..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key1
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAgAAAApBI80VWK9xatmkFRiDTcdeFQ0T9h3h6iVOinMURyWZw0T
-5vZqd8/gvwwAAAAUYOQMjDdtNSL5zY0nVWPWY+UJoqQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key10 b/security/nss/cmd/bltest/tests/ecdsa/key10
deleted file mode 100644
index 3e33417143..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key10
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABoAAAA9BACmzalMQJBOWV2FoyV0tXSpT07Xajq4bB1SUwSY7QGn
-dgGC3GBqjPs9vEpqfMMQ2M9k3+5oubWnexNFhQAAAB4BRha/6sE7VSHl92ZqCj5p
-LYtBpK23jzfdVWO8SAY=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key11 b/security/nss/cmd/bltest/tests/ecdsa/key11
deleted file mode 100644
index 6111d52ad7..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key11
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABsAAAA9BAD2/x9HSYYVEQ9AU4MivlIKPypJjsm0sTrp8BftlQGv
-KaYrKpZCg/CEw3C2kqvke7HAu+10hafK9asRxQAAAB4AXyFCurtsXhahkyJpkb5J
-LUg3xVL00vviR0KyFZY=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key12 b/security/nss/cmd/bltest/tests/ecdsa/key12
deleted file mode 100644
index 491fdba1b8..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key12
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAACgYIKoZIzj0DAQcAAABBBNGB7n4kH15tKA/SMpetaQVqg6WxIuuUuMQT2tDX
-NN5jKZfaxD47NsTjTr3x3D5t1qRBYuL6VtdgIuxBIHGG9dcAAAAgaGjyZBL+LN3a
-7NkGiHJBfqh7XKNH0AnPF3vFWpostIQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key13 b/security/nss/cmd/bltest/tests/ecdsa/key13
deleted file mode 100644
index fc8057a57e..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key13
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABAAAABJBAT3klWkt7+1Pr6QGEcvEIZplopwt1alrsJUThDOxvUF
-7KvBpQLVjB+DQTwYQnEREb/WFyRgUBuIbII0+zd/g0fLHE4PQ8SNlAAAACQFPsMX
-mqSVRreUVasUOIZQFB2jnpwCUyoq+xa9SRril5LeOCY=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key14 b/security/nss/cmd/bltest/tests/ecdsa/key14
deleted file mode 100644
index 2e158236cb..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key14
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEABEAAABJBAf/ei/XCrFrMZLBp5BFkKZ3Odn+ZJu7QIAK32Ubuxmi
-xgWTewf2vv+KY5kHwsBYuBXmmnKe9Ak9zGP4Lykvgk5n5J6iUz5ycQAAACQAQHXa
-d29OqGxoDNCl9xETW3tAL/2hfZzstNuOPLm5kj4j1Dc=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key15 b/security/nss/cmd/bltest/tests/ecdsa/key15
deleted file mode 100644
index a062f1f67b..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key15
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAABwYFK4EEACIAAABhBLWMJG3t4khPYcsl3H492rAqukJ1RqJm27pqpN54rFGG
-r2VDwOfqb9tMninq8IyOh42eaaVOEPXXu4Q/ATWBEfrbTRBjTpzAE2SSPuQma0lM
-q0RSVECCgdBOKIhB0H6VxAAAADA3WPjUaMWCS9E5KbVDrEcf5CV5tCNNWJQkwjsA
-yALMCiXJqRVXwbq42WMuaELMW+g=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key16 b/security/nss/cmd/bltest/tests/ecdsa/key16
deleted file mode 100644
index d2694ae412..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key16
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAABwYFK4EEACQAAABpBADkgknFgTPuirxQxFlqIK+vcARWzlpJR+qmyRyQsBiz
-Nh6Ws036xUKY9M8LxMIWXFNM6aIA2wxKsBF+HHD6oy27EAJSJOGbke/9F9Kv5AiW
-2RXA4mllUaxCNsuQ36PqUdqv4FeXxWTpAAAANAHTZloqhR0V4bfyaeo2hojcvY3T
-NO04ewNryBpsHZ0bhID0EfewYuwQmX00GYNfuV3mJ2w=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key17 b/security/nss/cmd/bltest/tests/ecdsa/key17
deleted file mode 100644
index 30be05774d..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key17
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAABwYFK4EEACUAAABpBAAEE/bAmqCjO3FLvN93Q/UjDyDp2sj+F//buuf1hZ0K
-1rSOGXMLcBrqVa8R6UJ57F9/Yc0BCTylpJMXjfCr4eDczG4WOQk+5x8kpKQs5Q9U
-V3IolHDiQY/Nhn7o4UFn5/mF71T3qUqwAAAANAH/o7jEl9Bw+Arj9uQ7ZHkoPGgx
-t92UJg1r/lxa7UUd66iJfRI8n8yQH/sw56D1+CweeII=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key18 b/security/nss/cmd/bltest/tests/ecdsa/key18
deleted file mode 100644
index bbdcb13711..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key18
+++ /dev/null
@@ -1,5 +0,0 @@
-AAAABwYFK4EEACYAAACRBAffZTrfwIl0dciO2fui3UhZw6r+jnFh7gyER92gXL7+
-LzPgTHagd1vdQiIX4K8Dv76KN0BldiFuX5odP7qC26MUaiURDdWT0AWcPmumSSBH
-NXZYLLx5hQjW3BTNwV7v5bmUjezfgtuOCC30dQGs2GMgExAmiWRjTkiPrHg1SFKF
-3RklauOyMWauaVpEzh3c+wAAAEgAZvLs4/Rx7tS+QGH92fGGIxPWPbVYOpDKwabY
-poV2i1BD5Fxvw+eHlvxVOLmRPqRCPTfOLwAeNbHyt17U/BVZ8+svTChlzuA=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key19 b/security/nss/cmd/bltest/tests/ecdsa/key19
deleted file mode 100644
index 31b4071f2e..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key19
+++ /dev/null
@@ -1,5 +0,0 @@
-AAAABwYFK4EEACcAAACRBASpPvOfQVqiMD+cBL/nulFit5pk/5beJ6/KpeIltg4s
-6/s7PPggJA59BP7RJwak6rgY3PsRqXVPjyM/1UkUfRUR2BJgOfNTkQe9WF7Y5zXy
-TM76cWhOP+sLSoUcscy/HTLCpHqRLLvWZPDzgjrfJqSlydMEDZjWsJRVPk9IfeQ/
-amGiWOhJIQd/bSrAazZn6AAAAEgFz1qZzjHuhuP1boJ7gzndJhQslx1efbESxHSc
-wbOpeBpw2MsCAwjtgo3Y8pviFIC8+5MStkFjE8uHQ0ngXc02wm3G0xj8XGQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key2 b/security/nss/cmd/bltest/tests/ecdsa/key2
deleted file mode 100644
index f4ba6f2f2b..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key2
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAB4AAAApBGouC+vgvmItzsLO4hXn+AXi3skEE+M19o/QHLfjibbA
-p7av8F4tcGgAAAAUmpQDUgnIkiXPBs0moD4jEmJHato=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key20 b/security/nss/cmd/bltest/tests/ecdsa/key20
deleted file mode 100644
index c4da3486de..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key20
+++ /dev/null
@@ -1,5 +0,0 @@
-AAAABwYFK4EEACMAAACFBAHLMSpMFVyG6mXE7SZ5O5Bwv4d8/QiAB3BzpXkyrU1W
-jJ9O9uOYTXM+cFtF5v56+LsI4yGkaAl9+RF6lFPjrhpIswCmBmEqMBgZpjoz38my
-nLHBI9MaFF8AHkRQwD3LJLo4eSZHOVkdIvDYLwicdlgr0zD3Nf76/HB1+0DkBGqE
-MyG22gAAAEIAFah7z179UbqqdH68pzdZsP1ChXjtYZ11rBM0+HP7yLirxH3ahKTt
-DjsY19GEjz4gKsaLfLiQ1/Dp+VKVLcBKpk0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key3 b/security/nss/cmd/bltest/tests/ecdsa/key3
deleted file mode 100644
index 689e06bda5..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key3
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAEAAAArBAe4qW9DTVGRVIYYznwJZbn8mWXLugA2A+Mv112Bu+y7
-gxI8E4/fEdLTsQAAABUGEQDNcbxi0JhwALA8FCCxvmWYM3E=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key4 b/security/nss/cmd/bltest/tests/ecdsa/key4
deleted file mode 100644
index 90ecb72c6f..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key4
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAAIAAAArBAXw45Pc59l1QWmAB1W6M30lyFzQmAH/0FIFKYgEOYIa
-dnEXMwKNwaRdsQAAABUCErj052f+Rth5OxAm376LOAQyvBY=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key5 b/security/nss/cmd/bltest/tests/ecdsa/key5
deleted file mode 100644
index b9d221f8e5..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key5
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAA8AAAArBAFhm71N2wsUOYCwDNr/6rFvNX1okAbki1SNlHq2TQDO
-Bktd1M0jlApWVQAAABUCILsraWg3Qi5nBsXQ1pGmZk0YuSA=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key6 b/security/nss/cmd/bltest/tests/ecdsa/key6
deleted file mode 100644
index 92fb463dc5..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key6
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAABwYFK4EEAB8AAAAxBHOYACoc9XsLk5n8NZZKV2U9CDoMj/VRDvqbf+myloR7
-uBfVNm+uVN33Sa65phAfXQAAABitxs6KZtkqU4tglcdQ1Rmk2U74vjYP0JM=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key7 b/security/nss/cmd/bltest/tests/ecdsa/key7
deleted file mode 100644
index 83fced1844..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key7
+++ /dev/null
@@ -1,2 +0,0 @@
-AAAACgYIKoZIzj0DAQEAAAAxBOyOI+rIs3x+jsChxQqSVblnoZGqhIM1WX0FMfw+
-D8Dz6Y25iPcAQFpIAWh29FxnrgAAABh+uEQYXwMB783sULxE6PEd1t/MNZ9HSHI=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key8 b/security/nss/cmd/bltest/tests/ecdsa/key8
deleted file mode 100644
index cc7c6103b5..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key8
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEACAAAAA5BKQnZoj4VtlPqrJ5dekM4haG+7PjfgO4wNNIqD7JnrKI
-gTUd+oUQ41d517xCObyBaHNzdVPty9DvAAAAHIrG9+FE+OJV5UV2l/op7PCDPI4G
-qkpgzPIwe7U=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/key9 b/security/nss/cmd/bltest/tests/ecdsa/key9
deleted file mode 100644
index ab8f43bae6..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/key9
+++ /dev/null
@@ -1,3 +0,0 @@
-AAAABwYFK4EEACEAAAA5BGCNDWldzQCbI83PMR96tqR6JnIUpvfIO8l6hIf/QfMc
-rx2BbrSLoy6EJmP++Jyw5yNyaoVaNYl6AAAAHDnjgcUSIshTSLuejnSsvtvU363b
-1NJv4ULUbIs=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/numtests b/security/nss/cmd/bltest/tests/ecdsa/numtests
deleted file mode 100644
index aabe6ec390..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-21
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext0 b/security/nss/cmd/bltest/tests/ecdsa/plaintext0
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext1 b/security/nss/cmd/bltest/tests/ecdsa/plaintext1
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext10 b/security/nss/cmd/bltest/tests/ecdsa/plaintext10
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext10
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext11 b/security/nss/cmd/bltest/tests/ecdsa/plaintext11
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext11
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext12 b/security/nss/cmd/bltest/tests/ecdsa/plaintext12
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext12
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext13 b/security/nss/cmd/bltest/tests/ecdsa/plaintext13
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext13
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext14 b/security/nss/cmd/bltest/tests/ecdsa/plaintext14
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext14
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext15 b/security/nss/cmd/bltest/tests/ecdsa/plaintext15
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext15
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext16 b/security/nss/cmd/bltest/tests/ecdsa/plaintext16
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext16
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext17 b/security/nss/cmd/bltest/tests/ecdsa/plaintext17
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext17
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext18 b/security/nss/cmd/bltest/tests/ecdsa/plaintext18
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext18
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext19 b/security/nss/cmd/bltest/tests/ecdsa/plaintext19
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext19
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext2 b/security/nss/cmd/bltest/tests/ecdsa/plaintext2
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext2
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext20 b/security/nss/cmd/bltest/tests/ecdsa/plaintext20
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext20
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext3 b/security/nss/cmd/bltest/tests/ecdsa/plaintext3
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext3
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext4 b/security/nss/cmd/bltest/tests/ecdsa/plaintext4
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext4
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext5 b/security/nss/cmd/bltest/tests/ecdsa/plaintext5
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext5
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext6 b/security/nss/cmd/bltest/tests/ecdsa/plaintext6
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext6
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext7 b/security/nss/cmd/bltest/tests/ecdsa/plaintext7
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext7
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext8 b/security/nss/cmd/bltest/tests/ecdsa/plaintext8
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext8
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/plaintext9 b/security/nss/cmd/bltest/tests/ecdsa/plaintext9
deleted file mode 100644
index 48fbdb6fde..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/plaintext9
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed0 b/security/nss/cmd/bltest/tests/ecdsa/sigseed0
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed0
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed1 b/security/nss/cmd/bltest/tests/ecdsa/sigseed1
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed1
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed10 b/security/nss/cmd/bltest/tests/ecdsa/sigseed10
deleted file mode 100644
index 6983e5f7d6..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed10
+++ /dev/null
@@ -1 +0,0 @@
-fjIzMWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed11 b/security/nss/cmd/bltest/tests/ecdsa/sigseed11
deleted file mode 100644
index 6983e5f7d6..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed11
+++ /dev/null
@@ -1 +0,0 @@
-fjIzMWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed12 b/security/nss/cmd/bltest/tests/ecdsa/sigseed12
deleted file mode 100644
index 92aa40c82a..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed12
+++ /dev/null
@@ -1 +0,0 @@
-/jI1NmJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDk=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed13 b/security/nss/cmd/bltest/tests/ecdsa/sigseed13
deleted file mode 100644
index 4ac0765848..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed13
+++ /dev/null
@@ -1 +0,0 @@
-ATI4MWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBi
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed14 b/security/nss/cmd/bltest/tests/ecdsa/sigseed14
deleted file mode 100644
index 4ac0765848..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed14
+++ /dev/null
@@ -1 +0,0 @@
-ATI4MWJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBi
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed15 b/security/nss/cmd/bltest/tests/ecdsa/sigseed15
deleted file mode 100644
index 0975230325..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed15
+++ /dev/null
@@ -1 +0,0 @@
-/jM4NGJpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDEx
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed16 b/security/nss/cmd/bltest/tests/ecdsa/sigseed16
deleted file mode 100644
index 36fbf09513..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed16
+++ /dev/null
@@ -1 +0,0 @@
-fjQwN2JpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDExMTIx
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed17 b/security/nss/cmd/bltest/tests/ecdsa/sigseed17
deleted file mode 100644
index 36fbf09513..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed17
+++ /dev/null
@@ -1 +0,0 @@
-fjQwN2JpdHNPZlRleHQwMTAyMDMwNDA1MDYwNzA4MDkwYTBiMGMwZDBlMGYxMDExMTIx
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed18 b/security/nss/cmd/bltest/tests/ecdsa/sigseed18
deleted file mode 100644
index 7be8ce6dd9..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed18
+++ /dev/null
@@ -1,2 +0,0 @@
-PjU2NmJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz
-MTQxNTE2MTcxODE5MWExYjE=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed19 b/security/nss/cmd/bltest/tests/ecdsa/sigseed19
deleted file mode 100644
index 7be8ce6dd9..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed19
+++ /dev/null
@@ -1,2 +0,0 @@
-PjU2NmJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz
-MTQxNTE2MTcxODE5MWExYjE=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed2 b/security/nss/cmd/bltest/tests/ecdsa/sigseed2
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed2
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed20 b/security/nss/cmd/bltest/tests/ecdsa/sigseed20
deleted file mode 100644
index f0dddb66c7..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed20
+++ /dev/null
@@ -1,2 +0,0 @@
-/jUyMGJpdHNPZlRleHQwMDAxMDIwMzA0MDUwNjA3MDgwOTBhMGIwYzBkMGUwZjEwMTExMjEz
-MTQxNTE2MTcxODE=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed3 b/security/nss/cmd/bltest/tests/ecdsa/sigseed3
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed3
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed4 b/security/nss/cmd/bltest/tests/ecdsa/sigseed4
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed4
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed5 b/security/nss/cmd/bltest/tests/ecdsa/sigseed5
deleted file mode 100644
index 05d7fd2d65..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed5
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed6 b/security/nss/cmd/bltest/tests/ecdsa/sigseed6
deleted file mode 100644
index a0687196c4..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed6
+++ /dev/null
@@ -1 +0,0 @@
-/jE5MmJpdHNPZlRleHQwMDAwMDAwMDAw
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed7 b/security/nss/cmd/bltest/tests/ecdsa/sigseed7
deleted file mode 100644
index a0687196c4..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed7
+++ /dev/null
@@ -1 +0,0 @@
-/jE5MmJpdHNPZlRleHQwMDAwMDAwMDAw
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed8 b/security/nss/cmd/bltest/tests/ecdsa/sigseed8
deleted file mode 100644
index 01ae265740..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed8
+++ /dev/null
@@ -1 +0,0 @@
-/jIyNGJpdHNPZlRleHQwMDAwMDAwMDAwMDAwMA==
diff --git a/security/nss/cmd/bltest/tests/ecdsa/sigseed9 b/security/nss/cmd/bltest/tests/ecdsa/sigseed9
deleted file mode 100644
index 01ae265740..0000000000
--- a/security/nss/cmd/bltest/tests/ecdsa/sigseed9
+++ /dev/null
@@ -1 +0,0 @@
-/jIyNGJpdHNPZlRleHQwMDAwMDAwMDAwMDAwMA==
diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0
deleted file mode 100644
index 22e1fc496c..0000000000
--- a/security/nss/cmd/bltest/tests/md2/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-CS/UNcrWhB5Knt7Gf8Tz3Q==
diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/md2/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0
deleted file mode 100644
index dce2994ba5..0000000000
--- a/security/nss/cmd/bltest/tests/md2/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-16-bytes to MD2.
diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0
deleted file mode 100644
index ea11ee523b..0000000000
--- a/security/nss/cmd/bltest/tests/md5/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-XN8lnQuWAiMqmSGfvd8Hdw==
diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/md5/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0
deleted file mode 100644
index 5ae3875e2a..0000000000
--- a/security/nss/cmd/bltest/tests/md5/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-63-byte input to MD5 can be a bit tricky, but no problems here.
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
deleted file mode 100644
index d964ef8644..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3ki6eVsWpY8=
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0
deleted file mode 100644
index 97b5955f78..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
deleted file mode 100644
index 337d307655..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-WT+tc4fANhQ=
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0
deleted file mode 100644
index 004f13472a..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20k=
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1
deleted file mode 100644
index 6050da4c68..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M=
diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/key1
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests
deleted file mode 100644
index 0cfbf08886..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1
deleted file mode 100644
index d41abc7b84..0000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!Mozilla!Mozilla!Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
deleted file mode 100644
index 544713b339..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qsv4Fn2J6d0=
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0
deleted file mode 100644
index 97b5955f78..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0
deleted file mode 100644
index d68e0362d5..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
deleted file mode 100644
index 133777dd08..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-4ZKK/1v5Ohc=
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0
deleted file mode 100644
index 65513c116c..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0
deleted file mode 100644
index d68e0362d5..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
deleted file mode 100644
index 5513e438c0..0000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0
deleted file mode 100644
index 943ea599ae..0000000000
--- a/security/nss/cmd/bltest/tests/rsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=
diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0
deleted file mode 100644
index 1352fe9866..0000000000
--- a/security/nss/cmd/bltest/tests/rsa/key0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA
-IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39
-oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA
-EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ==
diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/rsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0
deleted file mode 100644
index d915bc88c4..0000000000
--- a/security/nss/cmd/bltest/tests/rsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-512bitsforRSAPublicKeyEncryption
diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0
deleted file mode 100644
index 1fe4bd2bd4..0000000000
--- a/security/nss/cmd/bltest/tests/sha1/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-cDSMAygXMPIJZC5bntZ4ZhecQ9g=
diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests
deleted file mode 100644
index d00491fd7e..0000000000
--- a/security/nss/cmd/bltest/tests/sha1/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0
deleted file mode 100644
index 863e79c65b..0000000000
--- a/security/nss/cmd/bltest/tests/sha1/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-A cage went in search of a bird.
diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext0 b/security/nss/cmd/bltest/tests/sha256/ciphertext0
deleted file mode 100644
index 07e2ff14fa..0000000000
--- a/security/nss/cmd/bltest/tests/sha256/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=
diff --git a/security/nss/cmd/bltest/tests/sha256/ciphertext1 b/security/nss/cmd/bltest/tests/sha256/ciphertext1
deleted file mode 100644
index 2ab6e1da58..0000000000
--- a/security/nss/cmd/bltest/tests/sha256/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-JI1qYdIGOLjlwCaTDD5gOaM85Flk/yFn9uzt1BnbBsE=
diff --git a/security/nss/cmd/bltest/tests/sha256/numtests b/security/nss/cmd/bltest/tests/sha256/numtests
deleted file mode 100644
index 0cfbf08886..0000000000
--- a/security/nss/cmd/bltest/tests/sha256/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext0 b/security/nss/cmd/bltest/tests/sha256/plaintext0
deleted file mode 100644
index 8baef1b4ab..0000000000
--- a/security/nss/cmd/bltest/tests/sha256/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha256/plaintext1 b/security/nss/cmd/bltest/tests/sha256/plaintext1
deleted file mode 100644
index afb5dce5d4..0000000000
--- a/security/nss/cmd/bltest/tests/sha256/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq
diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext0 b/security/nss/cmd/bltest/tests/sha384/ciphertext0
deleted file mode 100644
index c94f91e22a..0000000000
--- a/security/nss/cmd/bltest/tests/sha384/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-ywB1P0WjXou1oD1pmsZQBycsMqsO3tFjGotgWkP/W+2AhgcroefMI1i67KE0yCWn
diff --git a/security/nss/cmd/bltest/tests/sha384/ciphertext1 b/security/nss/cmd/bltest/tests/sha384/ciphertext1
deleted file mode 100644
index 833f06d844..0000000000
--- a/security/nss/cmd/bltest/tests/sha384/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-CTMMM/cRR+g9GS/Hgs0bR1MRGxc7OwXSL6CAhuOw9xL8x8caVX4tuWbD6fqRdGA5
diff --git a/security/nss/cmd/bltest/tests/sha384/numtests b/security/nss/cmd/bltest/tests/sha384/numtests
deleted file mode 100644
index 0cfbf08886..0000000000
--- a/security/nss/cmd/bltest/tests/sha384/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext0 b/security/nss/cmd/bltest/tests/sha384/plaintext0
deleted file mode 100644
index 8baef1b4ab..0000000000
--- a/security/nss/cmd/bltest/tests/sha384/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha384/plaintext1 b/security/nss/cmd/bltest/tests/sha384/plaintext1
deleted file mode 100644
index 94fcc2b297..0000000000
--- a/security/nss/cmd/bltest/tests/sha384/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu
diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext0 b/security/nss/cmd/bltest/tests/sha512/ciphertext0
deleted file mode 100644
index 8b626e2379..0000000000
--- a/security/nss/cmd/bltest/tests/sha512/ciphertext0
+++ /dev/null
@@ -1,2 +0,0 @@
-3a81oZNherrMQXNJriBBMRLm+k6JqX6iCp7u5ktV05ohkpkqJ0/BqDa6PCOj/uu9
-RU1EI2Q86A4qmslPpUyknw==
diff --git a/security/nss/cmd/bltest/tests/sha512/ciphertext1 b/security/nss/cmd/bltest/tests/sha512/ciphertext1
deleted file mode 100644
index c02d1752d0..0000000000
--- a/security/nss/cmd/bltest/tests/sha512/ciphertext1
+++ /dev/null
@@ -1,2 +0,0 @@
-jpWbddrjE9qM9PcoFPwUP493ecbrn3+hcpmurbaIkBhQHSieSQD35DMbmd7EtUM6
-x9Mp7rbdJlReluVbh0vpCQ==
diff --git a/security/nss/cmd/bltest/tests/sha512/numtests b/security/nss/cmd/bltest/tests/sha512/numtests
deleted file mode 100644
index 0cfbf08886..0000000000
--- a/security/nss/cmd/bltest/tests/sha512/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext0 b/security/nss/cmd/bltest/tests/sha512/plaintext0
deleted file mode 100644
index 8baef1b4ab..0000000000
--- a/security/nss/cmd/bltest/tests/sha512/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-abc
diff --git a/security/nss/cmd/bltest/tests/sha512/plaintext1 b/security/nss/cmd/bltest/tests/sha512/plaintext1
deleted file mode 100644
index 94fcc2b297..0000000000
--- a/security/nss/cmd/bltest/tests/sha512/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu
diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile
deleted file mode 100644
index 6eb6e71da2..0000000000
--- a/security/nss/cmd/btoa/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c
deleted file mode 100644
index f140bddf8d..0000000000
--- a/security/nss/cmd/btoa/btoa.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_ascii (void *arg, const char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-encode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Encoder *cx;
- int nb;
- SECStatus status = SECFailure;
- unsigned char ibuf[4096];
-
- cx = NSSBase64Encoder_Create(output_ascii, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Encoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- if (status != SECSuccess)
- return status;
-
- /*
- * Add a trailing CRLF. Note this must be done *after* the call
- * to Destroy above (because only then are we sure all data has
- * been written out).
- */
- fwrite("\r\n", 1, 2, outFile);
- return SECSuccess;
-
- loser:
- (void) NSSBase64Encoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- default:
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "rb");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
- if (!inFile) {
-#if defined(WIN32)
- /* If we're going to read binary data from stdin, we must put stdin
- ** into O_BINARY mode or else incoming \r\n's will become \n's.
- */
-
- int smrv = _setmode(_fileno(stdin), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
- progName);
- return smrv;
- }
-#endif
- inFile = stdin;
- }
- if (!outFile) {
-#if defined(WIN32)
- /* We're going to write binary data to stdout. We must put stdout
- ** into O_BINARY mode or else outgoing \r\n's will become \r\r\n's.
- */
-
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
-#endif
- outFile = stdout;
- }
- rv = encode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn
deleted file mode 100644
index 394c661beb..0000000000
--- a/security/nss/cmd/btoa/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# MODULE is implicitly REQUIRED, doesn't need to be listed below.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = btoa.c
-
-PROGRAM = btoa
-
diff --git a/security/nss/cmd/certcgi/HOWTO.txt b/security/nss/cmd/certcgi/HOWTO.txt
deleted file mode 100644
index f02ad32fd4..0000000000
--- a/security/nss/cmd/certcgi/HOWTO.txt
+++ /dev/null
@@ -1,168 +0,0 @@
- How to setup your very own Cert-O-Matic Root CA server
-
-***** BEGIN LICENSE BLOCK *****
-Version: MPL 1.1/GPL 2.0/LGPL 2.1
-
-The contents of this file are subject to the Mozilla Public License Version
-1.1 (the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS IS" basis,
-WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-for the specific language governing rights and limitations under the
-License.
-
-The Original Code is Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape Communications
-Corporation. Portions created by the Initial Developer are
-Copyright (C) 2001 the Initial Developer. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the terms of
-either the GNU General Public License Version 2 or later (the "GPL"), or
-the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-in which case the provisions of the GPL or the LGPL are applicable instead
-of those above. If you wish to allow use of your version of this file only
-under the terms of either the GPL or the LGPL, and not to allow others to
-use your version of this file under the terms of the MPL, indicate your
-decision by deleting the provisions above and replace them with the notice
-and other provisions required by the GPL or the LGPL. If you do not delete
-the provisions above, a recipient may use your version of this file under
-the terms of any one of the MPL, the GPL or the LGPL.
-
-***** END LICENSE BLOCK *****
-
- How to setup your very own Cert-O-Matic Root CA server
-
-The program certcgi is part of a small test CA that is used inside
-Netscape by the NSS development team. That CA is affectionately known
-as "Cert-O-Matic" or "Cert-O-Matic II". It presently runs on a server
-named interzone.mcom.com inside Netscape's firewall.
-
-If you wish to setup your own Cert-O-Matic, here are directions.
-
-Disclaimer: This program does not follow good practices for root CAs.
-It should be used only for playing/testing and never for production use.
-Remember, you've been warned!
-
-Cert-O-Matic consists of some html files, shell scripts, one executable
-program that uses NSS and NSPR, the usual set of NSS .db files, and a file
-in which to remember the serial number of the last cert issued. The
-html files and the source to the executable program are in this directory.
-Sample shell scripts are shown below.
-
-The shell scripts and executable program run as CGI "scripts". The
-entire thing runs on an ordinary http web server. It would also run on
-an https web server. The shell scripts and html files must be
-customized for the server on which they run.
-
-The package assumes you have a "document root" directory $DOCROOT, and a
-"cgi-bin" directory $CGIBIN. In this example, the document root is
-assumed to be located in /var/www/htdocs, and the cgi-bin directory in
-/var/www/cgi-bin.
-
-The server is assumed to run all cgi scripts as the user "nobody".
-The names of the cgi scripts run directly by the server all end in .cgi
-because some servers like it that way.
-
-Instructions:
-
-- Create directory $DOCROOT/certomatic
-- Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic
- ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html
-- Edit the html files, substituting the name of your own server for the
- server named in those files.
-- In some web page (e.g. your server's home page), provide an html link to
- $DOCROOT/certomatic/index.html. This is where users start to get their
- own certs from certomatic.
-- give these files and directories appropriate permissions.
-
-- Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin
- make sure that $CGIBIN/certomatic is writable by "nobody"
-
-- Create a new set of NSS db files there with the following command:
-
- certutil -N -d $CGIBIN/certomatic
-
-- when certutil prompts you for the password, enter the word foo
- because that is compiled into the certcgi program.
-
-- Create the new Root CA cert with this command
-
- certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \
- -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \
- -g 1024 -m 10001 -v 60
-
- (adjust the -g, -m and -v parameters to taste. -s and -x must be as
-shown.)
-
-- dump out the new root CA cert in base64 encoding:
-
- certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \
- $CGIBIN/certomatic/root.cacert
-
-- In $CGIBIN/certomatic/bin add two shell scripts - one to download the
- root CA cert on demand, and one to run the certcgi program.
-
-download.cgi, the script to install the root CA cert into a browser on
-demand, is this:
-
-#!/bin/sh
-echo "Content-type: application/x-x509-ca-cert"
-echo
-cat $CGIBIN/certomatic/root.cacert
-
-You'll have to put the real path into that cat command because CGIBIN
-won't be defined when this script is run by the server.
-
-certcgi.cgi, the script to run the certcgi program is similar to this:
-
-#!/bin/sh
-cd $CGIBIN/certomatic/bin
-LD_LIBRARY_PATH=$PLATFORM/lib
-export LD_LIBRARY_PATH
-$PLATFORM/bin/certcgi $* 2>&1
-
-Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and
-$PLATFORM/bin is where certcgi is located. PLATFORM is not defined when
-the server runs this script, so you'll have to substitute the right value
-in your script. certcgi requires that the working directory be one level
-below the NSS DBs, that is, the DBs are accessed in the directory "..".
-
-You'll want to provide an html link somewhere to the script that downloads
-the root.cacert file. You'll probably want to put that next to the link
-that loads the index.html page. On interzone, this is done with the
-following html:
-
-Cert-O-Matic II Root CA server
-
-Download and trust Root CA
-certificate
-
-The index.html file in this directory invokes the certcgi.cgi script with
-the form post method, so if you change the name of the certcgi.cgi script,
-you'll also have to change the index.html file in $DOCROOT/certomatic
-
-The 4 files used by the certcgi program (the 3 NSS DBs, and the serial
-number file) are not required to live in $CGIBIN/certomatic, but they are
-required to live in $CWD/.. when certcgi starts.
-
-Known bugs:
-
-1. Because multiple of these CAs exist simultaneously, it would be best if
-they didn't all have to be called "Cert-O-Matic II", but that string is
-presently hard coded into certcgi.c.
-
-2. the html files in this directory contain numerous extraneous
- Use a
- CA long
- automatically generated chain ending with the Cert-O-Matic Cert
- (18 maximum)
- Use a
- CA long
- user input chain ending in the Cert-O-Matic Cert.
-
diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html
deleted file mode 100644
index cb3e195eae..0000000000
--- a/security/nss/cmd/certcgi/ca_form.html
+++ /dev/null
@@ -1,388 +0,0 @@
-
-
-
-
diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn
deleted file mode 100644
index 057f2596d1..0000000000
--- a/security/nss/cmd/certcgi/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIREd.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = certcgi.c
-
-PROGRAM = certcgi
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html
deleted file mode 100644
index bc94ab3a2d..0000000000
--- a/security/nss/cmd/certcgi/nscp_ext_form.html
+++ /dev/null
@@ -1,116 +0,0 @@
-
-
-
-
-
-
-This page is designed to be used in combination with the executable
-produced by ns/security/cmd/crmf-cgi in a CGI environment. In order
-to successfully use this page, modify its action to post to a a server
-where you have installed the crmfcgi executable and you'll be able to
-test the functionality.
-
-
-
Certificate Database information
-First, enter all the information for the CGI to use for initializing
-NSS. The CGI will use the directory entered below as the directory
-where to look for the certificate and key databases.
-
-Path for NSS Config:
-
-Enter the password for the certificate database found in the direcotry
-above.
-
-Database Password:
-
-Now enter the nickname of the certificate to use for signing the
-certificate issued during this test.
-
-CA Nickname:
-
-
Now, figure out which type of key generation you want to test:
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn
deleted file mode 100644
index c8c38e2244..0000000000
--- a/security/nss/cmd/crmf-cgi/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-MODULE = sectools
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- crmfcgi.c \
- $(NULL)
-
-
-REQUIRES = nss dbm seccmd
-
-ifdef ATTACH_CGI
-DEFINES += -DATTACH_CGI
-endif
-
-ifdef WRITE_OUT_RESPONSE
-DEFINES += -DWRITE_OUT_RESPONSE
-endif
-
-PROGRAM = crmfcgi
-
-USE_STATIC_LIBS = 1
-
-INCLUDES =
-
-DEFINES = -DNSPR20
diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile
deleted file mode 100644
index 66d334a7da..0000000000
--- a/security/nss/cmd/crmftest/Makefile
+++ /dev/null
@@ -1,96 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include config.mk
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2)
-OS_LIBS += -lsvld
-endif
-
-ifeq ($(OS_TARGET)$(OS_RELEASE), SunOS5.6)
-OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl
-endif
-
-EXTRA_LIBS += $(DIST)/lib/$(LIB_PREFIX)crmf.$(LIB_SUFFIX)
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-LDDIST = $(DIST)/lib
-
-ifeq (,$(filter-out WIN%,$(OS_TARGET)))
-EXTRA_LIBS += $(LDDIST)/sectool.lib
-endif
-
-include ../platrules.mk
diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn
deleted file mode 100644
index 93786ee49e..0000000000
--- a/security/nss/cmd/crmftest/manifest.mn
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-DEPTH = .
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- testcrmf.c \
- $(NULL)
-
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-# REQUIRES = dbm
-
-PROGRAM = crmftest
-
diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c
deleted file mode 100644
index 11f96ab752..0000000000
--- a/security/nss/cmd/crmftest/testcrmf.c
+++ /dev/null
@@ -1,1697 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * This program does 5 separate functions. By default, it does them all.
- * It can be told to do any subset of them.
- * It does them in this order:
- *
- * 1. Generate file of CRMF cert requests.
- * Generates 2 keys pairs, one for signing, one for encryption.
- * Can generate RSA or DSA (XXX - DSA is only useful for signing).
- * Generate a cert request for each of the two public keys.
- * Generate a single CRMF cert request message that requests both certs.
- * Leave the generated CRMF request message in file
- * configdir/CertReqMessages.der
- *
- * 2. Decode CRMF Request(s) Message.
- * Reads in the file configdir/CertReqMessages.der
- * (either generated by step 1 above, or user supplied).
- * Decodes it. NOTHING MORE. Drops these decoded results on the floor.
- * The CMMF response (below) contains a completely unrelated cert. :-(
- *
- * 3. CMMF "Stuff".
- * a) Generates a CMMF response, containing a single cert chain, as if
- * it was a response to a received CRMF request. But the cert is
- * simply a user cert from the user's local soft token, whose
- * nickname is given in the -p option. The CMMF response has no
- * relationship to the request generated above. The CMMF message
- * is placed in configdir/CertRepContent.der.
- * b) Decodes the newly generated CMMF response found in file
- * configdir/CertRepContent.der and discards the result. 8-/
- * c) Generate a CMMF Key Escrow message
- * needs 2 nicknames:
- * It takes the public and private keys for the cert identified
- * by -p nickname, and wraps them with a sym key that is in turn
- * wrapped with the pubkey in the CA cert, whose nickname is
- * given with the -s option.
- * Store the message in configdir/KeyRecRepContent.der
- * d) Decode the CMMF Key Escrow message generated just above.
- * Get it from file configdir/KeyRecRepContent.der
- * This is just a decoder test. Results are discarded.
- *
- * 4. Key Recovery
- * This code does not yet compile, and what it was intended to do
- * has not been fully determined.
- *
- * 5. Challenge/Response.
- * Haven't analyzed this code yet.
- *
- *
- */
-
-/* KNOWN BUGS:
-** 1. generates BOTH signing and encryption cert requests, even for DSA keys.
-**
-** 2. Does not verify the siganture in the "Proof of Posession" in the
-** decoded cert requests. It only checks syntax of the POP.
-** 3. CMMF "Stuff" should be broken up into separate steps, each of
-** which may be optionally selected.
-*/
-
-#include
-#include "nspr.h"
-#include "nss.h"
-#include "crmf.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "key.h"
-#include "cmmf.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "pk11pqg.h"
-
-#if 0
-#include "pkcs11.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pqggen.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "secitem.h"
-#include "secasn1.h"
-#include "sechash.h"
-#endif
-
-#define MAX_KEY_LEN 512
-#define PATH_LEN 150
-#define BUFF_SIZE 150
-#define UID_BITS 800
-#define BPB 8
-#define CRMF_FILE "CertReqMessages.der"
-
-PRTime notBefore;
-char *personalCert = NULL;
-char *recoveryEncrypter = NULL;
-char *caCertName = NULL;
-static secuPWData pwdata = { PW_NONE, 0 };
-char *configdir;
-PRBool doingDSA = PR_FALSE;
-
-CERTCertDBHandle *db;
-
-typedef struct {
- SECKEYPrivateKey *privKey;
- SECKEYPublicKey *pubKey;
- CRMFCertRequest *certReq;
- CRMFCertReqMsg *certReqMsg;
-} TESTKeyPair;
-
-void
-debug_test(SECItem *src, char *filePath)
-{
- PRFileDesc *fileDesc;
-
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not cretae file %s.\n", filePath);
- return;
- }
- PR_Write(fileDesc, src->data, src->len);
-
-}
-
-SECStatus
-get_serial_number(long *dest)
-{
- SECStatus rv;
-
- if (dest == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- rv = PK11_GenerateRandom((unsigned char *)dest, sizeof(long));
- /* make serial number positive */
- if (*dest < 0L)
- *dest = - *dest;
- return SECSuccess;
-}
-
-PK11RSAGenParams *
-GetRSAParams(void)
-{
- PK11RSAGenParams *rsaParams;
-
- rsaParams = PORT_ZNew(PK11RSAGenParams);
-
- if (rsaParams == NULL)
- return NULL;
-
- rsaParams->keySizeInBits = MAX_KEY_LEN;
- rsaParams->pe = 0x10001;
-
- return rsaParams;
-
-}
-
-PQGParams*
-GetDSAParams(void)
-{
- PQGParams *params = NULL;
- PQGVerify *vfy = NULL;
-
- SECStatus rv;
-
- rv = PK11_PQG_ParamGen(0, ¶ms, &vfy);
- if (rv != SECSuccess) {
- return NULL;
- }
- PK11_PQG_DestroyVerify(vfy);
- return params;
-}
-
-/* Generate a key pair, and then generate a subjectPublicKeyInfo
-** for the public key in that pair. return all 3.
-*/
-CERTSubjectPublicKeyInfo *
-GetSubjectPubKeyInfo(TESTKeyPair *pair)
-{
- CERTSubjectPublicKeyInfo *spki = NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECKEYPublicKey *pubKey = NULL;
- PK11SlotInfo *keySlot = NULL;
-
- keySlot = PK11_GetInternalKeySlot();
- PK11_Authenticate(keySlot, PR_FALSE, &pwdata);
-
-
- if (!doingDSA) {
- PK11RSAGenParams *rsaParams = GetRSAParams();
- if (rsaParams == NULL) {
- PK11_FreeSlot(keySlot);
- return NULL;
- }
- privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN,
- (void*)rsaParams, &pubKey, PR_FALSE,
- PR_FALSE, &pwdata);
- } else {
- PQGParams *dsaParams = GetDSAParams();
- if (dsaParams == NULL) {
- PK11_FreeSlot(keySlot);
- return NULL;
- }
- privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN,
- (void*)dsaParams, &pubKey, PR_FALSE,
- PR_FALSE, &pwdata);
- }
- PK11_FreeSlot(keySlot);
- if (privKey == NULL || pubKey == NULL) {
- if (pubKey) {
- SECKEY_DestroyPublicKey(pubKey);
- }
- if (privKey) {
- SECKEY_DestroyPrivateKey(privKey);
- }
- return NULL;
- }
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
- pair->privKey = privKey;
- pair->pubKey = pubKey;
- return spki;
-}
-
-
-SECStatus
-InitPKCS11(void)
-{
- PK11SlotInfo *keySlot;
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- keySlot = PK11_GetInternalKeySlot();
-
- if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) {
- if (SECU_ChangePW(keySlot, NULL, NULL) != SECSuccess) {
- printf ("Initializing the PINs failed.\n");
- return SECFailure;
- }
- }
-
- PK11_FreeSlot(keySlot);
- return SECSuccess;
-}
-
-
-void
-WriteItOut (void *arg, const char *buf, unsigned long len)
-{
- PRFileDesc *fileDesc = (PRFileDesc*)arg;
-
- PR_Write(fileDesc, (void*)buf, len);
-}
-
-
-
-CRMFCertExtCreationInfo*
-GetExtensions(void)
-{
- unsigned char keyUsage[4] = { 0x03, 0x02, 0x07, KU_DIGITAL_SIGNATURE };
- /* What are these magic numbers? */
- SECItem data = { 0, NULL, 0 };
- CRMFCertExtension *extension;
- CRMFCertExtCreationInfo *extInfo =
- PORT_ZNew(CRMFCertExtCreationInfo);
-
- data.data = keyUsage;
- data.len = sizeof keyUsage;
-
-
- extension =
- CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE, PR_FALSE, &data);
- if (extension && extInfo) {
- extInfo->numExtensions = 1;
- extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1);
- extInfo->extensions[0] = extension;
- }
- return extInfo;
-}
-
-void
-FreeExtInfo(CRMFCertExtCreationInfo *extInfo)
-{
- int i;
-
- for (i=0; inumExtensions; i++) {
- CRMF_DestroyCertExtension(extInfo->extensions[i]);
- }
- PORT_Free(extInfo->extensions);
- PORT_Free(extInfo);
-}
-
-int
-InjectCertName( CRMFCertRequest * certReq,
- CRMFCertTemplateField inTemplateField,
- const char * inNameString)
-{
- char * nameStr;
- CERTName * name;
- int irv = 0;
-
- nameStr = PORT_Strdup(inNameString);
- if (!nameStr)
- return 5;
- name = CERT_AsciiToName(nameStr);
- if (name == NULL) {
- printf ("Could not create CERTName structure from %s.\n", nameStr);
- irv = 5;
- goto finish;
- }
-
- irv = CRMF_CertRequestSetTemplateField(certReq, inTemplateField, (void*)name);
- if (irv != SECSuccess) {
- printf ("Could not add name to cert template\n");
- irv = 6;
- }
-
-finish:
- PORT_Free(nameStr);
- if (name)
- CERT_DestroyName(name);
- return irv;
-}
-
-int
-CreateCertRequest(TESTKeyPair *pair, long inRequestID)
-{
- CERTCertificate * caCert;
- CERTSubjectPublicKeyInfo *spki;
- CRMFCertExtCreationInfo * extInfo;
- CRMFCertRequest * certReq;
- CRMFEncryptedKey * encKey;
- CRMFPKIArchiveOptions * pkiArchOpt;
- SECAlgorithmID * algID;
- long serialNumber;
- long version = 3;
- SECStatus rv;
- CRMFValidityCreationInfo validity;
- unsigned char UIDbuf[UID_BITS / BPB];
- SECItem issuerUID = { siBuffer, UIDbuf, UID_BITS };
- SECItem subjectUID = { siBuffer, UIDbuf, UID_BITS };
- /* len in bits */
-
- pair->certReq = NULL;
- certReq = CRMF_CreateCertRequest(inRequestID);
- if (certReq == NULL) {
- printf ("Could not initialize a certificate request.\n");
- return 1;
- }
-
- /* set to version 3 */
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfVersion,
- (void*)(&version));
- if (rv != SECSuccess) {
- printf("Could not add the version number to the "
- "Certificate Request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 2;
- }
-
- /* set serial number */
- if (get_serial_number(&serialNumber) != SECSuccess) {
- printf ("Could not generate a serial number for cert request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 3;
- }
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber,
- (void*)(&serialNumber));
- if (rv != SECSuccess) {
- printf ("Could not add serial number to certificate template\n.");
- CRMF_DestroyCertRequest(certReq);
- return 4;
- }
-
- /* Set issuer name */
- rv = InjectCertName(certReq, crmfIssuer,
- "CN=mozilla CA Shack,O=Information Systems");
- if (rv) {
- printf ("Could not add issuer to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 5;
- }
-
- /* Set Subject Name */
- rv = InjectCertName(certReq, crmfSubject,
- "CN=mozilla CA Shack ID,O=Engineering,C=US");
- if (rv) {
- printf ("Could not add Subject to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 5;
- }
-
- /* Set Algorithm ID */
- algID = PK11_CreatePBEAlgorithmID(SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
- 1, NULL);
- if (algID == NULL) {
- printf ("Couldn't create algorithm ID\n");
- CRMF_DestroyCertRequest(certReq);
- return 9;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID);
- SECOID_DestroyAlgorithmID(algID, PR_TRUE);
- if (rv != SECSuccess) {
- printf ("Could not add the signing algorithm to the cert template.\n");
- CRMF_DestroyCertRequest(certReq);
- return 10;
- }
-
- /* Set Validity Dates */
- validity.notBefore = ¬Before;
- validity.notAfter = NULL;
- notBefore = PR_Now();
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity));
- if (rv != SECSuccess) {
- printf ("Could not add validity to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 11;
- }
-
- /* Generate a key pair and Add the spki to the request */
- spki = GetSubjectPubKeyInfo(pair);
- if (spki == NULL) {
- printf ("Could not create a Subject Public Key Info to add\n");
- CRMF_DestroyCertRequest(certReq);
- return 12;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- if (rv != SECSuccess) {
- printf ("Could not add the public key to the template\n");
- CRMF_DestroyCertRequest(certReq);
- return 13;
- }
-
- /* Set the requested isser Unique ID */
- PK11_GenerateRandom(UIDbuf, sizeof UIDbuf);
- CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID, (void*)&issuerUID);
-
- /* Set the requested Subject Unique ID */
- PK11_GenerateRandom(UIDbuf, sizeof UIDbuf);
- CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID);
-
- /* Add extensions - XXX need to understand these magic numbers */
- extInfo = GetExtensions();
- CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo);
- FreeExtInfo(extInfo);
-
- /* get the recipient CA's cert */
- caCert = CERT_FindCertByNickname(db, caCertName);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", caCertName);
- CRMF_DestroyCertRequest(certReq);
- return 50;
- }
- encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(pair->privKey, caCert);
- CERT_DestroyCertificate(caCert);
- if (encKey == NULL) {
- printf ("Could not create Encrypted Key with Encrypted Value.\n");
- return 14;
- }
- pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey);
- CRMF_DestroyEncryptedKey(encKey);
- if (pkiArchOpt == NULL) {
- printf ("Could not create PKIArchiveOptions.\n");
- return 15;
- }
- rv = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt);
- CRMF_DestroyPKIArchiveOptions(pkiArchOpt);
- if (rv != SECSuccess) {
- printf ("Could not add the PKIArchiveControl to Cert Request.\n");
- return 16;
- }
- pair->certReq = certReq;
- return 0;
-}
-
-int
-Encode(CRMFCertReqMsg *inCertReq1, CRMFCertReqMsg *inCertReq2)
-{
- PRFileDesc *fileDesc;
- SECStatus rv;
- int irv = 0;
- CRMFCertReqMsg *msgArr[3];
- char filePath[PATH_LEN];
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- irv = 14;
- goto finish;
- }
- msgArr[0] = inCertReq1;
- msgArr[1] = inCertReq2;
- msgArr[2] = NULL;
- rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc);
- if (rv != SECSuccess) {
- printf ("An error occurred while encoding.\n");
- irv = 15;
- }
-finish:
- PR_Close(fileDesc);
- return irv;
-}
-
-int
-AddProofOfPossession(TESTKeyPair *pair,
- CRMFPOPChoice inPOPChoice)
-{
-
- switch(inPOPChoice){
- case crmfSignature:
- CRMF_CertReqMsgSetSignaturePOP(pair->certReqMsg, pair->privKey,
- pair->pubKey, NULL, NULL, &pwdata);
- break;
- case crmfRAVerified:
- CRMF_CertReqMsgSetRAVerifiedPOP(pair->certReqMsg);
- break;
- case crmfKeyEncipherment:
- CRMF_CertReqMsgSetKeyEnciphermentPOP(pair->certReqMsg,
- crmfSubsequentMessage,
- crmfChallengeResp, NULL);
- break;
- case crmfKeyAgreement:
- {
- SECItem pendejo;
- unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 };
-
- pendejo.data = lame;
- pendejo.len = 5;
-
- CRMF_CertReqMsgSetKeyAgreementPOP(pair->certReqMsg, crmfThisMessage,
- crmfNoSubseqMess, &pendejo);
- }
- break;
- default:
- return 1;
- }
- return 0;
-}
-
-
-int
-Decode(void)
-{
- PRFileDesc *fileDesc;
- CRMFCertReqMsg *certReqMsg;
- CRMFCertRequest *certReq;
- CRMFCertReqMessages *certReqMsgs;
- SECStatus rv;
- int numMsgs, i;
- long lame;
- CRMFGetValidity validity = {NULL, NULL};
- SECItem item = { siBuffer, NULL, 0 };
- char filePath[PATH_LEN];
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 214;
- }
- rv = SECU_FileToItem(&item, fileDesc);
- PR_Close(fileDesc);
- if (rv != SECSuccess) {
- return 215;
- }
-
- certReqMsgs = CRMF_CreateCertReqMessagesFromDER((char *)item.data, item.len);
- if (certReqMsgs == NULL) {
- printf ("Error decoding CertReqMessages.\n");
- return 202;
- }
- numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs);
- if (numMsgs <= 0) {
- printf ("WARNING: The DER contained %d messages.\n", numMsgs);
- }
- for (i=0; i < numMsgs; i++) {
- SECStatus rv;
- printf("crmftest: Processing cert request %d\n", i);
- certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i);
- if (certReqMsg == NULL) {
- printf ("ERROR: Could not access the message at index %d of %s\n",
- i, filePath);
- }
- rv = CRMF_CertReqMsgGetID(certReqMsg, &lame);
- if (rv) {
- SECU_PrintError("crmftest", "CRMF_CertReqMsgGetID");
- }
- certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
- if (!certReq) {
- SECU_PrintError("crmftest", "CRMF_CertReqMsgGetCertRequest");
- }
- rv = CRMF_CertRequestGetCertTemplateValidity(certReq, &validity);
- if (rv) {
- SECU_PrintError("crmftest", "CRMF_CertRequestGetCertTemplateValidity");
- }
- if (!validity.notBefore) {
- /* We encoded a notBefore, so somthing's wrong if it's not here. */
- printf("ERROR: Validity period notBefore date missing.\n");
- }
- /* XXX It's all parsed now. We probably should DO SOMETHING with it.
- ** But nope. We just throw it all away.
- ** Maybe this was intended to be no more than a decoder test.
- */
- CRMF_DestroyGetValidity(&validity);
- CRMF_DestroyCertRequest(certReq);
- CRMF_DestroyCertReqMsg(certReqMsg);
- }
- CRMF_DestroyCertReqMessages(certReqMsgs);
- SECITEM_FreeItem(&item, PR_FALSE);
- return 0;
-}
-
-int
-GetBitsFromFile(const char *filePath, SECItem *item)
-{
- PRFileDesc *fileDesc;
- SECStatus rv;
-
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 14;
- }
-
- rv = SECU_FileToItem(item, fileDesc);
- PR_Close(fileDesc);
-
- if (rv != SECSuccess) {
- item->data = NULL;
- item->len = 0;
- return 15;
- }
- return 0;
-}
-
-int
-DecodeCMMFCertRepContent(char *derFile)
-{
- CMMFCertRepContent *certRepContent;
- int irv = 0;
- SECItem fileBits = { siBuffer, NULL, 0 };
-
- GetBitsFromFile(derFile, &fileBits);
- if (fileBits.data == NULL) {
- printf("Could not get bits from file %s\n", derFile);
- return 304;
- }
- certRepContent = CMMF_CreateCertRepContentFromDER(db,
- (char*)fileBits.data, fileBits.len);
- if (certRepContent == NULL) {
- printf ("Error while decoding %s\n", derFile);
- irv = 303;
- } else {
- /* That was fun. Now, let's throw it away! */
- CMMF_DestroyCertRepContent(certRepContent);
- }
- SECITEM_FreeItem(&fileBits, PR_FALSE);
- return irv;
-}
-
-int
-EncodeCMMFCertReply(const char *filePath,
- CERTCertificate *cert,
- CERTCertList *list)
-{
- int rv = 0;
- SECStatus srv;
- PRFileDesc *fileDesc = NULL;
- CMMFCertRepContent *certRepContent = NULL;
- CMMFCertResponse *certResp = NULL;
- CMMFCertResponse *certResponses[3];
-
- certResp = CMMF_CreateCertResponse(0xff123);
- CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted);
-
- CMMF_CertResponseSetCertificate(certResp, cert);
-
- certResponses[0] = certResp;
- certResponses[1] = NULL;
- certResponses[2] = NULL;
-
- certRepContent = CMMF_CreateCertRepContent();
- CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1);
-
- CMMF_CertRepContentSetCAPubs(certRepContent, list);
-
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 400;
- goto finish;
- }
-
- srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut,
- (void*)fileDesc);
- PR_Close(fileDesc);
- if (srv != SECSuccess) {
- printf ("CMMF_EncodeCertRepContent failed,\n");
- rv = 401;
- }
-finish:
- if (certRepContent) {
- CMMF_DestroyCertRepContent(certRepContent);
- }
- if (certResp) {
- CMMF_DestroyCertResponse(certResp);
- }
- return rv;
-}
-
-
-/* Extract the public key from the cert whose nickname is given. */
-int
-extractPubKeyFromNamedCert(const char * nickname, SECKEYPublicKey **pPubKey)
-{
- CERTCertificate *caCert = NULL;
- SECKEYPublicKey *caPubKey = NULL;
- int rv = 0;
-
- caCert = CERT_FindCertByNickname(db, (char *)nickname);
- if (caCert == NULL) {
- printf ("Could not get the certifcate for %s\n", caCertName);
- rv = 411;
- goto finish;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- if (caPubKey == NULL) {
- printf ("Could not extract the public from the "
- "certificate for \n%s\n", caCertName);
- rv = 412;
- }
-finish:
- *pPubKey = caPubKey;
- CERT_DestroyCertificate(caCert);
- caCert = NULL;
- return rv;
-}
-
-int
-EncodeCMMFRecoveryMessage(const char * filePath,
- CERTCertificate *cert,
- CERTCertList *list)
-{
- SECKEYPublicKey *caPubKey = NULL;
- SECKEYPrivateKey *privKey = NULL;
- CMMFKeyRecRepContent *repContent = NULL;
- PRFileDesc *fileDesc;
- int rv = 0;
- SECStatus srv;
-
- /* Extract the public key from the cert whose nickname is given in
- ** the -s option.
- */
- rv = extractPubKeyFromNamedCert( caCertName, &caPubKey);
- if (rv)
- goto finish;
-
- repContent = CMMF_CreateKeyRecRepContent();
- if (repContent == NULL) {
- printf ("Could not allocate a CMMFKeyRecRepContent structure\n");
- rv = 407;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent,
- cmmfGrantedWithMods);
- if (srv != SECSuccess) {
- printf ("Error trying to set PKIStatusInfo for "
- "CMMFKeyRecRepContent.\n");
- rv = 406;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert);
- if (srv != SECSuccess) {
- printf ("Error trying to set the new signing certificate for "
- "key recovery\n");
- rv = 408;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetCACerts(repContent, list);
- if (srv != SECSuccess) {
- printf ("Errory trying to add the list of CA certs to the "
- "CMMFKeyRecRepContent structure.\n");
- rv = 409;
- goto finish;
- }
- privKey = PK11_FindKeyByAnyCert(cert, &pwdata);
- if (privKey == NULL) {
- printf ("Could not get the private key associated with the\n"
- "certificate %s\n", personalCert);
- rv = 410;
- goto finish;
- }
-
- srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey,
- caPubKey);
- if (srv != SECSuccess) {
- printf ("Could not set the Certified Key Pair\n");
- rv = 413;
- goto finish;
- }
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 414;
- goto finish;
- }
-
- srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut,
- (void*)fileDesc);
- PR_Close(fileDesc);
- if (srv != SECSuccess) {
- printf ("CMMF_EncodeKeyRecRepContent failed\n");
- rv = 415;
- }
-finish:
- if (privKey)
- SECKEY_DestroyPrivateKey(privKey);
- if (caPubKey)
- SECKEY_DestroyPublicKey(caPubKey);
- if (repContent)
- CMMF_DestroyKeyRecRepContent(repContent);
- return rv;
-}
-
-int
-decodeCMMFRecoveryMessage(const char * filePath)
-{
- CMMFKeyRecRepContent *repContent = NULL;
- int rv = 0;
- SECItem fileBits = { siBuffer, NULL, 0 };
-
- GetBitsFromFile(filePath, &fileBits);
- if (!fileBits.len) {
- rv = 451;
- goto finish;
- }
- repContent =
- CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data,
- fileBits.len);
- if (repContent == NULL) {
- printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n"
- "\t%s\n", filePath);
- rv = 452;
- }
-finish:
- if (repContent) {
- CMMF_DestroyKeyRecRepContent(repContent);
- }
- SECITEM_FreeItem(&fileBits, PR_FALSE);
- return rv;
-}
-
-int
-DoCMMFStuff(void)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *list = NULL;
- int rv = 0;
- char filePath[PATH_LEN];
-
- /* Do common setup for the following steps.
- */
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der");
-
- cert = CERT_FindCertByNickname(db, personalCert);
- if (cert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- rv = 416;
- goto finish;
- }
- list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner);
- if (list == NULL) {
- printf ("Could not find the certificate chain for %s\n", personalCert);
- rv = 418;
- goto finish;
- }
-
- /* a) Generate the CMMF response message, using a user cert named
- ** by -p option, rather than a cert generated from the CRMF
- ** request itself. The CMMF message is placed in
- ** configdir/CertRepContent.der.
- */
- rv = EncodeCMMFCertReply(filePath, cert, list);
- if (rv != 0) {
- goto finish;
- }
-
- /* b) Decode the CMMF Cert granting message encoded just above,
- ** found in configdir/CertRepContent.der.
- ** This only tests the decoding. The decoded content is discarded.
- */
- rv = DecodeCMMFCertRepContent(filePath);
- if (rv != 0) {
- goto finish;
- }
-
- /* c) Generate a CMMF Key Excrow message
- ** It takes the public and private keys for the cert identified
- ** by -p nickname, and wraps them with a sym key that is in turn
- ** wrapped with the pubkey in the CA cert, whose nickname is
- ** given by the -s option.
- ** Store the message in configdir/KeyRecRepContent.der
- */
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
-
- rv = EncodeCMMFRecoveryMessage(filePath, cert, list);
- if (rv)
- goto finish;
-
- /* d) Decode the CMMF Key Excrow message generated just above.
- ** Get it from file configdir/KeyRecRepContent.der
- ** This is just a decoder test. Results are discarded.
- */
-
- rv = decodeCMMFRecoveryMessage(filePath);
-
- finish:
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- if (list) {
- CERT_DestroyCertList(list);
- }
- return rv;
-}
-
-static CK_MECHANISM_TYPE
-mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/
-
-int
-DoKeyRecovery( SECKEYPrivateKey *privKey)
-{
-#ifdef DOING_KEY_RECOVERY /* Doesn't compile yet. */
- SECKEYPublicKey *pubKey;
- PK11SlotInfo *slot;
- unsigned char *ciphertext;
- unsigned char *text_compared;
- SECKEYPrivateKey *unwrappedPrivKey;
- SECKEYPrivateKey *caPrivKey;
- CMMFKeyRecRepContent *keyRecRep;
- CMMFCertifiedKeyPair *certKeyPair;
- CERTCertificate *caCert;
- CERTCertificate *myCert;
- SECKEYPublicKey *caPubKey;
- PRFileDesc *fileDesc;
- CK_ULONG max_bytes_encrypted;
- CK_ULONG bytes_encrypted;
- CK_ULONG bytes_compared;
- CK_ULONG bytes_decrypted;
- CK_RV crv;
- CK_OBJECT_HANDLE id;
- CK_MECHANISM mech = { CKM_INVALID_MECHANISM, NULL, 0};
- SECStatus rv;
- SECItem fileBits;
- SECItem nickname;
- unsigned char plaintext[KNOWN_MESSAGE_LENGTH];
- char filePath[PATH_LEN];
- static const unsigned char known_message[] = { "Known Crypto Message" };
-
- /*caCert = CERT_FindCertByNickname(db, caCertName);*/
- myCert = CERT_FindCertByNickname(db, personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 700;
- }
- caCert = CERT_FindCertByNickname(db, recoveryEncrypter);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", recoveryEncrypter);
- return 701;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- pubKey = SECKEY_ConvertToPublicKey(privKey);
- max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey);
- slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL);
- id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
-
- switch(privKey->keyType) {
- case rsaKey:
- mech.mechanism = CKM_RSA_PKCS;
- break;
- case dsaKey:
- mech.mechanism = CKM_DSA;
- break;
- case dhKey:
- mech.mechanism = CKM_DH_PKCS_DERIVE;
- break;
- default:
- printf ("Bad Key type in key recovery.\n");
- return 512;
-
- }
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("C_EncryptInit failed in KeyRecovery\n");
- return 500;
- }
- ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted);
- if (ciphertext == NULL) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("Could not allocate memory for ciphertext.\n");
- return 501;
- }
- bytes_encrypted = max_bytes_encrypted;
- crv = PK11_GETTAB(slot)->C_Encrypt(slot->session,
- known_message,
- KNOWN_MESSAGE_LENGTH,
- ciphertext,
- &bytes_encrypted);
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_Free(ciphertext);
- return 502;
- }
- /* Always use the smaller of these two values . . . */
- bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? KNOWN_MESSAGE_LENGTH
- : bytes_encrypted;
-
- /* If there was a failure, the plaintext */
- /* goes at the end, therefore . . . */
- text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? (ciphertext + bytes_encrypted -
- KNOWN_MESSAGE_LENGTH )
- : ciphertext;
-
- keyRecRep = CMMF_CreateKeyRecRepContent();
- if (keyRecRep == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not allocate a CMMFKeyRecRepContent structre.\n");
- return 503;
- }
- rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep,
- cmmfGranted);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the status for the KeyRecRepContent\n");
- return 504;
- }
- /* The myCert here should correspond to the certificate corresponding
- * to the private key, but for this test any certificate will do.
- */
- rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert,
- privKey, caPubKey);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the Certified Key Pair\n");
- return 505;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not open file %s\n", filePath);
- return 506;
- }
- rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- PR_Close(fileDesc);
-
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Error while encoding CMMFKeyRecRepContent\n");
- return 507;
- }
- GetBitsFromFile(filePath, &fileBits);
- if (fileBits.data == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Could not get the bits from file %s\n", filePath);
- return 508;
- }
- keyRecRep =
- CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data,
- fileBits.len);
- if (keyRecRep == NULL) {
- printf ("Could not decode the KeyRecRepContent in file %s\n",
- filePath);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- return 509;
- }
- caPrivKey = PK11_FindKeyByAnyCert(caCert, &pwdata);
- if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) !=
- cmmfGranted) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("A bad status came back with the "
- "KeyRecRepContent structure\n");
- return 510;
- }
-
-#define NICKNAME "Key Recovery Test Key"
- nickname.data = (unsigned char*)NICKNAME;
- nickname.len = PORT_Strlen(NICKNAME);
-
- certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair,
- caPrivKey,
- &nickname,
- PK11_GetInternalKeySlot(),
- db,
- &unwrappedPrivKey, &pwdata);
- CMMF_DestroyCertifiedKeyPair(certKeyPair);
- if (rv != SECSuccess) {
- printf ("Unwrapping the private key failed.\n");
- return 511;
- }
- /*Now let's try to decrypt the ciphertext with the "recovered" key*/
- PK11_EnterSlotMonitor(slot);
- crv =
- PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session,
- &mech,
- unwrappedPrivKey->pkcs11ID);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Decrypting with the recovered key failed.\n");
- return 513;
- }
- bytes_decrypted = KNOWN_MESSAGE_LENGTH;
- crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session,
- ciphertext,
- bytes_encrypted, plaintext,
- &bytes_decrypted);
- SECKEY_DestroyPrivateKey(unwrappedPrivKey);
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- if (crv != CKR_OK) {
- PK11_FreeSlot(slot);
- printf ("Decrypting the ciphertext with recovered key failed.\n");
- return 514;
- }
- if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) ||
- (PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) {
- PK11_FreeSlot(slot);
- printf ("The recovered plaintext does not equal the known message:\n"
- "\tKnown message: %s\n"
- "\tRecovered plaintext: %s\n", known_message, plaintext);
- return 515;
- }
-#endif
- return 0;
-}
-
-int
-DoChallengeResponse(SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey)
-{
- CMMFPOPODecKeyChallContent *chalContent = NULL;
- CMMFPOPODecKeyRespContent *respContent = NULL;
- CERTCertificate *myCert = NULL;
- CERTGeneralName *myGenName = NULL;
- PRArenaPool *poolp = NULL;
- PRFileDesc *fileDesc;
- SECItem *publicValue;
- SECItem *keyID;
- SECKEYPrivateKey *foundPrivKey;
- long *randomNums;
- int numChallengesFound = 0;
- int numChallengesSet = 1;
- int i;
- long retrieved;
- SECStatus rv;
- SECItem DecKeyChallBits;
- char filePath[PATH_LEN];
-
- chalContent = CMMF_CreatePOPODecKeyChallContent();
- myCert = CERT_FindCertByNickname(db, personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 900;
- }
- poolp = PORT_NewArena(1024);
- if (poolp == NULL) {
- printf("Could no allocate a new arena in DoChallengeResponse\n");
- return 901;
- }
- myGenName = CERT_GetCertificateNames(myCert, poolp);
- if (myGenName == NULL) {
- printf ("Could not get the general names for %s certificate\n",
- personalCert);
- return 902;
- }
- randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet);
- PK11_GenerateRandom((unsigned char *)randomNums,
- numChallengesSet * sizeof(long));
- for (i=0; ipkcs11Slot, keyID, &pwdata);
- if (foundPrivKey == NULL) {
- printf ("Could not find the private key corresponding to the public"
- " value.\n");
- return 910;
- }
- rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i,
- foundPrivKey);
- if (rv != SECSuccess) {
- printf ("Could not decrypt the challenge at index %d\n", i);
- return 911;
- }
- rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i,
- &retrieved);
- if (rv != SECSuccess) {
- printf ("Could not get the random number from the challenge at "
- "index %d\n", i);
- return 912;
- }
- if (retrieved != randomNums[i]) {
- printf ("Retrieved the number (%d), expected (%d)\n", retrieved,
- randomNums[i]);
- return 913;
- }
- }
- CMMF_DestroyPOPODecKeyChallContent(chalContent);
- PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der",
- configdir);
- fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 914;
- }
- rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet,
- WriteItOut, fileDesc);
- PR_Close(fileDesc);
- if (rv != 0) {
- printf ("Could not encode the POPODecKeyRespContent\n");
- return 915;
- }
- GetBitsFromFile(filePath, &DecKeyChallBits);
- respContent =
- CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data,
- DecKeyChallBits.len);
- if (respContent == NULL) {
- printf ("Could not decode the contents of the file %s\n", filePath);
- return 916;
- }
- numChallengesFound =
- CMMF_POPODecKeyRespContentGetNumResponses(respContent);
- if (numChallengesFound != numChallengesSet) {
- printf ("Number of responses found (%d) does not match the number "
- "of challenges set (%d)\n",
- numChallengesFound, numChallengesSet);
- return 917;
- }
- for (i=0; icertReq == NULL) {
- goto loser;
- }
-
- pair->certReqMsg = CRMF_CreateCertReqMsg();
- if (!pair->certReqMsg) {
- irv = 999;
- goto loser;
- }
- /* copy certReq into certReqMsg */
- CRMF_CertReqMsgSetCertRequest(pair->certReqMsg, pair->certReq);
- irv = AddProofOfPossession(pair, inPOPChoice);
-loser:
- return irv;
-}
-
-int
-DestroyPairReqAndMsg(TESTKeyPair *pair)
-{
- SECStatus rv = SECSuccess;
- int irv = 0;
-
- if (pair->certReq) {
- rv = CRMF_DestroyCertRequest(pair->certReq);
- pair->certReq = NULL;
- if (rv != SECSuccess) {
- printf ("Error when destroying cert request.\n");
- irv = 100;
- }
- }
- if (pair->certReqMsg) {
- rv = CRMF_DestroyCertReqMsg(pair->certReqMsg);
- pair->certReqMsg = NULL;
- if (rv != SECSuccess) {
- printf ("Error when destroying cert request msg.\n");
- if (!irv)
- irv = 101;
- }
- }
- return irv;
-}
-
-int
-DestroyPair(TESTKeyPair *pair)
-{
- SECStatus rv = SECSuccess;
- int irv = 0;
-
- if (pair->pubKey) {
- SECKEY_DestroyPublicKey(pair->pubKey);
- pair->pubKey = NULL;
- }
- if (pair->privKey) {
- SECKEY_DestroyPrivateKey(pair->privKey);
- pair->privKey = NULL;
- }
- DestroyPairReqAndMsg(pair);
- return irv;
-}
-
-int
-DoCRMFRequest(TESTKeyPair *signPair, TESTKeyPair *cryptPair)
-{
- int irv, tirv = 0;
-
- /* Generate a key pair and a cert request for it. */
- irv = MakeCertRequest(signPair, crmfSignature, 0x0f020304);
- if (irv != 0 || signPair->certReq == NULL) {
- goto loser;
- }
-
- if (!doingDSA) {
- irv = MakeCertRequest(cryptPair, crmfKeyAgreement, 0x0f050607);
- if (irv != 0 || cryptPair->certReq == NULL) {
- goto loser;
- }
- }
-
- /* encode the cert request messages into a unified request message.
- ** leave it in a file with a fixed name. :(
- */
- irv = Encode(signPair->certReqMsg, cryptPair->certReqMsg);
-
-loser:
- if (signPair->certReq) {
- tirv = DestroyPairReqAndMsg(signPair);
- if (tirv && !irv)
- irv = tirv;
- }
- if (cryptPair->certReq) {
- tirv = DestroyPairReqAndMsg(cryptPair);
- if (tirv && !irv)
- irv = tirv;
- }
- return irv;
-}
-
-void
-Usage (void)
-{
- printf ("Usage:\n"
- "\tcrmftest -d [Database Directory] -p [Personal Cert]\n"
- "\t -e [Encrypter] -s [CA Certificate] [-P password]\n\n"
- "\t [crmf] [dsa] [decode] [cmmf] [recover] [challenge]\n"
- "Database Directory\n"
- "\tThis is the directory where the key3.db, cert7.db, and\n"
- "\tsecmod.db files are located. This is also the directory\n"
- "\twhere the program will place CRMF/CMMF der files\n"
- "Personal Cert\n"
- "\tThis is the certificate that already exists in the cert\n"
- "\tdatabase to use while encoding the response. The private\n"
- "\tkey associated with the certificate must also exist in the\n"
- "\tkey database.\n"
- "Encrypter\n"
- "\tThis is the certificate to use when encrypting the the \n"
- "\tkey recovery response. The private key for this cert\n"
- "\tmust also be present in the key database.\n"
- "CA Certificate\n"
- "\tThis is the nickname of the certificate to use as the\n"
- "\tCA when doing all of the encoding.\n");
-}
-
-#define TEST_MAKE_CRMF_REQ 0x0001
-#define TEST_USE_DSA 0x0002
-#define TEST_DECODE_CRMF_REQ 0x0004
-#define TEST_DO_CMMF_STUFF 0x0008
-#define TEST_KEY_RECOVERY 0x0010
-#define TEST_CHALLENGE_RESPONSE 0x0020
-
-SECStatus
-parsePositionalParam(const char * arg, PRUint32 *flags)
-{
- if (!strcmp(arg, "crmf")) {
- *flags |= TEST_MAKE_CRMF_REQ;
- } else if (!strcmp(arg, "dsa")) {
- *flags |= TEST_MAKE_CRMF_REQ | TEST_USE_DSA;
- doingDSA = PR_TRUE;
- } else if (!strcmp(arg, "decode")) {
- *flags |= TEST_DECODE_CRMF_REQ;
- } else if (!strcmp(arg, "cmmf")) {
- *flags |= TEST_DO_CMMF_STUFF;
- } else if (!strcmp(arg, "recover")) {
- *flags |= TEST_KEY_RECOVERY;
- } else if (!strcmp(arg, "challenge")) {
- *flags |= TEST_CHALLENGE_RESPONSE;
- } else {
- printf("unknown positional paremeter: %s\n", arg);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* it's not clear, in some cases, whether the desired key is from
-** the sign pair or the crypt pair, so we're guessing in some places.
-** This define serves to remind us of the places where we're guessing.
-*/
-#define WHICH_KEY cryptPair
-
-int
-main(int argc, char **argv)
-{
- TESTKeyPair signPair, cryptPair;
- PLOptState *optstate;
- PLOptStatus status;
- char *password = NULL;
- int irv = 0;
- PRUint32 flags = 0;
- SECStatus rv;
- PRBool nssInit = PR_FALSE;
- PRBool pArg = PR_FALSE;
- PRBool eArg = PR_FALSE;
- PRBool sArg = PR_FALSE;
- PRBool PArg = PR_FALSE;
-
- memset( &signPair, 0, sizeof signPair);
- memset( &cryptPair, 0, sizeof cryptPair);
- printf ("\ncrmftest v1.0\n");
- optstate = PL_CreateOptState(argc, argv, "d:p:e:s:P:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'd':
- configdir = PORT_Strdup(optstate->value);
- rv = NSS_Init(configdir);
- if (rv != SECSuccess) {
- printf ("NSS_Init (-d) failed\n");
- return 101;
- }
- nssInit = PR_TRUE;
- break;
- case 'p':
- personalCert = PORT_Strdup(optstate->value);
- if (personalCert == NULL) {
- printf ("-p failed\n");
- return 603;
- }
- pArg = PR_TRUE;
- break;
- case 'e':
- recoveryEncrypter = PORT_Strdup(optstate->value);
- if (recoveryEncrypter == NULL) {
- printf ("-e failed\n");
- return 602;
- }
- eArg = PR_TRUE;
- break;
- case 's':
- caCertName = PORT_Strdup(optstate->value);
- if (caCertName == NULL) {
- printf ("-s failed\n");
- return 604;
- }
- sArg = PR_TRUE;
- break;
- case 'P':
- password = PORT_Strdup(optstate->value);
- if (password == NULL) {
- printf ("-P failed\n");
- return 606;
- }
- PArg = PR_TRUE;
- break;
- case 0: /* positional parameter */
- rv = parsePositionalParam(optstate->value, &flags);
- if (rv) {
- printf ("bad positional parameter.\n");
- return 605;
- }
- break;
- default:
- Usage();
- return 601;
- }
- }
- PL_DestroyOptState(optstate);
- if (status == PL_OPT_BAD || !nssInit) {
- Usage();
- return 600;
- }
- if (!flags)
- flags = ~ TEST_USE_DSA;
- db = CERT_GetDefaultCertDB();
- InitPKCS11();
- if (password) {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = password;
- }
-
- if (flags & TEST_MAKE_CRMF_REQ) {
- printf("Generating CRMF request\n");
- irv = DoCRMFRequest(&signPair, &cryptPair);
- if (irv)
- goto loser;
- }
-
- if (flags & TEST_DECODE_CRMF_REQ) {
- printf("Decoding CRMF request\n");
- irv = Decode();
- if (irv != 0) {
- printf("Error while decoding\n");
- goto loser;
- }
- }
-
- if (flags & TEST_DO_CMMF_STUFF) {
- printf("Doing CMMF Stuff\n");
- if ((irv = DoCMMFStuff()) != 0) {
- printf ("CMMF tests failed.\n");
- goto loser;
- }
- }
-
- if (flags & TEST_KEY_RECOVERY) {
- /* Requires some other options be set.
- ** Once we know exactly what hey are, test for them here.
- */
- printf("Doing Key Recovery\n");
- irv = DoKeyRecovery(WHICH_KEY.privKey);
- if (irv != 0) {
- printf ("Error doing key recovery\n");
- goto loser;
- }
- }
-
- if (flags & TEST_CHALLENGE_RESPONSE) {
- printf("Doing Challenge / Response\n");
- irv = DoChallengeResponse(WHICH_KEY.privKey, WHICH_KEY.pubKey);
- if (irv != 0) {
- printf ("Error doing challenge-response\n");
- goto loser;
- }
- }
- printf ("Exiting successfully!!!\n\n");
- irv = 0;
-
- loser:
- DestroyPair(&signPair);
- DestroyPair(&cryptPair);
- rv = NSS_Shutdown();
- if (rv) {
- printf("NSS_Shutdown did not shutdown cleanly!\n");
- }
- PORT_Free(configdir);
- if (irv)
- printf("crmftest returning %d\n", irv);
- return irv;
-}
diff --git a/security/nss/cmd/dbck/Makefile b/security/nss/cmd/dbck/Makefile
deleted file mode 100644
index 834e1d62f5..0000000000
--- a/security/nss/cmd/dbck/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbck/dbck.c b/security/nss/cmd/dbck/dbck.c
deleted file mode 100644
index 2ff7362682..0000000000
--- a/security/nss/cmd/dbck/dbck.c
+++ /dev/null
@@ -1,1879 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
-** dbck.c
-**
-** utility for fixing corrupt cert databases
-**
-*/
-#include
-#include
-
-#include "secutil.h"
-#include "cdbhdl.h"
-#include "certdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-/* placeholders for pointer error types */
-static void *WrongEntry;
-static void *NoNickname;
-static void *NoSMime;
-
-enum {
- GOBOTH = 0,
- GORIGHT,
- GOLEFT
-};
-
-typedef struct
-{
- PRBool verbose;
- PRBool dograph;
- PRFileDesc *out;
- PRFileDesc *graphfile;
- int dbErrors[10];
-} dbDebugInfo;
-
-/*
- * A list node for a cert db entry. The index is a unique identifier
- * to use for creating generic maps of a db. This struct handles
- * the cert, nickname, and smime db entry types, as all three have a
- * single handle to a subject entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- certDBEntryListNode *pSubject;
-} certDBEntryMap;
-
-/*
- * Subject entry is special case, it has bidirectional handles. One
- * subject entry can point to several certs (using the same DN), and
- * a nickname and/or smime entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- int numCerts;
- certDBEntryListNode **pCerts;
- certDBEntryListNode *pNickname;
- certDBEntryListNode *pSMime;
-} certDBSubjectEntryMap;
-
-/*
- * A map of a certdb.
- */
-typedef struct
-{
- int numCerts;
- int numSubjects;
- int numNicknames;
- int numSMime;
- certDBEntryListNode certs; /* pointer to head of cert list */
- certDBEntryListNode subjects; /* pointer to head of subject list */
- certDBEntryListNode nicknames; /* pointer to head of nickname list */
- certDBEntryListNode smime; /* pointer to head of smime list */
-} certDBArray;
-
-/* Cast list to the base element, a certDBEntryListNode. */
-#define LISTNODE_CAST(node) \
- ((certDBEntryListNode *)(node))
-
-static void
-Usage(char *progName)
-{
-#define FPS fprintf(stderr,
- FPS "Type %s -H for more detailed descriptions\n", progName);
- FPS "Usage: %s -D [-d certdir] [-i dbname] [-m] [-v [-f dumpfile]]\n",
- progName);
- FPS " %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n",
- progName);
- exit(-1);
-}
-
-static void
-LongUsage(char *progName)
-{
- FPS "%-15s Display this help message.\n",
- "-H");
- FPS "%-15s Dump analysis. No changes will be made to the database.\n",
- "-D");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n",
- " -m");
- FPS "%-15s This will produce an index graph of your cert db and send\n",
- "");
- FPS "%-15s it to Netscape for analysis. Personal info will be removed.\n",
- "");
- FPS "%-15s Verbose mode. Dumps the entire contents of your cert7.db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "%-15s Repair the database. The program will look for broken\n",
- "-R");
- FPS "%-15s dependencies between subject entries and certificates,\n",
- "");
- FPS "%-15s between nickname entries and subjects, and between SMIME\n",
- "");
- FPS "%-15s profiles and subjects. Any duplicate entries will be\n",
- "");
- FPS "%-15s removed, any missing entries will be created.\n",
- "");
- FPS "%-15s File to store new database in (default is new_cert7.db)\n",
- " -o newdbname");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Prompt before removing any certificates.\n",
- " -p");
- FPS "%-15s Keep all possible certificates. Only remove certificates\n",
- " -a");
- FPS "%-15s which prevent creation of a consistent database. Thus any\n",
- "");
- FPS "%-15s expired or redundant entries will be kept.\n",
- "");
- FPS "%-15s Keep redundant nickname/email entries. It is possible\n",
- " -r");
- FPS "%-15s only one such entry will be usable.\n",
- "");
- FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n",
- " -s");
- FPS "%-15s cert. An empty profile will be created.\n",
- "");
- FPS "%-15s Keep expired certificates.\n",
- " -x");
- FPS "%-15s Verbose mode - report all activity while recovering db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "\n");
- exit(-1);
-#undef FPS
-}
-
-/*******************************************************************
- *
- * Functions for dbck.
- *
- ******************************************************************/
-
-void
-printHexString(PRFileDesc *out, SECItem *hexval)
-{
- int i;
- for (i = 0; i < hexval->len; i++) {
- if (i != hexval->len - 1) {
- PR_fprintf(out, "%02x:", hexval->data[i]);
- } else {
- PR_fprintf(out, "%02x", hexval->data[i]);
- }
- }
- PR_fprintf(out, "\n");
-}
-
-typedef enum {
-/* 0*/ NoSubjectForCert = 0,
-/* 1*/ SubjectHasNoKeyForCert,
-/* 2*/ NoNicknameOrSMimeForSubject,
-/* 3*/ WrongNicknameForSubject,
-/* 4*/ NoNicknameEntry,
-/* 5*/ WrongSMimeForSubject,
-/* 6*/ NoSMimeEntry,
-/* 7*/ NoSubjectForNickname,
-/* 8*/ NoSubjectForSMime,
-/* 9*/ NicknameAndSMimeEntry
-} dbErrorType;
-
-static char *dbErrorString[] = {
-/* 0*/ "\nDid not find a subject entry for this certificate.",
-/* 1*/ "\nSubject has certKey which is not in db.",
-/* 2*/ "\nSubject does not have a nickname or email address.",
-/* 3*/ "\nUsing this subject's nickname, found a nickname entry for a different subject.",
-/* 4*/ "\nDid not find a nickname entry for this subject.",
-/* 5*/ "\nUsing this subject's email, found an S/MIME entry for a different subject.",
-/* 6*/ "\nDid not find an S/MIME entry for this subject.",
-/* 7*/ "\nDid not find a subject entry for this nickname.",
-/* 8*/ "\nDid not find a subject entry for this S/MIME profile.",
-};
-
-SECStatus
-dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile)
-{
- int userCert = 0;
- CERTCertTrust *trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (num >= 0) {
- PR_fprintf(outfile, "Certificate: %3d\n", num);
- } else {
- PR_fprintf(outfile, "Certificate:\n");
- }
- PR_fprintf(outfile, "----------------\n");
- if (userCert)
- PR_fprintf(outfile, "(User Cert)\n");
- PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName);
- PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName);
- PR_fprintf(outfile, "## SERIAL NUMBER: ");
- printHexString(outfile, &cert->serialNumber);
- { /* XXX should be separate function. */
- int64 timeBefore, timeAfter;
- PRExplodedTime beforePrintable, afterPrintable;
- char *beforestr, *afterstr;
- DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
- DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
- PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
- PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
- beforestr = PORT_Alloc(100);
- afterstr = PORT_Alloc(100);
- PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable);
- PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable);
- PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr);
- }
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile)
-{
- CERTCertificate *cert;
- cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL);
- if (!cert) {
- fprintf(stderr, "Failed to decode certificate.\n");
- return SECFailure;
- }
- cert->trust = &entry->trust;
- dumpCertificate(cert, num, outfile);
- CERT_DestroyCertificate(cert);
- return SECSuccess;
-}
-
-SECStatus
-dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile)
-{
- char *subjectName;
- subjectName = CERT_DerNameToAscii(&entry->derSubject);
- PR_fprintf(outfile, "Subject: %3d\n", num);
- PR_fprintf(outfile, "------------\n");
- PR_fprintf(outfile, "## %s\n", subjectName);
- if (entry->nickname)
- PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname);
- if (entry->emailAddr && entry->emailAddr[0])
- PR_fprintf(outfile, "## Subject email address: %s\n",
- entry->emailAddr);
- PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts);
- PR_fprintf(outfile, "\n");
- PORT_Free(subjectName);
- return SECSuccess;
-}
-
-SECStatus
-dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "Nickname: %3d\n", num);
- PR_fprintf(outfile, "-------------\n");
- PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname);
- return SECSuccess;
-}
-
-SECStatus
-dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "S/MIME Profile: %3d\n", num);
- PR_fprintf(outfile, "-------------------\n");
- PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr);
- PR_fprintf(outfile, "## OPTIONS: ");
- printHexString(outfile, &entry->smimeOptions);
- PR_fprintf(outfile, "## TIMESTAMP: ");
- printHexString(outfile, &entry->optionsDate);
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-mapCertEntries(certDBArray *dbArray)
-{
- certDBEntryCert *certEntry;
- certDBEntrySubject *subjectEntry;
- certDBEntryListNode *certNode, *subjNode;
- certDBSubjectEntryMap *smap;
- certDBEntryMap *map;
- PRArenaPool *tmparena;
- SECItem derSubject;
- SECItem certKey;
- PRCList *cElem, *sElem;
- int i;
-
- /* Arena for decoded entries */
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmparena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* Iterate over cert entries and map them to subject entries.
- * NOTE: mapSubjectEntries must be called first to alloc memory
- * for array of subject->cert map.
- */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- certNode = LISTNODE_CAST(cElem);
- certEntry = (certDBEntryCert *)&certNode->entry;
- map = (certDBEntryMap *)certNode->appData;
- CERT_NameFromDERCert(&certEntry->derCert, &derSubject);
- CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey);
- /* Loop over found subjects for cert's DN. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) {
- /* Found matching subject name, create link. */
- map->pSubject = subjNode;
- /* Make sure subject entry has cert's key. */
- for (i=0; incerts; i++) {
- if (SECITEM_ItemsAreEqual(&certKey,
- &subjectEntry->certKeys[i])) {
- /* Found matching cert key. */
- smap = (certDBSubjectEntryMap *)subjNode->appData;
- smap->pCerts[i] = certNode;
- break;
- }
- }
- }
- }
- }
- PORT_FreeArena(tmparena, PR_FALSE);
- return SECSuccess;
-}
-
-SECStatus
-mapSubjectEntries(certDBArray *dbArray)
-{
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- certDBEntryListNode *subjNode, *nickNode, *smimeNode;
- certDBSubjectEntryMap *subjMap;
- certDBEntryMap *nickMap, *smimeMap;
- PRCList *sElem, *nElem, *mElem;
-
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Iterate over subject entries and map subjects to nickname
- * and smime entries. The cert<->subject map will be handled
- * by a subsequent call to mapCertEntries.
- */
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- /* need to alloc memory here for array of matching certs. */
- subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena,
- subjectEntry->ncerts*sizeof(int));
- subjMap->numCerts = subjectEntry->ncerts;
- if (subjectEntry->nickname) {
- /* Subject should have a nickname entry, so create a link. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link;
- nElem = PR_NEXT_LINK(nElem)) {
- /* Look for subject's nickname in nickname entries. */
- nickNode = LISTNODE_CAST(nElem);
- nicknameEntry = (certDBEntryNickname *)&nickNode->entry;
- nickMap = (certDBEntryMap *)nickNode->appData;
- if (PL_strcmp(subjectEntry->nickname,
- nicknameEntry->nickname) == 0) {
- /* Found a nickname entry for subject's nickname. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName)) {
- /* Nickname and subject match. */
- subjMap->pNickname = nickNode;
- nickMap->pSubject = subjNode;
- } else {
- /* Nickname entry found is for diff. subject. */
- subjMap->pNickname = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pNickname = NoNickname;
- }
- if (subjectEntry->emailAddr && subjectEntry->emailAddr[0]) {
- /* Subject should have an smime entry, so create a link. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Look for subject's email in S/MIME entries. */
- smimeNode = LISTNODE_CAST(mElem);
- smimeEntry = (certDBEntrySMime *)&smimeNode->entry;
- smimeMap = (certDBEntryMap *)smimeNode->appData;
- if (PL_strcmp(subjectEntry->emailAddr,
- smimeEntry->emailAddr) == 0) {
- /* Found a S/MIME entry for subject's email. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName)) {
- /* S/MIME entry and subject match. */
- subjMap->pSMime = smimeNode;
- smimeMap->pSubject = subjNode;
- } else {
- /* S/MIME entry found is for diff. subject. */
- subjMap->pSMime = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pSMime = NoSMime;
- }
- }
- return SECSuccess;
-}
-
-void
-printnode(dbDebugInfo *info, const char *str, int num)
-{
- if (!info->dograph)
- return;
- if (num < 0) {
- PR_fprintf(info->graphfile, str);
- } else {
- PR_fprintf(info->graphfile, str, num);
- }
-}
-
-PRBool
-map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent)
-{
- if (mapPtr == NULL) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "******************* ", -1);
- return PR_FALSE;
- } else if (mapPtr == WrongEntry) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "??????????????????? ", -1);
- return PR_FALSE;
- } else {
- return PR_TRUE;
- }
-}
-
-/* these call each other */
-void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap,
- int direction);
-void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap,
- int direction);
-void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype);
-void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap,
- int direction);
-
-/* Given an smime entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-smime map, else just print
- * the smime entry.
- */
-void
-print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = smimeMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- smimeMap->index, certDBEntryTypeSMimeProfile);
- } else {
- printnode(info, "<---- S/MIME %5d ", smimeMap->index);
- }
- } else {
- printnode(info, "S/MIME %5d ", smimeMap->index);
- }
-}
-
-/* Given a nickname entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-nickname map, else just print
- * the nickname entry.
- */
-void
-print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = nickMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- nickMap->index, certDBEntryTypeNickname);
- } else {
- printnode(info, "<---- Nickname %5d ", nickMap->index);
- }
- } else {
- printnode(info, "Nickname %5d ", nickMap->index);
- }
-}
-
-/* Given a subject entry, if going right print the graph of the nickname|smime
- * that it maps to (by its unique identifier); and if going left
- * print the list of certs that it points to.
- */
-void
-print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype)
-{
- certDBEntryMap *map;
- certDBEntryListNode *node;
- int i;
- /* The first line of output always contains the cert id, subject id,
- * and nickname|smime id. Subsequent lines may contain additional
- * cert id's for the subject if going left or both directions.
- * Ex. of printing the graph for a subject entry:
- * Cert 3 <- Subject 5 -> Nickname 32
- * Cert 8 /
- * Cert 9 /
- * means subject 5 has 3 certs, 3, 8, and 9, and corresponds
- * to nickname entry 32.
- * To accomplish the above, it is required to dump the entire first
- * line left-to-right, regardless of the input direction, and then
- * finish up any remaining cert entries. Hence the code is uglier
- * than one may expect.
- */
- if (direction == GOLEFT || direction == GOBOTH) {
- /* In this case, nothing should be output until the first cert is
- * located and output (cert 3 in the above example).
- */
- if (subjMap->numCerts == 0 || subjMap->pCerts == NULL)
- /* XXX uh-oh */
- return;
- /* get the first cert and dump it. */
- node = subjMap->pCerts[0];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- }
- /* Now it is safe to output the subject id. */
- if (direction == GOLEFT)
- printnode(info, "Subject %5d <---- ", subjMap->index);
- else /* direction == GOBOTH */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- }
- if (direction == GORIGHT || direction == GOBOTH) {
- /* Okay, now output the nickname|smime for this subject. */
- if (direction != GOBOTH) /* handled above */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- if (subjMap->pNickname) {
- node = subjMap->pNickname;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_nickname_graph(info, map, GORIGHT);
- }
- }
- if (subjMap->pSMime) {
- node = subjMap->pSMime;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_smime_graph(info, map, GORIGHT);
- }
- }
- if (!subjMap->pNickname && !subjMap->pSMime) {
- printnode(info, "******************* ", -1);
- }
- }
- if (direction != GORIGHT) { /* going right has only one cert */
- if (opttype == certDBEntryTypeNickname)
- printnode(info, "Nickname %5d ", optindex);
- else if (opttype == certDBEntryTypeSMimeProfile)
- printnode(info, "S/MIME %5d ", optindex);
- for (i=1 /* 1st one already done */; inumCerts; i++) {
- printnode(info, "\n", -1); /* start a new line */
- node = subjMap->pCerts[i];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- printnode(info, "/", -1);
- }
- }
- }
-}
-
-/* Given a cert entry, print its unique identifer. If GORIGHT is specified,
- * print the cert->subject->nickname|smime map, else just print
- * the cert entry.
- */
-void
-print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- printnode(info, "Cert %5d <---- ", certMap->index);
- /* only want cert entry, terminate here. */
- return;
- }
- /* Keep going right then. */
- printnode(info, "Cert %5d ----> ", certMap->index);
- subjNode = certMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 0)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GORIGHT, -1, -1);
- }
-}
-
-SECStatus
-computeDBGraph(certDBArray *dbArray, dbDebugInfo *info)
-{
- PRCList *cElem, *sElem, *nElem, *mElem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *subjMap;
-
- /* Graph is of this form:
- *
- * certs:
- * cert ---> subject ---> (nickname|smime)
- *
- * subjects:
- * cert <--- subject ---> (nickname|smime)
- *
- * nicknames and smime:
- * cert <--- subject <--- (nickname|smime)
- */
-
- /* Print cert graph. */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- /* Print graph of everything to right of cert entry. */
- node = LISTNODE_CAST(cElem);
- map = (certDBEntryMap *)node->appData;
- print_cert_graph(info, map, GORIGHT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print subject graph. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Print graph of everything to both sides of subject entry. */
- node = LISTNODE_CAST(sElem);
- subjMap = (certDBSubjectEntryMap *)node->appData;
- print_subject_graph(info, subjMap, GOBOTH, -1, -1);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print nickname graph. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) {
- /* Print graph of everything to left of nickname entry. */
- node = LISTNODE_CAST(nElem);
- map = (certDBEntryMap *)node->appData;
- print_nickname_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print smime graph. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Print graph of everything to left of smime entry. */
- node = LISTNODE_CAST(mElem);
- if (node == NULL) break;
- map = (certDBEntryMap *)node->appData;
- print_smime_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- return SECSuccess;
-}
-
-/*
- * List the entries in the db, showing handles between entry types.
- */
-void
-verboseOutput(certDBArray *dbArray, dbDebugInfo *info)
-{
- int i, ref;
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *smap;
- certDBEntrySubject *subjectEntry;
-
- /* List certs */
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out);
- /* walk the cert handle to it's subject entry */
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- smap = (certDBSubjectEntryMap *)map->pSubject->appData;
- ref = smap->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- /* List subjects */
- for (elem = PR_LIST_HEAD(&dbArray->subjects.link);
- elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- subjectEntry = (certDBEntrySubject *)&node->entry;
- smap = (certDBSubjectEntryMap *)node->appData;
- dumpSubjectEntry(subjectEntry, smap->index, info->out);
- /* iterate over subject's certs */
- for (i=0; inumCerts; i++) {
- /* walk each subject handle to it's cert entries */
- if (map_handle_is_ok(info, smap->pCerts[i], -1)) {
- ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index;
- PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref);
- } else {
- PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i);
- }
- }
- if (subjectEntry->nickname) {
- /* walk each subject handle to it's nickname entry */
- if (map_handle_is_ok(info, smap->pNickname, -1)) {
- ref = ((certDBEntryMap *)smap->pNickname->appData)->index;
- PR_fprintf(info->out, "-->(nickname %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n");
- }
- }
- if (subjectEntry->emailAddr && subjectEntry->emailAddr[0]) {
- /* walk each subject handle to it's smime entry */
- if (map_handle_is_ok(info, smap->pSMime, -1)) {
- ref = ((certDBEntryMap *)smap->pSMime->appData)->index;
- PR_fprintf(info->out, "-->(s/mime %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
- }
- for (elem = PR_LIST_HEAD(&dbArray->nicknames.link);
- elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index,
- info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- for (elem = PR_LIST_HEAD(&dbArray->smime.link);
- elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
-}
-
-char *errResult[] = {
- "Certificate entries that had no subject entry.",
- "Certificate entries that had no key in their subject entry.",
- "Subject entries that had no nickname or email address.",
- "Redundant nicknames (subjects with the same nickname).",
- "Subject entries that had no nickname entry.",
- "Redundant email addresses (subjects with the same email address).",
- "Subject entries that had no S/MIME entry.",
- "Nickname entries that had no subject entry.",
- "S/MIME entries that had no subject entry.",
-};
-
-int
-fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type,
- certDBEntryListNode *list)
-{
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *mnode;
- certDBSubjectEntryMap *smnode;
- PRArenaPool *arena;
- int count = 0;
- /* Initialize a dummy entry in the list. The list head will be the
- * next element, so this element is skipped by for loops.
- */
- PR_INIT_CLIST((PRCList *)list);
- /* Collect all of the cert db entries for this type into a list. */
- SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList,
- (PRCList *)list);
- for (elem = PR_LIST_HEAD(&list->link);
- elem != &list->link; elem = PR_NEXT_LINK(elem)) {
- /* Iterate over the entries and ... */
- node = (certDBEntryListNode *)elem;
- if (type != certDBEntryTypeSubject) {
- arena = PORT_NewArena(sizeof(*mnode));
- mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode));
- mnode->arena = arena;
- /* ... assign a unique index number to each node, and ... */
- mnode->index = count;
- /* ... set the map pointer for the node. */
- node->appData = (void *)mnode;
- } else {
- /* allocate some room for the cert pointers also */
- arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *));
- smnode = (certDBSubjectEntryMap *)
- PORT_ArenaZAlloc(arena, sizeof(*smnode));
- smnode->arena = arena;
- smnode->index = count;
- node->appData = (void *)smnode;
- }
- count++;
- }
- return count;
-}
-
-void
-freeDBEntryList(PRCList *list)
-{
- PRCList *next, *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
-
- for (elem = PR_LIST_HEAD(list); elem != list;) {
- next = PR_NEXT_LINK(elem);
- node = (certDBEntryListNode *)elem;
- map = (certDBEntryMap *)node->appData;
- PR_REMOVE_LINK(&node->link);
- PORT_FreeArena(map->arena, PR_TRUE);
- PORT_FreeArena(node->entry.common.arena, PR_TRUE);
- elem = next;
- }
-}
-
-void
-DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile)
-{
- int i, nCertsFound, nSubjFound, nErr;
- int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime;
- PRCList *elem;
- char c;
- dbDebugInfo info;
- certDBArray dbArray;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ;
- info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ;
- info.out = (out) ? out : PR_STDOUT;
- info.graphfile = mailfile;
-
- /* Fill the array structure with cert/subject/nickname/smime entries. */
- dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert,
- &dbArray.certs);
- dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject,
- &dbArray.subjects);
- dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname,
- &dbArray.nicknames);
- dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile,
- &dbArray.smime);
-
- /* Compute the map between the database entries. */
- mapSubjectEntries(&dbArray);
- mapCertEntries(&dbArray);
- computeDBGraph(&dbArray, &info);
-
- /* Store the totals for later reference. */
- nCerts = dbArray.numCerts;
- nSubjects = dbArray.numSubjects;
- nNicknames = dbArray.numNicknames;
- nSMime = dbArray.numSMime;
- nSubjCerts = 0;
- for (elem = PR_LIST_HEAD(&dbArray.subjects.link);
- elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) {
- certDBSubjectEntryMap *smap;
- smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData;
- nSubjCerts += smap->numCerts;
- }
-
- if (info.verbose) {
- /* Dump the database contents. */
- verboseOutput(&dbArray, &info);
- }
-
- freeDBEntryList(&dbArray.certs.link);
- freeDBEntryList(&dbArray.subjects.link);
- freeDBEntryList(&dbArray.nicknames.link);
- freeDBEntryList(&dbArray.smime.link);
-
- PR_fprintf(info.out, "\n");
- PR_fprintf(info.out, "Database statistics:\n");
- PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n",
- nCerts);
- PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n",
- nSubjects);
- PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n",
- nSubjCerts);
- PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n",
- nNicknames);
- PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n",
- nSMime);
- PR_fprintf(info.out, "\n");
-
- nErr = 0;
- for (i=0; isubjectName) {
- return NULL;
- }
-
- tmp1 = PORT_Strstr(cert->subjectName, "E=");
- tmp2 = PORT_Strstr(cert->subjectName, "MAIL=");
- /* XXX Nelson has cert for KTrilli which does not have either
- * of above but is email cert (has cert->emailAddr).
- */
- if (!tmp1 && !tmp2 && !(cert->emailAddr && cert->emailAddr[0])) {
- return NULL;
- }
-
- /* Server or CA cert, not personal email. */
- isCA = CERT_IsCACert(cert, NULL);
- if (isCA)
- return NULL;
-
- /* XXX CERT_IsCACert advertises checking the key usage ext.,
- but doesn't appear to. */
- /* Check the key usage extension. */
- if (cert->keyUsagePresent) {
- /* Must at least be able to sign or encrypt (not neccesarily
- * both if it is one of a dual cert).
- */
- if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) ||
- (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT)))
- return NULL;
-
- /* CA cert, not personal email. */
- if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN))
- return NULL;
- }
-
- if (cert->emailAddr && cert->emailAddr[0]) {
- email = PORT_Strdup(cert->emailAddr);
- } else {
- if (tmp1)
- tmp1 += 2; /* "E=" */
- else
- tmp1 = tmp2 + 5; /* "MAIL=" */
- len = strcspn(tmp1, ", ");
- email = (char*)PORT_Alloc(len+1);
- PORT_Strncpy(email, tmp1, len);
- email[len] = '\0';
- }
-
- return email;
-}
-
-SECStatus
-deleteit(CERTCertificate *cert, void *arg)
-{
- return SEC_DeletePermCertificate(cert);
-}
-
-/* Different than DeleteCertificate - has the added bonus of removing
- * all certs with the same DN.
- */
-SECStatus
-deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRFileDesc *outfile)
-{
-#if 0
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- int i;
-#endif
-
- if (outfile) {
- PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n");
- PR_fprintf(outfile, "Deleting redundant certificate:\n");
- dumpCertificate(cert, -1, outfile);
- }
-
- CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL);
-#if 0
- CERT_LockDB(handle);
- subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
- /* It had better be there, or created a bad db. */
- PORT_Assert(subjectEntry);
- for (i=0; incerts; i++) {
- DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]);
- }
- DeleteDBSubjectEntry(handle, &cert->derSubject);
- if (subjectEntry->emailAddr && subjectEntry->emailAddr[0]) {
- smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr);
- if (smimeEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBSMimeEntry(handle, subjectEntry->emailAddr);
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- }
- }
- if (subjectEntry->nickname) {
- nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname);
- if (nicknameEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBNicknameEntry(handle, subjectEntry->nickname);
- SEC_DestroyDBEntry((certDBEntry*)nicknameEntry);
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry);
- CERT_UnlockDB(handle);
-#endif
- return SECSuccess;
-}
-
-void
-getCertsToDelete(char *numlist, int len, int *certNums, int nCerts)
-{
- int j, num;
- char *numstr, *numend, *end;
-
- numstr = numlist;
- end = numstr + len - 1;
- while (numstr != end) {
- numend = strpbrk(numstr, ", \n");
- *numend = '\0';
- if (PORT_Strlen(numstr) == 0)
- return;
- num = PORT_Atoi(numstr);
- if (numstr == numlist)
- certNums[0] = num;
- for (j=1; jpromptUser[errtype] == PR_FALSE)
- return (info->removeType[errtype]);
- switch (errtype) {
- case dbInvalidCert:
- PR_fprintf(PR_STDOUT, "******** Expired ********\n");
- PR_fprintf(PR_STDOUT, "Cert has expired.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all expired certs) [n] ");
- break;
- case dbNoSMimeProfile:
- PR_fprintf(PR_STDOUT, "******** No Profile ********\n");
- PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] ");
- break;
- case dbOlderCert:
- PR_fprintf(PR_STDOUT, "******* Redundant nickname/email *******\n\n");
- PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n");
- for (i=0; ipromptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- getCertsToDelete(response, nb, certNums, nCerts);
- return PR_TRUE;
- }
- /* User doesn't want to be prompted for this type anymore. */
- if (response[0] == 'Y') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_FALSE;
- return PR_FALSE;
- } else if (response[0] == 'N') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- return (response[0] != 'y') ? PR_TRUE : PR_FALSE;
-}
-
-SECStatus
-addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info,
- CERTCertDBHandle *oldhandle)
-{
- SECStatus rv = SECSuccess;
- PRBool allowOverride;
- PRBool userCert;
- SECCertTimeValidity validity;
- CERTCertificate *oldCert = NULL;
- CERTCertificate *dbCert = NULL;
- CERTCertificate *newCert = NULL;
- CERTCertTrust *trust;
- certDBEntrySMime *smimeEntry = NULL;
- char *email = NULL;
- char *nickname = NULL;
- int nCertsForSubject = 1;
-
- oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE,
- certEntry->nickname);
- if (!oldCert) {
- info->dbErrors[dbBadCertificate]++;
- SEC_DestroyDBEntry((certDBEntry*)certEntry);
- return SECSuccess;
- }
-
- oldCert->dbEntry = certEntry;
- oldCert->trust = &certEntry->trust;
- oldCert->dbhandle = oldhandle;
-
- trust = oldCert->trust;
-
- info->nOldCerts++;
-
- if (info->verbose)
- PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n");
-
- if (oldCert->nickname)
- nickname = PORT_Strdup(oldCert->nickname);
-
- /* Always keep user certs. Skip ahead. */
- /* XXX if someone sends themselves a signed message, it is possible
- for their cert to be imported as an "other" cert, not a user cert.
- this mucks with smime entries... */
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (userCert)
- goto createcert;
-
- /* If user chooses so, ignore expired certificates. */
- allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
- (oldCert->keyUsage == certUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
- /* If cert expired and user wants to delete it, ignore it. */
- if ((validity != secCertTimeValid) &&
- userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) {
- info->dbErrors[dbInvalidCert]++;
- if (info->verbose) {
- PR_fprintf(info->out, "Deleting expired certificate:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* New database will already have default certs, don't attempt
- to overwrite them. */
- dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert);
- if (dbCert) {
- info->nCerts++;
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* Determine if cert is S/MIME and get its email if so. */
- email = IsEmailCert(oldCert);
-
- /*
- XXX Just create empty profiles?
- if (email) {
- SECItem *profile = CERT_FindSMimeProfile(oldCert);
- if (!profile &&
- userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) {
- info->dbErrors[dbNoSMimeProfile]++;
- if (info->verbose) {
- PR_fprintf(info->out,
- "Deleted cert missing S/MIME profile.\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- } else {
- SECITEM_FreeItem(profile);
- }
- }
- */
-
-createcert:
-
- /* Sometimes happens... */
- if (!nickname && userCert)
- nickname = PORT_Strdup(oldCert->subjectName);
-
- /* Create a new certificate, copy of the old one. */
- newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert,
- nickname, PR_FALSE, PR_TRUE);
- if (!newCert) {
- PR_fprintf(PR_STDERR, "Unable to create new certificate.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbBadCertificate]++;
- goto cleanup;
- }
-
- /* Add the cert to the new database. */
- rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust);
- if (rv) {
- PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbCertNotWrittenToDB]++;
- goto cleanup;
- }
-
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
-
- /* If the cert is an S/MIME cert, and the first with it's subject,
- * modify the subject entry to include the email address,
- * CERT_AddTempCertToPerm does not do email addresses and S/MIME entries.
- */
- if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */
-#if 0
- UpdateSubjectWithEmailAddr(newCert, email);
-#endif
- SECItem emailProfile, profileTime;
- rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime);
- /* calls UpdateSubjectWithEmailAddr */
- if (rv == SECSuccess)
- rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime);
- }
-
- info->nCerts++;
-
-cleanup:
-
- if (nickname)
- PORT_Free(nickname);
- if (email)
- PORT_Free(email);
- if (oldCert)
- CERT_DestroyCertificate(oldCert);
- if (dbCert)
- CERT_DestroyCertificate(dbCert);
- if (newCert)
- CERT_DestroyCertificate(newCert);
- if (smimeEntry)
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- return SECSuccess;
-}
-
-#if 0
-SECStatus
-copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata)
-{
- SECStatus rv;
- CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata;
- certDBEntryCommon common;
- SECItem dbkey;
-
- common.type = type;
- common.version = CERT_DB_FILE_VERSION;
- common.flags = data->data[2];
- common.arena = NULL;
-
- dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char));
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len);
- dbkey.data[0] = type;
-
- rv = WriteDBEntry(newdb, &common, &dbkey, data);
-
- PORT_Free(dbkey.data);
- return rv;
-}
-#endif
-
-int
-certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2)
-{
- return !CERT_IsNewer(*cert1, *cert2);
-}
-
-int
-findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum,
- certDBArray *dbArray, dbRestoreInfo *info,
- int *subjectWithSMime, int *smimeForSubject)
-{
- int newestSubject;
- int subjectsForEmail[50];
- int i, j, ns, sNum;
- certDBEntryListNode *subjects = &dbArray->subjects;
- certDBEntryListNode *smime = &dbArray->smime;
- certDBEntrySubject *subjectEntry1, *subjectEntry2;
- certDBEntrySMime *smimeEntry;
- CERTCertificate **certs;
- CERTCertificate *cert;
- CERTCertTrust *trust;
- PRBool userCert;
- int *certNums;
-
- ns = 0;
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum];
- subjectsForEmail[ns++] = subjectNum;
-
- *subjectWithSMime = -1;
- *smimeForSubject = -1;
- newestSubject = subjectNum;
-
- cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
- if (cert) {
- trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- CERT_DestroyCertificate(cert);
- }
-
- /*
- * XXX Should we make sure that subjectEntry1->emailAddr is not
- * a null pointer or an empty string before going into the next
- * two for loops, which pass it to PORT_Strcmp?
- */
-
- /* Loop over the remaining subjects. */
- for (i=subjectNum+1; iemailAddr && subjectEntry2->emailAddr[0] &&
- PORT_Strcmp(subjectEntry1->emailAddr,
- subjectEntry2->emailAddr) == 0) {
- /* Found a subject using the same email address. */
- subjectsForEmail[ns++] = i;
- }
- }
-
- /* Find the S/MIME entry for this email address. */
- for (i=0; icommon.arena == NULL)
- continue;
- if (smimeEntry->emailAddr && smimeEntry->emailAddr[0] &&
- PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) {
- /* Find which of the subjects uses this S/MIME entry. */
- for (j=0; jsubjectName,
- &subjectEntry2->derSubject)) {
- /* Found the subject corresponding to the S/MIME entry. */
- *subjectWithSMime = sNum;
- *smimeForSubject = i;
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- PORT_Memset(smimeEntry, 0, sizeof(certDBEntry));
- break;
- }
- }
-
- if (ns <= 1)
- return subjectNum;
-
- if (userCert)
- return *subjectWithSMime;
-
- /* Now find which of the subjects has the newest cert. */
- certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*));
- certNums = (int*)PORT_Alloc((ns+1)*sizeof(int));
- certNums[0] = 0;
- for (i=0; icertKeys[0]);
- certNums[i+1] = i;
- }
- /* Sort the array by validity. */
- qsort(certs, ns, sizeof(CERTCertificate*),
- (int (*)(const void *, const void *))certIsOlder);
- newestSubject = -1;
- for (i=0; iderSubject,
- &certs[0]->derSubject))
- newestSubject = sNum;
- else
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry1);
- }
- if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) {
- for (i=1; i= 0 && certNums[i] != certNums[0]) {
- deleteAllEntriesForCert(handle, certs[certNums[i]], info->out);
- info->dbErrors[dbOlderCert]++;
- }
- }
- }
- CERT_DestroyCertArray(certs, ns);
- return newestSubject;
-}
-
-CERTCertDBHandle *
-DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname,
- PRFileDesc *outfile, PRBool removeExpired,
- PRBool requireProfile, PRBool singleEntry,
- PRBool promptUser)
-{
- SECStatus rv;
- dbRestoreInfo info;
- certDBEntryContentVersion *oldContentVersion;
- certDBArray dbArray;
- int i;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (outfile) ? PR_TRUE : PR_FALSE;
- info.out = (outfile) ? outfile : PR_STDOUT;
- info.removeType[dbInvalidCert] = removeExpired;
- info.removeType[dbNoSMimeProfile] = requireProfile;
- info.removeType[dbOlderCert] = singleEntry;
- info.promptUser[dbInvalidCert] = promptUser;
- info.promptUser[dbNoSMimeProfile] = promptUser;
- info.promptUser[dbOlderCert] = promptUser;
-
- /* Allocate a handle to fill with CERT_OpenCertDB below. */
- info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!info.handle) {
- fprintf(stderr, "unable to get database handle");
- return NULL;
- }
-
- /* Create a certdb with the most recent set of roots. */
- rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE);
-
- if (rv) {
- fprintf(stderr, "could not open certificate database");
- goto loser;
- }
-
- /* Create certificate, subject, nickname, and email records.
- * mcom_db seems to have a sequential access bug. Though reads and writes
- * should be allowed during traversal, they seem to screw up the sequence.
- * So, stuff all the cert entries into an array, and loop over the array
- * doing read/writes in the db.
- */
- fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs);
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle);
- /* entries get destroyed in addCertToDB */
- }
-#if 0
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile,
- copyDBEntry, info.handle);
-#endif
-
- /* Fix up the pointers between (nickname|S/MIME) --> (subject).
- * Create S/MIME entries for S/MIME certs.
- * Have the S/MIME entry point to the last-expiring cert using
- * an email address.
- */
-#if 0
- CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info);
-#endif
-
- freeDBEntryList(&dbArray.certs.link);
-
- /* Copy over the version record. */
- /* XXX Already exists - and _must_ be correct... */
- /*
- versionEntry = ReadDBVersionEntry(oldhandle);
- rv = WriteDBVersionEntry(info.handle, versionEntry);
- */
-
- /* Copy over the content version record. */
- /* XXX Can probably get useful info from old content version?
- * Was this db created before/after this tool? etc.
- */
-#if 0
- oldContentVersion = ReadDBContentVersionEntry(oldhandle);
- CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle);
-#endif
-
-#if 0
- /* Copy over the CRL & KRL records. */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation,
- copyDBEntry, info.handle);
- /* XXX Only one KRL, just do db->get? */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation,
- copyDBEntry, info.handle);
-#endif
-
- PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts);
-
- PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts);
- PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n",
- info.dbErrors[dbInvalidCert]);
- PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n",
- info.dbErrors[dbNoSMimeProfile]);
- PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n",
- info.dbErrors[dbOlderCert]);
- PR_fprintf(info.out, " Rejected %d corrupt certificates.\n",
- info.dbErrors[dbBadCertificate]);
- PR_fprintf(info.out, " Rejected %d certificates which did not write to the DB.\n",
- info.dbErrors[dbCertNotWrittenToDB]);
-
- if (rv)
- goto loser;
-
- return info.handle;
-
-loser:
- if (info.handle)
- PORT_Free(info.handle);
- return NULL;
-}
-#endif /* DORECOVER */
-
-enum {
- cmd_Debug = 0,
- cmd_LongUsage,
- cmd_Recover
-};
-
-enum {
- opt_KeepAll = 0,
- opt_CertDir,
- opt_Dumpfile,
- opt_InputDB,
- opt_OutputDB,
- opt_Mailfile,
- opt_Prompt,
- opt_KeepRedundant,
- opt_KeepNoSMimeProfile,
- opt_Verbose,
- opt_KeepExpired
-};
-
-static secuCommandFlag dbck_commands[] =
-{
- { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag dbck_options[] =
-{
- { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE },
- { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE },
- { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- CERTCertDBHandle *certHandle;
-
- PRFileInfo fileInfo;
- PRFileDesc *mailfile = NULL;
- PRFileDesc *dumpfile = NULL;
-
- char * pathname = 0;
- char * fullname = 0;
- char * newdbname = 0;
-
- PRBool removeExpired, requireProfile, singleEntry;
-
- SECStatus rv;
-
- secuCommand dbck;
- dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag);
- dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag);
- dbck.commands = dbck_commands;
- dbck.options = dbck_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &dbck);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (dbck.commands[cmd_LongUsage].activated)
- LongUsage(progName);
-
- if (!dbck.commands[cmd_Debug].activated &&
- !dbck.commands[cmd_Recover].activated) {
- PR_fprintf(PR_STDERR, "Please specify -D or -R.\n");
- Usage(progName);
- }
-
- removeExpired = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepExpired].activated);
-
- requireProfile = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepNoSMimeProfile].activated);
-
- singleEntry = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepRedundant].activated);
-
- if (dbck.options[opt_OutputDB].activated) {
- newdbname = PL_strdup(dbck.options[opt_OutputDB].arg);
- } else {
- newdbname = PL_strdup("new_cert7.db");
- }
-
- /* Create a generic graph of the database. */
- if (dbck.options[opt_Mailfile].activated) {
- mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660);
- if (!mailfile) {
- fprintf(stderr, "Unable to create mailfile.\n");
- return -1;
- }
- }
-
- /* Dump all debugging info while running. */
- if (dbck.options[opt_Verbose].activated) {
- if (dbck.options[opt_Dumpfile].activated) {
- dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg,
- PR_RDWR | PR_CREATE_FILE, 00660);
- }
- if (!dumpfile) {
- fprintf(stderr, "Unable to create dumpfile.\n");
- return -1;
- }
- }
-
- /* Set the cert database directory. */
- if (dbck.options[opt_CertDir].activated) {
- SECU_ConfigDirectory(dbck.options[opt_CertDir].arg);
- }
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- SEC_Init();
-
- certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!certHandle) {
- SECU_PrintError(progName, "unable to get database handle");
- return -1;
- }
-
- /* Open the possibly corrupt database. */
- if (dbck.options[opt_InputDB].activated) {
- pathname = SECU_ConfigDirectory(NULL);
- fullname = PR_smprintf("%s/%s", pathname,
- dbck.options[opt_InputDB].arg);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE);
- } else {
- /* Use the default. */
- fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDB(certHandle, PR_TRUE,
- SECU_CertDBNameCallback, NULL);
- }
-
- if (rv) {
- SECU_PrintError(progName, "unable to open cert database");
- return -1;
- }
-
- if (dbck.commands[cmd_Debug].activated) {
- DBCK_DebugDB(certHandle, dumpfile, mailfile);
- return 0;
- }
-
-#ifdef DORECOVER
- if (dbck.commands[cmd_Recover].activated) {
- DBCK_ReconstructDBFromCerts(certHandle, newdbname,
- dumpfile, removeExpired,
- requireProfile, singleEntry,
- dbck.options[opt_Prompt].activated);
- return 0;
- }
-#endif
-
- if (mailfile)
- PR_Close(mailfile);
- if (dumpfile)
- PR_Close(dumpfile);
- if (certHandle) {
- CERT_ClosePermCertDB(certHandle);
- PORT_Free(certHandle);
- }
- return -1;
-}
diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn
deleted file mode 100644
index 79327c08e1..0000000000
--- a/security/nss/cmd/dbck/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- dbck.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = dbck
diff --git a/security/nss/cmd/dbtest/Makefile b/security/nss/cmd/dbtest/Makefile
deleted file mode 100644
index ea25b8125c..0000000000
--- a/security/nss/cmd/dbtest/Makefile
+++ /dev/null
@@ -1,92 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifdef XP_OS2_VACPP
-CFLAGS += -I../modutil
-endif
-
-ifeq (,$(filter-out WINNT WIN95 WIN16,$(OS_TARGET))) # omits WINCE
-ifndef BUILD_OPT
-ifndef NS_USE_GCC
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-endif
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c
deleted file mode 100644
index d01c8180e4..0000000000
--- a/security/nss/cmd/dbtest/dbtest.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- * Sonja Mirtitsch Sun Microsystems
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
-** dbtest.c
-**
-** QA test for cert and key databases, especially to open
-** database readonly (NSS_INIT_READONLY) and force initializations
-** even if the databases cannot be opened (NSS_INIT_FORCEOPEN)
-**
-*/
-#include
-#include
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "certdb.h"
-#include "nss.h"
-#include "../modutil/modutil.h"
-
-#include "plgetopt.h"
-
-static char *progName;
-
-char *dbDir = NULL;
-
-static char *dbName[]={"secmod.db", "cert8.db", "key3.db"};
-static char* dbprefix = "";
-static char* secmodName = "secmod.db";
-PRBool verbose;
-
-
-static void Usage(const char *progName)
-{
- printf("Usage: %s [-r] [-f] [-d dbdir ] \n",
- progName);
- printf("%-20s open database readonly (NSS_INIT_READONLY)\n", "-r");
- printf("%-20s Continue to force initializations even if the\n", "-f");
- printf("%-20s databases cannot be opened (NSS_INIT_FORCEOPEN)\n", " ");
- printf("%-20s Directory with cert database (default is .\n",
- "-d certdir");
- exit(1);
-}
-
-int main(int argc, char **argv)
-{
- PLOptState *optstate;
- PLOptStatus optstatus;
-
- PRUint32 flags = 0;
- Error ret;
- SECStatus rv;
- char * dbString = NULL;
- int i;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "rfd:h");
-
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'h':
- default : Usage(progName); break;
-
- case 'r': flags |= NSS_INIT_READONLY; break;
-
- case 'f': flags |= NSS_INIT_FORCEOPEN; break;
-
- case 'd':
- dbDir = PORT_Strdup(optstate->value);
- break;
-
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if (!dbDir) {
- dbDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
- }
- dbDir = SECU_ConfigDirectory(dbDir);
- PR_fprintf(PR_STDERR, "dbdir selected is %s\n\n", dbDir);
-
- if( dbDir[0] == '\0') {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
- ret= DIR_DOESNT_EXIST_ERR;
- goto loser;
- }
-
-
- PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- /* get the status of the directory and databases and output message */
- if(PR_Access(dbDir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dbDir);
- } else if(PR_Access(dbDir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dbDir);
- } else {
- if( !( flags & NSS_INIT_READONLY ) &&
- PR_Access(dbDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dbDir);
- }
- for (i=0;i<3;i++) {
- dbString=PR_smprintf("%s/%s",dbDir,dbName[i]);
- PR_fprintf(PR_STDOUT, "database checked is %s\n",dbString);
- if(PR_Access(dbString, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_DOESNT_EXIST_ERR],
- dbString);
- } else if(PR_Access(dbString, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- dbString);
- } else if( !( flags & NSS_INIT_READONLY ) &&
- PR_Access(dbString, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- dbString);
- }
- }
- }
-
- rv = NSS_Initialize(SECU_ConfigDirectory(dbDir), dbprefix, dbprefix,
- secmodName, flags);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- ret=NSS_INITIALIZE_FAILED_ERR;
- } else {
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
- ret=SUCCESS;
- }
-
-loser:
- return ret;
-}
-
diff --git a/security/nss/cmd/dbtest/manifest.mn b/security/nss/cmd/dbtest/manifest.mn
deleted file mode 100644
index 0e3ba6c991..0000000000
--- a/security/nss/cmd/dbtest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-# DIRS =
-
-CSRCS = dbtest.c
-
-PROGRAM = dbtest
-
diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile
deleted file mode 100644
index 140b4191ff..0000000000
--- a/security/nss/cmd/derdump/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c
deleted file mode 100644
index 7103eef2c3..0000000000
--- a/security/nss/cmd/derdump/derdump.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "secutil.h"
-#include "nss.h"
-#include
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-#include "plgetopt.h"
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-r] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n",
- "-r");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- SECItem der;
- SECStatus rv;
- int16 xp_error;
- PRBool raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- inFile = 0;
- outFile = 0;
- optstate = PL_CreateOptState(argc, argv, "i:o:r");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'r':
- raw = PR_TRUE;
- break;
-
- default:
- Usage(progName);
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- rv = NSS_NoDB_Init(NULL); /* XXX */
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE);
- if (rv == SECSuccess) {
- rv = DER_PrettyPrint(outFile, &der, raw);
- if (rv == SECSuccess)
- return 0;
- }
-
- xp_error = PORT_GetError();
- if (xp_error) {
- SECU_PrintError(progName, "error %d", xp_error);
- }
- if (errno) {
- SECU_PrintSystemError(progName, "errno=%d", errno);
- }
- return 1;
-}
diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn
deleted file mode 100644
index f9299f0def..0000000000
--- a/security/nss/cmd/derdump/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = derdump.c
-
-PROGRAM = derdump
diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile
deleted file mode 100644
index 140b4191ff..0000000000
--- a/security/nss/cmd/digest/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c
deleted file mode 100644
index 7a37856d9c..0000000000
--- a/security/nss/cmd/digest/digest.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "secutil.h"
-#include "pk11func.h"
-#include "secoid.h"
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#include "plgetopt.h"
-
-static SECOidData *
-HashTypeToOID(HASH_HashType hashtype)
-{
- SECOidTag hashtag;
-
- if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL)
- return NULL;
-
- switch (hashtype) {
- case HASH_AlgMD2:
- hashtag = SEC_OID_MD2;
- break;
- case HASH_AlgMD5:
- hashtag = SEC_OID_MD5;
- break;
- case HASH_AlgSHA1:
- hashtag = SEC_OID_SHA1;
- break;
- default:
- fprintf(stderr, "A new hash type has been added to HASH_HashType.\n");
- fprintf(stderr, "This program needs to be updated!\n");
- return NULL;
- }
-
- return SECOID_FindOIDByTag(hashtag);
-}
-
-static SECOidData *
-HashNameToOID(const char *hashName)
-{
- HASH_HashType htype;
- SECOidData *hashOID;
-
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- hashOID = HashTypeToOID(htype);
- if (PORT_Strcasecmp(hashName, hashOID->desc) == 0)
- break;
- }
-
- if (htype == HASH_AlgTOTAL)
- return NULL;
-
- return hashOID;
-}
-
-static void
-Usage(char *progName)
-{
- HASH_HashType htype;
-
- fprintf(stderr,
- "Usage: %s -t type [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Specify the digest method (must be one of\n",
- "-t type");
- fprintf(stderr, "%-20s ", "");
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- fprintf(stderr, HashTypeToOID(htype)->desc);
- if (htype == (HASH_AlgTOTAL - 2))
- fprintf(stderr, " or ");
- else if (htype != (HASH_AlgTOTAL - 1))
- fprintf(stderr, ", ");
- }
- fprintf(stderr, " (case ignored))\n");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-static int
-DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID)
-{
- int nb;
- unsigned char ibuf[4096], digest[32];
- PK11Context *hashcx;
- unsigned int len;
- SECStatus rv;
-
- hashcx = PK11_CreateDigestContext(hashOID->offset);
- if (hashcx == NULL) {
- return -1;
- }
- PK11_DigestBegin(hashcx);
-
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- PK11_DestroyContext(hashcx,PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- }
- rv = PK11_DigestOp(hashcx, ibuf, nb);
- if (rv != SECSuccess) {
- PK11_DestroyContext(hashcx, PR_TRUE);
- return -1;
- }
- }
-
- rv = PK11_DigestFinal(hashcx, digest, &len, 32);
- PK11_DestroyContext(hashcx, PR_TRUE);
-
- if (rv != SECSuccess) return -1;
-
- nb = fwrite(digest, 1, len, outFile);
- if (nb != len) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return 0;
-}
-
-#include "nss.h"
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *inFile, *outFile;
- char *hashName;
- SECOidData *hashOID;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- hashName = NULL;
-
- rv = NSS_Init("/tmp");
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: NSS_Init failed in directory %s\n",
- progName, "/tmp");
- return -1;
- }
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "t:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 't':
- hashName = strdup(optstate->value);
- break;
- }
- }
-
- if (!hashName) Usage(progName);
-
- if (!inFile) inFile = stdin;
- if (!outFile) outFile = stdout;
-
- hashOID = HashNameToOID(hashName);
- if (hashOID == NULL) {
- fprintf(stderr, "%s: invalid digest type\n", progName);
- Usage(progName);
- }
-
- if (DigestFile(outFile, inFile, hashOID)) {
- fprintf(stderr, "%s: problem digesting data (%s)\n",
- progName, SECU_Strerror(PORT_GetError()));
- return -1;
- }
-
- if (NSS_Shutdown() != SECSuccess) {
- exit(1);
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn
deleted file mode 100644
index e4c9193be9..0000000000
--- a/security/nss/cmd/digest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = digest.c
-
-PROGRAM = digest
-
diff --git a/security/nss/cmd/fipstest/Makefile b/security/nss/cmd/fipstest/Makefile
deleted file mode 100755
index 60f791f6cf..0000000000
--- a/security/nss/cmd/fipstest/Makefile
+++ /dev/null
@@ -1,86 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-# -always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-# -L/usr/lib \
-# -lposix4 \
-# $(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/fipstest/aes.sh b/security/nss/cmd/fipstest/aes.sh
deleted file mode 100644
index 09ed494bf6..0000000000
--- a/security/nss/cmd/fipstest/aes.sh
+++ /dev/null
@@ -1,94 +0,0 @@
-#!/bin/sh
-#
-# A Bourne shell script for running the NIST AES Algorithm Validation Suite
-#
-# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
-# variables appropriately so that the fipstest command and the NSPR and NSS
-# shared libraries/DLLs are on the search path. Then run this script in the
-# directory where the REQUEST (.req) files reside. The script generates the
-# RESPONSE (.rsp) files in the same directory.
-
-cbc_kat_requests="
-CBCGFSbox128.req
-CBCGFSbox192.req
-CBCGFSbox256.req
-CBCKeySbox128.req
-CBCKeySbox192.req
-CBCKeySbox256.req
-CBCVarKey128.req
-CBCVarKey192.req
-CBCVarKey256.req
-CBCVarTxt128.req
-CBCVarTxt192.req
-CBCVarTxt256.req
-"
-
-cbc_mct_requests="
-CBCMCT128.req
-CBCMCT192.req
-CBCMCT256.req
-"
-
-cbc_mmt_requests="
-CBCMMT128.req
-CBCMMT192.req
-CBCMMT256.req
-"
-
-ecb_kat_requests="
-ECBGFSbox128.req
-ECBGFSbox192.req
-ECBGFSbox256.req
-ECBKeySbox128.req
-ECBKeySbox192.req
-ECBKeySbox256.req
-ECBVarKey128.req
-ECBVarKey192.req
-ECBVarKey256.req
-ECBVarTxt128.req
-ECBVarTxt192.req
-ECBVarTxt256.req
-"
-
-ecb_mct_requests="
-ECBMCT128.req
-ECBMCT192.req
-ECBMCT256.req
-"
-
-ecb_mmt_requests="
-ECBMMT128.req
-ECBMMT192.req
-ECBMMT256.req
-"
-
-for request in $ecb_kat_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes kat ecb $request > $response
-done
-for request in $ecb_mmt_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes mmt ecb $request > $response
-done
-for request in $ecb_mct_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes mct ecb $request > $response
-done
-for request in $cbc_kat_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes kat cbc $request > $response
-done
-for request in $cbc_mmt_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes mmt cbc $request > $response
-done
-for request in $cbc_mct_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest aes mct cbc $request > $response
-done
diff --git a/security/nss/cmd/fipstest/ecdsa.sh b/security/nss/cmd/fipstest/ecdsa.sh
deleted file mode 100644
index 306c8650f3..0000000000
--- a/security/nss/cmd/fipstest/ecdsa.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/sh
-#
-# A Bourne shell script for running the NIST ECDSA Validation System
-#
-# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
-# variables appropriately so that the fipstest command and the NSPR and NSS
-# shared libraries/DLLs are on the search path. Then run this script in the
-# directory where the REQUEST (.req) files reside. The script generates the
-# RESPONSE (.rsp) files in the same directory.
-
-request=KeyPair.req
-response=`echo $request | sed -e "s/req/rsp/"`
-echo $request $response
-fipstest ecdsa keypair $request > $response
-
-request=PKV.req
-response=`echo $request | sed -e "s/req/rsp/"`
-echo $request $response
-fipstest ecdsa pkv $request > $response
-
-request=SigGen.req
-response=`echo $request | sed -e "s/req/rsp/"`
-echo $request $response
-fipstest ecdsa siggen $request > $response
-
-request=SigVer.req
-response=`echo $request | sed -e "s/req/rsp/"`
-echo $request $response
-fipstest ecdsa sigver $request > $response
diff --git a/security/nss/cmd/fipstest/fipstest.c b/security/nss/cmd/fipstest/fipstest.c
deleted file mode 100644
index 48d47f9f10..0000000000
--- a/security/nss/cmd/fipstest/fipstest.c
+++ /dev/null
@@ -1,3411 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include
-#include
-#include
-
-#include "secitem.h"
-#include "blapi.h"
-#include "nss.h"
-#include "secerr.h"
-#include "secoidt.h"
-#include "keythi.h"
-#include "ec.h"
-#if 0
-#include "../../lib/freebl/mpi/mpi.h"
-#endif
-
-#ifdef NSS_ENABLE_ECC
-
-extern SECStatus
-EC_DecodeParams(const SECItem *encodedParams, ECParams **ecparams);
-
-#endif
-
-#define ENCRYPT 1
-#define DECRYPT 0
-#define BYTE unsigned char
-
-SECStatus
-hex_from_2char(const unsigned char *c2, unsigned char *byteval)
-{
- int i;
- unsigned char offset;
- *byteval = 0;
- for (i=0; i<2; i++) {
- if (c2[i] >= '0' && c2[i] <= '9') {
- offset = c2[i] - '0';
- *byteval |= offset << 4*(1-i);
- } else if (c2[i] >= 'a' && c2[i] <= 'f') {
- offset = c2[i] - 'a';
- *byteval |= (offset + 10) << 4*(1-i);
- } else if (c2[i] >= 'A' && c2[i] <= 'F') {
- offset = c2[i] - 'A';
- *byteval |= (offset + 10) << 4*(1-i);
- } else {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-char2_from_hex(unsigned char byteval, unsigned char *c2, char a)
-{
- int i;
- unsigned char offset;
- for (i=0; i<2; i++) {
- offset = (byteval >> 4*(1-i)) & 0x0f;
- if (offset < 10) {
- c2[i] = '0' + offset;
- } else {
- c2[i] = a + offset - 10;
- }
- }
- return SECSuccess;
-}
-
-void
-to_hex_str(char *str, const unsigned char *buf, unsigned int len)
-{
- unsigned int i;
- for (i=0; i 2*len) {
- /*
- * The input hex string is too long, but we allow it if the
- * extra digits are leading 0's.
- */
- for (j = 0; j < nxdigit-2*len; j++) {
- if (str[j] != '0') {
- return PR_FALSE;
- }
- }
- /* skip leading 0's */
- str += nxdigit-2*len;
- nxdigit = 2*len;
- }
- for (i=0, j=0; i< len; i++) {
- if (2*i < 2*len-nxdigit) {
- /* Handle a short input as if we padded it with leading 0's. */
- if (2*i+1 < 2*len-nxdigit) {
- buf[i] = 0;
- } else {
- char tmp[2];
- tmp[0] = '0';
- tmp[1] = str[j];
- hex_from_2char(tmp, &buf[i]);
- j++;
- }
- } else {
- hex_from_2char(&str[j], &buf[i]);
- j += 2;
- }
- }
- return PR_TRUE;
-}
-
-SECStatus
-tdea_encrypt_buf(
- int mode,
- const unsigned char *key,
- const unsigned char *iv,
- unsigned char *output, unsigned int *outputlen, unsigned int maxoutputlen,
- const unsigned char *input, unsigned int inputlen)
-{
- SECStatus rv = SECFailure;
- DESContext *cx;
- unsigned char doublecheck[8*20]; /* 1 to 20 blocks */
- unsigned int doublechecklen = 0;
-
- cx = DES_CreateContext(key, iv, mode, PR_TRUE);
- if (cx == NULL) {
- goto loser;
- }
- rv = DES_Encrypt(cx, output, outputlen, maxoutputlen, input, inputlen);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (*outputlen != inputlen) {
- goto loser;
- }
- DES_DestroyContext(cx, PR_TRUE);
- cx = NULL;
-
- /*
- * Doublecheck our result by decrypting the ciphertext and
- * compare the output with the input plaintext.
- */
- cx = DES_CreateContext(key, iv, mode, PR_FALSE);
- if (cx == NULL) {
- goto loser;
- }
- rv = DES_Decrypt(cx, doublecheck, &doublechecklen, sizeof doublecheck,
- output, *outputlen);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (doublechecklen != *outputlen) {
- goto loser;
- }
- DES_DestroyContext(cx, PR_TRUE);
- cx = NULL;
- if (memcmp(doublecheck, input, inputlen) != 0) {
- goto loser;
- }
- rv = SECSuccess;
-
-loser:
- if (cx != NULL) {
- DES_DestroyContext(cx, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-tdea_decrypt_buf(
- int mode,
- const unsigned char *key,
- const unsigned char *iv,
- unsigned char *output, unsigned int *outputlen, unsigned int maxoutputlen,
- const unsigned char *input, unsigned int inputlen)
-{
- SECStatus rv = SECFailure;
- DESContext *cx;
- unsigned char doublecheck[8*20]; /* 1 to 20 blocks */
- unsigned int doublechecklen = 0;
-
- cx = DES_CreateContext(key, iv, mode, PR_FALSE);
- if (cx == NULL) {
- goto loser;
- }
- rv = DES_Decrypt(cx, output, outputlen, maxoutputlen,
- input, inputlen);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (*outputlen != inputlen) {
- goto loser;
- }
- DES_DestroyContext(cx, PR_TRUE);
- cx = NULL;
-
- /*
- * Doublecheck our result by encrypting the plaintext and
- * compare the output with the input ciphertext.
- */
- cx = DES_CreateContext(key, iv, mode, PR_TRUE);
- if (cx == NULL) {
- goto loser;
- }
- rv = DES_Encrypt(cx, doublecheck, &doublechecklen, sizeof doublecheck,
- output, *outputlen);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (doublechecklen != *outputlen) {
- goto loser;
- }
- DES_DestroyContext(cx, PR_TRUE);
- cx = NULL;
- if (memcmp(doublecheck, input, inputlen) != 0) {
- goto loser;
- }
- rv = SECSuccess;
-
-loser:
- if (cx != NULL) {
- DES_DestroyContext(cx, PR_TRUE);
- }
- return rv;
-}
-
-/*
- * Perform the TDEA Known Answer Test (KAT) or Multi-block Message
- * Test (MMT) in ECB or CBC mode. The KAT (there are five types)
- * and MMT have the same structure: given the key and IV (CBC mode
- * only), encrypt the given plaintext or decrypt the given ciphertext.
- * So we can handle them the same way.
- *
- * reqfn is the pathname of the REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-tdea_kat_mmt(char *reqfn)
-{
- char buf[180]; /* holds one line from the input REQUEST file.
- * needs to be large enough to hold the longest
- * line "CIPHERTEXT = <180 hex digits>\n".
- */
- FILE *req; /* input stream from the REQUEST file */
- FILE *resp; /* output stream to the RESPONSE file */
- int i, j;
- int mode; /* NSS_DES_EDE3 (ECB) or NSS_DES_EDE3_CBC */
- int crypt = DECRYPT; /* 1 means encrypt, 0 means decrypt */
- unsigned char key[24]; /* TDEA 3 key bundle */
- unsigned int numKeys = 0;
- unsigned char iv[8]; /* for all modes except ECB */
- unsigned char plaintext[8*20]; /* 1 to 20 blocks */
- unsigned int plaintextlen;
- unsigned char ciphertext[8*20]; /* 1 to 20 blocks */
- unsigned int ciphertextlen;
- SECStatus rv;
-
- req = fopen(reqfn, "r");
- resp = stdout;
- while (fgets(buf, sizeof buf, req) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, resp);
- continue;
- }
- /* [ENCRYPT] or [DECRYPT] */
- if (buf[0] == '[') {
- if (strncmp(&buf[1], "ENCRYPT", 7) == 0) {
- crypt = ENCRYPT;
- } else {
- crypt = DECRYPT;
- }
- fputs(buf, resp);
- continue;
- }
- /* NumKeys */
- if (strncmp(&buf[0], "NumKeys", 7) == 0) {
- i = 7;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- numKeys = buf[i];
- fputs(buf, resp);
- continue;
- }
- /* "COUNT = x" begins a new data set */
- if (strncmp(buf, "COUNT", 5) == 0) {
- /* mode defaults to ECB, if dataset has IV mode will be set CBC */
- mode = NSS_DES_EDE3;
- /* zeroize the variables for the test with this data set */
- memset(key, 0, sizeof key);
- memset(iv, 0, sizeof iv);
- memset(plaintext, 0, sizeof plaintext);
- plaintextlen = 0;
- memset(ciphertext, 0, sizeof ciphertext);
- ciphertextlen = 0;
- fputs(buf, resp);
- continue;
- }
- if (numKeys == 0) {
- if (strncmp(buf, "KEYs", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- key[j+8] = key[j];
- key[j+16] = key[j];
- }
- fputs(buf, resp);
- continue;
- }
- } else {
- /* KEY1 = ... */
- if (strncmp(buf, "KEY1", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- fputs(buf, resp);
- continue;
- }
- /* KEY2 = ... */
- if (strncmp(buf, "KEY2", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=8; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- fputs(buf, resp);
- continue;
- }
- /* KEY3 = ... */
- if (strncmp(buf, "KEY3", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=16; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- fputs(buf, resp);
- continue;
- }
- }
-
- /* IV = ... */
- if (strncmp(buf, "IV", 2) == 0) {
- mode = NSS_DES_EDE3_CBC;
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; j> 4;
- in ^= in >> 2;
- in ^= in >> 1;
- return (BYTE)(out ^ !(in & 1));
-}
-
-/*
- * Generate Keys [i+1] from Key[i], PT/CT[j-2], PT/CT[j-1], and PT/CT[j]
- * for TDEA Monte Carlo Test (MCT) in ECB and CBC modes.
- */
-void
-tdea_mct_next_keys(unsigned char *key,
- const unsigned char *text_2, const unsigned char *text_1,
- const unsigned char *text, unsigned int numKeys)
-{
- int k;
-
- /* key1[i+1] = key1[i] xor PT/CT[j] */
- for (k=0; k<8; k++) {
- key[k] ^= text[k];
- }
- /* key2 */
- if (numKeys == 2 || numKeys == 3) {
- /* key2 independent */
- for (k=8; k<16; k++) {
- /* key2[i+1] = KEY2[i] xor PT/CT[j-1] */
- key[k] ^= text_1[k-8];
- }
- } else {
- /* key2 == key 1 */
- for (k=8; k<16; k++) {
- /* key2[i+1] = KEY2[i] xor PT/CT[j] */
- key[k] = key[k-8];
- }
- }
- /* key3 */
- if (numKeys == 1 || numKeys == 2) {
- /* key3 == key 1 */
- for (k=16; k<24; k++) {
- /* key3[i+1] = KEY3[i] xor PT/CT[j] */
- key[k] = key[k-16];
- }
- } else {
- /* key3 independent */
- for (k=16; k<24; k++) {
- /* key3[i+1] = KEY3[i] xor PT/CT[j-2] */
- key[k] ^= text_2[k-16];
- }
- }
- /* set the parity bits */
- for (k=0; k<24; k++) {
- key[k] = odd_parity(key[k]);
- }
-}
-
-/*
- * Perform the Monte Carlo Test
- *
- * mode = NSS_DES_EDE3 or NSS_DES_EDE3_CBC
- * crypt = ENCRYPT || DECRYPT
- * inputtext = plaintext or Cyphertext depending on the value of crypt
- * inputlength is expected to be size 8 bytes
- * iv = needs to be set for NSS_DES_EDE3_CBC mode
- * resp = is the output response file.
- */
- void
-tdea_mct_test(int mode, unsigned char* key, unsigned int numKeys,
- unsigned int crypt, unsigned char* inputtext,
- unsigned int inputlength, unsigned char* iv, FILE *resp) {
-
- int i, j;
- unsigned char outputtext_1[8]; /* PT/CT[j-1] */
- unsigned char outputtext_2[8]; /* PT/CT[j-2] */
- char buf[80]; /* holds one line from the input REQUEST file. */
- unsigned int outputlen;
- unsigned char outputtext[8];
-
-
- SECStatus rv;
-
- if (mode == NSS_DES_EDE3 && iv != NULL) {
- printf("IV must be NULL for NSS_DES_EDE3 mode");
- goto loser;
- } else if (mode == NSS_DES_EDE3_CBC && iv == NULL) {
- printf("IV must not be NULL for NSS_DES_EDE3_CBC mode");
- goto loser;
- }
-
- /* loop 400 times */
- for (i=0; i<400; i++) {
- /* if i == 0 CV[0] = IV not necessary */
- /* record the count and key values and plainText */
- sprintf(buf, "COUNT = %d\n", i);
- fputs(buf, resp);
- /* Output KEY1[i] */
- fputs("KEY1 = ", resp);
- to_hex_str(buf, key, 8);
- fputs(buf, resp);
- fputc('\n', resp);
- /* Output KEY2[i] */
- fputs("KEY2 = ", resp);
- to_hex_str(buf, &key[8], 8);
- fputs(buf, resp);
- fputc('\n', resp);
- /* Output KEY3[i] */
- fputs("KEY3 = ", resp);
- to_hex_str(buf, &key[16], 8);
- fputs(buf, resp);
- fputc('\n', resp);
- if (mode == NSS_DES_EDE3_CBC) {
- /* Output CV[i] */
- fputs("IV = ", resp);
- to_hex_str(buf, iv, 8);
- fputs(buf, resp);
- fputc('\n', resp);
- }
- if (crypt == ENCRYPT) {
- /* Output PT[0] */
- fputs("PLAINTEXT = ", resp);
- } else {
- /* Output CT[0] */
- fputs("CIPHERTEXT = ", resp);
- }
-
- to_hex_str(buf, inputtext, inputlength);
- fputs(buf, resp);
- fputc('\n', resp);
-
- /* loop 10,000 times */
- for (j=0; j<10000; j++) {
-
- outputlen = 0;
- if (crypt == ENCRYPT) {
- /* inputtext == ciphertext outputtext == plaintext*/
- rv = tdea_encrypt_buf(mode, key,
- (mode == NSS_DES_EDE3) ? NULL : iv,
- outputtext, &outputlen, 8,
- inputtext, 8);
- } else {
- /* inputtext == plaintext outputtext == ciphertext */
- rv = tdea_decrypt_buf(mode, key,
- (mode == NSS_DES_EDE3) ? NULL : iv,
- outputtext, &outputlen, 8,
- inputtext, 8);
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
- if (outputlen != inputlength) {
- goto loser;
- }
-
- if (mode == NSS_DES_EDE3_CBC) {
- if (crypt == ENCRYPT) {
- if (j == 0) {
- /*P[j+1] = CV[0] */
- memcpy(inputtext, iv, 8);
- } else {
- /* p[j+1] = C[j-1] */
- memcpy(inputtext, outputtext_1, 8);
- }
- /* CV[j+1] = C[j] */
- memcpy(iv, outputtext, 8);
- if (j != 9999) {
- /* save C[j-1] */
- memcpy(outputtext_1, outputtext, 8);
- }
- } else { /* DECRYPT */
- /* CV[j+1] = C[j] */
- memcpy(iv, inputtext, 8);
- /* C[j+1] = P[j] */
- memcpy(inputtext, outputtext, 8);
- }
- } else {
- /* ECB mode PT/CT[j+1] = CT/PT[j] */
- memcpy(inputtext, outputtext, 8);
- }
-
- /* Save PT/CT[j-2] and PT/CT[j-1] */
- if (j==9997) memcpy(outputtext_2, outputtext, 8);
- if (j==9998) memcpy(outputtext_1, outputtext, 8);
- /* done at the end of the for(j) loop */
- }
-
-
- if (crypt == ENCRYPT) {
- /* Output CT[j] */
- fputs("CIPHERTEXT = ", resp);
- } else {
- /* Output PT[j] */
- fputs("PLAINTEXT = ", resp);
- }
- to_hex_str(buf, outputtext, 8);
- fputs(buf, resp);
- fputc('\n', resp);
-
- /* Key[i+1] = Key[i] xor ... outputtext_2 == PT/CT[j-2]
- * outputtext_1 == PT/CT[j-1] outputtext == PT/CT[j]
- */
- tdea_mct_next_keys(key, outputtext_2,
- outputtext_1, outputtext, numKeys);
-
- if (mode == NSS_DES_EDE3_CBC) {
- /* taken care of in the j=9999 iteration */
- if (crypt == ENCRYPT) {
- /* P[i] = C[j-1] */
- /* CV[i] = C[j] */
- } else {
- /* taken care of in the j=9999 iteration */
- /* CV[i] = C[j] */
- /* C[i] = P[j] */
- }
- } else {
- /* ECB PT/CT[i] = PT/CT[j] */
- memcpy(inputtext, outputtext, 8);
- }
- /* done at the end of the for(i) loop */
- fputc('\n', resp);
- }
-
-loser:
- return;
-}
-
-/*
- * Perform the TDEA Monte Carlo Test (MCT) in ECB/CBC modes.
- * by gathering the input from the request file, and then
- * calling tdea_mct_test.
- *
- * reqfn is the pathname of the input REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-tdea_mct(int mode, char *reqfn)
-{
- int i, j;
- char buf[80]; /* holds one line from the input REQUEST file. */
- FILE *req; /* input stream from the REQUEST file */
- FILE *resp; /* output stream to the RESPONSE file */
- unsigned int crypt = 0; /* 1 means encrypt, 0 means decrypt */
- unsigned char key[24]; /* TDEA 3 key bundle */
- unsigned int numKeys = 0;
- unsigned char plaintext[8]; /* PT[j] */
- unsigned char ciphertext[8]; /* CT[j] */
- unsigned char iv[8];
-
- /* zeroize the variables for the test with this data set */
- memset(key, 0, sizeof key);
- memset(plaintext, 0, sizeof plaintext);
- memset(ciphertext, 0, sizeof ciphertext);
- memset(iv, 0, sizeof iv);
-
- req = fopen(reqfn, "r");
- resp = stdout;
- while (fgets(buf, sizeof buf, req) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, resp);
- continue;
- }
- /* [ENCRYPT] or [DECRYPT] */
- if (buf[0] == '[') {
- if (strncmp(&buf[1], "ENCRYPT", 7) == 0) {
- crypt = ENCRYPT;
- } else {
- crypt = DECRYPT;
- }
- fputs(buf, resp);
- continue;
- }
- /* NumKeys */
- if (strncmp(&buf[0], "NumKeys", 7) == 0) {
- i = 7;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- numKeys = atoi(&buf[i]);
- continue;
- }
- /* KEY1 = ... */
- if (strncmp(buf, "KEY1", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- continue;
- }
- /* KEY2 = ... */
- if (strncmp(buf, "KEY2", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=8; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- continue;
- }
- /* KEY3 = ... */
- if (strncmp(buf, "KEY3", 4) == 0) {
- i = 4;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=16; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- continue;
- }
-
- /* IV = ... */
- if (strncmp(buf, "IV", 2) == 0) {
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; j\n".
- */
- FILE *aesreq; /* input stream from the REQUEST file */
- FILE *aesresp; /* output stream to the RESPONSE file */
- int i, j;
- int mode; /* NSS_AES (ECB) or NSS_AES_CBC */
- int encrypt = 0; /* 1 means encrypt, 0 means decrypt */
- unsigned char key[32]; /* 128, 192, or 256 bits */
- unsigned int keysize;
- unsigned char iv[16]; /* for all modes except ECB */
- unsigned char plaintext[10*16]; /* 1 to 10 blocks */
- unsigned int plaintextlen;
- unsigned char ciphertext[10*16]; /* 1 to 10 blocks */
- unsigned int ciphertextlen;
- SECStatus rv;
-
- aesreq = fopen(reqfn, "r");
- aesresp = stdout;
- while (fgets(buf, sizeof buf, aesreq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, aesresp);
- continue;
- }
- /* [ENCRYPT] or [DECRYPT] */
- if (buf[0] == '[') {
- if (strncmp(&buf[1], "ENCRYPT", 7) == 0) {
- encrypt = 1;
- } else {
- encrypt = 0;
- }
- fputs(buf, aesresp);
- continue;
- }
- /* "COUNT = x" begins a new data set */
- if (strncmp(buf, "COUNT", 5) == 0) {
- mode = NSS_AES;
- /* zeroize the variables for the test with this data set */
- memset(key, 0, sizeof key);
- keysize = 0;
- memset(iv, 0, sizeof iv);
- memset(plaintext, 0, sizeof plaintext);
- plaintextlen = 0;
- memset(ciphertext, 0, sizeof ciphertext);
- ciphertextlen = 0;
- fputs(buf, aesresp);
- continue;
- }
- /* KEY = ... */
- if (strncmp(buf, "KEY", 3) == 0) {
- i = 3;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- keysize = j;
- fputs(buf, aesresp);
- continue;
- }
- /* IV = ... */
- if (strncmp(buf, "IV", 2) == 0) {
- mode = NSS_AES_CBC;
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; j\n".
- */
- FILE *aesreq; /* input stream from the REQUEST file */
- FILE *aesresp; /* output stream to the RESPONSE file */
- int i, j;
- int encrypt = 0; /* 1 means encrypt, 0 means decrypt */
- unsigned char key[32]; /* 128, 192, or 256 bits */
- unsigned int keysize;
- unsigned char plaintext[16]; /* PT[j] */
- unsigned char plaintext_1[16]; /* PT[j-1] */
- unsigned char ciphertext[16]; /* CT[j] */
- unsigned char ciphertext_1[16]; /* CT[j-1] */
- unsigned char doublecheck[16];
- unsigned int outputlen;
- AESContext *cx = NULL; /* the operation being tested */
- AESContext *cx2 = NULL; /* the inverse operation done in parallel
- * to doublecheck our result.
- */
- SECStatus rv;
-
- aesreq = fopen(reqfn, "r");
- aesresp = stdout;
- while (fgets(buf, sizeof buf, aesreq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, aesresp);
- continue;
- }
- /* [ENCRYPT] or [DECRYPT] */
- if (buf[0] == '[') {
- if (strncmp(&buf[1], "ENCRYPT", 7) == 0) {
- encrypt = 1;
- } else {
- encrypt = 0;
- }
- fputs(buf, aesresp);
- continue;
- }
- /* "COUNT = x" begins a new data set */
- if (strncmp(buf, "COUNT", 5) == 0) {
- /* zeroize the variables for the test with this data set */
- memset(key, 0, sizeof key);
- keysize = 0;
- memset(plaintext, 0, sizeof plaintext);
- memset(ciphertext, 0, sizeof ciphertext);
- continue;
- }
- /* KEY = ... */
- if (strncmp(buf, "KEY", 3) == 0) {
- /* Key[0] = Key */
- i = 3;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- keysize = j;
- continue;
- }
- /* PLAINTEXT = ... */
- if (strncmp(buf, "PLAINTEXT", 9) == 0) {
- /* sanity check */
- if (!encrypt) {
- goto loser;
- }
- /* PT[0] = PT */
- i = 9;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; j\n".
- */
- FILE *aesreq; /* input stream from the REQUEST file */
- FILE *aesresp; /* output stream to the RESPONSE file */
- int i, j;
- int encrypt = 0; /* 1 means encrypt, 0 means decrypt */
- unsigned char key[32]; /* 128, 192, or 256 bits */
- unsigned int keysize;
- unsigned char iv[16];
- unsigned char plaintext[16]; /* PT[j] */
- unsigned char plaintext_1[16]; /* PT[j-1] */
- unsigned char ciphertext[16]; /* CT[j] */
- unsigned char ciphertext_1[16]; /* CT[j-1] */
- unsigned char doublecheck[16];
- unsigned int outputlen;
- AESContext *cx = NULL; /* the operation being tested */
- AESContext *cx2 = NULL; /* the inverse operation done in parallel
- * to doublecheck our result.
- */
- SECStatus rv;
-
- aesreq = fopen(reqfn, "r");
- aesresp = stdout;
- while (fgets(buf, sizeof buf, aesreq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, aesresp);
- continue;
- }
- /* [ENCRYPT] or [DECRYPT] */
- if (buf[0] == '[') {
- if (strncmp(&buf[1], "ENCRYPT", 7) == 0) {
- encrypt = 1;
- } else {
- encrypt = 0;
- }
- fputs(buf, aesresp);
- continue;
- }
- /* "COUNT = x" begins a new data set */
- if (strncmp(buf, "COUNT", 5) == 0) {
- /* zeroize the variables for the test with this data set */
- memset(key, 0, sizeof key);
- keysize = 0;
- memset(iv, 0, sizeof iv);
- memset(plaintext, 0, sizeof plaintext);
- memset(ciphertext, 0, sizeof ciphertext);
- continue;
- }
- /* KEY = ... */
- if (strncmp(buf, "KEY", 3) == 0) {
- /* Key[0] = Key */
- i = 3;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &key[j]);
- }
- keysize = j;
- continue;
- }
- /* IV = ... */
- if (strncmp(buf, "IV", 2) == 0) {
- /* IV[0] = IV */
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; j=0; j--) {
- if (last < 0) {
- last = (hash[i] & (1 << j)) ? 1 : 0;
- fprintf(out, "%d ", last);
- count = 1;
- } else if (hash[i] & (1 << j)) {
- if (last) {
- count++;
- } else {
- last = 0;
- fprintf(out, "%d ", count);
- count = 1;
- z++;
- }
- } else {
- if (!last) {
- count++;
- } else {
- last = 1;
- fprintf(out, "%d ", count);
- count = 1;
- z++;
- }
- }
- }
- }
- fprintf(out, "^\n");
- fseek(out, start, SEEK_SET);
- fprintf(out, "%d ", z);
- fseek(out, 0, SEEK_END);
-}
-
-int get_next_line(FILE *req, char *key, char *val, FILE *rsp)
-{
- int ignore = 0;
- char *writeto = key;
- int w = 0;
- int c;
- while ((c = fgetc(req)) != EOF) {
- if (ignore) {
- fprintf(rsp, "%c", c);
- if (c == '\n') return ignore;
- } else if (c == '\n') {
- break;
- } else if (c == '#') {
- ignore = 1;
- fprintf(rsp, "%c", c);
- } else if (c == '=') {
- writeto[w] = '\0';
- w = 0;
- writeto = val;
- } else if (c == ' ' || c == '[' || c == ']') {
- continue;
- } else {
- writeto[w++] = c;
- }
- }
- writeto[w] = '\0';
- return (c == EOF) ? -1 : ignore;
-}
-
-void
-dss_test(char *reqdir, char *rspdir)
-{
- char filename[128];
- char key[24], val[1024];
- FILE *req, *rsp;
- unsigned int mod;
- SECItem digest = { 0 }, sig = { 0 };
- DSAPublicKey pubkey = { 0 };
- DSAPrivateKey privkey = { 0 };
- PQGParams params;
- PQGVerify verify;
- unsigned int i;
- int j, rv;
- goto do_pqggen;
-#if 0
- /* primality test */
-do_prime:
- sprintf(filename, "%s/prime.req", reqdir);
- req = fopen(filename, "r");
- sprintf(filename, "%s/prime.rsp", rspdir);
- rsp = fopen(filename, "w");
- while ((rv = get_next_line(req, key, val, rsp)) >= 0) {
- if (rv == 0) {
- if (strcmp(key, "mod") == 0) {
- mod = atoi(val);
- fprintf(rsp, "[mod=%d]\n", mod);
- } else if (strcmp(key, "Prime") == 0) {
- unsigned char octets[128];
- mp_int mp;
- fprintf(rsp, "Prime= %s\n", val);
- for (i=0; i= 0) {
- if (rv == 0) {
- if (strcmp(key, "mod") == 0) {
- mod = atoi(val);
- fprintf(rsp, "[mod=%d]\n", mod);
- } else if (strcmp(key, "N") == 0) {
- char str[264];
- unsigned int jj;
- int N = atoi(val);
- for (i=0; iseed.data[0] & 0x80)) {
- to_hex_str(str, vfy->seed.data, vfy->seed.len);
- fprintf(stderr, "rejected %s\n", str);
- --i;
- continue;
- }
-#endif
- to_hex_str(str, pqg->prime.data, pqg->prime.len);
- fprintf(rsp, "P= %s\n", str);
- to_hex_str(str, pqg->subPrime.data, pqg->subPrime.len);
- fprintf(rsp, "Q= %s\n", str);
- to_hex_str(str, pqg->base.data, pqg->base.len);
- fprintf(rsp, "G= %s\n", str);
- to_hex_str(str, vfy->seed.data, vfy->seed.len);
- fprintf(rsp, "Seed= %s\n", str);
- to_hex_str(str, vfy->h.data, vfy->h.len);
- fprintf(rsp, "H= ");
- for (jj=vfy->h.len; jjprime.len; jj++) {
- fprintf(rsp, "00");
- }
- fprintf(rsp, "%s\n", str);
- fprintf(rsp, "c= %d\n", vfy->counter);
- }
- }
- }
- }
- fclose(req);
- fclose(rsp);
- return;
-do_pqgver:
- /* PQG Verification */
- sprintf(filename, "%s/verpqg.req", reqdir);
- req = fopen(filename, "r");
- sprintf(filename, "%s/verpqg.rsp", rspdir);
- rsp = fopen(filename, "w");
- memset(¶ms, 0, sizeof(params));
- memset(&verify, 0, sizeof(verify));
- while ((rv = get_next_line(req, key, val, rsp)) >= 0) {
- if (rv == 0) {
- if (strcmp(key, "mod") == 0) {
- mod = atoi(val);
- fprintf(rsp, "[mod=%d]\n", mod);
- } else if (strcmp(key, "P") == 0) {
- if (params.prime.data) {
- SECITEM_ZfreeItem(¶ms.prime, PR_FALSE);
- }
- SECITEM_AllocItem(NULL, ¶ms.prime, strlen(val)/2);
- for (i=0; i= 0);
- for (j=0; j<=8; j++) {
- char str[264];
- PQGParams *pqg;
- PQGVerify *vfy;
- fprintf(rsp, "[mod=%d]\n", 512 + j*64);
- PQG_ParamGen(j, &pqg, &vfy);
- to_hex_str(str, pqg->prime.data, pqg->prime.len);
- fprintf(rsp, "P= %s\n", str);
- to_hex_str(str, pqg->subPrime.data, pqg->subPrime.len);
- fprintf(rsp, "Q= %s\n", str);
- to_hex_str(str, pqg->base.data, pqg->base.len);
- fprintf(rsp, "G= %s\n", str);
- for (i=0; i<10; i++) {
- DSAPrivateKey *dsakey;
- DSA_NewKey(pqg, &dsakey);
- to_hex_str(str, dsakey->privateValue.data,dsakey->privateValue.len);
- fprintf(rsp, "X= %s\n", str);
- to_hex_str(str, dsakey->publicValue.data, dsakey->publicValue.len);
- fprintf(rsp, "Y= %s\n", str);
- PORT_FreeArena(dsakey->params.arena, PR_TRUE);
- dsakey = NULL;
- }
- }
- fclose(req);
- fclose(rsp);
- return;
-do_siggen:
- /* Signature Gen */
- sprintf(filename, "%s/gensig.req", reqdir);
- req = fopen(filename, "r");
- sprintf(filename, "%s/gensig.rsp", rspdir);
- rsp = fopen(filename, "w");
- while ((rv = get_next_line(req, key, val, rsp)) >= 0) {
- if (rv == 0) {
- if (strcmp(key, "mod") == 0) {
- mod = atoi(val);
- fprintf(rsp, "[mod=%d]\n", mod);
- } else if (strcmp(key, "P") == 0) {
- if (privkey.params.prime.data) {
- SECITEM_ZfreeItem(&privkey.params.prime, PR_FALSE);
- }
- SECITEM_AllocItem(NULL, &privkey.params.prime, strlen(val)/2);
- for (i=0; i= 0) {
- if (rv == 0) {
- if (strcmp(key, "mod") == 0) {
- mod = atoi(val);
- fprintf(rsp, "[mod=%d]\n", mod);
- } else if (strcmp(key, "P") == 0) {
- if (pubkey.params.prime.data) {
- SECITEM_ZfreeItem(&pubkey.params.prime, PR_FALSE);
- }
- SECITEM_AllocItem(NULL, &pubkey.params.prime, strlen(val)/2);
- for (i=0; ioid.len));
-
- /*
- * ecparams->data needs to contain the ASN encoding of an object ID (OID)
- * representing the named curve. The actual OID is in
- * oidData->oid.data so we simply prepend 0x06 and OID length
- */
- ecparams->data[0] = SEC_ASN1_OBJECT_ID;
- ecparams->data[1] = oidData->oid.len;
- memcpy(ecparams->data + 2, oidData->oid.data, oidData->oid.len);
-
- return ecparams;
-}
-
-/*
- * Perform the ECDSA Key Pair Generation Test.
- *
- * reqfn is the pathname of the REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-ecdsa_keypair_test(char *reqfn)
-{
- char buf[256]; /* holds one line from the input REQUEST file
- * or to the output RESPONSE file.
- * needs to be large enough to hold the longest
- * line "Qx = <144 hex digits>\n".
- */
- FILE *ecdsareq; /* input stream from the REQUEST file */
- FILE *ecdsaresp; /* output stream to the RESPONSE file */
- char curve[16]; /* "nistxddd" */
- ECParams *ecparams;
- int N;
- int i;
- unsigned int len;
-
- ecdsareq = fopen(reqfn, "r");
- ecdsaresp = stdout;
- strcpy(curve, "nist");
- while (fgets(buf, sizeof buf, ecdsareq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, ecdsaresp);
- continue;
- }
- /* [X-ddd] */
- if (buf[0] == '[') {
- const char *src;
- char *dst;
- SECKEYECParams *encodedparams;
-
- src = &buf[1];
- dst = &curve[4];
- *dst++ = tolower(*src);
- src += 2; /* skip the hyphen */
- *dst++ = *src++;
- *dst++ = *src++;
- *dst++ = *src++;
- *dst = '\0';
- encodedparams = getECParams(curve);
- if (encodedparams == NULL) {
- goto loser;
- }
- if (EC_DecodeParams(encodedparams, &ecparams) != SECSuccess) {
- goto loser;
- }
- SECITEM_FreeItem(encodedparams, PR_TRUE);
- fputs(buf, ecdsaresp);
- continue;
- }
- /* N = x */
- if (buf[0] == 'N') {
- if (sscanf(buf, "N = %d", &N) != 1) {
- goto loser;
- }
- for (i = 0; i < N; i++) {
- ECPrivateKey *ecpriv;
-
- if (EC_NewKey(ecparams, &ecpriv) != SECSuccess) {
- goto loser;
- }
- fputs("d = ", ecdsaresp);
- to_hex_str(buf, ecpriv->privateValue.data,
- ecpriv->privateValue.len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
- if (EC_ValidatePublicKey(ecparams, &ecpriv->publicValue)
- != SECSuccess) {
- goto loser;
- }
- len = ecpriv->publicValue.len;
- if (len%2 == 0) {
- goto loser;
- }
- len = (len-1)/2;
- if (ecpriv->publicValue.data[0]
- != EC_POINT_FORM_UNCOMPRESSED) {
- goto loser;
- }
- fputs("Qx = ", ecdsaresp);
- to_hex_str(buf, &ecpriv->publicValue.data[1], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
- fputs("Qy = ", ecdsaresp);
- to_hex_str(buf, &ecpriv->publicValue.data[1+len], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
- fputc('\n', ecdsaresp);
- PORT_FreeArena(ecpriv->ecParams.arena, PR_TRUE);
- }
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- continue;
- }
- }
-loser:
- fclose(ecdsareq);
-}
-
-/*
- * Perform the ECDSA Public Key Validation Test.
- *
- * reqfn is the pathname of the REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-ecdsa_pkv_test(char *reqfn)
-{
- char buf[256]; /* holds one line from the input REQUEST file.
- * needs to be large enough to hold the longest
- * line "Qx = <144 hex digits>\n".
- */
- FILE *ecdsareq; /* input stream from the REQUEST file */
- FILE *ecdsaresp; /* output stream to the RESPONSE file */
- char curve[16]; /* "nistxddd" */
- ECParams *ecparams = NULL;
- SECItem pubkey;
- unsigned int i;
- unsigned int len;
- PRBool keyvalid = PR_TRUE;
-
- ecdsareq = fopen(reqfn, "r");
- ecdsaresp = stdout;
- strcpy(curve, "nist");
- pubkey.data = NULL;
- while (fgets(buf, sizeof buf, ecdsareq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, ecdsaresp);
- continue;
- }
- /* [X-ddd] */
- if (buf[0] == '[') {
- const char *src;
- char *dst;
- SECKEYECParams *encodedparams;
-
- src = &buf[1];
- dst = &curve[4];
- *dst++ = tolower(*src);
- src += 2; /* skip the hyphen */
- *dst++ = *src++;
- *dst++ = *src++;
- *dst++ = *src++;
- *dst = '\0';
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- ecparams = NULL;
- }
- encodedparams = getECParams(curve);
- if (encodedparams == NULL) {
- goto loser;
- }
- if (EC_DecodeParams(encodedparams, &ecparams) != SECSuccess) {
- goto loser;
- }
- SECITEM_FreeItem(encodedparams, PR_TRUE);
- len = (ecparams->fieldID.size + 7) >> 3;
- if (pubkey.data != NULL) {
- PORT_Free(pubkey.data);
- pubkey.data = NULL;
- }
- SECITEM_AllocItem(NULL, &pubkey, 2*len+1);
- if (pubkey.data == NULL) {
- goto loser;
- }
- pubkey.data[0] = EC_POINT_FORM_UNCOMPRESSED;
- fputs(buf, ecdsaresp);
- continue;
- }
- /* Qx = ... */
- if (strncmp(buf, "Qx", 2) == 0) {
- fputs(buf, ecdsaresp);
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- keyvalid = from_hex_str(&pubkey.data[1], len, &buf[i]);
- continue;
- }
- /* Qy = ... */
- if (strncmp(buf, "Qy", 2) == 0) {
- fputs(buf, ecdsaresp);
- if (!keyvalid) {
- fputs("Result = F\n", ecdsaresp);
- continue;
- }
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- keyvalid = from_hex_str(&pubkey.data[1+len], len, &buf[i]);
- if (!keyvalid) {
- fputs("Result = F\n", ecdsaresp);
- continue;
- }
- if (EC_ValidatePublicKey(ecparams, &pubkey) == SECSuccess) {
- fputs("Result = P\n", ecdsaresp);
- } else if (PORT_GetError() == SEC_ERROR_BAD_KEY) {
- fputs("Result = F\n", ecdsaresp);
- } else {
- goto loser;
- }
- continue;
- }
- }
-loser:
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- }
- if (pubkey.data != NULL) {
- PORT_Free(pubkey.data);
- }
- fclose(ecdsareq);
-}
-
-/*
- * Perform the ECDSA Signature Generation Test.
- *
- * reqfn is the pathname of the REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-ecdsa_siggen_test(char *reqfn)
-{
- char buf[1024]; /* holds one line from the input REQUEST file
- * or to the output RESPONSE file.
- * needs to be large enough to hold the longest
- * line "Msg = <256 hex digits>\n".
- */
- FILE *ecdsareq; /* input stream from the REQUEST file */
- FILE *ecdsaresp; /* output stream to the RESPONSE file */
- char curve[16]; /* "nistxddd" */
- ECParams *ecparams = NULL;
- int i, j;
- unsigned int len;
- unsigned char msg[512]; /* message to be signed (<= 128 bytes) */
- unsigned int msglen;
- unsigned char sha1[20]; /* SHA-1 hash (160 bits) */
- unsigned char sig[2*MAX_ECKEY_LEN];
- SECItem signature, digest;
-
- ecdsareq = fopen(reqfn, "r");
- ecdsaresp = stdout;
- strcpy(curve, "nist");
- while (fgets(buf, sizeof buf, ecdsareq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, ecdsaresp);
- continue;
- }
- /* [X-ddd] */
- if (buf[0] == '[') {
- const char *src;
- char *dst;
- SECKEYECParams *encodedparams;
-
- src = &buf[1];
- dst = &curve[4];
- *dst++ = tolower(*src);
- src += 2; /* skip the hyphen */
- *dst++ = *src++;
- *dst++ = *src++;
- *dst++ = *src++;
- *dst = '\0';
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- ecparams = NULL;
- }
- encodedparams = getECParams(curve);
- if (encodedparams == NULL) {
- goto loser;
- }
- if (EC_DecodeParams(encodedparams, &ecparams) != SECSuccess) {
- goto loser;
- }
- SECITEM_FreeItem(encodedparams, PR_TRUE);
- fputs(buf, ecdsaresp);
- continue;
- }
- /* Msg = ... */
- if (strncmp(buf, "Msg", 3) == 0) {
- ECPrivateKey *ecpriv;
-
- i = 3;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &msg[j]);
- }
- msglen = j;
- if (SHA1_HashBuf(sha1, msg, msglen) != SECSuccess) {
- goto loser;
- }
- fputs(buf, ecdsaresp);
-
- if (EC_NewKey(ecparams, &ecpriv) != SECSuccess) {
- goto loser;
- }
- if (EC_ValidatePublicKey(ecparams, &ecpriv->publicValue)
- != SECSuccess) {
- goto loser;
- }
- len = ecpriv->publicValue.len;
- if (len%2 == 0) {
- goto loser;
- }
- len = (len-1)/2;
- if (ecpriv->publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
- goto loser;
- }
- fputs("Qx = ", ecdsaresp);
- to_hex_str(buf, &ecpriv->publicValue.data[1], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
- fputs("Qy = ", ecdsaresp);
- to_hex_str(buf, &ecpriv->publicValue.data[1+len], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
-
- digest.type = siBuffer;
- digest.data = sha1;
- digest.len = sizeof sha1;
- signature.type = siBuffer;
- signature.data = sig;
- signature.len = sizeof sig;
- if (ECDSA_SignDigest(ecpriv, &signature, &digest) != SECSuccess) {
- goto loser;
- }
- len = signature.len;
- if (len%2 != 0) {
- goto loser;
- }
- len = len/2;
- fputs("R = ", ecdsaresp);
- to_hex_str(buf, &signature.data[0], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
- fputs("S = ", ecdsaresp);
- to_hex_str(buf, &signature.data[len], len);
- fputs(buf, ecdsaresp);
- fputc('\n', ecdsaresp);
-
- PORT_FreeArena(ecpriv->ecParams.arena, PR_TRUE);
- continue;
- }
- }
-loser:
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- }
- fclose(ecdsareq);
-}
-
-/*
- * Perform the ECDSA Signature Verification Test.
- *
- * reqfn is the pathname of the REQUEST file.
- *
- * The output RESPONSE file is written to stdout.
- */
-void
-ecdsa_sigver_test(char *reqfn)
-{
- char buf[1024]; /* holds one line from the input REQUEST file.
- * needs to be large enough to hold the longest
- * line "Msg = <256 hex digits>\n".
- */
- FILE *ecdsareq; /* input stream from the REQUEST file */
- FILE *ecdsaresp; /* output stream to the RESPONSE file */
- char curve[16]; /* "nistxddd" */
- ECParams *ecparams = NULL;
- ECPublicKey ecpub;
- unsigned int i, j;
- unsigned int flen; /* length in bytes of the field size */
- unsigned int olen; /* length in bytes of the base point order */
- unsigned char msg[512]; /* message that was signed (<= 128 bytes) */
- unsigned int msglen;
- unsigned char sha1[20]; /* SHA-1 hash (160 bits) */
- unsigned char sig[2*MAX_ECKEY_LEN];
- SECItem signature, digest;
- PRBool keyvalid = PR_TRUE;
- PRBool sigvalid = PR_TRUE;
-
- ecdsareq = fopen(reqfn, "r");
- ecdsaresp = stdout;
- ecpub.publicValue.type = siBuffer;
- ecpub.publicValue.data = NULL;
- ecpub.publicValue.len = 0;
- strcpy(curve, "nist");
- while (fgets(buf, sizeof buf, ecdsareq) != NULL) {
- /* a comment or blank line */
- if (buf[0] == '#' || buf[0] == '\n') {
- fputs(buf, ecdsaresp);
- continue;
- }
- /* [X-ddd] */
- if (buf[0] == '[') {
- const char *src;
- char *dst;
- SECKEYECParams *encodedparams;
-
- src = &buf[1];
- dst = &curve[4];
- *dst++ = tolower(*src);
- src += 2; /* skip the hyphen */
- *dst++ = *src++;
- *dst++ = *src++;
- *dst++ = *src++;
- *dst = '\0';
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- ecparams = NULL;
- }
- encodedparams = getECParams(curve);
- if (encodedparams == NULL) {
- goto loser;
- }
- if (EC_DecodeParams(encodedparams, &ecparams) != SECSuccess) {
- goto loser;
- }
- SECITEM_FreeItem(encodedparams, PR_TRUE);
- ecpub.ecParams = *ecparams;
- flen = (ecparams->fieldID.size + 7) >> 3;
- olen = ecparams->order.len;
- if (2*olen > sizeof sig) {
- goto loser;
- }
- if (ecpub.publicValue.data != NULL) {
- SECITEM_FreeItem(&ecpub.publicValue, PR_FALSE);
- }
- SECITEM_AllocItem(NULL, &ecpub.publicValue, 2*flen+1);
- if (ecpub.publicValue.data == NULL) {
- goto loser;
- }
- ecpub.publicValue.data[0] = EC_POINT_FORM_UNCOMPRESSED;
- fputs(buf, ecdsaresp);
- continue;
- }
- /* Msg = ... */
- if (strncmp(buf, "Msg", 3) == 0) {
- i = 3;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- for (j=0; isxdigit(buf[i]); i+=2,j++) {
- hex_from_2char(&buf[i], &msg[j]);
- }
- msglen = j;
- if (SHA1_HashBuf(sha1, msg, msglen) != SECSuccess) {
- goto loser;
- }
- fputs(buf, ecdsaresp);
-
- digest.type = siBuffer;
- digest.data = sha1;
- digest.len = sizeof sha1;
-
- continue;
- }
- /* Qx = ... */
- if (strncmp(buf, "Qx", 2) == 0) {
- fputs(buf, ecdsaresp);
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- keyvalid = from_hex_str(&ecpub.publicValue.data[1], flen,
- &buf[i]);
- continue;
- }
- /* Qy = ... */
- if (strncmp(buf, "Qy", 2) == 0) {
- fputs(buf, ecdsaresp);
- if (!keyvalid) {
- continue;
- }
- i = 2;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- keyvalid = from_hex_str(&ecpub.publicValue.data[1+flen], flen,
- &buf[i]);
- if (!keyvalid) {
- continue;
- }
- if (EC_ValidatePublicKey(ecparams, &ecpub.publicValue)
- != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_KEY) {
- keyvalid = PR_FALSE;
- } else {
- goto loser;
- }
- }
- continue;
- }
- /* R = ... */
- if (buf[0] == 'R') {
- fputs(buf, ecdsaresp);
- i = 1;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- sigvalid = from_hex_str(sig, olen, &buf[i]);
- continue;
- }
- /* S = ... */
- if (buf[0] == 'S') {
- fputs(buf, ecdsaresp);
- i = 1;
- while (isspace(buf[i]) || buf[i] == '=') {
- i++;
- }
- if (sigvalid) {
- sigvalid = from_hex_str(&sig[olen], olen, &buf[i]);
- }
- signature.type = siBuffer;
- signature.data = sig;
- signature.len = 2*olen;
-
- if (!keyvalid || !sigvalid) {
- fputs("Result = F\n", ecdsaresp);
- } else if (ECDSA_VerifyDigest(&ecpub, &signature, &digest)
- == SECSuccess) {
- fputs("Result = P\n", ecdsaresp);
- } else {
- fputs("Result = F\n", ecdsaresp);
- }
- continue;
- }
- }
-loser:
- if (ecparams != NULL) {
- PORT_FreeArena(ecparams->arena, PR_TRUE);
- }
- if (ecpub.publicValue.data != NULL) {
- SECITEM_FreeItem(&ecpub.publicValue, PR_FALSE);
- }
- fclose(ecdsareq);
-}
-
-#endif
-
-void do_random()
-{
- int i, j, k = 0;
- unsigned char buf[500];
- for (i=0; i<5; i++) {
- RNG_GenerateGlobalRandomBytes(buf, sizeof buf);
- for (j=0; j.req */
- if (strcmp(argv[2], "kat") == 0) {
- /* Known Answer Test (KAT) */
- tdea_kat_mmt(argv[4]);
- } else if (strcmp(argv[2], "mmt") == 0) {
- /* Multi-block Message Test (MMT) */
- tdea_kat_mmt(argv[4]);
- } else if (strcmp(argv[2], "mct") == 0) {
- /* Monte Carlo Test (MCT) */
- if (strcmp(argv[3], "ecb") == 0) {
- /* ECB mode */
- tdea_mct(NSS_DES_EDE3, argv[4]);
- } else if (strcmp(argv[3], "cbc") == 0) {
- /* CBC mode */
- tdea_mct(NSS_DES_EDE3_CBC, argv[4]);
- }
- }
- /*************/
- /* AES */
- /*************/
- } else if (strcmp(argv[1], "aes") == 0) {
- /* argv[2]=kat|mmt|mct argv[3]=ecb|cbc argv[4]=.req */
- if ( strcmp(argv[2], "kat") == 0) {
- /* Known Answer Test (KAT) */
- aes_kat_mmt(argv[4]);
- } else if (strcmp(argv[2], "mmt") == 0) {
- /* Multi-block Message Test (MMT) */
- aes_kat_mmt(argv[4]);
- } else if (strcmp(argv[2], "mct") == 0) {
- /* Monte Carlo Test (MCT) */
- if ( strcmp(argv[3], "ecb") == 0) {
- /* ECB mode */
- aes_ecb_mct(argv[4]);
- } else if (strcmp(argv[3], "cbc") == 0) {
- /* CBC mode */
- aes_cbc_mct(argv[4]);
- }
- }
- /*************/
- /* SHA */
- /*************/
- } else if (strcmp(argv[1], "sha") == 0) {
- sha_test(argv[2]);
- /*************/
- /* HMAC */
- /*************/
- } else if (strcmp(argv[1], "hmac") == 0) {
- hmac_test(argv[2]);
- /*************/
- /* DSS */
- /*************/
- } else if (strcmp(argv[1], "dss") == 0) {
- dss_test(argv[2], argv[3]);
- /*************/
- /* RNG */
- /*************/
- } else if (strcmp(argv[1], "rng") == 0) {
- do_random();
-#ifdef NSS_ENABLE_ECC
- /*************/
- /* ECDSA */
- /*************/
- } else if (strcmp(argv[1], "ecdsa") == 0) {
- /* argv[2]=keypair|pkv|siggen|sigver argv[3]=.req */
- if ( strcmp(argv[2], "keypair") == 0) {
- /* Key Pair Generation Test */
- ecdsa_keypair_test(argv[3]);
- } else if (strcmp(argv[2], "pkv") == 0) {
- /* Public Key Validation Test */
- ecdsa_pkv_test(argv[3]);
- } else if (strcmp(argv[2], "siggen") == 0) {
- /* Signature Generation Test */
- ecdsa_siggen_test(argv[3]);
- } else if (strcmp(argv[2], "sigver") == 0) {
- /* Signature Verification Test */
- ecdsa_sigver_test(argv[3]);
- }
-#endif
- }
- return 0;
-}
diff --git a/security/nss/cmd/fipstest/hmac.sh b/security/nss/cmd/fipstest/hmac.sh
deleted file mode 100755
index ace988c7f8..0000000000
--- a/security/nss/cmd/fipstest/hmac.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-#
-# A Bourne shell script for running the NIST HMAC Algorithm Validation Suite
-#
-# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
-# variables appropriately so that the fipstest command and the NSPR and NSS
-# shared libraries/DLLs are on the search path. Then run this script in the
-# directory where the REQUEST (.req) files reside. The script generates the
-# RESPONSE (.rsp) files in the same directory.
-
-hmac_requests="
-HMAC.req
-"
-
-for request in $hmac_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest hmac $request > $response
-done
-
diff --git a/security/nss/cmd/fipstest/manifest.mn b/security/nss/cmd/fipstest/manifest.mn
deleted file mode 100644
index ba3b1a4485..0000000000
--- a/security/nss/cmd/fipstest/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-PROGRAM = fipstest
-
-USE_STATIC_LIBS = 1
-
-EXPORTS = \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-CSRCS = \
- fipstest.c \
- $(NULL)
-
diff --git a/security/nss/cmd/fipstest/sha.sh b/security/nss/cmd/fipstest/sha.sh
deleted file mode 100644
index 685a41b004..0000000000
--- a/security/nss/cmd/fipstest/sha.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/sh
-#
-# A Bourne shell script for running the NIST SHA Algorithm Validation Suite
-#
-# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
-# variables appropriately so that the fipstest command and the NSPR and NSS
-# shared libraries/DLLs are on the search path. Then run this script in the
-# directory where the REQUEST (.req) files reside. The script generates the
-# RESPONSE (.rsp) files in the same directory.
-
-sha_ShortMsg_requests="
-SHA1ShortMsg.req
-SHA256ShortMsg.req
-SHA384ShortMsg.req
-SHA512ShortMsg.req
-"
-
-sha_LongMsg_requests="
-SHA1LongMsg.req
-SHA256LongMsg.req
-SHA384LongMsg.req
-SHA512LongMsg.req
-"
-
-sha_Monte_requests="
-SHA1Monte.req
-SHA256Monte.req
-SHA384Monte.req
-SHA512Monte.req
-"
-for request in $sha_ShortMsg_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest sha $request > $response
-done
-for request in $sha_LongMsg_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest sha $request > $response
-done
-for request in $sha_Monte_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest sha $request > $response
-done
-
diff --git a/security/nss/cmd/fipstest/tdea.sh b/security/nss/cmd/fipstest/tdea.sh
deleted file mode 100644
index 505478039d..0000000000
--- a/security/nss/cmd/fipstest/tdea.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/bin/sh
-#
-# A Bourne shell script for running the NIST tdea Algorithm Validation Suite
-#
-# Before you run the script, set your PATH, LD_LIBRARY_PATH, ... environment
-# variables appropriately so that the fipstest command and the NSPR and NSS
-# shared libraries/DLLs are on the search path. Then run this script in the
-# directory where the REQUEST (.req) files reside. The script generates the
-# RESPONSE (.rsp) files in the same directory.
-
-#CBC_Known_Answer_tests
-#Initial Permutation KAT
-#Permutation Operation KAT
-#Subsitution Table KAT
-#Variable Key KAT
-#Variable PlainText KAT
-cbc_kat_requests="
-TCBCinvperm.req
-TCBCpermop.req
-TCBCsubtab.req
-TCBCvarkey.req
-TCBCvartext.req
-"
-
-#CBC Monte Carlo KATs
-cbc_monte_requests="
-TCBCMonte1.req
-TCBCMonte2.req
-TCBCMonte3.req
-"
-#Multi-block Message KATs
-cbc_mmt_requests="
-TCBCMMT1.req
-TCBCMMT2.req
-TCBCMMT3.req
-"
-
-ecb_kat_requests="
-TECBinvperm.req
-TECBpermop.req
-TECBsubtab.req
-TECBvarkey.req
-TECBvartext.req
-"
-
-ecb_monte_requests="
-TECBMonte1.req
-TECBMonte2.req
-TECBMonte3.req
-"
-
-ecb_mmt_requests="
-TECBMMT1.req
-TECBMMT2.req
-TECBMMT3.req
-"
-
-for request in $ecb_mmt_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea mmt ecb $request > $response
-done
-for request in $ecb_kat_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea kat ecb $request > $response
-done
-for request in $ecb_monte_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea mct ecb $request > $response
-done
-for request in $cbc_mmt_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea mmt cbc $request > $response
-done
-for request in $cbc_kat_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea kat cbc $request > $response
-done
-for request in $cbc_monte_requests; do
- response=`echo $request | sed -e "s/req/rsp/"`
- echo $request $response
- fipstest tdea mct cbc $request > $response
-done
diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile
deleted file mode 100644
index 54ef29fdf7..0000000000
--- a/security/nss/cmd/lib/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-$(OBJDIR)/secerror$(OBJ_SUFFIX): NSPRerrs.h SECerrs.h SSLerrs.h
-
diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h
deleted file mode 100644
index b11169847c..0000000000
--- a/security/nss/cmd/lib/NSPRerrs.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-#ifdef PR_NETWORK_DOWN_ERROR
-ER2( PR_NETWORK_DOWN_ERROR, "Network is down." )
-#endif
-
-#ifdef PR_SOCKET_SHUTDOWN_ERROR
-ER2( PR_SOCKET_SHUTDOWN_ERROR, "The socket was previously shut down." )
-#endif
-
-#ifdef PR_CONNECT_ABORTED_ERROR
-ER2( PR_CONNECT_ABORTED_ERROR, "TCP Connection aborted." )
-#endif
-
-#ifdef PR_HOST_UNREACHABLE_ERROR
-ER2( PR_HOST_UNREACHABLE_ERROR, "Host is unreachable." )
-#endif
-
-/* always last */
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h
deleted file mode 100644
index bd97dd791a..0000000000
--- a/security/nss/cmd/lib/SECerrs.h
+++ /dev/null
@@ -1,506 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, (SEC_ERROR_BASE + 105),
-"A sensitive key cannot be moved to the slot where it is needed.")
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
-
-ER3(SEC_ERROR_DIGEST_NOT_FOUND, (SEC_ERROR_BASE + 133),
-"The CMS or PKCS #7 Digest was not found in signed message.")
-
-ER3(SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, (SEC_ERROR_BASE + 134),
-"The CMS or PKCS #7 Message type is unsupported.")
-
-ER3(SEC_ERROR_MODULE_STUCK, (SEC_ERROR_BASE + 135),
-"PKCS #11 module could not be removed because it is still in use.")
-
-ER3(SEC_ERROR_BAD_TEMPLATE, (SEC_ERROR_BASE + 136),
-"Could not decode ASN.1 data. Specified template was invalid.")
-
-ER3(SEC_ERROR_CRL_NOT_FOUND, (SEC_ERROR_BASE + 137),
-"No matching CRL was found.")
-
-ER3(SEC_ERROR_REUSED_ISSUER_AND_SERIAL, (SEC_ERROR_BASE + 138),
-"You are attempting to import a cert with the same issuer/serial as \
-an existing cert, but that is not the same cert.")
-
-ER3(SEC_ERROR_BUSY, (SEC_ERROR_BASE + 139),
-"NSS could not shutdown. Objects are still in use.")
-
-ER3(SEC_ERROR_EXTRA_INPUT, (SEC_ERROR_BASE + 140),
-"DER-encoded message contained extra unused data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE, (SEC_ERROR_BASE + 141),
-"Unsupported elliptic curve.")
-
-ER3(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM, (SEC_ERROR_BASE + 142),
-"Unsupported elliptic curve point form.")
-
-ER3(SEC_ERROR_UNRECOGNIZED_OID, (SEC_ERROR_BASE + 143),
-"Unrecognized Object IDentifier.")
-
-ER3(SEC_ERROR_OCSP_INVALID_SIGNING_CERT, (SEC_ERROR_BASE + 144),
-"Invalid OCSP signing certificate in OCSP response.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE_CRL, (SEC_ERROR_BASE + 145),
-"Certificate is revoked in issuer's certificate revocation list.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE_OCSP, (SEC_ERROR_BASE + 146),
-"Issuer's OCSP responder reports certificate is revoked.")
-
-ER3(SEC_ERROR_CRL_INVALID_VERSION, (SEC_ERROR_BASE + 147),
-"Issuer's Certificate Revocation List has an unknown version number.")
-
-ER3(SEC_ERROR_CRL_V1_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 148),
-"Issuer's V1 Certificate Revocation List has a critical extension.")
-
-ER3(SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 149),
-"Issuer's V2 Certificate Revocation List has an unknown critical extension.")
-
-ER3(SEC_ERROR_UNKNOWN_OBJECT_TYPE, (SEC_ERROR_BASE + 150),
-"Unknown object type specified.")
-
-ER3(SEC_ERROR_INCOMPATIBLE_PKCS11, (SEC_ERROR_BASE + 151),
-"PKCS #11 driver violates the spec in an incompatible way.")
-
-ER3(SEC_ERROR_NO_EVENT, (SEC_ERROR_BASE + 152),
-"No new slot event is available at this time.")
diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h
deleted file mode 100644
index 62ce99f03c..0000000000
--- a/security/nss/cmd/lib/SSLerrs.h
+++ /dev/null
@@ -1,372 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
-ER3(SSL_ERROR_SERVER_CACHE_NOT_CONFIGURED , (SSL_ERROR_BASE + 103),
-"SSL server cache not configured and not disabled for this socket.")
-
diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c
deleted file mode 100644
index 930d0b7c13..0000000000
--- a/security/nss/cmd/lib/berparse.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "secutil.h"
-
-typedef enum {
- tagDone, lengthDone, leafDone, compositeDone,
- notDone,
- parseError, parseComplete
-} ParseState;
-
-typedef unsigned char Byte;
-typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len);
-typedef struct {
- SECArb arb;
- int pos; /* length from global start to item start */
- SECArb *parent;
-} ParseStackElem;
-
-struct BERParseStr {
- PRArenaPool *his;
- PRArenaPool *mine;
- ParseProc proc;
- int stackDepth;
- ParseStackElem *stackPtr;
- ParseStackElem *stack;
- int pending; /* bytes remaining to complete this part */
- int pos; /* running length of consumed characters */
- ParseState state;
- PRBool keepLeaves;
- PRBool derOnly;
- BERFilterProc filter;
- void *filterArg;
- BERNotifyProc before;
- void *beforeArg;
- BERNotifyProc after;
- void *afterArg;
-};
-
-#define UNKNOWN -1
-
-static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len)
-{
- unsigned char c = *(*buf)++;
- (*len)--;
- h->pos++;
- if (h->filter)
- (*h->filter)(h->filterArg, &c, 1);
- return c;
-}
-
-static void ParseTag(BERParse *h, unsigned char **buf, int *len)
-{
- SECArb* arb = &(h->stackPtr->arb);
- arb->tag = NextChar(h, buf, len);
-
- PORT_Assert(h->state == notDone);
-
- /*
- * NOTE: This does not handle the high-tag-number form
- */
- if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
-
- h->pending = UNKNOWN;
- arb->length = UNKNOWN;
- if (arb->tag & DER_CONSTRUCTED) {
- arb->body.cons.numSubs = 0;
- arb->body.cons.subs = NULL;
- } else {
- arb->body.item.len = UNKNOWN;
- arb->body.item.data = NULL;
- }
-
- h->state = tagDone;
-}
-
-static void ParseLength(BERParse *h, unsigned char **buf, int *len)
-{
- Byte b;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
-
- if (h->pending == UNKNOWN) {
- b = NextChar(h, buf, len);
- if ((b & 0x80) == 0) { /* short form */
- arb->length = b;
- /*
- * if the tag and the length are both zero bytes, then this
- * should be the marker showing end of list for the
- * indefinite length composite
- */
- if (arb->length == 0 && arb->tag == 0)
- h->state = compositeDone;
- else
- h->state = lengthDone;
- return;
- }
-
- h->pending = b & 0x7f;
- /* 0 implies this is an indefinite length */
- if (h->pending > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
- arb->length = 0;
- }
-
- while ((*len > 0) && (h->pending > 0)) {
- b = NextChar(h, buf, len);
- arb->length = (arb->length << 8) + b;
- h->pending--;
- }
- if (h->pending == 0) {
- if (h->derOnly && (arb->length == 0))
- h->state = parseError;
- else
- h->state = lengthDone;
- }
- return;
-}
-
-static void ParseLeaf(BERParse *h, unsigned char **buf, int *len)
-{
- int count;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
- PORT_Assert(h->pending >= 0);
-
- if (*len < h->pending)
- count = *len;
- else
- count = h->pending;
-
- if (h->keepLeaves)
- memcpy(arb->body.item.data + arb->body.item.len, *buf, count);
- if (h->filter)
- (*h->filter)(h->filterArg, *buf, count);
- *buf += count;
- *len -= count;
- arb->body.item.len += count;
- h->pending -= count;
- h->pos += count;
- if (h->pending == 0) {
- h->state = leafDone;
- }
- return;
-}
-
-static void CreateArbNode(BERParse *h)
-{
- SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
-
- *arb = h->stackPtr->arb;
-
- /*
- * Special case closing the root
- */
- if (h->stackPtr == h->stack) {
- PORT_Assert(arb->tag & DER_CONSTRUCTED);
- h->state = parseComplete;
- } else {
- SECArb *parent = h->stackPtr->parent;
- parent->body.cons.subs = DS_ArenaGrow(
- h->his, parent->body.cons.subs,
- (parent->body.cons.numSubs) * sizeof(SECArb*),
- (parent->body.cons.numSubs + 1) * sizeof(SECArb*));
- parent->body.cons.subs[parent->body.cons.numSubs] = arb;
- parent->body.cons.numSubs++;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- }
- if (h->after)
- (*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE);
-}
-
-SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len)
-{
- if (h->state == parseError) return PR_TRUE;
-
- while (len) {
- (*h->proc)(h, &buf, &len);
- if (h->state == parseComplete) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- if (h->state == parseError) return PR_TRUE;
- PORT_Assert(h->state != parseComplete);
-
- if (h->state <= compositeDone) {
- if (h->proc == ParseTag) {
- PORT_Assert(h->state == tagDone);
- h->proc = ParseLength;
- h->state = notDone;
- } else if (h->proc == ParseLength) {
- SECArb *arb = &(h->stackPtr->arb);
- PORT_Assert(h->state == lengthDone || h->state == compositeDone);
-
- if (h->before)
- (*h->before)(h->beforeArg, arb,
- h->stackPtr - h->stack, PR_TRUE);
-
- /*
- * Check to see if this is the end of an indefinite
- * length composite
- */
- if (h->state == compositeDone) {
- SECArb *parent = h->stackPtr->parent;
- PORT_Assert(parent);
- PORT_Assert(parent->tag & DER_CONSTRUCTED);
- if (parent->length != 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- /*
- * NOTE: This does not check for an indefinite length
- * composite being contained inside a definite length
- * composite. It is not clear that is legal.
- */
- h->stackPtr--;
- CreateArbNode(h);
- } else {
- h->stackPtr->pos = h->pos;
-
-
- if (arb->tag & DER_CONSTRUCTED) {
- SECArb *parent;
- /*
- * Make sure there is room on the stack before we
- * stick anything else there.
- */
- PORT_Assert(h->stackPtr - h->stack < h->stackDepth);
- if (h->stackPtr - h->stack == h->stackDepth - 1) {
- int newDepth = h->stackDepth * 2;
- h->stack = DS_ArenaGrow(h->mine, h->stack,
- sizeof(ParseStackElem) * h->stackDepth,
- sizeof(ParseStackElem) * newDepth);
- h->stackPtr = h->stack + h->stackDepth + 1;
- h->stackDepth = newDepth;
- }
- parent = &(h->stackPtr->arb);
- h->stackPtr++;
- h->stackPtr->parent = parent;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- } else {
- if (arb->length < 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- arb->body.item.len = 0;
- if (arb->length > 0 && h->keepLeaves) {
- arb->body.item.data =
- PORT_ArenaAlloc(h->his, arb->length);
- } else {
- arb->body.item.data = NULL;
- }
- h->proc = ParseLeaf;
- h->state = notDone;
- h->pending = arb->length;
- }
- }
- } else {
- ParseStackElem *parent;
- PORT_Assert(h->state = leafDone);
- PORT_Assert(h->proc == ParseLeaf);
-
- for (;;) {
- CreateArbNode(h);
- if (h->stackPtr == h->stack)
- break;
- parent = (h->stackPtr - 1);
- PORT_Assert(parent->arb.tag & DER_CONSTRUCTED);
- if (parent->arb.length == 0) /* need explicit end */
- break;
- if (parent->pos + parent->arb.length > h->pos)
- break;
- if (parent->pos + parent->arb.length < h->pos) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- h->stackPtr = parent;
- }
- }
-
- }
- }
- return PR_FALSE;
-}
-BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly)
-{
- BERParse *h;
- PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (temp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h = PORT_ArenaAlloc(temp, sizeof(BERParse));
- if (h == NULL) {
- PORT_FreeArena(temp, PR_FALSE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h->his = arena;
- h->mine = temp;
- h->proc = ParseTag;
- h->stackDepth = 20;
- h->stack = PORT_ArenaZAlloc(h->mine,
- sizeof(ParseStackElem) * h->stackDepth);
- h->stackPtr = h->stack;
- h->state = notDone;
- h->pos = 0;
- h->keepLeaves = PR_TRUE;
- h->before = NULL;
- h->after = NULL;
- h->filter = NULL;
- h->derOnly = derOnly;
- return h;
-}
-
-SECArb *BER_ParseFini(BERParse *h)
-{
- PRArenaPool *myArena = h->mine;
- SECArb *arb;
-
- if (h->state != parseComplete) {
- arb = NULL;
- } else {
- arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
- *arb = h->stackPtr->arb;
- }
-
- PORT_FreeArena(myArena, PR_FALSE);
-
- return arb;
-}
-
-
-void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance)
-{
- h->filter = proc;
- h->filterArg = instance;
-}
-
-void BER_SetLeafStorage(BERParse *h, PRBool keep)
-{
- h->keepLeaves = keep;
-}
-
-void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
- PRBool beforeData)
-{
- if (beforeData) {
- h->before = proc;
- h->beforeArg = instance;
- } else {
- h->after = proc;
- h->afterArg = instance;
- }
-}
-
-
-
diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk
deleted file mode 100644
index 665828c632..0000000000
--- a/security/nss/cmd/lib/config.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c
deleted file mode 100644
index 50c6d02e6b..0000000000
--- a/security/nss/cmd/lib/derprint.c
+++ /dev/null
@@ -1,622 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "secutil.h"
-#include "secoid.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN 24
-/*#define RAW_BYTES 1 */
-
-static int prettyColumn = 0;
-
-static int
-getInteger256(unsigned char *data, unsigned int nb)
-{
- int val;
-
- switch (nb) {
- case 1:
- val = data[0];
- break;
- case 2:
- val = (data[0] << 8) | data[1];
- break;
- case 3:
- val = (data[0] << 16) | (data[1] << 8) | data[2];
- break;
- case 4:
- val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- return val;
-}
-
-static int
-prettyNewline(FILE *out)
-{
- int rv;
-
- if (prettyColumn != -1) {
- rv = fprintf(out, "\n");
- prettyColumn = -1;
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- return 0;
-}
-
-static int
-prettyIndent(FILE *out, unsigned level)
-{
- unsigned int i;
- int rv;
-
- if (prettyColumn == -1) {
- prettyColumn = level;
- for (i = 0; i < level; i++) {
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- }
-
- return 0;
-}
-
-static int
-prettyPrintByte(FILE *out, unsigned char item, unsigned int level)
-{
- int rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "%02x ", item);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn++;
- if (prettyColumn >= RIGHT_MARGIN) {
- return prettyNewline(out);
- }
-
- return 0;
-}
-
-static int
-prettyPrintLeaf(FILE *out, unsigned char *data,
- unsigned int len, unsigned int lv)
-{
- unsigned int i;
- int rv;
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, lv);
- if (rv < 0)
- return rv;
- }
- return prettyNewline(out);
-}
-
-static int
-prettyPrintStringStart(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level)
-{
-#define BUF_SIZE 100
- unsigned char buf[BUF_SIZE];
- int rv;
-
- if (len >= BUF_SIZE)
- len = BUF_SIZE - 1;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- memcpy(buf, str, len);
- buf[len] = '\000';
-
- rv = fprintf(out, "\"%s\"", buf);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- return 0;
-#undef BUF_SIZE
-}
-
-static int
-prettyPrintString(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw)
-{
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintTime(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw, PRBool utc)
-{
- SECItem time_item;
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- time_item.data = str;
- time_item.len = len;
-
- rv = fprintf(out, " (");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- if (utc)
- SECU_PrintUTCTime(out, &time_item, NULL, 0);
- else
- SECU_PrintGeneralizedTime(out, &time_item, NULL, 0);
-
- rv = fprintf(out, ")");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintObjectID(FILE *out, unsigned char *data,
- unsigned int len, unsigned int level, PRBool raw)
-{
- SECOidData *oiddata;
- SECItem oiditem;
- unsigned int i;
- unsigned long val;
- int rv;
-
-
- /*
- * First print the Object Id in numeric format
- */
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- val = data[0];
- i = val % 40;
- val = val / 40;
- rv = fprintf(out, "%lu %u ", val, i);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- val = 0;
- for (i = 1; i < len; ++i) {
- unsigned long j;
-
- j = data[i];
- val = (val << 7) | (j & 0x7f);
- if (j & 0x80)
- continue;
- rv = fprintf(out, "%lu ", val);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- val = 0;
- }
-
- /*
- * Now try to look it up and print a symbolic version.
- */
- oiditem.data = data;
- oiditem.len = len;
- oiddata = SECOID_FindOID(&oiditem);
- if (oiddata != NULL) {
- i = PORT_Strlen(oiddata->desc);
- if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) {
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
- }
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "(%s)", oiddata->desc);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- /*
- * Finally, on a new line, print the raw bytes (if requested).
- */
- if (raw) {
- rv = prettyNewline(out);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, level);
- if (rv < 0)
- return rv;
- }
- }
-
- return prettyNewline(out);
-}
-
-static char *prettyTagType [32] = {
- "End of Contents",
- "Boolean",
- "Integer",
- "Bit String",
- "Octet String",
- "NULL",
- "Object Identifier",
- "0x07",
- "0x08",
- "0x09",
- "Enumerated",
- "0x0B",
- "UTF8 String",
- "0x0D",
- "0x0E",
- "0x0F",
- "Sequence",
- "Set",
- "0x12",
- "Printable String",
- "T61 String",
- "0x15",
- "IA5 String",
- "UTC Time",
- "Generalized Time",
- "0x19",
- "Visible String",
- "0x1B",
- "Universal String",
- "0x1D",
- "BMP String",
- "High-Tag-Number"
-};
-
-static int
-prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end,
- unsigned char *codep, unsigned int level, PRBool raw)
-{
- int rv;
- unsigned char code, tagnum;
-
- if (src >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- code = *src;
- tagnum = code & SEC_ASN1_TAGNUM_MASK;
-
- /*
- * NOTE: This code does not (yet) handle the high-tag-number form!
- */
- if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (raw)
- rv = prettyPrintByte(out, code, level);
- else
- rv = prettyIndent(out, level);
-
- if (rv < 0)
- return rv;
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- rv = fprintf(out, "C-");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- switch (code & SEC_ASN1_CLASS_MASK) {
- case SEC_ASN1_UNIVERSAL:
- rv = fprintf(out, "%s ", prettyTagType[tagnum]);
- break;
- case SEC_ASN1_APPLICATION:
- rv = fprintf(out, "Application: %d ", tagnum);
- break;
- case SEC_ASN1_CONTEXT_SPECIFIC:
- rv = fprintf(out, "[%d] ", tagnum);
- break;
- case SEC_ASN1_PRIVATE:
- rv = fprintf(out, "Private: %d ", tagnum);
- break;
- }
-
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *codep = code;
-
- return 1;
-}
-
-static int
-prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end,
- int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw)
-{
- unsigned char lbyte;
- int lenLen;
- int rv;
-
- if (data >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *indefinitep = PR_FALSE;
-
- lbyte = *data++;
- if (lbyte >= 0x80) {
- /* Multibyte length */
- unsigned nb = (unsigned) (lbyte & 0x7f);
- if (nb > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- if (nb > 0) {
- int il;
-
- if ((data + nb) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- il = getInteger256(data, nb);
- if (il < 0) return -1;
- *lenp = (unsigned) il;
- } else {
- *lenp = 0;
- *indefinitep = PR_TRUE;
- }
- lenLen = nb + 1;
- if (raw) {
- int i;
-
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- for (i = 0; i < nb; i++) {
- rv = prettyPrintByte(out, data[i], lv);
- if (rv < 0)
- return rv;
- }
- }
- } else {
- *lenp = lbyte;
- lenLen = 1;
- if (raw) {
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- }
- }
- if (*indefinitep)
- rv = fprintf(out, "(indefinite)\n");
- else
- rv = fprintf(out, "(%d)\n", *lenp);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn = -1;
- return lenLen;
-}
-
-static int
-prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end,
- unsigned int lv, PRBool raw)
-{
- int slen;
- int lenLen;
- unsigned char *orig = data;
- int rv;
-
- while (data < end) {
- unsigned char code;
- PRBool indefinite;
-
- slen = prettyPrintTag(out, data, end, &code, lv, raw);
- if (slen < 0)
- return slen;
- data += slen;
-
- lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw);
- if (lenLen < 0)
- return lenLen;
- data += lenLen;
-
- /*
- * Just quit now if slen more bytes puts us off the end.
- */
- if ((data + slen) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- if (slen > 0 || indefinite) {
- slen = prettyPrintItem(out, data,
- slen == 0 ? end : data + slen,
- lv+1, raw);
- if (slen < 0)
- return slen;
- data += slen;
- }
- } else if (code == 0) {
- if (slen != 0 || lenLen != 1) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- break;
- } else {
- switch (code) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- rv = prettyPrintString(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_UTC_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_OBJECT_ID:
- rv = prettyPrintObjectID(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_BOOLEAN: /* could do nicer job */
- case SEC_ASN1_INTEGER: /* could do nicer job */
- case SEC_ASN1_BIT_STRING: /* could do nicer job */
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_NULL:
- case SEC_ASN1_ENUMERATED: /* could do nicer job, as INTEGER */
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_T61_STRING: /* print as printable string? */
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_BMP_STRING:
- default:
- rv = prettyPrintLeaf(out, data, slen, lv+1);
- if (rv < 0)
- return rv;
- break;
- }
- data += slen;
- }
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- return data - orig;
-}
-
-SECStatus
-DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw)
-{
- int rv;
-
- prettyColumn = -1;
-
- rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw);
- if (rv < 0)
- return SECFailure;
- return SECSuccess;
-}
diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c
deleted file mode 100644
index d7fdd38729..0000000000
--- a/security/nss/cmd/lib/ffs.c
+++ /dev/null
@@ -1,51 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifdef XP_PC
-
-int ffs( unsigned int i)
-{
- int rv = 1;
-
- if (!i) return 0;
-
- while (!(i & 1)) {
- i >>= 1;
- ++rv;
- }
-
- return rv;
-}
-#endif
diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn
deleted file mode 100644
index 18086156b3..0000000000
--- a/security/nss/cmd/lib/manifest.mn
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-CORE_DEPTH = ../../..
-
-LIBRARY_NAME = sectool
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-DEFINES = -DNSPR20
-
-PRIVATE_EXPORTS = secutil.h \
- $(NULL)
-
-CSRCS = secutil.c \
- secpwd.c \
- derprint.c \
- moreoids.c \
- pppolicy.c \
- secerror.c \
- ffs.c \
- $(NULL)
-
-REQUIRES = dbm
-
-ifdef NSS_ENABLE_ECC
-DEFINES += -DNSS_ENABLE_ECC
-endif
-
-NO_MD_RELEASE = 1
diff --git a/security/nss/cmd/lib/moreoids.c b/security/nss/cmd/lib/moreoids.c
deleted file mode 100644
index 27488c59e2..0000000000
--- a/security/nss/cmd/lib/moreoids.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2004
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "secoid.h"
-#include "secmodt.h" /* for CKM_INVALID_MECHANISM */
-
-#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
-#define ODN(oid,desc) \
- { OI(oid), 0, desc, CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION }
-
-#define OIDT static const unsigned char
-
-/* OIW Security Special Interest Group defined algorithms. */
-#define OIWSSIG 0x2B, 13, 3, 2
-
-OIDT oiwMD5RSA[] = { OIWSSIG, 3 };
-OIDT oiwDESCBC[] = { OIWSSIG, 7 };
-OIDT oiwRSAsig[] = { OIWSSIG, 11 };
-OIDT oiwDSA [] = { OIWSSIG, 12 };
-OIDT oiwMD5RSAsig[] = { OIWSSIG, 25 };
-OIDT oiwSHA1 [] = { OIWSSIG, 26 };
-OIDT oiwDSASHA1[] = { OIWSSIG, 27 };
-OIDT oiwDSASHA1param[] = { OIWSSIG, 28 };
-OIDT oiwSHA1RSA[] = { OIWSSIG, 29 };
-
-
-/* Microsoft OIDs. (1 3 6 1 4 1 311 ... ) */
-#define MICROSOFT 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37
-
-OIDT mCTL[] = { MICROSOFT, 10, 3, 1 }; /* Cert Trust List signing */
-OIDT mTSS[] = { MICROSOFT, 10, 3, 2 }; /* Time Stamp Signing */
-OIDT mSGC[] = { MICROSOFT, 10, 3, 3 }; /* Server gated cryptography */
-OIDT mEFS[] = { MICROSOFT, 10, 3, 4 }; /* Encrypted File System */
-OIDT mSMIME[] = { MICROSOFT, 16, 4 }; /* SMIME encryption key prefs */
-
-OIDT mECRTT[] = { MICROSOFT, 20, 2 }; /* Enrollment cert type xtn */
-OIDT mEAGNT[] = { MICROSOFT, 20, 2, 1 }; /* Enrollment Agent */
-OIDT mKPSCL[] = { MICROSOFT, 20, 2, 2 }; /* KP SmartCard Logon */
-OIDT mNTPN [] = { MICROSOFT, 20, 2, 3 }; /* NT Principal Name */
-OIDT mCASRV[] = { MICROSOFT, 21, 1 }; /* CertServ CA version */
-
-/* AOL OIDs (1 3 6 1 4 1 1066 ... ) */
-#define AOL 0x2B, 0x06, 0x01, 0x04, 0x01, 0x88, 0x2A
-
-/* PKIX IDs (1 3 6 1 5 5 7 ...) */
-#define ID_PKIX 0x2B, 6, 1, 5, 5, 7
-/* PKIX Access Descriptors (methods for Authority Info Access Extns) */
-#define ID_AD ID_PKIX, 48
-
-OIDT padOCSP[] = { ID_AD, 1 }; /* OCSP method */
-OIDT padCAissuer[] = { ID_AD, 2 }; /* URI (for CRL ?) */
-OIDT padTimeStamp[] = { ID_AD, 3 }; /* time stamping */
-
-/* ISO Cert Extension type OIDs (id-ce) (2 5 29 ...) */
-#define X500 0x55
-#define X520_ATTRIBUTE_TYPE X500, 0x04
-#define X500_ALG X500, 0x08
-#define X500_ALG_ENCRYPTION X500_ALG, 0x01
-#define ID_CE X500, 29
-
-OIDT cePlcyObs[] = { ID_CE, 3 }; /* Cert policies, obsolete. */
-OIDT cePlcyCns[] = { ID_CE, 36 }; /* Cert policy constraints. */
-
-/* US Company arc (2 16 840 1 ...) */
-#define USCOM 0x60, 0x86, 0x48, 0x01
-#define USGOV USCOM, 0x65
-#define USDOD USGOV, 2
-#define ID_INFOSEC USDOD, 1
-
-/* Verisign PKI OIDs (2 16 840 1 113733 1 ...) */
-#define VERISIGN_PKI USCOM, 0x86, 0xf8, 0x45, 1
-#define VERISIGN_XTN VERISIGN_PKI, 6
-#define VERISIGN_POL VERISIGN_PKI, 7 /* Cert policies */
-#define VERISIGN_TNET VERISIGN_POL, 23 /* Verisign Trust Network */
-
-OIDT vcx7[] = { VERISIGN_XTN, 7 }; /* Cert Extension 7 (?) */
-OIDT vcp1[] = { VERISIGN_TNET, 1 }; /* class 1 cert policy */
-OIDT vcp2[] = { VERISIGN_TNET, 2 }; /* class 2 cert policy */
-OIDT vcp3[] = { VERISIGN_TNET, 3 }; /* class 3 cert policy */
-OIDT vcp4[] = { VERISIGN_TNET, 4 }; /* class 4 cert policy */
-
-
-/* ------------------------------------------------------------------- */
-static const SECOidData oids[] = {
-/* OIW Security Special Interest Group OIDs */
- ODN( oiwMD5RSA, "OIWSecSIG MD5 with RSA"),
- ODN( oiwDESCBC, "OIWSecSIG DES CBC"),
- ODN( oiwRSAsig, "OIWSecSIG RSA signature"),
- ODN( oiwDSA , "OIWSecSIG DSA"),
- ODN( oiwMD5RSAsig, "OIWSecSIG MD5 with RSA signature"),
- ODN( oiwSHA1 , "OIWSecSIG SHA1"),
- ODN( oiwDSASHA1, "OIWSecSIG DSA with SHA1"),
- ODN( oiwDSASHA1param, "OIWSecSIG DSA with SHA1 with params"),
- ODN( oiwSHA1RSA, "OIWSecSIG MD5 with RSA"),
-
-/* Microsoft OIDs */
- ODN( mCTL, "Microsoft Cert Trust List signing"),
- ODN( mTSS, "Microsoft Time Stamp signing"),
- ODN( mSGC, "Microsoft SGC SSL server"),
- ODN( mEFS, "Microsoft Encrypted File System"),
- ODN( mSMIME, "Microsoft SMIME preferences"),
- ODN( mECRTT, "Microsoft Enrollment Cert Type Extension"),
- ODN( mEAGNT, "Microsoft Enrollment Agent"),
- ODN( mKPSCL, "Microsoft KP SmartCard Logon"),
- ODN( mNTPN, "Microsoft NT Principal Name"),
- ODN( mCASRV, "Microsoft CertServ CA version"),
-
-/* PKIX OIDs */
- ODN( padOCSP, "PKIX OCSP method"),
- ODN( padCAissuer, "PKIX CA Issuer method"),
- ODN( padTimeStamp, "PKIX Time Stamping method"),
-
-/* ID_CE OIDs. */
- ODN( cePlcyObs, "Certificate Policies (Obsolete)"),
- ODN( cePlcyCns, "Certificate Policy Constraints"),
-
-/* Verisign OIDs. */
- ODN( vcx7, "Verisign Cert Extension 7 (?)"),
- ODN( vcp1, "Verisign Class 1 Certificate Policy"),
- ODN( vcp2, "Verisign Class 2 Certificate Policy"),
- ODN( vcp3, "Verisign Class 3 Certificate Policy"),
- ODN( vcp4, "Verisign Class 4 Certificate Policy"),
-
-};
-
-static const unsigned int numOids = (sizeof oids) / (sizeof oids[0]);
-
-SECStatus
-SECU_RegisterDynamicOids(void)
-{
- unsigned int i;
- SECStatus rv = SECSuccess;
-
- for (i = 0; i < numOids; ++i) {
- SECOidTag tag = SECOID_AddEntry(&oids[i]);
- if (tag == SEC_OID_UNKNOWN) {
- rv = SECFailure;
-#ifdef DEBUG_DYN_OIDS
- fprintf(stderr, "Add OID[%d] failed\n", i);
- } else {
- fprintf(stderr, "Add OID[%d] returned tag %d\n", i, tag);
-#endif
- }
- }
- return rv;
-}
diff --git a/security/nss/cmd/lib/pppolicy.c b/security/nss/cmd/lib/pppolicy.c
deleted file mode 100644
index c0094083c0..0000000000
--- a/security/nss/cmd/lib/pppolicy.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 2004
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Support for various policy related extensions
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secport.h"
-#include "secder.h"
-#include "cert.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "nspr.h"
-#include "secutil.h"
-
-/* This implementation is derived from the one in nss/lib/certdb/policyxtn.c .
-** The chief difference is the addition of the OPTIONAL flag to many
-** parts. The idea is to be able to parse and print as much of the
-** policy extension as possible, even if some parts are invalid.
-**
-** If this approach still is unable to decode policy extensions that
-** contain invalid parts, then the next approach will be to parse
-** the PolicyInfos as a SEQUENCE of ANYs, and then parse each of them
-** as PolicyInfos, with the PolicyQualifiers being ANYs, and finally
-** parse each of the PolicyQualifiers.
-*/
-
-static const SEC_ASN1Template secu_PolicyQualifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyQualifier) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyQualifier, qualifierID) },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(CERTPolicyQualifier, qualifierValue) },
- { 0 }
-};
-
-static const SEC_ASN1Template secu_PolicyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyInfo, policyID) },
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_OPTIONAL,
- offsetof(CERTPolicyInfo, policyQualifiers),
- secu_PolicyQualifierTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template secu_CertificatePoliciesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCertificatePolicies, policyInfos),
- secu_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) }
-};
-
-
-static CERTCertificatePolicies *
-secu_DecodeCertificatePoliciesExtension(SECItem *extnValue)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTCertificatePolicies *policies;
- CERTPolicyInfo **policyInfos, *policyInfo;
- CERTPolicyQualifier **policyQualifiers, *policyQualifier;
- SECItem newExtnValue;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the certifiate policies structure */
- policies = PORT_ArenaZNew(arena, CERTCertificatePolicies);
- if ( policies == NULL ) {
- goto loser;
- }
-
- policies->arena = arena;
-
- /* copy the DER into the arena, since Quick DER returns data that points
- into the DER input, which may get freed by the caller */
- rv = SECITEM_CopyItem(arena, &newExtnValue, extnValue);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* decode the policy info */
- rv = SEC_QuickDERDecodeItem(arena, policies,
- secu_CertificatePoliciesTemplate,
- &newExtnValue);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize the oid tags */
- policyInfos = policies->policyInfos;
- while (policyInfos != NULL && *policyInfos != NULL ) {
- policyInfo = *policyInfos;
- policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
- policyQualifiers = policyInfo->policyQualifiers;
- while ( policyQualifiers && *policyQualifiers != NULL ) {
- policyQualifier = *policyQualifiers;
- policyQualifier->oid =
- SECOID_FindOIDTag(&policyQualifier->qualifierID);
- policyQualifiers++;
- }
- policyInfos++;
- }
-
- return(policies);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-
-static char *
-itemToString(SECItem *item)
-{
- char *string;
-
- string = PORT_ZAlloc(item->len+1);
- if (string == NULL) return NULL;
- PORT_Memcpy(string,item->data,item->len);
- string[item->len] = 0;
- return string;
-}
-
-static SECStatus
-secu_PrintUserNoticeQualifier(FILE *out, SECItem * qualifierValue,
- char *msg, int level)
-{
- CERTUserNotice *userNotice = NULL;
- if (qualifierValue)
- userNotice = CERT_DecodeUserNotice(qualifierValue);
- if (userNotice) {
- if (userNotice->noticeReference.organization.len != 0) {
- char *string =
- itemToString(&userNotice->noticeReference.organization);
- SECItem **itemList = userNotice->noticeReference.noticeNumbers;
-
- while (itemList && *itemList) {
- SECU_PrintInteger(out,*itemList,string,level+1);
- itemList++;
- }
- PORT_Free(string);
- }
- if (userNotice->displayText.len != 0) {
- SECU_PrintString(out,&userNotice->displayText,
- "Display Text", level+1);
- }
- CERT_DestroyUserNotice(userNotice);
- return SECSuccess;
- }
- return SECFailure; /* caller will print this value */
-}
-
-static SECStatus
-secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,
- char *msg,int level)
-{
- SECStatus rv;
- SECItem * qualifierValue = &policyQualifier->qualifierValue;
-
- SECU_PrintObjectID(out, &policyQualifier->qualifierID ,
- "Policy Qualifier Name", level);
- if (!qualifierValue->data) {
- SECU_Indent(out, level);
- fprintf(out,"Error: missing qualifier\n");
- } else
- switch (policyQualifier->oid) {
- case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
- rv = secu_PrintUserNoticeQualifier(out, qualifierValue, msg, level);
- if (SECSuccess == rv)
- break;
- /* fall through on error */
- case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
- default:
- SECU_PrintAny(out, qualifierValue, "Policy Qualifier Data", level);
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level)
-{
- CERTPolicyQualifier **policyQualifiers;
-
- policyQualifiers = policyInfo->policyQualifiers;
- SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level);
-
- while (policyQualifiers && *policyQualifiers != NULL) {
- secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1);
- policyQualifiers++;
- }
- return SECSuccess;
-}
-
-void
-SECU_PrintPolicy(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTCertificatePolicies *policies = NULL;
- CERTPolicyInfo **policyInfos;
-
- if (msg) {
- SECU_Indent(out, level);
- fprintf(out,"%s: \n",msg);
- level++;
- }
- policies = secu_DecodeCertificatePoliciesExtension(value);
- if (policies == NULL) {
- SECU_PrintAny(out, value, "Invalid Policy Data", level);
- return;
- }
-
- policyInfos = policies->policyInfos;
- while (policyInfos && *policyInfos != NULL) {
- secu_PrintPolicyInfo(out,*policyInfos,"",level);
- policyInfos++;
- }
-
- CERT_DestroyCertificatePoliciesExtension(policies);
-}
-
-
-void
-SECU_PrintPrivKeyUsagePeriodExtension(FILE *out, SECItem *value,
- char *msg, int level)
-{
- CERTPrivKeyUsagePeriod * prd;
- PLArenaPool * arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
- prd = CERT_DecodePrivKeyUsagePeriodExtension(arena, value);
- if (!prd) {
- goto loser;
- }
- if (prd->notBefore.data) {
- SECU_PrintGeneralizedTime(out, &prd->notBefore, "Not Before", level);
- }
- if (prd->notAfter.data) {
- SECU_PrintGeneralizedTime(out, &prd->notAfter, "Not After ", level);
- }
- if (!prd->notBefore.data && !prd->notAfter.data) {
- SECU_Indent(out, level);
- fprintf(out, "Error: notBefore or notAfter MUST be present.\n");
-loser:
- SECU_PrintAny(out, value, msg, level);
- }
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-}
diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c
deleted file mode 100644
index 651cf55201..0000000000
--- a/security/nss/cmd/lib/secerror.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SECU_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = ((PRInt32)0x80000000);
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c
deleted file mode 100644
index f1189e1c9c..0000000000
--- a/security/nss/cmd/lib/secpwd.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#include "secutil.h"
-
-/*
- * NOTE: The contents of this file are NOT used by the client.
- * (They are part of the security library as a whole, but they are
- * NOT USED BY THE CLIENT.) Do not change things on behalf of the
- * client (like localizing strings), or add things that are only
- * for the client (put them elsewhere).
- */
-
-
-#ifdef XP_UNIX
-#include
-#endif
-
-#if defined(XP_UNIX) || defined(XP_BEOS)
-#include /* for isatty() */
-#endif
-
-#if( defined(_WINDOWS) && !defined(_WIN32_WCE)) || defined(XP_OS2_VACPP)
-#include
-#include
-#define QUIET_FGETS quiet_fgets
-static char * quiet_fgets (char *buf, int length, FILE *input);
-#else
-#define QUIET_FGETS fgets
-#endif
-
-static void echoOff(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag &= ~ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-static void echoOn(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag |= ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
- PRBool (*ok)(char *))
-{
-#if defined(_WINDOWS)
- int isTTY = (input == stdin);
-#define echoOn(x)
-#define echoOff(x)
-#else
- int infd = fileno(input);
- int isTTY = isatty(infd);
-#endif
- char phrase[200];
-
- for (;;) {
- /* Prompt for password */
- if (isTTY) {
- fprintf(output, "%s", prompt);
- fflush (output);
- echoOff(infd);
- }
-
- QUIET_FGETS ( phrase, sizeof(phrase), input);
-
- if (isTTY) {
- fprintf(output, "\n");
- echoOn(infd);
- }
-
- /* stomp on newline */
- phrase[PORT_Strlen(phrase)-1] = 0;
-
- /* Validate password */
- if (!(*ok)(phrase)) {
- /* Not weird enough */
- if (!isTTY) return 0;
- fprintf(output, "Password must be at least 8 characters long with one or more\n");
- fprintf(output, "non-alphabetic characters\n");
- continue;
- }
- return (char*) PORT_Strdup(phrase);
- }
-}
-
-
-
-PRBool SEC_CheckPassword(char *cp)
-{
- int len;
- char *end;
-
- len = PORT_Strlen(cp);
- if (len < 8) {
- return PR_FALSE;
- }
- end = cp + len;
- while (cp < end) {
- unsigned char ch = *cp++;
- if (!((ch >= 'A') && (ch <= 'Z')) &&
- !((ch >= 'a') && (ch <= 'z'))) {
- /* pass phrase has at least one non alphabetic in it */
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-PRBool SEC_BlindCheckPassword(char *cp)
-{
- if (cp != NULL) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/* Get a password from the input terminal, without echoing */
-
-#if defined(_WINDOWS) || defined(XP_OS2_VACPP)
-static char * quiet_fgets (char *buf, int length, FILE *input)
- {
- int c;
- char *end = buf;
-
- /* fflush (input); */
- memset (buf, 0, length);
-
-#ifndef XP_OS2_VACPP
- if (input != stdin) {
- return fgets(buf,length,input);
- }
-#else
- if (!isatty(fileno(input))) {
- return fgets(buf,length,input);
- }
-#endif
-
- while (1)
- {
-#if defined (_WIN32_WCE)
- c = getchar(); /* gets a character from stdin */
-#else
- c = getch(); /* getch gets a character from the console */
-#endif
- if (c == '\b')
- {
- if (end > buf)
- end--;
- }
-
- else if (--length > 0)
- *end++ = c;
-
- if (!c || c == '\n' || c == '\r')
- break;
- }
-
- return buf;
- }
-#endif
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
deleted file mode 100644
index 1f41e938de..0000000000
--- a/security/nss/cmd/lib/secutil.c
+++ /dev/null
@@ -1,3685 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- * Dr Vipul Gupta , Sun Microsystems Laboratories
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-#include "prenv.h"
-#include "prnetdb.h"
-
-#include "cryptohi.h"
-#include "secutil.h"
-#include "secpkcs7.h"
-#include
-#if !defined(_WIN32_WCE)
-#include
-#include
-#endif
-
-#ifdef XP_UNIX
-#include
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-/* #include "secmod.h" */
-#include "pk11func.h"
-#include "secoid.h"
-
-static char consoleName[] = {
-#ifdef XP_UNIX
-#ifdef VMS
- "TT"
-#else
- "/dev/tty"
-#endif
-#else
-#ifdef XP_OS2
- "\\DEV\\CON"
-#else
- "CON:"
-#endif
-#endif
-};
-
-
-char *
-SECU_GetString(int16 error_number)
-{
-
- static char errString[80];
- sprintf(errString, "Unknown error string (%d)", error_number);
- return errString;
-}
-
-void
-SECU_PrintErrMsg(FILE *out, int level, char *progName, char *msg, ...)
-{
- va_list args;
- PRErrorCode err = PORT_GetError();
- const char * errString = SECU_Strerror(err);
-
- va_start(args, msg);
-
- SECU_Indent(out, level);
- fprintf(out, "%s: ", progName);
- vfprintf(out, msg, args);
- if (errString != NULL && PORT_Strlen(errString) > 0)
- fprintf(out, ": %s\n", errString);
- else
- fprintf(out, ": error %d\n", (int)err);
-
- va_end(args);
-}
-
-void
-SECU_PrintError(char *progName, char *msg, ...)
-{
- va_list args;
- PRErrorCode err = PORT_GetError();
- const char * errString = SECU_Strerror(err);
-
- va_start(args, msg);
-
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
- if (errString != NULL && PORT_Strlen(errString) > 0)
- fprintf(stderr, ": %s\n", errString);
- else
- fprintf(stderr, ": error %d\n", (int)err);
-
- va_end(args);
-}
-
-void
-SECU_PrintSystemError(char *progName, char *msg, ...)
-{
- va_list args;
-
- va_start(args, msg);
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
-#if defined(_WIN32_WCE)
- fprintf(stderr, ": %d\n", PR_GetOSError());
-#else
- fprintf(stderr, ": %s\n", strerror(errno));
-#endif
- va_end(args);
-}
-
-static void
-secu_ClearPassword(char *p)
-{
- if (p) {
- PORT_Memset(p, 0, PORT_Strlen(p));
- PORT_Free(p);
- }
-}
-
-char *
-SECU_GetPasswordString(void *arg, char *prompt)
-{
-#ifndef _WINDOWS
- char *p = NULL;
- FILE *input, *output;
-
- /* open terminal */
- input = fopen(consoleName, "r");
- if (input == NULL) {
- fprintf(stderr, "Error opening input terminal for read\n");
- return NULL;
- }
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- fprintf(stderr, "Error opening output terminal for write\n");
- return NULL;
- }
-
- p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword);
-
-
- fclose(input);
- fclose(output);
-
- return p;
-
-#else
- /* Win32 version of above. opening the console may fail
- on windows95, and certainly isn't necessary.. */
-
- char *p = NULL;
-
- p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword);
- return p;
-
-#endif
-}
-
-
-/*
- * p a s s w o r d _ h a r d c o d e
- *
- * A function to use the password passed in the -f(pwfile) argument
- * of the command line.
- * After use once, null it out otherwise PKCS11 calls us forever.?
- *
- */
-char *
-SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- unsigned char phrase[200];
- PRFileDesc *fd;
- PRInt32 nb;
- char *pwFile = arg;
- int i;
-
- if (!pwFile)
- return 0;
-
- if (retry) {
- return 0; /* no good retrying - the files contents will be the same */
- }
-
- fd = PR_Open(pwFile, PR_RDONLY, 0);
- if (!fd) {
- fprintf(stderr, "No password file \"%s\" exists.\n", pwFile);
- return NULL;
- }
-
- nb = PR_Read(fd, phrase, sizeof(phrase));
-
- PR_Close(fd);
- /* handle the Windows EOL case */
- i = 0;
- while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++;
- phrase[i] = '\0';
- if (nb == 0) {
- fprintf(stderr,"password file contains no data\n");
- return NULL;
- }
- return (char*) PORT_Strdup((char*)phrase);
-}
-
-char *
-SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char prompt[255];
- secuPWData *pwdata = (secuPWData *)arg;
- secuPWData pwnull = { PW_NONE, 0 };
- secuPWData pwxtrn = { PW_EXTERNAL, "external" };
- char *pw;
-
- if (pwdata == NULL)
- pwdata = &pwnull;
-
- if (PK11_ProtectedAuthenticationPath(slot)) {
- pwdata = &pwxtrn;
- }
- if (retry && pwdata->source != PW_NONE) {
- PR_fprintf(PR_STDERR, "Incorrect password/PIN entered.\n");
- return NULL;
- }
-
- switch (pwdata->source) {
- case PW_NONE:
- sprintf(prompt, "Enter Password or Pin for \"%s\":",
- PK11_GetTokenName(slot));
- return SECU_GetPasswordString(NULL, prompt);
- case PW_FROMFILE:
- /* Instead of opening and closing the file every time, get the pw
- * once, then keep it in memory (duh).
- */
- pw = SECU_FilePasswd(slot, retry, pwdata->data);
- pwdata->source = PW_PLAINTEXT;
- pwdata->data = PL_strdup(pw);
- /* it's already been dup'ed */
- return pw;
- case PW_EXTERNAL:
- sprintf(prompt,
- "Press Enter, then enter PIN for \"%s\" on external device.\n",
- PK11_GetTokenName(slot));
- (void) SECU_GetPasswordString(NULL, prompt);
- /* Fall Through */
- case PW_PLAINTEXT:
- return PL_strdup(pwdata->data);
- default:
- break;
- }
-
- PR_fprintf(PR_STDERR, "Password check failed: No password found.\n");
- return NULL;
-}
-
-char *
-secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *p0 = NULL;
- char *p1 = NULL;
- FILE *input, *output;
- secuPWData *pwdata = arg;
-
- if (pwdata->source == PW_FROMFILE) {
- return SECU_FilePasswd(slot, retry, pwdata->data);
- }
- if (pwdata->source == PW_PLAINTEXT) {
- return PL_strdup(pwdata->data);
- }
-
- /* PW_NONE - get it from tty */
- /* open terminal */
-#ifdef _WINDOWS
- input = stdin;
-#else
- input = fopen(consoleName, "r");
-#endif
- if (input == NULL) {
- PR_fprintf(PR_STDERR, "Error opening input terminal for read\n");
- return NULL;
- }
-
- /* we have no password, so initialize database with one */
- PR_fprintf(PR_STDERR,
- "Enter a password which will be used to encrypt your keys.\n"
- "The password should be at least 8 characters long,\n"
- "and should contain at least one non-alphabetic character.\n\n");
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- PR_fprintf(PR_STDERR, "Error opening output terminal for write\n");
- return NULL;
- }
-
-
- for (;;) {
- if (p0)
- PORT_Free(p0);
- p0 = SEC_GetPassword(input, output, "Enter new password: ",
- SEC_BlindCheckPassword);
-
- if (p1)
- PORT_Free(p1);
- p1 = SEC_GetPassword(input, output, "Re-enter password: ",
- SEC_BlindCheckPassword);
- if (p0 && p1 && !PORT_Strcmp(p0, p1)) {
- break;
- }
- PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n");
- }
-
- /* clear out the duplicate password string */
- secu_ClearPassword(p1);
-
- fclose(input);
- fclose(output);
-
- return p0;
-}
-
-SECStatus
-SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile)
-{
- SECStatus rv;
- secuPWData pwdata, newpwdata;
- char *oldpw = NULL, *newpw = NULL;
-
- if (passwd) {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = passwd;
- } else if (pwFile) {
- pwdata.source = PW_FROMFILE;
- pwdata.data = pwFile;
- } else {
- pwdata.source = PW_NONE;
- pwdata.data = NULL;
- }
-
- if (PK11_NeedUserInit(slot)) {
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata);
- rv = PK11_InitPin(slot, (char*)NULL, newpw);
- goto done;
- }
-
- for (;;) {
- oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata);
-
- if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- if (pwdata.source == PW_NONE) {
- PR_fprintf(PR_STDERR, "Invalid password. Try again.\n");
- } else {
- PR_fprintf(PR_STDERR, "Invalid password.\n");
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
- return SECFailure;
- }
- } else
- break;
-
- PORT_Free(oldpw);
- }
-
- newpwdata.source = PW_NONE;
- newpwdata.data = NULL;
-
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata);
-
- if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, "Failed to change password.\n");
- return SECFailure;
- }
-
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
-
- PR_fprintf(PR_STDOUT, "Password changed successfully.\n");
-
-done:
- PORT_Memset(newpw, 0, PL_strlen(newpw));
- PORT_Free(newpw);
- return SECSuccess;
-}
-
-struct matchobj {
- SECItem index;
- char *nname;
- PRBool found;
-};
-
-char *
-SECU_DefaultSSLDir(void)
-{
- char *dir;
- static char sslDir[1000];
-
- dir = PR_GetEnv("SSL_DIR");
- if (!dir)
- return NULL;
-
- sprintf(sslDir, "%s", dir);
-
- if (sslDir[strlen(sslDir)-1] == '/')
- sslDir[strlen(sslDir)-1] = 0;
-
- return sslDir;
-}
-
-char *
-SECU_AppendFilenameToDir(char *dir, char *filename)
-{
- static char path[1000];
-
- if (dir[strlen(dir)-1] == '/')
- sprintf(path, "%s%s", dir, filename);
- else
- sprintf(path, "%s/%s", dir, filename);
- return path;
-}
-
-char *
-SECU_ConfigDirectory(const char* base)
-{
- static PRBool initted = PR_FALSE;
- const char *dir = ".netscape";
- char *home;
- static char buf[1000];
-
- if (initted) return buf;
-
-
- if (base == NULL || *base == 0) {
- home = PR_GetEnv("HOME");
- if (!home) home = "";
-
- if (*home && home[strlen(home) - 1] == '/')
- sprintf (buf, "%.900s%s", home, dir);
- else
- sprintf (buf, "%.900s/%s", home, dir);
- } else {
- sprintf(buf, "%.900s", base);
- if (buf[strlen(buf) - 1] == '/')
- buf[strlen(buf) - 1] = 0;
- }
-
-
- initted = PR_TRUE;
- return buf;
-}
-
-/*Turn off SSL for now */
-/* This gets called by SSL when server wants our cert & key */
-int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- SECKEYPrivateKey *key;
- CERTCertificate *cert;
- int errsave;
-
- if (arg == NULL) {
- fprintf(stderr, "no key/cert name specified for client auth\n");
- return -1;
- }
- cert = PK11_FindCertFromNickname(arg, NULL);
- errsave = PORT_GetError();
- if (!cert) {
- if (errsave == SEC_ERROR_BAD_PASSWORD)
- fprintf(stderr, "Bad password\n");
- else if (errsave > 0)
- fprintf(stderr, "Unable to read cert (error %d)\n", errsave);
- else if (errsave == SEC_ERROR_BAD_DATABASE)
- fprintf(stderr, "Unable to get cert from database (%d)\n", errsave);
- else
- fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave);
- return -1;
- }
-
- key = PK11_FindKeyByAnyCert(arg,NULL);
- if (!key) {
- fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError());
- return -1;
- }
-
-
- *pRetCert = cert;
- *pRetKey = key;
-
- return 0;
-}
-
-SECStatus
-secu_StdinToItem(SECItem *dst)
-{
- unsigned char buf[1000];
- PRInt32 numBytes;
- PRBool notDone = PR_TRUE;
-
- dst->len = 0;
- dst->data = NULL;
-
- while (notDone) {
- numBytes = PR_Read(PR_STDIN, buf, sizeof(buf));
-
- if (numBytes < 0) {
- return SECFailure;
- }
-
- if (numBytes == 0)
- break;
-
- if (dst->data) {
- unsigned char * p = dst->data;
- dst->data = (unsigned char*)PORT_Realloc(p, dst->len + numBytes);
- if (!dst->data) {
- PORT_Free(p);
- }
- } else {
- dst->data = (unsigned char*)PORT_Alloc(numBytes);
- }
- if (!dst->data) {
- return SECFailure;
- }
- PORT_Memcpy(dst->data + dst->len, buf, numBytes);
- dst->len += numBytes;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SECU_FileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, info.size))
- goto loser;
-
- numBytes = PR_Read(src, dst->data, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- return SECSuccess;
-loser:
- SECITEM_FreeItem(dst, PR_FALSE);
- return SECFailure;
-}
-
-SECStatus
-SECU_TextFileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
- unsigned char *buf;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- buf = (unsigned char*)PORT_Alloc(info.size);
- if (!buf)
- return SECFailure;
-
- numBytes = PR_Read(src, buf, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- if (buf[numBytes-1] == '\n') numBytes--;
-#ifdef _WINDOWS
- if (buf[numBytes-1] == '\r') numBytes--;
-#endif
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, numBytes))
- goto loser;
-
- memcpy(dst->data, buf, numBytes);
-
- PORT_Free(buf);
- return SECSuccess;
-loser:
- PORT_Free(buf);
- return SECFailure;
-}
-
-SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
-{
- SECStatus rv;
- if (ascii) {
- /* First convert ascii to binary */
- SECItem filedata;
- char *asc, *body;
-
- /* Read in ascii data */
- rv = SECU_FileToItem(&filedata, inFile);
- asc = (char *)filedata.data;
- if (!asc) {
- fprintf(stderr, "unable to read data from input file\n");
- return SECFailure;
- }
-
- /* check for headers and trailers and remove them */
- if ((body = strstr(asc, "-----BEGIN")) != NULL) {
- char *trailer = NULL;
- asc = body;
- body = PORT_Strchr(body, '\n');
- if (!body)
- body = PORT_Strchr(asc, '\r'); /* maybe this is a MAC file */
- if (body)
- trailer = strstr(++body, "-----END");
- if (trailer != NULL) {
- *trailer = '\0';
- } else {
- fprintf(stderr, "input has header but no trailer\n");
- PORT_Free(filedata.data);
- return SECFailure;
- }
- } else {
- body = asc;
- }
-
- /* Convert to binary */
- rv = ATOB_ConvertAsciiToItem(der, body);
- if (rv) {
- fprintf(stderr, "error converting ascii to binary (%s)\n",
- SECU_Strerror(PORT_GetError()));
- PORT_Free(filedata.data);
- return SECFailure;
- }
-
- PORT_Free(filedata.data);
- } else {
- /* Read in binary der */
- rv = SECU_FileToItem(der, inFile);
- if (rv) {
- fprintf(stderr, "error converting der (%s)\n",
- SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-#define INDENT_MULT 4
-void
-SECU_Indent(FILE *out, int level)
-{
- int i;
-
- for (i = 0; i < level; i++) {
- fprintf(out, " ");
- }
-}
-
-static void secu_Newline(FILE *out)
-{
- fprintf(out, "\n");
-}
-
-void
-SECU_PrintAsHex(FILE *out, SECItem *data, const char *m, int level)
-{
- unsigned i;
- int column;
- PRBool isString = PR_TRUE;
- PRBool isWhiteSpace = PR_TRUE;
- PRBool printedHex = PR_FALSE;
- unsigned int limit = 15;
-
- if ( m ) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
- }
-
- SECU_Indent(out, level); column = level*INDENT_MULT;
- if (!data->len) {
- fprintf(out, "(empty)\n");
- return;
- }
- /* take a pass to see if it's all printable. */
- for (i = 0; i < data->len; i++) {
- unsigned char val = data->data[i];
- if (!val || !isprint(val)) {
- isString = PR_FALSE;
- break;
- }
- if (isWhiteSpace && !isspace(val)) {
- isWhiteSpace = PR_FALSE;
- }
- }
-
- /* Short values, such as bit strings (which are printed with this
- ** function) often look like strings, but we want to see the bits.
- ** so this test assures that short values will be printed in hex,
- ** perhaps in addition to being printed as strings.
- ** The threshold size (4 bytes) is arbitrary.
- */
- if (!isString || data->len <= 4) {
- for (i = 0; i < data->len; i++) {
- if (i != data->len - 1) {
- fprintf(out, "%02x:", data->data[i]);
- column += 3;
- } else {
- fprintf(out, "%02x", data->data[i]);
- column += 2;
- break;
- }
- if (column > 76 || (i % 16 == limit)) {
- secu_Newline(out);
- SECU_Indent(out, level);
- column = level*INDENT_MULT;
- limit = i % 16;
- }
- }
- printedHex = PR_TRUE;
- }
- if (isString && !isWhiteSpace) {
- if (printedHex != PR_FALSE) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
- for (i = 0; i < data->len; i++) {
- unsigned char val = data->data[i];
-
- if (val) {
- fprintf(out,"%c",val);
- column++;
- } else {
- column = 77;
- }
- if (column > 76) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
- }
- }
-
- if (column != level*INDENT_MULT) {
- secu_Newline(out);
- }
-}
-
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
- "................" /* 0x */
- "................" /* 1x */
- " !\"#$%&'()*+,-./" /* 2x */
- "0123456789:;<=>?" /* 3x */
- "@ABCDEFGHIJKLMNO" /* 4x */
- "PQRSTUVWXYZ[\\]^_" /* 5x */
- "`abcdefghijklmno" /* 6x */
- "pqrstuvwxyz{|}~." /* 7x */
- "................" /* 8x */
- "................" /* 9x */
- "................" /* ax */
- "................" /* bx */
- "................" /* cx */
- "................" /* dx */
- "................" /* ex */
- "................" /* fx */
-};
-
-void
-SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len)
-{
- const unsigned char *cp = (const unsigned char *)vp;
- char buf[80];
- char *bp;
- char *ap;
-
- fprintf(out, "%s [Len: %d]\n", msg, len);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- *ap++ = printable[ch];
- if (ap - buf >= 66) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- }
- }
- if (bp > buf) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- }
-}
-
-SECStatus
-SECU_StripTagAndLength(SECItem *i)
-{
- unsigned int start;
-
- if (!i || !i->data || i->len < 2) { /* must be at least tag and length */
- return SECFailure;
- }
- start = ((i->data[1] & 0x80) ? (i->data[1] & 0x7f) + 2 : 2);
- if (i->len < start) {
- return SECFailure;
- }
- i->data += start;
- i->len -= start;
- return SECSuccess;
-}
-
-
-/* This expents i->data[0] to be the MSB of the integer.
-** if you want to print a DER-encoded integer (with the tag and length)
-** call SECU_PrintEncodedInteger();
-*/
-void
-SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level)
-{
- int iv;
-
- if (!i || !i->len || !i->data) {
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: (null)\n", m);
- } else {
- fprintf(out, "(null)\n");
- }
- } else if (i->len > 4) {
- SECU_PrintAsHex(out, i, m, level);
- } else {
- iv = DER_GetInteger(i);
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: %d (0x%x)\n", m, iv, iv);
- } else {
- fprintf(out, "%d (0x%x)\n", iv, iv);
- }
- }
-}
-
-static void
-secu_PrintRawString(FILE *out, SECItem *si, char *m, int level)
-{
- int column;
- unsigned int i;
-
- if ( m ) {
- SECU_Indent(out, level); fprintf(out, "%s: ", m);
- column = (level * INDENT_MULT) + strlen(m) + 2;
- level++;
- } else {
- SECU_Indent(out, level);
- column = level*INDENT_MULT;
- }
- fprintf(out, "\""); column++;
-
- for (i = 0; i < si->len; i++) {
- unsigned char val = si->data[i];
- if (column > 76) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
-
- fprintf(out,"%c", printable[val]); column++;
- }
-
- fprintf(out, "\""); column++;
- if (column != level*INDENT_MULT || column > 76) {
- secu_Newline(out);
- }
-}
-
-void
-SECU_PrintString(FILE *out, SECItem *si, char *m, int level)
-{
- SECItem my = *si;
-
- if (SECSuccess != SECU_StripTagAndLength(&my) || !my.len)
- return;
- secu_PrintRawString(out, &my, m, level);
-}
-
-/* print an unencoded boolean */
-static void
-secu_PrintBoolean(FILE *out, SECItem *i, const char *m, int level)
-{
- int val = 0;
-
- if ( i->data && i->len ) {
- val = i->data[0];
- }
-
- if (!m) {
- m = "Boolean";
- }
- SECU_Indent(out, level);
- fprintf(out, "%s: %s\n", m, (val ? "True" : "False"));
-}
-
-/*
- * Format and print "time". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-static void
-secu_PrintTime(FILE *out, int64 time, char *m, int level)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Convert to local time */
- PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
- timeString = PORT_Alloc(100);
- if (timeString == NULL)
- return;
-
- if (m != NULL) {
- SECU_Indent(out, level);
- fprintf(out, "%s: ", m);
- }
-
- PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime);
- fprintf(out, timeString);
-
- if (m != NULL)
- fprintf(out, "\n");
-
- PORT_Free(timeString);
-}
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-void
-SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-void
-SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
-
- rv = DER_GeneralizedTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-/*
- * Format and print the UTC or Generalized Time "t". If the tag message
- * "m" is not NULL, do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-void
-SECU_PrintTimeChoice(FILE *out, SECItem *t, char *m, int level)
-{
- switch (t->type) {
- case siUTCTime:
- SECU_PrintUTCTime(out, t, m, level);
- break;
-
- case siGeneralizedTime:
- SECU_PrintGeneralizedTime(out, t, m, level);
- break;
-
- default:
- PORT_Assert(0);
- break;
- }
-}
-
-
-/* This prints a SET or SEQUENCE */
-void
-SECU_PrintSet(FILE *out, SECItem *t, char *m, int level)
-{
- int type = t->data[0] & SEC_ASN1_TAGNUM_MASK;
- int constructed = t->data[0] & SEC_ASN1_CONSTRUCTED;
- const char * label;
- SECItem my = *t;
-
- if (!constructed) {
- SECU_PrintAsHex(out, t, m, level);
- return;
- }
- if (SECSuccess != SECU_StripTagAndLength(&my))
- return;
-
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: ", m);
- }
-
- if (type == SEC_ASN1_SET)
- label = "Set ";
- else if (type == SEC_ASN1_SEQUENCE)
- label = "Sequence ";
- else
- label = "";
- fprintf(out,"%s{\n", label); /* } */
-
- while (my.len >= 2) {
- SECItem tmp = my;
-
- if (tmp.data[1] & 0x80) {
- unsigned int i;
- unsigned int lenlen = tmp.data[1] & 0x7f;
- if (lenlen > sizeof tmp.len)
- break;
- tmp.len = 0;
- for (i=0; i < lenlen; i++) {
- tmp.len = (tmp.len << 8) | tmp.data[2+i];
- }
- tmp.len += lenlen + 2;
- } else {
- tmp.len = tmp.data[1] + 2;
- }
- if (tmp.len > my.len) {
- tmp.len = my.len;
- }
- my.data += tmp.len;
- my.len -= tmp.len;
- SECU_PrintAny(out, &tmp, NULL, level + 1);
- }
- SECU_Indent(out, level); fprintf(out, /* { */ "}\n");
-}
-
-static void
-secu_PrintContextSpecific(FILE *out, SECItem *i, char *m, int level)
-{
- int type = i->data[0] & SEC_ASN1_TAGNUM_MASK;
- int constructed = i->data[0] & SEC_ASN1_CONSTRUCTED;
- SECItem tmp;
-
- if (constructed) {
- char * m2;
- if (!m)
- m2 = PR_smprintf("[%d]", type);
- else
- m2 = PR_smprintf("%s: [%d]", m, type);
- if (m2) {
- SECU_PrintSet(out, i, m2, level);
- PR_smprintf_free(m2);
- }
- return;
- }
-
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: ", m);
- }
- fprintf(out,"[%d]\n", type);
-
- tmp = *i;
- if (SECSuccess == SECU_StripTagAndLength(&tmp))
- SECU_PrintAsHex(out, &tmp, m, level+1);
-}
-
-static void
-secu_PrintOctetString(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem tmp = *i;
- if (SECSuccess == SECU_StripTagAndLength(&tmp))
- SECU_PrintAsHex(out, &tmp, m, level);
-}
-
-static void
-secu_PrintBitString(FILE *out, SECItem *i, char *m, int level)
-{
- int unused_bits;
- SECItem tmp = *i;
-
- if (SECSuccess != SECU_StripTagAndLength(&tmp) || tmp.len < 2)
- return;
-
- unused_bits = *tmp.data++;
- tmp.len--;
-
- SECU_PrintAsHex(out, &tmp, m, level);
- if (unused_bits) {
- SECU_Indent(out, level + 1);
- fprintf(out, "(%d least significant bits unused)\n", unused_bits);
- }
-}
-
-/* in a decoded bit string, the len member is a bit length. */
-static void
-secu_PrintDecodedBitString(FILE *out, SECItem *i, char *m, int level)
-{
- int unused_bits;
- SECItem tmp = *i;
-
-
- unused_bits = (tmp.len & 0x7) ? 8 - (tmp.len & 7) : 0;
- DER_ConvertBitString(&tmp); /* convert length to byte length */
-
- SECU_PrintAsHex(out, &tmp, m, level);
- if (unused_bits) {
- SECU_Indent(out, level + 1);
- fprintf(out, "(%d least significant bits unused)\n", unused_bits);
- }
-}
-
-
-/* Print a DER encoded Boolean */
-void
-SECU_PrintEncodedBoolean(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem my = *i;
- if (SECSuccess == SECU_StripTagAndLength(&my))
- secu_PrintBoolean(out, &my, m, level);
-}
-
-/* Print a DER encoded integer */
-void
-SECU_PrintEncodedInteger(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem my = *i;
- if (SECSuccess == SECU_StripTagAndLength(&my))
- SECU_PrintInteger(out, &my, m, level);
-}
-
-/* Print a DER encoded OID */
-void
-SECU_PrintEncodedObjectID(FILE *out, SECItem *i, char *m, int level)
-{
- SECItem my = *i;
- if (SECSuccess == SECU_StripTagAndLength(&my))
- SECU_PrintObjectID(out, &my, m, level);
-}
-
-static void
-secu_PrintBMPString(FILE *out, SECItem *i, char *m, int level)
-{
- unsigned char * s;
- unsigned char * d;
- int len;
- SECItem tmp = {0, 0, 0};
- SECItem my = *i;
-
- if (SECSuccess != SECU_StripTagAndLength(&my))
- goto loser;
- if (my.len % 2)
- goto loser;
- len = (int)(my.len / 2);
- tmp.data = (unsigned char *)PORT_Alloc(len);
- if (!tmp.data)
- goto loser;
- tmp.len = len;
- for (s = my.data, d = tmp.data ; len > 0; len--) {
- PRUint32 bmpChar = (s[0] << 8) | s[1]; s += 2;
- if (!isprint(bmpChar))
- goto loser;
- *d++ = (unsigned char)bmpChar;
- }
- secu_PrintRawString(out, &tmp, m, level);
- PORT_Free(tmp.data);
- return;
-
-loser:
- SECU_PrintAsHex(out, i, m, level);
- if (tmp.data)
- PORT_Free(tmp.data);
-}
-
-static void
-secu_PrintUniversalString(FILE *out, SECItem *i, char *m, int level)
-{
- unsigned char * s;
- unsigned char * d;
- int len;
- SECItem tmp = {0, 0, 0};
- SECItem my = *i;
-
- if (SECSuccess != SECU_StripTagAndLength(&my))
- goto loser;
- if (my.len % 4)
- goto loser;
- len = (int)(my.len / 4);
- tmp.data = (unsigned char *)PORT_Alloc(len);
- if (!tmp.data)
- goto loser;
- tmp.len = len;
- for (s = my.data, d = tmp.data ; len > 0; len--) {
- PRUint32 bmpChar = (s[0] << 24) | (s[1] << 16) | (s[2] << 8) | s[3];
- s += 4;
- if (!isprint(bmpChar))
- goto loser;
- *d++ = (unsigned char)bmpChar;
- }
- secu_PrintRawString(out, &tmp, m, level);
- PORT_Free(tmp.data);
- return;
-
-loser:
- SECU_PrintAsHex(out, i, m, level);
- if (tmp.data)
- PORT_Free(tmp.data);
-}
-
-static void
-secu_PrintUniversal(FILE *out, SECItem *i, char *m, int level)
-{
- switch (i->data[0] & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_ENUMERATED:
- case SEC_ASN1_INTEGER:
- SECU_PrintEncodedInteger(out, i, m, level);
- break;
- case SEC_ASN1_OBJECT_ID:
- SECU_PrintEncodedObjectID(out, i, m, level);
- break;
- case SEC_ASN1_BOOLEAN:
- SECU_PrintEncodedBoolean(out, i, m, level);
- break;
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- SECU_PrintString(out, i, m, level);
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- SECU_PrintGeneralizedTime(out, i, m, level);
- break;
- case SEC_ASN1_UTC_TIME:
- SECU_PrintUTCTime(out, i, m, level);
- break;
- case SEC_ASN1_NULL:
- SECU_Indent(out, level);
- if (m && m[0])
- fprintf(out, "%s: NULL\n", m);
- else
- fprintf(out, "NULL\n");
- break;
- case SEC_ASN1_SET:
- case SEC_ASN1_SEQUENCE:
- SECU_PrintSet(out, i, m, level);
- break;
- case SEC_ASN1_OCTET_STRING:
- secu_PrintOctetString(out, i, m, level);
- break;
- case SEC_ASN1_BIT_STRING:
- secu_PrintBitString(out, i, m, level);
- break;
- case SEC_ASN1_BMP_STRING:
- secu_PrintBMPString(out, i, m, level);
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- secu_PrintUniversalString(out, i, m, level);
- break;
- default:
- SECU_PrintAsHex(out, i, m, level);
- break;
- }
-}
-
-void
-SECU_PrintAny(FILE *out, SECItem *i, char *m, int level)
-{
- if ( i && i->len && i->data ) {
- switch (i->data[0] & SEC_ASN1_CLASS_MASK) {
- case SEC_ASN1_CONTEXT_SPECIFIC:
- secu_PrintContextSpecific(out, i, m, level);
- break;
- case SEC_ASN1_UNIVERSAL:
- secu_PrintUniversal(out, i, m, level);
- break;
- default:
- SECU_PrintAsHex(out, i, m, level);
- break;
- }
- }
-}
-
-static int
-secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintTimeChoice(out, &v->notBefore, "Not Before", level+1);
- SECU_PrintTimeChoice(out, &v->notAfter, "Not After ", level+1);
- return 0;
-}
-
-/* This function does NOT expect a DER type and length. */
-SECOidTag
-SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level)
-{
- SECOidData *oiddata;
- char * oidString = NULL;
-
- oiddata = SECOID_FindOID(oid);
- if (oiddata != NULL) {
- const char *name = oiddata->desc;
- SECU_Indent(out, level);
- if (m != NULL)
- fprintf(out, "%s: ", m);
- fprintf(out, "%s\n", name);
- return oiddata->offset;
- }
- oidString = CERT_GetOidString(oid);
- if (oidString) {
- SECU_Indent(out, level);
- if (m != NULL)
- fprintf(out, "%s: ", m);
- fprintf(out, "%s\n", oidString);
- PR_smprintf_free(oidString);
- return SEC_OID_UNKNOWN;
- }
- SECU_PrintAsHex(out, oid, m, level);
- return SEC_OID_UNKNOWN;
-}
-
-
-/* This function does NOT expect a DER type and length. */
-void
-SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level)
-{
- SECU_PrintObjectID(out, &a->algorithm, m, level);
-
- if (a->parameters.len == 0
- || (a->parameters.len == 2
- && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) {
- /* No arguments or NULL argument */
- } else {
- /* Print args to algorithm */
- SECU_PrintAsHex(out, &a->parameters, "Args", level+1);
- }
-}
-
-static void
-secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level)
-{
- SECItem *value;
- int i;
- char om[100];
-
- if (m) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- }
-
- /*
- * Should make this smarter; look at the type field and then decode
- * and print the value(s) appropriately!
- */
- SECU_PrintObjectID(out, &(attr->type), "Type", level+1);
- if (attr->values != NULL) {
- i = 0;
- while ((value = attr->values[i++]) != NULL) {
- sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : "");
- if (attr->encoded || attr->typeTag == NULL) {
- SECU_PrintAny(out, value, om, level+1);
- } else {
- switch (attr->typeTag->offset) {
- default:
- SECU_PrintAsHex(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- SECU_PrintObjectID(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- SECU_PrintTimeChoice(out, value, om, level+1);
- break;
- }
- }
- }
- }
-}
-
-static void
-secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1);
- SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1);
- if (pk->u.rsa.publicExponent.len == 1 &&
- pk->u.rsa.publicExponent.data[0] == 1) {
- SECU_Indent(out, level +1); fprintf(out, "Error: INVALID RSA KEY!\n");
- }
-}
-
-static void
-secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1);
-}
-
-#ifdef NSS_ENABLE_ECC
-static void
-secu_PrintECPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
- SECItem curveOID = { siBuffer, NULL, 0};
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.ec.publicValue, "PublicValue", level+1);
- /* For named curves, the DEREncodedParams field contains an
- * ASN Object ID (0x06 is SEC_ASN1_OBJECT_ID).
- */
- if ((pk->u.ec.DEREncodedParams.len > 2) &&
- (pk->u.ec.DEREncodedParams.data[0] == 0x06)) {
- curveOID.len = pk->u.ec.DEREncodedParams.data[1];
- curveOID.data = pk->u.ec.DEREncodedParams.data + 2;
- SECU_PrintObjectID(out, &curveOID, "Curve", level +1);
- }
-}
-#endif /* NSS_ENABLE_ECC */
-
-static void
-secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *i, char *msg, int level)
-{
- SECKEYPublicKey *pk;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
- SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1);
-
- pk = SECKEY_ExtractPublicKey(i);
- if (pk) {
- switch (pk->keyType) {
- case rsaKey:
- secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1);
- break;
-
- case dsaKey:
- secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1);
- break;
-
-#ifdef NSS_ENABLE_ECC
- case ecKey:
- secu_PrintECPublicKey(out, pk, "EC Public Key", level +1);
- break;
-#endif
-
- case dhKey:
- case fortezzaKey:
- case keaKey:
- SECU_Indent(out, level);
- fprintf(out, "unable to format this SPKI algorithm type\n");
- goto loser;
- default:
- SECU_Indent(out, level);
- fprintf(out, "unknown SPKI algorithm type\n");
- goto loser;
- }
- PORT_FreeArena(pk->arena, PR_FALSE);
- } else {
- SECU_PrintErrMsg(out, level, "Error", "Parsing public key");
-loser:
- if (i->subjectPublicKey.data) {
- SECU_PrintAny(out, &i->subjectPublicKey, "Raw", level);
- }
- }
-}
-
-static SECStatus
-secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level)
-{
- SECItem decodedValue;
- SECStatus rv;
- int64 invalidTime;
- char *formattedTime = NULL;
-
- decodedValue.data = NULL;
- rv = SEC_ASN1DecodeItem (NULL, &decodedValue,
- SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
- value);
- if (rv == SECSuccess) {
- rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
- if (rv == SECSuccess) {
- formattedTime = CERT_GenTime2FormattedAscii
- (invalidTime, "%a %b %d %H:%M:%S %Y");
- SECU_Indent(out, level +1);
- fprintf (out, "%s: %s\n", msg, formattedTime);
- PORT_Free (formattedTime);
- }
- }
- PORT_Free (decodedValue.data);
- return (rv);
-}
-
-static SECStatus
-PrintExtKeyUsageExtension (FILE *out, SECItem *value, char *msg, int level)
-{
- CERTOidSequence *os;
- SECItem **op;
-
- os = CERT_DecodeOidSequence(value);
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- for( op = os->oids; *op; op++ ) {
- SECU_PrintObjectID(out, *op, msg, level + 1);
- }
- CERT_DestroyOidSequence(os);
- return SECSuccess;
-}
-
-static SECStatus
-secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) {
- CERTBasicConstraints constraints;
- SECStatus rv;
-
- SECU_Indent(out, level);
- if (msg) {
- fprintf(out,"%s: ",msg);
- }
- rv = CERT_DecodeBasicConstraintValue(&constraints,value);
- if (rv == SECSuccess && constraints.isCA) {
- if (constraints.pathLenConstraint >= 0) {
- fprintf(out,"Is a CA with a maximum path length of %d.\n",
- constraints.pathLenConstraint);
- } else {
- fprintf(out,"Is a CA with no maximum path length.\n");
- }
- } else {
- fprintf(out,"Is not a CA.\n");
- }
- return SECSuccess;
-}
-
-static const char * const nsTypeBits[] = {
- "SSL Client",
- "SSL Server",
- "S/MIME",
- "Object Signing",
- "Reserved",
- "SSL CA",
- "S/MIME CA",
- "ObjectSigning CA"
-};
-
-/* NSCertType is merely a bit string whose bits are displayed symbolically */
-static SECStatus
-secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level)
-{
- int unused;
- int NS_Type;
- int i;
- int found = 0;
- SECItem my = *value;
-
- if ((my.data[0] != SEC_ASN1_BIT_STRING) ||
- SECSuccess != SECU_StripTagAndLength(&my)) {
- SECU_PrintAny(out, value, "Data", level);
- return SECSuccess;
- }
-
- unused = (my.len == 2) ? (my.data[0] & 0x0f) : 0;
- NS_Type = my.data[1] & (0xff << unused);
-
-
- SECU_Indent(out, level);
- if (msg) {
- fprintf(out,"%s: ",msg);
- } else {
- fprintf(out,"Netscape Certificate Type: ");
- }
- for (i=0; i < 8; i++) {
- if ( (0x80 >> i) & NS_Type) {
- fprintf(out, "%c%s", (found ? ',' : '<'), nsTypeBits[i]);
- found = 1;
- }
- }
- fprintf(out, (found ? ">\n" : "none\n"));
- return SECSuccess;
-}
-
-static const char * const usageBits[] = {
- "Digital Signature", /* 0x80 */
- "Non-Repudiation", /* 0x40 */
- "Key Encipherment", /* 0x20 */
- "Data Encipherment", /* 0x10 */
- "Key Agreement", /* 0x08 */
- "Certificate Signing", /* 0x04 */
- "CRL Signing", /* 0x02 */
- "Encipher Only", /* 0x01 */
- "Decipher Only", /* 0x0080 */
- NULL
-};
-
-/* X509KeyUsage is merely a bit string whose bits are displayed symbolically */
-static void
-secu_PrintX509KeyUsage(FILE *out, SECItem *value, char *msg, int level)
-{
- int unused;
- int usage;
- int i;
- int found = 0;
- SECItem my = *value;
-
- if ((my.data[0] != SEC_ASN1_BIT_STRING) ||
- SECSuccess != SECU_StripTagAndLength(&my)) {
- SECU_PrintAny(out, value, "Data", level);
- return;
- }
-
- unused = (my.len >= 2) ? (my.data[0] & 0x0f) : 0;
- usage = (my.len == 2) ? (my.data[1] & (0xff << unused)) << 8
- : (my.data[1] << 8) |
- (my.data[2] & (0xff << unused));
-
- SECU_Indent(out, level);
- fprintf(out, "Usages: ");
- for (i=0; usageBits[i]; i++) {
- if ( (0x8000 >> i) & usage) {
- if (found)
- SECU_Indent(out, level + 2);
- fprintf(out, "%s\n", usageBits[i]);
- found = 1;
- }
- }
- if (!found) {
- fprintf(out, "(none)\n");
- }
-}
-
-static void
-secu_PrintIPAddress(FILE *out, SECItem *value, char *msg, int level)
-{
- PRStatus st;
- PRNetAddr addr;
- char addrBuf[80];
-
- memset(&addr, 0, sizeof addr);
- if (value->len == 4) {
- addr.inet.family = PR_AF_INET;
- memcpy(&addr.inet.ip, value->data, value->len);
- } else if (value->len == 16) {
- addr.ipv6.family = PR_AF_INET6;
- memcpy(addr.ipv6.ip.pr_s6_addr, value->data, value->len);
- if (PR_IsNetAddrType(&addr, PR_IpAddrV4Mapped)) {
- /* convert to IPv4. */
- addr.inet.family = PR_AF_INET;
- memcpy(&addr.inet.ip, &addr.ipv6.ip.pr_s6_addr[12], 4);
- memset(&addr.inet.pad[0], 0, sizeof addr.inet.pad);
- }
- } else {
- goto loser;
- }
-
- st = PR_NetAddrToString(&addr, addrBuf, sizeof addrBuf);
- if (st == PR_SUCCESS) {
- SECU_Indent(out, level);
- fprintf(out, "%s: %s\n", msg, addrBuf);
- } else {
-loser:
- SECU_PrintAsHex(out, value, msg, level);
- }
-}
-
-
-static void
-secu_PrintGeneralName(FILE *out, CERTGeneralName *gname, char *msg, int level)
-{
- char label[40];
- if (msg && msg[0]) {
- SECU_Indent(out, level++); fprintf(out, "%s: \n", msg);
- }
- switch (gname->type) {
- case certOtherName :
- SECU_PrintAny( out, &gname->name.OthName.name, "Other Name", level);
- SECU_PrintObjectID(out, &gname->name.OthName.oid, "OID", level+1);
- break;
- case certDirectoryName :
- SECU_PrintName(out, &gname->name.directoryName, "Directory Name", level);
- break;
- case certRFC822Name :
- secu_PrintRawString( out, &gname->name.other, "RFC822 Name", level);
- break;
- case certDNSName :
- secu_PrintRawString( out, &gname->name.other, "DNS name", level);
- break;
- case certURI :
- secu_PrintRawString( out, &gname->name.other, "URI", level);
- break;
- case certIPAddress :
- secu_PrintIPAddress(out, &gname->name.other, "IP Address", level);
- break;
- case certRegisterID :
- SECU_PrintObjectID( out, &gname->name.other, "Registered ID", level);
- break;
- case certX400Address :
- SECU_PrintAny( out, &gname->name.other, "X400 Address", level);
- break;
- case certEDIPartyName :
- SECU_PrintAny( out, &gname->name.other, "EDI Party", level);
- break;
- default:
- PR_snprintf(label, sizeof label, "unknown type [%d]",
- (int)gname->type - 1);
- SECU_PrintAsHex(out, &gname->name.other, label, level);
- break;
- }
-}
-
-static void
-secu_PrintAuthKeyIDExtension(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTAuthKeyID *kid = NULL;
- PLArenaPool *pool = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!pool) {
- SECU_PrintError("Error", "Allocating new ArenaPool");
- return;
- }
- kid = CERT_DecodeAuthKeyID(pool, value);
- if (!kid) {
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, value, "Data", level);
- } else {
- int keyIDPresent = (kid->keyID.data && kid->keyID.len);
- int issuerPresent = kid->authCertIssuer != NULL;
- int snPresent = (kid->authCertSerialNumber.data &&
- kid->authCertSerialNumber.len);
-
- if ((keyIDPresent && !issuerPresent && !snPresent) ||
- (!keyIDPresent && issuerPresent && snPresent)) {
- /* all is well */
- } else {
- SECU_Indent(out, level);
- fprintf(out,
- "Error: KeyID OR (Issuer AND Serial) must be present, not both.\n");
- }
- if (keyIDPresent)
- SECU_PrintAsHex(out, &kid->keyID, "Key ID", level);
- if (issuerPresent)
- secu_PrintGeneralName(out, kid->authCertIssuer, "Issuer", level);
- if (snPresent)
- SECU_PrintInteger(out, &kid->authCertSerialNumber,
- "Serial Number", level);
- }
- PORT_FreeArena(pool, PR_FALSE);
-}
-
-
-static void
-secu_PrintAltNameExtension(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTGeneralName * nameList;
- CERTGeneralName * current;
- PLArenaPool * pool = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!pool) {
- SECU_PrintError("Error", "Allocating new ArenaPool");
- return;
- }
- nameList = current = CERT_DecodeAltNameExtension(pool, value);
- if (!current) {
- if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND) {
- /* Decoder found empty sequence, which is invalid. */
- PORT_SetError(SEC_ERROR_EXTENSION_VALUE_INVALID);
- }
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, value, "Data", level);
- } else {
- do {
- secu_PrintGeneralName(out, current, msg, level);
- current = CERT_GetNextGeneralName(current);
- } while (current != nameList);
- }
- PORT_FreeArena(pool, PR_FALSE);
-}
-
-static void
-secu_PrintCRLDistPtsExtension(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTCrlDistributionPoints * dPoints;
- PLArenaPool * pool = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!pool) {
- SECU_PrintError("Error", "Allocating new ArenaPool");
- return;
- }
- dPoints = CERT_DecodeCRLDistributionPoints(pool, value);
- if (dPoints && dPoints->distPoints && dPoints->distPoints[0]) {
- CRLDistributionPoint ** pPoints = dPoints->distPoints;
- CRLDistributionPoint * pPoint;
- while (NULL != (pPoint = *pPoints++)) {
- if (pPoint->distPointType == generalName &&
- pPoint->distPoint.fullName != NULL) {
- secu_PrintGeneralName(out, pPoint->distPoint.fullName, NULL,
- level);
-#if defined(LATER)
- } else if (pPoint->distPointType == relativeDistinguishedName) {
- /* print the relative name */
-#endif
- } else if (pPoint->derDistPoint.data) {
- SECU_PrintAny(out, &pPoint->derDistPoint, "Point", level);
- }
- if (pPoint->reasons.data) {
- secu_PrintDecodedBitString(out, &pPoint->reasons, "Reasons",
- level);
- }
- if (pPoint->crlIssuer) {
- secu_PrintGeneralName(out, pPoint->crlIssuer, "Issuer", level);
- }
- }
- } else {
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, value, "Data", level);
- }
- PORT_FreeArena(pool, PR_FALSE);
-}
-
-
-static void
-secu_PrintNameConstraintSubtree(FILE *out, CERTNameConstraint *value,
- char *msg, int level)
-{
- CERTNameConstraint *head = value;
- SECU_Indent(out, level); fprintf(out, "%s Subtree:\n", msg);
- level++;
- do {
- secu_PrintGeneralName(out, &value->name, NULL, level);
- if (value->min.data)
- SECU_PrintInteger(out, &value->min, "Minimum", level+1);
- if (value->max.data)
- SECU_PrintInteger(out, &value->max, "Maximum", level+1);
- value = CERT_GetNextNameConstraint(value);
- } while (value != head);
-}
-
-static void
-secu_PrintNameConstraintsExtension(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTNameConstraints * cnstrnts;
- PLArenaPool * pool = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!pool) {
- SECU_PrintError("Error", "Allocating new ArenaPool");
- return;
- }
- cnstrnts = CERT_DecodeNameConstraintsExtension(pool, value);
- if (!cnstrnts) {
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, value, "Raw", level);
- } else {
- if (cnstrnts->permited)
- secu_PrintNameConstraintSubtree(out, cnstrnts->permited,
- "Permitted", level);
- if (cnstrnts->excluded)
- secu_PrintNameConstraintSubtree(out, cnstrnts->excluded,
- "Excluded", level);
- }
- PORT_FreeArena(pool, PR_FALSE);
-}
-
-
-static void
-secu_PrintAuthorityInfoAcess(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTAuthInfoAccess **infos = NULL;
- PLArenaPool * pool = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if (!pool) {
- SECU_PrintError("Error", "Allocating new ArenaPool");
- return;
- }
- infos = CERT_DecodeAuthInfoAccessExtension(pool, value);
- if (!infos) {
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, value, "Raw", level);
- } else {
- CERTAuthInfoAccess *info;
- while (NULL != (info = *infos++)) {
- if (info->method.data) {
- SECU_PrintObjectID(out, &info->method, "Method", level);
- } else {
- SECU_Indent(out,level);
- fprintf(out, "Error: missing method\n");
- }
- if (info->location) {
- secu_PrintGeneralName(out, info->location, "Location", level);
- } else {
- SECU_PrintAny(out, &info->derLocation, "Location", level);
- }
- }
- }
- PORT_FreeArena(pool, PR_FALSE);
-}
-
-
-void
-SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level)
-{
- SECOidTag oidTag;
-
- if ( extensions ) {
- if (msg && *msg) {
- SECU_Indent(out, level++); fprintf(out, "%s:\n", msg);
- }
-
- while ( *extensions ) {
- SECItem *tmpitem;
-
- tmpitem = &(*extensions)->id;
- SECU_PrintObjectID(out, tmpitem, "Name", level);
-
- tmpitem = &(*extensions)->critical;
- if ( tmpitem->len ) {
- secu_PrintBoolean(out, tmpitem, "Critical", level);
- }
-
- oidTag = SECOID_FindOIDTag (&((*extensions)->id));
- tmpitem = &((*extensions)->value);
-
- switch (oidTag) {
- case SEC_OID_X509_INVALID_DATE:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME:
- secu_PrintX509InvalidDate(out, tmpitem, "Date", level );
- break;
- case SEC_OID_X509_CERTIFICATE_POLICIES:
- SECU_PrintPolicy(out, tmpitem, "Data", level );
- break;
- case SEC_OID_NS_CERT_EXT_BASE_URL:
- case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_CRL_URL:
- case SEC_OID_NS_CERT_EXT_CA_CERT_URL:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
- case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
- case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL:
- case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
- case SEC_OID_OCSP_RESPONDER:
- SECU_PrintString(out,tmpitem, "URL", level);
- break;
- case SEC_OID_NS_CERT_EXT_COMMENT:
- SECU_PrintString(out,tmpitem, "Comment", level);
- break;
- case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
- SECU_PrintString(out,tmpitem, "ServerName", level);
- break;
- case SEC_OID_NS_CERT_EXT_CERT_TYPE:
- secu_PrintNSCertType(out,tmpitem,"Data",level);
- break;
- case SEC_OID_X509_BASIC_CONSTRAINTS:
- secu_PrintBasicConstraints(out,tmpitem,"Data",level);
- break;
- case SEC_OID_X509_EXT_KEY_USAGE:
- PrintExtKeyUsageExtension(out, tmpitem, NULL, level);
- break;
- case SEC_OID_X509_KEY_USAGE:
- secu_PrintX509KeyUsage(out, tmpitem, NULL, level );
- break;
- case SEC_OID_X509_AUTH_KEY_ID:
- secu_PrintAuthKeyIDExtension(out, tmpitem, NULL, level );
- break;
- case SEC_OID_X509_SUBJECT_ALT_NAME:
- case SEC_OID_X509_ISSUER_ALT_NAME:
- secu_PrintAltNameExtension(out, tmpitem, NULL, level );
- break;
- case SEC_OID_X509_CRL_DIST_POINTS:
- secu_PrintCRLDistPtsExtension(out, tmpitem, NULL, level );
- break;
- case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD:
- SECU_PrintPrivKeyUsagePeriodExtension(out, tmpitem, NULL,
- level );
- break;
- case SEC_OID_X509_NAME_CONSTRAINTS:
- secu_PrintNameConstraintsExtension(out, tmpitem, NULL, level);
- break;
- case SEC_OID_X509_AUTH_INFO_ACCESS:
- secu_PrintAuthorityInfoAcess(out, tmpitem, NULL, level);
- break;
-
- case SEC_OID_X509_CRL_NUMBER:
- case SEC_OID_X509_REASON_CODE:
-
- /* PKIX OIDs */
- case SEC_OID_PKIX_OCSP:
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- case SEC_OID_PKIX_OCSP_NONCE:
- case SEC_OID_PKIX_OCSP_CRL:
- case SEC_OID_PKIX_OCSP_RESPONSE:
- case SEC_OID_PKIX_OCSP_NO_CHECK:
- case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF:
- case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR:
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- case SEC_OID_PKIX_REGINFO_UTF8_PAIRS:
- case SEC_OID_PKIX_REGINFO_CERT_REQUEST:
-
- /* Netscape extension OIDs. */
- case SEC_OID_NS_CERT_EXT_NETSCAPE_OK:
- case SEC_OID_NS_CERT_EXT_ISSUER_LOGO:
- case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO:
- case SEC_OID_NS_CERT_EXT_ENTITY_LOGO:
- case SEC_OID_NS_CERT_EXT_USER_PICTURE:
-
- /* x.509 v3 Extensions */
- case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
- case SEC_OID_X509_SUBJECT_KEY_ID:
- case SEC_OID_X509_POLICY_MAPPINGS:
- case SEC_OID_X509_POLICY_CONSTRAINTS:
-
-
- default:
- SECU_PrintAny(out, tmpitem, "Data", level);
- break;
- }
-
- secu_Newline(out);
- extensions++;
- }
- }
-}
-
-
-void
-SECU_PrintName(FILE *out, CERTName *name, char *msg, int level)
-{
- char *nameStr;
- char *str;
- SECItem my;
-
- str = nameStr = CERT_NameToAscii(name);
- if (!str) {
- str = "!Invalid AVA!";
- }
- my.data = (unsigned char *)str;
- my.len = PORT_Strlen(str);
-#if 1
- secu_PrintRawString(out, &my, msg, level);
-#else
- SECU_Indent(out, level); fprintf(out, "%s: ", msg);
- fprintf(out, str);
- secu_Newline(out);
-#endif
- PORT_Free(nameStr);
-}
-
-void
-printflags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
- if (!(flags & CERTDB_TRUSTED_CA) &&
- !(flags & CERTDB_TRUSTED_CLIENT_CA))
- PORT_Strcat(trusts, "c");
- if (flags & CERTDB_VALID_PEER)
- if (!(flags & CERTDB_TRUSTED))
- PORT_Strcat(trusts, "p");
- if (flags & CERTDB_TRUSTED_CA)
- PORT_Strcat(trusts, "C");
- if (flags & CERTDB_TRUSTED_CLIENT_CA)
- PORT_Strcat(trusts, "T");
- if (flags & CERTDB_TRUSTED)
- PORT_Strcat(trusts, "P");
- if (flags & CERTDB_USER)
- PORT_Strcat(trusts, "u");
- if (flags & CERTDB_SEND_WARN)
- PORT_Strcat(trusts, "w");
- if (flags & CERTDB_INVISIBLE_CA)
- PORT_Strcat(trusts, "I");
- if (flags & CERTDB_GOVT_APPROVED_CA)
- PORT_Strcat(trusts, "G");
- return;
-}
-
-/* callback for listing certs through pkcs11 */
-SECStatus
-SECU_PrintCertNickname(CERTCertListNode *node, void *data)
-{
- CERTCertTrust *trust;
- CERTCertificate* cert;
- FILE *out;
- char trusts[30];
- char *name;
-
- cert = node->cert;
-
- PORT_Memset (trusts, 0, sizeof (trusts));
- out = (FILE *)data;
-
- name = node->appData;
- if (!name || !name[0]) {
- name = cert->nickname;
- }
- if (!name || !name[0]) {
- name = cert->emailAddr;
- }
- if (!name || !name[0]) {
- name = "(NULL)";
- }
-
- trust = cert->trust;
- if (trust) {
- printflags(trusts, trust->sslFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->emailFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->objectSigningFlags);
- } else {
- PORT_Memcpy(trusts,",,",3);
- }
- fprintf(out, "%-60s %-5s\n", name, trusts);
-
- return (SECSuccess);
-}
-
-int
-SECU_DecodeAndPrintExtensions(FILE *out, SECItem *any, char *m, int level)
-{
- CERTCertExtension **extensions = NULL;
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- int rv = 0;
-
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_QuickDERDecodeItem(arena, &extensions,
- SEC_ASN1_GET(CERT_SequenceOfCertExtensionTemplate), any);
- if (!rv)
- SECU_PrintExtensions(out, extensions, m, level);
- else
- SECU_PrintAny(out, any, m, level);
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-/* print a decoded SET OF or SEQUENCE OF Extensions */
-int
-SECU_PrintSetOfExtensions(FILE *out, SECItem **any, char *m, int level)
-{
- int rv = 0;
- if (m && *m) {
- SECU_Indent(out, level++); fprintf(out, "%s:\n", m);
- }
- while (any && any[0]) {
- rv |= SECU_DecodeAndPrintExtensions(out, any[0], "", level);
- any++;
- }
- return rv;
-}
-
-/* print a decoded SET OF or SEQUENCE OF "ANY" */
-int
-SECU_PrintSetOfAny(FILE *out, SECItem **any, char *m, int level)
-{
- int rv = 0;
- if (m && *m) {
- SECU_Indent(out, level++); fprintf(out, "%s:\n", m);
- }
- while (any && any[0]) {
- SECU_PrintAny(out, any[0], "", level);
- any++;
- }
- return rv;
-}
-
-int
-SECU_PrintCertAttribute(FILE *out, CERTAttribute *attr, char *m, int level)
-{
- int rv = 0;
- SECOidTag tag;
- tag = SECU_PrintObjectID(out, &attr->attrType, "Attribute Type", level);
- if (tag == SEC_OID_PKCS9_EXTENSION_REQUEST) {
- rv = SECU_PrintSetOfExtensions(out, attr->attrValue, "Extensions", level);
- } else {
- rv = SECU_PrintSetOfAny(out, attr->attrValue, "Attribute Values", level);
- }
- return rv;
-}
-
-int
-SECU_PrintCertAttributes(FILE *out, CERTAttribute **attrs, char *m, int level)
-{
- int rv = 0;
- while (attrs[0]) {
- rv |= SECU_PrintCertAttribute(out, attrs[0], m, level+1);
- attrs++;
- }
- return rv;
-}
-
-int /* sometimes a PRErrorCode, other times a SECStatus. Sigh. */
-SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCertificateRequest *cr;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- /* Decode certificate request */
- cr = PORT_ArenaZNew(arena, CERTCertificateRequest);
- if (!cr)
- goto loser;
- cr->arena = arena;
- rv = SEC_QuickDERDecodeItem(arena, cr,
- SEC_ASN1_GET(CERT_CertificateRequestTemplate), der);
- if (rv)
- goto loser;
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &cr->version, "Version", level+1);
- SECU_PrintName(out, &cr->subject, "Subject", level+1);
- secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (cr->attributes)
- SECU_PrintCertAttributes(out, cr->attributes, "Attributes", level+1);
- rv = 0;
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-int
-SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCertificate *c;
- int rv = SEC_ERROR_NO_MEMORY;
- int iv;
-
- if (!arena)
- return rv;
-
- /* Decode certificate */
- c = PORT_ArenaZNew(arena, CERTCertificate);
- if (!c)
- goto loser;
- c->arena = arena;
- rv = SEC_ASN1DecodeItem(arena, c,
- SEC_ASN1_GET(CERT_CertificateTemplate), der);
- if (rv) {
- SECU_Indent(out, level);
- SECU_PrintErrMsg(out, level, "Error", "Parsing extension");
- SECU_PrintAny(out, der, "Raw", level);
- goto loser;
- }
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- iv = c->version.len ? DER_GetInteger(&c->version) : 0; /* version is optional */
- SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
-
- SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1);
- SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1);
- SECU_PrintName(out, &c->issuer, "Issuer", level+1);
- secu_PrintValidity(out, &c->validity, "Validity", level+1);
- SECU_PrintName(out, &c->subject, "Subject", level+1);
- secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (c->issuerID.data)
- secu_PrintDecodedBitString(out, &c->issuerID, "Issuer Unique ID", level+1);
- if (c->subjectID.data)
- secu_PrintDecodedBitString(out, &c->subjectID, "Subject Unique ID", level+1);
- SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1);
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-int
-SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SECKEYPublicKey key;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der);
- if (!rv) {
- /* Pretty print it out */
- secu_PrintRSAPublicKey(out, &key, m, level);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-}
-
-#ifdef HAVE_EPV_TEMPLATE
-int
-SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SECKEYEncryptedPrivateKeyInfo key;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der);
- if (rv)
- goto loser;
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm",
- level+1);
- SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1);
-loser:
- PORT_FreeArena(arena, PR_TRUE);
- return rv;
-}
-#endif
-
-int
-SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
-{
- unsigned char fingerprint[20];
- char *fpStr = NULL;
- int err = PORT_GetError();
- SECStatus rv;
- SECItem fpItem;
-
- /* print MD5 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- rv = PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = MD5_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fpStr = NULL;
- if (rv != SECSuccess && !err)
- err = PORT_GetError();
-
- /* print SHA1 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- rv = PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = SHA1_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fprintf(out, "\n");
-
- if (err)
- PORT_SetError(err);
- if (err || rv != SECSuccess)
- return SECFailure;
-
- return 0;
-}
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-static int
-secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int);
-
-/*
-** secu_PrintPKCS7EncContent
-** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-static void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src,
- char *m, int level)
-{
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- SECU_Indent(out, level);
- fprintf(out, "%s:\n", m);
- SECU_Indent(out, level + 1);
- fprintf(out, "Content Type: %s\n",
- (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
- : "Unknown");
- SECU_PrintAlgorithmID(out, &(src->contentEncAlg),
- "Content Encryption Algorithm", level+1);
- SECU_PrintAsHex(out, &(src->encContent),
- "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-** Prints a PKCS7RecipientInfo type
-*/
-static void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m,
- int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- /* Parse and display encrypted key */
- SECU_PrintAlgorithmID(out, &(info->keyEncAlg),
- "Key Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-
-/*
-** secu_PrintSignerInfo
-** Prints a PKCS7SingerInfo type
-*/
-static void
-secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level)
-{
- SEC_PKCS7Attribute *attr;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm",
- level + 1);
-
- if (info->authAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Authenticated Attributes:\n");
- iv = 0;
- while ((attr = info->authAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%d)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-
- /* Parse and display signature */
- SECU_PrintAlgorithmID(out, &(info->digestEncAlg),
- "Digest Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1);
-
- if (info->unAuthAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Unauthenticated Attributes:\n");
- iv = 0;
- while ((attr = info->unAuthAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%x)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-}
-
-/* callers of this function must make sure that the CERTSignedCrl
- from which they are extracting the CERTCrl has been fully-decoded.
- Otherwise it will not have the entries even though the CRL may have
- some */
-
-void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level)
-{
- CERTCrlEntry *entry;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- /* version is optional */
- iv = crl->version.len ? DER_GetInteger(&crl->version) : 0;
- SECU_Indent(out, level+1);
- fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
- SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm",
- level + 1);
- SECU_PrintName(out, &(crl->name), "Issuer", level + 1);
- SECU_PrintTimeChoice(out, &(crl->lastUpdate), "This Update", level + 1);
- if (crl->nextUpdate.data && crl->nextUpdate.len) /* is optional */
- SECU_PrintTimeChoice(out, &(crl->nextUpdate), "Next Update", level + 1);
-
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv++]) != NULL) {
- sprintf(om, "Entry (%x):\n", iv);
- SECU_Indent(out, level + 1); fprintf(out, om);
- SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
- level + 2);
- SECU_PrintTimeChoice(out, &(entry->revocationDate),
- "Revocation Date", level + 2);
- SECU_PrintExtensions(out, entry->extensions,
- "Entry Extensions", level + 2);
- }
- }
- SECU_PrintExtensions(out, crl->extensions, "CRL Extensions", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Signed
-** Pretty print a PKCS7 signed data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src,
- const char *m, int level)
-{
- SECAlgorithmID *digAlg; /* digest algorithms */
- SECItem *aCert; /* certificate */
- CERTSignedCrl *aCrl; /* certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* signer information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- /* Now for the content */
- rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo),
- "Content Information", level + 1);
- if (rv != 0)
- return rv;
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-/*
-** secu_PrintPKCS7Enveloped
-** Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
- const char *m, int level)
-{
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-** Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
- SEC_PKCS7SignedAndEnvelopedData *src,
- const char *m, int level)
-{
- SECAlgorithmID *digAlg; /* pointer for digest algorithms */
- SECItem *aCert; /* pointer for certificate */
- CERTSignedCrl *aCrl; /* pointer for certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-int
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTCrl *c = NULL;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
- do {
- /* Decode CRL */
- c = PORT_ArenaZNew(arena, CERTCrl);
- if (!c)
- break;
-
- rv = SEC_QuickDERDecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der);
- if (rv != SECSuccess)
- break;
- SECU_PrintCRLInfo (out, c, m, level);
- } while (0);
- PORT_FreeArena (arena, PR_FALSE);
- return rv;
-}
-
-
-/*
-** secu_PrintPKCS7Encrypted
-** Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
- const char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-** Pretty print a PKCS7 digested data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src,
- const char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm",
- level + 1);
- secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
- level + 1);
- SECU_PrintAsHex(out, &src->digest, "Digest", level + 1);
-}
-
-/*
-** secu_PrintPKCS7ContentInfo
-** Takes a SEC_PKCS7ContentInfo type and sends the contents to the
-** appropriate function
-*/
-static int
-secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src,
- char *m, int level)
-{
- const char *desc;
- SECOidTag kind;
- int rv;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
-
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- if (src->contentTypeTag == NULL) {
- desc = "Unknown";
- kind = SEC_OID_PKCS7_DATA;
- } else {
- desc = src->contentTypeTag->desc;
- kind = src->contentTypeTag->offset;
- }
-
- if (src->content.data == NULL) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", desc);
- level++;
- SECU_Indent(out, level); fprintf(out, "\n");
- return 0;
- }
-
- rv = 0;
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */
- rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */
- secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */
- rv = secu_PrintPKCS7SignedAndEnveloped(out,
- src->content.signedAndEnvelopedData,
- desc, level);
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */
- secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */
- secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level);
- break;
-
- default:
- SECU_PrintAsHex(out, src->content.data, desc, level);
- break;
- }
-
- return rv;
-}
-
-/*
-** SECU_PrintPKCS7ContentInfo
-** Decode and print any major PKCS7 data type (up to version 1).
-*/
-int
-SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level)
-{
- SEC_PKCS7ContentInfo *cinfo;
- int rv;
-
- cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
- if (cinfo != NULL) {
- /* Send it to recursive parsing and printing module */
- rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level);
- SEC_PKCS7DestroyContentInfo(cinfo);
- } else {
- rv = -1;
- }
-
- return rv;
-}
-
-/*
-** End of PKCS7 functions
-*/
-
-void
-printFlags(FILE *out, unsigned int flags, int level)
-{
- if ( flags & CERTDB_VALID_PEER ) {
- SECU_Indent(out, level); fprintf(out, "Valid Peer\n");
- }
- if ( flags & CERTDB_TRUSTED ) {
- SECU_Indent(out, level); fprintf(out, "Trusted\n");
- }
- if ( flags & CERTDB_SEND_WARN ) {
- SECU_Indent(out, level); fprintf(out, "Warn When Sending\n");
- }
- if ( flags & CERTDB_VALID_CA ) {
- SECU_Indent(out, level); fprintf(out, "Valid CA\n");
- }
- if ( flags & CERTDB_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted CA\n");
- }
- if ( flags & CERTDB_NS_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n");
- }
- if ( flags & CERTDB_USER ) {
- SECU_Indent(out, level); fprintf(out, "User\n");
- }
- if ( flags & CERTDB_TRUSTED_CLIENT_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n");
- }
- if ( flags & CERTDB_GOVT_APPROVED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Step-up\n");
- }
-}
-
-void
-SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n");
- printFlags(out, trust->sslFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n");
- printFlags(out, trust->emailFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n");
- printFlags(out, trust->objectSigningFlags, level+2);
-}
-
-int SECU_PrintSignedData(FILE *out, SECItem *der, char *m,
- int level, SECU_PPFunc inner)
-{
- PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERTSignedData *sd;
- int rv = SEC_ERROR_NO_MEMORY;
-
- if (!arena)
- return rv;
-
- /* Strip off the signature */
- sd = PORT_ArenaZNew(arena, CERTSignedData);
- if (!sd)
- goto loser;
-
- rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate),
- der);
- if (rv)
- goto loser;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- rv = (*inner)(out, &sd->data, "Data", level+1);
-
- SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm",
- level+1);
- DER_ConvertBitString(&sd->signature);
- SECU_PrintAsHex(out, &sd->signature, "Signature", level+1);
- SECU_PrintFingerprints(out, der, "Fingerprint", level+1);
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
-
-}
-
-
-SECItem *
-SECU_GetPBEPassword(void *arg)
-{
- char *p = NULL;
- SECItem *pwitem = NULL;
-
- p = SECU_GetPasswordString(arg,"Password: ");
-
- /* NOTE: This function is obviously unfinished. */
-
- if ( pwitem == NULL ) {
- fprintf(stderr, "Error hashing password\n");
- return NULL;
- }
-
- return pwitem;
-}
-
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd)
-{
- PRBool found;
- PLOptState *optstate;
- PLOptStatus status;
- char *optstring;
- int i, j;
-
- optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions);
- j = 0;
-
- for (i=0; inumCommands; i++) {
- optstring[j++] = cmd->commands[i].flag;
- }
- for (i=0; inumOptions; i++) {
- optstring[j++] = cmd->options[i].flag;
- if (cmd->options[i].needsArg)
- optstring[j++] = ':';
- }
- optstring[j] = '\0';
- optstate = PL_CreateOptState(argc, argv, optstring);
-
- /* Parse command line arguments */
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-
- /* Wasn't really an option, just standalone arg. */
- if (optstate->option == '\0')
- continue;
-
- found = PR_FALSE;
-
- for (i=0; inumCommands; i++) {
- if (cmd->commands[i].flag == optstate->option) {
- cmd->commands[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->commands[i].arg = (char *)optstate->value;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (found)
- continue;
-
- for (i=0; inumOptions; i++) {
- if (cmd->options[i].flag == optstate->option) {
- cmd->options[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->options[i].arg = (char *)optstate->value;
- } else if (cmd->options[i].needsArg) {
- return SECFailure;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (!found)
- return SECFailure;
- }
- if (status == PL_OPT_BAD)
- return SECFailure;
- return SECSuccess;
-}
-
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum)
-{
- if (optionNum < 0 || optionNum >= cmd->numOptions)
- return NULL;
- if (cmd->options[optionNum].activated)
- return PL_strdup(cmd->options[optionNum].arg);
- else
- return NULL;
-}
-
-static char SECUErrorBuf[64];
-
-char *
-SECU_ErrorStringRaw(int16 err)
-{
- if (err == 0)
- SECUErrorBuf[0] = '\0';
- else if (err == SEC_ERROR_BAD_DATA)
- sprintf(SECUErrorBuf, "Bad data");
- else if (err == SEC_ERROR_BAD_DATABASE)
- sprintf(SECUErrorBuf, "Problem with database");
- else if (err == SEC_ERROR_BAD_DER)
- sprintf(SECUErrorBuf, "Problem with DER");
- else if (err == SEC_ERROR_BAD_KEY)
- sprintf(SECUErrorBuf, "Problem with key");
- else if (err == SEC_ERROR_BAD_PASSWORD)
- sprintf(SECUErrorBuf, "Incorrect password");
- else if (err == SEC_ERROR_BAD_SIGNATURE)
- sprintf(SECUErrorBuf, "Bad signature");
- else if (err == SEC_ERROR_EXPIRED_CERTIFICATE)
- sprintf(SECUErrorBuf, "Expired certificate");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf(SECUErrorBuf, "Invalid extension value");
- else if (err == SEC_ERROR_INPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with input length");
- else if (err == SEC_ERROR_INVALID_ALGORITHM)
- sprintf(SECUErrorBuf, "Invalid algorithm");
- else if (err == SEC_ERROR_INVALID_ARGS)
- sprintf(SECUErrorBuf, "Invalid arguments");
- else if (err == SEC_ERROR_INVALID_AVA)
- sprintf(SECUErrorBuf, "Invalid AVA");
- else if (err == SEC_ERROR_INVALID_TIME)
- sprintf(SECUErrorBuf, "Invalid time");
- else if (err == SEC_ERROR_IO)
- sprintf(SECUErrorBuf, "Security I/O error");
- else if (err == SEC_ERROR_LIBRARY_FAILURE)
- sprintf(SECUErrorBuf, "Library failure");
- else if (err == SEC_ERROR_NO_MEMORY)
- sprintf(SECUErrorBuf, "Out of memory");
- else if (err == SEC_ERROR_OLD_CRL)
- sprintf(SECUErrorBuf, "CRL is older than the current one");
- else if (err == SEC_ERROR_OUTPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with output length");
- else if (err == SEC_ERROR_UNKNOWN_ISSUER)
- sprintf(SECUErrorBuf, "Unknown issuer");
- else if (err == SEC_ERROR_UNTRUSTED_CERT)
- sprintf(SECUErrorBuf, "Untrusted certificate");
- else if (err == SEC_ERROR_UNTRUSTED_ISSUER)
- sprintf(SECUErrorBuf, "Untrusted issuer");
- else if (err == SSL_ERROR_BAD_CERTIFICATE)
- sprintf(SECUErrorBuf, "Bad certificate");
- else if (err == SSL_ERROR_BAD_CLIENT)
- sprintf(SECUErrorBuf, "Bad client");
- else if (err == SSL_ERROR_BAD_SERVER)
- sprintf(SECUErrorBuf, "Bad server");
- else if (err == SSL_ERROR_EXPORT_ONLY_SERVER)
- sprintf(SECUErrorBuf, "Export only server");
- else if (err == SSL_ERROR_NO_CERTIFICATE)
- sprintf(SECUErrorBuf, "No certificate");
- else if (err == SSL_ERROR_NO_CYPHER_OVERLAP)
- sprintf(SECUErrorBuf, "No cypher overlap");
- else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE)
- sprintf(SECUErrorBuf, "Unsupported certificate type");
- else if (err == SSL_ERROR_UNSUPPORTED_VERSION)
- sprintf(SECUErrorBuf, "Unsupported version");
- else if (err == SSL_ERROR_US_ONLY_SERVER)
- sprintf(SECUErrorBuf, "U.S. only server");
- else if (err == PR_IO_ERROR)
- sprintf(SECUErrorBuf, "I/O error");
-
- else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE)
- sprintf (SECUErrorBuf, "Expired Issuer Certificate");
- else if (err == SEC_ERROR_REVOKED_CERTIFICATE)
- sprintf (SECUErrorBuf, "Revoked certificate");
- else if (err == SEC_ERROR_NO_KEY)
- sprintf (SECUErrorBuf, "No private key in database for this cert");
- else if (err == SEC_ERROR_CERT_NOT_VALID)
- sprintf (SECUErrorBuf, "Certificate is not valid");
- else if (err == SEC_ERROR_EXTENSION_NOT_FOUND)
- sprintf (SECUErrorBuf, "Certificate extension was not found");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf (SECUErrorBuf, "Certificate extension value invalid");
- else if (err == SEC_ERROR_CA_CERT_INVALID)
- sprintf (SECUErrorBuf, "Issuer certificate is invalid");
- else if (err == SEC_ERROR_CERT_USAGES_INVALID)
- sprintf (SECUErrorBuf, "Certificate usages is invalid");
- else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION)
- sprintf (SECUErrorBuf, "Certificate has unknown critical extension");
- else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE)
- sprintf (SECUErrorBuf, "Bad PKCS7 signature");
- else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
- else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
-
- return SECUErrorBuf;
-}
-
-char *
-SECU_ErrorString(int16 err)
-{
- char *error_string;
-
- *SECUErrorBuf = 0;
- SECU_ErrorStringRaw (err);
-
- if (*SECUErrorBuf == 0) {
- error_string = SECU_GetString(err);
- if (error_string == NULL || *error_string == '\0')
- sprintf(SECUErrorBuf, "No error string found for %d.", err);
- else
- return error_string;
- }
-
- return SECUErrorBuf;
-}
-
-
-void
-SECU_PrintPRandOSError(char *progName)
-{
- char buffer[513];
- PRInt32 errLen = PR_GetErrorTextLength();
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_GetErrorText(buffer);
- }
- SECU_PrintError(progName, "function failed");
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_fprintf(PR_STDERR, "\t%s\n", buffer);
- }
-}
-
-
-static char *
-bestCertName(CERTCertificate *cert) {
- if (cert->nickname) {
- return cert->nickname;
- }
- if (cert->emailAddr && cert->emailAddr[0]) {
- return cert->emailAddr;
- }
- return cert->subjectName;
-}
-
-void
-SECU_printCertProblems(FILE *outfile, CERTCertDBHandle *handle,
- CERTCertificate *cert, PRBool checksig,
- SECCertificateUsage certUsage, void *pinArg, PRBool verbose)
-{
- CERTVerifyLog log;
- CERTVerifyLogNode *node = NULL;
- unsigned int depth = (unsigned int)-1;
- unsigned int flags = 0;
- char * errstr = NULL;
- PRErrorCode err = PORT_GetError();
-
- log.arena = PORT_NewArena(512);
- log.head = log.tail = NULL;
- log.count = 0;
- CERT_VerifyCertificate(handle, cert, checksig, certUsage, PR_Now(), pinArg, &log, NULL);
-
- if (log.count > 0) {
- fprintf(outfile,"PROBLEM WITH THE CERT CHAIN:\n");
- for (node = log.head; node; node = node->next) {
- if (depth != node->depth) {
- depth = node->depth;
- fprintf(outfile,"CERT %d. %s %s:\n", depth,
- bestCertName(node->cert),
- depth ? "[Certificate Authority]": "");
- if (verbose) {
- const char * emailAddr;
- emailAddr = CERT_GetFirstEmailAddress(node->cert);
- if (emailAddr) {
- fprintf(outfile,"Email Address(es): ");
- do {
- fprintf(outfile, "%s\n", emailAddr);
- emailAddr = CERT_GetNextEmailAddress(node->cert,
- emailAddr);
- } while (emailAddr);
- }
- }
- }
- fprintf(outfile," ERROR %ld: %s\n", node->error,
- SECU_Strerror(node->error));
- errstr = NULL;
- switch (node->error) {
- case SEC_ERROR_INADEQUATE_KEY_USAGE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case KU_DIGITAL_SIGNATURE:
- errstr = "Cert cannot sign.";
- break;
- case KU_KEY_ENCIPHERMENT:
- errstr = "Cert cannot encrypt.";
- break;
- case KU_KEY_CERT_SIGN:
- errstr = "Cert cannot sign other certs.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_INADEQUATE_CERT_TYPE:
- flags = (unsigned int)node->arg;
- switch (flags) {
- case NS_CERT_TYPE_SSL_CLIENT:
- case NS_CERT_TYPE_SSL_SERVER:
- errstr = "Cert cannot be used for SSL.";
- break;
- case NS_CERT_TYPE_SSL_CA:
- errstr = "Cert cannot be used as an SSL CA.";
- break;
- case NS_CERT_TYPE_EMAIL:
- errstr = "Cert cannot be used for SMIME.";
- break;
- case NS_CERT_TYPE_EMAIL_CA:
- errstr = "Cert cannot be used as an SMIME CA.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING:
- errstr = "Cert cannot be used for object signing.";
- break;
- case NS_CERT_TYPE_OBJECT_SIGNING_CA:
- errstr = "Cert cannot be used as an object signing CA.";
- break;
- default:
- errstr = "[unknown usage].";
- break;
- }
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_ISSUER:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- errstr = node->cert->issuerName;
- break;
- default:
- break;
- }
- if (errstr) {
- fprintf(stderr," %s\n",errstr);
- }
- CERT_DestroyCertificate(node->cert);
- }
- }
- PORT_SetError(err); /* restore original error code */
-}
-
-SECOidTag
-SECU_StringToSignatureAlgTag(const char *alg)
-{
- SECOidTag hashAlgTag = SEC_OID_UNKNOWN;
-
- if (alg) {
- if (!PL_strcmp(alg, "MD2")) {
- hashAlgTag = SEC_OID_MD2;
- } else if (!PL_strcmp(alg, "MD4")) {
- hashAlgTag = SEC_OID_MD4;
- } else if (!PL_strcmp(alg, "MD5")) {
- hashAlgTag = SEC_OID_MD5;
- } else if (!PL_strcmp(alg, "SHA1")) {
- hashAlgTag = SEC_OID_SHA1;
- } else if (!PL_strcmp(alg, "SHA256")) {
- hashAlgTag = SEC_OID_SHA256;
- } else if (!PL_strcmp(alg, "SHA384")) {
- hashAlgTag = SEC_OID_SHA384;
- } else if (!PL_strcmp(alg, "SHA512")) {
- hashAlgTag = SEC_OID_SHA512;
- }
- }
- return hashAlgTag;
-}
-
-
-SECStatus
-SECU_StoreCRL(PK11SlotInfo *slot, SECItem *derCrl, PRFileDesc *outFile,
- const PRBool ascii, char *url)
-{
- PORT_Assert(derCrl != NULL);
- if (!derCrl) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (outFile != NULL) {
- if (ascii) {
- PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CRL_HEADER,
- BTOA_DataToAscii(derCrl->data, derCrl->len),
- NS_CRL_TRAILER);
- } else {
- if (PR_Write(outFile, derCrl->data, derCrl->len) != derCrl->len) {
- return SECFailure;
- }
- }
- }
- if (slot) {
- CERTSignedCrl *newCrl = PK11_ImportCRL(slot, derCrl, url,
- SEC_CRL_TYPE, NULL, 0, NULL, 0);
- if (newCrl != NULL) {
- SEC_DestroyCrl(newCrl);
- return SECSuccess;
- }
- return SECFailure;
- }
- if (!outFile && !slot) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-SECU_SignAndEncodeCRL(CERTCertificate *issuer, CERTSignedCrl *signCrl,
- SECOidTag hashAlgTag, SignAndEncodeFuncExitStat *resCode)
-{
- SECItem der;
- SECKEYPrivateKey *caPrivateKey = NULL;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag algID;
- void *dummy;
-
- PORT_Assert(issuer != NULL && signCrl != NULL);
- if (!issuer || !signCrl) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- arena = signCrl->arena;
-
- caPrivateKey = PK11_FindKeyByAnyCert(issuer, NULL);
- if (caPrivateKey == NULL) {
- *resCode = noKeyFound;
- return SECFailure;
- }
-
- algID = SEC_GetSignatureAlgorithmOidTag(caPrivateKey->keyType, hashAlgTag);
- if (algID == SEC_OID_UNKNOWN) {
- *resCode = noSignatureMatch;
- rv = SECFailure;
- goto done;
- }
-
- if (!signCrl->crl.signatureAlg.parameters.data) {
- rv = SECOID_SetAlgorithmID(arena, &signCrl->crl.signatureAlg, algID, 0);
- if (rv != SECSuccess) {
- *resCode = failToEncode;
- goto done;
- }
- }
-
- der.len = 0;
- der.data = NULL;
- dummy = SEC_ASN1EncodeItem(arena, &der, &signCrl->crl,
- SEC_ASN1_GET(CERT_CrlTemplate));
- if (!dummy) {
- *resCode = failToEncode;
- rv = SECFailure;
- goto done;
- }
-
- rv = SECU_DerSignDataCRL(arena, &signCrl->signatureWrap,
- der.data, der.len, caPrivateKey, algID);
- if (rv != SECSuccess) {
- *resCode = failToSign;
- goto done;
- }
-
- signCrl->derCrl = PORT_ArenaZNew(arena, SECItem);
- if (signCrl->derCrl == NULL) {
- *resCode = noMem;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto done;
- }
-
- signCrl->derCrl->len = 0;
- signCrl->derCrl->data = NULL;
- dummy = SEC_ASN1EncodeItem (arena, signCrl->derCrl, signCrl,
- SEC_ASN1_GET(CERT_SignedCrlTemplate));
- if (!dummy) {
- *resCode = failToEncode;
- rv = SECFailure;
- goto done;
- }
-
-done:
- if (caPrivateKey) {
- SECKEY_DestroyPrivateKey(caPrivateKey);
- }
- return rv;
-}
-
-
-
-SECStatus
-SECU_CopyCRL(PRArenaPool *destArena, CERTCrl *destCrl, CERTCrl *srcCrl)
-{
- void *dummy;
- SECStatus rv = SECSuccess;
- SECItem der;
-
- PORT_Assert(destArena && srcCrl && destCrl);
- if (!destArena || !srcCrl || !destCrl) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- der.len = 0;
- der.data = NULL;
- dummy = SEC_ASN1EncodeItem (destArena, &der, srcCrl,
- SEC_ASN1_GET(CERT_CrlTemplate));
- if (!dummy) {
- return SECFailure;
- }
-
- rv = SEC_QuickDERDecodeItem(destArena, destCrl,
- SEC_ASN1_GET(CERT_CrlTemplate), &der);
- if (rv != SECSuccess) {
- return SECFailure;
- }
-
- destCrl->arena = destArena;
-
- return rv;
-}
-
-SECStatus
-SECU_DerSignDataCRL(PRArenaPool *arena, CERTSignedData *sd,
- unsigned char *buf, int len, SECKEYPrivateKey *pk,
- SECOidTag algID)
-{
- SECItem it;
- SECStatus rv;
-
- it.data = 0;
-
- /* XXX We should probably have some asserts here to make sure the key type
- * and algID match
- */
-
- /* Sign input buffer */
- rv = SEC_SignData(&it, buf, len, pk, algID);
- if (rv) goto loser;
-
- /* Fill out SignedData object */
- PORT_Memset(sd, 0, sizeof(sd));
- sd->data.data = buf;
- sd->data.len = len;
- sd->signature.data = it.data;
- sd->signature.len = it.len << 3; /* convert to bit string */
- if (!sd->signatureAlgorithm.parameters.data) {
- rv = SECOID_SetAlgorithmID(arena, &sd->signatureAlgorithm, algID, 0);
- if (rv) goto loser;
- }
-
- return rv;
-
- loser:
- PORT_Free(it.data);
- return rv;
-}
-
-#if 0
-
-/* we need access to the private function cert_FindExtension for this code to work */
-
-CERTAuthKeyID *
-SECU_FindCRLAuthKeyIDExten (PRArenaPool *arena, CERTSignedCrl *scrl)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
- CERTAuthKeyID *ret;
- CERTCrl* crl;
-
- if (!scrl) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- crl = &scrl->crl;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(crl->extensions, SEC_OID_X509_AUTH_KEY_ID,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (NULL);
- }
-
- ret = CERT_DecodeAuthKeyID (arena, &encodedExtenValue);
-
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return(ret);
-}
-
-#endif
-
-/*
- * Find the issuer of a Crl. Use the authorityKeyID if it exists.
- */
-CERTCertificate *
-SECU_FindCrlIssuer(CERTCertDBHandle *dbhandle, SECItem* subject,
- CERTAuthKeyID* authorityKeyID, PRTime validTime)
-{
- CERTCertListNode *node;
- CERTCertificate * issuerCert = NULL, *cert = NULL;
- CERTCertList *certList = NULL;
- SECStatus rv = SECFailure;
-
- if (!subject) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- certList =
- CERT_CreateSubjectCertList(NULL, dbhandle, subject,
- validTime, PR_TRUE);
- if (!certList) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- /* XXX and authoritykeyid in the future */
- while ( ! CERT_LIST_END(node, certList) ) {
- cert = node->cert;
- if (CERT_CheckCertUsage(cert, KU_CRL_SIGN) != SECSuccess ||
- !cert->trust) {
- continue;
- }
- /* select the first (newest) user cert */
- if (CERT_IsUserCert(cert)) {
- rv = SECSuccess;
- goto success;
- }
- }
-
- success:
- if (rv == SECSuccess) {
- issuerCert = CERT_DupCertificate(cert);
- }
- loser:
- if (certList) {
- CERT_DestroyCertList(certList);
- }
- return(issuerCert);
-}
-
-
-/* Encodes and adds extensions to the CRL or CRL entries. */
-SECStatus
-SECU_EncodeAndAddExtensionValue(PRArenaPool *arena, void *extHandle,
- void *value, PRBool criticality, int extenType,
- EXTEN_EXT_VALUE_ENCODER EncodeValueFn)
-{
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- do {
- rv = (*EncodeValueFn)(arena, value, &encodedValue);
- if (rv != SECSuccess)
- break;
-
- rv = CERT_AddExtension(extHandle, extenType, &encodedValue,
- criticality, PR_TRUE);
- if (rv != SECSuccess)
- break;
- } while (0);
-
- return (rv);
-}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
deleted file mode 100644
index e8fc375505..0000000000
--- a/security/nss/cmd/lib/secutil.h
+++ /dev/null
@@ -1,424 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-#ifndef _SEC_UTIL_H_
-#define _SEC_UTIL_H_
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "prerror.h"
-#include "base64.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secder.h"
-#include
-
-#define SEC_CT_PRIVATE_KEY "private-key"
-#define SEC_CT_PUBLIC_KEY "public-key"
-#define SEC_CT_CERTIFICATE "certificate"
-#define SEC_CT_CERTIFICATE_REQUEST "certificate-request"
-#define SEC_CT_PKCS7 "pkcs7"
-#define SEC_CT_CRL "crl"
-
-#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----"
-#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----"
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-#define NS_CRL_HEADER "-----BEGIN CRL-----"
-#define NS_CRL_TRAILER "-----END CRL-----"
-
-/* From libsec/pcertdb.c --- it's not declared in sec.h */
-extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle,
- SECItem *derCert, char *nickname, CERTCertTrust *trust);
-
-
-#ifdef SECUTIL_NEW
-typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item,
- char *msg, int level);
-#else
-typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
-#endif
-
-typedef struct {
- enum {
- PW_NONE = 0,
- PW_FROMFILE = 1,
- PW_PLAINTEXT = 2,
- PW_EXTERNAL = 3
- } source;
- char *data;
-} secuPWData;
-
-/*
-** Change a password on a token, or initialize a token with a password
-** if it does not already have one.
-** Use passwd to send the password in plaintext, pwFile to specify a
-** file containing the password, or NULL for both to prompt the user.
-*/
-SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile);
-
-/* These were stolen from the old sec.h... */
-/*
-** Check a password for legitimacy. Passwords must be at least 8
-** characters long and contain one non-alphabetic. Return DSTrue if the
-** password is ok, DSFalse otherwise.
-*/
-extern PRBool SEC_CheckPassword(char *password);
-
-/*
-** Blind check of a password. Complement to SEC_CheckPassword which
-** ignores length and content type, just retuning DSTrue is the password
-** exists, DSFalse if NULL
-*/
-extern PRBool SEC_BlindCheckPassword(char *password);
-
-/*
-** Get a password.
-** First prompt with "msg" on "out", then read the password from "in".
-** The password is then checked using "chkpw".
-*/
-extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg,
- PRBool (*chkpw)(char *));
-
-char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-char *SECU_GetPasswordString(void *arg, char *prompt);
-
-/*
-** Write a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to encrypt a password "pw" into a file "fd".
-*/
-extern SECStatus SEC_WriteDongleFile(int fd, char *pw);
-
-/*
-** Get a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to decrypt and return a password from file "fd".
-*/
-extern char *SEC_ReadDongleFile(int fd);
-
-
-/* End stolen headers */
-
-/* Just sticks the two strings together with a / if needed */
-char *SECU_AppendFilenameToDir(char *dir, char *filename);
-
-/* Returns result of getenv("SSL_DIR") or NULL */
-extern char *SECU_DefaultSSLDir(void);
-
-/*
-** Should be called once during initialization to set the default
-** directory for looking for cert.db, key.db, and cert-nameidx.db files
-** Removes trailing '/' in 'base'
-** If 'base' is NULL, defaults to set to .netscape in home directory.
-*/
-extern char *SECU_ConfigDirectory(const char* base);
-
-/*
-** Basic callback function for SSL_GetClientAuthDataHook
-*/
-extern int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* print out an error message */
-extern void SECU_PrintError(char *progName, char *msg, ...);
-
-/* print out a system error message */
-extern void SECU_PrintSystemError(char *progName, char *msg, ...);
-
-/* Return informative error string */
-extern const char * SECU_Strerror(PRErrorCode errNum);
-
-/* print information about cert verification failure */
-extern void
-SECU_printCertProblems(FILE *outfile, CERTCertDBHandle *handle,
- CERTCertificate *cert, PRBool checksig,
- SECCertificateUsage certUsage, void *pinArg, PRBool verbose);
-
-/* Read the contents of a file into a SECItem */
-extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src);
-extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src);
-
-/* Read in a DER from a file, may be ascii */
-extern SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii);
-
-/* Indent based on "level" */
-extern void SECU_Indent(FILE *out, int level);
-
-/* Print integer value and hex */
-extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level);
-
-/* Print ObjectIdentifier symbolically */
-extern SECOidTag SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level);
-
-/* Print AlgorithmIdentifier symbolically */
-extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m,
- int level);
-
-/* Print SECItem as hex */
-extern void SECU_PrintAsHex(FILE *out, SECItem *i, const char *m, int level);
-
-/* dump a buffer in hex and ASCII */
-extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len);
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level);
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m,
- int level);
-
-/*
- * Format and print the UTC or Generalized Time "t". If the tag message
- * "m" is not NULL, do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-extern void SECU_PrintTimeChoice(FILE *out, SECItem *t, char *m, int level);
-
-/* callback for listing certs through pkcs11 */
-extern SECStatus SECU_PrintCertNickname(CERTCertListNode* cert, void *data);
-
-/* Dump all certificate nicknames in a database */
-extern SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out,
- PRBool sortByName, PRBool sortByTrust);
-
-/* See if nickname already in database. Return 1 true, 0 false, -1 error */
-int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname);
-
-/* Dump contents of cert req */
-extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Dump contents of certificate */
-extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level);
-
-/* print trust flags on a cert */
-extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level);
-
-/* Dump contents of public key */
-extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level);
-
-#ifdef HAVE_EPV_TEMPLATE
-/* Dump contents of private key */
-extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level);
-#endif
-
-/* Print the MD5 and SHA1 fingerprints of a cert */
-extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m,
- int level);
-
-/* Pretty-print any PKCS7 thing */
-extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Init PKCS11 stuff */
-extern SECStatus SECU_PKCS11Init(PRBool readOnly);
-
-/* Dump contents of signed data */
-extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level,
- SECU_PPFunc inner);
-
-extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level);
-
-extern void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level);
-
-extern void SECU_PrintString(FILE *out, SECItem *si, char *m, int level);
-extern void SECU_PrintAny(FILE *out, SECItem *i, char *m, int level);
-
-extern void SECU_PrintPolicy(FILE *out, SECItem *value, char *msg, int level);
-extern void SECU_PrintPrivKeyUsagePeriodExtension(FILE *out, SECItem *value,
- char *msg, int level);
-
-extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level);
-
-extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level);
-
-#ifdef SECU_GetPassword
-/* Convert a High public Key to a Low public Key */
-extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
-#endif
-
-extern SECItem *SECU_GetPBEPassword(void *arg);
-
-extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
-extern void SEC_Init(void);
-
-extern char *SECU_SECModDBName(void);
-
-extern void SECU_PrintPRandOSError(char *progName);
-
-extern SECStatus SECU_RegisterDynamicOids(void);
-
-/* Identifies hash algorithm tag by its string representation. */
-extern SECOidTag SECU_StringToSignatureAlgTag(const char *alg);
-
-/* Store CRL in output file or pk11 db. Also
- * encodes with base64 and exports to file if ascii flag is set
- * and file is not NULL. */
-extern SECStatus SECU_StoreCRL(PK11SlotInfo *slot, SECItem *derCrl,
- PRFileDesc *outFile, int ascii, char *url);
-
-
-/*
-** DER sign a single block of data using private key encryption and the
-** MD5 hashing algorithm. This routine first computes a digital signature
-** using SEC_SignData, then wraps it with an CERTSignedData and then der
-** encodes the result.
-** "arena" is the memory arena to use to allocate data from
-** "sd" returned CERTSignedData
-** "result" the final der encoded data (memory is allocated)
-** "buf" the input data to sign
-** "len" the amount of data to sign
-** "pk" the private key to encrypt with
-*/
-extern SECStatus SECU_DerSignDataCRL(PRArenaPool *arena, CERTSignedData *sd,
- unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algID);
-
-typedef enum {
- noKeyFound = 1,
- noSignatureMatch = 2,
- failToEncode = 3,
- failToSign = 4,
- noMem = 5
-} SignAndEncodeFuncExitStat;
-
-extern SECStatus
-SECU_SignAndEncodeCRL(CERTCertificate *issuer, CERTSignedCrl *signCrl,
- SECOidTag hashAlgTag, SignAndEncodeFuncExitStat *resCode);
-
-extern SECStatus
-SECU_CopyCRL(PRArenaPool *destArena, CERTCrl *destCrl, CERTCrl *srcCrl);
-
-/*
-** Finds the crl Authority Key Id extension. Returns NULL if no such extension
-** was found.
-*/
-CERTAuthKeyID *
-SECU_FindCRLAuthKeyIDExten (PRArenaPool *arena, CERTSignedCrl *crl);
-
-/*
- * Find the issuer of a crl. Cert usage should be checked before signing a crl.
- */
-CERTCertificate *
-SECU_FindCrlIssuer(CERTCertDBHandle *dbHandle, SECItem* subject,
- CERTAuthKeyID* id, PRTime validTime);
-
-
-/* call back function used in encoding of an extension. Called from
- * SECU_EncodeAndAddExtensionValue */
-typedef SECStatus (* EXTEN_EXT_VALUE_ENCODER) (PRArenaPool *extHandleArena,
- void *value, SECItem *encodedValue);
-
-/* Encodes and adds extensions to the CRL or CRL entries. */
-SECStatus
-SECU_EncodeAndAddExtensionValue(PRArenaPool *arena, void *extHandle,
- void *value, PRBool criticality, int extenType,
- EXTEN_EXT_VALUE_ENCODER EncodeValueFn);
-
-
-/*
- *
- * Utilities for parsing security tools command lines
- *
- */
-
-/* A single command flag */
-typedef struct {
- char flag;
- PRBool needsArg;
- char *arg;
- PRBool activated;
-} secuCommandFlag;
-
-/* A full array of command/option flags */
-typedef struct
-{
- int numCommands;
- int numOptions;
-
- secuCommandFlag *commands;
- secuCommandFlag *options;
-} secuCommand;
-
-/* fill the "arg" and "activated" fields for each flag */
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd);
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum);
-
-/*
- *
- * Error messaging
- *
- */
-
-/* Return informative error string */
-char *SECU_ErrorString(int16 err);
-
-/* Return informative error string. Does not call XP_GetString */
-char *SECU_ErrorStringRaw(int16 err);
-
-void printflags(char *trusts, unsigned int flags);
-
-#ifndef XP_UNIX
-extern int ffs(unsigned int i);
-#endif
-
-#include "secerr.h"
-#include "sslerr.h"
-
-#endif /* _SEC_UTIL_H_ */
diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile
deleted file mode 100644
index 835c858330..0000000000
--- a/security/nss/cmd/makepqg/Makefile
+++ /dev/null
@@ -1,81 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-
diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c
deleted file mode 100644
index 5a172d696b..0000000000
--- a/security/nss/cmd/makepqg/makepqg.c
+++ /dev/null
@@ -1,363 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "nss.h"
-#include "secutil.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "pk11pqg.h"
-
-#if defined(XP_UNIX)
-#include
-#endif
-
-#include "plgetopt.h"
-
-#define BPB 8 /* bits per byte. */
-
-char *progName;
-
-
-const SEC_ASN1Template seckey_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
- { 0, }
-};
-
-
-
-void
-Usage(void)
-{
- fprintf(stderr, "Usage: %s\n", progName);
- fprintf(stderr,
-"-a Output DER-encoded PQG params, BTOA encoded.\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-b Output DER-encoded PQG params in binary\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-r Output P, Q and G in ASCII hexadecimal. \n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-g bits Generate SEED this many bits long.\n"
-);
- exit(-1);
-
-}
-
-SECStatus
-outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- PRArenaPool * arena = NULL;
- char * PQG;
- SECItem * pItem;
- int cc;
- SECStatus rv;
- SECItem encodedParams;
-
- if (output_raw) {
- SECItem item;
-
- rv = PK11_PQG_GetPrimeFromParams(pqgParams, &item);
- if (rv) {
- SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
- return rv;
- }
- SECU_PrintInteger(outFile, &item, "Prime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- rv = PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
- if (rv) {
- SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
- return rv;
- }
- SECU_PrintInteger(outFile, &item, "Subprime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- rv = PK11_PQG_GetBaseFromParams(pqgParams, &item);
- if (rv) {
- SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
- return rv;
- }
- SECU_PrintInteger(outFile, &item, "Base", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- fprintf(outFile, "\n");
- return SECSuccess;
- }
-
- encodedParams.data = NULL;
- encodedParams.len = 0;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- SECU_PrintError(progName, "PORT_NewArena");
- return SECFailure;
- }
- pItem = SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
- seckey_PQGParamsTemplate);
- if (!pItem) {
- SECU_PrintError(progName, "SEC_ASN1EncodeItem");
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
- }
- if (output_binary) {
- size_t len;
- len = fwrite(encodedParams.data, 1, encodedParams.len, outFile);
- PORT_FreeArena(arena, PR_FALSE);
- if (len != encodedParams.len) {
- fprintf(stderr, "%s: fwrite failed\n", progName);
- return SECFailure;
- }
- return SECSuccess;
- }
-
- /* must be output ASCII */
- PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);
- PORT_FreeArena(arena, PR_FALSE);
- if (!PQG) {
- SECU_PrintError(progName, "BTOA_DataToAscii");
- return SECFailure;
- }
-
- cc = fprintf(outFile,"%s\n",PQG);
- PORT_Free(PQG);
- if (cc <= 0) {
- fprintf(stderr, "%s: fprintf failed\n", progName);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- SECStatus rv = SECSuccess;
- if (output_raw) {
- SECItem item;
- unsigned int counter;
-
- rv = PK11_PQG_GetHFromVerify(pqgVerify, &item);
- if (rv) {
- SECU_PrintError(progName, "PK11_PQG_GetHFromVerify");
- return rv;
- }
- SECU_PrintInteger(outFile, &item, "h", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- rv = PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
- if (rv) {
- SECU_PrintError(progName, "PK11_PQG_GetSeedFromVerify");
- return rv;
- }
- SECU_PrintInteger(outFile, &item, "SEED", 1);
- fprintf(outFile, " g: %d\n", item.len * BPB);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
- fprintf(outFile, " counter: %d\n", counter);
- fprintf(outFile, "\n");
- }
- return rv;
-}
-
-int
-main(int argc, char **argv)
-{
- FILE * outFile = NULL;
- char * outFileName = NULL;
- PQGParams * pqgParams = NULL;
- PQGVerify * pqgVerify = NULL;
- int keySizeInBits = 1024;
- int j;
- int g = 0;
- SECStatus rv = 0;
- SECStatus passed = 0;
- PRBool output_ascii = PR_FALSE;
- PRBool output_binary = PR_FALSE;
- PRBool output_raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "?abg:l:o:r" );
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
-
- case 'l':
- keySizeInBits = atoi(optstate->value);
- break;
-
- case 'a':
- output_ascii = PR_TRUE;
- break;
-
- case 'b':
- output_binary = PR_TRUE;
- break;
-
- case 'r':
- output_raw = PR_TRUE;
- break;
-
- case 'o':
- if (outFileName) {
- PORT_Free(outFileName);
- }
- outFileName = PORT_Strdup(optstate->value);
- if (!outFileName) {
- rv = -1;
- }
- break;
-
- case 'g':
- g = atoi(optstate->value);
- break;
-
- default:
- case '?':
- Usage();
- break;
-
- }
- }
- PL_DestroyOptState(optstate);
-
- if (status == PL_OPT_BAD) {
- Usage();
- }
-
- /* exactly 1 of these options must be set. */
- if (1 != ((output_ascii != PR_FALSE) +
- (output_binary != PR_FALSE) +
- (output_raw != PR_FALSE))) {
- Usage();
- }
-
- j = PQG_PBITS_TO_INDEX(keySizeInBits);
- if (j < 0) {
- fprintf(stderr, "%s: Illegal prime length, \n"
- "\tacceptable values are between 512 and 1024,\n"
- "\tand divisible by 64\n", progName);
- return 2;
- }
- if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
- fprintf(stderr, "%s: Illegal g bits, \n"
- "\tacceptable values are between 160 and 2040,\n"
- "\tand divisible by 8\n", progName);
- return 3;
- }
-
- if (!rv && outFileName) {
- outFile = fopen(outFileName, output_binary ? "wb" : "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, outFileName);
- rv = -1;
- }
- }
- if (outFileName) {
- PORT_Free(outFileName);
- }
- if (rv != 0) {
- return 1;
- }
-
- if (outFile == NULL) {
- outFile = stdout;
- }
-
-
- NSS_NoDB_Init(NULL);
-
- if (g)
- rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8),
- &pqgParams, &pqgVerify);
- else
- rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
- /* below here, must go to loser */
-
- if (rv != SECSuccess || pqgParams == NULL || pqgVerify == NULL) {
- SECU_PrintError(progName, "PQG parameter generation failed.\n");
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
-
- rv = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
- if (rv) {
- fprintf(stderr, "%s: failed to output PQG params.\n", progName);
- goto loser;
- }
- rv = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
- if (rv) {
- fprintf(stderr, "%s: failed to output PQG Verify.\n", progName);
- goto loser;
- }
-
- rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
- goto loser;
- }
- if (passed != SECSuccess) {
- fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
-
- PK11_PQG_DestroyParams(pqgParams);
- PK11_PQG_DestroyVerify(pqgVerify);
- return 0;
-
-loser:
- PK11_PQG_DestroyParams(pqgParams);
- PK11_PQG_DestroyVerify(pqgVerify);
- return 1;
-}
diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn
deleted file mode 100644
index 7d623f11bb..0000000000
--- a/security/nss/cmd/makepqg/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = nss
-
-REQUIRES = dbm
-
-# DIRS =
-
-CSRCS = makepqg.c
-
-PROGRAM = makepqg
-
-#USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh
deleted file mode 100644
index 31ac17ea1a..0000000000
--- a/security/nss/cmd/makepqg/testit.ksh
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-COUNTER=75
-while [ $COUNTER -ge "1" ]
-do
- COUNTER=$(eval expr $COUNTER - 1)
- echo $COUNTER
- */makepqg.exe -r -l 640 -g 160 || exit 1
-done
-
diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn
deleted file mode 100644
index 0428314a42..0000000000
--- a/security/nss/cmd/manifest.mn
+++ /dev/null
@@ -1,97 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-DEPTH = ../..
-# MODULE = seccmd
-
-REQUIRES = nss nspr libdbm
-
-DIRS = lib \
- $(ZLIB_SRCDIR) \
- addbuiltin \
- atob \
- bltest \
- btoa \
- certcgi \
- certutil \
- checkcert \
- crlutil \
- crmftest \
- dbtest \
- derdump \
- digest \
- fipstest \
- makepqg \
- ocspclnt \
- oidcalc \
- p7content \
- p7env \
- p7sign \
- p7verify \
- pk12util \
- pp \
- rsaperf \
- sdrtest \
- selfserv \
- signtool \
- signver \
- shlibsign \
- smimetools \
- SSLsample \
- ssltap \
- strsclnt \
- symkeyutil \
- tstclnt \
- vfychain \
- vfyserv \
- modutil \
- $(NULL)
-
-TEMPORARILY_DONT_BUILD = \
- $(NULL)
-
-# rsaperf \
-#
-# needs to look at what needs to happen to make jar build in
-# the binary release environment.
-#
-# perror requires lib/strerror.c which requires the client code installed
-# to build (requires allxpstr.h)
-#
-DONT_BULD = jar \
- perror \
-$(NULL)
diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile
deleted file mode 100644
index 8bdb8658d6..0000000000
--- a/security/nss/cmd/modutil/Makefile
+++ /dev/null
@@ -1,84 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-#
-# Cancel the built-in implicit yacc and lex rules.
-#
-
-%.c: %.y
-%.c: %.l
diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README
deleted file mode 100644
index 12d192c9ff..0000000000
--- a/security/nss/cmd/modutil/README
+++ /dev/null
@@ -1,7 +0,0 @@
- CRYPTOGRAPHIC MODULE UTILITY (modutil)
- VERSION 1.0
- ===============================================
-
-The file specification.html documentats the software.
-
-The file pk11jar.html documents the PKCS #11 JAR format.
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
deleted file mode 100644
index 7b478223a4..0000000000
--- a/security/nss/cmd/modutil/error.h
+++ /dev/null
@@ -1,185 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef MODUTIL_ERROR_H
-#define MODUTIL_ERROR_H
-
-typedef enum {
- NO_ERR=0,
- INVALID_USAGE_ERR,
- UNEXPECTED_ARG_ERR,
- UNKNOWN_OPTION_ERR,
- MULTIPLE_COMMAND_ERR,
- OPTION_NEEDS_ARG_ERR,
- DUPLICATE_OPTION_ERR,
- MISSING_PARAM_ERR,
- INVALID_FIPS_ARG,
- NO_COMMAND_ERR,
- NO_DBDIR_ERR,
- FIPS_SWITCH_FAILED_ERR,
- FIPS_ALREADY_ON_ERR,
- FIPS_ALREADY_OFF_ERR,
- FILE_ALREADY_EXISTS_ERR,
- FILE_DOESNT_EXIST_ERR,
- FILE_NOT_READABLE_ERR,
- FILE_NOT_WRITEABLE_ERR,
- DIR_DOESNT_EXIST_ERR,
- DIR_NOT_READABLE_ERR,
- DIR_NOT_WRITEABLE_ERR,
- INVALID_CONSTANT_ERR,
- ADD_MODULE_FAILED_ERR,
- ADD_MODULE_FAILED_STATUS_ERR,
- OUT_OF_MEM_ERR,
- DELETE_INTERNAL_ERR,
- DELETE_FAILED_ERR,
- NO_LIST_LOCK_ERR,
- NO_MODULE_LIST_ERR,
- NO_SUCH_MODULE_ERR,
- MOD_INFO_ERR,
- SLOT_INFO_ERR,
- TOKEN_INFO_ERR,
- NO_SUCH_TOKEN_ERR,
- CHANGEPW_FAILED_ERR,
- BAD_PW_ERR,
- DB_ACCESS_ERR,
- AUTHENTICATION_FAILED_ERR,
- NO_SUCH_SLOT_ERR,
- ENABLE_FAILED_ERR,
- UPDATE_MOD_FAILED_ERR,
- DEFAULT_FAILED_ERR,
- UNDEFAULT_FAILED_ERR,
- STDIN_READ_ERR,
- UNSPECIFIED_ERR,
- NOCERTDB_MISUSE_ERR,
- NSS_INITIALIZE_FAILED_ERR,
-
- LAST_ERR /* must be last */
-} Error;
-#define SUCCESS NO_ERR
-
-/* !!! Should move this into its own .c and un-static it. */
-static char *errStrings[] = {
- "Operation completed successfully.\n",
- "ERROR: Invalid command line.\n",
- "ERROR: Not expecting argument \"%s\".\n",
- "ERROR: Unknown option: %s.\n",
- "ERROR: %s: multiple commands are not allowed on the command line.\n",
- "ERROR: %s: option needs an argument.\n",
- "ERROR: %s: option cannot be given more than once.\n",
- "ERROR: Command \"%s\" requires parameter \"%s\".\n",
- "ERROR: Argument to -fips must be \"true\" or \"false\".\n",
- "ERROR: No command was specified.\n",
- "ERROR: Cannot determine database directory: use the -dbdir option.\n",
- "ERROR: Unable to switch FIPS modes.\n",
- "FIPS mode already enabled.\n",
- "FIPS mode already disabled.\n",
- "ERROR: File \"%s\" already exists.\n",
- "ERROR: File \"%s\" does not exist.\n",
- "ERROR: File \"%s\" is not readable.\n",
- "ERROR: File \"%s\" is not writeable.\n",
- "ERROR: Directory \"%s\" does not exist.\n",
- "ERROR: Directory \"%s\" is not readable.\n",
- "ERROR: Directory \"%s\" is not writeable.\n",
- "\"%s\" is not a recognized value.\n",
- "ERROR: Failed to add module \"%s\".\n",
- "ERROR: Failed to add module \"%s\". Probable cause : \"%s\".\n",
- "ERROR: Out of memory.\n",
- "ERROR: Cannot delete internal module.\n",
- "ERROR: Failed to delete module \"%s\".\n",
- "ERROR: Unable to obtain lock on module list.\n",
- "ERROR: Unable to obtain module list.\n",
- "ERROR: Module \"%s\" not found in database.\n",
- "ERROR: Unable to get information about module \"%s\".\n",
- "ERROR: Unable to get information about slot \"%s\".\n",
- "ERROR: Unable to get information about token \"%s\".\n",
- "ERROR: Token \"%s\" not found.\n",
- "ERROR: Unable to change password on token \"%s\".\n",
- "ERROR: Incorrect password.\n",
- "ERROR: Unable to access database \"%s\".\n",
- "ERROR: Unable to authenticate to token \"%s\".\n",
- "ERROR: Slot \"%s\" not found.\n",
- "ERROR: Failed to %s slot \"%s\".\n",
- "ERROR: Failed to update module \"%s\".\n",
- "ERROR: Failed to change defaults.\n",
- "ERROR: Failed to change default.\n",
- "ERROR: Unable to read from standard input.\n",
- "ERROR: Unknown error occurred.\n",
- "ERROR: -nocertdb option can only be used with the -jar command.\n"
- "ERROR: NSS_Initialize() failed.\n"
-};
-
-typedef enum {
- FIPS_ENABLED_MSG=0,
- FIPS_DISABLED_MSG,
- USING_DBDIR_MSG,
- CREATING_DB_MSG,
- ADD_MODULE_SUCCESS_MSG,
- DELETE_SUCCESS_MSG,
- CHANGEPW_SUCCESS_MSG,
- BAD_PW_MSG,
- PW_MATCH_MSG,
- DONE_MSG,
- ENABLE_SUCCESS_MSG,
- DEFAULT_SUCCESS_MSG,
- UNDEFAULT_SUCCESS_MSG,
- BROWSER_RUNNING_MSG,
- ABORTING_MSG,
-
- LAST_MSG /* must be last */
-} Message;
-
-static char *msgStrings[] = {
- "FIPS mode enabled.\n",
- "FIPS mode disabled.\n",
- "Using database directory %s...\n",
- "Creating \"%s\"...",
- "Module \"%s\" added to database.\n",
- "Module \"%s\" deleted from database.\n",
- "Token \"%s\" password changed successfully.\n",
- "Incorrect password, try again...\n",
- "Passwords do not match, try again...\n",
- "done.\n",
- "Slot \"%s\" %s.\n",
- "Successfully changed defaults.\n",
- "Successfully changed defaults.\n",
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit browser before continuing this operation. Type "
-"\n'q ' to abort, or to continue: ",
- "\nAborting...\n"
-};
-
-#endif /* MODUTIL_ERROR_H */
diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c
deleted file mode 100644
index 2961dc3022..0000000000
--- a/security/nss/cmd/modutil/install-ds.c
+++ /dev/null
@@ -1,1544 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "install-ds.h"
-#include
-#include
-#include
-#include
-
-#define PORT_Strcasecmp PL_strcasecmp
-
-#define MODULE_FILE_STRING "ModuleFile"
-#define MODULE_NAME_STRING "ModuleName"
-#define MECH_FLAGS_STRING "DefaultMechanismFlags"
-#define CIPHER_FLAGS_STRING "DefaultCipherFlags"
-#define FILES_STRING "Files"
-#define FORWARD_COMPATIBLE_STRING "ForwardCompatible"
-#define PLATFORMS_STRING "Platforms"
-#define RELATIVE_DIR_STRING "RelativePath"
-#define ABSOLUTE_DIR_STRING "AbsolutePath"
-#define FILE_PERMISSIONS_STRING "FilePermissions"
-#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform"
-#define EXECUTABLE_STRING "Executable"
-
-#define DEFAULT_PERMISSIONS 0777
-
-#define PLATFORM_SEPARATOR_CHAR ':'
-
-/* Error codes */
-enum {
- BOGUS_RELATIVE_DIR=0,
- BOGUS_ABSOLUTE_DIR,
- BOGUS_FILE_PERMISSIONS,
- NO_RELATIVE_DIR,
- NO_ABSOLUTE_DIR,
- EMPTY_PLATFORM_STRING,
- BOGUS_PLATFORM_STRING,
- REPEAT_MODULE_FILE,
- REPEAT_MODULE_NAME,
- BOGUS_MODULE_FILE,
- BOGUS_MODULE_NAME,
- REPEAT_MECH,
- BOGUS_MECH_FLAGS,
- REPEAT_CIPHER,
- BOGUS_CIPHER_FLAGS,
- REPEAT_FILES,
- REPEAT_EQUIV,
- BOGUS_EQUIV,
- EQUIV_TOO_MUCH_INFO,
- NO_FILES,
- NO_MODULE_FILE,
- NO_MODULE_NAME,
- NO_PLATFORMS,
- EQUIV_LOOP,
- UNKNOWN_MODULE_FILE
-};
-
-/* Indexed by the above error codes */
-static const char *errString[] = {
- "%s: Invalid relative directory",
- "%s: Invalid absolute directory",
- "%s: Invalid file permissions",
- "%s: No relative directory specified",
- "%s: No absolute directory specified",
- "Empty string given for platform name",
- "%s: invalid platform string",
- "More than one ModuleFile entry given for platform %s",
- "More than one ModuleName entry given for platform %s",
- "Invalid ModuleFile specification for platform %s",
- "Invalid ModuleName specification for platform %s",
- "More than one DefaultMechanismFlags entry given for platform %s",
- "Invalid DefaultMechanismFlags specification for platform %s",
- "More than one DefaultCipherFlags entry given for platform %s",
- "Invalid DefaultCipherFlags entry given for platform %s",
- "More than one Files entry given for platform %s",
- "More than one EquivalentPlatform entry given for platform %s",
- "Invalid EquivalentPlatform specification for platform %s",
- "Module %s uses an EquivalentPlatform but also specifies its own"
- " information",
- "No Files specification in module %s",
- "No ModuleFile specification in module %s",
- "No ModuleName specification in module %s",
- "No Platforms specification in installer script",
- "Platform %s has an equivalency loop",
- "Module file \"%s\" in platform \"%s\" does not exist"
-};
-
-static char* PR_Strdup(const char* str);
-
-#define PAD(x) {int i; for(i=0;ijarPath=NULL;
- _this->relativePath=NULL;
- _this->absolutePath=NULL;
- _this->executable=PR_FALSE;
- _this->permissions=0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_File
-// Class: Pk11Install_File
-// Notes: Destructor.
-*/
-void
-Pk11Install_File_delete(Pk11Install_File* _this)
-{
- Pk11Install_File_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this)
-{
- if(_this->jarPath) {
- PR_Free(_this->jarPath);
- _this->jarPath = NULL;
- }
- if(_this->relativePath) {
- PR_Free(_this->relativePath);
- _this->relativePath = NULL;
- }
- if(_this->absolutePath) {
- PR_Free(_this->absolutePath);
- _this->absolutePath = NULL;
- }
-
- _this->permissions = 0;
- _this->executable = PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_File
-// Notes: Creates a file data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair *pair)
-{
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- char* errStr;
- char *endp;
- PRBool gotPerms;
-
- iter=NULL;
- subiter=NULL;
- errStr=NULL;
- gotPerms=PR_FALSE;
-
- /* Clear out old values */
- Pk11Install_File_Cleanup(_this);
-
- _this->jarPath = PR_Strdup(pair->key);
-
- /* Go through all the pairs under this file heading */
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- subpair = val->pair;
-
- /* Relative directory */
- if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->relativePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* Absolute directory */
- } else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->absolutePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* file permissions */
- } else if( !PORT_Strcasecmp(subpair->key,
- FILE_PERMISSIONS_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- _this->permissions = (int) strtol(subval->string, &endp, 8);
- if(*endp != '\0' || subval->string == "\0") {
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- gotPerms = PR_TRUE;
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
- }
- } else {
- if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) {
- _this->executable = PR_TRUE;
- }
- }
- }
-
- /* Default permission value */
- if(!gotPerms) {
- _this->permissions = DEFAULT_PERMISSIONS;
- }
-
- /* Make sure we got all the information */
- if(!_this->relativePath && !_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#if 0
- if(!_this->relativePath ) {
- errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath);
- goto loser;
- }
- if(!_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#endif
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad)
-{
- PAD(pad); printf("jarPath: %s\n",
- _this->jarPath ? _this->jarPath : "");
- PAD(pad); printf("relativePath: %s\n",
- _this->relativePath ? _this->relativePath: "");
- PAD(pad); printf("absolutePath: %s\n",
- _this->absolutePath ? _this->absolutePath: "");
- PAD(pad); printf("permissions: %o\n", _this->permissions);
-}
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new()
-{
- Pk11Install_PlatformName* new_this;
- new_this = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName));
- Pk11Install_PlatformName_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this)
-{
- _this->OS = NULL;
- _this->verString = NULL;
- _this->numDigits = 0;
- _this->arch = NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_PlatformName
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this)
-{
- Pk11Install_PlatformName_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this)
-{
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- int i;
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
- _this->numDigits = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_PlatformName
-// Notes: Extracts the information from a platform string.
-*/
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char *str)
-{
- char *errStr;
- char *copy;
- char *end, *start; /* start and end of a section (OS, version, arch)*/
- char *pend, *pstart; /* start and end of one portion of version*/
- char *endp; /* used by strtol*/
- int periods, i;
-
- errStr=NULL;
- copy=NULL;
-
- if(!str) {
- errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]);
- goto loser;
- }
- copy = PR_Strdup(str);
-
- /*
- // Get the OS
- */
- end = strchr(copy, PLATFORM_SEPARATOR_CHAR);
- if(!end || end==copy) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- _this->OS = PR_Strdup(copy);
-
- /*
- // Get the digits of the version of form: x.x.x (arbitrary number of digits)
- */
-
- start = end+1;
- end = strchr(start, PLATFORM_SEPARATOR_CHAR);
- if(!end) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- if(end!=start) {
- /* Find out how many periods*/
- periods = 0;
- pstart = start;
- while( (pend=strchr(pstart, '.')) ) {
- periods++;
- pstart = pend+1;
- }
- _this->numDigits= 1+ periods;
- _this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits);
-
- pstart = start;
- i = 0;
- /* Get the digits before each period*/
- while( (pend=strchr(pstart, '.')) ) {
- if(pend == pstart) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *pend = '\0';
- _this->verString[i] = PR_Strdup(pstart);
- endp = pend;
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- pstart = pend+1;
- i++;
- }
- /* Last digit comes after the last period*/
- if(*pstart == '\0') {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->verString[i] = PR_Strdup(pstart);
- /*
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- */
- } else {
- _this->verString = NULL;
- _this->numDigits = 0;
- }
-
- /*
- // Get the architecture
- */
- start = end+1;
- if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->arch = PR_Strdup(start);
-
- if(copy) {
- PR_Free(copy);
- }
- return NULL;
-loser:
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- _this->numDigits = 0;
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
-
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator ==
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS, arch, and version
-*/
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ||
- PORT_Strcasecmp(_this->arch, cmp->arch) ||
- _this->numDigits != cmp->numDigits ) {
- return PR_FALSE;
- }
-
- for(i=0; i < _this->numDigits; i++) {
- if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <=
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a lower
-// or equal release.
-*/
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- return (Pk11Install_PlatformName_equal(_this,cmp) ||
- Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a greater
-// release.
-*/
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i, scmp;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ) {
- return PR_FALSE;
- }
- if( PORT_Strcasecmp(_this->arch, cmp->arch) ) {
- return PR_FALSE;
- }
-
- for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) {
- scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]);
- if (scmp > 0) {
- return PR_FALSE;
- } else if (scmp < 0) {
- return PR_TRUE;
- }
- }
- /* All the digits they have in common are the same. */
- if(_this->numDigits < cmp->numDigits) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetString
-// Class: Pk11Install_PlatformName
-// Returns: String composed of OS, release, and architecture separated
-// by the separator char. Memory is allocated by this function
-// but is the responsibility of the caller to de-allocate.
-*/
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this)
-{
- char *ret;
- char *ver;
- char *OS_;
- char *arch_;
-
- OS_=NULL;
- arch_=NULL;
-
- OS_ = _this->OS ? _this->OS : "";
- arch_ = _this->arch ? _this->arch : "";
-
- ver = Pk11Install_PlatformName_GetVerString(_this);
- ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver,
- PLATFORM_SEPARATOR_CHAR, arch_);
-
- PR_Free(ver);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetVerString
-// Class: Pk11Install_PlatformName
-// Returns: The version string for this platform, in the form x.x.x with an
-// arbitrary number of digits. Memory allocated by function,
-// must be de-allocated by caller.
-*/
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this)
-{
- char *tmp;
- char *ret;
- int i;
- char buf[80];
-
- tmp = (char*)PR_Malloc(80*_this->numDigits+1);
- tmp[0] = '\0';
-
- for(i=0; i < _this->numDigits-1; i++) {
- sprintf(buf, "%s.", _this->verString[i]);
- strcat(tmp, buf);
- }
- if(i < _this->numDigits) {
- sprintf(buf, "%s", _this->verString[i]);
- strcat(tmp, buf);
- }
-
- ret = PR_Strdup(tmp);
- free(tmp);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad)
-{
- PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : "");
- PAD(pad); printf("Digits: ");
- if(_this->numDigits == 0) {
- printf("None\n");
- } else {
- printf("%s\n", Pk11Install_PlatformName_GetVerString(_this));
- }
- PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : "");
-}
-
-Pk11Install_Platform*
-Pk11Install_Platform_new()
-{
- Pk11Install_Platform* new_this;
- new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform));
- Pk11Install_Platform_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this)
-{
- Pk11Install_PlatformName_init(&_this->name);
- Pk11Install_PlatformName_init(&_this->equivName);
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->moduleFile = NULL;
- _this->moduleName = NULL;
- _this->modFile = -1;
- _this->mechFlags = 0;
- _this->cipherFlags = 0;
- _this->files = NULL;
- _this->numFiles = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Platform
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this)
-{
- Pk11Install_Platform_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this)
-{
- int i;
- if(_this->moduleFile) {
- PR_Free(_this->moduleFile);
- _this->moduleFile = NULL;
- }
- if(_this->moduleName) {
- PR_Free(_this->moduleName);
- _this->moduleName = NULL;
- }
- if(_this->files) {
- for (i=0;i<_this->numFiles;i++) {
- Pk11Install_File_delete(&_this->files[i]);
- }
- PR_Free(_this->files);
- _this->files = NULL;
- }
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->modFile = -1;
- _this->numFiles = 0;
- _this->mechFlags = _this->cipherFlags = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Platform
-// Notes: Creates a platform data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair)
-{
- char* errStr;
- char* endptr;
- char* tmp;
- int i;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Value *subval;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- PRBool gotModuleFile, gotModuleName, gotMech,
- gotCipher, gotFiles, gotEquiv;
-
- errStr=NULL;
- iter=subiter=NULL;
- val=subval=NULL;
- subpair=NULL;
- gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE;
- Pk11Install_Platform_Cleanup(_this);
-
- errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key);
- if(errStr) {
- tmp = PR_smprintf("%s: %s", pair->key, errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
-
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type==PAIR_VALUE) {
- subpair = val->pair;
-
- if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) {
- if(gotModuleFile) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleFile = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleFile = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){
- if(gotModuleName) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleName = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleName = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotMech) {
- errStr = PR_smprintf(errString[REPEAT_MECH],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->mechFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotMech = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotCipher) {
- errStr = PR_smprintf(errString[REPEAT_CIPHER],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->cipherFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotCipher = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) {
- if(gotFiles) {
- errStr = PR_smprintf(errString[REPEAT_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- _this->numFiles = subpair->list->numPairs;
- _this->files = (Pk11Install_File*)
- PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles);
- for(i=0; i < _this->numFiles; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_File_init(&_this->files[i]);
- val = subiter->current;
- if(val && (val->type==PAIR_VALUE)) {
- errStr = Pk11Install_File_Generate(&_this->files[i],val->pair);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name),errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- }
- }
- gotFiles = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,
- EQUIVALENT_PLATFORM_STRING)) {
- if(gotEquiv) {
- errStr = PR_smprintf(errString[REPEAT_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE) ) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- errStr = Pk11Install_PlatformName_Generate(&_this->equivName,
- subval->string);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- _this->usesEquiv = PR_TRUE;
- }
- }
- }
-
- /* Make sure we either have an EquivalentPlatform or all the other info */
- if(_this->usesEquiv &&
- (gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) {
- errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotFiles && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleFile && !_this->usesEquiv) {
- errStr= PR_smprintf(errString[NO_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleName && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
-
- /* Point the modFile pointer to the correct file */
- if(gotModuleFile) {
- for(i=0; i < _this->numFiles; i++) {
- if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) {
- _this->modFile = i;
- break;
- }
- }
- if(_this->modFile==-1) {
- errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE],
- _this->moduleFile,
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- }
-
-loser:
- if(iter) {
- PR_Free(iter);
- }
- if(subiter) {
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Name:\n");
- Pk11Install_PlatformName_Print(&_this->name,pad+PADINC);
- PAD(pad); printf("equivName:\n");
- Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC);
- PAD(pad);
- if(_this->usesEquiv) {
- printf("Uses equiv, which points to:\n");
- Pk11Install_Platform_Print(_this->equiv,pad+PADINC);
- } else {
- printf("Doesn't use equiv\n");
- }
- PAD(pad);
- printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile
- : "");
- PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags);
- PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags);
- PAD(pad); printf("Files:\n");
- for(i=0; i < _this->numFiles; i++) {
- Pk11Install_File_Print(&_this->files[i],pad+PADINC);
- PAD(pad); printf("--------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-Pk11Install_Info*
-Pk11Install_Info_new()
-{
- Pk11Install_Info* new_this;
- new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info));
- Pk11Install_Info_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Info_init(Pk11Install_Info* _this)
-{
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- _this->forwardCompatible = NULL;
- _this->numForwardCompatible = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this)
-{
- Pk11Install_Info_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this)
-{
- int i;
- if(_this->platforms) {
- for (i=0;i<_this->numPlatforms;i++) {
- Pk11Install_Platform_delete(&_this->platforms[i]);
- }
- PR_Free(&_this->platforms);
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- }
-
- if(_this->forwardCompatible) {
- for (i=0;i<_this->numForwardCompatible;i++) {
- Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]);
- }
- PR_Free(&_this->forwardCompatible);
- _this->numForwardCompatible = 0;
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Info
-// Takes: Pk11Install_ValueList *list, the top-level list
-// resulting from parsing an installer file.
-// Returns: char*, NULL if successful, otherwise an error string.
-// Caller is responsible for freeing memory.
-*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list)
-{
- char *errStr;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *pair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- Pk11Install_Platform *first, *second;
- int i, j;
-
- errStr=NULL;
- iter=subiter=NULL;
- Pk11Install_Info_Cleanup(_this);
-
- iter = Pk11Install_ListIter_new(list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- pair = val->pair;
-
- if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numForwardCompatible = pair->list->numStrings;
- _this->forwardCompatible = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName)*
- _this->numForwardCompatible);
- for(i=0; i < _this->numForwardCompatible; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- subval = subiter->current;
- if(subval->type == STRING_VALUE) {
- errStr = Pk11Install_PlatformName_Generate(
- &_this->forwardCompatible[i], subval->string);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- } else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numPlatforms = pair->list->numPairs;
- _this->platforms = (Pk11Install_Platform*)
- PR_Malloc(sizeof(Pk11Install_Platform)*
- _this->numPlatforms);
- for(i=0; i < _this->numPlatforms; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_Platform_init(&_this->platforms[i]);
- subval = subiter->current;
- if(subval->type == PAIR_VALUE) {
- errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- }
- }
-
- if(_this->numPlatforms == 0) {
- errStr = PR_smprintf(errString[NO_PLATFORMS]);
- goto loser;
- }
-
-/*
- //
- // Now process equivalent platforms
- //
-
- // First the naive pass
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- _this->platforms[i].equiv = NULL;
- for(j=0; j < _this->numPlatforms; j++) {
- if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName,
- &_this->platforms[j].name)) {
- if(i==j) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- _this->platforms[i].equiv = &_this->platforms[j];
- break;
- }
- }
- if(_this->platforms[i].equiv == NULL) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- }
- }
-
-/*
- // Now the intelligent pass, which will also detect loops.
- // We will send two pointers through the linked list of equivalent
- // platforms. Both start with the current node. "first" traverses
- // two nodes for each iteration. "second" lags behind, only traversing
- // one node per iteration. Eventually one of two things will happen:
- // first will hit the end of the list (a platform that doesn't use
- // an equivalency), or first will equal second if there is a loop.
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- second = _this->platforms[i].equiv;
- if(!second->usesEquiv) {
- /* The first link is the terminal node */
- continue;
- }
- first = second->equiv;
- while(first->usesEquiv) {
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- first = first->equiv;
- if(!first->usesEquiv) {
- break;
- }
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- second = second->equiv;
- first = first->equiv;
- }
- _this->platforms[i].equiv = first;
- }
- }
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- iter = NULL;
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetBestPlatform
-// Class: Pk11Install_Info
-// Takes: char *myPlatform, the platform we are currently running
-// on.
-*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform)
-{
- Pk11Install_PlatformName plat;
- char *errStr;
- int i, j;
-
- errStr=NULL;
-
- Pk11Install_PlatformName_init(&plat);
- if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) {
- PR_smprintf_free(errStr);
- return NULL;
- }
-
- /* First try real platforms */
- for(i=0; i < _this->numPlatforms; i++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) {
- if(_this->platforms[i].equiv) {
- return _this->platforms[i].equiv;
- }
- else {
- return &_this->platforms[i];
- }
- }
- }
-
- /* Now try forward compatible platforms */
- for(i=0; i < _this->numForwardCompatible; i++) {
- if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) {
- break;
- }
- }
- if(i == _this->numForwardCompatible) {
- return NULL;
- }
-
- /* Got a forward compatible name, find the actual platform. */
- for(j=0; j < _this->numPlatforms; j++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[j].name,
- &_this->forwardCompatible[i])) {
- if(_this->platforms[j].equiv) {
- return _this->platforms[j].equiv;
- } else {
- return &_this->platforms[j];
- }
- }
- }
-
- return NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Forward Compatible:\n");
- for(i = 0; i < _this->numForwardCompatible; i++) {
- Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
- PAD(pad); printf("Platforms:\n");
- for( i = 0; i < _this->numPlatforms; i++) {
- Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp;
- tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1));
- strcpy(tmp, str);
- return tmp;
-}
-
-/* The global value list, the top of the tree */
-Pk11Install_ValueList* Pk11Install_valueList=NULL;
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value *item)
-{
- _this->numItems++;
- if (item->type == STRING_VALUE) {
- _this->numStrings++;
- } else {
- _this->numPairs++;
- }
- item->next = _this->head;
- _this->head = item;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default()
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- Pk11Install_ListIter_init(new_this);
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this)
-{
- _this->list = NULL;
- _this->current = NULL;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList *_list)
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- new_this->list = _list;
- new_this->current = _list->head;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this)
-{
- _this->list=NULL;
- _this->current=NULL;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this)
-{
- if(_this->list) {
- _this->current = _this->list->head;
- }
-}
-
-/*************************************************************************/
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this)
-{
- if(_this->current) {
- _this->current = _this->current->next;
- }
-
- return _this->current;
-}
-
-/****************************************************************************/
-Pk11Install_ValueList*
-Pk11Install_ValueList_new()
-{
- Pk11Install_ValueList* new_this;
- new_this = (Pk11Install_ValueList*)
- PR_Malloc(sizeof(Pk11Install_ValueList));
- new_this->numItems = 0;
- new_this->numPairs = 0;
- new_this->numStrings = 0;
- new_this->head = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this)
-{
-
- Pk11Install_Value *tmp;
- Pk11Install_Value *list;
- list = _this->head;
-
- while(list != NULL) {
- tmp = list;
- list = list->next;
- PR_Free(tmp);
- }
- PR_Free(_this);
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new_default()
-{
- Pk11Install_Value* new_this;
- new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value));
- new_this->type = STRING_VALUE;
- new_this->string = NULL;
- new_this->pair = NULL;
- new_this->next = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr)
-{
- Pk11Install_Value* new_this;
- new_this = Pk11Install_Value_new_default();
- new_this->type = _type;
- if(_type == STRING_VALUE) {
- new_this->pair = NULL;
- new_this->string = ptr.string;
- } else {
- new_this->string = NULL;
- new_this->pair = ptr.pair;
- }
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this)
-{
- if(_this->type == STRING_VALUE) {
- PR_Free(_this->string);
- } else {
- PR_Free(_this->pair);
- }
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new_default()
-{
- return Pk11Install_Pair_new(NULL,NULL);
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list)
-{
- Pk11Install_Pair* new_this;
- new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair));
- new_this->key = _key;
- new_this->list = _list;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this)
-{
- PR_Free(_this->key);
- Pk11Install_ValueList_delete(_this->list);
- PR_Free(_this->list);
-}
-
-/*************************************************************************/
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad)
-{
- while (_this) {
- /*PAD(pad); printf("**Pair\n");
- PAD(pad); printf("***Key====\n");*/
- PAD(pad); printf("%s {\n", _this->key);
- /*PAD(pad); printf("====\n");*/
- /*PAD(pad); printf("***ValueList\n");*/
- Pk11Install_ValueList_Print(_this->list,pad+PADINC);
- PAD(pad); printf("}\n");
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad)
-{
- Pk11Install_Value *v;
-
- /*PAD(pad);printf("**Value List**\n");*/
- for(v = _this->head; v != NULL; v=v->next) {
- Pk11Install_Value_Print(v,pad);
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad)
-{
- /*PAD(pad); printf("**Value, type=%s\n",
- type==STRING_VALUE ? "string" : "pair");*/
- if(_this->type==STRING_VALUE) {
- /*PAD(pad+PADINC); printf("====\n");*/
- PAD(pad); printf("%s\n", _this->string);
- /*PAD(pad+PADINC); printf("====\n");*/
- } else {
- Pk11Install_Pair_Print(_this->pair,pad+PADINC);
- }
-}
diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h
deleted file mode 100644
index 9af6144377..0000000000
--- a/security/nss/cmd/modutil/install-ds.h
+++ /dev/null
@@ -1,293 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef INSTALL_DS_H
-#define INSTALL_DS_H
-
-#include
-#include
-#include
-
-extern PRFileDesc *Pk11Install_FD;
-extern int Pk11Install_yylex();
-extern int Pk11Install_yylinenum;
-extern char *Pk11Install_yyerrstr;
-
-typedef enum { STRING_VALUE, PAIR_VALUE } ValueType;
-
-typedef struct Pk11Install_Pair_str Pk11Install_Pair;
-typedef union Pk11Install_Pointer_str Pk11Install_Pointer;
-typedef struct Pk11Install_Value_str Pk11Install_Value;
-typedef struct Pk11Install_ValueList_str Pk11Install_ValueList;
-typedef struct Pk11Install_ListIter_str Pk11Install_ListIter;
-typedef struct Pk11Install_File_str Pk11Install_File;
-typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName;
-typedef struct Pk11Install_Platform_str Pk11Install_Platform;
-typedef struct Pk11Install_Info_str Pk11Install_Info;
-
-extern Pk11Install_Pointer Pk11Install_yylval;
-extern Pk11Install_ValueList* Pk11Install_valueList;
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pair
-//////////////////////////////////////////////////////////////////////////
-*/
-
-struct Pk11Install_Pair_str {
- char * key;
- Pk11Install_ValueList *list;
-
-};
-
-Pk11Install_Pair*
-Pk11Install_Pair_new_default();
-Pk11Install_Pair*
-Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list);
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this);
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pointer
-//////////////////////////////////////////////////////////////////////////
-*/
-union Pk11Install_Pointer_str {
- Pk11Install_ValueList *list;
- Pk11Install_Value *value;
- Pk11Install_Pair *pair;
- char *string;
-};
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Value
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_Value_str {
-
- ValueType type;
- char *string;
- Pk11Install_Pair *pair;
- struct Pk11Install_Value_str *next;
-};
-
-Pk11Install_Value*
-Pk11Install_Value_new_default();
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr);
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this);
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ValueList
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ValueList_str {
- int numItems;
- int numPairs;
- int numStrings;
- Pk11Install_Value *head;
-};
-
-Pk11Install_ValueList*
-Pk11Install_ValueList_new();
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this);
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value* item);
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad);
-
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ListIter
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ListIter_str {
- const Pk11Install_ValueList *list;
- Pk11Install_Value *current;
-};
-
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default();
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this);
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList* _list);
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this);
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this);
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this);
-
-/************************************************************************
- *
- * Pk11Install_File
- */
-struct Pk11Install_File_str {
- char *jarPath;
- char *relativePath;
- char *absolutePath;
- PRBool executable;
- int permissions;
-};
-
-Pk11Install_File*
-Pk11Install_File_new();
-void
-Pk11Install_File_init(Pk11Install_File* _this);
-void
-Pk11Install_file_delete(Pk11Install_File* _this);
-/*// Parses a syntax tree to obtain all attributes.
-// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair* pair);
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad);
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this);
-
-/************************************************************************
- *
- * Pk11Install_PlatformName
- */
-struct Pk11Install_PlatformName_str {
- char *OS;
- char **verString;
- int numDigits;
- char *arch;
-};
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new();
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char* str);
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad);
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this);
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-
-/************************************************************************
- *
- * Pk11Install_Platform
- */
-struct Pk11Install_Platform_str {
- Pk11Install_PlatformName name;
- Pk11Install_PlatformName equivName;
- struct Pk11Install_Platform_str *equiv;
- PRBool usesEquiv;
- char *moduleFile;
- char *moduleName;
- int modFile;
- unsigned long mechFlags;
- unsigned long cipherFlags;
- Pk11Install_File *files;
- int numFiles;
-};
-
-Pk11Install_Platform*
-Pk11Install_Platform_new();
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this);
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair);
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad);
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this);
-
-/************************************************************************
- *
- * Pk11Install_Info
- */
-struct Pk11Install_Info_str {
- Pk11Install_Platform *platforms;
- int numPlatforms;
- Pk11Install_PlatformName *forwardCompatible;
- int numForwardCompatible;
-};
-
-Pk11Install_Info*
-Pk11Install_Info_new();
-void
-Pk11Install_Info_init();
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list);
- /*// Returns NULL if there is no matching platform*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform);
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad);
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this);
-
-#endif /* INSTALL_DS_H */
diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c
deleted file mode 100644
index 10819190c4..0000000000
--- a/security/nss/cmd/modutil/install.c
+++ /dev/null
@@ -1,988 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "install.h"
-#include "install-ds.h"
-#include
-#include
-#include
-#include
-#include
-#include
-
-#ifdef XP_UNIX
-/* for chmod */
-#include
-#include
-#endif
-
-/*extern "C" {*/
-#include
-/*}*/
-
-extern /*"C"*/
-int Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags);
-extern /*"C"*/
-short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out,
- PRBool query);
-extern /*"C"*/
-const char* mySECU_ErrorString(int16);
-extern
-int Pk11Install_yyparse();
-
-#define INSTALL_METAINFO_TAG "Pkcs11_install_script"
-#define SCRIPT_TEMP_FILE "pkcs11inst.tmp"
-#define ROOT_MARKER "%root%"
-#define TEMP_MARKER "%temp%"
-#define PRINTF_ROOT_MARKER "%%root%%"
-#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir"
-#define JAR_BASE_END (JAR_BASE+100)
-
-static PRLock* errorHandlerLock=NULL;
-static Pk11Install_ErrorHandler errorHandler=NULL;
-static char* PR_Strdup(const char* str);
-static int rm_dash_r (char *path);
-static int make_dirs(char *path, int file_perms);
-static int dir_perms(int perms);
-
-static Pk11Install_Error DoInstall(JAR *jar, const char *installDir,
- const char* tempDir, Pk11Install_Platform *platform,
- PRFileDesc *feedback, PRBool noverify);
-
-static char *errorString[]= {
- "Operation was successful", /* PK11_INSTALL_NO_ERROR */
- "Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */
- "File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */
- "File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */
- "%s", /* PK11_INSTALL_ERROR_STRING */
- "Error in JAR file %s: %s", /* PK11_INSTALL_JAR_ERROR */
- "No Pkcs11_install_script specified in JAR metainfo file",
- /* PK11_INSTALL_NO_INSTALLER_SCRIPT */
- "Could not delete temporary file \"%s\"",
- /*PK11_INSTALL_DELETE_TEMP_FILE */
- "Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/
- "%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */
- "Error in script: %s",
- "Unable to obtain system platform information",
- "Installer script has no information about the current platform (%s)",
- "Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER,
- "Module File \"%s\" not found",
- "Error occurred installing module \"%s\" into database",
- "Error extracting \"%s\" from JAR file: %s",
- "Directory \"%s\" is not writeable",
- "Could not create directory \"%s\"",
- "Could not remove directory \"%s\"",
- "Unable to execute \"%s\"",
- "Unable to wait for process \"%s\"",
- "\"%s\" returned error code %d",
- "User aborted operation",
- "Unspecified error"
-};
-
-enum {
- INSTALLED_FILE_MSG=0,
- INSTALLED_MODULE_MSG,
- INSTALLER_SCRIPT_NAME,
- MY_PLATFORM_IS,
- USING_PLATFORM,
- PARSED_INSTALL_SCRIPT,
- EXEC_FILE_MSG,
- EXEC_SUCCESS,
- INSTALLATION_COMPLETE_MSG,
- USER_ABORT
-};
-
-static char *msgStrings[] = {
- "Installed file %s to %s\n",
- "Installed module \"%s\" into module database\n",
- "Using installer script \"%s\"\n",
- "Current platform is %s\n",
- "Using installation parameters for platform %s\n",
- "Successfully parsed installation script\n",
- "Executing \"%s\"...\n",
- "\"%s\" executed successfully\n",
- "\nInstallation completed successfully\n",
- "\nAborting...\n"
-};
-
-/**************************************************************************
- * S t r i n g N o d e
- */
-typedef struct StringNode_str {
- char *str;
- struct StringNode_str* next;
-} StringNode;
-
-StringNode* StringNode_new()
-{
- StringNode* new_this;
- new_this = (StringNode*)malloc(sizeof(StringNode));
- new_this->str=NULL;
- new_this->next=NULL;
- return new_this;
-}
-
-void StringNode_delete(StringNode* s)
-{
- if(s->str) {
- PR_Free(s->str);
- s->str=NULL;
- }
-}
-
-/*************************************************************************
- * S t r i n g L i s t
- */
-typedef struct StringList_str {
- StringNode* head;
- StringNode* tail;
-} StringList;
-
-void StringList_new(StringList* list)
-{
- list->head=NULL;
- list->tail=NULL;
-}
-
-void StringList_delete(StringList* list)
-{
- StringNode *tmp;
- while(list->head) {
- tmp = list->head;
- list->head = list->head->next;
- StringNode_delete(tmp);
- }
-}
-
-void
-StringList_Append(StringList* list, char* str)
-{
- if(!str) {
- return;
- }
-
- if(!list->tail) {
- /* This is the first element */
- list->head = list->tail = StringNode_new();
- } else {
- list->tail->next = StringNode_new();
- list->tail = list->tail->next;
- }
-
- list->tail->str = PR_Strdup(str);
- list->tail->next = NULL; /* just to be sure */
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler)
-{
- Pk11Install_ErrorHandler old;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- old = errorHandler;
- errorHandler = handler;
-
- PR_Unlock(errorHandlerLock);
-
- return old;
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init()
-{
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release()
-{
- if(errorHandlerLock) {
- PR_Free(errorHandlerLock);
- errorHandlerLock = NULL;
- }
-}
-
-/*************************************************************************
- *
- * e r r o r
- *
- * Takes an error code and its arguments, creates the error string,
- * and sends the string to the handler function if it exists.
- */
-
-#ifdef OSF1
-/* stdarg has already been pulled in from NSPR */
-#undef va_start
-#undef va_end
-#undef va_arg
-#include
-#else
-#include
-#endif
-
-#ifdef OSF1
-static void
-error(long va_alist, ...)
-#else
-static void
-error(Pk11Install_Error errcode, ...)
-#endif
-{
-
- va_list ap;
- char *errstr;
- Pk11Install_ErrorHandler handler;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- handler = errorHandler;
-
- PR_Unlock(errorHandlerLock);
-
- if(handler) {
-#ifdef OSF1
- va_start(ap);
- errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap);
-#else
- va_start(ap, errcode);
- errstr = PR_vsmprintf(errorString[errcode], ap);
-#endif
- handler(errstr);
- PR_smprintf_free(errstr);
- va_end(ap);
- }
-}
-
-/*************************************************************************
- *
- * j a r _ c a l l b a c k
- */
-static int
-jar_callback(int status, JAR *foo, const char *bar, char *pathname,
- char *errortext) {
- char *string;
-
- string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext,
- pathname);
- error(PK11_INSTALL_ERROR_STRING, string);
- PR_smprintf_free(string);
- return 0;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify)
-{
- JAR *jar;
- char *installer;
- unsigned long installer_len;
- int status;
- Pk11Install_Error ret;
- PRBool made_temp_file;
- Pk11Install_Info installInfo;
- Pk11Install_Platform *platform;
- char* errMsg;
- char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH],
- arch[SYS_INFO_BUFFER_LENGTH];
- char *myPlatform;
-
- jar=NULL;
- ret = PK11_INSTALL_UNSPECIFIED;
- made_temp_file=PR_FALSE;
- errMsg=NULL;
- Pk11Install_Info_init(&installInfo);
-
- /*
- printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n",
- jarFile, installDir, tempDir);
- */
-
- /*
- * Check out jarFile and installDir for validity
- */
- if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if(!tempDir) {
- tempDir = ".";
- }
- if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir);
- return PK11_INSTALL_DIR_NOT_WRITEABLE;
- }
- if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) {
- error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile);
- return PK11_INSTALL_FILE_DOESNT_EXIST;
- }
- if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_FILE_NOT_READABLE, jarFile);
- return PK11_INSTALL_FILE_NOT_READABLE;
- }
-
- /*
- * Extract the JAR file
- */
- jar = JAR_new();
- JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback);
-
- if(noverify) {
- status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url");
- } else {
- status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url");
- }
- if( (status < 0) || (jar->valid < 0) ) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_ERROR, jarFile,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_ERROR;
- goto loser;
- }
- /*printf("passed the archive\n");*/
-
- /*
- * Show the user security information, allow them to abort or continue
- */
- if( Pk11Install_UserVerifyJar(jar, PR_STDOUT,
- force?PR_FALSE:PR_TRUE) && !force) {
- if(feedback) {
- PR_fprintf(feedback, msgStrings[USER_ABORT]);
- }
- ret=PK11_INSTALL_USER_ABORT;
- goto loser;
- }
-
- /*
- * Get the name of the installation file
- */
- if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer,
- (unsigned long*)&installer_len) ) {
- error(PK11_INSTALL_NO_INSTALLER_SCRIPT);
- ret=PK11_INSTALL_NO_INSTALLER_SCRIPT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer);
- }
-
- /*
- * Extract the installation file
- */
- if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) {
- error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_DELETE_TEMP_FILE;
- goto loser;
- }
- }
- if(noverify) {
- status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE);
- } else {
- status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, installer,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret = PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- } else {
- made_temp_file = PR_TRUE;
- }
-
- /*
- * Parse the installation file into a syntax tree
- */
- Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0);
- if(!Pk11Install_FD) {
- error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_OPEN_SCRIPT_FILE;
- goto loser;
- }
- if(Pk11Install_yyparse()) {
- error(PK11_INSTALL_SCRIPT_PARSE, installer,
- Pk11Install_yyerrstr ? Pk11Install_yyerrstr : "");
- ret=PK11_INSTALL_SCRIPT_PARSE;
- goto loser;
- }
-
-#if 0
- /* for debugging */
- Pk11Install_valueList->Print(0);
-#endif
-
- /*
- * From the syntax tree, build a semantic structure
- */
- errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList);
- if(errMsg) {
- error(PK11_INSTALL_SEMANTIC, errMsg);
- ret=PK11_INSTALL_SEMANTIC;
- goto loser;
- }
-#if 0
- installInfo.Print(0);
-#endif
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]);
- }
-
- /*
- * Figure out which platform to use
- */
- {
- sysname[0] = release[0] = arch[0] = '\0';
-
- if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ) {
- error(PK11_INSTALL_SYSINFO);
- ret=PK11_INSTALL_SYSINFO;
- goto loser;
- }
- myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch);
- platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform);
- if(!platform) {
- error(PK11_INSTALL_NO_PLATFORM, myPlatform);
- PR_smprintf_free(myPlatform);
- ret=PK11_INSTALL_NO_PLATFORM;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform);
- PR_fprintf(feedback, msgStrings[USING_PLATFORM],
- Pk11Install_PlatformName_GetString(&platform->name));
- }
- PR_smprintf_free(myPlatform);
- }
-
- /* Run the install for that platform */
- ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify);
- if(ret) {
- goto loser;
- }
-
- ret = PK11_INSTALL_SUCCESS;
-loser:
- if(Pk11Install_valueList) {
- Pk11Install_ValueList_delete(Pk11Install_valueList);
- PR_Free(Pk11Install_valueList);
- Pk11Install_valueList = NULL;
- }
- if(jar) {
- JAR_destroy(jar);
- }
- if(made_temp_file) {
- PR_Delete(SCRIPT_TEMP_FILE);
- }
- if(errMsg) {
- PR_smprintf_free(errMsg);
- }
- return ret;
-}
-
-/*
-/////////////////////////////////////////////////////////////////////////
-// actually run the installation, copying files to and fro
-*/
-static Pk11Install_Error
-DoInstall(JAR *jar, const char *installDir, const char *tempDir,
- Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify)
-{
- Pk11Install_File *file;
- Pk11Install_Error ret;
- char *reldir;
- char *dest;
- char *modDest;
- char *cp;
- int i;
- int status;
- char *tempname, *temp;
- StringList executables;
- StringNode *execNode;
- PRProcessAttr *attr;
- PRProcess *proc;
- char *argv[2];
- char *envp[1];
- int errcode;
-
- ret=PK11_INSTALL_UNSPECIFIED;
- reldir=NULL;
- dest=NULL;
- modDest=NULL;
- tempname=NULL;
-
- StringList_new(&executables);
- /*
- // Create Temporary directory
- */
- tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME);
- if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) {
- /* Left over from previous run? Delete it. */
- rm_dash_r(tempname);
- }
- if(PR_MkDir(tempname, 0700) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, tempname);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /*
- // Install all the files
- */
- for(i=0; i < platform->numFiles; i++) {
- file = &platform->files[i];
-
- if(file->relativePath) {
- PRBool foundMarker = PR_FALSE;
- reldir = PR_Strdup(file->relativePath);
-
- /* Replace all the markers with the directories for which they stand */
- while(1) {
- if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) {
- /* Has a %root% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, installDir,
- cp+strlen(ROOT_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) {
- /* Has a %temp% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, tempname,
- cp+strlen(TEMP_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else {
- break;
- }
- }
- if(!foundMarker) {
- /* Has no markers...this isn't really a relative directory */
- error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath);
- ret = PK11_INSTALL_BOGUS_REL_DIR;
- goto loser;
- }
- dest = reldir;
- reldir = NULL;
- } else if(file->absolutePath) {
- dest = PR_Strdup(file->absolutePath);
- }
-
- /* Remember if this is the module file, we'll need to add it later */
- if(i == platform->modFile) {
- modDest = PR_Strdup(dest);
- }
-
- /* Remember is this is an executable, we'll need to run it later */
- if(file->executable) {
- StringList_Append(&executables,dest);
- /*executables.Append(dest);*/
- }
-
- /* Make sure the directory we are targetting exists */
- if( make_dirs(dest, file->permissions) ) {
- ret=PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /* Actually extract the file onto the filesystem */
- if(noverify) {
- status = JAR_extract(jar, (char*)file->jarPath, dest);
- } else {
- status = JAR_verified_extract(jar, (char*)file->jarPath, dest);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG],
- file->jarPath, dest);
- }
-
- /* no NSPR command to change permissions? */
-#ifdef XP_UNIX
- chmod(dest, file->permissions);
-#endif
-
- /* Memory clean-up tasks */
- if(reldir) {
- PR_Free(reldir);
- reldir = NULL;
- }
- if(dest) {
- PR_Free(dest);
- dest = NULL;
- }
- }
- /* Make sure we found the module file */
- if(!modDest) {
- /* Internal problem here, since every platform is supposed to have
- a module file */
- error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName);
- ret=PK11_INSTALL_NO_MOD_FILE;
- goto loser;
- }
-
- /*
- // Execute any executable files
- */
- {
- argv[1] = NULL;
- envp[0] = NULL;
- for(execNode = executables.head; execNode; execNode = execNode->next) {
- attr = PR_NewProcessAttr();
- argv[0] = PR_Strdup(execNode->str);
-
- /* Announce our intentions */
- if(feedback) {
- PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str);
- }
-
- /* start the process */
- if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_EXEC_FILE, execNode->str);
- ret=PK11_INSTALL_EXEC_FILE;
- goto loser;
- }
-
- /* wait for it to finish */
- if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_WAIT_PROCESS, execNode->str);
- ret=PK11_INSTALL_WAIT_PROCESS;
- goto loser;
- }
-
- /* What happened? */
- if(errcode) {
- /* process returned an error */
- error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode);
- } else if(feedback) {
- /* process ran successfully */
- PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str);
- }
-
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- }
- }
-
- /*
- // Add the module
- */
- status = Pk11Install_AddNewModule((char*)platform->moduleName,
- (char*)modDest, platform->mechFlags, platform->cipherFlags );
-
- if(status != SECSuccess) {
- error(PK11_INSTALL_ADD_MODULE, platform->moduleName);
- ret=PK11_INSTALL_ADD_MODULE;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG],
- platform->moduleName);
- }
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]);
- }
-
- ret = PK11_INSTALL_SUCCESS;
-
-loser:
- if(reldir) {
- PR_Free(reldir);
- }
- if(dest) {
- PR_Free(dest);
- }
- if(modDest) {
- PR_Free(modDest);
- }
- if(tempname) {
- PRFileInfo info;
- if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) {
- if((info.type == PR_FILE_DIRECTORY)) {
- /* Recursively remove temporary directory */
- if(rm_dash_r(tempname)) {
- error(PK11_INSTALL_REMOVE_DIR,
- tempname);
- ret=PK11_INSTALL_REMOVE_DIR;
- }
-
- }
- }
- PR_Free(tempname);
- }
- StringList_delete(&executables);
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*
- * r m _ d a s h _ r
- *
- * Remove a file, or a directory recursively.
- *
- */
-static int
-rm_dash_r (char *path)
-{
- PRDir *dir;
- PRDirEntry *entry;
- PRFileInfo fileinfo;
- char filename[240];
-
- if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
- /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
- return -1;
- }
- if(fileinfo.type == PR_FILE_DIRECTORY) {
-
- dir = PR_OpenDir(path);
- if(!dir) {
- return -1;
- }
-
- /* Recursively delete all entries in the directory */
- while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
- if(rm_dash_r(filename)) return -1;
- }
-
- if(PR_CloseDir(dir) != PR_SUCCESS) {
- return -1;
- }
-
- /* Delete the directory itself */
- if(PR_RmDir(path) != PR_SUCCESS) {
- return -1;
- }
- } else {
- if(PR_Delete(path) != PR_SUCCESS) {
- return -1;
- }
- }
- return 0;
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists. This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
- char *Path;
- char *start;
- char *sep;
- int ret = 0;
- PRFileInfo info;
-
- if(!path) {
- return 0;
- }
-
- Path = PR_Strdup(path);
- start = strpbrk(Path, "/\\");
- if(!start) {
- return 0;
- }
- start++; /* start right after first slash */
-
- /* Each time through the loop add one more directory. */
- while( (sep=strpbrk(start, "/\\")) ) {
- *sep = '\0';
-
- if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
- /* No such dir, we have to create it */
- if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- } else {
- /* something exists by this name, make sure it's a directory */
- if( info.type != PR_FILE_DIRECTORY ) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- }
-
- /* If this is the lowest directory level, make sure it is writeable */
- if(!strpbrk(sep+1, "/\\")) {
- if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path);
- ret = PK11_INSTALL_DIR_NOT_WRITEABLE;
- goto loser;
- }
- }
-
- start = sep+1; /* start after the next slash */
- *sep = '/';
- }
-
-loser:
- PR_Free(Path);
- return ret;
-}
-
-/*************************************************************************
- * d i r _ p e r m s
- *
- * Guesses the desired permissions on a directory based on the permissions
- * of a file that will be stored in it. Give read, write, and
- * execute to the owner (so we can create the file), read and
- * execute to anyone who has read permissions on the file, and write
- * to anyone who has write permissions on the file.
- */
-static int
-dir_perms(int perms)
-{
- int ret = 0;
-
- /* owner */
- ret |= 0700;
-
- /* group */
- if(perms & 0040) {
- /* read on the file -> read and execute on the directory */
- ret |= 0050;
- }
- if(perms & 0020) {
- /* write on the file -> write on the directory */
- ret |= 0020;
- }
-
- /* others */
- if(perms & 0004) {
- /* read on the file -> read and execute on the directory */
- ret |= 0005;
- }
- if(perms & 0002) {
- /* write on the file -> write on the directory */
- ret |= 0002;
- }
-
- return ret;
-}
diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h
deleted file mode 100644
index 00fae7aebc..0000000000
--- a/security/nss/cmd/modutil/install.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#ifndef PK11INSTALL_H
-#define PK11INSTALL_H
-
-#include
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef void (*Pk11Install_ErrorHandler)(char *);
-
-typedef enum {
- PK11_INSTALL_NO_ERROR=0,
- PK11_INSTALL_DIR_DOESNT_EXIST,
- PK11_INSTALL_FILE_DOESNT_EXIST,
- PK11_INSTALL_FILE_NOT_READABLE,
- PK11_INSTALL_ERROR_STRING,
- PK11_INSTALL_JAR_ERROR,
- PK11_INSTALL_NO_INSTALLER_SCRIPT,
- PK11_INSTALL_DELETE_TEMP_FILE,
- PK11_INSTALL_OPEN_SCRIPT_FILE,
- PK11_INSTALL_SCRIPT_PARSE,
- PK11_INSTALL_SEMANTIC,
- PK11_INSTALL_SYSINFO,
- PK11_INSTALL_NO_PLATFORM,
- PK11_INSTALL_BOGUS_REL_DIR,
- PK11_INSTALL_NO_MOD_FILE,
- PK11_INSTALL_ADD_MODULE,
- PK11_INSTALL_JAR_EXTRACT,
- PK11_INSTALL_DIR_NOT_WRITEABLE,
- PK11_INSTALL_CREATE_DIR,
- PK11_INSTALL_REMOVE_DIR,
- PK11_INSTALL_EXEC_FILE,
- PK11_INSTALL_WAIT_PROCESS,
- PK11_INSTALL_PROC_ERROR,
- PK11_INSTALL_USER_ABORT,
- PK11_INSTALL_UNSPECIFIED
-} Pk11Install_Error;
-#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init();
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler);
-
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release();
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- * feedback is a file descriptor to which to write informative (not error)
- * status messages: what files are being installed, what modules are being
- * installed. If feedback==NULL, no messages will be displayed.
- * If force != 0, interactive prompts will be suppressed.
- * If noverify == PR_TRUE, signatures won't be checked on the JAR file.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force,
- PRBool noverify);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /*PK11INSTALL_H*/
diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c
deleted file mode 100644
index 1d85d213ac..0000000000
--- a/security/nss/cmd/modutil/installparse.c
+++ /dev/null
@@ -1,429 +0,0 @@
-#ifndef lint
-char yysccsid[] = "@(#)yaccpar 1.4 (Berkeley) 02/25/90";
-#endif
-#line 37 "installparse.y"
-
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-#line 40 "ytab.c"
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
-#define YYERRCODE 256
-short yylhs[] = { -1,
- 0, 1, 1, 2, 2, 3, 4,
-};
-short yylen[] = { 2,
- 1, 2, 0, 1, 1, 4, 1,
-};
-short yydefred[] = { 0,
- 0, 0, 1, 0, 4, 0, 2, 0, 0, 6,
-};
-short yydgoto[] = { 2,
- 3, 4, 5, 6,
-};
-short yysindex[] = { -257,
- 0, 0, 0, -257, 0, -252, 0, -257, -251, 0,
-};
-short yyrindex[] = { 6,
- 1, 0, 0, 3, 0, 0, 0, -250, 0, 0,
-};
-short yygindex[] = { 0,
- -4, 0, 0, 0,
-};
-#define YYTABLESIZE 261
-short yytable[] = { 7,
- 5, 1, 3, 9, 8, 3, 10, 3, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 7, 5, 5,
- 3,
-};
-short yycheck[] = { 4,
- 0, 259, 0, 8, 257, 0, 258, 258, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, 257, 258, 259,
- 258,
-};
-#define YYFINAL 2
-#ifndef YYDEBUG
-#define YYDEBUG 0
-#endif
-#define YYMAXTOKEN 259
-#if YYDEBUG
-char *yyname[] = {
-"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING",
-};
-char *yyrule[] = {
-"$accept : toplist",
-"toplist : valuelist",
-"valuelist : value valuelist",
-"valuelist :",
-"value : key_value_pair",
-"value : STRING",
-"key_value_pair : key OPENBRACE valuelist CLOSEBRACE",
-"key : STRING",
-};
-#endif
-#ifndef YYSTYPE
-typedef int YYSTYPE;
-#endif
-#define yyclearin (yychar=(-1))
-#define yyerrok (yyerrflag=0)
-#ifndef YYSTACKSIZE
-#ifdef YYMAXDEPTH
-#define YYSTACKSIZE YYMAXDEPTH
-#else
-#define YYSTACKSIZE 300
-#endif
-#endif
-int yydebug;
-int yynerrs;
-int yyerrflag;
-int yychar;
-short *yyssp;
-YYSTYPE *yyvsp;
-YYSTYPE yyval;
-YYSTYPE yylval;
-#define yystacksize YYSTACKSIZE
-short yyss[YYSTACKSIZE];
-YYSTYPE yyvs[YYSTACKSIZE];
-#line 118 "installparse.y"
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
-#line 191 "ytab.c"
-#define YYABORT goto yyabort
-#define YYACCEPT goto yyaccept
-#define YYERROR goto yyerrlab
-int
-yyparse()
-{
- register int yym, yyn, yystate;
-#if YYDEBUG
- register char *yys;
- extern char *getenv();
-
- if (yys = getenv("YYDEBUG"))
- {
- yyn = *yys;
- if (yyn >= '0' && yyn <= '9')
- yydebug = yyn - '0';
- }
-#endif
-
- yynerrs = 0;
- yyerrflag = 0;
- yychar = (-1);
-
- yyssp = yyss;
- yyvsp = yyvs;
- *yyssp = yystate = 0;
-
-yyloop:
- if (yyn = yydefred[yystate]) goto yyreduce;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n", yystate,
- yychar, yys);
- }
-#endif
- }
- if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, shifting to state %d\n",
- yystate, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- yychar = (-1);
- if (yyerrflag > 0) --yyerrflag;
- goto yyloop;
- }
- if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
- yyn = yytable[yyn];
- goto yyreduce;
- }
- if (yyerrflag) goto yyinrecovery;
-#ifdef lint
- goto yynewerror;
-yynewerror:
-#endif
- yyerror("syntax error");
-#ifdef lint
- goto yyerrlab;
-yyerrlab:
-#endif
- ++yynerrs;
-yyinrecovery:
- if (yyerrflag < 3)
- {
- yyerrflag = 3;
- for (;;)
- {
- if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, error recovery shifting\
- to state %d\n", *yyssp, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- goto yyloop;
- }
- else
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: error recovery discarding state %d\n",
- *yyssp);
-#endif
- if (yyssp <= yyss) goto yyabort;
- --yyssp;
- --yyvsp;
- }
- }
- }
- else
- {
- if (yychar == 0) goto yyabort;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, error recovery discards token %d (%s)\n",
- yystate, yychar, yys);
- }
-#endif
- yychar = (-1);
- goto yyloop;
- }
-yyreduce:
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, reducing by rule %d (%s)\n",
- yystate, yyn, yyrule[yyn]);
-#endif
- yym = yylen[yyn];
- yyval = yyvsp[1-yym];
- switch (yyn)
- {
-case 1:
-#line 84 "installparse.y"
-{
- Pk11Install_valueList = yyvsp[0].list;
-}
-break;
-case 2:
-#line 89 "installparse.y"
-{
- Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value);
- yyval .list = yyvsp[0].list;
-}
-break;
-case 3:
-#line 94 "installparse.y"
-{
- yyval .list = Pk11Install_ValueList_new();
-}
-break;
-case 4:
-#line 99 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]);
-}
-break;
-case 5:
-#line 103 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]);
-}
-break;
-case 6:
-#line 108 "installparse.y"
-{
- yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list);
-}
-break;
-case 7:
-#line 113 "installparse.y"
-{
- yyval .string = yyvsp[0].string;
-}
-break;
-#line 374 "ytab.c"
- }
- yyssp -= yym;
- yystate = *yyssp;
- yyvsp -= yym;
- yym = yylhs[yyn];
- if (yystate == 0 && yym == 0)
- {
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state 0 to\
- state %d\n", YYFINAL);
-#endif
- yystate = YYFINAL;
- *++yyssp = YYFINAL;
- *++yyvsp = yyval;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n",
- YYFINAL, yychar, yys);
- }
-#endif
- }
- if (yychar == 0) goto yyaccept;
- goto yyloop;
- }
- if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
- yystate = yytable[yyn];
- else
- yystate = yydgoto[yym];
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state %d \
-to state %d\n", *yyssp, yystate);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate;
- *++yyvsp = yyval;
- goto yyloop;
-yyoverflow:
- yyerror("yacc stack overflow");
-yyabort:
- return (1);
-yyaccept:
- return (0);
-}
diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h
deleted file mode 100644
index 75686d4fdd..0000000000
--- a/security/nss/cmd/modutil/installparse.h
+++ /dev/null
@@ -1,3 +0,0 @@
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l
deleted file mode 100644
index 3881ea5301..0000000000
--- a/security/nss/cmd/modutil/installparse.l
+++ /dev/null
@@ -1,169 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-
-/* lex file for analyzing PKCS #11 Module installation instructions */
-
-/*----------------------------- Definitions ---------------------------*/
-%{
-#include
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-%}
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-simple_string [^ \t\r\n\""{""}"]+
-
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. No newlines or carriage returns
- are allowed inside the quotes. Otherwise, anything goes. */
-complex_string \"([^\"\\\r\n]|(\\\")|(\\\\))+\"
-
-/* Standard whitespace */
-whitespace [ \t\r]+
-
-other .
-
-/*---------------------------- Actions --------------------------------*/
-%%
-
-"{" return OPENBRACE;
-"}" return CLOSEBRACE;
-{simple_string} {Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
-{complex_string} {Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
-
-"\n" Pk11Install_yylinenum++;
-
-{whitespace} ;
-
-{other} {err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
-
-%%
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y
deleted file mode 100644
index 003f046288..0000000000
--- a/security/nss/cmd/modutil/installparse.y
+++ /dev/null
@@ -1,136 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* yacc file for parsing PKCS #11 module installation instructions */
-/*------------------------ Definition Section ---------------------------*/
-
-%{
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-%}
-
-/* Tokens */
-%token OPENBRACE
-%token CLOSEBRACE
-%token STRING
-%start toplist
-
-%%
-
-/*--------------------------- Productions -------------------------------*/
-
-toplist : valuelist
-{
- Pk11Install_valueList = $1.list;
-}
-
-valuelist : value valuelist
-{
- Pk11Install_ValueList_AddItem($2.list,$1.value);
- $$.list = $2.list;
-}
-|
-{
- $$.list = Pk11Install_ValueList_new();
-};
-
-value : key_value_pair
-{
- $$.value= Pk11Install_Value_new(PAIR_VALUE,$1);
-}
-| STRING
-{
- $$.value= Pk11Install_Value_new(STRING_VALUE, $1);
-};
-
-key_value_pair : key OPENBRACE valuelist CLOSEBRACE
-{
- $$.pair = Pk11Install_Pair_new($1.string,$3.list);
-};
-
-key : STRING
-{
- $$.string = $1.string;
-};
-
-%%
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c
deleted file mode 100644
index cfc0082342..0000000000
--- a/security/nss/cmd/modutil/instsec.c
+++ /dev/null
@@ -1,181 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-/* These are installation functions that make calls to the security library.
- * We don't want to include security include files in the C++ code too much.
- */
-
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-
-/***************************************************************************
- *
- * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
- */
-int
-Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags)
-{
- return (SECMOD_AddNewModule(moduleName, dllPath,
- SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
- SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
- == SECSuccess) ? 0 : -1;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
- *
- * Gives the user feedback on the signatures of a JAR files, asks them
- * whether they actually want to continue.
- * Assumes the jar structure has already been created and is valid.
- * Returns 0 if the user wants to continue the installation, nonzero
- * if the user wishes to abort.
- */
-short
-Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
-{
- JAR_Context *ctx;
- JAR_Cert *fing;
- JAR_Item *item;
- char stdinbuf[80];
- int count=0;
-
- CERTCertificate *cert, *prev=NULL;
-
- PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
-
- ctx = JAR_find(jar, NULL, jarTypeSign);
-
- while(JAR_find_next(ctx, &item) >= 0 ) {
- fing = (JAR_Cert*) item->data;
- cert = fing->cert;
- if(cert==prev) {
- continue;
- }
-
- count++;
- PR_fprintf(out, "----------------------------------------------\n");
- if(cert) {
- if(cert->nickname) {
- PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
- }
- if(cert->subjectName) {
- PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
- if(cert->issuerName) {
- PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
- }
- } else {
- PR_fprintf(out, "No matching certificate could be found.\n");
- }
- PR_fprintf(out, "----------------------------------------------\n\n");
-
- prev=cert;
- }
-
- JAR_find_end(ctx);
-
- if(count==0) {
- PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
- }
-
- if(query) {
- PR_fprintf(out,
-"Do you wish to continue this installation? (y/n) ");
-
- if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
- char *response;
-
- if( (response=strtok(stdinbuf, " \t\n\r")) ) {
- if( !PL_strcasecmp(response, "y") ||
- !PL_strcasecmp(response, "yes") ) {
- return 0;
- }
- }
- }
- }
-
- return 1;
-}
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
-
-/**************************************************************************
- *
- * m y S E C U _ E r r o r S t r i n g
- *
- */
-const char* mySECU_ErrorString(int16 errnum)
-{
- return SECU_Strerror(errnum);
-}
diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c
deleted file mode 100644
index 1c123e5783..0000000000
--- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c
+++ /dev/null
@@ -1,1694 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#define yy_create_buffer Pk11Install_yy_create_buffer
-#define yy_delete_buffer Pk11Install_yy_delete_buffer
-#define yy_scan_buffer Pk11Install_yy_scan_buffer
-#define yy_scan_string Pk11Install_yy_scan_string
-#define yy_scan_bytes Pk11Install_yy_scan_bytes
-#define yy_flex_debug Pk11Install_yy_flex_debug
-#define yy_init_buffer Pk11Install_yy_init_buffer
-#define yy_flush_buffer Pk11Install_yy_flush_buffer
-#define yy_load_buffer_state Pk11Install_yy_load_buffer_state
-#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer
-#define yyin Pk11Install_yyin
-#define yyleng Pk11Install_yyleng
-#define yylex Pk11Install_yylex
-#define yyout Pk11Install_yyout
-#define yyrestart Pk11Install_yyrestart
-#define yytext Pk11Install_yytext
-#define yywrap Pk11Install_yywrap
-
-#line 20 "lex.Pk11Install_yy.c"
-/* A lexical scanner generated by flex */
-
-/* Scanner skeleton version:
- * $Header$
- */
-
-#define FLEX_SCANNER
-#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-
-#include
-
-
-/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */
-#ifdef c_plusplus
-#ifndef __cplusplus
-#define __cplusplus
-#endif
-#endif
-
-
-#ifdef __cplusplus
-
-#include
-//#include
-
-/* Use prototypes in function declarations. */
-#define YY_USE_PROTOS
-
-/* The "const" storage-class-modifier is valid. */
-#define YY_USE_CONST
-
-#else /* ! __cplusplus */
-
-#if __STDC__
-
-#define YY_USE_PROTOS
-#define YY_USE_CONST
-
-#endif /* __STDC__ */
-#endif /* ! __cplusplus */
-
-#ifdef __TURBOC__
- #pragma warn -rch
- #pragma warn -use
-#include
-#include
-#define YY_USE_CONST
-#define YY_USE_PROTOS
-#endif
-
-#ifdef YY_USE_CONST
-#define yyconst const
-#else
-#define yyconst
-#endif
-
-
-#ifdef YY_USE_PROTOS
-#define YY_PROTO(proto) proto
-#else
-#define YY_PROTO(proto) ()
-#endif
-
-/* Returned upon end-of-file. */
-#define YY_NULL 0
-
-/* Promotes a possibly negative, possibly signed char to an unsigned
- * integer for use as an array index. If the signed char is negative,
- * we want to instead treat it as an 8-bit unsigned char, hence the
- * double cast.
- */
-#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
-
-/* Enter a start condition. This macro really ought to take a parameter,
- * but we do it the disgusting crufty way forced on us by the ()-less
- * definition of BEGIN.
- */
-#define BEGIN yy_start = 1 + 2 *
-
-/* Translate the current start state into a value that can be later handed
- * to BEGIN to return to the state. The YYSTATE alias is for lex
- * compatibility.
- */
-#define YY_START ((yy_start - 1) / 2)
-#define YYSTATE YY_START
-
-/* Action number for EOF rule of a given start state. */
-#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
-
-/* Special action meaning "start processing a new file". */
-#define YY_NEW_FILE yyrestart( yyin )
-
-#define YY_END_OF_BUFFER_CHAR 0
-
-/* Size of default input buffer. */
-#define YY_BUF_SIZE 16384
-
-typedef struct yy_buffer_state *YY_BUFFER_STATE;
-
-extern int yyleng;
-extern FILE *yyin, *yyout;
-
-#define EOB_ACT_CONTINUE_SCAN 0
-#define EOB_ACT_END_OF_FILE 1
-#define EOB_ACT_LAST_MATCH 2
-
-/* The funky do-while in the following #define is used to turn the definition
- * int a single C statement (which needs a semi-colon terminator). This
- * avoids problems with code like:
- *
- * if ( condition_holds )
- * yyless( 5 );
- * else
- * do_something_else();
- *
- * Prior to using the do-while the compiler would get upset at the
- * "else" because it interpreted the "if" statement as being all
- * done when it reached the ';' after the yyless() call.
- */
-
-/* Return all but the first 'n' matched characters back to the input stream. */
-
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- *yy_cp = yy_hold_char; \
- YY_RESTORE_YY_MORE_OFFSET \
- yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
- YY_DO_BEFORE_ACTION; /* set up yytext again */ \
- } \
- while ( 0 )
-
-#define unput(c) yyunput( c, yytext_ptr )
-
-/* The following is because we cannot portably get our hands on size_t
- * (without autoconf's help, which isn't available because we want
- * flex-generated scanners to compile on their own).
- */
-typedef unsigned int yy_size_t;
-
-
-struct yy_buffer_state
- {
- FILE *yy_input_file;
-
- char *yy_ch_buf; /* input buffer */
- char *yy_buf_pos; /* current position in input buffer */
-
- /* Size of input buffer in bytes, not including room for EOB
- * characters.
- */
- yy_size_t yy_buf_size;
-
- /* Number of characters read into yy_ch_buf, not including EOB
- * characters.
- */
- int yy_n_chars;
-
- /* Whether we "own" the buffer - i.e., we know we created it,
- * and can realloc() it to grow it, and should free() it to
- * delete it.
- */
- int yy_is_our_buffer;
-
- /* Whether this is an "interactive" input source; if so, and
- * if we're using stdio for input, then we want to use getc()
- * instead of fread(), to make sure we stop fetching input after
- * each newline.
- */
- int yy_is_interactive;
-
- /* Whether we're considered to be at the beginning of a line.
- * If so, '^' rules will be active on the next match, otherwise
- * not.
- */
- int yy_at_bol;
-
- /* Whether to try to fill the input buffer when we reach the
- * end of it.
- */
- int yy_fill_buffer;
-
- int yy_buffer_status;
-#define YY_BUFFER_NEW 0
-#define YY_BUFFER_NORMAL 1
- /* When an EOF's been seen but there's still some text to process
- * then we mark the buffer as YY_EOF_PENDING, to indicate that we
- * shouldn't try reading from the input source any more. We might
- * still have a bunch of tokens to match, though, because of
- * possible backing-up.
- *
- * When we actually see the EOF, we change the status to "new"
- * (via yyrestart()), so that the user can continue scanning by
- * just pointing yyin at a new input file.
- */
-#define YY_BUFFER_EOF_PENDING 2
- };
-
-static YY_BUFFER_STATE yy_current_buffer = 0;
-
-/* We provide macros for accessing buffer states in case in the
- * future we want to put the buffer states in a more general
- * "scanner state".
- */
-#define YY_CURRENT_BUFFER yy_current_buffer
-
-
-/* yy_hold_char holds the character lost when yytext is formed. */
-static char yy_hold_char;
-
-static int yy_n_chars; /* number of characters read into yy_ch_buf */
-
-
-int yyleng;
-
-/* Points to current character in buffer. */
-static char *yy_c_buf_p = (char *) 0;
-static int yy_init = 1; /* whether we need to initialize */
-static int yy_start = 0; /* start state number */
-
-/* Flag which is used to allow yywrap()'s to do buffer switches
- * instead of setting up a fresh yyin. A bit of a hack ...
- */
-static int yy_did_buffer_switch_on_eof;
-
-void yyrestart YY_PROTO(( FILE *input_file ));
-
-void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer ));
-void yy_load_buffer_state YY_PROTO(( void ));
-YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size ));
-void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file ));
-void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
-
-YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size ));
-YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str ));
-YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len ));
-
-static void *yy_flex_alloc YY_PROTO(( yy_size_t ));
-static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t ));
-static void yy_flex_free YY_PROTO(( void * ));
-
-#define yy_new_buffer yy_create_buffer
-
-#define yy_set_interactive(is_interactive) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_is_interactive = is_interactive; \
- }
-
-#define yy_set_bol(at_bol) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_at_bol = at_bol; \
- }
-
-#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
-
-typedef unsigned char YY_CHAR;
-FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
-typedef int yy_state_type;
-extern char *yytext;
-#define yytext_ptr yytext
-
-static yy_state_type yy_get_previous_state YY_PROTO(( void ));
-static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state ));
-static int yy_get_next_buffer YY_PROTO(( void ));
-static void yy_fatal_error YY_PROTO(( yyconst char msg[] ));
-
-/* Done after the current pattern has been matched and before the
- * corresponding action - sets up yytext.
- */
-#define YY_DO_BEFORE_ACTION \
- yytext_ptr = yy_bp; \
- yyleng = (int) (yy_cp - yy_bp); \
- yy_hold_char = *yy_cp; \
- *yy_cp = '\0'; \
- yy_c_buf_p = yy_cp;
-
-#define YY_NUM_RULES 8
-#define YY_END_OF_BUFFER 9
-static yyconst short int yy_accept[16] =
- { 0,
- 0, 0, 9, 3, 6, 5, 7, 1, 2, 3,
- 6, 0, 0, 4, 0
- } ;
-
-static yyconst int yy_ec[256] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
- 1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 2, 1, 5, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 6, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 7, 1, 8, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1
- } ;
-
-static yyconst int yy_meta[9] =
- { 0,
- 1, 2, 3, 4, 3, 1, 5, 5
- } ;
-
-static yyconst short int yy_base[19] =
- { 0,
- 0, 0, 19, 0, 0, 21, 12, 21, 21, 0,
- 0, 4, 6, 21, 21, 13, 11, 15
- } ;
-
-static yyconst short int yy_def[19] =
- { 0,
- 15, 1, 15, 16, 17, 15, 18, 15, 15, 16,
- 17, 18, 15, 15, 0, 15, 15, 15
- } ;
-
-static yyconst short int yy_nxt[30] =
- { 0,
- 4, 5, 6, 5, 7, 4, 8, 9, 14, 13,
- 12, 12, 11, 10, 11, 12, 12, 13, 15, 12,
- 3, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yyconst short int yy_chk[30] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 12, 12,
- 13, 13, 17, 16, 17, 18, 18, 7, 3, 18,
- 15, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yy_state_type yy_last_accepting_state;
-static char *yy_last_accepting_cpos;
-
-/* The intent behind this definition is that it'll catch
- * any uses of REJECT which flex missed.
- */
-#define REJECT reject_used_but_not_detected
-#define yymore() yymore_used_but_not_detected
-#define YY_MORE_ADJ 0
-#define YY_RESTORE_YY_MORE_OFFSET
-char *yytext;
-#line 1 "installparse.l"
-#define INITIAL 0
-/* lex file for analyzing PKCS #11 Module installation instructions */
-/*----------------------------- Definitions ---------------------------*/
-#line 5 "installparse.l"
-#include
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. Otherwise, anything goes. */
-/* Standard whitespace */
-/*---------------------------- Actions --------------------------------*/
-#line 437 "lex.Pk11Install_yy.cpp"
-
-/* Macros after this point can all be overridden by user definitions in
- * section 1.
- */
-
-#ifndef YY_SKIP_YYWRAP
-#ifdef __cplusplus
-extern "C" int yywrap YY_PROTO(( void ));
-#else
-extern int yywrap YY_PROTO(( void ));
-#endif
-#endif
-
-#ifndef YY_NO_UNPUT
-static void yyunput YY_PROTO(( int c, char *buf_ptr ));
-#endif
-
-#ifndef yytext_ptr
-static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int ));
-#endif
-
-#ifdef YY_NEED_STRLEN
-static int yy_flex_strlen YY_PROTO(( yyconst char * ));
-#endif
-
-#ifndef YY_NO_INPUT
-#ifdef __cplusplus
-static int yyinput YY_PROTO(( void ));
-#else
-static int input YY_PROTO(( void ));
-#endif
-#endif
-
-#if YY_STACK_USED
-static int yy_start_stack_ptr = 0;
-static int yy_start_stack_depth = 0;
-static int *yy_start_stack = 0;
-#ifndef YY_NO_PUSH_STATE
-static void yy_push_state YY_PROTO(( int new_state ));
-#endif
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state YY_PROTO(( void ));
-#endif
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state YY_PROTO(( void ));
-#endif
-
-#else
-#define YY_NO_PUSH_STATE 1
-#define YY_NO_POP_STATE 1
-#define YY_NO_TOP_STATE 1
-#endif
-
-#ifdef YY_MALLOC_DECL
-YY_MALLOC_DECL
-#else
-#if __STDC__
-#ifndef __cplusplus
-#include
-#endif
-#else
-/* Just try to get by without declaring the routines. This will fail
- * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
- * or sizeof(void*) != sizeof(int).
- */
-#endif
-#endif
-
-/* Amount of stuff to slurp up with each read. */
-#ifndef YY_READ_BUF_SIZE
-#define YY_READ_BUF_SIZE 8192
-#endif
-
-/* Copy whatever the last rule matched to the standard output. */
-
-#ifndef ECHO
-/* This used to be an fputs(), but since the string might contain NUL's,
- * we now use fwrite().
- */
-#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
-#endif
-
-/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
- * is returned in "result".
- */
-#ifndef YY_INPUT
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) \
- { \
- int c = '*', n; \
- for ( n = 0; n < max_size && \
- (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
- buf[n] = (char) c; \
- if ( c == '\n' ) \
- buf[n++] = (char) c; \
- if ( c == EOF && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" ); \
- result = n; \
- } \
- else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
- && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" );
-#endif
-
-/* No semi-colon after return; correct usage is to write "yyterminate();" -
- * we don't want an extra ';' after the "return" because that will cause
- * some compilers to complain about unreachable statements.
- */
-#ifndef yyterminate
-#define yyterminate() return YY_NULL
-#endif
-
-/* Number of entries by which start-condition stack grows. */
-#ifndef YY_START_STACK_INCR
-#define YY_START_STACK_INCR 25
-#endif
-
-/* Report a fatal error. */
-#ifndef YY_FATAL_ERROR
-#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
-#endif
-
-/* Default declaration of generated scanner - a define so the user can
- * easily add parameters.
- */
-#ifndef YY_DECL
-#define YY_DECL int yylex YY_PROTO(( void ))
-#endif
-
-/* Code executed at the beginning of each rule, after yytext and yyleng
- * have been set up.
- */
-#ifndef YY_USER_ACTION
-#define YY_USER_ACTION
-#endif
-
-/* Code executed at the end of each rule. */
-#ifndef YY_BREAK
-#define YY_BREAK break;
-#endif
-
-#define YY_RULE_SETUP \
- YY_USER_ACTION
-
-YY_DECL
- {
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
-
-#line 60 "installparse.l"
-
-
-#line 591 "lex.Pk11Install_yy.cpp"
-
- if ( yy_init )
- {
- yy_init = 0;
-
-#ifdef YY_USER_INIT
- YY_USER_INIT;
-#endif
-
- if ( ! yy_start )
- yy_start = 1; /* first start state */
-
- if ( ! yyin )
- yyin = stdin;
-
- if ( ! yyout )
- yyout = stdout;
-
- if ( ! yy_current_buffer )
- yy_current_buffer =
- yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_load_buffer_state();
- }
-
- while ( 1 ) /* loops until end-of-file is reached */
- {
- yy_cp = yy_c_buf_p;
-
- /* Support of yytext. */
- *yy_cp = yy_hold_char;
-
- /* yy_bp points to the position in yy_ch_buf of the start of
- * the current run.
- */
- yy_bp = yy_cp;
-
- yy_current_state = yy_start;
-yy_match:
- do
- {
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- ++yy_cp;
- }
- while ( yy_base[yy_current_state] != 21 );
-
-yy_find_action:
- yy_act = yy_accept[yy_current_state];
- if ( yy_act == 0 )
- { /* have to back up */
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- yy_act = yy_accept[yy_current_state];
- }
-
- YY_DO_BEFORE_ACTION;
-
-
-do_action: /* This label is used only to access EOF actions. */
-
-
- switch ( yy_act )
- { /* beginning of action switch */
- case 0: /* must back up */
- /* undo the effects of YY_DO_BEFORE_ACTION */
- *yy_cp = yy_hold_char;
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- goto yy_find_action;
-
-case 1:
-YY_RULE_SETUP
-#line 62 "installparse.l"
-return OPENBRACE;
- YY_BREAK
-case 2:
-YY_RULE_SETUP
-#line 63 "installparse.l"
-return CLOSEBRACE;
- YY_BREAK
-case 3:
-YY_RULE_SETUP
-#line 64 "installparse.l"
-{Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 4:
-YY_RULE_SETUP
-#line 67 "installparse.l"
-{Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 5:
-YY_RULE_SETUP
-#line 71 "installparse.l"
-Pk11Install_yylinenum++;
- YY_BREAK
-case 6:
-YY_RULE_SETUP
-#line 73 "installparse.l"
-;
- YY_BREAK
-case 7:
-YY_RULE_SETUP
-#line 75 "installparse.l"
-{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
- YY_BREAK
-case 8:
-YY_RULE_SETUP
-#line 81 "installparse.l"
-ECHO;
- YY_BREAK
-#line 722 "lex.Pk11Install_yy.cpp"
-case YY_STATE_EOF(INITIAL):
- yyterminate();
-
- case YY_END_OF_BUFFER:
- {
- /* Amount of text matched not including the EOB char. */
- int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1;
-
- /* Undo the effects of YY_DO_BEFORE_ACTION. */
- *yy_cp = yy_hold_char;
- YY_RESTORE_YY_MORE_OFFSET
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW )
- {
- /* We're scanning a new file or input source. It's
- * possible that this happened because the user
- * just pointed yyin at a new source and called
- * yylex(). If so, then we have to assure
- * consistency between yy_current_buffer and our
- * globals. Here is the right place to do so, because
- * this is the first action (other than possibly a
- * back-up) that will match for the new input source.
- */
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yy_current_buffer->yy_input_file = yyin;
- yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
- }
-
- /* Note that here we test for yy_c_buf_p "<=" to the position
- * of the first EOB in the buffer, since yy_c_buf_p will
- * already have been incremented past the NUL character
- * (since all states make transitions on EOB to the
- * end-of-buffer state). Contrast this with the test
- * in input().
- */
- if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- { /* This was really a NUL. */
- yy_state_type yy_next_state;
-
- yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- /* Okay, we're now positioned to make the NUL
- * transition. We couldn't have
- * yy_get_previous_state() go ahead and do it
- * for us because it doesn't know how to deal
- * with the possibility of jamming (and we don't
- * want to build jamming into it because then it
- * will run more slowly).
- */
-
- yy_next_state = yy_try_NUL_trans( yy_current_state );
-
- yy_bp = yytext_ptr + YY_MORE_ADJ;
-
- if ( yy_next_state )
- {
- /* Consume the NUL. */
- yy_cp = ++yy_c_buf_p;
- yy_current_state = yy_next_state;
- goto yy_match;
- }
-
- else
- {
- yy_cp = yy_c_buf_p;
- goto yy_find_action;
- }
- }
-
- else switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_END_OF_FILE:
- {
- yy_did_buffer_switch_on_eof = 0;
-
- if ( yywrap() )
- {
- /* Note: because we've taken care in
- * yy_get_next_buffer() to have set up
- * yytext, we can now set up
- * yy_c_buf_p so that if some total
- * hoser (like flex itself) wants to
- * call the scanner after we return the
- * YY_NULL, it'll still work - another
- * YY_NULL will get returned.
- */
- yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
-
- yy_act = YY_STATE_EOF(YY_START);
- goto do_action;
- }
-
- else
- {
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
- }
- break;
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p =
- yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_match;
-
- case EOB_ACT_LAST_MATCH:
- yy_c_buf_p =
- &yy_current_buffer->yy_ch_buf[yy_n_chars];
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_find_action;
- }
- break;
- }
-
- default:
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--no action found" );
- } /* end of action switch */
- } /* end of scanning one token */
- } /* end of yylex */
-
-
-/* yy_get_next_buffer - try to read in a new buffer
- *
- * Returns a code representing an action:
- * EOB_ACT_LAST_MATCH -
- * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
- * EOB_ACT_END_OF_FILE - end of file
- */
-
-static int yy_get_next_buffer()
- {
- register char *dest = yy_current_buffer->yy_ch_buf;
- register char *source = yytext_ptr;
- register int number_to_move, i;
- int ret_val;
-
- if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] )
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--end of buffer missed" );
-
- if ( yy_current_buffer->yy_fill_buffer == 0 )
- { /* Don't try to fill the buffer, so this is an EOF. */
- if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 )
- {
- /* We matched a single character, the EOB, so
- * treat this as a final EOF.
- */
- return EOB_ACT_END_OF_FILE;
- }
-
- else
- {
- /* We matched some text prior to the EOB, first
- * process it.
- */
- return EOB_ACT_LAST_MATCH;
- }
- }
-
- /* Try to read more data. */
-
- /* First move last chars to start of buffer. */
- number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
-
- for ( i = 0; i < number_to_move; ++i )
- *(dest++) = *(source++);
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING )
- /* don't do the read, it's not guaranteed to return an EOF,
- * just force an EOF
- */
- yy_current_buffer->yy_n_chars = yy_n_chars = 0;
-
- else
- {
- int num_to_read =
- yy_current_buffer->yy_buf_size - number_to_move - 1;
-
- while ( num_to_read <= 0 )
- { /* Not enough room in the buffer - grow it. */
-#ifdef YY_USES_REJECT
- YY_FATAL_ERROR(
-"input buffer overflow, can't enlarge buffer because scanner uses REJECT" );
-#else
-
- /* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = yy_current_buffer;
-
- int yy_c_buf_p_offset =
- (int) (yy_c_buf_p - b->yy_ch_buf);
-
- if ( b->yy_is_our_buffer )
- {
- int new_size = b->yy_buf_size * 2;
-
- if ( new_size <= 0 )
- b->yy_buf_size += b->yy_buf_size / 8;
- else
- b->yy_buf_size *= 2;
-
- b->yy_ch_buf = (char *)
- /* Include room in for 2 EOB chars. */
- yy_flex_realloc( (void *) b->yy_ch_buf,
- b->yy_buf_size + 2 );
- }
- else
- /* Can't grow it, we don't own it. */
- b->yy_ch_buf = 0;
-
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR(
- "fatal error - scanner input buffer overflow" );
-
- yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
-
- num_to_read = yy_current_buffer->yy_buf_size -
- number_to_move - 1;
-#endif
- }
-
- if ( num_to_read > YY_READ_BUF_SIZE )
- num_to_read = YY_READ_BUF_SIZE;
-
- /* Read in more data. */
- YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]),
- yy_n_chars, num_to_read );
-
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- if ( yy_n_chars == 0 )
- {
- if ( number_to_move == YY_MORE_ADJ )
- {
- ret_val = EOB_ACT_END_OF_FILE;
- yyrestart( yyin );
- }
-
- else
- {
- ret_val = EOB_ACT_LAST_MATCH;
- yy_current_buffer->yy_buffer_status =
- YY_BUFFER_EOF_PENDING;
- }
- }
-
- else
- ret_val = EOB_ACT_CONTINUE_SCAN;
-
- yy_n_chars += number_to_move;
- yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
- yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
-
- yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
-
- return ret_val;
- }
-
-
-/* yy_get_previous_state - get the state just before the EOB char was reached */
-
-static yy_state_type yy_get_previous_state()
- {
- register yy_state_type yy_current_state;
- register char *yy_cp;
-
- yy_current_state = yy_start;
-
- for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp )
- {
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- }
-
- return yy_current_state;
- }
-
-
-/* yy_try_NUL_trans - try to make a transition on the NUL character
- *
- * synopsis
- * next_state = yy_try_NUL_trans( current_state );
- */
-
-#ifdef YY_USE_PROTOS
-static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state )
-#else
-static yy_state_type yy_try_NUL_trans( yy_current_state )
-yy_state_type yy_current_state;
-#endif
- {
- register int yy_is_jam;
- register char *yy_cp = yy_c_buf_p;
-
- register YY_CHAR yy_c = 1;
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- yy_is_jam = (yy_current_state == 15);
-
- return yy_is_jam ? 0 : yy_current_state;
- }
-
-
-#ifndef YY_NO_UNPUT
-#ifdef YY_USE_PROTOS
-static void yyunput( int c, register char *yy_bp )
-#else
-static void yyunput( c, yy_bp )
-int c;
-register char *yy_bp;
-#endif
- {
- register char *yy_cp = yy_c_buf_p;
-
- /* undo effects of setting up yytext */
- *yy_cp = yy_hold_char;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- { /* need to shift things up to make room */
- /* +2 for EOB chars. */
- register int number_to_move = yy_n_chars + 2;
- register char *dest = &yy_current_buffer->yy_ch_buf[
- yy_current_buffer->yy_buf_size + 2];
- register char *source =
- &yy_current_buffer->yy_ch_buf[number_to_move];
-
- while ( source > yy_current_buffer->yy_ch_buf )
- *--dest = *--source;
-
- yy_cp += (int) (dest - source);
- yy_bp += (int) (dest - source);
- yy_current_buffer->yy_n_chars =
- yy_n_chars = yy_current_buffer->yy_buf_size;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- YY_FATAL_ERROR( "flex scanner push-back overflow" );
- }
-
- *--yy_cp = (char) c;
-
-
- yytext_ptr = yy_bp;
- yy_hold_char = *yy_cp;
- yy_c_buf_p = yy_cp;
- }
-#endif /* ifndef YY_NO_UNPUT */
-
-
-#ifdef __cplusplus
-static int yyinput()
-#else
-static int input()
-#endif
- {
- int c;
-
- *yy_c_buf_p = yy_hold_char;
-
- if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR )
- {
- /* yy_c_buf_p now points to the character we want to return.
- * If this occurs *before* the EOB characters, then it's a
- * valid NUL; if not, then we've hit the end of the buffer.
- */
- if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- /* This was really a NUL. */
- *yy_c_buf_p = '\0';
-
- else
- { /* need more input */
- int offset = yy_c_buf_p - yytext_ptr;
- ++yy_c_buf_p;
-
- switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_LAST_MATCH:
- /* This happens because yy_g_n_b()
- * sees that we've accumulated a
- * token and flags that we need to
- * try matching the token before
- * proceeding. But for input(),
- * there's no matching to consider.
- * So convert the EOB_ACT_LAST_MATCH
- * to EOB_ACT_END_OF_FILE.
- */
-
- /* Reset buffer status. */
- yyrestart( yyin );
-
- /* fall through */
-
- case EOB_ACT_END_OF_FILE:
- {
- if ( yywrap() )
- return EOF;
-
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
-#ifdef __cplusplus
- return yyinput();
-#else
- return input();
-#endif
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p = yytext_ptr + offset;
- break;
- }
- }
- }
-
- c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
- *yy_c_buf_p = '\0'; /* preserve yytext */
- yy_hold_char = *++yy_c_buf_p;
-
-
- return c;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yyrestart( FILE *input_file )
-#else
-void yyrestart( input_file )
-FILE *input_file;
-#endif
- {
- if ( ! yy_current_buffer )
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_init_buffer( yy_current_buffer, input_file );
- yy_load_buffer_state();
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer )
-#else
-void yy_switch_to_buffer( new_buffer )
-YY_BUFFER_STATE new_buffer;
-#endif
- {
- if ( yy_current_buffer == new_buffer )
- return;
-
- if ( yy_current_buffer )
- {
- /* Flush out information for old buffer. */
- *yy_c_buf_p = yy_hold_char;
- yy_current_buffer->yy_buf_pos = yy_c_buf_p;
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- yy_current_buffer = new_buffer;
- yy_load_buffer_state();
-
- /* We don't actually know whether we did this switch during
- * EOF (yywrap()) processing, but the only time this flag
- * is looked at is after yywrap() is called, so it's safe
- * to go ahead and always set it.
- */
- yy_did_buffer_switch_on_eof = 1;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_load_buffer_state( void )
-#else
-void yy_load_buffer_state()
-#endif
- {
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
- yyin = yy_current_buffer->yy_input_file;
- yy_hold_char = *yy_c_buf_p;
- }
-
-
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_create_buffer( FILE *file, int size )
-#else
-YY_BUFFER_STATE yy_create_buffer( file, size )
-FILE *file;
-int size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_buf_size = size;
-
- /* yy_ch_buf has to be 2 characters longer than the size given because
- * we need to put in 2 end-of-buffer characters.
- */
- b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 );
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_is_our_buffer = 1;
-
- yy_init_buffer( b, file );
-
- return b;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_delete_buffer( YY_BUFFER_STATE b )
-#else
-void yy_delete_buffer( b )
-YY_BUFFER_STATE b;
-#endif
- {
- if ( ! b )
- return;
-
- if ( b == yy_current_buffer )
- yy_current_buffer = (YY_BUFFER_STATE) 0;
-
- if ( b->yy_is_our_buffer )
- yy_flex_free( (void *) b->yy_ch_buf );
-
- yy_flex_free( (void *) b );
- }
-
-
-#ifndef YY_ALWAYS_INTERACTIVE
-#ifndef YY_NEVER_INTERACTIVE
-extern int isatty YY_PROTO(( int ));
-#endif
-#endif
-
-#ifdef YY_USE_PROTOS
-void yy_init_buffer( YY_BUFFER_STATE b, FILE *file )
-#else
-void yy_init_buffer( b, file )
-YY_BUFFER_STATE b;
-FILE *file;
-#endif
-
-
- {
- yy_flush_buffer( b );
-
- b->yy_input_file = file;
- b->yy_fill_buffer = 1;
-
-#if YY_ALWAYS_INTERACTIVE
- b->yy_is_interactive = 1;
-#else
-#if YY_NEVER_INTERACTIVE
- b->yy_is_interactive = 0;
-#else
- b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
-#endif
-#endif
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_flush_buffer( YY_BUFFER_STATE b )
-#else
-void yy_flush_buffer( b )
-YY_BUFFER_STATE b;
-#endif
-
- {
- if ( ! b )
- return;
-
- b->yy_n_chars = 0;
-
- /* We always need two end-of-buffer characters. The first causes
- * a transition to the end-of-buffer state. The second causes
- * a jam in that state.
- */
- b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
- b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
-
- b->yy_buf_pos = &b->yy_ch_buf[0];
-
- b->yy_at_bol = 1;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- if ( b == yy_current_buffer )
- yy_load_buffer_state();
- }
-
-
-#ifndef YY_NO_SCAN_BUFFER
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size )
-#else
-YY_BUFFER_STATE yy_scan_buffer( base, size )
-char *base;
-yy_size_t size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- if ( size < 2 ||
- base[size-2] != YY_END_OF_BUFFER_CHAR ||
- base[size-1] != YY_END_OF_BUFFER_CHAR )
- /* They forgot to leave room for the EOB's. */
- return 0;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
-
- b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
- b->yy_buf_pos = b->yy_ch_buf = base;
- b->yy_is_our_buffer = 0;
- b->yy_input_file = 0;
- b->yy_n_chars = b->yy_buf_size;
- b->yy_is_interactive = 0;
- b->yy_at_bol = 1;
- b->yy_fill_buffer = 0;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- yy_switch_to_buffer( b );
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_STRING
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str )
-#else
-YY_BUFFER_STATE yy_scan_string( yy_str )
-yyconst char *yy_str;
-#endif
- {
- int len;
- for ( len = 0; yy_str[len]; ++len )
- ;
-
- return yy_scan_bytes( yy_str, len );
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_BYTES
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len )
-#else
-YY_BUFFER_STATE yy_scan_bytes( bytes, len )
-yyconst char *bytes;
-int len;
-#endif
- {
- YY_BUFFER_STATE b;
- char *buf;
- yy_size_t n;
- int i;
-
- /* Get memory for full buffer, including space for trailing EOB's. */
- n = len + 2;
- buf = (char *) yy_flex_alloc( n );
- if ( ! buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
-
- for ( i = 0; i < len; ++i )
- buf[i] = bytes[i];
-
- buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
-
- b = yy_scan_buffer( buf, n );
- if ( ! b )
- YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
-
- /* It's okay to grow etc. this buffer, and we should throw it
- * away when we're done.
- */
- b->yy_is_our_buffer = 1;
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_PUSH_STATE
-#ifdef YY_USE_PROTOS
-static void yy_push_state( int new_state )
-#else
-static void yy_push_state( new_state )
-int new_state;
-#endif
- {
- if ( yy_start_stack_ptr >= yy_start_stack_depth )
- {
- yy_size_t new_size;
-
- yy_start_stack_depth += YY_START_STACK_INCR;
- new_size = yy_start_stack_depth * sizeof( int );
-
- if ( ! yy_start_stack )
- yy_start_stack = (int *) yy_flex_alloc( new_size );
-
- else
- yy_start_stack = (int *) yy_flex_realloc(
- (void *) yy_start_stack, new_size );
-
- if ( ! yy_start_stack )
- YY_FATAL_ERROR(
- "out of memory expanding start-condition stack" );
- }
-
- yy_start_stack[yy_start_stack_ptr++] = YY_START;
-
- BEGIN(new_state);
- }
-#endif
-
-
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state()
- {
- if ( --yy_start_stack_ptr < 0 )
- YY_FATAL_ERROR( "start-condition stack underflow" );
-
- BEGIN(yy_start_stack[yy_start_stack_ptr]);
- }
-#endif
-
-
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state()
- {
- return yy_start_stack[yy_start_stack_ptr - 1];
- }
-#endif
-
-#ifndef YY_EXIT_FAILURE
-#define YY_EXIT_FAILURE 2
-#endif
-
-#ifdef YY_USE_PROTOS
-static void yy_fatal_error( yyconst char msg[] )
-#else
-static void yy_fatal_error( msg )
-char msg[];
-#endif
- {
- (void) fprintf( stderr, "%s\n", msg );
- exit( YY_EXIT_FAILURE );
- }
-
-
-
-/* Redefine yyless() so it works in section 3 code. */
-
-#undef yyless
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- yytext[yyleng] = yy_hold_char; \
- yy_c_buf_p = yytext + n; \
- yy_hold_char = *yy_c_buf_p; \
- *yy_c_buf_p = '\0'; \
- yyleng = n; \
- } \
- while ( 0 )
-
-
-/* Internal utility routines. */
-
-#ifndef yytext_ptr
-#ifdef YY_USE_PROTOS
-static void yy_flex_strncpy( char *s1, yyconst char *s2, int n )
-#else
-static void yy_flex_strncpy( s1, s2, n )
-char *s1;
-yyconst char *s2;
-int n;
-#endif
- {
- register int i;
- for ( i = 0; i < n; ++i )
- s1[i] = s2[i];
- }
-#endif
-
-#ifdef YY_NEED_STRLEN
-#ifdef YY_USE_PROTOS
-static int yy_flex_strlen( yyconst char *s )
-#else
-static int yy_flex_strlen( s )
-yyconst char *s;
-#endif
- {
- register int n;
- for ( n = 0; s[n]; ++n )
- ;
-
- return n;
- }
-#endif
-
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_alloc( yy_size_t size )
-#else
-static void *yy_flex_alloc( size )
-yy_size_t size;
-#endif
- {
- return (void *) malloc( size );
- }
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_realloc( void *ptr, yy_size_t size )
-#else
-static void *yy_flex_realloc( ptr, size )
-void *ptr;
-yy_size_t size;
-#endif
- {
- /* The cast to (char *) in the following accommodates both
- * implementations that use char* generic pointers, and those
- * that use void* generic pointers. It works with the latter
- * because both ANSI C and C++ allow castless assignment from
- * any pointer type to void*, and deal with argument conversions
- * as though doing an assignment.
- */
- return (void *) realloc( (char *) ptr, size );
- }
-
-#ifdef YY_USE_PROTOS
-static void yy_flex_free( void *ptr )
-#else
-static void yy_flex_free( ptr )
-void *ptr;
-#endif
- {
- free( ptr );
- }
-
-#if YY_MAIN
-int main()
- {
- yylex();
- return 0;
- }
-#endif
-#line 81 "installparse.l"
-
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn
deleted file mode 100644
index 31ebcf68cd..0000000000
--- a/security/nss/cmd/modutil/manifest.mn
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-MODULE = sectools
-
-EXPORTS =
-
-CSRCS = modutil.c \
- pk11.c \
- instsec.c \
- install.c \
- installparse.c \
- install-ds.c \
- lex.Pk11Install_yy.c \
- $(NULL)
-
-CPPSRCS =
-
-PROGRAM = modutil
-
-REQUIRES = seccmd nss dbm
-
-DEFINES = -DNSPR20
-
-# sigh
-#INCLUDES += -I$(CORE_DEPTH)/nss/lib/pk11wrap
-
-# USE_STATIC_LIBS = 1
-
-EXTRA_LIBS = $(JAR_LIBS)
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
deleted file mode 100644
index d277fea05f..0000000000
--- a/security/nss/cmd/modutil/modutil.c
+++ /dev/null
@@ -1,973 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* To edit this file, set TABSTOPS to 4 spaces.
- * This is not the normal NSS convention.
- */
-
-#include "modutil.h"
-#include "install.h"
-#include
-#include "certdb.h" /* for CERT_DB_FILE_VERSION */
-#include "nss.h"
-
-static void install_error(char *message);
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-static char *progName;
-
-
-/* This enum must be kept in sync with the commandNames list */
-typedef enum {
- NO_COMMAND,
- ADD_COMMAND,
- CHANGEPW_COMMAND,
- CREATE_COMMAND,
- DEFAULT_COMMAND,
- DELETE_COMMAND,
- DISABLE_COMMAND,
- ENABLE_COMMAND,
- FIPS_COMMAND,
- JAR_COMMAND,
- LIST_COMMAND,
- RAW_LIST_COMMAND,
- RAW_ADD_COMMAND,
- CHKFIPS_COMMAND,
- UNDEFAULT_COMMAND
-} Command;
-
-/* This list must be kept in sync with the Command enum */
-static char *commandNames[] = {
- "(no command)",
- "-add",
- "-changepw",
- "-create",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-jar",
- "-list",
- "-rawlist",
- "-rawadd",
- "-chkfips",
- "-undefault"
-};
-
-
-/* this enum must be kept in sync with the optionStrings list */
-typedef enum {
- ADD_ARG=0,
- RAW_ADD_ARG,
- CHANGEPW_ARG,
- CIPHERS_ARG,
- CREATE_ARG,
- DBDIR_ARG,
- DBPREFIX_ARG,
- DEFAULT_ARG,
- DELETE_ARG,
- DISABLE_ARG,
- ENABLE_ARG,
- FIPS_ARG,
- FORCE_ARG,
- JAR_ARG,
- LIBFILE_ARG,
- LIST_ARG,
- RAW_LIST_ARG,
- MECHANISMS_ARG,
- NEWPWFILE_ARG,
- PWFILE_ARG,
- SLOT_ARG,
- UNDEFAULT_ARG,
- INSTALLDIR_ARG,
- TEMPDIR_ARG,
- SECMOD_ARG,
- NOCERTDB_ARG,
- STRING_ARG,
- CHKFIPS_ARG,
-
- NUM_ARGS /* must be last */
-} Arg;
-
-/* This list must be kept in sync with the Arg enum */
-static char *optionStrings[] = {
- "-add",
- "-rawadd",
- "-changepw",
- "-ciphers",
- "-create",
- "-dbdir",
- "-dbprefix",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-force",
- "-jar",
- "-libfile",
- "-list",
- "-rawlist",
- "-mechanisms",
- "-newpwfile",
- "-pwfile",
- "-slot",
- "-undefault",
- "-installdir",
- "-tempdir",
- "-secmod",
- "-nocertdb",
- "-string",
- "-chkfips",
-};
-
-/* Increment i if doing so would have i still be less than j. If you
- are able to do this, return 0. Otherwise return 1. */
-#define TRY_INC(i,j) ( ((i+1)
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-
-#include
-
-#include "error.h"
-
-Error FipsMode(char *arg);
-Error ChkFipsMode(char *arg);
-Error AddModule(char *moduleName, char *libFile, char *ciphers,
- char *mechanisms, char* modparms);
-Error DeleteModule(char *moduleName);
-Error ListModule(char *moduleName);
-Error ListModules();
-Error ChangePW(char *tokenName, char *pwFile, char *newpwFile);
-Error EnableModule(char *moduleName, char *slotName, PRBool enable);
-Error RawAddModule(char *dbmodulespec, char *modulespec);
-Error RawListModule(char *modulespec);
-Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-void out_of_memory(void);
-
-#endif /*MODUTIL_H*/
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
deleted file mode 100644
index 365301440a..0000000000
--- a/security/nss/cmd/modutil/pk11.c
+++ /dev/null
@@ -1,949 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/* To edit this file, set TABSTOPS to 4 spaces.
- * This is not the normal NSS convention.
- */
-
-#include "modutil.h"
-/* #include "secmodti.h" */
-#include "pk11func.h"
-
-static PK11DefaultArrayEntry *pk11_DefaultArray = NULL;
-static int pk11_DefaultArraySize = 0;
-
-/*************************************************************************
- *
- * F i p s M o d e
- * If arg=="true", enable FIPS mode on the internal module. If arg=="false",
- * disable FIPS mode on the internal module.
- */
-Error
-FipsMode(char *arg)
-{
- char *internal_name;
-
- if(!PORT_Strcasecmp(arg, "true")) {
- if(!PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (!PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
- return FIPS_ALREADY_ON_ERR;
- }
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_fprintf(PR_STDERR, "%s\n", SECU_Strerror(PORT_GetError()));
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
- return FIPS_ALREADY_OFF_ERR;
- }
- } else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
-
- return SUCCESS;
-}
-
-/*************************************************************************
- *
- * C h k F i p s M o d e
- * If arg=="true", verify FIPS mode is enabled on the internal module.
- * If arg=="false", verify FIPS mode is disabled on the internal module.
- */
-Error
-ChkFipsMode(char *arg)
-{
- if(!PORT_Strcasecmp(arg, "true")) {
- if (PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
-
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(!PK11_IsFIPS()) {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- } else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
-
- return SUCCESS;
-}
-
-/************************************************************************
- * Cipher and Mechanism name-bitmask translation tables
- */
-
-typedef struct {
- char *name;
- unsigned long mask;
-} MaskString;
-
-static MaskString mechanismStrings[] = {
- {"RSA", PUBLIC_MECH_RSA_FLAG},
- {"DSA", PUBLIC_MECH_DSA_FLAG},
- {"RC2", PUBLIC_MECH_RC2_FLAG},
- {"RC4", PUBLIC_MECH_RC4_FLAG},
- {"RC5", PUBLIC_MECH_RC5_FLAG},
- {"DES", PUBLIC_MECH_DES_FLAG},
- {"DH", PUBLIC_MECH_DH_FLAG},
- {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG},
- {"SHA1", PUBLIC_MECH_SHA1_FLAG},
- {"MD5", PUBLIC_MECH_MD5_FLAG},
- {"MD2", PUBLIC_MECH_MD2_FLAG},
- {"SSL", PUBLIC_MECH_SSL_FLAG},
- {"TLS", PUBLIC_MECH_TLS_FLAG},
- {"RANDOM", PUBLIC_MECH_RANDOM_FLAG},
- {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG}
-};
-static int numMechanismStrings =
- sizeof(mechanismStrings) / sizeof(mechanismStrings[0]);
-
-static MaskString cipherStrings[] = {
- {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
-};
-static int numCipherStrings =
- sizeof(cipherStrings) / sizeof(cipherStrings[0]);
-
-/* Maximum length of a colon-separated list of all the strings in an
- * array. */
-#define MAX_STRING_LIST_LEN 240 /* or less */
-
-/************************************************************************
- *
- * g e t F l a g s F r o m S t r i n g
- *
- * Parses a mechanism list passed on the command line and converts it
- * to an unsigned long bitmask.
- * string is a colon-separated string of constants
- * array is an array of MaskStrings.
- * elements is the number of elements in array.
- */
-static unsigned long
-getFlagsFromString(char *string, MaskString array[], int elements)
-{
- unsigned long ret = 0;
- short i = 0;
- char *cp;
- char *buf;
- char *end;
-
- if(!string || !string[0]) {
- return ret;
- }
-
- /* Make a temporary copy of the string */
- buf = PR_Malloc(strlen(string)+1);
- if(!buf) {
- out_of_memory();
- }
- strcpy(buf, string);
-
- /* Look at each element of the list passed in */
- for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) {
- /* Look at the string up to the next colon */
- end = strchr(cp, ':');
- if(end) {
- *end = '\0';
- }
-
- /* Find which element this is */
- for(i=0; i < elements; i++) {
- if( !PORT_Strcasecmp(cp, array[i].name) ) {
- break;
- }
- }
- if(i == elements) {
- /* Skip a bogus string, but print a warning message */
- PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
- continue;
- }
- ret |= array[i].mask;
- }
-
- PR_Free(buf);
- return ret;
-}
-
-/**********************************************************************
- *
- * g e t S t r i n g F r o m F l a g s
- *
- * The return string's memory is owned by this function. Copy it
- * if you need it permanently or you want to change it.
- */
-static char *
-getStringFromFlags(unsigned long flags, MaskString array[], int elements)
-{
- static char buf[MAX_STRING_LIST_LEN];
- int i;
- int count=0;
-
- buf[0] = '\0';
- for(i=0; iloaded ? module->slotCount : 0;
- int i;
-
- if ((*count)++) {
- PR_fprintf(PR_STDOUT,"\n");
- }
- PR_fprintf(PR_STDOUT, "%3d. %s\n", *count, module->commonName);
-
- if (module->dllName) {
- PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", module->dllName);
- }
-
- if (slotCount == 0) {
- PR_fprintf(PR_STDOUT,
- "\t slots: There are no slots attached to this module\n");
- } else {
- PR_fprintf(PR_STDOUT, "\t slots: %d slot%s attached\n",
- slotCount, (slotCount==1 ? "" : "s") );
- }
-
- if (module->loaded == 0) {
- PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
- } else {
- PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
- }
-
- /* Print slot and token names */
- for (i = 0; i < slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
-
- PR_fprintf(PR_STDOUT, "\n");
- PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
- }
- return;
-}
-
-/************************************************************************
- *
- * L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-ListModules()
-{
- SECMODListLock *lock;
- SECMODModuleList *list;
- SECMODModuleList *deadlist;
- SECMODModuleList *mlp;
- Error ret=UNSPECIFIED_ERR;
- int count = 0;
-
- lock = SECMOD_GetDefaultModuleListLock();
- if(!lock) {
- PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
- return NO_LIST_LOCK_ERR;
- }
-
- SECMOD_GetReadLock(lock);
-
- list = SECMOD_GetDefaultModuleList();
- deadlist = SECMOD_GetDeadModuleList();
- if (!list && !deadlist) {
- PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
- ret = NO_MODULE_LIST_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT,
- "\nListing of PKCS #11 Modules\n"
- "-----------------------------------------------------------\n");
-
- for(mlp=list; mlp != NULL; mlp = mlp->next) {
- printModule(mlp->module, &count);
- }
- for (mlp=deadlist; mlp != NULL; mlp = mlp->next) {
- printModule(mlp->module, &count);
- }
-
-
- PR_fprintf(PR_STDOUT,
- "-----------------------------------------------------------\n");
-
- ret = SUCCESS;
-
-loser:
- SECMOD_ReleaseReadLock(lock);
- return ret;
-}
-
-/* Strings describing PK11DisableReasons */
-static char *disableReasonStr[] = {
- "no reason",
- "user disabled",
- "could not initialize token",
- "could not verify token",
- "token not present"
-};
-static int numDisableReasonStr =
- sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
-
-/***********************************************************************
- *
- * L i s t M o d u l e
- *
- * Lists detailed information about the named module.
- */
-Error
-ListModule(char *moduleName)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int slotnum;
- CK_INFO modinfo;
- CK_SLOT_INFO slotinfo;
- CK_TOKEN_INFO tokeninfo;
- char *ciphers, *mechanisms;
- PK11DisableReasons reason;
- Error rv = SUCCESS;
-
- if(!moduleName) {
- return SUCCESS;
- }
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- if ((module->loaded) &&
- (PK11_GetModInfo(module, &modinfo) != SECSuccess)) {
- PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
- return MOD_INFO_ERR;
- }
-
- /* Module info */
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
- if(module->internal || !module->dllName) {
- PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
- } else {
- PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
- }
-
- if (module->loaded) {
- PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
- PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
- modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
- modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
- } else {
- PR_fprintf(PR_STDOUT, "* Module not loaded\n");
- }
- /* Get cipher and mechanism flags */
- ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
- numCipherStrings);
- if(ciphers[0] == '\0') {
- ciphers = "None";
- }
- PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
- mechanisms = NULL;
- if (module->slotCount > 0) {
- mechanisms = getStringFromFlags(
- PK11_GetDefaultFlags(module->slots[0]),
- mechanismStrings, numMechanismStrings);
- }
- if ((mechanisms==NULL) || (mechanisms[0] =='\0')) {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
-
-#define PAD " "
-
- /* Loop over each slot */
- for (slotnum=0; slotnum < module->slotCount; slotnum++) {
- slot = module->slots[slotnum];
- if (PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
- PK11_GetSlotName(slot));
- rv = SLOT_INFO_ERR;
- continue;
- }
-
- /* Slot Info */
- PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot));
- mechanisms = getStringFromFlags(PK11_GetDefaultFlags(slot),
- mechanismStrings, numMechanismStrings);
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms);
- PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n",
- slotinfo.manufacturerID);
- if (PK11_IsHW(slot)) {
- PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Type: Software\n");
- }
- PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n",
- slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n",
- slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
- if (PK11_IsDisabled(slot)) {
- reason = PK11_GetDisabledReason(slot);
- if(reason < numDisableReasonStr) {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n",
- disableReasonStr[reason]);
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n");
- }
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n");
- }
-
- if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
- PK11_GetTokenName(slot));
- rv = TOKEN_INFO_ERR;
- continue;
- }
-
- /* Token Info */
- PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n",
- tokeninfo.label);
- PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n",
- tokeninfo.manufacturerID);
- PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model);
- PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n",
- tokeninfo.serialNumber);
- PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n",
- tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n",
- tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
- if(tokeninfo.flags & CKF_WRITE_PROTECTED) {
- PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n");
- }
- if(tokeninfo.flags & CKF_LOGIN_REQUIRED) {
- PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD
- "Login Type: Public (no login required)\n");
- }
- if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
- PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n");
- }
- }
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- return rv;
-}
-
-/************************************************************************
- *
- * C h a n g e P W
- */
-Error
-ChangePW(char *tokenName, char *pwFile, char *newpwFile)
-{
- char *oldpw=NULL, *newpw=NULL, *newpw2=NULL;
- PK11SlotInfo *slot;
- Error ret=UNSPECIFIED_ERR;
- PRBool matching;
-
- slot = PK11_FindSlotByName(tokenName);
- if(!slot) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
- return NO_SUCH_TOKEN_ERR;
- }
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* Get old password */
- if(! PK11_NeedUserInit(slot)) {
- if(pwFile) {
- oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
- if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
- ret=BAD_PW_ERR;
- goto loser;
- }
- } else {
- for(matching=PR_FALSE; !matching; ) {
- oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
- if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
- matching = PR_TRUE;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
- }
- }
- }
- }
-
- /* Get new password */
- if(newpwFile) {
- newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
- } else {
- for(matching=PR_FALSE; !matching; ) {
- newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
- newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
- if(strcmp(newpw, newpw2)) {
- PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
- } else {
- matching = PR_TRUE;
- }
- }
- }
-
- /* Change the password */
- if(PK11_NeedUserInit(slot)) {
- if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- } else {
- if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
- ret = SUCCESS;
-
-loser:
- if(oldpw) {
- memset(oldpw, 0, strlen(oldpw));
- PORT_Free(oldpw);
- }
- if(newpw) {
- memset(newpw, 0, strlen(newpw));
- PORT_Free(newpw);
- }
- if(newpw2) {
- memset(newpw2, 0, strlen(newpw));
- PORT_Free(newpw2);
- }
- return ret;
-}
-
-/***********************************************************************
- *
- * E n a b l e M o d u l e
- *
- * If enable==PR_TRUE, enables the module or slot.
- * If enable==PR_FALSE, disables the module or slot.
- * moduleName is the name of the module.
- * slotName is the name of the slot. It is optional.
- */
-Error
-EnableModule(char *moduleName, char *slotName, PRBool enable)
-{
- int i;
- SECMODModule *module;
- PK11SlotInfo *slot = NULL;
- PRBool found = PR_FALSE;
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(i=0; i < module->slotCount; i++) {
- slot = module->slots[i];
- if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
- /* Not the right slot */
- continue;
- }
- if(enable) {
- if(! PK11_UserEnableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "enable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "enabled");
- }
- } else {
- if(! PK11_UserDisableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "disable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "disabled");
- }
- }
- }
-
- if(slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
- return UPDATE_MOD_FAILED_ERR;
- }
-
- return SUCCESS;
-}
-
-/*************************************************************************
- *
- * S e t D e f a u l t M o d u l e
- *
- */
-Error
-SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
- numMechanismStrings);
- PRBool found = PR_FALSE;
- Error errcode = UNSPECIFIED_ERR;
-
- if (pk11_DefaultArray == NULL) {
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
- if (pk11_DefaultArray == NULL) {
- /* should assert. This shouldn't happen */
- goto loser;
- }
- }
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- errcode = NO_SUCH_MODULE_ERR;
- goto loser;
- }
-
- /* Go through each slot */
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
-
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
-
- found = PR_TRUE;
-
- /* Go through each mechanism */
- for(i=0; i < pk11_DefaultArraySize; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- /* Enable this default mechanism */
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_TRUE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- errcode = NO_SUCH_SLOT_ERR;
- goto loser;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
- moduleName);
- errcode = DEFAULT_FAILED_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
-
- errcode = SUCCESS;
-loser:
- return errcode;
-}
-
-/************************************************************************
- *
- * U n s e t D e f a u l t M o d u l e
- */
-Error
-UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule * module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms,
- mechanismStrings, numMechanismStrings);
- PRBool found = PR_FALSE;
-
- if (pk11_DefaultArray == NULL) {
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
- if (pk11_DefaultArray == NULL) {
- /* should assert. This shouldn't happen */
- return UNSPECIFIED_ERR;
- }
- }
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
- for(i=0; i < pk11_DefaultArraySize ; i++) {
- if(pk11_DefaultArray[i].flag & mechFlags) {
- PK11_UpdateSlotAttribute(slot, &(pk11_DefaultArray[i]),
- PR_FALSE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
- moduleName);
- return UNDEFAULT_FAILED_ERR;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
- return SUCCESS;
-}
diff --git a/security/nss/cmd/modutil/pk11jar.html b/security/nss/cmd/modutil/pk11jar.html
deleted file mode 100644
index ddc6c6e132..0000000000
--- a/security/nss/cmd/modutil/pk11jar.html
+++ /dev/null
@@ -1,312 +0,0 @@
-
-
-
-PKCS #11 JAR Format
-
-
-
PKCS #11 JAR Format
-
-
PKCS #11 modules can be packaged into JAR files that support automatic
-installation onto the filesystem and into the security module database.
-The JAR file should contain:
-
-
All files that will be installed onto the target machine. This will
-include at least the PKCS #11 module library file (.DLL or .so), and
-may also include any other file that should be installed (such as
-documentation).
-
A script to perform the installation.
-
-The script can be in one of two forms. If the JAR file is to be
-run by Communicator (or any program that interprets Javascript), the
-instructions will be in the form of a SmartUpdate script.
-Documentation
- on creating this script can be found on DevEdge.
-
-
If the
-JAR file is to be run by a server, modutil, or any other program that
-doesn't interpret Javascript, a special information file must be included
-in the format described in this document.
-
-
Declaring the Script in the Manifest File
-The script can have any name, but it must be declared in the manifest file
-of the JAR archive. The metainfo tag for this is
-Pkcs11_install_script. Meta-information is put in the manifest
-file by putting it in a file which is passed to
-Signtool. For example,
-suppose the PKCS #11 installer script is in the file pk11install.
-In Signtool's metainfo file, you would have a line like this:
-
---> valuelist
-
-valuelist --> valuevaluelist
-<null>
-
-value --> key_value_pair
-string
-
-key_value_pair --> key { valuelist }
-
-key --> string
-
-string --> simple_string
- "complex_string"
-
-simple_string --> [^ \t\n\""{""}"]+ (no whitespace, quotes, or braces)
-
-complex_string --> ([^\"\\\r\n]|(\\\")|(\\\\))+ (quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)
-
-Outside of complex strings, all whitespace (space, tab, newline) is considered
-equal and is used only to delimit tokens.
-
-
-
-
Keys
-Keys are case-insensitive.
-
Global Keys
-
-
ForwardCompatible
-
Gives a list of platforms that are forward compatible. If the current
-platform cannot be found in the list of supported platforms, then the
-ForwardCompatible list will be checked for any platforms that have the same
-OS and architecture and an earlier version. If one is found, its
-attributes will be used for the current platform.
-
Platforms (required)
-
Gives a list of platforms. Each entry in the list is itself a key-value
-pair:
-the key is the name of the platform, and the valuelist contains various
-attributes of the platform. The ModuleName, ModuleFile, and Files attributes
-must be specified, unless an EquivalentPlatform attribute is specified.
-The platform string is in the following
-format: system name:os release:architecture. The installer
-will obtain these values from NSPR. os release is an empty
-string on non-UNIX operating systems. The following system names and platforms
-are currently defined by NSPR:
-
-
AIX (rs6000)
-
BSDI (x86)
-
FREEBSD (x86)
-
HPUX (hppa1.1)
-
IRIX (mips)
-
LINUX (ppc, alpha, x86)
-
MacOS (PowerPC)
(Note: NSPR actually defines the OS as
-"Mac OS". The
-space makes the name unsuitable for being embedded in identifiers. Until
-NSPR changes, you will have to add some special code to deal with this case.
-)
-
NCR (x86)
-
NEC (mips)
-
OS2 (x86)
-
OSF (alpha)
-
ReliantUNIX (mips)
-
SCO (x86)
-
SOLARIS (sparc)
-
SONY (mips)
-
SUNOS (sparc)
-
UnixWare (x86)
-
WIN16 (x86)
-
WIN95 (x86)
-
WINNT (x86)
-
-
-Examples of valid platform strings: IRIX:6.2:mips, Solaris:5.5.1:sparc,
-Linux:2.0.32:x86, WIN95::x86.
-
-
-
Per-Platform Keys
-These keys only have meaning within the value list of an entry in
-the Platforms list.
-
-
ModuleName (required)
-
Gives the common name for the module. This name will be used to
-reference the module from Communicator, modutil, servers, or any other
-program that uses the Netscape security module database.
-
ModuleFile (required)
-
Names the PKCS #11 module file (DLL or .so) for this platform. The name
-is given as the relative path of the file within the JAR archive.
-
Files (required)
-
Lists the files that should be installed for this module. Each entry
-in the file list is a key-value pair: the key is the path of the file in
-the JAR archive, and
-the valuelist contains attributes of the file. At least RelativePath and
-AbsoluteDir must be specified in this valuelist.
-
DefaultMechanismFlags
-
This key-value pair specifies
-of which mechanisms this module will be a default provider. It is a bitstring
-specified in hexadecimal (0x) format. It is constructed as a bitwise OR
-of the following constants. If the DefaultMechanismFlags
-entry is omitted, the value will default to 0x0.
-
This key-value pair specifies
-which SSL ciphers will be enabled. It is a bitstring specified in
-hexadecimal (0x) format. It is constructed as a bitwise OR of the following
-constants. If the CipherEnableFlags entry is omitted, the
-value will default to 0x0.
-
-FORTEZZA: 0x0000 0001
-
-
EquivalentPlatform
-
Specifies that the attributes of the named platform should also be used
-for the current platform. Saves typing when there is more than one platform
-that uses the same settings.
-
-
-
Per-File Keys
-These keys only have meaning within the valuelist of an entry in a
-Files list. At least one of RelativePath and
-AbsolutePath must be specified. If both are specified, the
-relative path will be tried first and the absolute path used only if no
-relative root directory is provided by the installer program.
-
-
RelativePath
-
Specifies the destination directory of the file, relative to some directory
-decided at install-time. Two variables can be used in the relative
-path, "%root%" and "%temp%". "%root%" will be replaced at run-time with
-the directory relative to which files should be installed; for
-example, it may be the server's root directory or Communicator's root
-directory. "%temp%" is a directory that will be created at the beginning
-of the installation and destroyed at the end of the installation. Its purpose
-is to hold executable files (such as setup programs), or files that are
-used by these programs. For example, a Windows installation might consist
-of a setup.exe installation program, a help file, and a .cab file
-containing compressed information. All these files could be installed into the
-temporary directory. Files destined for the temporary directory are guaranteed
-to be in place before any executable file is run, and will not be deleted
-until all executable files have finished.
-
AbsoluteDir
-
Specifies the destination directory of the file as an absolute path.
-This will only be used if the installer is unable to determine a
-relative directory.
-
Executable
-
This string specifies that the file is to be executed during the
-course of the
-installation. Typically this would be used for a setup program provided
-by a module vendor, such as a self-extracting setup.exe.
-More than one file can be specified as executable, in which case they will
-be run in the order they are specified in the script file.
-
FilePermissions
-
This string is interpreted as a string of octal digits, according to the
-standard UNIX format. It is a bitwise OR of the following constants:
-
-Some platforms may not understand these permissions. They will only be
-applied insofar as makes sense for the current platform. If this attribute
-is omitted, a default of 777 is assumed.
-
-
-
diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk
deleted file mode 100644
index 75eab4c9e7..0000000000
--- a/security/nss/cmd/modutil/rules.mk
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#
-# Some versions of yacc generate files that include platform-specific
-# system headers. For example, the yacc in Solaris 2.6 inserts
-# #include
-# which does not exist on NT. For portability, always use Berkeley
-# yacc (such as the yacc in Linux) to generate files.
-#
-
-generate: installparse.c installparse.l
-
-installparse.c:
- yacc -p Pk11Install_yy -d installparse.y
- mv y.tab.c installparse.c
- mv y.tab.h installparse.h
-
-installparse.l:
- lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l
- @echo
- @echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**"
-
-install.c: install-ds.h install.h
diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html
deleted file mode 100644
index 9ab09627df..0000000000
--- a/security/nss/cmd/modutil/specification.html
+++ /dev/null
@@ -1,354 +0,0 @@
-
-
-
-Modutil Specification
-
-
-
Adds a new module to the database with the given name.
-
-
library file is the path of the DLL or other library file
-containing the module's implementation of the PKCS #11 interface.
-
-
cipher enable flags is a colon-separated list of ciphers
-that will be enabled on this module. The list should be enclosed within quotes
-if necessary to prevent shell interpretation. The following ciphers are
-currently available:
-
-
FORTEZZA
-
-
-
default mechanism flags is a colon-separated list of
-mechanisms for which this module should be the default provider. The
-list should be enclosed within quotes if necessary to prevent shell
-interpretation. This
-list does not enable the mechanisms; it only specifies that this module
-will be a default provider for the listed mechanisms. If more than
-one module claims to be a default provider for a given mechanism, it is
-undefined which will actually be chosen to provide that mechanism. The
-following mechanisms are currently available:
-
-
RSA
-
DSA
-
RC2
-
RC4
-
RC5
-
DES
-
DH
-
FORTEZZA
-
SHA1
-
MD5
-
MD2
-
RANDOM (random number generation)
-
FRIENDLY (certificates are publicly-readable)
-
-
-
-
-
-
-
-changepw token name
-[-pwfile old password file]
-[-newpwfile new password file]
-
Changes the password on the named token. If the token has not been
-initialized, this command will initialize the PIN.
-If a password file is given, the password will be read from that file;
-otherwise, the password will be obtained interactively.
-Storing passwords in a file is much less secure than supplying them
-interactively.
-
The password on the Netscape internal module cannot be changed if
-the -nocertdb option is specified.
-
-
-
-
-
-
-create
-
Creates a new secmod[ule].db, key3.db, and cert7.db in the directory
-specified with the
--dbdir option, if one is specified. If no directory is
-specified, UNIX systems will use the user's .netscape directory, while other
-systems will return with an error message. If any of these databases already
-exist in the chosen directory, an error message is returned.
-
If used with -nocertdb, only secmod[ule].db will be created;
-cert7.db and key3.db will not be created.
-
-
-
-
-
-
-default module name
--mechanisms mechanism list
-
-
Specifies that the given module will be a default provider of the
-listed mechanisms. The mechanism list is the same as in the -add
-command.
-
-
-
-
-
-
-delete module name
-
Deletes the named module from the database
-
-
-
-
-
-disable module name
-[-slot slot name]
-
Disables the named slot. If no slot is specified, all slots on
-the module are disabled.
-
-
-
-
-
-enable module name
-[-slot slot name]
-
Enables the named slot. If no slot is specified, all slots on
-the module are enabled.
-
-
-
-
-
-fips [true | false]
-
Enables or disables FIPS mode on the internal module. Passing
-true enables FIPS mode, passing false disables
-FIPS mode.
-
-
-
-
-
-force
-
Disables interactive prompts, so modutil can be run in a script.
-Should only be used by experts, since the prompts may relate to security
-or database integrity. Before using this option, test the command
-interactively once to see the warnings that are produced.
-
-
-
-
-
-jar JAR file
--installdir root installation directory
-[-tempdir temporary directory]
-
Adds a new module from the given JAR file. The JAR file uses the
-server PKCS #11 JAR format to describe the names of
-any files that need to be installed, the name of the module, mechanism flags,
-and cipher flags. The root installation directory
-is the directory relative to which files will be installed. This should be a
- directory
-under which it would be natural to store dynamic library files, such as
-a server's root directory, or Communicator's root directory.
-The temporary directory is where temporary modutil files
-will be created in the course of the installation. If no temporary directory
-is specified, the current directory will be used.
-
If used with the -nocertdb option, the signatures on the JAR
-file will not be checked.
-
-
-
-
-
-list [module name]
-
Without an argument, lists the PKCS #11 modules present in the module
-database.
-
-undefault module name
--mechanisms mechanism list
-
Specifies that the given module will NOT be a default provider of
-the listed mechanisms. This command clears the default mechanism flags
-for the given module.
-
-
-
-
-
-
-
-
Options:
-
-
Option
Description
-
-
-
-
-dbdir directory
-
Specifies which directory holds the module database. On UNIX systems,
-the user's netscape directory is the default. On other systems, there is
-no default, and this option must be used.
-
-
-
-
-
-nocertdb
-
Do not open the certificate or key databases. This has several effects.
-With the -create command, this means that only a secmod.db file
-will be created; cert7.db and key3.db will not be created. With the
--jar command, signatures on the JAR file will not be checked.
-With the -changepw command, the password on the Netscape internal
-module cannot be set or changed, since this password is stored in key3.db.
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile
deleted file mode 100644
index 4d209348e1..0000000000
--- a/security/nss/cmd/ocspclnt/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn
deleted file mode 100644
index 158d0a5e80..0000000000
--- a/security/nss/cmd/ocspclnt/manifest.mn
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = nss
-
-CSRCS = \
- ocspclnt.c \
- $(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = ocspclnt
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c
deleted file mode 100644
index 0b0ccaccc9..0000000000
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ /dev/null
@@ -1,1225 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is
- * Netscape Communications Corporation.
- * Portions created by the Initial Developer are Copyright (C) 1994-2000
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-/*
- * Test program for client-side OCSP.
- *
- * $Id$
- */
-
-#include "secutil.h"
-#include "nspr.h"
-#include "plgetopt.h"
-#include "nss.h"
-#include "cert.h"
-#include "ocsp.h"
-#include "xconst.h" /*
- * XXX internal header file; needed to get at
- * cert_DecodeAuthInfoAccessExtension -- would be
- * nice to not need this, but that would require
- * better/different APIs.
- */
-
-#ifndef NO_PP /*
- * Compile with this every once in a while to be
- * sure that no dependencies on it get added
- * outside of the pretty-printing routines.
- */
-#include "ocspti.h" /* internals for pretty-printing routines *only* */
-#endif /* NO_PP */
-
-#define DEFAULT_DB_DIR "~/.netscape"
-
-
-static void
-synopsis (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr,
- "\t%s -p [-d ]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -P [-d ]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -r [-L] [-s ] [-d ]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -R [-l ] [-s ] [-d ]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -S [-l -t ]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t\t [-s ] [-w