wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 486182, Land NSS 3.12.3 final in mozilla-central

Browse Source 
r=nelson
This commit is contained in:
Kai Engert 2009-04-07 03:36:45 +02:00
parent f8f4cd0699
commit 2b43284096
457 changed files with 22999 additions and 2980 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
dbm/include/watcomfx.h
View File

@ -1,26 +0,0 @@
#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
#ifndef __WATCOM_FIX_H__
#define __WATCOM_FIX_H__ 1
/*
* WATCOM's C compiler doesn't default to "__cdecl" conventions for external
* symbols and functions. Rather than adding an explicit __cdecl modifier to
* every external symbol and function declaration and definition, we use the
* following pragma to (attempt to) change WATCOM c's default to __cdecl.
* These pragmas were taken from pages 180-181, 266 & 269 of the
* Watcom C/C++ version 11 User's Guide, 3rd edition.
*/
#if defined(XP_WIN16) || defined(WIN16)
#pragma aux default "_*" \
parm caller [] \
value struct float struct routine [ax] \
modify [ax bx cx dx es]
#else
#pragma aux default "_*" \
parm caller [] \
value struct float struct routine [eax] \
modify [eax ecx edx]
#endif
#pragma aux default far
#endif /* once */
#endif /* WATCOM compiler */

2
dbm/src/db.c
View File

@ -33,8 +33,6 @@
static char sccsid[] = "@(#)db.c 8.4 (Berkeley) 2/21/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#ifndef __DBINTERFACE_PRIVATE
#define __DBINTERFACE_PRIVATE
#endif

2
dbm/src/h_bigkey.c
View File

@ -36,8 +36,6 @@
static char sccsid[] = "@(#)hash_bigkey.c 8.3 (Berkeley) 5/31/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
/*
* PACKAGE: hash
* DESCRIPTION:

2
dbm/src/h_func.c
View File

@ -36,8 +36,6 @@
static char sccsid[] = "@(#)hash_func.c 8.2 (Berkeley) 2/21/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#ifndef macintosh
#include <sys/types.h>
#endif

2
dbm/src/h_log2.c
View File

@ -36,8 +36,6 @@
static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#include <stdio.h>
#ifndef macintosh
#include <sys/types.h>

2
dbm/src/h_page.c
View File

@ -43,8 +43,6 @@ extern long new_lseek(int fd, long pos, int start);
static char sccsid[] = "@(#)hash_page.c 8.7 (Berkeley) 8/16/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
/*
* PACKAGE: hashing
*

2
dbm/src/hash.c
View File

@ -36,8 +36,6 @@
static char sccsid[] = "@(#)hash.c 8.9 (Berkeley) 6/16/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#if !defined(_WIN32) && !defined(_WINDOWS) && !defined(macintosh)
#include <sys/param.h>
#endif

2
dbm/src/hash_buf.c
View File

@ -36,8 +36,6 @@
static char sccsid[] = "@(#)hash_buf.c 8.5 (Berkeley) 7/15/94";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
/*
* PACKAGE: hash
*

2
dbm/src/memmove.c
View File

@ -37,8 +37,6 @@
static char sccsid[] = "@(#)bcopy.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#ifdef HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#else

2
dbm/src/mktemp.c
View File

@ -33,8 +33,6 @@
static char sccsid[] = "@(#)mktemp.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#ifdef macintosh
#include <unix.h>
#else

1
dbm/src/snprintf.c
View File

@ -1,6 +1,5 @@
#ifndef HAVE_SNPRINTF
#include "watcomfx.h"
#include <sys/types.h>
#include <stddef.h>
#include <stdio.h>

2
dbm/src/strerror.c
View File

@ -33,8 +33,6 @@
static char sccsid[] = "@(#)strerror.c 8.1 (Berkeley) 6/4/93";
#endif /* LIBC_SCCS and not lint */
#include "watcomfx.h"
#include <string.h>
#ifdef _DLL

4
security/coreconf/Darwin.mk
View File

@ -50,7 +50,11 @@ CPU_ARCH := $(shell uname -p)
endif
ifeq (,$(filter-out i%86,$(CPU_ARCH)))
ifdef USE_64
CC += -arch x86_64
else
OS_REL_CFLAGS = -Di386
endif
else
OS_REL_CFLAGS = -Dppc
endif

0
security/coreconf/OpenVMS.mk Normal file → Executable file
View File

0
security/coreconf/OpenVMSV7.1-2.mk Normal file → Executable file
View File

0
security/coreconf/SunOS5.10_i86pc.mk Normal file → Executable file
View File

0
security/coreconf/SunOS5.9.mk Normal file → Executable file
View File

0
security/coreconf/SunOS5.9_i86pc.mk Normal file → Executable file
View File

213
security/coreconf/WIN16.mk
View File

@ -1,213 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# win16_3.11.mk -- Make configuration for Win16
#
# This file configures gmake to build the Win16 variant of
# NSPR 2.0. This file has the function of two files commonly
# used on other platforms, for example: winnt.mk and
# winnt4.0.mk. ... The packaging is easier and there is only
# one variant of the Win16 target.
#
# Win16 is built using the Watcom C/C++ version 11.0
# compiler. You gotta set up the compiler first.
# The Watcom compiler depends on a few environment
# variables; these environment variables define where the
# compiler components are installed; they must be set before
# running the make.
#
# Notes:
# OS_CFLAGS is the command line options for the compiler when
# building the .DLL object files.
# OS_EXE_CFLAGS is the command line options for the compiler
# when building the .EXE object files; this is for the test
# programs.
# the macro OS_CFLAGS is set to OS_EXE_CFLAGS inside of the
# makefile for the pr/tests directory. ... Hack.
#
#
#
#
# -- configuration -----------------------------------------
DEFAULT_COMPILER = wcc
CC = wcc
CCC = wcl
LINK = wlink
AR = wlib
AR += -q $@
RC = wrc.exe
RC += /r /dWIN16=1 /bt=windows
RANLIB = echo
BSDECHO = echo
NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall
NSINSTALL = nsinstall
INSTALL = $(NSINSTALL)
MAKE_OBJDIR = mkdir
MAKE_OBJDIR += $(OBJDIR)
XP_DEFINE += -DXP_PC
LIB_SUFFIX = lib
DLL_SUFFIX = dll
ifdef BUILD_OPT
OPTIMIZER = -oneatx -oh -oi -ei -3 -fpi87 -fp3
else
OPTIMIZER += -d2 -hc -DDEBUG
# OPTIMIZER += -d2 -hw -DDEBUG
# LDFLAGS += -DEBUG -DEBUGTYPE:CV
endif
#
# $(CPU_ARCH) has been commented out so that its contents
# are not added to the WIN16_?.OBJ names thus expanding
# them beyond the 8.3 character limit for this platform.
#
#CPU_ARCH = x386
#
# added "-s" to avoid dependency on watcom's libs (e.g. on _STK)
# added "-zt3" for compatibility with MSVC's "/Gt3" option
#
OS_CFLAGS += -ml -3 -bd -zc -zu -bt=windows -s -zt3 -d_X86_ -dWIN16 -d_WINDLL
#OS_EXE_CFLAGS += -ml -3 -bt=windows -d_X86_ -dWIN16
OS_LIB_FLAGS = -c -iro
# Name of the binary code directories
OS_DLL_OPTION = CASEEXACT
OS_DLLFLAGS =
OS_LIBS =
W16_EXPORTS = #
ifdef MAPFILE
# Add LD options to restrict exported symbols to those in the map file
endif
# Change PROCESS to put the mapfile in the correct format for this platform
PROCESS_MAP_FILE = copy $< $@
#
# The following is NOT needed for the NSPR 2.0 library.
#
OS_CFLAGS += -d_WINDOWS -d_MSC_VER=700
#
# override the definitions of RELEASE_TREE found in tree.mk
#
ifndef RELEASE_TREE
ifdef BUILD_SHIP
ifdef USE_SHIPS
RELEASE_TREE = $(NTBUILD_SHIP)
else
RELEASE_TREE = //redbuild/components
endif
else
RELEASE_TREE = //redbuild/components
endif
endif
#
# override the definitions of LIB_PREFIX and DLL_PREFIX in prefix.mk
#
ifndef LIB_PREFIX
LIB_PREFIX = $(NULL)
endif
ifndef DLL_PREFIX
DLL_PREFIX = $(NULL)
endif
#
# override the definitions of various _SUFFIX symbols in suffix.mk
#
#
# Object suffixes
#
ifndef OBJ_SUFFIX
OBJ_SUFFIX = .obj
endif
#
# Assembler source suffixes
#
ifndef ASM_SUFFIX
ASM_SUFFIX = .asm
endif
#
# Library suffixes
#
ifndef IMPORT_LIB_SUFFIX
IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX)
endif
ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING
DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX)
endif
#
# Program suffixes
#
ifndef PROG_SUFFIX
PROG_SUFFIX = .exe
endif
#
# When the processor is NOT 386-based on Windows NT, override the
# value of $(CPU_TAG). For WinNT, 95, 16, not CE.
#
ifneq ($(CPU_ARCH),x386)
CPU_TAG = _$(CPU_ARCH)
endif
#
# override ruleset.mk, removing the "lib" prefix for library names, and
# adding the "32" after the LIBRARY_VERSION.
#
ifdef LIBRARY_NAME
SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll
IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib
endif
#
# override the TARGETS defined in ruleset.mk, adding IMPORT_LIBRARY
#
ifndef TARGETS
TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM)
endif

56
security/coreconf/WIN32.mk
View File

@ -62,6 +62,10 @@ else
BSDECHO = echo
RC = rc.exe
MT = mt.exe
# Determine compiler version
_MSC_VER_6 = 1200 # MSVC 6
_MSC_VER := $(shell $(CC) 2>&1 | sed -ne \
's/.*[^0-9.]\([0-9]\{1,\}\)\.\([0-9]\{1,\}\).*/\1\2/p' )
endif
ifdef BUILD_TREE
@ -103,12 +107,6 @@ ifdef NS_USE_GCC
OPTIMIZER += -O2
endif
DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
#
# Add symbolic information for a profiler
#
ifdef MOZ_PROFILE
OPTIMIZER += -g
endif
else
OPTIMIZER += -g
NULLSTRING :=
@ -118,6 +116,13 @@ ifdef NS_USE_GCC
DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
endif
else # !NS_USE_GCC
OS_CFLAGS += -W3 -nologo -D_CRT_SECURE_NO_WARNINGS
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifeq ($(_MSC_VER),$(_MSC_VER_6))
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
endif
ifdef BUILD_OPT
OS_CFLAGS += -MD
ifeq (11,$(ALLOW_OPT_CODE_SIZE)$(OPT_CODE_SIZE))
@ -127,16 +132,8 @@ else # !NS_USE_GCC
endif
DEFINES += -UDEBUG -U_DEBUG -DNDEBUG
DLLFLAGS += -OUT:"$@"
#
# Add symbolic information for a profiler
#
ifdef MOZ_PROFILE
OPTIMIZER += -Z7
endif
ifdef MOZ_DEBUG_SYMBOLS
OPTIMIZER += -Zi
endif
ifneq (,$(MOZ_PROFILE)$(MOZ_DEBUG_SYMBOLS))
OPTIMIZER += -Zi -Fd$(OBJDIR)/
DLLFLAGS += -DEBUG -OPT:REF
LDFLAGS += -DEBUG -OPT:REF
endif
@ -150,8 +147,7 @@ else # !NS_USE_GCC
else
OS_CFLAGS += -MD
endif
OPTIMIZER += -Od -Z7
#OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od
NULLSTRING :=
SPACE := $(NULLSTRING) # end of the line
USERNAME := $(subst $(SPACE),_,$(USERNAME))
@ -159,16 +155,20 @@ else # !NS_USE_GCC
DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME)
DLLFLAGS += -DEBUG -OUT:"$@"
LDFLAGS += -DEBUG
ifeq ($(_MSC_VER),$(_MSC_VER_6))
ifndef MOZ_DEBUG_SYMBOLS
LDFLAGS += -PDB:NONE
endif
endif
# Purify requires /FIXED:NO when linking EXEs.
LDFLAGS += /FIXED:NO
endif
ifneq ($(_MSC_VER),$(_MSC_VER_6))
# Convert certain deadly warnings to errors (see list at end of file)
OS_CFLAGS += -we4002 -we4003 -we4004 -we4006 -we4009 \
-we4013 -we4015 -we4033 -we4035 -we4045 -we4053 -we4054 -we4063 \
OS_CFLAGS += -we4002 -we4003 -we4004 -we4006 -we4009 -we4013 \
-we4015 -we4028 -we4033 -we4035 -we4045 -we4047 -we4053 -we4054 -we4063 \
-we4064 -we4078 -we4087 -we4098 -we4390 -we4551 -we4553 -we4715
endif # !MSVC6
endif # NS_USE_GCC
ifdef USE_64
@ -177,6 +177,17 @@ else
DEFINES += -DWIN32
endif
ifeq ($(CPU_ARCH), x386)
ifdef USE_64
DEFINES += -D_AMD64_
else
DEFINES += -D_X86_
endif
endif
ifeq ($(CPU_ARCH), ALPHA)
DEFINES += -D_ALPHA_=1
endif
ifdef MAPFILE
ifndef NS_USE_GCC
DLLFLAGS += -DEF:$(MAPFILE)
@ -196,10 +207,15 @@ DEFINES += -D_WINDOWS
ifdef NS_USE_GCC
AS = $(CC)
ASFLAGS = $(INCLUDES)
else
ifdef USE_64
AS = ml64.exe
ASFLAGS = -Cp -Sn -Zi $(INCLUDES)
else
AS = ml.exe
ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES)
endif
endif
#
# override the definitions of RELEASE_TREE found in tree.mk
@ -317,9 +333,11 @@ endif
# 4006: #undef expected an identifier
# 4009: string too big; trailing characters truncated
# 4015: 'identifier' : type of bit field must be integral
# 4028: formal parameter different from declaration
# 4033: 'function' must return a value
# 4035: 'function' : no return value
# 4045: 'identifier' : array bounds overflow
# 4047: 'function' : 'type 1' differs in levels of indirection from 'type 2'
# 4053: one void operand for '?:'
# 4054: 'conversion' : from function pointer 'type1' to data pointer 'type2'
# 4059: pascal string too big, length byte is length % 256

18
security/nss/lib/freebl/mapfile.Solaris → security/coreconf/WIN95.mk
View File

@ -16,7 +16,7 @@
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 2000
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
@ -35,9 +35,13 @@
#
# ***** END LICENSE BLOCK *****
libfreebl_3.so {
global:
FREEBL_GetVector;
local:
*;
};
#
# Config stuff for OS_TARGET=WIN95
#
include $(CORE_DEPTH)/coreconf/WIN32.mk
DEFINES += -DWIN95
# WINNT uses the lib prefix, Win95 and WinCE don't
NSPR31_LIB_PREFIX = $(NULL)

27
security/coreconf/WINNT4.0.mk → security/coreconf/WINNT.mk
View File

@ -36,38 +36,17 @@
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 4.0
# Config stuff for OS_TARGET=WINNT
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_X86_
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
endif
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
DEFINES += -DWINNT
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
DEFINES += -DWINNT
# WINNT uses the lib prefix, Win95 and WinCE don't
NSPR31_LIB_PREFIX = lib

71
security/coreconf/WINNT3.51.mk
View File

@ -1,71 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 3.51
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
# It has the following internal variables:
# OS_PROC_CFLAGS and OS_WIN_CFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_PROC_CFLAGS += -D_X86_
else
ifeq ($(CPU_ARCH), MIPS)
OS_PROC_CFLAGS += -D_MIPS_
else
ifeq ($(CPU_ARCH), ALPHA)
OS_PROC_CFLAGS += -D_ALPHA_
endif
endif
endif
OS_WIN_CFLAGS += -W3
OS_CFLAGS += -nologo $(OS_WIN_CFLAGS) $(OS_PROC_CFLAGS)
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
OS_CFLAGS += -DWINNT

73
security/coreconf/WINNT5.0.mk
View File

@ -1,73 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 5.0 (Windows 2000)
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_X86_
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
endif
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
DEFINES += -DWINNT
NSPR31_LIB_PREFIX = lib

73
security/coreconf/WINNT5.1.mk
View File

@ -1,73 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 5.1 (Windows XP)
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_X86_
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
endif
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
DEFINES += -DWINNT
NSPR31_LIB_PREFIX = lib

77
security/coreconf/WINNT5.2.mk
View File

@ -1,77 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 5.2 (Windows Server 2003)
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_CFLAGS += -W3 -nologo
ifdef USE_64
DEFINES += -D_AMD64_
else
DEFINES += -D_X86_
endif
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
endif
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
DEFINES += -DWINNT
NSPR31_LIB_PREFIX = lib

78
security/coreconf/WINNT6.0.mk
View File

@ -1,78 +0,0 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
# Robert Longson <longsonr@gmail.com>
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WINNT 6.0 (Windows Vista)
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
include $(CORE_DEPTH)/coreconf/WIN32.mk
ifeq ($(CPU_ARCH), x386)
OS_CFLAGS += -W3 -nologo
ifdef USE_64
DEFINES += -D_AMD64_
else
DEFINES += -D_X86_
endif
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
endif
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
endif
#
# Win NT needs -GT so that fibers can work
#
OS_CFLAGS += -GT
DEFINES += -DWINNT
NSPR31_LIB_PREFIX = lib

28
security/coreconf/arch.mk
View File

@ -183,9 +183,6 @@ endif
# at lesser performance (the Win95 target uses threads; the WinNT target
# uses fibers).
#
# When OS_TARGET=WIN16 is specified, then a Windows 3.11 (16bit) target
# is built. See: win16_3.11.mk for lots more about the Win16 target.
#
# If OS_TARGET is not specified, it defaults to $(OS_ARCH), i.e., no
# cross-compilation.
#
@ -298,11 +295,6 @@ ifeq ($(OS_TARGET), WIN95)
OS_RELEASE = 4.0
endif
ifeq ($(OS_TARGET), WIN16)
OS_RELEASE =
# OS_RELEASE = _3.11
endif
ifdef OS_TARGET_RELEASE
OS_RELEASE = $(OS_TARGET_RELEASE)
endif
@ -319,24 +311,12 @@ OS_CONFIG = $(OS_TARGET)$(OS_RELEASE)
#
ifdef BUILD_OPT
ifeq ($(OS_TARGET),WIN16)
OBJDIR_TAG = _O
else
OBJDIR_TAG = $(64BIT_TAG)_OPT
endif
OBJDIR_TAG = $(64BIT_TAG)_OPT
else
ifdef BUILD_IDG
ifeq ($(OS_TARGET),WIN16)
OBJDIR_TAG = _I
else
OBJDIR_TAG = $(64BIT_TAG)_IDG
endif
OBJDIR_TAG = $(64BIT_TAG)_IDG
else
ifeq ($(OS_TARGET),WIN16)
OBJDIR_TAG = _D
else
OBJDIR_TAG = $(64BIT_TAG)_DBG
endif
OBJDIR_TAG = $(64BIT_TAG)_DBG
endif
endif
@ -351,7 +331,7 @@ endif
OBJDIR_NAME = $(OS_TARGET)$(OS_RELEASE)$(CPU_TAG)$(COMPILER_TAG)$(LIBC_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJ
ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
ifndef BUILD_OPT
#
# Define USE_DEBUG_RTL if you want to use the debug runtime library

2
security/coreconf/config.mk
View File

@ -63,7 +63,7 @@ endif
#######################################################################
TARGET_OSES = FreeBSD BSD_OS NetBSD OpenUNIX OS2 QNX Darwin BeOS OpenBSD \
OpenVMS AIX RISCOS WINCE
OpenVMS AIX RISCOS WINNT WIN95 WINCE
ifeq (,$(filter-out $(TARGET_OSES),$(OS_TARGET)))
include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk

6
security/coreconf/headers.mk
View File

@ -44,11 +44,7 @@
# (xp) include paths
#
INCLUDES += -I$(SOURCE_MDHEADERS_DIR)
ifneq ($(OS_TARGET),WIN16)
INCLUDES += -I$(SOURCE_XPHEADERS_DIR)
endif
INCLUDES += -I$(SOURCE_MDHEADERS_DIR) -I$(SOURCE_XPHEADERS_DIR)
#
# Only append source-side private cross-platform include paths for

82
security/coreconf/WIN954.0.mk → security/coreconf/mkdepend/Makefile
View File

@ -35,43 +35,59 @@
#
# ***** END LICENSE BLOCK *****
#
# Config stuff for WIN95
#
# This makefile defines the following variables:
# OS_CFLAGS and OS_DLLFLAGS.
DEPTH = ../..
CORE_DEPTH = ../..
include $(CORE_DEPTH)/coreconf/WIN32.mk
MODULE = coreconf
ifeq ($(CPU_ARCH), x386)
ifndef NS_USE_GCC
OS_CFLAGS += -W3 -nologo
endif
ifdef USE_64
DEFINES += -D_AMD64_
CSRCS = \
cppsetup.c \
ifparser.c \
include.c \
main.c \
parse.c \
pr.c
PROGRAM = mkdepend
# Indicate that this directory builds build tools.
INTERNAL_TOOLS = 1
include $(DEPTH)/coreconf/config.mk
TARGETS = $(PROGRAM)
ifeq (,$(filter-out OS2 WIN%,$(OS_TARGET)))
DEFINES += -DNO_X11
else
DEFINES += -D_X86_
endif
else
ifeq ($(CPU_ARCH), MIPS)
#OS_CFLAGS += -W3 -nologo
#DEFINES += -D_MIPS_
OS_CFLAGS += -W3 -nologo
else
ifeq ($(CPU_ARCH), ALPHA)
OS_CFLAGS += -W3 -nologo
DEFINES += -D_ALPHA_=1
endif
endif
INSTALL = true
endif
ifndef NS_USE_GCC
OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS
ifndef MOZ_DEBUG_SYMBOLS
OS_DLLFLAGS += -PDB:NONE
ifdef NATIVE_CC
CC=$(NATIVE_CC)
endif
endif
DEFINES += -DWIN95
# WINNT uses the lib prefix, Win95 and WinCE don't
NSPR31_LIB_PREFIX = $(NULL)
ifdef NATIVE_FLAGS
OS_CFLAGS=$(NATIVE_FLAGS)
endif
include $(DEPTH)/coreconf/rules.mk
ifdef GNU_CC
OPTIMIZER = -O3
else
ifeq ($(OS_ARCH),SunOS)
OPTIMIZER = -fast
endif
ifeq ($(OS_ARCH),WINNT)
OPTIMIZER = -Ox
endif
endif
DEFINES += -DINCLUDEDIR=\"/usr/include\" -DOBJSUFFIX=\".$(OBJ_SUFFIX)\"
# Redefine MAKE_OBJDIR for just this directory
define MAKE_OBJDIR
if test ! -d $(@D); then rm -rf $(@D); mkdir $(@D); fi
endef

233
security/coreconf/mkdepend/cppsetup.c Normal file
View File

@ -0,0 +1,233 @@
/* $Xorg: cppsetup.c,v 1.5 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/cppsetup.c,v 3.11 2001/12/17 20:52:22 dawes Exp $ */
#include "def.h"
#ifdef CPP
/*
* This file is strictly for the sake of cpy.y and yylex.c (if
* you indeed have the source for cpp).
*/
#define IB 1
#define SB 2
#define NB 4
#define CB 8
#define QB 16
#define WB 32
#define SALT '#'
#if defined(pdp11) || defined(vax) || defined(ns16000) || defined(mc68000) || defined(ibm032)
#define COFF 128
#else
#define COFF 0
#endif
/*
* These variables used by cpy.y and yylex.c
*/
extern char *outp, *inp, *newp, *pend;
extern char *ptrtab;
extern char fastab[];
extern char slotab[];
/*
* cppsetup
*/
struct filepointer *currentfile;
struct inclist *currentinc;
int
cppsetup(char *line, struct filepointer *filep, struct inclist *inc)
{
char *p, savec;
static boolean setupdone = FALSE;
boolean value;
if (!setupdone) {
cpp_varsetup();
setupdone = TRUE;
}
currentfile = filep;
currentinc = inc;
inp = newp = line;
for (p=newp; *p; p++)
;
/*
* put a newline back on the end, and set up pend, etc.
*/
*p++ = '\n';
savec = *p;
*p = '\0';
pend = p;
ptrtab = slotab+COFF;
*--inp = SALT;
outp=inp;
value = yyparse();
*p = savec;
return(value);
}
struct symtab **lookup(symbol)
char *symbol;
{
static struct symtab *undefined;
struct symtab **sp;
sp = isdefined(symbol, currentinc, NULL);
if (sp == NULL) {
sp = &undefined;
(*sp)->s_value = NULL;
}
return (sp);
}
pperror(tag, x0,x1,x2,x3,x4)
int tag,x0,x1,x2,x3,x4;
{
warning("\"%s\", line %d: ", currentinc->i_file, currentfile->f_line);
warning(x0,x1,x2,x3,x4);
}
yyerror(s)
register char *s;
{
fatalerr("Fatal error: %s\n", s);
}
#else /* not CPP */
#include "ifparser.h"
struct _parse_data {
struct filepointer *filep;
struct inclist *inc;
char *filename;
const char *line;
};
static const char *
my_if_errors (IfParser *ip, const char *cp, const char *expecting)
{
struct _parse_data *pd = (struct _parse_data *) ip->data;
int lineno = pd->filep->f_line;
char *filename = pd->filename;
char prefix[300];
int prefixlen;
int i;
sprintf (prefix, "\"%s\":%d", filename, lineno);
prefixlen = strlen(prefix);
fprintf (stderr, "%s: %s", prefix, pd->line);
i = cp - pd->line;
if (i > 0 && pd->line[i-1] != '\n') {
putc ('\n', stderr);
}
for (i += prefixlen + 3; i > 0; i--) {
putc (' ', stderr);
}
fprintf (stderr, "^--- expecting %s\n", expecting);
return NULL;
}
#define MAXNAMELEN 256
static struct symtab **
lookup_variable (IfParser *ip, const char *var, int len)
{
char tmpbuf[MAXNAMELEN + 1];
struct _parse_data *pd = (struct _parse_data *) ip->data;
if (len > MAXNAMELEN)
return 0;
strncpy (tmpbuf, var, len);
tmpbuf[len] = '\0';
return isdefined (tmpbuf, pd->inc, NULL);
}
static int
my_eval_defined (IfParser *ip, const char *var, int len)
{
if (lookup_variable (ip, var, len))
return 1;
else
return 0;
}
#define isvarfirstletter(ccc) (isalpha(ccc) || (ccc) == '_')
static long
my_eval_variable (IfParser *ip, const char *var, int len)
{
long val;
struct symtab **s;
s = lookup_variable (ip, var, len);
if (!s)
return 0;
do {
var = (*s)->s_value;
if (!isvarfirstletter(*var) || !strcmp((*s)->s_name, var))
break;
s = lookup_variable (ip, var, strlen(var));
} while (s);
var = ParseIfExpression(ip, var, &val);
if (var && *var) debug(4, ("extraneous: '%s'\n", var));
return val;
}
int
cppsetup(char *filename,
char *line,
struct filepointer *filep,
struct inclist *inc)
{
IfParser ip;
struct _parse_data pd;
long val = 0;
pd.filep = filep;
pd.inc = inc;
pd.line = line;
pd.filename = filename;
ip.funcs.handle_error = my_if_errors;
ip.funcs.eval_defined = my_eval_defined;
ip.funcs.eval_variable = my_eval_variable;
ip.data = (char *) &pd;
(void) ParseIfExpression (&ip, line, &val);
if (val)
return IF;
else
return IFFALSE;
}
#endif /* CPP */

184
security/coreconf/mkdepend/def.h Normal file
View File

@ -0,0 +1,184 @@
/* $Xorg: def.h,v 1.4 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group.
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/def.h,v 3.14 2003/01/17 17:09:49 tsi Exp $ */
#ifndef NO_X11
#include <X11/Xos.h>
#include <X11/Xfuncproto.h>
#endif
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#if 0
#ifndef X_NOT_POSIX
#ifndef _POSIX_SOURCE
#define _POSIX_SOURCE
#endif
#endif
#endif
#include <sys/types.h>
#include <fcntl.h>
#include <sys/stat.h>
#define MAXDEFINES 512
#define MAXFILES 1024
#define MAXINCFILES 256 /* "-include" files */
#define MAXDIRS 1024
#define SYMTABINC 10 /* must be > 1 for define() to work right */
#define TRUE 1
#define FALSE 0
/* the following must match the directives table in main.c */
#define IF 0
#define IFDEF 1
#define IFNDEF 2
#define ELSE 3
#define ENDIF 4
#define DEFINE 5
#define UNDEF 6
#define INCLUDE 7
#define LINE 8
#define PRAGMA 9
#define ERROR 10
#define IDENT 11
#define SCCS 12
#define ELIF 13
#define EJECT 14
#define WARNING 15
#define INCLUDENEXT 16
#define IFFALSE 17 /* pseudo value --- never matched */
#define ELIFFALSE 18 /* pseudo value --- never matched */
#define INCLUDEDOT 19 /* pseudo value --- never matched */
#define IFGUESSFALSE 20 /* pseudo value --- never matched */
#define ELIFGUESSFALSE 21 /* pseudo value --- never matched */
#define INCLUDENEXTDOT 22 /* pseudo value --- never matched */
#ifdef DEBUG
extern int _debugmask;
/*
* debug levels are:
*
* 0 show ifn*(def)*,endif
* 1 trace defined/!defined
* 2 show #include
* 3 show #include SYMBOL
* 4-6 unused
*/
#define debug(level,arg) { if (_debugmask & (1 << level)) warning arg; }
#else
#define debug(level,arg) /**/
#endif /* DEBUG */
typedef unsigned char boolean;
struct symtab {
char *s_name;
char *s_value;
};
/* possible i_flag */
#define DEFCHECKED (1<<0) /* whether defines have been checked */
#define NOTIFIED (1<<1) /* whether we have revealed includes */
#define MARKED (1<<2) /* whether it's in the makefile */
#define SEARCHED (1<<3) /* whether we have read this */
#define FINISHED (1<<4) /* whether we are done reading this */
#define INCLUDED_SYM (1<<5) /* whether #include SYMBOL was found
Can't use i_list if TRUE */
struct inclist {
char *i_incstring; /* string from #include line */
char *i_file; /* path name of the include file */
struct inclist **i_list; /* list of files it itself includes */
int i_listlen; /* length of i_list */
struct symtab **i_defs; /* symbol table for this file and its
children when merged */
int i_ndefs; /* current # defines */
boolean *i_merged; /* whether we have merged child
defines */
unsigned char i_flags;
};
struct filepointer {
char *f_name;
char *f_p;
char *f_base;
char *f_end;
long f_len;
long f_line;
long cmdinc_count;
char **cmdinc_list;
long cmdinc_line;
};
#include <stdlib.h>
#if defined(macII) && !defined(__STDC__) /* stdlib.h fails to define these */
char *malloc(), *realloc();
#endif /* macII */
char *copy(char *str);
int match(char *str, char **list);
char *base_name(char *file);
char *getnextline(struct filepointer *fp);
struct symtab **slookup(char *symbol, struct inclist *file);
struct symtab **isdefined(char *symbol, struct inclist *file,
struct inclist **srcfile);
struct symtab **fdefined(char *symbol, struct inclist *file,
struct inclist **srcfile);
struct filepointer *getfile(char *file);
void included_by(struct inclist *ip,
struct inclist *newfile);
struct inclist *newinclude(char *newfile, char *incstring);
void inc_clean (void);
struct inclist *inc_path(char *file, char *include, int type);
void freefile(struct filepointer *fp);
void define2(char *name, char *val, struct inclist *file);
void define(char *def, struct inclist *file);
void undefine(char *symbol, struct inclist *file);
int find_includes(struct filepointer *filep,
struct inclist *file,
struct inclist *file_red,
int recursion, boolean failOK);
void recursive_pr_include(struct inclist *head,
char *file, char *base);
void add_include(struct filepointer *filep,
struct inclist *file,
struct inclist *file_red,
char *include, int type,
boolean failOK);
int cppsetup(char *filename,
char *line,
struct filepointer *filep,
struct inclist *inc);
extern void fatalerr(char *, ...);
extern void warning(char *, ...);
extern void warning1(char *, ...);

551
security/coreconf/mkdepend/ifparser.c Normal file
View File

@ -0,0 +1,551 @@
/*
* $Xorg: ifparser.c,v 1.3 2000/08/17 19:41:50 cpqbld Exp $
*
* Copyright 1992 Network Computing Devices, Inc.
*
* Permission to use, copy, modify, and distribute this software and its
* documentation for any purpose and without fee is hereby granted, provided
* that the above copyright notice appear in all copies and that both that
* copyright notice and this permission notice appear in supporting
* documentation, and that the name of Network Computing Devices may not be
* used in advertising or publicity pertaining to distribution of the software
* without specific, written prior permission. Network Computing Devices makes
* no representations about the suitability of this software for any purpose.
* It is provided ``as is'' without express or implied warranty.
*
* NETWORK COMPUTING DEVICES DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
* SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS,
* IN NO EVENT SHALL NETWORK COMPUTING DEVICES BE LIABLE FOR ANY SPECIAL,
* INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*
* Author: Jim Fulton
* Network Computing Devices, Inc.
*
* Simple if statement processor
*
* This module can be used to evaluate string representations of C language
* if constructs. It accepts the following grammar:
*
* EXPRESSION := VALUE
* | VALUE BINOP EXPRESSION
* | VALUE '?' EXPRESSION ':' EXPRESSION
*
* VALUE := '(' EXPRESSION ')'
* | '!' VALUE
* | '-' VALUE
* | '+' VALUE
* | '~' VALUE
* | 'defined' '(' variable ')'
* | 'defined' variable
* | # variable '(' variable-list ')'
* | variable
* | number
*
* BINOP := '*' | '/' | '%'
* | '+' | '-'
* | '<<' | '>>'
* | '<' | '>' | '<=' | '>='
* | '==' | '!='
* | '&' | '^' | '|'
* | '&&' | '||'
*
* The normal C order of precedence is supported.
*
*
* External Entry Points:
*
* ParseIfExpression parse a string for #if
*/
/* $XFree86: xc/config/makedepend/ifparser.c,v 3.11 2002/09/23 01:48:08 tsi Exp $ */
#include "ifparser.h"
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
/****************************************************************************
Internal Macros and Utilities for Parser
****************************************************************************/
#define DO(val) if (!(val)) return NULL
#define CALLFUNC(ggg,fff) (*((ggg)->funcs.fff))
#define SKIPSPACE(ccc) while (isspace(*ccc)) ccc++
#define isvarfirstletter(ccc) (isalpha(ccc) || (ccc) == '_')
static const char *
parse_variable (IfParser *g, const char *cp, const char **varp)
{
SKIPSPACE (cp);
if (!isvarfirstletter (*cp))
return CALLFUNC(g, handle_error) (g, cp, "variable name");
*varp = cp;
/* EMPTY */
for (cp++; isalnum(*cp) || *cp == '_'; cp++) ;
return cp;
}
static const char *
parse_number (IfParser *g, const char *cp, long *valp)
{
long base = 10;
SKIPSPACE (cp);
if (!isdigit(*cp))
return CALLFUNC(g, handle_error) (g, cp, "number");
*valp = 0;
if (*cp == '0') {
cp++;
if ((*cp == 'x') || (*cp == 'X')) {
base = 16;
cp++;
} else {
base = 8;
}
}
/* Ignore overflows and assume ASCII, what source is usually written in */
while (1) {
int increment = -1;
if (base == 8) {
if ((*cp >= '0') && (*cp <= '7'))
increment = *cp++ - '0';
} else if (base == 16) {
if ((*cp >= '0') && (*cp <= '9'))
increment = *cp++ - '0';
else if ((*cp >= 'A') && (*cp <= 'F'))
increment = *cp++ - ('A' - 10);
else if ((*cp >= 'a') && (*cp <= 'f'))
increment = *cp++ - ('a' - 10);
} else { /* Decimal */
if ((*cp >= '0') && (*cp <= '9'))
increment = *cp++ - '0';
}
if (increment < 0)
break;
*valp = (*valp * base) + increment;
}
/* Skip trailing qualifiers */
while (*cp == 'U' || *cp == 'u' || *cp == 'L' || *cp == 'l') cp++;
return cp;
}
static const char *
parse_character (IfParser *g, const char *cp, long *valp)
{
char val;
SKIPSPACE (cp);
if (*cp == '\\')
switch (cp[1]) {
case 'n': val = '\n'; break;
case 't': val = '\t'; break;
case 'v': val = '\v'; break;
case 'b': val = '\b'; break;
case 'r': val = '\r'; break;
case 'f': val = '\f'; break;
case 'a': val = '\a'; break;
case '\\': val = '\\'; break;
case '?': val = '\?'; break;
case '\'': val = '\''; break;
case '\"': val = '\"'; break;
case 'x': val = (char) strtol (cp + 2, NULL, 16); break;
default: val = (char) strtol (cp + 1, NULL, 8); break;
}
else
val = *cp;
while (*cp != '\'') cp++;
*valp = (long) val;
return cp;
}
static const char *
parse_value (IfParser *g, const char *cp, long *valp)
{
const char *var, *varend;
*valp = 0;
SKIPSPACE (cp);
if (!*cp)
return cp;
switch (*cp) {
case '(':
DO (cp = ParseIfExpression (g, cp + 1, valp));
SKIPSPACE (cp);
if (*cp != ')')
return CALLFUNC(g, handle_error) (g, cp, ")");
return cp + 1; /* skip the right paren */
case '!':
DO (cp = parse_value (g, cp + 1, valp));
*valp = !(*valp);
return cp;
case '-':
DO (cp = parse_value (g, cp + 1, valp));
*valp = -(*valp);
return cp;
case '+':
DO (cp = parse_value (g, cp + 1, valp));
return cp;
case '~':
DO (cp = parse_value (g, cp + 1, valp));
*valp = ~(*valp);
return cp;
case '#':
DO (cp = parse_variable (g, cp + 1, &var));
SKIPSPACE (cp);
if (*cp != '(')
return CALLFUNC(g, handle_error) (g, cp, "(");
do {
DO (cp = parse_variable (g, cp + 1, &var));
SKIPSPACE (cp);
} while (*cp && *cp != ')');
if (*cp != ')')
return CALLFUNC(g, handle_error) (g, cp, ")");
*valp = 1; /* XXX */
return cp + 1;
case '\'':
DO (cp = parse_character (g, cp + 1, valp));
if (*cp != '\'')
return CALLFUNC(g, handle_error) (g, cp, "'");
return cp + 1;
case 'd':
if (strncmp (cp, "defined", 7) == 0 && !isalnum(cp[7])) {
int paren = 0;
int len;
cp += 7;
SKIPSPACE (cp);
if (*cp == '(') {
paren = 1;
cp++;
}
DO (cp = parse_variable (g, cp, &var));
len = cp - var;
SKIPSPACE (cp);
if (paren && *cp != ')')
return CALLFUNC(g, handle_error) (g, cp, ")");
*valp = (*(g->funcs.eval_defined)) (g, var, len);
return cp + paren; /* skip the right paren */
}
/* fall out */
}
if (isdigit(*cp)) {
DO (cp = parse_number (g, cp, valp));
} else if (!isvarfirstletter(*cp))
return CALLFUNC(g, handle_error) (g, cp, "variable or number");
else {
DO (cp = parse_variable (g, cp, &var));
varend = cp;
SKIPSPACE(cp);
if (*cp != '(') {
*valp = (*(g->funcs.eval_variable)) (g, var, varend - var);
} else {
do {
long dummy;
DO (cp = ParseIfExpression (g, cp + 1, &dummy));
SKIPSPACE(cp);
if (*cp == ')')
break;
if (*cp != ',')
return CALLFUNC(g, handle_error) (g, cp, ",");
} while (1);
*valp = 1; /* XXX */
cp++;
}
}
return cp;
}
static const char *
parse_product (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_value (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '*':
DO (cp = parse_product (g, cp + 1, &rightval));
*valp = (*valp * rightval);
break;
case '/':
DO (cp = parse_product (g, cp + 1, &rightval));
if (rightval == 0)
return CALLFUNC(g, handle_error) (g, cp, "0");
*valp = (*valp / rightval);
break;
case '%':
DO (cp = parse_product (g, cp + 1, &rightval));
*valp = (*valp % rightval);
break;
}
return cp;
}
static const char *
parse_sum (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_product (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '+':
DO (cp = parse_sum (g, cp + 1, &rightval));
*valp = (*valp + rightval);
break;
case '-':
DO (cp = parse_sum (g, cp + 1, &rightval));
*valp = (*valp - rightval);
break;
}
return cp;
}
static const char *
parse_shift (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_sum (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '<':
if (cp[1] == '<') {
DO (cp = parse_shift (g, cp + 2, &rightval));
*valp = (*valp << rightval);
}
break;
case '>':
if (cp[1] == '>') {
DO (cp = parse_shift (g, cp + 2, &rightval));
*valp = (*valp >> rightval);
}
break;
}
return cp;
}
static const char *
parse_inequality (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_shift (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '<':
if (cp[1] == '=') {
DO (cp = parse_inequality (g, cp + 2, &rightval));
*valp = (*valp <= rightval);
} else {
DO (cp = parse_inequality (g, cp + 1, &rightval));
*valp = (*valp < rightval);
}
break;
case '>':
if (cp[1] == '=') {
DO (cp = parse_inequality (g, cp + 2, &rightval));
*valp = (*valp >= rightval);
} else {
DO (cp = parse_inequality (g, cp + 1, &rightval));
*valp = (*valp > rightval);
}
break;
}
return cp;
}
static const char *
parse_equality (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_inequality (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '=':
if (cp[1] == '=')
cp++;
DO (cp = parse_equality (g, cp + 1, &rightval));
*valp = (*valp == rightval);
break;
case '!':
if (cp[1] != '=')
break;
DO (cp = parse_equality (g, cp + 2, &rightval));
*valp = (*valp != rightval);
break;
}
return cp;
}
static const char *
parse_band (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_equality (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '&':
if (cp[1] != '&') {
DO (cp = parse_band (g, cp + 1, &rightval));
*valp = (*valp & rightval);
}
break;
}
return cp;
}
static const char *
parse_bxor (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_band (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '^':
DO (cp = parse_bxor (g, cp + 1, &rightval));
*valp = (*valp ^ rightval);
break;
}
return cp;
}
static const char *
parse_bor (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_bxor (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '|':
if (cp[1] != '|') {
DO (cp = parse_bor (g, cp + 1, &rightval));
*valp = (*valp | rightval);
}
break;
}
return cp;
}
static const char *
parse_land (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_bor (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '&':
if (cp[1] != '&')
return CALLFUNC(g, handle_error) (g, cp, "&&");
DO (cp = parse_land (g, cp + 2, &rightval));
*valp = (*valp && rightval);
break;
}
return cp;
}
static const char *
parse_lor (IfParser *g, const char *cp, long *valp)
{
long rightval;
DO (cp = parse_land (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '|':
if (cp[1] != '|')
return CALLFUNC(g, handle_error) (g, cp, "||");
DO (cp = parse_lor (g, cp + 2, &rightval));
*valp = (*valp || rightval);
break;
}
return cp;
}
static const char *
parse_cond(IfParser *g, const char *cp, long *valp)
{
long trueval, falseval;
DO (cp = parse_lor (g, cp, valp));
SKIPSPACE (cp);
switch (*cp) {
case '?':
DO (cp = parse_cond (g, cp + 1, &trueval));
SKIPSPACE (cp);
if (*cp != ':')
return CALLFUNC(g, handle_error) (g, cp, ":");
DO (cp = parse_cond (g, cp + 1, &falseval));
*valp = (*valp ? trueval : falseval);
break;
}
return cp;
}
/****************************************************************************
External Entry Points
****************************************************************************/
const char *
ParseIfExpression (IfParser *g, const char *cp, long *valp)
{
return parse_cond (g, cp, valp);
}

83
security/coreconf/mkdepend/ifparser.h Normal file
View File

@ -0,0 +1,83 @@
/*
* $Xorg: ifparser.h,v 1.3 2000/08/17 19:41:51 cpqbld Exp $
*
* Copyright 1992 Network Computing Devices, Inc.
*
* Permission to use, copy, modify, and distribute this software and its
* documentation for any purpose and without fee is hereby granted, provided
* that the above copyright notice appear in all copies and that both that
* copyright notice and this permission notice appear in supporting
* documentation, and that the name of Network Computing Devices may not be
* used in advertising or publicity pertaining to distribution of the software
* without specific, written prior permission. Network Computing Devices makes
* no representations about the suitability of this software for any purpose.
* It is provided ``as is'' without express or implied warranty.
*
* NETWORK COMPUTING DEVICES DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS
* SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS,
* IN NO EVENT SHALL NETWORK COMPUTING DEVICES BE LIABLE FOR ANY SPECIAL,
* INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*
* Author: Jim Fulton
* Network Computing Devices, Inc.
*
* Simple if statement processor
*
* This module can be used to evaluate string representations of C language
* if constructs. It accepts the following grammar:
*
* EXPRESSION := VALUE
* | VALUE BINOP EXPRESSION
* | VALUE '?' EXPRESSION ':' EXPRESSION
*
* VALUE := '(' EXPRESSION ')'
* | '!' VALUE
* | '-' VALUE
* | '~' VALUE
* | 'defined' '(' variable ')'
* | variable
* | number
*
* BINOP := '*' | '/' | '%'
* | '+' | '-'
* | '<<' | '>>'
* | '<' | '>' | '<=' | '>='
* | '==' | '!='
* | '&' | '^' | '|'
* | '&&' | '||'
*
* The normal C order of precedence is supported.
*
*
* External Entry Points:
*
* ParseIfExpression parse a string for #if
*/
/* $XFree86: xc/config/makedepend/ifparser.h,v 3.5 2001/07/25 15:04:40 dawes Exp $ */
#include <stdio.h>
typedef int Bool;
#define False 0
#define True 1
typedef struct _if_parser {
struct { /* functions */
const char *(*handle_error) (struct _if_parser *, const char *,
const char *);
long (*eval_variable) (struct _if_parser *, const char *, int);
int (*eval_defined) (struct _if_parser *, const char *, int);
} funcs;
char *data;
} IfParser;
const char *ParseIfExpression (
IfParser *,
const char *,
long *
);

782
security/coreconf/mkdepend/imakemdep.h Normal file
View File

@ -0,0 +1,782 @@
/* $XConsortium: imakemdep.h,v 1.83 95/04/07 19:47:46 kaleb Exp $ */
/* $XFree86: xc/config/imake/imakemdep.h,v 3.12 1995/07/08 10:22:17 dawes Exp $ */
/*
Copyright (c) 1993, 1994 X Consortium
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of the X Consortium shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from the X Consortium.
*/
/*
* This file contains machine-dependent constants for the imake utility.
* When porting imake, read each of the steps below and add in any necessary
* definitions. In general you should *not* edit ccimake.c or imake.c!
*/
#ifdef CCIMAKE
/*
* Step 1: imake_ccflags
* Define any special flags that will be needed to get imake.c to compile.
* These will be passed to the compile along with the contents of the
* make variable BOOTSTRAPCFLAGS.
*/
#ifdef hpux
#ifdef hp9000s800
#define imake_ccflags "-DSYSV"
#else
#define imake_ccflags "-Wc,-Nd4000,-Ns3000 -DSYSV"
#endif
#endif
#if defined(macII) || defined(_AUX_SOURCE)
#define imake_ccflags "-DmacII -DSYSV"
#endif
#ifdef stellar
#define imake_ccflags "-DSYSV"
#endif
#if defined(USL) || defined(Oki) || defined(NCR)
#define imake_ccflags "-Xc -DSVR4"
#endif
#ifdef sony
#if defined(SYSTYPE_SYSV) || defined(_SYSTYPE_SYSV)
#define imake_ccflags "-DSVR4"
#else
#include <sys/param.h>
#if NEWSOS < 41
#define imake_ccflags "-Dbsd43 -DNOSTDHDRS"
#else
#if NEWSOS < 42
#define imake_ccflags "-Dbsd43"
#endif
#endif
#endif
#endif
#ifdef _CRAY
#define imake_ccflags "-DSYSV -DUSG"
#endif
#if defined(_IBMR2) || defined(aix)
#define imake_ccflags "-Daix -DSYSV"
#endif
#ifdef Mips
# if defined(SYSTYPE_BSD) || defined(BSD) || defined(BSD43)
# define imake_ccflags "-DBSD43"
# else
# define imake_ccflags "-DSYSV"
# endif
#endif
#ifdef is68k
#define imake_ccflags "-Dluna -Duniosb"
#endif
#ifdef SYSV386
# ifdef SVR4
# define imake_ccflags "-Xc -DSVR4"
# else
# define imake_ccflags "-DSYSV"
# endif
#endif
#ifdef SVR4
# ifdef i386
# define imake_ccflags "-Xc -DSVR4"
# endif
#endif
#ifdef SYSV
# ifdef i386
# define imake_ccflags "-DSYSV"
# endif
#endif
#ifdef __convex__
#define imake_ccflags "-fn -tm c1"
#endif
#ifdef apollo
#define imake_ccflags "-DX_NOT_POSIX"
#endif
#ifdef WIN32
#define imake_ccflags "-nologo -batch -D__STDC__"
#endif
#ifdef __uxp__
#define imake_ccflags "-DSVR4 -DANSICPP"
#endif
#ifdef __sxg__
#define imake_ccflags "-DSYSV -DUSG -DNOSTDHDRS"
#endif
#ifdef sequent
#define imake_ccflags "-DX_NOT_STDC_ENV -DX_NOT_POSIX"
#endif
#ifdef _SEQUENT_
#define imake_ccflags "-DSYSV -DUSG"
#endif
#if defined(SX) || defined(PC_UX)
#define imake_ccflags "-DSYSV"
#endif
#ifdef nec_ews_svr2
#define imake_ccflags "-DUSG"
#endif
#if defined(nec_ews_svr4) || defined(_nec_ews_svr4) || defined(_nec_up) || defined(_nec_ft)
#define imake_ccflags "-DSVR4"
#endif
#ifdef MACH
#define imake_ccflags "-DNOSTDHDRS"
#endif
/* this is for OS/2 under EMX. This won't work with DOS */
#if defined(__EMX__)
#define imake_ccflags "-DBSD43"
#endif
#else /* not CCIMAKE */
#ifndef MAKEDEPEND
/*
* Step 2: dup2
* If your OS doesn't have a dup2() system call to duplicate one file
* descriptor onto another, define such a mechanism here (if you don't
* already fall under the existing category(ies).
*/
#if defined(SYSV) && !defined(_CRAY) && !defined(Mips) && !defined(_SEQUENT_)
#define dup2(fd1,fd2) ((fd1 == fd2) ? fd1 : (close(fd2), \
fcntl(fd1, F_DUPFD, fd2)))
#endif
/*
* Step 3: FIXUP_CPP_WHITESPACE
* If your cpp collapses tabs macro expansions into a single space and
* replaces escaped newlines with a space, define this symbol. This will
* cause imake to attempt to patch up the generated Makefile by looking
* for lines that have colons in them (this is why the rules file escapes
* all colons). One way to tell if you need this is to see whether or not
* your Makefiles have no tabs in them and lots of @@ strings.
*/
#if defined(sun) || defined(SYSV) || defined(SVR4) || defined(hcx) || defined(WIN32) || (defined(AMOEBA) && defined(CROSS_COMPILE))
#define FIXUP_CPP_WHITESPACE
#endif
#ifdef WIN32
#define REMOVE_CPP_LEADSPACE
#define INLINE_SYNTAX
#define MAGIC_MAKE_VARS
#endif
#ifdef __minix_vmd
#define FIXUP_CPP_WHITESPACE
#endif
/*
* Step 4: USE_CC_E, DEFAULT_CC, DEFAULT_CPP
* If you want to use cc -E instead of cpp, define USE_CC_E.
* If use cc -E but want a different compiler, define DEFAULT_CC.
* If the cpp you need is not in /lib/cpp, define DEFAULT_CPP.
*/
#ifdef hpux
#define USE_CC_E
#endif
#ifdef WIN32
#define USE_CC_E
#define DEFAULT_CC "cl"
#endif
#ifdef apollo
#define DEFAULT_CPP "/usr/lib/cpp"
#endif
#if defined(_IBMR2) && !defined(DEFAULT_CPP)
#define DEFAULT_CPP "/usr/lpp/X11/Xamples/util/cpp/cpp"
#endif
#if defined(sun) && defined(SVR4)
#define DEFAULT_CPP "/usr/ccs/lib/cpp"
#endif
#ifdef __bsdi__
#define DEFAULT_CPP "/usr/bin/cpp"
#endif
#ifdef __uxp__
#define DEFAULT_CPP "/usr/ccs/lib/cpp"
#endif
#ifdef __sxg__
#define DEFAULT_CPP "/usr/lib/cpp"
#endif
#ifdef _CRAY
#define DEFAULT_CPP "/lib/pcpp"
#endif
#if defined(__386BSD__) || defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__)
#define DEFAULT_CPP "/usr/libexec/cpp"
#endif
#ifdef MACH
#define USE_CC_E
#endif
#ifdef __minix_vmd
#define DEFAULT_CPP "/usr/lib/cpp"
#endif
#if defined(__EMX__)
/* expects cpp in PATH */
#define DEFAULT_CPP "cpp"
#endif
/*
* Step 5: cpp_argv
* The following table contains the flags that should be passed
* whenever a Makefile is being generated. If your preprocessor
* doesn't predefine any unique symbols, choose one and add it to the
* end of this table. Then, do the following:
*
* a. Use this symbol in Imake.tmpl when setting MacroFile.
* b. Put this symbol in the definition of BootstrapCFlags in your
* <platform>.cf file.
* c. When doing a make World, always add "BOOTSTRAPCFLAGS=-Dsymbol"
* to the end of the command line.
*
* Note that you may define more than one symbol (useful for platforms
* that support multiple operating systems).
*/
#define ARGUMENTS 50 /* number of arguments in various arrays */
char *cpp_argv[ARGUMENTS] = {
"cc", /* replaced by the actual program to exec */
"-I.", /* add current directory to include path */
#ifdef unix
"-Uunix", /* remove unix symbol so that filename unix.c okay */
#endif
#if defined(__386BSD__) || defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(MACH)
# ifdef __i386__
"-D__i386__",
# endif
# ifdef __x86_64__
"-D__x86_64__",
# endif
# ifdef __GNUC__
"-traditional",
# endif
#endif
#ifdef M4330
"-DM4330", /* Tektronix */
#endif
#ifdef M4310
"-DM4310", /* Tektronix */
#endif
#if defined(macII) || defined(_AUX_SOURCE)
"-DmacII", /* Apple A/UX */
#endif
#ifdef USL
"-DUSL", /* USL */
#endif
#ifdef sony
"-Dsony", /* Sony */
#if !defined(SYSTYPE_SYSV) && !defined(_SYSTYPE_SYSV) && NEWSOS < 42
"-Dbsd43",
#endif
#endif
#ifdef _IBMR2
"-D_IBMR2", /* IBM RS-6000 (we ensured that aix is defined above */
#ifndef aix
#define aix /* allow BOOTSTRAPCFLAGS="-D_IBMR2" */
#endif
#endif /* _IBMR2 */
#ifdef aix
"-Daix", /* AIX instead of AOS */
#ifndef ibm
#define ibm /* allow BOOTSTRAPCFLAGS="-Daix" */
#endif
#endif /* aix */
#ifdef ibm
"-Dibm", /* IBM PS/2 and RT under both AOS and AIX */
#endif
#ifdef luna
"-Dluna", /* OMRON luna 68K and 88K */
#ifdef luna1
"-Dluna1",
#endif
#ifdef luna88k /* need not on UniOS-Mach Vers. 1.13 */
"-traditional", /* for some older version */
#endif /* instead of "-DXCOMM=\\#" */
#ifdef uniosb
"-Duniosb",
#endif
#ifdef uniosu
"-Duniosu",
#endif
#endif /* luna */
#ifdef _CRAY /* Cray */
"-Ucray",
#endif
#ifdef Mips
"-DMips", /* Define and use Mips for Mips Co. OS/mach. */
# if defined(SYSTYPE_BSD) || defined(BSD) || defined(BSD43)
"-DBSD43", /* Mips RISCOS supports two environments */
# else
"-DSYSV", /* System V environment is the default */
# endif
#endif /* Mips */
#ifdef MOTOROLA
"-DMOTOROLA", /* Motorola Delta Systems */
# ifdef SYSV
"-DSYSV",
# endif
# ifdef SVR4
"-DSVR4",
# endif
#endif /* MOTOROLA */
#ifdef i386
"-Di386",
# ifdef SVR4
"-DSVR4",
# endif
# ifdef SYSV
"-DSYSV",
# ifdef ISC
"-DISC",
# ifdef ISC40
"-DISC40", /* ISC 4.0 */
# else
# ifdef ISC202
"-DISC202", /* ISC 2.0.2 */
# else
# ifdef ISC30
"-DISC30", /* ISC 3.0 */
# else
"-DISC22", /* ISC 2.2.1 */
# endif
# endif
# endif
# endif
# ifdef SCO
"-DSCO",
# ifdef SCO324
"-DSCO324",
# endif
# endif
# endif
# ifdef ESIX
"-DESIX",
# endif
# ifdef ATT
"-DATT",
# endif
# ifdef DELL
"-DDELL",
# endif
#endif
#ifdef SYSV386 /* System V/386 folks, obsolete */
"-Di386",
# ifdef SVR4
"-DSVR4",
# endif
# ifdef ISC
"-DISC",
# ifdef ISC40
"-DISC40", /* ISC 4.0 */
# else
# ifdef ISC202
"-DISC202", /* ISC 2.0.2 */
# else
# ifdef ISC30
"-DISC30", /* ISC 3.0 */
# else
"-DISC22", /* ISC 2.2.1 */
# endif
# endif
# endif
# endif
# ifdef SCO
"-DSCO",
# ifdef SCO324
"-DSCO324",
# endif
# endif
# ifdef ESIX
"-DESIX",
# endif
# ifdef ATT
"-DATT",
# endif
# ifdef DELL
"-DDELL",
# endif
#endif
#ifdef __osf__
"-D__osf__",
# ifdef __mips__
"-D__mips__",
# endif
# ifdef __alpha
"-D__alpha",
# endif
# ifdef __i386__
"-D__i386__",
# endif
# ifdef __GNUC__
"-traditional",
# endif
#endif
#ifdef Oki
"-DOki",
#endif
#ifdef sun
#ifdef SVR4
"-DSVR4",
#endif
#endif
#ifdef WIN32
"-DWIN32",
"-nologo",
"-batch",
"-D__STDC__",
#endif
#ifdef NCR
"-DNCR", /* NCR */
#endif
#ifdef linux
"-traditional",
"-Dlinux",
#endif
#ifdef __uxp__
"-D__uxp__",
#endif
#ifdef __sxg__
"-D__sxg__",
#endif
#ifdef nec_ews_svr2
"-Dnec_ews_svr2",
#endif
#ifdef AMOEBA
"-DAMOEBA",
# ifdef CROSS_COMPILE
"-DCROSS_COMPILE",
# ifdef CROSS_i80386
"-Di80386",
# endif
# ifdef CROSS_sparc
"-Dsparc",
# endif
# ifdef CROSS_mc68000
"-Dmc68000",
# endif
# else
# ifdef i80386
"-Di80386",
# endif
# ifdef sparc
"-Dsparc",
# endif
# ifdef mc68000
"-Dmc68000",
# endif
# endif
#endif
#ifdef __minix_vmd
"-Dminix",
#endif
#if defined(__EMX__)
"-traditional",
"-Demxos2",
#endif
};
#else /* else MAKEDEPEND */
/*
* Step 6: predefs
* If your compiler and/or preprocessor define any specific symbols, add
* them to the the following table. The definition of struct symtab is
* in util/makedepend/def.h.
*/
#define QUOTEIT(x) #x
#define QUOTEEXPANSION(x) QUOTEIT(x)
struct symtab predefs[] = {
#ifdef apollo
{"apollo", "1"},
#endif
#ifdef ibm032
{"ibm032", "1"},
#endif
#ifdef ibm
{"ibm", "1"},
#endif
#ifdef aix
{"aix", "1"},
#endif
#ifdef sun
{"sun", "1"},
#endif
#ifdef sun2
{"sun2", "1"},
#endif
#ifdef sun3
{"sun3", "1"},
#endif
#ifdef sun4
{"sun4", "1"},
#endif
#ifdef sparc
{"sparc", "1"},
#endif
#ifdef __sparc__
{"__sparc__", "1"},
#endif
#ifdef hpux
{"hpux", "1"},
#endif
#ifdef __hpux
{"__hpux", "1"},
#endif
#ifdef __hp9000s800
{"__hp9000s800", "1"},
#endif
#ifdef __hp9000s700
{"__hp9000s700", "1"},
#endif
#ifdef vax
{"vax", "1"},
#endif
#ifdef VMS
{"VMS", "1"},
#endif
#ifdef cray
{"cray", "1"},
#endif
#ifdef CRAY
{"CRAY", "1"},
#endif
#ifdef _CRAY
{"_CRAY", "1"},
#endif
#ifdef att
{"att", "1"},
#endif
#ifdef mips
{"mips", "1"},
#endif
#ifdef __mips__
{"__mips__", "1"},
#endif
#ifdef ultrix
{"ultrix", "1"},
#endif
#ifdef stellar
{"stellar", "1"},
#endif
#ifdef mc68000
{"mc68000", "1"},
#endif
#ifdef mc68020
{"mc68020", "1"},
#endif
#ifdef __GNUC__
{"__GNUC__", "1"},
#endif
#if __STDC__
{"__STDC__", "1"},
#endif
#ifdef __HIGHC__
{"__HIGHC__", "1"},
#endif
#ifdef CMU
{"CMU", "1"},
#endif
#ifdef luna
{"luna", "1"},
#ifdef luna1
{"luna1", "1"},
#endif
#ifdef luna2
{"luna2", "1"},
#endif
#ifdef luna88k
{"luna88k", "1"},
#endif
#ifdef uniosb
{"uniosb", "1"},
#endif
#ifdef uniosu
{"uniosu", "1"},
#endif
#endif
#ifdef ieeep754
{"ieeep754", "1"},
#endif
#ifdef is68k
{"is68k", "1"},
#endif
#ifdef m68k
{"m68k", "1"},
#endif
#ifdef m88k
{"m88k", "1"},
#endif
#ifdef __m88k__
{"__m88k__", "1"},
#endif
#ifdef bsd43
{"bsd43", "1"},
#endif
#ifdef hcx
{"hcx", "1"},
#endif
#ifdef sony
{"sony", "1"},
#ifdef SYSTYPE_SYSV
{"SYSTYPE_SYSV", "1"},
#endif
#ifdef _SYSTYPE_SYSV
{"_SYSTYPE_SYSV", "1"},
#endif
#endif
#ifdef __OSF__
{"__OSF__", "1"},
#endif
#ifdef __osf__
{"__osf__", "1"},
#endif
#ifdef __alpha
{"__alpha", "1"},
#endif
#ifdef __DECC
{"__DECC", "1"},
#endif
#ifdef __decc
{"__decc", "1"},
#endif
#ifdef __uxp__
{"__uxp__", "1"},
#endif
#ifdef __sxg__
{"__sxg__", "1"},
#endif
#ifdef _SEQUENT_
{"_SEQUENT_", "1"},
{"__STDC__", "1"},
#endif
#ifdef __bsdi__
{"__bsdi__", "1"},
#endif
#ifdef nec_ews_svr2
{"nec_ews_svr2", "1"},
#endif
#ifdef nec_ews_svr4
{"nec_ews_svr4", "1"},
#endif
#ifdef _nec_ews_svr4
{"_nec_ews_svr4", "1"},
#endif
#ifdef _nec_up
{"_nec_up", "1"},
#endif
#ifdef SX
{"SX", "1"},
#endif
#ifdef nec
{"nec", "1"},
#endif
#ifdef _nec_ft
{"_nec_ft", "1"},
#endif
#ifdef PC_UX
{"PC_UX", "1"},
#endif
#ifdef sgi
{"sgi", "1"},
#endif
#ifdef __sgi
{"__sgi", "1"},
#endif
#ifdef __FreeBSD__
{"__FreeBSD__", "1"},
#endif
#ifdef __NetBSD__
{"__NetBSD__", "1"},
#endif
#ifdef __OpenBSD__
{"__OpenBSD__", "1"},
#endif
#ifdef __EMX__
{"__EMX__", "1"},
#endif
/* ADDED THE FOLLOWING SYMBOLS FOR WINDOWS */
#ifdef _WIN32
{"_WIN32", QUOTEEXPANSION(_WIN32) },
#endif
#ifdef _WIN64
{"_WIN64", QUOTEEXPANSION(_WIN64) },
#endif
#ifdef _X86
{"_X86", QUOTEEXPANSION(_X86) },
#endif
#ifdef _X86_
{"_X86_", QUOTEEXPANSION(_X86_) },
#endif
#ifdef _X86_64
{"_X86_64", QUOTEEXPANSION(_X86_64) },
#endif
#ifdef _X86_64_
{"_X86_64_", QUOTEEXPANSION(_X86_64_) },
#endif
#ifdef _DEBUG
{"_DEBUG", QUOTEEXPANSION(_DEBUG) },
#endif
#ifdef _DLL
{"_DLL", QUOTEEXPANSION(_DLL) },
#endif
#ifdef _M_IX86
{"_M_IX86", QUOTEEXPANSION(_M_IX86) },
#endif
#ifdef _M_X64
{"_M_X64", QUOTEEXPANSION(_M_X64) },
#endif
#ifdef _MSC_FULL_VER
{"_MSC_FULL_VER", QUOTEEXPANSION(_MSC_FULL_VER) },
#endif
#ifdef _MSC_VER
{"_MSC_VER", QUOTEEXPANSION(_MSC_VER) },
#endif
#ifdef _MSVC_RUNTIME_CHECKS
{"_MSVC_RUNTIME_CHECKS", QUOTEEXPANSION(_MSVC_RUNTIME_CHECKS) },
#endif
#ifdef _MT
{"_MT", QUOTEEXPANSION(_MT) },
#endif
#ifdef _CHAR_UNSIGNED
{"_CHAR_UNSIGNED", QUOTEEXPANSION(_CHAR_UNSIGNED) },
#endif
/* add any additional symbols before this line */
{NULL, NULL}
};
#endif /* MAKEDEPEND */
#endif /* CCIMAKE */

337
security/coreconf/mkdepend/include.c Normal file
View File

@ -0,0 +1,337 @@
/* $Xorg: include.c,v 1.4 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/include.c,v 3.7 2001/12/14 19:53:20 dawes Exp $ */
#include "def.h"
#ifdef _MSC_VER
#include <windows.h>
static int
does_file_exist(char *file)
{
WIN32_FILE_ATTRIBUTE_DATA data;
BOOL b = GetFileAttributesExA(file, GetFileExInfoStandard, &data);
if (!b)
return 0;
return (data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) == 0;
}
#else
static int
does_file_exist(char *file)
{
struct stat sb;
return stat(file, &sb) == 0 && !S_ISDIR(sb.st_mode);
}
#endif
extern struct inclist inclist[ MAXFILES ],
*inclistp, *inclistnext;
extern char *includedirs[ ],
**includedirsnext;
extern char *notdotdot[ ];
extern boolean show_where_not;
extern boolean warn_multiple;
static boolean
isdot(char *p)
{
if(p && *p++ == '.' && *p++ == '\0')
return(TRUE);
return(FALSE);
}
static boolean
isdotdot(char *p)
{
if(p && *p++ == '.' && *p++ == '.' && *p++ == '\0')
return(TRUE);
return(FALSE);
}
static boolean
issymbolic(char *dir, char *component)
{
#ifdef S_IFLNK
struct stat st;
char buf[ BUFSIZ ], **pp;
sprintf(buf, "%s%s%s", dir, *dir ? "/" : "", component);
for (pp=notdotdot; *pp; pp++)
if (strcmp(*pp, buf) == 0)
return (TRUE);
if (lstat(buf, &st) == 0
&& (st.st_mode & S_IFMT) == S_IFLNK) {
*pp++ = copy(buf);
if (pp >= &notdotdot[ MAXDIRS ])
fatalerr("out of .. dirs, increase MAXDIRS\n");
return(TRUE);
}
#endif
return(FALSE);
}
/*
* Occasionally, pathnames are created that look like .../x/../y
* Any of the 'x/..' sequences within the name can be eliminated.
* (but only if 'x' is not a symbolic link!!)
*/
static void
remove_dotdot(char *path)
{
register char *end, *from, *to, **cp;
char *components[ MAXFILES ],
newpath[ BUFSIZ ];
boolean component_copied;
/*
* slice path up into components.
*/
to = newpath;
if (*path == '/')
*to++ = '/';
*to = '\0';
cp = components;
for (from=end=path; *end; end++)
if (*end == '/') {
while (*end == '/')
*end++ = '\0';
if (*from)
*cp++ = from;
from = end;
}
*cp++ = from;
*cp = NULL;
/*
* Recursively remove all 'x/..' component pairs.
*/
cp = components;
while(*cp) {
if (!isdot(*cp) && !isdotdot(*cp) && isdotdot(*(cp+1))
&& !issymbolic(newpath, *cp))
{
char **fp = cp + 2;
char **tp = cp;
do
*tp++ = *fp; /* move all the pointers down */
while (*fp++);
if (cp != components)
cp--; /* go back and check for nested ".." */
} else {
cp++;
}
}
/*
* Concatenate the remaining path elements.
*/
cp = components;
component_copied = FALSE;
while(*cp) {
if (component_copied)
*to++ = '/';
component_copied = TRUE;
for (from = *cp; *from; )
*to++ = *from++;
*to = '\0';
cp++;
}
*to++ = '\0';
/*
* copy the reconstituted path back to our pointer.
*/
strcpy(path, newpath);
}
/*
* Add an include file to the list of those included by 'file'.
*/
struct inclist *
newinclude(char *newfile, char *incstring)
{
register struct inclist *ip;
/*
* First, put this file on the global list of include files.
*/
ip = inclistp++;
if (inclistp == inclist + MAXFILES - 1)
fatalerr("out of space: increase MAXFILES\n");
ip->i_file = copy(newfile);
if (incstring == NULL)
ip->i_incstring = ip->i_file;
else
ip->i_incstring = copy(incstring);
inclistnext = inclistp;
return(ip);
}
void
included_by(struct inclist *ip, struct inclist *newfile)
{
register int i;
if (ip == NULL)
return;
/*
* Put this include file (newfile) on the list of files included
* by 'file'. If 'file' is NULL, then it is not an include
* file itself (i.e. was probably mentioned on the command line).
* If it is already on the list, don't stick it on again.
*/
if (ip->i_list == NULL) {
ip->i_list = (struct inclist **)
malloc(sizeof(struct inclist *) * ++ip->i_listlen);
ip->i_merged = (boolean *)
malloc(sizeof(boolean) * ip->i_listlen);
} else {
for (i=0; i<ip->i_listlen; i++)
if (ip->i_list[ i ] == newfile) {
i = strlen(newfile->i_file);
if (!(ip->i_flags & INCLUDED_SYM) &&
!(i > 2 &&
newfile->i_file[i-1] == 'c' &&
newfile->i_file[i-2] == '.'))
{
/* only bitch if ip has */
/* no #include SYMBOL lines */
/* and is not a .c file */
if (warn_multiple)
{
warning("%s includes %s more than once!\n",
ip->i_file, newfile->i_file);
warning1("Already have\n");
for (i=0; i<ip->i_listlen; i++)
warning1("\t%s\n", ip->i_list[i]->i_file);
}
}
return;
}
ip->i_list = (struct inclist **) realloc(ip->i_list,
sizeof(struct inclist *) * ++ip->i_listlen);
ip->i_merged = (boolean *)
realloc(ip->i_merged, sizeof(boolean) * ip->i_listlen);
}
ip->i_list[ ip->i_listlen-1 ] = newfile;
ip->i_merged[ ip->i_listlen-1 ] = FALSE;
}
void
inc_clean (void)
{
register struct inclist *ip;
for (ip = inclist; ip < inclistp; ip++) {
ip->i_flags &= ~MARKED;
}
}
struct inclist *
inc_path(char *file, char *include, int type)
{
static char path[ BUFSIZ ];
register char **pp, *p;
register struct inclist *ip;
/*
* Check all previously found include files for a path that
* has already been expanded.
*/
if ((type == INCLUDE) || (type == INCLUDEDOT))
inclistnext = inclist;
ip = inclistnext;
for (; ip->i_file; ip++) {
if ((strcmp(ip->i_incstring, include) == 0) &&
!(ip->i_flags & INCLUDED_SYM)) {
inclistnext = ip + 1;
return ip;
}
}
if (inclistnext == inclist) {
/*
* If the path was surrounded by "" or is an absolute path,
* then check the exact path provided.
*/
if ((type == INCLUDEDOT) ||
(type == INCLUDENEXTDOT) ||
(*include == '/')) {
if (does_file_exist(include))
return newinclude(include, include);
if (show_where_not)
warning1("\tnot in %s\n", include);
}
/*
* If the path was surrounded by "" see if this include file is
* in the directory of the file being parsed.
*/
if ((type == INCLUDEDOT) || (type == INCLUDENEXTDOT)) {
for (p=file+strlen(file); p>file; p--)
if (*p == '/')
break;
if (p == file) {
strcpy(path, include);
} else {
strncpy(path, file, (p-file) + 1);
path[ (p-file) + 1 ] = '\0';
strcpy(path + (p-file) + 1, include);
}
remove_dotdot(path);
if (does_file_exist(path))
return newinclude(path, include);
if (show_where_not)
warning1("\tnot in %s\n", path);
}
}
/*
* Check the include directories specified. Standard include dirs
* should be at the end.
*/
if ((type == INCLUDE) || (type == INCLUDEDOT))
includedirsnext = includedirs;
pp = includedirsnext;
for (; *pp; pp++) {
sprintf(path, "%s/%s", *pp, include);
remove_dotdot(path);
if (does_file_exist(path)) {
includedirsnext = pp + 1;
return newinclude(path, include);
}
if (show_where_not)
warning1("\tnot in %s\n", path);
}
return NULL;
}

870
security/coreconf/mkdepend/main.c Normal file
View File

@ -0,0 +1,870 @@
/* $Xorg: main.c,v 1.5 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/main.c,v 3.32 2003/03/26 20:43:48 tsi Exp $ */
#include "def.h"
#ifdef hpux
#define sigvec sigvector
#endif /* hpux */
#ifdef X_POSIX_C_SOURCE
#define _POSIX_C_SOURCE X_POSIX_C_SOURCE
#include <signal.h>
#undef _POSIX_C_SOURCE
#else
#if defined(X_NOT_POSIX) || defined(_POSIX_SOURCE)
#include <signal.h>
#else
#define _POSIX_SOURCE
#include <signal.h>
#undef _POSIX_SOURCE
#endif
#endif
#include <stdarg.h>
#ifdef _WIN32
#include <io.h>
#endif
#ifdef MINIX
#define USE_CHMOD 1
#endif
#ifdef DEBUG
int _debugmask;
#endif
/* #define DEBUG_DUMP */
#ifdef DEBUG_DUMP
#define DBG_PRINT(file, fmt, args) fprintf(file, fmt, args)
#else
#define DBG_PRINT(file, fmt, args) /* empty */
#endif
#define DASH_INC_PRE "#include \""
#define DASH_INC_POST "\""
char *ProgramName;
char *directives[] = {
"if",
"ifdef",
"ifndef",
"else",
"endif",
"define",
"undef",
"include",
"line",
"pragma",
"error",
"ident",
"sccs",
"elif",
"eject",
"warning",
"include_next",
NULL
};
#define MAKEDEPEND
#include "imakemdep.h" /* from config sources */
#undef MAKEDEPEND
struct inclist inclist[ MAXFILES ],
*inclistp = inclist,
*inclistnext = inclist,
maininclist;
static char *filelist[ MAXFILES ];
char *includedirs[ MAXDIRS + 1 ],
**includedirsnext = includedirs;
char *notdotdot[ MAXDIRS ];
static int cmdinc_count = 0;
static char *cmdinc_list[ 2 * MAXINCFILES ];
char *objprefix = "";
char *objsuffix = OBJSUFFIX;
static char *startat = "# DO NOT DELETE";
int width = 78;
static boolean append = FALSE;
boolean printed = FALSE;
boolean verbose = FALSE;
boolean show_where_not = FALSE;
/* Warn on multiple includes of same file */
boolean warn_multiple = FALSE;
static void setfile_cmdinc(struct filepointer *filep, long count, char **list);
static void redirect(char *line, char *makefile);
static
#ifdef SIGNALRETURNSINT
int
#else
void
#endif
catch (int sig)
{
fflush (stdout);
fatalerr ("got signal %d\n", sig);
}
#if defined(USG) || (defined(i386) && defined(SYSV)) || defined(WIN32) || defined(__UNIXOS2__) || defined(Lynx_22) || defined(__CYGWIN__)
#define USGISH
#endif
#ifndef USGISH
#ifdef X_NOT_POSIX
#define sigaction sigvec
#define sa_handler sv_handler
#define sa_mask sv_mask
#define sa_flags sv_flags
#endif
struct sigaction sig_act;
#endif /* USGISH */
int
main(int argc, char *argv[])
{
char **fp = filelist;
char **incp = includedirs;
char *p;
struct inclist *ip;
char *makefile = NULL;
struct filepointer *filecontent;
struct symtab *psymp = predefs;
char *endmarker = NULL;
char *defincdir = NULL;
char **undeflist = NULL;
int numundefs = 0, i;
register char offset;
ProgramName = argv[0];
while (psymp->s_name)
{
define2(psymp->s_name, psymp->s_value, &maininclist);
psymp++;
}
if (argc == 2 && argv[1][0] == '@') {
struct stat ast;
int afd;
char *args;
char **nargv;
int nargc;
char quotechar = '\0';
nargc = 1;
if ((afd = open(argv[1]+1, O_RDONLY)) < 0)
fatalerr("cannot open \"%s\"\n", argv[1]+1);
fstat(afd, &ast);
args = (char *)malloc(ast.st_size + 1);
if ((ast.st_size = read(afd, args, ast.st_size)) < 0)
fatalerr("failed to read %s\n", argv[1]+1);
args[ast.st_size] = '\0';
close(afd);
for (p = args; *p; p++) {
if (quotechar) {
if (quotechar == '\\' ||
(*p == quotechar && p[-1] != '\\'))
quotechar = '\0';
continue;
}
switch (*p) {
case '\\':
case '"':
case '\'':
quotechar = *p;
break;
case ' ':
case '\n':
*p = '\0';
if (p > args && p[-1])
nargc++;
break;
}
}
if (p[-1])
nargc++;
nargv = (char **)malloc(nargc * sizeof(char *));
nargv[0] = argv[0];
argc = 1;
for (p = args; argc < nargc; p += strlen(p) + 1)
if (*p) nargv[argc++] = p;
argv = nargv;
}
for(argc--, argv++; argc; argc--, argv++) {
/* if looking for endmarker then check before parsing */
if (endmarker && strcmp (endmarker, *argv) == 0) {
endmarker = NULL;
continue;
}
if (**argv != '-') {
/* treat +thing as an option for C++ */
if (endmarker && **argv == '+')
continue;
*fp++ = argv[0];
continue;
}
switch(argv[0][1]) {
case '-':
endmarker = &argv[0][2];
if (endmarker[0] == '\0') endmarker = "--";
break;
case 'D':
offset = 2;
if (argv[0][2] == '\0') {
argv++;
argc--;
offset = 0;
}
/* offset +1 here since first def letter
* cannot be `=`
*/
for (p = argv[0] + offset + 1; *p; p++)
if (*p == '=') {
*p = ' ';
break;
}
define(argv[0] + offset, &maininclist);
break;
case 'I':
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = argv[0]+2;
if (**(incp-1) == '\0') {
*(incp-1) = *(++argv);
argc--;
}
break;
case 'U':
/* Undef's override all -D's so save them up */
numundefs++;
if (numundefs == 1)
undeflist = malloc(sizeof(char *));
else
undeflist = realloc(undeflist,
numundefs * sizeof(char *));
offset = 2;
if (argv[0][2] == '\0') {
argv++;
argc--;
offset = 0;
}
undeflist[numundefs - 1] = argv[0] + offset;
break;
case 'Y':
defincdir = argv[0]+2;
break;
/* do not use if endmarker processing */
case 'a':
if (endmarker) break;
append = TRUE;
break;
case 'w':
if (endmarker) break;
if (argv[0][2] == '\0') {
argv++;
argc--;
width = atoi(argv[0]);
} else
width = atoi(argv[0]+2);
break;
case 'o':
if (endmarker) break;
if (argv[0][2] == '\0') {
argv++;
argc--;
objsuffix = argv[0];
} else
objsuffix = argv[0]+2;
break;
case 'p':
if (endmarker) break;
if (argv[0][2] == '\0') {
argv++;
argc--;
objprefix = argv[0];
} else
objprefix = argv[0]+2;
break;
case 'v':
if (endmarker) break;
verbose = TRUE;
#ifdef DEBUG
if (argv[0][2])
_debugmask = atoi(argv[0]+2);
#endif
break;
case 's':
if (endmarker) break;
startat = argv[0]+2;
if (*startat == '\0') {
startat = *(++argv);
argc--;
}
if (*startat != '#')
fatalerr("-s flag's value should start %s\n",
"with '#'.");
break;
case 'f':
if (endmarker) break;
makefile = argv[0]+2;
if (*makefile == '\0') {
makefile = *(++argv);
argc--;
}
break;
case 'm':
warn_multiple = TRUE;
break;
/* Ignore -O, -g so we can just pass ${CFLAGS} to
makedepend
*/
case 'O':
case 'g':
break;
case 'i':
if (strcmp(&argv[0][1],"include") == 0) {
char *buf;
if (argc<2)
fatalerr("option -include is a "
"missing its parameter\n");
if (cmdinc_count >= MAXINCFILES)
fatalerr("Too many -include flags.\n");
argc--;
argv++;
buf = malloc(strlen(DASH_INC_PRE) +
strlen(argv[0]) +
strlen(DASH_INC_POST) + 1);
if(!buf)
fatalerr("out of memory at "
"-include string\n");
cmdinc_list[2 * cmdinc_count + 0] = argv[0];
cmdinc_list[2 * cmdinc_count + 1] = buf;
cmdinc_count++;
break;
}
/* intentional fall through */
default:
if (endmarker) break;
/* fatalerr("unknown opt = %s\n", argv[0]); */
warning("ignoring option %s\n", argv[0]);
}
}
/* Now do the undefs from the command line */
for (i = 0; i < numundefs; i++)
undefine(undeflist[i], &maininclist);
if (numundefs > 0)
free(undeflist);
if (!defincdir) {
#ifdef PREINCDIR
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = PREINCDIR;
#endif
#if defined(__UNIXOS2__) || defined(_MSC_VER)
{
#if defined(_MSC_VER)
char *includepath = getenv("INCLUDE");
#else
char *includepath = getenv("C_INCLUDE_PATH");
#endif
/* can have more than one component */
if (includepath) {
char *beg, *end;
beg= (char*)strdup(includepath);
for (;;) {
end = (char*)strchr(beg,';');
if (end) *end = 0;
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many include dirs\n");
*incp++ = beg;
if (!end) break;
beg = end+1;
}
}
}
#else /* !__UNIXOS2__ && !_MSC_VER, does not use INCLUDEDIR at all */
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = INCLUDEDIR;
#endif
#ifdef EXTRAINCDIR
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = EXTRAINCDIR;
#endif
#ifdef POSTINCDIR
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = POSTINCDIR;
#endif
} else if (*defincdir) {
if (incp >= includedirs + MAXDIRS)
fatalerr("Too many -I flags.\n");
*incp++ = defincdir;
}
redirect(startat, makefile);
/*
* catch signals.
*/
#ifdef USGISH
/* should really reset SIGINT to SIG_IGN if it was. */
#ifdef SIGHUP
signal (SIGHUP, catch);
#endif
signal (SIGINT, catch);
#ifdef SIGQUIT
signal (SIGQUIT, catch);
#endif
signal (SIGILL, catch);
#ifdef SIGBUS
signal (SIGBUS, catch);
#endif
signal (SIGSEGV, catch);
#ifdef SIGSYS
signal (SIGSYS, catch);
#endif
#else
sig_act.sa_handler = catch;
#if defined(_POSIX_SOURCE) || !defined(X_NOT_POSIX)
sigemptyset(&sig_act.sa_mask);
sigaddset(&sig_act.sa_mask, SIGINT);
sigaddset(&sig_act.sa_mask, SIGQUIT);
#ifdef SIGBUS
sigaddset(&sig_act.sa_mask, SIGBUS);
#endif
sigaddset(&sig_act.sa_mask, SIGILL);
sigaddset(&sig_act.sa_mask, SIGSEGV);
sigaddset(&sig_act.sa_mask, SIGHUP);
sigaddset(&sig_act.sa_mask, SIGPIPE);
#ifdef SIGSYS
sigaddset(&sig_act.sa_mask, SIGSYS);
#endif
#else
sig_act.sa_mask = ((1<<(SIGINT -1))
|(1<<(SIGQUIT-1))
#ifdef SIGBUS
|(1<<(SIGBUS-1))
#endif
|(1<<(SIGILL-1))
|(1<<(SIGSEGV-1))
|(1<<(SIGHUP-1))
|(1<<(SIGPIPE-1))
#ifdef SIGSYS
|(1<<(SIGSYS-1))
#endif
);
#endif /* _POSIX_SOURCE */
sig_act.sa_flags = 0;
sigaction(SIGHUP, &sig_act, (struct sigaction *)0);
sigaction(SIGINT, &sig_act, (struct sigaction *)0);
sigaction(SIGQUIT, &sig_act, (struct sigaction *)0);
sigaction(SIGILL, &sig_act, (struct sigaction *)0);
#ifdef SIGBUS
sigaction(SIGBUS, &sig_act, (struct sigaction *)0);
#endif
sigaction(SIGSEGV, &sig_act, (struct sigaction *)0);
#ifdef SIGSYS
sigaction(SIGSYS, &sig_act, (struct sigaction *)0);
#endif
#endif /* USGISH */
/*
* now peruse through the list of files.
*/
for(fp=filelist; *fp; fp++) {
DBG_PRINT(stderr,"file: %s\n",*fp);
filecontent = getfile(*fp);
setfile_cmdinc(filecontent, cmdinc_count, cmdinc_list);
ip = newinclude(*fp, (char *)NULL);
find_includes(filecontent, ip, ip, 0, FALSE);
freefile(filecontent);
recursive_pr_include(ip, ip->i_file, base_name(*fp));
inc_clean();
}
if (printed)
printf("\n");
return 0;
}
#ifdef __UNIXOS2__
/*
* eliminate \r chars from file
*/
static int
elim_cr(char *buf, int sz)
{
int i,wp;
for (i= wp = 0; i<sz; i++) {
if (buf[i] != '\r')
buf[wp++] = buf[i];
}
return wp;
}
#endif
struct filepointer *
getfile(char *file)
{
int fd;
struct filepointer *content;
struct stat st;
content = (struct filepointer *)malloc(sizeof(struct filepointer));
content->f_name = file;
if ((fd = open(file, O_RDONLY)) < 0) {
warning("cannot open \"%s\"\n", file);
content->f_p = content->f_base = content->f_end = (char *)malloc(1);
*content->f_p = '\0';
return(content);
}
fstat(fd, &st);
content->f_base = (char *)malloc(st.st_size+1);
if (content->f_base == NULL)
fatalerr("cannot allocate mem\n");
if ((st.st_size = read(fd, content->f_base, st.st_size)) < 0)
fatalerr("failed to read %s\n", file);
#ifdef __UNIXOS2__
st.st_size = elim_cr(content->f_base,st.st_size);
#endif
close(fd);
content->f_len = st.st_size+1;
content->f_p = content->f_base;
content->f_end = content->f_base + st.st_size;
*content->f_end = '\0';
content->f_line = 0;
content->cmdinc_count = 0;
content->cmdinc_list = NULL;
content->cmdinc_line = 0;
return(content);
}
void
setfile_cmdinc(struct filepointer* filep, long count, char** list)
{
filep->cmdinc_count = count;
filep->cmdinc_list = list;
filep->cmdinc_line = 0;
}
void
freefile(struct filepointer *fp)
{
free(fp->f_base);
free(fp);
}
char *copy(char *str)
{
char *p = (char *)malloc(strlen(str) + 1);
strcpy(p, str);
return(p);
}
int
match(char *str, char **list)
{
int i;
for (i=0; *list; i++, list++)
if (strcmp(str, *list) == 0)
return(i);
return(-1);
}
/*
* Get the next line. We only return lines beginning with '#' since that
* is all this program is ever interested in.
*/
char *getnextline(struct filepointer *filep)
{
char *p, /* walking pointer */
*eof, /* end of file pointer */
*bol; /* beginning of line pointer */
int lineno; /* line number */
boolean whitespace = FALSE;
/*
* Fake the "-include" line files in form of #include to the
* start of each file.
*/
if (filep->cmdinc_line < filep->cmdinc_count) {
char *inc = filep->cmdinc_list[2 * filep->cmdinc_line + 0];
char *buf = filep->cmdinc_list[2 * filep->cmdinc_line + 1];
filep->cmdinc_line++;
sprintf(buf,"%s%s%s",DASH_INC_PRE,inc,DASH_INC_POST);
DBG_PRINT(stderr,"%s\n",buf);
return(buf);
}
p = filep->f_p;
eof = filep->f_end;
if (p >= eof)
return((char *)NULL);
lineno = filep->f_line;
for (bol = p--; ++p < eof; ) {
if ((bol == p) && ((*p == ' ') || (*p == '\t')))
{
/* Consume leading white-spaces for this line */
while (((p+1) < eof) && ((*p == ' ') || (*p == '\t')))
{
p++;
bol++;
}
whitespace = TRUE;
}
if (*p == '/' && (p+1) < eof && *(p+1) == '*') {
/* Consume C comments */
*(p++) = ' ';
*(p++) = ' ';
while (p < eof && *p) {
if (*p == '*' && (p+1) < eof && *(p+1) == '/') {
*(p++) = ' ';
*(p++) = ' ';
break;
}
if (*p == '\n')
lineno++;
*(p++) = ' ';
}
--p;
}
else if (*p == '/' && (p+1) < eof && *(p+1) == '/') {
/* Consume C++ comments */
*(p++) = ' ';
*(p++) = ' ';
while (p < eof && *p) {
if (*p == '\\' && (p+1) < eof &&
*(p+1) == '\n') {
*(p++) = ' ';
lineno++;
}
else if (*p == '?' && (p+3) < eof &&
*(p+1) == '?' &&
*(p+2) == '/' &&
*(p+3) == '\n') {
*(p++) = ' ';
*(p++) = ' ';
*(p++) = ' ';
lineno++;
}
else if (*p == '\n')
break; /* to process end of line */
*(p++) = ' ';
}
--p;
}
else if (*p == '\\' && (p+1) < eof && *(p+1) == '\n') {
/* Consume backslash line terminations */
*(p++) = ' ';
*p = ' ';
lineno++;
}
else if (*p == '?' && (p+3) < eof &&
*(p+1) == '?' && *(p+2) == '/' && *(p+3) == '\n') {
/* Consume trigraph'ed backslash line terminations */
*(p++) = ' ';
*(p++) = ' ';
*(p++) = ' ';
*p = ' ';
lineno++;
}
else if (*p == '\n') {
lineno++;
if (*bol == '#') {
char *cp;
*(p++) = '\0';
/* punt lines with just # (yacc generated) */
for (cp = bol+1;
*cp && (*cp == ' ' || *cp == '\t'); cp++);
if (*cp) goto done;
--p;
}
bol = p+1;
whitespace = FALSE;
}
}
if (*bol != '#')
bol = NULL;
done:
#if !defined(__UNIXOS2__) && !defined(_MSC_VER) && !defined(_WIN32)
/* Don't print warnings for system header files */
if (bol && whitespace && !strstr(filep->f_name, INCLUDEDIR)) {
warning("%s: non-portable whitespace encountered at line %d\n",
filep->f_name, lineno);
}
#endif
filep->f_p = p;
filep->f_line = lineno;
#ifdef DEBUG_DUMP
if (bol)
DBG_PRINT(stderr,"%s\n",bol);
#endif
return(bol);
}
/*
* Strip the file name down to what we want to see in the Makefile.
* It will have objprefix and objsuffix around it.
*/
char *base_name(char *file)
{
char *p;
file = copy(file);
for(p=file+strlen(file); p>file && *p != '.'; p--) ;
if (*p == '.')
*p = '\0';
return(file);
}
#if defined(USG) && !defined(CRAY) && !defined(SVR4) && !defined(__UNIXOS2__) && !defined(clipper) && !defined(__clipper__)
int rename (char *from, char *to)
{
(void) unlink (to);
if (link (from, to) == 0) {
unlink (from);
return 0;
} else {
return -1;
}
}
#endif /* USGISH */
void
redirect(char *line, char *makefile)
{
struct stat st;
FILE *fdin, *fdout;
char backup[ BUFSIZ ],
buf[ BUFSIZ ];
boolean found = FALSE;
int len;
/*
* if makefile is "-" then let it pour onto stdout.
*/
if (makefile && *makefile == '-' && *(makefile+1) == '\0') {
puts(line);
return;
}
/*
* use a default makefile is not specified.
*/
if (!makefile) {
if (stat("Makefile", &st) == 0)
makefile = "Makefile";
else if (stat("makefile", &st) == 0)
makefile = "makefile";
else
fatalerr("[mM]akefile is not present\n");
}
else
stat(makefile, &st);
if ((fdin = fopen(makefile, "r")) == NULL)
fatalerr("cannot open \"%s\"\n", makefile);
sprintf(backup, "%s.bak", makefile);
unlink(backup);
#if defined(WIN32) || defined(__UNIXOS2__) || defined(__CYGWIN__)
fclose(fdin);
#endif
if (rename(makefile, backup) < 0)
fatalerr("cannot rename %s to %s\n", makefile, backup);
#if defined(WIN32) || defined(__UNIXOS2__) || defined(__CYGWIN__)
if ((fdin = fopen(backup, "r")) == NULL)
fatalerr("cannot open \"%s\"\n", backup);
#endif
if ((fdout = freopen(makefile, "w", stdout)) == NULL)
fatalerr("cannot open \"%s\"\n", backup);
len = strlen(line);
while (!found && fgets(buf, BUFSIZ, fdin)) {
if (*buf == '#' && strncmp(line, buf, len) == 0)
found = TRUE;
fputs(buf, fdout);
}
if (!found) {
if (verbose)
warning("Adding new delimiting line \"%s\" and dependencies...\n",
line);
puts(line); /* same as fputs(fdout); but with newline */
} else if (append) {
while (fgets(buf, BUFSIZ, fdin)) {
fputs(buf, fdout);
}
}
fflush(fdout);
#if defined(USGISH) || defined(_SEQUENT_) || defined(USE_CHMOD)
chmod(makefile, st.st_mode);
#else
fchmod(fileno(fdout), st.st_mode);
#endif /* USGISH */
}
void
fatalerr(char *msg, ...)
{
va_list args;
fprintf(stderr, "%s: error: ", ProgramName);
va_start(args, msg);
vfprintf(stderr, msg, args);
va_end(args);
exit (1);
}
void
warning(char *msg, ...)
{
va_list args;
fprintf(stderr, "%s: warning: ", ProgramName);
va_start(args, msg);
vfprintf(stderr, msg, args);
va_end(args);
}
void
warning1(char *msg, ...)
{
va_list args;
va_start(args, msg);
vfprintf(stderr, msg, args);
va_end(args);
}

382
security/coreconf/mkdepend/mkdepend.man Normal file
View File

@ -0,0 +1,382 @@
.\" $Xorg: mkdepend.man,v 1.5 2001/02/09 02:03:16 xorgcvs Exp $
.\" Copyright (c) 1993, 1994, 1998 The Open Group
.\"
.\" Permission to use, copy, modify, distribute, and sell this software and its
.\" documentation for any purpose is hereby granted without fee, provided that
.\" the above copyright notice appear in all copies and that both that
.\" copyright notice and this permission notice appear in supporting
.\" documentation.
.\"
.\" The above copyright notice and this permission notice shall be included in
.\" all copies or substantial portions of the Software.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
.\" IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
.\" FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
.\" THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
.\" WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF
.\" OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
.\" SOFTWARE.
.\"
.\" Except as contained in this notice, the name of The Open Group shall not
.\" be used in advertising or otherwise to promote the sale, use or other
.\" dealing in this Software without prior written authorization from The
.\" Open Group.
.\"
.\" $XFree86: xc/config/makedepend/mkdepend.man,v 1.7 2002/12/14 02:39:45 dawes Exp $
.\"
.TH MAKEDEPEND 1 __xorgversion__
.UC 4
.SH NAME
makedepend \- create dependencies in makefiles
.SH SYNOPSIS
.B makedepend
[
.BI \-D name\fB=\fPdef
] [
.BI \-D name
] [
.BI \-I includedir
] [
.BI \-Y includedir
] [
.B \-a
] [
.BI \-f makefile
] [
.BI \-include \ file
] [
.BI \-o objsuffix
] [
.BI \-p objprefix
] [
.BI \-s string
] [
.BI \-w width
] [
.B \-v
] [
.B \-m
] [
\-\^\-
.I otheroptions
\-\^\-
]
.I sourcefile
\&.\|.\|.
.br
.SH DESCRIPTION
The
.B makedepend
program reads each
.I sourcefile
in sequence and parses it like a C-preprocessor,
processing all
.I #include,
.I #define,
.I #undef,
.I #ifdef,
.I #ifndef,
.I #endif,
.I #if,
.I #elif
and
.I #else
directives so that it can correctly tell which
.I #include,
directives would be used in a compilation.
Any
.I #include,
directives can reference files having other
.I #include
directives, and parsing will occur in these files as well.
.PP
Every file that a
.I sourcefile
includes,
directly or indirectly,
is what
.B makedepend
calls a \fIdependency.\fP
These dependencies are then written to a
.I makefile
in such a way that
.B make(1)
will know which object files must be recompiled when a dependency has changed.
.PP
By default,
.B makedepend
places its output in the file named
.I makefile
if it exists, otherwise
.I Makefile.
An alternate makefile may be specified with the
.B \-f
option.
It first searches the makefile for
the line
.sp
\& # DO NOT DELETE THIS LINE \-\^\- make depend depends on it.
.sp
or one provided with the
.B \-s
option,
as a delimiter for the dependency output.
If it finds it, it will delete everything
following this to the end of the makefile
and put the output after this line.
If it doesn't find it, the program
will append the string to the end of the makefile
and place the output following that.
For each
.I sourcefile
appearing on the command line,
.B makedepend
puts lines in the makefile of the form
.sp
sourcefile.o:\0dfile .\|.\|.
.sp
Where \fIsourcefile.o\fP is the name from the command
line with its suffix replaced with ``.o'',
and \fIdfile\fP is a dependency discovered in a
.I #include
directive while parsing
.I sourcefile
or one of the files it included.
.SH EXAMPLE
Normally,
.B makedepend
will be used in a makefile target so that typing ``make depend'' will
bring the dependencies up to date for the makefile.
For example,
.nf
SRCS\0=\0file1.c\0file2.c\0.\|.\|.
CFLAGS\0=\0\-O\0\-DHACK\0\-I\^.\^.\^/foobar\0\-xyz
depend:
makedepend\0\-\^\-\0$(CFLAGS)\0\-\^\-\0$(SRCS)
.fi
.SH OPTIONS
The program
will ignore any option that it does not understand so that you may use
the same arguments that you would for
.B cc(1).
.TP 5
.B \-D\fIname\fP=\fIdef\fP \fRor\fP \-D\fIname\fP
Define.
This places a definition for
.I name
in
.B makedepend's
symbol table.
Without
.I =def\|
the symbol becomes defined as ``1''.
.TP 5
.B \-I\fIincludedir\fP
Include directory.
This option tells
.B makedepend
to prepend
.I includedir
to its list of directories to search when it encounters
a
.I #include
directive.
By default,
.B makedepend
only searches the standard include directories (usually /usr/include
and possibly a compiler-dependent directory).
.TP 5
.B \-Y\fIincludedir\fP
Replace all of the standard include directories with the single specified
include directory; you can omit the
.I includedir
to simply prevent searching the standard include directories.
.TP 5
.B \-a
Append the dependencies to the end of the file instead of replacing them.
.TP 5
.B \-f\fImakefile\fP
Filename.
This allows you to specify an alternate makefile in which
.B makedepend
can place its output.
Specifying ``\-'' as the file name (i.e., \fB\-f\-\fP) sends the
output to standard output instead of modifying an existing file.
.TP 5
.B \-include \fIfile\fP
Process file as input, and include all the resulting output
before processing the regular input file. This has the same
affect as if the specified file is an include statement that
appears before the very first line of the regular input file.
.TP 5
.B \-o\fIobjsuffix\fP
Object file suffix.
Some systems may have object files whose suffix is something other
than ``.o''.
This option allows you to specify another suffix, such as
``.b'' with
.I \-o.b
or ``:obj''
with
.I \-o:obj
and so forth.
.TP 5
.B \-p\fIobjprefix\fP
Object file prefix.
The prefix is prepended to the name of the object file. This is
usually used to designate a different directory for the object file.
The default is the empty string.
.TP 5
.B \-s\fIstring\fP
Starting string delimiter.
This option permits you to specify
a different string for
.B makedepend
to look for in the makefile.
.TP 5
.B \-w\fIwidth\fP
Line width.
Normally,
.B makedepend
will ensure that every output line that it writes will be no wider than
78 characters for the sake of readability.
This option enables you to change this width.
.TP 5
.B \-v
Verbose operation.
This option causes
.B makedepend
to emit the list of files included by each input file.
.TP 5
.B \-m
Warn about multiple inclusion.
This option causes
.B makedepend
to produce a warning if any input file includes another file more than
once. In previous versions of
.B makedepend
this was the default behavior; the default has been changed to better
match the behavior of the C compiler, which does not consider multiple
inclusion to be an error. This option is provided for backward
compatibility, and to aid in debugging problems related to multiple
inclusion.
.TP 5
.B "\-\^\- \fIoptions\fP \-\^\-"
If
.B makedepend
encounters a double hyphen (\-\^\-) in the argument list,
then any unrecognized argument following it
will be silently ignored; a second double hyphen terminates this
special treatment.
In this way,
.B makedepend
can be made to safely ignore esoteric compiler arguments that might
normally be found in a CFLAGS
.B make
macro (see the
.B EXAMPLE
section above).
All options that
.B makedepend
recognizes and appear between the pair of double hyphens
are processed normally.
.SH ALGORITHM
The approach used in this program enables it to run an order of magnitude
faster than any other ``dependency generator'' I have ever seen.
Central to this performance are two assumptions:
that all files compiled by a single
makefile will be compiled with roughly the same
.I \-I
and
.I \-D
options;
and that most files in a single directory will include largely the
same files.
.PP
Given these assumptions,
.B makedepend
expects to be called once for each makefile, with
all source files that are maintained by the
makefile appearing on the command line.
It parses each source and include
file exactly once, maintaining an internal symbol table
for each.
Thus, the first file on the command line will take an amount of time
proportional to the amount of time that a normal C preprocessor takes.
But on subsequent files, if it encounters an include file
that it has already parsed, it does not parse it again.
.PP
For example,
imagine you are compiling two files,
.I file1.c
and
.I file2.c,
they each include the header file
.I header.h,
and the file
.I header.h
in turn includes the files
.I def1.h
and
.I def2.h.
When you run the command
.sp
makedepend\0file1.c\0file2.c
.sp
.B makedepend
will parse
.I file1.c
and consequently,
.I header.h
and then
.I def1.h
and
.I def2.h.
It then decides that the dependencies for this file are
.sp
file1.o:\0header.h\0def1.h\0def2.h
.sp
But when the program parses
.I file2.c
and discovers that it, too, includes
.I header.h,
it does not parse the file,
but simply adds
.I header.h,
.I def1.h
and
.I def2.h
to the list of dependencies for
.I file2.o.
.SH "SEE ALSO"
cc(1), make(1)
.SH BUGS
.B makedepend
parses, but does not currently evaluate, the SVR4 #predicate(token-list)
preprocessor expression; such expressions are simply assumed to be true.
This may cause the wrong
.I #include
directives to be evaluated.
.PP
Imagine you are parsing two files,
say
.I file1.c
and
.I file2.c,
each includes the file
.I def.h.
The list of files that
.I def.h
includes might truly be different when
.I def.h
is included by
.I file1.c
than when it is included by
.I file2.c.
But once
.B makedepend
arrives at a list of dependencies for a file,
it is cast in concrete.
.SH AUTHOR
Todd Brunhoff, Tektronix, Inc. and MIT Project Athena

686
security/coreconf/mkdepend/parse.c Normal file
View File

@ -0,0 +1,686 @@
/* $Xorg: parse.c,v 1.6 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/parse.c,v 1.12 2002/02/26 05:09:10 tsi Exp $ */
#include "def.h"
extern char *directives[];
extern struct inclist inclist[ MAXFILES ],
*inclistnext,
maininclist;
extern char *includedirs[ ],
**includedirsnext;
static int deftype (char *line, struct filepointer *filep,
struct inclist *file_red, struct inclist *file,
int parse_it);
static int zero_value(char *filename, char *exp, struct filepointer *filep,
struct inclist *file_red);
static int merge2defines(struct inclist *file1, struct inclist *file2);
static int
gobble(struct filepointer *filep, struct inclist *file,
struct inclist *file_red)
{
char *line;
int type;
while ((line = getnextline(filep))) {
switch(type = deftype(line, filep, file_red, file, FALSE)) {
case IF:
case IFFALSE:
case IFGUESSFALSE:
case IFDEF:
case IFNDEF:
type = gobble(filep, file, file_red);
while ((type == ELIF) || (type == ELIFFALSE) ||
(type == ELIFGUESSFALSE))
type = gobble(filep, file, file_red);
if (type == ELSE)
(void)gobble(filep, file, file_red);
break;
case ELSE:
case ENDIF:
debug(0,("%s, line %d: #%s\n",
file->i_file, filep->f_line,
directives[type]));
return(type);
case DEFINE:
case UNDEF:
case INCLUDE:
case INCLUDEDOT:
case PRAGMA:
case ERROR:
case IDENT:
case SCCS:
case EJECT:
case WARNING:
case INCLUDENEXT:
case INCLUDENEXTDOT:
break;
case ELIF:
case ELIFFALSE:
case ELIFGUESSFALSE:
return(type);
case -1:
warning("%s", file_red->i_file);
if (file_red != file)
warning1(" (reading %s)", file->i_file);
warning1(", line %d: unknown directive == \"%s\"\n",
filep->f_line, line);
break;
}
}
return(-1);
}
/*
* Decide what type of # directive this line is.
*/
static int
deftype (char *line, struct filepointer *filep,
struct inclist *file_red, struct inclist *file, int parse_it)
{
register char *p;
char *directive, savechar, *q;
register int ret;
/*
* Parse the directive...
*/
directive=line+1;
while (*directive == ' ' || *directive == '\t')
directive++;
p = directive;
while ((*p == '_') || (*p >= 'a' && *p <= 'z'))
p++;
savechar = *p;
*p = '\0';
ret = match(directive, directives);
*p = savechar;
/* If we don't recognize this compiler directive or we happen to just
* be gobbling up text while waiting for an #endif or #elif or #else
* in the case of an #elif we must check the zero_value and return an
* ELIF or an ELIFFALSE.
*/
if (ret == ELIF && !parse_it)
{
while (*p == ' ' || *p == '\t')
p++;
/*
* parse an expression.
*/
debug(0,("%s, line %d: #elif %s ",
file->i_file, filep->f_line, p));
ret = zero_value(file->i_file, p, filep, file_red);
if (ret != IF)
{
debug(0,("false...\n"));
if (ret == IFFALSE)
return(ELIFFALSE);
else
return(ELIFGUESSFALSE);
}
else
{
debug(0,("true...\n"));
return(ELIF);
}
}
if (ret < 0 || ! parse_it)
return(ret);
/*
* now decide how to parse the directive, and do it.
*/
while (*p == ' ' || *p == '\t')
p++;
q = p + strlen(p);
do {
q--;
} while (*q == ' ' || *q == '\t');
q[1] = '\0';
switch (ret) {
case IF:
/*
* parse an expression.
*/
ret = zero_value(file->i_file, p, filep, file_red);
debug(0,("%s, line %d: %s #if %s\n",
file->i_file, filep->f_line, ret?"false":"true", p));
break;
case IFDEF:
case IFNDEF:
debug(0,("%s, line %d: #%s %s\n",
file->i_file, filep->f_line, directives[ret], p));
case UNDEF:
/*
* separate the name of a single symbol.
*/
while (isalnum(*p) || *p == '_')
*line++ = *p++;
*line = '\0';
break;
case INCLUDE:
case INCLUDENEXT:
debug(2,("%s, line %d: #include%s %s\n",
file->i_file, filep->f_line,
(ret == INCLUDE) ? "" : "_next", p));
/* Support ANSI macro substitution */
while (1) {
struct symtab **sym;
if (!*p || *p == '"' || *p == '<')
break;
sym = isdefined(p, file_red, NULL);
if (!sym)
break;
p = (*sym)->s_value;
debug(3,("%s : #includes SYMBOL %s = %s\n",
file->i_incstring,
(*sym) -> s_name,
(*sym) -> s_value));
/* mark file as having included a 'soft include' */
file->i_flags |= INCLUDED_SYM;
}
/*
* Separate the name of the include file.
*/
while (*p && *p != '"' && *p != '<')
p++;
if (! *p)
return(-2);
if (*p++ == '"') {
if (ret == INCLUDE)
ret = INCLUDEDOT;
else
ret = INCLUDENEXTDOT;
while (*p && *p != '"')
*line++ = *p++;
} else
while (*p && *p != '>')
*line++ = *p++;
*line = '\0';
break;
case DEFINE:
/*
* copy the definition back to the beginning of the line.
*/
strcpy (line, p);
break;
case ELSE:
case ENDIF:
case ELIF:
case PRAGMA:
case ERROR:
case IDENT:
case SCCS:
case EJECT:
case WARNING:
debug(0,("%s, line %d: #%s\n",
file->i_file, filep->f_line, directives[ret]));
/*
* nothing to do.
*/
break;
}
return(ret);
}
struct symtab **
fdefined(char *symbol, struct inclist *file, struct inclist **srcfile)
{
struct inclist **ip;
struct symtab **val;
int i;
static int recurse_lvl = 0;
if (file->i_flags & DEFCHECKED)
return(NULL);
debug(2,("Looking for %s in %s\n", symbol, file->i_file));
file->i_flags |= DEFCHECKED;
if ((val = slookup(symbol, file)))
debug(1,("%s defined in %s as %s\n",
symbol, file->i_file, (*val)->s_value));
if (val == NULL && file->i_list)
{
for (ip = file->i_list, i=0; i < file->i_listlen; i++, ip++)
if (file->i_merged[i]==FALSE) {
val = fdefined(symbol, *ip, srcfile);
file->i_merged[i]=merge2defines(file,*ip);
if (val!=NULL) break;
}
}
else if (val != NULL && srcfile != NULL) *srcfile = file;
recurse_lvl--;
file->i_flags &= ~DEFCHECKED;
return(val);
}
struct symtab **
isdefined(char *symbol, struct inclist *file, struct inclist **srcfile)
{
struct symtab **val;
if ((val = slookup(symbol, &maininclist))) {
debug(1,("%s defined on command line\n", symbol));
if (srcfile != NULL) *srcfile = &maininclist;
return(val);
}
if ((val = fdefined(symbol, file, srcfile)))
return(val);
debug(1,("%s not defined in %s\n", symbol, file->i_file));
return(NULL);
}
/*
* Return type based on if the #if expression evaluates to 0
*/
static int
zero_value(char *filename,
char *exp,
struct filepointer *filep,
struct inclist *file_red)
{
if (cppsetup(filename, exp, filep, file_red))
return(IFFALSE);
else
return(IF);
}
void
define2(char *name, char *val, struct inclist *file)
{
int first, last, below;
register struct symtab **sp = NULL, **dest;
struct symtab *stab;
/* Make space if it's needed */
if (file->i_defs == NULL)
{
file->i_defs = (struct symtab **)
malloc(sizeof (struct symtab*) * SYMTABINC);
file->i_ndefs = 0;
}
else if (!(file->i_ndefs % SYMTABINC))
file->i_defs = (struct symtab **)
realloc(file->i_defs,
sizeof(struct symtab*)*(file->i_ndefs+SYMTABINC));
if (file->i_defs == NULL)
fatalerr("malloc()/realloc() failure in insert_defn()\n");
below = first = 0;
last = file->i_ndefs - 1;
while (last >= first)
{
/* Fast inline binary search */
register char *s1;
register char *s2;
register int middle = (first + last) / 2;
/* Fast inline strchr() */
s1 = name;
s2 = file->i_defs[middle]->s_name;
while (*s1++ == *s2++)
if (s2[-1] == '\0') break;
/* If exact match, set sp and break */
if (*--s1 == *--s2)
{
sp = file->i_defs + middle;
break;
}
/* If name > i_defs[middle] ... */
if (*s1 > *s2)
{
below = first;
first = middle + 1;
}
/* else ... */
else
{
below = last = middle - 1;
}
}
/* Search is done. If we found an exact match to the symbol name,
just replace its s_value */
if (sp != NULL)
{
debug(1,("redefining %s from %s to %s in file %s\n",
name, (*sp)->s_value, val, file->i_file));
free((*sp)->s_value);
(*sp)->s_value = copy(val);
return;
}
sp = file->i_defs + file->i_ndefs++;
dest = file->i_defs + below + 1;
while (sp > dest)
{
*sp = sp[-1];
sp--;
}
stab = (struct symtab *) malloc(sizeof (struct symtab));
if (stab == NULL)
fatalerr("malloc()/realloc() failure in insert_defn()\n");
debug(1,("defining %s to %s in file %s\n", name, val, file->i_file));
stab->s_name = copy(name);
stab->s_value = copy(val);
*sp = stab;
}
void
define(char *def, struct inclist *file)
{
char *val;
/* Separate symbol name and its value */
val = def;
while (isalnum(*val) || *val == '_')
val++;
if (*val)
*val++ = '\0';
while (*val == ' ' || *val == '\t')
val++;
if (!*val)
val = "1";
define2(def, val, file);
}
struct symtab **
slookup(char *symbol, struct inclist *file)
{
register int first = 0;
register int last = file->i_ndefs - 1;
if (file) while (last >= first)
{
/* Fast inline binary search */
register char *s1;
register char *s2;
register int middle = (first + last) / 2;
/* Fast inline strchr() */
s1 = symbol;
s2 = file->i_defs[middle]->s_name;
while (*s1++ == *s2++)
if (s2[-1] == '\0') break;
/* If exact match, we're done */
if (*--s1 == *--s2)
{
return file->i_defs + middle;
}
/* If symbol > i_defs[middle] ... */
if (*s1 > *s2)
{
first = middle + 1;
}
/* else ... */
else
{
last = middle - 1;
}
}
return(NULL);
}
static int
merge2defines(struct inclist *file1, struct inclist *file2)
{
int i;
if ((file1==NULL) || (file2==NULL) ||
!(file2->i_flags & FINISHED))
return 0;
for (i=0; i < file2->i_listlen; i++)
if (file2->i_merged[i]==FALSE)
return 0;
{
int first1 = 0;
int last1 = file1->i_ndefs - 1;
int first2 = 0;
int last2 = file2->i_ndefs - 1;
int first=0;
struct symtab** i_defs = NULL;
int deflen=file1->i_ndefs+file2->i_ndefs;
debug(2,("merging %s into %s\n",
file2->i_file, file1->i_file));
if (deflen>0)
{
/* make sure deflen % SYMTABINC == 0 is still true */
deflen += (SYMTABINC - deflen % SYMTABINC) % SYMTABINC;
i_defs=(struct symtab**)
malloc(deflen*sizeof(struct symtab*));
if (i_defs==NULL) return 0;
}
while ((last1 >= first1) && (last2 >= first2))
{
char *s1=file1->i_defs[first1]->s_name;
char *s2=file2->i_defs[first2]->s_name;
if (strcmp(s1,s2) < 0)
i_defs[first++]=file1->i_defs[first1++];
else if (strcmp(s1,s2) > 0)
i_defs[first++]=file2->i_defs[first2++];
else /* equal */
{
i_defs[first++]=file2->i_defs[first2++];
first1++;
}
}
while (last1 >= first1)
{
i_defs[first++]=file1->i_defs[first1++];
}
while (last2 >= first2)
{
i_defs[first++]=file2->i_defs[first2++];
}
if (file1->i_defs) free(file1->i_defs);
file1->i_defs=i_defs;
file1->i_ndefs=first;
return 1;
}
}
void
undefine(char *symbol, struct inclist *file)
{
register struct symtab **ptr;
struct inclist *srcfile;
while ((ptr = isdefined(symbol, file, &srcfile)) != NULL)
{
srcfile->i_ndefs--;
for (; ptr < srcfile->i_defs + srcfile->i_ndefs; ptr++)
*ptr = ptr[1];
}
}
int
find_includes(struct filepointer *filep, struct inclist *file,
struct inclist *file_red, int recursion, boolean failOK)
{
struct inclist *inclistp;
char **includedirsp;
register char *line;
register int type;
boolean recfailOK;
while ((line = getnextline(filep))) {
switch(type = deftype(line, filep, file_red, file, TRUE)) {
case IF:
doif:
type = find_includes(filep, file,
file_red, recursion+1, failOK);
while ((type == ELIF) || (type == ELIFFALSE) ||
(type == ELIFGUESSFALSE))
type = gobble(filep, file, file_red);
if (type == ELSE)
gobble(filep, file, file_red);
break;
case IFFALSE:
case IFGUESSFALSE:
doiffalse:
if (type == IFGUESSFALSE || type == ELIFGUESSFALSE)
recfailOK = TRUE;
else
recfailOK = failOK;
type = gobble(filep, file, file_red);
if (type == ELSE)
find_includes(filep, file,
file_red, recursion+1, recfailOK);
else
if (type == ELIF)
goto doif;
else
if ((type == ELIFFALSE) || (type == ELIFGUESSFALSE))
goto doiffalse;
break;
case IFDEF:
case IFNDEF:
if ((type == IFDEF && isdefined(line, file_red, NULL))
|| (type == IFNDEF && !isdefined(line, file_red, NULL))) {
debug(1,(type == IFNDEF ?
"line %d: %s !def'd in %s via %s%s\n" : "",
filep->f_line, line,
file->i_file, file_red->i_file, ": doit"));
type = find_includes(filep, file,
file_red, recursion+1, failOK);
while (type == ELIF || type == ELIFFALSE || type == ELIFGUESSFALSE)
type = gobble(filep, file, file_red);
if (type == ELSE)
gobble(filep, file, file_red);
}
else {
debug(1,(type == IFDEF ?
"line %d: %s !def'd in %s via %s%s\n" : "",
filep->f_line, line,
file->i_file, file_red->i_file, ": gobble"));
type = gobble(filep, file, file_red);
if (type == ELSE)
find_includes(filep, file,
file_red, recursion+1, failOK);
else if (type == ELIF)
goto doif;
else if (type == ELIFFALSE || type == ELIFGUESSFALSE)
goto doiffalse;
}
break;
case ELSE:
case ELIFFALSE:
case ELIFGUESSFALSE:
case ELIF:
if (!recursion)
gobble(filep, file, file_red);
case ENDIF:
if (recursion)
return(type);
case DEFINE:
define(line, file);
break;
case UNDEF:
if (!*line) {
warning("%s", file_red->i_file);
if (file_red != file)
warning1(" (reading %s)", file->i_file);
warning1(", line %d: incomplete undef == \"%s\"\n",
filep->f_line, line);
break;
}
undefine(line, file_red);
break;
case INCLUDE:
case INCLUDEDOT:
case INCLUDENEXT:
case INCLUDENEXTDOT:
inclistp = inclistnext;
includedirsp = includedirsnext;
debug(2,("%s, reading %s, includes %s\n",
file_red->i_file, file->i_file, line));
add_include(filep, file, file_red, line, type, failOK);
inclistnext = inclistp;
includedirsnext = includedirsp;
break;
case ERROR:
case WARNING:
warning("%s", file_red->i_file);
if (file_red != file)
warning1(" (reading %s)", file->i_file);
warning1(", line %d: %s\n",
filep->f_line, line);
break;
case PRAGMA:
case IDENT:
case SCCS:
case EJECT:
break;
case -1:
warning("%s", file_red->i_file);
if (file_red != file)
warning1(" (reading %s)", file->i_file);
warning1(", line %d: unknown directive == \"%s\"\n",
filep->f_line, line);
break;
case -2:
warning("%s", file_red->i_file);
if (file_red != file)
warning1(" (reading %s)", file->i_file);
warning1(", line %d: incomplete include == \"%s\"\n",
filep->f_line, line);
break;
}
}
file->i_flags |= FINISHED;
debug(2,("finished with %s\n", file->i_file));
return(-1);
}

124
security/coreconf/mkdepend/pr.c Normal file
View File

@ -0,0 +1,124 @@
/* $Xorg: pr.c,v 1.4 2001/02/09 02:03:16 xorgcvs Exp $ */
/*
Copyright (c) 1993, 1994, 1998 The Open Group
Permission to use, copy, modify, distribute, and sell this software and its
documentation for any purpose is hereby granted without fee, provided that
the above copyright notice appear in all copies and that both that
copyright notice and this permission notice appear in supporting
documentation.
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Except as contained in this notice, the name of The Open Group shall not be
used in advertising or otherwise to promote the sale, use or other dealings
in this Software without prior written authorization from The Open Group.
*/
/* $XFree86: xc/config/makedepend/pr.c,v 1.5 2001/12/14 19:53:21 dawes Exp $ */
#include "def.h"
extern struct inclist inclist[ MAXFILES ],
*inclistp;
extern char *objprefix;
extern char *objsuffix;
extern int width;
extern boolean printed;
extern boolean verbose;
extern boolean show_where_not;
void
add_include(struct filepointer *filep, struct inclist *file,
struct inclist *file_red, char *include, int type,
boolean failOK)
{
register struct inclist *newfile;
register struct filepointer *content;
/*
* First decide what the pathname of this include file really is.
*/
newfile = inc_path(file->i_file, include, type);
if (newfile == NULL) {
if (failOK)
return;
if (file != file_red)
warning("%s (reading %s, line %d): ",
file_red->i_file, file->i_file, filep->f_line);
else
warning("%s, line %d: ", file->i_file, filep->f_line);
warning1("cannot find include file \"%s\"\n", include);
show_where_not = TRUE;
newfile = inc_path(file->i_file, include, type);
show_where_not = FALSE;
}
if (newfile) {
included_by(file, newfile);
if (!(newfile->i_flags & SEARCHED)) {
newfile->i_flags |= SEARCHED;
content = getfile(newfile->i_file);
find_includes(content, newfile, file_red, 0, failOK);
freefile(content);
}
}
}
static void
pr(struct inclist *ip, char *file, char *base)
{
static char *lastfile;
static int current_len;
register int len, i;
char buf[ BUFSIZ ];
printed = TRUE;
len = strlen(ip->i_file)+1;
if (current_len + len > width || file != lastfile) {
lastfile = file;
sprintf(buf, "\n%s%s%s: %s", objprefix, base, objsuffix,
ip->i_file);
len = current_len = strlen(buf);
}
else {
buf[0] = ' ';
strcpy(buf+1, ip->i_file);
current_len += len;
}
fwrite(buf, len, 1, stdout);
/*
* If verbose is set, then print out what this file includes.
*/
if (! verbose || ip->i_list == NULL || ip->i_flags & NOTIFIED)
return;
ip->i_flags |= NOTIFIED;
lastfile = NULL;
printf("\n# %s includes:", ip->i_file);
for (i=0; i<ip->i_listlen; i++)
printf("\n#\t%s", ip->i_list[ i ]->i_incstring);
}
void
recursive_pr_include(struct inclist *head, char *file, char *base)
{
int i;
if (head->i_flags & MARKED)
return;
head->i_flags |= MARKED;
if (head->i_file != file)
pr(head, file, base);
for (i=0; i<head->i_listlen; i++)
recursive_pr_include(head->i_list[ i ], file, base);
}

2
security/coreconf/tree.mk
View File

@ -39,7 +39,7 @@
# Master "Core Components" file system "release" prefixes #
#######################################################################
# Windows platforms override this. See WIN32.mk or WIN16.mk.
# Windows platforms override this. See WIN32.mk.
ifndef RELEASE_TREE
ifdef BUILD_SHIP
ifdef USE_SHIPS

2
security/dbm/src/config.mk
View File

@ -52,7 +52,7 @@ PURE_LIBRARY =
PROGRAM =
ifdef SHARED_LIBRARY
ifeq (,$(filter-out WINNT WIN95 WINCE,$(OS_TARGET))) # list omits WIN16
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
DLLBASE=/BASE:0x30000000
RES=$(OBJDIR)/dbm.res
RESNAME=../include/dbm.rc

2
security/dbm/src/dirent.c
View File

@ -27,7 +27,7 @@
* LS30 HPFS386 requires a count greater than 2, or some files
* are missing (those starting with a character less that '.').
*
* Novell looses entries which overflow the buffer. In previous
* Novell loses entries which overflow the buffer. In previous
* versions of dirent2, this could have lead to missing files
* when the average length of 100 directory entries was 40 bytes
* or more (quite unlikely for files on a Novell server).

25
security/nss/cmd/bltest/blapitest.c
View File

@ -667,8 +667,10 @@ typedef enum {
bltestRC2_ECB, /* . */
bltestRC2_CBC, /* . */
bltestRC4, /* . */
#ifdef NSS_SOFTOKEN_DOES_RC5
bltestRC5_ECB, /* . */
bltestRC5_CBC, /* . */
#endif
bltestAES_ECB, /* . */
bltestAES_CBC, /* . */
bltestCAMELLIA_ECB, /* . */
@ -698,8 +700,10 @@ static char *mode_strings[] =
"rc2_ecb",
"rc2_cbc",
"rc4",
#ifdef NSS_SOFTOKEN_DOES_RC5
"rc5_ecb",
"rc5_cbc",
#endif
"aes_ecb",
"aes_cbc",
"camellia_ecb",
@ -862,7 +866,10 @@ cipher_requires_IV(bltestCipherMode mode)
{
/* change as needed! */
if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC ||
mode == bltestRC2_CBC || mode == bltestRC5_CBC ||
mode == bltestRC2_CBC ||
#ifdef NSS_SOFTOKEN_DOES_RC5
mode == bltestRC5_CBC ||
#endif
mode == bltestAES_CBC || mode == bltestCAMELLIA_CBC||
mode == bltestSEED_CBC)
return PR_TRUE;
@ -1288,7 +1295,7 @@ bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
SECStatus
bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
{
#if NSS_SOFTOKEN_DOES_RC5
#ifdef NSS_SOFTOKEN_DOES_RC5
PRIntervalTime time1, time2;
bltestRC5Params *rc5p = &cipherInfo->params.rc5;
int minorMode;
@ -1979,9 +1986,9 @@ cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt)
cipherInfo->input.pBuf.len);
return bltest_rc4_init(cipherInfo, encrypt);
break;
#ifdef NSS_SOFTOKEN_DOES_RC5
case bltestRC5_ECB:
case bltestRC5_CBC:
#if NSS_SOFTOKEN_DOES_RC5
SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
cipherInfo->input.pBuf.len);
#endif
@ -2470,7 +2477,7 @@ cipherFinish(bltestCipherInfo *cipherInfo)
case bltestRC4:
RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE);
break;
#if NSS_SOFTOKEN_DOES_RC5
#ifdef NSS_SOFTOKEN_DOES_RC5
case bltestRC5_ECB:
case bltestRC5_CBC:
RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE);
@ -2623,7 +2630,7 @@ print_td:
else
fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len);
break;
#if NSS_SOFTOKEN_DOES_RC5
#ifdef NSS_SOFTOKEN_DOES_RC5
case bltestRC5_ECB:
case bltestRC5_CBC:
if (info->params.sk.key.buf.len > 0)
@ -2747,7 +2754,7 @@ get_params(PRArenaPool *arena, bltestParams *params,
{
char filename[256];
char *modestr = mode_strings[mode];
#if NSS_SOFTOKEN_DOES_RC5
#ifdef NSS_SOFTOKEN_DOES_RC5
FILE *file;
char *mark, *param, *val;
int index = 0;
@ -2771,7 +2778,7 @@ get_params(PRArenaPool *arena, bltestParams *params,
sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
load_file_data(arena, &params->sk.key, filename, bltestBinary);
break;
#if NSS_SOFTOKEN_DOES_RC5
#ifdef NSS_SOFTOKEN_DOES_RC5
case bltestRC5_ECB:
case bltestRC5_CBC:
sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
@ -2918,7 +2925,6 @@ blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
finished = PR_FALSE;
nummodes = (numModes == 0) ? NUMMODES : numModes;
for (i=0; i < nummodes && !finished; i++) {
if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue;
if (numModes > 0)
mode = modes[i];
else
@ -3542,9 +3548,11 @@ int main(int argc, char **argv)
char *ivstr = NULL;
bltestSymmKeyParams *skp;
file = NULL;
#ifdef NSS_SOFTOKEN_DOES_RC5
if (cipherInfo->mode == bltestRC5_CBC)
skp = (bltestSymmKeyParams *)&params->rc5;
else
#endif
skp = &params->sk;
if (bltest.options[opt_IV].activated) {
if (bltest.options[opt_CmdLine].activated) {
@ -3734,3 +3742,4 @@ int main(int argc, char **argv)
return SECSuccess;
}

321
security/nss/cmd/certutil/certext.c
View File

@ -278,49 +278,121 @@ GetYesNo(char *prompt)
return (buffPrt && (buf[0] == 'y' || buf[0] == 'Y')) ? PR_TRUE : PR_FALSE;
}
/* Parses comma separated values out of the string pointed by nextPos.
* Parsed value is compared to an array of possible values(valueArray).
* If match is found, a value index is returned, otherwise returns SECFailue.
* nextPos is set to the token after found comma separator or to NULL.
* NULL in nextPos should be used as indication of the last parsed token.
* A special value "critical" can be parsed out from the supplied sting.*/
static SECStatus
parseNextCmdInput(const char * const *valueArray, int *value, char **nextPos,
PRBool *critical)
{
char *thisPos = *nextPos;
int keyLen = 0;
int arrIndex = 0;
if (!valueArray || !value || !nextPos || !critical) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
while (1) {
if ((*nextPos = strchr(thisPos, ',')) == NULL) {
keyLen = strlen(thisPos);
} else {
keyLen = *nextPos - thisPos;
*nextPos += 1;
}
/* if critical keyword is found, go for another loop,
* but check, if it is the last keyword of
* the string.*/
if (!strncmp("critical", thisPos, keyLen)) {
*critical = PR_TRUE;
if (*nextPos == NULL) {
return SECSuccess;
}
thisPos = *nextPos;
continue;
}
break;
}
for (arrIndex = 0; valueArray[arrIndex]; arrIndex++) {
if (!strncmp(valueArray[arrIndex], thisPos, keyLen)) {
*value = arrIndex;
return SECSuccess;
}
}
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
static const char * const
keyUsageKeyWordArray[] = { "digitalSignature",
"nonRepudiation",
"keyEncipherment",
"dataEncipherment",
"keyAgreement",
"certSigning",
"crlSigning",
NULL};
static SECStatus
AddKeyUsage (void *extHandle)
AddKeyUsage (void *extHandle, const char *userSuppliedValue)
{
SECItem bitStringValue;
unsigned char keyUsage = 0x0;
char buffer[5];
int value;
PRBool yesNoAns;
char *nextPos = (char*)userSuppliedValue;
PRBool isCriticalExt = PR_FALSE;
while (1) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - Digital Signature\n"
"\t\t1 - Non-repudiation\n"
"\t\t2 - Key encipherment\n"
"\t\t3 - Data encipherment\n"
"\t\t4 - Key agreement\n"
"\t\t5 - Cert signing key\n"
"\t\t6 - CRL signing key\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
return SECFailure;
}
value = PORT_Atoi (buffer);
if (value < 0 || value > 6)
break;
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
if (!userSuppliedValue) {
while (1) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - Digital Signature\n"
"\t\t1 - Non-repudiation\n"
"\t\t2 - Key encipherment\n"
"\t\t3 - Data encipherment\n"
"\t\t4 - Key agreement\n"
"\t\t5 - Cert signing key\n"
"\t\t6 - CRL signing key\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
return SECFailure;
}
value = PORT_Atoi (buffer);
if (value < 0 || value > 6)
break;
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
}
}
keyUsage |= (0x80 >> value);
}
isCriticalExt = GetYesNo("Is this a critical extension [y/N]?");
} else {
while (1) {
if (parseNextCmdInput(keyUsageKeyWordArray, &value, &nextPos,
&isCriticalExt) == SECFailure) {
return SECFailure;
}
keyUsage |= (0x80 >> value);
if (!nextPos)
break;
}
keyUsage |= (0x80 >> value);
}
bitStringValue.data = &keyUsage;
bitStringValue.len = 1;
yesNoAns = GetYesNo("Is this a critical extension [y/N]?");
return (CERT_EncodeAndAddBitStrExtension
(extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
yesNoAns));
isCriticalExt));
}
@ -378,6 +450,10 @@ AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
}
for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
if (*oids == &od->oid) {
/* We already have this oid */
return SECSuccess;
}
count++;
}
@ -432,42 +508,60 @@ loser:
return (SECItem *)NULL;
}
static const char * const
extKeyUsageKeyWordArray[] = { "serverAuth",
"clientAuth",
"codeSigning",
"emailProtection",
"timeStamp",
"ocspResponder",
"stepUp",
NULL};
static SECStatus
AddExtKeyUsage (void *extHandle)
AddExtKeyUsage (void *extHandle, const char *userSuppliedValue)
{
char buffer[5];
int value;
CERTOidSequence *os;
SECStatus rv;
SECItem *item;
PRBool yesNoAns;
PRBool isCriticalExt = PR_FALSE;
char *nextPos = (char*)userSuppliedValue;
os = CreateOidSequence();
if( (CERTOidSequence *)NULL == os ) {
return SECFailure;
}
while (1) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - Server Auth\n"
"\t\t1 - Client Auth\n"
"\t\t2 - Code Signing\n"
"\t\t3 - Email Protection\n"
"\t\t4 - Timestamp\n"
"\t\t5 - OCSP Responder\n"
"\t\t6 - Step-up\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
GEN_BREAK(SECFailure);
}
value = PORT_Atoi(buffer);
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
if (!userSuppliedValue) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - Server Auth\n"
"\t\t1 - Client Auth\n"
"\t\t2 - Code Signing\n"
"\t\t3 - Email Protection\n"
"\t\t4 - Timestamp\n"
"\t\t5 - OCSP Responder\n"
"\t\t6 - Step-up\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
GEN_BREAK(SECFailure);
}
value = PORT_Atoi(buffer);
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
}
}
} else {
if (parseNextCmdInput(extKeyUsageKeyWordArray, &value, &nextPos,
&isCriticalExt) == SECFailure) {
return SECFailure;
}
}
@ -497,66 +591,95 @@ AddExtKeyUsage (void *extHandle)
goto endloop;
}
if( SECSuccess != rv ) goto loser;
if (userSuppliedValue && !nextPos)
break;
if( SECSuccess != rv )
goto loser;
}
endloop:
item = EncodeOidSequence(os);
yesNoAns = GetYesNo("Is this a critical extension [y/N]?");
if (!userSuppliedValue) {
isCriticalExt = GetYesNo("Is this a critical extension [y/N]?");
}
rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item,
yesNoAns, PR_TRUE);
isCriticalExt, PR_TRUE);
/*FALLTHROUGH*/
loser:
DestroyOidSequence(os);
return rv;
}
static const char * const
nsCertTypeKeyWordArray[] = { "sslClient",
"sslServer",
"smime",
"objectSigning",
"Not!Used",
"sslCA",
"smimeCA",
"objectSigningCA",
NULL };
static SECStatus
AddNscpCertType (void *extHandle)
AddNscpCertType (void *extHandle, const char *userSuppliedValue)
{
SECItem bitStringValue;
unsigned char keyUsage = 0x0;
char buffer[5];
int value;
PRBool yesNoAns;
char *nextPos = (char*)userSuppliedValue;
PRBool isCriticalExt = PR_FALSE;
while (1) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - SSL Client\n"
"\t\t1 - SSL Server\n"
"\t\t2 - S/MIME\n"
"\t\t3 - Object Signing\n"
"\t\t4 - Reserved for future use\n"
"\t\t5 - SSL CA\n"
"\t\t6 - S/MIME CA\n"
"\t\t7 - Object Signing CA\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
return SECFailure;
}
value = PORT_Atoi (buffer);
if (value < 0 || value > 7)
break;
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
if (!userSuppliedValue) {
while (1) {
if (PrintChoicesAndGetAnswer(
"\t\t0 - SSL Client\n"
"\t\t1 - SSL Server\n"
"\t\t2 - S/MIME\n"
"\t\t3 - Object Signing\n"
"\t\t4 - Reserved for future use\n"
"\t\t5 - SSL CA\n"
"\t\t6 - S/MIME CA\n"
"\t\t7 - Object Signing CA\n"
"\t\tOther to finish\n",
buffer, sizeof(buffer)) == SECFailure) {
return SECFailure;
}
value = PORT_Atoi (buffer);
if (value < 0 || value > 7)
break;
if (value == 0) {
/* Checking that zero value of variable 'value'
* corresponds to '0' input made by user */
char *chPtr = strchr(buffer, '0');
if (chPtr == NULL) {
continue;
}
}
keyUsage |= (0x80 >> value);
}
isCriticalExt = GetYesNo("Is this a critical extension [y/N]?");
} else {
while (1) {
if (parseNextCmdInput(nsCertTypeKeyWordArray, &value, &nextPos,
&isCriticalExt) == SECFailure) {
return SECFailure;
}
keyUsage |= (0x80 >> value);
if (!nextPos)
break;
}
keyUsage |= (0x80 >> value);
}
bitStringValue.data = &keyUsage;
bitStringValue.len = 1;
yesNoAns = GetYesNo("Is this a critical extension [y/N]?");
return (CERT_EncodeAndAddBitStrExtension
(extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
yesNoAns));
isCriticalExt));
}
@ -571,7 +694,6 @@ AddSubjectAltNames(PRArenaPool *arena, CERTGeneralName **existingListp,
char *tbuf;
SECStatus rv = SECSuccess;
/*
* walk down the comma separated list of names. NOTE: there is
* no sanity checks to see if the email address look like
@ -1557,8 +1679,8 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
do {
/* Add key usage extension */
if (extList[ext_keyUsage]) {
rv = AddKeyUsage(extHandle);
if (extList[ext_keyUsage].activated) {
rv = AddKeyUsage(extHandle, extList[ext_keyUsage].arg);
if (rv) {
errstring = "KeyUsage";
break;
@ -1566,8 +1688,8 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
/* Add extended key usage extension */
if (extList[ext_extKeyUsage]) {
rv = AddExtKeyUsage(extHandle);
if (extList[ext_extKeyUsage].activated) {
rv = AddExtKeyUsage(extHandle, extList[ext_extKeyUsage].arg);
if (rv) {
errstring = "ExtendedKeyUsage";
break;
@ -1575,7 +1697,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
/* Add basic constraint extension */
if (extList[ext_basicConstraint]) {
if (extList[ext_basicConstraint].activated) {
rv = AddBasicConstraint(extHandle);
if (rv) {
errstring = "BasicConstraint";
@ -1583,7 +1705,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_authorityKeyID]) {
if (extList[ext_authorityKeyID].activated) {
rv = AddAuthKeyID(extHandle);
if (rv) {
errstring = "AuthorityKeyID";
@ -1591,7 +1713,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_subjectKeyID]) {
if (extList[ext_subjectKeyID].activated) {
rv = AddSubjKeyID(extHandle);
if (rv) {
errstring = "SubjectKeyID";
@ -1599,7 +1721,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_CRLDistPts]) {
if (extList[ext_CRLDistPts].activated) {
rv = AddCrlDistPoint(extHandle);
if (rv) {
errstring = "CRLDistPoints";
@ -1607,24 +1729,25 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_NSCertType]) {
rv = AddNscpCertType(extHandle);
if (extList[ext_NSCertType].activated) {
rv = AddNscpCertType(extHandle, extList[ext_extKeyUsage].arg);
if (rv) {
errstring = "NSCertType";
break;
}
}
if (extList[ext_authInfoAcc] || extList[ext_subjInfoAcc]) {
rv = AddInfoAccess(extHandle, extList[ext_subjInfoAcc],
extList[ext_basicConstraint]);
if (extList[ext_authInfoAcc].activated ||
extList[ext_subjInfoAcc].activated) {
rv = AddInfoAccess(extHandle, extList[ext_subjInfoAcc].activated,
extList[ext_basicConstraint].activated);
if (rv) {
errstring = "InformationAccess";
break;
}
}
if (extList[ext_certPolicies]) {
if (extList[ext_certPolicies].activated) {
rv = AddCertPolicies(extHandle);
if (rv) {
errstring = "Policies";
@ -1632,7 +1755,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_policyMappings]) {
if (extList[ext_policyMappings].activated) {
rv = AddPolicyMappings(extHandle);
if (rv) {
errstring = "PolicyMappings";
@ -1640,7 +1763,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_policyConstr]) {
if (extList[ext_policyConstr].activated) {
rv = AddPolicyConstraints(extHandle);
if (rv) {
errstring = "PolicyConstraints";
@ -1648,7 +1771,7 @@ AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,
}
}
if (extList[ext_inhibitAnyPolicy]) {
if (extList[ext_inhibitAnyPolicy].activated) {
rv = AddInhibitAnyPolicy(extHandle);
if (rv) {
errstring = "InhibitAnyPolicy";

139
security/nss/cmd/certutil/certutil.c
View File

@ -177,19 +177,26 @@ AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts,
GEN_BREAK(SECFailure);
}
if (PK11_IsFIPS() || !PK11_IsInternal(slot)) {
rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
if (rv != SECSuccess) {
SECU_PrintError(progName, "could not authenticate to token %s.",
PK11_GetTokenName(slot));
GEN_BREAK(SECFailure);
}
}
rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE);
if (rv != SECSuccess) {
SECU_PrintError(progName, "could not add certificate to token or database");
GEN_BREAK(SECFailure);
/* sigh, PK11_Import Cert and CERT_ChangeCertTrust should have
* been coded to take a password arg. */
if (PORT_GetError() == SEC_ERROR_TOKEN_NOT_LOGGED_IN) {
rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
if (rv != SECSuccess) {
SECU_PrintError(progName,
"could not authenticate to token %s.",
PK11_GetTokenName(slot));
GEN_BREAK(SECFailure);
}
rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE,
name, PR_FALSE);
}
if (rv != SECSuccess) {
SECU_PrintError(progName,
"could not add certificate to token or database");
GEN_BREAK(SECFailure);
}
}
rv = CERT_ChangeCertTrust(handle, cert, trust);
@ -197,8 +204,9 @@ AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts,
if (PORT_GetError() == SEC_ERROR_TOKEN_NOT_LOGGED_IN) {
rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
if (rv != SECSuccess) {
SECU_PrintError(progName, "could not authenticate to token %s.",
PK11_GetTokenName(slot));
SECU_PrintError(progName,
"could not authenticate to token %s.",
PK11_GetTokenName(slot));
GEN_BREAK(SECFailure);
}
rv = CERT_ChangeCertTrust(handle, cert, trust);
@ -940,8 +948,11 @@ Usage(char *progName)
FPS "\t%s -B -i batch-file\n", progName);
FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n"
"\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
"\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5]\n"
"\t\t [-6] [-7 emailAddrs] [-8 dns-names] [-a]\n",
"\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
"\t\t [-1 | --keyUsage [keyUsageKeyword,..]] [-2] [-3] [-4]\n"
"\t\t [-5 | --nsCertType [nsCertTypeKeyword,...]]\n"
"\t\t [-6 | --extKeyUsage [extKeyUsageKeyword,...]] [-7 emailAddrs]\n"
"\t\t [-8 dns-names] [-a]\n",
progName);
FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName);
FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
@ -1049,18 +1060,29 @@ static void LongUsage(char *progName)
" -d certdir");
FPS "%-20s Cert & Key database prefix\n",
" -P dbprefix");
FPS "%-20s Create key usage extension\n",
" -1 ");
FPS "%-20s \n"
"%-20s Create key usage extension. Possible keywords:\n"
"%-20s \"digitalSignature\", \"nonRepudiation\", \"keyEncipherment\",\n"
"%-20s \"dataEncipherment\", \"keyAgreement\", \"certSigning\",\n"
"%-20s \"crlSigning\", \"critical\"\n",
" -1 | --keyUsage keyword,keyword,...", "", "", "", "");
FPS "%-20s Create basic constraint extension\n",
" -2 ");
FPS "%-20s Create authority key ID extension\n",
" -3 ");
FPS "%-20s Create crl distribution point extension\n",
" -4 ");
FPS "%-20s Create netscape cert type extension\n",
" -5 ");
FPS "%-20s Create extended key usage extension\n",
" -6 ");
FPS "%-20s \n"
"%-20s Create netscape cert type extension. Possible keywords:\n"
"%-20s \"sslClient\", \"sslServer\", \"smime\", \"objectSigning\",\n"
"%-20s \"sslCA\", \"smimeCA\", \"objectSigningCA\", \"critical\".\n",
" -5 | -nsCertType keyword,keyword,... ", "", "", "");
FPS "%-20s \n"
"%-20s Create extended key usage extension. Possible keywords:\n"
"%-20s \"serverAuth\", \"clientAuth\",\"codeSigning\",\n"
"%-20s \"emailProtection\", \"timeStamp\",\"ocspResponder\",\n"
"%-20s \"stepUp\", \"critical\"\n",
" -6 | --extKeyUsage keyword,keyword,...", "", "", "", "");
FPS "%-20s Create an email subject alt name extension\n",
" -7 emailAddrs");
FPS "%-20s Create an dns subject alt name extension\n",
@ -1803,6 +1825,9 @@ enum certutilOpts {
opt_AddPolicyConstrExt,
opt_AddInhibAnyExt,
opt_AddSubjectKeyIDExt,
opt_AddCmdKeyUsageExt,
opt_AddCmdNSCertTypeExt,
opt_AddCmdExtKeyUsageExt,
opt_SourceDir,
opt_SourcePrefix,
opt_UpgradeID,
@ -1888,6 +1913,13 @@ secuCommandFlag options_init[] =
{ /* opt_AddInhibAnyExt */ 0, PR_FALSE, 0, PR_FALSE, "extIA" },
{ /* opt_AddSubjectKeyIDExt */ 0, PR_FALSE, 0, PR_FALSE,
"extSKID" },
{ /* opt_AddCmdKeyUsageExt */ 0, PR_TRUE, 0, PR_FALSE,
"keyUsage" },
{ /* opt_AddCmdNSCertTypeExt */ 0, PR_TRUE, 0, PR_FALSE,
"nsCertType" },
{ /* opt_AddCmdExtKeyUsageExt*/ 0, PR_TRUE, 0, PR_FALSE,
"extKeyUsage" },
{ /* opt_SourceDir */ 0, PR_TRUE, 0, PR_FALSE,
"source-dir"},
{ /* opt_SourcePrefix */ 0, PR_TRUE, 0, PR_FALSE,
@ -2551,14 +2583,6 @@ merge_fail:
}
/* Modify trust attribute for cert (-M) */
if (certutil.commands[cmd_ModifyCertTrust].activated) {
if (PK11_IsFIPS() || !PK11_IsFriendly(slot)) {
rv = PK11_Authenticate(slot, PR_TRUE, &pwdata);
if (rv != SECSuccess) {
SECU_PrintError(progName, "could not authenticate to token %s.",
PK11_GetTokenName(slot));
goto shutdown;
}
}
rv = ChangeTrustAttributes(certHandle, slot, name,
certutil.options[opt_Trust].arg, &pwdata);
goto shutdown;
@ -2676,31 +2700,54 @@ merge_fail:
if (certutil.commands[cmd_CertReq].activated ||
certutil.commands[cmd_CreateAndAddCert].activated ||
certutil.commands[cmd_CreateNewCert].activated) {
certutil_extns[ext_keyUsage] =
certutil.options[opt_AddKeyUsageExt].activated;
certutil_extns[ext_basicConstraint] =
certutil_extns[ext_keyUsage].activated =
certutil.options[opt_AddCmdKeyUsageExt].activated;
if (!certutil_extns[ext_keyUsage].activated) {
certutil_extns[ext_keyUsage].activated =
certutil.options[opt_AddKeyUsageExt].activated;
} else {
certutil_extns[ext_keyUsage].arg =
certutil.options[opt_AddCmdKeyUsageExt].arg;
}
certutil_extns[ext_basicConstraint].activated =
certutil.options[opt_AddBasicConstraintExt].activated;
certutil_extns[ext_authorityKeyID] =
certutil_extns[ext_authorityKeyID].activated =
certutil.options[opt_AddAuthorityKeyIDExt].activated;
certutil_extns[ext_subjectKeyID] =
certutil_extns[ext_subjectKeyID].activated =
certutil.options[opt_AddSubjectKeyIDExt].activated;
certutil_extns[ext_CRLDistPts] =
certutil_extns[ext_CRLDistPts].activated =
certutil.options[opt_AddCRLDistPtsExt].activated;
certutil_extns[ext_NSCertType] =
certutil.options[opt_AddNSCertTypeExt].activated;
certutil_extns[ext_extKeyUsage] =
certutil.options[opt_AddExtKeyUsageExt].activated;
certutil_extns[ext_authInfoAcc] =
certutil_extns[ext_NSCertType].activated =
certutil.options[opt_AddCmdNSCertTypeExt].activated;
if (!certutil_extns[ext_NSCertType].activated) {
certutil_extns[ext_NSCertType].activated =
certutil.options[opt_AddNSCertTypeExt].activated;
} else {
certutil_extns[ext_NSCertType].arg =
certutil.options[opt_AddCmdNSCertTypeExt].arg;
}
certutil_extns[ext_extKeyUsage].activated =
certutil.options[opt_AddCmdExtKeyUsageExt].activated;
if (!certutil_extns[ext_extKeyUsage].activated) {
certutil_extns[ext_extKeyUsage].activated =
certutil.options[opt_AddExtKeyUsageExt].activated;
} else {
certutil_extns[ext_extKeyUsage].arg =
certutil.options[opt_AddCmdExtKeyUsageExt].arg;
}
certutil_extns[ext_authInfoAcc].activated =
certutil.options[opt_AddAuthInfoAccExt].activated;
certutil_extns[ext_subjInfoAcc] =
certutil_extns[ext_subjInfoAcc].activated =
certutil.options[opt_AddSubjInfoAccExt].activated;
certutil_extns[ext_certPolicies] =
certutil_extns[ext_certPolicies].activated =
certutil.options[opt_AddCertPoliciesExt].activated;
certutil_extns[ext_policyMappings] =
certutil_extns[ext_policyMappings].activated =
certutil.options[opt_AddPolicyMapExt].activated;
certutil_extns[ext_policyConstr] =
certutil_extns[ext_policyConstr].activated =
certutil.options[opt_AddPolicyConstrExt].activated;
certutil_extns[ext_inhibitAnyPolicy] =
certutil_extns[ext_inhibitAnyPolicy].activated =
certutil.options[opt_AddInhibAnyExt].activated;
}
/*
@ -2730,7 +2777,7 @@ merge_fail:
* and output the cert to another file.
*/
if (certutil.commands[cmd_CreateAndAddCert].activated) {
static certutilExtnList nullextnlist = {PR_FALSE};
static certutilExtnList nullextnlist = {{PR_FALSE, NULL}};
rv = CertReq(privkey, pubkey, keytype, hashAlgTag, subject,
certutil.options[opt_PhoneNumber].arg,
certutil.options[opt_ASCIIForIO].activated,

7
security/nss/cmd/certutil/certutil.h
View File

@ -67,7 +67,12 @@ enum certutilExtns {
ext_End
};
typedef PRBool certutilExtnList[ext_End];
typedef struct ExtensionEntryStr {
PRBool activated;
const char *arg;
} ExtensionEntry;
typedef ExtensionEntry certutilExtnList[ext_End];
extern SECStatus
AddExtensions(void *extHandle, const char *emailAddrs, const char *dnsNames,

2
security/nss/cmd/certutil/keystuff.c
View File

@ -604,12 +604,12 @@ CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
pwdata /*wincx*/);
/* free up the params */
switch (keytype) {
case rsaKey: /* nothing to free */ break;
case dsaKey: if (dsaparams) CERTUTIL_DestroyParamsPQG(dsaparams);
break;
#ifdef NSS_ENABLE_ECC
case ecKey: SECITEM_FreeItem((SECItem *)params, PR_TRUE); break;
#endif
default: /* nothing to free */ break;
}
return privKey;
}

2
security/nss/cmd/checkcert/checkcert.c
View File

@ -542,7 +542,7 @@ int main(int argc, char **argv)
/* Check if self-signed */
selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0);
if (selfSigned) {
printf("INFO: Certificate is self-signed.\n");
printf("INFO: Certificate is self signed.\n");
} else {
printf("INFO: Certificate is NOT self-signed.\n");
}

2
security/nss/cmd/crmf-cgi/crmfcgi.c
View File

@ -479,7 +479,7 @@ formatCMMFResponse(char *nickname, char *base64Response)
}
printf("true);\n"
"if(retVal == '') {\n"
"\tdocument.write(\"<h1>New Certificate Succesfully Imported.</h1>\");\n"
"\tdocument.write(\"<h1>New Certificate Successfully Imported.</h1>\");\n"
"} else {\n"
"\tdocument.write(\"<h2>Unable to import New Certificate</h2>\");\n"
"\tdocument.write(\"crypto.importUserCertificates returned <b>\");\n"

0
security/nss/cmd/ecperf/manifest.mn Normal file → Executable file
View File

301
security/nss/cmd/fipstest/fipstest.c
View File

@ -2564,6 +2564,304 @@ loser:
}
#endif /* NSS_ENABLE_ECC */
/*
* Read a value from the test and allocate the result.
*/
static unsigned char *
alloc_value(char *buf, int *len)
{
unsigned char * value;
int i, count;
if (strncmp(buf, "<None>", 6) == 0) {
*len = 0;
return NULL;
}
/* find the length of the number */
for (count = 0; isxdigit(buf[count]); count++);
*len = count/2;
if (*len == 0) {
return NULL;
}
value = PORT_Alloc(*len);
if (!value) {
*len = 0;
return NULL;
}
for (i=0; i<*len; buf+=2 , i++) {
hex_to_byteval(buf, &value[i]);
}
return value;
}
PRBool
isblankline(char *b)
{
while (isspace(*b)) b++;
if ((*b == '\n') || (*b == 0)) {
return PR_TRUE;
}
return PR_FALSE;
}
/*
* Perform the Hash_DRBG (CAVS) for the RNG algorithm
*
* reqfn is the pathname of the REQUEST file.
*
* The output RESPONSE file is written to stdout.
*/
void
drbg(char *reqfn)
{
char buf[2000]; /* test case has some very long lines, returned bits
* as high as 800 bytes (6400 bits). That 1600 byte
* plus a tag */
char buf2[2000];
FILE *rngreq; /* input stream from the REQUEST file */
FILE *rngresp; /* output stream to the RESPONSE file */
unsigned int i;
unsigned char *entropy = NULL;
int entropy_len = 0;
unsigned char *nonce = NULL;
int nonce_len = 0;
unsigned char *personalization_string = NULL;
int ps_len = 0;
unsigned char *return_bytes = NULL;
unsigned char *predicted_return_bytes = NULL;
int return_bytes_len = 0;
unsigned char *additional_input = NULL;
int additional_len = 0;
enum { NONE, INSTANTIATE, GENERATE, RESEED, UNINSTANTIATE } command =
NONE;
SECStatus rv;
rngreq = fopen(reqfn, "r");
rngresp = stdout;
while (fgets(buf, sizeof buf, rngreq) != NULL) {
/* a comment, skip it. */
if (buf[0] == '#') {
fputs(buf, rngresp);
continue;
}
if (isblankline(buf)) {
switch (command) {
case INSTANTIATE:
rv = PRNGTEST_Instantiate(entropy, entropy_len,
nonce, nonce_len,
personalization_string, ps_len);
if (rv != SECSuccess) {
goto loser;
}
/* clear */
if (entropy) {
PORT_ZFree(entropy, entropy_len);
entropy = NULL;
entropy_len = 0;
}
if (nonce) {
PORT_ZFree(nonce, nonce_len);
nonce = NULL;
nonce_len = 0;
}
if (personalization_string) {
PORT_ZFree(personalization_string, ps_len);
personalization_string = NULL;
ps_len = 0;
}
break;
case GENERATE:
rv = PRNGTEST_Generate(return_bytes, return_bytes_len,
additional_input, additional_len);
if (rv != SECSuccess) {
goto loser;
}
/* clear */
if (predicted_return_bytes) {
fputc('+', rngresp);
}
fputs("Returned bits = ", rngresp);
to_hex_str(buf2, return_bytes, return_bytes_len);
fputs(buf2, rngresp);
fputc('\n', rngresp);
if (predicted_return_bytes) {
if (memcmp(return_bytes,
predicted_return_bytes, return_bytes_len) != 0) {
fprintf(stderr, "Generate failed:\n");
fputs( " predicted=", stderr);
to_hex_str(buf, predicted_return_bytes,
return_bytes_len);
fputs(buf, stderr);
fputs("\n actual = ", stderr);
fputs(buf2, stderr);
fputc('\n', stderr);
}
PORT_ZFree(predicted_return_bytes, return_bytes_len);
predicted_return_bytes = NULL;
}
if (return_bytes) {
PORT_ZFree(return_bytes, return_bytes_len);
return_bytes = NULL;
return_bytes_len = 0;
}
if (additional_input) {
PORT_ZFree(additional_input, additional_len);
additional_input = NULL;
additional_len = 0;
}
break;
case RESEED:
rv = PRNGTEST_Reseed(entropy, entropy_len,
additional_input, additional_len);
if (rv != SECSuccess) {
goto loser;
}
/* clear */
if (entropy) {
PORT_ZFree(entropy, entropy_len);
entropy = NULL;
entropy_len = 0;
}
if (additional_input) {
PORT_ZFree(additional_input, additional_len);
additional_input = NULL;
additional_len = 0;
}
break;
case UNINSTANTIATE:
rv = PRNGTEST_Uninstantiate();
if (rv != SECSuccess) {
goto loser;
}
break;
}
fputs(buf, rngresp);
command = NONE;
continue;
}
/* [Hash - SHA256] */
if (buf[0] == '[') {
fputs(buf, rngresp);
continue;
}
/* INSTANTIATE */
if (strncmp(buf, "INSTANTIATE", 11) == 0) {
i = 11;
command = INSTANTIATE;
fputs(buf, rngresp);
continue;
}
/* Generate bytes */
if (strncmp(buf, "GENERATE", 8) == 0) {
i = 8;
while (isspace(buf[i])) {
i++;
}
return_bytes_len = atoi(&buf[i])/8;
return_bytes = PORT_Alloc(return_bytes_len);
command = GENERATE;
fputs(buf, rngresp);
continue;
}
if (strncmp(buf, "RESEED", 6) == 0) {
i = 6;
command = RESEED;
fputs(buf, rngresp);
continue;
}
if (strncmp(buf, "UNINSTANTIATE", 13) == 0) {
i = 13;
command = UNINSTANTIATE;
fputs(buf, rngresp);
continue;
}
/* Entropy input = ... */
if (strncmp(buf, "Entropy input", 13) == 0) {
i = 13;
while (isspace(buf[i]) || buf[i] == '=') {
i++;
}
if ((command == INSTANTIATE) || (command == RESEED)) {
entropy = alloc_value(&buf[i], &entropy_len);
}
fputs(buf, rngresp);
continue;
}
/* Nonce = ... */
if (strncmp(buf, "Nonce", 5) == 0) {
i = 5;
while (isspace(buf[i]) || buf[i] == '=') {
i++;
}
if (command == INSTANTIATE) {
nonce = alloc_value(&buf[i], &nonce_len);
}
fputs(buf, rngresp);
continue;
}
/* Personalization string = ... */
if (strncmp(buf, "Personalization string", 22) == 0) {
i = 22;
while (isspace(buf[i]) || buf[i] == '=') {
i++;
}
if (command == INSTANTIATE) {
personalization_string = alloc_value(&buf[i], &ps_len);
}
fputs(buf, rngresp);
continue;
}
/* Returned bits = ... */
if (strncmp(buf, "Returned bits", 13) == 0) {
i = 13;
while (isspace(buf[i]) || buf[i] == '=') {
i++;
}
if (command == GENERATE) {
int len;
predicted_return_bytes = alloc_value(&buf[i], &len);
}
fputs(buf, rngresp);
continue;
}
/* Additional input = ... */
if (strncmp(buf, "Additional input", 16) == 0) {
i = 16;
while (isspace(buf[i]) || buf[i] == '=') {
i++;
}
if ((command == GENERATE) || (command = RESEED)) {
additional_input = alloc_value(&buf[i], &additional_len);
}
fputs(buf, rngresp);
continue;
}
}
loser:
fclose(rngreq);
}
/*
* Perform the RNG Variable Seed Test (VST) for the RNG algorithm
* "DSA - Generation of X", used both as specified and as a generic
@ -4597,6 +4895,9 @@ int main(int argc, char **argv)
/* Monte Carlo Test */
rng_mct(argv[3]);
}
} else if (strcmp(argv[1], "drbg") == 0) {
/* Variable Seed Test */
drbg(argv[2]);
}
return 0;
}

18
security/nss/cmd/fipstest/rng.sh
View File

@ -8,22 +8,12 @@
# directory where the REQUEST (.req) files reside. The script generates the
# RESPONSE (.rsp) files in the same directory.
vst_requests="
FIPS186_VST.req
FIPS186_VSTGEN.req
"
mct_requests="
FIPS186_MCT.req
FIPS186_MCTGEN.req
drbg_requests="
SHA256_DRBG.req
"
for request in $vst_requests; do
for request in $drbg_requests; do
response=`echo $request | sed -e "s/req/rsp/"`
echo $request $response
fipstest rng vst $request > $response
done
for request in $mct_requests; do
response=`echo $request | sed -e "s/req/rsp/"`
echo $request $response
fipstest rng mct $request > $response
fipstest drbg $request > $response
done

2
security/nss/cmd/lib/manifest.mn
View File

@ -47,6 +47,7 @@ PRIVATE_EXPORTS = secutil.h \
NSPRerrs.h \
SECerrs.h \
SSLerrs.h \
pk11table.h \
$(NULL)
CSRCS = secutil.c \
@ -56,6 +57,7 @@ CSRCS = secutil.c \
pppolicy.c \
secerror.c \
ffs.c \
pk11table.c \
$(NULL)
REQUIRES = dbm

46
security/nss/cmd/pk11util/pk11table.c → security/nss/cmd/lib/pk11table.c
View File

@ -34,8 +34,7 @@
*
* ***** END LICENSE BLOCK ***** */
#include <pkcs11.h>
#include "pk11util.h"
#include "pk11table.h"
const char *_valueString[] = {
"None",
@ -483,6 +482,14 @@ const Constant _consts[] = {
mkEntry(CKM_CAMELLIA_MAC, Mechanism),
mkEntry(CKM_CAMELLIA_MAC_GENERAL, Mechanism),
mkEntry(CKM_CAMELLIA_CBC_PAD, Mechanism),
mkEntry(CKM_SEED_KEY_GEN, Mechanism),
mkEntry(CKM_SEED_ECB, Mechanism),
mkEntry(CKM_SEED_CBC, Mechanism),
mkEntry(CKM_SEED_MAC, Mechanism),
mkEntry(CKM_SEED_MAC_GENERAL, Mechanism),
mkEntry(CKM_SEED_CBC_PAD, Mechanism),
mkEntry(CKM_SEED_ECB_ENCRYPT_DATA, Mechanism),
mkEntry(CKM_SEED_CBC_ENCRYPT_DATA, Mechanism),
mkEntry(CKM_DSA_PARAMETER_GEN, Mechanism),
mkEntry(CKM_DH_PKCS_PARAMETER_GEN, Mechanism),
mkEntry(CKM_NETSCAPE_AES_KEY_WRAP, Mechanism),
@ -1405,7 +1412,38 @@ const Topics _topics[] = {
},
};
const Topics *topics=&_topics[0];
const int topicCount = sizeof(_topics)/sizeof(_topics[0]);
const Topics *topics= &_topics[0];
const int topicCount = sizeof(_topics) / sizeof(_topics[0]);
const char *
getName(CK_ULONG value, ConstType type)
{
int i;
for (i=0; i < constCount; i++) {
if (consts[i].type == type && consts[i].value == value) {
return consts[i].name;
}
if (type == ConstNone && consts[i].value == value) {
return consts[i].name;
}
}
return NULL;
}
const char *
getNameFromAttribute(CK_ATTRIBUTE_TYPE type)
{
return getName(type, ConstAttribute);
}
int totalKnownType(ConstType type) {
int count = 0;
int i;
for (i=0; i < constCount; i++) {
if (consts[i].type == type) count++;
}
return count;
}

47
security/nss/cmd/pk11util/pk11util.h → security/nss/cmd/lib/pk11table.h
View File

@ -1,3 +1,40 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
#ifndef _PK11_TABLE_H_
#define _PK11_TABLE_H_
/*
* Supported functions..
@ -163,3 +200,13 @@ extern const int commandCount;
extern const Topics *topics;
extern const int topicCount;
extern const char *
getName(CK_ULONG value, ConstType type);
extern const char *
getNameFromAttribute(CK_ATTRIBUTE_TYPE type);
extern int totalKnownType(ConstType type);
#endif /* _PK11_TABLE_H_ */

2
security/nss/cmd/lib/secutil.c
View File

@ -3252,7 +3252,7 @@ SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level)
printFlags(out, trust->objectSigningFlags, level+2);
}
int SECU_PrintSignedData(FILE *out, SECItem *der, char *m,
int SECU_PrintSignedData(FILE *out, SECItem *der, const char *m,
int level, SECU_PPFunc inner)
{
PRArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);

4
security/nss/cmd/lib/secutil.h
View File

@ -286,8 +286,8 @@ extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m,
extern SECStatus SECU_PKCS11Init(PRBool readOnly);
/* Dump contents of signed data */
extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level,
SECU_PPFunc inner);
extern int SECU_PrintSignedData(FILE *out, SECItem *der, const char *m,
int level, SECU_PPFunc inner);
/* Print cert data and its trust flags */
extern SECStatus SEC_PrintCertificateAndTrust(CERTCertificate *cert,

0
security/nss/cmd/libpkix/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/perf/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/certsel/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/checker/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/checker/test_certchainchecker.c Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/crlsel/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/params/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/results/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/store/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/store/test_store.c Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/top/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix/util/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix_pl/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix_pl/module/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix_pl/pki/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkix_pl/system/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkixlibs.mk Normal file → Executable file
View File

0
security/nss/cmd/libpkix/pkixrules.mk Normal file → Executable file
View File

0
security/nss/cmd/libpkix/sample_apps/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/testutil/manifest.mn Normal file → Executable file
View File

0
security/nss/cmd/libpkix/testutil/testutil.c Normal file → Executable file
View File

0
security/nss/cmd/libpkix/testutil/testutil.h Normal file → Executable file
View File

0
security/nss/cmd/libpkix/testutil/testutil_nss.c Normal file → Executable file
View File

0
security/nss/cmd/libpkix/testutil/testutil_nss.h Normal file → Executable file
View File

4
security/nss/cmd/pk11mode/Makefile Normal file → Executable file
View File

@ -56,6 +56,8 @@ include $(CORE_DEPTH)/coreconf/config.mk
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include ../platlibs.mk
ifeq ($(OS_ARCH), WINNT)
EXTRA_LIBS += \
@ -91,3 +93,5 @@ include $(CORE_DEPTH)/coreconf/rules.mk
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include ../platrules.mk

2
security/nss/cmd/pk11mode/manifest.mn
View File

@ -45,4 +45,4 @@ CSRCS = pk11mode.c
PROGRAM = pk11mode
REQUIRES =
REQUIRES = seccmd

347
security/nss/cmd/pk11mode/pk11mode.c
View File

@ -67,8 +67,7 @@
#include "plgetopt.h"
#include "prenv.h"
#include "pkcs11.h"
#include "pk11table.h"
#define NUM_ELEM(array) (sizeof(array)/sizeof(array[0]))
@ -76,154 +75,17 @@
#define NULL_PTR 0
#endif
struct tuple_str {
CK_RV errNum;
const char * errString;
};
typedef struct tuple_str tuple_str;
static const tuple_str errStrings[] = {
{CKR_OK , "CKR_OK "},
{CKR_CANCEL , "CKR_CANCEL "},
{CKR_HOST_MEMORY , "CKR_HOST_MEMORY "},
{CKR_SLOT_ID_INVALID , "CKR_SLOT_ID_INVALID "},
{CKR_GENERAL_ERROR , "CKR_GENERAL_ERROR "},
{CKR_FUNCTION_FAILED , "CKR_FUNCTION_FAILED "},
{CKR_ARGUMENTS_BAD , "CKR_ARGUMENTS_BAD "},
{CKR_NO_EVENT , "CKR_NO_EVENT "},
{CKR_NEED_TO_CREATE_THREADS , "CKR_NEED_TO_CREATE_THREADS "},
{CKR_CANT_LOCK , "CKR_CANT_LOCK "},
{CKR_ATTRIBUTE_READ_ONLY , "CKR_ATTRIBUTE_READ_ONLY "},
{CKR_ATTRIBUTE_SENSITIVE , "CKR_ATTRIBUTE_SENSITIVE "},
{CKR_ATTRIBUTE_TYPE_INVALID , "CKR_ATTRIBUTE_TYPE_INVALID "},
{CKR_ATTRIBUTE_VALUE_INVALID , "CKR_ATTRIBUTE_VALUE_INVALID "},
{CKR_DATA_INVALID , "CKR_DATA_INVALID "},
{CKR_DATA_LEN_RANGE , "CKR_DATA_LEN_RANGE "},
{CKR_DEVICE_ERROR , "CKR_DEVICE_ERROR "},
{CKR_DEVICE_MEMORY , "CKR_DEVICE_MEMORY "},
{CKR_DEVICE_REMOVED , "CKR_DEVICE_REMOVED "},
{CKR_ENCRYPTED_DATA_INVALID , "CKR_ENCRYPTED_DATA_INVALID "},
{CKR_ENCRYPTED_DATA_LEN_RANGE , "CKR_ENCRYPTED_DATA_LEN_RANGE "},
{CKR_FUNCTION_CANCELED , "CKR_FUNCTION_CANCELED "},
{CKR_FUNCTION_NOT_PARALLEL , "CKR_FUNCTION_NOT_PARALLEL "},
{CKR_FUNCTION_NOT_SUPPORTED , "CKR_FUNCTION_NOT_SUPPORTED "},
{CKR_KEY_HANDLE_INVALID , "CKR_KEY_HANDLE_INVALID "},
{CKR_KEY_SIZE_RANGE , "CKR_KEY_SIZE_RANGE "},
{CKR_KEY_TYPE_INCONSISTENT , "CKR_KEY_TYPE_INCONSISTENT "},
{CKR_KEY_NOT_NEEDED , "CKR_KEY_NOT_NEEDED "},
{CKR_KEY_CHANGED , "CKR_KEY_CHANGED "},
{CKR_KEY_NEEDED , "CKR_KEY_NEEDED "},
{CKR_KEY_INDIGESTIBLE , "CKR_KEY_INDIGESTIBLE "},
{CKR_KEY_FUNCTION_NOT_PERMITTED , "CKR_KEY_FUNCTION_NOT_PERMITTED "},
{CKR_KEY_NOT_WRAPPABLE , "CKR_KEY_NOT_WRAPPABLE "},
{CKR_KEY_UNEXTRACTABLE , "CKR_KEY_UNEXTRACTABLE "},
{CKR_MECHANISM_INVALID , "CKR_MECHANISM_INVALID "},
{CKR_MECHANISM_PARAM_INVALID , "CKR_MECHANISM_PARAM_INVALID "},
{CKR_OBJECT_HANDLE_INVALID , "CKR_OBJECT_HANDLE_INVALID "},
{CKR_OPERATION_ACTIVE , "CKR_OPERATION_ACTIVE "},
{CKR_OPERATION_NOT_INITIALIZED , "CKR_OPERATION_NOT_INITIALIZED "},
{CKR_PIN_INCORRECT , "CKR_PIN_INCORRECT "},
{CKR_PIN_INVALID , "CKR_PIN_INVALID "},
{CKR_PIN_LEN_RANGE , "CKR_PIN_LEN_RANGE "},
{CKR_PIN_EXPIRED , "CKR_PIN_EXPIRED "},
{CKR_PIN_LOCKED , "CKR_PIN_LOCKED "},
{CKR_SESSION_CLOSED , "CKR_SESSION_CLOSED "},
{CKR_SESSION_COUNT , "CKR_SESSION_COUNT "},
{CKR_SESSION_HANDLE_INVALID , "CKR_SESSION_HANDLE_INVALID "},
{CKR_SESSION_PARALLEL_NOT_SUPPORTED , "CKR_SESSION_PARALLEL_NOT_SUPPORTED "},
{CKR_SESSION_READ_ONLY , "CKR_SESSION_READ_ONLY "},
{CKR_SESSION_EXISTS , "CKR_SESSION_EXISTS "},
{CKR_SESSION_READ_ONLY_EXISTS , "CKR_SESSION_READ_ONLY_EXISTS "},
{CKR_SESSION_READ_WRITE_SO_EXISTS , "CKR_SESSION_READ_WRITE_SO_EXISTS "},
{CKR_SIGNATURE_INVALID , "CKR_SIGNATURE_INVALID "},
{CKR_SIGNATURE_LEN_RANGE , "CKR_SIGNATURE_LEN_RANGE "},
{CKR_TEMPLATE_INCOMPLETE , "CKR_TEMPLATE_INCOMPLETE "},
{CKR_TEMPLATE_INCONSISTENT , "CKR_TEMPLATE_INCONSISTENT "},
{CKR_TOKEN_NOT_PRESENT , "CKR_TOKEN_NOT_PRESENT "},
{CKR_TOKEN_NOT_RECOGNIZED , "CKR_TOKEN_NOT_RECOGNIZED "},
{CKR_TOKEN_WRITE_PROTECTED , "CKR_TOKEN_WRITE_PROTECTED "},
{CKR_UNWRAPPING_KEY_HANDLE_INVALID , "CKR_UNWRAPPING_KEY_HANDLE_INVALID "},
{CKR_UNWRAPPING_KEY_SIZE_RANGE , "CKR_UNWRAPPING_KEY_SIZE_RANGE "},
{CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT"},
{CKR_USER_ALREADY_LOGGED_IN , "CKR_USER_ALREADY_LOGGED_IN "},
{CKR_USER_NOT_LOGGED_IN , "CKR_USER_NOT_LOGGED_IN "},
{CKR_USER_PIN_NOT_INITIALIZED , "CKR_USER_PIN_NOT_INITIALIZED "},
{CKR_USER_TYPE_INVALID , "CKR_USER_TYPE_INVALID "},
{CKR_USER_ANOTHER_ALREADY_LOGGED_IN , "CKR_USER_ANOTHER_ALREADY_LOGGED_IN "},
{CKR_USER_TOO_MANY_TYPES , "CKR_USER_TOO_MANY_TYPES "},
{CKR_WRAPPED_KEY_INVALID , "CKR_WRAPPED_KEY_INVALID "},
{CKR_WRAPPED_KEY_LEN_RANGE , "CKR_WRAPPED_KEY_LEN_RANGE "},
{CKR_WRAPPING_KEY_HANDLE_INVALID , "CKR_WRAPPING_KEY_HANDLE_INVALID "},
{CKR_WRAPPING_KEY_SIZE_RANGE , "CKR_WRAPPING_KEY_SIZE_RANGE "},
{CKR_WRAPPING_KEY_TYPE_INCONSISTENT , "CKR_WRAPPING_KEY_TYPE_INCONSISTENT "},
{CKR_RANDOM_SEED_NOT_SUPPORTED , "CKR_RANDOM_SEED_NOT_SUPPORTED "},
{CKR_RANDOM_NO_RNG , "CKR_RANDOM_NO_RNG "},
{CKR_DOMAIN_PARAMS_INVALID , "CKR_DOMAIN_PARAMS_INVALID "},
{CKR_BUFFER_TOO_SMALL , "CKR_BUFFER_TOO_SMALL "},
{CKR_SAVED_STATE_INVALID , "CKR_SAVED_STATE_INVALID "},
{CKR_INFORMATION_SENSITIVE , "CKR_INFORMATION_SENSITIVE "},
{CKR_STATE_UNSAVEABLE , "CKR_STATE_UNSAVEABLE "},
{CKR_CRYPTOKI_NOT_INITIALIZED , "CKR_CRYPTOKI_NOT_INITIALIZED "},
{CKR_CRYPTOKI_ALREADY_INITIALIZED , "CKR_CRYPTOKI_ALREADY_INITIALIZED "},
{CKR_MUTEX_BAD , "CKR_MUTEX_BAD "},
{CKR_MUTEX_NOT_LOCKED , "CKR_MUTEX_NOT_LOCKED "},
{CKR_FUNCTION_REJECTED , "CKR_FUNCTION_REJECTED "},
{CKR_VENDOR_DEFINED , "CKR_VENDOR_DEFINED "},
{0xCE534351 , "CKR_NETSCAPE_CERTDB_FAILED "},
{0xCE534352 , "CKR_NETSCAPE_KEYDB_FAILED "}
};
static const CK_ULONG numStrings = sizeof(errStrings) / sizeof(tuple_str);
/* Returns constant error string for "CRV".
* Returns "unknown error" if errNum is unknown.
*/
const char *
PKM_CK_RVtoStr(CK_RV errNum) {
CK_ULONG low = 1;
CK_ULONG high = numStrings - 1;
CK_ULONG i;
CK_RV num;
static int initDone;
const char * err;
/* make sure table is in ascending order.
* binary search depends on it.
*/
if (!initDone) {
CK_RV lastNum = CKR_OK;
for (i = low; i <= high; ++i) {
num = errStrings[i].errNum;
if (num <= lastNum) {
fprintf(stderr,
"sequence error in error strings at item %d\n"
"error %d (%s)\n"
"should come after \n"
"error %d (%s)\n",
(int) i, (int) lastNum, errStrings[i-1].errString,
(int) num, errStrings[i].errString);
}
lastNum = num;
}
initDone = 1;
}
/* Do binary search of table. */
while (low + 1 < high) {
i = (low + high) / 2;
num = errStrings[i].errNum;
if (errNum == num)
return errStrings[i].errString;
if (errNum < num)
high = i;
else
low = i;
}
if (errNum == errStrings[low].errNum)
return errStrings[low].errString;
if (errNum == errStrings[high].errNum)
return errStrings[high].errString;
err = getName(errNum, ConstResult);
if (err) return err;
return "unknown error";
}
@ -251,81 +113,6 @@ typedef struct CK_C_INITIALIZE_ARGS_NSS {
#include "pkcs11u.h"
static CK_ATTRIBUTE_TYPE all_known_attribute_types[] = {
CKA_CLASS,
CKA_TOKEN,
CKA_PRIVATE,
CKA_LABEL,
CKA_APPLICATION,
CKA_VALUE,
CKA_CERTIFICATE_TYPE,
CKA_ISSUER,
CKA_SERIAL_NUMBER,
CKA_KEY_TYPE,
CKA_SUBJECT,
CKA_ID,
CKA_SENSITIVE,
CKA_ENCRYPT,
CKA_DECRYPT,
CKA_WRAP,
CKA_UNWRAP,
CKA_SIGN,
CKA_SIGN_RECOVER,
CKA_VERIFY,
CKA_VERIFY_RECOVER,
CKA_DERIVE,
CKA_START_DATE,
CKA_END_DATE,
CKA_MODULUS,
CKA_MODULUS_BITS,
CKA_PUBLIC_EXPONENT,
CKA_PRIVATE_EXPONENT,
CKA_PRIME_1,
CKA_PRIME_2,
CKA_EXPONENT_1,
CKA_EXPONENT_2,
CKA_COEFFICIENT,
CKA_PRIME,
CKA_SUBPRIME,
CKA_BASE,
CKA_VALUE_BITS,
CKA_VALUE_LEN,
CKA_EXTRACTABLE,
CKA_LOCAL,
CKA_NEVER_EXTRACTABLE,
CKA_ALWAYS_SENSITIVE,
CKA_MODIFIABLE,
#ifdef CKA_NETSCAPE
CKA_NETSCAPE_URL,
CKA_NETSCAPE_EMAIL,
CKA_NETSCAPE_SMIME_INFO,
CKA_NETSCAPE_SMIME_TIMESTAMP,
CKA_NETSCAPE_PKCS8_SALT,
CKA_NETSCAPE_PASSWORD_CHECK,
CKA_NETSCAPE_EXPIRES,
#endif /* CKA_NETSCAPE */
#ifdef CKA_TRUST
CKA_TRUST_DIGITAL_SIGNATURE,
CKA_TRUST_NON_REPUDIATION,
CKA_TRUST_KEY_ENCIPHERMENT,
CKA_TRUST_DATA_ENCIPHERMENT,
CKA_TRUST_KEY_AGREEMENT,
CKA_TRUST_KEY_CERT_SIGN,
CKA_TRUST_CRL_SIGN,
CKA_TRUST_SERVER_AUTH,
CKA_TRUST_CLIENT_AUTH,
CKA_TRUST_CODE_SIGNING,
CKA_TRUST_EMAIL_PROTECTION,
CKA_TRUST_IPSEC_END_SYSTEM,
CKA_TRUST_IPSEC_TUNNEL,
CKA_TRUST_IPSEC_USER,
CKA_TRUST_TIME_STAMPING,
#endif /* CKA_TRUST */
};
static int number_of_all_known_attribute_types =
(sizeof(all_known_attribute_types)/sizeof(all_known_attribute_types[0]));
#define MAX_SIG_SZ 128
#define MAX_CIPHER_SZ 128
#define MAX_DATA_SZ 64
@ -1824,7 +1611,7 @@ void PKM_LogIt(const char *fmt, ...) {
printf("NON FIPS MODE: ");
} else if (MODE == HYBRIDMODE) {
printf("Hybrid MODE: ");
} else printf ("NO MODE: ");
}
vprintf(fmt, args);
va_end(args);
}
@ -1903,7 +1690,7 @@ CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList,
}
if (MODE == FIPSMODE) {
crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) weakPin,
sizeof(weakPin));
strlen((char *)weakPin));
if (crv == CKR_OK) {
PKM_Error( "C_InitPIN with a weak password succeeded\n");
return crv;
@ -1913,7 +1700,7 @@ CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList,
}
}
crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) testPin,
sizeof(testPin));
strlen((char *)testPin));
if (crv == CKR_OK) {
PKM_LogIt("C_InitPIN succeeded\n");
} else {
@ -2303,7 +2090,8 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
CK_MECHANISM_TYPE *pMechanismList;
CK_ULONG mechanismCount;
CK_ULONG i;
const char * mechName = NULL;
NUMTESTS++; /* increment NUMTESTS */
/* Get the mechanism list */
@ -2331,13 +2119,21 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
}
PKM_LogIt("C_GetMechanismList returned the mechanism types:\n");
if (verbose) {
for (i = 0; i < mechanismCount; i++) {
printf(" 0x%08lX", pMechanismList[i]);
if ((i != 0) && ((i % 4) == 0 )) printf("\n");
for (i = 1; i <= mechanismCount; i++) {
mechName = getName(pMechanismList[(i-1)], ConstMechanism);
/* output two mechanism name on each line */
/* currently the longest known mechansim name length is 37 */
if (mechName) {
printf("%-40s",mechName);
} else {
printf("Unknown mechanism: 0x%08lX ", pMechanismList[i]);
}
if ((i != 0) && ((i % 2) == 0 )) printf("\n");
}
printf("\n");
printf("\n\n");
}
for ( i = 0; i < mechanismCount; i++ ) {
CK_MECHANISM_INFO minfo;
@ -2351,7 +2147,10 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
return crv;
}
PKM_LogIt( " [%lu]: CK_MECHANISM_TYPE = %lu\n", (i+1),
mechName = getName(pMechanismList[i], ConstMechanism);
if (!mechName) mechName = "Unknown mechanism";
PKM_LogIt( " [%lu]: CK_MECHANISM_TYPE = %s 0x%08lX\n", (i+1),
mechName,
pMechanismList[i]);
PKM_LogIt( " ulMinKeySize = %lu\n", minfo.ulMinKeySize);
PKM_LogIt( " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
@ -3263,8 +3062,6 @@ CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
}
CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SLOT_ID * pSlotList,
CK_ULONG slotID, CK_UTF8CHAR_PTR pwd,
@ -3737,7 +3534,10 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SESSION_INFO sinfo;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG tnObjects = 0;
int curMode;
int i;
int number_of_all_known_attribute_types = totalKnownType(ConstAttribute);
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
@ -3789,13 +3589,16 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
pTemplate = (CK_ATTRIBUTE_PTR)calloc(number_of_all_known_attribute_types,
sizeof(CK_ATTRIBUTE));
if ( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
PKM_Error( "[memory allocation of %lu bytes failed]\n",
PKM_Error( "[pTemplate memory allocation of %lu bytes failed]\n",
number_of_all_known_attribute_types *
sizeof(CK_ATTRIBUTE));
return crv;
}
PKM_LogIt( " All objects:\n");
/* Printing table set to NOMODE */
curMode = MODE;
MODE = NOMODE;
while (1) {
CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
@ -3804,6 +3607,7 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
CK_ULONG nAttributes = 0;
CK_ATTRIBUTE_PTR pT2;
CK_ULONG l;
const char * attName = NULL;
crv = pFunctionList->C_FindObjects(h, &o, 1, &nObjects);
if ( CKR_OK != crv ) {
@ -3821,10 +3625,15 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt( " OBJECT HANDLE %lu:\n", o);
for ( k = 0; k < (CK_ULONG)number_of_all_known_attribute_types; k++ ) {
pTemplate[k].type = all_known_attribute_types[k];
pTemplate[k].pValue = (CK_VOID_PTR) NULL;
pTemplate[k].ulValueLen = 0;
k = 0;
for (i=0; i < constCount; i++) {
if (consts[i].type == ConstAttribute) {
pTemplate[k].type = consts[i].value;
pTemplate[k].pValue = (CK_VOID_PTR) NULL;
pTemplate[k].ulValueLen = 0;
k++;
}
assert(k <= number_of_all_known_attribute_types);
}
crv = pFunctionList->C_GetAttributeValue(h, o, pTemplate,
@ -3848,38 +3657,44 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
nAttributes++;
}
}
if ( 1 ) {
PKM_LogIt( " %lu attributes:\n", nAttributes);
for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types;
k++ ) {
if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
PKM_LogIt( " 0x%08x (len = %lu)\n",
pTemplate[k].type,
pTemplate[k].ulValueLen);
PKM_LogIt( " %lu attributes:\n", nAttributes);
for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types;
k++ ) {
if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
attName = getNameFromAttribute(pTemplate[k].type);
if (!attName) {
PKM_Error("Unable to find attribute name update pk11table.c\n");
}
PKM_LogIt( " %s 0x%08x (len = %lu)\n",
attName,
pTemplate[k].type,
pTemplate[k].ulValueLen);
}
PKM_LogIt( "\n");
}
PKM_LogIt( "\n");
pT2 = (CK_ATTRIBUTE_PTR)calloc(nAttributes, sizeof(CK_ATTRIBUTE));
if ( (CK_ATTRIBUTE_PTR)NULL == pT2 ) {
PKM_Error( "[memory allocation of %lu bytes failed]\n",
PKM_Error( "[pT2 memory allocation of %lu bytes failed]\n",
nAttributes * sizeof(CK_ATTRIBUTE));
return crv;
}
/* allocate memory for the attribute values */
for ( l = 0, k = 0; k < (CK_ULONG) number_of_all_known_attribute_types;
k++ ) {
if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
pT2[l].type = pTemplate[k].type;
pT2[l].ulValueLen = pTemplate[k].ulValueLen;
pT2[l].pValue = (CK_VOID_PTR)malloc(pT2[l].ulValueLen);
if ( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
PKM_Error( "[memory allocation of %lu bytes failed]\n",
pT2[l].ulValueLen);
return crv;
}
if (pT2[l].ulValueLen > 0) {
pT2[l].pValue = (CK_VOID_PTR)malloc(pT2[l].ulValueLen);
if ( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
PKM_Error( "pValue memory allocation of %lu bytes failed]\n",
pT2[l].ulValueLen);
return crv;
}
} else pT2[l].pValue = (CK_VOID_PTR) NULL;
l++;
}
}
@ -3901,8 +3716,11 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
}
for ( l = 0; l < nAttributes; l++ ) {
PKM_LogIt( " type = 0x%08x, len = %ld", pT2[l].type,
(CK_LONG)pT2[l].ulValueLen);
attName = getNameFromAttribute(pT2[l].type);
if (!attName) attName = "unknown attribute";
PKM_LogIt( " type = %s len = %ld",
attName, (CK_LONG)pT2[l].ulValueLen);
if ( -1 == (CK_LONG)pT2[l].ulValueLen ) {
;
} else {
@ -3936,11 +3754,15 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt( "\n");
for ( l = 0; l < nAttributes; l++ ) {
free(pT2[l].pValue);
if (pT2[l].pValue) {
free(pT2[l].pValue);
}
}
free(pT2);
} /* while(1) */
MODE = curMode; /* reset the logging MODE */
crv = pFunctionList->C_FindObjectsFinal(h);
if ( CKR_OK != crv ) {
PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h, crv,
@ -5362,7 +5184,7 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
if ( (digest1Len == digest2Len)
&& (memcmp(digest1, digest2, digest1Len) == 0) ) {
PKM_LogIt("Single and Multiple-part message digest "
"operations succesful\n");
"operations successful\n");
} else {
PKM_Error("Single and Multiple-part message digest "
"operations failed\n");
@ -5370,7 +5192,7 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
} else {
if (digest1Len == digest2Len) {
PKM_LogIt("PKM_Digest Single and Multiple-part message digest "
"operations succesful\n");
"operations successful\n");
} else {
PKM_Error("PKM_Digest Single and Multiple-part message digest "
"operations failed\n");
@ -5453,7 +5275,6 @@ CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
CK_RV crv = CKR_OK;
#ifndef NO_FORK_CHECK
int rc = -1;
int retStatus = 0;
NUMTESTS++; /* increment NUMTESTS */
if (forkAssert) {
putenv("NSS_STRICT_NOFORK=1");
@ -5476,7 +5297,7 @@ CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
* If it was initialized in the parent, the fork check should
* kick in, and make it return CKR_DEVICE_ERROR.
*/
CK_RV child_crv = fList->C_GetTokenInfo(NULL, NULL);
CK_RV child_crv = fList->C_GetTokenInfo(0, NULL);
exit(child_crv & 255);
} else {
/* If softoken is loaded, make a PKCS#11 call to C_Initialize
@ -5498,7 +5319,7 @@ CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
pid_t ret = wait(&rc);
if (ret != child || (!WIFEXITED(rc)) ||
( (expected & 255) != (WEXITSTATUS(rc) & 255)) ) {
int retstatus = -1;
int retStatus = -1;
if (WIFEXITED(rc)) {
retStatus = WEXITSTATUS(rc);
}

2
security/nss/cmd/pk11util/manifest.mn
View File

@ -42,7 +42,7 @@ DEFINES += -DNSPR20
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = pk11util.c pk11table.c
CSRCS = pk11util.c
#CSRCS = symkeytest.c
# The MODULE is always implicitly required.

34
security/nss/cmd/pk11util/pk11util.c
View File

@ -60,7 +60,7 @@
#include "pkcs11.h"
#include "pk11util.h"
#include "pk11table.h"
#ifndef O_BINARY
#define O_BINARY 0
@ -381,7 +381,7 @@ handleArray(char *vname, int *error)
if (*error == 1) {
return INVALID_INDEX;
} else if (index == INVALID_INDEX) {
fprintf(stderr, "%s: 0x%x is an invalid index\n",vname,index);
fprintf(stderr, "%s: 0x%lx is an invalid index\n",vname,index);
*error = 1;
}
}
@ -395,7 +395,7 @@ makeArrayTarget(const char *vname, const Value *value, CK_ULONG index)
CK_ULONG elementSize;
if (index >= (CK_ULONG)value->arraySize) {
fprintf(stderr, "%s[%d]: index larger than array size (%d)\n",
fprintf(stderr, "%s[%lu]: index larger than array size (%d)\n",
vname, index, value->arraySize);
return NULL;
}
@ -1046,19 +1046,23 @@ printArg(Value *ptr,int arg_number)
printf(" Cryptoki Version: %d.%02d\n",
VERSION(info->cryptokiVersion));
printf(" Manufacturer ID: ");
printChars(info->manufacturerID,sizeof(info->manufacturerID));
printChars((char *)info->manufacturerID,
sizeof(info->manufacturerID));
printFlags(" Flags: ", info->flags, ConstInfoFlags);
printf(" Library Description: ");
printChars(info->libraryDescription,sizeof(info->libraryDescription));
printChars((char *)info->libraryDescription,
sizeof(info->libraryDescription));
printf(" Library Version: %d.%02d\n",
VERSION(info->libraryVersion));
break;
case ArgSlotInfo:
slotInfo = (CK_SLOT_INFO *)ptr->data;
printf(" Slot Description: ");
printChars(slotInfo->slotDescription,sizeof(slotInfo->slotDescription));
printChars((char *)slotInfo->slotDescription,
sizeof(slotInfo->slotDescription));
printf(" Manufacturer ID: ");
printChars(slotInfo->manufacturerID,sizeof(slotInfo->manufacturerID));
printChars((char *)slotInfo->manufacturerID,
sizeof(slotInfo->manufacturerID));
printFlags(" Flags: ", slotInfo->flags, ConstSlotFlags);
printf(" Hardware Version: %d.%02d\n",
VERSION(slotInfo->hardwareVersion));
@ -1068,13 +1072,15 @@ printArg(Value *ptr,int arg_number)
case ArgTokenInfo:
tokenInfo = (CK_TOKEN_INFO *)ptr->data;
printf(" Label: ");
printChars(tokenInfo->label,sizeof(tokenInfo->label));
printChars((char *) tokenInfo->label,sizeof(tokenInfo->label));
printf(" Manufacturer ID: ");
printChars(tokenInfo->manufacturerID,sizeof(tokenInfo->manufacturerID));
printChars((char *)tokenInfo->manufacturerID,
sizeof(tokenInfo->manufacturerID));
printf(" Model: ");
printChars(tokenInfo->model,sizeof(tokenInfo->model));
printChars((char *)tokenInfo->model,sizeof(tokenInfo->model));
printf(" Serial Number: ");
printChars(tokenInfo->serialNumber,sizeof(tokenInfo->serialNumber));
printChars((char *)tokenInfo->serialNumber,
sizeof(tokenInfo->serialNumber));
printFlags(" Flags: ", tokenInfo->flags, ConstTokenFlags);
printf(" Max Session Count: ");
printConst(tokenInfo->ulMaxSessionCount, ConstAvailableSizes, 1);
@ -1099,7 +1105,7 @@ printArg(Value *ptr,int arg_number)
printf(" Firmware Version: %d.%02d\n",
VERSION(tokenInfo->firmwareVersion));
printf(" UTC Time: ");
printChars(tokenInfo->utcTime,sizeof(tokenInfo->utcTime));
printChars((char *)tokenInfo->utcTime,sizeof(tokenInfo->utcTime));
break;
case ArgSessionInfo:
sessionInfo = (CK_SESSION_INFO *)ptr->data;
@ -1148,7 +1154,7 @@ printArg(Value *ptr,int arg_number)
initArgs = (CK_C_INITIALIZE_ARGS *)ptr->data;
printFlags(" Flags: ", initArgs->flags, ConstInitializeFlags);
if (initArgs->LibraryParameters) {
printf("Params: %s\n",initArgs->LibraryParameters);
printf("Params: %s\n",(char *)initArgs->LibraryParameters);
}
case ArgFunctionList:
functionList = (CK_FUNCTION_LIST *)ptr->data;
@ -1609,7 +1615,7 @@ do_func(int index, Value **a)
if (!func) return CKR_CRYPTOKI_NOT_INITIALIZED;
return func->C_GetSlotList((CK_BBOOL)*(CK_ULONG *)a[0]->data,
(CK_SLOT_ID *)a[1]->data,
(CK_LONG *)a[2]->data);
(CK_ULONG *)a[2]->data);
case F_C_GetSlotInfo:
if (!func) return CKR_CRYPTOKI_NOT_INITIALIZED;
return func->C_GetSlotInfo(*(CK_ULONG *)a[0]->data,

2
security/nss/cmd/selfserv/selfserv.c
View File

@ -1114,7 +1114,7 @@ handle_connection(
char * fnEnd;
PRFileInfo info;
/* try to open the file named.
* If succesful, then write it to the client.
* If successful, then write it to the client.
*/
fnEnd = strpbrk(fnBegin, " \r\n");
if (fnEnd) {

266
security/nss/cmd/ssltap/ssltap.c
View File

@ -66,7 +66,7 @@
#include "cert.h"
#include "sslproto.h"
#define VERSIONSTRING "$Revision: 1.12 $ ($Date: 2008/05/07 15:42:59 $) $Author: wtc%google.com $"
#define VERSIONSTRING "$Revision: 1.13 $ ($Date: 2009/03/13 02:24:07 $) $Author: nelson%bolyard.com $"
struct _DataBufferList;
@ -76,6 +76,10 @@ typedef struct _DataBufferList {
struct _DataBuffer *first,*last;
int size;
int isEncrypted;
char * msgBuf;
int msgBufOffset;
int msgBufSize;
int hMACsize;
} DataBufferList;
typedef struct _DataBuffer {
@ -86,9 +90,6 @@ typedef struct _DataBuffer {
} DataBuffer;
DataBufferList
clientstream = {NULL, NULL, 0, 0},
serverstream = {NULL, NULL, 0, 0};
struct sslhandshake {
PRUint8 type;
@ -133,13 +134,15 @@ typedef struct _ClientMasterKeyV2 {
} ClientMasterKeyV2;
/* forward declaration */
void showErr(const char * msg);
#define TAPBUFSIZ 16384
#define DEFPORT 1924
#include <ctype.h>
const char * progName;
int hexparse=0;
int sslparse=0;
int sslhexparse=0;
@ -147,7 +150,7 @@ int looparound=0;
int fancy=0;
int isV2Session=0;
int currentcipher=0;
int hMACsize=0;
DataBufferList clientstream, serverstream;
#define PR_FPUTS(x) PR_fprintf(PR_STDOUT, x )
@ -172,13 +175,16 @@ int hMACsize=0;
void print_hex(int amt, unsigned char *buf);
void read_stream_bytes(unsigned char *d, DataBufferList *db, int length);
void myhalt(int dblsize,int collectedsize) {
while(1) ;
void myhalt(int dblsize,int collectedsize)
{
PR_fprintf(PR_STDERR,"HALTED\n");
PR_ASSERT(dblsize == collectedsize);
exit(13);
}
const char *get_error_text(int error) {
const char *get_error_text(int error)
{
switch (error) {
case PR_IO_TIMEOUT_ERROR:
return "Timeout";
@ -207,7 +213,8 @@ const char *get_error_text(int error) {
void check_integrity(DataBufferList *dbl) {
void check_integrity(DataBufferList *dbl)
{
DataBuffer *db;
int i;
@ -235,15 +242,16 @@ free_head(DataBufferList *dbl)
if (dbl->first == NULL) {
dbl->last = NULL;
}
PR_Free(db->buffer);
PR_Free(db);
PORT_Free(db->buffer);
PORT_Free(db);
db = dbl->first;
}
return db;
}
void
read_stream_bytes(unsigned char *d, DataBufferList *dbl, int length) {
read_stream_bytes(unsigned char *d, DataBufferList *dbl, int length)
{
int copied = 0;
DataBuffer *db = dbl->first;
@ -284,10 +292,18 @@ flush_stream(DataBufferList *dbl)
}
dbl->size = 0;
check_integrity(dbl);
if (dbl->msgBuf) {
PORT_Free(dbl->msgBuf);
dbl->msgBuf = NULL;
}
dbl->msgBufOffset = 0;
dbl->msgBufSize = 0;
dbl->hMACsize = 0;
}
const char * V2CipherString(int cs_int) {
const char * V2CipherString(int cs_int)
{
char *cs_str;
cs_str = NULL;
switch (cs_int) {
@ -442,7 +458,8 @@ const char * V2CipherString(int cs_int) {
return cs_str;
}
const char * helloExtensionNameString(int ex_num) {
const char * helloExtensionNameString(int ex_num)
{
const char *ex_name = NULL;
static char buf[10];
@ -505,7 +522,7 @@ char * get_time_string(void)
return cp;
}
void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
void print_sslv2(DataBufferList *s, unsigned char *recordBuf, unsigned int recordLen)
{
ClientHelloV2 *chv2;
ServerHelloV2 *shv2;
@ -514,8 +531,8 @@ void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
unsigned int q;
PRUint32 len;
chv2 = (ClientHelloV2 *)tbuf;
shv2 = (ServerHelloV2 *)tbuf;
chv2 = (ClientHelloV2 *)recordBuf;
shv2 = (ServerHelloV2 *)recordBuf;
if (s->isEncrypted) {
PR_fprintf(PR_STDOUT," [ssl2] Encrypted {...}\n");
return;
@ -616,7 +633,7 @@ void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
pos += 2; /* skip length header */
pos += 11; /* position pointer to Certificate data area */
q = GET_SHORT(&shv2->certlength);
if (q >alloclen) {
if (q >recordLen) {
goto eosh;
}
pos += q; /* skip certificate */
@ -711,9 +728,10 @@ unsigned int print_hello_extension(unsigned char * hsdata,
}
void print_ssl3_handshake(unsigned char *tbuf,
unsigned int alloclen,
SSLRecord * sr)
void print_ssl3_handshake(unsigned char *recordBuf,
unsigned int recordLen,
SSLRecord * sr,
DataBufferList *s)
{
struct sslhandshake sslh;
unsigned char * hsdata;
@ -721,12 +739,34 @@ void print_ssl3_handshake(unsigned char *tbuf,
PR_fprintf(PR_STDOUT," handshake {\n");
while (offset + hMACsize < alloclen) {
sslh.type = tbuf[offset];
sslh.length = GET_24(tbuf+offset+1);
hsdata= &tbuf[offset+4];
if (s->msgBufOffset && s->msgBuf) {
/* append recordBuf to msgBuf, then use msgBuf */
if (s->msgBufOffset + recordLen > s->msgBufSize) {
int newSize = s->msgBufOffset + recordLen;
char * newBuf = PORT_Realloc(s->msgBuf, newSize);
if (!newBuf) {
PR_ASSERT(newBuf);
showErr( "Realloc failed");
exit(10);
}
s->msgBuf = newBuf;
s->msgBufSize = newSize;
}
memcpy(s->msgBuf + s->msgBufOffset, recordBuf, recordLen);
s->msgBufOffset += recordLen;
recordLen = s->msgBufOffset;
recordBuf = s->msgBuf;
}
while (offset + 4 + s->hMACsize <= recordLen) {
sslh.type = recordBuf[offset];
sslh.length = GET_24(recordBuf+offset+1);
if (offset + 4 + sslh.length + s->hMACsize > recordLen)
break;
/* finally have a complete message */
if (sslhexparse)
print_hex(4,recordBuf+offset);
if (sslhexparse) print_hex(4,tbuf+offset);
hsdata = &recordBuf[offset+4];
PR_fprintf(PR_STDOUT," type = %d (",sslh.type);
switch(sslh.type) {
@ -909,26 +949,27 @@ void print_ssl3_handshake(unsigned char *tbuf,
PR_fprintf(PR_STDOUT," Certificate {\n");
PR_fprintf(PR_STDOUT," size = %d (0x%04x)\n",
certlength,certlength);
PR_snprintf(certFileName, sizeof certFileName, "cert.%03d",
++certFileNumber);
cfd = PR_Open(certFileName, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,
0664);
if (!cfd) {
PR_fprintf(PR_STDOUT,
" data = { couldn't save file '%s' }\n",
certFileName);
} else {
PR_Write(cfd, (hsdata+pos), certlength);
PR_fprintf(PR_STDOUT,
" data = { saved in file '%s' }\n",
certFileName);
PR_Close(cfd);
certbytesread += certlength+3;
if (certbytesread <= certslength) {
PR_snprintf(certFileName, sizeof certFileName, "cert.%03d",
++certFileNumber);
cfd = PR_Open(certFileName, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,
0664);
if (!cfd) {
PR_fprintf(PR_STDOUT,
" data = { couldn't save file '%s' }\n",
certFileName);
} else {
PR_Write(cfd, (hsdata+pos), certlength);
PR_fprintf(PR_STDOUT,
" data = { saved in file '%s' }\n",
certFileName);
PR_Close(cfd);
}
}
PR_fprintf(PR_STDOUT," }\n");
pos += certlength;
certbytesread += certlength+3;
}
PR_fprintf(PR_STDOUT," }\n");
}
@ -1015,11 +1056,11 @@ void print_ssl3_handshake(unsigned char *tbuf,
if (sslhexparse) print_hex(sslh.length, hsdata);
PR_fprintf(PR_STDOUT," }\n");
if (!isNULLmac(currentcipher) && !hMACsize) {
if (!isNULLmac(currentcipher) && !s->hMACsize) {
/* To calculate the size of MAC, we subtract the number
* of known bytes of message from the number of remaining
* bytes in the record. */
hMACsize = alloclen - (sslh.length + 4);
s->hMACsize = recordLen - (sslh.length + 4);
}
break;
@ -1032,17 +1073,35 @@ void print_ssl3_handshake(unsigned char *tbuf,
}
} /* end of switch sslh.type */
offset += sslh.length + 4; /* +4 because of length (3 bytes) and type (1 byte) */
offset += sslh.length + 4;
} /* while */
if (hMACsize) {
/* at this point offset should be at the first byte of MAC */
if (offset + hMACsize > alloclen) {
PR_fprintf(PR_STDOUT,"BAD RECORD: content + MAC ends beyond "
"allocated limit.\n");
} else {
PR_fprintf(PR_STDOUT," MAC = {...}\n");
if (sslhexparse) print_hex(hMACsize, hsdata);
if (offset + s->hMACsize < recordLen) { /* stuff left over */
int newMsgLen = recordLen - (offset + s->hMACsize);
if (!s->msgBuf) {
s->msgBuf = PORT_Alloc(newMsgLen);
if (!s->msgBuf) {
PR_ASSERT(s->msgBuf);
showErr( "Malloc failed");
exit(11);
}
s->msgBufSize = newMsgLen;
memcpy(s->msgBuf, recordBuf + offset, newMsgLen);
} else if (newMsgLen > s->msgBufSize) {
char * newBuf = PORT_Realloc(s->msgBuf, newMsgLen);
if (!newBuf) {
PR_ASSERT(newBuf);
showErr( "Realloc failed");
exit(12);
}
s->msgBuf = newBuf;
s->msgBufSize = newMsgLen;
} else if (offset || s->msgBuf != recordBuf) {
memmove(s->msgBuf, recordBuf + offset, newMsgLen);
}
s->msgBufOffset = newMsgLen;
PR_fprintf(PR_STDOUT," [incomplete handshake message]\n");
} else {
s->msgBufOffset = 0;
}
PR_fprintf(PR_STDOUT," }\n");
}
@ -1070,7 +1129,7 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
db = PR_NEW(struct _DataBuffer);
db->buffer = (unsigned char*)PR_Malloc(length);
db->buffer = (unsigned char*)PORT_Alloc(length);
db->length = length;
db->offset = 0;
memcpy(db->buffer, buffer, length);
@ -1090,10 +1149,10 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
decode */
while (s->size > 0 ) {
unsigned char *tbuf = NULL;
unsigned char *recordBuf = NULL;
SSLRecord sr;
unsigned alloclen;
unsigned recordLen;
unsigned recordsize;
check_integrity(s);
@ -1103,7 +1162,7 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
exit(9);
}
/* in the case of an SSL 2 client-hello (which is all ssltap supports) */
/* in the case of an SSL 2 client-hello */
/* will have the high-bit set, whereas an SSL 3 client-hello will not */
/* SSL2 can also send records that begin with the high bit clear.
* This code will incorrectly handle them. XXX
@ -1121,15 +1180,15 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
/* read the first two bytes off the stream. */
read_stream_bytes(lenbuf, s, sizeof(lenbuf));
alloclen = ((unsigned int)(lenbuf[0] & 0x7f) << 8) + lenbuf[1] +
recordLen = ((unsigned int)(lenbuf[0] & 0x7f) << 8) + lenbuf[1] +
((lenbuf[0] & 0x80) ? 2 : 3);
PR_fprintf(PR_STDOUT, "alloclen = %u bytes\n", alloclen);
PR_fprintf(PR_STDOUT, "recordLen = %u bytes\n", recordLen);
/* put 'em back on the head of the stream. */
db = PR_NEW(struct _DataBuffer);
db->length = sizeof lenbuf;
db->buffer = (unsigned char*) PR_Malloc(db->length);
db->buffer = (unsigned char*) PORT_Alloc(db->length);
db->offset = 0;
memcpy(db->buffer, lenbuf, sizeof lenbuf);
@ -1140,19 +1199,19 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
s->size += db->length;
/* if there wasn't enough, go back for more. */
if (s->size < alloclen) {
if (s->size < recordLen) {
check_integrity(s);
partial_packet(length, s->size, alloclen);
partial_packet(length, s->size, recordLen);
return;
}
partial_packet(length, s->size, alloclen);
partial_packet(length, s->size, recordLen);
/* read in the whole record. */
tbuf = PR_Malloc(alloclen);
read_stream_bytes(tbuf, s, alloclen);
recordBuf = PORT_Alloc(recordLen);
read_stream_bytes(recordBuf, s, recordLen);
print_sslv2(s, tbuf, alloclen);
PR_FREEIF(tbuf);
print_sslv2(s, recordBuf, recordLen);
PR_FREEIF(recordBuf);
check_integrity(s);
continue;
@ -1163,7 +1222,7 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
/***********************************************************/
check_integrity(s);
if (s->size < sizeof(SSLRecord)) {
if (s->size < sizeof sr) {
partial_packet(length, s->size, sizeof(SSLRecord));
return;
}
@ -1180,7 +1239,7 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
db = PR_NEW(struct _DataBuffer);
db->length = sizeof sr;
db->buffer = (unsigned char*) PR_Malloc(db->length);
db->buffer = (unsigned char*) PORT_Alloc(db->length);
db->offset = 0;
memcpy(db->buffer, &sr, sizeof sr);
db->next = s->first;
@ -1230,32 +1289,32 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
(PRUint32)GET_SHORT(sr.length), (PRUint32)GET_SHORT(sr.length));
alloclen = recordsize;
PR_ASSERT(s->size >= alloclen);
if (s->size >= alloclen) {
tbuf = (unsigned char*) PR_Malloc(alloclen);
read_stream_bytes(tbuf, s, alloclen);
recordLen = recordsize;
PR_ASSERT(s->size >= recordLen);
if (s->size >= recordLen) {
recordBuf = (unsigned char*) PORT_Alloc(recordLen);
read_stream_bytes(recordBuf, s, recordLen);
if (s->isEncrypted) {
PR_fprintf(PR_STDOUT," < encrypted >\n");
} else
} else { /* not encrypted */
switch(sr.type) {
case 20 : /* change_cipher_spec */
if (sslhexparse) print_hex(alloclen,tbuf);
if (sslhexparse) print_hex(recordLen - s->hMACsize,recordBuf);
/* mark to say we can only dump hex form now on
* if it is not one on a null cipher */
s->isEncrypted = isNULLcipher(currentcipher) ? 0 : 1;
break;
case 21 : /* alert */
switch(tbuf[0]) {
switch(recordBuf[0]) {
case 1: PR_fprintf(PR_STDOUT, " warning: "); break;
case 2: PR_fprintf(PR_STDOUT, " fatal: "); break;
default: PR_fprintf(PR_STDOUT, " unknown level %d: ", tbuf[0]); break;
default: PR_fprintf(PR_STDOUT, " unknown level %d: ", recordBuf[0]); break;
}
switch(tbuf[1]) {
switch(recordBuf[1]) {
case 0: PR_FPUTS("close_notify\n" ); break;
case 10: PR_FPUTS("unexpected_message\n" ); break;
case 20: PR_FPUTS("bad_record_mac\n" ); break;
@ -1286,41 +1345,42 @@ void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
case 113: PR_FPUTS("bad_certificate_status_response\n" ); break;
case 114: PR_FPUTS("bad_certificate_hash_value\n" ); break;
default: PR_fprintf(PR_STDOUT, "unknown alert %d\n", tbuf[1]); break;
default: PR_fprintf(PR_STDOUT, "unknown alert %d\n", recordBuf[1]);
break;
}
if (sslhexparse) print_hex(alloclen,tbuf);
if (sslhexparse) print_hex(recordLen - s->hMACsize,recordBuf);
break;
case 22 : /* handshake */
print_ssl3_handshake( tbuf, alloclen, &sr );
print_ssl3_handshake( recordBuf, recordLen - s->hMACsize, &sr, s );
break;
case 23 : /* application data */
if (hMACsize) {
print_hex(alloclen - hMACsize,tbuf);
PR_fprintf(PR_STDOUT," MAC = {...}\n");
if (sslhexparse) {
unsigned char *offset = tbuf + (alloclen - hMACsize);
print_hex(hMACsize, offset);
}
} else {
print_hex(alloclen,tbuf);
}
print_hex(recordLen - s->hMACsize,recordBuf);
break;
default:
print_hex(alloclen,tbuf);
print_hex(recordLen - s->hMACsize,recordBuf);
break;
}
if (s->hMACsize) {
PR_fprintf(PR_STDOUT," MAC = {...}\n");
if (sslhexparse) {
unsigned char *offset = recordBuf + (recordLen - s->hMACsize);
print_hex(s->hMACsize, offset);
}
}
} /* not encrypted */
}
PR_fprintf(PR_STDOUT,"}\n");
PR_FREEIF(tbuf);
PR_FREEIF(recordBuf);
check_integrity(s);
}
}
void print_hex(int amt, unsigned char *buf) {
void print_hex(int amt, unsigned char *buf)
{
int i,j,k;
char t[20];
static char string[5000];
@ -1377,7 +1437,8 @@ void print_hex(int amt, unsigned char *buf) {
}
}
void Usage(void) {
void Usage(void)
{
PR_fprintf(PR_STDERR, "SSLTAP (C) 1997, 1998 Netscape Communications Corporation.\n");
PR_fprintf(PR_STDERR, "Usage: ssltap [-vhfsxl] [-p port] hostname:port\n");
PR_fprintf(PR_STDERR, " -v [prints version string]\n");
@ -1392,7 +1453,8 @@ void Usage(void) {
}
void
showErr(const char * msg) {
showErr(const char * msg)
{
PRErrorCode err = PR_GetError();
const char * errString;
@ -1402,7 +1464,7 @@ showErr(const char * msg) {
if (!errString)
errString = "(no text available)";
PR_fprintf(PR_STDERR, "Error %d: %s: %s", err, errString, msg);
PR_fprintf(PR_STDERR, "%s: Error %d: %s: %s", progName, err, errString, msg);
}
int main(int argc, char *argv[])
@ -1419,6 +1481,7 @@ int main(int argc, char *argv[])
PLOptStatus status;
SECStatus rv;
progName = argv[0];
optstate = PL_CreateOptState(argc,argv,"fvxhslp:");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
@ -1686,9 +1749,6 @@ int main(int argc, char *argv[])
flush_stream(&serverstream);
/* Connection is closed, so reset the current cipher */
currentcipher = 0;
/* Reset MAC size */
hMACsize = 0;
c_count++;
PR_fprintf(PR_STDERR,"Connection %d Complete [%s]\n", c_count,
get_time_string() );

1
security/nss/cmd/tests/nonspr10.c
View File

@ -114,7 +114,6 @@
#include "sslerr.h"
#include "sslproto.h"
#include "sslt.h"
#include "watcomfx.h"
int main()
{

322
security/nss/cmd/vfychain/vfychain.c
View File

@ -87,6 +87,7 @@ Usage(const char *progName)
"\t-a\t\t Following certfile is base64 encoded\n"
"\t-b YYMMDDHHMMZ\t Validate date (default: now)\n"
"\t-d directory\t Database directory\n"
"\t-i number of consecutive verifications\n"
"\t-f \t\t Enable cert fetching from AIA URL\n"
"\t-o oid\t\t Set policy OID for cert validation(Format OID.1.2.3)\n"
"\t-p \t\t Use PKIX Library to validate certificate by calling:\n"
@ -457,12 +458,13 @@ main(int argc, char *argv[], char *envp[])
int revDataIndex = 0;
PRBool ocsp_fetchingFailureIsAFailure = PR_TRUE;
PRBool useDefaultRevFlags = PR_TRUE;
int vfyCounts = 1;
PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
progName = PL_strdup(argv[0]);
optstate = PL_CreateOptState(argc, argv, "ab:c:d:efg:h:m:o:prs:tu:vw:W:");
optstate = PL_CreateOptState(argc, argv, "ab:c:d:efg:h:i:m:o:prs:tu:vw:W:");
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch(optstate->option) {
case 0 : /* positional parameter */ goto breakout;
@ -489,6 +491,8 @@ main(int argc, char *argv[], char *envp[])
case 'h' :
revMethodsData[revDataIndex].
testFlagsStr = PL_strdup(optstate->value);break;
case 'i' : vfyCounts = PORT_Atoi(optstate->value); break;
break;
case 'm' :
if (revMethodsData[revDataIndex].methodTypeStr) {
revDataIndex += 1;
@ -599,171 +603,175 @@ breakout:
if (status == PL_OPT_BAD || !firstCert)
Usage(progName);
if (!time)
time = PR_Now();
/* Initialize log structure */
log.arena = PORT_NewArena(512);
log.head = log.tail = NULL;
log.count = 0;
if (usePkix < 2) {
/* NOW, verify the cert chain. */
if (usePkix) {
/* Use old API with libpkix validation lib */
CERT_SetUsePKIXForValidation(PR_TRUE);
}
defaultDB = CERT_GetDefaultCertDB();
secStatus = CERT_VerifyCertificate(defaultDB, firstCert,
PR_TRUE /* check sig */,
certUsage,
time,
&pwdata, /* wincx */
&log, /* error log */
do {
if (usePkix < 2) {
/* NOW, verify the cert chain. */
if (usePkix) {
/* Use old API with libpkix validation lib */
CERT_SetUsePKIXForValidation(PR_TRUE);
}
if (!time)
time = PR_Now();
defaultDB = CERT_GetDefaultCertDB();
secStatus = CERT_VerifyCertificate(defaultDB, firstCert,
PR_TRUE /* check sig */,
certUsage,
time,
&pwdata, /* wincx */
&log, /* error log */
NULL);/* returned usages */
} else do {
static CERTValOutParam cvout[4];
static CERTValInParam cvin[6];
SECOidTag oidTag;
int inParamIndex = 0;
static PRUint64 revFlagsLeaf[2];
static PRUint64 revFlagsChain[2];
static CERTRevocationFlags rev;
} else do {
static CERTValOutParam cvout[4];
static CERTValInParam cvin[6];
SECOidTag oidTag;
int inParamIndex = 0;
static PRUint64 revFlagsLeaf[2];
static PRUint64 revFlagsChain[2];
static CERTRevocationFlags rev;
if (oidStr) {
PRArenaPool *arena;
SECOidData od;
memset(&od, 0, sizeof od);
od.offset = SEC_OID_UNKNOWN;
od.desc = "User Defined Policy OID";
od.mechanism = CKM_INVALID_MECHANISM;
od.supportedExtension = INVALID_CERT_EXTENSION;
if (oidStr) {
PRArenaPool *arena;
SECOidData od;
memset(&od, 0, sizeof od);
od.offset = SEC_OID_UNKNOWN;
od.desc = "User Defined Policy OID";
od.mechanism = CKM_INVALID_MECHANISM;
od.supportedExtension = INVALID_CERT_EXTENSION;
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if ( !arena ) {
fprintf(stderr, "out of memory");
goto punt;
}
secStatus = SEC_StringToOID(arena, &od.oid, oidStr, 0);
if (secStatus != SECSuccess) {
PORT_FreeArena(arena, PR_FALSE);
fprintf(stderr, "Can not encode oid: %s(%s)\n", oidStr,
SECU_Strerror(PORT_GetError()));
break;
}
oidTag = SECOID_AddEntry(&od);
PORT_FreeArena(arena, PR_FALSE);
if (oidTag == SEC_OID_UNKNOWN) {
fprintf(stderr, "Can not add new oid to the dynamic "
"table: %s\n", oidStr);
secStatus = SECFailure;
break;
}
cvin[inParamIndex].type = cert_pi_policyOID;
cvin[inParamIndex].value.arraySize = 1;
cvin[inParamIndex].value.array.oids = &oidTag;
inParamIndex++;
}
if (trustedCertList) {
cvin[inParamIndex].type = cert_pi_trustAnchors;
cvin[inParamIndex].value.pointer.chain = trustedCertList;
inParamIndex++;
}
cvin[inParamIndex].type = cert_pi_useAIACertFetch;
cvin[inParamIndex].value.scalar.b = certFetching;
inParamIndex++;
rev.leafTests.cert_rev_flags_per_method = revFlagsLeaf;
rev.chainTests.cert_rev_flags_per_method = revFlagsChain;
secStatus = configureRevocationParams(&rev);
if (secStatus) {
fprintf(stderr, "Can not config revocation parameters ");
break;
}
cvin[inParamIndex].type = cert_pi_revocationFlags;
cvin[inParamIndex].value.pointer.revocation = &rev;
inParamIndex++;
cvin[inParamIndex].type = cert_pi_date;
cvin[inParamIndex].value.scalar.time = time;
inParamIndex++;
cvin[inParamIndex].type = cert_pi_end;
cvout[0].type = cert_po_trustAnchor;
cvout[0].value.pointer.cert = NULL;
cvout[1].type = cert_po_certList;
cvout[1].value.pointer.chain = NULL;
/* setting pointer to CERTVerifyLog. Initialized structure
* will be used CERT_PKIXVerifyCert */
cvout[2].type = cert_po_errorLog;
cvout[2].value.pointer.log = &log;
cvout[3].type = cert_po_end;
secStatus = CERT_PKIXVerifyCert(firstCert, certUsage,
cvin, cvout, &pwdata);
if (secStatus != SECSuccess) {
break;
}
issuerCert = cvout[0].value.pointer.cert;
builtChain = cvout[1].value.pointer.chain;
} while (0);
/* Display validation results */
if (secStatus != SECSuccess || log.count > 0) {
CERTVerifyLogNode *node = NULL;
PRIntn err = PR_GetError();
fprintf(stderr, "Chain is bad, %d = %s\n", err, SECU_Strerror(err));
SECU_displayVerifyLog(stderr, &log, verbose);
/* Have cert refs in the log only in case of failure.
* Destroy them. */
for (node = log.head; node; node = node->next) {
if (node->cert)
CERT_DestroyCertificate(node->cert);
}
rv = 1;
} else {
fprintf(stderr, "Chain is good!\n");
if (issuerCert) {
if (verbose > 1) {
rv = SEC_PrintCertificateAndTrust(issuerCert, "Root Certificate",
NULL);
if (rv != SECSuccess) {
SECU_PrintError(progName, "problem printing certificate");
}
} else if (verbose > 0) {
SECU_PrintName(stdout, &issuerCert->subject, "Root "
"Certificate Subject:", 0);
}
CERT_DestroyCertificate(issuerCert);
}
if (builtChain) {
CERTCertListNode *node;
int count = 0;
char buff[256];
if (verbose) {
for(node = CERT_LIST_HEAD(builtChain); !CERT_LIST_END(node, builtChain);
node = CERT_LIST_NEXT(node), count++ ) {
sprintf(buff, "Certificate %d Subject", count + 1);
SECU_PrintName(stdout, &node->cert->subject, buff, 0);
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
if ( !arena ) {
fprintf(stderr, "out of memory");
goto punt;
}
secStatus = SEC_StringToOID(arena, &od.oid, oidStr, 0);
if (secStatus != SECSuccess) {
PORT_FreeArena(arena, PR_FALSE);
fprintf(stderr, "Can not encode oid: %s(%s)\n", oidStr,
SECU_Strerror(PORT_GetError()));
break;
}
oidTag = SECOID_AddEntry(&od);
PORT_FreeArena(arena, PR_FALSE);
if (oidTag == SEC_OID_UNKNOWN) {
fprintf(stderr, "Can not add new oid to the dynamic "
"table: %s\n", oidStr);
secStatus = SECFailure;
break;
}
cvin[inParamIndex].type = cert_pi_policyOID;
cvin[inParamIndex].value.arraySize = 1;
cvin[inParamIndex].value.array.oids = &oidTag;
inParamIndex++;
}
if (trustedCertList) {
cvin[inParamIndex].type = cert_pi_trustAnchors;
cvin[inParamIndex].value.pointer.chain = trustedCertList;
inParamIndex++;
}
cvin[inParamIndex].type = cert_pi_useAIACertFetch;
cvin[inParamIndex].value.scalar.b = certFetching;
inParamIndex++;
rev.leafTests.cert_rev_flags_per_method = revFlagsLeaf;
rev.chainTests.cert_rev_flags_per_method = revFlagsChain;
secStatus = configureRevocationParams(&rev);
if (secStatus) {
fprintf(stderr, "Can not config revocation parameters ");
break;
}
cvin[inParamIndex].type = cert_pi_revocationFlags;
cvin[inParamIndex].value.pointer.revocation = &rev;
inParamIndex++;
if (time) {
cvin[inParamIndex].type = cert_pi_date;
cvin[inParamIndex].value.scalar.time = time;
inParamIndex++;
}
cvin[inParamIndex].type = cert_pi_end;
cvout[0].type = cert_po_trustAnchor;
cvout[0].value.pointer.cert = NULL;
cvout[1].type = cert_po_certList;
cvout[1].value.pointer.chain = NULL;
/* setting pointer to CERTVerifyLog. Initialized structure
* will be used CERT_PKIXVerifyCert */
cvout[2].type = cert_po_errorLog;
cvout[2].value.pointer.log = &log;
cvout[3].type = cert_po_end;
secStatus = CERT_PKIXVerifyCert(firstCert, certUsage,
cvin, cvout, &pwdata);
if (secStatus != SECSuccess) {
break;
}
issuerCert = cvout[0].value.pointer.cert;
builtChain = cvout[1].value.pointer.chain;
} while (0);
/* Display validation results */
if (secStatus != SECSuccess || log.count > 0) {
CERTVerifyLogNode *node = NULL;
PRIntn err = PR_GetError();
fprintf(stderr, "Chain is bad, %d = %s\n", err, SECU_Strerror(err));
SECU_displayVerifyLog(stderr, &log, verbose);
/* Have cert refs in the log only in case of failure.
* Destroy them. */
for (node = log.head; node; node = node->next) {
if (node->cert)
CERT_DestroyCertificate(node->cert);
}
CERT_DestroyCertList(builtChain);
}
rv = 0;
}
rv = 1;
} else {
fprintf(stderr, "Chain is good!\n");
if (issuerCert) {
if (verbose > 1) {
rv = SEC_PrintCertificateAndTrust(issuerCert, "Root Certificate",
NULL);
if (rv != SECSuccess) {
SECU_PrintError(progName, "problem printing certificate");
}
} else if (verbose > 0) {
SECU_PrintName(stdout, &issuerCert->subject, "Root "
"Certificate Subject:", 0);
}
CERT_DestroyCertificate(issuerCert);
}
if (builtChain) {
CERTCertListNode *node;
int count = 0;
char buff[256];
if (verbose) {
for(node = CERT_LIST_HEAD(builtChain); !CERT_LIST_END(node, builtChain);
node = CERT_LIST_NEXT(node), count++ ) {
sprintf(buff, "Certificate %d Subject", count + 1);
SECU_PrintName(stdout, &node->cert->subject, buff, 0);
}
}
CERT_DestroyCertList(builtChain);
}
rv = 0;
}
} while (--vfyCounts > 0);
/* Need to destroy CERTVerifyLog arena at the end */
PORT_FreeArena(log.arena, PR_FALSE);

437
security/nss/lib/certdb/alg1485.c
View File

@ -102,7 +102,7 @@ static const NameToKind name2kinds[] = {
/* end of IANA registered type names */
/* legacy keywords */
{ "E", 128, SEC_OID_PKCS9_EMAIL_ADDRESS,SEC_ASN1_DS},
{ "E", 128, SEC_OID_PKCS9_EMAIL_ADDRESS,SEC_ASN1_IA5_STRING},
#if 0 /* removed. Not yet in any IETF draft or RFC. */
{ "pseudonym", 64, SEC_OID_AVA_PSEUDONYM, SEC_ASN1_DS},
@ -111,6 +111,28 @@ static const NameToKind name2kinds[] = {
{ 0, 256, SEC_OID_UNKNOWN , 0},
};
/* Table facilitates conversion of ASCII hex to binary. */
static const PRInt16 x2b[256] = {
/* #0x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #1x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #2x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #3x */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
/* #4x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #5x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #6x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #7x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #8x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #9x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #ax */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #bx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #cx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #dx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #ex */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #fx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
#define IS_HEX(c) (x2b[(PRUint8)(c)] >= 0)
#define C_DOUBLE_QUOTE '\042'
#define C_BACKSLASH '\134'
@ -140,6 +162,17 @@ static const NameToKind name2kinds[] = {
((c) == '=') || \
((c) == '?'))
/* RFC 2253 says we must escape ",+\"\\<>;=" EXCEPT inside a quoted string.
* Inside a quoted string, we only need to escape " and \
* We choose to quote strings containing any of those special characters,
* so we only need to escape " and \
*/
#define NEEDS_ESCAPE(c) \
(c == C_DOUBLE_QUOTE || c == C_BACKSLASH)
#define NEEDS_HEX_ESCAPE(c) \
((PRUint8)c < 0x20 || c == 0x7f)
int
cert_AVAOidTagToMaxLen(SECOidTag tag)
{
@ -222,11 +255,12 @@ scanTag(char **pbp, char *endptr, char *tagBuf, int tagBufSize)
return SECSuccess;
}
static SECStatus
/* Returns the number of bytes in the value. 0 means failure. */
static int
scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
{
char *bp, *valBufp;
int vallen;
int vallen = 0;
PRBool isQuoted;
PORT_Assert(valBufSize > 0);
@ -235,7 +269,7 @@ scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
skipSpace(pbp, endptr);
if(*pbp == endptr) {
/* nothing left */
return SECFailure;
return 0;
}
bp = *pbp;
@ -250,7 +284,6 @@ scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
}
valBufp = valBuf;
vallen = 0;
while (bp < endptr) {
char c = *bp;
if (c == C_BACKSLASH) {
@ -259,7 +292,12 @@ scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
if (bp >= endptr) {
/* escape charater must appear with paired char */
*pbp = bp;
return SECFailure;
return 0;
}
c = *bp;
if (IS_HEX(c) && (endptr - bp) >= 2 && IS_HEX(bp[1])) {
bp++;
c = (char)((x2b[(PRUint8)c] << 4) | x2b[(PRUint8)*bp]);
}
} else if (c == '#' && bp == *pbp) {
/* ignore leading #, quotation not required for it. */
@ -274,27 +312,28 @@ scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
vallen++;
if (vallen >= valBufSize) {
*pbp = bp;
return SECFailure;
return 0;
}
*valBufp++ = *bp++;
*valBufp++ = c;
bp++;
}
/* stip trailing spaces from unquoted values */
/* strip trailing spaces from unquoted values */
if (!isQuoted) {
if (valBufp > valBuf) {
valBufp--;
while ((valBufp > valBuf) && OPTIONAL_SPACE(*valBufp)) {
valBufp--;
}
valBufp++;
while (valBufp > valBuf) {
char c = valBufp[-1];
if (! OPTIONAL_SPACE(c))
break;
--valBufp;
}
vallen = valBufp - valBuf;
}
if (isQuoted) {
/* insist that we stopped on a double quote */
if (*bp != C_DOUBLE_QUOTE) {
*pbp = bp;
return SECFailure;
return 0;
}
/* skip over the quote and skip optional space */
bp++;
@ -303,37 +342,12 @@ scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
*pbp = bp;
if (valBufp == valBuf) {
/* empty value -- not allowed */
return SECFailure;
}
/* null-terminate valBuf -- guaranteed at least one space left */
*valBufp++ = 0;
*valBufp = 0;
return SECSuccess;
return vallen;
}
static const PRInt16 x2b[256] =
{
/* #0x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #1x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #2x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #3x */ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, -1, -1, -1, -1, -1, -1,
/* #4x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #5x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #6x */ -1, 10, 11, 12, 13, 14, 15, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #7x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #8x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #9x */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #ax */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #bx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #cx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #dx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #ex */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
/* #fx */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
};
/* Caller must set error code upon failure */
static SECStatus
hexToBin(PLArenaPool *pool, SECItem * destItem, const char * src, int len)
@ -379,14 +393,15 @@ ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr)
SECOidTag kind = SEC_OID_UNKNOWN;
SECStatus rv = SECFailure;
SECItem derOid = { 0, NULL, 0 };
SECItem derVal = { 0, NULL, 0};
char sep = 0;
char tagBuf[32];
char valBuf[384];
PORT_Assert(arena);
if (scanTag(pbp, endptr, tagBuf, sizeof(tagBuf)) == SECFailure ||
scanVal(pbp, endptr, valBuf, sizeof(valBuf)) == SECFailure) {
if (SECSuccess != scanTag(pbp, endptr, tagBuf, sizeof tagBuf) ||
!(valLen = scanVal(pbp, endptr, valBuf, sizeof valBuf))) {
goto loser;
}
@ -423,16 +438,13 @@ ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr)
/* Is this a hex encoding of a DER attribute value ? */
if ('#' == valBuf[0]) {
/* convert attribute value from hex to binary */
SECItem derVal = { 0, NULL, 0};
valLen = PORT_Strlen(valBuf+1);
rv = hexToBin(arena, &derVal, valBuf + 1, valLen);
rv = hexToBin(arena, &derVal, valBuf + 1, valLen - 1);
if (rv)
goto loser;
a = CERT_CreateAVAFromRaw(arena, &derOid, &derVal);
} else {
if (kind == SEC_OID_UNKNOWN)
goto loser;
valLen = PORT_Strlen(valBuf);
if (kind == SEC_OID_AVA_COUNTRY_NAME && valLen != 2)
goto loser;
if (vt == SEC_ASN1_PRINTABLE_STRING &&
@ -446,7 +458,9 @@ ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr)
vt = SEC_ASN1_UTF8_STRING;
}
a = CERT_CreateAVA(arena, kind, vt, (char *)valBuf);
derVal.data = valBuf;
derVal.len = valLen;
a = CERT_CreateAVAFromSECItem(arena, kind, vt, &derVal);
}
return a;
@ -580,10 +594,26 @@ AppendStr(stringBuf *bufp, char *str)
return SECSuccess;
}
typedef enum {
minimalEscape = 0, /* only hex escapes, and " and \ */
minimalEscapeAndQuote, /* as above, plus quoting */
fullEscape /* no quoting, full escaping */
} EQMode;
/* Some characters must be escaped as a hex string, e.g. c -> \nn .
* Others must be escaped by preceeding with a '\', e.g. c -> \c , but
* there are certain "special characters" that may be handled by either
* escaping them, or by enclosing the entire attribute value in quotes.
* A NULL value for pEQMode implies selecting minimalEscape mode.
* Some callers will do quoting when needed, others will not.
* If a caller selects minimalEscapeAndQuote, and the string does not
* need quoting, then this function changes it to minimalEscape.
*/
static int
cert_RFC1485_GetRequiredLen(const char *src, int srclen, PRBool *pNeedsQuoting)
cert_RFC1485_GetRequiredLen(const char *src, int srclen, EQMode *pEQMode)
{
int i, reqLen=0;
EQMode mode = pEQMode ? *pEQMode : minimalEscape;
PRBool needsQuoting = PR_FALSE;
char lastC = 0;
@ -591,70 +621,90 @@ cert_RFC1485_GetRequiredLen(const char *src, int srclen, PRBool *pNeedsQuoting)
for (i = 0; i < srclen; i++) {
char c = src[i];
reqLen++;
if (!needsQuoting && (SPECIAL_CHAR(c) ||
(OPTIONAL_SPACE(c) && OPTIONAL_SPACE(lastC)))) {
/* entirety will need quoting */
needsQuoting = PR_TRUE;
}
if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
/* this char will need escaping */
if (NEEDS_HEX_ESCAPE(c)) { /* c -> \xx */
reqLen += 2;
} else if (NEEDS_ESCAPE(c)) { /* c -> \c */
reqLen++;
} else if (SPECIAL_CHAR(c)) {
if (mode == minimalEscapeAndQuote) /* quoting is allowed */
needsQuoting = PR_TRUE; /* entirety will need quoting */
else if (mode == fullEscape)
reqLen++; /* MAY escape this character */
} else if (OPTIONAL_SPACE(c) && OPTIONAL_SPACE(lastC)) {
if (mode == minimalEscapeAndQuote) /* quoting is allowed */
needsQuoting = PR_TRUE; /* entirety will need quoting */
}
lastC = c;
}
/* if it begins or ends in optional space it needs quoting */
if (!needsQuoting && srclen > 0 &&
if (!needsQuoting && srclen > 0 && mode == minimalEscapeAndQuote &&
(OPTIONAL_SPACE(src[srclen-1]) || OPTIONAL_SPACE(src[0]))) {
needsQuoting = PR_TRUE;
}
if (needsQuoting)
reqLen += 2;
if (pNeedsQuoting)
*pNeedsQuoting = needsQuoting;
if (pEQMode && mode == minimalEscapeAndQuote && !needsQuoting)
*pEQMode = minimalEscape;
return reqLen;
}
SECStatus
CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen)
static const char hexChars[16] = { "0123456789abcdef" };
static SECStatus
escapeAndQuote(char *dst, int dstlen, char *src, int srclen, EQMode *pEQMode)
{
int i, reqLen=0;
char *d = dst;
PRBool needsQuoting = PR_FALSE;
EQMode mode = pEQMode ? *pEQMode : minimalEscape;
/* space for terminal null */
reqLen = cert_RFC1485_GetRequiredLen(src, srclen, &needsQuoting) + 1;
reqLen = cert_RFC1485_GetRequiredLen(src, srclen, &mode) + 1;
if (reqLen > dstlen) {
PORT_SetError(SEC_ERROR_OUTPUT_LEN);
return SECFailure;
}
d = dst;
if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
if (mode == minimalEscapeAndQuote)
*dst++ = C_DOUBLE_QUOTE;
for (i = 0; i < srclen; i++) {
char c = src[i];
if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
/* escape it */
*d++ = C_BACKSLASH;
if (NEEDS_HEX_ESCAPE(c)) {
*dst++ = C_BACKSLASH;
*dst++ = hexChars[ (c >> 4) & 0x0f ];
*dst++ = hexChars[ c & 0x0f ];
} else {
if (NEEDS_ESCAPE(c) || (SPECIAL_CHAR(c) && mode == fullEscape)) {
*dst++ = C_BACKSLASH;
}
*dst++ = c;
}
*d++ = c;
}
if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
*d++ = 0;
if (mode == minimalEscapeAndQuote)
*dst++ = C_DOUBLE_QUOTE;
*dst++ = 0;
if (pEQMode)
*pEQMode = mode;
return SECSuccess;
}
SECStatus
CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen)
{
EQMode mode = minimalEscapeAndQuote;
return escapeAndQuote(dst, dstlen, src, srclen, &mode);
}
/* convert an OID to dotted-decimal representation */
/* Returns a string that must be freed with PR_smprintf_free(), */
char *
CERT_GetOidString(const SECItem *oid)
{
PRUint8 *end;
PRUint8 *d;
PRUint8 *e;
char *a = NULL;
char *b;
PRUint8 *stop; /* points to first byte after OID string */
PRUint8 *first; /* byte of an OID component integer */
PRUint8 *last; /* byte of an OID component integer */
char *rvString = NULL;
char *prefix = NULL;
#define MAX_OID_LEN 1024 /* bytes */
@ -663,75 +713,113 @@ CERT_GetOidString(const SECItem *oid)
return NULL;
}
/* d will point to the next sequence of bytes to decode */
d = (PRUint8 *)oid->data;
/* end points to one past the legitimate data */
end = &d[ oid->len ];
/* first will point to the next sequence of bytes to decode */
first = (PRUint8 *)oid->data;
/* stop points to one past the legitimate data */
stop = &first[ oid->len ];
/*
* Check for our pseudo-encoded single-digit OIDs
*/
if( (*d == 0x80) && (2 == oid->len) ) {
if ((*first == 0x80) && (2 == oid->len)) {
/* Funky encoding. The second byte is the number */
a = PR_smprintf("%lu", (PRUint32)d[1]);
if( (char *)NULL == a ) {
rvString = PR_smprintf("%lu", (PRUint32)first[1]);
if (!rvString) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return (char *)NULL;
}
return a;
return rvString;
}
for( ; d < end; d = &e[1] ) {
for (; first < stop; first = last + 1) {
unsigned int bytesBeforeLast;
for( e = d; e < end; e++ ) {
if( 0 == (*e & 0x80) ) {
for (last = first; last < stop; last++) {
if (0 == (*last & 0x80)) {
break;
}
}
if( ((e-d) > 4) || (((e-d) == 4) && (*d & 0x70)) ) {
/* More than a 32-bit number */
} else {
bytesBeforeLast = (unsigned int)(last - first);
if (bytesBeforeLast <= 3U) { /* 0-28 bit number */
PRUint32 n = 0;
switch( e-d ) {
case 4:
n |= ((PRUint32)(e[-4] & 0x0f)) << 28;
case 3:
n |= ((PRUint32)(e[-3] & 0x7f)) << 21;
case 2:
n |= ((PRUint32)(e[-2] & 0x7f)) << 14;
case 1:
n |= ((PRUint32)(e[-1] & 0x7f)) << 7;
case 0:
n |= ((PRUint32)(e[-0] & 0x7f)) ;
PRUint32 c;
#define CGET(i, m) \
c = last[-i] & m; \
n |= c << (7 * i)
#define CASE(i, m) \
case i: \
CGET(i, m); \
if (!n) goto unsupported \
/* fall-through */
switch (bytesBeforeLast) {
CASE(3, 0x7f);
CASE(2, 0x7f);
CASE(1, 0x7f);
case 0: n |= last[0]; /* most significant bit is zero. */
break;
}
if( (char *)NULL == a ) {
if (!rvString) {
/* This is the first number.. decompose it */
PRUint32 one = PR_MIN(n/40, 2); /* never > 2 */
PRUint32 two = n - one * 40;
PRUint32 two = n - (one * 40);
a = PR_smprintf("OID.%lu.%lu", one, two);
if( (char *)NULL == a ) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
return (char *)NULL;
}
rvString = PR_smprintf("OID.%lu.%lu", one, two);
} else {
b = PR_smprintf("%s.%lu", a, n);
if( (char *)NULL == b ) {
PR_smprintf_free(a);
PORT_SetError(SEC_ERROR_NO_MEMORY);
return (char *)NULL;
}
prefix = rvString;
rvString = PR_smprintf("%s.%lu", prefix, n);
}
} else if (bytesBeforeLast <= 9U) { /* 29-64 bit number */
PRUint64 n = 0;
PRUint64 c;
switch (bytesBeforeLast) {
CASE(9, 0x01);
CASE(8, 0x7f);
CASE(7, 0x7f);
CASE(6, 0x7f);
CASE(5, 0x7f);
CASE(4, 0x7f);
CGET(3, 0x7f);
CGET(2, 0x7f);
CGET(1, 0x7f);
n |= last[0]; /* most significant bit is zero. */
break;
}
if (!rvString) {
/* This is the first number.. decompose it */
PRUint64 one = PR_MIN(n/40, 2); /* never > 2 */
PRUint64 two = n - (one * 40);
PR_smprintf_free(a);
a = b;
rvString = PR_smprintf("OID.%llu.%llu", one, two);
} else {
prefix = rvString;
rvString = PR_smprintf("%s.%llu", prefix, n);
}
} else {
/* More than a 64-bit number, or not minimal encoding. */
unsupported:
if (!rvString)
rvString = PR_smprintf("OID.UNSUPPORTED");
else {
prefix = rvString;
rvString = PR_smprintf("%s.UNSUPPORTED", prefix);
}
}
}
return a;
if (prefix) {
PR_smprintf_free(prefix);
prefix = NULL;
}
if (!rvString) {
PORT_SetError(SEC_ERROR_NO_MEMORY);
break;
}
}
return rvString;
}
/* convert DER-encoded hex to a string */
@ -826,6 +914,7 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava, CertStrictnessLevel strict)
SECStatus rv;
unsigned int len;
int nameLen, valueLen;
EQMode mode = minimalEscapeAndQuote;
NameToKind n2k = { NULL, 32767, SEC_OID_UNKNOWN, SEC_ASN1_DS };
char tmpBuf[384];
@ -907,7 +996,8 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava, CertStrictnessLevel strict)
nameLen = strlen(tagName);
valueLen = (useHex ? avaValue->len :
cert_RFC1485_GetRequiredLen(avaValue->data, avaValue->len, NULL));
cert_RFC1485_GetRequiredLen(avaValue->data, avaValue->len,
&mode));
len = nameLen + valueLen + 2; /* Add 2 for '=' and trailing NUL */
if (len <= sizeof(tmpBuf)) {
@ -934,8 +1024,8 @@ AppendAVA(stringBuf *bufp, CERTAVA *ava, CertStrictnessLevel strict)
encodedAVA[nameLen + avaValue->len] = '\0';
rv = SECSuccess;
} else
rv = CERT_RFC1485_EscapeAndQuote(encodedAVA + nameLen, len - nameLen,
(char *)avaValue->data, avaValue->len);
rv = escapeAndQuote(encodedAVA + nameLen, len - nameLen,
(char *)avaValue->data, avaValue->len, &mode);
SECITEM_FreeItem(avaValue, PR_TRUE);
if (rv == SECSuccess)
rv = AppendStr(bufp, encodedAVA);
@ -990,7 +1080,7 @@ CERT_NameToAsciiInvertible(CERTName *name, CertStrictnessLevel strict)
first = PR_FALSE;
}
/* Add in tag type plus value into buf */
/* Add in tag type plus value into strBuf */
rv = AppendAVA(&strBuf, ava, strict);
if (rv) goto loser;
newRDN = PR_FALSE;
@ -1044,44 +1134,58 @@ loser:
return(retstr);
}
static char *
avaToString(PRArenaPool *arena, CERTAVA *ava)
{
char * buf = NULL;
SECItem* avaValue;
int valueLen;
avaValue = CERT_DecodeAVAValue(&ava->value);
if(!avaValue) {
return buf;
}
valueLen = cert_RFC1485_GetRequiredLen(avaValue->data, avaValue->len,
NULL) + 1;
if (arena) {
buf = (char *)PORT_ArenaZAlloc(arena, valueLen);
} else {
buf = (char *)PORT_ZAlloc(valueLen);
}
if (buf) {
SECStatus rv = escapeAndQuote(buf, valueLen, (char *)avaValue->data,
avaValue->len, NULL);
if (rv != SECSuccess) {
if (!arena)
PORT_Free(buf);
buf = NULL;
}
}
SECITEM_FreeItem(avaValue, PR_TRUE);
return buf;
}
/* RDNs are sorted from most general to most specific.
* This code returns the FIRST one found, the most general one found.
*/
static char *
CERT_GetNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)
{
CERTRDN** rdns;
CERTRDN *rdn;
char *buf = 0;
rdns = name->rdns;
CERTRDN** rdns = name->rdns;
CERTRDN* rdn;
CERTAVA* ava = NULL;
while (rdns && (rdn = *rdns++) != 0) {
CERTAVA** avas = rdn->avas;
CERTAVA* ava;
while (avas && (ava = *avas++) != 0) {
int tag = CERT_GetAVATag(ava);
if ( tag == wantedTag ) {
SECItem *decodeItem = CERT_DecodeAVAValue(&ava->value);
if(!decodeItem) {
return NULL;
}
if (arena) {
buf = (char *)PORT_ArenaZAlloc(arena,decodeItem->len + 1);
} else {
buf = (char *)PORT_ZAlloc(decodeItem->len + 1);
}
if ( buf ) {
PORT_Memcpy(buf, decodeItem->data, decodeItem->len);
buf[decodeItem->len] = 0;
}
SECITEM_FreeItem(decodeItem, PR_TRUE);
goto done;
avas = NULL;
rdns = NULL; /* break out of all loops */
}
}
}
done:
return buf;
return ava ? avaToString(arena, ava) : NULL;
}
/* RDNs are sorted from most general to most specific.
@ -1091,12 +1195,10 @@ CERT_GetNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)
static char *
CERT_GetLastNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)
{
CERTRDN** rdns;
CERTRDN *rdn;
CERTAVA * lastAva = NULL;
char *buf = 0;
CERTRDN** rdns = name->rdns;
CERTRDN* rdn;
CERTAVA* lastAva = NULL;
rdns = name->rdns;
while (rdns && (rdn = *rdns++) != 0) {
CERTAVA** avas = rdn->avas;
CERTAVA* ava;
@ -1107,24 +1209,7 @@ CERT_GetLastNameElement(PRArenaPool *arena, CERTName *name, int wantedTag)
}
}
}
if (lastAva) {
SECItem *decodeItem = CERT_DecodeAVAValue(&lastAva->value);
if(!decodeItem) {
return NULL;
}
if (arena) {
buf = (char *)PORT_ArenaZAlloc(arena,decodeItem->len + 1);
} else {
buf = (char *)PORT_ZAlloc(decodeItem->len + 1);
}
if ( buf ) {
PORT_Memcpy(buf, decodeItem->data, decodeItem->len);
buf[decodeItem->len] = 0;
}
SECITEM_FreeItem(decodeItem, PR_TRUE);
}
return buf;
return lastAva ? avaToString(arena, lastAva) : NULL;
}
char *

13
security/nss/lib/certdb/cert.h
View File

@ -37,7 +37,7 @@
/*
* cert.h - public data structures and prototypes for the certificate library
*
* $Id: cert.h,v 1.75 2008/11/21 21:02:38 wtc%google.com Exp $
* $Id: cert.h,v 1.76 2009/03/20 18:03:57 nelson%bolyard.com Exp $
*/
#ifndef _CERT_H_
@ -174,6 +174,17 @@ extern char *CERT_FormatName (CERTName *name);
*/
extern char *CERT_Hexify (SECItem *i, int do_colon);
/*
** Converts DER string (with explicit length) into zString, if destination
** buffer is big enough to receive it. Does quoting and/or escaping as
** specified in RFC 1485. Input string must be single or multi-byte DER
** character set, (ASCII, UTF8, or ISO 8851-x) not a wide character set.
** Returns SECSuccess or SECFailure with error code set. If output buffer
** is too small, sets error code SEC_ERROR_OUTPUT_LEN.
*/
extern SECStatus
CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen);
/******************************************************************************
*
* Certificate handling operations

77
security/nss/lib/certdb/certdb.c
View File

@ -20,6 +20,7 @@
*
* Contributor(s):
* Aaron Spangler <aaron@spangler.ods.org>
* Kaspar Brand <mozbugzilla@velox.ch>
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
@ -38,7 +39,7 @@
/*
* Certificate handling code
*
* $Id: certdb.c,v 1.96 2009/02/09 07:51:30 nelson%bolyard.com Exp $
* $Id: certdb.c,v 1.100 2009/03/23 02:18:19 nelson%bolyard.com Exp $
*/
#include "nssilock.h"
@ -1446,32 +1447,61 @@ CERT_AddOKDomainName(CERTCertificate *cert, const char *hn)
** returns SECFailure with SSL_ERROR_BAD_CERT_DOMAIN if no match,
** returns SECFailure with some other error code if another error occurs.
**
** may modify cn, so caller must pass a modifiable copy.
** This function may modify string cn, so caller must pass a modifiable copy.
*/
static SECStatus
cert_TestHostName(char * cn, const char * hn)
{
int regvalid = PORT_RegExpValid(cn);
if (regvalid != NON_SXP) {
SECStatus rv;
/* cn is a regular expression, try to match the shexp */
int match = PORT_RegExpCaseSearch(hn, cn);
static int useShellExp = -1;
if ( match == 0 ) {
rv = SECSuccess;
} else {
PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
rv = SECFailure;
if (useShellExp < 0) {
useShellExp = (NULL != PR_GetEnv("NSS_USE_SHEXP_IN_CERT_NAME"));
}
if (useShellExp) {
/* Backward compatible code, uses Shell Expressions (SHEXP). */
int regvalid = PORT_RegExpValid(cn);
if (regvalid != NON_SXP) {
SECStatus rv;
/* cn is a regular expression, try to match the shexp */
int match = PORT_RegExpCaseSearch(hn, cn);
if ( match == 0 ) {
rv = SECSuccess;
} else {
PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
rv = SECFailure;
}
return rv;
}
return rv;
}
/* cn is not a regular expression */
} else {
/* New approach conforms to RFC 2818. */
char *wildcard = PORT_Strchr(cn, '*');
char *firstcndot = PORT_Strchr(cn, '.');
char *secondcndot = firstcndot ? PORT_Strchr(firstcndot+1, '.') : NULL;
char *firsthndot = PORT_Strchr(hn, '.');
/* compare entire hn with cert name */
/* For a cn pattern to be considered valid, the wildcard character...
* - may occur only in a DNS name with at least 3 components, and
* - may occur only as last character in the first component, and
* - may be preceded by additional characters
*/
if (wildcard && secondcndot && secondcndot[1] && firsthndot
&& firstcndot - wildcard == 1
&& secondcndot - firstcndot > 1
&& PORT_Strrchr(cn, '*') == wildcard
&& !PORT_Strncasecmp(cn, hn, wildcard - cn)
&& !PORT_Strcasecmp(firstcndot, firsthndot)) {
/* valid wildcard pattern match */
return SECSuccess;
}
}
/* String cn has no wildcard or shell expression.
* Compare entire string hn with cert name.
*/
if (PORT_Strcasecmp(hn, cn) == 0) {
return SECSuccess;
}
PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
return SECFailure;
}
@ -1522,15 +1552,18 @@ cert_VerifySubjectAltName(CERTCertificate *cert, const char *hn)
** so must copy it.
*/
int cnLen = current->name.other.len;
if (cnLen + 1 > cnBufLen) {
cnBufLen = cnLen + 1;
rv = CERT_RFC1485_EscapeAndQuote(cn, cnBufLen,
current->name.other.data, cnLen);
if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_OUTPUT_LEN) {
cnBufLen = cnLen * 3 + 3; /* big enough for worst case */
cn = (char *)PORT_ArenaAlloc(arena, cnBufLen);
if (!cn)
goto fail;
rv = CERT_RFC1485_EscapeAndQuote(cn, cnBufLen,
current->name.other.data, cnLen);
}
PORT_Memcpy(cn, current->name.other.data, cnLen);
cn[cnLen] = 0;
rv = cert_TestHostName(cn ,hn);
if (rv == SECSuccess)
rv = cert_TestHostName(cn ,hn);
if (rv == SECSuccess)
goto finish;
}

6
security/nss/lib/certdb/certi.h
View File

@ -36,7 +36,7 @@
/*
* certi.h - private data structures for the certificate library
*
* $Id: certi.h,v 1.27 2008/10/31 23:02:36 alexei.volkov.bugs%sun.com Exp $
* $Id: certi.h,v 1.28 2009/03/17 07:30:11 nelson%bolyard.com Exp $
*/
#ifndef _CERTI_H_
#define _CERTI_H_
@ -249,6 +249,10 @@ extern int cert_AVAOidTagToMaxLen(SECOidTag tag);
extern CERTAVA * CERT_CreateAVAFromRaw(PRArenaPool *pool,
const SECItem * OID, const SECItem * value);
/* Make an AVA from binary input specified by SECItem */
extern CERTAVA * CERT_CreateAVAFromSECItem(PRArenaPool *arena, SECOidTag kind,
int valueType, SECItem *value);
/*
* get a DPCache object for the given issuer subject and dp
* Automatically creates the cache object if it doesn't exist yet.

8
security/nss/lib/certdb/certt.h
View File

@ -36,7 +36,7 @@
/*
* certt.h - public data structures for the certificate library
*
* $Id: certt.h,v 1.48 2008/10/31 23:02:36 alexei.volkov.bugs%sun.com Exp $
* $Id: certt.h,v 1.49 2009/03/21 01:40:34 nelson%bolyard.com Exp $
*/
#ifndef _CERTT_H_
#define _CERTT_H_
@ -1253,6 +1253,12 @@ typedef enum CertStrictnessLevels {
#define CERT_ENABLE_LDAP_FETCH 1
#define CERT_ENABLE_HTTP_FETCH 2
/* This functin pointer type may be used for any function that takes
* a CERTCertificate * and returns an allocated string, which must be
* freed by a call to PORT_Free.
*/
typedef char * (*CERT_StringFromCertFcn)(CERTCertificate *cert);
/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
#include "secasn1t.h" /* way down here because I expect template stuff to

42
security/nss/lib/certdb/secname.c
View File

@ -149,31 +149,30 @@ SetupAVAType(PRArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
}
static SECStatus
SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it,
unsigned maxLen)
SetupAVAValue(PRArenaPool *arena, int valueType, const SECItem *in,
SECItem *out, unsigned maxLen)
{
PRUint8 *value, *cp, *ucs4Val;
unsigned valueLen, valueLenLen, total;
unsigned ucs4Len = 0, ucs4MaxLen;
unsigned char *cp, *ucs4Val;
value = in->data;
valueLen = in->len;
switch (valueType) {
case SEC_ASN1_PRINTABLE_STRING:
case SEC_ASN1_IA5_STRING:
case SEC_ASN1_T61_STRING:
case SEC_ASN1_UTF8_STRING: /* no conversion required */
valueLen = PORT_Strlen(value);
break;
case SEC_ASN1_UNIVERSAL_STRING:
valueLen = PORT_Strlen(value);
ucs4MaxLen = valueLen * 6;
ucs4Val = (unsigned char *)PORT_ArenaZAlloc(arena, ucs4MaxLen);
if(!ucs4Val || !PORT_UCS4_UTF8Conversion(PR_TRUE,
(unsigned char *)value, valueLen,
ucs4Val = (PRUint8 *)PORT_ArenaZAlloc(arena, ucs4MaxLen);
if(!ucs4Val || !PORT_UCS4_UTF8Conversion(PR_TRUE, value, valueLen,
ucs4Val, ucs4MaxLen, &ucs4Len)) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
value = (char *)ucs4Val;
value = ucs4Val;
valueLen = ucs4Len;
maxLen *= 4;
break;
@ -189,12 +188,13 @@ SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it,
valueLenLen = DER_LengthLength(valueLen);
total = 1 + valueLenLen + valueLen;
it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, total);
cp = (PRUint8*)PORT_ArenaAlloc(arena, total);
if (!cp) {
return SECFailure;
}
it->len = total;
cp = (unsigned char*) DER_StoreHeader(cp, valueType, valueLen);
out->data = cp;
out->len = total;
cp = (PRUint8 *)DER_StoreHeader(cp, valueType, valueLen);
PORT_Memcpy(cp, value, valueLen);
return SECSuccess;
}
@ -220,7 +220,8 @@ CERT_CreateAVAFromRaw(PRArenaPool *pool, const SECItem * OID,
}
CERTAVA *
CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
CERT_CreateAVAFromSECItem(PRArenaPool *arena, SECOidTag kind, int valueType,
SECItem *value)
{
CERTAVA *ava;
int rv;
@ -231,17 +232,28 @@ CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
if (rv) {
/* Illegal AVA type */
return 0;
return NULL;
}
rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
if (rv) {
/* Illegal value type */
return 0;
return NULL;
}
}
return ava;
}
CERTAVA *
CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
{
SECItem item = { siBuffer, NULL, 0 };
item.data = (PRUint8 *)value;
item.len = PORT_Strlen(value);
return CERT_CreateAVAFromSECItem(arena, kind, valueType, &item);
}
CERTAVA *
CERT_CopyAVA(PRArenaPool *arena, CERTAVA *from)
{

45
security/nss/lib/certhigh/certvfy.c
View File

@ -76,6 +76,7 @@ CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd,
{
SECStatus rv;
SECItem sig;
SECOidTag hashAlg = SEC_OID_UNKNOWN;
if ( !pubKey || !sd ) {
PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
@ -88,9 +89,18 @@ CERT_VerifySignedDataWithPublicKey(CERTSignedData *sd,
DER_ConvertBitString(&sig);
rv = VFY_VerifyDataWithAlgorithmID(sd->data.data, sd->data.len, pubKey,
&sig, &sd->signatureAlgorithm, NULL, wincx);
return rv ? SECFailure : SECSuccess;
&sig, &sd->signatureAlgorithm, &hashAlg, wincx);
if (rv == SECSuccess) {
/* Are we honoring signatures for this algorithm? */
PRUint32 policyFlags = 0;
rv = NSS_GetAlgorithmPolicy(hashAlg, &policyFlags);
if (rv == SECSuccess &&
!(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
rv = SECFailure;
}
}
return rv;
}
/*
@ -527,6 +537,7 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
case certUsageEmailRecipient:
case certUsageObjectSigner:
case certUsageVerifyCA:
case certUsageAnyCA:
case certUsageStatusResponder:
if ( CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
&trustType) != SECSuccess ) {
@ -735,7 +746,7 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
certUsage != certUsageStatusResponder) {
/*
* check the trust parms of the issuer
* XXX This choice of trustType seems arbitrary.
*/
if ( certUsage == certUsageVerifyCA ) {
if ( subjectCert->nsCertType & NS_CERT_TYPE_EMAIL_CA ) {
@ -748,13 +759,12 @@ cert_VerifyCertChainOld(CERTCertDBHandle *handle, CERTCertificate *cert,
}
flags = SEC_GET_TRUST_FLAGS(issuerCert->trust, trustType);
if (( flags & requiredFlags ) == requiredFlags) {
/* we found a trusted one, so return */
rv = rvFinal;
goto done;
}
if (flags & CERTDB_VALID_CA) {
if ( ( flags & requiredFlags ) == requiredFlags) {
/* we found a trusted one, so return */
rv = rvFinal;
goto done;
}
validCAOverride = PR_TRUE;
}
} else {
@ -1004,13 +1014,12 @@ CERT_VerifyCACertForUsage(CERTCertDBHandle *handle, CERTCertificate *cert,
* check the trust parms of the issuer
*/
flags = SEC_GET_TRUST_FLAGS(cert->trust, trustType);
if ( ( flags & requiredFlags ) == requiredFlags) {
/* we found a trusted one, so return */
rv = rvFinal;
goto done;
}
if (flags & CERTDB_VALID_CA) {
if ( ( flags & requiredFlags ) == requiredFlags) {
/* we found a trusted one, so return */
rv = rvFinal;
goto done;
}
validCAOverride = PR_TRUE;
}
}
@ -1377,6 +1386,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
}
break;
case certUsageVerifyCA:
case certUsageAnyCA:
requiredKeyUsage = KU_KEY_CERT_SIGN;
requiredCertType = NS_CERT_TYPE_CA;
if ( ! ( certType & NS_CERT_TYPE_CA ) ) {
@ -1947,6 +1957,7 @@ CERTCertList *
CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
{
CERTCertList *chain = NULL;
int count = 0;
if (NULL == cert) {
return NULL;
@ -1964,7 +1975,7 @@ CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
return NULL;
}
while (cert != NULL) {
while (cert != NULL && ++count <= CERT_MAX_CERT_CHAIN) {
if (SECSuccess != CERT_AddCertToListTail(chain, cert)) {
/* return partial chain */
PORT_SetError(SEC_ERROR_NO_MEMORY);

Some files were not shown because too many files have changed in this diff Show More