From fedora-directory-commits at redhat.com Thu Jan 3 21:35:31 2008 From: fedora-directory-commits at redhat.com (Robert Crittenden (rcritten)) Date: Thu, 3 Jan 2008 16:35:31 -0500 Subject: [Fedora-directory-commits] mod_nss nss_engine_vars.c,1.10,1.11 Message-ID: <200801032135.m03LZVZx002915@cvs-int.fedora.redhat.com> Author: rcritten Update of /cvs/dirsec/mod_nss In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2854 Modified Files: nss_engine_vars.c Log Message: Resolves BZ 248722 See if the certificate has a version before trying to decode it into a CGI variable. Index: nss_engine_vars.c =================================================================== RCS file: /cvs/dirsec/mod_nss/nss_engine_vars.c,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- nss_engine_vars.c 18 Oct 2007 18:26:21 -0000 1.10 +++ nss_engine_vars.c 3 Jan 2008 21:35:28 -0000 1.11 @@ -336,8 +336,13 @@ resdup = TRUE; if (strcEQ(var, "M_VERSION")) { - result = apr_psprintf(p, "%lu", DER_GetInteger(&xs->version)+1); - resdup = FALSE; + if (xs->version.data != NULL) { + result = apr_psprintf(p, "%lu", DER_GetInteger(&xs->version)+1); + resdup = FALSE; + } else { + result = apr_pstrdup(p, "UNKNOWN"); + resdup = FALSE; + } } else if (strcEQ(var, "M_SERIAL")) { result = apr_psprintf(p, "%lu", DER_GetInteger(&xs->serialNumber)); From fedora-directory-commits at redhat.com Mon Jan 7 22:32:18 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Mon, 7 Jan 2008 17:32:18 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/cm fedora-patch.inf, 1.1.2.15, 1.1.2.16 redhat-patch.inf, 1.1.2.16, 1.1.2.17 Message-ID: <200801072232.m07MWIS4022529@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/cm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22429 Modified Files: Tag: Directory71RtmBranch fedora-patch.inf redhat-patch.inf Log Message: Resolves: #203670 Summary: Tracking bug for Directory Server 7.1 SP 4 Description: updating patch info file to include the following patches: 202890, 229513, 231507, 247725, 297221, 339791, Index: fedora-patch.inf =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/fedora-patch.inf,v retrieving revision 1.1.2.15 retrieving revision 1.1.2.16 diff -u -r1.1.2.15 -r1.1.2.16 --- fedora-patch.inf 8 Jun 2006 19:08:20 -0000 1.1.2.15 +++ fedora-patch.inf 7 Jan 2008 22:32:16 -0000 1.1.2.16 @@ -49,15 +49,18 @@ base: ... file: 147585: plugins/slapd/slapi/examples/testpreop.c -file: 164834,165641,166229,173687,175063: bin/slapd/server/ns-slapd -file: 155276,164834,164843,165641,166229,173687,175063,179135,179137: bin/slapd/server/libslapd.* +file: 164834,165641,166229,173687,175063,202890,247725,297221: bin/slapd/server/ns-slapd +file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221: bin/slapd/server/libslapd.* file: 151678: bin/slapd/admin/bin/ds_newinst file: 151678: bin/slapd/admin/bin/ds_create -file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901: lib/libback-ldbm.* +file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507: lib/libback-ldbm.* file: 160003: bin/slapd/admin/scripts/template-db2index.pl file: 160003: bin/slapd/admin/bin/upgradeServer file: 164836,165600: lib/attr-unique-plugin.* file: 165640: lib/views-plugin.* +file: 339791: lib/syntax-plugin.* +file: 297221: lib/acl-plugin.* +file: 297221: lib/statechange-plugin.* file: 167478,160589: setup/setup file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi file: 167761: java/jars/ds71.jar Index: redhat-patch.inf =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/redhat-patch.inf,v retrieving revision 1.1.2.16 retrieving revision 1.1.2.17 diff -u -r1.1.2.16 -r1.1.2.17 --- redhat-patch.inf 26 Jul 2006 06:17:59 -0000 1.1.2.16 +++ redhat-patch.inf 7 Jan 2008 22:32:16 -0000 1.1.2.17 @@ -49,15 +49,18 @@ base: /share/builds/products/server/directry/7.1 file: 147585: plugins/slapd/slapi/examples/testpreop.c -file: 164834,165641,166229,173687,175063: bin/slapd/server/ns-slapd -file: 155276,164834,164843,165641,166229,173687,175063,179135,179137: bin/slapd/server/libslapd.* +file: 164834,165641,166229,173687,175063,202890,247725,297221: bin/slapd/server/ns-slapd +file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221: bin/slapd/server/libslapd.* file: 151678: bin/slapd/admin/bin/ds_newinst file: 151678: bin/slapd/admin/bin/ds_create -file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901: lib/libback-ldbm.* +file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507: lib/libback-ldbm.* file: 160003: bin/slapd/admin/scripts/template-db2index.pl file: 160003: bin/slapd/admin/bin/upgradeServer file: 164836,165600: lib/attr-unique-plugin.* file: 165640: lib/views-plugin.* +file: 339791: lib/syntax-plugin.* +file: 297221: lib/acl-plugin.* +file: 297221: lib/statechange-plugin.* file: 167478,160589: setup/setup file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi file: 167761: java/jars/ds71.jar From fedora-directory-commits at redhat.com Tue Jan 8 00:52:22 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Mon, 7 Jan 2008 19:52:22 -0500 Subject: [Fedora-directory-commits] ldapserver ldapserver.spec.tmpl, 1.10.2.9, 1.10.2.10 Message-ID: <200801080052.m080qMN0010612@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10587 Modified Files: Tag: Directory71RtmBranch ldapserver.spec.tmpl Log Message: Resolves: #203670 Summary: Tracking bug for Directory Server 7.1 SP 4 Description: - apply patches defined in DS7.1 SP4 PRD - increace the release number from 5 to 6 Index: ldapserver.spec.tmpl =================================================================== RCS file: /cvs/dirsec/ldapserver/Attic/ldapserver.spec.tmpl,v retrieving revision 1.10.2.9 retrieving revision 1.10.2.10 diff -u -r1.10.2.9 -r1.10.2.10 --- ldapserver.spec.tmpl 26 May 2006 23:43:39 -0000 1.10.2.9 +++ ldapserver.spec.tmpl 8 Jan 2008 00:52:20 -0000 1.10.2.10 @@ -45,7 +45,7 @@ Summary: @COMPANY-PRODUCT-NAME@ Name: @LCASE-COMPANY-NAME-NOSP at -ds Version: @GEN-VERSION@ -Release: 5. at PLATFORM@ +Release: 6. at PLATFORM@ License: GPL plus extensions Group: System Environment/Daemons URL: @COMPANY-URL@ @@ -135,6 +135,9 @@ fi %changelog +* Mon Jan 07 2008 Noriko Hosoi 7.1-4 +- apply patches defined in DS7.1 SP4 PRD + * Tue Sep 13 2005 Nathan Kinder 7.1-3 - use a macro for require list that is passed in via rpmbuild From fedora-directory-commits at redhat.com Wed Jan 9 18:59:57 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 9 Jan 2008 13:59:57 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication repl5_protocol_util.c, 1.8, 1.8.2.1 Message-ID: <200801091859.m09IxvGV031476@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31454 Modified Files: Tag: Directory71RtmBranch repl5_protocol_util.c Log Message: Resolves: 196523 Summary: miscellaneous memory leaks Description: applying the patch to Directory71RtmBranch Index: repl5_protocol_util.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_protocol_util.c,v retrieving revision 1.8 retrieving revision 1.8.2.1 diff -u -r1.8 -r1.8.2.1 --- repl5_protocol_util.c 18 May 2005 03:17:33 -0000 1.8 +++ repl5_protocol_util.c 9 Jan 2008 18:59:55 -0000 1.8.2.1 @@ -112,6 +112,10 @@ int return_value; ConnResult crc; Repl_Connection *conn; + struct berval *retdata = NULL; + char *retoid = NULL; + Slapi_DN *replarea_sdn = NULL; + struct berval **ruv_bervals = NULL; PR_ASSERT(prp && prot_oid); @@ -195,9 +199,6 @@ } else { CSN *current_csn = NULL; - struct berval *retdata = NULL; - char *retoid = NULL; - Slapi_DN *replarea_sdn; /* Good to go. Start the protocol. */ @@ -238,7 +239,6 @@ * Extop was processed. Look at extop response to see if we're * permitted to go ahead. */ - struct berval **ruv_bervals = NULL; int extop_result; int extop_rc = decode_repl_ext_response(retdata, &extop_result, &ruv_bervals); @@ -392,8 +392,6 @@ prp->last_acquire_response_code = NSDS50_REPL_INTERNAL_ERROR; return_value = ACQUIRE_FATAL_ERROR; } - if (NULL != ruv_bervals) - ber_bvecfree(ruv_bervals); } else { @@ -418,15 +416,18 @@ agmt_get_long_name(prp->agmt)); return_value = ACQUIRE_FATAL_ERROR; } - slapi_sdn_free(&replarea_sdn); - if (NULL != retoid) - ldap_memfree(retoid); - if (NULL != retdata) - ber_bvfree(retdata); } } } error: + if (NULL != ruv_bervals) + ber_bvecfree(ruv_bervals); + if (NULL != replarea_sdn) + slapi_sdn_free(&replarea_sdn); + if (NULL != retoid) + ldap_memfree(retoid); + if (NULL != retdata) + ber_bvfree(retdata); if (ACQUIRE_SUCCESS != return_value) { From fedora-directory-commits at redhat.com Wed Jan 9 19:37:06 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 9 Jan 2008 14:37:06 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd sasl_io.c, 1.6, 1.6.2.1 Message-ID: <200801091937.m09Jb6vg006709@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6670 Modified Files: Tag: Directory71RtmBranch sasl_io.c Log Message: Resolves: 428159 Summary: SASL IO functions set/get: argument mismatch Fix description: When setting the IO functions in sasl_io_setup, we could just use the local memory to pass the IO functions. And we don't need to worry about releasing the memory. Instead, we need to allocate the back up of the existing IO functions (real_iofns in the code), which is set in sasl_io_setup and needs to be released after setting it back in sasl_io_cleanup. Index: sasl_io.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/sasl_io.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- sasl_io.c 19 Apr 2005 22:07:37 -0000 1.6 +++ sasl_io.c 9 Jan 2008 19:37:04 -0000 1.6.2.1 @@ -100,15 +100,16 @@ sasl_io_setup(Connection *c) { int ret = 0; - struct lber_x_ext_io_fns *func_pointers = NULL; + struct lber_x_ext_io_fns func_pointers = {0}; + struct lber_x_ext_io_fns *real_iofns = (struct lber_x_ext_io_fns *) slapi_ch_malloc(LBER_X_EXTIO_FNS_SIZE); sasl_io_private *sp = (sasl_io_private*) slapi_ch_calloc(1, sizeof(sasl_io_private)); LDAPDebug( LDAP_DEBUG_CONNS, "sasl_io_setup for connection %d\n", c->c_connid, 0, 0 ); /* Get the current functions and store them for later */ - ber_sockbuf_get_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, &func_pointers); - sp->real_iofns = func_pointers; - func_pointers = NULL; + real_iofns->lbextiofn_size = LBER_X_EXTIO_FNS_SIZE; + ber_sockbuf_get_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, real_iofns ); + sp->real_iofns = real_iofns; /* released in sasl_io_cleanup */ /* Set up the private structure */ sp->real_handle = (struct lextiof_socket_private*) c->c_prfd; @@ -116,13 +117,12 @@ /* Store the private structure in the connection */ c->c_sasl_io_private = sp; /* Insert the sasl i/o functions into the ber layer */ - func_pointers = (struct lber_x_ext_io_fns *) slapi_ch_malloc(LBER_X_EXTIO_FNS_SIZE); - func_pointers->lbextiofn_size = LBER_X_EXTIO_FNS_SIZE; - func_pointers->lbextiofn_read = sasl_read_function; - func_pointers->lbextiofn_write = sasl_write_function; - func_pointers->lbextiofn_writev = NULL; - func_pointers->lbextiofn_socket_arg = (struct lextiof_socket_private *) sp; - ber_sockbuf_set_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, func_pointers); + func_pointers.lbextiofn_size = LBER_X_EXTIO_FNS_SIZE; + func_pointers.lbextiofn_read = sasl_read_function; + func_pointers.lbextiofn_write = sasl_write_function; + func_pointers.lbextiofn_writev = NULL; + func_pointers.lbextiofn_socket_arg = (struct lextiof_socket_private *) sp; + ret = ber_sockbuf_set_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, &func_pointers); /* Setup the data buffers for the fast read path */ sasl_io_init_buffers(sp); /* Reset the enable flag, so we don't process it again */ @@ -144,7 +144,10 @@ slapi_ch_free((void**)&(sp->encrypted_buffer)); slapi_ch_free((void**)&(sp->decrypted_buffer)); /* Put the I/O functions back how they were */ - ber_sockbuf_set_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, sp->real_iofns); + if (NULL != sp->real_iofns) { + ber_sockbuf_set_option( c->c_sb, LBER_SOCKBUF_OPT_EXT_IO_FNS, sp->real_iofns ); + slapi_ch_free((void**)&(sp->real_iofns)); + } slapi_ch_free((void**)&sp); c->c_sasl_io_private = NULL; c->c_enable_sasl_io = 0; From fedora-directory-commits at redhat.com Wed Jan 9 21:47:55 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 9 Jan 2008 16:47:55 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd sasl_io.c, 1.6.2.1, 1.6.2.2 Message-ID: <200801092147.m09LltdW024500@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24375 Modified Files: Tag: Directory71RtmBranch sasl_io.c Log Message: Resolves: #208058 Summary: "decoding error" when using GSSAPI and adding new entries. Description: applied the patch to Directory71RtmBranch Index: sasl_io.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/sasl_io.c,v retrieving revision 1.6.2.1 retrieving revision 1.6.2.2 diff -u -r1.6.2.1 -r1.6.2.2 --- sasl_io.c 9 Jan 2008 19:37:04 -0000 1.6.2.1 +++ sasl_io.c 9 Jan 2008 21:47:53 -0000 1.6.2.2 @@ -316,7 +316,8 @@ if (bytes_to_return > count) { bytes_to_return = count; } - memcpy(buffer, sp->decrypted_buffer, bytes_to_return); + /* Copy data from the decrypted buffer starting at the offset */ + memcpy(buffer, sp->decrypted_buffer + sp->decrypted_buffer_offset, bytes_to_return); if (bytes_in_buffer == bytes_to_return) { sp->decrypted_buffer_offset = 0; sp->decrypted_buffer_count = 0; From fedora-directory-commits at redhat.com Thu Jan 10 01:12:21 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 9 Jan 2008 20:12:21 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src create_instance.c, 1.18.2.1, 1.18.2.2 Message-ID: <200801100112.m0A1CLhY025688@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/admin/src In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25575/admin/src Modified Files: Tag: Directory71RtmBranch create_instance.c Log Message: Resolves: #311851 Summary: Remove hard-coded SASL mappings and replace with regex mappings Description: applied the patch to Directory71RtmBranch Index: create_instance.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/Attic/create_instance.c,v retrieving revision 1.18.2.1 retrieving revision 1.18.2.2 diff -u -r1.18.2.1 -r1.18.2.2 --- create_instance.c 26 Aug 2005 18:51:50 -0000 1.18.2.1 +++ create_instance.c 10 Jan 2008 01:12:19 -0000 1.18.2.2 @@ -3791,6 +3791,55 @@ fprintf(f, "cn: replication\n"); fprintf(f, "\n"); + /* bugzilla 311851: Don't allow * to be inserted into SASL mapping search*/ + fprintf(f, "dn: cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsContainer\n"); + fprintf(f, "cn: sasl\n"); + fprintf(f, "\n"); + + fprintf(f, "dn: cn=mapping,cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsContainer\n"); + fprintf(f, "cn: mapping\n"); + fprintf(f, "\n"); + + fprintf(f, "dn: cn=Kerberos uid mapping,cn=mapping,cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSaslMapping\n"); + fprintf(f, "cn: Kerberos uid mapping\n"); + fprintf(f, "nsSaslMapRegexString: \\(.*\\)@\\(.*\\)\\.\\(.*\\)\n"); + fprintf(f, "nsSaslMapBaseDNTemplate: dc=\\2,dc=\\3\n"); + fprintf(f, "nsSaslMapFilterTemplate: (uid=\\1)\n"); + fprintf(f, "\n"); + + fprintf(f, "dn: cn=rfc 2829 dn syntax,cn=mapping,cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSaslMapping\n"); + fprintf(f, "cn: rfc 2829 dn syntax\n"); + fprintf(f, "nsSaslMapRegexString: ^dn:\\(.*\\)\n"); + fprintf(f, "nsSaslMapBaseDNTemplate: \\1\n"); + fprintf(f, "nsSaslMapFilterTemplate: (objectclass=*)\n"); + fprintf(f, "\n"); + + fprintf(f, "dn: cn=rfc 2829 u syntax,cn=mapping,cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSaslMapping\n"); + fprintf(f, "cn: rfc 2829 u syntax\n"); + fprintf(f, "nsSaslMapRegexString: ^u:\\(.*\\)\n"); + fprintf(f, "nsSaslMapBaseDNTemplate: %s\n", cf->suffix); + fprintf(f, "nsSaslMapFilterTemplate: (uid=\\1)\n"); + fprintf(f, "\n"); + + fprintf(f, "dn: cn=uid mapping,cn=mapping,cn=sasl,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSaslMapping\n"); + fprintf(f, "cn: uid mapping\n"); + fprintf(f, "nsSaslMapRegexString: ^[^:@]+$\n"); + fprintf(f, "nsSaslMapBaseDNTemplate: %s\n", cf->suffix); + fprintf(f, "nsSaslMapFilterTemplate: (uid=&)\n"); + fprintf(f, "\n"); + if( cf->replicationdn && *(cf->replicationdn) ) { fprintf(f, "dn: cn=replication4,cn=replication,cn=config\n"); From fedora-directory-commits at redhat.com Thu Jan 10 01:12:21 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 9 Jan 2008 20:12:21 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd saslbind.c, 1.9.2.4, 1.9.2.5 Message-ID: <200801100112.m0A1CL48025682@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25575/servers/slapd Modified Files: Tag: Directory71RtmBranch saslbind.c Log Message: Resolves: #311851 Summary: Remove hard-coded SASL mappings and replace with regex mappings Description: applied the patch to Directory71RtmBranch Index: saslbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/saslbind.c,v retrieving revision 1.9.2.4 retrieving revision 1.9.2.5 diff -u -r1.9.2.4 -r1.9.2.5 --- saslbind.c 14 Mar 2006 19:36:23 -0000 1.9.2.4 +++ saslbind.c 10 Jan 2008 01:12:18 -0000 1.9.2.5 @@ -300,115 +300,56 @@ ) { int found = 0; - unsigned fsize = 0, ulen, rlen = 0; int attrsonly = 0, scope = LDAP_SCOPE_SUBTREE; - char filter[1024], *fptr = filter; LDAPControl **ctrls = NULL; Slapi_Entry *entry = NULL; Slapi_DN *sdn; char **attrs = NULL; - char *userattr = "uid", *realmattr = NULL, *ufilter = NULL; - void *node; int regexmatch = 0; - char *regex_ldap_search_base = NULL; - char *regex_ldap_search_filter = NULL; + char *base = NULL; + char *filter = NULL; - /* TODO: userattr & realmattr should be configurable */ - /* - * Check for dn: prefix. See RFC 2829 section 9. - */ - if (strncasecmp(user, "dn:", 3) == 0) { - sprintf(fptr, "(objectclass=*)"); - scope = LDAP_SCOPE_BASE; - ids_sasl_user_search((char*)user+3, scope, filter, + /* Check for wildcards in the authid and realm. If we encounter one, + * just fail the mapping without performing a costly internal search. */ + if (user && strchr(user, '*')) { + LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search encountered a wildcard in " + "the authid. Not attempting to map to entry. (authid=%s)\n", user, 0, 0); + return NULL; + } else if (user_realm && strchr(user_realm, '*')) { + LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search encountered a wildcard in " + "the realm. Not attempting to map to entry. (realm=%s)\n", user_realm, 0, 0); + return NULL; + } + + /* New regex-based identity mapping */ + regexmatch = sasl_map_domap((char*)user, (char*)user_realm, &base, &filter); + if (regexmatch) { + ids_sasl_user_search(base, scope, filter, ctrls, attrs, attrsonly, &entry, &found); - } else { - int offset = 0; - if (strncasecmp(user,"u:",2) == 0 ) - offset = 2; - /* TODO: quote the filter values */ - - /* New regex-based identity mapping : we call it here before the old code. - * If there's a match, we skip the old way, otherwise we plow ahead for backwards compatibility reasons - */ - regexmatch = sasl_map_domap((char*)user, (char*)user_realm, ®ex_ldap_search_base, ®ex_ldap_search_filter); - if (regexmatch) { - - ids_sasl_user_search(regex_ldap_search_base, scope, regex_ldap_search_filter, - ctrls, attrs, attrsonly, - &entry, &found); - - /* Free the filter etc */ - slapi_ch_free((void**)®ex_ldap_search_base); - slapi_ch_free((void**)®ex_ldap_search_filter); - } else { - - /* Ensure no buffer overflow. */ - /* We don't know what the upper limits on username and - * realm lengths are. There don't seem to be any defined - * in the relevant standards. We may find in the future - * that a 1K buffer is insufficient for some mechanism, - * but it seems unlikely given that the values are exposed - * to the end user. - */ - ulen = strlen(user+offset); - fsize += strlen(userattr) + ulen; - if (realmattr && user_realm) { - rlen = strlen(user_realm); - fsize += strlen(realmattr) + rlen; - } - if (ufilter) fsize += strlen(ufilter); - fsize += 100; /* includes a good safety margin */ - if (fsize > 1024) { - LDAPDebug(LDAP_DEBUG_ANY, "sasl user name and/or realm too long" - " (ulen=%u, rlen=%u)\n", ulen, rlen, 0); - return NULL; - } - - /* now we can safely write the filter */ - sprintf(fptr, "(&(%s=%s)", userattr, user+offset); - fptr += strlen(fptr); - if (realmattr && user_realm) { - sprintf(fptr, "(%s=%s)", realmattr, user_realm); - fptr += strlen(fptr); - } - if (ufilter) { - if (*ufilter == '(') { - sprintf(fptr, "%s", ufilter); - } else { - sprintf(fptr, "(%s)", ufilter); - } - fptr += strlen(fptr); - } - sprintf(fptr, ")"); - - /* iterate through the naming contexts */ - for (sdn = slapi_get_first_suffix(&node, 0); sdn != NULL; - sdn = slapi_get_next_suffix(&node, 0)) { - - ids_sasl_user_search((char*)slapi_sdn_get_dn(sdn), scope, filter, - ctrls, attrs, attrsonly, - &entry, &found); + if (found == 1) { + LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found this entry: dn:%s, " + "matching filter=%s\n", entry->e_sdn.dn, filter, 0); + } else if (found == 0) { + LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found no entries matching " + "filter=%s\n", filter, 0, 0); + } else { + LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found more than one entry " + "matching filter=%s\n", filter, 0, 0); + if (entry) { + slapi_entry_free(entry); + entry = NULL; } } - } - if (found == 1) { - LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found this entry: dn:%s, matching filter=%s\n", entry->e_sdn.dn, filter, 0); - return entry; - } - - if (found == 0) { - LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found no entries matching filter=%s\n", filter, 0, 0); - } else { - LDAPDebug(LDAP_DEBUG_TRACE, "sasl user search found more than one entry matching filter=%s\n", filter, 0, 0); + /* Free the filter etc */ + slapi_ch_free_string(&base); + slapi_ch_free_string(&filter); } - if (entry) slapi_entry_free(entry); - return NULL; + return entry; } static char *buf2str(const char *buf, unsigned buflen) From fedora-directory-commits at redhat.com Thu Jan 10 01:19:39 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 9 Jan 2008 20:19:39 -0500 Subject: [Fedora-directory-commits] dsgw/m4 sasl.m4, NONE, 1.1 fhs.m4, NONE, 1.1 adminutil.m4, 1.1.1.1, 1.2 icu.m4, 1.1.1.1, 1.2 mozldap.m4, 1.1.1.1, 1.2 nspr.m4, 1.1.1.1, 1.2 nss.m4, 1.1.1.1, 1.2 httpd.m4, 1.2, NONE Message-ID: <200801100119.m0A1Jd22026209@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw/m4 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26138/dsgw/m4 Modified Files: adminutil.m4 icu.m4 mozldap.m4 nspr.m4 nss.m4 Added Files: sasl.m4 fhs.m4 Removed Files: httpd.m4 Log Message: update of autotool files based on recent ldapserver and adminserver --- NEW FILE sasl.m4 --- # BEGIN COPYRIGHT BLOCK # Copyright (C) 2007 Red Hat, Inc. # All rights reserved. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # END COPYRIGHT BLOCK # -*- tab-width: 4; -*- # Configure paths for SASL dnl ======================================================== dnl = sasl is used to support various authentication mechanisms dnl = such as DIGEST-MD5 and GSSAPI. dnl ======================================================== dnl ======================================================== dnl = Use the sasl libraries on the system (assuming it exists) dnl ======================================================== AC_CHECKING(for sasl) AC_MSG_CHECKING(for --with-sasl) AC_ARG_WITH(sasl, [[ --with-sasl=PATH Use sasl from supplied path]], dnl = Look in the standard system locations [ if test "$withval" = "yes"; then AC_MSG_RESULT(yes) dnl = Check for sasl.h in the normal locations if test -f /usr/include/sasl/sasl.h; then sasl_inc="-I/usr/include/sasl" elif test -f /usr/include/sasl.h; then sasl_inc="-I/usr/include" else AC_MSG_ERROR(sasl.h not found) fi dnl = Check the user provided location elif test -d "$withval" -a -d "$withval/lib" -a -d "$withval/include" ; then AC_MSG_RESULT([using $withval]) if test -f "$withval/include/sasl/sasl.h"; then sasl_inc="-I$withval/include/sasl" elif test -f "$withval/include/sasl.h"; then sasl_inc="-I$withval/include" else AC_MSG_ERROR(sasl.h not found) fi sasl_lib="-L$withval/lib" sasl_libdir="$withval/lib" else AC_MSG_RESULT(yes) AC_MSG_ERROR([sasl not found in $withval]) fi ], AC_MSG_RESULT(no)) AC_MSG_CHECKING(for --with-sasl-inc) AC_ARG_WITH(sasl-inc, [[ --with-sasl-inc=PATH SASL include file directory]], [ if test -f "$withval"/sasl.h; then AC_MSG_RESULT([using $withval]) sasl_inc="-I$withval" else echo AC_MSG_ERROR([$withval/sasl.h not found]) fi ], AC_MSG_RESULT(no)) AC_MSG_CHECKING(for --with-sasl-lib) AC_ARG_WITH(sasl-lib, [[ --with-sasl-lib=PATH SASL library directory]], [ if test -d "$withval"; then AC_MSG_RESULT([using $withval]) sasl_lib="-L$withval" sasl_libdir="$withval" else echo AC_MSG_ERROR([$withval not found]) fi ], AC_MSG_RESULT(no)) if test -z "$sasl_inc"; then AC_MSG_CHECKING(for sasl.h) dnl - Check for sasl in standard system locations if test -f /usr/include/sasl/sasl.h; then AC_MSG_RESULT([using /usr/include/sasl/sasl.h]) sasl_inc="-I/usr/include/sasl" elif test -f /usr/include/sasl.h; then AC_MSG_RESULT([using /usr/include/sasl.h]) sasl_inc="-I/usr/include" else AC_MSG_RESULT(no) AC_MSG_ERROR([sasl not found, specify with --with-sasl.]) fi fi --- NEW FILE fhs.m4 --- # BEGIN COPYRIGHT BLOCK # Copyright (C) 2006 Red Hat, Inc. # All rights reserved. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # END COPYRIGHT BLOCK AC_CHECKING(for FHS) # check for --with-fhs AC_MSG_CHECKING(for --with-fhs) AC_ARG_WITH(fhs, [ --with-fhs Use FHS layout], [ with_fhs=yes AC_MSG_RESULT(yes) ], AC_MSG_RESULT(no)) if test "$with_fhs" = "yes"; then AC_DEFINE([IS_FHS], [1], [Use FHS layout]) fi # check for --with-fhs-opt AC_MSG_CHECKING(for --with-fhs-opt) AC_ARG_WITH(fhs-opt, [ --with-fhs-opt Use FHS optional layout], [ with_fhs_opt=yes AC_MSG_RESULT(yes) ], AC_MSG_RESULT(no)) if test "$with_fhs_opt" = "yes"; then AC_DEFINE([IS_FHS_OPT], [1], [Use FHS optional layout]) fi if test "$with_fhs" = "yes" -a "$with_fhs_opt" = "yes"; then AC_MSG_ERROR([Can't set both --with-fhs and --with-fhs-opt. Please only use one of these options.]) fi Index: adminutil.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/m4/adminutil.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- adminutil.m4 1 Jun 2006 19:43:50 -0000 1.1.1.1 +++ adminutil.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -29,15 +29,8 @@ AC_MSG_RESULT([using $withval]) ADMINUTILDIR=$withval adminutil_lib="-L$ADMINUTILDIR/lib" - # check for version - only needed for older adminutil versions - for file in $ADMINUTILDIR/lib/* ; do - echo $file | grep 'libadminutil[[0-9][0-9]]' && adminutil_ver=`echo $file | sed -e 's/.*libadminutil\([[0-9][0-9]]\).*/\1/'` ; break - done - # use the latest one - adminutil_incdir=`ls -1d $ADMINUTILDIR/include/adminutil-* | sort -n | tail -1` - if ! test -n "$adminutil_incdir" -a -d "$adminutil_incdir" ; then - adminutil_incdir=$ADMINUTILDIR/include - fi + adminutil_libdir="$ADMINUTILDIR/lib" + adminutil_incdir=$ADMINUTILDIR/include if ! test -e "$adminutil_incdir/libadminutil/admutil.h" ; then AC_MSG_ERROR([$withval include dir not found]) fi @@ -59,6 +52,7 @@ if $PKG_CONFIG --exists adminutil; then adminutil_inc=`$PKG_CONFIG --cflags-only-I adminutil` adminutil_lib=`$PKG_CONFIG --libs-only-L adminutil` + adminutil_libdir=`$PKG_CONFIG --libs-only-L adminutil | sed -e s/-L// | sed -e s/\ .*$//` else AC_MSG_ERROR([ADMINUTIL not found, specify with --with-adminutil.]) fi Index: icu.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/m4/icu.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- icu.m4 1 Jun 2006 19:43:50 -0000 1.1.1.1 +++ icu.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -27,14 +27,15 @@ if test -d "$withval"/lib then AC_MSG_RESULT([using $withval]) - ICUDIR=$withval + ICUDIR="$withval" icu_lib="-L$ICUDIR/lib" + icu_libdir="$ICUDIR/lib" else echo AC_MSG_ERROR([$withval not found]) fi - icu_inc=$withval/include - icu_bin=$withval/bin + icu_inc="-I$withval/include" + icu_bin="$withval/bin" ], AC_MSG_RESULT(no)) @@ -61,6 +62,7 @@ then AC_MSG_RESULT([using $withval]) icu_lib="-L$withval" + icu_libdir="$withval" else echo AC_MSG_ERROR([$withval not found]) @@ -82,7 +84,7 @@ fi ], AC_MSG_RESULT(no)) -# if not found yet, try pkg-config +# if ICU is not found yet, try pkg-config # last resort if test -z "$icu_lib"; then @@ -90,8 +92,10 @@ AC_PATH_PROG(ICU_CONFIG, icu-config) if test -n "$ICU_CONFIG"; then icu_lib=`$ICU_CONFIG --ldflags-searchpath` + icu_libdir=`$ICU_CONFIG --libdir` icu_inc=`$ICU_CONFIG --cppflags-searchpath` icu_bin=`$ICU_CONFIG --bindir` + AC_MSG_RESULT([using system ICU]) else AC_MSG_ERROR([ICU not found, specify with --with-icu.]) fi Index: mozldap.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/m4/mozldap.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- mozldap.m4 1 Jun 2006 19:43:50 -0000 1.1.1.1 +++ mozldap.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -1,5 +1,5 @@ # BEGIN COPYRIGHT BLOCK -# Copyright (C) 2006 Red Hat, Inc. +# Copyright (C) 2007 Red Hat, Inc. # All rights reserved. # # This program is free software; you can redistribute it and/or @@ -30,6 +30,8 @@ LDAPSDKDIR=$withval ldapsdk_inc="-I$LDAPSDKDIR/include" ldapsdk_lib="-L$LDAPSDKDIR/lib" + ldapsdk_libdir="$LDAPSDKDIR/lib" + ldapsdk_bindir="$LDAPSDKDIR/bin" else echo AC_MSG_ERROR([$withval not found]) @@ -60,6 +62,7 @@ then AC_MSG_RESULT([using $withval]) ldapsdk_lib="-L$withval" + ldapsdk_libdir="$withval" else echo AC_MSG_ERROR([$withval not found]) @@ -70,18 +73,49 @@ # if LDAPSDK is not found yet, try pkg-config # last resort -if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then - AC_MSG_CHECKING(for mozldap with pkg-config) +if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib" -o -z "$ldapsdk_libdir" -o -z "$ldapsdk_bindir"; then AC_PATH_PROG(PKG_CONFIG, pkg-config) + AC_MSG_CHECKING(for mozldap with pkg-config) if test -n "$PKG_CONFIG"; then - if $PKG_CONFIG --exists mozldap; then - nspr_inc=`$PKG_CONFIG --cflags-only-I mozldap` - nspr_lib=`$PKG_CONFIG --libs-only-L mozldap` + if $PKG_CONFIG --exists mozldap6; then + mozldappkg=mozldap6 + elif $PKG_CONFIG --exists mozldap; then + mozldappkg=mozldap else AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) fi + ldapsdk_inc=`$PKG_CONFIG --cflags-only-I $mozldappkg` + ldapsdk_libdir=`$PKG_CONFIG --variable=libdir $mozldappkg` + ldapsdk_lib="-L$ldapsdk_libdir" + ldapsdk_bindir=`$PKG_CONFIG --variable=bindir $mozldappkg` + AC_MSG_RESULT([using system $mozldappkg]) fi fi if test -z "$ldapsdk_inc" -o -z "$ldapsdk_lib"; then AC_MSG_ERROR([LDAPSDK not found, specify with --with-ldapsdk[-inc|-lib].]) fi +dnl default path for the ldap c sdk tools (see [210947] for more details) +if test -z "$ldapsdk_bindir" ; then + if [ -d $libdir/mozldap6 ] ; then + ldapsdk_bindir=$libdir/mozldap6 + else + ldapsdk_bindir=$libdir/mozldap + fi +fi + +dnl make sure the ldap sdk version is 6 or greater - we do not support +dnl the old 5.x or prior versions - the ldap server code expects the new +dnl ber types and other code used with version 6 +save_cppflags="$CPPFLAGS" +CPPFLAGS="$ldapsdk_inc $nss_inc $nspr_inc" +AC_CHECK_HEADER([ldap.h], [isversion6=1], [isversion6=], +[#include +#if LDAP_VENDOR_VERSION < 600 +#error The LDAP C SDK version is not supported +#endif +]) +CPPFLAGS="$save_cppflags" + +if test -z "$isversion6" ; then + AC_MSG_ERROR([The LDAPSDK version in $ldapsdk_inc/ldap-standard.h is not supported]) +fi Index: nspr.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/m4/nspr.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- nspr.m4 1 Jun 2006 19:43:50 -0000 1.1.1.1 +++ nspr.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -1,5 +1,5 @@ # BEGIN COPYRIGHT BLOCK -# Copyright (C) 2006 Red Hat, Inc. +# Copyright (C) 2007 Red Hat, Inc. # All rights reserved. # # This program is free software; you can redistribute it and/or @@ -30,6 +30,7 @@ NSPRDIR=$withval nspr_inc="-I$NSPRDIR/include" nspr_lib="-L$NSPRDIR/lib" + nspr_libdir="$NSPRDIR/lib" else echo AC_MSG_ERROR([$withval not found]) @@ -60,6 +61,7 @@ then AC_MSG_RESULT([using $withval]) nspr_lib="-L$withval" + nspr_libdir="$withval" else echo AC_MSG_ERROR([$withval not found]) @@ -70,13 +72,20 @@ # if NSPR is not found yet, try pkg-config # last resort -if test -z "$nspr_inc" -o -z "$nspr_lib"; then - AC_MSG_CHECKING(for nspr with pkg-config) +if test -z "$nspr_inc" -o -z "$nspr_lib" -o -z "$nspr_libdir"; then AC_PATH_PROG(PKG_CONFIG, pkg-config) + AC_MSG_CHECKING(for nspr with pkg-config) if test -n "$PKG_CONFIG"; then if $PKG_CONFIG --exists nspr; then nspr_inc=`$PKG_CONFIG --cflags-only-I nspr` nspr_lib=`$PKG_CONFIG --libs-only-L nspr` + nspr_libdir=`$PKG_CONFIG --libs-only-L nspr | sed -e s/-L// | sed -e s/\ .*$//` + AC_MSG_RESULT([using system NSPR]) + elif $PKG_CONFIG --exists dirsec-nspr; then + nspr_inc=`$PKG_CONFIG --cflags-only-I dirsec-nspr` + nspr_lib=`$PKG_CONFIG --libs-only-L dirsec-nspr` + nspr_libdir=`$PKG_CONFIG --libs-only-L dirsec-nspr | sed -e s/-L// | sed -e s/\ .*$//` + AC_MSG_RESULT([using system dirsec NSPR]) else AC_MSG_ERROR([NSPR not found, specify with --with-nspr.]) fi Index: nss.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/m4/nss.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- nss.m4 1 Jun 2006 19:43:50 -0000 1.1.1.1 +++ nss.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -1,5 +1,5 @@ # BEGIN COPYRIGHT BLOCK -# Copyright (C) 2006 Red Hat, Inc. +# Copyright (C) 2007 Red Hat, Inc. # All rights reserved. # # This program is free software; you can redistribute it and/or @@ -30,6 +30,7 @@ NSSDIR=$withval nss_inc="-I$NSSDIR/include" nss_lib="-L$NSSDIR/lib" + nss_libdir="$NSSDIR/lib" else echo AC_MSG_ERROR([$withval not found]) @@ -60,6 +61,7 @@ then AC_MSG_RESULT([using $withval]) nss_lib="-L$withval" + nss_libdir="$withval" else echo AC_MSG_ERROR([$withval not found]) @@ -70,13 +72,20 @@ # if NSS is not found yet, try pkg-config # last resort -if test -z "$nss_inc" -o -z "$nss_lib"; then - AC_MSG_CHECKING(for nss with pkg-config) +if test -z "$nss_inc" -o -z "$nss_lib" -o -z "$nss_libdir"; then AC_PATH_PROG(PKG_CONFIG, pkg-config) + AC_MSG_CHECKING(for nss with pkg-config) if test -n "$PKG_CONFIG"; then if $PKG_CONFIG --exists nss; then nss_inc=`$PKG_CONFIG --cflags-only-I nss` nss_lib=`$PKG_CONFIG --libs-only-L nss` + nss_libdir=`$PKG_CONFIG --variable=libdir nss` + AC_MSG_RESULT([using system NSS]) + elif $PKG_CONFIG --exists dirsec-nss; then + nss_inc=`$PKG_CONFIG --cflags-only-I dirsec-nss` + nss_lib=`$PKG_CONFIG --libs-only-L dirsec-nss` + nss_libdir=`$PKG_CONFIG --variable=libdir dirsec-nss` + AC_MSG_RESULT([using system dirsec NSS]) else AC_MSG_ERROR([NSS not found, specify with --with-nss.]) fi --- httpd.m4 DELETED --- From fedora-directory-commits at redhat.com Thu Jan 10 01:19:38 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 9 Jan 2008 20:19:38 -0500 Subject: [Fedora-directory-commits] dsgw autogen.sh, NONE, 1.1 compile, NONE, 1.1 config.guess, NONE, 1.1 config.sub, NONE, 1.1 ltmain.sh, NONE, 1.1 Makefile.am, 1.2, 1.3 Makefile.in, 1.2, 1.3 aclocal.m4, 1.1.1.1, 1.2 config.c, 1.1.1.1, 1.2 config.h.in, 1.1.1.1, 1.2 configure, 1.2, 1.3 configure.ac, 1.2, 1.3 dsgw.h, 1.1.1.1, 1.2 dsgwgetlang.c, 1.1.1.1, 1.2 dsgwutil.c, 1.1.1.1, 1.2 Message-ID: <200801100119.m0A1JcmX026195@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26138/dsgw Modified Files: Makefile.am Makefile.in aclocal.m4 config.c config.h.in configure configure.ac dsgw.h dsgwgetlang.c dsgwutil.c Added Files: autogen.sh compile config.guess config.sub ltmain.sh Log Message: update of autotool files based on recent ldapserver and adminserver --- NEW FILE autogen.sh --- #!/bin/sh # Check autoconf version AC_VERSION=`autoconf --version | grep '^autoconf' | sed 's/.*) *//'` case $AC_VERSION in '' | 0.* | 1.* | 2.[0-4]* | 2.[0-9] | 2.5[0-8]* ) echo "You must have autoconf version 2.59 or later installed (found version $AC_VERSION)." exit 1 ;; * ) echo "Found autoconf version $AC_VERSION" ;; esac # Check automake version AM_VERSION=`automake --version | grep '^automake' | sed 's/.*) *//'` case $AM_VERSION in 1.1*) echo "Found automake version $AM_VERSION" ;; # 1.10 or later - ok '' | 0.* | 1.[0-8]* | 1.9.[0-5]* ) echo "You must have automake version 1.9.6 or later installed (found version $AM_VERSION)." exit 1 ;; * ) echo "Found automake version $AM_VERSION" ;; esac # Check libtool version LT_VERSION=`libtool --version | grep ' libtool)' | sed 's/.*) \([0-9][0-9.]*\)[^ ]* .*/\1/'` case $LT_VERSION in '' | 0.* | 1.[0-4]* | 1.5.[0-9] | 1.5.[0-1]* | 1.5.2[0-1]* ) echo "You must have libtool version 1.5.22 or later installed (found version $LT_VERSION)." exit 1 ;; * ) echo "Found libtool version $LT_VERSION" ;; esac # Run autoreconf echo "Running autoreconf -fvi" autoreconf -fvi --- NEW FILE compile --- #! /bin/sh # Wrapper for compilers which do not understand `-c -o'. scriptversion=2005-05-14.22 # Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . case $1 in '') echo "$0: No command. Try \`$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] Wrapper for compilers which do not understand `-c -o'. Remove `-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the right script to run: please start by reading the file `INSTALL'. Report bugs to . EOF exit $? ;; -v | --v*) echo "compile $scriptversion" exit $? ;; esac ofile= cfile= eat= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as `compile cc -o foo foo.c'. # So we strip `-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) ofile=$2 ;; *) set x "$@" -o "$2" shift ;; esac ;; *.c) cfile=$1 set x "$@" "$1" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -z "$ofile" || test -z "$cfile"; then # If no `-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no # `.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'` # Create the lock directory. # Note: use `[/.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break fi sleep 1 done # FIXME: race condition here if user kills between mkdir and trap. trap "rmdir '$lockdir'; exit 1" 1 2 15 # Run the compile. "$@" ret=$? if test -f "$cofile"; then mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-end: "$" # End: --- NEW FILE config.guess --- #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. timestamp='2005-07-08' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA # 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Originally written by Per Bothner . # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. # # This script attempts to guess a canonical system name similar to # config.sub. If it succeeds, it prints the system name on stdout, and # exits with 0. Otherwise, it exits with 1. # # The plan is that this can be called by configure scripts if you # don't specify an explicit build system type. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] Output the configuration name of the system \`$me' is run on. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" >&2 exit 1 ;; * ) break ;; esac done if test $# != 0; then echo "$me: too many arguments$help" >&2 exit 1 fi trap 'exit 1' 1 2 15 # CC_FOR_BUILD -- compiler used by this script. Note that the use of a # compiler to aid in system detection is discouraged as it requires # temporary files to be created and, as you can see below, it is a # headache to deal with in a portable fashion. # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still # use `HOST_CC' if defined, but it is deprecated. # Portable tmp directory creation inspired by the Autoconf team. set_cc_for_build=' trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; : ${TMPDIR=/tmp} ; { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; dummy=$tmp/dummy ; tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; case $CC_FOR_BUILD,$HOST_CC,$CC in ,,) echo "int x;" > $dummy.c ; for c in cc gcc c89 c99 ; do if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then CC_FOR_BUILD="$c"; break ; fi ; done ; if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found ; fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; esac ; set_cc_for_build= ;' # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi at noc.rutgers.edu 1994-08-24) if (test -f /.attbin/uname) >/dev/null 2>&1 ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward # compatibility and a consistent mechanism for selecting the # object file format. # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". sysctl="sysctl -n hw.machine_arch" UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ /usr/sbin/$sysctl 2>/dev/null || echo unknown)` case "${UNAME_MACHINE_ARCH}" in armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently, or will in the future. case "${UNAME_MACHINE_ARCH}" in arm*|i386|m68k|ns32k|sh3*|sparc|vax) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep __ELF__ >/dev/null then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? os=netbsd else os=netbsdelf fi ;; *) os=netbsd ;; esac # The OS release # Debian GNU/NetBSD machines have a different userland, and # thus, need a distinct triplet. However, they do not need # kernel version information, so it can be replaced with a # suitable tag, in the style of linux-gnu. case "${UNAME_VERSION}" in Debian*) release='-gnu' ;; *) release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` ;; esac # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} exit ;; *:ekkoBSD:*:*) echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} exit ;; macppc:MirBSD:*:*) echo powerppc-unknown-mirbsd${UNAME_RELEASE} exit ;; *:MirBSD:*:*) echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} exit ;; alpha:OSF1:*:*) case $UNAME_RELEASE in *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on # OSF/1 and Tru64 systems produced since 1995. I hope that # covers most systems running today. This code pipes the CPU # types through head -n 1, so we only detect the type of CPU 0. ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` case "$ALPHA_CPU_TYPE" in "EV4 (21064)") UNAME_MACHINE="alpha" ;; "EV4.5 (21064)") UNAME_MACHINE="alpha" ;; "LCA4 (21066/21068)") UNAME_MACHINE="alpha" ;; "EV5 (21164)") UNAME_MACHINE="alphaev5" ;; "EV5.6 (21164A)") UNAME_MACHINE="alphaev56" ;; "EV5.6 (21164PC)") UNAME_MACHINE="alphapca56" ;; "EV5.7 (21164PC)") UNAME_MACHINE="alphapca57" ;; "EV6 (21264)") UNAME_MACHINE="alphaev6" ;; "EV6.7 (21264A)") UNAME_MACHINE="alphaev67" ;; "EV6.8CB (21264C)") UNAME_MACHINE="alphaev68" ;; "EV6.8AL (21264B)") UNAME_MACHINE="alphaev68" ;; "EV6.8CX (21264D)") UNAME_MACHINE="alphaev68" ;; "EV6.9A (21264/EV69A)") UNAME_MACHINE="alphaev69" ;; "EV7 (21364)") UNAME_MACHINE="alphaev7" ;; "EV7.9 (21364A)") UNAME_MACHINE="alphaev79" ;; esac # A Pn.n version is a patched version. # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` exit ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix exit ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 exit ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 exit ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos exit ;; *:[Mm]orph[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-morphos exit ;; *:OS/390:*:*) echo i370-ibm-openedition exit ;; *:z/VM:*:*) echo s390-ibm-zvmoe exit ;; *:OS400:*:*) echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; arm:riscos:*:*|arm:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp exit ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee at wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then echo pyramid-pyramid-sysv3 else echo pyramid-pyramid-bsd fi exit ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 exit ;; DRS?6000:unix:4.0:6*) echo sparc-icl-nx6 exit ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in sparc) echo sparc-icl-nx7; exit ;; esac ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; i86pc:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` exit ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} exit ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) echo m68k-sun-sunos${UNAME_RELEASE} ;; sun4) echo sparc-sun-sunos${UNAME_RELEASE} ;; esac exit ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} exit ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor # > m68000). The system name ranges from "MiNT" over "FreeMiNT" # to the lowercase version "mint" (or "freemint"). Finally # the system name "TOS" denotes a system which is actually not # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} exit ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 exit ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} exit ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} exit ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} exit ;; mips:*:*:UMIPS | mips:*:*:RISCos) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #if defined (host_mips) && defined (MIPSEB) #if defined (SYSTYPE_SYSV) printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_SVR4) printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); #endif #endif exit (-1); } EOF $CC_FOR_BUILD -o $dummy $dummy.c && dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && SYSTEM_NAME=`$dummy $dummyarg` && { echo "$SYSTEM_NAME"; exit; } echo mips-mips-riscos${UNAME_RELEASE} exit ;; Motorola:PowerMAX_OS:*:*) echo powerpc-motorola-powermax exit ;; Motorola:*:4.3:PL8-*) echo powerpc-harris-powermax exit ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) echo powerpc-harris-powermax exit ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix exit ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 exit ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 exit ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ [ ${TARGET_BINARY_INTERFACE}x = x ] then echo m88k-dg-dgux${UNAME_RELEASE} else echo m88k-dg-dguxbcs${UNAME_RELEASE} fi else echo i586-dg-dgux${UNAME_RELEASE} fi exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 exit ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 exit ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd exit ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` exit ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) echo i386-ibm-aix exit ;; ia64:AIX:*:*) if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} exit ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #include main() { if (!__power_pc()) exit(1); puts("powerpc-ibm-aix3.2.5"); exit(0); } EOF if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` then echo "$SYSTEM_NAME" else echo rs6000-ibm-aix3.2.5 fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi exit ;; *:AIX:*:[45]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 else IBM_ARCH=powerpc fi if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} exit ;; *:AIX:*:*) echo rs6000-ibm-aix exit ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 exit ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to exit ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx exit ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 exit ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd exit ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 exit ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in 9000/31? ) HP_ARCH=m68000 ;; 9000/[34]?? ) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "${sc_cpu_version}" in 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 case "${sc_kernel_bits}" in 32) HP_ARCH="hppa2.0n" ;; 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 esac ;; esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #define _HPUX_SOURCE #include #include int main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); #endif long cpu = sysconf (_SC_CPU_VERSION); switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0"); break; case CPU_PA_RISC1_1: puts ("hppa1.1"); break; case CPU_PA_RISC2_0: #if defined(_SC_KERNEL_BITS) switch (bits) { case 64: puts ("hppa2.0w"); break; case 32: puts ("hppa2.0n"); break; default: puts ("hppa2.0"); break; } break; #else /* !defined(_SC_KERNEL_BITS) */ puts ("hppa2.0"); break; #endif default: puts ("hppa1.0"); break; } exit (0); } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac if [ ${HP_ARCH} = "hppa2.0w" ] then eval $set_cc_for_build # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler # generating 64-bit code. GNU and HP use different nomenclature: # # $ CC_FOR_BUILD=cc ./config.guess # => hppa2.0w-hp-hpux11.23 # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess # => hppa64-hp-hpux11.23 if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | grep __LP64__ >/dev/null then HP_ARCH="hppa2.0w" else HP_ARCH="hppa64" fi fi echo ${HP_ARCH}-hp-hpux${HPUX_REV} exit ;; ia64:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` echo ia64-hp-hpux${HPUX_REV} exit ;; 3050*:HI-UX:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #include int main () { long cpu = sysconf (_SC_CPU_VERSION); /* The order matters, because CPU_IS_HP_MC68K erroneously returns true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct results, however. */ if (CPU_IS_PA_RISC (cpu)) { switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; default: puts ("hppa-hitachi-hiuxwe2"); break; } } else if (CPU_IS_HP_MC68K (cpu)) puts ("m68k-hitachi-hiuxwe2"); else puts ("unknown-hitachi-hiuxwe2"); exit (0); } EOF $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && { echo "$SYSTEM_NAME"; exit; } echo unknown-hitachi-hiuxwe2 exit ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd exit ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd exit ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) echo hppa1.0-hp-mpeix exit ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf exit ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf exit ;; i*86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi exit ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ -e 's/\.[^.]*$/.X/' exit ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; *:UNICOS/mp:*:*) echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} exit ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} exit ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; i*:windows32*:*) # uname -m includes "-pc" on this system. echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; x86:Interix*:[34]*) echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' exit ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? echo i586-pc-interix exit ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin exit ;; amd64:CYGWIN*:*:*) echo x86_64-unknown-cygwin exit ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin exit ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; *:GNU:*:*) # the GNU system echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; arm*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; cris:Linux:*:*) echo cris-axis-linux-gnu exit ;; crisv32:Linux:*:*) echo crisv32-axis-linux-gnu exit ;; frv:Linux:*:*) echo frv-unknown-linux-gnu exit ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; m32r*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; mips:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU #undef mips #undef mipsel #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) CPU=mipsel #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) CPU=mips #else CPU= #endif #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; mips64:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU #undef mips64 #undef mips64el #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) CPU=mips64el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) CPU=mips64 #else CPU= #endif #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; ppc:Linux:*:*) echo powerpc-unknown-linux-gnu exit ;; ppc64:Linux:*:*) echo powerpc64-unknown-linux-gnu exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; PCA57) UNAME_MACHINE=alphapca56 ;; EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in PA7*) echo hppa1.1-unknown-linux-gnu ;; PA8*) echo hppa2.0-unknown-linux-gnu ;; *) echo hppa-unknown-linux-gnu ;; esac exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) echo hppa64-unknown-linux-gnu exit ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux exit ;; sh64*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent # problems with other programs or directories called `ld' in the path. # Set LC_ALL=C to ensure ld outputs messages in English. ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ | sed -ne '/supported targets:/!d s/[ ][ ]*/ /g s/.*supported targets: *// s/ .*// p'` case "$ld_supported_targets" in elf32-i386) TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" ;; a.out-i386-linux) echo "${UNAME_MACHINE}-pc-linux-gnuaout" exit ;; coff-i386) echo "${UNAME_MACHINE}-pc-linux-gnucoff" exit ;; "") # Either a pre-BFD a.out linker (linux-gnuoldld) or # one that does not give us useful --help. echo "${UNAME_MACHINE}-pc-linux-gnuoldld" exit ;; esac # Determine whether the default compiler is a.out or elf eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #include #ifdef __ELF__ # ifdef __GLIBC__ # if __GLIBC__ >= 2 LIBC=gnu # else LIBC=gnulibc1 # endif # else LIBC=gnulibc1 # endif #else #ifdef __INTEL_COMPILER LIBC=gnu #else LIBC=gnuaout #endif #endif #ifdef __dietlibc__ LIBC=dietlibc #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` test x"${LIBC}" != x && { echo "${UNAME_MACHINE}-pc-linux-${LIBC}" exit } test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. echo ${UNAME_MACHINE}-pc-os2-emx exit ;; i*86:XTS-300:*:STOP) echo ${UNAME_MACHINE}-unknown-stop exit ;; i*86:atheos:*:*) echo ${UNAME_MACHINE}-unknown-atheos exit ;; i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable exit ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit ;; i*86:*DOS:*:*) echo ${UNAME_MACHINE}-pc-msdosdjgpp exit ;; i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi exit ;; i*86:*:5:[678]*) # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} exit ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ && UNAME_MACHINE=i586 (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ && UNAME_MACHINE=i686 (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 echo ${UNAME_MACHINE}-pc-sco$UNAME_REL else echo ${UNAME_MACHINE}-pc-sysv32 fi exit ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i386. echo i386-pc-msdosdjgpp exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; paragon:*:*:*) echo i860-intel-osf1 exit ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi exit ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv exit ;; mc68k:UNIX:SYSTEM5:3.51m) echo m68k-convergent-sysv exit ;; M680?0:D-NIX:5.3:*) echo m68k-diab-dnix exit ;; M68*:*:R3V[5678]*:*) test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && { echo i486-ncr-sysv4; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 exit ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} exit ;; rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} exit ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 exit ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 exit ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` echo ${UNAME_MACHINE}-sni-sysv4 else echo ns32k-sni-sysv fi exit ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 exit ;; *:*:*:FTX*) # From seanf at swdc.stratus.com. echo i860-stratus-sysv4 exit ;; i*86:VOS:*:*) # From Paul.Green at stratus.com. echo ${UNAME_MACHINE}-stratus-vos exit ;; *:VOS:*:*) # From Paul.Green at stratus.com. echo hppa1.1-stratus-vos exit ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} exit ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos exit ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} exit ;; SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown case $UNAME_PROCESSOR in *86) UNAME_PROCESSOR=i686 ;; unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = "x86"; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} exit ;; *:QNX:*:4*) echo i386-pc-qnx exit ;; NSE-?:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} exit ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux exit ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv exit ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} exit ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. if test "$cputype" = "386"; then UNAME_MACHINE=i386 else UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 exit ;; *:TOPS-10:*:*) echo pdp10-unknown-tops10 exit ;; *:TENEX:*:*) echo pdp10-unknown-tenex exit ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) echo pdp10-dec-tops20 exit ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) echo pdp10-xkl-tops20 exit ;; *:TOPS-20:*:*) echo pdp10-unknown-tops20 exit ;; *:ITS:*:*) echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; V*) echo vax-dec-vms ; exit ;; esac ;; *:XENIX:*:SysV) echo i386-pc-xenix exit ;; i*86:skyos:*:*) echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 eval $set_cc_for_build cat >$dummy.c < # include #endif main () { #if defined (sony) #if defined (MIPSEB) /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, I don't know.... */ printf ("mips-sony-bsd\n"); exit (0); #else #include printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 "4" #else "" #endif ); exit (0); #endif #endif #if defined (__arm) && defined (__acorn) && defined (__unix) printf ("arm-acorn-riscix\n"); exit (0); #endif #if defined (hp300) && !defined (hpux) printf ("m68k-hp-bsd\n"); exit (0); #endif #if defined (NeXT) #if !defined (__ARCHITECTURE__) #define __ARCHITECTURE__ "m68k" #endif int version; version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; if (version < 4) printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); else printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); exit (0); #endif #if defined (MULTIMAX) || defined (n16) #if defined (UMAXV) printf ("ns32k-encore-sysv\n"); exit (0); #else #if defined (CMU) printf ("ns32k-encore-mach\n"); exit (0); #else printf ("ns32k-encore-bsd\n"); exit (0); #endif #endif #endif #if defined (__386BSD__) printf ("i386-pc-bsd\n"); exit (0); #endif #if defined (sequent) #if defined (i386) printf ("i386-sequent-dynix\n"); exit (0); #endif #if defined (ns32000) printf ("ns32k-sequent-dynix\n"); exit (0); #endif #endif #if defined (_SEQUENT_) struct utsname un; uname(&un); if (strncmp(un.version, "V2", 2) == 0) { printf ("i386-sequent-ptx2\n"); exit (0); } if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ printf ("i386-sequent-ptx1\n"); exit (0); } printf ("i386-sequent-ptx\n"); exit (0); #endif #if defined (vax) # if !defined (ultrix) # include # if defined (BSD) # if BSD == 43 printf ("vax-dec-bsd4.3\n"); exit (0); # else # if BSD == 199006 printf ("vax-dec-bsd4.3reno\n"); exit (0); # else printf ("vax-dec-bsd\n"); exit (0); # endif # endif # else printf ("vax-dec-bsd\n"); exit (0); # endif # else printf ("vax-dec-ultrix\n"); exit (0); # endif #endif #if defined (alliant) && defined (i860) printf ("i860-alliant-bsd\n"); exit (0); #endif exit (1); } EOF $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && { echo "$SYSTEM_NAME"; exit; } # Apollos put the system type in the environment. test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } # Convex versions that predate uname can use getsysinfo(1) if [ -x /usr/convex/getsysinfo ] then case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd exit ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit ;; c34*) echo c34-convex-bsd exit ;; c38*) echo c38-convex-bsd exit ;; c4*) echo c4-convex-bsd exit ;; esac fi cat >&2 < in order to provide the needed information to handle your system. config.guess timestamp = $timestamp uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` /bin/uname -X = `(/bin/uname -X) 2>/dev/null` hostinfo = `(hostinfo) 2>/dev/null` /bin/universe = `(/bin/universe) 2>/dev/null` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` /bin/arch = `(/bin/arch) 2>/dev/null` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` UNAME_MACHINE = ${UNAME_MACHINE} UNAME_RELEASE = ${UNAME_RELEASE} UNAME_SYSTEM = ${UNAME_SYSTEM} UNAME_VERSION = ${UNAME_VERSION} EOF exit 1 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: --- NEW FILE config.sub --- #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, # 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. timestamp='2005-07-08' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software # can handle that machine. It does not imply ALL GNU software can. # # This file is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA # 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS $0 [OPTION] ALIAS Canonicalize a configuration name. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" exit 1 ;; *local*) # First pass through any local machine types. echo $1 exit ;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \ kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] then os=`echo $1 | sed 's/.*-/-/'` else os=; fi ;; esac ### Let's recognize common machines as not being operating systems so ### that things like config.sub decstation-3100 work. We also ### recognize some manufacturers as not being operating systems, so we ### can provide default operating systems below. case $os in -sun*os*) # Prevent following clause from handling this invalid input. ;; -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ -apple | -axis | -knuth | -cray) os= basic_machine=$1 ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 ;; -scout) ;; -wrs) os=-vxworks basic_machine=$1 ;; -chorusos*) os=-chorusos basic_machine=$1 ;; -chorusrdb) os=-chorusrdb basic_machine=$1 ;; -hiux*) os=-hiuxwe2 ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco4) os=-sco3.2v4 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2.[4-9]*) os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2v[4-9]*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -udk*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -isc) os=-isc2.2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -clix*) basic_machine=clipper-intergraph ;; -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -lynx*) os=-lynxos ;; -ptx*) basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` ;; -windowsnt*) os=`echo $os | sed -e 's/windowsnt/winnt/'` ;; -psos*) os=-psos ;; -mint | -mint[0-9]*) basic_machine=m68k-atari os=-mint ;; esac # Decode aliases for certain CPU-COMPANY combinations. case $basic_machine in # Recognize the basic CPU types without company name. # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ | mips64vr | mips64vrel \ | mips64orion | mips64orionel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | ms1 \ | msp430 \ | ns16k | ns32k \ | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b \ | strongarm \ | tahoe | thumb | tic4x | tic80 | tron \ | v850 | v850e \ | we32k \ | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \ | z8k) basic_machine=$basic_machine-unknown ;; m32c) basic_machine=$basic_machine-unknown ;; m6811 | m68hc11 | m6812 | m68hc12) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. i*86 | x86_64) basic_machine=$basic_machine-pc ;; # Object if more than one company name word. *-*-*) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ | m88110-* | m88k-* | maxq-* | mcore-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ | mips64vr-* | mips64vrel-* \ | mips64orion-* | mips64orionel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | ms1-* \ | msp430-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \ | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ | tahoe-* | thumb-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tron-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \ | xstormy16-* | xtensa-* \ | ymp-* \ | z8k-*) ;; m32c-*) ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) basic_machine=i386-unknown os=-bsd ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) basic_machine=m68000-att ;; 3b*) basic_machine=we32k-att ;; a29khif) basic_machine=a29k-amd os=-udi ;; abacus) basic_machine=abacus-unknown ;; adobe68k) basic_machine=m68010-adobe os=-scout ;; alliant | fx80) basic_machine=fx80-alliant ;; altos | altos3068) basic_machine=m68k-altos ;; am29k) basic_machine=a29k-none os=-bsd ;; amd64) basic_machine=x86_64-pc ;; amd64-*) basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; amdahl) basic_machine=580-amdahl os=-sysv ;; amiga | amiga-*) basic_machine=m68k-unknown ;; amigaos | amigados) basic_machine=m68k-unknown os=-amigaos ;; amigaunix | amix) basic_machine=m68k-unknown os=-sysv4 ;; apollo68) basic_machine=m68k-apollo os=-sysv ;; apollo68bsd) basic_machine=m68k-apollo os=-bsd ;; aux) basic_machine=m68k-apple os=-aux ;; balance) basic_machine=ns32k-sequent os=-dynix ;; c90) basic_machine=c90-cray os=-unicos ;; convex-c1) basic_machine=c1-convex os=-bsd ;; convex-c2) basic_machine=c2-convex os=-bsd ;; convex-c32) basic_machine=c32-convex os=-bsd ;; convex-c34) basic_machine=c34-convex os=-bsd ;; convex-c38) basic_machine=c38-convex os=-bsd ;; cray | j90) basic_machine=j90-cray os=-unicos ;; craynv) basic_machine=craynv-cray os=-unicosmp ;; cr16c) basic_machine=cr16c-unknown os=-elf ;; crds | unos) basic_machine=m68k-crds ;; crisv32 | crisv32-* | etraxfs*) basic_machine=crisv32-axis ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; crx) basic_machine=crx-unknown os=-elf ;; da30 | da30-*) basic_machine=m68k-da30 ;; decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; decsystem10* | dec10*) basic_machine=pdp10-dec os=-tops10 ;; decsystem20* | dec20*) basic_machine=pdp10-dec os=-tops20 ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola ;; delta88) basic_machine=m88k-motorola os=-sysv3 ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx ;; dpx2* | dpx2*-bull) basic_machine=m68k-bull os=-sysv3 ;; ebmon29k) basic_machine=a29k-amd os=-ebmon ;; elxsi) basic_machine=elxsi-elxsi os=-bsd ;; encore | umax | mmax) basic_machine=ns32k-encore ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson os=-ose ;; fx2800) basic_machine=i860-alliant ;; genix) basic_machine=ns32k-ns ;; gmicro) basic_machine=tron-gmicro os=-sysv ;; go32) basic_machine=i386-pc os=-go32 ;; h3050r* | hiux*) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; h8300hms) basic_machine=h8300-hitachi os=-hms ;; h8300xray) basic_machine=h8300-hitachi os=-xray ;; h8500hms) basic_machine=h8500-hitachi os=-hms ;; harris) basic_machine=m88k-harris os=-sysv3 ;; hp300-*) basic_machine=m68k-hp ;; hp300bsd) basic_machine=m68k-hp os=-bsd ;; hp300hpux) basic_machine=m68k-hp os=-hpux ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) basic_machine=m68000-hp ;; hp9k3[2-9][0-9]) basic_machine=m68k-hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) basic_machine=hppa1.1-hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) basic_machine=hppa1.1-hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) basic_machine=hppa1.0-hp ;; hppa-next) os=-nextstep3 ;; hppaosf) basic_machine=hppa1.1-hp os=-osf ;; hppro) basic_machine=hppa1.1-hp os=-proelf ;; i370-ibm* | ibm*) basic_machine=i370-ibm ;; # I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 ;; i*86v4*) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv4 ;; i*86v) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv ;; i*86sol2) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-solaris2 ;; i386mach) basic_machine=i386-mach os=-mach ;; i386-vsta | vsta) basic_machine=i386-unknown os=-vsta ;; iris | iris4d) basic_machine=mips-sgi case $os in -irix*) ;; *) os=-irix4 ;; esac ;; isi68 | isi) basic_machine=m68k-isi os=-sysv ;; m88k-omron*) basic_machine=m88k-omron ;; magnum | m3230) basic_machine=mips-mips os=-sysv ;; merlin) basic_machine=ns32k-utek os=-sysv ;; mingw32) basic_machine=i386-pc os=-mingw32 ;; miniframe) basic_machine=m68000-convergent ;; *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) basic_machine=m68k-atari os=-mint ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown ;; monitor) basic_machine=m68k-rom68k os=-coff ;; morphos) basic_machine=powerpc-unknown os=-morphos ;; msdos) basic_machine=i386-pc os=-msdos ;; mvs) basic_machine=i370-ibm os=-mvs ;; ncr3000) basic_machine=i486-ncr os=-sysv4 ;; netbsd386) basic_machine=i386-unknown os=-netbsd ;; netwinder) basic_machine=armv4l-rebel os=-linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony os=-newsos ;; news1000) basic_machine=m68030-sony os=-newsos ;; news-3600 | risc-news) basic_machine=mips-sony os=-newsos ;; necv70) basic_machine=v70-nec os=-sysv ;; next | m*-next ) basic_machine=m68k-next case $os in -nextstep* ) ;; -ns2*) os=-nextstep2 ;; *) os=-nextstep3 ;; esac ;; nh3000) basic_machine=m68k-harris os=-cxux ;; nh[45]000) basic_machine=m88k-harris os=-cxux ;; nindy960) basic_machine=i960-intel os=-nindy ;; mon960) basic_machine=i960-intel os=-mon960 ;; nonstopux) basic_machine=mips-compaq os=-nonstopux ;; np1) basic_machine=np1-gould ;; nsr-tandem) basic_machine=nsr-tandem ;; op50n-* | op60c-*) basic_machine=hppa1.1-oki os=-proelf ;; openrisc | openrisc-*) basic_machine=or32-unknown ;; os400) basic_machine=powerpc-ibm os=-os400 ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose ;; os68k) basic_machine=m68k-none os=-os68k ;; pa-hitachi) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; paragon) basic_machine=i860-intel os=-osf ;; pbd) basic_machine=sparc-tti ;; pbb) basic_machine=m68k-tti ;; pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; pentiumpro | p6 | 6x86 | athlon | athlon_*) basic_machine=i686-pc ;; pentiumii | pentium2 | pentiumiii | pentium3) basic_machine=i686-pc ;; pentium4) basic_machine=i786-pc ;; pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentium4-*) basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown ;; ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ps2) basic_machine=i386-ibm ;; pw32) basic_machine=i586-unknown os=-pw32 ;; rom68k) basic_machine=m68k-rom68k os=-coff ;; rm[46]00) basic_machine=mips-siemens ;; rtpc | rtpc-*) basic_machine=romp-ibm ;; s390 | s390-*) basic_machine=s390-ibm ;; s390x | s390x-*) basic_machine=s390x-ibm ;; sa29200) basic_machine=a29k-amd os=-udi ;; sb1) basic_machine=mipsisa64sb1-unknown ;; sb1el) basic_machine=mipsisa64sb1el-unknown ;; sei) basic_machine=mips-sei os=-seiux ;; sequent) basic_machine=i386-sequent ;; sh) basic_machine=sh-hitachi os=-hms ;; sh64) basic_machine=sh64-unknown ;; sparclite-wrs | simso-wrs) basic_machine=sparclite-wrs os=-vxworks ;; sps7) basic_machine=m68k-bull os=-sysv2 ;; spur) basic_machine=spur-unknown ;; st2000) basic_machine=m68k-tandem ;; stratus) basic_machine=i860-stratus os=-sysv4 ;; sun2) basic_machine=m68000-sun ;; sun2os3) basic_machine=m68000-sun os=-sunos3 ;; sun2os4) basic_machine=m68000-sun os=-sunos4 ;; sun3os3) basic_machine=m68k-sun os=-sunos3 ;; sun3os4) basic_machine=m68k-sun os=-sunos4 ;; sun4os3) basic_machine=sparc-sun os=-sunos3 ;; sun4os4) basic_machine=sparc-sun os=-sunos4 ;; sun4sol2) basic_machine=sparc-sun os=-solaris2 ;; sun3 | sun3-*) basic_machine=m68k-sun ;; sun4) basic_machine=sparc-sun ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun ;; sv1) basic_machine=sv1-cray os=-unicos ;; symmetry) basic_machine=i386-sequent os=-dynix ;; t3e) basic_machine=alphaev5-cray os=-unicos ;; t90) basic_machine=t90-cray os=-unicos ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff ;; tic55x | c55x*) basic_machine=tic55x-unknown os=-coff ;; tic6x | c6x*) basic_machine=tic6x-unknown os=-coff ;; tx39) basic_machine=mipstx39-unknown ;; tx39el) basic_machine=mipstx39el-unknown ;; toad1) basic_machine=pdp10-xkl os=-tops20 ;; tower | tower-32) basic_machine=m68k-ncr ;; tpf) basic_machine=s390x-ibm os=-tpf ;; udi29k) basic_machine=a29k-amd os=-udi ;; ultra3) basic_machine=a29k-nyu os=-sym1 ;; v810 | necv810) basic_machine=v810-nec os=-none ;; vaxv) basic_machine=vax-dec os=-sysv ;; vms) basic_machine=vax-dec os=-vms ;; vpp*|vx|vx-*) basic_machine=f301-fujitsu ;; vxworks960) basic_machine=i960-wrs os=-vxworks ;; vxworks68) basic_machine=m68k-wrs os=-vxworks ;; vxworks29k) basic_machine=a29k-wrs os=-vxworks ;; w65*) basic_machine=w65-wdc os=-none ;; w89k-*) basic_machine=hppa1.1-winbond os=-proelf ;; xbox) basic_machine=i686-pc os=-mingw32 ;; xps | xps100) basic_machine=xps100-honeywell ;; ymp) basic_machine=ymp-cray os=-unicos ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim ;; none) basic_machine=none-none os=-none ;; # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) basic_machine=hppa1.1-winbond ;; op50n) basic_machine=hppa1.1-oki ;; op60c) basic_machine=hppa1.1-oki ;; romp) basic_machine=romp-ibm ;; mmix) basic_machine=mmix-knuth ;; rs6000) basic_machine=rs6000-ibm ;; vax) basic_machine=vax-dec ;; pdp10) # there are many clones, so DEC is not a safe bet basic_machine=pdp10-unknown ;; pdp11) basic_machine=pdp11-dec ;; we32k) basic_machine=we32k-att ;; sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; sparc | sparcv8 | sparcv9 | sparcv9b) basic_machine=sparc-sun ;; cydra) basic_machine=cydra-cydrome ;; orion) basic_machine=orion-highlevel ;; orion105) basic_machine=clipper-highlevel ;; mac | mpw | mac-mpw) basic_machine=m68k-apple ;; pmac | pmac-mpw) basic_machine=powerpc-apple ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; *) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; esac # Here we canonicalize certain aliases for manufacturers. case $basic_machine in *-digital*) basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` ;; *-commodore*) basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if [ x"$os" != x"" ] then case $os in # First match some system type aliases # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; -solaris) os=-solaris2 ;; -svr4*) os=-sysv4 ;; -unixware*) os=-sysv4.2uw ;; -gnu/linux*) os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` ;; # First accept the basic system types. # The portable systems comes first. # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ | -skyos* | -haiku*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) case $basic_machine in x86-* | i*86-*) ;; *) os=-nto$os ;; esac ;; -nto-qnx*) ;; -nto*) os=`echo $os | sed -e 's|nto|nto-qnx|'` ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo $os | sed -e 's|mac|macos|'` ;; -linux-dietlibc) os=-linux-dietlibc ;; -linux*) os=`echo $os | sed -e 's|linux|linux-gnu|'` ;; -sunos5*) os=`echo $os | sed -e 's|sunos5|solaris2|'` ;; -sunos6*) os=`echo $os | sed -e 's|sunos6|solaris3|'` ;; -opened*) os=-openedition ;; -os400*) os=-os400 ;; -wince*) os=-wince ;; -osfrose*) os=-osfrose ;; -osf*) os=-osf ;; -utek*) os=-bsd ;; -dynix*) os=-bsd ;; -acis*) os=-aos ;; -atheos*) os=-atheos ;; -syllable*) os=-syllable ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; -nova*) os=-rtmk-nova ;; -ns2 ) os=-nextstep2 ;; -nsk*) os=-nsk ;; # Preserve the version number of sinix5. -sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` ;; -sinix*) os=-sysv4 ;; -tpf*) os=-tpf ;; -triton*) os=-sysv3 ;; -oss*) os=-sysv3 ;; -svr4) os=-sysv4 ;; -svr3) os=-sysv3 ;; -sysvr4) os=-sysv4 ;; # This must come after -sysvr4. -sysv*) ;; -ose*) os=-ose ;; -es1800*) os=-ose ;; -xenix) os=-xenix ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) os=-mint ;; -aros*) os=-aros ;; -kaos*) os=-kaos ;; -zvmoe) os=-zvmoe ;; -none) ;; *) # Get rid of the `-' at the beginning of $os. os=`echo $os | sed 's/[^-]*-//'` echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 exit 1 ;; esac else # Here we handle the default operating systems that come with various machines. # The value should be what the vendor currently ships out the door with their # machine or put another way, the most popular os provided with the machine. # Note that if you're going to try to match "-MANUFACTURER" here (say, # "-sun"), then you have to tell the case statement up towards the top # that MANUFACTURER isn't an operating system. Otherwise, code above # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. case $basic_machine in *-acorn) os=-riscix1.2 ;; arm*-rebel) os=-linux ;; arm*-semi) os=-aout ;; c4x-* | tic4x-*) os=-coff ;; # This must come before the *-dec entry. pdp10-*) os=-tops20 ;; pdp11-*) os=-none ;; *-dec | vax-*) os=-ultrix4.2 ;; m68*-apollo) os=-domain ;; i386-sun) os=-sunos4.0.2 ;; m68000-sun) os=-sunos3 # This also exists in the configure program, but was not the # default. # os=-sunos4 ;; m68*-cisco) os=-aout ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; or32-*) os=-coff ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; sparc-* | *-sun) os=-sunos4.1.1 ;; *-be) os=-beos ;; *-haiku) os=-haiku ;; *-ibm) os=-aix ;; *-knuth) os=-mmixware ;; *-wec) os=-proelf ;; *-winbond) os=-proelf ;; *-oki) os=-proelf ;; *-hp) os=-hpux ;; *-hitachi) os=-hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) os=-sysv ;; *-cbm) os=-amigaos ;; *-dg) os=-dgux ;; *-dolphin) os=-sysv3 ;; m68k-ccur) os=-rtu ;; m88k-omron*) os=-luna ;; *-next ) os=-nextstep ;; *-sequent) os=-ptx ;; *-crds) os=-unos ;; *-ns) os=-genix ;; i370-*) os=-mvs ;; *-next) os=-nextstep3 ;; *-gould) os=-sysv ;; *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; *-sgi) os=-irix ;; *-siemens) os=-sysv4 ;; *-masscomp) os=-rtu ;; f30[01]-fujitsu | f700-fujitsu) os=-uxpv ;; *-rom68k) os=-coff ;; *-*bug) os=-coff ;; *-apple) os=-macos ;; *-atari*) os=-mint ;; *) os=-none ;; esac fi # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. vendor=unknown case $basic_machine in *-unknown) case $os in -riscix*) vendor=acorn ;; -sunos*) vendor=sun ;; -aix*) vendor=ibm ;; -beos*) vendor=be ;; -hpux*) vendor=hp ;; -mpeix*) vendor=hp ;; -hiux*) vendor=hitachi ;; -unos*) vendor=crds ;; -dgux*) vendor=dg ;; -luna*) vendor=omron ;; -genix*) vendor=ns ;; -mvs* | -opened*) vendor=ibm ;; -os400*) vendor=ibm ;; -ptx*) vendor=sequent ;; -tpf*) vendor=ibm ;; -vxsim* | -vxworks* | -windiss*) vendor=wrs ;; -aux*) vendor=apple ;; -hms*) vendor=hitachi ;; -mpw* | -macos*) vendor=apple ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) vendor=atari ;; -vos*) vendor=stratus ;; esac basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` ;; esac echo $basic_machine$os exit # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: --- NEW FILE ltmain.sh --- # ltmain.sh - Provide generalized library-building support services. # NOTE: Changing this file will not affect anything until you rerun configure. # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005 # Free Software Foundation, Inc. # Originally by Gordon Matzigkeit , 1996 # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. basename="s,^.*/,,g" # Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh # is ksh but when the shell is invoked as "sh" and the current value of # the _XPG environment variable is not equal to 1 (one), the special # positional parameter $0, within a function call, is the name of the # function. progpath="$0" # The name of this program: progname=`echo "$progpath" | $SED $basename` modename="$progname" # Global variables: EXIT_SUCCESS=0 EXIT_FAILURE=1 PROGRAM=ltmain.sh PACKAGE=libtool VERSION=1.5.22 TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)" # Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE). if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac fi # Check that we have a working $echo. if test "X$1" = X--no-reexec; then # Discard the --no-reexec flag, and continue. shift elif test "X$1" = X--fallback-echo; then # Avoid inline document here, it may be left over : elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then # Yippee, $echo works! : else # Restart under the correct shell, and then maybe $echo will work. exec $SHELL "$progpath" --no-reexec ${1+"$@"} fi if test "X$1" = X--fallback-echo; then # used as fallback echo shift cat <&2 $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 exit $EXIT_FAILURE fi # Global variables. mode=$default_mode nonopt= prev= prevopt= run= show="$echo" show_help= execute_dlfiles= duplicate_deps=no preserve_args= lo2o="s/\\.lo\$/.${objext}/" o2lo="s/\\.${objext}\$/.lo/" extracted_archives= extracted_serial=0 ##################################### # Shell function definitions: # This seems to be the best place for them # func_mktempdir [string] # Make a temporary directory that won't clash with other running # libtool processes, and avoids race conditions if possible. If # given, STRING is the basename for that directory. func_mktempdir () { my_template="${TMPDIR-/tmp}/${1-$progname}" if test "$run" = ":"; then # Return a directory name, but don't create it in dry-run mode my_tmpdir="${my_template}-$$" else # If mktemp works, use that first and foremost my_tmpdir=`mktemp -d "${my_template}-XXXXXXXX" 2>/dev/null` if test ! -d "$my_tmpdir"; then # Failing that, at least try and use $RANDOM to avoid a race my_tmpdir="${my_template}-${RANDOM-0}$$" save_mktempdir_umask=`umask` umask 0077 $mkdir "$my_tmpdir" umask $save_mktempdir_umask fi # If we're not in dry-run mode, bomb out on failure test -d "$my_tmpdir" || { $echo "cannot create temporary directory \`$my_tmpdir'" 1>&2 exit $EXIT_FAILURE } fi $echo "X$my_tmpdir" | $Xsed } # func_win32_libid arg # return the library type of file 'arg' # # Need a lot of goo to handle *both* DLLs and import libs # Has to be a shell function in order to 'eat' the argument # that is supplied when $file_magic_command is called. func_win32_libid () { win32_libid_type="unknown" [...6512 lines suppressed...] compile compile a source file into a libtool object execute automatically set library path, then run a program finish complete the installation of libtool libraries install install libraries or executables link create a library or an executable uninstall remove libraries from an installed directory MODE-ARGS vary depending on the MODE. Try \`$modename --help --mode=MODE' for a more detailed description of MODE. Report bugs to ." exit $EXIT_SUCCESS ;; clean) $echo \ "Usage: $modename [OPTION]... --mode=clean RM [RM-OPTION]... FILE... Remove files from the build directory. RM is the name of the program to use to delete files associated with each FILE (typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed to RM. If FILE is a libtool library, object or program, all the files associated with it are deleted. Otherwise, only FILE itself is deleted using RM." ;; compile) $echo \ "Usage: $modename [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE Compile a source file into a libtool library object. This mode accepts the following additional options: -o OUTPUT-FILE set the output file name to OUTPUT-FILE -prefer-pic try to building PIC objects only -prefer-non-pic try to building non-PIC objects only -static always build a \`.o' file suitable for static linking COMPILE-COMMAND is a command to be used in creating a \`standard' object file from the given SOURCEFILE. The output file name is determined by removing the directory component from SOURCEFILE, then substituting the C source code suffix \`.c' with the library object suffix, \`.lo'." ;; execute) $echo \ "Usage: $modename [OPTION]... --mode=execute COMMAND [ARGS]... Automatically set library path, then run a program. This mode accepts the following additional options: -dlopen FILE add the directory containing FILE to the library path This mode sets the library path environment variable according to \`-dlopen' flags. If any of the ARGS are libtool executable wrappers, then they are translated into their corresponding uninstalled binary, and any of their required library directories are added to the library path. Then, COMMAND is executed, with ARGS as arguments." ;; finish) $echo \ "Usage: $modename [OPTION]... --mode=finish [LIBDIR]... Complete the installation of libtool libraries. Each LIBDIR is a directory that contains libtool libraries. The commands that this mode executes may require superuser privileges. Use the \`--dry-run' option if you just want to see what would be executed." ;; install) $echo \ "Usage: $modename [OPTION]... --mode=install INSTALL-COMMAND... Install executables or libraries. INSTALL-COMMAND is the installation command. The first component should be either the \`install' or \`cp' program. The rest of the components are interpreted as arguments to that command (only BSD-compatible install options are recognized)." ;; link) $echo \ "Usage: $modename [OPTION]... --mode=link LINK-COMMAND... Link object files or libraries together to form another library, or to create an executable program. LINK-COMMAND is a command using the C compiler that you would use to create a program from several object files. The following components of LINK-COMMAND are treated specially: -all-static do not do any dynamic linking at all -avoid-version do not add a version suffix if possible -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) -export-symbols SYMFILE try to export only the symbols listed in SYMFILE -export-symbols-regex REGEX try to export only the symbols matching REGEX -LLIBDIR search LIBDIR for required installed libraries -lNAME OUTPUT-FILE requires the installed library libNAME -module build a library that can dlopened -no-fast-install disable the fast-install mode -no-install link a not-installable executable -no-undefined declare that a library does not refer to external symbols -o OUTPUT-FILE create OUTPUT-FILE from the specified objects -objectlist FILE Use a list of object files found in FILE to specify objects -precious-files-regex REGEX don't remove output files matching REGEX -release RELEASE specify package release information -rpath LIBDIR the created library will eventually be installed in LIBDIR -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries -static do not do any dynamic linking of uninstalled libtool libraries -static-libtool-libs do not do any dynamic linking of libtool libraries -version-info CURRENT[:REVISION[:AGE]] specify library version info [each variable defaults to 0] All other options (arguments beginning with \`-') are ignored. Every other argument is treated as a filename. Files ending in \`.la' are treated as uninstalled libtool libraries, other files are standard or library object files. If the OUTPUT-FILE ends in \`.la', then a libtool library is created, only library objects (\`.lo' files) may be specified, and \`-rpath' is required, except when creating a convenience library. If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created using \`ar' and \`ranlib', or on Windows using \`lib'. If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file is created, otherwise an executable program is created." ;; uninstall) $echo \ "Usage: $modename [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... Remove libraries from an installation directory. RM is the name of the program to use to delete files associated with each FILE (typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed to RM. If FILE is a libtool library, all the files associated with it are deleted. Otherwise, only FILE itself is deleted using RM." ;; *) $echo "$modename: invalid operation mode \`$mode'" 1>&2 $echo "$help" 1>&2 exit $EXIT_FAILURE ;; esac $echo $echo "Try \`$modename --help' for more information about other modes." exit $? # The TAGs below are defined such that we never get into a situation # in which we disable both kinds of libraries. Given conflicting # choices, we go for a static library, that is the most portable, # since we can't tell whether shared libraries were disabled because # the user asked for that or because the platform doesn't support # them. This is particularly important on AIX, because we don't # support having both static and shared libraries enabled at the same # time on that platform, so we default to a shared-only configuration. # If a disable-shared tag is given, we'll fallback to a static-only # configuration. But we'll never go from static-only to shared-only. # ### BEGIN LIBTOOL TAG CONFIG: disable-shared disable_libs=shared # ### END LIBTOOL TAG CONFIG: disable-shared # ### BEGIN LIBTOOL TAG CONFIG: disable-static disable_libs=static # ### END LIBTOOL TAG CONFIG: disable-static # Local Variables: # mode:shell-script # sh-indentation:2 # End: Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.am,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- Makefile.am 2 Jun 2006 22:57:17 -0000 1.2 +++ Makefile.am 10 Jan 2008 01:19:36 -0000 1.3 @@ -21,22 +21,42 @@ # look for included m4 files in the ./m4/ directory ACLOCAL_AMFLAGS = -I m4 -cgibindir = @cgibindir@ -htmldir = @htmldir@ -pbhtmldir = @pbhtmldir@ +instconfigdir = @instconfigdir@ +cgibindir = $(libdir)@cgibindir@ +htmldir = $(datadir)@htmldir@ +pbhtmldir = $(datadir)@pbhtmldir@ # config is a bit of a misnomer - these are really configurable templates -configdir = @configdir@ -pbconfigdir = @pbconfigdir@ +configdir = $(datadir)@configdir@ +pbconfigdir = $(datadir)@pbconfigdir@ +propertydir=$(datadir)@propertydir@ # the context dir is where the application specific config files go -contextdir = @contextdir@ +contextdir = $(instconfigdir)@contextdir@ +securitydir=$(instconfigdir)@securitydir@ +# relative to $localstatedir +cookiedir=$(localstatedir)@cookiedir@ -DSGW_VER_STR := "Fedora-Directory-Gateway/1.0.2" +DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)" -DEFS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" - -INCLUDES = @adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ +AM_CPPFLAGS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" $(DEBUG_DEFINES) @adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ \ + -I$(srcdir)/include -I$(srcdir)/include/base +if WINNT +AM_CPPFLAGS += -DXP_WINNT +else +AM_CPPFLAGS += -DXP_UNIX +endif -LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ @icu_lib@ -licui18n -licuuc -licudata @ldapsdk_lib@ -lssldap50 -lprldap50 -lldap50 @nss_lib@ -lssl3 -lnss3 @nspr_lib@ -lnspr4 -lplc4 +AM_CPPFLAGS +=-DPROPERTYDIR=\"$(propertydir)\" \ + -DHTMLDIR=\"$(htmldir)\" -DCOOKIEDIR=\"$(cookiedir)\" \ + -DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \ + -DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \ + -DINSTCONFIGDIR=\"$(instconfigdir)\" -DMANUALDIR=\"$(manualdir)\" + +LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ \ + @icu_lib@ -licui18n -licuuc -licudata \ + @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60 \ + @sasl_lib@ -lsasl2 \ + @nss_lib@ -lsmime3 -lssl3 -lnss3 -lsoftokn3 \ + @nspr_lib@ -lplds4 -lplc4 -lnspr4 # these are programs which we do not want to link with nss NEED_SECGLUE = unauth search csearch newentry tutor lang @@ -56,9 +76,6 @@ COMMON_SOURCES = htmlout.c htmlparse.c error.c cgiutil.c dsgwutil.c ldaputil.c \ entrydisplay.c config.c cookie.c emitauth.c emitf.c collate.c vcard.c \ Versiongw.c utf8compare.c dsgwgetlang.c -if NEED_LDIF -COMMON_SOURCES += line64.c fileurl.c -endif unauth_SOURCES = unauth.c $(COMMON_SOURCES) secglue.c search_SOURCES = search.c $(COMMON_SOURCES) secglue.c @@ -147,7 +164,7 @@ pbconfig/dsgwfilter.conf pbconfig/pb.tmpl nodist_context_DATA = dsgw-httpd.conf -nodist_context_SCRIPTS = setup +#nodist_context_SCRIPTS = setup-dirsrv-gw # add more here for localized bundles nodist_property_DATA = dsgw_root.res @@ -158,7 +175,7 @@ if WINNT ICU_GENRB = @icu_bin@/genrb.exe else -ICU_GENRB = sh genrb_wrapper.sh @icu_bin@ @icu_lib@ +ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@ endif # The root resource bundle is based on English (en) locale; @@ -190,3 +207,38 @@ %_de.res : %_de.properties $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ + +# these are for the config files and scripts that we need to generate and replace +# the paths and other tokens with the real values set during configure/make +# note that we cannot just use AC_OUTPUT to do this for us, since it will do things like this: +# ADMConfigDir = ${prefix}/etc/packagename +# i.e. it literally copies in '${prefix}' rather than expanding it out - we want this instead: +# ADMConfigDir = /etc/packagename +fixupcmd = sed \ + -e 's, at bindir\@,$(bindir),g' \ + -e 's, at sbindir\@,$(sbindir),g' \ + -e 's, at localstatedir\@,$(localstatedir),g' \ + -e 's, at cgibindir\@,$(cgibindir),g' \ + -e 's, at cgiuri\@,$(cgiuri),g' \ + -e 's, at cmdbindir\@,$(cmdbindir),g' \ + -e 's, at propertydir\@,$(propertydir),g' \ + -e 's, at htmldir\@,$(htmldir),g' \ + -e 's, at pbhtmldir\@,$(pbhtmldir),g' \ + -e 's, at configdir\@,$(configdir),g' \ + -e 's, at pbconfigdir\@,$(pbconfigdir),g' \ + -e 's, at contextdir\@,$(contextdir),g' \ + -e 's, at securitydir\@,$(securitydir),g' \ + -e 's, at instconfigdir\@,$(instconfigdir),g' \ + -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \ + -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \ + -e 's, at package_name\@,$(PACKAGE_NAME),g' \ + -e 's, at PACKAGE_BASE_NAME\@,$(PACKAGE_BASE_NAME),g' \ + -e 's, at PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \ + -e 's, at PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \ + -e 's, at brand\@,$(brand),g' \ + -e 's, at capbrand\@,$(capbrand),g' \ + -e 's, at vendor\@,$(vendor),g' + +% : %.in + if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi + $(fixupcmd) $< > $@ Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.in,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- Makefile.in 2 Jun 2006 22:57:17 -0000 1.2 +++ Makefile.in 10 Jan 2008 01:19:36 -0000 1.3 @@ -35,7 +35,6 @@ # END COPYRIGHT BLOCK - srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ @@ -56,21 +55,24 @@ NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ + at WINNT_TRUE@am__append_1 = -DXP_WINNT + at WINNT_FALSE@am__append_2 = -DXP_UNIX cgibin_PROGRAMS = auth$(EXEEXT) doauth$(EXEEXT) edit$(EXEEXT) \ domodify$(EXEEXT) dnedit$(EXEEXT) dosearch$(EXEEXT) \ $(am__EXEEXT_1) noinst_PROGRAMS = propmaker$(EXEEXT) - at NEED_LDIF_TRUE@am__append_1 = line64.c fileurl.c -subdir = . DIST_COMMON = README $(am__configure_deps) $(dist_config_DATA) \ $(dist_html_DATA) $(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \ $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(srcdir)/config-h.in $(srcdir)/dsgw-httpd.conf.in \ - $(srcdir)/setup.in $(top_srcdir)/configure AUTHORS ChangeLog \ - NEWS depcomp install-sh missing + $(srcdir)/config.h.in $(top_srcdir)/configure AUTHORS \ + ChangeLog NEWS compile config.guess config.sub depcomp \ + install-sh ltmain.sh missing +subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/httpd.m4 \ - $(top_srcdir)/m4/nspr.m4 $(top_srcdir)/m4/nss.m4 \ +am__aclocal_m4_deps = $(top_srcdir)/m4/fhs.m4 $(top_srcdir)/m4/nspr.m4 \ + $(top_srcdir)/m4/nss.m4 $(top_srcdir)/m4/sasl.m4 \ $(top_srcdir)/m4/mozldap.m4 $(top_srcdir)/m4/icu.m4 \ $(top_srcdir)/m4/adminutil.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ @@ -79,134 +81,85 @@ configure.lineno configure.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = setup dsgw-httpd.conf +CONFIG_CLEAN_FILES = am__EXEEXT_1 = unauth$(EXEEXT) search$(EXEEXT) csearch$(EXEEXT) \ newentry$(EXEEXT) tutor$(EXEEXT) lang$(EXEEXT) -am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(contextdir)" \ - "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" \ - "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" \ - "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)" +am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" \ + "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(pbconfigdir)" \ + "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" \ + "$(DESTDIR)$(propertydir)" cgibinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) PROGRAMS = $(cgibin_PROGRAMS) $(noinst_PROGRAMS) -am__auth_SOURCES_DIST = auth.c htmlout.c htmlparse.c error.c cgiutil.c \ - dsgwutil.c ldaputil.c entrydisplay.c config.c cookie.c \ - emitauth.c emitf.c collate.c vcard.c Versiongw.c utf8compare.c \ - dsgwgetlang.c line64.c fileurl.c - at NEED_LDIF_TRUE@am__objects_1 = line64.$(OBJEXT) fileurl.$(OBJEXT) -am__objects_2 = htmlout.$(OBJEXT) htmlparse.$(OBJEXT) error.$(OBJEXT) \ +am__objects_1 = htmlout.$(OBJEXT) htmlparse.$(OBJEXT) error.$(OBJEXT) \ cgiutil.$(OBJEXT) dsgwutil.$(OBJEXT) ldaputil.$(OBJEXT) \ entrydisplay.$(OBJEXT) config.$(OBJEXT) cookie.$(OBJEXT) \ emitauth.$(OBJEXT) emitf.$(OBJEXT) collate.$(OBJEXT) \ vcard.$(OBJEXT) Versiongw.$(OBJEXT) utf8compare.$(OBJEXT) \ - dsgwgetlang.$(OBJEXT) $(am__objects_1) -am_auth_OBJECTS = auth.$(OBJEXT) $(am__objects_2) + dsgwgetlang.$(OBJEXT) +am_auth_OBJECTS = auth.$(OBJEXT) $(am__objects_1) auth_OBJECTS = $(am_auth_OBJECTS) auth_LDADD = $(LDADD) -am__csearch_SOURCES_DIST = csearch.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c secglue.c -am_csearch_OBJECTS = csearch.$(OBJEXT) $(am__objects_2) \ +am_csearch_OBJECTS = csearch.$(OBJEXT) $(am__objects_1) \ secglue.$(OBJEXT) csearch_OBJECTS = $(am_csearch_OBJECTS) csearch_LDADD = $(LDADD) -am__dnedit_SOURCES_DIST = dnedit.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c -am_dnedit_OBJECTS = dnedit.$(OBJEXT) $(am__objects_2) +am_dnedit_OBJECTS = dnedit.$(OBJEXT) $(am__objects_1) dnedit_OBJECTS = $(am_dnedit_OBJECTS) dnedit_LDADD = $(LDADD) -am__doauth_SOURCES_DIST = doauth.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c -am_doauth_OBJECTS = doauth.$(OBJEXT) $(am__objects_2) +am_doauth_OBJECTS = doauth.$(OBJEXT) $(am__objects_1) doauth_OBJECTS = $(am_doauth_OBJECTS) doauth_LDADD = $(LDADD) -am__domodify_SOURCES_DIST = domodify.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c -am_domodify_OBJECTS = domodify.$(OBJEXT) $(am__objects_2) +am_domodify_OBJECTS = domodify.$(OBJEXT) $(am__objects_1) domodify_OBJECTS = $(am_domodify_OBJECTS) domodify_LDADD = $(LDADD) -am__dosearch_SOURCES_DIST = dosearch.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c -am_dosearch_OBJECTS = dosearch.$(OBJEXT) $(am__objects_2) +am_dosearch_OBJECTS = dosearch.$(OBJEXT) $(am__objects_1) dosearch_OBJECTS = $(am_dosearch_OBJECTS) dosearch_LDADD = $(LDADD) -am__edit_SOURCES_DIST = edit.c htmlout.c htmlparse.c error.c cgiutil.c \ - dsgwutil.c ldaputil.c entrydisplay.c config.c cookie.c \ - emitauth.c emitf.c collate.c vcard.c Versiongw.c utf8compare.c \ - dsgwgetlang.c line64.c fileurl.c -am_edit_OBJECTS = edit.$(OBJEXT) $(am__objects_2) +am_edit_OBJECTS = edit.$(OBJEXT) $(am__objects_1) edit_OBJECTS = $(am_edit_OBJECTS) edit_LDADD = $(LDADD) -am__lang_SOURCES_DIST = lang.c htmlout.c htmlparse.c error.c cgiutil.c \ - dsgwutil.c ldaputil.c entrydisplay.c config.c cookie.c \ - emitauth.c emitf.c collate.c vcard.c Versiongw.c utf8compare.c \ - dsgwgetlang.c line64.c fileurl.c secglue.c -am_lang_OBJECTS = lang.$(OBJEXT) $(am__objects_2) secglue.$(OBJEXT) +am_lang_OBJECTS = lang.$(OBJEXT) $(am__objects_1) secglue.$(OBJEXT) lang_OBJECTS = $(am_lang_OBJECTS) lang_LDADD = $(LDADD) -am__newentry_SOURCES_DIST = newentry.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c secglue.c -am_newentry_OBJECTS = newentry.$(OBJEXT) $(am__objects_2) \ +am_newentry_OBJECTS = newentry.$(OBJEXT) $(am__objects_1) \ secglue.$(OBJEXT) newentry_OBJECTS = $(am_newentry_OBJECTS) newentry_LDADD = $(LDADD) propmaker_SOURCES = propmaker.c propmaker_OBJECTS = propmaker.$(OBJEXT) propmaker_DEPENDENCIES = ; true -am__search_SOURCES_DIST = search.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c secglue.c -am_search_OBJECTS = search.$(OBJEXT) $(am__objects_2) \ +am_search_OBJECTS = search.$(OBJEXT) $(am__objects_1) \ secglue.$(OBJEXT) search_OBJECTS = $(am_search_OBJECTS) search_LDADD = $(LDADD) -am__tutor_SOURCES_DIST = tutor.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c secglue.c -am_tutor_OBJECTS = tutor.$(OBJEXT) $(am__objects_2) secglue.$(OBJEXT) +am_tutor_OBJECTS = tutor.$(OBJEXT) $(am__objects_1) secglue.$(OBJEXT) tutor_OBJECTS = $(am_tutor_OBJECTS) tutor_LDADD = $(LDADD) -am__unauth_SOURCES_DIST = unauth.c htmlout.c htmlparse.c error.c \ - cgiutil.c dsgwutil.c ldaputil.c entrydisplay.c config.c \ - cookie.c emitauth.c emitf.c collate.c vcard.c Versiongw.c \ - utf8compare.c dsgwgetlang.c line64.c fileurl.c secglue.c -am_unauth_OBJECTS = unauth.$(OBJEXT) $(am__objects_2) \ +am_unauth_OBJECTS = unauth.$(OBJEXT) $(am__objects_1) \ secglue.$(OBJEXT) unauth_OBJECTS = $(am_unauth_OBJECTS) unauth_LDADD = $(LDADD) -nodist_contextSCRIPT_INSTALL = $(INSTALL_SCRIPT) -SCRIPTS = $(nodist_context_SCRIPTS) DEFAULT_INCLUDES = -I. -I$(srcdir) -I. depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ SOURCES = $(auth_SOURCES) $(csearch_SOURCES) $(dnedit_SOURCES) \ $(doauth_SOURCES) $(domodify_SOURCES) $(dosearch_SOURCES) \ $(edit_SOURCES) $(lang_SOURCES) $(newentry_SOURCES) \ propmaker.c $(search_SOURCES) $(tutor_SOURCES) \ $(unauth_SOURCES) -DIST_SOURCES = $(am__auth_SOURCES_DIST) $(am__csearch_SOURCES_DIST) \ - $(am__dnedit_SOURCES_DIST) $(am__doauth_SOURCES_DIST) \ - $(am__domodify_SOURCES_DIST) $(am__dosearch_SOURCES_DIST) \ - $(am__edit_SOURCES_DIST) $(am__lang_SOURCES_DIST) \ - $(am__newentry_SOURCES_DIST) propmaker.c \ - $(am__search_SOURCES_DIST) $(am__tutor_SOURCES_DIST) \ - $(am__unauth_SOURCES_DIST) +DIST_SOURCES = $(auth_SOURCES) $(csearch_SOURCES) $(dnedit_SOURCES) \ + $(doauth_SOURCES) $(domodify_SOURCES) $(dosearch_SOURCES) \ + $(edit_SOURCES) $(lang_SOURCES) $(newentry_SOURCES) \ + propmaker.c $(search_SOURCES) $(tutor_SOURCES) \ + $(unauth_SOURCES) am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ @@ -239,38 +192,67 @@ AMDEP_FALSE = @AMDEP_FALSE@ AMDEP_TRUE = @AMDEP_TRUE@ AMTAR = @AMTAR@ +AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ +BUNDLE_FALSE = @BUNDLE_FALSE@ +BUNDLE_TRUE = @BUNDLE_TRUE@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CXXLINK_REQUIRED_FALSE = @CXXLINK_REQUIRED_FALSE@ +CXXLINK_REQUIRED_TRUE = @CXXLINK_REQUIRED_TRUE@ CYGPATH_W = @CYGPATH_W@ -DEFS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" +DEFS = @DEFS@ DEPDIR = @DEPDIR@ +ECHO = @ECHO@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ -HTTPD = @HTTPD@ +F77 = @F77@ +FFLAGS = @FFLAGS@ +HPUX_FALSE = @HPUX_FALSE@ +HPUX_TRUE = @HPUX_TRUE@ ICU_CONFIG = @ICU_CONFIG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ +LIBCRUN = @LIBCRUN@ +LIBCSTD = @LIBCSTD@ +LIBNSL = @LIBNSL@ LIBOBJS = @LIBOBJS@ -LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ @icu_lib@ -licui18n -licuuc -licudata @ldapsdk_lib@ -lssldap50 -lprldap50 -lldap50 @nss_lib@ -lssl3 -lnss3 @nspr_lib@ -lnspr4 -lplc4 +LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ \ + @icu_lib@ -licui18n -licuuc -licudata \ + @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60 \ + @sasl_lib@ -lsasl2 \ + @nss_lib@ -lsmime3 -lssl3 -lnss3 -lsoftokn3 \ + @nspr_lib@ -lplds4 -lplc4 -lnspr4 + +LIBSOCKET = @LIBSOCKET@ +LIBTOOL = @LIBTOOL@ +LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ +MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@ +MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@ MAKEINFO = @MAKEINFO@ NEED_LDIF_FALSE = @NEED_LDIF_FALSE@ NEED_LDIF_TRUE = @NEED_LDIF_TRUE@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ +PACKAGE_BASE_NAME = @PACKAGE_BASE_NAME@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ @@ -279,46 +261,68 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ POW_LIB = @POW_LIB@ +RANLIB = @RANLIB@ +SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +SOLARIS_FALSE = @SOLARIS_FALSE@ +SOLARIS_TRUE = @SOLARIS_TRUE@ STRIP = @STRIP@ VERSION = @VERSION@ WINNT_FALSE = @WINNT_FALSE@ WINNT_TRUE = @WINNT_TRUE@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_F77 = @ac_ct_F77@ +ac_ct_RANLIB = @ac_ct_RANLIB@ ac_ct_STRIP = @ac_ct_STRIP@ adminutil_inc = @adminutil_inc@ adminutil_lib = @adminutil_lib@ +adminutil_libdir = @adminutil_libdir@ adminutil_ver = @adminutil_ver@ am__fastdepCC_FALSE = @am__fastdepCC_FALSE@ am__fastdepCC_TRUE = @am__fastdepCC_TRUE@ +am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@ +am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ +build = @build@ build_alias = @build_alias@ -cgibindir = @cgibindir@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +cgibindir = $(libdir)@cgibindir@ cgiuri = @cgiuri@ # config is a bit of a misnomer - these are really configurable templates -configdir = @configdir@ +configdir = $(datadir)@configdir@ # the context dir is where the application specific config files go -contextdir = @contextdir@ -cookiedir = @cookiedir@ +contextdir = $(instconfigdir)@contextdir@ +# relative to $localstatedir +cookiedir = $(localstatedir)@cookiedir@ datadir = @datadir@ exec_prefix = @exec_prefix@ +host = @host@ host_alias = @host_alias@ -htmldir = @htmldir@ -httpdconf = @httpdconf@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = $(datadir)@htmldir@ icu_bin = @icu_bin@ icu_inc = @icu_inc@ icu_lib = @icu_lib@ +icu_libdir = @icu_libdir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ +instconfigdir = @instconfigdir@ ldapsdk_inc = @ldapsdk_inc@ ldapsdk_lib = @ldapsdk_lib@ +ldapsdk_libdir = @ldapsdk_libdir@ libdir = @libdir@ libexecdir = @libexecdir@ localstatedir = @localstatedir@ @@ -326,24 +330,37 @@ mkdir_p = @mkdir_p@ nspr_inc = @nspr_inc@ nspr_lib = @nspr_lib@ +nspr_libdir = @nspr_libdir@ nss_inc = @nss_inc@ nss_lib = @nss_lib@ +nss_libdir = @nss_libdir@ oldincludedir = @oldincludedir@ -pbconfigdir = @pbconfigdir@ -pbhtmldir = @pbhtmldir@ +pbconfigdir = $(datadir)@pbconfigdir@ +pbhtmldir = $(datadir)@pbhtmldir@ prefix = @prefix@ program_transform_name = @program_transform_name@ -propertydir = @propertydir@ +propertydir = $(datadir)@propertydir@ +sasl_inc = @sasl_inc@ +sasl_lib = @sasl_lib@ +sasl_libdir = @sasl_libdir@ sbindir = @sbindir@ -securitydir = @securitydir@ +securitydir = $(instconfigdir)@securitydir@ sharedstatedir = @sharedstatedir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ # look for included m4 files in the ./m4/ directory ACLOCAL_AMFLAGS = -I m4 -DSGW_VER_STR := "Fedora-Directory-Gateway/1.0.2" -INCLUDES = @adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ +DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)" +AM_CPPFLAGS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" $(DEBUG_DEFINES) \ + @adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ \ + -I$(srcdir)/include -I$(srcdir)/include/base $(am__append_1) \ + $(am__append_2) -DPROPERTYDIR=\"$(propertydir)\" \ + -DHTMLDIR=\"$(htmldir)\" -DCOOKIEDIR=\"$(cookiedir)\" \ + -DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \ + -DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \ + -DINSTCONFIGDIR=\"$(instconfigdir)\" \ + -DMANUALDIR=\"$(manualdir)\" # these are programs which we do not want to link with nss NEED_SECGLUE = unauth search csearch newentry tutor lang @@ -352,10 +369,10 @@ # last thing on the link line before LIBS, so just have it terminate the command # there and use true to make the LIBS a no-op propmaker_LDADD = ; true # hackery -COMMON_SOURCES = htmlout.c htmlparse.c error.c cgiutil.c dsgwutil.c \ - ldaputil.c entrydisplay.c config.c cookie.c emitauth.c emitf.c \ - collate.c vcard.c Versiongw.c utf8compare.c dsgwgetlang.c \ - $(am__append_1) +COMMON_SOURCES = htmlout.c htmlparse.c error.c cgiutil.c dsgwutil.c ldaputil.c \ + entrydisplay.c config.c cookie.c emitauth.c emitf.c collate.c vcard.c \ + Versiongw.c utf8compare.c dsgwgetlang.c + unauth_SOURCES = unauth.c $(COMMON_SOURCES) secglue.c search_SOURCES = search.c $(COMMON_SOURCES) secglue.c csearch_SOURCES = csearch.c $(COMMON_SOURCES) secglue.c @@ -441,12 +458,12 @@ pbconfig/dsgwfilter.conf pbconfig/pb.tmpl nodist_context_DATA = dsgw-httpd.conf -nodist_context_SCRIPTS = setup +#nodist_context_SCRIPTS = setup-dirsrv-gw # add more here for localized bundles nodist_property_DATA = dsgw_root.res MOSTLYCLEANFILES = dsgw.conf dsgw_root.res dsgw.properties setup dsgw-httpd.conf - at WINNT_FALSE@ICU_GENRB = sh genrb_wrapper.sh @icu_bin@ @icu_lib@ + at WINNT_FALSE@ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@ # Resource Bundle Compiler @WINNT_TRUE at ICU_GENRB = @icu_bin@/genrb.exe @@ -461,14 +478,46 @@ # German resource bundles (for the German localization in the future) RESOURCE_BUNDLES_DE = dsgw_de.res + +# these are for the config files and scripts that we need to generate and replace +# the paths and other tokens with the real values set during configure/make +# note that we cannot just use AC_OUTPUT to do this for us, since it will do things like this: +# ADMConfigDir = ${prefix}/etc/packagename +# i.e. it literally copies in '${prefix}' rather than expanding it out - we want this instead: +# ADMConfigDir = /etc/packagename +fixupcmd = sed \ + -e 's, at bindir\@,$(bindir),g' \ + -e 's, at sbindir\@,$(sbindir),g' \ + -e 's, at localstatedir\@,$(localstatedir),g' \ + -e 's, at cgibindir\@,$(cgibindir),g' \ + -e 's, at cgiuri\@,$(cgiuri),g' \ + -e 's, at cmdbindir\@,$(cmdbindir),g' \ + -e 's, at propertydir\@,$(propertydir),g' \ + -e 's, at htmldir\@,$(htmldir),g' \ + -e 's, at pbhtmldir\@,$(pbhtmldir),g' \ + -e 's, at configdir\@,$(configdir),g' \ + -e 's, at pbconfigdir\@,$(pbconfigdir),g' \ + -e 's, at contextdir\@,$(contextdir),g' \ + -e 's, at securitydir\@,$(securitydir),g' \ + -e 's, at instconfigdir\@,$(instconfigdir),g' \ + -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \ + -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \ + -e 's, at package_name\@,$(PACKAGE_NAME),g' \ + -e 's, at PACKAGE_BASE_NAME\@,$(PACKAGE_BASE_NAME),g' \ + -e 's, at PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \ + -e 's, at PACKAGE_BASE_VERSION\@,$(PACKAGE_BASE_VERSION),g' \ + -e 's, at brand\@,$(brand),g' \ + -e 's, at capbrand\@,$(capbrand),g' \ + -e 's, at vendor\@,$(vendor),g' + all: config.h $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .c .o .obj +.SUFFIXES: .c .lo .o .obj am--refresh: @: -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -495,9 +544,9 @@ $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck -$(top_srcdir)/configure: $(am__configure_deps) +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(srcdir) && $(AUTOCONF) -$(ACLOCAL_M4): $(am__aclocal_m4_deps) +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) config.h: stamp-h1 @@ -506,30 +555,27 @@ $(MAKE) stamp-h1; \ else :; fi -stamp-h1: $(srcdir)/config-h.in $(top_builddir)/config.status +stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h -$(srcdir)/config-h.in: $(am__configure_deps) +$(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_srcdir) && $(AUTOHEADER) rm -f stamp-h1 touch $@ distclean-hdr: -rm -f config.h stamp-h1 -setup: $(top_builddir)/config.status $(srcdir)/setup.in - cd $(top_builddir) && $(SHELL) ./config.status $@ -dsgw-httpd.conf: $(top_builddir)/config.status $(srcdir)/dsgw-httpd.conf.in - cd $(top_builddir) && $(SHELL) ./config.status $@ install-cgibinPROGRAMS: $(cgibin_PROGRAMS) @$(NORMAL_INSTALL) test -z "$(cgibindir)" || $(mkdir_p) "$(DESTDIR)$(cgibindir)" @list='$(cgibin_PROGRAMS)'; for p in $$list; do \ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ if test -f $$p \ + || test -f $$p1 \ ; then \ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(cgibinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(cgibindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(cgibinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(cgibindir)/$$f" || exit 1; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(cgibinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(cgibindir)/$$f'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(cgibinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(cgibindir)/$$f" || exit 1; \ else :; fi; \ done @@ -542,10 +588,18 @@ done clean-cgibinPROGRAMS: - -test -z "$(cgibin_PROGRAMS)" || rm -f $(cgibin_PROGRAMS) + @list='$(cgibin_PROGRAMS)'; for p in $$list; do \ + f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f $$p $$f"; \ + rm -f $$p $$f ; \ + done clean-noinstPROGRAMS: - -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + @list='$(noinst_PROGRAMS)'; for p in $$list; do \ + f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f $$p $$f"; \ + rm -f $$p $$f ; \ + done auth$(EXEEXT): $(auth_OBJECTS) $(auth_DEPENDENCIES) @rm -f auth$(EXEEXT) $(LINK) $(auth_LDFLAGS) $(auth_OBJECTS) $(auth_LDADD) $(LIBS) @@ -585,25 +639,6 @@ unauth$(EXEEXT): $(unauth_OBJECTS) $(unauth_DEPENDENCIES) @rm -f unauth$(EXEEXT) $(LINK) $(unauth_LDFLAGS) $(unauth_OBJECTS) $(unauth_LDADD) $(LIBS) -install-nodist_contextSCRIPTS: $(nodist_context_SCRIPTS) - @$(NORMAL_INSTALL) - test -z "$(contextdir)" || $(mkdir_p) "$(DESTDIR)$(contextdir)" - @list='$(nodist_context_SCRIPTS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(nodist_contextSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(contextdir)/$$f'"; \ - $(nodist_contextSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(contextdir)/$$f"; \ - else :; fi; \ - done - -uninstall-nodist_contextSCRIPTS: - @$(NORMAL_UNINSTALL) - @list='$(nodist_context_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(contextdir)/$$f'"; \ - rm -f "$(DESTDIR)$(contextdir)/$$f"; \ - done mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -629,12 +664,10 @@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/emitf.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/entrydisplay.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/error.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/fileurl.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/htmlout.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/htmlparse.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/lang.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ldaputil.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/line64.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/newentry.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/propmaker.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/search.Po at am__quote@ @@ -645,18 +678,37 @@ @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/vcard.Po at am__quote@ .c.o: - at am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \ - at am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi + at am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`; \ + at am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ $<; \ + at am__fastdepCC_TRUE@ then mv -f "$$depbase.Tpo" "$$depbase.Po"; else rm -f "$$depbase.Tpo"; exit 1; fi @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(COMPILE) -c $< + at am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ $< .c.obj: - at am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ - at am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi + at am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`; \ + at am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \ + at am__fastdepCC_TRUE@ then mv -f "$$depbase.Tpo" "$$depbase.Po"; else rm -f "$$depbase.Tpo"; exit 1; fi @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + at am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: + at am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`; \ + at am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ $<; \ + at am__fastdepCC_TRUE@ then mv -f "$$depbase.Tpo" "$$depbase.Plo"; else rm -f "$$depbase.Tpo"; exit 1; fi + at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ + at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ + at am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + -rm -f libtool uninstall-info-am: install-dist_configDATA: $(dist_config_DATA) @$(NORMAL_INSTALL) @@ -771,11 +823,11 @@ mkid -fID $$unique tags: TAGS -TAGS: $(HEADERS) $(SOURCES) config-h.in $(TAGS_DEPENDENCIES) \ +TAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) config-h.in $(LISP) $(TAGS_FILES)'; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ @@ -787,11 +839,11 @@ $$tags $$unique; \ fi ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) config-h.in $(TAGS_DEPENDENCIES) \ +CTAGS: $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) config-h.in $(LISP) $(TAGS_FILES)'; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ @@ -812,7 +864,7 @@ distdir: $(DISTFILES) $(am__remove_distdir) mkdir $(distdir) - $(mkdir_p) $(distdir)/. $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/m4 $(distdir)/pbconfig $(distdir)/pbhtml + $(mkdir_p) $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/m4 $(distdir)/pbconfig $(distdir)/pbhtml @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ list='$(DISTFILES)'; for file in $$list; do \ @@ -938,9 +990,9 @@ exit 1; } >&2 check-am: all-am check: check-am -all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(DATA) config.h +all-am: Makefile $(PROGRAMS) $(DATA) config.h installdirs: - for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \ + for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \ test -z "$$dir" || $(mkdir_p) "$$dir"; \ done install: install-am @@ -970,15 +1022,15 @@ @echo "it deletes files that may require special tools to rebuild." clean: clean-am -clean-am: clean-cgibinPROGRAMS clean-generic clean-noinstPROGRAMS \ - mostlyclean-am +clean-am: clean-cgibinPROGRAMS clean-generic clean-libtool \ + clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ - distclean-hdr distclean-tags + distclean-hdr distclean-libtool distclean-tags dvi: dvi-am @@ -993,7 +1045,7 @@ install-data-am: install-cgibinPROGRAMS install-dist_configDATA \ install-dist_htmlDATA install-dist_pbconfigDATA \ install-dist_pbhtmlDATA install-nodist_contextDATA \ - install-nodist_contextSCRIPTS install-nodist_propertyDATA + install-nodist_propertyDATA install-exec-am: @@ -1012,7 +1064,8 @@ mostlyclean: mostlyclean-am -mostlyclean-am: mostlyclean-compile mostlyclean-generic +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf: pdf-am @@ -1025,29 +1078,28 @@ uninstall-am: uninstall-cgibinPROGRAMS uninstall-dist_configDATA \ uninstall-dist_htmlDATA uninstall-dist_pbconfigDATA \ uninstall-dist_pbhtmlDATA uninstall-info-am \ - uninstall-nodist_contextDATA uninstall-nodist_contextSCRIPTS \ - uninstall-nodist_propertyDATA + uninstall-nodist_contextDATA uninstall-nodist_propertyDATA .PHONY: CTAGS GTAGS all all-am am--refresh check check-am clean \ - clean-cgibinPROGRAMS clean-generic clean-noinstPROGRAMS ctags \ - dist dist-all dist-bzip2 dist-gzip dist-shar dist-tarZ \ - dist-zip distcheck distclean distclean-compile \ - distclean-generic distclean-hdr distclean-tags distcleancheck \ - distdir distuninstallcheck dvi dvi-am html html-am info \ - info-am install install-am install-cgibinPROGRAMS install-data \ + clean-cgibinPROGRAMS clean-generic clean-libtool \ + clean-noinstPROGRAMS ctags dist dist-all dist-bzip2 dist-gzip \ + dist-shar dist-tarZ dist-zip distcheck distclean \ + distclean-compile distclean-generic distclean-hdr \ + distclean-libtool distclean-tags distcleancheck distdir \ + distuninstallcheck dvi dvi-am html html-am info info-am \ + install install-am install-cgibinPROGRAMS install-data \ install-data-am install-dist_configDATA install-dist_htmlDATA \ install-dist_pbconfigDATA install-dist_pbhtmlDATA install-exec \ install-exec-am install-info install-info-am install-man \ - install-nodist_contextDATA install-nodist_contextSCRIPTS \ - install-nodist_propertyDATA install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic pdf pdf-am ps ps-am tags uninstall \ - uninstall-am uninstall-cgibinPROGRAMS \ - uninstall-dist_configDATA uninstall-dist_htmlDATA \ - uninstall-dist_pbconfigDATA uninstall-dist_pbhtmlDATA \ - uninstall-info-am uninstall-nodist_contextDATA \ - uninstall-nodist_contextSCRIPTS uninstall-nodist_propertyDATA + install-nodist_contextDATA install-nodist_propertyDATA \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am tags uninstall uninstall-am \ + uninstall-cgibinPROGRAMS uninstall-dist_configDATA \ + uninstall-dist_htmlDATA uninstall-dist_pbconfigDATA \ + uninstall-dist_pbhtmlDATA uninstall-info-am \ + uninstall-nodist_contextDATA uninstall-nodist_propertyDATA # By default create only the default root bundle (english). @@ -1068,6 +1120,10 @@ %_de.res : %_de.properties $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ + +% : %.in + if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi + $(fixupcmd) $< > $@ # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: View full diff with command: /usr/bin/cvs -f diff -kk -u -N -r 1.1.1.1 -r 1.2 aclocal.m4 Index: aclocal.m4 =================================================================== RCS file: /cvs/dirsec/dsgw/aclocal.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- aclocal.m4 1 Jun 2006 19:43:45 -0000 1.1.1.1 +++ aclocal.m4 10 Jan 2008 01:19:36 -0000 1.2 @@ -11,6 +11,6405 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. +# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- + +# serial 48 AC_PROG_LIBTOOL + + +# AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) +# ----------------------------------------------------------- +# If this macro is not defined by Autoconf, define it here. +m4_ifdef([AC_PROVIDE_IFELSE], + [], + [m4_define([AC_PROVIDE_IFELSE], + [m4_ifdef([AC_PROVIDE_$1], + [$2], [$3])])]) + + +# AC_PROG_LIBTOOL +# --------------- +AC_DEFUN([AC_PROG_LIBTOOL], +[AC_REQUIRE([_AC_PROG_LIBTOOL])dnl +dnl If AC_PROG_CXX has already been expanded, run AC_LIBTOOL_CXX +dnl immediately, otherwise, hook it in at the end of AC_PROG_CXX. + AC_PROVIDE_IFELSE([AC_PROG_CXX], + [AC_LIBTOOL_CXX], + [define([AC_PROG_CXX], defn([AC_PROG_CXX])[AC_LIBTOOL_CXX + ])]) +dnl And a similar setup for Fortran 77 support + AC_PROVIDE_IFELSE([AC_PROG_F77], + [AC_LIBTOOL_F77], + [define([AC_PROG_F77], defn([AC_PROG_F77])[AC_LIBTOOL_F77 +])]) + +dnl Quote A][M_PROG_GCJ so that aclocal doesn't bring it in needlessly. +dnl If either AC_PROG_GCJ or A][M_PROG_GCJ have already been expanded, run +dnl AC_LIBTOOL_GCJ immediately, otherwise, hook it in at the end of both. + AC_PROVIDE_IFELSE([AC_PROG_GCJ], + [AC_LIBTOOL_GCJ], + [AC_PROVIDE_IFELSE([A][M_PROG_GCJ], + [AC_LIBTOOL_GCJ], + [AC_PROVIDE_IFELSE([LT_AC_PROG_GCJ], + [AC_LIBTOOL_GCJ], + [ifdef([AC_PROG_GCJ], + [define([AC_PROG_GCJ], defn([AC_PROG_GCJ])[AC_LIBTOOL_GCJ])]) + ifdef([A][M_PROG_GCJ], + [define([A][M_PROG_GCJ], defn([A][M_PROG_GCJ])[AC_LIBTOOL_GCJ])]) + ifdef([LT_AC_PROG_GCJ], + [define([LT_AC_PROG_GCJ], + defn([LT_AC_PROG_GCJ])[AC_LIBTOOL_GCJ])])])]) +])])# AC_PROG_LIBTOOL + + +# _AC_PROG_LIBTOOL +# ---------------- +AC_DEFUN([_AC_PROG_LIBTOOL], +[AC_REQUIRE([AC_LIBTOOL_SETUP])dnl +AC_BEFORE([$0],[AC_LIBTOOL_CXX])dnl +AC_BEFORE([$0],[AC_LIBTOOL_F77])dnl +AC_BEFORE([$0],[AC_LIBTOOL_GCJ])dnl + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' +AC_SUBST(LIBTOOL)dnl + +# Prevent multiple expansion +define([AC_PROG_LIBTOOL], []) +])# _AC_PROG_LIBTOOL + + +# AC_LIBTOOL_SETUP +# ---------------- +AC_DEFUN([AC_LIBTOOL_SETUP], +[AC_PREREQ(2.50)dnl +AC_REQUIRE([AC_ENABLE_SHARED])dnl +AC_REQUIRE([AC_ENABLE_STATIC])dnl +AC_REQUIRE([AC_ENABLE_FAST_INSTALL])dnl +AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_REQUIRE([AC_PROG_CC])dnl +AC_REQUIRE([AC_PROG_LD])dnl +AC_REQUIRE([AC_PROG_LD_RELOAD_FLAG])dnl +AC_REQUIRE([AC_PROG_NM])dnl + +AC_REQUIRE([AC_PROG_LN_S])dnl +AC_REQUIRE([AC_DEPLIBS_CHECK_METHOD])dnl +# Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! +AC_REQUIRE([AC_OBJEXT])dnl +AC_REQUIRE([AC_EXEEXT])dnl +dnl + +AC_LIBTOOL_SYS_MAX_CMD_LEN +AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE +AC_LIBTOOL_OBJDIR + +AC_REQUIRE([_LT_AC_SYS_COMPILER])dnl +_LT_AC_PROG_ECHO_BACKSLASH + +case $host_os in +aix3*) + # AIX sometimes has problems with the GCC collect2 program. For some + # reason, if we set the COLLECT_NAMES environment variable, the problems + # vanish in a puff of smoke. + if test "X${COLLECT_NAMES+set}" != Xset; then + COLLECT_NAMES= + export COLLECT_NAMES + fi + ;; +esac + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +Xsed='sed -e 1s/^X//' +[sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g'] + +# Same as above, but do not quote variable references. +[double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g'] + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' + +# Constants: +rm="rm -f" + +# Global variables: +default_ofile=libtool +can_build_shared=yes + +# All known linkers require a `.a' archive for static linking (except MSVC, +# which needs '.lib'). +libext=a +ltmain="$ac_aux_dir/ltmain.sh" +ofile="$default_ofile" +with_gnu_ld="$lt_cv_prog_gnu_ld" + +AC_CHECK_TOOL(AR, ar, false) +AC_CHECK_TOOL(RANLIB, ranlib, :) +AC_CHECK_TOOL(STRIP, strip, :) + +old_CC="$CC" +old_CFLAGS="$CFLAGS" + +# Set sane defaults for various variables +test -z "$AR" && AR=ar +test -z "$AR_FLAGS" && AR_FLAGS=cru +test -z "$AS" && AS=as +test -z "$CC" && CC=cc +test -z "$LTCC" && LTCC=$CC +test -z "$LTCFLAGS" && LTCFLAGS=$CFLAGS +test -z "$DLLTOOL" && DLLTOOL=dlltool +test -z "$LD" && LD=ld +test -z "$LN_S" && LN_S="ln -s" +test -z "$MAGIC_CMD" && MAGIC_CMD=file +test -z "$NM" && NM=nm +test -z "$SED" && SED=sed +test -z "$OBJDUMP" && OBJDUMP=objdump +test -z "$RANLIB" && RANLIB=: +test -z "$STRIP" && STRIP=: +test -z "$ac_objext" && ac_objext=o + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs$old_deplibs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" +fi + +_LT_CC_BASENAME([$compiler]) + +# Only perform the check for file, if the check method requires it +case $deplibs_check_method in +file_magic*) + if test "$file_magic_cmd" = '$MAGIC_CMD'; then + AC_PATH_MAGIC [...6085 lines suppressed...] +# /* ltdll.c starts here */ +# #define WIN32_LEAN_AND_MEAN +# #include +# #undef WIN32_LEAN_AND_MEAN +# #include +# +# #ifndef __CYGWIN__ +# # ifdef __CYGWIN32__ +# # define __CYGWIN__ __CYGWIN32__ +# # endif +# #endif +# +# #ifdef __cplusplus +# extern "C" { +# #endif +# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved); +# #ifdef __cplusplus +# } +# #endif +# +# #ifdef __CYGWIN__ +# #include +# DECLARE_CYGWIN_DLL( DllMain ); +# #endif +# HINSTANCE __hDllInstance_base; +# +# BOOL APIENTRY +# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved) +# { +# __hDllInstance_base = hInst; +# return TRUE; +# } +# /* ltdll.c ends here */ +])# _LT_AC_FILE_LTDLL_C + + +# _LT_AC_TAGVAR(VARNAME, [TAGNAME]) +# --------------------------------- +AC_DEFUN([_LT_AC_TAGVAR], [ifelse([$2], [], [$1], [$1_$2])]) + + +# old names +AC_DEFUN([AM_PROG_LIBTOOL], [AC_PROG_LIBTOOL]) +AC_DEFUN([AM_ENABLE_SHARED], [AC_ENABLE_SHARED($@)]) +AC_DEFUN([AM_ENABLE_STATIC], [AC_ENABLE_STATIC($@)]) +AC_DEFUN([AM_DISABLE_SHARED], [AC_DISABLE_SHARED($@)]) +AC_DEFUN([AM_DISABLE_STATIC], [AC_DISABLE_STATIC($@)]) +AC_DEFUN([AM_PROG_LD], [AC_PROG_LD]) +AC_DEFUN([AM_PROG_NM], [AC_PROG_NM]) + +# This is just to silence aclocal about the macro not being used +ifelse([AC_DISABLE_FAST_INSTALL]) + +AC_DEFUN([LT_AC_PROG_GCJ], +[AC_CHECK_TOOL(GCJ, gcj, no) + test "x${GCJFLAGS+set}" = xset || GCJFLAGS="-g -O2" + AC_SUBST(GCJFLAGS) +]) + +AC_DEFUN([LT_AC_PROG_RC], +[AC_CHECK_TOOL(RC, windres, no) +]) + +# NOTE: This macro has been submitted for inclusion into # +# GNU Autoconf as AC_PROG_SED. When it is available in # +# a released version of Autoconf we should remove this # +# macro and use it instead. # +# LT_AC_PROG_SED +# -------------- +# Check for a fully-functional sed program, that truncates +# as few characters as possible. Prefer GNU sed if found. +AC_DEFUN([LT_AC_PROG_SED], +[AC_MSG_CHECKING([for a sed that does not truncate output]) +AC_CACHE_VAL(lt_cv_path_SED, +[# Loop through the user's path and test for sed and gsed. +# Then use that list of sed's as ones to test for truncation. +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for lt_ac_prog in sed gsed; do + for ac_exec_ext in '' $ac_executable_extensions; do + if $as_executable_p "$as_dir/$lt_ac_prog$ac_exec_ext"; then + lt_ac_sed_list="$lt_ac_sed_list $as_dir/$lt_ac_prog$ac_exec_ext" + fi + done + done +done +IFS=$as_save_IFS +lt_ac_max=0 +lt_ac_count=0 +# Add /usr/xpg4/bin/sed as it is typically found on Solaris +# along with /bin/sed that truncates output. +for lt_ac_sed in $lt_ac_sed_list /usr/xpg4/bin/sed; do + test ! -f $lt_ac_sed && continue + cat /dev/null > conftest.in + lt_ac_count=0 + echo $ECHO_N "0123456789$ECHO_C" >conftest.in + # Check for GNU sed and select it if it is found. + if "$lt_ac_sed" --version 2>&1 < /dev/null | grep 'GNU' > /dev/null; then + lt_cv_path_SED=$lt_ac_sed + break + fi + while true; do + cat conftest.in conftest.in >conftest.tmp + mv conftest.tmp conftest.in + cp conftest.in conftest.nl + echo >>conftest.nl + $lt_ac_sed -e 's/a$//' < conftest.nl >conftest.out || break + cmp -s conftest.out conftest.nl || break + # 10000 chars as input seems more than enough + test $lt_ac_count -gt 10 && break + lt_ac_count=`expr $lt_ac_count + 1` + if test $lt_ac_count -gt $lt_ac_max; then + lt_ac_max=$lt_ac_count + lt_cv_path_SED=$lt_ac_sed + fi + done +done +]) +SED=$lt_cv_path_SED +AC_SUBST([SED]) +AC_MSG_RESULT([$SED]) +]) + # Copyright (C) 2002, 2003, 2005 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation @@ -489,6 +6888,35 @@ rmdir .tst 2>/dev/null AC_SUBST([am__leading_dot])]) +# Add --enable-maintainer-mode option to configure. -*- Autoconf -*- +# From Jim Meyering + +# Copyright (C) 1996, 1998, 2000, 2001, 2002, 2003, 2004, 2005 +# Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 4 + +AC_DEFUN([AM_MAINTAINER_MODE], +[AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) + dnl maintainer-mode is disabled by default + AC_ARG_ENABLE(maintainer-mode, +[ --enable-maintainer-mode enable make rules and dependencies not useful + (and sometimes confusing) to the casual installer], + USE_MAINTAINER_MODE=$enableval, + USE_MAINTAINER_MODE=no) + AC_MSG_RESULT([$USE_MAINTAINER_MODE]) + AM_CONDITIONAL(MAINTAINER_MODE, [test $USE_MAINTAINER_MODE = yes]) + MAINT=$MAINTAINER_MODE_TRUE + AC_SUBST(MAINT)dnl +] +) + +AU_DEFUN([jm_MAINTAINER_MODE], [AM_MAINTAINER_MODE]) + # Check to see how 'make' treats includes. -*- Autoconf -*- # Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. @@ -541,6 +6969,34 @@ rm -f confinc confmf ]) +# Copyright (C) 1999, 2000, 2001, 2003, 2005 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# serial 3 + +# AM_PROG_CC_C_O +# -------------- +# Like AC_PROG_CC_C_O, but changed for automake. +AC_DEFUN([AM_PROG_CC_C_O], +[AC_REQUIRE([AC_PROG_CC_C_O])dnl +AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +# FIXME: we rely on the cache variable name because +# there is no other way. +set dummy $CC +ac_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` +if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +]) + # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Copyright (C) 1997, 1999, 2000, 2001, 2003, 2005 Index: config.c =================================================================== RCS file: /cvs/dirsec/dsgw/config.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- config.c 1 Jun 2006 19:43:43 -0000 1.1.1.1 +++ config.c 10 Jan 2008 01:19:36 -0000 1.2 @@ -128,48 +128,6 @@ gc->gc_DefaultLanguage = ""; gc->gc_httpversion = 0; gc->gc_orgchartsearchattr = "uid"; - /* - * Figure out whether we are running under the admin server or not. This - * also determines where our config and html files are. The hackage is: - * if we're running under the admin server: - * configdir is ../../../../admin-serv/config - * htmldir is ../html - * urlpfxmain is "" - * urlpfxcgi is "" - * dbswitchfile is NSHOME/userdb/dbswitch.conf - * - * If we're running under any other HTTP server: - * configdir is ../config - * htmldir is ../config (yes, that's right) - * urlpfxmain is "lang?context=dsgw&file=" - * gc_urlpfxcgi is "/ds" - * dbswitchfile is not used - */ - - /* Get the admin server name and chop off the version number */ - /* vs = dsgw_ch_strdup( ADMSERV_VERSION_STRING ); - if (( p = strchr( vs, '/')) != NULL ) { - *p = '\0'; - }*/ - - /*ss = getenv( "SERVER_SOFTWARE" ); - if ( ss != NULL ) { - if ( !strncasecmp( vs, ss, strlen( vs ))) { - char *server_names;*/ - /* We're running under the admin server */ - /* gc->gc_admserv = 1; - gc->gc_configdir = DSGW_CONFIGDIR_ADMSERV; - gc->gc_tmpldir = DSGW_TMPLDIR_ADMSERV; - gc->gc_urlpfxmain = DSGW_URLPREFIX_MAIN_ADMSERV; - gc->gc_urlpfxcgi = DSGW_URLPREFIX_CGI_ADMSERV;*/ - /* Check if running an end-user CGI under the admin server */ - /* if (( server_names = getenv( "SERVER_NAMES" )) != NULL && - strlen( server_names ) >= 4 && - strncmp( server_names, "user", 4 ) == 0 ) { - gc->gc_enduser = 1; - } - } - }*/ /* * Get the strlen of the http://admin/port because getvp returns Index: config.h.in =================================================================== RCS file: /cvs/dirsec/dsgw/config.h.in,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- config.h.in 1 Jun 2006 19:43:42 -0000 1.1.1.1 +++ config.h.in 10 Jan 2008 01:19:36 -0000 1.2 @@ -0,0 +1,257 @@ +/* config.h.in. Generated from configure.ac by autoheader. */ + +/* cpu type pa-risc */ +#undef CPU_hppa + +/* cpu type ia64 */ +#undef CPU_ia64 + +/* cpu type sparc */ +#undef CPU_sparc + +/* Enable extra DSGW debugging code */ +#undef DSGW_DEBUG + +/* Define to 1 if you have the header file. */ +#undef HAVE_DLFCN_H + +/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */ +#undef HAVE_DOPRNT + +/* Define to 1 if you have the header file. */ +#undef HAVE_FCNTL_H + +/* Define to 1 if you have the `ftruncate' function. */ +#undef HAVE_FTRUNCATE + +/* Define to 1 if you have the `getcwd' function. */ +#undef HAVE_GETCWD + +/* Define to 1 if you have the header file. */ +#undef HAVE_INTTYPES_H + +/* Define to 1 if you have the `isascii' function. */ +#undef HAVE_ISASCII + +/* Define to 1 if you have the header file. */ +#undef HAVE_LIMITS_H + +/* Define to 1 if you have the `localtime_r' function. */ +#undef HAVE_LOCALTIME_R + +/* Define to 1 if your system has a GNU libc compatible `malloc' function, and + to 0 otherwise. */ +#undef HAVE_MALLOC + +/* Define to 1 if you have the `memmove' function. */ +#undef HAVE_MEMMOVE + +/* Define to 1 if you have the header file. */ +#undef HAVE_MEMORY_H + +/* Define to 1 if you have the `memset' function. */ +#undef HAVE_MEMSET + +/* Define to 1 if your system has a GNU libc compatible `realloc' function, + and to 0 otherwise. */ +#undef HAVE_REALLOC + +/* Define to 1 if you have the `select' function. */ +#undef HAVE_SELECT + +/* Define to 1 if `stat' has the bug that it succeeds when given the + zero-length file name argument. */ +#undef HAVE_STAT_EMPTY_STRING_BUG + +/* Define to 1 if stdbool.h conforms to C99. */ +#undef HAVE_STDBOOL_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDINT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STDLIB_H + +/* Define to 1 if you have the `strcasecmp' function. */ +#undef HAVE_STRCASECMP + +/* Define to 1 if you have the `strchr' function. */ +#undef HAVE_STRCHR + +/* Define to 1 if you have the `strdup' function. */ +#undef HAVE_STRDUP + +/* Define to 1 if you have the `strerror' function. */ +#undef HAVE_STRERROR + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRINGS_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_STRING_H + +/* Define to 1 if you have the `strncasecmp' function. */ +#undef HAVE_STRNCASECMP + +/* Define to 1 if you have the `strpbrk' function. */ +#undef HAVE_STRPBRK + +/* Define to 1 if you have the `strrchr' function. */ +#undef HAVE_STRRCHR + +/* Define to 1 if you have the `strstr' function. */ +#undef HAVE_STRSTR + +/* Define to 1 if you have the `strtoul' function. */ +#undef HAVE_STRTOUL + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_FILE_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_PARAM_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SELECT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_SOCKET_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_STAT_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TIME_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_TYPES_H + +/* Define to 1 if you have the header file. */ +#undef HAVE_UNISTD_H + +/* Define to 1 if you have the `vprintf' function. */ +#undef HAVE_VPRINTF + +/* Define to 1 if the system has the type `_Bool'. */ +#undef HAVE__BOOL + +/* HP-UX */ +#undef HPUX + +/* HP-UX 11 */ +#undef HPUX11 + +/* HP-UX 11.11 */ +#undef HPUX11_11 + +/* HP-UX 11.23 */ +#undef HPUX11_23 + +/* Use FHS layout */ +#undef IS_FHS + +/* Use FHS optional layout */ +#undef IS_FHS_OPT + +/* Linux */ +#undef LINUX + +/* Define to 1 if `lstat' dereferences a symlink specified with a trailing + slash. */ +#undef LSTAT_FOLLOWS_SLASHED_SYMLINK + +/* Linux */ +#undef Linux + +/* Define to 1 if your C compiler doesn't accept -c and -o together. */ +#undef NO_MINUS_C_MINUS_O + +/* OS version */ +#undef OSVERSION + +/* OS HP-UX */ +#undef OS_hpux + +/* OS SOLARIS */ +#undef OS_solaris + +/* Name of package */ +#undef PACKAGE + +/* Define to the address where bug reports for this package should be sent. */ +#undef PACKAGE_BUGREPORT + +/* Define to the full name of this package. */ +#undef PACKAGE_NAME + +/* Define to the full name and version of this package. */ +#undef PACKAGE_STRING + +/* Define to the one symbol short name of this package. */ +#undef PACKAGE_TARNAME + +/* Define to the version of this package. */ +#undef PACKAGE_VERSION + +/* Define to the type of arg 1 for `select'. */ +#undef SELECT_TYPE_ARG1 + +/* Define to the type of args 2, 3 and 4 for `select'. */ +#undef SELECT_TYPE_ARG234 + +/* Define to the type of arg 5 for `select'. */ +#undef SELECT_TYPE_ARG5 + +/* Define to 1 if you have the ANSI C header files. */ +#undef STDC_HEADERS + +/* SVR4 */ +#undef SVR4 + +/* Define to 1 if you can safely include both and . */ +#undef TIME_WITH_SYS_TIME + +/* Define to 1 if your declares `struct tm'. */ +#undef TM_IN_SYS_TIME + +/* Version number of package */ +#undef VERSION + +/* UNIX */ +#undef XP_UNIX + +/* Source namespace */ +#undef _HPUX_SOURCE + +/* POSIX revision */ +#undef _POSIX_C_SOURCE + +/* _REENTRANT */ +#undef _REENTRANT + +/* SVID_GETTOD */ +#undef _SVID_GETTOD + +/* SVR4 */ +#undef __svr4 + +/* SVR4 */ +#undef __svr4__ + +/* Define to empty if `const' does not conform to ANSI C. */ +#undef const + +/* HP-UX */ +#undef hpux + +/* Define to rpl_malloc if the replacement function should be used. */ +#undef malloc + +/* Define to rpl_realloc if the replacement function should be used. */ +#undef realloc + +/* Define to `unsigned' if does not define. */ +#undef size_t + +/* SunOS5 */ +#undef sunos5 View full diff with command: /usr/bin/cvs -f diff -kk -u -N -r 1.2 -r 1.3 configure Index: configure =================================================================== RCS file: /cvs/dirsec/dsgw/configure,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- configure 2 Jun 2006 22:57:17 -0000 1.2 +++ configure 10 Jan 2008 01:19:36 -0000 1.3 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for dsgw 1.1. +# Generated by GNU Autoconf 2.59 for dirsrv-gw 1.1.0. # # Report bugs to . # @@ -243,6 +243,160 @@ $as_unset CDPATH + +# Check that we are running under the correct shell. +SHELL=${CONFIG_SHELL-/bin/sh} + +case X$ECHO in +X*--fallback-echo) + # Remove one level of quotation (which was required for Make). + ECHO=`echo "$ECHO" | sed 's,\\\\\$\\$0,'$0','` + ;; +esac + +echo=${ECHO-echo} +if test "X$1" = X--no-reexec; then + # Discard the --no-reexec flag, and continue. + shift +elif test "X$1" = X--fallback-echo; then + # Avoid inline document here, it may be left over + : +elif test "X`($echo '\t') 2>/dev/null`" = 'X\t' ; then + # Yippee, $echo works! + : +else + # Restart under the correct shell. + exec $SHELL "$0" --no-reexec ${1+"$@"} +fi + +if test "X$1" = X--fallback-echo; then + # used as fallback echo + shift + cat </dev/null 2>&1 && unset CDPATH + +if test -z "$ECHO"; then +if test "X${echo_test_string+set}" != Xset; then +# find a string as large as possible, as long as the shell can cope with it + for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do + # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ... + if (echo_test_string=`eval $cmd`) 2>/dev/null && + echo_test_string=`eval $cmd` && + (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null + then + break + fi + done +fi + +if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && + echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + : +else + # The Solaris, AIX, and Digital Unix default echo programs unquote + # backslashes. This makes it impossible to quote backslashes using + # echo "$something" | sed 's/\\/\\\\/g' + # + # So, first we look for a working echo in the user's PATH. + + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for dir in $PATH /usr/ucb; do + IFS="$lt_save_ifs" + if (test -f $dir/echo || test -f $dir/echo$ac_exeext) && + test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' && + echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + echo="$dir/echo" + break + fi + done + IFS="$lt_save_ifs" + + if test "X$echo" = Xecho; then + # We didn't find a better echo, so look for alternatives. + if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' && + echo_testing_string=`(print -r "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + # This shell has a builtin print -r that does the trick. + echo='print -r' + elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) && + test "X$CONFIG_SHELL" != X/bin/ksh; then + # If we have ksh, try running configure again with it. + ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh} + export ORIGINAL_CONFIG_SHELL + CONFIG_SHELL=/bin/ksh + export CONFIG_SHELL + exec $CONFIG_SHELL "$0" --no-reexec ${1+"$@"} + else + # Try using printf. + echo='printf %s\n' + if test "X`($echo '\t') 2>/dev/null`" = 'X\t' && + echo_testing_string=`($echo "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + # Cool, printf works + : + elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && + test "X$echo_testing_string" = 'X\t' && + echo_testing_string=`($ORIGINAL_CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL + export CONFIG_SHELL + SHELL="$CONFIG_SHELL" + export SHELL + echo="$CONFIG_SHELL $0 --fallback-echo" + elif echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo '\t') 2>/dev/null` && + test "X$echo_testing_string" = 'X\t' && + echo_testing_string=`($CONFIG_SHELL "$0" --fallback-echo "$echo_test_string") 2>/dev/null` && + test "X$echo_testing_string" = "X$echo_test_string"; then + echo="$CONFIG_SHELL $0 --fallback-echo" + else + # maybe with a smaller string... + prev=: + + for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do + if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null + then + break + fi + prev="$cmd" + done + + if test "$prev" != 'sed 50q "$0"'; then + echo_test_string=`eval $prev` + export echo_test_string + exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "$0" ${1+"$@"} + else + # Oops. We lost completely, so just stick with echo. + echo=echo + fi + fi + fi + fi +fi +fi + +# Copy echo and quote the copy suitably for passing to libtool from +# the Makefile, instead of quoting the original, which is used later. +ECHO=$echo +if test "X$ECHO" = "X$CONFIG_SHELL $0 --fallback-echo"; then + ECHO="$CONFIG_SHELL \\\$\$0 --fallback-echo" +fi + + + + +tagnames=${tagnames+${tagnames},}CXX + +tagnames=${tagnames+${tagnames},}F77 + # Name of the host. # hostname on some systems (SVR3.2, Linux) returns a bogus exit status, # so uname gets run too. @@ -267,10 +421,10 @@ : ${ac_max_here_lines=38} # Identity of this package. -PACKAGE_NAME='dsgw' -PACKAGE_TARNAME='dsgw' -PACKAGE_VERSION='1.1' -PACKAGE_STRING='dsgw 1.1' +PACKAGE_NAME='dirsrv-gw' +PACKAGE_TARNAME='dirsrv-gw' +PACKAGE_VERSION='1.1.0' +PACKAGE_STRING='dirsrv-gw 1.1.0' PACKAGE_BUGREPORT='http://bugzilla.redhat.com/' ac_unique_file="dsgwutil.c" @@ -311,7 +465,8 @@ # include #endif" -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE CPP EGREP LIBOBJS POW_LIB HTTPD PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nss_inc nss_lib ldapsdk_inc ldapsdk_lib adminutil_inc adminutil_lib adminutil_ver icu_lib icu_inc icu_bin cgibindir cgiuri propertydir htmldir pbhtmldir configdir pbconfigdir con! textdir securitydir cookiedir httpdconf NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' +ac_default_prefix=/opt/dirsrv +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP! P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri propertydir htmldir pbhtmldir configdir pbconfigdir contextdir securitydir cookiedir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' ac_subst_files='' [...18983 lines suppressed...] + + ac_config_files="$ac_config_files Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -7043,6 +22752,13 @@ LTLIBOBJS=$ac_ltlibobjs +if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"MAINTAINER_MODE\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then { { echo "$as_me:$LINENO: error: conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." >&5 @@ -7050,6 +22766,13 @@ Usually this means the macro was only invoked conditionally." >&2;} { (exit 1); exit 1; }; } fi +if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCXX\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"am__fastdepCXX\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." >&5 @@ -7057,6 +22780,34 @@ Usually this means the macro was only invoked conditionally." >&2;} { (exit 1); exit 1; }; } fi +if test -z "${BUNDLE_TRUE}" && test -z "${BUNDLE_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"BUNDLE\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"BUNDLE\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi +if test -z "${CXXLINK_REQUIRED_TRUE}" && test -z "${CXXLINK_REQUIRED_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"CXXLINK_REQUIRED\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"CXXLINK_REQUIRED\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi +if test -z "${HPUX_TRUE}" && test -z "${HPUX_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"HPUX\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"HPUX\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi +if test -z "${SOLARIS_TRUE}" && test -z "${SOLARIS_FALSE}"; then + { { echo "$as_me:$LINENO: error: conditional \"SOLARIS\" was never defined. +Usually this means the macro was only invoked conditionally." >&5 +echo "$as_me: error: conditional \"SOLARIS\" was never defined. +Usually this means the macro was only invoked conditionally." >&2;} + { (exit 1); exit 1; }; } +fi if test -z "${NEED_LDIF_TRUE}" && test -z "${NEED_LDIF_FALSE}"; then { { echo "$as_me:$LINENO: error: conditional \"NEED_LDIF\" was never defined. Usually this means the macro was only invoked conditionally." >&5 @@ -7342,7 +23093,7 @@ } >&5 cat >&5 <<_CSEOF -This file was extended by dsgw $as_me 1.1, which was +This file was extended by dirsrv-gw $as_me 1.1.0, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -7405,7 +23156,7 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -dsgw config.status 1.1 +dirsrv-gw config.status 1.1.0 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" @@ -7516,10 +23267,8 @@ case "$ac_config_target" in # Handling of arguments. "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; - "setup" ) CONFIG_FILES="$CONFIG_FILES setup" ;; - "dsgw-httpd.conf" ) CONFIG_FILES="$CONFIG_FILES dsgw-httpd.conf" ;; "depfiles" ) CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; - "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h:config-h.in" ;; + "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} { (exit 1); exit 1; }; };; @@ -7627,11 +23376,22 @@ s, at AMTAR@,$AMTAR,;t t s, at am__tar@,$am__tar,;t t s, at am__untar@,$am__untar,;t t -s, at CC@,$CC,;t t -s, at CFLAGS@,$CFLAGS,;t t +s, at MAINTAINER_MODE_TRUE@,$MAINTAINER_MODE_TRUE,;t t +s, at MAINTAINER_MODE_FALSE@,$MAINTAINER_MODE_FALSE,;t t +s, at MAINT@,$MAINT,;t t +s, at build@,$build,;t t +s, at build_cpu@,$build_cpu,;t t +s, at build_vendor@,$build_vendor,;t t +s, at build_os@,$build_os,;t t +s, at host@,$host,;t t +s, at host_cpu@,$host_cpu,;t t +s, at host_vendor@,$host_vendor,;t t +s, at host_os@,$host_os,;t t +s, at CXX@,$CXX,;t t +s, at CXXFLAGS@,$CXXFLAGS,;t t s, at LDFLAGS@,$LDFLAGS,;t t s, at CPPFLAGS@,$CPPFLAGS,;t t -s, at ac_ct_CC@,$ac_ct_CC,;t t +s, at ac_ct_CXX@,$ac_ct_CXX,;t t s, at EXEEXT@,$EXEEXT,;t t s, at OBJEXT@,$OBJEXT,;t t s, at DEPDIR@,$DEPDIR,;t t @@ -7640,26 +23400,65 @@ s, at AMDEP_TRUE@,$AMDEP_TRUE,;t t s, at AMDEP_FALSE@,$AMDEP_FALSE,;t t s, at AMDEPBACKSLASH@,$AMDEPBACKSLASH,;t t +s, at CXXDEPMODE@,$CXXDEPMODE,;t t +s, at am__fastdepCXX_TRUE@,$am__fastdepCXX_TRUE,;t t +s, at am__fastdepCXX_FALSE@,$am__fastdepCXX_FALSE,;t t +s, at CC@,$CC,;t t +s, at CFLAGS@,$CFLAGS,;t t +s, at ac_ct_CC@,$ac_ct_CC,;t t s, at CCDEPMODE@,$CCDEPMODE,;t t s, at am__fastdepCC_TRUE@,$am__fastdepCC_TRUE,;t t s, at am__fastdepCC_FALSE@,$am__fastdepCC_FALSE,;t t -s, at CPP@,$CPP,;t t +s, at SED@,$SED,;t t s, at EGREP@,$EGREP,;t t +s, at LN_S@,$LN_S,;t t +s, at ECHO@,$ECHO,;t t +s, at AR@,$AR,;t t +s, at ac_ct_AR@,$ac_ct_AR,;t t +s, at RANLIB@,$RANLIB,;t t +s, at ac_ct_RANLIB@,$ac_ct_RANLIB,;t t +s, at CPP@,$CPP,;t t +s, at CXXCPP@,$CXXCPP,;t t +s, at F77@,$F77,;t t +s, at FFLAGS@,$FFLAGS,;t t +s, at ac_ct_F77@,$ac_ct_F77,;t t +s, at LIBTOOL@,$LIBTOOL,;t t s, at LIBOBJS@,$LIBOBJS,;t t s, at POW_LIB@,$POW_LIB,;t t -s, at HTTPD@,$HTTPD,;t t +s, at PACKAGE_BASE_NAME@,$PACKAGE_BASE_NAME,;t t +s, at instconfigdir@,$instconfigdir,;t t +s, at BUNDLE_TRUE@,$BUNDLE_TRUE,;t t +s, at BUNDLE_FALSE@,$BUNDLE_FALSE,;t t +s, at LIBSOCKET@,$LIBSOCKET,;t t +s, at LIBNSL@,$LIBNSL,;t t +s, at LIBCSTD@,$LIBCSTD,;t t +s, at LIBCRUN@,$LIBCRUN,;t t +s, at CXXLINK_REQUIRED_TRUE@,$CXXLINK_REQUIRED_TRUE,;t t +s, at CXXLINK_REQUIRED_FALSE@,$CXXLINK_REQUIRED_FALSE,;t t +s, at HPUX_TRUE@,$HPUX_TRUE,;t t +s, at HPUX_FALSE@,$HPUX_FALSE,;t t +s, at SOLARIS_TRUE@,$SOLARIS_TRUE,;t t +s, at SOLARIS_FALSE@,$SOLARIS_FALSE,;t t s, at PKG_CONFIG@,$PKG_CONFIG,;t t s, at ICU_CONFIG@,$ICU_CONFIG,;t t s, at nspr_inc@,$nspr_inc,;t t s, at nspr_lib@,$nspr_lib,;t t +s, at nspr_libdir@,$nspr_libdir,;t t s, at nss_inc@,$nss_inc,;t t s, at nss_lib@,$nss_lib,;t t +s, at nss_libdir@,$nss_libdir,;t t +s, at sasl_inc@,$sasl_inc,;t t +s, at sasl_lib@,$sasl_lib,;t t +s, at sasl_libdir@,$sasl_libdir,;t t s, at ldapsdk_inc@,$ldapsdk_inc,;t t s, at ldapsdk_lib@,$ldapsdk_lib,;t t +s, at ldapsdk_libdir@,$ldapsdk_libdir,;t t s, at adminutil_inc@,$adminutil_inc,;t t s, at adminutil_lib@,$adminutil_lib,;t t +s, at adminutil_libdir@,$adminutil_libdir,;t t s, at adminutil_ver@,$adminutil_ver,;t t s, at icu_lib@,$icu_lib,;t t +s, at icu_libdir@,$icu_libdir,;t t s, at icu_inc@,$icu_inc,;t t s, at icu_bin@,$icu_bin,;t t s, at cgibindir@,$cgibindir,;t t @@ -7672,7 +23471,6 @@ s, at contextdir@,$contextdir,;t t s, at securitydir@,$securitydir,;t t s, at cookiedir@,$cookiedir,;t t -s, at httpdconf@,$httpdconf,;t t s, at NEED_LDIF_TRUE@,$NEED_LDIF_TRUE,;t t s, at NEED_LDIF_FALSE@,$NEED_LDIF_FALSE,;t t s, at WINNT_TRUE@,$WINNT_TRUE,;t t Index: configure.ac =================================================================== RCS file: /cvs/dirsec/dsgw/configure.ac,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- configure.ac 2 Jun 2006 22:57:17 -0000 1.2 +++ configure.ac 10 Jan 2008 01:19:36 -0000 1.3 @@ -21,33 +21,22 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) - -AC_INIT([dsgw], [1.1], [http://bugzilla.redhat.com/]) - -AC_CONFIG_HEADERS([config.h:config-h.in]) - -# this is a file that must be in the source dir +AC_INIT([dirsrv-gw], [1.1.0], [http://bugzilla.redhat.com/]) AC_CONFIG_SRCDIR([dsgwutil.c]) +AM_INIT_AUTOMAKE([1.9 foreign subdir-objects]) +AM_MAINTAINER_MODE +AC_CANONICAL_HOST -AM_INIT_AUTOMAKE([1.9 foreign]) +AC_CONFIG_HEADER([config.h]) # Checks for programs. +AC_PROG_CXX AC_PROG_CC -AC_PROG_INSTALL +AM_PROG_CC_C_O -# Checks for libraries. -# FIXME: Replace `main' with a function in `-lc': -AC_CHECK_LIB([c], [main]) -# FIXME: Replace `main' with a function in `-lcrypt': -AC_CHECK_LIB([crypt], [main]) -# FIXME: Replace `main' with a function in `-lcxx': -AC_CHECK_LIB([cxx], [main]) -# FIXME: Replace `main' with a function in `-lm': -AC_CHECK_LIB([m], [main]) -# FIXME: Replace `main' with a function in `-lpthread': -AC_CHECK_LIB([pthread], [main]) -# FIXME: Replace `main' with a function in `-lw': -AC_CHECK_LIB([w], [main]) +# disable static libs by default - we only use a couple +AC_DISABLE_STATIC +AC_PROG_LIBTOOL # Checks for header files. AC_HEADER_STDC @@ -70,27 +59,232 @@ AC_FUNC_VPRINTF AC_CHECK_FUNCS([ftruncate getcwd isascii localtime_r memmove memset select strcasecmp strchr strdup strerror strncasecmp strpbrk strrchr strstr strtoul]) -# Check for web server -m4_include(m4/httpd.m4) +PACKAGE_BASE_NAME=`echo $PACKAGE_NAME | sed -e s/-gw//` +AC_SUBST(PACKAGE_BASE_NAME) + +# the default prefix - override with --prefix or --with-fhs or --with-fhs-opt +# unfortunately, this must be a literal - it should be $PACKAGE_BASE_NAME +AC_PREFIX_DEFAULT([/opt/dirsrv]) + +brand=fedora +capbrand=Fedora +vendor="Fedora Project" + +# check for --with-instconfigdir +AC_MSG_CHECKING(for --with-instconfigdir) +AC_ARG_WITH(instconfigdir, + AS_HELP_STRING([--with-instconfigdir=/path], + [Base directory for configuration directories (default $sysconfdir/$PACKAGE_BASE_NAME)]), +[ + if test $withval = yes ; then + AC_ERROR([Please specify a full path with --with-instconfigdir]) + fi + instconfigdir="$withval" + AC_MSG_RESULT(yes) +], +[ + dnl this value is expanded out in Makefile.am + instconfigdir='$(sysconfdir)/$(PACKAGE_BASE_NAME)' + AC_MSG_RESULT(no) +]) +AC_SUBST(instconfigdir) + +AC_MSG_CHECKING(for --enable-debug) +AC_ARG_ENABLE(debug, AS_HELP_STRING([--enable-debug], [Enable debug features (default: no)]), +[ + AC_MSG_RESULT(yes) + AC_DEFINE([DSGW_DEBUG], [1], [Enable extra DSGW debugging code]) +], +[ + AC_MSG_RESULT(no) +]) + +# Used for legacy style packaging where we bundle all of the dependencies. +AC_MSG_CHECKING(for --enable-bundle) +AC_ARG_ENABLE(bundle, AS_HELP_STRING([--enable-bundle], [Enable bundled dependencies (default: no)]), +[ + AC_MSG_RESULT(yes) + bundle="1"; +], +[ + AC_MSG_RESULT(no) + bundle=""; +]) +AM_CONDITIONAL(BUNDLE,test "$bundle" = "1") + +# libtool automatically adds --rpath $libdir to each executable, and +# there is apparently no standard way to disable this. Also, you cannot +# override rpath with LD_LIBRARY_PATH, so this causes problems if you have +# and old version of nss/nspr installed in the system $libdir, but you +# want to use a different one. So we're disabling this rpath thing by +# default and adding a --enable-rpath flag if you really, really want +# to do this. +AC_MSG_CHECKING(for --enable-rpath) +AC_ARG_ENABLE(rpath, AS_HELP_STRING([--enable-rpath], [Allow libtool to add an rpath to $libdir (default: no)])) + +m4_include(m4/fhs.m4) + +CXXLINK_REQUIRED=0 +case $host in + *-*-linux*) + AC_DEFINE([XP_UNIX], [1], [UNIX]) + AC_DEFINE([Linux], [1], [Linux]) + AC_DEFINE([LINUX], [1], [Linux]) + platform="linux" + ;; + ia64-hp-hpux*) + AC_DEFINE([XP_UNIX], [1], [UNIX]) + AC_DEFINE([hpux], [1], [HP-UX]) + AC_DEFINE([HPUX], [1], [HP-UX]) + AC_DEFINE([HPUX11], [1], [HP-UX 11]) + AC_DEFINE([HPUX11_23], [1], [HP-UX 11.23]) + AC_DEFINE([CPU_ia64], [], [cpu type ia64]) + AC_DEFINE([OS_hpux], [1], [OS HP-UX]) + AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision]) + AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace]) + CXXLINK_REQUIRED=1 + platform="hpux" + ;; + hppa*-hp-hpux*) + AC_DEFINE([XP_UNIX], [1], [UNIX]) + AC_DEFINE([hpux], [1], [HP-UX]) + AC_DEFINE([HPUX], [1], [HP-UX]) + AC_DEFINE([HPUX11], [1], [HP-UX 11]) + AC_DEFINE([HPUX11_11], [1], [HP-UX 11.11]) + AC_DEFINE([CPU_hppa], [], [cpu type pa-risc]) + AC_DEFINE([OS_hpux], [1], [OS HP-UX]) + AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision]) + AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace]) + CXXLINK_REQUIRED=1 + platform="hpux" + ;; + sparc-sun-solaris*) + AC_DEFINE([XP_UNIX], [1], [UNIX]) + AC_DEFINE([SVR4], [1], [SVR4]) + AC_DEFINE([__svr4], [1], [SVR4]) + AC_DEFINE([__svr4__], [1], [SVR4]) + AC_DEFINE([_SVID_GETTOD], [1], [SVID_GETTOD]) + AC_DEFINE([CPU_sparc], [], [cpu type sparc]) + AC_DEFINE([OS_solaris], [1], [OS SOLARIS]) + AC_DEFINE([sunos5], [1], [SunOS5]) + AC_DEFINE([OSVERSION], [509], [OS version]) + AC_DEFINE([_REENTRANT], [1], [_REENTRANT]) +dnl socket nsl and dl are required to link several programs + LIBSOCKET=-lsocket + AC_SUBST([LIBSOCKET], [$LIBSOCKET]) + LIBNSL=-lnsl + AC_SUBST([LIBNSL], [$LIBNSL]) +dnl Cstd and Crun are required to link any C++ related code (ICU) + LIBCSTD=-lCstd + AC_SUBST([LIBCSTD], [$LIBCSTD]) + LIBCRUN=-lCrun + AC_SUBST([LIBCRUN], [$LIBCRUN]) + CXXLINK_REQUIRED=1 + platform="solaris" + ;; + *) +esac +AM_CONDITIONAL([CXXLINK_REQUIRED], test "$CXXLINK_REQUIRED" = 1) +AM_CONDITIONAL([HPUX],test "$platform" = "hpux") +AM_CONDITIONAL([SOLARIS],test "$platform" = "solaris") + +# installation paths - by default, configure will just +# use /usr as the prefix for everything, which means +# /usr/etc and /usr/var. FHS sez to use /etc and /var. +# The with-fhs-opt option will use the +# prefix, but it's sysconfdir and localstatedir will be +# /etc/opt, and /var/opt. +if test "$with_fhs_opt" = "yes"; then + # Override sysconfdir and localstatedir if FHS optional + # package was requested. + sysconfdir='/etc/opt' + localstatedir='/var/opt' +elif test "$with_fhs" = "yes"; then + ac_default_prefix=/usr + prefix=$ac_default_prefix + exec_prefix=$prefix + dnl as opposed to the default /usr/etc + sysconfdir='/etc' + dnl as opposed to the default /usr/var + localstatedir='/var' +fi + +# default is to install with admin server +with_adminserver=yes +AC_ARG_WITH(adminserver, AS_HELP_STRING([--with-adminserver], [Install DSGW with Admin Server - default is yes])) + +if test "$with_adminserver" != yes ; then + # relative to datadir + htmldir=/$PACKAGE_NAME/html + pbhtmldir=/$PACKAGE_NAME/pbhtml + configdir=/$PACKAGE_NAME/config + pbconfigdir=/$PACKAGE_NAME/pbconfig + manualuri=/$PACKAGE_NAME/manual + propertydir=/$PACKAGE_NAME/properties + # relative to libdir + cgibindir=/$PACKAGE_NAME/cgi-bin + # location of property/resource files, relative to datadir + cgiuri=/cgi-bin +elif test "$with_fhs_opt" = "yes"; then + # relative to datadir + htmldir=/dsgw/html + pbhtmldir=/dsgw/pbhtml + configdir=/dsgw/config + pbconfigdir=/dsgw/pbconfig + manualuri=/dsgw/manual + propertydir=/properties/dsgw + # same as server's cgibindir + cgibindir=/cgi-bin + cgiuri=/cgi-bin +else + # relative to datadir + htmldir=/$PACKAGE_BASE_NAME/dsgw/html + pbhtmldir=/$PACKAGE_BASE_NAME/dsgw/pbhtml + configdir=/$PACKAGE_BASE_NAME/dsgw/config + pbconfigdir=/$PACKAGE_BASE_NAME/dsgw/pbconfig + manualuri=/$PACKAGE_BASE_NAME/dsgw/manual + propertydir=/$PACKAGE_BASE_NAME/properties/dsgw + # relative to libdir + # CGI program directory + cgibindir=/$PACKAGE_BASE_NAME/cgi-bin + # location of property/resource files, relative to datadir + cgiuri=/cgi-bin +fi + +# relative to instconfigdir +contextdir=/dsgw +securitydir=/dsgw +# relative to $localstatedir +cookiedir=/run/$PACKAGE_BASE_NAME/dsgw/cookies # Check for library dependencies m4_include(m4/nspr.m4) m4_include(m4/nss.m4) +m4_include(m4/sasl.m4) m4_include(m4/mozldap.m4) m4_include(m4/icu.m4) m4_include(m4/adminutil.m4) # write out paths for binary components +AC_SUBST(PACKAGE_NAME) AC_SUBST(nspr_inc) AC_SUBST(nspr_lib) +AC_SUBST(nspr_libdir) AC_SUBST(nss_inc) AC_SUBST(nss_lib) +AC_SUBST(nss_libdir) +AC_SUBST(sasl_inc) +AC_SUBST(sasl_lib) +AC_SUBST(sasl_libdir) AC_SUBST(ldapsdk_inc) AC_SUBST(ldapsdk_lib) +AC_SUBST(ldapsdk_libdir) AC_SUBST(adminutil_inc) AC_SUBST(adminutil_lib) +AC_SUBST(adminutil_libdir) AC_SUBST(adminutil_ver) AC_SUBST(icu_lib) +AC_SUBST(icu_libdir) AC_SUBST(icu_inc) AC_SUBST(icu_bin) @@ -105,7 +299,6 @@ AC_SUBST(contextdir) AC_SUBST(securitydir) AC_SUBST(cookiedir) -AC_SUBST(httpdconf) # need a check here to see if the ldif functions are exported from libldap # for now, just assume they are not @@ -114,5 +307,37 @@ # cygnus, mingw, or the like and using cmd.exe as the shell AM_CONDITIONAL([WINNT], false) -AC_CONFIG_FILES([Makefile setup dsgw-httpd.conf]) +# libtool on fedora/rhel contains some gcc-isms which cause problems +# if not using gcc (e.g. Forte on Solaris, aCC on HP-UX) +# we remove them here +if test "$GCC" != yes ; then + AC_MSG_NOTICE([Not using gcc - fixing libtool to remove gcc-isms . . .]) + cp -p libtool libtool.orig + cp -p libtool libtool.tmp + # dnl note the special chars @<:@ and @:>@ - since m4 treats [ and ] specially, + # we have to use the quadrigraph @<:@ for [ and @:>@ for ] - and you thought + # perl produced write-only code . . . + sed -e '/^gcc_dir/ d' \ + -e '/^gcc_ver/ d' \ + -e 's/^predep_objects=.*echo \("@<:@^"@:>@*"\).*$/predep_objects=\1/' \ + -e 's/^postdep_objects=.*echo \("@<:@^"@:>@*"\).*$/postdep_objects=\1/' \ + -e 's/^compiler_lib_search_path=.*echo \("@<:@^"@:>@*"\).*$/compiler_lib_search_path=\1/' \ + -e 's/^sys_lib_search_path_spec=.*echo \("@<:@^"@:>@*"\).*$/sys_lib_search_path_spec=\1/' \ + libtool > libtool.tmp + cp -p libtool.tmp libtool + rm -f libtool.tmp +fi + +if test "$enable_rpath" != "yes" ; then + AC_MSG_NOTICE([Fixing libtool to remove automatic rpath to $libdir . . .]) + cp -p libtool libtool.orig + cp -p libtool libtool.tmp + sed -e '/^runpath_var/ d' \ + -e '/^hardcode_libdir_flag_spec/ d' \ + libtool > libtool.tmp + cp -p libtool.tmp libtool + rm -f libtool.tmp +fi + +AC_CONFIG_FILES([Makefile]) AC_OUTPUT Index: dsgw.h =================================================================== RCS file: /cvs/dirsec/dsgw/dsgw.h,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- dsgw.h 1 Jun 2006 19:43:38 -0000 1.1.1.1 +++ dsgw.h 10 Jan 2008 01:19:36 -0000 1.2 @@ -104,27 +104,15 @@ * XXX the next group of #defines assume that HTTP server has cd'd to * our CGI dir. */ -#define SERVER_ROOT_PATH "../../.." -#define DSGW_CONFIGDIR_HTTP "../config/" -#define DSGW_CONFIGDIR_ADMSERV "../config/" -/*#define DSGW_CONFIGDIR_ADMSERV SERVER_ROOT_PATH "/admin-serv/config/"*/ -#define DSGW_DBSWITCH_FILE "dbswitch.conf" -#define DSGW_DBSWITCH_TMPFILE "dbswitch.tmp" -#define DSGW_TMPLDIR_HTTP "../config/" -#define DSGW_TMPLDIR_ADMSERV "../html/" -#define DSGW_DOCDIR_HTTP "../html" -#define DSGW_CONTEXTDIR_HTTP "../context/" -#define DSGW_HTMLDIR "../html" -#define DSGW_MANROOT SERVER_ROOT_PATH "/manual/" +#define DSGW_CONFIGDIR_HTTP CONFIGDIR +#define DSGW_TMPLDIR_HTTP CONFIGDIR +#define DSGW_TMPLDIR_ADMSERV HTMLDIR +#define DSGW_DOCDIR_HTTP HTMLDIR +#define DSGW_CONTEXTDIR_HTTP CONTEXTDIR +#define DSGW_HTMLDIR HTMLDIR +#define DSGW_MANROOT MANUALDIR #define DSGW_MANUALSHORTCUT ".MANUAL" #define DSGW_MANUALSHORTCUT_LEN 7 -#define DSGW_ADMSERV_BINDIR "/admin-serv/bin/" -#define DSGW_USER_ADM_BINDIR "/user-environment/bin/" -#define DSGW_LCACHECONF_PPATH "ldap/config/" /* partial path from /userdb */ -#define DSGW_LCACHECONF_FILE "lcache.conf" -#define DSGW_TOOLSDIR "/ldap/tools" -#define DSGW_LDAPSEARCH "ldapsearch" -#define DSGW_LDAPMODIFY "ldapmodify" #define DSGW_SEARCHPREFSFILE "dsgwsearchprefs.conf" #define DSGW_FILTERFILE "dsgwfilter.conf" @@ -277,10 +265,7 @@ /* URL prefixes specific to our gateway */ #define DSGW_URLPREFIX_MAIN_HTTP "lang?file=" -#define DSGW_URLPREFIX_MAIN_ADMSERV "" -/*#define DSGW_URLPREFIX_CGI_HTTP "../bin/"*/ #define DSGW_URLPREFIX_CGI_HTTP "" -#define DSGW_URLPREFIX_CGI_ADMSERV "" #define DSGW_URLPREFIX_BIN "/clients/dsgw/bin/" #define DSGW_URLPREFIX_MAIN DSGW_URLPREFIX_MAIN_HTTP @@ -402,7 +387,7 @@ #define DSGW_UNAUTHSTR "[unauthenticated]" /* Name of cookie database - context will be appended to "cookies" for multiple GW's*/ -#define DSGW_COOKIEDB_FNAME SERVER_ROOT_PATH "/bin/slapd/authck/cookies" +#define DSGW_COOKIEDB_FNAME COOKIEDIR "/cookies" /* Default lifetime of authentication cookies (in seconds) */ #define DSGW_DEF_AUTH_LIFETIME ( 60 * 60 ) /* one hour */ Index: dsgwgetlang.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwgetlang.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- dsgwgetlang.c 1 Jun 2006 19:43:40 -0000 1.1.1.1 +++ dsgwgetlang.c 10 Jan 2008 01:19:36 -0000 1.2 @@ -318,12 +318,33 @@ return -1; } +/* + Note: This reuses a single static buffer to avoid memory leakage. + If the caller needs an actual unique copy, then we have two options + 1) revert the code to just leak the string - probably ok as this is + CGI code not long running server code + 2) have the caller free the pointer after use +*/ PR_IMPLEMENT( char * ) XP_GetClientStr(int key) { + static char staticbuf[256]; + static char *resstring = staticbuf; + static size_t bufsize = sizeof(staticbuf); + int rc = 0; char keybuf[256]; + PR_snprintf(keybuf, sizeof(keybuf), "%s%d", database_name, key); - return (char *)res_getstring(i18nResource, keybuf, GetClientLanguage()); + + resstring = res_getstring(i18nResource, keybuf, GetClientLanguage(), + resstring, bufsize, &rc); + if (rc == 1) { /* need more room */ + /* NULL means res_getstring will calculate and return needed memory */ + resstring = res_getstring(i18nResource, keybuf, GetClientLanguage(), + NULL, bufsize, &rc); + bufsize = strlen(resstring); + } + return resstring; } PR_IMPLEMENT( void ) Index: dsgwutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- dsgwutil.c 1 Jun 2006 19:43:44 -0000 1.1.1.1 +++ dsgwutil.c 10 Jan 2008 01:19:36 -0000 1.2 @@ -853,19 +853,6 @@ surl = ""; } - /*if ( gc->gc_admserv ) { - * - * include "/admin-serv/" or "/user-environment/" if appropriate - * - * if ( gc->gc_enduser ) { - * extpath = DSGW_USER_ADM_BINDIR; - * } else { - * extpath = DSGW_ADMSERV_BINDIR; - * } - * } else { - * extpath = ""; - * } - */ vpmap[ cginum ] = dsgw_ch_malloc( strlen( gc->gc_urlpfxcgi ) + strlen( surl ) /*+ strlen( extpath ) */ + strlen( cginame ) + 2 ); From fedora-directory-commits at redhat.com Thu Jan 10 16:48:40 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 11:48:40 -0500 Subject: [Fedora-directory-commits] adminserver/pkg fedora-ds-admin.spec, 1.2, 1.3 Message-ID: <200801101648.m0AGmfe6020562@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/pkg In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20492/adminserver/pkg Modified Files: fedora-ds-admin.spec Log Message: Resolves: bug 249548 Description: Review Request: fedora-ds-admin - Administration server used by Fedora Directory Server Fix Description: packaging, spec, and initscript fixes for package review Index: fedora-ds-admin.spec =================================================================== RCS file: /cvs/dirsec/adminserver/pkg/fedora-ds-admin.spec,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- fedora-ds-admin.spec 12 Dec 2007 01:26:27 -0000 1.2 +++ fedora-ds-admin.spec 10 Jan 2008 16:48:38 -0000 1.3 @@ -3,7 +3,7 @@ Summary: Fedora Administration Server (admin) Name: fedora-ds-admin -Version: 1.1.1 +Version: 1.1.2 Release: 1%{?dist} License: GPLv2 URL: http://directory.fedoraproject.org/ @@ -96,12 +96,15 @@ %config(noreplace)%{_sysconfdir}/%{pkgname}/admin-serv/*.conf %{_datadir}/%{pkgname} %{_initrddir}/%{pkgname}-admin -%{_sysconfdir}/sysconfig/%{pkgname}-admin +%config(noreplace)%{_sysconfdir}/sysconfig/%{pkgname}-admin %{_sbindir}/* %{_libdir}/*.so.* %{_libdir}/%{pkgname} %changelog +* Wed Jan 9 2008 Rich Megginson - 1.1.2-1 +- Fix issues associated with Fedora pkg review bug 249548 + * Tue Dec 11 2007 Rich Megginson - 1.1.1-1 - this is the final GA candidate From fedora-directory-commits at redhat.com Thu Jan 10 16:48:40 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 11:48:40 -0500 Subject: [Fedora-directory-commits] adminserver Makefile.am, 1.38, 1.39 configure.ac, 1.24, 1.25 aclocal.m4, 1.38, 1.39 configure, 1.42, 1.43 missing, 1.28, 1.29 install-sh, 1.28, 1.29 Makefile.in, 1.45, 1.46 depcomp, 1.28, 1.29 config.sub, 1.28, 1.29 config.guess, 1.28, 1.29 compile, 1.27, 1.28 Message-ID: <200801101648.m0AGmeYr020551@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20492/adminserver Modified Files: Makefile.am configure.ac aclocal.m4 configure missing install-sh Makefile.in depcomp config.sub config.guess compile Log Message: Resolves: bug 249548 Description: Review Request: fedora-ds-admin - Administration server used by Fedora Directory Server Fix Description: packaging, spec, and initscript fixes for package review Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.am,v retrieving revision 1.38 retrieving revision 1.39 diff -u -r1.38 -r1.39 --- Makefile.am 17 Dec 2007 20:10:04 -0000 1.38 +++ Makefile.am 10 Jan 2008 16:48:38 -0000 1.39 @@ -147,7 +147,7 @@ init_SCRIPTS = wrappers/$(PACKAGE_NAME) -initconfig_SCRIPTS = admserv/cfgstuff/$(PACKAGE_NAME) +initconfig_DATA = admserv/cfgstuff/$(PACKAGE_NAME) ldif_DATA = admserv/schema/ldif/00nsroot_backend.ldif.tmpl \ admserv/schema/ldif/01nsroot.ldif.tmpl \ @@ -198,7 +198,7 @@ admserv/newinst/src/migrate-ds-admin.pl \ admserv/newinst/src/register-ds-admin.pl -perl_SCRIPTS = admserv/newinst/src/ASDialogs.pm \ +perl_DATA = admserv/newinst/src/ASDialogs.pm \ admserv/newinst/src/AdminUtil.pm \ admserv/newinst/src/AdminServer.pm \ admserv/newinst/src/ConfigDSDialogs.pm \ Index: configure.ac =================================================================== RCS file: /cvs/dirsec/adminserver/configure.ac,v retrieving revision 1.24 retrieving revision 1.25 diff -u -r1.24 -r1.25 --- configure.ac 18 Dec 2007 19:55:22 -0000 1.24 +++ configure.ac 10 Jan 2008 16:48:38 -0000 1.25 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT([dirsrv-admin], [1.1.1], [http://bugzilla.redhat.com/]) +AC_INIT([dirsrv-admin], [1.1.2], [http://bugzilla.redhat.com/]) AC_CONFIG_SRCDIR([admserv/cgi-src40/viewlog.c]) AM_INIT_AUTOMAKE([1.9 foreign subdir-objects]) AM_MAINTAINER_MODE Index: configure =================================================================== RCS file: /cvs/dirsec/adminserver/configure,v retrieving revision 1.42 retrieving revision 1.43 diff -u -r1.42 -r1.43 --- configure 18 Dec 2007 19:55:22 -0000 1.42 +++ configure 10 Jan 2008 16:48:38 -0000 1.43 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for dirsrv-admin 1.1.1. +# Generated by GNU Autoconf 2.59 for dirsrv-admin 1.1.2. # # Report bugs to . # @@ -423,8 +423,8 @@ # Identity of this package. PACKAGE_NAME='dirsrv-admin' PACKAGE_TARNAME='dirsrv-admin' -PACKAGE_VERSION='1.1.1' -PACKAGE_STRING='dirsrv-admin 1.1.1' +PACKAGE_VERSION='1.1.2' +PACKAGE_STRING='dirsrv-admin 1.1.2' PACKAGE_BUGREPORT='http://bugzilla.redhat.com/' ac_unique_file="admserv/cgi-src40/viewlog.c" @@ -957,7 +957,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dirsrv-admin 1.1.1 to adapt to many kinds of systems. +\`configure' configures dirsrv-admin 1.1.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1023,7 +1023,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dirsrv-admin 1.1.1:";; + short | recursive ) echo "Configuration of dirsrv-admin 1.1.2:";; esac cat <<\_ACEOF @@ -1202,7 +1202,7 @@ test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -dirsrv-admin configure 1.1.1 +dirsrv-admin configure 1.1.2 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -1216,7 +1216,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dirsrv-admin $as_me 1.1.1, which was +It was created by dirsrv-admin $as_me 1.1.2, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -1860,7 +1860,7 @@ # Define the identity of the package. PACKAGE='dirsrv-admin' - VERSION='1.1.1' + VERSION='1.1.2' cat >>confdefs.h <<_ACEOF @@ -25613,7 +25613,7 @@ } >&5 cat >&5 <<_CSEOF -This file was extended by dirsrv-admin $as_me 1.1.1, which was +This file was extended by dirsrv-admin $as_me 1.1.2, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -25676,7 +25676,7 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -dirsrv-admin config.status 1.1.1 +dirsrv-admin config.status 1.1.2 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.in,v retrieving revision 1.45 retrieving revision 1.46 diff -u -r1.45 -r1.46 --- Makefile.in 18 Dec 2007 19:55:23 -0000 1.45 +++ Makefile.in 10 Jan 2008 16:48:38 -0000 1.46 @@ -93,12 +93,12 @@ am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(cgibindir)" \ "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cmdbindir)" \ - "$(DESTDIR)$(initdir)" "$(DESTDIR)$(initconfigdir)" \ - "$(DESTDIR)$(cmdbindir)" "$(DESTDIR)$(perldir)" \ + "$(DESTDIR)$(initdir)" "$(DESTDIR)$(cmdbindir)" \ "$(DESTDIR)$(helpdir)" "$(DESTDIR)$(htmldir)" \ "$(DESTDIR)$(icondir)" "$(DESTDIR)$(infdir)" \ - "$(DESTDIR)$(ldifdir)" "$(DESTDIR)$(configdir)" \ - "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(propertydir)" + "$(DESTDIR)$(initconfigdir)" "$(DESTDIR)$(ldifdir)" \ + "$(DESTDIR)$(configdir)" "$(DESTDIR)$(propertydir)" \ + "$(DESTDIR)$(perldir)" "$(DESTDIR)$(propertydir)" libLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(lib_LTLIBRARIES) libds_admin_serv_la_LIBADD = @@ -202,11 +202,9 @@ cgibinSCRIPT_INSTALL = $(INSTALL_SCRIPT) cmdbinSCRIPT_INSTALL = $(INSTALL_SCRIPT) initSCRIPT_INSTALL = $(INSTALL_SCRIPT) -initconfigSCRIPT_INSTALL = $(INSTALL_SCRIPT) nodist_cmdbinSCRIPT_INSTALL = $(INSTALL_SCRIPT) -perlSCRIPT_INSTALL = $(INSTALL_SCRIPT) SCRIPTS = $(cgibin_SCRIPTS) $(cmdbin_SCRIPTS) $(init_SCRIPTS) \ - $(initconfig_SCRIPTS) $(nodist_cmdbin_SCRIPTS) $(perl_SCRIPTS) + $(nodist_cmdbin_SCRIPTS) DEFAULT_INCLUDES = -I. -I$(srcdir) -I. depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -258,13 +256,16 @@ dist_htmlDATA_INSTALL = $(INSTALL_DATA) dist_iconDATA_INSTALL = $(INSTALL_DATA) infDATA_INSTALL = $(INSTALL_DATA) +initconfigDATA_INSTALL = $(INSTALL_DATA) ldifDATA_INSTALL = $(INSTALL_DATA) nodist_configDATA_INSTALL = $(INSTALL_DATA) nodist_propertyDATA_INSTALL = $(INSTALL_DATA) +perlDATA_INSTALL = $(INSTALL_DATA) propertyDATA_INSTALL = $(INSTALL_DATA) DATA = $(dist_help_DATA) $(dist_html_DATA) $(dist_icon_DATA) \ - $(inf_DATA) $(ldif_DATA) $(nodist_config_DATA) \ - $(nodist_property_DATA) $(property_DATA) + $(inf_DATA) $(initconfig_DATA) $(ldif_DATA) \ + $(nodist_config_DATA) $(nodist_property_DATA) $(perl_DATA) \ + $(property_DATA) ETAGS = etags CTAGS = ctags DIST_SUBDIRS = mod_admserv mod_restartd @@ -542,7 +543,7 @@ @CXXLINK_REQUIRED_FALSE at MYLINK = $(LINK) @CXXLINK_REQUIRED_TRUE at MYLINK = $(CXXLINK) init_SCRIPTS = wrappers/$(PACKAGE_NAME) -initconfig_SCRIPTS = admserv/cfgstuff/$(PACKAGE_NAME) +initconfig_DATA = admserv/cfgstuff/$(PACKAGE_NAME) ldif_DATA = admserv/schema/ldif/00nsroot_backend.ldif.tmpl \ admserv/schema/ldif/01nsroot.ldif.tmpl \ admserv/schema/ldif/02globalpreferences.ldif.tmpl \ @@ -587,7 +588,7 @@ admserv/newinst/src/migrate-ds-admin.pl \ admserv/newinst/src/register-ds-admin.pl -perl_SCRIPTS = admserv/newinst/src/ASDialogs.pm \ +perl_DATA = admserv/newinst/src/ASDialogs.pm \ admserv/newinst/src/AdminUtil.pm \ admserv/newinst/src/AdminServer.pm \ admserv/newinst/src/ConfigDSDialogs.pm \ @@ -1290,25 +1291,6 @@ echo " rm -f '$(DESTDIR)$(initdir)/$$f'"; \ rm -f "$(DESTDIR)$(initdir)/$$f"; \ done -install-initconfigSCRIPTS: $(initconfig_SCRIPTS) - @$(NORMAL_INSTALL) - test -z "$(initconfigdir)" || $(mkdir_p) "$(DESTDIR)$(initconfigdir)" - @list='$(initconfig_SCRIPTS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(initconfigSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(initconfigdir)/$$f'"; \ - $(initconfigSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(initconfigdir)/$$f"; \ - else :; fi; \ - done - -uninstall-initconfigSCRIPTS: - @$(NORMAL_UNINSTALL) - @list='$(initconfig_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(initconfigdir)/$$f'"; \ - rm -f "$(DESTDIR)$(initconfigdir)/$$f"; \ - done install-nodist_cmdbinSCRIPTS: $(nodist_cmdbin_SCRIPTS) @$(NORMAL_INSTALL) test -z "$(cmdbindir)" || $(mkdir_p) "$(DESTDIR)$(cmdbindir)" @@ -1328,25 +1310,6 @@ echo " rm -f '$(DESTDIR)$(cmdbindir)/$$f'"; \ rm -f "$(DESTDIR)$(cmdbindir)/$$f"; \ done -install-perlSCRIPTS: $(perl_SCRIPTS) - @$(NORMAL_INSTALL) - test -z "$(perldir)" || $(mkdir_p) "$(DESTDIR)$(perldir)" - @list='$(perl_SCRIPTS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - if test -f $$d$$p; then \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " $(perlSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(perldir)/$$f'"; \ - $(perlSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(perldir)/$$f"; \ - else :; fi; \ - done - -uninstall-perlSCRIPTS: - @$(NORMAL_UNINSTALL) - @list='$(perl_SCRIPTS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ - echo " rm -f '$(DESTDIR)$(perldir)/$$f'"; \ - rm -f "$(DESTDIR)$(perldir)/$$f"; \ - done mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -1864,6 +1827,23 @@ echo " rm -f '$(DESTDIR)$(infdir)/$$f'"; \ rm -f "$(DESTDIR)$(infdir)/$$f"; \ done +install-initconfigDATA: $(initconfig_DATA) + @$(NORMAL_INSTALL) + test -z "$(initconfigdir)" || $(mkdir_p) "$(DESTDIR)$(initconfigdir)" + @list='$(initconfig_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(initconfigDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(initconfigdir)/$$f'"; \ + $(initconfigDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(initconfigdir)/$$f"; \ + done + +uninstall-initconfigDATA: + @$(NORMAL_UNINSTALL) + @list='$(initconfig_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(initconfigdir)/$$f'"; \ + rm -f "$(DESTDIR)$(initconfigdir)/$$f"; \ + done install-ldifDATA: $(ldif_DATA) @$(NORMAL_INSTALL) test -z "$(ldifdir)" || $(mkdir_p) "$(DESTDIR)$(ldifdir)" @@ -1915,6 +1895,23 @@ echo " rm -f '$(DESTDIR)$(propertydir)/$$f'"; \ rm -f "$(DESTDIR)$(propertydir)/$$f"; \ done +install-perlDATA: $(perl_DATA) + @$(NORMAL_INSTALL) + test -z "$(perldir)" || $(mkdir_p) "$(DESTDIR)$(perldir)" + @list='$(perl_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(perlDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(perldir)/$$f'"; \ + $(perlDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(perldir)/$$f"; \ + done + +uninstall-perlDATA: + @$(NORMAL_UNINSTALL) + @list='$(perl_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(perldir)/$$f'"; \ + rm -f "$(DESTDIR)$(perldir)/$$f"; \ + done install-propertyDATA: $(property_DATA) @$(NORMAL_INSTALL) test -z "$(propertydir)" || $(mkdir_p) "$(DESTDIR)$(propertydir)" @@ -2213,7 +2210,7 @@ $(DATA) config.h installdirs: installdirs-recursive installdirs-am: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cmdbindir)" "$(DESTDIR)$(initdir)" "$(DESTDIR)$(initconfigdir)" "$(DESTDIR)$(cmdbindir)" "$(DESTDIR)$(perldir)" "$(DESTDIR)$(helpdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(icondir)" "$(DESTDIR)$(infdir)" "$(DESTDIR)$(ldifdir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(propertydir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cmdbindir)" "$(DESTDIR)$(initdir)" "$(DESTDIR)$(cmdbindir)" "$(DESTDIR)$(helpdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(icondir)" "$(DESTDIR)$(infdir)" "$(DESTDIR)$(initconfigdir)" "$(DESTDIR)$(ldifdir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(propertydir)" "$(DESTDIR)$(perldir)" "$(DESTDIR)$(propertydir)"; do \ test -z "$$dir" || $(mkdir_p) "$$dir"; \ done install: install-recursive @@ -2278,9 +2275,9 @@ install-data-am: install-cgibinPROGRAMS install-cgibinSCRIPTS \ install-cmdbinSCRIPTS install-dist_helpDATA \ install-dist_htmlDATA install-dist_iconDATA install-infDATA \ - install-initSCRIPTS install-initconfigSCRIPTS install-ldifDATA \ + install-initSCRIPTS install-initconfigDATA install-ldifDATA \ install-nodist_cmdbinSCRIPTS install-nodist_configDATA \ - install-nodist_propertyDATA install-perlSCRIPTS \ + install-nodist_propertyDATA install-perlDATA \ install-propertyDATA @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook @@ -2317,10 +2314,10 @@ uninstall-cmdbinSCRIPTS uninstall-dist_helpDATA \ uninstall-dist_htmlDATA uninstall-dist_iconDATA \ uninstall-infDATA uninstall-info-am uninstall-initSCRIPTS \ - uninstall-initconfigSCRIPTS uninstall-ldifDATA \ + uninstall-initconfigDATA uninstall-ldifDATA \ uninstall-libLTLIBRARIES uninstall-nodist_cmdbinSCRIPTS \ uninstall-nodist_configDATA uninstall-nodist_propertyDATA \ - uninstall-perlSCRIPTS uninstall-propertyDATA + uninstall-perlDATA uninstall-propertyDATA uninstall-info: uninstall-info-recursive @@ -2337,10 +2334,10 @@ install-data-am install-data-hook install-dist_helpDATA \ install-dist_htmlDATA install-dist_iconDATA install-exec \ install-exec-am install-infDATA install-info install-info-am \ - install-initSCRIPTS install-initconfigSCRIPTS install-ldifDATA \ + install-initSCRIPTS install-initconfigDATA install-ldifDATA \ install-libLTLIBRARIES install-man \ install-nodist_cmdbinSCRIPTS install-nodist_configDATA \ - install-nodist_propertyDATA install-perlSCRIPTS \ + install-nodist_propertyDATA install-perlDATA \ install-propertyDATA install-strip installcheck \ installcheck-am installdirs installdirs-am maintainer-clean \ maintainer-clean-generic maintainer-clean-recursive \ @@ -2351,10 +2348,10 @@ uninstall-cmdbinSCRIPTS uninstall-dist_helpDATA \ uninstall-dist_htmlDATA uninstall-dist_iconDATA \ uninstall-infDATA uninstall-info-am uninstall-initSCRIPTS \ - uninstall-initconfigSCRIPTS uninstall-ldifDATA \ + uninstall-initconfigDATA uninstall-ldifDATA \ uninstall-libLTLIBRARIES uninstall-nodist_cmdbinSCRIPTS \ uninstall-nodist_configDATA uninstall-nodist_propertyDATA \ - uninstall-perlSCRIPTS uninstall-propertyDATA + uninstall-perlDATA uninstall-propertyDATA define NL \\n From fedora-directory-commits at redhat.com Thu Jan 10 16:48:41 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 11:48:41 -0500 Subject: [Fedora-directory-commits] adminserver/wrappers initscript.in, 1.4, 1.5 Message-ID: <200801101648.m0AGmfoG020568@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/wrappers In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20492/adminserver/wrappers Modified Files: initscript.in Log Message: Resolves: bug 249548 Description: Review Request: fedora-ds-admin - Administration server used by Fedora Directory Server Fix Description: packaging, spec, and initscript fixes for package review Index: initscript.in =================================================================== RCS file: /cvs/dirsec/adminserver/wrappers/initscript.in,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- initscript.in 8 Dec 2007 17:42:49 -0000 1.4 +++ initscript.in 10 Jan 2008 16:48:38 -0000 1.5 @@ -94,11 +94,14 @@ piddir="@localstatedir@/run/@PACKAGE_BASE_NAME@" # PID file pidfile=$piddir/admin-serv.pid +lockfile=/var/lock/subsys/@package_name@ [ -f $exec ] || exit 0 umask 077 +RETVAL=0 + # since we use the start script to start admin, we source the # init config file there, not here # if we ever get rid of the start script, we'll have to uncomment @@ -136,6 +139,7 @@ server_started=1 # well, perhaps not running, but started ok else failure; echo + RETVAL=1 fi fi if [ $server_started -eq 1 ] ; then @@ -156,8 +160,10 @@ else echo_n "*** Error: $prog failed to start" failure; echo + RETVAL=1 fi fi + [ $RETVAL -eq 0 -a -d /var/lock/subsys ] && touch $lockfile } stop() { @@ -176,6 +182,7 @@ server_stopped=1 else failure; echo + RETVAL=1 fi fi if [ $server_stopped -eq 1 ] ; then @@ -196,12 +203,14 @@ if test -f $pidfile ; then echo_n "*** Error: $prog failed to stop" failure; echo + RETVAL=1 else success; echo rm -f $pidfile fi fi fi + [ $RETVAL -eq 0 ] && rm -f $lockfile } restart() { From fedora-directory-commits at redhat.com Thu Jan 10 18:35:38 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 13:35:38 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/preferences FilePreferenceManager.java, 1.2, 1.3 Message-ID: <200801101835.m0AIZcKu005701@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/console/src/com/netscape/management/client/preferences In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5629/console/src/com/netscape/management/client/preferences Modified Files: FilePreferenceManager.java Log Message: Resolves: bug 428226 Description: Review Request: idm-console-framework: Core console package used by Fedora Directory Server and other IDM projects Fix Description: bump version to 1.1.1 Added LICENSE to %doc in spec file Fix some minor problems to allow compilation with the IcedTea Java Index: FilePreferenceManager.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/preferences/FilePreferenceManager.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- FilePreferenceManager.java 29 Nov 2005 18:37:01 -0000 1.2 +++ FilePreferenceManager.java 10 Jan 2008 18:35:36 -0000 1.3 @@ -20,8 +20,8 @@ package com.netscape.management.client.preferences; import java.util.*; -import java.io.*; -import netscape.ldap.*; +import java.io.File; +import java.io.FilenameFilter; import com.netscape.management.client.console.*; import com.netscape.management.client.util.*; @@ -43,9 +43,6 @@ } public static String getHomePath() { - String homePath = null; - Properties p = System.getProperties(); - File f = new File(Console.PREFERENCE_DIR); if (!f.exists()) f.mkdir(); From fedora-directory-commits at redhat.com Thu Jan 10 18:35:38 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 13:35:38 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/security CertRequestWizard.java, 1.3, 1.4 Message-ID: <200801101835.m0AIZcn9005708@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/console/src/com/netscape/management/client/security In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5629/console/src/com/netscape/management/client/security Modified Files: CertRequestWizard.java Log Message: Resolves: bug 428226 Description: Review Request: idm-console-framework: Core console package used by Fedora Directory Server and other IDM projects Fix Description: bump version to 1.1.1 Added LICENSE to %doc in spec file Fix some minor problems to allow compilation with the IcedTea Java Index: CertRequestWizard.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/security/CertRequestWizard.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- CertRequestWizard.java 8 Feb 2006 22:13:18 -0000 1.3 +++ CertRequestWizard.java 10 Jan 2008 18:35:36 -0000 1.4 @@ -25,7 +25,9 @@ import java.util.zip.*; import java.util.jar.*; import java.net.*; -import java.io.*; +import java.io.File; +import java.io.FilenameFilter; +import java.io.InputStream; import javax.swing.*; import javax.swing.event.*; import com.netscape.management.client.console.*; From fedora-directory-commits at redhat.com Thu Jan 10 18:35:40 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 13:35:40 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/topology DomainNode.java, 1.1.1.1, 1.2 TopTopologyNode.java, 1.1.1.1, 1.2 Message-ID: <200801101835.m0AIZeJx005717@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/console/src/com/netscape/management/client/topology In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5629/console/src/com/netscape/management/client/topology Modified Files: DomainNode.java TopTopologyNode.java Log Message: Resolves: bug 428226 Description: Review Request: idm-console-framework: Core console package used by Fedora Directory Server and other IDM projects Fix Description: bump version to 1.1.1 Added LICENSE to %doc in spec file Fix some minor problems to allow compilation with the IcedTea Java Index: DomainNode.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/DomainNode.java,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- DomainNode.java 18 Jul 2005 00:34:18 -0000 1.1.1.1 +++ DomainNode.java 10 Jan 2008 18:35:36 -0000 1.2 @@ -20,13 +20,10 @@ package com.netscape.management.client.topology; import java.util.*; -import java.net.*; -import java.io.*; -import java.awt.*; -import java.awt.event.*; import javax.swing.*; import javax.swing.event.*; import javax.swing.tree.*; +import java.awt.Component; import java.text.MessageFormat; import com.netscape.management.client.*; import com.netscape.management.client.util.*; Index: TopTopologyNode.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/TopTopologyNode.java,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- TopTopologyNode.java 18 Jul 2005 00:34:19 -0000 1.1.1.1 +++ TopTopologyNode.java 10 Jan 2008 18:35:36 -0000 1.2 @@ -20,7 +20,6 @@ package com.netscape.management.client.topology; import java.util.*; -import java.awt.*; import java.awt.event.*; import javax.swing.*; import javax.swing.tree.*; @@ -42,7 +41,7 @@ } /** - * initialize the top toplogy node + * initialize the top topology node */ public void reload() { super.reload(); From fedora-directory-commits at redhat.com Thu Jan 10 18:35:40 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 13:35:40 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/util IndexDialog.java, 1.1.1.1, 1.2 Message-ID: <200801101835.m0AIZeY1005723@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/console/src/com/netscape/management/client/util In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5629/console/src/com/netscape/management/client/util Modified Files: IndexDialog.java Log Message: Resolves: bug 428226 Description: Review Request: idm-console-framework: Core console package used by Fedora Directory Server and other IDM projects Fix Description: bump version to 1.1.1 Added LICENSE to %doc in spec file Fix some minor problems to allow compilation with the IcedTea Java Index: IndexDialog.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/util/IndexDialog.java,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- IndexDialog.java 18 Jul 2005 00:34:26 -0000 1.1.1.1 +++ IndexDialog.java 10 Jan 2008 18:35:38 -0000 1.2 @@ -21,20 +21,19 @@ package com.netscape.management.client.util; import java.awt.*; -import java.awt.event.*; -import java.io.*; import java.util.*; +import java.io.BufferedReader; +import java.io.FileReader; +import java.io.IOException; +import java.io.StringReader; import java.net.*; import java.text.*; import java.beans.*; import javax.swing.*; import javax.swing.event.*; -import javax.swing.border.*; -import javax.swing.text.*; import javax.swing.text.html.*; import com.netscape.management.client.console.*; import com.netscape.management.client.components.*; -import com.netscape.management.client.comm.*; /** * Dialog to select a topic to display, from a list of URLS organized From fedora-directory-commits at redhat.com Thu Jan 10 18:35:38 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 10 Jan 2008 13:35:38 -0500 Subject: [Fedora-directory-commits] console build.properties, 1.14, 1.15 idm-console-framework.spec, 1.3, 1.4 Message-ID: <200801101836.m0AIa8iI005739@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/console In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5629/console Modified Files: build.properties idm-console-framework.spec Log Message: Resolves: bug 428226 Description: Review Request: idm-console-framework: Core console package used by Fedora Directory Server and other IDM projects Fix Description: bump version to 1.1.1 Added LICENSE to %doc in spec file Fix some minor problems to allow compilation with the IcedTea Java Index: build.properties =================================================================== RCS file: /cvs/dirsec/console/build.properties,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- build.properties 1 Aug 2007 21:29:55 -0000 1.14 +++ build.properties 10 Jan 2008 18:35:35 -0000 1.15 @@ -23,7 +23,7 @@ console.root=. console.version=11 -console.dotversion=1.1.0 +console.dotversion=1.1.1 console.dotgenversion=1.1 mcc.core=idm-console-mcc Index: idm-console-framework.spec =================================================================== RCS file: /cvs/dirsec/console/idm-console-framework.spec,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- idm-console-framework.spec 19 Dec 2007 20:10:27 -0000 1.3 +++ idm-console-framework.spec 10 Jan 2008 18:35:35 -0000 1.4 @@ -1,13 +1,13 @@ %define major_version 1.1 -%define minor_version 0 +%define minor_version 1 Name: idm-console-framework Version: %{major_version}.%{minor_version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: Identity Management Console Framework Group: System Environment/Libraries -License: LGPL +License: LGPLv2 URL: http://directory.fedoraproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -15,9 +15,11 @@ Source: http://directory.fedoraproject.org/sources/%{name}-%{version}.tar.bz2 Requires: ldapjdk Requires: jss +BuildRequires: java-1.7.0-icedtea BuildRequires: ant >= 1.6.2 BuildRequires: ldapjdk BuildRequires: jss +BuildRequires: java-1.7.0-icedtea-devel %description A Java Management Console framework used for remote server management. @@ -55,6 +57,7 @@ %files %defattr(-,root,root,-) +%doc LICENSE %{_javadir}/idm-console-base-%{version}.jar %{_javadir}/idm-console-base-%{major_version}.jar %{_javadir}/idm-console-base.jar @@ -72,6 +75,12 @@ %{_javadir}/idm-console-nmclf_en.jar %changelog +* Wed Jan 9 2008 Rich Megginson 1.1.1-1 +- fix rpmlint issues +- changed license from LGPL to LGPLv2 +- added explicit requires for java-1.7.0-icedtea +- added LICENSE for doc + * Wed Dec 19 2007 Rich Megginson 1.1.0-2 - for the fedora ds 1.1 release From fedora-directory-commits at redhat.com Thu Jan 10 19:44:23 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 10 Jan 2008 14:44:23 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm proto-back-ldbm.h, 1.5, 1.5.2.1 idl.c, 1.4, 1.4.2.1 sort.c, 1.5.2.1, 1.5.2.2 vlv.c, 1.6.2.1, 1.6.2.2 Message-ID: <200801101944.m0AJiNvp014367@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14329/servers/slapd/back-ldbm Modified Files: Tag: Directory71RtmBranch proto-back-ldbm.h idl.c sort.c vlv.c Log Message: Resolves: #183222 Summary: Directory Server hangs when running VLV search and update operations Description: applied the patch to Directory71RtmBranch Index: proto-back-ldbm.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- proto-back-ldbm.h 19 Apr 2005 22:07:38 -0000 1.5 +++ proto-back-ldbm.h 10 Jan 2008 19:44:21 -0000 1.5.2.1 @@ -213,6 +213,15 @@ int idl_is_allids(IDList *idl); int idl_append( IDList *idl, ID id); void idl_insert(IDList **idl, ID id); +/* + * idl_delete - delete an id from an id list. + * returns 0 id deleted + * 1 id deleted, first id in block has changed + * 2 id deleted, block is empty + * 3 id not there + * 4 cannot delete from allids block + */ +int idl_delete( IDList **idl, ID id ); IDList * idl_allids( backend *be ); IDList * idl_fetch( backend *be, DB* db, DBT *key, DB_TXN *txn, struct attrinfo *a, int *err ); int idl_insert_key( backend *be, DB* db, DBT *key, ID id, DB_TXN *txn, struct attrinfo *a,int *disposition ); Index: idl.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/idl.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- idl.c 19 Apr 2005 22:07:38 -0000 1.4 +++ idl.c 10 Jan 2008 19:44:21 -0000 1.4.2.1 @@ -44,7 +44,6 @@ */ #undef IDL_LOCKING_ENABLE -static int idl_delete( IDList **idl, ID id ) ; static void make_cont_key( DBT *contkey, DBT *key, ID id ); static int idl_insert_maxids( IDList **idl, ID id, int maxids ); @@ -1591,7 +1590,7 @@ * 4 cannot delete from allids block */ -static int +int idl_delete( IDList **idl, ID id ) { ID i, delpos; Index: sort.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/sort.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- sort.c 2 Mar 2006 01:12:31 -0000 1.5.2.1 +++ sort.c 10 Jan 2008 19:44:21 -0000 1.5.2.2 @@ -677,7 +677,7 @@ a = id2entry(be,*id_a,NULL,&err); if (NULL == a) { if (0 != err ) { - LDAPDebug(LDAP_DEBUG_ANY,"compare_entries db err %d\n",err,0,0); + LDAPDebug(LDAP_DEBUG_TRACE,"compare_entries db err %d\n",err,0,0); } /* Were up a creek without paddle here */ /* Best to log error and set some flag */ @@ -686,7 +686,7 @@ b = id2entry(be,*id_b,NULL,&err); if (NULL == b) { if (0 != err ) { - LDAPDebug(LDAP_DEBUG_ANY,"compare_entries db err %d\n",err,0,0); + LDAPDebug(LDAP_DEBUG_TRACE,"compare_entries db err %d\n",err,0,0); } return 0; } Index: vlv.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/vlv.c,v retrieving revision 1.6.2.1 retrieving revision 1.6.2.2 diff -u -r1.6.2.1 -r1.6.2.2 --- vlv.c 14 Mar 2007 16:25:34 -0000 1.6.2.1 +++ vlv.c 10 Jan 2008 19:44:21 -0000 1.6.2.2 @@ -54,7 +54,7 @@ static PRUint32 vlv_trim_candidates_byindex(PRUint32 length, const struct vlv_request *vlv_request_control); static PRUint32 vlv_trim_candidates_byvalue(backend *be, const IDList *candidates, const sort_spec* sort_control, const struct vlv_request *vlv_request_control); -static int vlv_build_candidate_list( backend *be, struct vlvIndex* p, const struct vlv_request *vlv_request_control, IDList** candidates, struct vlv_response *vlv_response_control); +static int vlv_build_candidate_list( backend *be, struct vlvIndex* p, const struct vlv_request *vlv_request_control, IDList** candidates, struct vlv_response *vlv_response_control, int is_srchlist_locked); /* New mutex for vlv locking PRRWLock * vlvSearchList_lock=NULL; @@ -72,6 +72,7 @@ backend *be = inst->inst_be; vlvSearch_init(newVlvSearch, pb, entryBefore, inst); + /* vlvSearchList is modified; need Wlock */ PR_RWLock_Wlock(be->vlvSearchList_lock); vlvSearch_addtolist(newVlvSearch, (struct vlvSearch **)&be->vlvSearchList); PR_RWLock_Unlock(be->vlvSearchList_lock); @@ -81,24 +82,25 @@ /* Callback to add a new VLV Index specification. Added write lock.*/ int vlv_AddIndexEntry(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* entryAfter, int *returncode, char *returntext, void *arg) -{ - struct vlvSearch *parent; - backend *be= ((ldbm_instance*)arg)->inst_be; - Slapi_DN parentdn; - - slapi_sdn_init(&parentdn); - slapi_sdn_get_parent(slapi_entry_get_sdn(entryBefore),&parentdn); +{ + struct vlvSearch *parent; + backend *be= ((ldbm_instance*)arg)->inst_be; + Slapi_DN parentdn; + + slapi_sdn_init(&parentdn); + slapi_sdn_get_parent(slapi_entry_get_sdn(entryBefore),&parentdn); { - PR_RWLock_Wlock(be->vlvSearchList_lock); + /* vlvSearchList is modified; need Wlock */ + PR_RWLock_Wlock(be->vlvSearchList_lock); parent= vlvSearch_finddn((struct vlvSearch *)be->vlvSearchList, &parentdn); if(parent!=NULL) { struct vlvIndex* newVlvIndex= vlvIndex_new(); - newVlvIndex->vlv_be=be; + newVlvIndex->vlv_be=be; vlvIndex_init(newVlvIndex, be, parent, entryBefore); - vlvSearch_addIndex(parent, newVlvIndex); + vlvSearch_addIndex(parent, newVlvIndex); } - PR_RWLock_Unlock(be->vlvSearchList_lock); + PR_RWLock_Unlock(be->vlvSearchList_lock); } slapi_sdn_done(&parentdn); return SLAPI_DSE_CALLBACK_OK; @@ -111,6 +113,7 @@ struct vlvSearch* p=NULL; backend *be= ((ldbm_instance*)arg)->inst_be; + /* vlvSearchList is modified; need Wlock */ PR_RWLock_Wlock(be->vlvSearchList_lock); p = vlvSearch_finddn((struct vlvSearch *)be->vlvSearchList, slapi_entry_get_sdn(entryBefore)); if(p!=NULL) @@ -320,6 +323,7 @@ { struct vlvSearch *t = NULL; struct vlvSearch *nt = NULL; + /* vlvSearchList is modified; need Wlock */ PR_RWLock_Wlock(be->vlvSearchList_lock); for (t = (struct vlvSearch *)be->vlvSearchList; NULL != t; ) { @@ -762,7 +766,7 @@ * * JCM: If only non-sorted attributes are changed, then the indexes don't need updating. * JCM: Detecting this fact, given multi-valued atribibutes, might be tricky... - * Added write lock + * Read lock (traverse vlvSearchList; no change on vlvSearchList/vlvIndex lists) */ int @@ -772,7 +776,7 @@ struct vlvSearch* ps=NULL; struct ldbminfo *li = ((ldbm_instance *)be->be_instance_info)->inst_li; - PR_RWLock_Wlock(be->vlvSearchList_lock); + PR_RWLock_Rlock(be->vlvSearchList_lock); ps = (struct vlvSearch *)be->vlvSearchList; for(;ps!=NULL;ps= ps->vlv_next) { @@ -1059,15 +1063,16 @@ PR_RWLock_Rlock(be->vlvSearchList_lock); if((pi=vlv_find_search(be, base, scope, fstr, sort_control)) == NULL) { unsigned int opnote = SLAPI_OP_NOTE_UNINDEXED; + PR_RWLock_Unlock(be->vlvSearchList_lock); slapi_pblock_set( pb, SLAPI_OPERATION_NOTES, &opnote ); rc = VLV_FIND_SEARCH_FAILED; } else if((*vlv_rc=vlvIndex_accessallowed(pi, pb)) != LDAP_SUCCESS) { + PR_RWLock_Unlock(be->vlvSearchList_lock); rc = VLV_ACCESS_DENIED; - } else if ((*vlv_rc=vlv_build_candidate_list(be,pi,vlv_request_control,candidates,vlv_response_control)) != LDAP_SUCCESS) { + } else if ((*vlv_rc=vlv_build_candidate_list(be,pi,vlv_request_control,candidates,vlv_response_control, 1)) != LDAP_SUCCESS) { rc = VLV_BLD_LIST_FAILED; vlv_response_control->result=*vlv_rc; } - PR_RWLock_Unlock(be->vlvSearchList_lock); return rc; } @@ -1087,7 +1092,7 @@ static int -vlv_build_candidate_list( backend *be, struct vlvIndex* p, const struct vlv_request *vlv_request_control, IDList** candidates, struct vlv_response *vlv_response_control) +vlv_build_candidate_list( backend *be, struct vlvIndex* p, const struct vlv_request *vlv_request_control, IDList** candidates, struct vlv_response *vlv_response_control, int is_srchlist_locked) { int return_value = LDAP_SUCCESS; DB *db = NULL; @@ -1102,6 +1107,9 @@ slapi_sdn_get_dn(vlvIndex_getBase(p)), p->vlv_search->vlv_filter, vlvIndex_getName(p)); if (!vlvIndex_online(p)) { + if (is_srchlist_locked) { + PR_RWLock_Unlock(be->vlvSearchList_lock); + } return -1; } rc = dblayer_get_index_file(be, p->vlv_attrinfo, &db, 0); @@ -1109,9 +1117,20 @@ /* shouldn't happen */ LDAPDebug(LDAP_DEBUG_ANY, "VLV: can't get index file '%s' (err %d)\n", p->vlv_attrinfo->ai_type, rc, 0); + if (is_srchlist_locked) { + PR_RWLock_Unlock(be->vlvSearchList_lock); + } return -1; } + length = vlvIndex_get_indexlength(p, db, 0 /* txn */); + + /* Increment the usage counter */ + vlvIndex_incrementUsage(p); + + if (is_srchlist_locked) { + PR_RWLock_Unlock(be->vlvSearchList_lock); + } err = db->cursor(db, 0 /* txn */, &dbc, 0); if (err != 0) { /* shouldn't happen */ @@ -1120,11 +1139,6 @@ return -1; } - length = vlvIndex_get_indexlength(p, db, 0 /* txn */); - - /* Increment the usage counter */ - vlvIndex_incrementUsage(p); - if (vlv_request_control) { switch(vlv_request_control->tag) { @@ -1454,9 +1468,17 @@ typedown_value= vlv_create_matching_rule_value(sort_control->mr_pb,(struct berval *)&vlv_request_control->value); compare_fn= slapi_berval_cmp; } +retry: /* * Perform a binary search over the candidate list */ + if (0 == candidates->b_nids) { /* idlist is empty */ + LDAPDebug( LDAP_DEBUG_ANY, "vlv_trim_candidates_byvalue: Candidate ID List is empty.\n", 0, 0, 0 ); + ber_bvecfree((struct berval**)typedown_value); + return candidates->b_nids; /* not found */ + } + low= 0; + high= candidates->b_nids-1; do { int err= 0; struct backentry *e= NULL; @@ -1472,7 +1494,15 @@ e = id2entry( be, id, NULL, &err ); if ( e == NULL ) { + int rval; LDAPDebug( LDAP_DEBUG_ANY, "vlv_trim_candidates_byvalue: Candidate ID %lu not found err=%d\n", (u_long)id, err, 0 ); + rval = idl_delete(&candidates, id); + if (0 == rval || 1 == rval || 2 == rval) { + goto retry; + } else { + ber_bvecfree((struct berval**)typedown_value); + return candidates->b_nids; /* not found */ + } } else { @@ -1820,8 +1850,8 @@ IDList *idl; Slapi_Filter *vlv_f; - PR_RWLock_Rlock(be->vlvSearchList_lock); slapi_sdn_init_dn_byref(&base_sdn, base); + PR_RWLock_Rlock(be->vlvSearchList_lock); for (t = (struct vlvSearch *)be->vlvSearchList; t; t = t->vlv_next) { /* all vlv "filters" start with (|(xxx)(objectclass=referral)). * we only care about the (xxx) part. @@ -1847,9 +1877,10 @@ } if (dblayer_get_index_file(be, vi->vlv_attrinfo, &db, 0) == 0) { + length = vlvIndex_get_indexlength(vi, db, 0 /* txn */); + PR_RWLock_Unlock(be->vlvSearchList_lock); err = db->cursor(db, 0 /* txn */, &dbc, 0); if (err == 0) { - length = vlvIndex_get_indexlength(vi, db, 0 /* txn */); if (length == 0) /* 609377: index size could be 0 */ { LDAPDebug(LDAP_DEBUG_TRACE, "vlv: index %s is empty\n", @@ -1864,12 +1895,10 @@ } dblayer_release_index_file(be, vi->vlv_attrinfo, db); if (err == 0) { - PR_RWLock_Unlock(be->vlvSearchList_lock); return idl; } else { LDAPDebug(LDAP_DEBUG_ANY, "vlv find index: err %d\n", err, 0, 0); - PR_RWLock_Unlock(be->vlvSearchList_lock); return NULL; } } @@ -1927,6 +1956,7 @@ tag1=create_vlv_search_tag(dn); buf=slapi_ch_smprintf("%s%s%s%s%s","cn=MCC ",tag1,", cn=",inst->inst_name,LDBM_PLUGIN_ROOT); newdn=slapi_sdn_new_dn_byval(buf); + /* vlvSearchList is modified; need Wlock */ PR_RWLock_Wlock(be->vlvSearchList_lock); p = vlvSearch_finddn((struct vlvSearch *)be->vlvSearchList, newdn); if(p!=NULL) From fedora-directory-commits at redhat.com Fri Jan 11 00:44:41 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 10 Jan 2008 19:44:41 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldif2ldbm.c, 1.7, 1.7.2.1 vlv_srch.c, 1.6, 1.6.2.1 Message-ID: <200801110044.m0B0ifIs024507@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24438 Modified Files: Tag: Directory71RtmBranch ldif2ldbm.c vlv_srch.c Log Message: Resolves: #243820 Summary: Online browsing indexing hangs Description: applied the patch to Directory71RtmBranch Index: ldif2ldbm.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldif2ldbm.c,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -u -r1.7 -r1.7.2.1 --- ldif2ldbm.c 19 Apr 2005 22:07:38 -0000 1.7 +++ ldif2ldbm.c 11 Jan 2008 00:44:38 -0000 1.7.2.1 @@ -188,7 +188,7 @@ int *status) { backend *be; - const char *pdn; + char *pdn; ID pid = 0; slapi_pblock_get(pb, SLAPI_BACKEND, &be); @@ -216,7 +216,7 @@ * suffix entry, or its erroneous. So, we signal this to the * caller via the status parameter. */ - bv.bv_val = (char *)pdn; + bv.bv_val = pdn; bv.bv_len = strlen(pdn); if ( (idl = index_read( be, "entrydn", indextype_EQUALITY, &bv, NULL, &err )) != NULL ) { @@ -225,7 +225,7 @@ } else if ( 0 != err ) { if (DB_NOTFOUND != err ) { LDAPDebug( LDAP_DEBUG_ANY, "database error %d\n", err, 0, 0 ); - slapi_ch_free( (void**)&pdn ); + slapi_ch_free_string( &pdn ); return( -1 ); } else { if (NULL != status) { @@ -233,7 +233,7 @@ } } } - slapi_ch_free( (void**)&pdn ); + slapi_ch_free_string( &pdn ); } else { if (NULL != status) { *status = IMPORT_ADD_OP_ATTRS_NO_PARENT; @@ -315,7 +315,7 @@ * let's do it so we can reuse the modify routines) */ cache_lock_entry( &inst->inst_cache, e ); modify_init(&mc,e); - sprintf(value_buffer,"%lu",sub_count); + sprintf(value_buffer,"%u",sub_count); /* attr numsubordinates could already exist in the entry, let's check whether it's already there or not */ isreplace = (attrlist_find(e->ep_entry->e_attrs, numsubordinates) != NULL); @@ -1252,7 +1252,7 @@ "ldbm2index: Unknown VLV Index named '%s'\n", index, 0, 0); LDAPDebug(LDAP_DEBUG_ANY, "ldbm2index: Known VLV Indexes are: %s\n", text, 0, 0); - slapi_ch_free((void**)&text); + slapi_ch_free_string(&text); } /* @@ -1276,20 +1276,25 @@ IDList *idl = NULL; /* optimization for vlv index creation */ int numvlv = 0; int return_value = -1; + int rc = -1; ID temp_id; - int i, j; + int i, j, vlvidx; ID lastid; - struct backentry *ep; + struct backentry *ep = NULL; char *type; NIDS idindex = 0; int count = 0; Slapi_Attr *attr; Slapi_Task *task; - int ret = 0; int isfirst = 1; int index_aid = 0; /* index ancestorid */ + struct vlvIndex *vlvip = NULL; + back_txn txn; LDAPDebug( LDAP_DEBUG_TRACE, "=> ldbm_back_ldbm2index\n", 0, 0, 0 ); + if ( g_get_shutdown() || c_get_shutdown() ) { + return return_value; + } slapi_pblock_get(pb, SLAPI_BACKEND_INSTANCE_NAME, &instance_name); slapi_pblock_get(pb, SLAPI_PLUGIN_PRIVATE, &li); @@ -1301,6 +1306,7 @@ /* No ldbm backend exists until we process the config info. */ li->li_flags |= TASK_RUNNING_FROM_COMMANDLINE; ldbm_config_load_dse_info(li); + txn.back_txn_txn = NULL; /* no transaction */ } inst = ldbm_instance_find_by_name(li, instance_name); @@ -1311,7 +1317,7 @@ } LDAPDebug(LDAP_DEBUG_ANY, "Unknown ldbm instance %s\n", instance_name, 0, 0); - return -1; + return return_value; } be = inst->inst_be; slapi_pblock_set(pb, SLAPI_BACKEND, be); @@ -1326,14 +1332,14 @@ if (0 != dblayer_start(li,DBLAYER_INDEX_MODE)) { LDAPDebug( LDAP_DEBUG_ANY, "ldbm2index: Failed to init database\n", 0, 0, 0 ); - return( -1 ); + return return_value; } /* dblayer_instance_start will init the id2entry index. */ if (0 != dblayer_instance_start(be, DBLAYER_INDEX_MODE)) { - LDAPDebug(LDAP_DEBUG_ANY, "db2ldif: Failed to init instance\n", + LDAPDebug(LDAP_DEBUG_ANY, "ldbm2index: Failed to init instance\n", 0, 0, 0); - return -1; + return return_value; } /* Initialise the Virtual List View code */ @@ -1345,34 +1351,31 @@ LDAPDebug(LDAP_DEBUG_ANY, "ldbm: '%s' is already in the middle of " "another task and cannot be disturbed.\n", inst->inst_name, 0, 0); - return -1; + return return_value; } if ((( dblayer_get_id2entry( be, &db )) != 0 ) || (db == NULL)) { LDAPDebug( LDAP_DEBUG_ANY, "Could not open/create id2entry\n", 0, 0, 0 ); - instance_set_not_busy(inst); - return( -1 ); + goto err_min; } /* get a cursor to we can walk over the table */ - return_value = db->cursor(db, NULL, &dbc, 0); - if (0 != return_value ) { + rc = db->cursor(db, NULL, &dbc, 0); + if (0 != rc ) { LDAPDebug( LDAP_DEBUG_ANY, "Failed to get cursor for ldbm2index\n", 0, 0, 0 ); - dblayer_release_id2entry(be, db); - instance_set_not_busy(inst); - return( -1 ); + goto err_min; } /* ask for the last id so we can give cute percentages */ key.flags = DB_DBT_MALLOC; data.flags = DB_DBT_MALLOC; - return_value = dbc->c_get(dbc, &key, &data, DB_LAST); - if (return_value == DB_NOTFOUND) { + rc = dbc->c_get(dbc, &key, &data, DB_LAST); + if (rc == DB_NOTFOUND) { lastid = 0; isfirst = 0; /* neither a first nor a last */ - } else if (return_value == 0) { + } else if (rc == 0) { lastid = id_stored_to_internal((char *)key.data); free(key.data); free(data.data); @@ -1381,10 +1384,7 @@ LDAPDebug(LDAP_DEBUG_ANY, "Failed to seek within id2entry (BAD %d)\n", return_value, 0 ,0); - dbc->c_close(dbc); - dblayer_release_id2entry(be, db); - instance_set_not_busy(inst); - return( -1 ); + goto err_out; } /* Work out which indexes we should build */ @@ -1395,11 +1395,13 @@ */ { char **attrs = NULL; - struct vlvIndex *p = NULL; struct attrinfo *ai = NULL; slapi_pblock_get(pb, SLAPI_DB2INDEX_ATTRS, &attrs); for (i = 0; attrs[i] != NULL; i++) { + if ( g_get_shutdown() || c_get_shutdown() ) { + goto err_out; + } switch(attrs[i][0]) { case 't': /* attribute type to index */ db2index_add_indexed_attr(be, attrs[i]); @@ -1427,13 +1429,11 @@ dblayer_erase_index_file(be, ai, i/* chkpt; 1st time only */); break; case 'T': /* VLV Search to index */ - p = vlv_find_searchname((attrs[i])+1, be); - if (p == NULL) { + vlvip = vlv_find_searchname((attrs[i])+1, be); + if (vlvip == NULL) { ldbm2index_bad_vlv(task, inst, attrs[i]+1); - ret = -1; - goto out; } else { - vlvIndex_go_offline(p, be); + vlvIndex_go_offline(vlvip, be); if (pvlv == NULL) { pvlv = (struct vlvIndex **)slapi_ch_calloc(1, sizeof(struct vlvIndex *)); @@ -1441,10 +1441,10 @@ pvlv = (struct vlvIndex **)slapi_ch_realloc((char*)pvlv, (numvlv+1)*sizeof(struct vlvIndex *)); } - pvlv[numvlv] = p; + pvlv[numvlv] = vlvip; numvlv++; /* Get rid of the index if it already exists */ - PR_Delete(vlvIndex_filename(p)); + PR_Delete(vlvIndex_filename(vlvip)); if (task) { slapi_task_log_notice(task, "%s: Indexing VLV: %s", inst->inst_name, attrs[i]+1); @@ -1462,12 +1462,12 @@ * entire database. */ if (!indexAttrs && !index_aid && pvlv) { - int i, err; + int err; char **suffix_list = NULL; /* create suffix list */ - for (i = 0; i < numvlv; i++) { - char *s = slapi_ch_strdup(slapi_sdn_get_dn(vlvIndex_getBase(pvlv[i]))); + for (vlvidx = 0; vlvidx < numvlv; vlvidx++) { + char *s = slapi_ch_strdup(slapi_sdn_get_dn(vlvIndex_getBase(pvlv[vlvidx]))); s = slapi_dn_normalize_case(s); charray_add(&suffix_list, s); @@ -1503,11 +1503,10 @@ idindex = 0; } - /* Bug 603120: slapd dumps core while indexing and deleting the db at the - * same time. Now added the lock for the indexing code too. - */ - vlv_acquire_lock(be); while (1) { + if ( g_get_shutdown() || c_get_shutdown() ) { + goto err_out; + } if (idl) { if (idindex >= idl->b_nids) break; @@ -1516,12 +1515,11 @@ key.size = sizeof(temp_id); data.flags = DB_DBT_MALLOC; - return_value = db->get(db, NULL, &key, &data, 0); - if (return_value) { + rc = db->get(db, NULL, &key, &data, 0); + if (rc) { LDAPDebug(LDAP_DEBUG_ANY, "%s: Failed " "to read database, errno=%d (%s)\n", - inst->inst_name, return_value, - dblayer_strerror(return_value)); + inst->inst_name, rc, dblayer_strerror(return_value)); if (task) { slapi_task_log_notice(task, "%s: Failed to read database, err %d (%s)", @@ -1537,27 +1535,24 @@ key.flags = DB_DBT_MALLOC; data.flags = DB_DBT_MALLOC; if (isfirst) { - return_value = dbc->c_get(dbc, &key, &data, DB_FIRST); + rc = dbc->c_get(dbc, &key, &data, DB_FIRST); isfirst = 0; } else{ - return_value = dbc->c_get(dbc, &key, &data, DB_NEXT); + rc = dbc->c_get(dbc, &key, &data, DB_NEXT); } - if (0 != return_value) { - if (DB_NOTFOUND == return_value) { - break; - } else { - LDAPDebug(LDAP_DEBUG_ANY, "%s: Failed to read database, " - "errno=%d (%s)\n", inst->inst_name, return_value, - dblayer_strerror(return_value)); - if (task) { - slapi_task_log_notice(task, + if (DB_NOTFOUND == rc) { + break; + } else if (0 != rc) { + LDAPDebug(LDAP_DEBUG_ANY, "%s: Failed to read database, " + "errno=%d (%s)\n", inst->inst_name, rc, + dblayer_strerror(rc)); + if (task) { + slapi_task_log_notice(task, "%s: Failed to read database, err %d (%s)", - inst->inst_name, return_value, - dblayer_strerror(return_value)); - } - break; + inst->inst_name, rc, dblayer_strerror(rc)); } + break; } temp_id = id_stored_to_internal((char *)key.data); free(key.data); @@ -1594,9 +1589,7 @@ LDAPDebug(LDAP_DEBUG_ANY, "%s: ERROR: Could not add op attrs to entry (id %lu)\n", inst->inst_name, (u_long)ep->ep_id, 0); - backentry_free( &ep ); - ret = -1; - goto out; + goto err_out; } /* @@ -1606,21 +1599,17 @@ for (i = slapi_entry_first_attr(ep->ep_entry, &attr); i == 0; i = slapi_entry_next_attr(ep->ep_entry, attr, &attr)) { Slapi_Value **svals; - int rc = 0; slapi_attr_get_type( attr, &type ); for ( j = 0; indexAttrs[j] != NULL; j++ ) { + if ( g_get_shutdown() || c_get_shutdown() ) { + goto err_out; + } if (slapi_attr_type_cmp(indexAttrs[j], type, SLAPI_TYPE_CMP_SUBTYPE) == 0 ) { - back_txn txn; svals = attr_get_present_values(attr); - if (run_from_cmdline) - { - txn.back_txn_txn = NULL; - } - else - { + if (!run_from_cmdline) { rc = dblayer_txn_begin(li, NULL, &txn); if (0 != rc) { LDAPDebug(LDAP_DEBUG_ANY, @@ -1637,8 +1626,8 @@ inst->inst_name, indexAttrs[j], rc, dblayer_strerror(rc)); } - ret = -2; - goto out; + return_value = -2; + goto err_out; } } rc = index_addordel_values_sv( @@ -1657,13 +1646,13 @@ "(err %d: %s)", inst->inst_name, indexAttrs[j], rc, dblayer_strerror(rc)); } - if (!run_from_cmdline) - dblayer_txn_abort(li, &txn); - ret = -2; - goto out; + if (!run_from_cmdline) { + dblayer_txn_abort(li, &txn); + } + return_value = -2; + goto err_out; } - if (!run_from_cmdline) - { + if (!run_from_cmdline) { rc = dblayer_txn_commit(li, &txn); if (0 != rc) { LDAPDebug(LDAP_DEBUG_ANY, @@ -1680,8 +1669,8 @@ "(err %d: %s)", inst->inst_name, indexAttrs[j], rc, dblayer_strerror(rc)); } - ret = -2; - goto out; + return_value = -2; + goto err_out; } } } @@ -1692,21 +1681,16 @@ /* * Update the Virtual List View indexes */ - for ( j = 0; jinst_name, indexAttrs[j], 0); + inst->inst_name, indexAttrs[vlvidx], 0); LDAPDebug(LDAP_DEBUG_ANY, "%s: Error %d: %s\n", inst->inst_name, rc, dblayer_strerror(rc)); @@ -1714,20 +1698,26 @@ slapi_task_log_notice(task, "%s: ERROR: failed to begin txn for update index '%s' " "(err %d: %s)", inst->inst_name, - indexAttrs[j], rc, dblayer_strerror(rc)); + indexAttrs[vlvidx], rc, dblayer_strerror(rc)); } - ret = -2; - goto out; + return_value = -2; + goto err_out; } } - vlv_update_index(pvlv[j], &txn, li, pb, NULL, ep); + /* + * lock is needed around vlv_update_index to protect the + * vlv structure. + */ + vlv_acquire_lock(be); + vlv_update_index(pvlv[vlvidx], &txn, li, pb, NULL, ep); + vlv_release_lock(be); if (!run_from_cmdline) { rc = dblayer_txn_commit(li, &txn); if (0 != rc) { LDAPDebug(LDAP_DEBUG_ANY, "%s: ERROR: failed to commit txn for update index '%s'\n", - inst->inst_name, indexAttrs[j], 0); + inst->inst_name, indexAttrs[vlvidx], 0); LDAPDebug(LDAP_DEBUG_ANY, "%s: Error %d: %s\n", inst->inst_name, rc, dblayer_strerror(rc)); @@ -1735,10 +1725,10 @@ slapi_task_log_notice(task, "%s: ERROR: failed to commit txn for update index '%s' " "(err %d: %s)", inst->inst_name, - indexAttrs[j], rc, dblayer_strerror(rc)); + indexAttrs[vlvidx], rc, dblayer_strerror(rc)); } - ret = -2; - goto out; + return_value = -2; + goto err_out; } } } @@ -1747,8 +1737,6 @@ * Update the ancestorid index */ if (index_aid) { - int rc; - rc = ldbm_ancestorid_index_entry(be, ep, BE_INDEX_ADD, NULL); if (rc != 0) { LDAPDebug(LDAP_DEBUG_ANY, @@ -1763,8 +1751,8 @@ "(err %d: %s)", inst->inst_name, rc, dblayer_strerror(rc)); } - ret = -2; - goto out; + return_value = -2; + goto err_out; } } @@ -1792,7 +1780,6 @@ backentry_free( &ep ); } - vlv_release_lock(be); /* if we got here, we finished successfully */ @@ -1804,8 +1791,8 @@ PR_ASSERT(ai != NULL); ai->ai_indexmask &= ~INDEX_OFFLINE; } - for (i = 0; i < numvlv; i++) { - vlvIndex_go_online(pvlv[i], be); + for (vlvidx = 0; vlvidx < numvlv; vlvidx++) { + vlvIndex_go_online(pvlv[vlvidx], be); } if (task) { @@ -1816,19 +1803,27 @@ } LDAPDebug(LDAP_DEBUG_ANY, "%s: Finished indexing.\n", inst->inst_name, 0, 0); - -out: + return_value = 0; /* success */ +err_out: + backentry_free( &ep ); /* if ep or *ep is NULL, it does nothing */ if (idl) { idl_free(idl); } else { dbc->c_close(dbc); } - dblayer_release_id2entry( be, db ); - + if (return_value < 0) {/* error case: undo vlv indexing */ + /* if jumped to out due to an error, vlv lock has not been released */ + for ( vlvidx = 0; vlvidx < numvlv; vlvidx++ ) { + vlvIndex_go_offline(pvlv[vlvidx], be); + vlv_acquire_lock(be); + vlvIndex_delete(&pvlv[vlvidx]); + vlv_release_lock(be); + } + } +err_min: + dblayer_release_id2entry( be, db ); /* nope */ instance_set_not_busy(inst); - LDAPDebug( LDAP_DEBUG_TRACE, "<= ldbm_back_ldbm2index\n", 0, 0, 0 ); - if (run_from_cmdline) { if (0 != dblayer_flush(li)) { LDAPDebug(LDAP_DEBUG_ANY, @@ -1844,8 +1839,13 @@ if (indexAttrs) { slapi_ch_free((void **)&indexAttrs); } + if (pvlv) { + slapi_ch_free((void **)&pvlv); + } + + LDAPDebug( LDAP_DEBUG_TRACE, "<= ldbm_back_ldbm2index\n", 0, 0, 0 ); - return (ret); + return return_value; } /* @@ -1887,7 +1887,7 @@ attr_index_config(be, "from db2index()", 0, argc, nsslapd_index_value, 0); for ( i=0; ivlv_sortkey); attrinfo_delete(&((*ppvs)->vlv_attrinfo)); + slapi_ch_free((void**)&((*ppvs)->vlv_name)); + slapi_ch_free((void**)&((*ppvs)->vlv_filename)); slapi_ch_free((void**)&((*ppvs)->vlv_mrpb)); slapi_ch_free((void**)&((*ppvs)->vlv_syntax_plugin)); PR_DestroyLock((*ppvs)->vlv_indexlength_lock); From fedora-directory-commits at redhat.com Fri Jan 11 01:02:54 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 10 Jan 2008 20:02:54 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm vlv.c, 1.6.2.2, 1.6.2.3 Message-ID: <200801110102.m0B12sMt031563@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31508 Modified Files: Tag: Directory71RtmBranch vlv.c Log Message: Resolves: #171081 Summary: ldapsearch hung at browsing index creation Description: applied the patch to Directory71RtmBranch Index: vlv.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/vlv.c,v retrieving revision 1.6.2.2 retrieving revision 1.6.2.3 diff -u -r1.6.2.2 -r1.6.2.3 --- vlv.c 10 Jan 2008 19:44:21 -0000 1.6.2.2 +++ vlv.c 11 Jan 2008 01:02:52 -0000 1.6.2.3 @@ -111,18 +111,28 @@ int vlv_DeleteSearchEntry(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* entryAfter, int *returncode, char *returntext, void *arg) { struct vlvSearch* p=NULL; - backend *be= ((ldbm_instance*)arg)->inst_be; - + ldbm_instance *inst = (ldbm_instance*)arg; + backend *be= inst->inst_be; + + if (instance_set_busy(inst) != 0) + { + LDAPDebug( LDAP_DEBUG_ANY, + "Backend instance: '%s' is already in the middle of " + "another task and cannot be disturbed.\n", + inst->inst_name, 0, 0); + return SLAPI_DSE_CALLBACK_ERROR; + } /* vlvSearchList is modified; need Wlock */ - PR_RWLock_Wlock(be->vlvSearchList_lock); - p = vlvSearch_finddn((struct vlvSearch *)be->vlvSearchList, slapi_entry_get_sdn(entryBefore)); + PR_RWLock_Wlock(be->vlvSearchList_lock); + p = vlvSearch_finddn((struct vlvSearch *)be->vlvSearchList, slapi_entry_get_sdn(entryBefore)); if(p!=NULL) - { - LDAPDebug( LDAP_DEBUG_ANY, "Deleted Virtual List View Search (%s).\n", p->vlv_name, 0, 0); - vlvSearch_removefromlist((struct vlvSearch **)&be->vlvSearchList,p->vlv_dn); - vlvSearch_delete(&p); + { + LDAPDebug( LDAP_DEBUG_ANY, "Deleted Virtual List View Search (%s).\n", p->vlv_name, 0, 0); + vlvSearch_removefromlist((struct vlvSearch **)&be->vlvSearchList,p->vlv_dn); + vlvSearch_delete(&p); } - PR_RWLock_Unlock(be->vlvSearchList_lock); + PR_RWLock_Unlock(be->vlvSearchList_lock); + instance_set_not_busy(inst); return SLAPI_DSE_CALLBACK_OK; } @@ -131,8 +141,18 @@ int vlv_DeleteIndexEntry(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* entryAfter, int *returncode, char *returntext, void *arg) { - LDAPDebug( LDAP_DEBUG_ANY, "Deleted Virtual List View Index.\n", 0, 0, 0); - return SLAPI_DSE_CALLBACK_OK; + ldbm_instance *inst = (ldbm_instance*)arg; + if (inst && (inst->inst_flags & INST_FLAG_BUSY)) { + LDAPDebug( LDAP_DEBUG_ANY, + "Backend instance: '%s' is already in the middle of " + "another task and cannot be disturbed.\n", + inst->inst_name, 0, 0); + return SLAPI_DSE_CALLBACK_ERROR; + } else { + LDAPDebug( LDAP_DEBUG_ANY, + "Deleted Virtual List View Index.\n", 0, 0, 0); + return SLAPI_DSE_CALLBACK_OK; + } } @@ -1492,11 +1512,12 @@ } id= candidates->b_ids[current]; e = id2entry( be, id, NULL, &err ); - if ( e == NULL ) - { + if ( e == NULL ) + { int rval; - LDAPDebug( LDAP_DEBUG_ANY, "vlv_trim_candidates_byvalue: Candidate ID %lu not found err=%d\n", (u_long)id, err, 0 ); - rval = idl_delete(&candidates, id); + LDAPDebug( LDAP_DEBUG_ANY, "vlv_trim_candidates_byvalue: " + "Candidate ID %lu not found err=%d\n", (u_long)id, err, 0 ); + rval = idl_delete((IDList **)&candidates, id); if (0 == rval || 1 == rval || 2 == rval) { goto retry; } else { @@ -1953,6 +1974,14 @@ const char *dn= slapi_sdn_get_dn(&e->e_sdn); backend *be= inst->inst_be; + if (instance_set_busy(inst) != 0) + { + LDAPDebug( LDAP_DEBUG_ANY, + "Backend instance: '%s' is already in the middle of " + "another task and cannot be disturbed.\n", + inst->inst_name, 0, 0); + return LDAP_OPERATIONS_ERROR; + } tag1=create_vlv_search_tag(dn); buf=slapi_ch_smprintf("%s%s%s%s%s","cn=MCC ",tag1,", cn=",inst->inst_name,LDBM_PLUGIN_ROOT); newdn=slapi_sdn_new_dn_byval(buf); @@ -1991,6 +2020,7 @@ } else { PR_RWLock_Unlock(be->vlvSearchList_lock); } + instance_set_not_busy(inst); slapi_ch_free((void **)&tag1); slapi_ch_free((void **)&buf); slapi_sdn_free(&newdn); From fedora-directory-commits at redhat.com Fri Jan 11 01:09:17 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 10 Jan 2008 20:09:17 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd libglobs.c, 1.6, 1.6.2.1 proto-slap.h, 1.10.2.3, 1.10.2.4 connection.c, 1.8, 1.8.2.1 daemon.c, 1.6, 1.6.2.1 task.c, 1.7, 1.7.2.1 monitor.c, 1.5, 1.5.2.1 psearch.c, 1.5, 1.5.2.1 fe.h, 1.4, 1.4.2.1 globals.c, 1.4, 1.4.2.1 Message-ID: <200801110109.m0B19H7h031725@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31666 Modified Files: Tag: Directory71RtmBranch libglobs.c proto-slap.h connection.c daemon.c task.c monitor.c psearch.c fe.h globals.c Log Message: Resolves: #240897 Summary: CRM 1474928 : ds7.1 db index/vlv not handling a stop-slapd, hangs slapd Description: applied the patch to Directory71RtmBranch Index: libglobs.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- libglobs.c 19 Apr 2005 22:07:36 -0000 1.6 +++ libglobs.c 11 Jan 2008 01:09:14 -0000 1.6.2.1 @@ -651,6 +651,29 @@ } /* + * counter for active threads + */ +static PRInt32 active_threads = 0; + +void +g_incr_active_threadcnt() +{ + PR_AtomicIncrement(&active_threads); +} + +void +g_decr_active_threadcnt() +{ + PR_AtomicDecrement(&active_threads); +} + +int +g_get_active_threadcnt() +{ + return (int)active_threads; +} + +/* ** Setting this flag forces the server to shutdown. */ static int slapd_shutdown; Index: proto-slap.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v retrieving revision 1.10.2.3 retrieving revision 1.10.2.4 diff -u -r1.10.2.3 -r1.10.2.4 --- proto-slap.h 18 Mar 2006 17:48:37 -0000 1.10.2.3 +++ proto-slap.h 11 Jan 2008 01:09:14 -0000 1.10.2.4 @@ -196,6 +196,9 @@ int g_get_deftime(); void be_unbindall( Connection *conn, Operation *op); int be_nbackends_public(); +void g_incr_active_threadcnt(); +void g_decr_active_threadcnt(); +int g_get_active_threadcnt(); /* * bind.c Index: connection.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/connection.c,v retrieving revision 1.8 retrieving revision 1.8.2.1 diff -u -r1.8 -r1.8.2.1 --- connection.c 12 May 2005 03:43:15 -0000 1.8 +++ connection.c 11 Jan 2008 01:09:14 -0000 1.8.2.1 @@ -393,7 +393,7 @@ LDAPDebug( LDAP_DEBUG_ANY, "PR_CreateThread failed, " SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n", prerr, slapd_pr_strerror( prerr ), 0 ); } else { - PR_AtomicIncrement(&active_threads); + g_incr_active_threadcnt(); } } } @@ -730,7 +730,7 @@ } } } - PR_AtomicDecrement(&active_threads); + g_decr_active_threadcnt(); } static int handle_read_data(Connection *conn,Operation **op, @@ -1911,9 +1911,11 @@ No bother to do so much calcuation, short-cut to non-turbo mode if no activities in passed interval */ new_mode = 0; } else { + double activet = 0.0; connection_find_our_rank(conn,&connection_count, &our_rank); LDAPDebug(LDAP_DEBUG_CONNS,"conn %d turbo rank = %d out of %d conns\n",conn->c_connid,our_rank,connection_count); - threshold_rank = (int)((double)active_threads * ((double)CONN_TURBO_PERCENTILE / 100.0) ); + activet = (double)g_get_active_threadcnt(); + threshold_rank = (int)(activet * ((double)CONN_TURBO_PERCENTILE / 100.0)); /* adjust threshold_rank according number of connections, less turbo threads as more connections, @@ -1986,7 +1988,7 @@ if( op_shutdown ) { LDAPDebug( LDAP_DEBUG_TRACE, "op_thread received shutdown signal\n", 0, 0, 0 ); - PR_AtomicDecrement(&active_threads); + g_decr_active_threadcnt(); return; } @@ -2002,7 +2004,7 @@ case CONN_SHUTDOWN: LDAPDebug( LDAP_DEBUG_TRACE, "op_thread received shutdown signal\n", 0, 0, 0 ); - PR_AtomicDecrement(&active_threads); + g_decr_active_threadcnt(); return; case CONN_FOUND_WORK_TO_DO: default: @@ -2065,7 +2067,7 @@ case CONN_SHUTDOWN: LDAPDebug( LDAP_DEBUG_TRACE, "op_thread received shutdown signal\n", 0, 0, 0 ); - PR_AtomicDecrement(&active_threads); + g_decr_active_threadcnt(); return; default: break; @@ -2296,7 +2298,7 @@ #ifdef _WIN32 LDAPDebug( LDAP_DEBUG_ANY, "slapd shutting down - waiting for %d threads to terminate\n", - active_threads, 0, 0 ); + g_get_active_threadcnt(), 0, 0 ); /* kill off each worker waiting on GetQueuedCompletionStatus */ for ( i = 0; i < max_threads; ++ i ) { Index: daemon.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/daemon.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- daemon.c 19 Apr 2005 22:07:36 -0000 1.6 +++ daemon.c 11 Jan 2008 01:09:15 -0000 1.6.2.1 @@ -695,15 +695,16 @@ housekeeping_stop(); /* Run this after op_thread_cleanup() logged sth */ #ifndef _WIN32 - if ( active_threads > 0 ) { + threads = g_get_active_threadcnt(); + if ( threads > 0 ) { LDAPDebug( LDAP_DEBUG_ANY, "slapd shutting down - waiting for %d thread%s to terminate\n", - active_threads, ( active_threads > 1 ) ? "s" : "", 0 ); + threads, ( threads > 1 ) ? "s" : "", 0 ); } #endif - threads = active_threads; - while ( active_threads > 0 ) { + threads = g_get_active_threadcnt(); + while ( threads > 0 ) { PRPollDesc xpd; char x; int spe = 0; @@ -733,11 +734,11 @@ /* no data */ } DS_Sleep(PR_INTERVAL_NO_WAIT); - if ( threads != active_threads ) { + if ( threads != g_get_active_threadcnt() ) { LDAPDebug( LDAP_DEBUG_TRACE, "slapd shutting down - waiting for %d threads to terminate\n", - active_threads, 0, 0 ); - threads = active_threads; + g_get_active_threadcnt(), 0, 0 ); + threads = g_get_active_threadcnt(); } } @@ -1096,7 +1097,7 @@ snmp_collator_update(); prevtime = curtime; - num_active_threads = active_threads; + num_active_threads = g_get_active_threadcnt(); if ( (num_active_threads == 0) || (difftime(curtime, housekeeping_fire_time) >= slapd_housekeeping_timer*3) ) { Index: task.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/task.c,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -u -r1.7 -r1.7.2.1 --- task.c 19 Apr 2005 22:07:37 -0000 1.7 +++ task.c 11 Jan 2008 01:09:15 -0000 1.7.2.1 @@ -585,6 +585,7 @@ int count; Slapi_Task *task = pb->pb_task; + g_incr_active_threadcnt(); for (count = 0, inp = instance_names; *inp; inp++, count++) ; task->task_work = count; @@ -684,6 +685,7 @@ task->task_exitcode = rv; task->task_state = SLAPI_TASK_FINISHED; slapi_task_status_changed(task); + g_decr_active_threadcnt(); } static int task_export_add(Slapi_PBlock *pb, Slapi_Entry *e, @@ -925,6 +927,7 @@ Slapi_Task *task = pb->pb_task; int rv; + g_incr_active_threadcnt(); task->task_work = 1; task->task_progress = 0; task->task_state = SLAPI_TASK_RUNNING; @@ -953,6 +956,7 @@ slapi_ch_free((void **)&pb->pb_seq_val); slapi_pblock_destroy(pb); + g_decr_active_threadcnt(); } static int task_backup_add(Slapi_PBlock *pb, Slapi_Entry *e, @@ -1068,6 +1072,7 @@ Slapi_Task *task = pb->pb_task; int rv; + g_incr_active_threadcnt(); task->task_work = 1; task->task_progress = 0; task->task_state = SLAPI_TASK_RUNNING; @@ -1096,6 +1101,7 @@ slapi_ch_free((void **)&pb->pb_seq_val); slapi_pblock_destroy(pb); + g_decr_active_threadcnt(); } static int task_restore_add(Slapi_PBlock *pb, Slapi_Entry *e, @@ -1219,6 +1225,7 @@ Slapi_Task *task = pb->pb_task; int rv; + g_incr_active_threadcnt(); task->task_work = 1; task->task_progress = 0; task->task_state = SLAPI_TASK_RUNNING; @@ -1239,6 +1246,7 @@ charray_free(pb->pb_db2index_attrs); slapi_ch_free((void **)&pb->pb_instance_name); slapi_pblock_destroy(pb); + g_decr_active_threadcnt(); } static int task_index_add(Slapi_PBlock *pb, Slapi_Entry *e, Index: monitor.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/monitor.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- monitor.c 19 Apr 2005 22:07:36 -0000 1.5 +++ monitor.c 11 Jan 2008 01:09:15 -0000 1.5.2.1 @@ -81,7 +81,7 @@ attrlist_replace( &e->e_attrs, "version", vals ); slapi_ch_free( (void **) &val.bv_val ); - sprintf( buf, "%d", active_threads ); + sprintf( buf, "%d", g_get_active_threadcnt() ); val.bv_val = buf; val.bv_len = strlen( buf ); attrlist_replace( &e->e_attrs, "threads", vals ); Index: psearch.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/psearch.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- psearch.c 19 Apr 2005 22:07:36 -0000 1.5 +++ psearch.c 11 Jan 2008 01:09:15 -0000 1.5.2.1 @@ -290,7 +290,7 @@ char **pbattrs = NULL; int conn_acq_flag = 0; - PR_AtomicIncrement( &active_threads ); + g_incr_active_threadcnt(); /* need to acquire a reference to this connection so that it will not be released or cleaned up out from under us */ @@ -438,7 +438,7 @@ pe_ch_free( &peq ); } slapi_ch_free((void **) &ps ); - PR_AtomicDecrement(&active_threads); + g_decr_active_threadcnt(); } Index: fe.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/fe.h,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- fe.h 19 Apr 2005 22:07:36 -0000 1.4 +++ fe.h 11 Jan 2008 01:09:15 -0000 1.4.2.1 @@ -51,7 +51,6 @@ #endif /* DONT_DECLARE_SLAPD_LDAP_DEBUG */ #endif #endif -extern int active_threads; extern PRInt32 ops_initiated; extern PRInt32 ops_completed; extern PRLock *ops_mutex; Index: globals.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/globals.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- globals.c 19 Apr 2005 22:07:36 -0000 1.4 +++ globals.c 11 Jan 2008 01:09:15 -0000 1.4.2.1 @@ -86,14 +86,12 @@ /* * global variables that need mutex protection */ -int active_threads; PRInt32 ops_initiated; PRInt32 ops_completed; PRLock *ops_mutex; int num_conns; PRLock *num_conns_mutex; - /* DEC/COMPAQ has released a patch for 4.0d (e?) which will speed up malloc/free considerably in multithreaded multiprocessor From fedora-directory-commits at redhat.com Fri Jan 11 03:06:06 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 10 Jan 2008 22:06:06 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm vlv.c, 1.6.2.3, 1.6.2.4 Message-ID: <200801110306.m0B366Hq015366@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15322 Modified Files: Tag: Directory71RtmBranch vlv.c Log Message: Resolves: #314851 Summary: vlv: crash after repeated backend creation/deletion Description: applied the patch to Directory71RtmBranch Index: vlv.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/vlv.c,v retrieving revision 1.6.2.3 retrieving revision 1.6.2.4 diff -u -r1.6.2.3 -r1.6.2.4 --- vlv.c 11 Jan 2008 01:02:52 -0000 1.6.2.3 +++ vlv.c 11 Jan 2008 03:06:04 -0000 1.6.2.4 @@ -71,6 +71,9 @@ struct vlvSearch* newVlvSearch= vlvSearch_new(); backend *be = inst->inst_be; + if (NULL == be) { /* backend is not associated */ + return SLAPI_DSE_CALLBACK_ERROR; + } vlvSearch_init(newVlvSearch, pb, entryBefore, inst); /* vlvSearchList is modified; need Wlock */ PR_RWLock_Wlock(be->vlvSearchList_lock); @@ -275,6 +278,9 @@ ldbm_instance *inst = (ldbm_instance*)arg; backend *be= inst->inst_be; + if (NULL == be) { /* backend is not associated */ + return SLAPI_DSE_CALLBACK_ERROR; + } vlvSearch_init(newVlvSearch, pb, entryBefore, inst); vlvSearch_addtolist(newVlvSearch, (struct vlvSearch **)&be->vlvSearchList); return SLAPI_DSE_CALLBACK_OK; From fedora-directory-commits at redhat.com Fri Jan 11 18:39:13 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 13:39:13 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/passthru ptpreop.c, 1.4, 1.4.2.1 Message-ID: <200801111839.m0BIdDXi025339@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25304 Modified Files: Tag: Directory71RtmBranch ptpreop.c Log Message: Resolves: #176302 Summary: crash in PTA plugin when bind returned controls Description: applied the patch to Directory71RtmBranch Index: ptpreop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru/ptpreop.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- ptpreop.c 19 Apr 2005 22:07:31 -0000 1.4 +++ ptpreop.c 11 Jan 2008 18:39:10 -0000 1.4.2.1 @@ -143,7 +143,7 @@ static int passthru_bindpreop( Slapi_PBlock *pb ) { - int rc, method; + int rc, method, freeresctrls=1; char *normbinddn, *matcheddn; char *libldap_errmsg, *pr_errmsg, *errmsg; PassThruConfig *cfg; @@ -253,7 +253,8 @@ * Send a result to our client. */ if ( resctrls != NULL ) { - (void)slapi_pblock_set( pb, SLAPI_RESCONTROLS, &resctrls ); + (void)slapi_pblock_set( pb, SLAPI_RESCONTROLS, resctrls ); + freeresctrls=0; } slapi_send_ldap_result( pb, rc, matcheddn, errmsg, 0, urls ); } @@ -270,7 +271,7 @@ if ( pr_errmsg != NULL ) { PR_smprintf_free( pr_errmsg ); } - if ( resctrls != NULL ) { + if ( freeresctrls && (resctrls != NULL) ) { ldap_controls_free( resctrls ); } if ( matcheddn != NULL ) { From fedora-directory-commits at redhat.com Fri Jan 11 19:20:26 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 14:20:26 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/chainingdb cb_search.c, 1.5, 1.5.2.1 Message-ID: <200801111920.m0BJKQdi000649@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/chainingdb In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv554/plugins/chainingdb Modified Files: Tag: Directory71RtmBranch cb_search.c Log Message: Resolves: #204808 Summary: spurious search timeouts Description: applied the patch to Directory71RtmBranch Index: cb_search.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/chainingdb/cb_search.c,v retrieving revision 1.5 retrieving revision 1.5.2.1 diff -u -r1.5 -r1.5.2.1 --- cb_search.c 19 Apr 2005 22:07:29 -0000 1.5 +++ cb_search.c 11 Jan 2008 19:20:23 -0000 1.5.2.1 @@ -179,7 +179,7 @@ slapi_pblock_set( pb, SLAPI_SEARCH_RESULT_ENTRY, NULL ); return 1; } - timeout.tv_sec=timelimit-(now-optime); + timeout.tv_sec=(time_t)timelimit-(now-optime); timeout.tv_usec=0; } @@ -414,7 +414,10 @@ { char *target; - int sizelimit,timelimit, rc, parse_rc, optime,i,retcode, attrsonly; + int sizelimit, timelimit; + int rc, parse_rc, retcode; + int i, attrsonly; + time_t optime; LDAPMessage *res=NULL; char *matched_msg,*error_msg; cb_searchContext *ctx=NULL; From fedora-directory-commits at redhat.com Fri Jan 11 19:20:26 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 14:20:26 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd pblock.c, 1.4, 1.4.2.1 Message-ID: <200801111920.m0BJKQrL000655@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv554/slapd Modified Files: Tag: Directory71RtmBranch pblock.c Log Message: Resolves: #204808 Summary: spurious search timeouts Description: applied the patch to Directory71RtmBranch Index: pblock.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/pblock.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- pblock.c 19 Apr 2005 22:07:36 -0000 1.4 +++ pblock.c 11 Jan 2008 19:20:24 -0000 1.4.2.1 @@ -338,7 +338,7 @@ (*(int *)value) = pblock->pb_op->o_params.operation_type; break; case SLAPI_OPINITIATED_TIME: - (*(int *)value) = pblock->pb_op->o_time; + (*(time_t *)value) = pblock->pb_op->o_time; break; case SLAPI_REQUESTOR_ISROOT: (*(int *)value) = pblock->pb_requestor_isroot; From fedora-directory-commits at redhat.com Fri Jan 11 19:20:26 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 14:20:26 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldif search.c, 1.4, 1.4.2.1 Message-ID: <200801111920.m0BJKQkb000661@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldif In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv554/slapd/back-ldif Modified Files: Tag: Directory71RtmBranch search.c Log Message: Resolves: #204808 Summary: spurious search timeouts Description: applied the patch to Directory71RtmBranch Index: search.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldif/search.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- search.c 19 Apr 2005 22:07:39 -0000 1.4 +++ search.c 11 Jan 2008 19:20:24 -0000 1.4.2.1 @@ -143,7 +143,7 @@ /*Make sure we're not exceeding our time limit...*/ currtime = time(&dummy); - if ((tlimit > 0) && ((currtime - optime) > tlimit)){ + if ((tlimit > 0) && ((currtime - optime) > (time_t)tlimit)){ slapi_send_ldap_result( pb, LDAP_TIMELIMIT_EXCEEDED, NULL, NULL, nentries, NULL); /*We "hit" the cache*/ From fedora-directory-commits at redhat.com Fri Jan 11 19:20:27 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 14:20:27 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldbm_search.c, 1.6.2.1, 1.6.2.2 Message-ID: <200801111920.m0BJKRrw000667@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv554/slapd/back-ldbm Modified Files: Tag: Directory71RtmBranch ldbm_search.c Log Message: Resolves: #204808 Summary: spurious search timeouts Description: applied the patch to Directory71RtmBranch Index: ldbm_search.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldbm_search.c,v retrieving revision 1.6.2.1 retrieving revision 1.6.2.2 diff -u -r1.6.2.1 -r1.6.2.2 --- ldbm_search.c 24 May 2006 20:46:45 -0000 1.6.2.1 +++ ldbm_search.c 11 Jan 2008 19:20:24 -0000 1.6.2.2 @@ -422,7 +422,7 @@ if (sort && (NULL != candidates)) { time_t optime = 0; - time_t tlimit = 0; + int tlimit = 0; slapi_pblock_get( pb, SLAPI_SEARCH_TIMELIMIT, &tlimit ); slapi_pblock_get( pb, SLAPI_OPINITIATED_TIME, &optime ); From fedora-directory-commits at redhat.com Fri Jan 11 20:05:17 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 15:05:17 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm index.c, 1.5.2.1, 1.5.2.2 Message-ID: <200801112005.m0BK5H41008794@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8765/slapd/back-ldbm Modified Files: Tag: Directory71RtmBranch index.c Log Message: Resolves: #219586 Summary: Slapi_Value memory leak in index code Description: applied the patch to Directory71RtmBranch Index: index.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/index.c,v retrieving revision 1.5.2.1 retrieving revision 1.5.2.2 diff -u -r1.5.2.1 -r1.5.2.2 --- index.c 26 Aug 2005 15:44:36 -0000 1.5.2.1 +++ index.c 11 Jan 2008 20:05:14 -0000 1.5.2.2 @@ -527,7 +527,8 @@ slapi_entry_attr_find( olde->ep_entry, mods[i]->mod_type, &curr_attr ); if ( mods_valueArray != NULL ) { for ( j = 0; mods_valueArray[j] != NULL; j++ ) { - valuearray_remove_value(curr_attr, evals, mods_valueArray[j]); + Slapi_Value *rval = valuearray_remove_value(curr_attr, evals, mods_valueArray[j]); + slapi_value_free( &rval ); } } @@ -541,7 +542,8 @@ } } else { /* Remove duplicate value from deleted value array */ - valuearray_remove_value(curr_attr, deleted_valueArray, deleted_valueArray[j]); + Slapi_Value *rval = valuearray_remove_value(curr_attr, deleted_valueArray, deleted_valueArray[j]); + slapi_value_free( &rval ); j--; } } @@ -607,7 +609,8 @@ } } else { /* Remove duplicate value from the mod list */ - valuearray_remove_value(curr_attr, deleted_valueArray, deleted_valueArray[j]); + Slapi_Value *rval = valuearray_remove_value(curr_attr, deleted_valueArray, deleted_valueArray[j]); + slapi_value_free( &rval ); j--; } } From fedora-directory-commits at redhat.com Fri Jan 11 20:52:48 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 15:52:48 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/acl acl.c, 1.6, 1.6.2.1 Message-ID: <200801112052.m0BKqmo2010569@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/acl In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10506/plugins/acl Modified Files: Tag: Directory71RtmBranch acl.c Log Message: Resolves: #288321 Summary: ns-slapd aborts during updating attribute values which contain + characters with nothing after them Description: applied the patch to Directory71RtmBranch Index: acl.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/acl/acl.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- acl.c 19 Apr 2005 22:07:28 -0000 1.6 +++ acl.c 11 Jan 2008 20:52:46 -0000 1.6.2.1 @@ -107,7 +107,7 @@ Slapi_PBlock *pb, Slapi_Entry *e, /* The Slapi_Entry */ char *attr, /* Attribute of the entry */ - struct berval *val, /* value of attr. NOT USED */ + struct berval *val, /* value of attr */ int access /* requested access rights */ ) { @@ -337,20 +337,32 @@ TNF_PROBE_0_DEBUG(acl_aclpbinit_end,"ACL",""); - /* Here we mean if "I am trying to add/delete "myself" ? " */ + /* Here we mean if "I am trying to add/delete "myself" to a group, etc." We + * basically just want to see if the value matches the DN of the user that + * we're checking access for */ if (val && (access & SLAPI_ACL_WRITE) && (val->bv_len > 0) ) { - /* should use slapi_sdn_compare() but that'a an extra malloc/free */ + Slapi_Attr *sa = slapi_attr_new(); + char *oid = NULL; - char *dn_val_to_write = - slapi_dn_normalize(slapi_ch_strdup(val->bv_val)); + slapi_attr_init(sa, attr); + slapi_attr_get_syntax_oid_copy(sa, &oid); - if ( aclpb->aclpb_authorization_sdn && - slapi_utf8casecmp((ACLUCHP)dn_val_to_write, (ACLUCHP) - slapi_sdn_get_ndn(aclpb->aclpb_authorization_sdn)) == 0) { - access |= SLAPI_ACL_SELF; - } + /* We only want to perform this check if the attribute is + * defined using the DN syntax. */ + if (oid && (strcasecmp(oid, DN_SYNTAX_OID) == 0)) { + /* should use slapi_sdn_compare() but that'a an extra malloc/free */ + char *dn_val_to_write = slapi_dn_normalize(slapi_ch_strdup(val->bv_val)); + if ( aclpb->aclpb_authorization_sdn && + slapi_utf8casecmp((ACLUCHP)dn_val_to_write, (ACLUCHP) + slapi_sdn_get_ndn(aclpb->aclpb_authorization_sdn)) == 0) { + access |= SLAPI_ACL_SELF; + } - slapi_ch_free( (void **)&dn_val_to_write); + slapi_ch_free_string(&dn_val_to_write); + } + + slapi_ch_free_string(&oid); + slapi_attr_free(&sa); } /* Convert access to string of rights eg SLAPI_ACL_ADD->"add". */ From fedora-directory-commits at redhat.com Fri Jan 11 20:52:48 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 15:52:48 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd attrsyntax.c, 1.4, 1.4.2.1 dn.c, 1.6.2.2, 1.6.2.3 libslapd.def, 1.11.2.3, 1.11.2.4 slapi-plugin.h, 1.8.2.1, 1.8.2.2 Message-ID: <200801112052.m0BKqmdZ010578@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10506/slapd Modified Files: Tag: Directory71RtmBranch attrsyntax.c dn.c libslapd.def slapi-plugin.h Log Message: Resolves: #288321 Summary: ns-slapd aborts during updating attribute values which contain + characters with nothing after them Description: applied the patch to Directory71RtmBranch Index: attrsyntax.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/attrsyntax.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- attrsyntax.c 19 Apr 2005 22:07:36 -0000 1.4 +++ attrsyntax.c 11 Jan 2008 20:52:46 -0000 1.4.2.1 @@ -726,6 +726,22 @@ } } +/* Returns the oid of the syntax of the Slapi_Attr that's passed in. + * The caller must dispose of oid by calling slapi_ch_free_string(). */ +int +slapi_attr_get_syntax_oid_copy( const Slapi_Attr *a, char **oidp ) +{ + void *pi = NULL; + + if (a && (slapi_attr_type2plugin(a->a_type, &pi) == 0)) { + *oidp = slapi_ch_strdup(plugin_syntax2oid(pi)); + return( 0 ); + } else { + *oidp = NULL; + return( -1 ); + } +} + #ifdef ATTR_LDAP_DEBUG PRIntn Index: dn.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/dn.c,v retrieving revision 1.6.2.2 retrieving revision 1.6.2.3 diff -u -r1.6.2.2 -r1.6.2.3 --- dn.c 2 Mar 2006 01:12:25 -0000 1.6.2.2 +++ dn.c 11 Jan 2008 20:52:46 -0000 1.6.2.3 @@ -337,7 +337,13 @@ /* * Track and sort attribute values within multivalued RDNs. */ - if ( rdn_av_count > 0 ) { + /* We may still be in an unexpected state, such as B4TYPE if + * we encountered something odd like a '+' at the end of the + * rdn. If this is the case, we don't want to add this bogus + * rdn to our list to sort. We should only be in the INVALUE + * or B4SEPARATOR state if we have a valid rdn component to + * be added. */ + if ((rdn_av_count > 0) && ((state == INVALUE) || (state == B4SEPARATOR))) { add_rdn_av( typestart, d, &rdn_av_count, &rdn_avs, initial_rdn_av_stack ); } @@ -347,7 +353,6 @@ if ( rdn_av_count > 0 ) { reset_rdn_avs( &rdn_avs, &rdn_av_count ); } - /* Trim trailing spaces */ while ( d != dn && *(d - 1) == ' ' ) d--; /* XXX 518524 */ Index: libslapd.def =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libslapd.def,v retrieving revision 1.11.2.3 retrieving revision 1.11.2.4 diff -u -r1.11.2.3 -r1.11.2.4 --- libslapd.def 19 Mar 2006 21:20:45 -0000 1.11.2.3 +++ libslapd.def 11 Jan 2008 20:52:46 -0000 1.11.2.4 @@ -1180,3 +1180,4 @@ sasl_map_done @1179 slapd_SECITEM_FreeItem @1180 slapi_op_type_to_string @1181 + slapi_attr_get_syntax_oid_copy @1182 Index: slapi-plugin.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-plugin.h,v retrieving revision 1.8.2.1 retrieving revision 1.8.2.2 diff -u -r1.8.2.1 -r1.8.2.2 --- slapi-plugin.h 2 Mar 2006 01:12:25 -0000 1.8.2.1 +++ slapi-plugin.h 11 Jan 2008 20:52:46 -0000 1.8.2.2 @@ -391,6 +391,7 @@ int slapi_attr_type2plugin( const char *type, void **pi ); int slapi_attr_get_type( Slapi_Attr *attr, char **type ); int slapi_attr_get_oid_copy( const Slapi_Attr *attr, char **oidp ); +int slapi_attr_get_syntax_oid_copy( const Slapi_Attr *a, char **oidp ); int slapi_attr_get_flags( const Slapi_Attr *attr, unsigned long *flags ); int slapi_attr_flag_is_set( const Slapi_Attr *attr, unsigned long flag ); int slapi_attr_value_cmp( const Slapi_Attr *attr, const struct berval *v1, const struct berval *v2 ); From fedora-directory-commits at redhat.com Fri Jan 11 21:53:22 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:53:22 -0500 Subject: [Fedora-directory-commits] dsgw/orgbin - New directory Message-ID: <200801112153.m0BLrMjB019792@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/orgbin In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19773/orgbin Log Message: Directory /cvs/dirsec/dsgw/orgbin added to the repository From fedora-directory-commits at redhat.com Fri Jan 11 21:54:54 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:54:54 -0500 Subject: [Fedora-directory-commits] dsgw/orghtml - New directory Message-ID: <200801112154.m0BLsspM020060@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/orghtml In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20045/orghtml Log Message: Directory /cvs/dirsec/dsgw/orghtml added to the repository From fedora-directory-commits at redhat.com Fri Jan 11 21:58:12 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:58:12 -0500 Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.3, 1.4 Makefile.in, 1.3, 1.4 configure, 1.3, 1.4 configure.ac, 1.3, 1.4 dsgw-httpd.conf.in, 1.2, 1.3 Message-ID: <200801112158.m0BLwCZh020361@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20288 Modified Files: Makefile.am Makefile.in configure configure.ac dsgw-httpd.conf.in Log Message: Added orgchart to dsgw. Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.am,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Makefile.am 10 Jan 2008 01:19:36 -0000 1.3 +++ Makefile.am 11 Jan 2008 21:58:09 -0000 1.4 @@ -25,6 +25,7 @@ cgibindir = $(libdir)@cgibindir@ htmldir = $(datadir)@htmldir@ pbhtmldir = $(datadir)@pbhtmldir@ +orghtmldir = $(datadir)@orghtmldir@ # config is a bit of a misnomer - these are really configurable templates configdir = $(datadir)@configdir@ pbconfigdir = $(datadir)@pbconfigdir@ @@ -34,6 +35,7 @@ securitydir=$(instconfigdir)@securitydir@ # relative to $localstatedir cookiedir=$(localstatedir)@cookiedir@ +perldir = $(libdir)@perldir@ DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)" @@ -66,6 +68,8 @@ cgibin_PROGRAMS = auth doauth edit domodify dnedit dosearch $(NEED_SECGLUE) $(CKUTILPROGS) +cgibin_SCRIPTS = orgbin/org orgbin/myorg + noinst_PROGRAMS = propmaker # I need propmaker to build with no libraries - I don't know of any other way to set # the LIBS for a specific program (no, propmaker_LIBS doesn't work) - LDADD is the @@ -130,6 +134,14 @@ pbhtml/conference.gif pbhtml/orgicon.gif pbhtml/view_vcard_sm.gif \ pbhtml/confirm.html +dist_orghtml_DATA = \ + orghtml/aim-online.gif orghtml/arrow.gif orghtml/botframe.html \ + orghtml/branch-cc1.gif orghtml/index.html orghtml/ldap-person.gif \ + orghtml/mag.gif orghtml/mail.gif orghtml/new-branch-blank.gif \ + orghtml/new-branch-first.gif orghtml/new-branch-straight.gif orghtml/orgicon.gif \ + orghtml/styles.css orghtml/topframe.html + + dist_config_DATA = \ config/authPassword.html config/dsgw-l10n.conf \ config/authSearch.html config/dsgwsearchprefs.conf \ @@ -151,7 +163,7 @@ config/display-orgperson.html config/newentry.html \ config/display-orgunit.html config/newentryName.html \ config/display-person.html config/newentryType.html \ - config/search.html \ + config/orgchart.tmpl config/search.html \ config/dsgwfilter.conf config/searchString.html \ config/en/dsgwcollate.conf config/en/dsgw-l10n.conf @@ -220,15 +232,20 @@ -e 's, at localstatedir\@,$(localstatedir),g' \ -e 's, at cgibindir\@,$(cgibindir),g' \ -e 's, at cgiuri\@,$(cgiuri),g' \ + -e 's, at orguri\@,$(orguri),g' \ + -e 's, at dsgwuri\@,$(dsgwuri),g' \ -e 's, at cmdbindir\@,$(cmdbindir),g' \ -e 's, at propertydir\@,$(propertydir),g' \ -e 's, at htmldir\@,$(htmldir),g' \ -e 's, at pbhtmldir\@,$(pbhtmldir),g' \ + -e 's, at orghtmldir\@,$(orghtmldir),g' \ -e 's, at configdir\@,$(configdir),g' \ -e 's, at pbconfigdir\@,$(pbconfigdir),g' \ -e 's, at contextdir\@,$(contextdir),g' \ -e 's, at securitydir\@,$(securitydir),g' \ -e 's, at instconfigdir\@,$(instconfigdir),g' \ + -e 's, at perlpath\@,$(perldir),g' \ + -e 's, at perlexec\@, at perlexec@,g' \ -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \ -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \ -e 's, at package_name\@,$(PACKAGE_NAME),g' \ Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.in,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Makefile.in 10 Jan 2008 01:19:36 -0000 1.3 +++ Makefile.in 11 Jan 2008 21:58:09 -0000 1.4 @@ -35,6 +35,7 @@ # END COPYRIGHT BLOCK + srcdir = @srcdir@ top_srcdir = @top_srcdir@ VPATH = @srcdir@ @@ -64,11 +65,11 @@ $(am__EXEEXT_1) noinst_PROGRAMS = propmaker$(EXEEXT) DIST_COMMON = README $(am__configure_deps) $(dist_config_DATA) \ - $(dist_html_DATA) $(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \ - $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(srcdir)/config.h.in $(top_srcdir)/configure AUTHORS \ - ChangeLog NEWS compile config.guess config.sub depcomp \ - install-sh ltmain.sh missing + $(dist_html_DATA) $(dist_orghtml_DATA) $(dist_pbconfig_DATA) \ + $(dist_pbhtml_DATA) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(top_srcdir)/configure AUTHORS ChangeLog NEWS compile \ + config.guess config.sub depcomp install-sh ltmain.sh missing subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/fhs.m4 $(top_srcdir)/m4/nspr.m4 \ @@ -84,8 +85,9 @@ CONFIG_CLEAN_FILES = am__EXEEXT_1 = unauth$(EXEEXT) search$(EXEEXT) csearch$(EXEEXT) \ newentry$(EXEEXT) tutor$(EXEEXT) lang$(EXEEXT) -am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" \ - "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(pbconfigdir)" \ +am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" \ + "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" \ + "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" \ "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" \ "$(DESTDIR)$(propertydir)" cgibinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) @@ -139,6 +141,8 @@ secglue.$(OBJEXT) unauth_OBJECTS = $(am_unauth_OBJECTS) unauth_LDADD = $(LDADD) +cgibinSCRIPT_INSTALL = $(INSTALL_SCRIPT) +SCRIPTS = $(cgibin_SCRIPTS) DEFAULT_INCLUDES = -I. -I$(srcdir) -I. depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles @@ -168,13 +172,14 @@ am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; dist_configDATA_INSTALL = $(INSTALL_DATA) dist_htmlDATA_INSTALL = $(INSTALL_DATA) +dist_orghtmlDATA_INSTALL = $(INSTALL_DATA) dist_pbconfigDATA_INSTALL = $(INSTALL_DATA) dist_pbhtmlDATA_INSTALL = $(INSTALL_DATA) nodist_contextDATA_INSTALL = $(INSTALL_DATA) nodist_propertyDATA_INSTALL = $(INSTALL_DATA) -DATA = $(dist_config_DATA) $(dist_html_DATA) $(dist_pbconfig_DATA) \ - $(dist_pbhtml_DATA) $(nodist_context_DATA) \ - $(nodist_property_DATA) +DATA = $(dist_config_DATA) $(dist_html_DATA) $(dist_orghtml_DATA) \ + $(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \ + $(nodist_context_DATA) $(nodist_property_DATA) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -305,6 +310,7 @@ # relative to $localstatedir cookiedir = $(localstatedir)@cookiedir@ datadir = @datadir@ +dsgwuri = @dsgwuri@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ @@ -335,8 +341,12 @@ nss_lib = @nss_lib@ nss_libdir = @nss_libdir@ oldincludedir = @oldincludedir@ +orghtmldir = $(datadir)@orghtmldir@ +orguri = @orguri@ pbconfigdir = $(datadir)@pbconfigdir@ pbhtmldir = $(datadir)@pbhtmldir@ +perldir = $(libdir)@perldir@ +perlexec = @perlexec@ prefix = @prefix@ program_transform_name = @program_transform_name@ propertydir = $(datadir)@propertydir@ @@ -364,6 +374,7 @@ # these are programs which we do not want to link with nss NEED_SECGLUE = unauth search csearch newentry tutor lang +cgibin_SCRIPTS = orgbin/org orgbin/myorg # I need propmaker to build with no libraries - I don't know of any other way to set # the LIBS for a specific program (no, propmaker_LIBS doesn't work) - LDADD is the # last thing on the link line before LIBS, so just have it terminate the command @@ -424,6 +435,13 @@ pbhtml/conference.gif pbhtml/orgicon.gif pbhtml/view_vcard_sm.gif \ pbhtml/confirm.html +dist_orghtml_DATA = \ + orghtml/aim-online.gif orghtml/arrow.gif orghtml/botframe.html \ + orghtml/branch-cc1.gif orghtml/index.html orghtml/ldap-person.gif \ + orghtml/mag.gif orghtml/mail.gif orghtml/new-branch-blank.gif \ + orghtml/new-branch-first.gif orghtml/new-branch-straight.gif orghtml/orgicon.gif \ + orghtml/styles.css orghtml/topframe.html + dist_config_DATA = \ config/authPassword.html config/dsgw-l10n.conf \ config/authSearch.html config/dsgwsearchprefs.conf \ @@ -445,7 +463,7 @@ config/display-orgperson.html config/newentry.html \ config/display-orgunit.html config/newentryName.html \ config/display-person.html config/newentryType.html \ - config/search.html \ + config/orgchart.tmpl config/search.html \ config/dsgwfilter.conf config/searchString.html \ config/en/dsgwcollate.conf config/en/dsgw-l10n.conf @@ -491,15 +509,20 @@ -e 's, at localstatedir\@,$(localstatedir),g' \ -e 's, at cgibindir\@,$(cgibindir),g' \ -e 's, at cgiuri\@,$(cgiuri),g' \ + -e 's, at orguri\@,$(orguri),g' \ + -e 's, at dsgwuri\@,$(dsgwuri),g' \ -e 's, at cmdbindir\@,$(cmdbindir),g' \ -e 's, at propertydir\@,$(propertydir),g' \ -e 's, at htmldir\@,$(htmldir),g' \ -e 's, at pbhtmldir\@,$(pbhtmldir),g' \ + -e 's, at orghtmldir\@,$(orghtmldir),g' \ -e 's, at configdir\@,$(configdir),g' \ -e 's, at pbconfigdir\@,$(pbconfigdir),g' \ -e 's, at contextdir\@,$(contextdir),g' \ -e 's, at securitydir\@,$(securitydir),g' \ -e 's, at instconfigdir\@,$(instconfigdir),g' \ + -e 's, at perlpath\@,$(perldir),g' \ + -e 's, at perlexec\@, at perlexec@,g' \ -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \ -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \ -e 's, at package_name\@,$(PACKAGE_NAME),g' \ @@ -639,6 +662,25 @@ unauth$(EXEEXT): $(unauth_OBJECTS) $(unauth_DEPENDENCIES) @rm -f unauth$(EXEEXT) $(LINK) $(unauth_LDFLAGS) $(unauth_OBJECTS) $(unauth_LDADD) $(LIBS) +install-cgibinSCRIPTS: $(cgibin_SCRIPTS) + @$(NORMAL_INSTALL) + test -z "$(cgibindir)" || $(mkdir_p) "$(DESTDIR)$(cgibindir)" + @list='$(cgibin_SCRIPTS)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + if test -f $$d$$p; then \ + f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ + echo " $(cgibinSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(cgibindir)/$$f'"; \ + $(cgibinSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(cgibindir)/$$f"; \ + else :; fi; \ + done + +uninstall-cgibinSCRIPTS: + @$(NORMAL_UNINSTALL) + @list='$(cgibin_SCRIPTS)'; for p in $$list; do \ + f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ + echo " rm -f '$(DESTDIR)$(cgibindir)/$$f'"; \ + rm -f "$(DESTDIR)$(cgibindir)/$$f"; \ + done mostlyclean-compile: -rm -f *.$(OBJEXT) @@ -744,6 +786,23 @@ echo " rm -f '$(DESTDIR)$(htmldir)/$$f'"; \ rm -f "$(DESTDIR)$(htmldir)/$$f"; \ done +install-dist_orghtmlDATA: $(dist_orghtml_DATA) + @$(NORMAL_INSTALL) + test -z "$(orghtmldir)" || $(mkdir_p) "$(DESTDIR)$(orghtmldir)" + @list='$(dist_orghtml_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(dist_orghtmlDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(orghtmldir)/$$f'"; \ + $(dist_orghtmlDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(orghtmldir)/$$f"; \ + done + +uninstall-dist_orghtmlDATA: + @$(NORMAL_UNINSTALL) + @list='$(dist_orghtml_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(orghtmldir)/$$f'"; \ + rm -f "$(DESTDIR)$(orghtmldir)/$$f"; \ + done install-dist_pbconfigDATA: $(dist_pbconfig_DATA) @$(NORMAL_INSTALL) test -z "$(pbconfigdir)" || $(mkdir_p) "$(DESTDIR)$(pbconfigdir)" @@ -864,7 +923,7 @@ distdir: $(DISTFILES) $(am__remove_distdir) mkdir $(distdir) - $(mkdir_p) $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/m4 $(distdir)/pbconfig $(distdir)/pbhtml + $(mkdir_p) $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/m4 $(distdir)/orghtml $(distdir)/pbconfig $(distdir)/pbhtml @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ list='$(DISTFILES)'; for file in $$list; do \ @@ -990,9 +1049,9 @@ exit 1; } >&2 check-am: all-am check: check-am -all-am: Makefile $(PROGRAMS) $(DATA) config.h +all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(DATA) config.h installdirs: - for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \ + for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \ test -z "$$dir" || $(mkdir_p) "$$dir"; \ done install: install-am @@ -1042,8 +1101,9 @@ info-am: -install-data-am: install-cgibinPROGRAMS install-dist_configDATA \ - install-dist_htmlDATA install-dist_pbconfigDATA \ +install-data-am: install-cgibinPROGRAMS install-cgibinSCRIPTS \ + install-dist_configDATA install-dist_htmlDATA \ + install-dist_orghtmlDATA install-dist_pbconfigDATA \ install-dist_pbhtmlDATA install-nodist_contextDATA \ install-nodist_propertyDATA @@ -1075,8 +1135,9 @@ ps-am: -uninstall-am: uninstall-cgibinPROGRAMS uninstall-dist_configDATA \ - uninstall-dist_htmlDATA uninstall-dist_pbconfigDATA \ +uninstall-am: uninstall-cgibinPROGRAMS uninstall-cgibinSCRIPTS \ + uninstall-dist_configDATA uninstall-dist_htmlDATA \ + uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \ uninstall-dist_pbhtmlDATA uninstall-info-am \ uninstall-nodist_contextDATA uninstall-nodist_propertyDATA @@ -1087,17 +1148,20 @@ distclean-compile distclean-generic distclean-hdr \ distclean-libtool distclean-tags distcleancheck distdir \ distuninstallcheck dvi dvi-am html html-am info info-am \ - install install-am install-cgibinPROGRAMS install-data \ - install-data-am install-dist_configDATA install-dist_htmlDATA \ - install-dist_pbconfigDATA install-dist_pbhtmlDATA install-exec \ - install-exec-am install-info install-info-am install-man \ + install install-am install-cgibinPROGRAMS \ + install-cgibinSCRIPTS install-data install-data-am \ + install-dist_configDATA install-dist_htmlDATA \ + install-dist_orghtmlDATA install-dist_pbconfigDATA \ + install-dist_pbhtmlDATA install-exec install-exec-am \ + install-info install-info-am install-man \ install-nodist_contextDATA install-nodist_propertyDATA \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ pdf pdf-am ps ps-am tags uninstall uninstall-am \ - uninstall-cgibinPROGRAMS uninstall-dist_configDATA \ - uninstall-dist_htmlDATA uninstall-dist_pbconfigDATA \ + uninstall-cgibinPROGRAMS uninstall-cgibinSCRIPTS \ + uninstall-dist_configDATA uninstall-dist_htmlDATA \ + uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \ uninstall-dist_pbhtmlDATA uninstall-info-am \ uninstall-nodist_contextDATA uninstall-nodist_propertyDATA Index: configure =================================================================== RCS file: /cvs/dirsec/dsgw/configure,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- configure 10 Jan 2008 01:19:36 -0000 1.3 +++ configure 11 Jan 2008 21:58:09 -0000 1.4 @@ -466,7 +466,7 @@ #endif" ac_default_prefix=/opt/dirsrv -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP! P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri propertydir htmldir pbhtmldir configdir pbconfigdir contextdir securitydir cookiedir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP! P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN perlexec CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri dsgwuri orguri propertydir htmldir pbhtmldir orghtmldir configdir pbconfigdir contextdir securitydir cookiedir perldir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. @@ -21242,6 +21242,14 @@ CXXLINK_REQUIRED=0 +# on most platforms, we will just use perl from PATH +# On some platforms, we cannot. Why not just use any old +# perl? Because of perldap. We use a perldap that is +# compiled to either 32bit or 64bit, so we must use a native +# perl binary compiled with the same bitsize. On Solaris +# and HP-UX, /usr/bin/perl is 32 bit, so we cannot use +# those with our 64 bit compiled product. +perlexec='/usr/bin/env perl' case $host in *-*-linux*) @@ -21308,6 +21316,8 @@ _ACEOF CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl_64/bin/perl' platform="hpux" ;; hppa*-hp-hpux*) @@ -21357,6 +21367,8 @@ _ACEOF CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl_64/bin/perl' platform="hpux" ;; sparc-sun-solaris*) @@ -21423,12 +21435,16 @@ LIBCRUN=$LIBCRUN CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl5x/bin/perl' platform="solaris" ;; *) esac + + if test "$CXXLINK_REQUIRED" = 1; then CXXLINK_REQUIRED_TRUE= CXXLINK_REQUIRED_FALSE='#' @@ -21490,38 +21506,40 @@ # relative to datadir htmldir=/$PACKAGE_NAME/html pbhtmldir=/$PACKAGE_NAME/pbhtml + orghtmldir=/$PACKAGE_NAME/orghtml configdir=/$PACKAGE_NAME/config pbconfigdir=/$PACKAGE_NAME/pbconfig manualuri=/$PACKAGE_NAME/manual propertydir=/$PACKAGE_NAME/properties # relative to libdir cgibindir=/$PACKAGE_NAME/cgi-bin - # location of property/resource files, relative to datadir - cgiuri=/cgi-bin + perldir=/$PACKAGE_NAME/perl elif test "$with_fhs_opt" = "yes"; then # relative to datadir htmldir=/dsgw/html pbhtmldir=/dsgw/pbhtml + orghtmldir=/dsgw/orghtml configdir=/dsgw/config pbconfigdir=/dsgw/pbconfig manualuri=/dsgw/manual propertydir=/properties/dsgw + # relative to libdir + perldir=/perl # same as server's cgibindir cgibindir=/cgi-bin - cgiuri=/cgi-bin else # relative to datadir htmldir=/$PACKAGE_BASE_NAME/dsgw/html pbhtmldir=/$PACKAGE_BASE_NAME/dsgw/pbhtml + orghtmldir=/$PACKAGE_BASE_NAME/dsgw/orghtml configdir=/$PACKAGE_BASE_NAME/dsgw/config pbconfigdir=/$PACKAGE_BASE_NAME/dsgw/pbconfig manualuri=/$PACKAGE_BASE_NAME/dsgw/manual propertydir=/$PACKAGE_BASE_NAME/properties/dsgw # relative to libdir + perldir=/$PACKAGE_BASE_NAME/perl # CGI program directory cgibindir=/$PACKAGE_BASE_NAME/cgi-bin - # location of property/resource files, relative to datadir - cgiuri=/cgi-bin fi # relative to instconfigdir @@ -21529,6 +21547,10 @@ securitydir=/dsgw # relative to $localstatedir cookiedir=/run/$PACKAGE_BASE_NAME/dsgw/cookies +# URIs +cgiuri=/cgi-bin +dsgwuri=/dsgw +orguri=/orgchart # Check for library dependencies # BEGIN COPYRIGHT BLOCK @@ -22600,6 +22622,10 @@ + + + + # need a check here to see if the ldif functions are exported from libldap # for now, just assume they are not @@ -23433,6 +23459,7 @@ s, at LIBNSL@,$LIBNSL,;t t s, at LIBCSTD@,$LIBCSTD,;t t s, at LIBCRUN@,$LIBCRUN,;t t +s, at perlexec@,$perlexec,;t t s, at CXXLINK_REQUIRED_TRUE@,$CXXLINK_REQUIRED_TRUE,;t t s, at CXXLINK_REQUIRED_FALSE@,$CXXLINK_REQUIRED_FALSE,;t t s, at HPUX_TRUE@,$HPUX_TRUE,;t t @@ -23463,14 +23490,18 @@ s, at icu_bin@,$icu_bin,;t t s, at cgibindir@,$cgibindir,;t t s, at cgiuri@,$cgiuri,;t t +s, at dsgwuri@,$dsgwuri,;t t +s, at orguri@,$orguri,;t t s, at propertydir@,$propertydir,;t t s, at htmldir@,$htmldir,;t t s, at pbhtmldir@,$pbhtmldir,;t t +s, at orghtmldir@,$orghtmldir,;t t s, at configdir@,$configdir,;t t s, at pbconfigdir@,$pbconfigdir,;t t s, at contextdir@,$contextdir,;t t s, at securitydir@,$securitydir,;t t s, at cookiedir@,$cookiedir,;t t +s, at perldir@,$perldir,;t t s, at NEED_LDIF_TRUE@,$NEED_LDIF_TRUE,;t t s, at NEED_LDIF_FALSE@,$NEED_LDIF_FALSE,;t t s, at WINNT_TRUE@,$WINNT_TRUE,;t t Index: configure.ac =================================================================== RCS file: /cvs/dirsec/dsgw/configure.ac,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- configure.ac 10 Jan 2008 01:19:36 -0000 1.3 +++ configure.ac 11 Jan 2008 21:58:09 -0000 1.4 @@ -125,6 +125,14 @@ m4_include(m4/fhs.m4) CXXLINK_REQUIRED=0 +# on most platforms, we will just use perl from PATH +# On some platforms, we cannot. Why not just use any old +# perl? Because of perldap. We use a perldap that is +# compiled to either 32bit or 64bit, so we must use a native +# perl binary compiled with the same bitsize. On Solaris +# and HP-UX, /usr/bin/perl is 32 bit, so we cannot use +# those with our 64 bit compiled product. +perlexec='/usr/bin/env perl' case $host in *-*-linux*) AC_DEFINE([XP_UNIX], [1], [UNIX]) @@ -143,6 +151,8 @@ AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision]) AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace]) CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl_64/bin/perl' platform="hpux" ;; hppa*-hp-hpux*) @@ -156,6 +166,8 @@ AC_DEFINE([_POSIX_C_SOURCE], [199506L], [POSIX revision]) AC_DEFINE([_HPUX_SOURCE], [1], [Source namespace]) CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl_64/bin/perl' platform="hpux" ;; sparc-sun-solaris*) @@ -180,10 +192,14 @@ LIBCRUN=-lCrun AC_SUBST([LIBCRUN], [$LIBCRUN]) CXXLINK_REQUIRED=1 + # assume 64 bit + perlexec='/opt/perl5x/bin/perl' platform="solaris" ;; *) esac +AC_SUBST(perlexec) + AM_CONDITIONAL([CXXLINK_REQUIRED], test "$CXXLINK_REQUIRED" = 1) AM_CONDITIONAL([HPUX],test "$platform" = "hpux") AM_CONDITIONAL([SOLARIS],test "$platform" = "solaris") @@ -217,38 +233,40 @@ # relative to datadir htmldir=/$PACKAGE_NAME/html pbhtmldir=/$PACKAGE_NAME/pbhtml + orghtmldir=/$PACKAGE_NAME/orghtml configdir=/$PACKAGE_NAME/config pbconfigdir=/$PACKAGE_NAME/pbconfig manualuri=/$PACKAGE_NAME/manual propertydir=/$PACKAGE_NAME/properties # relative to libdir cgibindir=/$PACKAGE_NAME/cgi-bin - # location of property/resource files, relative to datadir - cgiuri=/cgi-bin + perldir=/$PACKAGE_NAME/perl elif test "$with_fhs_opt" = "yes"; then # relative to datadir htmldir=/dsgw/html pbhtmldir=/dsgw/pbhtml + orghtmldir=/dsgw/orghtml configdir=/dsgw/config pbconfigdir=/dsgw/pbconfig manualuri=/dsgw/manual propertydir=/properties/dsgw + # relative to libdir + perldir=/perl # same as server's cgibindir cgibindir=/cgi-bin - cgiuri=/cgi-bin else # relative to datadir htmldir=/$PACKAGE_BASE_NAME/dsgw/html pbhtmldir=/$PACKAGE_BASE_NAME/dsgw/pbhtml + orghtmldir=/$PACKAGE_BASE_NAME/dsgw/orghtml configdir=/$PACKAGE_BASE_NAME/dsgw/config pbconfigdir=/$PACKAGE_BASE_NAME/dsgw/pbconfig manualuri=/$PACKAGE_BASE_NAME/dsgw/manual propertydir=/$PACKAGE_BASE_NAME/properties/dsgw # relative to libdir + perldir=/$PACKAGE_BASE_NAME/perl # CGI program directory cgibindir=/$PACKAGE_BASE_NAME/cgi-bin - # location of property/resource files, relative to datadir - cgiuri=/cgi-bin fi # relative to instconfigdir @@ -256,6 +274,10 @@ securitydir=/dsgw # relative to $localstatedir cookiedir=/run/$PACKAGE_BASE_NAME/dsgw/cookies +# URIs +cgiuri=/cgi-bin +dsgwuri=/dsgw +orguri=/orgchart # Check for library dependencies m4_include(m4/nspr.m4) @@ -291,14 +313,18 @@ # write out paths for data/config files AC_SUBST(cgibindir) AC_SUBST(cgiuri) +AC_SUBST(dsgwuri) +AC_SUBST(orguri) AC_SUBST(propertydir) AC_SUBST(htmldir) AC_SUBST(pbhtmldir) +AC_SUBST(orghtmldir) AC_SUBST(configdir) AC_SUBST(pbconfigdir) AC_SUBST(contextdir) AC_SUBST(securitydir) AC_SUBST(cookiedir) +AC_SUBST(perldir) # need a check here to see if the ldif functions are exported from libldap # for now, just assume they are not Index: dsgw-httpd.conf.in =================================================================== RCS file: /cvs/dirsec/dsgw/dsgw-httpd.conf.in,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dsgw-httpd.conf.in 2 Jun 2006 22:57:17 -0000 1.2 +++ dsgw-httpd.conf.in 11 Jan 2008 21:58:09 -0000 1.3 @@ -28,6 +28,10 @@ # Enable CGI execution for these uris in this directory ScriptAlias @cgiuri@ "@cgibindir@" +# URI aliases for html content +Alias @dsgwuri@ @htmldir@ +Alias @orguri@ @orghtmldir@ + # Allow access to the dsgw html files AllowOverride None @@ -44,6 +48,14 @@ Allow from all +# Allow access to the org html files + + AllowOverride None + Options None + Order allow,deny + Allow from all + + # Allow access to the dsgw html templates AllowOverride None From fedora-directory-commits at redhat.com Fri Jan 11 21:58:12 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:58:12 -0500 Subject: [Fedora-directory-commits] dsgw/config orgchart.tmpl,NONE,1.1 Message-ID: <200801112158.m0BLwChq020369@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20288/config Added Files: orgchart.tmpl Log Message: Added orgchart to dsgw. --- NEW FILE orgchart.tmpl --- # # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; version 2 of the License. # # This Program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # this Program; if not, write to the Free Software Foundation, Inc., 59 Temple # Place, Suite 330, Boston, MA 02111-1307 USA. # # In addition, as a special exception, Red Hat, Inc. gives You the additional # right to link the code of this Program with code not covered under the GNU # General Public License ("Non-GPL Code") and to distribute linked combinations # including the two, subject to the limitations in this paragraph. Non-GPL Code # permitted under this exception must only link to the code of this Program # through those well defined interfaces identified in the file named EXCEPTION # found in the source code files (the "Approved Interfaces"). The files of # Non-GPL Code may instantiate templates or use macros or inline functions from # the Approved Interfaces without causing the resulting work to be covered by # the GNU General Public License. Only Red Hat, Inc. may make changes or # additions to the list of Approved Interfaces. You must obey the GNU General # Public License in all respects for all of the Program code and other code used # in conjunction with the Program except the Non-GPL Code covered by this # exception. If you modify this file, you may extend this exception to your # version of the file, but you are not obligated to do so. If you do not wish to # provide this exception without modification, you must delete this exception # statement from your version and license this file solely under the GPL without # exception. # # # Copyright (C) 2005 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK # ############# # # # Configuration file for Directory Server Org Chart # ---------------------------------------------------------- # # ############# # # Blank lines in this file, as well as lines that # start with at least one "#" character, are both ignored. # # # Name/Value pairs below are (and need to be) separated with # one or more tabs (or spaces) # #ldap-host localhost #ldap-port 389 #ldap-search-base dc=example,dc=com ldap-host @host@ ldap-port @port@ ldap-search-base @suffix@ # # If you would like to have the phonebook icon visible, you must # supply the partial phonebook URL below, which will have each # given user's DN attribute value concatenated to the end. # # For example, you could specify below something close to: # # url-phonebook-base http://hostname.domain.com/dsgw/bin/dosearch?context=default&hp=localhost&dn= # # # A name that has no value after it equates to "" for the value, # like the two below settings. # # Not listing an entire name/value pair at all in this file # sets its value to "" as well. # # So the below two names therefore don't even need to be in this file # (but are here to show them as possible options that can be changed). # # Having no value below for "ldap-bind-dn" and "ldap-bind-pass" # indicates that you want anonymous binding to the LDAP server. # ldap-bind-dn ldap-bind-pass # # Allowed values for below icon-related setting: # # forefront means show this icon next to the person's name # layer means show this icon inside the person's floating layer # no means never show this icon anywhere, but MyOrgChart settings can override this setting. # disabled means never show this icon. Period. So MyOrgChart will not even show this icon as a setting. # icons-aim-visible disabled icons-email-visible layer #icons-phonebook-visible forefront icons-phonebook-visible disabled icons-locator-visible disabled # # There is also the same concept below for a person-locator # type application, to show graphically where a given employee's office is located. # You also specify the partial URL, up until where the user's URL- # encoded cn value will be concatenated. # # url-locator-base http://hostname.domain.com/submit.cgi?empfullname= # # # This is where you specify which specific LDAP attributes # from your LDAP server that you would like used for both org chart # generation as well as final display values. # # The value of the attribute specified for "attrib-job-title" will # be listed below anybody's name that is listed in their own box. # If you don't specify this setting in this file, the default used # will be "title". # # For "attrib-farleft-rdn", this specifies which attribute you are # using as the leftmost RDN for the DN's of your user entries. # attrib-job-title title attrib-manager manager attrib-farleft-rdn uid # # This is where you specify the maximum levels that are allowed # to be generated for any given org chart, and the MyOrgChart version # of this setting will never be allowed to be higher than the below. # # A "level" is defined as a reporting level, meaning that if you # generate an org chart for a given director, all direct reports to him # (whether they have people below them or not) are level 1, people below # any of them are level 2, etc. # # So a setting of 1 would list the full name of the user entered, and # then just people that directly report to that person only. # # The purpose of having this configuration setting is to give you # control over users that may try to generate an org chart on the # CEO of a company, and heavily tax the LDAP server to generate # an org chart that may be thousands of people deep. # # If this setting is not listed below, the default is 3. # # The valid range of values for this setting would be a minimum of 1, # with no hard-coded maximum. # max-levels-drawn 3 # # The below setting relates to whether a specific assumption should be made # on all values that you currently have stored for your manager LDAP attribute. # # The assumption: That all user entries are stored in LDAP on the # same flat level location, at least for a given # group of people that org charts will be generated for. # # So when you enter: # # Steve Jones # # to generate an org chart on, which let's say equates to this DN: # # uid=sjones, ou=People, dc=acme, dc=com # # then should this application assume that the manager attrib value # of this entry is in this same location as Steve Jones: # # manager = "uid=XXXXXX, ou=People, dc=acme, dc=com" # # or is it possible that the manager's LDAP entry is at another level? # # # The below two options for this setting specifies one of two scenarios, # based on how you have configured your directory information tree: # # # Either the value: # # same This means assume the same location (such as # "ou=People, dc=acme, dc=com" above) that the inital # user entry is found at for all subsequent entries # involved in drawing that given org chart. # # In other words, this setting assumes a totally # flat namespace, at least for all users that will # be in a given generated org chart. # # search This means there is no guarantee that other entries # that need to be discovered to draw the org chart # are in the same area of the directory tree, so when # searching the manager attribute DN values for a given # exact uid, search like this instead: # # manager = "uid=sjones,*" # # This will be much more expensive of a search, so # if you fit this scenario, at least make sure on your LDAP # server that you have the substring index created for your # manager attribute, to make drawing the org chart as fast # as possible. # # Default value (if this setting is not listed in this file): same # manager-DN-location same # # This setting helps you configure against users entering LDAP # queries for "A" or "MI" and then taxing the LDAP server by asking # for thousands of search results back. # # The value you specify below for "min-chars-searchstring" means # that the user must enter AT LEAST this many characters for # their request to even make it to the LDAP server. If they type # less characters than this setting, they will get a message that # they need to enter at least X characters to search, where X will # be the below value. # # NOTE: This setting purposely does not apply to allowing a user # to search for an exact UID (to avoid search results). The logic # is that: # # [1] Search LDAP for an equality search of (uid=XXXX), regardless # of both this below setting / how many characters were entered. # # [2] If this single LDAP entry was not found, then make sure the # number of characters entered for the search are at least the below # number of characters, before sending a broader search to LDAP. # # If this setting is not configured below (the line is absent), # the default value used is 4. min-chars-searchstring 4 # Allowed characters in search filters. If the user enters a search that # contains a character not in the allowed-filter-chars list, the user # will be notified the search needs to be modified. allowed-filter-chars abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 _- From fedora-directory-commits at redhat.com Fri Jan 11 21:58:12 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:58:12 -0500 Subject: [Fedora-directory-commits] dsgw/orghtml aim-online.gif, NONE, 1.1 arrow.gif, NONE, 1.1 botframe.html, NONE, 1.1 branch-cc1.gif, NONE, 1.1 index.html, NONE, 1.1 ldap-person.gif, NONE, 1.1 mag.gif, NONE, 1.1 mail.gif, NONE, 1.1 new-branch-blank.gif, NONE, 1.1 new-branch-first.gif, NONE, 1.1 new-branch-straight.gif, NONE, 1.1 orgicon.gif, NONE, 1.1 starthelp.gif, NONE, 1.1 styles.css, NONE, 1.1 topframe.html.in, NONE, 1.1 Message-ID: <200801112158.m0BLwCPL020379@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/orghtml In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20288/orghtml Added Files: aim-online.gif arrow.gif botframe.html branch-cc1.gif index.html ldap-person.gif mag.gif mail.gif new-branch-blank.gif new-branch-first.gif new-branch-straight.gif orgicon.gif starthelp.gif styles.css topframe.html.in Log Message: Added orgchart to dsgw. --- NEW FILE botframe.html --- Directory Server Org Chart
Welcome!
To find a person in your corporate organization chart, enter their
name in the search box above, then click "Go"

Below is a sample of an organization chart, with a description of the
types of actions you can take

Thank you for using the Directory Server Org Chart!


--- NEW FILE index.html --- Directory Server Org Chart --- NEW FILE styles.css --- /* --- BEGIN COPYRIGHT BLOCK --- * This Program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License as published by the Free Software * Foundation; version 2 of the License. * * This Program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along with * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple * Place, Suite 330, Boston, MA 02111-1307 USA. * * In addition, as a special exception, Red Hat, Inc. gives You the additional * right to link the code of this Program with code not covered under the GNU * General Public License ("Non-GPL Code") and to distribute linked combinations * including the two, subject to the limitations in this paragraph. Non-GPL Code * permitted under this exception must only link to the code of this Program * through those well defined interfaces identified in the file named EXCEPTION * found in the source code files (the "Approved Interfaces"). The files of * Non-GPL Code may instantiate templates or use macros or inline functions from * the Approved Interfaces without causing the resulting work to be covered by * the GNU General Public License. Only Red Hat, Inc. may make changes or * additions to the list of Approved Interfaces. You must obey the GNU General * Public License in all respects for all of the Program code and other code used * in conjunction with the Program except the Non-GPL Code covered by this * exception. If you modify this file, you may extend this exception to your * version of the file, but you are not obligated to do so. If you do not wish to * provide this exception without modification, you must delete this exception * statement from your version and license this file solely under the GPL without * exception. * * * Copyright (C) 2005 Red Hat, Inc. * All rights reserved. * --- END COPYRIGHT BLOCK --- */ /* ======================================================================= * * Style sheet for the Directory Server Org Chart application * * ======================================================================= */ .bgColor7 {background-color: #66ccff;} /* All Links */ A:link { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px} A:active { color: #000000;} /*All Regular Table Data--for the whole application*/ td { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; vertical-align : middle; } td.bold { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; vertical-align : middle; font-weight: bold; } /* *********Start Page Text*************/ td.startPage { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; color:#000000; vertical-align : middle; } A.searchlinknorm:link {color: #FFFFFF} A.searchlinknorm:visited {color: #FFFFFF} A.searchlinknorm:active {color: #FFFFFF} A.searchlinkspec:link {color: #FF0000} A.searchlinkspec:visited {color: #FF0000} A.searchlinkspec:active {color: #CCFFFF} /* *********Search frame*************/ body.Search { background-color: #000000; font-family: Verdana, Arial, Helvetica, san-serif; color: #ccffff; font-size: 12px; } td.appName { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 16px; vertical-align : middle; color: #ffffff; font-weight: bold; } .apptext { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; vertical-align: middle; color: #ffffff; font-weight: bold; } /* *********Search results frame*************/ th.resultsHeader { font-family: Verdana, Arial, Helvetica, san-serif; color: #003366; background-color: #CCCCCC; font-size: 13px; } td.pageHeader { font-family: Verdana, Arial, Helvetica, san-serif; color: #000000; font-size: 14px; font-weight : bold; } td.searchHelp { font-family: Verdana, Arial, Helvetica, san-serif; color: #003366; font-size: 12px; } /* *********Org Chart frame*************/ td.hidden { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 19px; vertical-align : top; } tr.hidden { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 19px; vertical-align : top; } td.selected { /* background-color: transparent; */ color: #000000; font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight : bold; } body.orgWindow { /* background-color: transparent; */ font-family: Verdana, Arial, Helvetica, san-serif; color: #003366; font-size: 12px; } .thinline { font-size : 5px; } /* *********Preference "Customize View" Page*************/ td.prefsPageHead { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 13px; color:#000000; font-weight: bold; vertical-align : middle; border : none; } td.prefsPageData { font-family: verdana, Arial, Helvetica, sans-serif; font-size: 12px; color:#000000; vertical-align : middle; border : none; } tr.prefs{ border : none; } --- NEW FILE topframe.html.in ---
 Directory Server Org Chart
      Search for:
Customize
From fedora-directory-commits at redhat.com Fri Jan 11 21:58:12 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Fri, 11 Jan 2008 16:58:12 -0500 Subject: [Fedora-directory-commits] dsgw/orgbin myorg.in, NONE, 1.1 org.in, NONE, 1.1 Message-ID: <200801112158.m0BLwC2s020374@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/orgbin In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20288/orgbin Added Files: myorg.in org.in Log Message: Added orgchart to dsgw. --- NEW FILE myorg.in --- #!@perlexec@ # # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; version 2 of the License. # # This Program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # this Program; if not, write to the Free Software Foundation, Inc., 59 Temple # Place, Suite 330, Boston, MA 02111-1307 USA. # # In addition, as a special exception, Red Hat, Inc. gives You the additional # right to link the code of this Program with code not covered under the GNU # General Public License ("Non-GPL Code") and to distribute linked combinations # including the two, subject to the limitations in this paragraph. Non-GPL Code # permitted under this exception must only link to the code of this Program # through those well defined interfaces identified in the file named EXCEPTION # found in the source code files (the "Approved Interfaces"). The files of # Non-GPL Code may instantiate templates or use macros or inline functions from # the Approved Interfaces without causing the resulting work to be covered by # the GNU General Public License. Only Red Hat, Inc. may make changes or # additions to the list of Approved Interfaces. You must obey the GNU General # Public License in all respects for all of the Program code and other code used # in conjunction with the Program except the Non-GPL Code covered by this # exception. If you modify this file, you may extend this exception to your # version of the file, but you are not obligated to do so. If you do not wish to # provide this exception without modification, you must delete this exception # statement from your version and license this file solely under the GPL without # exception. # # # Copyright (C) 2005 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK # # #set ts=4 $|=1; print "Content-type: te at orguri@;charset=UTF-8\n\n"; #print "Content-type: te at orguri@\n\n"; # # Read orgchart.conf settings for MyOrgChart-specific items # &read_config_file(); #------------------------------------- print " Customize: Directory Server Org Chart "; #------------------------------------- &print_javascript(); print ""; &print_body(); print @orguri@>"; exit(0); #============================================================================== sub read_config_file() { if (!open (FILE, "@contextdir@/orgchart.conf") ) { print "\n\n

Can't open configuration file: orgchart.conf\n\n

Error from OS: $!\n\n"; exit; } # # let's set some default values, so in case a setting # does not exist both in the orgchart.conf file, as well # as does not exist via a user's MyOrgChart cookie, # we at least have some type of valid value present. # %config_tokens = ( "icons-aim-visible","disabled", "icons-email-visible","disabled", "icons-phonebook-visible","disabled", "icons-locator-visible","disabled", "max-levels-drawn", "3", ); # # read in the orgchart.conf file # while() { chop; foreach $f (keys %config_tokens) { $config_tokens{$f} = $1 if ($_ =~ /^$f[ \t]+(.+)/); } } close (FILE); # # check the "max-levels-drawn" setting for numeric, and to # make sure it is a number greater than zero. # # If a bad setting, let's set it to 3 so that at least it # is set to a valid number, but then a user's MyOrgChart # preferences can override it (if their setting is 1, 2, # or 3 only). # # check for non-numeric first $temp = $config_tokens{"max-levels-drawn"}; $temp =~ s/[\d]//g; if ( length($temp) != 0 ) { # a non-numeric setting $config_tokens{"max-levels-drawn"} = 3; } else { # a numeric setting, but: check for less than value of 1 if ( $config_tokens{"max-levels-drawn"} < 1 ) { $config_tokens{"max-levels-drawn"} = 3; } } # # if every icon has been disabled, set a state so that later on # we don't draw the header and the footer text for the icons. # if ( ($config_tokens{"icons-email-visible"} eq "disabled") && ($config_tokens{"icons-phonebook-visible"} eq "disabled") && ($config_tokens{"icons-aim-visible"} eq "disabled") && ($config_tokens{"icons-locator-visible"} eq "disabled") ) { $all_icons_disabled = "yes"; } else { $all_icons_disabled = "no"; } } #============================================================================== sub print_body() { print "
 
Customize View
"; # # If all icons are "disabled" by the admin, we better not display the # window dressing (header and footer) text that normally surrounds the # icon options. This is the header. # if ( "$all_icons_disabled" eq "no" ) { print " "; } # # don't draw the email option if admin has disabled it ! # if ( $config_tokens{"icons-email-visible"} ne "disabled" ) { print " "; } # # don't draw the phonebook option if admin has disabled it ! # if ( $config_tokens{"icons-phonebook-visible"} ne "disabled" ) { print " "; } # # don't draw the locator option if admin has disabled it ! # if ( $config_tokens{"icons-locator-visible"} ne "disabled" ) { print " "; } # # don't draw the AIM option if admin has disabled it ! # if ( $config_tokens{"icons-aim-visible"} ne "disabled" ) { print " "; } # # If all icons are "disabled" by the admin, we better not display the # window dressing (header and footer) text that normally surrounds the # icon options. This is the footer. # if ( "$all_icons_disabled" eq "no" ) { print " "; } print "
  Icon Settings
Icon: Description: Location:
 \"\" EMail
 \"\" Phonebook Entry
 \"\" Locate User
 \"\" AIM Presence
 
  Organization Chart Depth
Show     levels of organization depth
 
"; } #============================================================================== sub print_javascript() { print " "; } #============================================================================== --- NEW FILE org.in --- #!@perlexec@ # # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; version 2 of the License. # # This Program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # this Program; if not, write to the Free Software Foundation, Inc., 59 Temple # Place, Suite 330, Boston, MA 02111-1307 USA. # # In addition, as a special exception, Red Hat, Inc. gives You the additional # right to link the code of this Program with code not covered under the GNU # General Public License ("Non-GPL Code") and to distribute linked combinations # including the two, subject to the limitations in this paragraph. Non-GPL Code # permitted under this exception must only link to the code of this Program # through those well defined interfaces identified in the file named EXCEPTION # found in the source code files (the "Approved Interfaces"). The files of # Non-GPL Code may instantiate templates or use macros or inline functions from # the Approved Interfaces without causing the resulting work to be covered by # the GNU General Public License. Only Red Hat, Inc. may make changes or # additions to the list of Approved Interfaces. You must obey the GNU General # Public License in all respects for all of the Program code and other code used # in conjunction with the Program except the Non-GPL Code covered by this # exception. If you modify this file, you may extend this exception to your # version of the file, but you are not obligated to do so. If you do not wish to # provide this exception without modification, you must delete this exception # statement from your version and license this file solely under the GPL without # exception. # # # Copyright (C) 2005 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK # # #set ts=4 # ------------ # # Notes for anybody reading the code below: # # [1] The concept of the $uid variable throughout the code # is whatever the leftmost RDN value is for a given user DN, # and this relates to the "attrib-farleft-rdn" setting in # orgchart.conf, of what the attribute name will always be. # # ------------ use lib qw(@perlpath@); use Mozilla::LDAP::Conn; use Mozilla::LDAP::Utils qw(:all); use CGI; $cg = new CGI; $|=1; print "Content-type: text/html;charset=UTF-8\n\n"; ########################################## # # Let's find out what browswer they are using # ########################################## $agentstring = $ENV{'HTTP_USER_AGENT'}; # IE 6.0 : ---Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)--- # Comm478 : ---Mozilla/4.78 [en] (Windows NT 5.0; U)--- # Nscp622 : ---Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4.1) Gecko/20020314 Netscape6/6.2.2--- $browser_is_msie = "MSIE" if $agentstring =~ /MSIE/; # is this Windows? $isWindows = -d '\\'; ########################################## # # Read orgchart.conf settings, set by the administrator # ########################################## &read_config_file(); ########################################## # # Let's look at what is being passed in, from the user. # ########################################## # # "data" is a generic FORM variable name from # the topframe.html document that we receive our incoming query # from. # # (See comment at start of this file about "$uid" variable.) # if ( defined $cg->param("data") ) { $uid = $cg->param("data"); } # # For coexistence with the DSGW, when we crosslink, we need to # make sure that the user is taken back to the correct dsgw # context # $contextParamString = ""; if ( defined $cg->param("context") ) { $context = $cg->param("context"); $contextParamString = "context=${context}&"; $config_tokens{"url-phonebook-base"} =~ s/context=.*?&/$contextParamString/g; } # # But they may have entered this code from clicking on an org # chart icon from an already-drawn org chart, in which case # we know what the RDN attribute name is (cn, uid, etc.), so i # that has priority, if present. # if ( defined $cg->param("$config_tokens{'attrib-farleft-rdn'}") ) { $uid = $cg->param("$config_tokens{'attrib-farleft-rdn'}") } if ($uid eq "") { &output_html_header("no-javascript"); print "No username selected..."; #print "\n"; exit(0); } ########################################## # # If the user has asked this org chart to be prepared for printing # ########################################## if ( (defined $cg->param("print")) && ( $cg->param("print") eq "yes" ) ) { $print_mode = 1; } else { $print_mode = 0; } if ( !($print_mode) ) { $fontstring=""; } else { # if printing, let's make the font smaller, to fit more org chart on one page # $fontstring=""; } ########################################## # # See if the user has their own preferences to use. # # ########################################## &check_myorgchart_settings(); ########################################## # # Let's configure which attributes to request from LDAP, # based on preferences read above... # ########################################## &config_ldap_return_attrib_list(); ########################################## # # global variable descriptions: # # $total : stores the displayed statistic of "Total # of people" that is printed under org chart # $display_indent : helps track how deeply "indented" in the org chart hierarchy a given person is, to help # draw an internal data structure of the hierarchy. See details in get_org_data() function. # $tempnum : just generic variable used for different reasons, always within a very small (controllable) # scope within a given function only, since a generic all-purpose variable # $anothertempnum : same idea as $tempnum, just another variable for the same generic purpose # $tempstr : same idea as $tempnum, just another variable for the same generic purpose # [...1645 lines suppressed...] { print ""; } } else { for ( $anothertempnum = 0 ; $anothertempnum < $current_indent - 2 ; $anothertempnum++ ) { print ""; } } if ( ("$sortedPeople[$tempnum][8]" eq "cc1") || ( $sortedPeople[$tempnum][8] =~ /rounded/ ) ) { print ""; } else { print ""; } } $aimid = is_aimid_in_layer ( $config_tokens{"icons-aim-visible"} , "discover" , $sortedPeople[$tempnum][5] ); $emailstr = is_email_in_layer ( $config_tokens{"icons-email-visible"}, $sortedPeople[$tempnum][3] ); $pbstr = is_pb_in_layer ( $config_tokens{"icons-phonebook-visible"}, $sortedPeople[$tempnum][2] ); $locatorstr = is_locator_in_layer ( $config_tokens{"icons-locator-visible"}, $sortedPeople[$tempnum][6] ); if ( !($print_mode) ) { print "\n\n "; print ""; print " \n"; } print "$tempdata[@tempdata-1] \n"; # # If they are a nonleaf entry based on the next person being below them, or if they # are a nonleaf person based on "nonleaf" value which happens when max depth is exceeded # such that all people below them were chopped off (were on the next level that was chopped # off, hence why we needed to previously record "nonleaf" before the chop happened) # # then print the org chart icon # if ( ( $sortedPeople[$tempnum+1][0] =~ /$tempdata[@tempdata-1]/ ) || ( $sortedPeople[$tempnum][7] =~ /nonleaf/ ) ) { if ( ($print_mode) && ($current_indent == 1 ) ) { # special exception #1 of 2: # if we are in "prepare this page for printing" mode, and drawing a user in # a box, then let's not print the org icon next to their name ---> not needed # in the hardcopy printout (not helpful) } else { if ( ($print_mode) && ( $sortedPeople[$tempnum+1][0] =~ /$tempdata[@tempdata-1]/ ) ) { # special exception #2 of 2: if we are preparing this org chart for printing, # and if the org icon we are about to draw is for a group of people that are # already being printed on this same org chart under that person, there is # no point in hardcopy printing this icon next to the person's name # # but in the "else" block below, we do want to print the icon next to their name # (both for print and non-print org charts) because it signifies people underneath # that person when we CANNOT/WON'T see those people listed under that person } else { if ( !( $sortedPeople[$tempnum+1][0] =~ /$tempdata[@tempdata-1]\/$/ ) ) { print ""; print ""; } } } } print_aim_icon_if_outside_layer( $config_tokens{"icons-aim-visible"}, "discover", $sortedPeople[$tempnum][5] ); print_email_icon_if_outside_layer( $config_tokens{"icons-email-visible"}, $sortedPeople[$tempnum][3] ); print_pb_icon_if_outside_layer( $config_tokens{"icons-phonebook-visible"}, $sortedPeople[$tempnum][2] ); print_locator_icon_if_outside_layer( $config_tokens{"icons-locator-visible"}, $sortedPeople[$tempnum][6] ); # # if the person's name is being printed within a box, # then also print their title below their name # if ( $current_indent == 1 ) { print "
$sortedPeople[$tempnum][4]"; } print ""; if ( $current_indent == 1 ) { print" "; } print "
"; } } } ########################################## # # If they exceeded max depth allowed, let's still figure out # which people are managers of some type and make sure we # still put an org chart icon next to their name, so that the # user can tell that there is extra org chart branches that were # chopped off. # # We do this by over-filling the array of the org chart structure, # and then make sure that when we chop off the extra level below, # we record for the manager-types that have now chopped-off people # that they are a non-leaf item (which needs an org chart icon next # to their name # ########################################## sub detect_nonleaf_depth_exceeded() { if ( $incomplete == 1 ) { $indelete = 0; $anothertempnum = @sortedPeople; for ( $tempnum = $anothertempnum-1 ; $tempnum >= 0 ; $tempnum-- ) { # number of levels in current array element # $num = ($sortedPeople[$tempnum][0] =~ tr/\//\//) - 1; if ( $num > $config_tokens{"max-levels-drawn"} ) { splice(@sortedPeople,$tempnum,1); $indelete = 1; # $total is the total number of people we read in from LDAP # as reporting to the person entered. But now that we are # chopping people off that exceed the max depth, we better # adjust the $total accordingly as well, or else the # "Total Reports: XXX" summary info at bottom of org chart # will be too high/inaccurate. # --$total; } else { if ( $indelete == 1 ) { $indelete = 0; $sortedPeople[$tempnum][7] = "nonleaf"; } else { $sortedPeople[$tempnum][7] = "leaf"; } } } } } ########################################## # # See location this function is called from for comments on purpose. # ########################################## sub output_html_header() { my ($js_output) = @_; print "\n"; print "\n"; print "\n"; print " Directory Server Org Chart\n"; if ( $js_output ne "with-javascript" ) { print " \n"; } if ( $js_output eq "with-javascript" ) { &print_javascript(); } print "\n"; print "\n"; } #=== end =================================================================== From fedora-directory-commits at redhat.com Fri Jan 11 22:01:46 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 11 Jan 2008 17:01:46 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication cl5_api.c, 1.9, 1.9.2.1 repl5_replica_config.c, 1.6, 1.6.2.1 Message-ID: <200801112201.m0BM1ko5027424@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20667/plugins/replication Modified Files: Tag: Directory71RtmBranch cl5_api.c repl5_replica_config.c Log Message: Resolves: #238630 Summary: ns-slapd sometimes fails with SIGSEGV when removing and recreating replica entry Description: applied the patch to Directory71RtmBranch Index: cl5_api.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/cl5_api.c,v retrieving revision 1.9 retrieving revision 1.9.2.1 diff -u -r1.9 -r1.9.2.1 --- cl5_api.c 19 Apr 2005 22:07:32 -0000 1.9 +++ cl5_api.c 11 Jan 2008 22:01:44 -0000 1.9.2.1 @@ -6223,19 +6223,23 @@ _cl5WriteRUV (file, PR_FALSE); } - /* close file */ + /* close the db */ if (file->db) file->db->close(file->db, 0); if (file->flags & DB_FILE_DELETED) { + int rc = 0; + /* We need to use the libdb API to delete the files, otherwise we'll + * run into problems when we try to checkpoint transactions later. */ PR_snprintf(fullpathname, MAXPATHLEN, "%s/%s", s_cl5Desc.dbDir, file->name); - if (PR_Delete(fullpathname) != PR_SUCCESS) - { - slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, "_cl5DBCloseFile: " - "failed to remove (%s) file; NSPR error - %d\n", file->name, PR_GetError ()); - - } + rc = s_cl5Desc.dbEnv->dbremove(s_cl5Desc.dbEnv, 0, fullpathname, 0, 0); + if (rc != 0) + { + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, "_cl5DBCloseFile: " + "failed to remove (%s) file; libdb error - %d (%s)\n", + fullpathname, rc, db_strerror(rc)); + } } /* slapi_ch_free accepts NULL pointer */ Index: repl5_replica_config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_replica_config.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- repl5_replica_config.c 19 Apr 2005 22:07:32 -0000 1.6 +++ repl5_replica_config.c 11 Jan 2008 22:01:44 -0000 1.6.2.1 @@ -455,9 +455,17 @@ if (mtnode_ext->replica) { + char ebuf[BUFSIZ]; + /* remove object from the hash */ r = (Replica*)object_get_data (mtnode_ext->replica); PR_ASSERT (r); + /* The changelog for this replica is no longer valid, so we should remove it. */ + slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "replica_config_delete: " + "Warning: The changelog for replica %s is no longer valid since " + "the replica config is being deleted. Removing the changelog.\n", + escape_string(slapi_sdn_get_dn(replica_get_root(r)),ebuf)); + cl5DeleteDBSync(mtnode_ext->replica); replica_delete_by_name (replica_get_name (r)); object_release (mtnode_ext->replica); mtnode_ext->replica = NULL; From fedora-directory-commits at redhat.com Mon Jan 14 19:26:50 2008 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Mon, 14 Jan 2008 14:26:50 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/cm fedora-patch.inf, 1.1.2.16, 1.1.2.17 redhat-patch.inf, 1.1.2.17, 1.1.2.18 Message-ID: <200801141926.m0EJQorR013012@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/cm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12789 Modified Files: Tag: Directory71RtmBranch fedora-patch.inf redhat-patch.inf Log Message: Resolves: #203670 Summary: Tracking bug for Directory Server 7.1 SP 4 Description: updating patch info file to include the following patches: 171081, 176302, 183222, 196523, 199321, 204808, 208058, 219586, 238630, 240897, 243820, 288321, 311851, 314851 Index: fedora-patch.inf =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/fedora-patch.inf,v retrieving revision 1.1.2.16 retrieving revision 1.1.2.17 diff -u -r1.1.2.16 -r1.1.2.17 --- fedora-patch.inf 7 Jan 2008 22:32:16 -0000 1.1.2.16 +++ fedora-patch.inf 14 Jan 2008 19:26:47 -0000 1.1.2.17 @@ -49,22 +49,27 @@ base: ... file: 147585: plugins/slapd/slapi/examples/testpreop.c -file: 164834,165641,166229,173687,175063,202890,247725,297221: bin/slapd/server/ns-slapd -file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221: bin/slapd/server/libslapd.* +file: 164834,165641,166229,173687,175063,202890,247725,297221,196523,208058,311851: bin/slapd/server/ns-slapd +file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221,240897: bin/slapd/server/libslapd.* +file: 204808: bin/slapd/server/migratecred +file: 204808: bin/slapd/server/mmldif +file: 204808: bin/slapd/server/pwdhash file: 151678: bin/slapd/admin/bin/ds_newinst file: 151678: bin/slapd/admin/bin/ds_create -file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507: lib/libback-ldbm.* +file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586: lib/libback-ldbm.* file: 160003: bin/slapd/admin/scripts/template-db2index.pl file: 160003: bin/slapd/admin/bin/upgradeServer -file: 164836,165600: lib/attr-unique-plugin.* +file: 164836,165600,288321: lib/attr-unique-plugin.* file: 165640: lib/views-plugin.* file: 339791: lib/syntax-plugin.* -file: 297221: lib/acl-plugin.* +file: 297221,288321: lib/acl-plugin.* file: 297221: lib/statechange-plugin.* +file: 204808: lib/chainingdb-plugin.* +file: 176302: lib/passthru-plugin.* file: 167478,160589: setup/setup file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi file: 167761: java/jars/ds71.jar -file: 169388,169954,170071,170350,181827,179135,179137: lib/replication-plugin.* +file: 169388,169954,170071,170350,181827,179135,179137,238630: lib/replication-plugin.* file: xxxxxx: bin/slapd/README.txt file: xxxxxx: README.txt file: M324525,M324529: shared/lib/libldap50.* Index: redhat-patch.inf =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/redhat-patch.inf,v retrieving revision 1.1.2.17 retrieving revision 1.1.2.18 diff -u -r1.1.2.17 -r1.1.2.18 --- redhat-patch.inf 7 Jan 2008 22:32:16 -0000 1.1.2.17 +++ redhat-patch.inf 14 Jan 2008 19:26:47 -0000 1.1.2.18 @@ -49,22 +49,27 @@ base: /share/builds/products/server/directry/7.1 file: 147585: plugins/slapd/slapi/examples/testpreop.c -file: 164834,165641,166229,173687,175063,202890,247725,297221: bin/slapd/server/ns-slapd -file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221: bin/slapd/server/libslapd.* +file: 164834,165641,166229,173687,175063,202890,247725,297221,196523,208058,311851: bin/slapd/server/ns-slapd +file: 155276,164834,164843,165641,166229,173687,175063,179135,179137,202890,247725,297221,240897: bin/slapd/server/libslapd.* +file: 204808: bin/slapd/server/migratecred +file: 204808: bin/slapd/server/mmldif +file: 204808: bin/slapd/server/pwdhash file: 151678: bin/slapd/admin/bin/ds_newinst file: 151678: bin/slapd/admin/bin/ds_create -file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507: lib/libback-ldbm.* +file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586: lib/libback-ldbm.* file: 160003: bin/slapd/admin/scripts/template-db2index.pl file: 160003: bin/slapd/admin/bin/upgradeServer -file: 164836,165600: lib/attr-unique-plugin.* +file: 164836,165600,288321: lib/attr-unique-plugin.* file: 165640: lib/views-plugin.* file: 339791: lib/syntax-plugin.* -file: 297221: lib/acl-plugin.* +file: 297221,288321: lib/acl-plugin.* file: 297221: lib/statechange-plugin.* +file: 204808: lib/chainingdb-plugin.* +file: 176302: lib/passthru-plugin.* file: 167478,160589: setup/setup file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi file: 167761: java/jars/ds71.jar -file: 169388,169954,170071,170350,181827,179135,179137: lib/replication-plugin.* +file: 169388,169954,170071,170350,181827,179135,179137,238630: lib/replication-plugin.* file: xxxxxx: bin/slapd/README.txt file: xxxxxx: README.txt file: M324525,M324529: shared/lib/libldap50.* From fedora-directory-commits at redhat.com Mon Jan 14 19:33:10 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 14:33:10 -0500 Subject: [Fedora-directory-commits] fedora-idm-console LICENSE, NONE, 1.1 build.properties, 1.1.1.1, 1.2 fedora-idm-console.spec, 1.3, 1.4 Message-ID: <200801141933.m0EJXAc4013311@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/fedora-idm-console In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13293/fedora-idm-console Modified Files: build.properties fedora-idm-console.spec Added Files: LICENSE Log Message: Resolves: bug 428352 Description: Review Request: fedora-idm-console: Fedora branded Java console for Fedora Directory Server Fix Description: Bump version to 1.1.1 - add LICENSE --- NEW FILE LICENSE --- GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you". A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables. The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".) "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change. c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful. (For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library. In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library. 4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code. 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License. However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law. If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.) Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. 6. As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications. You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things: a) Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with. c) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. d) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place. e) Verify that the user has already received a copy of these materials or that you have already sent this user a copy. For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute. 7. You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above. b) Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work. 8. You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it. 10. Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License. 11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation. 14. If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS Index: build.properties =================================================================== RCS file: /cvs/dirsec/fedora-idm-console/build.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- build.properties 1 Aug 2007 23:08:51 -0000 1.1.1.1 +++ build.properties 14 Jan 2008 19:33:08 -0000 1.2 @@ -23,7 +23,7 @@ console.root=. console.version=11 -console.dotversion=1.1.0 +console.dotversion=1.1.1 console.dotgenversion=1.1 theme.core=fedora-idm-console Index: fedora-idm-console.spec =================================================================== RCS file: /cvs/dirsec/fedora-idm-console/fedora-idm-console.spec,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- fedora-idm-console.spec 19 Dec 2007 20:08:44 -0000 1.3 +++ fedora-idm-console.spec 14 Jan 2008 19:33:08 -0000 1.4 @@ -1,22 +1,24 @@ %define major_version 1.1 -%define minor_version 0 +%define minor_version 1 Name: fedora-idm-console Version: %{major_version}.%{minor_version} -Release: 5%{?dist} +Release: 1%{?dist} Summary: Fedora Management Console -Group: Applications -License: LGPL +Group: Applications/System +License: LGPLv2 URL: http://directory.fedoraproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Source: http://directory.fedoraproject.org/sources/%{name}-%{version}.tar.bz2 Requires: idm-console-framework >= 1.1 +Requires: java-1.7.0-icedtea BuildRequires: ant >= 1.6.2 BuildRequires: ldapjdk BuildRequires: jss >= 4.2 BuildRequires: idm-console-framework >= 1.1 +BuildRequires: java-1.7.0-icedtea-devel %description A Java based remote management console used for Managing Fedora @@ -33,9 +35,9 @@ %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT%{_javadir} -install -m777 built/*.jar $RPM_BUILD_ROOT%{_javadir} +install -m644 built/*.jar $RPM_BUILD_ROOT%{_javadir} install -d $RPM_BUILD_ROOT%{_bindir} -install -m777 built/%{name} $RPM_BUILD_ROOT/%{_bindir} +install -m755 built/%{name} $RPM_BUILD_ROOT/%{_bindir} # create symlinks pushd $RPM_BUILD_ROOT%{_javadir} @@ -48,12 +50,18 @@ %files %defattr(-,root,root,-) +%doc LICENSE %{_javadir}/%{name}-%{version}_en.jar %{_javadir}/%{name}-%{major_version}_en.jar %{_javadir}/%{name}_en.jar %{_bindir}/%{name} %changelog +* Thu Jan 10 2008 Rich Megginson 1.1.1-1 +- this is the fedora package review candidate +- added LICENSE file +- changed permissions on jar files and shell script + * Wed Dec 19 2007 Rich Megginson 1.1.0-5 - for the Fedora DS 1.1 release From fedora-directory-commits at redhat.com Mon Jan 14 19:39:22 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 14:39:22 -0500 Subject: [Fedora-directory-commits] directoryconsole build.properties, 1.7, 1.8 fedora-ds-console.spec, 1.5, 1.6 Message-ID: <200801141939.m0EJdM7h013590@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/directoryconsole In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13571/directoryconsole Modified Files: build.properties fedora-ds-console.spec Log Message: Resolves: bug 428357 Description: Review Request: fedora-ds-console: Fedora Directory Server Management Console Fix Description: Bump version to 1.1.1 - add LICENSE Index: build.properties =================================================================== RCS file: /cvs/dirsec/directoryconsole/build.properties,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- build.properties 2 Jul 2007 19:44:08 -0000 1.7 +++ build.properties 14 Jan 2008 19:39:20 -0000 1.8 @@ -21,7 +21,7 @@ lang=en ldapconsole.root=.. -ldapconsole.version=1.1.0 +ldapconsole.version=1.1.1 ldapconsole.gen.version=1.1 brand=fedora ldapconsole.name=${brand}-ds-${ldapconsole.version} Index: fedora-ds-console.spec =================================================================== RCS file: /cvs/dirsec/directoryconsole/fedora-ds-console.spec,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- fedora-ds-console.spec 19 Dec 2007 20:11:31 -0000 1.5 +++ fedora-ds-console.spec 14 Jan 2008 19:39:20 -0000 1.6 @@ -1,25 +1,27 @@ %define major_version 1.1 -%define minor_version 0 +%define minor_version 1 %define shortname fedora-ds %define pkgname dirsrv Name: fedora-ds-console Version: %{major_version}.%{minor_version} -Release: 5%{?dist} +Release: 1%{?dist} Summary: Fedora Directory Server Management Console -Group: Applications -License: LGPL +Group: Applications/System +License: GPLv2 URL: http://directory.fedoraproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch Source: http://directory.fedoraproject.org/sources/%{name}-%{version}.tar.bz2 Requires: %{shortname}-admin +Requires: java-1.7.0-icedtea BuildRequires: ant >= 1.6.2 BuildRequires: ldapjdk BuildRequires: idm-console-framework +BuildRequires: java-1.7.0-icedtea-devel %description A Java based remote management console used for Managing Fedora @@ -36,7 +38,7 @@ %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java -install -m777 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java +install -m644 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/slapd/help install -m644 help/en/*.html $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/slapd install -m644 help/en/tokens.map $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/slapd @@ -54,7 +56,8 @@ rm -rf $RPM_BUILD_ROOT %files -%defattr(-,root,root) +%defattr(-,root,root,-) +%doc LICENSE %{_datadir}/%{pkgname}/html/java/%{shortname}-%{version}.jar %{_datadir}/%{pkgname}/html/java/%{shortname}-%{major_version}.jar %{_datadir}/%{pkgname}/html/java/%{shortname}.jar @@ -67,6 +70,11 @@ %doc %{_datadir}/%{pkgname}/manual/en/slapd/help/*.html %changelog +* Thu Jan 10 2008 Rich Megginson 1.1.1-1 +- changes for fedora package review +- added requires for icedtea java +- added LICENSE + * Wed Dec 19 2007 Rich Megginson 1.1.0-5 - This is for the Fedora DS 1.1 release From fedora-directory-commits at redhat.com Mon Jan 14 19:42:50 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 14:42:50 -0500 Subject: [Fedora-directory-commits] admservconsole build.properties, 1.5, 1.6 fedora-admin-console.spec, 1.5, 1.6 Message-ID: <200801141942.m0EJgoBP013695@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/admservconsole In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13676/admservconsole Modified Files: build.properties fedora-admin-console.spec Log Message: Resolves: bug 428364 Description: Review Request: fedora-admin-console: Fedora Directory Administration Server Management Console Fix Description: Bump version to 1.1.1 - add LICENSE Index: build.properties =================================================================== RCS file: /cvs/dirsec/admservconsole/build.properties,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- build.properties 2 Aug 2007 23:16:15 -0000 1.5 +++ build.properties 14 Jan 2008 19:42:48 -0000 1.6 @@ -21,7 +21,7 @@ lang=en admservconsole.root=.. -admservconsole.version=1.1.0 +admservconsole.version=1.1.1 admservconsole.gen.version=1.1 brand=fedora admservconsole.name=${brand}-admin-${admservconsole.version} Index: fedora-admin-console.spec =================================================================== RCS file: /cvs/dirsec/admservconsole/fedora-admin-console.spec,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- fedora-admin-console.spec 19 Dec 2007 20:13:44 -0000 1.5 +++ fedora-admin-console.spec 14 Jan 2008 19:42:48 -0000 1.6 @@ -1,5 +1,5 @@ %define major_version 1.1 -%define minor_version 0 +%define minor_version 1 %define dsname fedora-ds %define shortname fedora-admin @@ -7,20 +7,22 @@ Name: fedora-admin-console Version: %{major_version}.%{minor_version} -Release: 4%{?dist} +Release: 1%{?dist} Summary: Fedora Admin Server Management Console -Group: Applications -License: LGPL +Group: Applications/System +License: GPLv2 URL: http://directory.fedoraproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch Source: http://directory.fedoraproject.org/sources/%{name}-%{version}.tar.bz2 Requires: %{dsname}-admin +Requires: java-1.7.0-icedtea BuildRequires: ant >= 1.6.2 BuildRequires: ldapjdk BuildRequires: idm-console-framework +BuildRequires: java-1.7.0-icedtea-devel %description A Java based remote management console used for Managing Fedora @@ -37,7 +39,7 @@ %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java -install -m777 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java +install -m644 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin/help install -m644 help/en/*.html $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin install -m644 help/en/tokens.map $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin @@ -55,7 +57,8 @@ rm -rf $RPM_BUILD_ROOT %files -%defattr(-,root,root) +%defattr(-,root,root,-) +%doc LICENSE %{_datadir}/%{pkgname}/html/java/%{shortname}-%{version}.jar %{_datadir}/%{pkgname}/html/java/%{shortname}-%{major_version}.jar %{_datadir}/%{pkgname}/html/java/%{shortname}.jar @@ -68,6 +71,11 @@ %doc %{_datadir}/%{pkgname}/manual/en/admin/help/*.html %changelog +* Thu Jan 10 2008 Rich Megginson 1.1.1-1 +- changes for fedora package review +- added requires for icedtea java +- added LICENSE + * Wed Dec 19 2007 Rich Megginson - 1.1.0-4 - This is for the Fedora DS 1.1 release From fedora-directory-commits at redhat.com Mon Jan 14 22:31:20 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:20 -0500 Subject: [Fedora-directory-commits] dsgw/config/de display-country.html.in, NONE, 1.1 display-group.html.in, NONE, 1.1 display-groupun.html.in, NONE, 1.1 display-mailgroup.html.in, NONE, 1.1 display-ntgroup.html.in, NONE, 1.1 display-ntperson.html.in, NONE, 1.1 display-org.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-person.html.in, NONE, 1.1 display-umperson.html.in, NONE, 1.1 newentry.html.in, NONE, 1.1 search.html.in, NONE, 1.1 display-country.html, 1.1.1.1, NONE display-group.html, 1.1.1.1, NONE display-groupun.html, 1.1.1.1, NONE display-mailgroup.html, 1.1.1.1, NONE display-ntgroup.html, 1.1.1.1, NONE display-ntperson.html, 1.1.1.1, NONE display-org.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-person.html, 1.1.1.1, NONE display-umperson.html, 1.1.1.1, NONE newentry.html, 1.1.1.1, NONE search.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVKja008147@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config/de In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/config/de Added Files: display-country.html.in display-group.html.in display-groupun.html.in display-mailgroup.html.in display-ntgroup.html.in display-ntperson.html.in display-org.html.in display-orgperson.html.in display-person.html.in display-umperson.html.in newentry.html.in search.html.in Removed Files: display-country.html display-group.html display-groupun.html display-mailgroup.html display-ntgroup.html display-ntperson.html display-org.html display-orgperson.html display-person.html display-umperson.html newentry.html search.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE display-country.html.in --- Land - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Land
Landesname: Beschreibung:
Siehe auch:
URL:
Eintrag zuletzt geändert am von --- NEW FILE display-group.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> Gruppeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Gruppe Neue Gruppe -
        
* bezeichnet einen Pflichteintrag
Name: *
Beschreibung:
Eigentümer:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
Gruppenmitglieder:
Eintrag zuletzt geändert am von --- NEW FILE display-groupun.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> Gruppeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Gruppe Neue Gruppe -
        
* bezeichnet einen Pflichteintrag
Name: *
Beschreibung:
Eigentümer:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
Gruppenmitglieder:
Eintrag zuletzt geändert am von --- NEW FILE display-mailgroup.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> E-Mail-Gruppeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Gruppe Neue E-Mail-Gruppe
        
Name: Beschreibung:
Eigentümer:
Siehe auch:
Gruppenmitglieder:
E-Mail-Mitglieder:
Eintrag zuletzt geändert am von --- NEW FILE display-ntgroup.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> NT-Gruppeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Gruppe Neue NT-Gruppe -
        
* bezeichnet einen Pflichteintrag
Name: *
NT-Gruppenname: *
NT-Gruppentyp: *
NT-Gruppendomäne *
Beschreibung:
Lokal:
Geschäftsbereich:
Eigentümer:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
NT-Gruppenmitglieder:
NT-Gruppe löschen, wenn Gruppe gelöscht wird:
Neues NT-Gruppenkonto erstellen:
Eintrag zuletzt geändert am von --- NEW FILE display-ntperson.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> NT-Benutzereintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Benutzer (Anklicken, um Karte anzuzeigen) > Click to display organization chart Neuer NT-Benutzer -
>Download Certificate    >Play Audio Clip
           
* bezeichnet einen Pflichteintrag
Kontaktinformationen
Vorname: Vollständiger Name: *
Nachname: *
Directory-Server-Kennwort: Kennwort zur Bestätigung wiederholen:
Telefon: E-Mail-Adresse:
Fax: Benutzer-ID:
Pager: Mobiltelefon:
Windows NT Kontoinformationen
NT-Benutzer-ID: * NT-Domäne: *
NT-Benutzerkonto löschen, wenn Benutzer gelöscht wird:
Neues NT-Benutzerkonto erstellen:
NT-Benutzer-Kommentar: Eindeutige NT-Benutzer-ID:
NT-Kennwort abgelaufen: Anzahl falscher NT-Kennworteingaben:
Letzte NT-Anmeldung: Letzte NT-Abmeldung:
Verfalldatum NT-Benutzerkonto: Anzahl NT-Anmeldungen:
NT-Anmelde-Server: NT-Arbeitsstationen:
NT-Codeseite: NT-Landescode:
Primäre NT-Gruppen-ID: NT-Profil:
NT-Basisverzeichnis: Laufwerk des NT-Basisverzeichnisses:
NT-Skriptpfad: Maximaler NT-Speicherplatz:
NT-Einheiten pro Woche: Rechte des NT-Benutzers:
Operator-Rechte des NT-Benutzers: Div. betr. NT-Benutzerkonto: Funktionen:
Branchen- und Positionsinformationen
Branche: Titel:
Geschäftsbereich: Leiter:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
Raum: Sekr.:
Abt.-Nr.: MA-Nr.:
Kfz-Kennzeichen:      
Postadresse:
-->
Zusätzliche Informationen
Beschreibung:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
URL:
Eintrag zuletzt geändert am von --- NEW FILE display-org.html.in --- <!-- IF "Adding" --> Neue <!-- ENDIF // Adding --> Firma - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Firma Neue Firma -
        
* bezeichnet einen Pflichteintrag
Firmenname: * Beschreibung:
Telefon: Branche:
Fax: Standort:
Postadresse:
Siehe auch:
Eintrag zuletzt geändert am von --- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> Personeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Benutzer (Anklicken, um Karte anzuzeigen) > Click to display organization chart Neue Person -
>Zertifikat laden    >Audio-Clip abspielen
           
* bezeichnet einen Pflichteintrag
Kontaktinformationen
Vorname: Vollständiger Name: *
Nachname: *
Kennwort: Kennwort zur Bestätigung wiederholen:
Telefon: E-Mail-Adresse:
Fax: Benutzer-ID:
Pager: Mobiltelefon:
Branchen- und Positionsinformationen
Branche: Titel:
Geschäftsbereich: Leiter:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
Raum: Sekr.:
Abt.-Nr.: MA-Nr.:
Kfz-Kennzeichen:      
Postadresse:
-->
Zusätzliche Informationen
Beschreibung:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie dieses Feld bearbeiten können.
URL:
Eintrag zuletzt geändert am von --- NEW FILE display-person.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> Personeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Benutzer (Anklicken, um Karte anzuzeigen) > Click to display organization chart Neue Person -
           
* bezeichnet einen Pflichteintrag
Nachname: * Vollständiger Name:
Kennwort: Kennwort zur Bestätigung wiederholen:
Telefon: E-Mail-Adresse:
Fax: Benutzer-ID:
Pager: Mobiltelefon:
Titel:
Postadresse:
Beschreibung:
Siehe auch:
 Sie müssen diesen Eintrag speichern, bevor Sie diese Felder bearbeiten können.
URL:
Lieblingsgetränk:
Eintrag zuletzt geändert am von --- NEW FILE display-umperson.html.in --- <!-- IF "Adding" --> Neuer <!-- ENDIF // Adding --> Personeneintrag - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
> Person > Click to display organization chart Neue Person -
>Audio-Clip abspielen
        
* bezeichnet einen Pflichteintrag
Nachname: * Vollständiger Name: *
Telefon: E-Mail-Adresse:
Fax: Eindeutiger Name:
Pager: Mobiltelefon:
Titel:
Postadresse:
Beschreibung:
Siehe auch:
URL:
Lieblingsgetränk:
Eintrag zuletzt geändert am von --- NEW FILE newentry.html.in --- Netscape Directory Server Gateway Neuer Eintrag <BODY> Sie ben&ouml;tigen einen Client, der Rahmen darstellen kann, um dieses Dokument zu betrachten. </BODY> --- NEW FILE search.html.in --- Netscape Directory Server Gateway: Standardsuche --- display-country.html DELETED --- --- display-group.html DELETED --- --- display-groupun.html DELETED --- --- display-mailgroup.html DELETED --- --- display-ntgroup.html DELETED --- --- display-ntperson.html DELETED --- --- display-org.html DELETED --- --- display-orgperson.html DELETED --- --- display-person.html DELETED --- --- display-umperson.html DELETED --- --- newentry.html DELETED --- --- search.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:20 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:20 -0500 Subject: [Fedora-directory-commits] dsgw/config/fr csearch.html.in, NONE, 1.1 display-country.html.in, NONE, 1.1 display-group.html.in, NONE, 1.1 display-groupun.html.in, NONE, 1.1 display-mailgroup.html.in, NONE, 1.1 display-ntgroup.html.in, NONE, 1.1 display-ntperson.html.in, NONE, 1.1 display-org.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-orgunit.html.in, NONE, 1.1 display-person.html.in, NONE, 1.1 display-umperson.html.in, NONE, 1.1 newentry.html.in, NONE, 1.1 search.html.in, NONE, 1.1 csearch.html, 1.1.1.1, NONE display-country.html, 1.1.1.1, NONE display-group.html, 1.1.1.1, NONE display-groupun.html, 1.1.1.1, NONE display-mailgroup.html, 1.1.1.1, NONE display-ntgroup.html, 1.1.1.1, NONE display-ntperson.html, 1.1.1.1, NONE display-org.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-orgunit.html, 1.1.1.1, NONE display-person.html, 1.1.1.1, NONE display-umperson.html, 1.1.1.1, NONE newentry.html, 1.1.1.1, NONE search.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVKJM008199@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config/fr In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/config/fr Added Files: csearch.html.in display-country.html.in display-group.html.in display-groupun.html.in display-mailgroup.html.in display-ntgroup.html.in display-ntperson.html.in display-org.html.in display-orgperson.html.in display-orgunit.html.in display-person.html.in display-umperson.html.in newentry.html.in search.html.in Removed Files: csearch.html display-country.html display-group.html display-groupun.html display-mailgroup.html display-ntgroup.html display-ntperson.html display-org.html display-orgperson.html display-orgunit.html display-person.html display-umperson.html newentry.html search.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE csearch.html.in --- Netscape Directory Server Gateway : Advanced Search --- NEW FILE display-country.html.in --- Pays - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Country
Nom de pays : Description:
Voir également :
URL :
La dernière modification de cette entrée date du par --- NEW FILE display-group.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée de groupe <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Groupe Nouveau groupe -
        
* Indique une zone d'entrée obligatoire
Nom : *
Description :
Propriétaire :
Voir également :
 Vous devez enregistrer cette entrée pour pouvoir modifier ces champs.
Membres du groupe :
La dernière modification de cette entrée date du par --- NEW FILE display-groupun.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée de groupe <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Groupe Nouveau groupe -
        
* Indique une zone d'entrée obligatoire
Nom : *
Description :
Propriétaire :
Voir également :
 Vous devez enregistrer cette entrée pour pouvoir modifier ces champs.
Membres du groupe :
La dernière modification de cette entrée date du par --- NEW FILE display-mailgroup.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> entr??e de groupe de courrier - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Groupe Nouveau groupe de courrier
        
Nom : Description :
Propriétaire :
Voir également :
Membres du groupe :
Membres de courrier électronique :
La dernière modification de cette entrée date du par --- NEW FILE display-ntgroup.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée du groupe NT - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Groupe Nouveau groupe NT -
        
* Indique une zone d'entrée obligatoire
Nom : *
Nom du groupe NT : *
Type de groupe NT : *
Domaine du groupe NT : *
Description :
Lieu :
Service de la société :
Propriétaire :
Voir également :
 Vous devez enregistrer cette entrée pour pouvoir modifier ces champs.
Membres du groupe NT :
Supprimer le groupe NT si le groupe est supprimé :
Créer un nouveau groupe NT :
La dernière modification de cette entrée date du par --- NEW FILE display-ntperson.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée de personne NT- <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Personne (cliquez pour afficher la carte) > Click to display organization chart Nouvelle personne NT
>Download Certificate    >Play Audio Clip
           
* Indique une zone d'entrée obligatoire
Contacts
Prénom : Nom complet : *
Nom de famille : *
Mot de passe du Directory Server : Retaper le mot de passe pour confirmation
Téléphone : Adresse électronique :
Télécopie : Id utilisateur :
Téléavertisseur : Téléphone mobile :
Informations sur le compte Windows NT
Id utilisateur NT : * Nom de domaine NT : *
Supprimer le compte NT si la personne est supprimée
Créer un nouveau compte NT
Commentaire utilisateur NT Id utilisateur NT unique :
Mot de passe NT périmé : Compte de mots de passe NT incorrect :
Dernière date de connexion au système NT : Dernière date de déconnexion du système NT :
Date d'expiration du compte NT : Nombre de connexions NT :
Serveur de connexions NT : Postes de travail NT :
Page de codes NT : Code de pays NT :
Id de groupe principal NT : Profil NT :
Annuaire personnel NT : Lecteur d'annuaire personnel NT :
Chemin script NT : Mise en mémoire maximale NT :
Unités NT par semaine : Privilèges de l'utilisateur NT :
Privilèges de l'utilisateur NT : Diverses fonctions de compte de personne NT : Features:
Informations sur l'activité et l'emplacement
Secteur d'activité : Titre :
Unité organisationnelle : Gestionnaire :
 Vous devez enregistrer cette entrée pour pouvoir modifier ces champs.
Numéro de poste : Admin.:
N° de service : N° d'employé :
N° de permis de circulation :      
Adresse postale :
-->
Informations supplémentaires
Description:
Voir également :
 Vous devez enregistrer cette entrée pour pouvoir modifier ce champ.
URL:
La dernière modification de cette entrée date du Dans --- NEW FILE display-org.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Organisation - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Organization Nouvelle organisation -
        
* Indique une zone d'entrée obligatoire
Nom de l'organisation : * Description:
Téléphone : Catégorie commerciale :
Télécopie : Emplacement :
Adresse postale :
Voir également :
La dernière modification de cette entrée date du par --- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée de personne <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Personne (cliquez pour afficher la carte) > Click to display organization chart Nouvelle personne -
>Télécharger un certificat    >Lire le clip audio
           
* Indique une zone d'entrée obligatoire
Contacts
Prénom : Nom complet : *
Nom : *
Mot de passe : Retaper le mot de passe pour confirmation :
Téléphone : Adresse électronique :
Télécopie : Id d'utilisateur :
Radiomessagerie : Téléphone mobile :
Informations sur l'activité et l'emplacement
Secteur d'activité : Titre :
Service de la société : Responsable :
 Vous devez enregistrer cette entrée avant de pouvoir modifier ces champs.
Numéro de poste : Admin. :
N° de service : N° d'employé :
N° d'immatriculation :      
Adresse postale :
-->
Informations supplémentaires
Description :
Voir également :
 Vous devez enregistrer cette entrée avant de pouvoir modifier ce champ.
URL :
La dernière modification de cette entrée date du par --- NEW FILE display-orgunit.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Unit?? organisationnelle - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Unit?? Org Nouvelle unit?? organisationnelle -
        
* Indique une zone d'entr??e obligatoire
Nom de l'unit?? : * Description :
T??l??phone : Cat??gorie commerciale :
T??l??copie : Emplacement :
Adresse postale :
Voir ??galement :
La derni??re modification de cette entr??e date du par --- NEW FILE display-person.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> Entrée de personne <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Personne (cliquez pour afficher la carte) > Click to display organization chart Nouvelle personne
           
* Indique une zone d'entrée obligatoire
Nom : * Nom complet :
Mot de passe : Retaper le mot de passe pour confirmation :
Téléphone : Adresse électronique :
Télécopie : Id d'utilisateur :
Radiomessagerie : Téléphone mobile :
Titre :
Adresse postale :
Description :
Voir également :
 Vous devez enregistrer cette entrée avant de pouvoir modifier ce champ.
URL :
Boisson favorite :
La dernière modification de cette entrée date du par --- NEW FILE display-umperson.html.in --- <!-- IF "Adding" --> Nouvelle <!-- ENDIF // Adding --> entrée de personne U-M - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
> Personne > Click to display organization chart Nouvel personne U-M -
>Lecture de clip audio
        
* Indique une zone d'entr??e obligatoire
Nom de famille : * Nom complet : *
Téléphone : Adresse électronique :
Télécopie : Nom unique :
Téléavertisseur : Téléphone mobile :
Titre :
Adresse postale :
Description :
Voir également :
URL :
Boisson favorite :
La dernière modification de cette entrée date du par --- NEW FILE newentry.html.in --- Passerelle Netscape Directory Server : New Entry <BODY> Vous devez utiliser un client qui g&egrave;re la fonction de cadres pour pouvoir afficher ce document. </BODY> --- NEW FILE search.html.in --- Passerelle Netscape Directory Server : Standard Search --- csearch.html DELETED --- --- display-country.html DELETED --- --- display-group.html DELETED --- --- display-groupun.html DELETED --- --- display-mailgroup.html DELETED --- --- display-ntgroup.html DELETED --- --- display-ntperson.html DELETED --- --- display-org.html DELETED --- --- display-orgperson.html DELETED --- --- display-orgunit.html DELETED --- --- display-person.html DELETED --- --- display-umperson.html DELETED --- --- newentry.html DELETED --- --- search.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:19 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:19 -0500 Subject: [Fedora-directory-commits] dsgw/config authPassword.html.in, NONE, 1.1 authSearch.html.in, NONE, 1.1 csearch.html.in, NONE, 1.1 csearchAttr.html.in, NONE, 1.1 csearchBase.html.in, NONE, 1.1 csearchMatch.html.in, NONE, 1.1 csearchString.html.in, NONE, 1.1 csearchType.html.in, NONE, 1.1 display-country.html.in, NONE, 1.1 display-dc.html.in, NONE, 1.1 display-dnedit.html.in, NONE, 1.1 display-dneditpeople.html.in, NONE, 1.1 display-group.html.in, NONE, 1.1 display-groupun.html.in, NONE, 1.1 display-ntgroup.html.in, NONE, 1.1 display-ntperson.html.in, NONE, 1.1 display-org.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-orgunit.html.in, NONE, 1.1 display-person.html.in, NONE, 1.1 list-Anything.html.in, NONE, 1.1 list-Auth.html.in, NONE, 1.1 list-Domaincomponent.html.in, NONE, 1.1 list-Groups.html.in, NONE, 1.1 list-NT-Groups.html.in, NONE, 1.1 list-NT-People.html.in, NONE, 1.1 list-Org-Units.html.in, NONE, 1.1 list-Organizations.html.in, NONE, 1.1 list-People.html.in, NONE, 1.1 list-fa-Groups.html.in, NONE, 1.1 list-fa-People.html.in, NONE, ! 1.1 list-urlsearch.html.in, NONE, 1.1 newentry.html.in, NONE, 1.1 newentryName.html.in, NONE, 1.1 newentryType.html.in, NONE, 1.1 search.html.in, NONE, 1.1 searchString.html.in, NONE, 1.1 authPassword.html, 1.1.1.1, NONE authSearch.html, 1.1.1.1, NONE csearch.html, 1.1.1.1, NONE csearchAttr.html, 1.1.1.1, NONE csearchBase.html, 1.1.1.1, NONE csearchMatch.html, 1.1.1.1, NONE csearchString.html, 1.1.1.1, NONE csearchType.html, 1.1.1.1, NONE display-country.html, 1.1.1.1, NONE display-dc.html, 1.1.1.1, NONE display-dnedit.html, 1.1.1.1, NONE display-dneditpeople.html, 1.1.1.1, NONE display-group.html, 1.1.1.1, NONE display-groupun.html, 1.1.1.1, NONE display-ntgroup.html, 1.1.1.1, NONE display-ntperson.html, 1.1.1.1, NONE display-org.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-orgunit.html, 1.1.1.1, NONE display-person.html, 1.1.1.1, NONE list-Anything.html, 1.1.1.1, NONE list-Auth.html, 1.1.1.1, NONE list-Domaincomponent.html, 1.1.1.1, NONE list-Groups.html, 1.1.1.1, NONE list-NT-Groups.html, 1.1.1.1, NONE list-NT-! People.html,1.1.1.1,NONE list-Org-Units.html,1.1.1.1,NONE list! -Organ Message-ID: <200801142231.m0EMVKqi008144@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/config Added Files: authPassword.html.in authSearch.html.in csearch.html.in csearchAttr.html.in csearchBase.html.in csearchMatch.html.in csearchString.html.in csearchType.html.in display-country.html.in display-dc.html.in display-dnedit.html.in display-dneditpeople.html.in display-group.html.in display-groupun.html.in display-ntgroup.html.in display-ntperson.html.in display-org.html.in display-orgperson.html.in display-orgunit.html.in display-person.html.in list-Anything.html.in list-Auth.html.in list-Domaincomponent.html.in list-Groups.html.in list-NT-Groups.html.in list-NT-People.html.in list-Org-Units.html.in list-Organizations.html.in list-People.html.in list-fa-Groups.html.in list-fa-People.html.in list-urlsearch.html.in newentry.html.in newentryName.html.in newentryType.html.in search.html.in searchString.html.in Removed Files: authPassword.html authSearch.html csearch.html csearchAttr.html csearchBase.html csearchMatch.html csearchString.html csearchType.html display-country.html display-dc.html display-dnedit.html display-dneditpeople.html display-group.html display-groupun.html display-ntgroup.html display-ntperson.html display-org.html display-orgperson.html display-orgunit.html display-person.html list-Anything.html list-Auth.html list-Domaincomponent.html list-Groups.html list-NT-Groups.html list-NT-People.html list-Org-Units.html list-Organizations.html list-People.html list-fa-Groups.html list-fa-People.html list-urlsearch.html newentry.html newentryName.html newentryType.html search.html searchString.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE authPassword.html.in --- Authenticate...

Password for :

--- NEW FILE authSearch.html.in --- Authenticate... The first step in authenticating to the directory is identifying yourself.
Please type your name:

 (only available to Directory Administrators) --- NEW FILE csearch.html.in --- Netscape Directory Server Gateway: Advanced Search --- NEW FILE csearchAttr.html.in ---
where the
--- NEW FILE csearchBase.html.in ---
within
--- NEW FILE csearchMatch.html.in ---
--- NEW FILE csearchString.html.in ---
--- NEW FILE csearchType.html.in ---
Find
--- NEW FILE display-country.html.in --- Country - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Country
 
Country Name: Description:
See Also:
URL:
 

This entry was last modified on by
--- NEW FILE display-dc.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Domaincomponent - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Domaincomponent Entry
Domaincomponent New Domaincomponent -
        
 * Indicates a required field
 
class="bold" >Domaincomponent Name: * class="bold" >Description:
class="bold" >Phone: class="bold" >Business Category:
class="bold" >Fax: class="bold" >Location:
class="bold" >Mailing Address:
class="bold" >See Also:
 
 This entry was last modified on by
--- NEW FILE display-dnedit.html.in --- Edit <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Edit :
Find matching 

--- NEW FILE display-dneditpeople.html.in --- Edit <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Edit :
Find matching 

--- NEW FILE display-group.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Group Entry
Group New Group -
        
  * Indicates a required field
 
class="bold" >Name: *
class="bold" >Description:
class="bold" >Owner:
class="bold" >See Also:
 You must save this entry before you can edit these fields.
class="bold" >Group Members:
 
 This entry was last modified on by
--- NEW FILE display-groupun.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Group Entry
Group New Group -
        
 * Indicates a required field
 
class="bold" >Name: *
class="bold" >Description:
class="bold" >Owner:
class="bold" >See Also:
 You must save this entry before you can edit these fields.
class="bold" >Group Members:
 
  This entry was last modified on by
--- NEW FILE display-ntgroup.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> NT Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
NT Group Entry
Group New NT Group -
        
  * Indicates a required field
 
class="bold" >Name: *
class="bold" >NT Group Name: *
class="bold" >Description:
class="bold" >Owner:
class="bold" >See Also:
 You must save this entry before you can edit these fields.
class="bold" >NT Group Members:
class="bold" >Delete NT Group if Group deleted:
Create New NT Group:
 
  This entry was last modified on by
--- NEW FILE display-ntperson.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> NT Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
NT Person Entry
BORDER=0> NT Person (click to show card) > Click to display organization chart New NT Person -
>Download Certificate    >Play Audio Clip
           
  * Indicates a required field

Contact Information
class="bold" >First Name: class="bold" >Common Name: *
class="bold" >Last Name: * class="bold" >E-Mail Address:
Directory Password: Repeat password to confirm:
class="bold" >Phone: class="bold" >AIM ID:
class="bold" >Fax: class="bold" >User ID:
class="bold" >Pager: class="bold" >Mobile Phone:
Windows NT Account Information
class="bold" >NT User Id: *
class="bold" >Delete NT Account if Person deleted:
Create New NT Account :
NT User Comment: NT User Unique Id:
NT Password Expired: NT Bad Password Count:
NT Last Logon Date: NT Last Logoff Date:
NT Account Expiration Date: Number of NT Logons:
NT Logon Server: NT Workstations:
NT Code Page: NT Country Code:
NT Primary Group Id: NT Profile:
NT Home Directory: NT Home Directory Drive:
NT Script Path: NT Max Storage:
NT Units Per Week: NT User's Privileges:
NT User's Operator Privileges: NT User Account Misc. Features:
Business and Location Information
class="bold" >Business Category: class="bold" >Title:
class="bold" >Organizational Unit: class="bold" >Manager:
 You must save this entry before you can edit these fields.
class="bold" >Room Number: class="bold" >Admin.:
class="bold" >Dept#: class="bold" >Emp#:
class="bold" >Car License#:      
class="bold" >Mailing Address:
class="bold" >Unique ID: -->
Additional Information
class="bold" >Description:
class="bold" >See Also:
 You must save this entry before you can edit this field.
class="bold" >URL:
 
  This entry was last modified on by
--- NEW FILE display-org.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Organization - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Organization Entry
Organization New Organization -
        
 * Indicates a required field
 
class="bold" >Organization Name: * class="bold" >Description:
class="bold" >Phone: class="bold" >Business Category:
class="bold" >Fax: class="bold" >Location:
class="bold" >Mailing Address:
class="bold" >See Also:
 
  This entry was last modified on by
--- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Person Entry
BORDER=0> Person (click to show card) > Click to display organization chart New Person -
>Download Certificate    >Play Audio Clip
           
  * Indicates a required field
Contact Information
class="bold" >First Name: class="bold" >Common Name: *
class="bold" >Last Name: * class="bold" >E-Mail Address:
Password: Repeat password to confirm:
class="bold" >Phone: class="bold" >AIM ID:
class="bold" >Fax: class="bold" >User ID:
class="bold" >Pager: class="bold" >Mobile Phone:
Business and Location Information
class="bold" >Business Category: class="bold" >Title:
class="bold" >Organizational Unit: class="bold" >Manager:
 You must save this entry before you can edit these fields.
class="bold" >Room Number: class="bold" >Admin.:
class="bold" >Dept#: class="bold" >Emp#:
class="bold" >Car License#:      
class="bold" >Mailing Address:
class="bold" >Unique ID: -->
Additional Information
class="bold" >Description:
class="bold" >See Also:
 You must save this entry before you can edit this field.
class="bold" >URL:
 
  This entry was last modified on by
--- NEW FILE display-orgunit.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Organizational Unit - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Organizational Unit Entry
Org Unit New Organizational Unit -
        
 * Indicates a required field
 
class="bold" >Unit Name: * class="bold" >Description:
class="bold" >Phone: class="bold" >Business Category:
class="bold" >Fax: class="bold" >Location:
class="bold" >Mailing Address:
class="bold" >See Also:
 
  This entry was last modified on by
--- NEW FILE display-person.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Person Entry
Person (click to show card) >Click to display organization chart New Person -
           
  * Indicates a required field

Contact Information
class="bold" >Last Name: class="bold" >Common Name: *
class="bold" >E-Mail Address:
Password: Repeat password to confirm:
class="bold" >Phone: class="bold" >AIM ID:
class="bold" >Fax: class="bold" >User ID:
class="bold" >Pager: class="bold" >Mobile Phone:
Business and Location Information
class="bold" >Title:
class="bold" >Mailing Address:
class="bold" >Unique ID: -->
Additional Information
class="bold" >Description:
class="bold" >See Also:
 You must save this entry before you can edit this field.
class="bold" >URL:
 
  This entry was last modified on by
--- NEW FILE list-Anything.html.in --- Search for Anything

 
Name Phone E-mail Description
 
Click on an entry's Name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-Auth.html.in --- Authenticate as...
>

Please click on the name of the entry you would like to use for authentication.

Authenticate As Title

Please go back and try again.
--- NEW FILE list-Domaincomponent.html.in --- Search for Domaincomponents

 
Domaincomponent Description Phone
 
Click on an domaincomponent's name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-Groups.html.in --- Search for Groups

 
Group Name Description
 
 
Click on a Group's Name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-NT-Groups.html.in --- Search for NT Groups

 
LDAP Group Name NT Group Name Description
 
Click on an entry's Name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-NT-People.html.in --- Search for NT-People"

 
Name NT Domain NT Username AIM ID Phone
 
Click on an entry's ID to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-Org-Units.html.in --- Search for Organizational Units

 
Organizational Unit Description Phone
 
Click on an entry's ID to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-Organizations.html.in --- Search for Organizations

 
Organization Description Phone
 
Click on an organization's name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-People.html.in --- Search for People

 
Name ID Phone E-mail AIM ID Group
 
Click on an entry's ID to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE list-fa-Groups.html.in --- Search for People
--- NEW FILE list-fa-People.html.in --- Search for People
--- NEW FILE list-urlsearch.html.in --- URL-based Search

 
Name Phone E-mail
 
Click on an entry's Name to bring up more information about that entry.

 

No match found.

No entries match the requested search term. Please try a different search.

--- NEW FILE newentry.html.in --- Netscape Directory Server Gateway: New Entry <BODY> You must use a client that supports frames to view this document. </BODY> --- NEW FILE newentryName.html.in ---

Step 2. Provide a name for the new .
:

Step 3. Select a directory location for this , or select Other and enter the complete distinguished name where this entry should be added.


Step 4. Click Continue. You will be presented with an editable view of the entry. When you are done filling in information, save the entry.

--- NEW FILE newentryType.html.in ---
Create New Entry
Step 1. Select the type of entry to create.
--- NEW FILE search.html.in --- Netscape Directory Server Gateway: Standard Search --- NEW FILE searchString.html.in ---
Find within
Search for
--- authPassword.html DELETED --- --- authSearch.html DELETED --- --- csearch.html DELETED --- --- csearchAttr.html DELETED --- --- csearchBase.html DELETED --- --- csearchMatch.html DELETED --- --- csearchString.html DELETED --- --- csearchType.html DELETED --- --- display-country.html DELETED --- --- display-dc.html DELETED --- --- display-dnedit.html DELETED --- --- display-dneditpeople.html DELETED --- --- display-group.html DELETED --- --- display-groupun.html DELETED --- --- display-ntgroup.html DELETED --- --- display-ntperson.html DELETED --- --- display-org.html DELETED --- --- display-orgperson.html DELETED --- --- display-orgunit.html DELETED --- --- display-person.html DELETED --- --- list-Anything.html DELETED --- --- list-Auth.html DELETED --- --- list-Domaincomponent.html DELETED --- --- list-Groups.html DELETED --- --- list-NT-Groups.html DELETED --- --- list-NT-People.html DELETED --- --- list-Org-Units.html DELETED --- --- list-Organizations.html DELETED --- --- list-People.html DELETED --- --- list-fa-Groups.html DELETED --- --- list-fa-People.html DELETED --- --- list-urlsearch.html DELETED --- --- newentry.html DELETED --- --- newentryName.html DELETED --- --- newentryType.html DELETED --- --- search.html DELETED --- --- searchString.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:20 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:20 -0500 Subject: [Fedora-directory-commits] dsgw/config/es csearch.html.in, NONE, 1.1 display-country.html.in, NONE, 1.1 display-group.html.in, NONE, 1.1 display-groupun.html.in, NONE, 1.1 display-ntgroup.html.in, NONE, 1.1 display-ntperson.html.in, NONE, 1.1 display-org.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-orgunit.html.in, NONE, 1.1 display-person.html.in, NONE, 1.1 newentry.html.in, NONE, 1.1 search.html.in, NONE, 1.1 csearch.html, 1.1.1.1, NONE display-country.html, 1.1.1.1, NONE display-group.html, 1.1.1.1, NONE display-groupun.html, 1.1.1.1, NONE display-ntgroup.html, 1.1.1.1, NONE display-ntperson.html, 1.1.1.1, NONE display-org.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-orgunit.html, 1.1.1.1, NONE display-person.html, 1.1.1.1, NONE newentry.html, 1.1.1.1, NONE search.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVKo8008174@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config/es In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/config/es Added Files: csearch.html.in display-country.html.in display-group.html.in display-groupun.html.in display-ntgroup.html.in display-ntperson.html.in display-org.html.in display-orgperson.html.in display-orgunit.html.in display-person.html.in newentry.html.in search.html.in Removed Files: csearch.html display-country.html display-group.html display-groupun.html display-ntgroup.html display-ntperson.html display-org.html display-orgperson.html display-orgunit.html display-person.html newentry.html search.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE csearch.html.in --- Netscape Directory Server Gateway : Advanced Search --- NEW FILE display-country.html.in --- País: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
País
Nombre del país: Descripción
Ver también:
Página web:
Esta entrada fue modificada por última vez el por --- NEW FILE display-group.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada de grupo: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Grupo Nuevo grupo:
        
El asterisco (*) indica los campos obligatorios
Nombre: *
Descripción:
Propietario:
Ver también:
 Tiene que guardar esta entrada para poder modificar este campo.
Miembros del grupo:
Esta entrada fue modificada por última vez el por --- NEW FILE display-groupun.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada de grupo: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Grupo Nuevo grupo:
        
El asterisco (*) indica los campos obligatorios
Nombre: *
Description:
Propietario:
Ver también:
 Tiene que guardar esta entrada para poder modificar este campo.
Miembros del grupo:
Esta entrada fue modificada por última vez el por --- NEW FILE display-ntgroup.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada de grupo NT: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Grupo Nuevo grupo NT:
        
El asterisco (*) indica los campos obligatorios
Nombre: *
Nombre de grupo NT: *
Tipo del grupo NT: *
Dominio del grupo NT: *
Descripción:
Escenario:
Departamento:
Propietario:
Ver también
 Tiene que guardar esta entrada para poder modificar el campo.
Miembros del grupo NT
Borrar grupo NT si el grupo borrado es:
Crear nuevo grupo NT:
Esta entrada fue modificada por última vez el por --- NEW FILE display-ntperson.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada personal NT: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Persona (haga clic para ver la tarjeta) > Click to display organization chart Nueva persona NT:
>Recibir certificado    >Play Audio Clip
           
El asterisco (*) indica los campos obligatorios
Información de contacto
Nombre: Nombre y apellidos: *
Apellidos: *
Contraseña del directorio: Repítala para confirmar:
Teléfono: Dirección electrónica:
Fax: Identificación de usuario:
Localizador: Teléfono móvil:
 
Información sobre cuenta Windows NT
Identificación de usuario NT: * Nombre de dominio NT: *
Borrar cuenta NT si la persona borrada es:
Crear nueva cuenta NT:
Comentario del usuario NT: Identificador exclusivo usuario NT:
Caducidad contraseña NT: Nº de contraseñas erróneas NT:
Última fecha de entrada NT: Última fecha de salida NT
Fecha de caducidad cuenta NT: Nº de accesos NT:
Servidor de acceso NT: Estaciones NT:
Pág. de códigos NT: Cógido de país NT:
Identif. grupo principal NT: Perfil NT:
Directorio principal NT: Unidad directorio ppal. NT:
Vía de acceso a guión NT: Almacenamiento máx. NT:
Unidades NT por semana Privilegios de usuario NT:
Privilegios de operador usuario NT: Funciones varias cta. usuario NT:
 
Información sobre actividad profesional y ubicación
Categoría comercial: Cargo:
Departamento: Responsable:
 Tiene que guardar esta entrada para poder modificar este campo.
Nº de despacho Admin.:
Nº de dpto.: Nº empleado:
C. identidad/pasaporte:      
Dirección postal:
-->
Información adicional
Descripción:
Ver también:
 Tiene que guardar esta entrada para poder modificar este campo.
Página web:
Esta entrada fue modificada por última vez el por --- NEW FILE display-org.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Empresa: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Empresa Nueva empresa:
        
El asterisco (*) indica los campos obligatorios
Nombre de la empresa: * Descripción:
Teléfono: Categoría comercial:
Fax: Dirección:
Dirección postal:
Ver también:
Esta entrada fue modificada por última vez el por --- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada personal: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> Persona (haga clic para ver la tarjeta) > Click to display organization chart Nueva persona:
>Recibir certificado    >Reproducir fragmento de sonido
           
El asterisco (*) indica los campos obligatorios
Información de contacto
Nombre: Nombre y apellidos: *
Apellidos: *
Contraseña: Repetir la contraseña para confirmarla:
Teléfono: Dirección electrónica:
Fax: Identificador de usuario:
Buscapersonas: Teléfono móvil:
Información sobre actividad comercial y ubicación
Categoría comercial: Cargo:
Departamento: Responsable:
 Tiene que guardar esta entrada para poder modificar este campo.
Nº de despacho: Admin.:
Nº de dpto.: Nº empleado:
C. identidad/pasaporte:      
Dirección postal:
-->
Información adicional
Descripción:
Ver también:
 Tiene que guardar esta entrada para poder modificar este campo.
Página web:
Esta entrada fue modificada por última vez el por --- NEW FILE display-orgunit.html.in --- <!-- IF "Adding" --> Nuevo <!-- ENDIF // Adding --> Departamento: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Departamento Nuevo Departamento:
        
El asterisco (*) indica los campos obligatorios.
Nombre del dpto.: * Descripción:
Teléfono: Categoría comercial:
Fax: Dirección:
Dirección postal:
Ver también:
Esta entrada fue modificada por última vez el por --- NEW FILE display-person.html.in --- <!-- IF "Adding" --> Nueva <!-- ENDIF // Adding --> Entrada personal: <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Persona (haga clic para ver la tarjeta) > Click to display organization chart Nueva persona:
           
El asterisco (*) indica los campos obligatorios
Apellidos: * Nombre y apellidos:
Contraseña: Repita la contraseña para confirmarla:
Teléfono: Dirección electrónica:
Fax: User ID:
Buscapersonas: Teléfono móvil:
Cargo:
Dirección postal:
Descripción:
Ver también:
 Tiene que guardar esta entrada para poder modificar el campo.
Página web:
Bebida favorita:
Esta entrada fue modificada por última vez el por --- NEW FILE newentry.html.in --- Pasarela de Netscape Directory Server: Nueva entrada <BODY> Tiene que emplear un programa de acceso que admita marcos para poder ver este documento. </BODY> --- NEW FILE search.html.in --- Pasarela de Netscape Directory Server: Standard Search --- csearch.html DELETED --- --- display-country.html DELETED --- --- display-group.html DELETED --- --- display-groupun.html DELETED --- --- display-ntgroup.html DELETED --- --- display-ntperson.html DELETED --- --- display-org.html DELETED --- --- display-orgperson.html DELETED --- --- display-orgunit.html DELETED --- --- display-person.html DELETED --- --- newentry.html DELETED --- --- search.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:22 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:22 -0500 Subject: [Fedora-directory-commits] dsgw/config/ja csearch.html.in, NONE, 1.1 display-country.html.in, NONE, 1.1 display-group.html.in, NONE, 1.1 display-groupun.html.in, NONE, 1.1 display-mailgroup.html.in, NONE, 1.1 display-ntgroup.html.in, NONE, 1.1 display-ntperson.html.in, NONE, 1.1 display-org.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-orgunit.html.in, NONE, 1.1 display-person.html.in, NONE, 1.1 display-umperson.html.in, NONE, 1.1 newentry.html.in, NONE, 1.1 search.html.in, NONE, 1.1 csearch.html, 1.1.1.1, NONE display-country.html, 1.1.1.1, NONE display-group.html, 1.1.1.1, NONE display-groupun.html, 1.1.1.1, NONE display-mailgroup.html, 1.1.1.1, NONE display-ntgroup.html, 1.1.1.1, NONE display-ntperson.html, 1.1.1.1, NONE display-org.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-orgunit.html, 1.1.1.1, NONE display-person.html, 1.1.1.1, NONE display-umperson.html, 1.1.1.1, NONE newentry.html, 1.1.1.1, NONE search.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVMj4008246@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config/ja In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/config/ja Added Files: csearch.html.in display-country.html.in display-group.html.in display-groupun.html.in display-mailgroup.html.in display-ntgroup.html.in display-ntperson.html.in display-org.html.in display-orgperson.html.in display-orgunit.html.in display-person.html.in display-umperson.html.in newentry.html.in search.html.in Removed Files: csearch.html display-country.html display-group.html display-groupun.html display-mailgroup.html display-ntgroup.html display-ntperson.html display-org.html display-orgperson.html display-orgunit.html display-person.html display-umperson.html newentry.html search.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE csearch.html.in --- Netscape Directory Server Gateway: Advanced Search --- NEW FILE display-country.html.in --- ??? - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Country
??????: ??????:
??????:
URL:
????????????????????????????????????: ?????????: --- NEW FILE display-group.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
???????????? ?????????????????? -
        
* ???????????????????????????????????????????????????
??????: *
??????:
?????????:
??????:
 ?????????????????????????????????????????????????????????????????????????????????????????????????????????
???????????? ????????????:
????????????????????????????????????: ?????????: --- NEW FILE display-groupun.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
???????????? ?????????????????? -
        
* ???????????????????????????????????????????????????
??????: *
??????:
?????????:
??????:
 ?????????????????????????????????????????????????????????????????????????????????????????????????????????
???????????? ????????????:
????????????????????????????????????: ?????????: --- NEW FILE display-mailgroup.html.in --- <!-- IF "Adding" --> ?????? <!-- ENDIF // Adding --> ????????? ??????????????????????????? - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
???????????? ??????????????? ????????????
        
??????: ??????:
?????????:
??????:
???????????? ????????????:
???????????????????????????:
????????????????????????????????????: ?????????: --- NEW FILE display-ntgroup.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> NT Group Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
???????????? ??????NT???????????? -
        
* ???????????????????????????????????????????????????
??????: *
NT???????????????: *
NT???????????? ?????????: *
NT???????????? ????????????: *
??????:
????????????:
????????????:
?????????:
??????:
 ?????????????????????????????????????????????????????????????????????????????????????????????????????????
NT???????????? ????????????:
????????????????????????????????????NT?????????????????????:
??????NT????????????????????? :
????????????????????????????????????: ?????????: --- NEW FILE display-ntperson.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> NT Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> ?????????(???????????????????????????????????????????????????) > Click to display organization chart ??????NT????????? -
>Download Certificate    >Play Audio Clip
           
* ???????????????????????????????????????????????????
?????????
???: * ??????: *
???:
Directory Password: Repeat password to confirm:
??????: ???????????????????????????:
???????????????: ????????? ID:
??????????????????: ????????????:
WindowsNT?????????????????????
NT????????? ID: * NT???????????????: *
????????????????????????????????? NT????????????????????????:
??????NT???????????????????????? :
NT?????????????????????????????????: NT?????????????????? ID:
NT?????????????????????: NT???????????????????????????:
NT????????????????????????: NT ????????????????????????:
NT????????????????????????: NT?????????????????????:
NT?????????????????????: NT???????????????????????????:
NT??????????????????: NT????????????:
NT?????????????????? ID: NT??????????????????:
NT???????????????????????????: NT ????????? ??????????????????????????????:
NT?????????????????????: NT??????????????????:
NT????????????/???: NT??????????????????:
NT?????????????????????????????????: NT ????????? ????????????????????????????????????:
???????????????????????????????????????
??????????????????: ??????:
????????????: ???????????????:
 ?????????????????????????????????????????????????????????????????????????????????????????????????????????
????????????: ?????????:
????????????: ????????????:
??????????????????????????????????????????:      
??????:
-->
????????????
??????:
??????:
 ???????????????????????????????????????????????????????????????????????????????????????????????????
URL:
????????????????????????????????????: ?????????: --- NEW FILE display-org.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Organization - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
?????? ???????????? -
        
* ???????????????????????????????????????????????????
?????????: * ??????:
??????: ??????????????????:
???????????????: ??????:
??????:
??????:
????????????????????????????????????: ?????????: --- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
BORDER=0> ????????? (???????????????????????????????????????????????????) > Click to display organization chart ??????????????? -
>??????????????????????????????    >????????????????????????????????????
           
* ???????????????????????????????????????????????????
?????????
???: * ??????: *
???:
???????????????: ?????????????????????????????????????????????:
??????: ???????????????????????????:
???????????????: ????????? ID:
??????????????????: ????????????:
???????????????????????????????????????
??????????????????: ??????:
????????????: ???????????????:
 ?????????????????????????????????????????????????????????????????????????????????????????????????????????
????????????: ?????????:
????????????: ????????????:
??????????????????????????????????????????:      
??????:
-->
????????????
??????:
??????:
 ???????????????????????????????????????????????????????????????????????????????????????????????????
URL:
????????????????????????????????????: ?????????: --- NEW FILE display-orgunit.html.in --- <!-- IF "Adding" --> ?????? <!-- ENDIF // Adding --> ???????????? - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
???????????? ?????????????????? -
        
* ???????????????????????????????????????????????????
?????????: * ??????:
??????: ??????????????????:
???????????????: ??????:
??????:
??????:
????????????????????????????????????: ?????????: --- NEW FILE display-person.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
?????????(???????????????????????????????????????????????????) > Click to display organization chart ??????????????? -
           
* ???????????????????????????????????????????????????
??????: * ??????:
???????????????: ?????????????????????????????????????????????:
??????: ???????????????????????????:
???????????????: ????????? ID:
??????????????????: ????????????:
??????:
??????:
??????:
??????:
 ???????????????????????????????????????????????????????????????????????????????????????????????????
URL:
???????????????:
????????????????????????????????????: ?????????: --- NEW FILE display-umperson.html.in --- <!-- IF "Adding" --> ?????? <!-- ENDIF // Adding --> ?????????????????????????????????????????? - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
> ????????? > Click to display organization chart ????????????????????????????????? -
>????????????????????????????????????
        
* ???????????????????????????????????????????????????
??????: * ??????: *
??????: ???????????????????????????:
???????????????: ???????????????:
??????????????????: ????????????:
??????:
??????:
??????:
??????:
URL:
???????????????:
????????????????????????????????????: ?????????: --- NEW FILE newentry.html.in --- Netscape Directory Server Gateway: New Entry <BODY> ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????? </BODY> --- NEW FILE search.html.in --- Netscape Directory Server Gateway: Standard Search --- csearch.html DELETED --- --- display-country.html DELETED --- --- display-group.html DELETED --- --- display-groupun.html DELETED --- --- display-mailgroup.html DELETED --- --- display-ntgroup.html DELETED --- --- display-ntperson.html DELETED --- --- display-org.html DELETED --- --- display-orgperson.html DELETED --- --- display-orgunit.html DELETED --- --- display-person.html DELETED --- --- display-umperson.html DELETED --- --- newentry.html DELETED --- --- search.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:22 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:22 -0500 Subject: [Fedora-directory-commits] dsgw/html alert.html.in, NONE, 1.1 auth.html.in, NONE, 1.1 authroot.html.in, NONE, 1.1 authtitle.html.in, NONE, 1.1 confirm.html.in, NONE, 1.1 csearchtitle.html.in, NONE, 1.1 greeting.html.in, NONE, 1.1 index.html.in, NONE, 1.1 maintitle.html.in, NONE, 1.1 newentrytitle.html.in, NONE, 1.1 searchtitle.html.in, NONE, 1.1 alert.html, 1.1.1.1, NONE auth.html, 1.1.1.1, NONE authroot.html, 1.1.1.1, NONE authtitle.html, 1.1.1.1, NONE confirm.html, 1.1.1.1, NONE csearchtitle.html, 1.1.1.1, NONE greeting.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE maintitle.html, 1.1.1.1, NONE newentrytitle.html, 1.1.1.1, NONE searchtitle.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVNN1008289@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/html In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/html Added Files: alert.html.in auth.html.in authroot.html.in authtitle.html.in confirm.html.in csearchtitle.html.in greeting.html.in index.html.in maintitle.html.in newentrytitle.html.in searchtitle.html.in Removed Files: alert.html auth.html authroot.html authtitle.html confirm.html csearchtitle.html greeting.html index.html maintitle.html newentrytitle.html searchtitle.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE alert.html.in --- <!-- DS_POSTEDVALUE "NAME=TITLE" -->
Alert
--- NEW FILE auth.html.in --- Directory Server Gateway: Authenticate <H3>Frames-capable browser required</H3> Sorry, but in order to use the Directory Server Gateway, you must use a browser which supports HTML forms and JavaScript, such as Mozilla Firefox. To learn how to obtain Firefox, visit the <A HREF="http://www.mozilla.org">Mozilla Home Page</A>. --- NEW FILE authroot.html.in --- Directory Server Gateway: Authenticate <H3>Frames-capable browser required</H3> Sorry, but in order to use the Directory Server Gateway, you must use a browser which supports HTML forms and JavaScript, such as Mozilla Firefox. To learn how to obtain Firefox, visit the <A HREF="http://www.mozilla.org">Mozilla Home Page</A>. --- NEW FILE authtitle.html.in --- Directory Server
Directory Server Gateway
Standard Search
Advanced Search
New Entry
Authentication
--- NEW FILE confirm.html.in ---
Confirm
--- NEW FILE csearchtitle.html.in --- Directory Server
Directory Server Gateway
Standard Search
Advanced Search
New Entry
Authentication
--- NEW FILE greeting.html.in --- Directory Server
You are using the Directory Server Gateway. This interface can be used to search for, modify, and create entries that are stored in the Fedora Directory Server.

You are currently viewing the Standard Search screen, which provides an easy and convenient way to search the directory. Standard Search examines what you type and automatically selects one or more methods for searching the directory. Enter a name, telephone number, user id, or e-mail address in the Search For field and click the Search button to quickly locate directory entries. Click the Help button if you need additional assistance.

The toolbar you see at the top of this window is always available when you are using the Directory Server Gateway. In addition to Standard Search, you can click the other buttons to perform a variety of tasks. If you want to modify your own directory entry, first search for it using Standard or Advanced Search and then click the Edit Person button within the entry display.

Advanced
Search 		With Advanced Search, you can specify exactly what you are looking for, what attribute you wish to search for, and what type of matching you wish to allow.
New Entry New Entry allows you to create new entries in the directory. Depending on how the system administrator has set up your directory you may need to be granted special permission to add new entries. If you are not sure, ask your system administrator.
Authenticate You use the authentication screens to log into and out of the directory. You need to authenticate before you can modify or add entries to the directory. You may also need to authenticate before searching the directory, if your system administrator requires it.
--- NEW FILE index.html.in --- Directory Server Gateway <H3>Frames-capable browser required</H3> Sorry, but in order to use the Directory Server Gateway, you must use a browser which supports HTML forms and JavaScript, such as Mozilla Firefox. To learn how to obtain Firefox, visit the <A HREF="http://www.mozilla.org">Mozilla Home Page</A>. --- NEW FILE maintitle.html.in --- Directory Server
Directory Server Gateway
Standard Search
Advanced Search
New Entry
Authentication
--- NEW FILE newentrytitle.html.in --- Directory Server
Directory Server Gateway
Standard Search
Advanced Search
New Entry
Authentication
--- NEW FILE searchtitle.html.in --- Directory Server
Directory Server Gateway
Standard Search
Advanced Search
New Entry
Authentication
--- alert.html DELETED --- --- auth.html DELETED --- --- authroot.html DELETED --- --- authtitle.html DELETED --- --- confirm.html DELETED --- --- csearchtitle.html DELETED --- --- greeting.html DELETED --- --- index.html DELETED --- --- maintitle.html DELETED --- --- newentrytitle.html DELETED --- --- searchtitle.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:24 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:24 -0500 Subject: [Fedora-directory-commits] dsgw/html/de auth.html.in, NONE, 1.1 authroot.html.in, NONE, 1.1 authtitle.html.in, NONE, 1.1 csearchtitle.html.in, NONE, 1.1 greeting.html.in, NONE, 1.1 index.html.in, NONE, 1.1 maintitle.html.in, NONE, 1.1 newentrytitle.html.in, NONE, 1.1 searchtitle.html.in, NONE, 1.1 auth.html, 1.1.1.1, NONE authroot.html, 1.1.1.1, NONE authtitle.html, 1.1.1.1, NONE csearchtitle.html, 1.1.1.1, NONE greeting.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE maintitle.html, 1.1.1.1, NONE newentrytitle.html, 1.1.1.1, NONE searchtitle.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVO9h008302@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/html/de In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/html/de Added Files: auth.html.in authroot.html.in authtitle.html.in csearchtitle.html.in greeting.html.in index.html.in maintitle.html.in newentrytitle.html.in searchtitle.html.in Removed Files: auth.html authroot.html authtitle.html csearchtitle.html greeting.html index.html maintitle.html newentrytitle.html searchtitle.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE auth.html.in --- Netscape Directory Server Gateway: Beglaubigen <H3>Browser mu?? Rahmen verarbeiten k??nnen</H3> Um das Netscape Directory Server Gateway zu verwenden, mu?? Ihr Browser HTML-Formulare und JavaScript verarbeiten k??nnen, wie zum Beispiel Netscape Navigator Version 3 oder h??her. Wie Sie Netscape Navigator bekommen, erfahren Sie auf der <A HREF="http://home.netscape.com">Netscape-Startseite</A>. --- NEW FILE authroot.html.in --- Netscape Directory Server Gateway: Beglaubigen <H3>Browser mu?? Rahmen verarbeiten k??nnen</H3> Um das Netscape Directory Server Gateway zu verwenden, mu?? Ihr Browser HTML-Formulare und JavaScript verarbeiten k??nnen, wie zum Beispiel Netscape Navigator Version 3 oder h??her. Wie Sie Netscape Navigator bekommen, erfahren Sie auf der <A HREF="http://home.netscape.com">Netscape-Startseite</A>. --- NEW FILE authtitle.html.in --- Netscape Directory Server Netscape Directory Server
StandardsucheErweiterte SucheNeuer EintragBeglaubigung --- NEW FILE csearchtitle.html.in --- Netscape Directory Server Netscape Directory Server
StandardsucheErweiterte SucheNeuer EintragBeglaubigung --- NEW FILE greeting.html.in --- Netscape Directory Server
Netscape Directory Server Gateway

Mit dieser Schnittstelle können Sie Einträge zur Speicherung im Netscape Directory Server suchen, ändern oder erstellen.

Die Schaltflächen oben im Fenster sind bei der Arbeit mit dem Directory Server Gateway ständig verfügbar. Durch Anklicken dieser Schaltflächen können Sie die folgenden Aktionen ausführen lassen:

Standardsuche Die Standardsuche ist die einfachste Möglichkeit zum Durchsuchen des Verzeichnisses. Hierbei wird Ihre Eingabe analysiert und danach automatisch eine oder mehrere passende Verzeichnis-Suchmethoden aktiviert.
Erweiterte Suche Bei der Erweiterten Suche geben Sie genau ein, was Sie suchen, nach welchem Attribut Sie suchen und welche Art der Übereinstimmung mit den Suchkriterien erforderlich ist.
Neuer Eintrag Mit "Neuer Eintrag" können Sie neue Einträge im Verzeichnis vornehmen.. Unter Umständen hat der Systemverwalter das Verzeichnis so eingerichtet, daß Sie zum Hinzufügen neuer Einträge eine besondere Berechtigung benötigen. Wenn Sie nicht sicher sind, wenden Sie sich an Ihren Systemverwalter.
Beglaubigung Mit den Beblaubigungs-Eingabefenstern melden Sie sich im Verzeichnis an und ab. Sie müssen sich beglaubigen lassen, bevor Sie Einträge im dem Verzeichnis ändern und hinzufügen können. Sie müssen sich außerdem je nach Vorgabe des Systemverwalters auch beglaubigen lassen, bevor Sie ein Verzeichnis durchsuchen können.
--- NEW FILE index.html.in --- Netscape Directory Server Gateway <H3>Browser mu?? Rahmen verarbeiten k??nnen</H3> Um das Netscape Directory Server Gateway zu verwenden, mu?? Ihr Browser HTML-Formulare und JavaScript verarbeiten k??nnen, wie zum Beispiel Netscape Navigator Version 3 oder h??her. Wie Sie Netscape Navigator bekommen, erfahren Sie auf der <A HREF="http://home.netscape.com">Netscape-Startseite</A>. --- NEW FILE maintitle.html.in --- Netscape Directory Server Netscape Directory Server
StandardsucheErweiterte SucheNeuer EintragBeglaubigung --- NEW FILE newentrytitle.html.in --- Netscape Directory Server Netscape Directory Server
StandardsucheErweiterte SucheNeuer EintragBeglaubigung --- NEW FILE searchtitle.html.in --- Netscape Directory Server Netscape Directory Server
StandardsucheErweiterte SucheNeuer EintragBeglaubigung --- auth.html DELETED --- --- authroot.html DELETED --- --- authtitle.html DELETED --- --- csearchtitle.html DELETED --- --- greeting.html DELETED --- --- index.html DELETED --- --- maintitle.html DELETED --- --- newentrytitle.html DELETED --- --- searchtitle.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:24 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:24 -0500 Subject: [Fedora-directory-commits] dsgw/html/es auth.html.in, NONE, 1.1 authroot.html.in, NONE, 1.1 authtitle.html.in, NONE, 1.1 csearchtitle.html.in, NONE, 1.1 greeting.html.in, NONE, 1.1 index.html.in, NONE, 1.1 maintitle.html.in, NONE, 1.1 newentrytitle.html.in, NONE, 1.1 searchtitle.html.in, NONE, 1.1 auth.html, 1.1.1.1, NONE authroot.html, 1.1.1.1, NONE authtitle.html, 1.1.1.1, NONE csearchtitle.html, 1.1.1.1, NONE greeting.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE maintitle.html, 1.1.1.1, NONE newentrytitle.html, 1.1.1.1, NONE searchtitle.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVOhh008327@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/html/es In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/html/es Added Files: auth.html.in authroot.html.in authtitle.html.in csearchtitle.html.in greeting.html.in index.html.in maintitle.html.in newentrytitle.html.in searchtitle.html.in Removed Files: auth.html authroot.html authtitle.html csearchtitle.html greeting.html index.html maintitle.html newentrytitle.html searchtitle.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE auth.html.in --- Pasarela de Netscape Directory Server: Autenticar <H3>Es necesario un navegador que admita marcos</H3> Lo siento, pero para poder usar la Pasarela de Netscape Directory Server, debe emplear un navegador que admita formularios HTML y JavaScript, como Netscape Navigator versi&oacute;n 3 o posterior. Para conseguir Navigator, visite la <A HREF="http://home.es.netscape.com/es/">P&aacute;gina principal de Netscape</A>. --- NEW FILE authroot.html.in --- Pasarela de Netscape Directory Server: Autenticar <H3>Es necesario un navegador que admita marcos</H3> Lo siento, pero para poder usar la Pasarela de Netscape Directory Server, debe emplear un navegador que admita formularios HTML y JavaScript, como Netscape Navigator versi&oacute;n 3 o posterior. Para conseguir Navigator, visite la <A HREF="http://home.es.netscape.com/es/">P&aacute;gina principal de Netscape</A>. --- NEW FILE authtitle.html.in --- Netscape Directory Server Netscape Directory Server
Búsqueda normalBúsqueda avanzadaNueva entradaAutenticación --- NEW FILE csearchtitle.html.in --- Netscape Directory Server Netscape Directory Server
Búsqueda normalBúsqueda avanzadaNueva entradaAutenticación --- NEW FILE greeting.html.in --- Netscape Directory Server

Bienvenido a la Pasarela de Netscape Directory Server

Mediante esta interfaz puede buscar, modificar y crear entradas que quedan almacenadas en el Netscape Directory Server.

Siempre que utilice la Pasarela de Netscape Directory Server dispondrá de la barra de herramientas de la parte superior de esta ventana. Puede hacer clic en los botones para llevar a cabo cualquiera de las siguientes tareas:

Búsqueda normal Con esta función puede buscar fácilmente información del directorio. Esta función examina los datos que haya introducido y selecciona automáticamente uno o varios métodos de búsqueda en el directorio.
Búsqueda avanzada Con esta función puede especificar exactamente lo que esté buscando, los atributos que desee buscar y el tipo de concordancia que desee aplicar.
Nueva entrada Con esta función puede crear nuevas entradas en el directorio. Según la configuración de directorio aplicada por el administrador del sistema, deberá disponer de un permiso especial para añadir entradas nuevas. Si no está seguro, consulte al administrador del sistema.
Autenticar Con esta función puede usar las pantallas de autenticación para entrar y salir del directorio. Debe autenticarse para poder modificar o añadir entradas al directorio. Es posible que también tenga que hacerlo para poder buscar en el directorio si el administrador del sistema lo estableció de ese modo.
--- NEW FILE index.html.in --- Pasarela de Netscape Directory Server <H3>Es necesario un navegador que admita marcos</H3> Lo siento, pero para poder usar la Pasarela de Netscape Directory Server, debe emplear un navegador que admita formularios HTML y JavaScript, como Netscape Navigator versi&oacute;n 3 o posterior. Para conseguir Navigator, visite la <A HREF="http://home.es.netscape.com/es/">P&aacute;gina principal de Netscape</A>. --- NEW FILE maintitle.html.in --- Netscape Directory Server Netscape Directory Server
Búsqueda normalBúsqueda avanzadaNueva entradaAutenticación --- NEW FILE newentrytitle.html.in --- Netscape Directory Server Netscape Directory Server
Búsqueda normalBúsqueda avanzadaNueva entradaAutenticación --- NEW FILE searchtitle.html.in --- Netscape Directory Server Netscape Directory Server
Búsqueda normalBúsqueda avanzadaNueva entradaAutenticación --- auth.html DELETED --- --- authroot.html DELETED --- --- authtitle.html DELETED --- --- csearchtitle.html DELETED --- --- greeting.html DELETED --- --- index.html DELETED --- --- maintitle.html DELETED --- --- newentrytitle.html DELETED --- --- searchtitle.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:24 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:24 -0500 Subject: [Fedora-directory-commits] dsgw/html/fr auth.html.in, NONE, 1.1 authroot.html.in, NONE, 1.1 authtitle.html.in, NONE, 1.1 csearchtitle.html.in, NONE, 1.1 greeting.html.in, NONE, 1.1 index.html.in, NONE, 1.1 maintitle.html.in, NONE, 1.1 newentrytitle.html.in, NONE, 1.1 searchtitle.html.in, NONE, 1.1 auth.html, 1.1.1.1, NONE authroot.html, 1.1.1.1, NONE authtitle.html, 1.1.1.1, NONE csearchtitle.html, 1.1.1.1, NONE greeting.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE maintitle.html, 1.1.1.1, NONE newentrytitle.html, 1.1.1.1, NONE searchtitle.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVON1008333@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/html/fr In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/html/fr Added Files: auth.html.in authroot.html.in authtitle.html.in csearchtitle.html.in greeting.html.in index.html.in maintitle.html.in newentrytitle.html.in searchtitle.html.in Removed Files: auth.html authroot.html authtitle.html csearchtitle.html greeting.html index.html maintitle.html newentrytitle.html searchtitle.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE auth.html.in --- Passerelle Netscape Directory Server : Authentication <H3>Un navigateur supportant la fonction de cadres est requis</H3> Afin de pouvoir utiliser la passerelle Netscape Directory Server, vous devez utiliser un navigateur compatible avec les formulaires HTML et JavaScript, comme la version 3 ou toute version ult??rieure de Netscape Navigator. Pour savoir comment vous procurer Navigator, consultez la page d'accueil de Netscape ?? l'adresse : <A HREF="http://home.netscape.com"> </A>. --- NEW FILE authroot.html.in --- Passerelle Netscape Directory Server : authentification <H3> Un navigateur supportant la fonction de cadres est requis</H3> Afin de pouvoir utiliser la passerelle Netscape Directory Server, vous devez utiliser un navigateur compatible avec les formulaires HTML et JavaScript, comme la version 3 ou toute version ult??rieure de Netscape Navigator. Pour savoir comment vous procurer Navigator, consultez la page d'accueil de Netscape ?? l'adresse : <A HREF="http://home.netscape.com">la page d'accueil de Netscape</A>. --- NEW FILE authtitle.html.in --- Netscape Directory Server Netscape Directory Server
Recherche standardRecherche avancéeNouvelle entréeAuthentification --- NEW FILE csearchtitle.html.in --- Netscape Directory Server Netscape Directory Server
Recherche standardRecherche avancéeNouvelle entréeAuthentification --- NEW FILE greeting.html.in --- Netscape Directory Server

Bienvenue dans la passerelle de Netscape Directory Server.

Cette interface peut être utilisée pour rechercher, modifier et créer des entrées stockées dans Netscape Directory Server.

La barre d'outils qui apparaît dans la partie supérieure de cette fenêtre est toujours affichée lorsque vous utilisez la passerelle Directory Server. Vous pouvez cliquer sur ces boutons pour effectuer les tâches suivantes :

Recherche standard La recherche standard est la manière la plus simple d'effectuer une recherche dans un annuaire. Elle examine les données saisies et sélectionne automatiquement une ou plusieurs méthodes de recherche d'annuaires.
Recherche avancée Le bouton Recherche avancée vous permet de spécifier votre recherche avec exactitude à l'aide d'options de critères de recherche et de type de correspondance.
Nouvelle entrée Le bouton Nouvelle entrée vous permet de créer de nouvelles entrées dans l'annuaire. Selon la façon dont l'administrateur système a configuré votre annuaire, vous devez peut-être obtenir de celui-ci le privilège d'ajouter de nouvelles entrées. Dans le doute, consultez votre administrateur système.
Authentification Les écrans d'authentification vous permettent de vous connecter et de vous déconnecter d'un annuaire. Vous devez vous authentifier avant de modifier ou d'ajouter des entrées à l'annuaire.
--- NEW FILE index.html.in --- Passerelle Netscape Directory Server <H3> Un navigateur supportant la fonction de cadres est requis</H3> Afin de pouvoir utiliser la passerelle Netscape Directory Server, vous devez utiliser un navigateur compatible avec les formulaires HTML et JavaScript, comme la version 3 ou toute version ult??rieure de Netscape Navigator. Pour savoir comment vous procurer Navigator, consultez la page d'accueil de Netscape ?? l'adresse : <A HREF="http://home.netscape.com">la page d'accueil de Netscape</A>. --- NEW FILE maintitle.html.in --- Netscape Directory Server Netscape Directory Server
Recherche standardRecherche avancéeNouvelle entréeAuthentification --- NEW FILE newentrytitle.html.in --- Netscape Directory Server Netscape Directory Server
Recherche standardRecherche avancéeNouvelle entréeAuthentification --- NEW FILE searchtitle.html.in --- Netscape Directory Server Netscape Directory Server
Recherche standardRecherche avancéeNouvelle entréeAuthentification --- auth.html DELETED --- --- authroot.html DELETED --- --- authtitle.html DELETED --- --- csearchtitle.html DELETED --- --- greeting.html DELETED --- --- index.html DELETED --- --- maintitle.html DELETED --- --- newentrytitle.html DELETED --- --- searchtitle.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:25 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:25 -0500 Subject: [Fedora-directory-commits] dsgw/html/ja auth.html.in, NONE, 1.1 authroot.html.in, NONE, 1.1 authtitle.html.in, NONE, 1.1 csearchtitle.html.in, NONE, 1.1 greeting.html.in, NONE, 1.1 index.html.in, NONE, 1.1 maintitle.html.in, NONE, 1.1 newentrytitle.html.in, NONE, 1.1 searchtitle.html.in, NONE, 1.1 auth.html, 1.1.1.1, NONE authroot.html, 1.1.1.1, NONE authtitle.html, 1.1.1.1, NONE csearchtitle.html, 1.1.1.1, NONE greeting.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE maintitle.html, 1.1.1.1, NONE newentrytitle.html, 1.1.1.1, NONE searchtitle.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVPhm008338@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/html/ja In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/html/ja Added Files: auth.html.in authroot.html.in authtitle.html.in csearchtitle.html.in greeting.html.in index.html.in maintitle.html.in newentrytitle.html.in searchtitle.html.in Removed Files: auth.html authroot.html authtitle.html csearchtitle.html greeting.html index.html maintitle.html newentrytitle.html searchtitle.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE auth.html.in --- Netscape Directory Server Gateway: Authentication <H3>??????????????????????????????????????????????????????????????????</H3> Netscape Directory Server Gateway????????????????????????Netscape Navigator???????????????3??????????????????HTML???????????????JavaScript???????????????????????????????????????????????????Navigator??????????????????????????????<A HREF="http://home.netscape.com">Netscape?????????????????????</A>???????????????????????? --- NEW FILE authroot.html.in --- Netscape Directory Server Gateway: ?????? <H3>??????????????????????????????????????????????????????????????????</H3> Netscape Directory Server Gateway????????????????????????Netscape Navigator???????????????3??????????????????HTML???????????????JavaScript???????????????????????????????????????????????????Navigator??????????????????????????????<A HREF="http://home.netscape.com">Netscape ?????????????????????</A>???????????????????????? --- NEW FILE authtitle.html.in --- Netscape Directory Server Netscape Directory Server
???????????????????????????????????????????????? --- NEW FILE csearchtitle.html.in --- Netscape Directory Server Netscape Directory Server
???????????????????????????????????????????????? --- NEW FILE greeting.html.in --- Netscape Directory Server

Netscape Directory Server Gateway ???????????????

?????????????????????????????????Netscape Directory Server ????????????????????????????????????????????????????????????????????????????????????????????????

Directory Server Gateway ??????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????

???????????? [????????????]???????????????????????????????????????????????????????????? ????????????????????????????????????1??????????????????????????????????????????????????????????????????????????????
???????????? [????????????]???????????????????????????????????????????????????????????????????????????????????????????????????
?????????????????? [??????????????????]????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????
?????? ?????????????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
--- NEW FILE index.html.in --- Netscape Directory Server Gateway <H3>??????????????????????????????????????????????????????????????????</H3> Netscape Directory Server Gateway????????????????????????Netscape Navigator???????????????3??????????????????HTML???????????????JavaScript???????????????????????????????????????????????????Navigator??????????????????????????????<A HREF="http://home.netscape.com">Netscape?????????????????????</A>???????????????????????? --- NEW FILE maintitle.html.in --- Netscape Directory Server Netscape Directory Server
???????????????????????????????????????????????? --- NEW FILE newentrytitle.html.in --- Netscape Directory Server Netscape Directory Server
???????????????????????????????????????????????? --- NEW FILE searchtitle.html.in --- Netscape Directory Server Netscape Directory Server
???????????????????????????????????????????????? --- auth.html DELETED --- --- authroot.html DELETED --- --- authtitle.html DELETED --- --- csearchtitle.html DELETED --- --- greeting.html DELETED --- --- index.html DELETED --- --- maintitle.html DELETED --- --- newentrytitle.html DELETED --- --- searchtitle.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:26 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:26 -0500 Subject: [Fedora-directory-commits] dsgw/pbconfig authPassword.html.in, NONE, 1.1 authSearch.html.in, NONE, 1.1 display-orgperson.html.in, NONE, 1.1 display-orgunit.html.in, NONE, 1.1 display-room.html.in, NONE, 1.1 edit-passwd.html.in, NONE, 1.1 list-Auth.html.in, NONE, 1.1 list-People.html.in, NONE, 1.1 pb.tmpl.in, NONE, 1.1 authPassword.html, 1.1.1.1, NONE authSearch.html, 1.1.1.1, NONE display-orgperson.html, 1.1.1.1, NONE display-orgunit.html, 1.1.1.1, NONE display-room.html, 1.1.1.1, NONE edit-passwd.html, 1.1.1.1, NONE list-Auth.html, 1.1.1.1, NONE list-People.html, 1.1.1.1, NONE pb.tmpl, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVQVL008343@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/pbconfig In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/pbconfig Added Files: authPassword.html.in authSearch.html.in display-orgperson.html.in display-orgunit.html.in display-room.html.in edit-passwd.html.in list-Auth.html.in list-People.html.in pb.tmpl.in Removed Files: authPassword.html authSearch.html display-orgperson.html display-orgunit.html display-room.html edit-passwd.html list-Auth.html list-People.html pb.tmpl Log Message: General templating work for DSGW CGI URI's. ***** Error reading new file: [Errno 2] No such file or directory: 'authPassword.html.in' ***** Error reading new file: [Errno 2] No such file or directory: 'authSearch.html.in' --- NEW FILE display-orgperson.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Person Entry - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Person Entry
New Person - class="linknodec"> Click to view this person's organization chart. org chart Click to view this person's digital business card.  vCard    onMouseOver="top.status='Retrieve this person\'s security certificate.'; return true">Click to retrieve this person's security certificate. Get Certificate  
 
 
class="bold" > Work Phone
class="bold" > Email Address
class="bold" > AIM ID
class="bold" > Homepage
 
class="bold" > Home Phone
class="bold" > Mobile Phone
class="bold" > Pager
class="bold" > FAX
 
class="bold" > Mailing Address
class="bold" > Mailstop
class="bold" > Location
class="bold" > Cube Number
 
BORDER=0>
***** Error reading new file: [Errno 2] No such file or directory: 'display-orgunit.html.in' --- NEW FILE display-room.html.in --- <!-- IF "Adding" --> New <!-- ENDIF // Adding --> Room Entry
New Room
   Room
 
Phone Number
Description
See Also
 

--- NEW FILE edit-passwd.html.in --- Change Password - <!-- DS_ATTRIBUTE "attr=dn" "syntax=dn" "options=nolink" -->
Person Entry
Change Password for

Enter the old password:
Enter the old password:
Enter the new password:
Enter the new password again to confirm:

***** Error reading new file: [Errno 2] No such file or directory: 'list-Auth.html.in' --- NEW FILE list-People.html.in ---

 
Name ID Phone E-mail AIM ID Group
 
Click on an entry's ID to bring up more information about that entry.

No entries match the requested search term. Please try a different search.

--- NEW FILE pb.tmpl.in --- # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; version 2 of the License. # # This Program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # this Program; if not, write to the Free Software Foundation, Inc., 59 Temple # Place, Suite 330, Boston, MA 02111-1307 USA. # # In addition, as a special exception, Red Hat, Inc. gives You the additional # right to link the code of this Program with code not covered under the GNU # General Public License ("Non-GPL Code") and to distribute linked combinations # including the two, subject to the limitations in this paragraph. Non-GPL Code # permitted under this exception must only link to the code of this Program # through those well defined interfaces identified in the file named EXCEPTION # found in the source code files (the "Approved Interfaces"). The files of # Non-GPL Code may instantiate templates or use macros or inline functions from # the Approved Interfaces without causing the resulting work to be covered by # the GNU General Public License. Only Red Hat, Inc. may make changes or # additions to the list of Approved Interfaces. You must obey the GNU General # Public License in all respects for all of the Program code and other code used # in conjunction with the Program except the Non-GPL Code covered by this # exception. If you modify this file, you may extend this exception to your # version of the file, but you are not obligated to do so. If you do not wish to # provide this exception without modification, you must delete this exception # statement from your version and license this file solely under the GPL without # exception. # # # Copyright (C) 2001 Sun Microsystems, Inc. Used by permission. # Copyright (C) 2005 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK baseurl "ldap://@host@:@port@/@suffix@" dirmgr "@dirmgr@" location-suffix @suffix@ securitypath "@contextdir@" url-orgchart-base http://@host@:@port@/clients/orgchart/bin/org?context=pb&data= # The attribute the orgchart uses to search for entries. # This value should correspond to the value of attrib-farleft-rdn # in the orgchart's config.txt configuration file. orgchart-attrib-farleft-rdn uid # Check for Aim presence when the user's entry is displayed enable-aim-presence true # The htmldir directive tells the CGIs where to find the html files htmldir @pbhtmldir@ # The configdir directive tells the CGIs where to find the # templates/configuration files configdir @pbconfigdir@ # The gwnametrans directive tells the CGIs what url to output # for http redirection. It should be the same nameTrans set # in the webserver, if any is being is used. gwnametrans @pburi@/ # The authlifetime directive specifies how long authentication credentials # are valid (in seconds). authlifetime 7200 # The libNLS data directory. This directory should contain a directory # named "locales", which contains the configuration files LANG.ctx and # LANG.txt for each supported language (locale). NLS ../../../lib/nls # The default character set, for communication with HTTP clients. # A client may override this default, using an HTTP Accept-Charset header. # Or, this default may be overridden for a specific language, by creating # a LANG/dsgwcharset.conf file which contains the charset name. # For compatibility with HTTP clients that can't handle an HTTP response # with a charset parameter in the content-type, comment out this directive; # responses will be sent in ISO-8859-1, with no explicit charset parameter. # RFC 1345 defines the syntax of charset names. There is a registry of # charsets, at ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets # charset UTF-8 # ignoreAcceptCharsetFrom [ ] # where each of whose values is the version string (or part of the version # string) sent by an HTTP client which can't / doesn't want to handle UTF-8. # Charset from dsgwcharset.conf or charset directive is used (in the order). # ignoreAcceptCharsetFrom Mozilla/4.01x-NSCP Mozilla/3 # Substitute ideographic space for non-breaking space in Asian charsets: changeHTML "  " "???" Shift_JIS Big5 EUC-KR EUC-JP changeHTML " " "???" Shift_JIS Big5 EUC-KR EUC-JP # Mapping between config/display-XXX.html templates and LDAP objectClasses. # This can be generated by using ds/templateindex. The format is: # # template TEMPLATENAME OBJECTCLASSES # # where "display-TEMPLATENAME.html" is the name of a display template # that is found in this config directory (e.g., "display-group.html") and # OBJECTCLASSES is a list of one or more objectClass values. For a given # template to be used, all the objectClass values listed must be present # in the directory entry, so the order of these template lines is # significant (e.g. note that the more specific "orgperson" template is # listed before the one for an ordinary "person"). # template orgunit organizationalUnit template room room template orgperson person inetOrgPerson # # The remainder of this file contains information about the locations and # types for new entries. # # "location" lines define places in the directory where new entries can be added # The format of each line is: # location HANDLE FRIENDLYNAME DN # where HANDLE is a short name which is used in the "newtype" lines (see below) # and FRIENDLYNAME is a human-readable name for the location # and DN is the Distinguished Name for this location (if it does not end with # '#', the location-suffix is appended to to construct a full DN; if it # does end with `#', it assumed to be a full DN and the `#' is removed). # location country "United States" "c=US#" location org "This Organization" "" location groups "Groups" "ou=Groups" location people "People" "ou=People" location special "Special Users" "ou=Special Users" # "newtype" lines define the types of new entries that may be added # The format of each line is: # newtype TEMPLATENAME FRIENDLYNAME RDNATTR LOCATIONS... # where TEMPLATENAME corresponds to an existing display-TEMPLATENAME.html file # and FRIENDLYNAME is a human-readable name for this type of entry # and RDNATTR is the attribute that is used to name entries of this type # and LOCATIONS is a blank-separated list of locations where these types of # entries can be added (corresponding to a HANDLE on a "location" # config. file line). # newtype orgperson "Person" uid people special newtype ntperson "NT Person" uid people special newtype ntgroup "NT Group" cn groups newtype groupun "Group" cn groups newtype orgunit "Organizational Unit" ou people org newtype org "Organization" o country # Mappings between VCard properties and LDAP attribute types: # The format of each line is: # vcard-property VCARDPROP SYNTAX LDAPATTR [LDAPATTR2] # where VCARDPROP is the name of a VCard property # and SYNTAX is "cis" for simple strings and "mls" for multiline strings # and LDAPATTR is the LDAP attribute that corresponds to VCARDPROP # and LDAPATTR2 is an optional secondary LDAP attribute which is added to # the property value by appending a semicolon and then the attr2 value. vcard-property FN cis cn vcard-property N cis sn givenName vcard-property ORG cis o ou vcard-property ROLE cis businessCategory vcard-property ADR;WORK mls postalAddress vcard-property ADR;HOME mls homePostalAddress vcard-property EMAIL;INTERNET cis mail vcard-property TITLE cis title vcard-property TEL;WORK cis telephoneNumber vcard-property TEL;FAX cis facsimileTelephoneNumber vcard-property TEL;CELL cis mobile vcard-property TEL;HOME cis homePhone vcard-property NOTE cis description --- authPassword.html DELETED --- --- authSearch.html DELETED --- --- display-orgperson.html DELETED --- --- display-orgunit.html DELETED --- --- display-room.html DELETED --- --- edit-passwd.html DELETED --- --- list-Auth.html DELETED --- --- list-People.html DELETED --- --- pb.tmpl DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:26 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:26 -0500 Subject: [Fedora-directory-commits] dsgw/pbhtml alert.html.in, NONE, 1.1 carded.html.in, NONE, 1.1 confirm.html.in, NONE, 1.1 index.html.in, NONE, 1.1 intro.html.in, NONE, 1.1 modify.html.in, NONE, 1.1 nullStringError.html.in, NONE, 1.1 phone.html.in, NONE, 1.1 report.html.in, NONE, 1.1 alert.html, 1.1.1.1, NONE carded.html, 1.1.1.1, NONE confirm.html, 1.1.1.1, NONE index.html, 1.1.1.1, NONE intro.html, 1.1.1.1, NONE modify.html, 1.1.1.1, NONE nullStringError.html, 1.1.1.1, NONE phone.html, 1.1.1.1, NONE report.html, 1.1.1.1, NONE Message-ID: <200801142231.m0EMVQEx008348@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/pbhtml In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982/pbhtml Added Files: alert.html.in carded.html.in confirm.html.in index.html.in intro.html.in modify.html.in nullStringError.html.in phone.html.in report.html.in Removed Files: alert.html carded.html confirm.html index.html intro.html modify.html nullStringError.html phone.html report.html Log Message: General templating work for DSGW CGI URI's. --- NEW FILE alert.html.in --- <!-- DS_POSTEDVALUE "NAME=TITLE" -->
Alert
--- NEW FILE carded.html.in --- vCard --- NEW FILE confirm.html.in --- <!-- DS_POSTEDVALUE "NAME=TITLE" -->
Confirm
--- NEW FILE index.html.in --- Directory Express --- NEW FILE intro.html.in --- Directory Express

 
About Directory Express
 

Directory Express displays people, conference rooms, buildings and branch offices. If multiple entries are found, the results are displayed in a table:
 

Found x entries where the name or user ID matches 'your search'.
 
  Name ID Phone E-mail Group
Jane Castle jane 4444 jane at example.com engineering
John Castle john 5555 john at example.com marketing
King's Castle King's Castle 2121    
Quincy Castlegate quincy 7777 quincy at example.com product development
 
Click on an entry's ID to bring up more information about that entry.

 
If a single, unique entry is found, all information pertaining to that entry is displayed. Users can edit portions of their personal information by displaying their information as described above, and clicking the "Edit Person" button at the bottom of the their entry.
***** Error reading new file: [Errno 2] No such file or directory: 'modify.html.in' --- NEW FILE nullStringError.html.in --- Error!

 

  No search term entered.
 
  Directory Express searches against an entry's name, user ID, and phone extension. Please enter a search term and try again.
--- NEW FILE phone.html.in --- Directory Express
Directory Express
Search for:
--- NEW FILE report.html.in --- Telephone Book: Reports

Make a report that looks like this table:

The report has entries where includes

and is sorted by and then by and then by .
Should the report have multiple smaller tables?  Yes No




--- alert.html DELETED --- --- carded.html DELETED --- --- confirm.html DELETED --- --- index.html DELETED --- --- intro.html DELETED --- --- modify.html DELETED --- --- nullStringError.html DELETED --- --- phone.html DELETED --- --- report.html DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:31:19 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:31:19 -0500 Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.4, 1.5 Makefile.in, 1.4, 1.5 config.c, 1.2, 1.3 configure, 1.4, 1.5 configure.ac, 1.4, 1.5 dsgw.h, 1.2, 1.3 dsgwutil.c, 1.2, 1.3 Message-ID: <200801142231.m0EMVnnN008366@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7982 Modified Files: Makefile.am Makefile.in config.c configure configure.ac dsgw.h dsgwutil.c Log Message: General templating work for DSGW CGI URI's. Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.am,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- Makefile.am 11 Jan 2008 21:58:09 -0000 1.4 +++ Makefile.am 14 Jan 2008 22:31:17 -0000 1.5 @@ -51,7 +51,8 @@ -DHTMLDIR=\"$(htmldir)\" -DCOOKIEDIR=\"$(cookiedir)\" \ -DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \ -DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \ - -DINSTCONFIGDIR=\"$(instconfigdir)\" -DMANUALDIR=\"$(manualdir)\" + -DINSTCONFIGDIR=\"$(instconfigdir)\" -DMANUALDIR=\"$(manualdir)\" \ + -DCGIURIBASE=\"$(cgiuri)\" LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ \ @icu_lib@ -licui18n -licuuc -licudata \ @@ -234,6 +235,7 @@ -e 's, at cgiuri\@,$(cgiuri),g' \ -e 's, at orguri\@,$(orguri),g' \ -e 's, at dsgwuri\@,$(dsgwuri),g' \ + -e 's, at pburi\@,$(pburi),g' \ -e 's, at cmdbindir\@,$(cmdbindir),g' \ -e 's, at propertydir\@,$(propertydir),g' \ -e 's, at htmldir\@,$(htmldir),g' \ Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.in,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- Makefile.in 11 Jan 2008 21:58:09 -0000 1.4 +++ Makefile.in 14 Jan 2008 22:31:17 -0000 1.5 @@ -345,6 +345,7 @@ orguri = @orguri@ pbconfigdir = $(datadir)@pbconfigdir@ pbhtmldir = $(datadir)@pbhtmldir@ +pburi = @pburi@ perldir = $(libdir)@perldir@ perlexec = @perlexec@ prefix = @prefix@ @@ -370,7 +371,7 @@ -DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \ -DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \ -DINSTCONFIGDIR=\"$(instconfigdir)\" \ - -DMANUALDIR=\"$(manualdir)\" + -DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\" # these are programs which we do not want to link with nss NEED_SECGLUE = unauth search csearch newentry tutor lang @@ -511,6 +512,7 @@ -e 's, at cgiuri\@,$(cgiuri),g' \ -e 's, at orguri\@,$(orguri),g' \ -e 's, at dsgwuri\@,$(dsgwuri),g' \ + -e 's, at pburi\@,$(pburi),g' \ -e 's, at cmdbindir\@,$(cmdbindir),g' \ -e 's, at propertydir\@,$(propertydir),g' \ -e 's, at htmldir\@,$(htmldir),g' \ Index: config.c =================================================================== RCS file: /cvs/dirsec/dsgw/config.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- config.c 10 Jan 2008 01:19:36 -0000 1.2 +++ config.c 14 Jan 2008 22:31:17 -0000 1.3 @@ -120,7 +120,7 @@ gc->gc_tmpldir = DSGW_TMPLDIR_HTTP; /* may be overridden below */ gc->gc_urlpfxmain = DSGW_URLPREFIX_MAIN_HTTP; /* may be overridden below */ /*gc->gc_urlpfxcgi = DSGW_URLPREFIX_CGI_HTTP;*/ - gc->gc_urlpfxcgi = DSGW_URLPREFIX_BIN; /* may be overridden below */ + gc->gc_urlpfxcgi = CGIURIBASE; /* may be overridden below */ gc->gc_binddn = gc->gc_bindpw = ""; gc->gc_charset = NULL; /* implicitly ISO-8859-1 */ gc->gc_ClientLanguage = ""; @@ -200,11 +200,11 @@ * DSGW_CONFIGFILE in the config directory */ if (context == NULL) { - PR_snprintf( path, MAXPATHLEN, "%s$$LANGDIR/%s", + PR_snprintf( path, MAXPATHLEN, "%s/$$LANGDIR/%s", DSGW_CONFIGDIR_HTTP, DSGW_CONFIGFILE); len = strlen( DSGW_CONFIGDIR_HTTP ) + strlen( DSGW_CONFIGFILE ) + 32; } else { - PR_snprintf( path, MAXPATHLEN, "%s$$LANGDIR/%s.conf", + PR_snprintf( path, MAXPATHLEN, "%s/$$LANGDIR/%s.conf", DSGW_CONTEXTDIR_HTTP, context); /* increased the length from 11 -- fix for auth crash on AIX */ len = strlen( DSGW_CONTEXTDIR_HTTP ) + strlen( context ) + 32; Index: configure =================================================================== RCS file: /cvs/dirsec/dsgw/configure,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- configure 11 Jan 2008 21:58:09 -0000 1.4 +++ configure 14 Jan 2008 22:31:17 -0000 1.5 @@ -466,7 +466,7 @@ #endif" ac_default_prefix=/opt/dirsrv -ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP! P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN perlexec CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri dsgwuri orguri propertydir htmldir pbhtmldir orghtmldir configdir pbconfigdir contextdir securitydir cookiedir perldir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' +ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP! P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN perlexec CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri dsgwuri orguri pburi propertydir htmldir pbhtmldir orghtmldir configdir pbconfigdir contextdir securitydir cookiedir perldir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. @@ -21551,6 +21551,7 @@ cgiuri=/cgi-bin dsgwuri=/dsgw orguri=/orgchart +pburi=/dsgw/pbhtml # Check for library dependencies # BEGIN COPYRIGHT BLOCK @@ -22626,6 +22627,7 @@ + # need a check here to see if the ldif functions are exported from libldap # for now, just assume they are not @@ -23492,6 +23494,7 @@ s, at cgiuri@,$cgiuri,;t t s, at dsgwuri@,$dsgwuri,;t t s, at orguri@,$orguri,;t t +s, at pburi@,$pburi,;t t s, at propertydir@,$propertydir,;t t s, at htmldir@,$htmldir,;t t s, at pbhtmldir@,$pbhtmldir,;t t Index: configure.ac =================================================================== RCS file: /cvs/dirsec/dsgw/configure.ac,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- configure.ac 11 Jan 2008 21:58:09 -0000 1.4 +++ configure.ac 14 Jan 2008 22:31:17 -0000 1.5 @@ -278,6 +278,7 @@ cgiuri=/cgi-bin dsgwuri=/dsgw orguri=/orgchart +pburi=/dsgw/pbhtml # Check for library dependencies m4_include(m4/nspr.m4) @@ -315,6 +316,7 @@ AC_SUBST(cgiuri) AC_SUBST(dsgwuri) AC_SUBST(orguri) +AC_SUBST(pburi) AC_SUBST(propertydir) AC_SUBST(htmldir) AC_SUBST(pbhtmldir) Index: dsgw.h =================================================================== RCS file: /cvs/dirsec/dsgw/dsgw.h,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dsgw.h 10 Jan 2008 01:19:36 -0000 1.2 +++ dsgw.h 14 Jan 2008 22:31:17 -0000 1.3 @@ -266,7 +266,6 @@ /* URL prefixes specific to our gateway */ #define DSGW_URLPREFIX_MAIN_HTTP "lang?file=" #define DSGW_URLPREFIX_CGI_HTTP "" -#define DSGW_URLPREFIX_BIN "/clients/dsgw/bin/" #define DSGW_URLPREFIX_MAIN DSGW_URLPREFIX_MAIN_HTTP Index: dsgwutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dsgwutil.c 10 Jan 2008 01:19:36 -0000 1.2 +++ dsgwutil.c 14 Jan 2008 22:31:17 -0000 1.3 @@ -93,7 +93,7 @@ (void)ADMUTIL_Init(); /* initialize the string database */ - XP_InitStringDatabase("../property", "dsgw"); + XP_InitStringDatabase(PROPERTYDIR, "dsgw"); /* set default default languages for string database */ SetLanguage(CLIENT_LANGUAGE, ""); SetLanguage(ADMIN_LANGUAGE, ""); @@ -664,7 +664,7 @@ " window.open('%s?%s&context=%s', 'infowin_dsgw', " " 'resizable=1,width=400,height=500');" "}\">\n", - XP_GetClientStr(DBT_help_1),tutorvp, topic, context, + XP_GetClientStr(DBT_help_1), tutorvp, topic, context, tutorvp, topic, context ); } @@ -855,9 +855,9 @@ vpmap[ cginum ] = dsgw_ch_malloc( strlen( gc->gc_urlpfxcgi ) + strlen( surl ) /*+ strlen( extpath ) */ - + strlen( cginame ) + 2 ); + + strlen( cginame ) + 3 ); - sprintf( vpmap[ cginum ], "%s%s%s", surl, + sprintf( vpmap[ cginum ], "%s%s/%s", surl, /*extpath, */ gc->gc_urlpfxcgi, cginame ); From fedora-directory-commits at redhat.com Mon Jan 14 22:45:25 2008 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Mon, 14 Jan 2008 17:45:25 -0500 Subject: [Fedora-directory-commits] dsgw/config dsgw.tmpl.in, NONE, 1.1 dsgw.tmpl, 1.1.1.1, NONE Message-ID: <200801142245.m0EMjP0L008889@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/dsgw/config In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8873/config Added Files: dsgw.tmpl.in Removed Files: dsgw.tmpl Log Message: Added dsgw.tmpl template --- NEW FILE dsgw.tmpl.in --- # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software # Foundation; version 2 of the License. # # This Program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along with # this Program; if not, write to the Free Software Foundation, Inc., 59 Temple # Place, Suite 330, Boston, MA 02111-1307 USA. # # In addition, as a special exception, Red Hat, Inc. gives You the additional # right to link the code of this Program with code not covered under the GNU # General Public License ("Non-GPL Code") and to distribute linked combinations # including the two, subject to the limitations in this paragraph. Non-GPL Code # permitted under this exception must only link to the code of this Program # through those well defined interfaces identified in the file named EXCEPTION # found in the source code files (the "Approved Interfaces"). The files of # Non-GPL Code may instantiate templates or use macros or inline functions from # the Approved Interfaces without causing the resulting work to be covered by # the GNU General Public License. Only Red Hat, Inc. may make changes or # additions to the list of Approved Interfaces. You must obey the GNU General # Public License in all respects for all of the Program code and other code used # in conjunction with the Program except the Non-GPL Code covered by this # exception. If you modify this file, you may extend this exception to your # version of the file, but you are not obligated to do so. If you do not wish to # provide this exception without modification, you must delete this exception # statement from your version and license this file solely under the GPL without # exception. # # # Copyright (C) 2001 Sun Microsystems, Inc. Used by permission. # Copyright (C) 2005 Red Hat, Inc. # All rights reserved. # END COPYRIGHT BLOCK baseurl "ldap://@host@:@port@/@suffix@" dirmgr "@dirmgr@" location-suffix @suffix@ securitypath "@contextdir@" url-orgchart-base http://@host@:@port@/clients/orgchart/bin/org?context=dsgw&data= # The attribute the orgchart uses to search for entries. # This value should correspond to the value of attrib-farleft-rdn # in the orgchart's config.txt configuration file. orgchart-attrib-farleft-rdn uid # Check for Aim presence when the user's entry is displayed enable-aim-presence true # The htmldir directive tells the CGIs where to find the html files htmldir @htmldir@ # The configdir directive tells the CGIs where to find the # templates/configuration files configdir @configdir@ # The gwnametrans directive tells the CGIs what url to output # for http redirection. It should be the same nameTrans set # in the webserver, if any is being is used. gwnametrans @dsgwuri@/ # The authlifetime directive specifies how long authentication credentials # are valid (in seconds). authlifetime 7200 # The default character set, for communication with HTTP clients. # A client may override this default, using an HTTP Accept-Charset header. # Or, this default may be overridden for a specific language, by creating # a LANG/dsgwcharset.conf file which contains the charset name. # For compatibility with HTTP clients that can't handle an HTTP response # with a charset parameter in the content-type, comment out this directive; # responses will be sent in ISO-8859-1, with no explicit charset parameter. # RFC 1345 defines the syntax of charset names. There is a registry of # charsets, at ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets # charset UTF-8 # ignoreAcceptCharsetFrom [ ] # where each of whose values is the version string (or part of the version # string) sent by an HTTP client which can't / doesn't want to handle UTF-8. # Charset from dsgwcharset.conf or charset directive is used (in the order). # ignoreAcceptCharsetFrom Mozilla/4.01x-NSCP Mozilla/3 # Substitute ideographic space for non-breaking space in Asian charsets: changeHTML "  " "???" Shift_JIS Big5 EUC-KR EUC-JP changeHTML " " "???" Shift_JIS Big5 EUC-KR EUC-JP # Mapping between config/display-XXX.html templates and LDAP objectClasses. # This can be generated by using ds/templateindex. The format is: # # template TEMPLATENAME OBJECTCLASSES # # where "display-TEMPLATENAME.html" is the name of a display template # that is found in this config directory (e.g., "display-group.html") and # OBJECTCLASSES is a list of one or more objectClass values. For a given # template to be used, all the objectClass values listed must be present # in the directory entry, so the order of these template lines is # significant (e.g. note that the more specific "orgperson" template is # listed before the one for an ordinary "person"). # template group groupOfNames template ntgroup groupOfUniqueNames ntGroup template groupun groupOfUniqueNames template org organization template dc domain template orgunit organizationalUnit template ntperson person inetOrgPerson nTUser template orgperson person inetOrgPerson template person person template country country # # The remainder of this file contains information about the locations and # types for new entries. # # "location" lines define places in the directory where new entries can be added # The format of each line is: # location HANDLE FRIENDLYNAME DN # where HANDLE is a short name which is used in the "newtype" lines (see below) # and FRIENDLYNAME is a human-readable name for the location # and DN is the Distinguished Name for this location (if it does not end with # '#', the location-suffix is appended to to construct a full DN; if it # does end with `#', it assumed to be a full DN and the `#' is removed). # location country "United States" "c=US#" location org "This Organization" "" location dc "This Domaincomponent" "" location groups "Groups" "ou=Groups" location people "People" "ou=People" location special "Special Users" "ou=Special Users" # "newtype" lines define the types of new entries that may be added # The format of each line is: # newtype TEMPLATENAME FRIENDLYNAME RDNATTR LOCATIONS... # where TEMPLATENAME corresponds to an existing display-TEMPLATENAME.html file # and FRIENDLYNAME is a human-readable name for this type of entry # and RDNATTR is the attribute that is used to name entries of this type # and LOCATIONS is a blank-separated list of locations where these types of # entries can be added (corresponding to a HANDLE on a "location" # config. file line). # newtype orgperson "Person" uid people special newtype ntperson "NT Person" uid people special newtype ntgroup "NT Group" cn groups newtype groupun "Group" cn groups newtype orgunit "Organizational Unit" ou people org newtype org "Organization" o country newtype dc "Domaincomponent" dc dc org country people # Mappings between VCard properties and LDAP attribute types: # The format of each line is: # vcard-property VCARDPROP SYNTAX LDAPATTR [LDAPATTR2] # where VCARDPROP is the name of a VCard property # and SYNTAX is "cis" for simple strings and "mls" for multiline strings # and LDAPATTR is the LDAP attribute that corresponds to VCARDPROP # and LDAPATTR2 is an optional secondary LDAP attribute which is added to # the property value by appending a semicolon and then the attr2 value. vcard-property FN cis cn vcard-property N cis sn givenName vcard-property ORG cis o ou vcard-property ROLE cis businessCategory vcard-property ADR;WORK mls postalAddress vcard-property ADR;HOME mls homePostalAddress vcard-property EMAIL;INTERNET cis mail vcard-property TITLE cis title vcard-property TEL;WORK cis telephoneNumber vcard-property TEL;FAX cis facsimileTelephoneNumber vcard-property TEL;CELL cis mobile vcard-property TEL;HOME cis homePhone vcard-property NOTE cis description # To localize the search type menu: # Locate dsgw-l10n.conf in config//. # dsgw-l10n.conf contains translated words for search type pulldown menu. # dsgw-l10n.conf sample: # translate People # translate NT-People # translate Groups # translate NT-Groups # translate Organizations # translate Org-Units # translate Anything # include "@configdir@/dsgw-l10n.conf" --- dsgw.tmpl DELETED --- From fedora-directory-commits at redhat.com Mon Jan 14 22:58:33 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 17:58:33 -0500 Subject: [Fedora-directory-commits] dsgw/html eduser.html,1.1.1.1,1.2 Message-ID: <200801142258.m0EMwXot009591@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw/html In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9445/dsgw/html Modified Files: eduser.html Log Message: Initial pass at using adminutil for CGI code Fix resource file usage Add uri mappings for legacy urls Index: eduser.html =================================================================== RCS file: /cvs/dirsec/dsgw/html/eduser.html,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- eduser.html 1 Jun 2006 19:43:48 -0000 1.1.1.1 +++ eduser.html 14 Jan 2008 22:58:30 -0000 1.2 @@ -57,6 +57,6 @@ +'resizable=1,width=400,height=500');if(top.helpwin==1) hwin.frames[1].location='http://ggood:2001/httpd-ggood/bin/tutor?tutor=!usradd';else { hwin.location='http://ggood:2001/httpd-ggood/bin/tutor?tutor=usradd'; hwin.rwin=top; hwin.rwin.helpwin=1; }">
From fedora-directory-commits at redhat.com Mon Jan 14 22:58:32 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 17:58:32 -0500 Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.5, 1.6 auth.c, 1.1.1.1, 1.2 cgiutil.c, 1.1.1.1, 1.2 config.c, 1.3, 1.4 csearch.c, 1.1.1.1, 1.2 dnedit.c, 1.1.1.1, 1.2 dosearch.c, 1.1.1.1, 1.2 dsgw-httpd.conf.in, 1.3, 1.4 dsgw.h, 1.3, 1.4 dsgwgetlang.c, 1.2, 1.3 dsgwutil.c, 1.3, 1.4 edit.c, 1.1.1.1, 1.2 emitf.c, 1.1.1.1, 1.2 error.c, 1.1.1.1, 1.2 htmlout.c, 1.1.1.1, 1.2 htmlparse.c, 1.1.1.1, 1.2 lang.c, 1.1.1.1, 1.2 newentry.c, 1.1.1.1, 1.2 search.c, 1.1.1.1, 1.2 tutor.c, 1.1.1.1, 1.2 unauth.c, 1.1.1.1, 1.2 utf8compare.c, 1.1.1.1, 1.2 aclocal.m4, 1.2, 1.3 configure, 1.5, 1.6 missing, 1.1.1.1, 1.2 install-sh, 1.1.1.1, 1.2 depcomp, 1.1.1.1, 1.2 config.sub, 1.1, 1.2 config.guess, 1.1, 1.2 compile, 1.1, 1.2 Makefile.in, 1.5, 1.6 Message-ID: <200801142258.m0EMwWnM009559@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9445/dsgw Modified Files: Makefile.am auth.c cgiutil.c config.c csearch.c dnedit.c dosearch.c dsgw-httpd.conf.in dsgw.h dsgwgetlang.c dsgwutil.c edit.c emitf.c error.c htmlout.c htmlparse.c lang.c newentry.c search.c tutor.c unauth.c utf8compare.c aclocal.m4 configure missing install-sh depcomp config.sub config.guess compile Makefile.in Log Message: Initial pass at using adminutil for CGI code Fix resource file usage Add uri mappings for legacy urls Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.am,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- Makefile.am 14 Jan 2008 22:31:17 -0000 1.5 +++ Makefile.am 14 Jan 2008 22:58:30 -0000 1.6 @@ -180,9 +180,9 @@ #nodist_context_SCRIPTS = setup-dirsrv-gw # add more here for localized bundles -nodist_property_DATA = dsgw_root.res +nodist_property_DATA = root.res en.res en_US.res -MOSTLYCLEANFILES = dsgw.conf dsgw_root.res dsgw.properties setup dsgw-httpd.conf +MOSTLYCLEANFILES = dsgw.conf root.res dsgw.properties setup dsgw-httpd.conf en.res en_US.res # Resource Bundle Compiler if WINNT @@ -194,13 +194,13 @@ # The root resource bundle is based on English (en) locale; # This bundle must be always distributed and there is no need to have # *_en.properties resource bundle source files. -RESOURCE_BUNDLES_ROOT = dsgw_root.res +RESOURCE_BUNDLES_ROOT = root.res # French resource bundles (for the French localization in the future) -RESOURCE_BUNDLES_FR = dsgw_fr.res +RESOURCE_BUNDLES_FR = fr.res # German resource bundles (for the German localization in the future) -RESOURCE_BUNDLES_DE = dsgw_de.res +RESOURCE_BUNDLES_DE = de.res # By default create only the default root bundle (english). # Other locales should be created during the localization process. @@ -212,14 +212,17 @@ dsgw.properties: ./propmaker dbtdsgw.h ./propmaker $@ -dsgw_root.res : dsgw.properties - $(ICU_GENRB) -s. -d. --encoding 8859-1 --package-name dsgw $+ +root.res : dsgw.properties + $(ICU_GENRB) -s. -d. --encoding 8859-1 $+ -%_fr.res : %_fr.properties - $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ +fr.res : fr.properties + $(ICU_GENRB) -s. -d. --encoding 8859-2 $+ -%_de.res : %_de.properties - $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ +de.res : de.properties + $(ICU_GENRB) -s. -d. --encoding 8859-2 $+ + +en.res en_US.res : root.res + cp -p $< $@ # these are for the config files and scripts that we need to generate and replace # the paths and other tokens with the real values set during configure/make Index: auth.c =================================================================== RCS file: /cvs/dirsec/dsgw/auth.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- auth.c 1 Jun 2006 19:43:39 -0000 1.1.1.1 +++ auth.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -54,31 +54,6 @@ ) { int reqmethod; char *binddn = NULL; - char *qs = NULL; - - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /*Get the context.*/ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - /*Get the dn*/ - if ( !strncasecmp( p, "dn=", 3 )) { - binddn = dsgw_ch_strdup( p + 3 ); - dsgw_form_unescape( binddn ); - continue; - } - } - free( qs ); qs = NULL; - } reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET ); @@ -89,6 +64,7 @@ if ( reqmethod == DSGW_METHOD_POST ) { post_request(); } else { + binddn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL); get_request(binddn); } Index: cgiutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/cgiutil.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- cgiutil.c 1 Jun 2006 19:43:44 -0000 1.1.1.1 +++ cgiutil.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -35,6 +35,15 @@ * Copyright (C) 2005 Red Hat, Inc. * All rights reserved. --- END COPYRIGHT BLOCK --- */ + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ + /* * cgiutil.c -- CGI-related utility functions -- HTTP gateway * @@ -49,12 +58,6 @@ #include #include -/* globals */ -static char **formvars = NULL; - -/* functions */ -static char **dsgw_string_to_vec(char *in); - static void dsgw_vec_convert (char** vec) /* Convert input from the charset named in it (if any) to UTF_8. @@ -135,8 +138,8 @@ int dsgw_post_begin(FILE *in) { - char *ct, *vars = NULL, *tmp = NULL; - int cl; + char *ct, *tmp = NULL; + char **vars = NULL; if (( ct = getenv( "CONTENT_TYPE" )) == NULL || strcasecmp( ct, "application/x-www-form-urlencoded" ) != 0 || @@ -144,26 +147,20 @@ return( DSGW_ERR_BADFORMDATA ); } - cl = atoi(tmp); - - vars = (char *)dsgw_ch_malloc(cl+1); - - if ( fread(vars, 1, cl, in) != cl ) { + if (0 != post_begin(in)) { return( DSGW_ERR_BADFORMDATA ); } - vars[cl] = '\0'; #ifdef DSGW_DEBUG dsgw_log ("vars=\"%s\"\n", vars); #endif - formvars = dsgw_string_to_vec (vars); - free( vars ); - dsgw_vec_convert (formvars); + vars = get_input_ptr(); + dsgw_vec_convert (vars); /* convert to utf8 */ #ifdef DSGW_DEBUG - dsgw_logstringarray( "formvars", formvars ); + dsgw_logstringarray( "formvars", vars ); if (0) { - char** var = formvars; + char** var = vars; if (var) { printf ("Content-type: text/html;charset=UTF-8\n\n\n"); for (; *var; ++var) { @@ -178,37 +175,27 @@ return( 0 ); } +void +dsgw_get_begin(char *qs) +{ + char **vars = NULL; + + get_begin(qs); + vars = get_input_ptr(); + dsgw_vec_convert (vars); /* convert to utf8 */ + + return; +} + /* Unescape the %xx variables as they're sent in. */ void dsgw_form_unescape(char *str) { - register int x = 0, y = 0; - int l = strlen(str); - char digit; - - while(x < l) { - if((str[x] == '%') && (x < (l - 2))) { - ++x; - digit = (str[x] >= 'A' ? - ((str[x] & 0xdf) - 'A')+10 : (str[x] - '0')); - digit *= 16; - - ++x; - digit += (str[x] >= 'A' ? - ((str[x] & 0xdf) - 'A')+10 : (str[x] - '0')); - - str[y] = digit; - } - else if(str[x] == '+') { - str[y] = ' '; - } else { - str[y] = str[x]; - } - x++; - y++; - } - str[y] = '\0'; + /* this is now a no-op - get/post_begin already unescapes + the values - we must use get/post_begin rather than + parsing URL/post arguments */ + return; } @@ -216,22 +203,11 @@ char * dsgw_get_cgi_var(char *varname, int required) { - register int x = 0; - int len = strlen(varname); - char *ans = NULL; - - while(formvars != NULL && formvars[x]) { - /* We want to get rid of the =, so len, len+1 */ - if((!strncmp(formvars[x], varname, len)) && - (*(formvars[x]+len) == '=')) { - ans = dsgw_ch_strdup(formvars[x] + len + 1); - if(!strcmp(ans, "")) { - free(ans); - ans = NULL; - } - break; - } else - x++; + char *ans = get_cgi_var(varname, NULL, NULL); + if (!ans) { /* try all uppercase varname */ + char *upvarname = dsgw_utf8StrToUpper(varname); + ans = get_cgi_var(upvarname, NULL, NULL); + PL_strfree(upvarname); } if ( required == DSGW_CGIVAR_REQUIRED && ans == NULL ) { @@ -311,43 +287,6 @@ } -/* Convert the input from stdin to a usable variable vector. */ -static char ** -dsgw_string_to_vec(char *in) -{ - char **ans; - int vars = 0; - register int x = 0; - char *tmp; - - while(in[x]) - if(in[x++]=='=') - vars++; - - ans = (char **) dsgw_ch_malloc((sizeof(char *)) * (vars+1)); - if (ans) { - x=0; - /* strtok() is not MT safe, but it is okay to call here because it is used in monothreaded env */ - tmp = strtok(in, "&"); - if (tmp && *tmp && strchr(tmp, '=')) { - ans[x]=dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - - while((x <= vars) && (tmp = strtok(NULL, "&"))) { - if ( strchr( tmp, '=' ) == NULL ) { - break; - } - ans[x] = dsgw_ch_strdup(tmp); - dsgw_form_unescape(ans[x++]); - } - } - ans[x] = NULL; - } - - return(ans); -} - - /* * Step through all the CGI POSTed variables. A malloc'd copy of the variable * name is returned and *valuep is set to point to the value (not malloc'd). @@ -361,6 +300,7 @@ { char *name; int namelen; + char **formvars = get_input_ptr(); if ( formvars == NULL || formvars[ *indexp ] == NULL ) { return( NULL ); Index: config.c =================================================================== RCS file: /cvs/dirsec/dsgw/config.c,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- config.c 14 Jan 2008 22:31:17 -0000 1.3 +++ config.c 14 Jan 2008 22:58:30 -0000 1.4 @@ -35,8 +35,9 @@ * Copyright (C) 2005 Red Hat, Inc. * All rights reserved. --- END COPYRIGHT BLOCK --- */ + /* - * config.c -- parse config file for directory server gateway + * Config.c -- parse config file for directory server gateway */ @@ -119,7 +120,6 @@ gc->gc_docdir = DSGW_DOCDIR_HTTP; gc->gc_tmpldir = DSGW_TMPLDIR_HTTP; /* may be overridden below */ gc->gc_urlpfxmain = DSGW_URLPREFIX_MAIN_HTTP; /* may be overridden below */ - /*gc->gc_urlpfxcgi = DSGW_URLPREFIX_CGI_HTTP;*/ gc->gc_urlpfxcgi = CGIURIBASE; /* may be overridden below */ gc->gc_binddn = gc->gc_bindpw = ""; gc->gc_charset = NULL; /* implicitly ISO-8859-1 */ @@ -216,21 +216,17 @@ fname = dsgw_ch_malloc( len+MAXPATHLEN ); if ( GetFileForLanguage( path, gc->gc_ClientLanguage, fname ) < 0 ) { if (context == NULL) { - PR_snprintf( fname, len+MAXPATHLEN, "%s%s", DSGW_CONFIGDIR_HTTP, + PR_snprintf( fname, len+MAXPATHLEN, "%s/%s", DSGW_CONFIGDIR_HTTP, DSGW_CONFIGFILE); } else { - PR_snprintf( fname, len+MAXPATHLEN, "%s%s.conf", + PR_snprintf( fname, len+MAXPATHLEN, "%s/%s.conf", DSGW_CONTEXTDIR_HTTP, context); } } free( path ); if (context != NULL) { - char urlpfx[MAXPATHLEN]; - /*set the urlpfxmain to be "lang?context=CONTEXT&file="*/ - /*sprintf(urlpfx, "%slang?context=%s&file=", DSGW_URLPREFIX_CGI_HTTP, context);*/ - PR_snprintf(urlpfx, MAXPATHLEN, "%s?context=%s&file=", dsgw_getvp(DSGW_CGINUM_LANG), context); - gc->gc_urlpfxmain = dsgw_ch_strdup( urlpfx ); + gc->gc_urlpfxmain = PR_smprintf("%s?context=%s&file=", dsgw_getvp(DSGW_CGINUM_LANG), context); } read_dsgwconfig( fname, NULL, gc->gc_admserv, 0 ); @@ -1197,7 +1193,7 @@ * Description: context is the name of the config file * that is passed into the CGI. * Let's say context = pb - * then it gets translated into: ../context/pb.conf + * then it gets translated into: CONTEXTDIR/pb.conf * so we have to make sure that context * only contains numbers or letters, and nothing else * @@ -1500,3 +1496,11 @@ } return result; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: csearch.c =================================================================== RCS file: /cvs/dirsec/dsgw/csearch.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- csearch.c 1 Jun 2006 19:43:40 -0000 1.1.1.1 +++ csearch.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -54,41 +54,8 @@ #endif { int reqmethod; - char *qs = NULL; char *fname = NULL; - /* Parse out the file=blah.html from the query string*/ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - if ( !strncasecmp( p, "file=", 5 )) { - fname = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( fname ); - continue; - } - } - free( qs ); qs = NULL; - } - - reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET ); dsgw_send_header(); @@ -102,6 +69,7 @@ #endif if ( reqmethod == DSGW_METHOD_POST || reqmethod == DSGW_METHOD_GET ) { + fname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL); get_request(fname); } Index: dnedit.c =================================================================== RCS file: /cvs/dirsec/dsgw/dnedit.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- dnedit.c 1 Jun 2006 19:43:46 -0000 1.1.1.1 +++ dnedit.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -48,7 +48,7 @@ int main(int argc, char *argv[] ) #endif /* DSGW_DEBUG */ { - char *tmplname, *attrname, *attrdesc, *qs, *dn, *edn; + char *tmplname, *attrname, *attrdesc, *dn, *edn; char *attrs[ 2 ], **attrvals, **xdn, *avedn, *js0, *js1; LDAP *ld; LDAPMessage *msgp; @@ -67,53 +67,6 @@ * for keeping backward compatibility. */ tmplname = attrname = attrdesc = dn = edn = NULL; - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - char *p, *q; - q = qs + strlen( qs ); - while ((( p = strrchr( qs, '&' )) != NULL ) || ( q - qs > 1 )) { - if ( p ) - *p++ = '\0'; - else - p = qs; - q = p; - - if ( p != NULL && strncasecmp( p, "dn=", 3 ) == 0 ) { - edn = dsgw_ch_strdup( p + 3 ); - dn = dsgw_ch_strdup( p + 3 ); - dsgw_form_unescape( dn ); - } else if ( p != NULL && strncasecmp( p, "template=", 9 ) == 0 ) { - tmplname = dsgw_ch_strdup( p + 9 ); - dsgw_form_unescape( tmplname ); - } else if ( p != NULL && strncasecmp( p, "attr=", 5 ) == 0 ) { - attrname = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( attrname ); - } else if ( p != NULL && strncasecmp( p, "desc=", 5 ) == 0 ) { - attrdesc = dsgw_ch_strdup( p + 5 ); - /* Don't bother unescaping it; - we're only going to put it back in another URL. */ - } else if ( p != NULL && strncasecmp( p, "context=", 8 ) == 0) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - } - - } - - if ( !tmplname ) - dsgw_error( DSGW_ERR_MISSINGINPUT, "template", DSGW_ERROPT_EXIT, - 0, NULL ); - if ( !attrname ) - dsgw_error( DSGW_ERR_MISSINGINPUT, "attr", DSGW_ERROPT_EXIT, - 0, NULL ); - if ( !attrdesc ) - dsgw_error( DSGW_ERR_MISSINGINPUT, "desc", DSGW_ERROPT_EXIT, - 0, NULL ); - } else { - dsgw_error( DSGW_ERR_MISSINGINPUT, NULL, DSGW_ERROPT_EXIT, 0, NULL ); - } - - if ( dn == NULL ) { - dsgw_error( DSGW_ERR_MISSINGINPUT, "dn", DSGW_ERROPT_EXIT, 0, NULL ); - } (void)dsgw_init( argc, argv, DSGW_METHOD_GET ); @@ -121,6 +74,12 @@ dsgw_logstringarray( "env", env ); #endif + tmplname = dsgw_get_cgi_var("template", DSGW_CGIVAR_REQUIRED); + attrname = dsgw_get_cgi_var("attr", DSGW_CGIVAR_REQUIRED); + attrdesc = dsgw_get_cgi_var("desc", DSGW_CGIVAR_REQUIRED); + dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_REQUIRED); + edn = dsgw_strdup_escaped(dn); + dsgw_send_header(); Index: dosearch.c =================================================================== RCS file: /cvs/dirsec/dsgw/dosearch.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- dosearch.c 1 Jun 2006 19:43:45 -0000 1.1.1.1 +++ dosearch.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -53,10 +53,12 @@ #endif { int reqmethod; - char *qs = NULL; char *dn = NULL; char *hostport = NULL; char *ldapquery = NULL; + int index = 0; + char *varname = NULL; + char *val = NULL; #ifndef __LP64__ #ifdef HPUX #ifndef __ia64 @@ -65,66 +67,30 @@ #endif #endif #endif + + reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET ); + + hostport = dsgw_get_cgi_var("hp", DSGW_CGIVAR_OPTIONAL); + ldapquery = dsgw_get_cgi_var("ldq", DSGW_CGIVAR_OPTIONAL); + dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL); /* - * Parse out the GET args, if any. See the comments under - * get_request for an explanation of what's going on here + * If it doesn't match any of the above, or "context", then + * tack it onto the end of ldapquery. */ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - if ( !strncasecmp( p, "hp=", 3 )) { - hostport = dsgw_ch_strdup( p + 3 ); - dsgw_form_unescape( hostport ); - continue; - } - - if ( !strncasecmp( p, "ldq=", 4 )) { - ldapquery = dsgw_ch_strdup( p + 4 ); - dsgw_form_unescape( ldapquery ); - continue; - } - - if ( !strncasecmp( p, "dn=", 3 )) { - dn = dsgw_ch_strdup( p + 3 ); - dsgw_form_unescape( dn ); - continue; - } - - /* - * If it doesn't match any of the above, then - * tack it onto the end of ldapquery. - */ - if (ldapquery != NULL) { - ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(p) + 2)); - sprintf( ldapquery, "%s&%s", ldapquery, p ); - } + while ( (varname = dsgw_next_cgi_var( &index, &val )) != NULL) { + if (!strcmp(varname, "hp") || !strcmp(varname, "ldq") || + !strcmp(varname, "dn") || !strcmp(varname, "context")) { + continue; + } + ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(varname) + 1)); + PL_strcat(ldapquery, varname); + if (val && *val) { + ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(val) + 2)); + PL_strcat(ldapquery, "="); + PL_strcat(ldapquery, val); } - - free( qs ); qs = NULL; } - - reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET ); - /* * Note: we don't call dsgw_send_header() here like we usually do because * on a GET we may be asked to return a MIME type other than the default Index: dsgw-httpd.conf.in =================================================================== RCS file: /cvs/dirsec/dsgw/dsgw-httpd.conf.in,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- dsgw-httpd.conf.in 11 Jan 2008 21:58:09 -0000 1.3 +++ dsgw-httpd.conf.in 14 Jan 2008 22:58:30 -0000 1.4 @@ -26,12 +26,20 @@ SetEnv DSGW_CONTEXT_DIR "@contextdir@" # Enable CGI execution for these uris in this directory -ScriptAlias @cgiuri@ "@cgibindir@" +ScriptAlias @cgiuri@ "@cgibindir@/" +# legacy mapping +ScriptAlias /clients/dsgw/bin/ "@cgibindir@/" # URI aliases for html content Alias @dsgwuri@ @htmldir@ Alias @orguri@ @orghtmldir@ +# legacy mappings +Alias /clients/dsgw/html @htmldir@ +Alias /clients/dsgw/pbhtml @pbhtmldir@ +Alias /clients/dsgw/config @configdir@ +Alias /clients/dsgw/pbconfig @pbconfigdir@ + # Allow access to the dsgw html files AllowOverride None @@ -75,7 +83,7 @@ # Allow access to the cgi programs AllowOverride None - Options None + Options +ExecCGI Order allow,deny Allow from all Index: dsgw.h =================================================================== RCS file: /cvs/dirsec/dsgw/dsgw.h,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- dsgw.h 14 Jan 2008 22:31:17 -0000 1.3 +++ dsgw.h 14 Jan 2008 22:58:30 -0000 1.4 @@ -108,7 +108,7 @@ #define DSGW_TMPLDIR_HTTP CONFIGDIR #define DSGW_TMPLDIR_ADMSERV HTMLDIR #define DSGW_DOCDIR_HTTP HTMLDIR -#define DSGW_CONTEXTDIR_HTTP CONTEXTDIR +#define DSGW_CONTEXTDIR_HTTP (getenv("DSGW_CONTEXT_DIR") ? getenv("DSGW_CONTEXT_DIR") : CONTEXTDIR) #define DSGW_HTMLDIR HTMLDIR #define DSGW_MANROOT MANUALDIR #define DSGW_MANUALSHORTCUT ".MANUAL" @@ -758,6 +758,7 @@ * in cgiutil.c */ int dsgw_post_begin( FILE *in ); +void dsgw_get_begin( char *qs ); void dsgw_form_unescape( char *str ); char *dsgw_get_cgi_var( char *varname, int required ); int dsgw_get_int_var( char *varname, int required, int defval ); @@ -1033,6 +1034,7 @@ */ int dsgw_utf8casecmp(unsigned char *s0, unsigned char *s1); int dsgw_utf8ncasecmp(unsigned char *s0, unsigned char *s1, int n); +char *dsgw_utf8StrToUpper(char *s); /* * dsgwutil.c Index: dsgwgetlang.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwgetlang.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dsgwgetlang.c 10 Jan 2008 01:19:36 -0000 1.2 +++ dsgwgetlang.c 14 Jan 2008 22:58:30 -0000 1.3 @@ -351,5 +351,5 @@ XP_InitStringDatabase(const char *path, const char *dbname) { database_name = strdup(dbname); - i18nResource = res_init_resource(path, database_name); + i18nResource = res_init_resource(path, NULL); } Index: dsgwutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- dsgwutil.c 14 Jan 2008 22:31:17 -0000 1.3 +++ dsgwutil.c 14 Jan 2008 22:58:30 -0000 1.4 @@ -35,6 +35,7 @@ * Copyright (C) 2005 Red Hat, Inc. * All rights reserved. --- END COPYRIGHT BLOCK --- */ + /* * dsgwutil.c -- misc. utility functions -- HTTP gateway */ @@ -126,19 +127,26 @@ /*Have to get the context before we read the config file.*/ if (( m = getenv( "REQUEST_METHOD" )) != NULL ) { if ( strcasecmp( m, "GET" ) == 0 || strcasecmp( m, "HEAD" ) == 0 ) { + char *qs = getenv("QUERY_STRING"); method = DSGW_METHOD_GET; + if (qs && *qs) { + dsgw_get_begin(qs); + } else { + /* error? */ + } } else if ( strcasecmp( m, "POST" ) == 0 ) { method = DSGW_METHOD_POST; - if (( err = dsgw_post_begin( stdin )) == 0 ) { - context = dsgw_get_cgi_var( "context", DSGW_CGIVAR_OPTIONAL ); + if (( err = dsgw_post_begin( stdin )) != 0 ) { + dsgw_error(err, NULL, DSGW_ERROPT_EXIT, 0, NULL); } } } if ( method == 0 || ( methods_handled & method ) == 0 ) { dsgw_error( DSGW_ERR_BADMETHOD, NULL, DSGW_ERROPT_EXIT, 0, NULL ); - } + } + context = dsgw_get_cgi_var( "context", DSGW_CGIVAR_OPTIONAL ); /*If no context was given, try default.conf.*/ if (context == NULL) { context = dsgw_ch_strdup("default"); @@ -659,9 +667,9 @@ dsgw_emitf( "\n", XP_GetClientStr(DBT_help_1), tutorvp, topic, context, @@ -1326,3 +1334,11 @@ return server_url; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: edit.c =================================================================== RCS file: /cvs/dirsec/dsgw/edit.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- edit.c 1 Jun 2006 19:43:42 -0000 1.1.1.1 +++ edit.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -55,7 +55,8 @@ { - char *dn, *tmplname, *p; + char *dn, *tmplname; + char *add = NULL; unsigned long options; /* @@ -82,6 +83,11 @@ * the content has a risk to get broken especially when * it contains 8-bit UTF-8 data. (This is a known problem * on localized Windows machines.) + * + * NOTE: The new code uses adminutil to parse the get/post arguments. + * This requires name=value pairs. So instead of just ADD, the + * argument must be ADD=1 (or some other value). Also, instead of + * just "template", the argument should be tmplname=template. */ options = DSGW_DISPLAY_OPT_EDITABLE; @@ -95,61 +101,19 @@ #endif #endif - if (( tmplname = getenv( "QUERY_STRING" )) != NULL && *tmplname != '\0' ) { - tmplname = dsgw_ch_strdup( tmplname ); - while ( tmplname != NULL && ((( p = strrchr( tmplname, '&' )) != NULL ) || (p=tmplname) != NULL )) { - if (p == tmplname) { - tmplname = NULL; - } else { - *p++ = '\0'; - } - - if ( strcasecmp( p, "add" ) == 0 ) { - options |= DSGW_DISPLAY_OPT_ADDING; - if (( p = strrchr( tmplname, '&' )) != NULL ) { - *p++ = '\0'; - } - } + (void)dsgw_init( argc, argv, DSGW_METHOD_GET ); - if ( p != NULL && strncasecmp( p, "info=", 5 ) == 0 ) { - dsgw_last_op_info = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( dsgw_last_op_info ); - continue; - } - if ( p != NULL && strncasecmp( p, "dn=", 3 ) == 0 ) { - dn = dsgw_ch_strdup( p + 3 ); - dsgw_form_unescape( dn ); - continue; - } - if ( p != NULL && strncasecmp( p, "dnattr=", 7 ) == 0 ) { - dsgw_dnattr = dsgw_ch_strdup( p + 7 ); - dsgw_form_unescape( dsgw_dnattr ); - continue; - } - if ( p != NULL && strncasecmp( p, "dndesc=", 7 ) == 0 ) { - dsgw_dndesc = dsgw_ch_strdup( p + 7 ); - dsgw_form_unescape( dsgw_dndesc ); - continue; - } - if ( p != NULL && strncasecmp( p, "context=", 8 ) == 0) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - /* - * If none of the if-statements above matched, - * then it's the template name - */ - tmplname = p; - break; - } - - } else { - tmplname = NULL; + dsgw_last_op_info = dsgw_get_cgi_var("info", DSGW_CGIVAR_OPTIONAL); + dn = dsgw_get_cgi_var("dn", DSGW_CGIVAR_OPTIONAL); + dsgw_dnattr = dsgw_get_cgi_var("dnattr", DSGW_CGIVAR_OPTIONAL); + dsgw_dndesc = dsgw_get_cgi_var("dndesc", DSGW_CGIVAR_OPTIONAL); + add = dsgw_get_cgi_var("add", DSGW_CGIVAR_OPTIONAL); + if (add && *add) { + options |= DSGW_DISPLAY_OPT_ADDING; } + PL_strfree(add); + tmplname = dsgw_get_cgi_var("tmplname", DSGW_CGIVAR_OPTIONAL); - (void)dsgw_init( argc, argv, DSGW_METHOD_GET ); dsgw_send_header(); #ifdef DSGW_DEBUG Index: emitf.c =================================================================== RCS file: /cvs/dirsec/dsgw/emitf.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- emitf.c 1 Jun 2006 19:43:44 -0000 1.1.1.1 +++ emitf.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -861,3 +861,11 @@ } return charset; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: error.c =================================================================== RCS file: /cvs/dirsec/dsgw/error.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- error.c 1 Jun 2006 19:43:44 -0000 1.1.1.1 +++ error.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -568,3 +568,11 @@ return msg; } } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: htmlout.c =================================================================== RCS file: /cvs/dirsec/dsgw/htmlout.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- htmlout.c 1 Jun 2006 19:43:43 -0000 1.1.1.1 +++ htmlout.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -457,3 +457,11 @@ if (frame) dsgw_emitf ("%s.", frame); dsgw_emits ( "document.confirmForm.submit();\n"); } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: htmlparse.c =================================================================== RCS file: /cvs/dirsec/dsgw/htmlparse.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- htmlparse.c 1 Jun 2006 19:43:44 -0000 1.1.1.1 +++ htmlparse.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -842,3 +842,11 @@ return( p ); } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: lang.c =================================================================== RCS file: /cvs/dirsec/dsgw/lang.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- lang.c 1 Jun 2006 19:43:39 -0000 1.1.1.1 +++ lang.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -143,70 +143,29 @@ char* docname = NULL; char* tfname; int result = 0; - char *qs = NULL; int manual_file = 0; /* Flag: is the file a documentation file? */ + + (void)dsgw_init( argc, argv, DSGW_METHOD_GET | DSGW_METHOD_POST ); - /* Parse out the file=blah.html */ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - - /*Get the filename and check it for naughtiness -RJP*/ - if ( !strncasecmp( p, "file=", 5 )) { - - /*If there is no file specified, go with index.html*/ - if (strlen(p) == 5) { - docname = dsgw_ch_strdup("index.html"); - } else { - docname = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( docname ); - } - - - /*If we're handling a help page, forgo the filename check*/ - if ( strlen( docname ) > DSGW_MANUALSHORTCUT_LEN && - strncmp( docname, DSGW_MANUALSHORTCUT, - DSGW_MANUALSHORTCUT_LEN ) == 0 ) { - manual_file = 1; - } - - /* - * Make sure the person isn't trying to get - * some file not in the gateway. - */ - if (manual_file == 0 && !dsgw_valid_docname(docname)) { - dsgw_error( DSGW_ERR_BADFILEPATH, docname, - DSGW_ERROPT_EXIT, 0, NULL ); - } - continue; - } - - + dsgw_last_op_info = dsgw_get_cgi_var("info", DSGW_CGIVAR_OPTIONAL); + docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL); + if (docname) { + /*If we're handling a help page, forgo the filename check*/ + if ( strlen( docname ) > DSGW_MANUALSHORTCUT_LEN && + strncmp( docname, DSGW_MANUALSHORTCUT, + DSGW_MANUALSHORTCUT_LEN ) == 0 ) { + manual_file = 1; + } + /* + * Make sure the person isn't trying to get + * some file not in the gateway. + */ + if (manual_file == 0 && !dsgw_valid_docname(docname)) { + dsgw_error( DSGW_ERR_BADFILEPATH, docname, + DSGW_ERROPT_EXIT, 0, NULL ); } - - free( qs ); qs = NULL; } - - (void)dsgw_init( argc, argv, DSGW_METHOD_GET | DSGW_METHOD_POST ); + docdir = dsgw_get_docdir(); /*If there is no docname, default to index.html*/ @@ -214,11 +173,12 @@ docname = dsgw_ch_strdup("index.html"); } + /* I think this is a no op - dsgw_valid_docname will reject "/" */ if (!strcmp (docname, "/")) { printf( "Location: %s?context=%s\n\n", dsgw_getvp( DSGW_CGINUM_SEARCH ), context ); return( result ); - } else { + } /* I think this is a no op? else { char* p; if (*docname == '/') ++docname; docname = dsgw_ch_strdup( docname ); @@ -229,7 +189,7 @@ dsgw_form_unescape( dsgw_last_op_info ); } } - } + } */ if (manual_file) { /* check filename */ @@ -287,3 +247,11 @@ return result; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: newentry.c =================================================================== RCS file: /cvs/dirsec/dsgw/newentry.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- newentry.c 1 Jun 2006 19:43:45 -0000 1.1.1.1 +++ newentry.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -251,6 +251,8 @@ static char* compute_newurl() { + char *tmplname = "tmplname="; + size_t tmplnamelen = strlen(tmplname); auto char* entryType = dsgw_get_cgi_var( "entrytype", DSGW_CGIVAR_REQUIRED ); auto char* entryName = dsgw_get_cgi_var( "entryname", DSGW_CGIVAR_REQUIRED ); auto char* rdnTag = dsgw_get_cgi_var( "rdntag", DSGW_CGIVAR_REQUIRED ); @@ -281,15 +283,16 @@ { auto char* edn = dsgw_strdup_escaped (dn); auto const char* const prefix = DSGW_URLPREFIX_CGI_HTTP "edit?"; - auto const char* const suffix = "&ADD"; + auto const char* const suffix = "&ADD=1"; auto const size_t ednLen = strlen (edn); auto const size_t prefixLen = strlen (prefix); auto const size_t suffixLen = strlen (suffix); auto const size_t contextLen = strlen (context) + 9; - newurl = dsgw_ch_malloc (prefixLen + entryTypeLen + contextLen + suffixLen + 4 + ednLen + 1); + newurl = dsgw_ch_malloc (prefixLen + tmplnamelen + entryTypeLen + contextLen + suffixLen + 4 + ednLen + 1); memcpy (newurl, prefix, prefixLen + 1); + strcat (newurl, tmplname); strcat (newurl, entryType); strcat (newurl, "&context="); strcat (newurl, context); @@ -389,60 +392,18 @@ #endif { auto int reqmethod; - char *qs = NULL; char *docname = NULL; char *etype = NULL; - /* Parse out the file=blah.html */ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - /* - * file will be either "name", "type", or nothing. - * It'll be mapped into an html file in get_request - */ - if ( !strncasecmp( p, "file=", 5 )) { - docname = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( docname ); - - continue; - } - - /* etype will be ntgroup, or person, etc */ - if ( !strncasecmp( p, "etype=", 6 )) { - etype = dsgw_ch_strdup( p + 6 ); - dsgw_form_unescape( etype ); - - continue; - } - } - free( qs ); qs = NULL; - } + reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET); + + docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL); if (docname != NULL && *docname == '/') { docname++; } - - reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST | DSGW_METHOD_GET); + etype = dsgw_get_cgi_var("etype", DSGW_CGIVAR_OPTIONAL); + dsgw_send_header(); #ifdef DSGW_DEBUG dsgw_logstringarray( "env", env ); Index: search.c =================================================================== RCS file: /cvs/dirsec/dsgw/search.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- search.c 1 Jun 2006 19:43:39 -0000 1.1.1.1 +++ search.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -54,56 +54,14 @@ { auto int reqmethod; char *docname = NULL; - char *qs = NULL; - - /* Parse out the file=blah.html */ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - - /*Get the filename and check it for naughtiness -RJP*/ - if ( !strncasecmp( p, "file=", 5 )) { - docname = dsgw_ch_strdup( p + 5 ); - dsgw_form_unescape( docname ); - - /* - * Make sure the person isn't trying to get - * some file not in the gateway. - */ - if (! dsgw_valid_docname(docname)) { - dsgw_error( DSGW_ERR_BADFILEPATH, docname, - DSGW_ERROPT_EXIT, 0, NULL ); - } - continue; - } - - - } - - free( qs ); qs = NULL; - } - reqmethod = dsgw_init( argc, argv, DSGW_METHOD_GET ); + + docname = dsgw_get_cgi_var("file", DSGW_CGIVAR_OPTIONAL); + if (docname && ! dsgw_valid_docname(docname)) { + dsgw_error( DSGW_ERR_BADFILEPATH, docname, + DSGW_ERROPT_EXIT, 0, NULL ); + } dsgw_send_header(); #ifdef DSGW_DEBUG Index: tutor.c =================================================================== RCS file: /cvs/dirsec/dsgw/tutor.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- tutor.c 1 Jun 2006 19:43:47 -0000 1.1.1.1 +++ tutor.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -139,44 +139,25 @@ #endif ) { - char *qs = getenv("QUERY_STRING"); + char *param = NULL; char *html=NULL; char *base=NULL; #ifdef DSGW_DEBUG dsgw_logstringarray( "env", env ); #endif - - if(qs == NULL || *qs == '\0') { + + dsgw_init( argc, argv, DSGW_METHOD_GET ); + + param = dsgw_get_cgi_var("tutor", DSGW_CGIVAR_OPTIONAL); + if (!param || !*param) { dsgw_send_header(); _my_return_html_file(BASE_MAN_DIRECTORY HELP_INDEX_HTML, NULL); exit(0); - } else { - /* parse the query string: */ - auto char *p, *iter = NULL; - - /*get a pointer to the context. It should be the last part of the qs*/ - p = ldap_utf8strtok_r( qs, "&", &iter ); - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( iter != NULL && !strncasecmp( iter, "context=", 8 )) { - context = dsgw_ch_strdup( iter + 8 ); - dsgw_form_unescape( context ); - } - } - dsgw_init( argc, argv, DSGW_METHOD_GET ); - - html = (char *) dsgw_ch_malloc(strlen(qs)+10+10); - sprintf(html, "%s.html", qs); + html = (char *) dsgw_ch_malloc(strlen(param)+10+10); + sprintf(html, "%s.html", param); if (my_util_uri_is_evil(html)) { dsgw_send_header(); dsgw_emits( "

Error

\n" @@ -186,17 +167,17 @@ exit( 0 ); } - if(qs[0]=='!') { - qs++; - if(!strncmp(qs, BASE_INFO_DIRECTORY, strlen(BASE_INFO_DIRECTORY))) { - sprintf(html, "%s.html", qs); - } else if(!strncmp(qs, BASE_MAN_DIRECTORY, strlen(BASE_MAN_DIRECTORY))) { - if(!strstr(qs, ".html")) { - sprintf(html, "%s.htm", qs); + if(param[0]=='!') { + param++; + if(!strncmp(param, BASE_INFO_DIRECTORY, strlen(BASE_INFO_DIRECTORY))) { + sprintf(html, "%s.html", param); + } else if(!strncmp(param, BASE_MAN_DIRECTORY, strlen(BASE_MAN_DIRECTORY))) { + if(!strstr(param, ".html")) { + sprintf(html, "%s.htm", param); } else { - sprintf(html, "%s", qs); + sprintf(html, "%s", param); } - base=qs; + base=param; } else { char line[BIG_LINE]; @@ -245,7 +226,7 @@ if(!found) continue; /* script name is in head */ - if(strncasecmp(head, qs, strlen(qs))) { + if(strncasecmp(head, param, strlen(param))) { continue; } /* match found. get the actual file name */ @@ -278,7 +259,7 @@ ohwell: if(!html[0]) - sprintf(html, "%s%s.html", BASE_MAN_DIRECTORY, qs); + sprintf(html, "%s%s.html", BASE_MAN_DIRECTORY, param); } dsgw_send_header(); _my_return_html_file(html, base); @@ -289,11 +270,11 @@ dsgw_emits("\n" ); - dsgw_emitf("\n", dsgw_getvp(DSGW_CGINUM_TUTOR), context); - dsgw_emitf("\n", dsgw_getvp(DSGW_CGINUM_TUTOR), qs, context); + dsgw_emitf("\n", dsgw_getvp(DSGW_CGINUM_TUTOR), param, context); dsgw_emits("\n"); } return 1; Index: unauth.c =================================================================== RCS file: /cvs/dirsec/dsgw/unauth.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- unauth.c 1 Jun 2006 19:43:39 -0000 1.1.1.1 +++ unauth.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -42,7 +42,6 @@ #include "dsgw.h" #include "dbtdsgw.h" -char *get_auth_cookie( char *cookie ); void generate_message( int type ); #define CKEXP_SUCCESS 1 @@ -53,37 +52,7 @@ int reqmethod; char *expck; char *authck; - int rc; - char *qs = NULL; - - /* Parse out the context=blah.html */ - if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) { - /* parse the query string: */ - auto char *p, *iter = NULL; - qs = dsgw_ch_strdup( qs ); - - for ( p = ldap_utf8strtok_r( qs, "&", &iter ); p != NULL; - p = ldap_utf8strtok_r( NULL, "&", &iter )) { - - /* - * Get the conf file name. It'll be translated - * into /dsgw/context/CONTEXT.conf if - * CONTEXT is all alphanumeric (no slahes, - * or dots). CONTEXT is passed into the cgi. - * if context=CONTEXT is not there, or PATH_INFO - * was used, then use dsgw.conf - */ - if ( !strncasecmp( p, "context=", 8 )) { - context = dsgw_ch_strdup( p + 8 ); - dsgw_form_unescape( context ); - continue; - } - - } - - free( qs ); qs = NULL; - } - + int rc; reqmethod = dsgw_init( argc, argv, DSGW_METHOD_GET ); @@ -109,36 +78,6 @@ exit( 0 ); } - - -/* - * It's quite likely that there will be more than one cookie in the - * Cookie: header. See if we've got an authentication cookie, and if - * so, parse it out and return a pointer to it. If no auth cookie - * is present, return NULL. - */ -char * -get_auth_cookie( char *cookie ) -{ - char *p, *e; - - if ( cookie == NULL ) { - return NULL; - } - - if (( p = strstr( cookie, DSGW_AUTHCKNAME )) == NULL ) { - return NULL; - } - - if (( e = strchr( p, ';' )) != NULL ) { - *e = '\0'; - } - - return p; -} - - - void generate_message( int type ) { Index: utf8compare.c =================================================================== RCS file: /cvs/dirsec/dsgw/utf8compare.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- utf8compare.c 1 Jun 2006 19:43:46 -0000 1.1.1.1 +++ utf8compare.c 14 Jan 2008 22:58:30 -0000 1.2 @@ -1822,16 +1822,17 @@ * Output string is allocated in this function, which needs to be * released when it's not needed any more. */ -unsigned char * -dsgw_utf8StrToUpper(unsigned char *s) +char * +dsgw_utf8StrToUpper(char *input) { + unsigned char *s = (unsigned char *)input; UpperLowerTbl_t *ultp; unsigned char *p, *np, *tail; unsigned char *up, *uphead; int len, sz; if (s == NULL || *s == '\0') { - return s; + return (char *)s; } len = strlen((char *)s); tail = s + len; @@ -1891,7 +1892,7 @@ } } *up = '\0'; - return uphead; + return (char *)uphead; } /* Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/dsgw/Makefile.in,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- Makefile.in 14 Jan 2008 22:31:17 -0000 1.5 +++ Makefile.in 14 Jan 2008 22:58:30 -0000 1.6 @@ -480,8 +480,8 @@ #nodist_context_SCRIPTS = setup-dirsrv-gw # add more here for localized bundles -nodist_property_DATA = dsgw_root.res -MOSTLYCLEANFILES = dsgw.conf dsgw_root.res dsgw.properties setup dsgw-httpd.conf +nodist_property_DATA = root.res en.res en_US.res +MOSTLYCLEANFILES = dsgw.conf root.res dsgw.properties setup dsgw-httpd.conf en.res en_US.res @WINNT_FALSE at ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@ # Resource Bundle Compiler @@ -490,13 +490,13 @@ # The root resource bundle is based on English (en) locale; # This bundle must be always distributed and there is no need to have # *_en.properties resource bundle source files. -RESOURCE_BUNDLES_ROOT = dsgw_root.res +RESOURCE_BUNDLES_ROOT = root.res # French resource bundles (for the French localization in the future) -RESOURCE_BUNDLES_FR = dsgw_fr.res +RESOURCE_BUNDLES_FR = fr.res # German resource bundles (for the German localization in the future) -RESOURCE_BUNDLES_DE = dsgw_de.res +RESOURCE_BUNDLES_DE = de.res # these are for the config files and scripts that we need to generate and replace # the paths and other tokens with the real values set during configure/make @@ -1178,14 +1178,17 @@ dsgw.properties: ./propmaker dbtdsgw.h ./propmaker $@ -dsgw_root.res : dsgw.properties - $(ICU_GENRB) -s. -d. --encoding 8859-1 --package-name dsgw $+ +root.res : dsgw.properties + $(ICU_GENRB) -s. -d. --encoding 8859-1 $+ -%_fr.res : %_fr.properties - $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ +fr.res : fr.properties + $(ICU_GENRB) -s. -d. --encoding 8859-2 $+ -%_de.res : %_de.properties - $(ICU_GENRB) -s. -d. --encoding 8859-2 --package-name dsgw $+ +de.res : de.properties + $(ICU_GENRB) -s. -d. --encoding 8859-2 $+ + +en.res en_US.res : root.res + cp -p $< $@ % : %.in if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi From fedora-directory-commits at redhat.com Mon Jan 14 23:34:30 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 14 Jan 2008 18:34:30 -0500 Subject: [Fedora-directory-commits] dsgw dosearch.c,1.2,1.3 Message-ID: <200801142334.m0ENYUf9017566@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17549 Modified Files: dosearch.c Log Message: Check ldapquery for NULL Index: dosearch.c =================================================================== RCS file: /cvs/dirsec/dsgw/dosearch.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dosearch.c 14 Jan 2008 22:58:30 -0000 1.2 +++ dosearch.c 14 Jan 2008 23:34:27 -0000 1.3 @@ -82,12 +82,14 @@ !strcmp(varname, "dn") || !strcmp(varname, "context")) { continue; } - ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(varname) + 1)); - PL_strcat(ldapquery, varname); - if (val && *val) { - ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(val) + 2)); - PL_strcat(ldapquery, "="); - PL_strcat(ldapquery, val); + if (ldapquery != NULL) { + ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(varname) + 1)); + PL_strcat(ldapquery, varname); + if (val && *val) { + ldapquery = dsgw_ch_realloc(ldapquery, sizeof(char *) * (strlen(ldapquery) + strlen(val) + 2)); + PL_strcat(ldapquery, "="); + PL_strcat(ldapquery, val); + } } } @@ -346,3 +348,11 @@ ldap_unbind( ld ); } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ From fedora-directory-commits at redhat.com Tue Jan 15 18:23:45 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Tue, 15 Jan 2008 13:23:45 -0500 Subject: [Fedora-directory-commits] dsgw cgiutil.c, 1.2, 1.3 dnedit.c, 1.2, 1.3 doauth.c, 1.1.1.1, 1.2 dsgwutil.c, 1.4, 1.5 entrydisplay.c, 1.1.1.1, 1.2 Message-ID: <200801151823.m0FINjVg015956@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15920/dsgw Modified Files: cgiutil.c dnedit.c doauth.c dsgwutil.c entrydisplay.c Log Message: Still need to unescape some form vars The edit CGI requires the template name to be prefixed with tmplname= Index: cgiutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/cgiutil.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- cgiutil.c 14 Jan 2008 22:58:30 -0000 1.2 +++ cgiutil.c 15 Jan 2008 18:23:43 -0000 1.3 @@ -192,9 +192,8 @@ void dsgw_form_unescape(char *str) { - /* this is now a no-op - get/post_begin already unescapes - the values - we must use get/post_begin rather than - parsing URL/post arguments */ + form_unescape(str); + return; } @@ -480,3 +479,11 @@ ucnv_reset(utf8Converter); return -1; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 8 + End: +*/ Index: dnedit.c =================================================================== RCS file: /cvs/dirsec/dsgw/dnedit.c,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- dnedit.c 14 Jan 2008 22:58:30 -0000 1.2 +++ dnedit.c 15 Jan 2008 18:23:43 -0000 1.3 @@ -391,7 +391,7 @@ "\n" ); - dsgw_emitf( " \n", dsgw_getvp( DSGW_CGINUM_EDIT ), tmplname, edn, context, attrname, attrdesc ); Index: doauth.c =================================================================== RCS file: /cvs/dirsec/dsgw/doauth.c,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- doauth.c 1 Jun 2006 19:43:46 -0000 1.1.1.1 +++ doauth.c 15 Jan 2008 18:23:43 -0000 1.2 @@ -202,7 +202,7 @@ if( password_expiring != -1 ) { if ( encodeddn != NULL && strlen( encodeddn ) > 0 ) { - dsgw_emitf( "var editdesturl = '%s?passwd&dn=%s&context=%s';\n", + dsgw_emitf( "var editdesturl = '%s?tmplname=passwd&dn=%s&context=%s';\n", dsgw_getvp( DSGW_CGINUM_EDIT ), encodeddn, context ); } else { dsgw_emitf( "var editdesturl=null;\n" ); @@ -415,3 +415,11 @@ fflush( stdout ); return; } + +/* + emacs settings + Local Variables: + indent-tabs-mode: t + tab-width: 4 + End: +*/ Index: dsgwutil.c =================================================================== RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dsgwutil.c 14 Jan 2008 22:58:30 -0000 1.4 +++ dsgwutil.c 15 Jan 2008 18:23:43 -0000 1.5 @@ -1037,7 +1037,7 @@ " Info
From fedora-directory-commits at redhat.com Wed Jan 16 22:56:05 2008 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 16 Jan 2008 17:56:05 -0500 Subject: [Fedora-directory-commits] dsgw/html/manual a.gif, NONE, 1.1 add.htm, NONE, 1.1 attribua.gif, NONE, 1.1 attribut.htm, NONE, 1.1 auth.htm, NONE, 1.1 contents.html, NONE, 1.1 dn.htm, NONE, 1.1 dna.gif, NONE, 1.1 filters.htm, NONE, 1.1 index.html, NONE, 1.1 index.map, NONE, 1.1 intro.htm, NONE, 1.1 mod.htm, NONE, 1.1 n.gif, NONE, 1.1 objclass.htm, NONE, 1.1 search.htm, NONE, 1.1 t.gif, NONE, 1.1 y.gif, NONE, 1.1 Message-ID: <200801162256.m0GMu5VO023583@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/dsgw/html/manual In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23442/dsgw/html/manual Added Files: a.gif add.htm attribua.gif attribut.htm auth.htm contents.html dn.htm dna.gif filters.htm index.html index.map intro.htm mod.htm n.gif objclass.htm search.htm t.gif y.gif Log Message: added manuals; fixed code that displays manuals; added initial tests --- NEW FILE add.htm --- Adding Directory Entries

Adding Entries

You can add new entries to the directory using the Directory Server interface. To add entries, your Directory Server administrator must have granted you the right to do so. Before you can add an entry, you must authenticate to the Directory Server.

Using the Directory Server interface you can add:

Before you add an entry for the first time, read the New Entry Guidelines section for important information about the directory tree structure and naming conventions.

New Entry Guidelines

Before you begin adding entries to the directory, make sure that you understand the following directory concepts:

Directory Tree Structure

Data in the directory is arranged in a tree hierarchy. The top of the tree is known as the root or suffix. The root entry usually represents the organization entry for the directory.
Note:

Although your directory may contain more than one suffix, the directory server interface only allows you to search for, add, and edit entries in a single suffix. Make sure that you know which suffix your Directory Server interface is supporting before adding new entries.

Below the root are branches of the tree, which usually represent organizational units such as marketing or accounting. Entries for people and resources within your organization are usually contained below these organizational unit branches within the directory tree structure.

When you add an entry, make sure that an entry representing a branch point is created before new entries are created under that branch. For example, if you want to place entries in a Marketing subtree and in an Accounting subtree, then create the branch point for those subtrees before creating entries within the subtrees: 

          o=Example.com
          ou=Marketing, o=Example.com
          ...
          Marketing subtree entries
          ...
          ou=Accounting, o=Example.com
          ...
          Accounting subtree entries

Distinguished Name Syntax

An entry is uniquely identified within the Directory Server through the use of a distinguished name (DN). A DN identifies the entry by using a series of comma-separated attributes and attribute values. The left-most value in the DN represents the entry's name, with each subsequent attribute representing a branch point above the entry. For example: 
uid=bjensen, ou=people, o=example.com
This DN represents the entry named bjensen in the subdirectory named people in the directory named example.com.

When you add a new entry to the Directory Server, you are prompted to enter the complete distinguished name.

Unique Distinguished Names

The Directory Server interface does not allow you to create a duplicate entry. To avoid naming duplications, use distinguished names that begin with the person's user ID (uid) rather than the person's common name (CN). Choose user IDs that are readable; that is, do not use a random collection of letters and numbers for user IDs. If your enterprise already has an email system, one possibility would be to use the left-most value of each person's email address as that person's user ID. For example, if a person has the email address:

bjensen at example.com

then give that person's directory entry the following DN:

uid=bjensen, o=example.com

Adding a Person

To add a new person entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. When you add a person to the directory, a form that allows you to edit that person's data is displayed. This form is displayed in a new web browser window. You must supply values for the required fields. The required fields for a person are:
  5. You can provide values for the optional fields now, or add them later. The optional fields for a person are:
    6.  

    First Name  Phone Email Address 
    Fax  User ID Pager
    Mobile Phone  Business Category  Title
    Organizational Unit  Manager  Room Number 
    Admin  Dept#  Emp# 
    Car License#  Mailing Address  Description 
    See Also  URL  Password 
    Note:

    You cannot enter values into the Manager, Admin, or See Also fields until you have saved the entry. Furthermore, changing uid in the New Entry screen will result in a multi-valued uid with the value selected in the first screen as the naming component.

  6. To cancel the entry creation, close the web browser window containing the form. When you are done filling in the form, click the Save New Person button at the top of the form.
  7. After saving the entry, you can add values to the Manager and Admin fields or add a See Also value.

Adding an NT Person

When creating an NT-person entry, make sure that the subtree in which you place the entry is the same subtree that the synchronization service uses to synchronize entries. If you place an NT-person entry into another location, it is not synchronized with the Windows network.

To add a new NT-person entry, do the following:

  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. When you add an NT-person to the directory, a form that allows you to edit that person's data is displayed. This form is displayed in a new web browser window. You must supply values for the required fields. The required fields for an NT-person are:
  5. You can provide values for the optional fields now, or add them later. The optional fields for a person are:

    6. First Name  Phone  Email Address 
    Fax  Directory Server Password  Pager 
    Mobile Phone  Business Category  Title 
    Organizational Unit  Manager  Room Number 
    Admin  Dept#  Emp# 
    Car License#  Mailing Address  Description 
    See Also  URL  User Id
    Note:

    You cannot enter values into the Manager, Admin, or See Also fields until you have saved the entry.

  6. You can also change the value for the following two options:
    7. The default value is shown. If you do not change the value, the default value is used.
  7. When you are done filling in the form, click the Save New NT Person button at the top of the form. To cancel the entry creation, close the web browser window containing the form.
  8. After saving the entry, you can add values to the Manager and Admin fields or add a "See Also" value.

Adding a Group

To add a new group entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. When you add a group to the directory, a form that allows you to edit that group's data is displayed. This form is displayed in a new web browser window. You must supply a value for the required field Name.
  5. You can provide a value for the optional Description field now, or add it later.
    6. Note:

    You cannot enter values into the Owner, Group Members, or See Also fields until you have saved the entry.

  6. When you are done filling in the form, click the Save New Group button at the top of the form.

    7. To cancel the entry creation, close the web browser window containing the form.
  7. After you have saved the entry, you can add values for the Owner, Group Member, and See Also fields.

Adding an NT Group

To add a new NT group entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. When you add an NT-group to the directory, a form that allows you to edit that group's data is displayed. This form is contained in a new web browser window. You must supply a value for the required fields. The required fields for an NT-group are:
  5. You can provide values for the optional fields now, or add them later. The optional fields for an NT group are:

    6. Description  Owner 
    NT Group Members  See Also

    Note:

    You cannot enter values into the Owner, NT Group Members, or See Also fields until you have saved the entry.

  6. You may also change the value for the Delete NT Group if Group Deleted option.
  7. When you are done filling in the form, click the Save New Group button at the top of the form.

    8. To cancel the entry creation, close the web browser window containing the form.
  8. After you save the entry, you can add values for the NT Group Members, Owner, and See Also fields.

Adding an Organizational Unit

To add a new organizational unit entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the "Back" button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. When you add an organizational unit to the directory, a form that allows you to edit that organization's data is displayed. This form is displayed in a new web browser window. You must supply a value for the required field, Unit Name.
  5. You can provide values for the optional fields now, or add them later. The optional fields for an organizational unit are:

    6. Description  Phone  Business Category 
    Fax  Location  Mailing Address 
    See Also     

  6. When you are done filling in the form, click the Save New Org. Unit button at the top of the form. To cancel the entry creation, close the web browser window containing the form.

Adding a Domain Component

To add a new domain entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. You must supply a value for the required field, dc.
  5. You can provide values for the optional fields now, or add them later. The optional fields for a domain are:

    6. Description Phone Business Category
    Fax Location Mailing Address
    See Also    

  6. When you are done filling in the form, click the Save New dc button at the top of the form. To cancel the entry creation, close the web browser window containing the form.

Adding an Organization

To add a new organization entry, do the following:
  1. Click the New Entry tab.
  2. Follow the steps outlined in the New Entry form. When you are done filling in this form, click Continue. To cancel the operation click the Back button in your browser window.
  3. If you have not authenticated before you attempt to add a new entry, or if your authentication has expired, the Directory Server prompts you to authenticate before continuing.
  4. Adding an organization is supported only when you initially populate your directory tree. The organization you add must match the organization you specified in the Database Subtree field when you installed your Directory Server. For example, if you specified a value of:
    5. o=Example.com
    to the Database Subtree field, then you must specify a value of: 
    o=Example.com
    when you add the organization. The Directory Server checks the add operation to ensure that the directory entry can exist with the database subtree. Any value other than: 
    o=Example.com
    clearly cannot reside under: 
    o=Example.com
    As a result, the Directory Server rejects the operation.
  5. You must supply a value for the required field, Organization Name.
  6. You can provide values for the optional fields now, or add them later. The optional fields for an organization are:

    7. Description  Phone  Business Category 
    Fax  Location  Mailing Address 
    See Also     

  7. When you are done filling in the form, click the Save New Org. button at the top of the form. To cancel the entry creation, close the web browser window containing the form.
--- NEW FILE attribut.htm ---

Attributes


This appendix includes information on attribute definitions. Most of the schema attributes used in the Directory Server are part of the standard LDAP protocol, which is in turn based on the X.500 standard. However, some of the Directory Server's attributes are extensions created by Netscape for use with its implementation of LDAP. If an attribute was created by Netscape and is not part of the standard LDAP schema, a note is made in the description of that object or attribute.

For information on what the Directory Server schema is and what it is used for, refer to the Directory Server Deployment Guide.

For information on the object classes in the schema, see Appendix A, "Object Classes."

 

Attribute Definitions

The following define the attributes used to describe an entry in the directory tree. To determine which attributes are required and allowed for each object class, see Appendix A, "Object Classes."

Each attribute has a corresponding syntax definition that describes the nature of the attribute information. This syntax is important only when the Directory Server is performing sorting and pattern matching; there is nothing to otherwise prevent you from, for example, placing a telephone number on an attribute that expects a distinguished name.

The possible attribute syntaxes are:

The base OID for the Fedora Directory Server is: 


2.16.840.1.113730.3
All Netscape|Red Hat defined attributes have the base: 


2.16.840.1.113730.3.1
abstract

Provides an abstract of a document entry.

Syntax: cis

accountUnlockTime

Defines, in seconds, the time until a user's account is unlocked after a specified number of failed attempts to bind to the directory.


	accountUnlockTime: 600
OID: 2.16.840.1.113730.3.1.95

Syntax: cis operational

aci

Stores the Directory Server access control information for this entry. For example:


	aci: (target="ldap:///o=Example.com")(version 3.0;
	 acl "anonymous access"; allow (read, search, compare)
	 userdn=ldap:///self;)
OID: 2.16.840.1.113730.3.1.55

Syntax: bin

This attribute is a Netscape|Red Hat extension to the standard LDAP schema.

administratorContactInfo

Provides a URL to information about the person responsible for administering the server. This attribute is a Netscape|Red Hat extension used by the netscapeServer object class. Normally this attribute and this attribute value is written to the directory when a server is initially installed. For example:


	administratorContactInfo: ldap://uid=ssarette, o=Example.com
OID: 2.16.840.1.113730.3.1.74

Syntax: cis

adminUrl

Provides the URL to the administration server through which you can manage the server. This attribute is a Netscape|Red Hat extension used by the netscapeServer object class. Normally this attribute and this attribute value is written to the directory when a server is initially installed. For example:


	adminUrl: http://twain.example.com:2468
[...5555 lines suppressed...]
ttl




Contains the time, in seconds, that cached information about an entry
should be considered valid. Once the specified time has elapsed, the
information is considered out of date. A value of zero (0) indicates
that the entry should not be cached.





	timeToLive: 120




or:




	ttl: 120




Abbreviation: ttl

OID: 1.3.6.1.4.1.250.1.60



Syntax: cis



uid




Identifies the entry's userid (usually the logon ID). For example:





	userid: banderson




or:




	uid: banderson




Abbreviation: uid

OID: 0.9.2342.19200300.100.1.1



Syntax: cis



uniqueIdentifier




Identifies a specific item used to distinguish between two entries when
a distinguished name has been reused. This attribute is intended to
detect instance of a reference to a distinguished name that has been
deleted. This attribute is assigned by the server. For example:





	uniqueIdentifier: AAAAAA==




OID: 0.9.2342.19200300.100.1.44

Syntax: cis



uniqueMember




Identifies a group of names associated with an entry where each name
was given a uniqueIdentifier to ensure its uniqueness. A value for the
uniqueMember attribute is a DN followed by the uniqueIdentifier.



OID: 2.5.4.50



Syntax: dn



updatedByDocument




Contains the distinguished name of a document that is an updated
version of the document entry.



Syntax: dn



updatesDocument




Contains the distinguished name of a document for which this document
is an updated version. 



Syntax: dn



userCertificate




Contains a text-encoded version of a user's certificate. Not
recommended; use userCertificate;binary instead.



Syntax: bin



userCertificate;binary




Contains a user's certificate in binary form. For example:





	userCertificate;binary: AAAAAA==




OID: 2.5.4.36

Syntax: bin



userClass




Specifies a category of computer user. The semantics of this attribute
are arbitrary. The organizationalStatus attribute makes no distinction
between computer users and others users and may be more applicable. For
example:





	userClass: intern




OID: 0.9.2342.19200300.100.1.8

Syntax: cis



userPassword




Identifies the entry's password and encryption method in the following
format:





{encryption method}encrypted password




For example:




	userPassword: {sha}FTSLQhxXpA05




OID: 2.5.4.35

Syntax: bin



userSMIMECertificate;binary




Used by Browser for S/MIME. For example:





	userSMIMECertificate;binary: AAAAAA==




OID: 2.16.840.1.113730.3.1.40

Syntax: bin



x121Address




Defines the X.121 address of a person. 



OID: 2.5.4.24



Syntax: ces



x500UniqueIdentifier




Reserved for future use. For example:





	x500UniqueIdentifier: AAAAAA==




OID: 2.5.4.45

Syntax: bin











--- NEW FILE auth.htm ---




Directory Authentication





Authentication



Authentication is the
process of identifying yourself to the Directory Server. The
authentication process enables the Directory Server
to determine what operations you are allowed to perform on the
directory. Note, however, that authentication is not always
necessary; your directory administrator can configure the system
so that permission is not required for some procedures.



By default, access to the directory is denied to all users
with the exception of the directory administrator. The
directory administrator defines the permissions that
grant or remove access to the directory. Because permissions are
determined on a site by site basis, you need to check with your
directory administrator to find out what kind of access you have
to the directory and which operations require authentication, if any.



This chapter contains the following sections:





Understanding Directory Access



One of the key tasks of the directory administrator
is determining which users need access to the directory and the
types of access required. The directory administrator grants and
denies permission to the directory through the use of the access
control mechanism. Using the access control mechanism, the
directory administrator can allow or deny access:



    
    
  • to any unauthenticated user (this is known as anonymous
        access) 
    • 
    
  • to all authenticated users
    • 
    
  • to specific authenticated users or groups
    • 
    
  • from a specific machine or DNS domain
    • 
    
  • at a specific time of day or day of the week
    • 
    
  • based on authentication method
    • 




The specific rights the administrator assigns can vary from
user to user. For example, the administrator usually would grant read
and search access to anonymous users and would grant write access
only to a select group of authenticated users and groups, perhaps only
from specific machines.



The following are just some of the things the directory
administrator can do by applying permissions to the directory.
The directory administrator can:



    
    
  • Require you to authenticate before accessing the
        directory in any way. 
    • 
    
  • Require you to authenticate before accessing certain
        subsections of the directory. 
    • 
    
  • Require you to authenticate before performing certain
        kinds of actions in the directory, such as adding or
        modifying entries. 
    • 
    
  • Deny you access to all or parts of the directory,
        or deny you the ability to perform certain kinds of
        functions. 
    • 
    
  • Allow anonymous access to all or parts of the directory.
    • 
    
  • Allow anonymous access for some kinds of operations (such
        as searches), but not others (such as
        modifications). 
    • 
    
  • Allow or deny access based on the physical machine you
        are currently using. 
    • 




The Directory Server interface has no way of determining if
you are required to authenticate before attempting any directory
access. However, the interface assumes you must authenticate
before modifying the directory tree in any way, and if you are
not currently authenticated, it prompts you for authentication
before you can make any modifications. If you do not
authenticate, you are allowed only to perform the operations
and access the portions of the directory that your directory
administrator has set for anonymous access.





Authenticating to the Directory



In some situations, the Directory Server interface 
automatically prompts you to authenticate before continuing with
an operation. You can also explicitly choose to authenticate by
clicking the Authentication tab. Either way, the
authentication procedure is as follows:



    
    
  1. Click the Authentication tab.
    2. 
    
  2. Enter the name you want to use to identify yourself to
        the Directory Server: 
	  
      
            
    • To authenticate as a regular user, enter your
                full name and click Continue. 
      
                Enter your name as it would appear in the
                Directory Server (your common name or full name).
                Do not enter your user ID or login for the local
                operating system. 
      • 
            
    • To authenticate as the privileged directory user,
                click the "Authenticate as directory manager"
                button.
      • 
        
    
    
    3. 
    
  3. If the Directory Server interface displays a table of
        matching entries, select the link that corresponds to
        your directory entry. If your name is unique in the
        directory, the system skips this step.
    4. 
    
  4. Enter your password and click Continue.
    
        Contact your directory manager if you do not know your
        password. 
    
        After the authentication
        operations complete successfully, the interface displays
        a message indicating the amount of time for which your
        authentication credentials are valid. When this time has
        elapsed, you need to reauthenticate to the directory
        to continue your session. If your password has already
	expired you should either change
	it immediately or contact your system administrator.
    5. 
    
  5. Click "Return to Main" to continue your
        Directory Server interface session. 
    6. 




Logging Out of the Directory



If you have authenticated to the Directory Server and
want to return to anonymous access, do the following:



    
    
  1. Click the Authentication tab.
    2. 
    
  2. Click the "Discard Authentication Credentials (log out)"
        button. 
    3. 




You are returned to anonymous access. To change from one type of 
access to another, you must authenticate to the Directory Server again. See Authenticating as a User or Authenticating as Directory Manager for
more information. 



Reauthenticating to the Directory



When you authenticate to the directory, you are given
authentication credentials that are good only for a specific
amount of time. By default, authentication credentials are valid
for 120 minutes. However, this period is configurable by the directory administrator.
If your authentication credentials expire before you have
finished using the Directory Server interface, you must
reauthenticate to the directory before your changes can be saved.
The procedure for reauthenticating to the directory is the same
as the procedure you originally used to authenticate
to the directory.



Problems Caused by Incorrect
Authentication



When you are not authenticated to the Directory Server, you are
accessing the directory as an anonymous user. The types of
operations you can perform as an anonymous user depend on the
access controls set by your directory administrator. You
may notice strange behavior when you try to perform a directory
operation, such as a search. Although not explicitly stated
by the Directory Server interface, the anomalies you encounter are
often caused by improper authentication. The interface does not provide
this information because doing so could compromise security.



The following table lists symptoms of some common
problems along with the possible causes and the
action you can take to fix the problem.




    

        Symptom
        Cause
        Action
    

    

        Search results are empty
        Either no entries match
        the search string you entered, or you are required to
        authenticate to the directory before performing this type of search
        operation.
        Try a different search
        operation. Or, if you are sure that there are entries
        that match the criteria you entered, authenticate
        to the directory.
    

    

        Search results missing
        entries or missing attribute information from returned
        entries.
        Either you are not authenticated
        properly or you do not have access to the information.
        The directory administrator can specify that all or parts
        of the directory tree require authentication to access
        entries, or even certain entry attributes. In this situation,
	  the Directory Server does not indicate that the
        information exists and that you do not have 
        privileges to access it. Instead, it simply acts as if
        the information does not exist at all. This behavior is
        driven by the concern that knowing certain information
        exists in the tree, even if you are not allowed to see
        it, can pose a security risk. 
        Make sure you are properly authenticated. Then, verify with
        your directory administrator that you have access to the
        directory information you need.
    

    

        Operation fails after
        completion
        The directory is failing the operation
        because of improper authentication. Although, it may seem as if
        the interface's form action is failing the
        operation, the form is only passing the operation to the
        Directory Server, which is then failing the operation.
        The Directory Server interface simply reports the results
        of the operation. This occurs because the LDAP protocol
        does not currently allow the interface to know whether
        authentication is required before trying an operation.
        Using the interface, this situation can only arise
        if your authentication times out while you are creating
        or modifying the directory entry. 
        Make sure you are properly authenticated and that your authentication
	  has not timed out. 
    

    

        A table of entries is
        displayed during the authentication process
        Either your full name is not unique in
        the directory, or the name you entered does not exist in
        the directory.
        If your entry is displayed
        on the table, select the corresponding link and continue
        with the authentication process.
If
        your entry is not displayed on the table, click Cancel
        and then try authenticating
        again. Be sure to use your full name and not your user
        ID.

        		
    

    

        Username is correct, but
        authentication fails anyway
        Your password is incorrect. 
If you
        enter a valid username but an incorrect password, and the
        username you supplied represents an NT person entry, the
        Directory Server attempts to authenticate you to the
        Windows network. 

        
If that is not successful or the user name you
        supplied does not represent an NT person entry, you are
        given the choice to retry, close the window, or seek
        help.

        		
        Click Retry
        and then reenter your password.
    





??





--- NEW FILE contents.html ---



   
   
   Contents





Contents




Chapter 1 Introduction to the Directory Server Interface




Chapter 2 Searching the Directory Tree






Standard Search






Performing a Standard
Search






Searching for Names




Searching for Names with Initials



Searching for Phone Numbers

Searching for E-mail Addresses

Using Search Filters






Advanced Search






Performing an Advanced
Search




Advanced Search Examples






Viewing Search Results






No Matches




A Single Match




Multiple Matches




Other Problems



Viewing a vCard


Chapter 3 Adding Entries






New Entry Guidelines






Directory Tree Structure




Distinguished Name Syntax




Unique Distinguished Names






Adding a Person




Adding an NT-Person




Adding a Group




Adding an NT-Group




Adding an Organizational Unit




Adding a Domain




Adding an Organization






Chapter 4 Editing Entries






Editing People





Adding Values to the Manager and Admin
Fields






Editing NT-people




Editing Groups






Adding Values to the Owner, See Also, and Group
Member Fields






Editing NT-Groups




Editing Organizational Units




Editing Domains




Editing Organizations




Renaming Entries




Deleting Entries




Changing Passwords






Chapter 5 Authentication






Understanding Directory Access




Authenticating to the Directory




Logging Out of the Directory




Problems Caused by Incorrect Authentication









--- NEW FILE dn.htm ---




   
   













Distinguished Names



Distinguished
Names (DNs) are the string representation for entry names in the Directory
Server database. You use DNs to name entries when you add entries to the
directory, add members to groups, etc..



A DN can consist of virtually any attributes you
wish to use. The only caveat is that if schema checking is turned on, then
the attributes must be recognized by the Directory Server (if you do not
know whether schema checking is turned on in the server, contact your directory
manager, or consult the Netscape Directory Server Administrator's Guide
for more information).



Traditionally, a DN consists of:



    

    


  • A common name followed by
    • 


  • a list of regional or organizational attributes followed by
    • 


  • a country designation.
    • 




This string of identifying attributes uniquely
locates the entry within your Directory Server database. If you choose,
you can also use this naming structure to uniquely identify your entries
within the global directory tree as defined in the X.500 standard.



Because a DN represents a path through the directory
tree, the DN components are order-dependent. For example, the following
DNs do not represent the same entry:






          cn=Ralph Swenson, ou=Accounting, o=Example Corp, c=US
          cn=Ralph Swenson, o=Example Corp, ou=Accounting, c=US







Distinguished Name syntax



The traditional syntax for a DN string representation
is as follows:






    

    cn=common name, [street=address, l=locality, st = state or province,
ou=organizational unit, o=organization], c=country name

    




Generally a DN begins with a specific common name,
and proceeds with increasingly broader areas of identification until the
country name is specified. Note, however, that the actual DN attributes
you use, and the order in which you choose to specify them, is up to you
and how you want to organize your database. The only real requirement is
that DN attributes must be separated by a comma (,) and can optionally
use a space ( ) following the separator.






Distinguished Name attributes



The various standard attributes that comprise
a DN are as follows:








Attribute

Name

Definition





c

country

Identifies the name of the country under which
the entry resides. For example,

    

    


  • c=US
    • 


  • c=GB
    • 








cn

common name

Required attribute that identifies the person
or object defined by the entry. For example:

    

    


  • cn=Wally Henderson
    • 


  • cn=Database Administrators
    • 


  • cn=printer3b
    • 








l

locality

Identifies the locality in which the entry resides.
The locality could be a city, county, township, or other geographic region.
For example:

    

    


  • l=Tucson
    • 


  • l=Pacific Northwest
    • 


  • l=Anoka County
    • 








o

organization

Identifies the organization in which the entry
resides. For example:

    

    


  • o=Netscape Communications Corp
    • 


  • o=Public Power & Gas
    • 








ou

organizational unit

Identifies a unit within the organization. For
example:

    

    


  • ou=Sales
    • 


  • ou=Manufacturing
    • 








st

state or province name

Identifies the state or province in which the
entry resides. For example:

    

    


  • st=Iowa
    • 


  • st=British Columbia
    • 








street

street address

Identifies the street address at which the entry
resides. For example:

    

    


  • street=494 Rice Creek Terrace
    • 






















Distinguished Name examples



The following are some examples of DNs:






    

    cn=Wally Henderson,ou=Product Development,o=Example Corp,st=Minnesota,c=US

    







    

    cn=Retch Sweeny, ou=Product Test, o=Example Corp, st=Michigan, c=US

    







    

    cn=printer3b, l=room 308, o=Example Corp, c=US

    










--- NEW FILE filters.htm ---




   
   













Search Filters 



This chapter
describes search filters and how searches
work.






Search Filters



To narrow a search, you can specify search filters
directly to the Smart Search field. If
the search field contains an equal sign (=), Smart Search assumes the value
is a search filter, and it uses this filter directly to perform the search.



Search filters use the value of an attribute to
select the entries to be returned for Smart Search. For example, the following
filter specifies a search for a common name equal to Babs Jensen:






    

      

      cn=babs jensen

      

    







Search Filter Syntax



The basic syntax of a search filter is:








For example: 






    

      

      employeenumber >= 100 

      

    




In the example above, employeenumber
is the attribute, >= is the operator, and 100 is the value.




You can also define filters that use combinations
of different attributes. 






Using Attributes in a Filter



When searching for an entry, you can specify attributes
associated with that type of entry. For example, when you search for entries
about people, you can use the cn attribute to search for people
with specific common names. 



Examples of attributes for entries about people
might include: 



    

    


  • cn (the person's common name) 
    • 


  • telephonenumber (the person's phone number) 
    • 


  • employeenumber (the person's employee number) 
    • 


  • l (the person's location) 
    • 




For a listing of the attributes associated with
entries, see Appendix?A, "Entries
and attribute fields". Note that you need to use the internal
attribute names in search filters. 






Using Operators in a Filter



An operator defines one of the following types
of searches: 








Search type 

Operator 

Description 





Equality 

= 

Returns entries containing attributes which match
the specified value. For example, 

    

    cn=Bob Johnson
    








Substring 

=<string>*<string> 

Returns entries containing attributes containing
the specified substring. For example, 

    

    cn=Bob*
    


    cn=*Johnson
    


    cn=*John*
    


    cn=B*John
    








Greater than or equal to 

>= 

Returns entries containing attributes that are
greater than or equal to the specified value. For example, 

    

    employeenumber >= 100
    








Less than or equal to 

<= 

Returns entries containing attributes that are
less than or equal to the specified value. For example, 

    

    employeenumber <= 100
    








Presence 

=* 

Returns entries containing the specified attribute.
For example, 

    

    cn=*
    


    telephonenumber=*
    


    manager=*
    








Approximate 

~= 

Returns entries containing the specified attribute
that is approximately equal to the specified value. For example, 

    

    cn~=surette
    


    l~=san fransico
    



















For more information on these types of searches,
see "How searching works."







Using Multiple Search Filters



You can combine different search filters by using
boolean operators. Use the operators in prefix notation as follows:






    

    (boolean_operator((filter)(filter)(filter)...))

    




where boolean_operator is any one of the boolean
operators. For example: 






    

    (&(ou=Marketing)(cn=Ray*))

    




In the example above, the combination of filters
finds entries whose organizational unit is Marketing (ou=Marketing)
and whose common name starts with Ray (cn=Ray*). The boolean operator
for "And" (&) is used in prefix notation, which
means that it precedes the search criteria. 



In addition, you can nest boolean operators to
form complex expressions, such as:






    

    (boolean_operator(filter)((boolean_operator(filter)(filter)))

    







Boolean Operators



The boolean operators available for use with search
filters are: 








Operator 

Symbol 

Description 





And 

& 

All specified filters must be true for the statement
to be true. For example, 

    

    (&(filter1)(filter2)(filter3)...)
    




Filter1, filter2, and filter3 must all be true
for an entry to match.







Or 

| 

At least one specified filter must be true for
the statement to be true. For example, 

    

    (|(filter1)(filter2)(filter3)...)
    




If any of filter1, filter2, or filter3 match,
the entry is returned.







Not 

! 

The specified statement must not be true for
the statement to be true. Note that only one filter is affected by the
not operator. For example, 

    

    (!(filter))
    




Any entry not matching the filter is returned.





















Search Filter Examples



The following filter searches for entries containing
the manager attribute. This is also known as a presence search:






?manager=*




The following filter searches for entries containing
the common name of Ray Kultgen. This is also known as an equality search:






?cn=Ray Kultgen




The following filter returns any entries that
do not contain the common name of Ray Kultgen:






?(!(cn=Ray Kultgen))




The following filter returns any entries that
contain a description attribute with a substring of X.500:






?description=*X.500*




The following filter returns any entries whose
organizational unit is Marketing and whose description field does not contain
the substring X.500:






?(&(ou=Marketing)(!(description=*X.500*)))




The following filter returns any entries whose
organizational unit is Marketing and who have Julie Fulmer or Cindy Zwaska
as a manager:






?(&(ou=Marketing)(|(manager="cn=Julie Fulmer,ou=Marketing,o=Example Corp,c=US")
(manager="cn=Cindy Zwaska,ou=Marketing,o=Example Corp,c=US")))




The following filter returns any entries that
do not represent a person:






?(!(objectclass=person))




The following filter returns any entries that
do not represent a person and whose common name is approximately printer3b:






?(&(!(objectclass=person))(cn~=printer3b))







How Searching Works








Note: 










The Directory Server interface is actually a collection of forms and
CGI programs that operate independently from the Directory Server. This
interface acts as an LDAP client to the Directory Server. 





The following section explains what happens when
you search the Directory Server:



    

    


  1. When you submit the form, you send a search filter to the Directory
Server. 
    2. 


  2. The Directory Server examines the incoming request to verify that the
information is in the local directory. If the information is not in the
local directory and the Referral parameter is set for the server, the Directory
Server returns the URL for the other Directory Server where the client
can attempt to pursue the request. 
    3. 


  3. The Directory Server generates a list of entries from the directory
tree. The Directory Server then examines each of the candidate entries
to see if any entry matches the search criteria. Matching entries are returned
to the Directory Server interface as each is found. This
process continues until the Directory Server either has examined all applicable
entries, or until it reaches one of the following limits: 
    4. 


      

      


    • The maximum number of entries that can be returned in response to a
search 
      • 


    • The maximum amount of time that can be taken for a search 
      • 


    • The maximum number of entries that can be examined during a search

      • 

    




Your administrator can configure these settings.
For more detailed information on the searching algorithm, see the Netscape
Directory Server Administrator's Guide. 



The rest of this section explains how approximate
searches work and how substring searches work. 






How Approximate ("sounds like") Searches Work



The approximate search finds a word that "sounds
like" the value you enter. In the Advanced Search interface, the approximate
search corresponds to the "sounds like" search type. 



For example, an entry may include the attribute
value cn=Robert E Lee. An approximate search allows you to find this entry
by specifying Robert Lee, Robert, or Lee. Similarly, a search for the location
approximately equal to San Fransico (l~=San Fransico; note the misspelling)
would return entries including locations exactly equal to San Francisco
(l=San Francisco).



The Directory Server treats each value in an entry
as a sequence of words and generates a phonetic code for each word. When
you enter a value in an approximate search, the Directory Server also translates
the value to a sequence of phonetic codes. An entry is considered to match
a query if:



    

    


  • All of the codes in your search criteria are present in the codes generated
for the entry. 
    • 


  • All of the codes in your search criteria are specified in the same
order as the codes generated for the entry. 
    • 




For example: 








Name in the directory 

(Phonetic code) 		

Your search string 

(Phonetic code) 		

Match comments 





Alice B Sarette

(ALS B SRT) 		

Alice Sarette

(ALS SRT) 		

Matches. Codes are specified in the correct order.








Alice Sarrette

(ALS SRT) 		

Matches. Codes are specified in the correct order
despite the misspelling of Sarette. 







Surette

(SRT) 		

Matches. The generated code exists in the original
name despite the misspelling of Sarette. 







Bertha Sarette

(BR0 SRT) 		

No match. The code BR0 does not exist in the
original name. 







Sarette, Alice

(SRT ALS) 		

No match. The codes are not specified in the
correct order. 



















How Substring Searches Work



The substring search finds entries that contain
the value you have entered. In the Advanced Search interface, the substring
search corresponds to the "starts with", "contains",
and "ends with" search types. 



For example, searches of the form:



    

      

      cn=*derson
      

      

    




would match the common names containing strings
such as:






    

      

      Bill Anderson
Jill Anderson
Steve Sanderson

      

    




and so forth. Similarly, the search for



    

      

      telephonenumber= *555*
      

      

    




would return all the entries in your directory
with telephone numbers that contain 555.






--- NEW FILE index.html ---










Symbols




! (boolean operator)?28
& (boolean operator)?28
<= (search filter operator)?27
= (search filter operator)?26
=* (search filter operator)?27
>= (search filter operator)?27
@ symbol in search criteria?17
| (boolean operator)?!
 28
~= (search filter operator)?27




A




access control?51


directory manager?56
setting up anonymous access?55


adding


entries?33
groups?37
NT-people?35
organizational units?38
organizations?38
people?34


Admin (attribute field)?65
Advanced Search?18


examples of?22
Find field?19
specifying the attribute used?20
specifying the type of search?21
type field?21
where field?20


anonymous access?55
approximate search?22


how it works?30


attribute fields?64


defined?58


attributes


searching based on an attribute's value?20
using in search filters?26


authentication?6, 51


as the directory manager?56
no matching entries found?23
performing?52
setting up anonymous access?55







B




bin (attribute field format)?65
boolean operators?27, 28
Business Category (attribute field)?65
businessCategory (attribute internal ID)?65




C




c (attribute in a distinguished name)?10
Car License (attribute field)?65
carLicense (attribute internal ID)?65
ces (attribute field format)?65
changing a person entry's password?41
changing an NT-person password?43
changing passwords?49
cis !
 (attribute field format)?65
cn (attribute in a distinguished name)?10
cn (attribute internal ID)?67
common names?15
commonName (attribute internal ID)?67
"contains" search?22


how it works?31


Create New NT Account (attribute field)?66




D




Delete NT Account if Person Deleted (attribute field)?66
deleting


entries?49
group entries?44
NT-people entries?43
organization entries?46
organizational unit entries?45
people's entries?41


departmentNumber (attribute internal ID)?66
Dept# (attribute field)?66
Description (attribute field)?66
description (attribute internal ID)?66
Directory Server?5


access control?6, 51
adding a group?37
adding a person?34
adding an NT-person?35
adding an organization?38
adding an organizational unit?38
adding entries?5, 33
authenticating to?6
authentication?51
changing NT-person passwords?43
changing passwords?49
changing people passwords?41
defined?5
deleting a group entry?44
deleting a person's entry?41
de!
 leting an NT-person entry?43
deleting an organization entry?46
deleting an organizational unit entry?45
deleting entries?5, 49
editing a group's entry?44
editing a person's entry?41, 43
editing an NT-person's entry?43
editing an organization entry?46
editing an organizational unit entry?45
interface defined?29
modifying entries?5
organization of data in?7
permissions?53
renaming a group entry?44
renaming a person's entry?41
renaming an NT-person entry?43
renaming an orga!
 nizati
entry?46
renaming an organizational unit entry?45
renaming entries?5, 47
searching?5, 13
security?6, 51
tree hierarchy?7


directory service


defined?6


distinguished name (DN)


defined?9
examples of?11
standard attributes?10
syntax?9


dn (attribute field format)?65




E




editing


entries?41
group entries?44
NT-person entries?43
organization entries?46
organizational unit entries?45
people's entries?41, 43


E-Mail Address (attribute field)?66
e-mail addresses


searching for?17


Emp# (attribute field)?67
employeeNumber (attribute internal ID)?67
"ends with" search?22


how it works?31


entries


adding?5, 33
deleting?5, 49
editing?41
modifying?5, 41
renaming?5, 47
searching for types of?14

entry types?58


defined?58


exact match search?22




F




facsimileTelephoneNumber (attribute internal ID)?67
Fax (attribute field)?67
fax (attribute internal ID)?67
Find field


Anything?15, 19
Groups?14, 19
in Advanced Search?19
in Smart Search?14
NT-people?14
Org_Units?14, 19
Organizations?14, 19
People?14, 19


First Name (attribute field)?67
Full Name (attribute field)?67




G




givenName (attribute internal ID)?67
Group (entry type)?62
Group Members (attribute field)?68




I




internal attribute ID?64
"is not" search?22
"is" search?22




L




l (attribute in a distinguished name)?10
l (attribute internal ID)?68
labeledURI (attribute internal ID)?72
Last Name (attribute field)?68
Lightweight Directory Access Protocol (LDAP)?6
localityName (attribute internal ID)?68
Location (attribute field)?68




M




mail (attribute internal ID)?66
Mailing Address (attribute field)?68
Manager (attribute field)?69
manager (attribute internal ID)?69
member (attribute internal ID)?68
mobile (attribute internal ID)?69
Mobile Phone (attribute field)?69
mobileTelephoneNumber (attribute internal ID)?69
modifying


entries?41
group entries?44
NT-people entries?43
organization entries?46
organizational unit entries?45
people's entries?41, 43


multiple search filters?27




N




Name (attribute field)?69
NT Domain Name (attribute field)?69
NT User Id (attribute field)?70
NT-person (entry type)?60
NTUserCreateNewAccount (attribute internal ID)?66
NTUserDelete (attribute internal ID)?66
NTUserDomainId (attribute internal ID)?70
numbers in search criteria?17




O




o (attribute in a distinguished name)?11
o (attribute internal ID)?70
Organization (entry type)?64
Organization Name (attribute field)?70
Organizational Unit (attribute field)?71
Organizational Unit (entry type)?63
organizationalUnitName (attribute internal ID)?71
organizationName (attribute internal ID)?70
ou (attribute in a distinguished name)?11
ou (attribute internal ID)?71
Owner (attribute field)?70
owner (attribute internal ID)?70




P




Pager (attribute field)?70
pager (attribute internal ID)?70
pagerTelephoneNumber (attribute internal ID)?70
passwords


changing?41, 43, 49


permissions?53
Person (entry type)?59, 60
Phone (attribute field)?71
postalAddress (attribute internal ID)?68




R




renaming


entries?47
group entries?44
NT-people entries?43
organization entries?46
organizational unit entries?45
people's entries?41


Room Number (attribute field)?71
roomNumber (attribute internal ID)?71




S




search filters?17, 25


basic syntax?25
combining multiple?27
examples?28
syntax for multiple filters?27
using attributes?26
using operators?26


search results?23
search types


approximate?27
equality?26
exact match?26
numeric comparisons?27
presence?27
search filter operators and?26
specifying in Advanced Search?21
substring?26


searching?5, 13


case-sensitivity and?15
for all types of entries?15, 19
for an exact match?15
for e-mail addresses?17
for groups?14
for names?15
for NT-people?14
for num!
 bers?17
for organizational units?14, 19
for organizations?14, 19
for people?14, 19
for specific types of entries?14
for words that sound alike?15
how it works?29
using Advanced Search?18
using filters?17
using initials?16
using Smart Search?13
working with results?23


searching for groups?19
secretary (attribute internal ID)?65
security?51


directory manager?56


See Also (attribute field)?71
seeAlso (attribute internal ID)?71
Smart Search?13


Find field?14
search filters?25
searching for e-mail addresses?17
searching for names?15
searching for names with initials?16
searching for numbers?17
using search filters?17


sn (attribute internal ID)?68
"sounds like" search?22


how it works?30


st (attribute in a distinguished name)?11
"starts with" search?22


how it works?31


street (attribute in a distinguished name)?11
substring search?22


defined?15
how it works?31


surname (attribute internal ID)?68




T




tel (attribute field format)?65
telephoneNumber (attribute internal ID)?71
Title (attribute field)?71
title (attribute internal ID)?71
type field


in Advanced Search?21






U




uid (attribute internal ID)?70, 72
Unit Name (attribute field)?71
URL (attribute field)?72
User ID (attribute field)?72
userid (attribute internal ID)?72




W




where field


in Advanced Search?20
options for finding anything?21
options for finding groups?20
options for finding organizations?21
options for finding people?20





--- NEW FILE index.map ---
; --- BEGIN COPYRIGHT BLOCK ---
; This Program is free software; you can redistribute it and/or modify it under
; the terms of the GNU General Public License as published by the Free Software
; Foundation; version 2 of the License.
; 
; This Program is distributed in the hope that it will be useful, but WITHOUT
; ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
; FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
; 
; You should have received a copy of the GNU General Public License along with
; this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
; Place, Suite 330, Boston, MA 02111-1307 USA.
; 
; In addition, as a special exception, Red Hat, Inc. gives You the additional
; right to link the code of this Program with code not covered under the GNU
; General Public License ("Non-GPL Code") and to distribute linked combinations
; including the two, subject to the limitations in this paragraph. Non-GPL Code
; permitted under this exception must only link to the code of this Program
; through those well defined interfaces identified in the file named EXCEPTION
; found in the source code files (the "Approved Interfaces"). The files of
; Non-GPL Code may instantiate templates or use macros or inline functions from
; the Approved Interfaces without causing the resulting work to be covered by
; the GNU General Public License. Only Red Hat, Inc. may make changes or
; additions to the list of Approved Interfaces. You must obey the GNU General
; Public License in all respects for all of the Program code and other code used
; in conjunction with the Program except the Non-GPL Code covered by this
; exception. If you modify this file, you may extend this exception to your
; version of the file, but you are not obligated to do so. If you do not wish to
; provide this exception without modification, you must delete this exception
; statement from your version and license this file solely under the GPL without
; exception. 
; 
; 
; Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
; Copyright (C) 2005 Red Hat, Inc.
; All rights reserved.
; --- END COPYRIGHT BLOCK ---
;
; -------------------------------------------MAPPINGS
; CGIScriptName = HTMLfile#AnchorName
; last update, sarette 10/10
;-------------------------------------------PROGRAMS
;
;
SEARCHING	= search.htm
SMARTSEARCH	= search.htm#Performing a Standard Search
ASEARCH		= search.htm#Performing an Advanced Search

AUTHENTICATING	= auth.htm
AUTHHELP_ID 	= auth.htm#userauth
AUTHHELP_PW	= auth.htm#userauth
UNAUTH		= auth.htm#logout
AUTHPROBLEM	= auth.htm#incorrectauth
AUTHSUCCESS	= auth.htm#authsuccess
AUTHEXPIRED	= auth.htm#reauth
AUTHMULTMATCH	= auth.htm#userauth

EDITING		= mod.htm
EDIT_GROUP	= mod.htm#groups
EDIT_NTGROUP    = mod.htm#NTgroups
EDIT_GROUPMEM   = mod.htm#addowner
EDIT_PERSON	= mod.htm#people
EDIT_NTPERSON	= mod.htm#ntpeople
EDIT_ORG	= mod.htm#o
EDIT_ORGPERSON	= mod.htm#people
EDIT_ORGUNIT	= mod.htm#ou
MODIFYPASSWD	= mod.htm#changepw
EDIT_PERSON_REF = mod.htm#addmanager

ADDING		= add.htm
ADD_NOPARENT	= add.htm#tree
ADD_GROUP	= add.htm#group
ADD_NTGROUP     = add.htm#NTgroup
ADD_PERSON	= add.htm#person
ADD_NTPERSON	= add.htm#NTperson
ADD_ORG		= add.htm#o
ADD_ORGPERSON	= add.htm#person
ADD_ORGUNIT	= add.htm#ou
ENTRYEXISTS     = add.htm#uniqueDN

contents 	= contents.html


--- NEW FILE intro.htm ---



Introduction to the Netscape Directory Server Interface





Introduction to the Directory Server Interface



The Netscape Directory Server is a robust, scalable server for storing, querying, and 
managing an enterprise-wide directory of users and information. Using the Directory Server, corporate IS organizations can manage
information from a single point of control, and employees can retrieve this information from multiple network locations.



The directory server provides a simple interface to 
corporate user information. From this interface, you can:



    

    
    
  • Search the directory for
        information about users and resources. For example,
        you can search for an employee's email address or phone
        number. You can find more information about searching the
        directory in Chapter??2,
        "Searching the Directory Tree."
    • 

    
    
  • Create a new entry in the
        directory. For example, you can add information about
        a new employee, such as the employee's name and phone
        number. This feature is usually reserved only for
        users who have authenticated properly to the Directory
        Server, and who have been granted write permissions by
        the directory administrator. For information about adding
        new users, groups, organizational units, and
        organizations to the directory, see Chapter??3,
        "Adding Entries."
    • 

    
    
  • Modify existing entries in the
        directory. For example, if you have the appropriate
	  permissions, you can change existing values to entry
 	  attributes, delete the entire entry, rename the entry,
	  or change the password for the entry.
        This feature is usually reserved only for users who have been
	  granted write permissions by the directory administrator, and 
        have authenticated properly to the Directory Server. For
        instructions on updating information about users, groups,
        organizational units, and organizations, see Chapter??4, "Editing
        Entries."
    • 

    
    
  • Authenticate to the
        Directory Server. If your directory manager has made
        authentication a requirement for accessing or writing to the Directory
        Server, you may need to enter your user name and password.
	  While the exact authentication requirements 
        vary from site to site, the Directory Server typically
        requires authentication only if you are adding,
        modifying, or deleting an entry in the directory. For
        details on authenticating to the Directory Server, see Chapter??5, "Authentication."
    • 




 





--- NEW FILE mod.htm ---




  Editing Directory Entries



Editing Entries

You can modify existing entries in
the directory using the Directory Server interface. Modify an entry
by searching
for the entry, viewing
it, and then clicking the edit button.

If you have not authenticated
before
you attempt to edit an entry, or if your authentication has expired,
the
Directory Server prompts you to authenticate before continuing.



You can edit:





Editing People

To edit a person's entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit Person button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the person's entry, type the value you desire for each
field. You must supply values for the required fields. The required
fields
for a person are:
    6. 
  
  
  6. You can provide values for the optional fields now, or edit them
later.
The optional fields for a person are:
    7. 
  
     
    
  
    
  
    
    
      
    
        First
Name 
        Phone 
        Email
Address 
      
    
      
    
        Fax 
        User
ID 
        Pager 
      
    
      
    
        Mobile
Phone 
        Business
Category 
        Title 
      
    
      
    
        Organizational
Unit 
        Manager 
        Room
Number 
      
    
      
    
        Admin 
        Dept# 
        Emp# 
      
    
      
    
        Car
License# 
        Mailing
Address 
        Description 
      
    
      
    
        See
Also 
        URL 
        Password 
      
    
        
  
    
  
    
  
     
    
  
  7. You may add
values to the Manager and Admin
fields by clicking the corresponding Edit button.
    8. 
  
  8. You may add
values to the See Also field
by clicking the corresponding Edit button.
    9. 
  
  9. When you are done editing the fields, click Save Changes.
    10. 


>From this window you can also:


Adding Values to the Manager and Admin
Fields

When you click the Edit button in the Manager or Admin field,
a new form that allows you to add or delete the corresponding
attribute value is displayed. To add an individual to the Manager or
Admin attribute,
do the following:

    
  
  1. In the text box, enter a search string to be used to locate the
entry
of
the person who is the manager or admin. Enter any of the following:
    2. 
  
      
    
    • A name. Enter a full name or a partial name. All entries that
equally
match
the search string are returned. If no such entries are found, all
entries
that contain the search string are returned. If no such entries are
found,
any entries that sound like the search string are returned.
      • 
    
    • A user ID (if you are searching for user entries).
      • 
    
    • A telephone number. If you enter only a partial number, any
entries
that
have telephone numbers ending in the search number are returned.
      • 
    
    • An email address. Any search string containing an at (@) symbol
is
assumed
to be an email address. If an exact match cannot be found, then a
search
is performed to find all email addresses that begin with the search
string.
      • 
    
    • An asterisk (*) to see all of the entries or groups currently
residing
in your directory.
      • 
    
    • Any LDAP
search filter. Any string that
contains an equal sign (=) is considered to be a search filter.
      • 
  
    
  
  2. Click "Find and Add" to find the matching entry and add it to the
list. If any entries that you do not want to designate as manager
or admin are listed, click the box in the "Remove from list" column.
You can
also construct a search filter to match the entries you want removed
and
then click "Find and Remove."
    3. 
  
  3. When the list of group members is complete, click Save Changes.
The currently displayed entry is now the value for the manager or admin
attribute field.
    4. 




Editing NT People

To edit an NT person's entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit NT Person button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the person's entry, type in the new value for each
field. You must supply values for the required fields. The required
fields
for an NT person are:
    6. 
  
  
  6. You can provide values for the optional fields now, or add them
later.
The optional fields for an NT person are:
    7. 
  
     
    
  
    
  
    
    
      
    
        First
Name 
        Phone 
        Email
Address 
      
    
      
    
        Fax 
        Directory
Server Password 
        Pager 
      
    
      
    
        Mobile
Phone 
        Business
Category 
        Title 
      
    
      
    
        Organizational
Unit 
        Manager 
        Room
Number 
      
    
      
    
        Admin 
        Dept# 
        Emp# 
      
    
      
    
        Car
License# 
        Mailing
Address 
        Description 
      
    
      
    
        See
Also 
        URL 
        User
Id 
      
    
        
  
    
  
    
  
     
    
  
  7. You can also change the value for the Delete
NT Account if Person deleted option.
    8. 
  
  8. To add
values to the Manager and Admin
fields, click the corresponding Edit button.
    9. 
  
  9. To add
values to the See Also field,
click the corresponding Edit button.
    10. 
  
  10. When you are done editing the fields, click Save Changes.
    11. 


>From this window you can also:


Editing Groups

To edit a group entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit Group button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the group's entry, type the new value for each
field. You must supply values for the required field, Name.
  
    6. 
  
  6. You can provide values for the optional fields now, or edit them
later.
The optional fields for a group are:
    7. 
  
     
    
  
    
  
    
    
      
    
        Description 
        Owner 
      
    
      
    
        Group
Members 
        See
Also
      
    
        
  
    
  
    
  
     
    
  
  7. To add
values to the See Also, Owners, and Group
Members fields click the corresponding Edit button.
    8. 
  
  8. When you are done editing the fields, click Save Changes.
    9. 


>From this window you can also:


Adding Values to the Owner, See Also, and
Group Member Fields

When you click the Edit button for Owner, See Also, or Group
Members, a new form that allows you to add or delete members is
displayed.
An owner, see also, or group member can be either an individual or a
group.
That is, if you add a group as an owner, see also, or group member,
anyone
belonging to the group becomes a member of the list. For example,
if Barbara Jensen is a member of the Marketing Managers group, and you
make
the Marketing Managers group a member of the Marketing Personnel group,
then Barbara Jensen is also a member of the Marketing Personnel group.
To add
members, owners, or see alsos, do the following:

    
  
  1. If you want to add user entries to the list, make sure People is
shown
in the first dialog box. If you want to add group entries to the group,
make sure Group is shown.
    2. 
  
  2. In the second dialog box, enter a search string. Enter any of the
following:
    3. 
  
      
    
    • A name. Enter a full name or a partial name. All entries that
equally
match
the search string are returned. If no such entries are found, all
entries
that contain the search string are found. If no such entries are found,
any entries that sounds like the search string are returned.
      • 
    
    • A user ID, (if you are searching for user entries).
      • 
    
    • A telephone number. If you enter only a partial number, any
entries
that
have telephone numbers ending in the search number are returned.
      • 
    
    • An email address. Any search string containing an at (@) symbol
is
assumed
to be an email address. If an exact match cannot be found, then a
search
is performed to find all email addresses that begin with the search
string.
      • 
    
    • An asterisk (*) to see all of the entries or groups currently
residing
in your directory.
      • 
    
    • Any LDAP
search filter. Any string that
contains an equal sign (=) is considered to be a search filter.
      • 
  
    
  
  3. Click "Find and Add" to find all the matching entries and add
them
to the list. If any entries are shown that you do not want to include
in
the list, click the box in the "Remove from list" column. You
can also construct a search filter to match the entries you want
removed
and then click "Find and Remove."
    4. 
  
  4. When the list of group members is complete, click Save Changes.
The currently displayed entries now belong to the list.
    5. 




Editing NT Groups

To edit an NT group entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit NT Group button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the group's entry, type in the value for each
field. You must supply values for the required fields. The required
fields
for an NT group are:
    6. 
  
  
  6. You can provide values for the optional fields now, or add them
later.
The optional fields for an NT group are:
    7. 
  
     
    
  
    
  
    
    
      
    
        Description 
        Owner 
      
    
      
    
        Group
Members 
        See
Also
      
    
        
  
    
  
    
  
  7. You can also change the value for the Delete
NT Group if Group Deleted option.
    8. 
  
  8. You can add
values to the See Also, Owners, and Group
Members fields by clicking the corresponding "Edit" button.
    9. 
  
  9. When you are done editing, click Save Changes.
    10. 


>From this window you can also:



Editing Organizational Units

To edit an organizational unit, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit Organizational Unit button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the organizational unit's entry, type in the value for
each
field. You must supply values for the required fields.
    6. 
  
  6. The required field for an organizational unit is Unit
Name.
    7. 
  
  7. You can provide values for the optional fields now, or add them
later.
The optional fields for an organizational unit are:
    8. 
  
     
    
  
    
  
    
    
      
    
        Description 
        Phone 
        Business
Category 
      
    
      
    
        Fax 
        Location 
        Mailing
Address 
      
    
      
    
        See
Also 
         
         
      
    
        
  
    
  
    
  
     
    
  
  8. When you are done editing, click Save Changes.
    9. 


>From this window you can also:



Editing Domain Components

To edit a domain, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit Domaincomponent button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the domain's entry, type in the value for each field. You
must
supply values for the required fields.
    6. 
  
  6. The required field for a domain is Domaincomponent
Name.
    7. 
  
  7. You can provide values for the optional fields now, or add them
later.
The optional fields for a domain are:
    8. 
  
     
    
  
    
  
    
    
      
    
        Description
        Phone
        Business
Category
      
    
      
    
        Fax
        Location
        Mailing
Address
      
    
      
    
        See
Also
         
         
      
    
        
  
    
  
    
  
     
    
  
  8. When you are done editing, click Save Changes.
    9. 


>From this window you can also:



Editing Organizations

To edit an organization entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit Organization button.
    4. 
  
  4. If you have not authenticated before you attempt to edit an
entry, or
if
your authentication has expired, the Directory Server prompts you to authenticate
before continuing.
    5. 
  
  5. To edit the organizational unit's entry, type in the value for
each
field. You must supply values for the required fields.
    6. 
  
  6. The required fields for an organization is Organization
Name.
    7. 
  
  7. You may provide values for the optional fields now, or edit them
later.
The optional fields for an organization are:
    8. 
  
     
    
  
    
  
    
    
      
    
        Description 
        Phone 
        Business
Category 
      
    
      
    
        Fax 
        Location 
        Mailing
Address 
      
    
      
    
        See
Also 
         
         
      
    
        
  
    
  
    
  
  8. When you are done editing, click Save Changes.
    9. 



Renaming Entries

To rename an entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit button.
    4. 
  
  4. Enter the new common name for the entry.
    5. 
  
  5. Click Save Changes.
    6. 


Note the following rules about renaming an entry:

    
  
  • You can change only the left-most value in an entry's distinguished
name. This effectively means you can only change the entry's name;
you cannot move the entry to another branch in the directory through
this
mechanism. For example, if you have an entry that has a DN of:
    • 
  
    uid=tandrew, ou=Accounting, o=Example.com
    
you can rename only the user ID (uid) part of this entry. You cannot,
however,
move user tandrew to the Marketing subtree. To do that, you must create
a new entry for tandrew in the Marketing subtree, and then delete his
old
entry in the Accounting tree. 
  • You cannot rename an organizational
unit if it has any entries
below it
in the tree. To rename a branch point in the directory tree, you must
first
delete everything below that point in the tree, and then rename the
entry.
    • 




Deleting Entries

To delete an entry, do the following:

    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit button.
    4. 
  
  4. Click the Delete button.
    5. 


Note that you cannot delete an entry if it has any child entries.
Specifically,
you cannot delete an organizational unit if it has any entries below it
in the tree. To delete a branch point in the directory tree, you must
first
delete everything below that point in the tree, and then delete the
entry.

Changing Passwords

In the Directory Server interface, you can change your own password.
You
can also change another person's password if you are the directory
manager
or an unrestricted user with write privileges to the password
attribute.

To change a password, do the following:



    
  
  1. Search for the entry using the Standard
Search
or Advanced
Search mechanism.
    2. 
  
  2.  View
the entry.
    3. 
  
  3. Click the Edit button.
    4. 
  
  4. Click the Change Password button.
    5. 
  
    
If you are changing your own password, you must enter the old password
for the change command to succeed. (If you are authenticated as
anyone besides the current entry, you are not prompted to enter the
old password.) 
  5. Click the Change Password button.
    6. 






--- NEW FILE objclass.htm ---














Object Classes





This appendix includes information on object class definitions. Most of
the schema elements used in the Directory Server are part of the
standard LDAP protocol, which is in turn based on the X.500 standard.
However, some of the Directory Server's object classes are extensions
created by Netscape for use with its implementation of LDAP. If an
object class was created by Netscape and is not part of the standard
LDAP schema, a note is made in the description of that object class. 

For information on what the Directory Server
schema is and what it is
used for, refer to the Red Hat Directory Server Deployment Guide.



For information on the attributes in the schema, see Appendix
B, "Attributes."



The following types of object classes are described here:





The base OID for the Fedora Directory Server is:




2.16.840.1.113730.3




All Netscape|Red Hat defined object classes have the base:




2.16.840.1.113730.3.2



 


 Groups


The following object classes describe entries
representing an unordered set of names that represent individual
objects or other groups of objects. Membership of a group is static:
only administrative action can modify a group (such as adding a
member), the membership is not determined dynamically each time a
reference is made to the group. Each object class contains attributes
that describe the group and its members. The object classes described
here are groupOfNames,
groupOfUniqueNames,
and NTGroup.

 


 groupOfNames


Defines entries for a group of names. This object
class was inherited from X.500 Directory Services. 



OID: 2.5.6.9


 


  

  
    

       Attribute
      

      		
       Attribute
Description
      

      		
    

    

       cn
      

      		
      (Required) The group's common name.
      

[...8587 lines suppressed...]
    

    

       description
      

      		
      Text description of the room.
      

      		
    

    

       roomNumber
      

      		
      The room's number.
      

      		
    

    

       seeAlso
      

      		
      URL to information relevant to the room.
      

      		
    

    

       telephoneNumber
      

      		
      The room's telephone number.
      

      		
    

  




  
    

      

      		
    

  





 


 simpleSecurityObject


Object class used to allow an entry to contain the
userPassword attribute when an entry's principal object classes do not
allow userPassword as an attribute type. Reserved.



OID: 0.9.2342.19200300.100.4.19


 


  

  
    

       Attribute
      

      		
       Attribute
Description
      

      		
    

    

       userPassword
      

      		
      (Required) The entry's password and
encryption method.
      

      		
    

  




  
    

      

      		
    

  





 


 strongAuthenticationUser


Object class used to store information about clients
and certificates in the directory. This object class was inherited from
X.500 Directory Services. Reserved.



OID: 2.5.6.15


 


  

  
    

       Attribute
      

      		
       Attribute
Description
      

      		
    

    

       userCertificate
      

      		
      Not used.
      

      		
    

    

       userCertificate;binary
      

      		
      (Required) User's certificate in binary
form.
      

      		
    

  




  
    

      

      		
    

  





 



 top


Object class used as a superclass for all other object classes in the
directory. This object class was inherited from X.500 Directory
Services. Reserved.

OID: 2.5.6.0


 


  

  
    

       Attribute
      

      		
       Attribute
Description
      

      		
    

    

       objectClass
      

      		
      (Required) Mandatory attribute for all
object classes.
      

      		
    

    

       aci
      

      		
      Stores the Directory Server access control
information for this entry.
      

      		
    

  




  
    

      

      		
    

  














--- NEW FILE search.htm ---



Searching the Directory Tree





Searching the Directory Tree



The Directory Server
contains information about the people and resources in
your organization. Using the Directory Server interface, you can
easily find the information you need. To simplify the search
process, the Directory Server interface provides two types of
searches:



    
    
  • Standard Search -- Selects an
        appropriate method of searching based on the value you
        specify. For example, if you search for moz at example.com,
        Standard Search searches for matching email
        addresses. 
    • 

    
    
  • Advanced Search -- Provides a
        simple method for searching against specific entry
        attributes. For example, you can specify that you want to
        search for users whose last names start with k and
        whose phone numbers end with 2110. 
    • 




Both types of searches allow you select the type of entry to
search for. You can search for any of the following types of
entries:




    

        Type of Entry
        Description
    

    

        People
        Entries that describe a person. 
    

    

        NT people
        Entries that describe an NT user.
    

    

        Groups 
        Entries that describe a group. Groups
        are collections of one or more directory
        entries. For example, groups may be defined at your site
        that include the System Administrators, the Technical
        Writers, or all the people interested in fishing. Note
        that a group does not always have to identify a
        collection of people. For example, a group could be
        defined that identifies all the color printers or fax machines
	  at your site. Groups can also contain other groups. 
    

    

        NT Groups
        Entries that describe a group of NT users.
    

    

        Organizations
        Entries that describe an organization.
        An organization is usually a single, very
        large organization such as a corporation or a university.
        An organization differs from a group in that a
        group is typically an arbitrary collection of people or
        devices that is subject to change as entities are added
        to or removed from the directory. Organizations, however,
        represent a major, relatively static, subdivision or
        branching of the directory. Additions and
        subtractions of entities within the directory do not usually
	  affect organization entries.
    

    

        Domain Components
        Entries that describe your domain. 
        The Domain Component represents your directory suffix by 
        breaking your domain name into its component parts. In a 
        single enterprise environment, a directory suffix typically 
        aligns with a DNS name or Internet domain name of your 
        enterprise. For example, if your enterprise owns the domain 
        name of example.com, then your directory suffix would be of 
        the form dc=example,dc=com.
    

    

        Org-Units
        Entries that describe an organizational
        unit. Organizational units usually identify major
        subdivisions within a larger organization. In contrast to
        entries from a single, very large organization such as a
        corporation or university, organizational units describe
        smaller organizations such as accounting, marketing, the
        humanities, or Biology. 
    

    

        Anything 
        Any type of entry within the directory
        that matches the search criteria. Use Anything
        if you are unsure of how the directory manager
        represented an entry within the directory. Anything is
        also useful if the type of entry for which you are
        searching is not a person, group, or organization.
    





After the Directory Server completes the search, the Directory
Server interface displays the search results,
which provide links to all matching entries. When you click an
entry displayed on the search results list, the Directory Server
displays detailed information about the entry. If the entry is a
person, you can also choose to view the person's
digital business card, or vCard. Using the vCard, you can
add the person to your Communicator address book with a
click of a button.



Standard Search



Standard search performs different types of searches according to the
nature of the data that you specify. Depending on what
you type in the search field, Standard Search attempts to find
matching names, telephone
numbers, or email addresses. 



Depending on what you enter, Standard Search
determines whether to find entries that exactly match your
criteria, entries that contain your criteria, or entries that
contain words or syllables that sound like your criteria. You can also use
an LDAP (Lightweight Directory Access Protocol) search filter 
in the Standard Search field.



Performing a
Standard Search



    
    
  1. Click the Standard Search tab.
    2. 
    
  2. Select the type of entry you want to
        search for from the Find drop-down list.
    3. 
    
  3. Enter the value you want to find in the "Search
        for" field. The "Search for" field
        is not case sensitive. You can enter any of the following:
	  
    
    4. 
    
  4. Click Submit. 
    
        Once the form data has been submitted to the Directory
        Server, the server searches for any entries
        that exactly match, partially match, or sound like the
        value you supplied. The resulting matches are displayed
        as a search results table.
    5. 




Searching for Names



If the string you specify:



    
    
  • contains characters other than numbers 
    • 
    
  • does not contain an at (@) symbol 
    • 




Standard Search attempts to find full names, first names, or
last names that exactly match, partially match, or sound like the
supplied value.



For example, specifying the string son
could return results such as: 





    
	
  • Gary Stevenson
    • 
	
  • Mary Sun
    • 
	
  • Allison Barker
    • 




Searching for Names with Initials



If you specify a value that includes the following items in
the following order:



    
    
  1. a single letter 
    2. 
    
  2. a space ( ), period (.), or period and space in any order
    3. 
    
  3. one or more characters 
    4. 




then Standard Search executes the search as if you
requested a first initial followed by a last name. For example,
specifying the string "S.Anderson" could return results
such as:



    
    
  • Sally Anderson
    • 
    
  • Steve Anderson
    • 
    
  • Sue Anderson
    • 




Similarly, if you specify a value that has the following items
in the following order:



    
    
  1. more than one character
    2. 
    
  2. a space ( ), period (.), or period and space in any order
    3. 
    
  3. a single character 
    4. 




then Standard Search executes the search as if you
requested a first name followed by a last initial. For example,
specifying the string "Mark
.P" could return search results such as:



    
    
  • Mark Payne
    • 
    
  • Mark Peck
    • 
    
  • Mark Polk
    • 





    
Note: 

    
When you use initials Standard Search looks only for exact matches.
	 It returns entries with names that use the
    	 same initial and name as you specify on the search.
    	 Approximate (or "sounds-like") and substring
    	 searches are not performed. 





Searching for Phone Numbers



Standard Search automatically searches for a phone number if
the value you enter consists only of numerical digits. A single
hyphen (-) is also allowed if at least one digit precedes
it.



This type of search is an "ends with" search. That
is, the Directory Server searches for any phone numbers that end
with the specified value. For example, if you enter a value such
as 123, the Directory Server searches for all phone numbers that
end with 123.



Searching for Email Addresses



Standard Search automatically searches for matching email
addresses if you provide a value that contains an at (@) symbol.
Standard Search first searches for any email addresses that
exactly match the value you entered. If Standard Search doesn't
find any matching entries, it then searches for any entries that
start with the value you entered. 



For example, specifying the string son@
could return:



    
    
  • son@
    • 


or, if no exact match exists in the directory:

    
    
  • son at aardvark.org
    • 
    
  • son at acme.com
    • 




Using Search Filters



Rather than allowing Standard Search to determine the correct
type of search, you can explicitly specify an LDAP search filter.
An LDAP search filter allows you to search for entries with a
specific attribute value.
Standard Search assumes that any string containing an equal sign
(=) is an LDAP search filter. For example,



cn=*eve*



is an LDAP search filter that performs a substring search for
any common name (CN) containing the string eve.
When specifying attributes within an LDAP search filter, you
must use the attribute label used by the Directory Server
internally, the internal ID, rather than the attribute
field name as displayed in the Directory Server interface. 
For example, the internal ID for the Full Name attribute field
is cn. When you enter a search filter in Standard Search,
use the internal ID (commonName) rather than the attribute field name (Full Name)
as follows: 



commonName=Smith Fukuda



Some attribute fields also have a second, abbreviated internal ID. For example, the Full Name field has two
internal IDs: commonName and cn. You can use either name in the search filter. 




For more information on search filters, refer to 
the Directory Server Administrator's Guide.



Advanced Search



With Advanced Search, you can search for entries that have
specific values for certain attributes. For example, Advanced
Search allows you to look for a person whose email address is a
specified value. Advanced Search also allows you to look up
entries that do not include a specified attribute value. For
example, you can find all the people whose last name is not
"Smith" (such a search is likely to return a
large number of results, so you may want to avoid these kinds of
searches).



Advanced Search performs an exact search, returning entries
that exactly match the words you enter. There are four fields in
the Advanced Search form that you use to construct your search.
Together these four fields represent a sentence specifying the
search. In general, the sentence is constructed as follows: 



Find: [a type of entry] where the: [attribute] [type of search] [search
string]



The options
for the first three of these fields are provided in pull-down
menus. The last field contains the actual search string. For example, you can
construct a search to:



Find: [People] where the: [Last
Name] [is] [Bowker]



Or you can construct a search to: 



Find: [People] where the: [Full Name] [sounds
like] [tree]



Performing an
Advanced Search



    
    
  1. Click the Advanced Search tab.
    2. 
    
  2. Select the type of entry you want to
        search for from the Find drop-down list.
    3. 
    
  3. Select the attribute you want to search for from the "where
        the" field drop-down list. The choices
        vary depending on the type of entry you selected in the Find
        field. The options are explained in the following table.
    

    
        
    
            
    
                If the Find field
                is . . .
                You can choose . . .
            
    
            
    
                People
                full name,
                last name, phone number,
                email address, user ID, or title
            
    
            
    
                Groups
                name, 
                description, 
		owner, or 
                member 
            
    
            
    
                Organizations
                name,
                location,
                phone
                number, or description
            
    
            
    
                Domaincomponent
                name,
                location,
                phone
                number, or description
            
    
            
    
                Org-Units
                name, 
                location,
                phone
                number, or description
            
    
            
    
                Anything
                name or
                description
            
    
        
    
    
    4. 

    
    
  4. Select the type of search you want to perform. 
    
        
    
        In general, this field indicates if the search is to be
        an equality search, substring search, or approximate
        ("sounds like") search. The following defines
        all of the available keywords and the type of search
        that each represents. Not all of these keywords
        are available for every search; the actual keywords you
        can use depends on the values you select for the 'Find'
        and "where the" fields. You can
        choose one of the following:

    
        
    
            
    
                Type of search
                Description
            
    
            
    
                is
                Finds an exact match. That is,
                this option specifies an equality search. Use
                this option when you know the exact value of an
                entry's attribute. For example, if you know the
                exact spelling of a person's last name, use this
                option. 
            
    
            
    
                is not
                Returns all the entries having an attribute value
                that does not exactly match the search string. That
                is, if you want to find all the people in the
                directory whose last name is not
                "Smith," use this option. Be aware,
                however, that use of this option can return an
                extremely large number of entries. 
            
    
            
    
                sounds like
                Finds phonetic matches. Use this option if you know an
                attribute's value, but you are unsure of the
                spelling. For example, if you are not sure if a
                person's last name is spelled "Sarret,"
                "Sarette," or "Sarett," use
                this option. 
            
    
            
    
                starts with
                Performs a substring search.
                Entries having attributes with values starting with the
                specified search string are returned. For
                example, if you know a person's first name is
                "Steve," but you do not know the last
                name, use this option on a full name search. 
            
    
            
    
                ends with
                Performs a substring search.
                Entries having attributes with values ending with the specified
                search string are returned. For example, if you
                know the last four digits of a person's telephone
                number are "9876," use this option to
                locate the person's entry. 
            
    
            
    
                contains
                Performs a substring search.
                Entries having attributes with values containing the specified
                search string are returned. For example, if you
                know an organization's description
                contains the word "support," use this
                option with the search string "support"
                to find the organization's entry.
            
    
        
    
    
    5. 

    
    
  5. Enter the string you want to search against in the text
        box and click Search.
    
        Once the form data has been submitted to the directory
        server, the Directory Server searches for any entries
        that exactly match the value you supplied. The resulting
        matches are displayed as a search results list.
    6. 




Advanced Search
Examples



The following examples show a few possible uses of the
Advanced Search form. The vertical bars (|) delimit the various
fields in the form.




    

        To find . . .
        Enter . . .
    

    

        All people named Darlene
        Find: People | where the: full name |
        starts with | Darlene
    

    

        All people with the last name Sweeney
        Find: People | where the: last name |
        is | Sweeny
    

    

        All the people who are vice presidents
        Find: People | where the: title |
        contains | Vice President
    

    

        The organization named Accounting
        Find: Organization | where the: name |
        is | Accounting
    

    

        Groups interested in scuba diving
        Find: Groups | where the: description |
        contains | scuba
    

    

        Any entry with a name that contains the word
        "printer"
        Find: Anything | where the: name |
        contains | printer
    





Viewing Search Results



When you perform a search using either a Standard Search or an
Advanced Search, the Directory Server interface sends the search
data to the Directory Server. The Directory Server performs the
search and then returns any matching entries to the directory
server interface. The resulting display depends on whether there
were:





This section also discusses some of the other
problems you may run into when attempting to search the
directory tree.



No Matches 



A search result that returns no matches means one of the
following. 



    
    
  • No entries in the directory match your search
        criteria. If you believe that this is the problem, try
        another search using slightly different parameters to
        see if you can get any other results.
    • 
    
  • You did not authenticate
        before performing the search. The directory administrator
 	  determines Authentication requirements. Your
        directory administrator can set the access control on the
        directory so that you are required to
        authenticate before you can search the tree. This access
        control can be set for the entire directory or for
        just part of it. If you are required to
        authenticate before you can search the directory tree,
        and you do not authenticate before running the search,
        the Directory Server acts as if no matching
        entries were found in the directory; no message informs you
	  that you need to authenticate. This is for security reasons. Contact your
        directory administrator to find out if you must
        authenticate to the Directory Server before running a
        search. See Chapter??5, "Authentication"
	for more information on authentication.
    • 
    
  • The access control for the tree disallows you
        from viewing the entry or entries; regardless of authentication.
    • 




A Single Match 



If one and only one match is returned in response to an
"is" search, the Directory Server interface displays
information about that entry as a result of the search. If the
single result was found using any other search method, it is
displayed in a table, and you must click the link to view
detailed information about the entry. This form
contains a button that allows you to edit
the entry. You must have the appropriate permissions to edit an
entry, and you need to authenticate
before doing so. 



Multiple Matches 



If multiple matches are found in response to your
search, the directory interface displays
a table listing each of the matching entries and
certain relevant information for each entry, such as the entry's
phone number and email address. The type of entry for which
you are searching determines this information.
To view more information on a specific entry, click the
entry's name in the first column of the table. 



Other Problems



You may see odd results if you are searching for numerical
values because the Directory Server stores all values as
strings, regardless of whether they are actually numerical values
(such as telephone or room numbers). Consequently, when you
search for numerical values, be sure to include all spaces and
leading zeros, if any. 



Also note that the Directory Server interface strips all
leading and trailing blank spaces from your search criteria.
While it is unlikely that directory entries actually have leading
and trailing blank spaces in their values, the possibility still
exists. Because of this, exact matches against values that have
leading and trailing blank spaces fail. If you encounter
this problem, try using a substring search (a
"contains" search) instead of an exact search. 



Viewing a vCard



A vCard is a digital business card. Like a regular business
card, a vCard contains contact information about a person such as
name, title, telephone and fax numbers, and email
address. Unlike a regular business card, however, the vCard can
also contain multimedia elements such as graphics, sound,
and video. To view a vCard, do the following:



    
    
  1. Use the Standard Search or Advanced Search mechanism to locate
        the person whose vCard you want to view.
    2. 
    
  2. Click the View Card button.
    
        The Directory Server interface displays a condensed
        version of the vCard.
    3. 
    
  3. If you want to see more details, click View
        Complete Card.
    4. 
    
  4. If you want to add the person to your Communicator
        address book, click "Add to Address Book"
        and then click OK.
    5. 







From fedora-directory-commits at redhat.com  Wed Jan 16 22:56:05 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 16 Jan 2008 17:56:05 -0500
Subject: [Fedora-directory-commits] dsgw/html/manual/ja add.htm, NONE,
	1.1 attribut.htm, NONE, 1.1 auth.htm, NONE, 1.1 contents.html,
	NONE, 1.1 filters.htm, NONE, 1.1 intro.htm, NONE, 1.1 mod.htm,
	NONE, 1.1 objclass.htm, NONE, 1.1 search.htm, NONE, 1.1
Message-ID: <200801162256.m0GMu5fA023588@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/html/manual/ja
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23442/dsgw/html/manual/ja

Added Files:
	add.htm attribut.htm auth.htm contents.html filters.htm 
	intro.htm mod.htm objclass.htm search.htm 
Log Message:
added manuals; fixed code that displays manuals; added initial tests


--- NEW FILE add.htm ---



?????????????????? ?????????????????????






?????????????????????

Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????


Directory Server???????????????????????????????????????????????????????????????????????????????????? 


??????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????


????????????????????????????????????????????????

???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????




?????????????????? ???????????????

????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????


?????????:



???????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server????????????????????????????????????????????????????????????????????????????????????????????????




???????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????


????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????Marketing???Accounting?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????


          o=Airius.com
          ou=Marketing, o=Airius.com
          ...
          Marketing ??????????????? ????????????
          ...
          ou=Accounting, o=Airius.com
          ...
          Accounting ??????????????? ????????????





??????????????????

?????????(Distinguished Name = DN)??????????????????Directory Server????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????DN????????????????????????????????????DN?????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????? ???:

uid=bjensen, ou=people, o=airius.com

??????DN????????????????????????airius.com??????????????????????????????people?????????????????????bjensen????????????????????????


Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????


??????????????????

Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????(CN)????????????????????????ID (uid)???????????????????????????????????????????????????????????????????????????ID????????????????????????????????????????????????ID??????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????ID????????????????????????????????? ??????????????????????????????????????????????????????1???????????????????????????????????????????????????????????? ???????????????


bjensen at airius.com


??????????????????????????????????????????????????????  ?????????????????????DN?????????????????????


uid=bjensen, o=airius.com

??????????????????

????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    5. 




  5. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    6. 
 

    

    

    
[??????] 

[????????????]


[??????????????? ????????????] 

    


    
[???????????????] 

[?????????ID] 

[??????????????????] 

    


    
[????????????] 

[??????????????????] 

[??????]

    


    
[????????????] 

[???????????????] 

[????????????] 

    


    
[??????] 

[????????????] 

[????????????] 

    


    
[???????????????????????????????????????] 

[??????] 

[??????] 

    


    
[??????] 

[URL] 

[???????????????] 

    

    

    

    ?????????:

    
????????????????????????????????????????????????[???????????????]???[??????]????????????[??????]??????????????????????????????????????????????????????
    


  6. 
???????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????[????????????????????????]????????????????????????????????????

    7. 


  7. 
?????????????????????????????????[???????????????]???[??????]?????????????????????????????????????????????[??????]?????????????????????????????????????????????
    8. 





NT??????????????????

NT????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT?????????????????????????????????????????????Windows??????????????????????????????????????????????????????


??????NT??????????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
?????????????????????NT?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT????????????????????????????????????????????????????????????
    5. 




  5. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 

    

    

    
[??????] 

[????????????] 

[??????????????? ????????????] 

    


    
[???????????????] 

[Directory Server??????????????????] 

[??????????????????] 

    


    
[????????????] 

[??????????????????] 

[??????] 

    


    
[????????????] 

[???????????????] 

[????????????] 

    


    
[??????] 

[????????????] 

[????????????] 

    


    
[???????????????????????????????????????] 

[??????] 

[??????] 

    


    
[??????] 

[URL] 

[?????????ID]

    

    

    ?????????:

    

????????????????????????????????????????????????[???????????????]???[??????]????????????[??????]??????????????????????????????????????????????????????

    


  6. 
??????????????????2???????????????????????????????????????????????????
    7. 


?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

  7. 
????????????????????????????????????????????????????????????[??????NT??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ?????????????????????????????? 
    8. 


  8. 
?????????????????????????????????[???????????????]???[??????]??????????????????????????????????????????[??????]??????????????????????????????????????????????????????
    9. 





?????????????????????

???????????????????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????

[??????]
    5. 


  5. 
??????????????????[??????]??????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 


    ?????????:

    

????????????????????????????????????????????????[?????????]???[???????????? ????????????]????????????[??????]??????????????????????????????????????????????????????
    


  6. 
????????????????????????????????????????????????????????????[???????????????????????????]????????????????????????????????????
    7. 


    ???????????????????????????????????????????????????????????????????????????????????? ???????????? ?????????????????????????????????

  7. 
?????????????????????????????????[?????????]???[???????????? ????????????]????????????[??????]????????????????????????????????????????????????
    8. 





NT?????????????????????

??????NT?????????????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
?????????????????????NT??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT???????????????????????????????????????????????????????????????
    5. 




  5. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT???????????????????????????????????????????????????????????????????????????
    6. 
 

    

    
[??????] 

[?????????] 

[????????????]

    


    
[NT???????????? ????????????] 

[??????]

[????????????]

    

    


    

    

    ?????????:

    

????????????????????????????????????????????????[?????????]???[NT???????????? ????????????]????????????[??????]???????????????????????????????????????????????????
    


  6. 
?????????[?????????????????????????????????NT???????????????????????????]?????????????????????????????????????????????
    7. 


  7. 
????????????????????????????????????????????????????????????[???????????????????????????]????????????????????????????????????
    8. 


    ???????????????????????????????????????????????????????????????????????????????????? ???????????? ??????????????????????????????

  8. 
?????????????????????????????????[NT???????????? ????????????]???[?????????]????????????[??????]???????????????????????????????????????????????????????????????
    9. 





?????????????????????

?????????????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[?????????]?????????
    5. 


  5. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 
 

    

    
[??????] 

[????????????] 

[??????????????????] 

    


    
[???????????????] 

[??????] 

[??????] 

    


    
[??????] 

 

 

    

    

    

  6. 
????????????????????????????????????????????????????????????[???????????????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ??????????????????????????????
    7. 




???????????????

?????????????????????????????????????????????????????????????????????????????????

    

  1. 
[??????????????????]?????????????????????????????????
    2. 


  2. 
[??????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]???????????????????????????????????????????????????????????????????????????????????? ??????????????????[??????]????????????????????????????????????
    3. 


  3. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 


  4. 
?????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????[?????????????????? ???????????????]???????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


    o=Airius.com
    ?????????[?????????????????? ???????????????]???????????????????????????????????????????????????????????????????????????

    o=Airius.com
    ?????????????????????????????????????????????Directory Server???????????????????????? ???????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    o=Airius.com
    ??????????????????

    o=Airius.com
    ???????????????????????????????????????????????????????????????????????????????????????


  5. 
??????????????????????????????[?????????]?????????????????????????????????????????????????????????
    6. 


  6. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    7. 

    

    

    
[??????] 

[????????????] 

[??????????????????] 

    


    
[???????????????] 

[??????] 

[??????] 

    


    
[??????] 

 

 

    

    

    

  7. 
????????????????????????????????????????????????????????????[?????????????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????? ??????????????????????????????
    8. 









--- NEW FILE attribut.htm ---



















??????







????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????LDAP????????????????????????????????????X.500?????????????????????????????????????????????Directory Server??????????????????????????? LDAP?????????????????????????????????Netscape???????????????????????????????????????????????????Netscape????????????????????????????????????????????????LDAP?????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????



Directory Server???????????????????????????????????????????????????????????????Netscape Directory????????????????????????????????????



?????????????????????????????????????????? ??????????????????????????????????????? A????????????????????? ????????????????????????????????????



 



???????????????




?????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????? A????????????????????? ????????????????????????????????????



?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



?????????????????????:




????????????????????????????????????????????????????????????????????????



	NSHOME/slapd-[server]/config/slapd.at.conf





 



 abstract






?????????????????? ???????????????????????????????????????



??????: cis



 



 accountUnlockTime






????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????



	accountUnlockTime: 600





??????: cis operational



 



 aci






??????????????????????????????Directory Server???????????????????????????????????????????????????:



	aci: (target="ldap:///o=Airius.com")(version 3.0;

	 acl "anonymous access"; allow (read, search, compare)

	 userdn=ldap:///self;)





??????: ces



?????????????????????LDAP??????????????????Netscape?????????????????????



 



administratorContactInfo






Netscape?????????????????????????????????????????????????????????URL????????????????????????????????????Netscape????????????????????????netscapeServer?????????????????? ?????????????????????????????????????????????????????????????????????Netscape???????????????????????????????????????????????????????????????????????????????????????????????????????????? 



	administratorContactInfo: ldap://uid=ssarette, o=Airius.com





??????: cis



 



adminUrl






Netscape??????????????????????????????????????????????????????????????? ?????????????????????URL????????????????????????????????????Netscape????????????????????????netscapeServer?????????????????? ?????????????????????????????????????????????????????????????????????Netscape?????????????????????????????????????????????????????????????????????????????????????????????????????? ??????



	adminUrl: http://twain.airius.com:2468
[...6771 lines suppressed...]


?????????????????????????????????????????????uniqueIdentifier???????????????????????????????????????????????????????????????????????????????????????uniqueMember???????????????uniqueIdentifier???????????????DN?????????



??????: dn



 



 updatedByDocument






?????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????



??????: dn



 



 updatesDocument






??????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????: dn



 



userCertificate






???????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????userCertificate;binary???????????????????????????



??????: bin



 



 userCertificate;binary






??????????????????????????????????????????????????????????????????



??????: bin



 



 userClass






?????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????organizationalStatus?????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????:



	userClass: intern





??????: cis



 



 uid






???????????????????????????ID(????????????????????? ID)?????????????????????:



	userid: banderson





????????????



	uid: banderson





??????: uid



??????: cis



 



 userPassword






??????????????????????????????????????????????????????{???????????????}???????????????????????????????????????????????????



???:



	userPassword: {sha}FTSLQhxXpA05





??????: bin



 



userSMIMECertificate;binary






S/MIME???Netscape Communicator??????????????????????????? 



??????: bin



 



 x121Address






???????????????X.121?????????????????????????????????



??????: ces



 



 x500UniqueIdentifier






???????????? 



??????: bin


















Copyright 1997 Netscape Communications Corporation. All rights reserved.









--- NEW FILE auth.htm ---




??????????????????????????????




??????



????????????Directory Server??????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



???????????????:





?????????????????? ????????????????????????



?????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????1????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 



    
    
  • ????????????????????????????????????????????????????????????(?????????????????????????????????????????????) 
    • 
    
  • ??????????????????????????????????????????????????????
    • 
    
  • ????????????????????????????????????????????????????????????????????????
    • 
    
  • ???????????????????????????DNS????????????????????????????????????
    • 
    
  • ?????????????????????????????????????????????????????????
    • 
    
  • ???????????????????????????????????????
    • 




???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????:



    
    
  • ???????????????????????????????????????????????????????????????????????????????????????
    • 
    
  • ?????????????????????????????????????????????????????????????????????????????????????????????????????? 
    • 
    
  • ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 
    
  • ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 
    
  • ??????????????????????????????????????????????????????????????????????????? 
    • 
    
  • ??????????????????(????????????)????????????????????????????????????????????????????????????(????????????)????????????????????????????????????
    • 
    
  • ????????????????????????????????????????????????????????????????????????????????????????????? 
    • 




Directory Server?????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????





??????????????????????????????



??????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????[??????]??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



    
    
  1. [??????]?????????????????????????????????
    2. 
    
  2. Directory Server????????????????????????????????????????????????????????????????????????
          
      
            
    • ?????????????????????????????????????????????????????????????????????[??????]???????????????????????????
      
                Directory Server?????????????????????????????????(???????????????????????????????????????ID)?????????????????????
                ??????????????????????????????????????? ????????????????????????ID????????????????????????????????????????????????????????? 
      • 
            
    • ????????????????????????????????? ???????????????????????????????????????[??????????????????????????????????????????]????????????????????????????????????
      • 
        
    
    
    3. 
    
  3. ????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 
    
  4. ??????????????????????????????[??????]???????????????????????????
    
        ??????????????????????????????????????????????????????????????????????????????????????????????????????
    
        ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 
    
  5. [??????????????????]?????????????????????Directory Server????????????????????????????????????????????????????????????
    6. 




??????????????????????????????????????????



Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????



    
    
  1. [??????]?????????????????????????????????
    2. 
    
  2.  [????????????????????????????????????]???????????????????????????????????? 
    3. 




???????????????????????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



????????????????????????????????????



?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????120??????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



????????????????????????????????????????????????



Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????




    

        ??????
        ??????
        ?????????
    

    

        ??????????????????????????????
        ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
        ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
        ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 
        ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        ????????????????????????????????????
        ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????Directory Server????????????????????????????????????Directory Server????????????????????????????????????????????????????????????????????????????????????????????????LDAP?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
        ?????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        ??????????????????????????????????????????????????????????????????
        ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
        ???????????????????????????????????????????????????????????????????????????????????????  ?????????????????????????????????
????????????????????????????????????????????????????????????
        [???????????????]
        ???????????????????????????
        ?????????????????????????????????ID??????????????????????????????????????????????????????

        		
    

    

        ?????????????????????????????????????????????????????????
        ????????????????????????????????????????????? 
?????????????????????????????????????????????????????????????????????????????????????????????????????????NT?????????????????????????????????????????????Windows???????????????????????????????????????????????????

        
???????????????????????????????????????????????????????????????NT????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

        		
        [Retry]
        ???????????????????????????????????????????????????????????????
    





 







--- NEW FILE contents.html ---



   Directory Server??????????????????????????????





??????




???1??? Directory Server?????????????????????????????????




???2??? ?????????????????? ?????????????????? 






????????????






[????????????]?????????






???????????????




??????????????????????????????????????????



?????????????????????

??????????????? ?????????????????????

???????????????????????????






????????????






[????????????]?????????




[????????????]??????






?????????????????????






????????????




1????????????




???????????????




??????????????????



vCard?????????




???3??? ?????????????????????






????????????????????????????????????????????????






?????????????????? ???????????????




??????????????????




??????????????????






??????????????????




NT??????????????????




?????????????????????




NT?????????????????????




?????????????????????




???????????????






???4??? ?????????????????????






??????????????????





[???????????????]???[??????]?????????????????????????????????







NT??????????????????




?????????????????????






[????????????]???[?????????]????????????[???????????? ????????????]?????????????????????
????????????






NT?????????????????????




?????????????????????




???????????????




????????????????????????




?????????????????????




????????????????????????






???5??? ??????






?????????????????? ????????????????????????




??????????????????????????????




??????????????????????????????????????????




????????????????????????????????????????????????






??????







--- NEW FILE filters.htm ---




   Netscape ?????????????????? ????????????????????? ??????????????????























??????????????????





???????????????????????????????????????????????????????????????????????????????????????










??????????????????





??????????????????????????????????????? [????????????]???????????????????????????????????????????????????????????????????????????????????????(=)???????????????????????????[????????????]???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????





???????????????????????????[????????????]?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Babs Jensen??????????????????????????????????????????????????????










    


      


      cn=babs jensen


      


    












???????????????????????????





?????????????????????????????????:














???: 










    


      


      employeenumber >= 100 


      


    







?????????????????????employeenumber????????????>= ???????????????100???????????????






????????????????????????????????????????????????????????????????????????????????? 










???????????????????????????????????????





?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????cn??????????????????????????????





???????????????????????????????????????????????????????????????????????????????????????????????????





    


    




  • cn (?????????????????????) 
    • 




  • telephonenumber (????????????????????????) 
    • 




  • employeenumber (????????????????????????) 
    • 




  • l (??????????????????) 
    • 







?????????????????????????????????????????????????????????????????????A????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????










??????????????????????????????????????????





????????????????????????????????????????????????????????????














??????????????? 



????????? 



?????? 









??????



= 



???????????????????????????????????????????????????????????????????????????:


    


    cn=Bob Johnson
    














????????????



=<?????????>*<?????????> 



???????????????????????? ??????????????????????????????????????????????????????:

    


    cn=Bob*
    




    cn=*Johnson
    




    cn=*John*
    




    cn=B*John
    














????????????????????????



>= 



??????????????????????????????????????????????????????????????????????????????????????????:


    


    employeenumber >= 100
    














????????????????????????



<= 



??????????????????????????????????????????????????????????????????????????????????????????:

    


    employeenumber <= 100
    














??????



=* 



?????????????????????????????????????????????????????????:


    


    cn=*
    




    telephonenumber=*
    




    manager=*
    














??????



~= 



????????????????????????????????????????????????????????????????????????????????????:


    


    cn~=surette
    




    l~=san fransico
    































??????????????????????????????????????????????????????????????????????????????????????????












????????????????????????????????????





???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????










    


    (?????????_?????????((????????????)(????????????)(????????????)...))


    







????????????????????????_??????????????????????????????????????????????????????: 










    


    (&(ou=Marketing)(cn=Ray*))


    







???????????????????????????????????????????????????????????????????????????Marketing (ou=Marketing)??????????????????Ray (cn=Ray*)????????????????????????????????????????????????And(&)????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????





?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????










    


    (?????????_?????????(????????????)((?????????_?????????(????????????)(????????????)))


    












??????????????????





???????????????????????????????????????????????????????????????: 














????????? 



?????? 



?????? 









And 



& 



?????????????????????????????????????????????????????????????????????????????????????????????????????????:


    


    (&(????????????1)(????????????2)(????????????3)...)
    







??????????????????????????????????????????????????????1???????????????2????????????????????????3????????????????????????????????????????????????












Or 



| 



????????????????????????????????????????????????????????????????????????????????????????????????????????????:


    


    (|(????????????1)(????????????2)(????????????3)...)
    







????????????1???????????????2????????????????????????3??????????????????????????????????????????????????????????????????












Not 



! 



????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Not???????????????????????????????????????????????????????????????????????????:



    


    (!(????????????))
    







???????????????????????????????????????????????????????????????


































????????????????????????





?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????










          manager=*







Ray Kultgen??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????










          cn=Ray Kultgen







Ray Kultgen??????????????????????????????????????????????????????????????????????????????????????????










          (!(cn=Ray Kultgen))







X.500????????????????????????[description]??????????????????????????????????????????????????????????????????????????????










          description=*X.500*







???????????????Marketing??????[description]??????????????????????????????X.500?????????????????????????????????????????????????????????????????????????????????










          (&(ou=Marketing)(!(description=*X.500*)))







???????????????Marketing????????????????????????Julie Fulmer?????????Cindy Zwaska????????????????????????????????????????????????????????????????????????










          (&(ou=Marketing)(|(manager="cn=Julie
Fulmer,ou=Marketing,o=Airius,c=US")(manager="cn=Cindy
Zwaska,ou=Marketing,o=Airius,
c=US")))







???????????????????????????????????????????????????????????????????????????????????????










          (!(objectclass=person))







?????????(person)?????????????????????????????????(cn)???????????????3b??????????????????????????????????????????????????????????????????????????????










          (&(!(objectclass=person))(cn~=printer3b))












??????????????????













???: 
















Directory Server????????????????????????????????????Directory Server?????????????????????????????????????????????CGI?????????????????????????????????????????????????????????????????????Directory Server????????????LDAP??????????????????????????????????????????????????????








???????????????Directory Server????????????????????????????????????????????????????????????





    


    




  1. ?????????????????????????????????Directory Server????????????????????????????????????????????? 
    2. 




  2. Directory Server?????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????[Referral]????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???URL?????????????????????
    3. 




  3. Directory Server????????????????????????????????? ??????????????????????????? ????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 




      


      




    • ??????????????????????????????????????????????????????????????????????????????
      • 




    • ?????????????????????????????????????????? 
      • 




    • ??????????????????????????????????????????????????????????????????????????????


      • 


    







??????????????????????????????????????????????????????????????????????????????????????????????????????????????????Netscape Directory Server????????????????????????????????????????????????





???????????????????????????????????????????????????????????????????????????????????????????????? 










??????(??????)??????????????????





?????????????????????????????????????????????????????????????????????[????????????]?????????????????????????????????????????????sounds like (??????)??????????????????????????????????????????





????????????????????????????????????cn=Robert E Lee?????????????????????????????? ?????????????????????Robert Lee???Robert????????????Lee????????????????????????????????????????????????????????????????????? San Fransico (l~=San Fransico??????????????????????????????)??????????????????????????????????????????San Francisco
(l=San Francisco)????????????????????????????????????????????????????????????????????????





Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????





    


    




  • ???????????????????????????????????????????????????????????????????????????????????????????????????????????? 
    • 




  • ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 







???: 














????????????????????????????????????


(???????????????) 		



???????????????


(???????????????) 		



???????????????????????? 









Alice B Sarette


(ALS B SRT) 		



Alice Sarette


(ALS SRT) 		



??????????????????????????????????????????????????????????????????















Alice Sarrette


(ALS SRT) 		



?????????Sarette??????????????????????????????????????????????????????????????????????????????????????????????????????????????? 













Surette


(SRT) 		



?????????Sarette?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????













Bertha Sarette


(BR0 SRT) 		



????????????????????????BR0??????????????????????????????????????????













Sarette, Alice


(SRT ALS) 		



???????????????????????????????????????????????????????????????????????????































??????????????????????????????





???????????????????????????????????????????????????????????????????????????????????????[????????????]????????????????????????????????????????????????starts with(????????????)???contains (??????)????????????ends with (????????????)??????????????????????????????





????????????





    


      


      cn=*derson
      


      


    







?????????????????????????????????????????????????????????????????????????????????????????? 










    


      


      Bill Anderson

Jill Anderson

Steve Sanderson


      


    







????????????





    


      


      telephonenumber= *555*
      


      


    







????????????????????????????????????????????????555???????????????????????????????????????????????????????????????????????????











--- NEW FILE intro.htm ---



Netscape Directory Server?????????????????????????????????





Directory Server?????????????????????????????????



Netscape Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



Directory Server????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



    

    
    
  • ???????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????? ??????????????????????????????????????????????????? ????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????
    • 

    
    
  • ????????????????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
????????????????????????
    • 



    
    
  • ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 

    
    
  • Directory Server????????????????????????Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????
    • 




 







--- NEW FILE mod.htm ---



?????????????????? ?????????????????????




?????????????????????


Directory Server ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????]????????????????????????????????????


??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????


??????????????????????????????





??????????????????

??????????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[??????????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 




  6. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    7. 


    

    

    
[??????] 

[????????????] 

[??????????????? ????????????] 

    


    
[???????????????] 

[?????????ID] 

[??????????????????] 

    


    
[????????????] 

[??????????????????] 

[??????] 

    


    
[????????????] 

[???????????????] 

[????????????] 

    


    
[??????] 

[????????????] 

[????????????] 

    


    
[???????????????????????????????????????] 

[??????] 

[??????] 

    


    
[??????] 

[URL] 

[???????????????] 

    

    

    

  7. 
???????????? [??????] ?????????????????????????????????[???????????????] ??? [??????] ?????????????????????????????????????????????
    8. 


  8. 
???????????? [??????] ?????????????????????????????????[??????] ?????????????????????????????????????????????
    9. 


  9. 
?????????????????????????????????????????????[????????????] ???????????????????????????
    10. 


???????????????????????????????????????????????????????????????



[???????????????] ??? [??????] ?????????????????????????????????


[???????????????] ????????? [??????] ????????????????????? [??????] ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
[???????????????] ??? [??????] ???????????????????????????????????????????????????????????????????????????????????????????????????


    

  1. 
???????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    2. 


      

    • 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
????????? ID ???????????? ??????????????????????????????????????????
      • 


    • 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
??????????????? ????????????????????????????????????@??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????
      • 


    • 
?????????????????????*????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
?????????LDAP ????????????????????? ?????? (=) ????????????????????????????????????????????????????????????????????????????????????
      • 

    


  2. 
[??????????????????]?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[?????????????????????] ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????????????????] ?????????????????????????????????????????????
    3. 


  3. 
???????????? ?????????????????????????????????????????????[????????????] ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    4. 





NT ??????????????????

NT ?????????????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[NT ??????????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT ?????????????????????????????????????????????????????????????????????
    6. 




  6. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT ?????????????????????????????????????????????????????????????????????
    7. 


    

    

    
[??????] 

[????????????] 

[??????????????? ????????????] 

    


    
[???????????????] 

[Directory Server ???????????????]  

[??????????????????] 

    


    
[????????????] 

[??????????????????] 

[??????] 

    


    
[????????????] 

[???????????????] 

[????????????] 

    


    
[??????] 

[????????????] 

[????????????] 

    


    
[???????????????????????????????????????] 

[??????] 

[??????] 

    


    
[??????] 

[URL] 

[????????? ID] 

    

    

    

  7. 
[????????????????????????????????? NT????????????????????????] ????????????????????????????????????????????????????????????
    8. 


  8. 
???????????? [??????] ????????????????????????????????? [???????????????] ??? [??????] ?????????????????????????????????????????????
    9. 


  9. 
???????????? [??????] ????????????????????????????????? [??????] ?????????????????????????????????????????????
    10. 


  10. 
?????????????????????????????????????????????[????????????] ???????????????????????????
    11. 


????????????????????????????????????????????????????????????



?????????????????????


????????????????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[?????????????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [??????] ????????????????????????????????????????????????????????????


  6. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    7. 


    

    

    
[??????] 

[?????????] 

    


    
[???????????? ????????????] 

[??????]

    

    

    

  7. 
???????????? [??????] ????????????????????????????????? [??????]???[?????????] ????????? [??????] ?????????????????????????????????????????????
    8. 


  8. 
?????????????????????????????????????????????[????????????] ???????????????????????????
    9. 


???????????????????????????????????????????????????????????????



[?????????]???[??????] ????????? [???????????? ????????????] ?????????????????????????????????


[?????????]???[??????] ????????? [???????????? ????????????] ?????????????????? [??????] ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[?????????]???[??????]????????????[???????????? ????????????]???????????????????????????????????????????????????[?????????]???[??????]????????????[???????????? ????????????]????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Barbara Jensen ???????????????????????? ??????????????? ?????????????????????????????????????????????????????? ??????????????? ???????????????????????????????????????????????????????????????????????????????????????Barbara Jensen???????????????????????????????????????????????????????????????????????????[???????????? ????????????]???[?????????]????????????[??????]????????????????????????????????????????????????????????????????????????

    

  1. 
????????????????????? ???????????????????????????????????????[?????????]????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????[????????????]???????????????????????????????????????????????????
    2. 


  2. 
2????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    3. 


      

    • 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
????????? ID ???????????? ??????????????????????????????????????????
      • 


    • 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
??????????????? ????????????????????????????????????@??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????
      • 


    • 
?????????????????????*????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
      • 


    • 
?????????LDAP ??????????????????????????? (=) ????????????????????????????????????????????????????????????????????????????????????
      • 

    


  3. 
[??????????????????]?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[?????????????????????] ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????????????????] ?????????????????????????????????????????????
    4. 


  4. 
???????????? ?????????????????????????????????????????????[????????????] ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 





NT ?????????????????????

NT ????????????????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[NT ?????????????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT ????????????????????????????????????????????????????????????????????????
    6. 




  6. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????NT ????????????????????????????????????????????????????????????????????????????????????
    7. 


    

    

    
[??????] 

[?????????] 

[????????????]

    


    
[???????????? ????????????] 

[??????]

[????????????]

    

    
 

  7. 
[???????????????????????????????????? NT????????????????????????????????????] ????????????????????????????????????????????????????????????
    8. 


  8. 
???????????? [??????] ????????????????????????????????? [??????]???[?????????]???????????? [???????????? ????????????] ?????????????????????????????????????????????
    9. 


  9. 
???????????????????????????[????????????] ???????????????????????????
    10. 


???????????????????????????????????????????????????????????????




?????????????????????

?????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[?????????????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 


  6. 
??????????????????????????????????????????[?????????]?????????
    7. 


  7. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    8. 


    

    

    
[??????] 

[????????????] 

[??????????????????] 

    


    
[???????????????] 

[??????] 

[??????] 

    


    
[??????] 

 

 

    

    

    

  8. 
???????????????????????????[????????????] ???????????????????????????
    9. 


????????????????????????????????????????????????????????????




???????????????

???????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[???????????????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 


  5. 
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 


  6. 
????????????????????????????????????[?????????]?????????
    7. 


  7. 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    8. 


    

    

    
[??????] 

[????????????] 

[??????????????????] 

    


    
[???????????????] 

[??????] 

[??????] 

    


    
[??????] 

 

 

    

    
 

  8. 
???????????????????????????[????????????] ???????????????????????????
    9. 




????????????????????????

???????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[??????] ????????????????????????????????????
    4. 


  4. 
??????????????????????????????????????????????????????
    5. 


  5. 
[????????????]???????????????????????????
    6. 


?????????????????????????????????????????????????????????????????????????????????

    

  • 
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 


    uid=tandrew, ou=Accounting, o=Airius.com
    

??? DN ???????????????????????????????????????????????????????????????????????? ID (uid) ?????????????????????????????????????????????????????????Marketing ?????????????????????????????? tandrew ???????????????????????????????????????????????????????????????Marketing ????????????????????? tandrew ?????????????????????????????????????????????Accounting ??????????????????????????????????????????????????????????????????????????????

  • 
?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 





?????????????????????

???????????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[??????] ????????????????????????????????????
    4. 


  4. 
[??????]????????????????????????????????????
    5. 


???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????


????????????????????????

Directory Server ?????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????


?????????????????????????????????????????????????????????????????????

    

  1. 
[????????????]
????????? [????????????]?????????????????????????????????????????????????????????
    2. 


  2. 
????????????????????????????????????
    3. 


  3. 
[??????] ????????????????????????????????????
    4. 


  4. 
[?????????????????????] ????????????????????????????????????
    5. 


    ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? (?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)

  5. 
[?????????????????????] ????????????????????????????????????
    6. 









--- NEW FILE objclass.htm ---












?????????????????? ?????????







??????????????????????????????????????? ?????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????LDAP????????????????????????????????????X.500?????????????????????????????????????????????Directory Server????????????????????? ???????????????????????????LDAP?????????????????????????????????Netscape???????????????????????????????????????????????????????????? ????????????Netscape????????????????????????????????????????????????LDAP?????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????



Directory Server????????????????????????????????????????????????Netscape????????????????????????????????????????????????????????????



?????????????????????????????????????????????????????????????????????????????????


??????????????????????????????????????? ???????????????????????????????????????




Netscape Directory Server ????????????OID??????????????????????????????



2.16.840.1.113730.3




Netscape ????????????????????????????????????????????? ?????????????????????????????????????????????????????????



2.16.840.1.113730.3.2




 



 ????????????




??????????????????????????? ????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????(???????????????????????????)????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????groupOfNames???groupOfUniqueNames???NTGroup?????????

 
 



 groupOfNames


 

??????????????????????????????????????????????????????????????????????????? ???????????????X.500 Directory Services??????????????????????????????



OID: 2.5.6.9



 






??????




???????????????






cn




(??????) ????????????????????????





member




(??????) ?????????????????????????????? ???????????????





businessCategory




????????????????????????????????????





description




????????????????????????????????????





memberURL




???????????? ????????????????????????????????????URL???





o




?????????????????????????????????





ou




???????????????????????????????????????

[...6881 lines suppressed...]


OID: 0.9.2342.19200300.100.4.7



 






??????




???????????????






cn




(??????) ?????????????????????





description




?????????????????????





roomNumber




???????????????





seeAlso




?????????????????????????????????URL???





telephoneNumber




?????????????????????
















 



 simpleSecurityObject






????????????????????? ????????????????????????????????????userPassword???????????????????????????userPassword??????????????????????????????????????????????????????????????? ???????????????????????????????????????



OID: 0.9.2342.19200300.100.4.19



 






??????




???????????????






userPassword




(??????) ???????????????????????????????????????????????????
















 



 strongAuthenticationUser






???????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????? ???????????????X.500 Directory Services?????????????????????????????????????????????????????????



OID: 2.5.6.15



 






??????




???????????????






userCertificate




????????????





userCertificate;binary




(??????) ?????????????????????????????????????????????
















 



 top






???????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????? ???????????????????????????????????? ???????????????X.500 Directory Services?????????????????????????????????????????????????????????



OID: 2.5.6.0



 






??????




???????????????






objectClass




(??????) ?????????????????????????????? ??????????????????????????????





aci




??????????????????????????????Directory Server??????????????????????????????????????????????????????























--- NEW FILE search.htm ---




?????????????????? ??????????????????





?????????????????? ??????????????????



Directory Server????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????2??????????????????????????????????????????



    
    
  • ???????????? -- ???????????????????????????????????????????????????????????????????????????????????????moz at airius.com?????????????????????????????????????????????????????????????????? ????????????????????????????????????
    • 

    
    
  • ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????k??????????????????????????????2110??????????????????????????????????????????????????????????????????
    • 




????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????




    

        ???????????? ?????????
        ??????
    

    

        ?????????
        ???????????????????????????????????????
    

    

        NT?????????
        NT???????????????????????????????????????
    

    

        ???????????? 
        ????????????????????????????????????????????????????????????1??????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        NT????????????
        NT??????????????????????????????????????????????????????
    

    

        ??????
        ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        ????????????
        ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    

        ??????????????????
        ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    





Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????vCard????????????????????????????????????????????????????????????vCard???????????????????????????????????????????????????????????????????????????Communicator???????????????????????????????????????????????????



????????????



??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????



???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[????????????] ?????????????????? LDAP (Lightweight Directory Access Protocol) ?????????????????????????????????????????????????????????????????????



?????????????????????



    
    
  1. [????????????] ?????????????????????????????????
    2. 
    
  2. [??????] ???????????????????????? ????????????????????????????????????????????? ??????????????????????????????
    3. 
    
  3. [????????????] ????????????????????????????????????????????????????????????[????????????] ???????????????????????????/??????????????????????????????????????????????????????????????????????????????
	  
    
    4. 
    
  4. [??????] ???????????????????????????
    
        ???????????? ????????????Directory Server????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    5. 




?????????????????????



????????????????????????????????????????????????:



    
    
  • ??????????????????????????????
    • 
    
  • ????????? (@) ?????????????????????
    • 




????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



????????????????????????son?????????????????????????????????????????????????????????????????????





    
	
  • Gary Stevenson
    • 
	
  • Mary Sun
    • 
	
  • Allison Barker
    • 




????????????????????????????????????????????????



??????????????????????????????????????????????????????????????????:



    
    
  1. 1??????
    2. 
    
  2. ???????????? ( )??????????????? (.)????????????????????????????????????????????????????????????
    3. 
    
  3. 1???????????????????????????
    4. 



??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????S.Anderson?????????????????????????????????????????????????????????????????????



    
    
  • Sally Anderson
    • 
    
  • Steve Anderson
    • 
    
  • Sue Anderson
    • 




??????????????????????????????????????????????????????????????????????????????:



    
    
  1. ???????????????
    2. 
    
  2. ???????????? ( )??????????????? (.)????????????????????????????????????????????????????????????
    3. 
    
  3. 1??????
    4. 




??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Mark
.P?????????????????????????????????????????????????????????????????????



    
    
  • Mark Payne
    • 
    
  • Mark Peck
    • 
    
  • Mark Polk
    • 





    
???: 

    
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? (?????????????????????) ??????????????????????????????????????????????????????





???????????????????????????



???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????1???????????????????????????1?????????????????? (-) ???????????????????????????????????????



???????????????????????????????????????????????????????????????????????????Directory Server????????????????????????????????????????????????????????????????????????????????????123????????????????????????123???????????????????????????????????????????????????????????????



??????????????? ???????????????????????????



???????????????????????????????????????????????? (@) ????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



????????????????????????son@??????????????????????????????????????????????????????????????????



    
    
  • son@
    • 


???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

    
    
  • son at aardvark.org
    • 
    
  • son at acme.com
    • 




?????????????????????????????????



????????????????????????????????????????????????????????????????????????LDAP?????????????????????????????????????????????????????????????????????LDAP?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? (=) ??????????????????????????????LDAP???????????????????????????????????????????????????????????????



cn=*eve*



???LDAP???????????????????????????????????????eve?????????????????? (common name - CN) ????????????????????????????????????????????????LDAP??????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????????????? (??????ID) ??????????????????????????????????????????????????????????????????????????????[??????] ??????????????????????????????ID??????cn???????????????????????????????????????????????????????????????????????????????????????????????????????????? (??????) ?????????????????????ID (commonName) ??????????????????????????????



commonName=Smith Fukuda



???????????????????????????????????????????????????????????????ID?????????????????????????????????????????????[??????] ????????????????????????commonName???cn???2????????????ID?????????????????????????????????????????????????????????????????????????????????????????????



????????????????????????????????????Directory Server??????????????????????????????????????????????????????



????????????



??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Smith??????????????????????????????????????????????????? (?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????)???



?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [????????????] ?????????????????????4????????????????????????????????????????????????4????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????: [???????????? ?????????] ?????????: [??????] [???????????????] [???????????????]



?????????????????????3????????????????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????: [?????????] ?????????: [??????] [is (??????)] [Bowker]



?????????????????????????????????????????????????????????



??????: [?????????] ?????????: [??????] [sounds like (??????)] [tree]



?????????????????????



    
    
  1. [????????????] ?????????????????????????????????
    2. 
    
  2. [??????] ???????????????????????? ????????????????????????????????????????????? ??????????????????????????????
    3. 
    
  3. [?????????] ??????????????????????????????????????? ???????????????????????????????????????????????????????????????????????????[??????] ?????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    

    
        
    
            
    
                [??????]????????????????????????. . .
                ?????????. . .
            
    
            
    
                ??????????????????NT?????????
                ?????????
                ????????????????????????
                ??????????????? ????????????????????????ID??????????????????
            
    
            
    
                ?????????????????????NT????????????
                ?????????
		?????????????????????
		NT???????????? ????????? (NT?????????????????????)
            
    
            
    
                ??????
                ?????????
                ????????????
                ??????????????????
            
    
            
    
                ??????????????????
                ????????????
                ??????
            
    
        
    
    
    4. 

    
    
  4. ??????????????????????????????????????????????????????
    
        
    
        ??????????????????????????????????????????????????????????????????????????????????????????
        (?????????????????????) ??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????[??????] ?????????????????? [?????????] ????????????????????????????????????????????????????????????????????????????????????1???????????????????????????

    
        
    
            
    
                ???????????????
                ??????
            
    
            
    
                is (??????)
                ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
            
    
            
    
                is not (?????????)
                ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Smith???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
            
    
            
    
                sounds like (??????)
                ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Sarret???Sarette???Sarett????????????????????????????????????????????????????????????
            
    
            
    
                starts with (????????????)
                ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Steve????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
            
    
            
    
                ends with (????????????)
                ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????4??????9876?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
            
    
            
    
                contains (??????)
                ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????support??????????????????????????????????????????????????????????????????????????????????????????support??????????????????????????????????????????????????????????????????
            
    
        
    
    
    5. 

    
    
  5. ??????????????????????????????????????????????????????????????????[??????] ???????????????????????????
    
        Directory Server??????????????? ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    6. 




??????????????????



????????????[????????????]????????????????????????????????????????????? (|) ??????????????????????????????????????????????????????????????????




    

        ????????????. . .
        ????????????. . .
    

    

        Darlene????????????????????????????????????
        ??????: ????????? | ?????????: ?????? |
        starts with (????????????) | Darlene
    

    

        ?????????Sweeney????????????????????????
        ??????: ????????? | ?????????: ?????? |
        is (??????) | Sweeny
    

    

        Vice President (?????????) ??????????????????????????????
        ??????: ????????? | ?????????: ?????? |
        contains (??????) | Vice President
    

    

        Accounting (??????) ????????????????????????
        ??????: ?????? | ?????????: ?????? |
        is (??????) | Accounting
    

    

        Scuba Diving (??????????????????????????????) ??????????????????????????????
        ??????: ???????????? | ?????????: ?????? |
        contains (??????) | scuba
    

    

        printer?????????????????????????????????????????????
        ??????: ?????????????????? | ?????????: ?????? |
        contains (??????) | printer
    





?????????????????????



???????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????Directory Server????????????????????????Directory Server??????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????





???????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????



????????????



???????????????????????????????????????????????????????????????????????????????????????????????????



    
    
  • ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 
    
  • ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????Directory Server?????????????????????????????????????????????????????????????!
 ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 
    
  • ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
    • 




1???????????? 



???is (??????)?????????????????????1??????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????1??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????????????? 



?????????????????????????????????????????????????????????Directory Server???????????????????????????????????????????????????????????????????????????????????????????????????????????? (???????????????????????????????????????????????????????????????) ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



??????????????????



???????????????????????????????????????????????????????????????????????????????????????????????????Directory Server???????????????????????? (???????????????????????????) ???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????



?????????Directory Server?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? (contains (??????) ??????) ???????????????????????????????????????



vCard?????????



vCard??????????????????????????????????????????????????????????????????vCard????????????????????????????????????????????????????????????????????????????????????????????? ?????????????????????????????????????????????????????????????????????????????????????????????????????????vCard????????????????????????????????????????????????????????????????????????????????????????????????????????????vCard?????????????????????????????????????????????????????????



    
    
  1. ????????????????????????????????????????????????????????????????????????vCard?????????????????????????????????
    2. 
    
  2. [View Card] ????????????????????????????????????
    
        Directory Server????????????????????????????????????vCard????????????????????????????????????
    3. 
    
  3. ??????????????????????????????[View
        Complete Card] ???????????????????????????
    4. 
    
  4. Communicator????????????????????????????????????????????????????????????
        [Add to Address Book] ????????????????????? [OK] ???????????????????????????
    5. 










From fedora-directory-commits at redhat.com  Wed Jan 16 22:56:07 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 16 Jan 2008 17:56:07 -0500
Subject: [Fedora-directory-commits] dsgw/tests/lang testget.1, NONE,
	1.1 testget.10, NONE, 1.1 testget.2, NONE, 1.1 testget.3, NONE,
	1.1 testget.4, NONE, 1.1 testget.5, NONE, 1.1 testget.6, NONE,
	1.1 testget.7, NONE, 1.1 testget.8, NONE, 1.1 testget.9, NONE, 1.1
Message-ID: <200801162256.m0GMu7af023600@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/tests/lang
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23442/dsgw/tests/lang

Added Files:
	testget.1 testget.10 testget.2 testget.3 testget.4 testget.5 
	testget.6 testget.7 testget.8 testget.9 
Log Message:
added manuals; fixed code that displays manuals; added initial tests


--- NEW FILE testget.1 ---



--- NEW FILE testget.10 ---
info=../../../../

--- NEW FILE testget.2 ---
info=

--- NEW FILE testget.3 ---
file=

--- NEW FILE testget.4 ---
info=&file=

--- NEW FILE testget.5 ---
file=/

--- NEW FILE testget.6 ---
file=.

--- NEW FILE testget.7 ---
file=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

--- NEW FILE testget.8 ---
file=../aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

--- NEW FILE testget.9 ---
file=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/..



From fedora-directory-commits at redhat.com  Wed Jan 16 22:56:05 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 16 Jan 2008 17:56:05 -0500
Subject: [Fedora-directory-commits] dsgw/tests setup.sh,NONE,1.1
Message-ID: <200801162256.m0GMu5bT023594@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/tests
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23442/dsgw/tests

Added Files:
	setup.sh 
Log Message:
added manuals; fixed code that displays manuals; added initial tests


--- NEW FILE setup.sh ---
#!/bin/sh

testdir="$1"
sroot=/home/$USER/11srv
port=1100
secport=1101
rootdn="cn=directory manager"
rootpw=password
adminpw=admin
#needinstance=1
#needdata=1
usessl=1
PATH=/usr/lib64/mozldap:/usr/lib/mozldap:$PATH
export PATH
suffix="dc=example,dc=com"
hostname=vmhost
inst=slapd-$hostname

if [ "$needinstance" ] ; then
$sroot/sbin/setup-ds.pl - < testtmp/cacert.asc
    # pin file
    echo "passwordpassword" > testtmp/pwdfile.txt
    # create sec db
    certutil -N -d testtmp -f testtmp/pwdfile.txt
    # import CA cert
    certutil -A -d testtmp -n "CA certificate" -t "CT,," -a -i testtmp/cacert.asc
    port=$secport
else
    ldapurl="ldap://localhost:$port/$suffix"
    hostname=localhost
fi

DSGW_CONTEXT_DIR=`pwd`/testtmp ; export DSGW_CONTEXT_DIR

sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#cn=directory manager#g" \
    -e "s#@contextdir@#$DSGW_CONTEXT_DIR#g" \
    -e "s#@htmldir@#$sroot/share/dirsrv/dsgw/html#g" \
    -e "s#@configdir@#$sroot/share/dirsrv/dsgw/config#g" \
    config/dsgw.tmpl > testtmp/dsgw.conf

sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#cn=directory manager#g" \
    -e "s#@contextdir@#$DSGW_CONTEXT_DIR#g" \
    -e "s#@pbhtmldir@#$sroot/share/dirsrv/dsgw/pbhtml#g" \
    -e "s#@pbconfigdir@#$sroot/share/dirsrv/dsgw/pbconfig#g" \
    pbconfig/pb.tmpl > testtmp/pb.conf

dir=`pwd`

# CGI env. vars
#ADMSERV_CONF_DIR=$dir/testtmp
#ADMSERV_CONF_DIR=$sroot/etc/fedora-ds/admin-serv
#export ADMSERV_CONF_DIR
#ADMSERV_LOG_DIR=$dir/testtmp
#export ADMSERV_LOG_DIR
HTTP_ACCEPT_LANGUAGE=en
export HTTP_ACCEPT_LANGUAGE
SERVER_URL=http://localhost
export SERVER_URL

pwpfile=/tmp/pwp.$$
cat > $pwpfile <> $testtmpfile
	mytest=$testtmpfile
    else
	testtmpfile=
    fi
    REQUEST_METHOD=$type ; export REQUEST_METHOD
    if [ $type = "GET" ] ; then
	QUERY_STRING="`cat $mytest`" ; export QUERY_STRING
    else
	CONTENT_LENGTH=`wc -c $mytest | cut -f1 -d' '` ; export CONTENT_LENGTH
    fi
    SCRIPT_NAME=/clients/dsgw/bin/$prog ; export SCRIPT_NAME

    exec 4<$pwpfile
    PASSWORD_PIPE=4 ; export PASSWORD_PIPE
    if [ -n "$DEBUGCMD" -a "$DEBUGCMD" = "$GDB" ] ; then
	echo "break main" > .gdbinit
	if [ $type = "POST" ] ; then
	    echo "run < $mytest > results/$prog/$basetest.html" >> .gdbinit
	else
	    echo "run > results/$prog/$basetest.html" >> .gdbinit
	fi
	./libtool --mode execute $GDB ./$prog
    elif [ "$DEBUGCMD" = "VALGRIND" ] ; then
	VALGRIND="$VGPREFIX --log-file-exactly=results/$prog/$basetest.vg"
	if [ $type = "POST" ] ; then
	    ./libtool --mode execute $VALGRIND ./$prog < $mytest > results/$prog/$basetest.html
	else
	    ./libtool --mode execute $VALGRIND ./$prog > results/$prog/$basetest.html
	fi
    else
	if [ $type = "POST" ] ; then
	    ./libtool --mode execute ./$prog < $mytest > results/$prog/$basetest.html
	else
	    ./libtool --mode execute ./$prog > results/$prog/$basetest.html
	fi
    fi

    4<&- # close the pwpfile

    if [ -n "$testtmpfile" -a -f "$testtmpfile" ] ; then
	rm -f "$testtmpfile"
    fi
    set +x
}

runGetTestsForProg() {
    prog="$1" # test must be in dir of same name
    shift
    getlist=/tmp/gettests.$$
    find $testdir/$prog -name testget.\* -print 2> /dev/null | sort -n > $getlist
    for test in `cat $getlist` ; do
	runATest "$prog" GET "$test"
	ctxnum=1
	for ctx in "" "/" "." "../../../" "somebogusvalue" "pb" "dsgw" ; do
	    if [ -s "$test" ] ; then
		runATest "$prog" GET "$test" .$ctxnum "&context=$ctx"
	    else
		runATest "$prog" GET "$test" .$ctxnum "context=$ctx"
	    fi
	    ctxnum=`expr $ctxnum + 1`
	done
    done
    rm -f $getlist
}

runPostTestsForProg() {
    prog="$1" # test must be in dir of same name
    shift
    postlist=/tmp/posttests.$$
    find $testdir/$prog -name testpost.\* -print 2> /dev/null | sort -n > $postlist
    for test in `cat $postlist` ; do
	runATest "$prog" POST "$test"
	ctxnum=1
	for ctx in "" "/" "." "../../../" "somebogusvalue" "pb" "dsgw" ; do
	    runATest "$prog" POST "$test" .$ctxnum "&context=$ctx"
	    ctxnum=`expr $ctxnum + 1`
	done
    done
    rm -f $postlist
}

# each prog has a subdir containing the GET/POST args and any other test data
for prog in $PROGS ; do
    runGetTestsForProg "$prog"
    runPostTestsForProg "$prog"
done

for prog in $SCRIPTS ; do
    getlist=/tmp/gettests.$$
    find $testdir/$prog -name testget.\* -print 2> /dev/null | sort -n > $getlist
    for test in `cat $getlist` ; do
        if [ ! -d results/$prog ] ; then mkdir -p results/$prog ; fi
        basetest=`basename $test`
        echo "Running test $test"
        REQUEST_METHOD=GET ; export REQUEST_METHOD
        QUERY_STRING="`cat $test`" ; export QUERY_STRING
        SCRIPT_NAME=slapd/Tasks/Operation/$prog ; export SCRIPT_NAME
        # open pwpfile for reading as file desc 4 - CGIs have to use stdin (0) for POST
        exec 4<$pwpfile
        PASSWORD_PIPE=4 ; export PASSWORD_PIPE
        if [ -n "$DEBUGCMD" -a "$DEBUGCMD" = "$GDB" ] ; then
            perl -d orgchart/$prog
        else
            perl -w orgchart/$prog
        fi
    done
    rm -f $getlist
done

rm -rf $pwpfile .gdbinit



From fedora-directory-commits at redhat.com  Wed Jan 16 22:56:04 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 16 Jan 2008 17:56:04 -0500
Subject: [Fedora-directory-commits] dsgw cgidbgwrapper.sh.in, NONE,
	1.1 Makefile.am, 1.6, 1.7 configure.ac, 1.5, 1.6 dsgw.h, 1.4,
	1.5 lang.c, 1.2, 1.3 tutor.c, 1.2, 1.3 aclocal.m4, 1.3,
	1.4 configure, 1.6, 1.7 missing, 1.2, 1.3 install-sh, 1.2,
	1.3 depcomp, 1.2, 1.3 config.sub, 1.2, 1.3 config.guess, 1.2,
	1.3 compile, 1.2, 1.3 Makefile.in, 1.6, 1.7
Message-ID: <200801162256.m0GMuY3M023658@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23442/dsgw

Modified Files:
	Makefile.am configure.ac dsgw.h lang.c tutor.c aclocal.m4 
	configure missing install-sh depcomp config.sub config.guess 
	compile Makefile.in 
Added Files:
	cgidbgwrapper.sh.in 
Log Message:
added manuals; fixed code that displays manuals; added initial tests


--- NEW FILE cgidbgwrapper.sh.in ---
#!/bin/sh

PROG=@progname at .orig
inf=/tmp/$PROG.in.$$
outf=/tmp/$PROG.out.$$

env > /tmp/env
echo "set env LD_LIBRARY_PATH @prefix@/lib:@libdir@:/usr/lib64:/usr/lib" > .gdbinit
echo "break main" >> .gdbinit
if [ "$REQUEST_METHOD" = POST ] ; then
    cat - > $inf
    echo "run < $inf > $outf" >> .gdbinit
else
    rm -f $inf
    echo "run > $outf" >> .gdbinit
fi

DISPLAY=:0.0 LD_LIBRARY_PATH=@prefix@/lib xterm -bg white -fn 10x20 -title gdb -e gdb -x .gdbinit $PROG

cat $outf
rm -f $inf $outf


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Makefile.am	14 Jan 2008 22:58:30 -0000	1.6
+++ Makefile.am	16 Jan 2008 22:56:02 -0000	1.7
@@ -36,6 +36,11 @@
 # relative to $localstatedir
 cookiedir=$(localstatedir)@cookiedir@
 perldir = $(libdir)@perldir@
+manualdir = $(datadir)@manualdir@
+manualsubdir = @manualsubdir@
+gwinfodir = $(manualdir)/en/$(manualsubdir)/info
+# this is the directory where the manuals will actually be installed
+maninstdir = $(manualdir)/en/$(manualsubdir)
 
 DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)"
 
@@ -52,7 +57,8 @@
 	-DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \
 	-DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \
 	-DINSTCONFIGDIR=\"$(instconfigdir)\" -DMANUALDIR=\"$(manualdir)\" \
-	-DCGIURIBASE=\"$(cgiuri)\"
+	-DCGIURIBASE=\"$(cgiuri)\" -DMANUALSUBDIR=\"$(manualsubdir)\" \
+	-DINFODIR=\"$(gwinfodir)\"
 
 LIBS = @adminutil_lib@ -ladmsslutil at adminutil_ver@ -ladminutil at adminutil_ver@ \
 	@icu_lib@ -licui18n -licuuc -licudata \
@@ -70,6 +76,10 @@
 cgibin_PROGRAMS = auth doauth edit domodify dnedit dosearch $(NEED_SECGLUE) $(CKUTILPROGS)
 
 cgibin_SCRIPTS = orgbin/org orgbin/myorg
+if DEBUG
+DBGSCRIPTS = $(addsuffix .sh,$(cgibin_PROGRAMS))
+cgibin_SCRIPTS += $(DBGSCRIPTS)
+endif
 
 noinst_PROGRAMS = propmaker
 # I need propmaker to build with no libraries - I don't know of any other way to set
@@ -176,6 +186,13 @@
 	pbconfig/display-room.html       \
 	pbconfig/dsgwfilter.conf         pbconfig/pb.tmpl
 
+dist_maninst_DATA = \
+	html/manual/a.gif html/manual/add.htm html/manual/attribua.gif html/manual/attribut.htm html/manual/auth.htm \
+	html/manual/contents.html html/manual/intro.htm html/manual/mod.htm html/manual/n.gif \
+	html/manual/objclass.htm html/manual/search.htm html/manual/t.gif html/manual/y.gif html/manual/index.map
+
+dist_gwinfo_DATA = html/info/infonav.html
+
 nodist_context_DATA = dsgw-httpd.conf
 #nodist_context_SCRIPTS = setup-dirsrv-gw
 
@@ -251,7 +268,8 @@
         -e 's, at instconfigdir\@,$(instconfigdir),g' \
 	-e 's, at perlpath\@,$(perldir),g' \
 	-e 's, at perlexec\@, at perlexec@,g' \
-        -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \
+	-e 's, at manualdir\@,$(manualdir),g' \
+       -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \
         -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \
         -e 's, at package_name\@,$(PACKAGE_NAME),g' \
         -e 's, at PACKAGE_BASE_NAME\@,$(PACKAGE_BASE_NAME),g' \
@@ -261,6 +279,12 @@
         -e 's, at capbrand\@,$(capbrand),g' \
         -e 's, at vendor\@,$(vendor),g'
 
+if DEBUG
+$(DBGSCRIPTS) : cgidbgwrapper.sh.in
+	if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
+	$(fixupcmd) $< > $@
+endif
+
 % : %.in
 	if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
 	$(fixupcmd) $< > $@


Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/dsgw/configure.ac,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- configure.ac	14 Jan 2008 22:31:17 -0000	1.5
+++ configure.ac	16 Jan 2008 22:56:02 -0000	1.6
@@ -111,6 +111,7 @@
   bundle="";
 ])
 AM_CONDITIONAL(BUNDLE,test "$bundle" = "1")
+AM_CONDITIONAL(DEBUG,test "$enable_debug" = "yes")
 
 # libtool automatically adds --rpath $libdir to each executable, and
 # there is apparently no standard way to disable this.  Also, you cannot
@@ -236,7 +237,10 @@
   orghtmldir=/$PACKAGE_NAME/orghtml
   configdir=/$PACKAGE_NAME/config
   pbconfigdir=/$PACKAGE_NAME/pbconfig
-  manualuri=/$PACKAGE_NAME/manual
+  # root directory for all manuals
+  manualdir=/$PACKAGE_NAME/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=
   propertydir=/$PACKAGE_NAME/properties
   # relative to libdir
   cgibindir=/$PACKAGE_NAME/cgi-bin
@@ -248,7 +252,10 @@
   orghtmldir=/dsgw/orghtml
   configdir=/dsgw/config
   pbconfigdir=/dsgw/pbconfig
-  manualuri=/dsgw/manual
+  # root directory for all manuals
+  manualdir=/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=dsgw
   propertydir=/properties/dsgw
   # relative to libdir
   perldir=/perl
@@ -261,7 +268,10 @@
   orghtmldir=/$PACKAGE_BASE_NAME/dsgw/orghtml
   configdir=/$PACKAGE_BASE_NAME/dsgw/config
   pbconfigdir=/$PACKAGE_BASE_NAME/dsgw/pbconfig
-  manualuri=/$PACKAGE_BASE_NAME/dsgw/manual
+  # root directory for all manuals
+  manualdir=/$PACKAGE_BASE_NAME/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=dsgw
   propertydir=/$PACKAGE_BASE_NAME/properties/dsgw
   # relative to libdir
   perldir=/$PACKAGE_BASE_NAME/perl
@@ -327,6 +337,8 @@
 AC_SUBST(securitydir)
 AC_SUBST(cookiedir)
 AC_SUBST(perldir)
+AC_SUBST(manualdir)
+AC_SUBST(manualsubdir)
 
 # need a check here to see if the ldif functions are exported from libldap
 # for now, just assume they are not


Index: dsgw.h
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgw.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dsgw.h	14 Jan 2008 22:58:30 -0000	1.4
+++ dsgw.h	16 Jan 2008 22:56:02 -0000	1.5
@@ -110,7 +110,8 @@
 #define DSGW_DOCDIR_HTTP        HTMLDIR
 #define DSGW_CONTEXTDIR_HTTP    (getenv("DSGW_CONTEXT_DIR") ? getenv("DSGW_CONTEXT_DIR") : CONTEXTDIR)
 #define	DSGW_HTMLDIR		HTMLDIR
-#define DSGW_MANROOT	        MANUALDIR
+#define DSGW_MANROOT	        MANUALDIR "/"
+#define DSGW_MANSUBDIR          MANUALSUBDIR "/"
 #define DSGW_MANUALSHORTCUT	".MANUAL"
 #define DSGW_MANUALSHORTCUT_LEN	7
 


Index: lang.c
===================================================================
RCS file: /cvs/dirsec/dsgw/lang.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- lang.c	14 Jan 2008 22:58:30 -0000	1.2
+++ lang.c	16 Jan 2008 22:56:02 -0000	1.3
@@ -206,7 +206,7 @@
             }
         }
 
-	helpdir = dsgw_file2path ( DSGW_MANROOT, "slapd/gw/manual/" );
+	helpdir = dsgw_file2path ( DSGW_MANROOT, DSGW_MANSUBDIR );
 	tfname = (char *)dsgw_ch_malloc( strlen( helpdir ) +
 				strlen( mandocname ) +
 				1 );


Index: tutor.c
===================================================================
RCS file: /cvs/dirsec/dsgw/tutor.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- tutor.c	14 Jan 2008 22:58:30 -0000	1.2
+++ tutor.c	16 Jan 2008 22:56:02 -0000	1.3
@@ -47,7 +47,7 @@
 
 #define BASE_MAN_DIRECTORY "manual/"
 #define BASE_INFO_DIRECTORY "info/"
-#define HELP_INDEX_HTML "manual/index.html"
+#define HELP_INDEX_HTML "index.html"
 /*#define MANUAL_HPATH "bin/lang?file=" DSGW_MANUALSHORTCUT "/"*/
 
 /* Copied from ldapserver/lib/base/util.c */
@@ -93,7 +93,7 @@
     char *mypath;
     char *p;
 
-    p = dsgw_file2path( DSGW_MANROOT, "slapd/gw/" );
+    p = dsgw_file2path( DSGW_MANROOT, DSGW_MANSUBDIR );
     mypath = (char *)dsgw_ch_malloc( strlen( p ) +
 				       strlen( filename ) + 1 );
     sprintf( mypath, "%s%s", p, filename );
@@ -184,7 +184,7 @@
             FILE *map=NULL;
             char *man_index=NULL;
 
-            man_index = dsgw_file2path ( DSGW_MANROOT, "slapd/gw/manual/index.map" );
+            man_index = dsgw_file2path ( DSGW_MANROOT, DSGW_MANSUBDIR "index.map" );
 
             html[0]='\0';
 




Index: configure
===================================================================
RCS file: /cvs/dirsec/dsgw/configure,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- configure	14 Jan 2008 22:58:30 -0000	1.6
+++ configure	16 Jan 2008 22:56:02 -0000	1.7
@@ -466,7 +466,7 @@
 #endif"
 
 ac_default_prefix=/opt/dirsrv
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP!
 P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN perlexec CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri dsgwuri orguri pburi propertydir htmldir pbhtmldir orghtmldir configdir pbconfigdir contextdir securitydir cookiedir perldir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT build build_cpu build_vendor build_os host host_cpu host_vendor host_os CXX CXXFLAGS LDFLAGS CPPFLAGS ac_ct_CXX EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CXXDEPMODE am__fastdepCXX_TRUE am__fastdepCXX_FALSE CC CFLAGS ac_ct_CC CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE SED EGREP LN_S ECHO AR ac_ct_AR RANLIB ac_ct_RANLIB CP!
 P CXXCPP F77 FFLAGS ac_ct_F77 LIBTOOL LIBOBJS POW_LIB PACKAGE_BASE_NAME instconfigdir BUNDLE_TRUE BUNDLE_FALSE DEBUG_TRUE DEBUG_FALSE LIBSOCKET LIBNSL LIBCSTD LIBCRUN perlexec CXXLINK_REQUIRED_TRUE CXXLINK_REQUIRED_FALSE HPUX_TRUE HPUX_FALSE SOLARIS_TRUE SOLARIS_FALSE PKG_CONFIG ICU_CONFIG nspr_inc nspr_lib nspr_libdir nss_inc nss_lib nss_libdir sasl_inc sasl_lib sasl_libdir ldapsdk_inc ldapsdk_lib ldapsdk_libdir adminutil_inc adminutil_lib adminutil_libdir adminutil_ver icu_lib icu_libdir icu_inc icu_bin cgibindir cgiuri dsgwuri orguri pburi propertydir htmldir pbhtmldir orghtmldir configdir pbconfigdir contextdir securitydir cookiedir perldir manualdir manualsubdir NEED_LDIF_TRUE NEED_LDIF_FALSE WINNT_TRUE WINNT_FALSE LTLIBOBJS'
 ac_subst_files=''
 
 # Initialize some variables set by options.
@@ -21146,6 +21146,16 @@
 fi
 
 
+
+if test "$enable_debug" = "yes"; then
+  DEBUG_TRUE=
+  DEBUG_FALSE='#'
+else
+  DEBUG_TRUE='#'
+  DEBUG_FALSE=
+fi
+
+
 # libtool automatically adds --rpath $libdir to each executable, and
 # there is apparently no standard way to disable this.  Also, you cannot
 # override rpath with LD_LIBRARY_PATH, so this causes problems if you have
@@ -21509,7 +21519,10 @@
   orghtmldir=/$PACKAGE_NAME/orghtml
   configdir=/$PACKAGE_NAME/config
   pbconfigdir=/$PACKAGE_NAME/pbconfig
-  manualuri=/$PACKAGE_NAME/manual
+  # root directory for all manuals
+  manualdir=/$PACKAGE_NAME/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=
   propertydir=/$PACKAGE_NAME/properties
   # relative to libdir
   cgibindir=/$PACKAGE_NAME/cgi-bin
@@ -21521,7 +21534,10 @@
   orghtmldir=/dsgw/orghtml
   configdir=/dsgw/config
   pbconfigdir=/dsgw/pbconfig
-  manualuri=/dsgw/manual
+  # root directory for all manuals
+  manualdir=/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=dsgw
   propertydir=/properties/dsgw
   # relative to libdir
   perldir=/perl
@@ -21534,7 +21550,10 @@
   orghtmldir=/$PACKAGE_BASE_NAME/dsgw/orghtml
   configdir=/$PACKAGE_BASE_NAME/dsgw/config
   pbconfigdir=/$PACKAGE_BASE_NAME/dsgw/pbconfig
-  manualuri=/$PACKAGE_BASE_NAME/dsgw/manual
+  # root directory for all manuals
+  manualdir=/$PACKAGE_BASE_NAME/manual
+  # the actual manual files are installed here under the lang directory
+  manualsubdir=dsgw
   propertydir=/$PACKAGE_BASE_NAME/properties/dsgw
   # relative to libdir
   perldir=/$PACKAGE_BASE_NAME/perl
@@ -22628,6 +22647,8 @@
 
 
 
+
+
 # need a check here to see if the ldif functions are exported from libldap
 # for now, just assume they are not
 
@@ -22815,6 +22836,13 @@
 Usually this means the macro was only invoked conditionally." >&2;}
    { (exit 1); exit 1; }; }
 fi
+if test -z "${DEBUG_TRUE}" && test -z "${DEBUG_FALSE}"; then
+  { { echo "$as_me:$LINENO: error: conditional \"DEBUG\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"DEBUG\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+   { (exit 1); exit 1; }; }
+fi
 if test -z "${CXXLINK_REQUIRED_TRUE}" && test -z "${CXXLINK_REQUIRED_FALSE}"; then
   { { echo "$as_me:$LINENO: error: conditional \"CXXLINK_REQUIRED\" was never defined.
 Usually this means the macro was only invoked conditionally." >&5
@@ -23457,6 +23485,8 @@
 s, at instconfigdir@,$instconfigdir,;t t
 s, at BUNDLE_TRUE@,$BUNDLE_TRUE,;t t
 s, at BUNDLE_FALSE@,$BUNDLE_FALSE,;t t
+s, at DEBUG_TRUE@,$DEBUG_TRUE,;t t
+s, at DEBUG_FALSE@,$DEBUG_FALSE,;t t
 s, at LIBSOCKET@,$LIBSOCKET,;t t
 s, at LIBNSL@,$LIBNSL,;t t
 s, at LIBCSTD@,$LIBCSTD,;t t
@@ -23505,6 +23535,8 @@
 s, at securitydir@,$securitydir,;t t
 s, at cookiedir@,$cookiedir,;t t
 s, at perldir@,$perldir,;t t
+s, at manualdir@,$manualdir,;t t
+s, at manualsubdir@,$manualsubdir,;t t
 s, at NEED_LDIF_TRUE@,$NEED_LDIF_TRUE,;t t
 s, at NEED_LDIF_FALSE@,$NEED_LDIF_FALSE,;t t
 s, at WINNT_TRUE@,$WINNT_TRUE,;t t














Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Makefile.in	14 Jan 2008 22:58:30 -0000	1.6
+++ Makefile.in	16 Jan 2008 22:56:02 -0000	1.7
@@ -63,13 +63,15 @@
 cgibin_PROGRAMS = auth$(EXEEXT) doauth$(EXEEXT) edit$(EXEEXT) \
 	domodify$(EXEEXT) dnedit$(EXEEXT) dosearch$(EXEEXT) \
 	$(am__EXEEXT_1)
+ at DEBUG_TRUE@am__append_3 = $(DBGSCRIPTS)
 noinst_PROGRAMS = propmaker$(EXEEXT)
 DIST_COMMON = README $(am__configure_deps) $(dist_config_DATA) \
-	$(dist_html_DATA) $(dist_orghtml_DATA) $(dist_pbconfig_DATA) \
-	$(dist_pbhtml_DATA) $(srcdir)/Makefile.am \
-	$(srcdir)/Makefile.in $(srcdir)/config.h.in \
-	$(top_srcdir)/configure AUTHORS ChangeLog NEWS compile \
-	config.guess config.sub depcomp install-sh ltmain.sh missing
+	$(dist_gwinfo_DATA) $(dist_html_DATA) $(dist_maninst_DATA) \
+	$(dist_orghtml_DATA) $(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \
+	$(srcdir)/Makefile.am $(srcdir)/Makefile.in \
+	$(srcdir)/config.h.in $(top_srcdir)/configure AUTHORS \
+	ChangeLog NEWS compile config.guess config.sub depcomp \
+	install-sh ltmain.sh missing
 subdir = .
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/fhs.m4 $(top_srcdir)/m4/nspr.m4 \
@@ -86,7 +88,8 @@
 am__EXEEXT_1 = unauth$(EXEEXT) search$(EXEEXT) csearch$(EXEEXT) \
 	newentry$(EXEEXT) tutor$(EXEEXT) lang$(EXEEXT)
 am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" \
-	"$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" \
+	"$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" \
+	"$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" \
 	"$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" \
 	"$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" \
 	"$(DESTDIR)$(propertydir)"
@@ -171,13 +174,16 @@
   esac;
 am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
 dist_configDATA_INSTALL = $(INSTALL_DATA)
+dist_gwinfoDATA_INSTALL = $(INSTALL_DATA)
 dist_htmlDATA_INSTALL = $(INSTALL_DATA)
+dist_maninstDATA_INSTALL = $(INSTALL_DATA)
 dist_orghtmlDATA_INSTALL = $(INSTALL_DATA)
 dist_pbconfigDATA_INSTALL = $(INSTALL_DATA)
 dist_pbhtmlDATA_INSTALL = $(INSTALL_DATA)
 nodist_contextDATA_INSTALL = $(INSTALL_DATA)
 nodist_propertyDATA_INSTALL = $(INSTALL_DATA)
-DATA = $(dist_config_DATA) $(dist_html_DATA) $(dist_orghtml_DATA) \
+DATA = $(dist_config_DATA) $(dist_gwinfo_DATA) $(dist_html_DATA) \
+	$(dist_maninst_DATA) $(dist_orghtml_DATA) \
 	$(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \
 	$(nodist_context_DATA) $(nodist_property_DATA)
 ETAGS = etags
@@ -216,6 +222,8 @@
 CXXLINK_REQUIRED_FALSE = @CXXLINK_REQUIRED_FALSE@
 CXXLINK_REQUIRED_TRUE = @CXXLINK_REQUIRED_TRUE@
 CYGPATH_W = @CYGPATH_W@
+DEBUG_FALSE = @DEBUG_FALSE@
+DEBUG_TRUE = @DEBUG_TRUE@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
 ECHO = @ECHO@
@@ -333,6 +341,8 @@
 libexecdir = @libexecdir@
 localstatedir = @localstatedir@
 mandir = @mandir@
+manualdir = $(datadir)@manualdir@
+manualsubdir = @manualsubdir@
 mkdir_p = @mkdir_p@
 nspr_inc = @nspr_inc@
 nspr_lib = @nspr_lib@
@@ -362,6 +372,9 @@
 
 # look for included m4 files in the ./m4/ directory
 ACLOCAL_AMFLAGS = -I m4
+gwinfodir = $(manualdir)/en/$(manualsubdir)/info
+# this is the directory where the manuals will actually be installed
+maninstdir = $(manualdir)/en/$(manualsubdir)
 DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)"
 AM_CPPFLAGS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" $(DEBUG_DEFINES) \
 	@adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ \
@@ -371,11 +384,13 @@
 	-DCONFIGDIR=\"$(configdir)\" -DSECURITYDIR=\"$(securitydir)\" \
 	-DCGIBINDIR=\"$(cgibindir)\" -DCONTEXTDIR=\"$(contextdir)\" \
 	-DINSTCONFIGDIR=\"$(instconfigdir)\" \
-	-DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\"
+	-DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\" \
+	-DMANUALSUBDIR=\"$(manualsubdir)\" -DINFODIR=\"$(gwinfodir)\"
 
 # these are programs which we do not want to link with nss
 NEED_SECGLUE = unauth search csearch newentry tutor lang
-cgibin_SCRIPTS = orgbin/org orgbin/myorg
+cgibin_SCRIPTS = orgbin/org orgbin/myorg $(am__append_3)
+ at DEBUG_TRUE@DBGSCRIPTS = $(addsuffix .sh,$(cgibin_PROGRAMS))
 # I need propmaker to build with no libraries - I don't know of any other way to set
 # the LIBS for a specific program (no, propmaker_LIBS doesn't work) - LDADD is the
 # last thing on the link line before LIBS, so just have it terminate the command
@@ -476,6 +491,12 @@
 	pbconfig/display-room.html       \
 	pbconfig/dsgwfilter.conf         pbconfig/pb.tmpl
 
+dist_maninst_DATA = \
+	html/manual/a.gif html/manual/add.htm html/manual/attribua.gif html/manual/attribut.htm html/manual/auth.htm \
+	html/manual/contents.html html/manual/intro.htm html/manual/mod.htm html/manual/n.gif \
+	html/manual/objclass.htm html/manual/search.htm html/manual/t.gif html/manual/y.gif html/manual/index.map
+
+dist_gwinfo_DATA = html/info/infonav.html
 nodist_context_DATA = dsgw-httpd.conf
 #nodist_context_SCRIPTS = setup-dirsrv-gw
 
@@ -525,7 +546,8 @@
         -e 's, at instconfigdir\@,$(instconfigdir),g' \
 	-e 's, at perlpath\@,$(perldir),g' \
 	-e 's, at perlexec\@, at perlexec@,g' \
-        -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \
+	-e 's, at manualdir\@,$(manualdir),g' \
+       -e 's, at BUILD_NUM\@,$(BUILDNUM),g' \
         -e 's, at NQBUILD_NUM\@,$(NQBUILDNUM),g' \
         -e 's, at package_name\@,$(PACKAGE_NAME),g' \
         -e 's, at PACKAGE_BASE_NAME\@,$(PACKAGE_BASE_NAME),g' \
@@ -771,6 +793,23 @@
 	  echo " rm -f '$(DESTDIR)$(configdir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(configdir)/$$f"; \
 	done
+install-dist_gwinfoDATA: $(dist_gwinfo_DATA)
+	@$(NORMAL_INSTALL)
+	test -z "$(gwinfodir)" || $(mkdir_p) "$(DESTDIR)$(gwinfodir)"
+	@list='$(dist_gwinfo_DATA)'; for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  f=$(am__strip_dir) \
+	  echo " $(dist_gwinfoDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(gwinfodir)/$$f'"; \
+	  $(dist_gwinfoDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(gwinfodir)/$$f"; \
+	done
+
+uninstall-dist_gwinfoDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(dist_gwinfo_DATA)'; for p in $$list; do \
+	  f=$(am__strip_dir) \
+	  echo " rm -f '$(DESTDIR)$(gwinfodir)/$$f'"; \
+	  rm -f "$(DESTDIR)$(gwinfodir)/$$f"; \
+	done
 install-dist_htmlDATA: $(dist_html_DATA)
 	@$(NORMAL_INSTALL)
 	test -z "$(htmldir)" || $(mkdir_p) "$(DESTDIR)$(htmldir)"
@@ -788,6 +827,23 @@
 	  echo " rm -f '$(DESTDIR)$(htmldir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(htmldir)/$$f"; \
 	done
+install-dist_maninstDATA: $(dist_maninst_DATA)
+	@$(NORMAL_INSTALL)
+	test -z "$(maninstdir)" || $(mkdir_p) "$(DESTDIR)$(maninstdir)"
+	@list='$(dist_maninst_DATA)'; for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  f=$(am__strip_dir) \
+	  echo " $(dist_maninstDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(maninstdir)/$$f'"; \
+	  $(dist_maninstDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(maninstdir)/$$f"; \
+	done
+
+uninstall-dist_maninstDATA:
+	@$(NORMAL_UNINSTALL)
+	@list='$(dist_maninst_DATA)'; for p in $$list; do \
+	  f=$(am__strip_dir) \
+	  echo " rm -f '$(DESTDIR)$(maninstdir)/$$f'"; \
+	  rm -f "$(DESTDIR)$(maninstdir)/$$f"; \
+	done
 install-dist_orghtmlDATA: $(dist_orghtml_DATA)
 	@$(NORMAL_INSTALL)
 	test -z "$(orghtmldir)" || $(mkdir_p) "$(DESTDIR)$(orghtmldir)"
@@ -925,7 +981,7 @@
 distdir: $(DISTFILES)
 	$(am__remove_distdir)
 	mkdir $(distdir)
-	$(mkdir_p) $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/m4 $(distdir)/orghtml $(distdir)/pbconfig $(distdir)/pbhtml
+	$(mkdir_p) $(distdir)/config $(distdir)/config/en $(distdir)/html $(distdir)/html/info $(distdir)/html/manual $(distdir)/m4 $(distdir)/orghtml $(distdir)/pbconfig $(distdir)/pbhtml
 	@srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
 	topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
 	list='$(DISTFILES)'; for file in $$list; do \
@@ -1053,7 +1109,7 @@
 check: check-am
 all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(DATA) config.h
 installdirs:
-	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
+	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
 	  test -z "$$dir" || $(mkdir_p) "$$dir"; \
 	done
 install: install-am
@@ -1104,7 +1160,8 @@
 info-am:
 
 install-data-am: install-cgibinPROGRAMS install-cgibinSCRIPTS \
-	install-dist_configDATA install-dist_htmlDATA \
+	install-dist_configDATA install-dist_gwinfoDATA \
+	install-dist_htmlDATA install-dist_maninstDATA \
 	install-dist_orghtmlDATA install-dist_pbconfigDATA \
 	install-dist_pbhtmlDATA install-nodist_contextDATA \
 	install-nodist_propertyDATA
@@ -1138,7 +1195,8 @@
 ps-am:
 
 uninstall-am: uninstall-cgibinPROGRAMS uninstall-cgibinSCRIPTS \
-	uninstall-dist_configDATA uninstall-dist_htmlDATA \
+	uninstall-dist_configDATA uninstall-dist_gwinfoDATA \
+	uninstall-dist_htmlDATA uninstall-dist_maninstDATA \
 	uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \
 	uninstall-dist_pbhtmlDATA uninstall-info-am \
 	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA
@@ -1152,7 +1210,8 @@
 	distuninstallcheck dvi dvi-am html html-am info info-am \
 	install install-am install-cgibinPROGRAMS \
 	install-cgibinSCRIPTS install-data install-data-am \
-	install-dist_configDATA install-dist_htmlDATA \
+	install-dist_configDATA install-dist_gwinfoDATA \
+	install-dist_htmlDATA install-dist_maninstDATA \
 	install-dist_orghtmlDATA install-dist_pbconfigDATA \
 	install-dist_pbhtmlDATA install-exec install-exec-am \
 	install-info install-info-am install-man \
@@ -1162,7 +1221,8 @@
 	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
 	pdf pdf-am ps ps-am tags uninstall uninstall-am \
 	uninstall-cgibinPROGRAMS uninstall-cgibinSCRIPTS \
-	uninstall-dist_configDATA uninstall-dist_htmlDATA \
+	uninstall-dist_configDATA uninstall-dist_gwinfoDATA \
+	uninstall-dist_htmlDATA uninstall-dist_maninstDATA \
 	uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \
 	uninstall-dist_pbhtmlDATA uninstall-info-am \
 	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA
@@ -1190,6 +1250,10 @@
 en.res en_US.res : root.res
 	cp -p $< $@
 
+ at DEBUG_TRUE@$(DBGSCRIPTS) : cgidbgwrapper.sh.in
+ at DEBUG_TRUE@	if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
+ at DEBUG_TRUE@	$(fixupcmd) $< > $@
+
 % : %.in
 	if [ ! -d $(dir $@) ] ; then mkdir -p $(dir $@) ; fi
 	$(fixupcmd) $< > $@



From fedora-directory-commits at redhat.com  Thu Jan 17 00:48:08 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Wed, 16 Jan 2008 19:48:08 -0500
Subject: [Fedora-directory-commits] ldapserver nsconfig.mk,1.14,1.14.2.1
Message-ID: <200801170048.m0H0m8GL006352@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6329

Modified Files:
      Tag: Directory71RtmBranch
	nsconfig.mk 
Log Message:
Fixing the solaris build problem:
relocation error: R_SPARC_H44: file ./lib/libadmin/authdb.o: symbol :
relocations based on the ABS44 coding model can not be used in building a
shared object
> Building shared libraries for SPARCV9
> By default, the SPARC compiler assumes that SPARCV9 objects are built with
> -xcode=abs44, which means that 44 bits are used to hold the absolute address
> of any object. Shared libraries should be built using position independent
> code, either -xcode=pic13 or -xcode=pic32



Index: nsconfig.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/Attic/nsconfig.mk,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
--- nsconfig.mk	10 May 2005 23:16:59 -0000	1.14
+++ nsconfig.mk	17 Jan 2008 00:48:06 -0000	1.14.2.1
@@ -1105,6 +1105,7 @@
   ARCH_CFLAGS += -m64
 endif
 endif
+ARCH_CFLAGS += -xcode=pic32
 ARCH_DEBUG=-g
 RANLIB=true
 



From fedora-directory-commits at redhat.com  Fri Jan 18 17:52:54 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Fri, 18 Jan 2008 12:52:54 -0500
Subject: [Fedora-directory-commits] esc/src/app/xpcom rhCoolKey.cpp,1.8,1.9
Message-ID: <200801181752.m0IHqstx029178@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/src/app/xpcom
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29158

Modified Files:
	rhCoolKey.cpp 
Log Message:
Minor diagnostics log fix. Bug#253268.



Index: rhCoolKey.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/rhCoolKey.cpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- rhCoolKey.cpp	7 Jun 2007 21:16:28 -0000	1.8
+++ rhCoolKey.cpp	18 Jan 2008 17:52:52 -0000	1.9
@@ -817,7 +817,7 @@
 NS_IMETHODIMP rhCoolKey::ResetCoolKeyPIN(PRUint32 aKeyType, const char *aKeyID, const char *aScreenName, const char *aPIN, const char *aScreenNamePwd)
 {
     char tBuff[56];
-    ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to Reset Key PIN, ID: %s \n",GetTStamp(tBuff,56),aKeyID);
+    ::CoolKeyLogMsg( PR_LOG_ALWAYS, "%s Attempting to Reset Key Password, ID: %s \n",GetTStamp(tBuff,56),aKeyID);
     CoolKeyNode *node = GetCoolKeyInfo(aKeyType, aKeyID);
 
     if (!node)



From fedora-directory-commits at redhat.com  Fri Jan 18 17:53:59 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Fri, 18 Jan 2008 12:53:59 -0500
Subject: [Fedora-directory-commits] esc/src/app/xpcom/tray rhLinuxTray.cpp,
	1.5, 1.6
Message-ID: <200801181753.m0IHrxOh029252@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/src/app/xpcom/tray
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29234

Modified Files:
	rhLinuxTray.cpp 
Log Message:
Fix for tray icon popup menu positioning. Bug#253248.



Index: rhLinuxTray.cpp
===================================================================
RCS file: /cvs/dirsec/esc/src/app/xpcom/tray/rhLinuxTray.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- rhLinuxTray.cpp	7 May 2007 23:46:43 -0000	1.5
+++ rhLinuxTray.cpp	18 Jan 2008 17:53:57 -0000	1.6
@@ -49,9 +49,15 @@
   char tBuff[56];
   GtkWidget *icon_box_widget = GTK_WIDGET(user_data);
 
+
   if(icon_box_widget)
   {
+     GdkScreen* gscreen = gdk_screen_get_default(); 
      GdkWindow* window = icon_box_widget->window;
+  
+     if(!window)
+         return;
+
 
      gint width;
      gint height;
@@ -59,20 +65,37 @@
      gint px;
      gint py;
 
+     gint screen_width  = 0;
+     gint screen_height = 0;
+
+     if(gscreen)
+     {
+         screen_width  = gdk_screen_get_width(gscreen);
+         screen_height = gdk_screen_get_height(gscreen);
+     }
+
      gdk_drawable_get_size(window,&width,&height);
 
-     gdk_window_get_position(window,
+     gdk_window_get_origin(window,
                                      &px,
                                      &py);
 
-    PR_LOG( trayLog, PR_LOG_DEBUG, ("%s popup_position width %d height %d  px %d py %d \n",GetTStamp(tBuff,56),width,height,px,py));
+    PR_LOG( trayLog, PR_LOG_DEBUG, ("%s popup_position width %d height %d  px %d py %d *x %d *y %d  screen_w %d screen_h %d  \n",GetTStamp(tBuff,56),width,height,px,py,*x,*y,screen_width, screen_height));
+
+    // Are we close to the bottom of the screen? 
 
+    if( screen_width > 0 && screen_height > 0 
+        && ( screen_height - py) < (height * 3))
+    {
+        height = height* -2 ;
+    }
 
      gint x_coord = px;
      gint y_coord = (py + height);
 
      *x = x_coord;
      *y = y_coord; 
+     *push_in = TRUE;
 
   }
 



From fedora-directory-commits at redhat.com  Tue Jan 22 00:20:21 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Mon, 21 Jan 2008 19:20:21 -0500
Subject: [Fedora-directory-commits] ldapserver component_versions.mk,
	1.35.2.11, 1.35.2.12 internal_comp_deps.mk, 1.24.2.4, 1.24.2.5
Message-ID: <200801220020.m0M0KL6m010127@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10101

Modified Files:
      Tag: Directory71RtmBranch
	component_versions.mk internal_comp_deps.mk 
Log Message:
Picking up the rebuilt libdb4.2 (20080121)



Index: component_versions.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/Attic/component_versions.mk,v
retrieving revision 1.35.2.11
retrieving revision 1.35.2.12
diff -u -r1.35.2.11 -r1.35.2.12
--- component_versions.mk	15 Jan 2008 21:19:19 -0000	1.35.2.11
+++ component_versions.mk	22 Jan 2008 00:20:18 -0000	1.35.2.12
@@ -66,7 +66,7 @@
 DB_MAJOR_MINOR:=db42
 endif
 ifndef DB_VERSION
-  DB_VERSION:=20040813
+  DB_VERSION:=20080121
 endif
 
 # DBM Library


Index: internal_comp_deps.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/Attic/internal_comp_deps.mk,v
retrieving revision 1.24.2.4
retrieving revision 1.24.2.5
diff -u -r1.24.2.4 -r1.24.2.5
--- internal_comp_deps.mk	15 Jan 2008 21:19:19 -0000	1.24.2.4
+++ internal_comp_deps.mk	22 Jan 2008 00:20:18 -0000	1.24.2.5
@@ -297,10 +297,11 @@
 ifndef DB_SOURCE_ROOT
 #if no version specified, we'll use the latest one
 ifndef DB_VERSION
-  DB_VERSION=20040130
+  DB_VERSION=20080121
 endif
 # define the paths to the component parts
-db_components_share=$(COMPONENTS_DIR)/$(db_component_name)
+#db_components_share=$(COMPONENTS_DIR)/$(db_component_name)
+db_components_share=$(COMPONENTS_DIR_DEV)/$(db_component_name)
 MY_NSOBJDIR_TAG=$(NSOBJDIR_TAG).OBJ
 db_release_config =$(db_components_share)/$(DB_VERSION)/$(NSCONFIG_NOTAG)$(NS64TAG)$(MY_NSOBJDIR_TAG)
 # add ",bin" to DB_FILES if you want the programs like db_verify, db_recover, etc.



From fedora-directory-commits at redhat.com  Tue Jan 22 18:00:31 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:00:31 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557 - New directory
Message-ID: <200801221800.m0MI0Vjf024365@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24350/Tokend-30557

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557 added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:00:58 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:00:58 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey - New
	directory
Message-ID: <200801221800.m0MI0wul024462@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24414/CoolKey

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/CoolKey added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:00:59 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:00:59 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/Tokend - New
	directory
Message-ID: <200801221800.m0MI0x1t024467@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/Tokend
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24414/Tokend

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/Tokend added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:00:59 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:00:59 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/build - New
	directory
Message-ID: <200801221800.m0MI0xnd024477@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/build
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24414/build

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/build added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:00:59 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:00:59 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/Tokend.xcodeproj -
	New directory
Message-ID: <200801221800.m0MI0xfw024472@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/Tokend.xcodeproj
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24414/Tokend.xcodeproj

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/Tokend.xcodeproj added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:01:15 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:01:15 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey/mds - New
	directory
Message-ID: <200801221801.m0MI1Fiv030871@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/mds
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30376/mds

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/mds added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:01:15 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:01:15 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey/pkcs11 -
	New directory
Message-ID: <200801221801.m0MI1FGK030900@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/pkcs11
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30376/pkcs11

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/pkcs11 added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:07 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:07 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/build/Tokend.build
	- New directory
Message-ID: <200801221802.m0MI27wc031389@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/build/Tokend.build
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31374/Tokend.build

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/build/Tokend.build added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:15 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:15 -0500
Subject: [Fedora-directory-commits] 
	esc/mac/Tokend-30557/build/Tokend.build/Tokend.pbxindex - New
	directory
Message-ID: <200801221802.m0MI2FZ8031410@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/build/Tokend.build/Tokend.pbxindex
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31395/Tokend.pbxindex

Log Message:
Directory /cvs/dirsec/esc/mac/Tokend-30557/build/Tokend.build/Tokend.pbxindex added to the repository




From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:55 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:55 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/Tokend.xcodeproj
	project.pbxproj, NONE, 1.1
Message-ID: <200801221802.m0MI2t2b031596@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/Tokend.xcodeproj
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436/Tokend.xcodeproj

Added Files:
	project.pbxproj 
Log Message:
Initial revision


--- NEW FILE project.pbxproj ---
// !$*UTF8*$!
{
	archiveVersion = 1;
	classes = {
	};
	objectVersion = 42;
	objects = {

/* Begin PBXAggregateTarget section */
		4C771E7F070A39590035E04F /* world */ = {
			isa = PBXAggregateTarget;
			buildConfigurationList = 53EE0C2E0C92291C0095AC7D /* Build configuration list for PBXAggregateTarget "world" */;
			buildPhases = (
			);
			buildSettings = {
				PRODUCT_NAME = world;
				SECTORDER_FLAGS = "";
			};
			dependencies = (
				53B1FC540C972DD30031928B /* PBXTargetDependency */,
			);
			name = world;
			productName = world;
		};
/* End PBXAggregateTarget section */

/* Begin PBXBuildFile section */
		4C273A220708CE2C00CCB0FA /* CACError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C273A200708CE2C00CCB0FA /* CACError.cpp */; };
		4C414FE207305D34004C9490 /* Adornment.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B6406DBF99F00014414 /* Adornment.cpp */; };
		4C414FE307305D34004C9490 /* Adornment.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C1B9B6306DBF99F00014414 /* Adornment.h */; };
		4C414FE407305D34004C9490 /* Attribute.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9606DBF81800FA17D9 /* Attribute.cpp */; };
		4C414FE507305D34004C9490 /* Attribute.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9706DBF81800FA17D9 /* Attribute.h */; };
		4C414FE607305D34004C9490 /* AttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A8A06DBF81800FA17D9 /* AttributeCoder.cpp */; };
		4C414FE707305D34004C9490 /* AttributeCoder.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A8B06DBF81800FA17D9 /* AttributeCoder.h */; };
		4C414FE807305D34004C9490 /* Cursor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9806DBF81800FA17D9 /* Cursor.cpp */; };
		4C414FE907305D34004C9490 /* Cursor.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9906DBF81800FA17D9 /* Cursor.h */; };
		4C414FEA07305D34004C9490 /* DbValue.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9A06DBF81800FA17D9 /* DbValue.cpp */; };
		4C414FEB07305D34004C9490 /* DbValue.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9B06DBF81800FA17D9 /* DbValue.h */; };
		4C414FEC07305D34004C9490 /* KeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3C166E06F61D6F00FC8AAC /* KeyHandle.cpp */; };
		4C414FED07305D34004C9490 /* KeyHandle.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C3C166D06F61D6F00FC8AAC /* KeyHandle.h */; };
		4C414FEE07305D34004C9490 /* MetaAttribute.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9C06DBF81800FA17D9 /* MetaAttribute.cpp */; };
		4C414FEF07305D34004C9490 /* MetaAttribute.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9D06DBF81800FA17D9 /* MetaAttribute.h */; };
		4C414FF007305D34004C9490 /* MetaRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9E06DBF81800FA17D9 /* MetaRecord.cpp */; };
		4C414FF107305D34004C9490 /* MetaRecord.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9F06DBF81800FA17D9 /* MetaRecord.h */; };
		4C414FF407305D34004C9490 /* Record.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA006DBF81800FA17D9 /* Record.cpp */; };
		4C414FF507305D34004C9490 /* Record.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA106DBF81800FA17D9 /* Record.h */; };
		4C414FF607305D34004C9490 /* RecordHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C55BAFC06DEABE500E4200A /* RecordHandle.cpp */; };
		4C414FF707305D34004C9490 /* RecordHandle.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C55BAFB06DEABE500E4200A /* RecordHandle.h */; };
		4C414FF807305D34004C9490 /* Relation.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A8E06DBF81800FA17D9 /* Relation.cpp */; };
		4C414FF907305D34004C9490 /* Relation.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A8F06DBF81800FA17D9 /* Relation.h */; };
		4C414FFA07305D34004C9490 /* Schema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA206DBF81800FA17D9 /* Schema.cpp */; };
		4C414FFB07305D34004C9490 /* Schema.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA306DBF81800FA17D9 /* Schema.h */; };
		4C414FFC07305D34004C9490 /* SelectionPredicate.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA406DBF81800FA17D9 /* SelectionPredicate.cpp */; };
		4C414FFD07305D34004C9490 /* SelectionPredicate.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA506DBF81800FA17D9 /* SelectionPredicate.h */; };
		4C414FFE07305D34004C9490 /* Token.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9006DBF81800FA17D9 /* Token.cpp */; };
		4C414FFF07305D34004C9490 /* Token.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9106DBF81800FA17D9 /* Token.h */; };
		4C41500007305D34004C9490 /* TokenContext.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9206DBF81800FA17D9 /* TokenContext.cpp */; };
		4C41500107305D34004C9490 /* TokenContext.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9306DBF81800FA17D9 /* TokenContext.h */; };
		4C41500807305DA5004C9490 /* KeyRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CE2E6A406DC06AB00E21469 /* KeyRecord.cpp */; };
		4C41500A07305DA5004C9490 /* musclecard.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3FACAD06DBF84400D18D5F /* musclecard.cpp */; };
		4C41500B07305DA5004C9490 /* MuscleCardAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B5C06DBF96E00014414 /* MuscleCardAttributeCoder.cpp */; };
		4C41500D07305DA5004C9490 /* MuscleCardKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C253C0E06F66A6100B5CED6 /* MuscleCardKeyHandle.cpp */; };
		4C41500F07305DA5004C9490 /* MuscleCardSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B8906DBFEE200014414 /* MuscleCardSchema.cpp */; };
		4C41501107305DA5004C9490 /* MuscleCardToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3FACAE06DBF84400D18D5F /* MuscleCardToken.cpp */; };
		4C41501307305DA5004C9490 /* TokenRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C63F7A506DC052A00CB6F22 /* TokenRecord.cpp */; };
		4C41501507305DB4004C9490 /* MscACL.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AAB06DBF81800FA17D9 /* MscACL.cpp */; };
		4C41501707305DB4004C9490 /* MscError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA906DBF81800FA17D9 /* MscError.cpp */; };
		4C41501907305DB4004C9490 /* MscKey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AAF06DBF81800FA17D9 /* MscKey.cpp */; };
		4C41501B07305DB4004C9490 /* MscObject.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB106DBF81800FA17D9 /* MscObject.cpp */; };
		4C41501D07305DB4004C9490 /* MscPIN.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB306DBF81800FA17D9 /* MscPIN.cpp */; };
		4C41501F07305DB4004C9490 /* MscToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB506DBF81800FA17D9 /* MscToken.cpp */; };
		4C41502107305DB4004C9490 /* MscTokenConnection.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB706DBF81800FA17D9 /* MscTokenConnection.cpp */; };
		4C41502307305DB4004C9490 /* MscWrappers.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB906DBF81800FA17D9 /* MscWrappers.cpp */; };
		4C5C1CF3073065EA00AECB7F /* belpic_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CE8073065EA00AECB7F /* belpic_csp_capabilities.mdsinfo */; };
		4C5C1CF4073065EA00AECB7F /* belpic_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CE9073065EA00AECB7F /* belpic_csp_capabilities_common.mds */; };
		4C5C1CF5073065EA00AECB7F /* belpic_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEA073065EA00AECB7F /* belpic_csp_primary.mdsinfo */; };
		4C5C1CF6073065EA00AECB7F /* belpic_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEB073065EA00AECB7F /* belpic_dl_primary.mdsinfo */; };
		4C5C1CF7073065EA00AECB7F /* belpic_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEC073065EA00AECB7F /* belpic_smartcard.mdsinfo */; };
		4C5C1D0B0730661500AECB7F /* cac_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D000730661500AECB7F /* cac_csp_capabilities.mdsinfo */; };
		4C5C1D0C0730661500AECB7F /* cac_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D010730661500AECB7F /* cac_csp_capabilities_common.mds */; };
		4C5C1D0D0730661500AECB7F /* cac_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D020730661500AECB7F /* cac_csp_primary.mdsinfo */; };
		4C5C1D0E0730661500AECB7F /* cac_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D030730661500AECB7F /* cac_dl_primary.mdsinfo */; };
		4C5C1D0F0730661500AECB7F /* cac_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D040730661500AECB7F /* cac_smartcard.mdsinfo */; };
		4C5C1D3B0730664E00AECB7F /* musclecard_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D300730664E00AECB7F /* musclecard_csp_capabilities.mdsinfo */; };
		4C5C1D3C0730664E00AECB7F /* musclecard_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D310730664E00AECB7F /* musclecard_csp_capabilities_common.mds */; };
		4C5C1D3D0730664E00AECB7F /* musclecard_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D320730664E00AECB7F /* musclecard_csp_primary.mdsinfo */; };
		4C5C1D3E0730664E00AECB7F /* musclecard_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D330730664E00AECB7F /* musclecard_dl_primary.mdsinfo */; };
		4C5C1D3F0730664E00AECB7F /* musclecard_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D340730664E00AECB7F /* musclecard_smartcard.mdsinfo */; };
		4C6C13980730791D00514500 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
		4C7BA7540703990100E5719F /* CACAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA7490703990100E5719F /* CACAttributeCoder.cpp */; };
		4C7BA7550703990100E5719F /* CACKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74B0703990100E5719F /* CACKeyHandle.cpp */; };
		4C7BA7560703990100E5719F /* CACSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74D0703990100E5719F /* CACSchema.cpp */; };
		4C7BA7570703990100E5719F /* CACToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74F0703990100E5719F /* CACToken.cpp */; };
		4C7BA7580703990100E5719F /* cac.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA7510703990100E5719F /* cac.cpp */; };
		4C7BA79D07039B3000E5719F /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
		4C86D3AE070B4122006A0C7F /* belpic.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A0070B4122006A0C7F /* belpic.cpp */; };
		4C86D3B0070B4122006A0C7F /* BELPICError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A3070B4122006A0C7F /* BELPICError.cpp */; };
		4C86D3B1070B4122006A0C7F /* BELPICKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A5070B4122006A0C7F /* BELPICKeyHandle.cpp */; };
		4C86D3B2070B4122006A0C7F /* BELPICRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A7070B4122006A0C7F /* BELPICRecord.cpp */; };
		4C86D3B3070B4122006A0C7F /* BELPICSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A9070B4122006A0C7F /* BELPICSchema.cpp */; };
		4C86D3B4070B4122006A0C7F /* BELPICToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3AB070B4122006A0C7F /* BELPICToken.cpp */; };
		4CA8C4D706D6D19400F1BCC8 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
		4CBF5C3A0704CDBF00EEADC2 /* CACRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CBF5C390704CDBF00EEADC2 /* CACRecord.cpp */; };
		4CBF5CBF0704E76200EEADC2 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CBF5CBE0704E76200EEADC2 /* libz.dylib */; };
		4CC3947B0731A4DD00761DEE /* SCardError.h in Headers */ = {isa = PBXBuildFile; fileRef = 4CC394790731A4DD00761DEE /* SCardError.h */; };
		4CC3947C0731A4DD00761DEE /* SCardError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CC3947A0731A4DD00761DEE /* SCardError.cpp */; };
		5391D2B60C973E1400A44E90 /* coolkey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC2F0C972D510031928B /* coolkey.cpp */; };
		5391D2B70C973E3100A44E90 /* CoolKeyAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC300C972D510031928B /* CoolKeyAttributeCoder.cpp */; };
		5391D2B80C973E3900A44E90 /* CoolKeyError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC320C972D510031928B /* CoolKeyError.cpp */; };
		5391D2B90C973E4600A44E90 /* CoolKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC340C972D510031928B /* CoolKeyHandle.cpp */; };
		5391D2BA0C973E5000A44E90 /* CoolKeyPK11.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC360C972D510031928B /* CoolKeyPK11.cpp */; };
		5391D2BB0C973E5800A44E90 /* CoolKeyRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC380C972D510031928B /* CoolKeyRecord.cpp */; };
		5391D2BC0C973E5F00A44E90 /* CoolKeySchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC3A0C972D510031928B /* CoolKeySchema.cpp */; };
		5391D2BD0C973E6600A44E90 /* CoolKeyToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53B1FC3C0C972D510031928B /* CoolKeyToken.cpp */; };
		5391D2DC0C973F5100A44E90 /* coolkey_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 5391D2D70C973F5100A44E90 /* coolkey_csp_capabilities_common.mds */; };
		5391D2DD0C973F5100A44E90 /* coolkey_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5391D2D80C973F5100A44E90 /* coolkey_csp_capabilities.mdsinfo */; };
		5391D2DE0C973F5100A44E90 /* coolkey_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5391D2D90C973F5100A44E90 /* coolkey_csp_primary.mdsinfo */; };
		5391D2DF0C973F5100A44E90 /* coolkey_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5391D2DA0C973F5100A44E90 /* coolkey_dl_primary.mdsinfo */; };
		5391D2E00C973F5100A44E90 /* coolkey_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5391D2DB0C973F5100A44E90 /* coolkey_smartcard.mdsinfo */; };
		53B1FBE20C97193A0031928B /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
/* End PBXBuildFile section */

/* Begin PBXBuildStyle section */
		014CEA520018CE5811CA2923 /* Development */ = {
			isa = PBXBuildStyle;
			buildSettings = {
				BUILD_VARIANTS = debug;
				COPY_PHASE_STRIP = NO;
				GCC_DYNAMIC_NO_PIC = NO;
				GCC_ENABLE_FIX_AND_CONTINUE = YES;
				GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
				GCC_OPTIMIZATION_LEVEL = 0;
				GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
				GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
				GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
				GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
				GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
				GCC_WARN_MISSING_PARENTHESES = YES;
				GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
				GCC_WARN_PEDANTIC = NO;
				GCC_WARN_SHADOW = NO;
				GCC_WARN_SIGN_COMPARE = YES;
				GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
				GCC_WARN_UNINITIALIZED_AUTOS = NO;
				GCC_WARN_UNKNOWN_PRAGMAS = YES;
				GCC_WARN_UNUSED_FUNCTION = YES;
				GCC_WARN_UNUSED_LABEL = YES;
				GCC_WARN_UNUSED_PARAMETER = YES;
				GCC_WARN_UNUSED_VALUE = YES;
				GCC_WARN_UNUSED_VARIABLE = YES;
				ZERO_LINK = NO;
			};
			name = Development;
		};
		014CEA530018CE5811CA2923 /* Deployment */ = {
			isa = PBXBuildStyle;
			buildSettings = {
				GCC_ENABLE_FIX_AND_CONTINUE = NO;
				ZERO_LINK = NO;
			};
			name = Deployment;
		};
		4CABFE4C06DD4AD6002AA6F9 /* normal with debug from build folder */ = {
			isa = PBXBuildStyle;
			buildSettings = {
				BUILD_VARIANTS = normal;
				OPT_LDFLAGS = "";
				OPT_LDXFLAGS = "";
				OPT_LDXNOPIC = "";
				OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
				OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -O0 -fno-inline";
				OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -O0 -fno-inline";
				PREBINDING = NO;
				SECTORDER_FLAGS = "";
			};
			name = "normal with debug from build folder";
		};
/* End PBXBuildStyle section */

/* Begin PBXContainerItemProxy section */
		4C41506E07305E0F004C9490 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 4C414FAA07305C57004C9490;
			remoteInfo = tokend;
		};
		4C41507007305E17004C9490 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 4C414FAA07305C57004C9490;
			remoteInfo = tokend;
		};
		4C41507407305E1C004C9490 /* PBXContainerItemProxy */ = {
			isa = PBXContainerItemProxy;
			containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
			proxyType = 1;
			remoteGlobalIDString = 4C414FAA07305C57004C9490;
[...1967 lines suppressed...]
				ZERO_LINK = NO;
			};
			name = Deployment;
		};
		53EE0C360C92291C0095AC7D /* normal with debug from build folder */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				BUILD_VARIANTS = normal;
				CURRENT_PROJECT_VERSION = 30557;
				FRAMEWORK_SEARCH_PATHS = (
					/usr/local/SecurityPieces/Frameworks,
					"$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
				);
				GCC_DYNAMIC_NO_PIC = YES;
				GCC_MODEL_TUNING = G5;
				INFOPLIST_FILE = MuscleCard/Info.plist;
				INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
				OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
				OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
				OPT_INLINEXFLAGS = " -finline-functions";
				OPT_LDFLAGS = "";
				OPT_LDXFLAGS = "";
				OPT_LDXNOPIC = "";
				OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
				OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
				OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
				OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
				OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -O0 -fno-inline";
				OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
				OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
				OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -O0 -fno-inline";
				OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
				OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -ltokend_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
				OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -ltokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
				OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -ltokend_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile  -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
				PREBINDING = NO;
				PRODUCT_NAME = MuscleCard;
				SECTORDER_FLAGS = "";
				VERSIONING_SYSTEM = "apple-generic";
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
				WRAPPER_EXTENSION = tokend;
			};
			name = "normal with debug from build folder";
		};
		53EE0C370C92291C0095AC7D /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
				BUILD_VARIANTS = (
					normal,
					debug,
				);
				CURRENT_PROJECT_VERSION = 30557;
				FRAMEWORK_SEARCH_PATHS = (
					/usr/local/SecurityPieces/Frameworks,
					"$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
				);
				GCC_DYNAMIC_NO_PIC = YES;
				GCC_MODEL_TUNING = G5;
				INFOPLIST_FILE = MuscleCard/Info.plist;
				INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
				OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
				OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
				OPT_INLINEXFLAGS = " -finline-functions";
				OPT_LDXFLAGS = "-dead_strip";
				OPT_LDXNOPIC = ",_nopic";
				OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
				OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
				OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
				OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
				OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
				OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
				OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
				OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
				OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
				OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -ltokend_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
				OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -ltokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
				OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -ltokend_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile  -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
				PRODUCT_NAME = MuscleCard;
				VERSIONING_SYSTEM = "apple-generic";
				WARNING_CFLAGS = (
					"-Wmost",
					"-Wno-four-char-constants",
					"-Wno-unknown-pragmas",
				);
				WRAPPER_EXTENSION = tokend;
			};
			name = Default;
		};
		53EE0C390C92291C0095AC7D /* Development */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
			};
			name = Development;
		};
		53EE0C3A0C92291C0095AC7D /* Deployment */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
			};
			name = Deployment;
		};
		53EE0C3B0C92291C0095AC7D /* normal with debug from build folder */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
			};
			name = "normal with debug from build folder";
		};
		53EE0C3C0C92291C0095AC7D /* Default */ = {
			isa = XCBuildConfiguration;
			buildSettings = {
			};
			name = Default;
		};
/* End XCBuildConfiguration section */

/* Begin XCConfigurationList section */
		53B1FBE30C97193A0031928B /* Build configuration list for PBXNativeTarget "COOLKEY" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53B1FBE40C97193A0031928B /* Development */,
				53B1FBE50C97193A0031928B /* Deployment */,
				53B1FBE60C97193A0031928B /* normal with debug from build folder */,
				53B1FBE70C97193A0031928B /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C1F0C92291C0095AC7D /* Build configuration list for PBXNativeTarget "tokend" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C200C92291C0095AC7D /* Development */,
				53EE0C210C92291C0095AC7D /* Deployment */,
				53EE0C220C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C230C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C240C92291C0095AC7D /* Build configuration list for PBXNativeTarget "BELPIC" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C250C92291C0095AC7D /* Development */,
				53EE0C260C92291C0095AC7D /* Deployment */,
				53EE0C270C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C280C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C290C92291C0095AC7D /* Build configuration list for PBXNativeTarget "CAC" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C2A0C92291C0095AC7D /* Development */,
				53EE0C2B0C92291C0095AC7D /* Deployment */,
				53EE0C2C0C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C2D0C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C2E0C92291C0095AC7D /* Build configuration list for PBXAggregateTarget "world" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C2F0C92291C0095AC7D /* Development */,
				53EE0C300C92291C0095AC7D /* Deployment */,
				53EE0C310C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C320C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C330C92291C0095AC7D /* Build configuration list for PBXNativeTarget "MuscleCard" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C340C92291C0095AC7D /* Development */,
				53EE0C350C92291C0095AC7D /* Deployment */,
				53EE0C360C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C370C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
		53EE0C380C92291C0095AC7D /* Build configuration list for PBXProject "Tokend" */ = {
			isa = XCConfigurationList;
			buildConfigurations = (
				53EE0C390C92291C0095AC7D /* Development */,
				53EE0C3A0C92291C0095AC7D /* Deployment */,
				53EE0C3B0C92291C0095AC7D /* normal with debug from build folder */,
				53EE0C3C0C92291C0095AC7D /* Default */,
			);
			defaultConfigurationIsVisible = 0;
			defaultConfigurationName = Default;
		};
/* End XCConfigurationList section */
	};
	rootObject = 08FB7793FE84155DC02AAC07 /* Project object */;
}



From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:54 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:54 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey/mds
	coolkey_csp_capabilities.mdsinfo, NONE,
	1.1 coolkey_csp_capabilities_common.mds, NONE,
	1.1 coolkey_csp_primary.mdsinfo, NONE,
	1.1 coolkey_dl_primary.mdsinfo, NONE,
	1.1 coolkey_smartcard.mdsinfo, NONE, 1.1
Message-ID: <200801221802.m0MI2sKc031581@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/mds
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436/CoolKey/mds

Added Files:
	coolkey_csp_capabilities.mdsinfo 
	coolkey_csp_capabilities_common.mds 
	coolkey_csp_primary.mdsinfo coolkey_dl_primary.mdsinfo 
	coolkey_smartcard.mdsinfo 
Log Message:
Initial revision


--- NEW FILE coolkey_csp_capabilities.mdsinfo ---




	Capabilities
	file:coolkey_csp_capabilities_common.mds
	MdsFileDescription
	CoolKey Token CSPDL CSP Capabilities
	MdsFileType
	PluginSpecific
	MdsRecordType
	MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE




--- NEW FILE coolkey_csp_capabilities_common.mds ---




	
		AlgType
		CSSM_ALGID_SHA1
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_OUTPUT_SIZE
				AttributeValue
				20
			
		
		ContextType
		CSSM_ALGCLASS_DIGEST
		Description
		SHA1 Digest
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_MD5
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_OUTPUT_SIZE
				AttributeValue
				16
			
		
		ContextType
		CSSM_ALGCLASS_DIGEST
		Description
		MD5 Digest
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_MD2
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_OUTPUT_SIZE
				AttributeValue
				16
			
		
		ContextType
		CSSM_ALGCLASS_DIGEST
		Description
		MD2 Digest
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		RSA Key Pair Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_DES
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_KEY_LENGTH
				AttributeValue
				64
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		DES Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_3DES_3KEY
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_KEY_LENGTH
				AttributeValue
				192
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		3DES Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RC2
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		RC2 Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RC4
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		RC4 Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RC5
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		RC5 Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_CAST
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				New item
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		CAST Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_BLOWFISH
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		Blowfish Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1HMAC
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		SHA1HMAC Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_MD5HMAC
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		MD5HMAC Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_AES
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_KEY_LENGTH
				AttributeValue
				
					128
					192
					256
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		AES Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_ASC
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		ASC Key Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEE
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_KEY_LENGTH
				AttributeValue
				
					31
					127
					128
					161
					192
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		FEE Key Pair Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_DSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_KEYGEN
		Description
		DSA Key Pair Generation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_PKCS5_PBKDF2
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_DERIVEKEY
		Description
		PKCS5 Key Derivation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_PKCS5_PBKDF1_MD5
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_DERIVEKEY
		Description
		PKCS5 PBKDF1 MD5 Key Derivation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_PKCS5_PBKDF1_MD2
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_DERIVEKEY
		Description
		PKCS5 PBKDF1 MD2 Key Derivation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_PKCS5_PBKDF1_SHA1
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_DERIVEKEY
		Description
		PKCS5 PBKDF1 SHA1 Key Derivation
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_DES
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		DES Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_3DES_3KEY_EDE
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		3DES EDE Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_AES
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		AES Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RC4
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					0
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		RC4 Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RC5
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		RC5 Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_BLOWFISH
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		Blowfish Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_CAST
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_MODE
				AttributeValue
				
					2
					3
					5
					6
				
			
		
		ContextType
		CSSM_ALGCLASS_SYMMETRIC
		Description
		CAST Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_ASYMMETRIC
		Description
		RSA Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEEDEXP
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_ASYMMETRIC
		Description
		FEEDExp Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEED
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_ASYMMETRIC
		Description
		FEED Encryption
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1WithRSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		SHA1 With RSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_MD5WithRSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		MD5 With RSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_MD2WithRSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		MD2 With RSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_RSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		Raw RSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1WithDSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		SHA1 With DSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_DSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		Raw DSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEE_MD5
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		MD5 with FEE Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEE_SHA1
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		SHA1 with FEE Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_FEE
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		Raw FEE Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1WithECDSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		SHA1 with ECDSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_ECDSA
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_SIGNATURE
		Description
		Raw ECDSA Signature
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1HMAC
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_OUTPUT_SIZE
				AttributeValue
				20
			
		
		ContextType
		CSSM_ALGCLASS_MAC
		Description
		SHA1HMAC MAC
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_SHA1HMAC_LEGACY
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_OUTPUT_SIZE
				AttributeValue
				20
			
		
		ContextType
		CSSM_ALGCLASS_MAC
		Description
		SHA1HMAC MAC Legacy
		UseeTag
		CSSM_USEE_NONE
	
	
		AlgType
		CSSM_ALGID_APPLE_YARROW
		Attributes
		
			
				AttributeType
				CSSM_ATTRIBUTE_NONE
				AttributeValue
				
			
		
		ContextType
		CSSM_ALGCLASS_RANDOMGEN
		Description
		Yarrow PRNG
		UseeTag
		CSSM_USEE_NONE
	




--- NEW FILE coolkey_csp_primary.mdsinfo ---




	AclSubjectTypes
	
		CSSM_ACL_SUBJECT_TYPE_PASSWORD
		CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD
		CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD
	
	AuthTags
	
	
		CSSM_ACL_AUTHORIZATION_ANY
	
	CspCustomFlags
	0
	CspFlags
	
	CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC
	CspType
	CSSM_CSP_HARDWARE
	MdsFileDescription
	Token CSPDL CSP Primary info
	MdsFileType
	PluginSpecific
	MdsRecordType
	MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE
	ModuleName
	AppleSDCSPDL
	ProductVersion
	0.1
	SampleTypes
	
		CSSM_SAMPLE_TYPE_PASSWORD
		CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD
		CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD
	
	UseeTags
	
	Vendor
	Apple Computer, Inc.




--- NEW FILE coolkey_dl_primary.mdsinfo ---




	AclSubjectTypes
	
		CSSM_ACL_SUBJECT_TYPE_PASSWORD
		CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD
		CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD
	
	AuthTags
	
	
		CSSM_ACL_AUTHORIZATION_ANY
	
	ConjunctiveOps
	
		CSSM_DB_NONE
		CSSM_DB_AND
		CSSM_DB_OR
	
	DLType
	CSSM_DL_FFS
	MdsFileDescription
	Token CSPDL DL Primary info
	MdsFileType
	PluginSpecific
	MdsRecordType
	MDS_CDSADIR_DL_PRIMARY_RECORDTYPE
	ModuleName
	AppleSDCSPDL
	ProductVersion
	0.1
	QueryLimitsFlag
	0
	RelationalOps
	
		CSSM_DB_EQUAL
		CSSM_DB_LESS_THAN
		CSSM_DB_GREATER_THAN
		CSSM_DB_CONTAINS_FINAL_SUBSTRING
		CSSM_DB_CONTAINS_INITIAL_SUBSTRING
		CSSM_DB_CONTAINS
		
	
	SampleTypes
	
		CSSM_SAMPLE_TYPE_PASSWORD
		CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD
		CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD
	
	Vendor
	Apple Computer, Inc.




--- NEW FILE coolkey_smartcard.mdsinfo ---




	MdsFileDescription
	SD/CSPDL Generic Smartcard Information
	MdsRecordType
	MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE
	MdsFileType
	PluginSpecific
	ScVendor
	Generic
	ScVersion
	unknown
	ScFirmwareVersion
	unknown
	ScFlags			
	0
	ScCustomFlags
	0





From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:54 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:54 -0500
Subject: [Fedora-directory-commits] 
	esc/mac/Tokend-30557 APPLE_LICENSE, NONE,
	1.1 testcms.sh, NONE, 1.1 testssl.sh, NONE, 1.1
Message-ID: <200801221802.m0MI2sgM031571@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436

Added Files:
	APPLE_LICENSE testcms.sh testssl.sh 
Log Message:
Initial revision


--- NEW FILE APPLE_LICENSE ---
APPLE PUBLIC SOURCE LICENSE
Version 2.0 - August 6, 2003

Please read this License carefully before downloading this software.
By downloading or using this software, you are agreeing to be bound by
the terms of this License. If you do not or cannot agree to the terms
of this License, please do not download or use the software.

1. General; Definitions. This License applies to any program or other
work which Apple Computer, Inc. ("Apple") makes publicly available and
which contains a notice placed by Apple identifying such program or
work as "Original Code" and stating that it is subject to the terms of
this Apple Public Source License version 2.0 ("License"). As used in
this License:

1.1 "Applicable Patent Rights" mean: (a) in the case where Apple is
the grantor of rights, (i) claims of patents that are now or hereafter
acquired, owned by or assigned to Apple and (ii) that cover subject
matter contained in the Original Code, but only to the extent
necessary to use, reproduce and/or distribute the Original Code
without infringement; and (b) in the case where You are the grantor of
rights, (i) claims of patents that are now or hereafter acquired,
owned by or assigned to You and (ii) that cover subject matter in Your
Modifications, taken alone or in combination with Original Code.

1.2 "Contributor" means any person or entity that creates or
contributes to the creation of Modifications.

1.3 "Covered Code" means the Original Code, Modifications, the
combination of Original Code and any Modifications, and/or any
respective portions thereof.

1.4 "Externally Deploy" means: (a) to sublicense, distribute or
otherwise make Covered Code available, directly or indirectly, to
anyone other than You; and/or (b) to use Covered Code, alone or as
part of a Larger Work, in any way to provide a service, including but
not limited to delivery of content, through electronic communication
with a client other than You.

1.5 "Larger Work" means a work which combines Covered Code or portions
thereof with code not governed by the terms of this License.

1.6 "Modifications" mean any addition to, deletion from, and/or change
to, the substance and/or structure of the Original Code, any previous
Modifications, the combination of Original Code and any previous
Modifications, and/or any respective portions thereof. When code is
released as a series of files, a Modification is: (a) any addition to
or deletion from the contents of a file containing Covered Code;
and/or (b) any new file or other representation of computer program
statements that contains any part of Covered Code.

1.7 "Original Code" means (a) the Source Code of a program or other
work as originally made available by Apple under this License,
including the Source Code of any updates or upgrades to such programs
or works made available by Apple under this License, and that has been
expressly identified by Apple as such in the header file(s) of such
work; and (b) the object code compiled from such Source Code and
originally made available by Apple under this License.

1.8 "Source Code" means the human readable form of a program or other
work that is suitable for making modifications to it, including all
modules it contains, plus any associated interface definition files,
scripts used to control compilation and installation of an executable
(object code).

1.9 "You" or "Your" means an individual or a legal entity exercising
rights under this License. For legal entities, "You" or "Your"
includes any entity which controls, is controlled by, or is under
common control with, You, where "control" means (a) the power, direct
or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of fifty percent
(50%) or more of the outstanding shares or beneficial ownership of
such entity.

2. Permitted Uses; Conditions & Restrictions. Subject to the terms
and conditions of this License, Apple hereby grants You, effective on
the date You accept this License and download the Original Code, a
world-wide, royalty-free, non-exclusive license, to the extent of
Apple's Applicable Patent Rights and copyrights covering the Original
Code, to do the following:

2.1 Unmodified Code. You may use, reproduce, display, perform,
internally distribute within Your organization, and Externally Deploy
verbatim, unmodified copies of the Original Code, for commercial or
non-commercial purposes, provided that in each instance:

(a) You must retain and reproduce in all copies of Original Code the
copyright and other proprietary notices and disclaimers of Apple as
they appear in the Original Code, and keep intact all notices in the
Original Code that refer to this License; and

(b) You must include a copy of this License with every copy of Source
Code of Covered Code and documentation You distribute or Externally
Deploy, and You may not offer or impose any terms on such Source Code
that alter or restrict this License or the recipients' rights
hereunder, except as permitted under Section 6.

2.2 Modified Code. You may modify Covered Code and use, reproduce,
display, perform, internally distribute within Your organization, and
Externally Deploy Your Modifications and Covered Code, for commercial
or non-commercial purposes, provided that in each instance You also
meet all of these conditions:

(a) You must satisfy all the conditions of Section 2.1 with respect to
the Source Code of the Covered Code;

(b) You must duplicate, to the extent it does not already exist, the
notice in Exhibit A in each file of the Source Code of all Your
Modifications, and cause the modified files to carry prominent notices
stating that You changed the files and the date of any change; and

(c) If You Externally Deploy Your Modifications, You must make
Source Code of all Your Externally Deployed Modifications either
available to those to whom You have Externally Deployed Your
Modifications, or publicly available. Source Code of Your Externally
Deployed Modifications must be released under the terms set forth in
this License, including the license grants set forth in Section 3
below, for as long as you Externally Deploy the Covered Code or twelve
(12) months from the date of initial External Deployment, whichever is
longer. You should preferably distribute the Source Code of Your
Externally Deployed Modifications electronically (e.g. download from a
web site).

2.3 Distribution of Executable Versions. In addition, if You
Externally Deploy Covered Code (Original Code and/or Modifications) in
object code, executable form only, You must include a prominent
notice, in the code itself as well as in related documentation,
stating that Source Code of the Covered Code is available under the
terms of this License with information on how and where to obtain such
Source Code.

2.4 Third Party Rights. You expressly acknowledge and agree that
although Apple and each Contributor grants the licenses to their
respective portions of the Covered Code set forth herein, no
assurances are provided by Apple or any Contributor that the Covered
Code does not infringe the patent or other intellectual property
rights of any other entity. Apple and each Contributor disclaim any
liability to You for claims brought by any other entity based on
infringement of intellectual property rights or otherwise. As a
condition to exercising the rights and licenses granted hereunder, You
hereby assume sole responsibility to secure any other intellectual
property rights needed, if any. For example, if a third party patent
license is required to allow You to distribute the Covered Code, it is
Your responsibility to acquire that license before distributing the
Covered Code.

3. Your Grants. In consideration of, and as a condition to, the
licenses granted to You under this License, You hereby grant to any
person or entity receiving or distributing Covered Code under this
License a non-exclusive, royalty-free, perpetual, irrevocable license,
under Your Applicable Patent Rights and other intellectual property
rights (other than patent) owned or controlled by You, to use,
reproduce, display, perform, modify, sublicense, distribute and
Externally Deploy Your Modifications of the same scope and extent as
Apple's licenses under Sections 2.1 and 2.2 above.

4. Larger Works. You may create a Larger Work by combining Covered
Code with other code not governed by the terms of this License and
distribute the Larger Work as a single product. In each such instance,
You must make sure the requirements of this License are fulfilled for
the Covered Code or any portion thereof.

5. Limitations on Patent License. Except as expressly stated in
Section 2, no other patent rights, express or implied, are granted by
Apple herein. Modifications and/or Larger Works may require additional
patent licenses from Apple which Apple may grant in its sole
discretion.

6. Additional Terms. You may choose to offer, and to charge a fee for,
warranty, support, indemnity or liability obligations and/or other
rights consistent with the scope of the license granted herein
("Additional Terms") to one or more recipients of Covered Code.
However, You may do so only on Your own behalf and as Your sole
responsibility, and not on behalf of Apple or any Contributor. You
must obtain the recipient's agreement that any such Additional Terms
are offered by You alone, and You hereby agree to indemnify, defend
and hold Apple and every Contributor harmless for any liability
incurred by or claims asserted against Apple or such Contributor by
reason of any such Additional Terms.

7. Versions of the License. Apple may publish revised and/or new
versions of this License from time to time. Each version will be given
a distinguishing version number. Once Original Code has been published
under a particular version of this License, You may continue to use it
under the terms of that version. You may also choose to use such
Original Code under the terms of any subsequent version of this
License published by Apple. No one other than Apple has the right to
modify the terms applicable to Covered Code created under this
License.

8. NO WARRANTY OR SUPPORT. The Covered Code may contain in whole or in
part pre-release, untested, or not fully tested works. The Covered
Code may contain errors that could cause failures or loss of data, and
may be incomplete or contain inaccuracies. You expressly acknowledge
and agree that use of the Covered Code, or any portion thereof, is at
Your sole and entire risk. THE COVERED CODE IS PROVIDED "AS IS" AND
WITHOUT WARRANTY, UPGRADES OR SUPPORT OF ANY KIND AND APPLE AND
APPLE'S LICENSOR(S) (COLLECTIVELY REFERRED TO AS "APPLE" FOR THE
PURPOSES OF SECTIONS 8 AND 9) AND ALL CONTRIBUTORS EXPRESSLY DISCLAIM
ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF
MERCHANTABILITY, OF SATISFACTORY QUALITY, OF FITNESS FOR A PARTICULAR
PURPOSE, OF ACCURACY, OF QUIET ENJOYMENT, AND NONINFRINGEMENT OF THIRD
PARTY RIGHTS. APPLE AND EACH CONTRIBUTOR DOES NOT WARRANT AGAINST
INTERFERENCE WITH YOUR ENJOYMENT OF THE COVERED CODE, THAT THE
FUNCTIONS CONTAINED IN THE COVERED CODE WILL MEET YOUR REQUIREMENTS,
THAT THE OPERATION OF THE COVERED CODE WILL BE UNINTERRUPTED OR
ERROR-FREE, OR THAT DEFECTS IN THE COVERED CODE WILL BE CORRECTED. NO
ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY APPLE, AN APPLE
AUTHORIZED REPRESENTATIVE OR ANY CONTRIBUTOR SHALL CREATE A WARRANTY.
You acknowledge that the Covered Code is not intended for use in the
operation of nuclear facilities, aircraft navigation, communication
systems, or air traffic control machines in which case the failure of
the Covered Code could lead to death, personal injury, or severe
physical or environmental damage.

9. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO
EVENT SHALL APPLE OR ANY CONTRIBUTOR BE LIABLE FOR ANY INCIDENTAL,
SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATING
TO THIS LICENSE OR YOUR USE OR INABILITY TO USE THE COVERED CODE, OR
ANY PORTION THEREOF, WHETHER UNDER A THEORY OF CONTRACT, WARRANTY,
TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY OR OTHERWISE, EVEN IF
APPLE OR SUCH CONTRIBUTOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY
REMEDY. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OF LIABILITY OF
INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY
TO YOU. In no event shall Apple's total liability to You for all
damages (other than as may be required by applicable law) under this
License exceed the amount of fifty dollars ($50.00).

10. Trademarks. This License does not grant any rights to use the
trademarks or trade names "Apple", "Apple Computer", "Mac", "Mac OS",
"QuickTime", "QuickTime Streaming Server" or any other trademarks,
service marks, logos or trade names belonging to Apple (collectively
"Apple Marks") or to any trademark, service mark, logo or trade name
belonging to any Contributor. You agree not to use any Apple Marks in
or as part of the name of products derived from the Original Code or
to endorse or promote products derived from the Original Code other
than as expressly permitted by and in strict compliance at all times
with Apple's third party trademark usage guidelines which are posted
at http://www.apple.com/legal/guidelinesfor3rdparties.html.

11. Ownership. Subject to the licenses granted under this License,
each Contributor retains all rights, title and interest in and to any
Modifications made by such Contributor. Apple retains all rights,
title and interest in and to the Original Code and any Modifications
made by or on behalf of Apple ("Apple Modifications"), and such Apple
Modifications will not be automatically subject to this License. Apple
may, at its sole discretion, choose to license such Apple
Modifications under this License, or on different terms from those
contained in this License or may choose not to license them at all.

12. Termination.

12.1 Termination. This License and the rights granted hereunder will
terminate:

(a) automatically without notice from Apple if You fail to comply with
any term(s) of this License and fail to cure such breach within 30
days of becoming aware of such breach;

(b) immediately in the event of the circumstances described in Section
13.5(b); or

(c) automatically without notice from Apple if You, at any time during
the term of this License, commence an action for patent infringement
against Apple; provided that Apple did not first commence
an action for patent infringement against You in that instance.

12.2 Effect of Termination. Upon termination, You agree to immediately
stop any further use, reproduction, modification, sublicensing and
distribution of the Covered Code. All sublicenses to the Covered Code
which have been properly granted prior to termination shall survive
any termination of this License. Provisions which, by their nature,
should remain in effect beyond the termination of this License shall
survive, including but not limited to Sections 3, 5, 8, 9, 10, 11,
12.2 and 13. No party will be liable to any other for compensation,
indemnity or damages of any sort solely as a result of terminating
this License in accordance with its terms, and termination of this
License will be without prejudice to any other right or remedy of
any party.

13. Miscellaneous.

13.1 Government End Users. The Covered Code is a "commercial item" as
defined in FAR 2.101. Government software and technical data rights in
the Covered Code include only those rights customarily provided to the
public as defined in this License. This customary commercial license
in technical data and software is provided in accordance with FAR
12.211 (Technical Data) and 12.212 (Computer Software) and, for
Department of Defense purchases, DFAR 252.227-7015 (Technical Data --
Commercial Items) and 227.7202-3 (Rights in Commercial Computer
Software or Computer Software Documentation). Accordingly, all U.S.
Government End Users acquire Covered Code with only those rights set
forth herein.

13.2 Relationship of Parties. This License will not be construed as
creating an agency, partnership, joint venture or any other form of
legal association between or among You, Apple or any Contributor, and
You will not represent to the contrary, whether expressly, by
implication, appearance or otherwise.

13.3 Independent Development. Nothing in this License will impair
Apple's right to acquire, license, develop, have others develop for
it, market and/or distribute technology or products that perform the
same or similar functions as, or otherwise compete with,
Modifications, Larger Works, technology or products that You may
develop, produce, market or distribute.

13.4 Waiver; Construction. Failure by Apple or any Contributor to
enforce any provision of this License will not be deemed a waiver of
future enforcement of that or any other provision. Any law or
regulation which provides that the language of a contract shall be
construed against the drafter will not apply to this License.

13.5 Severability. (a) If for any reason a court of competent
jurisdiction finds any provision of this License, or portion thereof,
to be unenforceable, that provision of the License will be enforced to
the maximum extent permissible so as to effect the economic benefits
and intent of the parties, and the remainder of this License will
continue in full force and effect. (b) Notwithstanding the foregoing,
if applicable law prohibits or restricts You from fully and/or
specifically complying with Sections 2 and/or 3 or prevents the
enforceability of either of those Sections, this License will
immediately terminate and You must immediately discontinue any use of
the Covered Code and destroy all copies of it that are in your
possession or control.

13.6 Dispute Resolution. Any litigation or other dispute resolution
between You and Apple relating to this License shall take place in the
Northern District of California, and You and Apple hereby consent to
the personal jurisdiction of, and venue in, the state and federal
courts within that District with respect to this License. The
application of the United Nations Convention on Contracts for the
International Sale of Goods is expressly excluded.

13.7 Entire Agreement; Governing Law. This License constitutes the
entire agreement between the parties with respect to the subject
matter hereof. This License shall be governed by the laws of the
United States and the State of California, except that body of
California law concerning conflicts of law.

Where You are located in the province of Quebec, Canada, the following
clause applies: The parties hereby confirm that they have requested
that this License and all related documents be drafted in English. Les
parties ont exige que le present contrat et tous les documents
connexes soient rediges en anglais.

EXHIBIT A.

"Portions Copyright (c) 1999-2003 Apple Computer, Inc. All Rights
Reserved.

This file contains Original Code and/or Modifications of Original Code
as defined in and that are subject to the Apple Public Source License
Version 2.0 (the 'License'). You may not use this file except in
compliance with the License. Please obtain a copy of the License at
http://www.opensource.apple.com/apsl/ and read it before using this
file.

The Original Code and all software distributed under the License are
distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
Please see the License for the specific language governing rights and
limitations under the License."


--- NEW FILE testcms.sh ---
#!/bin/sh

# usage: point LOCAL_BUILD_DIR to your build folder, insert a card
# and run this script

echo $PATH | fgrep -q "${LOCAL_BUILD_DIR}:" || PATH=${LOCAL_BUILD_DIR}:$PATH
SECURITY=`which security`
HOME=/tmp/test$$
export HOME

mkdir $HOME
cd $HOME
mkdir Library
mkdir Library/Preferences
mkdir Library/Keychains

echo Creating a login.keychain
$SECURITY create -p login login.keychain
echo "listing keychains"
$SECURITY list-keychains
echo "listing default keychain"
$SECURITY default-keychain

echo "Looking for the email address of the first certificate on the card"
if [ "x$EMAIL" == "x" ]; then
	EMAIL=`$SECURITY find-certificate | awk -F = '/\"alis\"/ { addr=$2; gsub(/\"/, "", addr); print addr }'`
	if [ "x$EMAIL" == "x" ]; then
		echo "No certificate with an email address found."
		exit 1
	fi
fi
echo "Email addres found: <$EMAIL>"

echo "CONTENT: The secret and possibly signed content." > content.txt

echo "Creating a signed cms message."
$SECURITY cms -S -N "$EMAIL" -i content.txt -o signed.cms
echo "Verifying the signed cms message."
$SECURITY cms -D -i signed.cms -h0

echo "Creating an encrypted cms message."
$SECURITY cms -E -r "$EMAIL" -i content.txt -o encrypted.cms
echo "Decrypting the message."
$SECURITY cms -D -i encrypted.cms

#echo "Exporting the identity to pkcs12."
#$SECURITY export -f pkcs12 -t identities -p -P testcms -o identity.p12

# arch-tag: D00EE88A-08E5-11D9-B1C3-000A9595DEEE


--- NEW FILE testssl.sh ---
#!/bin/sh

SECURITY=${SECURITY:=security}
EMAIL=${EMAIL:=$USER at apple.com}
SSLVIEW=${SSLVIEW:=sslViewer}
SERVER=${SERVER:=hurljo3.apple.com}
HOME=/tmp/test$$

mkdir $HOME
cd $HOME
mkdir Library
mkdir Library/Preferences
mkdir Library/Keychains

echo Creating a login.keychain
$SECURITY create -p login login.keychain
echo "listing keychains"
$SECURITY list-keychains
echo "listing default keychain"
$SECURITY default-keychain

echo "CONTENT: The secret and possibly signed content." > content.txt

echo "Connecting to SSL Test server " $SERVER
$SSLVIEW $SERVER r c P=4443 V 3 a

# arch-tag: 51571215-09B6-11D9-8D4F-000A95C4302E




From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:55 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:55 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey/pkcs11
	compile.sh, NONE, 1.1 cryptoki.h, NONE, 1.1 mypkcs11.h, NONE,
	1.1 pkcs11.h, NONE, 1.1 pkcs11f.h, NONE, 1.1 pkcs11t.h, NONE, 1.1
Message-ID: <200801221802.m0MI2td9031586@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey/pkcs11
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436/CoolKey/pkcs11

Added Files:
	compile.sh cryptoki.h mypkcs11.h pkcs11.h pkcs11f.h pkcs11t.h 
Log Message:
Initial revision


--- NEW FILE compile.sh ---
#! /bin/csh
gcc -Ipkcs11 $argv[1] 


--- NEW FILE cryptoki.h ---
/* cryptoki.h include file for PKCS #11. */
/* $Revision: 1.1 $ */

/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the 
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */

/* This is a sample file containing the top level include directives
 * for building Win32 Cryptoki libraries and applications.
 */

#ifndef ___CRYPTOKI_H_INC___
#define ___CRYPTOKI_H_INC___

#pragma pack(push, cryptoki, 1)

/* Specifies that the function is a DLL entry point. */
#define CK_IMPORT_SPEC __declspec(dllimport)

/* Define CRYPTOKI_EXPORTS during the build of cryptoki libraries. Do
 * not define it in applications.
 */
#ifdef CRYPTOKI_EXPORTS
/* Specified that the function is an exported DLL entry point. */
#define CK_EXPORT_SPEC __declspec(dllexport) 
#else
#define CK_EXPORT_SPEC CK_IMPORT_SPEC 
#endif

/* Ensures the calling convention for Win32 builds */
#define CK_CALL_SPEC __cdecl

#define CK_PTR *

#define CK_DEFINE_FUNCTION(returnType, name) \
  returnType CK_EXPORT_SPEC CK_CALL_SPEC name

#define CK_DECLARE_FUNCTION(returnType, name) \
  returnType CK_EXPORT_SPEC CK_CALL_SPEC name

#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
  returnType CK_IMPORT_SPEC (CK_CALL_SPEC CK_PTR name)

#define CK_CALLBACK_FUNCTION(returnType, name) \
  returnType (CK_CALL_SPEC CK_PTR name)

#ifndef NULL_PTR
#define NULL_PTR 0
#endif

#include "pkcs11.h"

#pragma pack(pop, cryptoki)

#endif /* ___CRYPTOKI_H_INC___ */


--- NEW FILE mypkcs11.h ---
// ****************************************************************************
//
// Copyright (c) 2003 America Online, Inc.  All rights reserved.
// This software contains valuable confidential and proprietary information
// of America Online, Inc. and is subject to applicable licensing agreements.
// Unauthorized reproduction, transmission or distribution of this file and
// its contents is a violation of applicable laws.
//
//           A M E R I C A   O N L I N E   C O N F I D E N T I A L
//
// ****************************************************************************
#ifndef AOL_NKEY_MYPKCS11_H
#define AOL_NKEY_MYPKCS11_H

#if defined(_WIN32)
#define CK_PTR *
#define CK_DECLARE_FUNCTION(rv,func) rv __declspec(dllexport) func
#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func)
#define CK_CALLBACK_FUNCTION(rv,func) rv (* func)
#define CK_NULL_PTR 0
#else
#define CK_PTR *
#define CK_DECLARE_FUNCTION(rv,func) rv func
#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func)
#define CK_CALLBACK_FUNCTION(rv,func) rv (* func)
#define CK_NULL_PTR 0
#endif

#if defined(_WIN32)
#pragma warning(disable:4103)
#pragma pack(push, cryptoki, 1)
#endif

#include "pkcs11.h"

//#include "pkcs11n.h"

#if defined (_WIN32)
#pragma warning(disable:4103)
#pragma pack(pop, cryptoki)
#endif


#endif


--- NEW FILE pkcs11.h ---
/* pkcs11.h include file for PKCS #11. */
/* $Revision: 1.1 $ */

/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the 
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */

#ifndef _PKCS11_H_
#define _PKCS11_H_ 1

#ifdef __cplusplus
extern "C" {
#endif

/* Before including this file (pkcs11.h) (or pkcs11t.h by
 * itself), 6 platform-specific macros must be defined.  These
 * macros are described below, and typical definitions for them
 * are also given.  Be advised that these definitions can depend
 * on both the platform and the compiler used (and possibly also
 * on whether a Cryptoki library is linked statically or
 * dynamically).
 *
 * In addition to defining these 6 macros, the packing convention
 * for Cryptoki structures should be set.  The Cryptoki
 * convention on packing is that structures should be 1-byte
 * aligned.
 *
 * If you're using Microsoft Developer Studio 5.0 to produce
 * Win32 stuff, this might be done by using the following
 * preprocessor directive before including pkcs11.h or pkcs11t.h:
 *
 * #pragma pack(push, cryptoki, 1)
 *
 * and using the following preprocessor directive after including
 * pkcs11.h or pkcs11t.h:
 *
 * #pragma pack(pop, cryptoki)
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to produce Win16 stuff, this might be done by using
 * the following preprocessor directive before including
 * pkcs11.h or pkcs11t.h:
 *
 * #pragma pack(1)
 *
 * In a UNIX environment, you're on your own for this.  You might
 * not need to do (or be able to do!) anything.
 *
 *
 * Now for the macros:
 *
 *
 * 1. CK_PTR: The indirection string for making a pointer to an
 * object.  It can be used like this:
 *
 * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
 *
 * If you're using Microsoft Developer Studio 5.0 to produce
 * Win32 stuff, it might be defined by:
 *
 * #define CK_PTR *
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to produce Win16 stuff, it might be defined by:
 *
 * #define CK_PTR far *
 *
 * In a typical UNIX environment, it might be defined by:
 *
 * #define CK_PTR *
 *
 *
 * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
 * an exportable Cryptoki library function definition out of a
 * return type and a function name.  It should be used in the
 * following fashion to define the exposed Cryptoki functions in
 * a Cryptoki library:
 *
 * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
 *   CK_VOID_PTR pReserved
 * )
 * {
 *   ...
 * }
 *
 * If you're using Microsoft Developer Studio 5.0 to define a
 * function in a Win32 Cryptoki .dll, it might be defined by:
 *
 * #define CK_DEFINE_FUNCTION(returnType, name) \
 *   returnType __declspec(dllexport) name
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to define a function in a Win16 Cryptoki .dll, it
 * might be defined by:
 *
 * #define CK_DEFINE_FUNCTION(returnType, name) \
 *   returnType __export _far _pascal name
 *
 * In a UNIX environment, it might be defined by:
 *
 * #define CK_DEFINE_FUNCTION(returnType, name) \
 *   returnType name
 *
 *
 * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
 * an importable Cryptoki library function declaration out of a
 * return type and a function name.  It should be used in the
 * following fashion:
 *
 * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
 *   CK_VOID_PTR pReserved
 * );
 *
 * If you're using Microsoft Developer Studio 5.0 to declare a
 * function in a Win32 Cryptoki .dll, it might be defined by:
 *
 * #define CK_DECLARE_FUNCTION(returnType, name) \
 *   returnType __declspec(dllimport) name
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to declare a function in a Win16 Cryptoki .dll, it
 * might be defined by:
 *
 * #define CK_DECLARE_FUNCTION(returnType, name) \
 *   returnType __export _far _pascal name
 *
 * In a UNIX environment, it might be defined by:
 *
 * #define CK_DECLARE_FUNCTION(returnType, name) \
 *   returnType name
 *
 *
 * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
 * which makes a Cryptoki API function pointer declaration or
 * function pointer type declaration out of a return type and a
 * function name.  It should be used in the following fashion:
 *
 * // Define funcPtr to be a pointer to a Cryptoki API function
 * // taking arguments args and returning CK_RV.
 * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
 *
 * or
 *
 * // Define funcPtrType to be the type of a pointer to a
 * // Cryptoki API function taking arguments args and returning
 * // CK_RV, and then define funcPtr to be a variable of type
 * // funcPtrType.
 * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
 * funcPtrType funcPtr;
 *
 * If you're using Microsoft Developer Studio 5.0 to access
 * functions in a Win32 Cryptoki .dll, in might be defined by:
 *
 * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
 *   returnType __declspec(dllimport) (* name)
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to access functions in a Win16 Cryptoki .dll, it might
 * be defined by:
 *
 * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
 *   returnType __export _far _pascal (* name)
 *
 * In a UNIX environment, it might be defined by:
 *
 * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
 *   returnType (* name)
 *
 *
 * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
 * a function pointer type for an application callback out of
 * a return type for the callback and a name for the callback.
 * It should be used in the following fashion:
 *
 * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
 *
 * to declare a function pointer, myCallback, to a callback
 * which takes arguments args and returns a CK_RV.  It can also
 * be used like this:
 *
 * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
 * myCallbackType myCallback;
 *
 * If you're using Microsoft Developer Studio 5.0 to do Win32
 * Cryptoki development, it might be defined by:
 *
 * #define CK_CALLBACK_FUNCTION(returnType, name) \
 *   returnType (* name)
 *
 * If you're using an earlier version of Microsoft Developer
 * Studio to do Win16 development, it might be defined by:
 *
 * #define CK_CALLBACK_FUNCTION(returnType, name) \
 *   returnType _far _pascal (* name)
 *
 * In a UNIX environment, it might be defined by:
 *
 * #define CK_CALLBACK_FUNCTION(returnType, name) \
 *   returnType (* name)
 *
 *
 * 6. NULL_PTR: This macro is the value of a NULL pointer.
 *
 * In any ANSI/ISO C environment (and in many others as well),
 * this should best be defined by
 *
 * #ifndef NULL_PTR
 * #define NULL_PTR 0
 * #endif
 */


/* All the various Cryptoki types and #define'd values are in the
 * file pkcs11t.h. */
#include "pkcs11t.h"

#define __PASTE(x,y)      x##y


/* ==============================================================
 * Define the "extern" form of all the entry points.
 * ==============================================================
 */

#define CK_NEED_ARG_LIST  1
#define CK_PKCS11_FUNCTION_INFO(name) \
  extern CK_DECLARE_FUNCTION(CK_RV, name)

/* pkcs11f.h has all the information about the Cryptoki
 * function prototypes. */
#include "pkcs11f.h"

#undef CK_NEED_ARG_LIST
#undef CK_PKCS11_FUNCTION_INFO


/* ==============================================================
 * Define the typedef form of all the entry points.  That is, for
 * each Cryptoki function C_XXX, define a type CK_C_XXX which is
 * a pointer to that kind of function.
 * ==============================================================
 */

#define CK_NEED_ARG_LIST  1
#define CK_PKCS11_FUNCTION_INFO(name) \
  typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))

/* pkcs11f.h has all the information about the Cryptoki
 * function prototypes. */
#include "pkcs11f.h"

#undef CK_NEED_ARG_LIST
#undef CK_PKCS11_FUNCTION_INFO


/* ==============================================================
 * Define structed vector of entry points.  A CK_FUNCTION_LIST
 * contains a CK_VERSION indicating a library's Cryptoki version
 * and then a whole slew of function pointers to the routines in
 * the library.  This type was declared, but not defined, in
 * pkcs11t.h.
 * ==============================================================
 */

#define CK_PKCS11_FUNCTION_INFO(name) \
  __PASTE(CK_,name) name;
  
struct CK_FUNCTION_LIST {

  CK_VERSION    version;  /* Cryptoki version */

/* Pile all the function pointers into the CK_FUNCTION_LIST. */
/* pkcs11f.h has all the information about the Cryptoki
 * function prototypes. */
#include "pkcs11f.h"

};

#undef CK_PKCS11_FUNCTION_INFO


#undef __PASTE

#ifdef __cplusplus
}
#endif

#endif


--- NEW FILE pkcs11f.h ---
/* pkcs11f.h include file for PKCS #11. */
/* $Revision: 1.1 $ */

/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or 
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the 
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */

/* This header file contains pretty much everything about all the */
/* Cryptoki function prototypes.  Because this information is */
/* used for more than just declaring function prototypes, the */
/* order of the functions appearing herein is important, and */
/* should not be altered. */

/* General-purpose */

/* C_Initialize initializes the Cryptoki library. */
CK_PKCS11_FUNCTION_INFO(C_Initialize)
#ifdef CK_NEED_ARG_LIST
(
  CK_VOID_PTR   pInitArgs  /* if this is not NULL_PTR, it gets
                            * cast to CK_C_INITIALIZE_ARGS_PTR
                            * and dereferenced */
);
#endif


/* C_Finalize indicates that an application is done with the
 * Cryptoki library. */
CK_PKCS11_FUNCTION_INFO(C_Finalize)
#ifdef CK_NEED_ARG_LIST
(
  CK_VOID_PTR   pReserved  /* reserved.  Should be NULL_PTR */
);
#endif


/* C_GetInfo returns general information about Cryptoki. */
CK_PKCS11_FUNCTION_INFO(C_GetInfo)
#ifdef CK_NEED_ARG_LIST
(
  CK_INFO_PTR   pInfo  /* location that receives information */
);
#endif


/* C_GetFunctionList returns the function list. */
CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
#ifdef CK_NEED_ARG_LIST
(
  CK_FUNCTION_LIST_PTR_PTR ppFunctionList  /* receives pointer to
                                            * function list */
);
#endif



/* Slot and token management */

/* C_GetSlotList obtains a list of slots in the system. */
CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
#ifdef CK_NEED_ARG_LIST
(
  CK_BBOOL       tokenPresent,  /* only slots with tokens? */
  CK_SLOT_ID_PTR pSlotList,     /* receives array of slot IDs */
  CK_ULONG_PTR   pulCount       /* receives number of slots */
);
#endif


/* C_GetSlotInfo obtains information about a particular slot in
 * the system. */
CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID       slotID,  /* the ID of the slot */
  CK_SLOT_INFO_PTR pInfo    /* receives the slot information */
);
#endif


/* C_GetTokenInfo obtains information about a particular token
 * in the system. */
CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID        slotID,  /* ID of the token's slot */
  CK_TOKEN_INFO_PTR pInfo    /* receives the token information */
);
#endif


/* C_GetMechanismList obtains a list of mechanism types
 * supported by a token. */
CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID            slotID,          /* ID of token's slot */
  CK_MECHANISM_TYPE_PTR pMechanismList,  /* gets mech. array */
  CK_ULONG_PTR          pulCount         /* gets # of mechs. */
);
#endif


/* C_GetMechanismInfo obtains information about a particular
 * mechanism possibly supported by a token. */
CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID            slotID,  /* ID of the token's slot */
  CK_MECHANISM_TYPE     type,    /* type of mechanism */
  CK_MECHANISM_INFO_PTR pInfo    /* receives mechanism info */
);
#endif


/* C_InitToken initializes a token. */
CK_PKCS11_FUNCTION_INFO(C_InitToken)
#ifdef CK_NEED_ARG_LIST
/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
(
  CK_SLOT_ID      slotID,    /* ID of the token's slot */
  CK_UTF8CHAR_PTR pPin,      /* the SO's initial PIN */
  CK_ULONG        ulPinLen,  /* length in bytes of the PIN */
  CK_UTF8CHAR_PTR pLabel     /* 32-byte token label (blank padded) */
);
#endif


/* C_InitPIN initializes the normal user's PIN. */
CK_PKCS11_FUNCTION_INFO(C_InitPIN)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_UTF8CHAR_PTR   pPin,      /* the normal user's PIN */
  CK_ULONG          ulPinLen   /* length in bytes of the PIN */
);
#endif


/* C_SetPIN modifies the PIN of the user who is logged in. */
CK_PKCS11_FUNCTION_INFO(C_SetPIN)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_UTF8CHAR_PTR   pOldPin,   /* the old PIN */
  CK_ULONG          ulOldLen,  /* length of the old PIN */
  CK_UTF8CHAR_PTR   pNewPin,   /* the new PIN */
  CK_ULONG          ulNewLen   /* length of the new PIN */
);
#endif



/* Session management */

/* C_OpenSession opens a session between an application and a
 * token. */
CK_PKCS11_FUNCTION_INFO(C_OpenSession)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID            slotID,        /* the slot's ID */
  CK_FLAGS              flags,         /* from CK_SESSION_INFO */
  CK_VOID_PTR           pApplication,  /* passed to callback */
  CK_NOTIFY             Notify,        /* callback function */
  CK_SESSION_HANDLE_PTR phSession      /* gets session handle */
);
#endif


/* C_CloseSession closes a session between an application and a
 * token. */
CK_PKCS11_FUNCTION_INFO(C_CloseSession)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession  /* the session's handle */
);
#endif


/* C_CloseAllSessions closes all sessions with a token. */
CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
#ifdef CK_NEED_ARG_LIST
(
  CK_SLOT_ID     slotID  /* the token's slot */
);
#endif


/* C_GetSessionInfo obtains information about the session. */
CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE   hSession,  /* the session's handle */
  CK_SESSION_INFO_PTR pInfo      /* receives session info */
);
#endif


/* C_GetOperationState obtains the state of the cryptographic operation
 * in a session. */
CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,             /* session's handle */
  CK_BYTE_PTR       pOperationState,      /* gets state */
  CK_ULONG_PTR      pulOperationStateLen  /* gets state length */
);
#endif


/* C_SetOperationState restores the state of the cryptographic
 * operation in a session. */
CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR      pOperationState,      /* holds state */
  CK_ULONG         ulOperationStateLen,  /* holds state length */
  CK_OBJECT_HANDLE hEncryptionKey,       /* en/decryption key */
  CK_OBJECT_HANDLE hAuthenticationKey    /* sign/verify key */
);
#endif


/* C_Login logs a user into a token. */
CK_PKCS11_FUNCTION_INFO(C_Login)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_USER_TYPE      userType,  /* the user type */
  CK_UTF8CHAR_PTR   pPin,      /* the user's PIN */
  CK_ULONG          ulPinLen   /* the length of the PIN */
);
#endif


/* C_Logout logs a user out from a token. */
CK_PKCS11_FUNCTION_INFO(C_Logout)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession  /* the session's handle */
);
#endif



/* Object management */

/* C_CreateObject creates a new object. */
CK_PKCS11_FUNCTION_INFO(C_CreateObject)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_ATTRIBUTE_PTR  pTemplate,   /* the object's template */
  CK_ULONG          ulCount,     /* attributes in template */
  CK_OBJECT_HANDLE_PTR phObject  /* gets new object's handle. */
);
#endif


/* C_CopyObject copies an object, creating a new object for the
 * copy. */
CK_PKCS11_FUNCTION_INFO(C_CopyObject)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE    hSession,    /* the session's handle */
  CK_OBJECT_HANDLE     hObject,     /* the object's handle */
  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new object */
  CK_ULONG             ulCount,     /* attributes in template */
  CK_OBJECT_HANDLE_PTR phNewObject  /* receives handle of copy */
);
#endif


/* C_DestroyObject destroys an object. */
CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_OBJECT_HANDLE  hObject    /* the object's handle */
);
#endif


/* C_GetObjectSize gets the size of an object in bytes. */
CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_OBJECT_HANDLE  hObject,   /* the object's handle */
  CK_ULONG_PTR      pulSize    /* receives size of object */
);
#endif


/* C_GetAttributeValue obtains the value of one or more object
 * attributes. */
CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,   /* the session's handle */
  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs; gets vals */
  CK_ULONG          ulCount     /* attributes in template */
);
#endif


/* C_SetAttributeValue modifies the value of one or more object
 * attributes */
CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,   /* the session's handle */
  CK_OBJECT_HANDLE  hObject,    /* the object's handle */
  CK_ATTRIBUTE_PTR  pTemplate,  /* specifies attrs and values */
  CK_ULONG          ulCount     /* attributes in template */
);
#endif


/* C_FindObjectsInit initializes a search for token and session
 * objects that match a template. */
CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,   /* the session's handle */
  CK_ATTRIBUTE_PTR  pTemplate,  /* attribute values to match */
  CK_ULONG          ulCount     /* attrs in search template */
);
#endif


/* C_FindObjects continues a search for token and session
 * objects that match a template, obtaining additional object
 * handles. */
CK_PKCS11_FUNCTION_INFO(C_FindObjects)
#ifdef CK_NEED_ARG_LIST
(
 CK_SESSION_HANDLE    hSession,          /* session's handle */
 CK_OBJECT_HANDLE_PTR phObject,          /* gets obj. handles */
 CK_ULONG             ulMaxObjectCount,  /* max handles to get */
 CK_ULONG_PTR         pulObjectCount     /* actual # returned */
);
#endif


/* C_FindObjectsFinal finishes a search for token and session
 * objects. */
CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession  /* the session's handle */
);
#endif



/* Encryption and decryption */

/* C_EncryptInit initializes an encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,  /* the encryption mechanism */
  CK_OBJECT_HANDLE  hKey         /* handle of encryption key */
);
#endif


/* C_Encrypt encrypts single-part data. */
CK_PKCS11_FUNCTION_INFO(C_Encrypt)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pData,               /* the plaintext data */
  CK_ULONG          ulDataLen,           /* bytes of plaintext */
  CK_BYTE_PTR       pEncryptedData,      /* gets ciphertext */
  CK_ULONG_PTR      pulEncryptedDataLen  /* gets c-text size */
);
#endif


/* C_EncryptUpdate continues a multiple-part encryption
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,           /* session's handle */
  CK_BYTE_PTR       pPart,              /* the plaintext data */
  CK_ULONG          ulPartLen,          /* plaintext data len */
  CK_BYTE_PTR       pEncryptedPart,     /* gets ciphertext */
  CK_ULONG_PTR      pulEncryptedPartLen /* gets c-text size */
);
#endif


/* C_EncryptFinal finishes a multiple-part encryption
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,                /* session handle */
  CK_BYTE_PTR       pLastEncryptedPart,      /* last c-text */
  CK_ULONG_PTR      pulLastEncryptedPartLen  /* gets last size */
);
#endif


/* C_DecryptInit initializes a decryption operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,  /* the decryption mechanism */
  CK_OBJECT_HANDLE  hKey         /* handle of decryption key */
);
#endif


/* C_Decrypt decrypts encrypted data in a single part. */
CK_PKCS11_FUNCTION_INFO(C_Decrypt)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,           /* session's handle */
  CK_BYTE_PTR       pEncryptedData,     /* ciphertext */
  CK_ULONG          ulEncryptedDataLen, /* ciphertext length */
  CK_BYTE_PTR       pData,              /* gets plaintext */
  CK_ULONG_PTR      pulDataLen          /* gets p-text size */
);
#endif


/* C_DecryptUpdate continues a multiple-part decryption
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pEncryptedPart,      /* encrypted data */
  CK_ULONG          ulEncryptedPartLen,  /* input length */
  CK_BYTE_PTR       pPart,               /* gets plaintext */
  CK_ULONG_PTR      pulPartLen           /* p-text size */
);
#endif


/* C_DecryptFinal finishes a multiple-part decryption
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,       /* the session's handle */
  CK_BYTE_PTR       pLastPart,      /* gets plaintext */
  CK_ULONG_PTR      pulLastPartLen  /* p-text size */
);
#endif



/* Message digesting */

/* C_DigestInit initializes a message-digesting operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,   /* the session's handle */
  CK_MECHANISM_PTR  pMechanism  /* the digesting mechanism */
);
#endif


/* C_Digest digests data in a single part. */
CK_PKCS11_FUNCTION_INFO(C_Digest)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,     /* the session's handle */
  CK_BYTE_PTR       pData,        /* data to be digested */
  CK_ULONG          ulDataLen,    /* bytes of data to digest */
  CK_BYTE_PTR       pDigest,      /* gets the message digest */
  CK_ULONG_PTR      pulDigestLen  /* gets digest length */
);
#endif


/* C_DigestUpdate continues a multiple-part message-digesting
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_BYTE_PTR       pPart,     /* data to be digested */
  CK_ULONG          ulPartLen  /* bytes of data to be digested */
);
#endif


/* C_DigestKey continues a multi-part message-digesting
 * operation, by digesting the value of a secret key as part of
 * the data already digested. */
CK_PKCS11_FUNCTION_INFO(C_DigestKey)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_OBJECT_HANDLE  hKey       /* secret key to digest */
);
#endif


/* C_DigestFinal finishes a multiple-part message-digesting
 * operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,     /* the session's handle */
  CK_BYTE_PTR       pDigest,      /* gets the message digest */
  CK_ULONG_PTR      pulDigestLen  /* gets byte count of digest */
);
#endif



/* Signing and MACing */

/* C_SignInit initializes a signature (private key encryption)
 * operation, where the signature is (will be) an appendix to
 * the data, and plaintext cannot be recovered from the
 *signature. */
CK_PKCS11_FUNCTION_INFO(C_SignInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,  /* the signature mechanism */
  CK_OBJECT_HANDLE  hKey         /* handle of signature key */
);
#endif


/* C_Sign signs (encrypts with private key) data in a single
 * part, where the signature is (will be) an appendix to the
 * data, and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_Sign)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,        /* the session's handle */
  CK_BYTE_PTR       pData,           /* the data to sign */
  CK_ULONG          ulDataLen,       /* count of bytes to sign */
  CK_BYTE_PTR       pSignature,      /* gets the signature */
  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
);
#endif


/* C_SignUpdate continues a multiple-part signature operation,
 * where the signature is (will be) an appendix to the data, 
 * and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_BYTE_PTR       pPart,     /* the data to sign */
  CK_ULONG          ulPartLen  /* count of bytes to sign */
);
#endif


/* C_SignFinal finishes a multiple-part signature operation, 
 * returning the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,        /* the session's handle */
  CK_BYTE_PTR       pSignature,      /* gets the signature */
  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
);
#endif


/* C_SignRecoverInit initializes a signature operation, where
 * the data can be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,   /* the session's handle */
  CK_MECHANISM_PTR  pMechanism, /* the signature mechanism */
  CK_OBJECT_HANDLE  hKey        /* handle of the signature key */
);
#endif


/* C_SignRecover signs data in a single operation, where the
 * data can be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_SignRecover)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,        /* the session's handle */
  CK_BYTE_PTR       pData,           /* the data to sign */
  CK_ULONG          ulDataLen,       /* count of bytes to sign */
  CK_BYTE_PTR       pSignature,      /* gets the signature */
  CK_ULONG_PTR      pulSignatureLen  /* gets signature length */
);
#endif



/* Verifying signatures and MACs */

/* C_VerifyInit initializes a verification operation, where the
 * signature is an appendix to the data, and plaintext cannot
 *  cannot be recovered from the signature (e.g. DSA). */
CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
  CK_OBJECT_HANDLE  hKey         /* verification key */ 
);
#endif


/* C_Verify verifies a signature in a single-part operation, 
 * where the signature is an appendix to the data, and plaintext
 * cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_Verify)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,       /* the session's handle */
  CK_BYTE_PTR       pData,          /* signed data */
  CK_ULONG          ulDataLen,      /* length of signed data */
  CK_BYTE_PTR       pSignature,     /* signature */
  CK_ULONG          ulSignatureLen  /* signature length*/
);
#endif


/* C_VerifyUpdate continues a multiple-part verification
 * operation, where the signature is an appendix to the data, 
 * and plaintext cannot be recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_BYTE_PTR       pPart,     /* signed data */
  CK_ULONG          ulPartLen  /* length of signed data */
);
#endif


/* C_VerifyFinal finishes a multiple-part verification
 * operation, checking the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,       /* the session's handle */
  CK_BYTE_PTR       pSignature,     /* signature to verify */
  CK_ULONG          ulSignatureLen  /* signature length */
);
#endif


/* C_VerifyRecoverInit initializes a signature verification
 * operation, where the data is recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,  /* the verification mechanism */
  CK_OBJECT_HANDLE  hKey         /* verification key */
);
#endif


/* C_VerifyRecover verifies a signature in a single-part
 * operation, where the data is recovered from the signature. */
CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,        /* the session's handle */
  CK_BYTE_PTR       pSignature,      /* signature to verify */
  CK_ULONG          ulSignatureLen,  /* signature length */
  CK_BYTE_PTR       pData,           /* gets signed data */
  CK_ULONG_PTR      pulDataLen       /* gets signed data len */
);
#endif



/* Dual-function cryptographic operations */

/* C_DigestEncryptUpdate continues a multiple-part digesting
 * and encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pPart,               /* the plaintext data */
  CK_ULONG          ulPartLen,           /* plaintext length */
  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
);
#endif


/* C_DecryptDigestUpdate continues a multiple-part decryption and
 * digesting operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
  CK_BYTE_PTR       pPart,               /* gets plaintext */
  CK_ULONG_PTR      pulPartLen           /* gets plaintext len */
);
#endif


/* C_SignEncryptUpdate continues a multiple-part signing and
 * encryption operation. */
CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pPart,               /* the plaintext data */
  CK_ULONG          ulPartLen,           /* plaintext length */
  CK_BYTE_PTR       pEncryptedPart,      /* gets ciphertext */
  CK_ULONG_PTR      pulEncryptedPartLen  /* gets c-text length */
);
#endif


/* C_DecryptVerifyUpdate continues a multiple-part decryption and
 * verify operation. */
CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,            /* session's handle */
  CK_BYTE_PTR       pEncryptedPart,      /* ciphertext */
  CK_ULONG          ulEncryptedPartLen,  /* ciphertext length */
  CK_BYTE_PTR       pPart,               /* gets plaintext */
  CK_ULONG_PTR      pulPartLen           /* gets p-text length */
);
#endif



/* Key management */

/* C_GenerateKey generates a secret key, creating a new key
 * object. */
CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE    hSession,    /* the session's handle */
  CK_MECHANISM_PTR     pMechanism,  /* key generation mech. */
  CK_ATTRIBUTE_PTR     pTemplate,   /* template for new key */
  CK_ULONG             ulCount,     /* # of attrs in template */
  CK_OBJECT_HANDLE_PTR phKey        /* gets handle of new key */
);
#endif


/* C_GenerateKeyPair generates a public-key/private-key pair, 
 * creating new key objects. */
CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE    hSession,                    /* session
                                                     * handle */
  CK_MECHANISM_PTR     pMechanism,                  /* key-gen
                                                     * mech. */
  CK_ATTRIBUTE_PTR     pPublicKeyTemplate,          /* template
                                                     * for pub.
                                                     * key */
  CK_ULONG             ulPublicKeyAttributeCount,   /* # pub.
                                                     * attrs. */
  CK_ATTRIBUTE_PTR     pPrivateKeyTemplate,         /* template
                                                     * for priv.
                                                     * key */
  CK_ULONG             ulPrivateKeyAttributeCount,  /* # priv.
                                                     * attrs. */
  CK_OBJECT_HANDLE_PTR phPublicKey,                 /* gets pub.
                                                     * key
                                                     * handle */
  CK_OBJECT_HANDLE_PTR phPrivateKey                 /* gets
                                                     * priv. key
                                                     * handle */
);
#endif


/* C_WrapKey wraps (i.e., encrypts) a key. */
CK_PKCS11_FUNCTION_INFO(C_WrapKey)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,        /* the session's handle */
  CK_MECHANISM_PTR  pMechanism,      /* the wrapping mechanism */
  CK_OBJECT_HANDLE  hWrappingKey,    /* wrapping key */
  CK_OBJECT_HANDLE  hKey,            /* key to be wrapped */
  CK_BYTE_PTR       pWrappedKey,     /* gets wrapped key */
  CK_ULONG_PTR      pulWrappedKeyLen /* gets wrapped key size */
);
#endif


/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
 * key object. */
CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE    hSession,          /* session's handle */
  CK_MECHANISM_PTR     pMechanism,        /* unwrapping mech. */
  CK_OBJECT_HANDLE     hUnwrappingKey,    /* unwrapping key */
  CK_BYTE_PTR          pWrappedKey,       /* the wrapped key */
  CK_ULONG             ulWrappedKeyLen,   /* wrapped key len */
  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
  CK_ULONG             ulAttributeCount,  /* template length */
  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
);
#endif


/* C_DeriveKey derives a key from a base key, creating a new key
 * object. */
CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE    hSession,          /* session's handle */
  CK_MECHANISM_PTR     pMechanism,        /* key deriv. mech. */
  CK_OBJECT_HANDLE     hBaseKey,          /* base key */
  CK_ATTRIBUTE_PTR     pTemplate,         /* new key template */
  CK_ULONG             ulAttributeCount,  /* template length */
  CK_OBJECT_HANDLE_PTR phKey              /* gets new handle */
);
#endif



/* Random number generation */

/* C_SeedRandom mixes additional seed material into the token's
 * random number generator. */
CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,  /* the session's handle */
  CK_BYTE_PTR       pSeed,     /* the seed material */
  CK_ULONG          ulSeedLen  /* length of seed material */
);
#endif


/* C_GenerateRandom generates random data. */
CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession,    /* the session's handle */
  CK_BYTE_PTR       RandomData,  /* receives the random data */
  CK_ULONG          ulRandomLen  /* # of bytes to generate */
);
#endif



/* Parallel function management */

/* C_GetFunctionStatus is a legacy function; it obtains an
 * updated status of a function running in parallel with an
 * application. */
CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession  /* the session's handle */
);
#endif


/* C_CancelFunction is a legacy function; it cancels a function
 * running in parallel. */
CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
#ifdef CK_NEED_ARG_LIST
(
  CK_SESSION_HANDLE hSession  /* the session's handle */
);
#endif



/* Functions added in for Cryptoki Version 2.01 or later */

/* C_WaitForSlotEvent waits for a slot event (token insertion,
 * removal, etc.) to occur. */
CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
#ifdef CK_NEED_ARG_LIST
(
  CK_FLAGS flags,        /* blocking/nonblocking flag */
  CK_SLOT_ID_PTR pSlot,  /* location that receives the slot ID */
  CK_VOID_PTR pRserved   /* reserved.  Should be NULL_PTR */
);
#endif


--- NEW FILE pkcs11t.h ---
/* pkcs11t.h include file for PKCS #11. */
/* $Revision: 1.1 $ */

/* License to copy and use this software is granted provided that it is
 * identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
 * (Cryptoki)" in all material mentioning or referencing this software.

 * License is also granted to make and use derivative works provided that
 * such works are identified as "derived from the RSA Security Inc. PKCS #11
 * Cryptographic Token Interface (Cryptoki)" in all material mentioning or
 * referencing the derived work.

 * RSA Security Inc. makes no representations concerning either the
 * merchantability of this software or the suitability of this software for
 * any particular purpose. It is provided "as is" without express or implied
 * warranty of any kind.
 */

/* See top of pkcs11.h for information about the macros that
 * must be defined and the structure-packing conventions that
 * must be set before including this file. */

#ifndef _PKCS11T_H_
#define _PKCS11T_H_ 1

#define CK_TRUE 1
#define CK_FALSE 0

#ifndef CK_DISABLE_TRUE_FALSE
#ifndef FALSE
#define FALSE CK_FALSE
#endif

#ifndef TRUE
#define TRUE CK_TRUE
#endif
#endif

/* an unsigned 8-bit value */
typedef unsigned char     CK_BYTE;

/* an unsigned 8-bit character */
typedef CK_BYTE           CK_CHAR;

/* an 8-bit UTF-8 character */
typedef CK_BYTE           CK_UTF8CHAR;

/* a BYTE-sized Boolean flag */
typedef CK_BYTE           CK_BBOOL;

/* an unsigned value, at least 32 bits long */
typedef unsigned long int CK_ULONG;

/* a signed value, the same size as a CK_ULONG */
/* CK_LONG is new for v2.0 */
typedef long int          CK_LONG;

/* at least 32 bits; each bit is a Boolean flag */
typedef CK_ULONG          CK_FLAGS;


/* some special values for certain CK_ULONG variables */
#define CK_UNAVAILABLE_INFORMATION (~0UL)
#define CK_EFFECTIVELY_INFINITE    0


typedef CK_BYTE     CK_PTR   CK_BYTE_PTR;
typedef CK_CHAR     CK_PTR   CK_CHAR_PTR;
typedef CK_UTF8CHAR CK_PTR   CK_UTF8CHAR_PTR;
typedef CK_ULONG    CK_PTR   CK_ULONG_PTR;
typedef void        CK_PTR   CK_VOID_PTR;

/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;


/* The following value is always invalid if used as a session */
/* handle or object handle */
#define CK_INVALID_HANDLE 0


typedef struct CK_VERSION {
  CK_BYTE       major;  /* integer portion of version number */
  CK_BYTE       minor;  /* 1/100ths portion of version number */
} CK_VERSION;

typedef CK_VERSION CK_PTR CK_VERSION_PTR;


typedef struct CK_INFO {
  /* manufacturerID and libraryDecription have been changed from
   * CK_CHAR to CK_UTF8CHAR for v2.10 */
  CK_VERSION    cryptokiVersion;     /* Cryptoki interface ver */
  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
  CK_FLAGS      flags;               /* must be zero */

  /* libraryDescription and libraryVersion are new for v2.0 */
  CK_UTF8CHAR   libraryDescription[32];  /* blank padded */
  CK_VERSION    libraryVersion;          /* version of library */
} CK_INFO;

typedef CK_INFO CK_PTR    CK_INFO_PTR;


/* CK_NOTIFICATION enumerates the types of notifications that
 * Cryptoki provides to an application */
/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
 * for v2.0 */
typedef CK_ULONG CK_NOTIFICATION;
#define CKN_SURRENDER       0


typedef CK_ULONG          CK_SLOT_ID;

typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;


/* CK_SLOT_INFO provides information about a slot */
typedef struct CK_SLOT_INFO {
  /* slotDescription and manufacturerID have been changed from
   * CK_CHAR to CK_UTF8CHAR for v2.10 */
  CK_UTF8CHAR   slotDescription[64];  /* blank padded */
  CK_UTF8CHAR   manufacturerID[32];   /* blank padded */
  CK_FLAGS      flags;

  /* hardwareVersion and firmwareVersion are new for v2.0 */
  CK_VERSION    hardwareVersion;  /* version of hardware */
  CK_VERSION    firmwareVersion;  /* version of firmware */
} CK_SLOT_INFO;

/* flags: bit flags that provide capabilities of the slot
 *      Bit Flag              Mask        Meaning
 */
#define CKF_TOKEN_PRESENT     0x00000001  /* a token is there */
#define CKF_REMOVABLE_DEVICE  0x00000002  /* removable devices*/
#define CKF_HW_SLOT           0x00000004  /* hardware slot */

typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;


/* CK_TOKEN_INFO provides information about a token */
typedef struct CK_TOKEN_INFO {
  /* label, manufacturerID, and model have been changed from
   * CK_CHAR to CK_UTF8CHAR for v2.10 */
  CK_UTF8CHAR   label[32];           /* blank padded */
  CK_UTF8CHAR   manufacturerID[32];  /* blank padded */
  CK_UTF8CHAR   model[16];           /* blank padded */
  CK_CHAR       serialNumber[16];    /* blank padded */
  CK_FLAGS      flags;               /* see below */

  /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
   * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
   * changed from CK_USHORT to CK_ULONG for v2.0 */
  CK_ULONG      ulMaxSessionCount;     /* max open sessions */
  CK_ULONG      ulSessionCount;        /* sess. now open */
  CK_ULONG      ulMaxRwSessionCount;   /* max R/W sessions */
  CK_ULONG      ulRwSessionCount;      /* R/W sess. now open */
  CK_ULONG      ulMaxPinLen;           /* in bytes */
  CK_ULONG      ulMinPinLen;           /* in bytes */
  CK_ULONG      ulTotalPublicMemory;   /* in bytes */
  CK_ULONG      ulFreePublicMemory;    /* in bytes */
  CK_ULONG      ulTotalPrivateMemory;  /* in bytes */
  CK_ULONG      ulFreePrivateMemory;   /* in bytes */

  /* hardwareVersion, firmwareVersion, and time are new for
   * v2.0 */
  CK_VERSION    hardwareVersion;       /* version of hardware */
  CK_VERSION    firmwareVersion;       /* version of firmware */
  CK_CHAR       utcTime[16];           /* time */
} CK_TOKEN_INFO;

/* The flags parameter is defined as follows:
 *      Bit Flag                    Mask        Meaning
 */
#define CKF_RNG                     0x00000001  /* has random #
                                                 * generator */
#define CKF_WRITE_PROTECTED         0x00000002  /* token is
                                                 * write-
                                                 * protected */
#define CKF_LOGIN_REQUIRED          0x00000004  /* user must
                                                 * login */
#define CKF_USER_PIN_INITIALIZED    0x00000008  /* normal user's
                                                 * PIN is set */

/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0.  If it is set,
 * that means that *every* time the state of cryptographic
 * operations of a session is successfully saved, all keys
 * needed to continue those operations are stored in the state */
#define CKF_RESTORE_KEY_NOT_NEEDED  0x00000020

/* CKF_CLOCK_ON_TOKEN is new for v2.0.  If it is set, that means
 * that the token has some sort of clock.  The time on that
 * clock is returned in the token info structure */
#define CKF_CLOCK_ON_TOKEN          0x00000040

/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0.  If it is
 * set, that means that there is some way for the user to login
 * without sending a PIN through the Cryptoki library itself */
#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100

/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0.  If it is true,
 * that means that a single session with the token can perform
 * dual simultaneous cryptographic operations (digest and
 * encrypt; decrypt and digest; sign and encrypt; and decrypt
 * and sign) */
#define CKF_DUAL_CRYPTO_OPERATIONS  0x00000200

/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
 * token has been initialized using C_InitializeToken or an
 * equivalent mechanism outside the scope of PKCS #11.
 * Calling C_InitializeToken when this flag is set will cause
 * the token to be reinitialized. */
#define CKF_TOKEN_INITIALIZED       0x00000400

/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
 * true, the token supports secondary authentication for
 * private key objects. This flag is deprecated in v2.11 and
   onwards. */
#define CKF_SECONDARY_AUTHENTICATION  0x00000800

/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
 * incorrect user login PIN has been entered at least once
 * since the last successful authentication. */
#define CKF_USER_PIN_COUNT_LOW       0x00010000

/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
 * supplying an incorrect user PIN will it to become locked. */
#define CKF_USER_PIN_FINAL_TRY       0x00020000

/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
 * user PIN has been locked. User login to the token is not
 * possible. */
#define CKF_USER_PIN_LOCKED          0x00040000

/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
 * the user PIN value is the default value set by token
 * initialization or manufacturing, or the PIN has been
 * expired by the card. */
#define CKF_USER_PIN_TO_BE_CHANGED   0x00080000

/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
 * incorrect SO login PIN has been entered at least once since
 * the last successful authentication. */
#define CKF_SO_PIN_COUNT_LOW         0x00100000

/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
 * supplying an incorrect SO PIN will it to become locked. */
#define CKF_SO_PIN_FINAL_TRY         0x00200000

/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
 * PIN has been locked. SO login to the token is not possible.
 */
#define CKF_SO_PIN_LOCKED            0x00400000

/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
 * the SO PIN value is the default value set by token
 * initialization or manufacturing, or the PIN has been
 * expired by the card. */
#define CKF_SO_PIN_TO_BE_CHANGED     0x00800000

typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;


/* CK_SESSION_HANDLE is a Cryptoki-assigned value that
 * identifies a session */
typedef CK_ULONG          CK_SESSION_HANDLE;

typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;


/* CK_USER_TYPE enumerates the types of Cryptoki users */
/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
 * v2.0 */
typedef CK_ULONG          CK_USER_TYPE;
/* Security Officer */
#define CKU_SO    0
/* Normal user */
#define CKU_USER  1
/* Context specific (added in v2.20) */
#define CKU_CONTEXT_SPECIFIC   2

/* CK_STATE enumerates the session states */
/* CK_STATE has been changed from an enum to a CK_ULONG for
 * v2.0 */
typedef CK_ULONG          CK_STATE;
#define CKS_RO_PUBLIC_SESSION  0
#define CKS_RO_USER_FUNCTIONS  1
#define CKS_RW_PUBLIC_SESSION  2
#define CKS_RW_USER_FUNCTIONS  3
#define CKS_RW_SO_FUNCTIONS    4


/* CK_SESSION_INFO provides information about a session */
typedef struct CK_SESSION_INFO {
  CK_SLOT_ID    slotID;
  CK_STATE      state;
  CK_FLAGS      flags;          /* see below */

  /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
   * v2.0 */
  CK_ULONG      ulDeviceError;  /* device-dependent error code */
} CK_SESSION_INFO;

/* The flags are defined in the following table:
 *      Bit Flag                Mask        Meaning
 */
#define CKF_RW_SESSION          0x00000002  /* session is r/w */
#define CKF_SERIAL_SESSION      0x00000004  /* no parallel */

typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;


/* CK_OBJECT_HANDLE is a token-specific identifier for an
 * object  */
typedef CK_ULONG          CK_OBJECT_HANDLE;

typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;


/* CK_OBJECT_CLASS is a value that identifies the classes (or
 * types) of objects that Cryptoki recognizes.  It is defined
 * as follows: */
/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
 * v2.0 */
typedef CK_ULONG          CK_OBJECT_CLASS;

/* The following classes of objects are defined: */
/* CKO_HW_FEATURE is new for v2.10 */
/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
/* CKO_MECHANISM is new for v2.20 */
#define CKO_DATA              0x00000000
#define CKO_CERTIFICATE       0x00000001
#define CKO_PUBLIC_KEY        0x00000002
#define CKO_PRIVATE_KEY       0x00000003
#define CKO_SECRET_KEY        0x00000004
#define CKO_HW_FEATURE        0x00000005
#define CKO_DOMAIN_PARAMETERS 0x00000006
#define CKO_MECHANISM         0x00000007
#define CKO_VENDOR_DEFINED    0x80000000

typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;

/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
 * value that identifies the hardware feature type of an object
 * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
typedef CK_ULONG          CK_HW_FEATURE_TYPE;

/* The following hardware feature types are defined */
/* CKH_USER_INTERFACE is new for v2.20 */
#define CKH_MONOTONIC_COUNTER  0x00000001
#define CKH_CLOCK           0x00000002
#define CKH_USER_INTERFACE  0x00000003
#define CKH_VENDOR_DEFINED  0x80000000

/* CK_KEY_TYPE is a value that identifies a key type */
/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG          CK_KEY_TYPE;

/* the following key types are defined: */
#define CKK_RSA             0x00000000
#define CKK_DSA             0x00000001
#define CKK_DH              0x00000002

/* CKK_ECDSA and CKK_KEA are new for v2.0 */
/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */
#define CKK_ECDSA           0x00000003
#define CKK_EC              0x00000003
#define CKK_X9_42_DH        0x00000004
#define CKK_KEA             0x00000005

#define CKK_GENERIC_SECRET  0x00000010
#define CKK_RC2             0x00000011
#define CKK_RC4             0x00000012
#define CKK_DES             0x00000013
#define CKK_DES2            0x00000014
#define CKK_DES3            0x00000015

/* all these key types are new for v2.0 */
#define CKK_CAST            0x00000016
#define CKK_CAST3           0x00000017
/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */
#define CKK_CAST5           0x00000018
#define CKK_CAST128         0x00000018
#define CKK_RC5             0x00000019
#define CKK_IDEA            0x0000001A
#define CKK_SKIPJACK        0x0000001B
#define CKK_BATON           0x0000001C
#define CKK_JUNIPER         0x0000001D
#define CKK_CDMF            0x0000001E
#define CKK_AES             0x0000001F

/* BlowFish and TwoFish are new for v2.20 */
#define CKK_BLOWFISH        0x00000020
#define CKK_TWOFISH         0x00000021

#define CKK_VENDOR_DEFINED  0x80000000


/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
 * type */
/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
 * for v2.0 */
typedef CK_ULONG          CK_CERTIFICATE_TYPE;

/* The following certificate types are defined: */
/* CKC_X_509_ATTR_CERT is new for v2.10 */
/* CKC_WTLS is new for v2.20 */
#define CKC_X_509           0x00000000
#define CKC_X_509_ATTR_CERT 0x00000001
#define CKC_WTLS            0x00000002
#define CKC_VENDOR_DEFINED  0x80000000


/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
 * type */
/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
 * v2.0 */
typedef CK_ULONG          CK_ATTRIBUTE_TYPE;

/* The CKF_ARRAY_ATTRIBUTE flag identifies an attribute which
   consists of an array of values. */
#define CKF_ARRAY_ATTRIBUTE    0x40000000

/* The following attribute types are defined: */
#define CKA_CLASS              0x00000000
#define CKA_TOKEN              0x00000001
#define CKA_PRIVATE            0x00000002
#define CKA_LABEL              0x00000003
#define CKA_APPLICATION        0x00000010
#define CKA_VALUE              0x00000011

/* CKA_OBJECT_ID is new for v2.10 */
#define CKA_OBJECT_ID          0x00000012

#define CKA_CERTIFICATE_TYPE   0x00000080
#define CKA_ISSUER             0x00000081
#define CKA_SERIAL_NUMBER      0x00000082

/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
 * for v2.10 */
#define CKA_AC_ISSUER          0x00000083
#define CKA_OWNER              0x00000084
#define CKA_ATTR_TYPES         0x00000085

/* CKA_TRUSTED is new for v2.11 */
#define CKA_TRUSTED            0x00000086

/* CKA_CERTIFICATE_CATEGORY ...
 * CKA_CHECK_VALUE are new for v2.20 */
#define CKA_CERTIFICATE_CATEGORY        0x00000087
#define CKA_JAVA_MIDP_SECURITY_DOMAIN   0x00000088
#define CKA_URL                         0x00000089
#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY  0x0000008A
#define CKA_HASH_OF_ISSUER_PUBLIC_KEY   0x0000008B
#define CKA_CHECK_VALUE                 0x00000090

#define CKA_KEY_TYPE           0x00000100
#define CKA_SUBJECT            0x00000101
#define CKA_ID                 0x00000102
#define CKA_SENSITIVE          0x00000103
#define CKA_ENCRYPT            0x00000104
#define CKA_DECRYPT            0x00000105
#define CKA_WRAP               0x00000106
#define CKA_UNWRAP             0x00000107
#define CKA_SIGN               0x00000108
#define CKA_SIGN_RECOVER       0x00000109
#define CKA_VERIFY             0x0000010A
#define CKA_VERIFY_RECOVER     0x0000010B
#define CKA_DERIVE             0x0000010C
#define CKA_START_DATE         0x00000110
#define CKA_END_DATE           0x00000111
#define CKA_MODULUS            0x00000120
#define CKA_MODULUS_BITS       0x00000121
#define CKA_PUBLIC_EXPONENT    0x00000122
#define CKA_PRIVATE_EXPONENT   0x00000123
#define CKA_PRIME_1            0x00000124
#define CKA_PRIME_2            0x00000125
#define CKA_EXPONENT_1         0x00000126
#define CKA_EXPONENT_2         0x00000127
#define CKA_COEFFICIENT        0x00000128
#define CKA_PRIME              0x00000130
#define CKA_SUBPRIME           0x00000131
#define CKA_BASE               0x00000132

/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
#define CKA_PRIME_BITS         0x00000133
#define CKA_SUBPRIME_BITS      0x00000134
#define CKA_SUB_PRIME_BITS     CKA_SUBPRIME_BITS
/* (To retain backwards-compatibility) */

#define CKA_VALUE_BITS         0x00000160
#define CKA_VALUE_LEN          0x00000161

/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
 * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
 * and CKA_EC_POINT are new for v2.0 */
#define CKA_EXTRACTABLE        0x00000162
#define CKA_LOCAL              0x00000163
#define CKA_NEVER_EXTRACTABLE  0x00000164
#define CKA_ALWAYS_SENSITIVE   0x00000165

/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
#define CKA_KEY_GEN_MECHANISM  0x00000166

#define CKA_MODIFIABLE         0x00000170

/* CKA_ECDSA_PARAMS is deprecated in v2.11,
 * CKA_EC_PARAMS is preferred. */
#define CKA_ECDSA_PARAMS       0x00000180
#define CKA_EC_PARAMS          0x00000180

#define CKA_EC_POINT           0x00000181

/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
 * are new for v2.10. Deprecated in v2.11 and onwards. */
#define CKA_SECONDARY_AUTH     0x00000200
#define CKA_AUTH_PIN_FLAGS     0x00000201

/* CKA_ALWAYS_AUTHENTICATE ...
 * CKA_UNWRAP_TEMPLATE are new for v2.20 */
#define CKA_ALWAYS_AUTHENTICATE  0x00000202

#define CKA_WRAP_WITH_TRUSTED    0x00000210
#define CKA_WRAP_TEMPLATE        (CKF_ARRAY_ATTRIBUTE|0x00000211)
#define CKA_UNWRAP_TEMPLATE      (CKF_ARRAY_ATTRIBUTE|0x00000212)

/* CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
 * are new for v2.10 */
#define CKA_HW_FEATURE_TYPE    0x00000300
#define CKA_RESET_ON_INIT      0x00000301
#define CKA_HAS_RESET          0x00000302

/* The following attributes are new for v2.20 */
#define CKA_PIXEL_X                     0x00000400
#define CKA_PIXEL_Y                     0x00000401
#define CKA_RESOLUTION                  0x00000402
#define CKA_CHAR_ROWS                   0x00000403
#define CKA_CHAR_COLUMNS                0x00000404
#define CKA_COLOR                       0x00000405
#define CKA_BITS_PER_PIXEL              0x00000406
#define CKA_CHAR_SETS                   0x00000480
#define CKA_ENCODING_METHODS            0x00000481
#define CKA_MIME_TYPES                  0x00000482
#define CKA_MECHANISM_TYPE              0x00000500
#define CKA_REQUIRED_CMS_ATTRIBUTES     0x00000501
#define CKA_DEFAULT_CMS_ATTRIBUTES      0x00000502
#define CKA_SUPPORTED_CMS_ATTRIBUTES    0x00000503
#define CKA_ALLOWED_MECHANISMS          (CKF_ARRAY_ATTRIBUTE|0x00000600)

#define CKA_VENDOR_DEFINED     0x80000000


/* CK_ATTRIBUTE is a structure that includes the type, length
 * and value of an attribute */
typedef struct CK_ATTRIBUTE {
  CK_ATTRIBUTE_TYPE type;
  CK_VOID_PTR       pValue;

  /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
  CK_ULONG          ulValueLen;  /* in bytes */
} CK_ATTRIBUTE;

typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;


/* CK_DATE is a structure that defines a date */
typedef struct CK_DATE{
  CK_CHAR       year[4];   /* the year ("1900" - "9999") */
  CK_CHAR       month[2];  /* the month ("01" - "12") */
  CK_CHAR       day[2];    /* the day   ("01" - "31") */
} CK_DATE;


/* CK_MECHANISM_TYPE is a value that identifies a mechanism
 * type */
/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
 * v2.0 */
typedef CK_ULONG          CK_MECHANISM_TYPE;

/* the following mechanism types are defined: */
#define CKM_RSA_PKCS_KEY_PAIR_GEN      0x00000000
#define CKM_RSA_PKCS                   0x00000001
#define CKM_RSA_9796                   0x00000002
#define CKM_RSA_X_509                  0x00000003

/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
 * are new for v2.0.  They are mechanisms which hash and sign */
#define CKM_MD2_RSA_PKCS               0x00000004
#define CKM_MD5_RSA_PKCS               0x00000005
#define CKM_SHA1_RSA_PKCS              0x00000006

/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and
 * CKM_RSA_PKCS_OAEP are new for v2.10 */
#define CKM_RIPEMD128_RSA_PKCS         0x00000007
#define CKM_RIPEMD160_RSA_PKCS         0x00000008
#define CKM_RSA_PKCS_OAEP              0x00000009

/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
 * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
#define CKM_RSA_X9_31_KEY_PAIR_GEN     0x0000000A
#define CKM_RSA_X9_31                  0x0000000B
#define CKM_SHA1_RSA_X9_31             0x0000000C
#define CKM_RSA_PKCS_PSS               0x0000000D
#define CKM_SHA1_RSA_PKCS_PSS          0x0000000E

#define CKM_DSA_KEY_PAIR_GEN           0x00000010
#define CKM_DSA                        0x00000011
#define CKM_DSA_SHA1                   0x00000012
#define CKM_DH_PKCS_KEY_PAIR_GEN       0x00000020
#define CKM_DH_PKCS_DERIVE             0x00000021

/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
 * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for
 * v2.11 */
#define CKM_X9_42_DH_KEY_PAIR_GEN      0x00000030
#define CKM_X9_42_DH_DERIVE            0x00000031
#define CKM_X9_42_DH_HYBRID_DERIVE     0x00000032
#define CKM_X9_42_MQV_DERIVE           0x00000033

/* CKM_SHA256/384/512 are new for v2.20 */
#define CKM_SHA256_RSA_PKCS            0x00000040
#define CKM_SHA384_RSA_PKCS            0x00000041
#define CKM_SHA512_RSA_PKCS            0x00000042
#define CKM_SHA256_RSA_PKCS_PSS        0x00000043
#define CKM_SHA384_RSA_PKCS_PSS        0x00000044
#define CKM_SHA512_RSA_PKCS_PSS        0x00000045

#define CKM_RC2_KEY_GEN                0x00000100
#define CKM_RC2_ECB                    0x00000101
#define CKM_RC2_CBC                    0x00000102
#define CKM_RC2_MAC                    0x00000103

/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
#define CKM_RC2_MAC_GENERAL            0x00000104
#define CKM_RC2_CBC_PAD                0x00000105

#define CKM_RC4_KEY_GEN                0x00000110
#define CKM_RC4                        0x00000111
#define CKM_DES_KEY_GEN                0x00000120
#define CKM_DES_ECB                    0x00000121
#define CKM_DES_CBC                    0x00000122
#define CKM_DES_MAC                    0x00000123

/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
#define CKM_DES_MAC_GENERAL            0x00000124
#define CKM_DES_CBC_PAD                0x00000125

#define CKM_DES2_KEY_GEN               0x00000130
#define CKM_DES3_KEY_GEN               0x00000131
#define CKM_DES3_ECB                   0x00000132
#define CKM_DES3_CBC                   0x00000133
#define CKM_DES3_MAC                   0x00000134

/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
 * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
 * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
#define CKM_DES3_MAC_GENERAL           0x00000135
#define CKM_DES3_CBC_PAD               0x00000136
#define CKM_CDMF_KEY_GEN               0x00000140
#define CKM_CDMF_ECB                   0x00000141
#define CKM_CDMF_CBC                   0x00000142
#define CKM_CDMF_MAC                   0x00000143
#define CKM_CDMF_MAC_GENERAL           0x00000144
#define CKM_CDMF_CBC_PAD               0x00000145

/* the following four DES mechanisms are new for v2.20 */
#define CKM_DES_OFB64                  0x00000150
#define CKM_DES_OFB8                   0x00000151
#define CKM_DES_CFB64                  0x00000152
#define CKM_DES_CFB8                   0x00000153

#define CKM_MD2                        0x00000200

/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
#define CKM_MD2_HMAC                   0x00000201
#define CKM_MD2_HMAC_GENERAL           0x00000202

#define CKM_MD5                        0x00000210

/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
#define CKM_MD5_HMAC                   0x00000211
#define CKM_MD5_HMAC_GENERAL           0x00000212

#define CKM_SHA_1                      0x00000220

/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
#define CKM_SHA_1_HMAC                 0x00000221
#define CKM_SHA_1_HMAC_GENERAL         0x00000222

/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
 * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
 * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
#define CKM_RIPEMD128                  0x00000230
#define CKM_RIPEMD128_HMAC             0x00000231
#define CKM_RIPEMD128_HMAC_GENERAL     0x00000232
#define CKM_RIPEMD160                  0x00000240
#define CKM_RIPEMD160_HMAC             0x00000241
#define CKM_RIPEMD160_HMAC_GENERAL     0x00000242

/* CKM_SHA256/384/512 are new for v2.20 */
#define CKM_SHA256                     0x00000250
#define CKM_SHA256_HMAC                0x00000251
#define CKM_SHA256_HMAC_GENERAL        0x00000252
#define CKM_SHA384                     0x00000260
#define CKM_SHA384_HMAC                0x00000261
#define CKM_SHA384_HMAC_GENERAL        0x00000262
#define CKM_SHA512                     0x00000270
#define CKM_SHA512_HMAC                0x00000271
#define CKM_SHA512_HMAC_GENERAL        0x00000272

/* All of the following mechanisms are new for v2.0 */
/* Note that CAST128 and CAST5 are the same algorithm */
#define CKM_CAST_KEY_GEN               0x00000300
#define CKM_CAST_ECB                   0x00000301
#define CKM_CAST_CBC                   0x00000302
#define CKM_CAST_MAC                   0x00000303
#define CKM_CAST_MAC_GENERAL           0x00000304
#define CKM_CAST_CBC_PAD               0x00000305
#define CKM_CAST3_KEY_GEN              0x00000310
#define CKM_CAST3_ECB                  0x00000311
#define CKM_CAST3_CBC                  0x00000312
#define CKM_CAST3_MAC                  0x00000313
#define CKM_CAST3_MAC_GENERAL          0x00000314
#define CKM_CAST3_CBC_PAD              0x00000315
#define CKM_CAST5_KEY_GEN              0x00000320
#define CKM_CAST128_KEY_GEN            0x00000320
#define CKM_CAST5_ECB                  0x00000321
#define CKM_CAST128_ECB                0x00000321
#define CKM_CAST5_CBC                  0x00000322
#define CKM_CAST128_CBC                0x00000322
#define CKM_CAST5_MAC                  0x00000323
#define CKM_CAST128_MAC                0x00000323
#define CKM_CAST5_MAC_GENERAL          0x00000324
#define CKM_CAST128_MAC_GENERAL        0x00000324
#define CKM_CAST5_CBC_PAD              0x00000325
#define CKM_CAST128_CBC_PAD            0x00000325
#define CKM_RC5_KEY_GEN                0x00000330
#define CKM_RC5_ECB                    0x00000331
#define CKM_RC5_CBC                    0x00000332
#define CKM_RC5_MAC                    0x00000333
#define CKM_RC5_MAC_GENERAL            0x00000334
#define CKM_RC5_CBC_PAD                0x00000335
#define CKM_IDEA_KEY_GEN               0x00000340
#define CKM_IDEA_ECB                   0x00000341
#define CKM_IDEA_CBC                   0x00000342
#define CKM_IDEA_MAC                   0x00000343
#define CKM_IDEA_MAC_GENERAL           0x00000344
#define CKM_IDEA_CBC_PAD               0x00000345
#define CKM_GENERIC_SECRET_KEY_GEN     0x00000350
#define CKM_CONCATENATE_BASE_AND_KEY   0x00000360
#define CKM_CONCATENATE_BASE_AND_DATA  0x00000362
#define CKM_CONCATENATE_DATA_AND_BASE  0x00000363
#define CKM_XOR_BASE_AND_DATA          0x00000364
#define CKM_EXTRACT_KEY_FROM_KEY       0x00000365
#define CKM_SSL3_PRE_MASTER_KEY_GEN    0x00000370
#define CKM_SSL3_MASTER_KEY_DERIVE     0x00000371
#define CKM_SSL3_KEY_AND_MAC_DERIVE    0x00000372

/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
 * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and
 * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */
#define CKM_SSL3_MASTER_KEY_DERIVE_DH  0x00000373
#define CKM_TLS_PRE_MASTER_KEY_GEN     0x00000374
#define CKM_TLS_MASTER_KEY_DERIVE      0x00000375
#define CKM_TLS_KEY_AND_MAC_DERIVE     0x00000376
#define CKM_TLS_MASTER_KEY_DERIVE_DH   0x00000377

/* CKM_TLS_PRF is new for v2.20 */
#define CKM_TLS_PRF                    0x00000378

#define CKM_SSL3_MD5_MAC               0x00000380
#define CKM_SSL3_SHA1_MAC              0x00000381
#define CKM_MD5_KEY_DERIVATION         0x00000390
#define CKM_MD2_KEY_DERIVATION         0x00000391
#define CKM_SHA1_KEY_DERIVATION        0x00000392

/* CKM_SHA256/384/512 are new for v2.20 */
#define CKM_SHA256_KEY_DERIVATION      0x00000393
#define CKM_SHA384_KEY_DERIVATION      0x00000394
#define CKM_SHA512_KEY_DERIVATION      0x00000395

#define CKM_PBE_MD2_DES_CBC            0x000003A0
#define CKM_PBE_MD5_DES_CBC            0x000003A1
#define CKM_PBE_MD5_CAST_CBC           0x000003A2
#define CKM_PBE_MD5_CAST3_CBC          0x000003A3
#define CKM_PBE_MD5_CAST5_CBC          0x000003A4
#define CKM_PBE_MD5_CAST128_CBC        0x000003A4
#define CKM_PBE_SHA1_CAST5_CBC         0x000003A5
#define CKM_PBE_SHA1_CAST128_CBC       0x000003A5
#define CKM_PBE_SHA1_RC4_128           0x000003A6
#define CKM_PBE_SHA1_RC4_40            0x000003A7
#define CKM_PBE_SHA1_DES3_EDE_CBC      0x000003A8
#define CKM_PBE_SHA1_DES2_EDE_CBC      0x000003A9
#define CKM_PBE_SHA1_RC2_128_CBC       0x000003AA
#define CKM_PBE_SHA1_RC2_40_CBC        0x000003AB

/* CKM_PKCS5_PBKD2 is new for v2.10 */
#define CKM_PKCS5_PBKD2                0x000003B0

#define CKM_PBA_SHA1_WITH_SHA1_HMAC    0x000003C0

/* WTLS mechanisms are new for v2.20 */
#define CKM_WTLS_PRE_MASTER_KEY_GEN         0x000003D0
#define CKM_WTLS_MASTER_KEY_DERIVE          0x000003D1
#define CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC   0x000003D2
#define CKM_WTLS_PRF                        0x000003D3
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE  0x000003D4
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE  0x000003D5

#define CKM_KEY_WRAP_LYNKS             0x00000400
#define CKM_KEY_WRAP_SET_OAEP          0x00000401

/* CKM_CMS_SIG is new for v2.20 */
#define CKM_CMS_SIG                    0x00000500

/* Fortezza mechanisms */
#define CKM_SKIPJACK_KEY_GEN           0x00001000
#define CKM_SKIPJACK_ECB64             0x00001001
#define CKM_SKIPJACK_CBC64             0x00001002
#define CKM_SKIPJACK_OFB64             0x00001003
#define CKM_SKIPJACK_CFB64             0x00001004
#define CKM_SKIPJACK_CFB32             0x00001005
#define CKM_SKIPJACK_CFB16             0x00001006
#define CKM_SKIPJACK_CFB8              0x00001007
#define CKM_SKIPJACK_WRAP              0x00001008
#define CKM_SKIPJACK_PRIVATE_WRAP      0x00001009
#define CKM_SKIPJACK_RELAYX            0x0000100a
#define CKM_KEA_KEY_PAIR_GEN           0x00001010
#define CKM_KEA_KEY_DERIVE             0x00001011
#define CKM_FORTEZZA_TIMESTAMP         0x00001020
#define CKM_BATON_KEY_GEN              0x00001030
#define CKM_BATON_ECB128               0x00001031
#define CKM_BATON_ECB96                0x00001032
#define CKM_BATON_CBC128               0x00001033
#define CKM_BATON_COUNTER              0x00001034
#define CKM_BATON_SHUFFLE              0x00001035
#define CKM_BATON_WRAP                 0x00001036

/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11,
 * CKM_EC_KEY_PAIR_GEN is preferred */
#define CKM_ECDSA_KEY_PAIR_GEN         0x00001040
#define CKM_EC_KEY_PAIR_GEN            0x00001040

#define CKM_ECDSA                      0x00001041
#define CKM_ECDSA_SHA1                 0x00001042

/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE
 * are new for v2.11 */
#define CKM_ECDH1_DERIVE               0x00001050
#define CKM_ECDH1_COFACTOR_DERIVE      0x00001051
#define CKM_ECMQV_DERIVE               0x00001052

#define CKM_JUNIPER_KEY_GEN            0x00001060
#define CKM_JUNIPER_ECB128             0x00001061
#define CKM_JUNIPER_CBC128             0x00001062
#define CKM_JUNIPER_COUNTER            0x00001063
#define CKM_JUNIPER_SHUFFLE            0x00001064
#define CKM_JUNIPER_WRAP               0x00001065
#define CKM_FASTHASH                   0x00001070

/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC,
 * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN,
 * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are
 * new for v2.11 */
#define CKM_AES_KEY_GEN                0x00001080
#define CKM_AES_ECB                    0x00001081
#define CKM_AES_CBC                    0x00001082
#define CKM_AES_MAC                    0x00001083
#define CKM_AES_MAC_GENERAL            0x00001084
#define CKM_AES_CBC_PAD                0x00001085

/* BlowFish and TwoFish are new for v2.20 */
#define CKM_BLOWFISH_KEY_GEN           0x00001090
#define CKM_BLOWFISH_CBC               0x00001091
#define CKM_TWOFISH_KEY_GEN            0x00001092
#define CKM_TWOFISH_CBC                0x00001093


/* CKM_xxx_ENCRYPT_DATA mechanisms are new for v2.20 */
#define CKM_DES_ECB_ENCRYPT_DATA       0x00001100
#define CKM_DES_CBC_ENCRYPT_DATA       0x00001101
#define CKM_DES3_ECB_ENCRYPT_DATA      0x00001102
#define CKM_DES3_CBC_ENCRYPT_DATA      0x00001103
#define CKM_AES_ECB_ENCRYPT_DATA       0x00001104
#define CKM_AES_CBC_ENCRYPT_DATA       0x00001105

#define CKM_DSA_PARAMETER_GEN          0x00002000
#define CKM_DH_PKCS_PARAMETER_GEN      0x00002001
#define CKM_X9_42_DH_PARAMETER_GEN     0x00002002

#define CKM_VENDOR_DEFINED             0x80000000

typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;


/* CK_MECHANISM is a structure that specifies a particular
 * mechanism  */
typedef struct CK_MECHANISM {
  CK_MECHANISM_TYPE mechanism;
  CK_VOID_PTR       pParameter;

  /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
   * v2.0 */
  CK_ULONG          ulParameterLen;  /* in bytes */
} CK_MECHANISM;

typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;


/* CK_MECHANISM_INFO provides information about a particular
 * mechanism */
typedef struct CK_MECHANISM_INFO {
    CK_ULONG    ulMinKeySize;
    CK_ULONG    ulMaxKeySize;
    CK_FLAGS    flags;
} CK_MECHANISM_INFO;

/* The flags are defined as follows:
 *      Bit Flag               Mask        Meaning */
#define CKF_HW                 0x00000001  /* performed by HW */

/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
 * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
 * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
 * and CKF_DERIVE are new for v2.0.  They specify whether or not
 * a mechanism can be used for a particular task */
#define CKF_ENCRYPT            0x00000100
#define CKF_DECRYPT            0x00000200
#define CKF_DIGEST             0x00000400
#define CKF_SIGN               0x00000800
#define CKF_SIGN_RECOVER       0x00001000
#define CKF_VERIFY             0x00002000
#define CKF_VERIFY_RECOVER     0x00004000
#define CKF_GENERATE           0x00008000
#define CKF_GENERATE_KEY_PAIR  0x00010000
#define CKF_WRAP               0x00020000
#define CKF_UNWRAP             0x00040000
#define CKF_DERIVE             0x00080000

/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
 * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They
 * describe a token's EC capabilities not available in mechanism
 * information. */
#define CKF_EC_F_P             0x00100000
#define CKF_EC_F_2M            0x00200000
#define CKF_EC_ECPARAMETERS    0x00400000
#define CKF_EC_NAMEDCURVE      0x00800000
#define CKF_EC_UNCOMPRESS      0x01000000
#define CKF_EC_COMPRESS        0x02000000

#define CKF_EXTENSION          0x80000000 /* FALSE for this version */

typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;


/* CK_RV is a value that identifies the return value of a
 * Cryptoki function */
/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
typedef CK_ULONG          CK_RV;

#define CKR_OK                                0x00000000
#define CKR_CANCEL                            0x00000001
#define CKR_HOST_MEMORY                       0x00000002
#define CKR_SLOT_ID_INVALID                   0x00000003

/* CKR_FLAGS_INVALID was removed for v2.0 */

/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
#define CKR_GENERAL_ERROR                     0x00000005
#define CKR_FUNCTION_FAILED                   0x00000006

/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
 * and CKR_CANT_LOCK are new for v2.01 */
#define CKR_ARGUMENTS_BAD                     0x00000007
#define CKR_NO_EVENT                          0x00000008
#define CKR_NEED_TO_CREATE_THREADS            0x00000009
#define CKR_CANT_LOCK                         0x0000000A

#define CKR_ATTRIBUTE_READ_ONLY               0x00000010
#define CKR_ATTRIBUTE_SENSITIVE               0x00000011
#define CKR_ATTRIBUTE_TYPE_INVALID            0x00000012
#define CKR_ATTRIBUTE_VALUE_INVALID           0x00000013
#define CKR_DATA_INVALID                      0x00000020
#define CKR_DATA_LEN_RANGE                    0x00000021
#define CKR_DEVICE_ERROR                      0x00000030
#define CKR_DEVICE_MEMORY                     0x00000031
#define CKR_DEVICE_REMOVED                    0x00000032
#define CKR_ENCRYPTED_DATA_INVALID            0x00000040
#define CKR_ENCRYPTED_DATA_LEN_RANGE          0x00000041
#define CKR_FUNCTION_CANCELED                 0x00000050
#define CKR_FUNCTION_NOT_PARALLEL             0x00000051

/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
#define CKR_FUNCTION_NOT_SUPPORTED            0x00000054

#define CKR_KEY_HANDLE_INVALID                0x00000060

/* CKR_KEY_SENSITIVE was removed for v2.0 */

#define CKR_KEY_SIZE_RANGE                    0x00000062
#define CKR_KEY_TYPE_INCONSISTENT             0x00000063

/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
 * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
 * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
 * v2.0 */
#define CKR_KEY_NOT_NEEDED                    0x00000064
#define CKR_KEY_CHANGED                       0x00000065
#define CKR_KEY_NEEDED                        0x00000066
#define CKR_KEY_INDIGESTIBLE                  0x00000067
#define CKR_KEY_FUNCTION_NOT_PERMITTED        0x00000068
#define CKR_KEY_NOT_WRAPPABLE                 0x00000069
#define CKR_KEY_UNEXTRACTABLE                 0x0000006A

#define CKR_MECHANISM_INVALID                 0x00000070
#define CKR_MECHANISM_PARAM_INVALID           0x00000071

/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
 * were removed for v2.0 */
#define CKR_OBJECT_HANDLE_INVALID             0x00000082
#define CKR_OPERATION_ACTIVE                  0x00000090
#define CKR_OPERATION_NOT_INITIALIZED         0x00000091
#define CKR_PIN_INCORRECT                     0x000000A0
#define CKR_PIN_INVALID                       0x000000A1
#define CKR_PIN_LEN_RANGE                     0x000000A2

/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
#define CKR_PIN_EXPIRED                       0x000000A3
#define CKR_PIN_LOCKED                        0x000000A4

#define CKR_SESSION_CLOSED                    0x000000B0
#define CKR_SESSION_COUNT                     0x000000B1
#define CKR_SESSION_HANDLE_INVALID            0x000000B3
#define CKR_SESSION_PARALLEL_NOT_SUPPORTED    0x000000B4
#define CKR_SESSION_READ_ONLY                 0x000000B5
#define CKR_SESSION_EXISTS                    0x000000B6

/* CKR_SESSION_READ_ONLY_EXISTS and
 * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
#define CKR_SESSION_READ_ONLY_EXISTS          0x000000B7
#define CKR_SESSION_READ_WRITE_SO_EXISTS      0x000000B8

#define CKR_SIGNATURE_INVALID                 0x000000C0
#define CKR_SIGNATURE_LEN_RANGE               0x000000C1
#define CKR_TEMPLATE_INCOMPLETE               0x000000D0
#define CKR_TEMPLATE_INCONSISTENT             0x000000D1
#define CKR_TOKEN_NOT_PRESENT                 0x000000E0
#define CKR_TOKEN_NOT_RECOGNIZED              0x000000E1
#define CKR_TOKEN_WRITE_PROTECTED             0x000000E2
#define CKR_UNWRAPPING_KEY_HANDLE_INVALID     0x000000F0
#define CKR_UNWRAPPING_KEY_SIZE_RANGE         0x000000F1
#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT  0x000000F2
#define CKR_USER_ALREADY_LOGGED_IN            0x00000100
#define CKR_USER_NOT_LOGGED_IN                0x00000101
#define CKR_USER_PIN_NOT_INITIALIZED          0x00000102
#define CKR_USER_TYPE_INVALID                 0x00000103

/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
 * are new to v2.01 */
#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN    0x00000104
#define CKR_USER_TOO_MANY_TYPES               0x00000105

#define CKR_WRAPPED_KEY_INVALID               0x00000110
#define CKR_WRAPPED_KEY_LEN_RANGE             0x00000112
#define CKR_WRAPPING_KEY_HANDLE_INVALID       0x00000113
#define CKR_WRAPPING_KEY_SIZE_RANGE           0x00000114
#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT    0x00000115
#define CKR_RANDOM_SEED_NOT_SUPPORTED         0x00000120

/* These are new to v2.0 */
#define CKR_RANDOM_NO_RNG                     0x00000121

/* These are new to v2.11 */
#define CKR_DOMAIN_PARAMS_INVALID             0x00000130

/* These are new to v2.0 */
#define CKR_BUFFER_TOO_SMALL                  0x00000150
#define CKR_SAVED_STATE_INVALID               0x00000160
#define CKR_INFORMATION_SENSITIVE             0x00000170
#define CKR_STATE_UNSAVEABLE                  0x00000180

/* These are new to v2.01 */
#define CKR_CRYPTOKI_NOT_INITIALIZED          0x00000190
#define CKR_CRYPTOKI_ALREADY_INITIALIZED      0x00000191
#define CKR_MUTEX_BAD                         0x000001A0
#define CKR_MUTEX_NOT_LOCKED                  0x000001A1

/* This is new to v2.20 */
#define CKR_FUNCTION_REJECTED                 0x00000200

#define CKR_VENDOR_DEFINED                    0x80000000


/* CK_NOTIFY is an application callback that processes events */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
  CK_SESSION_HANDLE hSession,     /* the session's handle */
  CK_NOTIFICATION   event,
  CK_VOID_PTR       pApplication  /* passed to C_OpenSession */
);


/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec
 * version and pointers of appropriate types to all the
 * Cryptoki functions */
/* CK_FUNCTION_LIST is new for v2.0 */
typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;

typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;

typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;


/* CK_CREATEMUTEX is an application callback for creating a
 * mutex object */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
  CK_VOID_PTR_PTR ppMutex  /* location to receive ptr to mutex */
);


/* CK_DESTROYMUTEX is an application callback for destroying a
 * mutex object */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
  CK_VOID_PTR pMutex  /* pointer to mutex */
);


/* CK_LOCKMUTEX is an application callback for locking a mutex */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
  CK_VOID_PTR pMutex  /* pointer to mutex */
);


/* CK_UNLOCKMUTEX is an application callback for unlocking a
 * mutex */
typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
  CK_VOID_PTR pMutex  /* pointer to mutex */
);


/* CK_C_INITIALIZE_ARGS provides the optional arguments to
 * C_Initialize */
typedef struct CK_C_INITIALIZE_ARGS {
  CK_CREATEMUTEX CreateMutex;
  CK_DESTROYMUTEX DestroyMutex;
  CK_LOCKMUTEX LockMutex;
  CK_UNLOCKMUTEX UnlockMutex;
  CK_FLAGS flags;
  CK_VOID_PTR pReserved;
} CK_C_INITIALIZE_ARGS;

/* flags: bit flags that provide capabilities of the slot
 *      Bit Flag                           Mask       Meaning
 */
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
#define CKF_OS_LOCKING_OK                  0x00000002

typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;


/* additional flags for parameters to functions */

/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
#define CKF_DONT_BLOCK     1

/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
 * CK_RSA_PKCS_OAEP_MGF_TYPE  is used to indicate the Message
 * Generation Function (MGF) applied to a message block when
 * formatting a message block for the PKCS #1 OAEP encryption
 * scheme. */
typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE;

typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR;

/* The following MGFs are defined */
/* CKG_MGF1_SHA256, CKG_MGF1_SHA384, and CKG_MGF1_SHA512
 * are new for v2.20 */
#define CKG_MGF1_SHA1         0x00000001
#define CKG_MGF1_SHA256       0x00000002
#define CKG_MGF1_SHA384       0x00000003
#define CKG_MGF1_SHA512       0x00000004

/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
 * CK_RSA_PKCS_OAEP_SOURCE_TYPE  is used to indicate the source
 * of the encoding parameter when formatting a message block
 * for the PKCS #1 OAEP encryption scheme. */
typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;

typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;

/* The following encoding parameter sources are defined */
#define CKZ_DATA_SPECIFIED    0x00000001

/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
 * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
 * CKM_RSA_PKCS_OAEP mechanism. */
typedef struct CK_RSA_PKCS_OAEP_PARAMS {
        CK_MECHANISM_TYPE hashAlg;
        CK_RSA_PKCS_MGF_TYPE mgf;
        CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
        CK_VOID_PTR pSourceData;
        CK_ULONG ulSourceDataLen;
} CK_RSA_PKCS_OAEP_PARAMS;

typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;

/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11.
 * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the
 * CKM_RSA_PKCS_PSS mechanism(s). */
typedef struct CK_RSA_PKCS_PSS_PARAMS {
        CK_MECHANISM_TYPE    hashAlg;
        CK_RSA_PKCS_MGF_TYPE mgf;
        CK_ULONG             sLen;
} CK_RSA_PKCS_PSS_PARAMS;

typedef CK_RSA_PKCS_PSS_PARAMS CK_PTR CK_RSA_PKCS_PSS_PARAMS_PTR;

/* CK_EC_KDF_TYPE is new for v2.11. */
typedef CK_ULONG CK_EC_KDF_TYPE;

/* The following EC Key Derivation Functions are defined */
#define CKD_NULL                 0x00000001
#define CKD_SHA1_KDF             0x00000002

/* CK_ECDH1_DERIVE_PARAMS is new for v2.11.
 * CK_ECDH1_DERIVE_PARAMS provides the parameters to the
 * CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE mechanisms,
 * where each party contributes one key pair.
 */
typedef struct CK_ECDH1_DERIVE_PARAMS {
  CK_EC_KDF_TYPE kdf;
  CK_ULONG ulSharedDataLen;
  CK_BYTE_PTR pSharedData;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
} CK_ECDH1_DERIVE_PARAMS;

typedef CK_ECDH1_DERIVE_PARAMS CK_PTR CK_ECDH1_DERIVE_PARAMS_PTR;


/* CK_ECDH2_DERIVE_PARAMS is new for v2.11.
 * CK_ECDH2_DERIVE_PARAMS provides the parameters to the
 * CKM_ECMQV_DERIVE mechanism, where each party contributes two key pairs. */
typedef struct CK_ECDH2_DERIVE_PARAMS {
  CK_EC_KDF_TYPE kdf;
  CK_ULONG ulSharedDataLen;
  CK_BYTE_PTR pSharedData;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
  CK_ULONG ulPrivateDataLen;
  CK_OBJECT_HANDLE hPrivateData;
  CK_ULONG ulPublicDataLen2;
  CK_BYTE_PTR pPublicData2;
} CK_ECDH2_DERIVE_PARAMS;

typedef CK_ECDH2_DERIVE_PARAMS CK_PTR CK_ECDH2_DERIVE_PARAMS_PTR;

typedef struct CK_ECMQV_DERIVE_PARAMS {
  CK_EC_KDF_TYPE kdf;
  CK_ULONG ulSharedDataLen;
  CK_BYTE_PTR pSharedData;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
  CK_ULONG ulPrivateDataLen;
  CK_OBJECT_HANDLE hPrivateData;
  CK_ULONG ulPublicDataLen2;
  CK_BYTE_PTR pPublicData2;
  CK_OBJECT_HANDLE publicKey;
} CK_ECMQV_DERIVE_PARAMS;

typedef CK_ECMQV_DERIVE_PARAMS CK_PTR CK_ECMQV_DERIVE_PARAMS_PTR;

/* Typedefs and defines for the CKM_X9_42_DH_KEY_PAIR_GEN and the
 * CKM_X9_42_DH_PARAMETER_GEN mechanisms (new for PKCS #11 v2.11) */
typedef CK_ULONG CK_X9_42_DH_KDF_TYPE;
typedef CK_X9_42_DH_KDF_TYPE CK_PTR CK_X9_42_DH_KDF_TYPE_PTR;

/* The following X9.42 DH key derivation functions are defined
   (besides CKD_NULL already defined : */
#define CKD_SHA1_KDF_ASN1        0x00000003
#define CKD_SHA1_KDF_CONCATENATE 0x00000004

/* CK_X9_42_DH1_DERIVE_PARAMS is new for v2.11.
 * CK_X9_42_DH1_DERIVE_PARAMS provides the parameters to the
 * CKM_X9_42_DH_DERIVE key derivation mechanism, where each party
 * contributes one key pair */
typedef struct CK_X9_42_DH1_DERIVE_PARAMS {
  CK_X9_42_DH_KDF_TYPE kdf;
  CK_ULONG ulOtherInfoLen;
  CK_BYTE_PTR pOtherInfo;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
} CK_X9_42_DH1_DERIVE_PARAMS;

typedef struct CK_X9_42_DH1_DERIVE_PARAMS CK_PTR CK_X9_42_DH1_DERIVE_PARAMS_PTR;

/* CK_X9_42_DH2_DERIVE_PARAMS is new for v2.11.
 * CK_X9_42_DH2_DERIVE_PARAMS provides the parameters to the
 * CKM_X9_42_DH_HYBRID_DERIVE and CKM_X9_42_MQV_DERIVE key derivation
 * mechanisms, where each party contributes two key pairs */
typedef struct CK_X9_42_DH2_DERIVE_PARAMS {
  CK_X9_42_DH_KDF_TYPE kdf;
  CK_ULONG ulOtherInfoLen;
  CK_BYTE_PTR pOtherInfo;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
  CK_ULONG ulPrivateDataLen;
  CK_OBJECT_HANDLE hPrivateData;
  CK_ULONG ulPublicDataLen2;
  CK_BYTE_PTR pPublicData2;
} CK_X9_42_DH2_DERIVE_PARAMS;

typedef CK_X9_42_DH2_DERIVE_PARAMS CK_PTR CK_X9_42_DH2_DERIVE_PARAMS_PTR;

typedef struct CK_X9_42_MQV_DERIVE_PARAMS {
  CK_X9_42_DH_KDF_TYPE kdf;
  CK_ULONG ulOtherInfoLen;
  CK_BYTE_PTR pOtherInfo;
  CK_ULONG ulPublicDataLen;
  CK_BYTE_PTR pPublicData;
  CK_ULONG ulPrivateDataLen;
  CK_OBJECT_HANDLE hPrivateData;
  CK_ULONG ulPublicDataLen2;
  CK_BYTE_PTR pPublicData2;
  CK_OBJECT_HANDLE publicKey;
} CK_X9_42_MQV_DERIVE_PARAMS;

typedef CK_X9_42_MQV_DERIVE_PARAMS CK_PTR CK_X9_42_MQV_DERIVE_PARAMS_PTR;

/* CK_KEA_DERIVE_PARAMS provides the parameters to the
 * CKM_KEA_DERIVE mechanism */
/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
typedef struct CK_KEA_DERIVE_PARAMS {
  CK_BBOOL      isSender;
  CK_ULONG      ulRandomLen;
  CK_BYTE_PTR   pRandomA;
  CK_BYTE_PTR   pRandomB;
  CK_ULONG      ulPublicDataLen;
  CK_BYTE_PTR   pPublicData;
} CK_KEA_DERIVE_PARAMS;

typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;


/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
 * CKM_RC2_MAC mechanisms.  An instance of CK_RC2_PARAMS just
 * holds the effective keysize */
typedef CK_ULONG          CK_RC2_PARAMS;

typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;


/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
 * mechanism */
typedef struct CK_RC2_CBC_PARAMS {
  /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
   * v2.0 */
  CK_ULONG      ulEffectiveBits;  /* effective bits (1-1024) */

  CK_BYTE       iv[8];            /* IV for CBC mode */
} CK_RC2_CBC_PARAMS;

typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;


/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
 * CKM_RC2_MAC_GENERAL mechanism */
/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
typedef struct CK_RC2_MAC_GENERAL_PARAMS {
  CK_ULONG      ulEffectiveBits;  /* effective bits (1-1024) */
  CK_ULONG      ulMacLength;      /* Length of MAC in bytes */
} CK_RC2_MAC_GENERAL_PARAMS;

typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
  CK_RC2_MAC_GENERAL_PARAMS_PTR;


/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
 * CKM_RC5_MAC mechanisms */
/* CK_RC5_PARAMS is new for v2.0 */
typedef struct CK_RC5_PARAMS {
  CK_ULONG      ulWordsize;  /* wordsize in bits */
  CK_ULONG      ulRounds;    /* number of rounds */
} CK_RC5_PARAMS;

typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;


/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
 * mechanism */
/* CK_RC5_CBC_PARAMS is new for v2.0 */
typedef struct CK_RC5_CBC_PARAMS {
  CK_ULONG      ulWordsize;  /* wordsize in bits */
  CK_ULONG      ulRounds;    /* number of rounds */
  CK_BYTE_PTR   pIv;         /* pointer to IV */
  CK_ULONG      ulIvLen;     /* length of IV in bytes */
} CK_RC5_CBC_PARAMS;

typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;


/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
 * CKM_RC5_MAC_GENERAL mechanism */
/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
typedef struct CK_RC5_MAC_GENERAL_PARAMS {
  CK_ULONG      ulWordsize;   /* wordsize in bits */
  CK_ULONG      ulRounds;     /* number of rounds */
  CK_ULONG      ulMacLength;  /* Length of MAC in bytes */
} CK_RC5_MAC_GENERAL_PARAMS;

typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
  CK_RC5_MAC_GENERAL_PARAMS_PTR;


/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
 * ciphers' MAC_GENERAL mechanisms.  Its value is the length of
 * the MAC */
/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
typedef CK_ULONG          CK_MAC_GENERAL_PARAMS;

typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;

/* CK_DES/AES_ECB/CBC_ENCRYPT_DATA_PARAMS are new for v2.20 */
typedef struct CK_DES_CBC_ENCRYPT_DATA_PARAMS {
  CK_BYTE      iv[8];
  CK_BYTE_PTR  pData;
  CK_ULONG     length;
} CK_DES_CBC_ENCRYPT_DATA_PARAMS;

typedef CK_DES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_DES_CBC_ENCRYPT_DATA_PARAMS_PTR;

typedef struct CK_AES_CBC_ENCRYPT_DATA_PARAMS {
  CK_BYTE      iv[16];
  CK_BYTE_PTR  pData;
  CK_ULONG     length;
} CK_AES_CBC_ENCRYPT_DATA_PARAMS;

typedef CK_AES_CBC_ENCRYPT_DATA_PARAMS CK_PTR CK_AES_CBC_ENCRYPT_DATA_PARAMS_PTR;

/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
 * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
  CK_ULONG      ulPasswordLen;
  CK_BYTE_PTR   pPassword;
  CK_ULONG      ulPublicDataLen;
  CK_BYTE_PTR   pPublicData;
  CK_ULONG      ulPAndGLen;
  CK_ULONG      ulQLen;
  CK_ULONG      ulRandomLen;
  CK_BYTE_PTR   pRandomA;
  CK_BYTE_PTR   pPrimeP;
  CK_BYTE_PTR   pBaseG;
  CK_BYTE_PTR   pSubprimeQ;
} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;

typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
  CK_SKIPJACK_PRIVATE_WRAP_PTR;


/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
 * CKM_SKIPJACK_RELAYX mechanism */
/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
typedef struct CK_SKIPJACK_RELAYX_PARAMS {
  CK_ULONG      ulOldWrappedXLen;
  CK_BYTE_PTR   pOldWrappedX;
  CK_ULONG      ulOldPasswordLen;
  CK_BYTE_PTR   pOldPassword;
  CK_ULONG      ulOldPublicDataLen;
  CK_BYTE_PTR   pOldPublicData;
  CK_ULONG      ulOldRandomLen;
  CK_BYTE_PTR   pOldRandomA;
  CK_ULONG      ulNewPasswordLen;
  CK_BYTE_PTR   pNewPassword;
  CK_ULONG      ulNewPublicDataLen;
  CK_BYTE_PTR   pNewPublicData;
  CK_ULONG      ulNewRandomLen;
  CK_BYTE_PTR   pNewRandomA;
} CK_SKIPJACK_RELAYX_PARAMS;

typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
  CK_SKIPJACK_RELAYX_PARAMS_PTR;


typedef struct CK_PBE_PARAMS {
  CK_BYTE_PTR      pInitVector;
  CK_UTF8CHAR_PTR  pPassword;
  CK_ULONG         ulPasswordLen;
  CK_BYTE_PTR      pSalt;
  CK_ULONG         ulSaltLen;
  CK_ULONG         ulIteration;
} CK_PBE_PARAMS;

typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;


/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
 * CKM_KEY_WRAP_SET_OAEP mechanism */
/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
  CK_BYTE       bBC;     /* block contents byte */
  CK_BYTE_PTR   pX;      /* extra data */
  CK_ULONG      ulXLen;  /* length of extra data in bytes */
} CK_KEY_WRAP_SET_OAEP_PARAMS;

typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
  CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;


typedef struct CK_SSL3_RANDOM_DATA {
  CK_BYTE_PTR  pClientRandom;
  CK_ULONG     ulClientRandomLen;
  CK_BYTE_PTR  pServerRandom;
  CK_ULONG     ulServerRandomLen;
} CK_SSL3_RANDOM_DATA;


typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
  CK_SSL3_RANDOM_DATA RandomInfo;
  CK_VERSION_PTR pVersion;
} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;

typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
  CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;


typedef struct CK_SSL3_KEY_MAT_OUT {
  CK_OBJECT_HANDLE hClientMacSecret;
  CK_OBJECT_HANDLE hServerMacSecret;
  CK_OBJECT_HANDLE hClientKey;
  CK_OBJECT_HANDLE hServerKey;
  CK_BYTE_PTR      pIVClient;
  CK_BYTE_PTR      pIVServer;
} CK_SSL3_KEY_MAT_OUT;

typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;


typedef struct CK_SSL3_KEY_MAT_PARAMS {
  CK_ULONG                ulMacSizeInBits;
  CK_ULONG                ulKeySizeInBits;
  CK_ULONG                ulIVSizeInBits;
  CK_BBOOL                bIsExport;
  CK_SSL3_RANDOM_DATA     RandomInfo;
  CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
} CK_SSL3_KEY_MAT_PARAMS;

typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;

/* CK_TLS_PRF_PARAMS is new for version 2.20 */
typedef struct CK_TLS_PRF_PARAMS {
  CK_BYTE_PTR  pSeed;
  CK_ULONG     ulSeedLen;
  CK_BYTE_PTR  pLabel;
  CK_ULONG     ulLabelLen;
  CK_BYTE_PTR  pOutput;
  CK_ULONG_PTR pulOutputLen;
} CK_TLS_PRF_PARAMS;

typedef CK_TLS_PRF_PARAMS CK_PTR CK_TLS_PRF_PARAMS_PTR;

/* WTLS is new for version 2.20 */
typedef struct CK_WTLS_RANDOM_DATA {
  CK_BYTE_PTR pClientRandom;
  CK_ULONG    ulClientRandomLen;
  CK_BYTE_PTR pServerRandom;
  CK_ULONG    ulServerRandomLen;
} CK_WTLS_RANDOM_DATA;

typedef CK_WTLS_RANDOM_DATA CK_PTR CK_WTLS_RANDOM_DATA_PTR;

typedef struct CK_WTLS_MASTER_KEY_DERIVE_PARAMS {
  CK_MECHANISM_TYPE   DigestMechanism;
  CK_WTLS_RANDOM_DATA RandomInfo;
  CK_BYTE_PTR         pVersion;
} CK_WTLS_MASTER_KEY_DERIVE_PARAMS;

typedef CK_WTLS_MASTER_KEY_DERIVE_PARAMS CK_PTR \
  CK_WTLS_MASTER_KEY_DERIVE_PARAMS_PTR;

typedef struct CK_WTLS_PRF_PARAMS {
  CK_MECHANISM_TYPE DigestMechanism;
  CK_BYTE_PTR       pSeed;
  CK_ULONG          ulSeedLen;
  CK_BYTE_PTR       pLabel;
  CK_ULONG          ulLabelLen;
  CK_BYTE_PTR       pOutput;
  CK_ULONG_PTR      pulOutputLen;
} CK_WTLS_PRF_PARAMS;

typedef CK_WTLS_PRF_PARAMS CK_PTR CK_WTLS_PRF_PARAMS_PTR;

typedef struct CK_WTLS_KEY_MAT_OUT {
  CK_OBJECT_HANDLE hMacSecret;
  CK_OBJECT_HANDLE hKey;
  CK_BYTE_PTR      pIV;
} CK_WTLS_KEY_MAT_OUT;

typedef CK_WTLS_KEY_MAT_OUT CK_PTR CK_WTLS_KEY_MAT_OUT_PTR;

typedef struct CK_WTLS_KEY_MAT_PARAMS {
  CK_MECHANISM_TYPE       DigestMechanism;
  CK_ULONG                ulMacSizeInBits;
  CK_ULONG                ulKeySizeInBits;
  CK_ULONG                ulIVSizeInBits;
  CK_ULONG                ulSequenceNumber;
  CK_BBOOL                bIsExport;
  CK_WTLS_RANDOM_DATA     RandomInfo;
  CK_WTLS_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
} CK_WTLS_KEY_MAT_PARAMS;

typedef CK_WTLS_KEY_MAT_PARAMS CK_PTR CK_WTLS_KEY_MAT_PARAMS_PTR;

/* CMS is new for version 2.20 */
typedef struct CK_CMS_SIG_PARAMS {
  CK_OBJECT_HANDLE      certificateHandle;
  CK_MECHANISM_PTR      pSigningMechanism;
  CK_MECHANISM_PTR      pDigestMechanism;
  CK_UTF8CHAR_PTR       pContentType;
  CK_BYTE_PTR           pRequestedAttributes;
  CK_ULONG              ulRequestedAttributesLen;
  CK_BYTE_PTR           pRequiredAttributes;
  CK_ULONG              ulRequiredAttributesLen;
} CK_CMS_SIG_PARAMS;

typedef CK_CMS_SIG_PARAMS CK_PTR CK_CMS_SIG_PARAMS_PTR;

typedef struct CK_KEY_DERIVATION_STRING_DATA {
  CK_BYTE_PTR pData;
  CK_ULONG    ulLen;
} CK_KEY_DERIVATION_STRING_DATA;

typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
  CK_KEY_DERIVATION_STRING_DATA_PTR;


/* The CK_EXTRACT_PARAMS is used for the
 * CKM_EXTRACT_KEY_FROM_KEY mechanism.  It specifies which bit
 * of the base key should be used as the first bit of the
 * derived key */
/* CK_EXTRACT_PARAMS is new for v2.0 */
typedef CK_ULONG CK_EXTRACT_PARAMS;

typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;

/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
 * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
 * indicate the Pseudo-Random Function (PRF) used to generate
 * key bits using PKCS #5 PBKDF2. */
typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;

typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;

/* The following PRFs are defined in PKCS #5 v2.0. */
#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001


/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10.
 * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the
 * source of the salt value when deriving a key using PKCS #5
 * PBKDF2. */
typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;

typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;

/* The following salt value sources are defined in PKCS #5 v2.0. */
#define CKZ_SALT_SPECIFIED        0x00000001

/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
 * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
 * parameters to the CKM_PKCS5_PBKD2 mechanism. */
typedef struct CK_PKCS5_PBKD2_PARAMS {
        CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE           saltSource;
        CK_VOID_PTR                                pSaltSourceData;
        CK_ULONG                                   ulSaltSourceDataLen;
        CK_ULONG                                   iterations;
        CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
        CK_VOID_PTR                                pPrfData;
        CK_ULONG                                   ulPrfDataLen;
        CK_UTF8CHAR_PTR                            pPassword;
        CK_ULONG_PTR                               ulPasswordLen;
} CK_PKCS5_PBKD2_PARAMS;

typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;

#endif



From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:54 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:54 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/CoolKey
	CoolKeyAttributeCoder.cpp, NONE, 1.1 CoolKeyAttributeCoder.h,
	NONE, 1.1 CoolKeyError.cpp, NONE, 1.1 CoolKeyError.h, NONE,
	1.1 CoolKeyHandle.cpp, NONE, 1.1 CoolKeyHandle.h, NONE,
	1.1 CoolKeyPK11.cpp, NONE, 1.1 CoolKeyPK11.h, NONE,
	1.1 CoolKeyRecord.cpp, NONE, 1.1 CoolKeyRecord.h, NONE,
	1.1 CoolKeySchema.cpp, NONE, 1.1 CoolKeySchema.h, NONE,
	1.1 CoolKeyToken.cpp, NONE, 1.1 CoolKeyToken.h, NONE,
	1.1 Info.plist, NONE, 1.1 coolkey.cpp, NONE, 1.1
Message-ID: <200801221802.m0MI2sf1031576@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/CoolKey
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436/CoolKey

Added Files:
	CoolKeyAttributeCoder.cpp CoolKeyAttributeCoder.h 
	CoolKeyError.cpp CoolKeyError.h CoolKeyHandle.cpp 
	CoolKeyHandle.h CoolKeyPK11.cpp CoolKeyPK11.h 
	CoolKeyRecord.cpp CoolKeyRecord.h CoolKeySchema.cpp 
	CoolKeySchema.h CoolKeyToken.cpp CoolKeyToken.h Info.plist 
	coolkey.cpp 
Log Message:
Initial revision


--- NEW FILE CoolKeyAttributeCoder.cpp ---
/*CoolKey
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey AttributeCoder implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyAttributeCoder.cpp
 *  Tokend CoolKey
 */
#include "CoolKeyAttributeCoder.h"

#include "Adornment.h"
#include "MetaAttribute.h"
#include "MetaRecord.h"
#include "Attribute.h"
#include 
#include "CoolKeyRecord.h"
#include "CoolKeyToken.h"
#include "CoolKeyPK11.h"
#include 
#include 
#include 
#include 
#include 

using namespace Tokend;


//
// CoolKeyDataAttributeCoder
//
CoolKeyDataAttributeCoder::~CoolKeyDataAttributeCoder()
{
}

void CoolKeyDataAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
   Syslog::notice("CoolKeyDataAttributeCoder::decode");
}

CoolKeyCertAttributeCoder:: ~CoolKeyCertAttributeCoder()
{
}


void CoolKeyCertAttributeCoder::decode(Tokend::TokenContext *tokenContext,
                const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
{

    uint32 id = metaAttribute.attributeId();

    MetaAttribute::Format format = metaAttribute.attributeFormat();

    CoolKeyToken *token = (CoolKeyToken *) tokenContext;

    if(!token)
        return;

    CoolKeyRecord &coolRec = dynamic_cast (record);

    CoolKeyCertObject *cert = (CoolKeyCertObject *) coolRec.getCoolKeyObject();

    Syslog::notice("CertAttributeCoder::decode coder %p cert object %p id %lu format %lu record %p",this,cert,id,format,&record);

    if(!cert)
        return;


    CK_BYTE tData[2048];
    CK_ULONG dataLen = 2048;

    CK_ULONG type = 0;

    switch(id)
    {
        case kSecAlias:
            Syslog::notice("kSecAlias");

            cert->getLabel(tData,&dataLen);

            record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
        break;

        case kSecSubjectItemAttr:
           cert->getSubject(tData,&dataLen);

           Syslog::notice("kSecSubjectItemAttr retrieved data %p datalen %lu",tData,dataLen);

           record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
        break;
 
        case kSecIssuerItemAttr:
           cert->getIssuer(tData,&dataLen);

           Syslog::notice("kSecIssuertItemAttr retrieved data %p datalen %lu",tData,dataLen);

           record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
        break;

        case kSecSerialNumberItemAttr:
           cert->getSerialNo(tData,&dataLen);

           Syslog::notice("kSecSerialNumnberItemAttr retrieved data %p datalen %lu",tData,dataLen);

           record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
        break;

        case kSecPublicKeyHashItemAttr:
            Syslog::notice("kSecPublicKeyHashItemAttr");

            getCertAttributeFromData(cert,kSecPublicKeyHashItemAttr, tData, &dataLen);

            record.attributeAtIndex(metaAttribute.attributeIndex(),
                new Attribute((const void *)tData, dataLen));
        break;

        case kSecSubjectKeyIdentifierItemAttr:
            Syslog::notice("kSecSubjectKeyIdentifierItemAttr");
        break;

        case kSecCertTypeItemAttr:
            type = cert->getType();

            Syslog::notice("kSecCertTypeItemAttr type %lu",type);

            if(type == CKC_X_509)
               type  = CSSM_CERT_X_509v3;
            else
               if(type == CKC_X_509_ATTR_CERT)
                    type = CSSM_CERT_X_509_ATTRIBUTE;
            else
                type = CSSM_CERT_UNKNOWN;

            Syslog::notice("kSecCertTypeItemAttr final type %lu",type);
            record.attributeAtIndex(metaAttribute.attributeIndex(),new Attribute((uint32)type));
        break;

        case kSecCertEncodingItemAttr:
            Syslog::notice("kSecCertEncodingItemAttr");

            type =  CSSM_CERT_ENCODING_BER;

            record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)type));
        break;

        case kSecLabelItemAttr:
            cert->getLabel(tData,&dataLen);

            Syslog::notice("kSecLabelItemAttr retrieved data %p datalen %lu",tData,dataLen);

            record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
     break;

     default:
           Syslog::notice("missed one");
     break;
    };

}

void CoolKeyCertAttributeCoder::getCertAttributeFromData(CoolKeyCertObject *aCert,CK_ULONG aAttribute, CK_BYTE *aData, CK_ULONG *aDataLen)
{

    CSSM_DATA csData;

    CK_BYTE certData[2048];
    CK_ULONG certDataLen = 2048;

    OSStatus status = 0;

    if(!aCert || !aData || *aDataLen <= 0)
        return;

    CK_ULONG size_in = *aDataLen;

    *aDataLen = 0;

    Syslog::notice("CoolKeyCertAttributeCoder::getCertAttributeFromData");

     aCert->getData(certData,&certDataLen);

     SecCertificateRef theCertificate;

    csData.Data = certData;
    csData.Length = certDataLen;

     status = SecCertificateCreateFromData((CSSM_DATA * )&csData, CSSM_CERT_X_509v3,
                CSSM_CERT_ENCODING_BER, &theCertificate);
     
     if(status)
         return;

     Syslog::notice("CoolKeyCertAttributeCoder::getCertAttributeFromData done created cert");
     SecKeychainAttribute ska = { kSecPublicKeyHashItemAttr };

     SecKeychainItemRef tRef = (SecKeychainItemRef) theCertificate;
     SecKeychainAttributeList skal = { 1, &ska };
     status = SecKeychainItemCopyContent(tRef, NULL, &skal,
                NULL, NULL);

     Syslog::notice("CoolKeyCertAttributeCoder::getCertAttributeFromData done got attribute");

     if(!status)
         return;

     if(ska.length < size_in)
     {
         memcpy(aData,ska.data,ska.length);
         *aDataLen = ska.length;
     }

     SecKeychainItemFreeContent(&skal, NULL);
}


CoolKeyKeyAttributeCoder:: ~CoolKeyKeyAttributeCoder()
{
}


void CoolKeyKeyAttributeCoder::decode(Tokend::TokenContext *tokenContext,
                const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
{

    Syslog::notice("CoolKeyKeyAttributeCoder::decode"); 

    uint32 id = metaAttribute.attributeId();

    MetaAttribute::Format format = metaAttribute.attributeFormat();

    CoolKeyRecord &coolRec = dynamic_cast (record);

    CoolKeyKeyObject *key = (CoolKeyKeyObject *) coolRec.getCoolKeyObject();

    if(!key)
        return;

    CK_BYTE tData[2048];   
    CK_ULONG dataLen = 2048; 
    CK_ULONG value = 0;

    CK_BYTE  attrib = 0;

    Syslog::notice("CoolKeyKeyAttributeCoder::decode coder %p id %d format %d record %p",this,id,format,&record);
    switch(id)
    {
         case  kSecKeyKeyClass:
             Syslog::notice("kSecKeyKeyClass");
         break;

         case  kSecKeyPrintName: 

            Syslog::notice("kSecKeyPrintName");

            key->getLabel(tData,&dataLen);

           record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
         break;

         case  kSecKeyAlias:
            Syslog::notice("kSecKeyAlias"); 
         break;

         case kSecKeyPermanent:
             Syslog::notice("kSecKeyPermanent"); 
         break;

         case kSecKeyPrivate:
             Syslog::notice("kSecKeyKeyPrivate");
             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)1));
         break;

         case  kSecKeyModifiable:
             Syslog::notice("kSecKeyKeyModifiable");
             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)0));
         break;

         case  kSecKeyApplicationTag:
            Syslog::notice("kSecKeyApplicationTag");
         break;

         case  kSecKeyKeyCreator:
            Syslog::notice("kSecKeyKeyCreator");
         break;

         case  kSecKeyKeyType:
             Syslog::notice("kSecKeyType");
             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)CSSM_ALGID_RSA));
         break;
            
         case  kSecKeyKeySizeInBits:
             Syslog::notice("kSecKeyKeySizeInBits");

             value = key->getKeySize();

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)value));

             Syslog::notice("kSecKeyKeySizeInBits %d",value);
         break;

         case  kSecKeyEffectiveKeySize:
            Syslog::notice("kSecKeyEffectiveKeySize");
 
             value =  key->getKeySize();;
 
             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)value));

             Syslog::notice("kSecKeyEffectiveKeySizeInBits %d",value);
         break;

         case  kSecKeyStartDate:
             Syslog::notice("kSecKeyKeyStartDate");
         break;

         case  kSecKeyEndDate:
             Syslog::notice("kSecKeyKeyEndDate");
         break;

         case  kSecKeySensitive:
             attrib = key->getSensitive();

             Syslog::notice("kSecKeySensitive %d",attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyAlwaysSensitive:
             attrib = key->getAlwaysSensitive();

             Syslog::notice("kSecKeyAlwaysSensitive %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyExtractable:
             Syslog::notice("kSecKeyExtractable");

             attrib = key->getKeyExtractable();

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case kSecKeyNeverExtractable:
             Syslog::notice("kSecKeyNeverExtractable");

             attrib = key->getKeyNeverExtractable();

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyEncrypt:
             Syslog::notice("kSecKeyKeyEncrypt");

             attrib = key->getKeyEncrypt();

             Syslog::notice("kSecKeyEncrypt value %d",attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyDecrypt:
             attrib = key->getKeyDecrypt();

             Syslog::notice("kSecKeyDecrypt value %d",attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyDerive:
             attrib = key->getKeyDerive();

             Syslog::notice("kSecKeyKeyDerive %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case kSecKeySign:
             attrib = key->getKeySign();

             Syslog::notice("kSecKeyKeySign value %d",attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case kSecKeyVerify:
             attrib = key->getKeyVerify();

             Syslog::notice("kSecKeyKeyVerify value %d",attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeySignRecover:
             attrib = key->getKeySignRecover();

             Syslog::notice("kSecKeyKeySignRecover %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyVerifyRecover:
             attrib = key->getKeyVerifyRecover();

             Syslog::notice("kSecKeyKeyVerifyRecover %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyWrap:
             attrib = key->getKeyWrap();

             Syslog::notice("kSecKeyKeyWrap %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case  kSecKeyUnwrap:
             attrib = key->getKeyUnwrap();

             Syslog::notice("kSecKeyKeyUnwrap %d", attrib);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((uint32)attrib));
         break;

         case kSecKeyLabel:
             Syslog::notice("kSecKeyLabel");

             key->getLabel(tData,&dataLen);

             record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute((const void *)tData,dataLen));
         break;

    };

}

/* arch-tag: 36510900-0DBC-11D9-9CFC-000A9595DEEE */


--- NEW FILE CoolKeyAttributeCoder.h ---
/*
 *  Copyright (c) 2004 Apple Computer, ICoolKeync. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey AttributeCoder implementation.

 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyAttributeCoder.h
 *  Tokend CoolKey
 */

#ifndef _COOLKEY_ATTRIBUTECODER_H_
#define _COOLKEY_ATTRIBUTECODER_H_

#include "AttributeCoder.h"
#include 

#include 
#include "CoolKeyPK11.h"

//
// A coder that reads the data of an object
//
class CoolKeyDataAttributeCoder : public Tokend::AttributeCoder
{
	NOCOPY(CoolKeyDataAttributeCoder)
public:

	CoolKeyDataAttributeCoder() {}
	virtual ~CoolKeyDataAttributeCoder();

	virtual void decode(Tokend::TokenContext *tokenContext,
		const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
};

class CoolKeyCertAttributeCoder : public Tokend::AttributeCoder
{
        NOCOPY(CoolKeyCertAttributeCoder)
public:

        CoolKeyCertAttributeCoder() {}
        virtual ~CoolKeyCertAttributeCoder();

        virtual void decode(Tokend::TokenContext *tokenContext,
                const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);

protected:  
        void getCertAttributeFromData(CoolKeyCertObject *aCert,CK_ULONG aAttribute, CK_BYTE *aData, CK_ULONG *aDataLen);
};

class CoolKeyKeyAttributeCoder : public Tokend::AttributeCoder
{
        NOCOPY(CoolKeyKeyAttributeCoder)
public:

        CoolKeyKeyAttributeCoder() {}
        virtual ~CoolKeyKeyAttributeCoder();

        virtual void decode(Tokend::TokenContext *tokenContext,
                const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
};


#endif /* !_CoolKeyATTRIBUTECODER_H_ */

/* arch-tag: 366E16D4-0DBC-11D9-B030-000A9595DEEE */


--- NEW FILE CoolKeyError.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Error implementation.

 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyError.cpp
 *  TokendMuscle
 */


#include "CoolKeyError.h"
#include 

//
// CoolKeyError exceptions
//
CoolKeyError::CoolKeyError(uint16_t sw) : SCardError(sw)
{
	IFDEBUG(debugDiagnose(this));
}

const char *CoolKeyError::what() const throw ()
{ return "CoolKey Error"; }

OSStatus CoolKeyError::osStatus() const
{
    switch (statusWord)
    {
	case COOLKEY_AUTHENTICATION_FAILED_0:
	case COOLKEY_AUTHENTICATION_FAILED_1:
	case COOLKEY_AUTHENTICATION_FAILED_2:
	case COOLKEY_AUTHENTICATION_FAILED_3:
        return CSSM_ERRCODE_OPERATION_AUTH_DENIED;
    default:
        return SCardError::osStatus();
    }
}

void CoolKeyError::throwMe(uint16_t sw)
{ throw CoolKeyError(sw); }

#if !defined(NDEBUG)

void CoolKeyError::debugDiagnose(const void *id) const
{
    secdebug("exception", "%p CoolKeyError %s (%04hX)",
             id, errorstr(statusWord), statusWord);
}

const char *CoolKeyError::errorstr(uint16_t sw) const
{
	switch (sw)
	{
	case COOLKEY_AUTHENTICATION_FAILED_0:
		return "Authentication failed, 0 retries left.";
	case COOLKEY_AUTHENTICATION_FAILED_1:
		return "Authentication failed, 1 retry left.";
	case COOLKEY_AUTHENTICATION_FAILED_2:
		return "Authentication failed, 2 retries left.";
	case COOLKEY_AUTHENTICATION_FAILED_3:
		return "Authentication failed, 3 retries left.";
	default:
		return SCardError::errorstr(sw);
	}
}

#endif //NDEBUG


/* arch-tag: 0D984528-10D9-11D9-84A3-000393D5F80A */


--- NEW FILE CoolKeyError.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Error implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyError.h
 *  TokendMuscle
 */

#ifndef _COOLKEY_ERROR_H_
#define _COOLKEY_ERROR_H_


/** Entered PIN is not correct and pin was blocked. */
#define COOLKEY_AUTHENTICATION_FAILED_0        0x6300
/** Entered PIN is not correct, 1 try left. */
#define COOLKEY_AUTHENTICATION_FAILED_1        0x6301
/** Entered PIN is not correct, 2 tries left. */
#define COOLKEY_AUTHENTICATION_FAILED_2        0x6302
/** Entered PIN is not correct, 3 tries left. */
#define COOLKEY_AUTHENTICATION_FAILED_3        0x6303

#include "SCardError.h"

class CoolKeyError : public Tokend::SCardError
{
protected:
    CoolKeyError(uint16_t sw);
public:
	OSStatus osStatus() const;
	virtual const char *what () const throw ();

    static void check(uint16_t sw)	{ if (sw != SCARD_SUCCESS) throwMe(sw); }
    static void throwMe(uint16_t sw) __attribute__((noreturn));
    
protected:
    IFDEBUG(void debugDiagnose(const void *id) const;)
    IFDEBUG(const char *errorstr(uint16_t sw) const;)
};

#endif /* !_CoolKeyERROR_H_ */


/* arch-tag: 0EB9B81B-10D9-11D9-BA83-000393D5F80A */


--- NEW FILE CoolKeyHandle.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey KeyHandle implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyKeyHandle.cpp
 *  Tokend CoolKey
 */

#include "CoolKeyHandle.h"

#include "CoolKeyRecord.h"
#include "CoolKeyToken.h"

#include 
#include 
#include 
#include 
#include 
#include 

static const unsigned char sha1sigheader[] =
{
        0x30, // SEQUENCE
        0x21, // LENGTH
        0x30, // SEQUENCE
        0x09, // LENGTH
        0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
        0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
        0x04, 0x14 // OCTECT STRING (20 bytes)
};

static const unsigned char md5sigheader[] =
{
        0x30, // SEQUENCE
        0x20, // LENGTH
        0x30, // SEQUENCE
        0x0C, // LENGTH
                // MD5 OID (1 2 840 113549 2 5)
        0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
        0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
        0x04, 0x10 // OCTECT STRING (16 bytes)
};

using CssmClient::AclFactory;
//
// CoolKeyKeyHandle
//
CoolKeyKeyHandle::CoolKeyKeyHandle(CoolKeyToken &coolToken,
	const Tokend::MetaRecord &metaRecord, CoolKeyRecord &coolKey) :
	Tokend::KeyHandle(metaRecord, &coolKey),
        mToken(coolToken),mRecord(coolKey)
{
}

CoolKeyKeyHandle::~CoolKeyKeyHandle()
{
}

void CoolKeyKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
{
    Syslog::notice("CoolKeyHandle::getKeySize");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

uint32 CoolKeyKeyHandle::getOutputSize(const Context &context, uint32 inputSize,
	bool encrypting)
{
    Syslog::notice("CoolKeyHandle::getOutputSize");

    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);

    return 0;
}

void CoolKeyKeyHandle::generateSignature(const Context &context,
	CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature)
{
    Syslog::notice("CoolKeyHandle::generateSignature Input length %d context.type %d context.alg %d",input.length(),context.type(),context.algorithm());
    CoolKeyObject * coolObj = mRecord.getCoolKeyObject();

    if(!coolObj  || coolObj->getClass() != CKO_PRIVATE_KEY)
    {
        Syslog::notice("Can't find object for record %p or incorrect object type", &mRecord);
        CssmError::throwMe(CSSM_ERRCODE_INVALID_DATA);
    }

    CoolKeyKeyObject * keyObj = (CoolKeyKeyObject *) coolObj;

    CK_ULONG keyLength = keyObj->getKeySize() / 8;

    Syslog::notice("keyLength %d",keyLength);

    if (context.type() != CSSM_ALGCLASS_SIGNATURE)
        CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);

    if (context.algorithm() != CSSM_ALGID_RSA)
        CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);


    // Find out if we are doing a SHA1 or MD5 signature and setup header to
    // point to the right asn1 blob.

    const unsigned char *header = NULL;
    size_t headerLength = 0;
    if (signOnly == CSSM_ALGID_SHA1)
    {
        Syslog::notice("Asking for SHA1");
        header = sha1sigheader;
        headerLength = sizeof(sha1sigheader);

        Syslog::notice("header is sha1sigheader, len %d", headerLength);
        if (input.Length != 20)
            CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
    }
    else if (signOnly == CSSM_ALGID_MD5)
    {
        Syslog::notice("Asking for MD5");
        header = md5sigheader;
        headerLength = sizeof(md5sigheader);

        Syslog::notice("header is md5sigheader, len %d", headerLength);
        if (input.Length != 16)
            CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
    }
    else if (signOnly == CSSM_ALGID_NONE)
    {
        header = NULL;
        headerLength = 0;

        Syslog::notice("Asking for CSSM_ALGID_NONE");
        // Special case used by SSL it's an RSA signature, without the ASN1 stuff
    }
    else
        CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);

    CoolKeyPK11 pk11Manager =  mToken.getPK11Manager();

    int loggedIn = pk11Manager.isTokenLoggedIn();

    if(!loggedIn)
    {
        Syslog::error("Can't sign , not logged in.");
        CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED);
    }

    signature.Data =( uint8*) malloc(keyLength);

    // Create an input buffer in which we construct the data we will send to
    // the token.
    size_t inputDataSize = headerLength + input.Length;

    Syslog::notice("inputDataSize %d", inputDataSize);

    auto_array inputData(keyLength);
    unsigned char *to = inputData.get();

     // Get padding, but default to pkcs1 style padding
    uint32 padding = CSSM_PADDING_NONE;
    context.getInt(CSSM_ATTRIBUTE_PADDING, padding);

    Syslog::notice("padding value %d",padding);

    if (padding == CSSM_PADDING_PKCS1)
    {
         Syslog::notice("CSSM_PADDING_PKCS1.");
         // Add PKCS1 style padding
         *(to++) = 0;
         *(to++) = 1; /* Private Key Block Type. */
         size_t padLength = keyLength - 3 - inputDataSize;

         Syslog::notice("padlength %d",padLength);

         memset(to, 0xff, padLength);
         to += padLength;
            *(to++) = 0;
            inputDataSize = keyLength;
    }
    else if (padding == CSSM_PADDING_NONE)
    {
        Syslog::notice("CSSM_PADDING_NONE");

        // Token will fail if the input data isn't exactly keysize / 8 octects
        // long
    }
    else
         CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);

    if (headerLength)
    {
        memcpy(to, header, headerLength);
        to += headerLength;
    }

    // Finally copy the passed in data to the input buffer.
    memcpy(to, input.Data, input.Length);

    if(!signature.Data)
    {
        Syslog::error("Can't allocate memory for signature operation.");
        CssmError::throwMe(CSSM_ERRCODE_INVALID_DATA);
    } 

    signature.Length = (size_t) keyLength;

    int result = pk11Manager.generateSignature(coolObj,inputData.get(),inputDataSize,signature.Data,&signature.Length);

    if(!result)
    {
        Syslog::notice("Problem generating signature");
        if(signature.Data)
            free(signature.Data);
        CssmError::throwMe(CSSMERR_CSP_FUNCTION_FAILED);
    }

    Syslog::notice("generateSignature returned %d data lenght %d", result, signature.Length);    
}

void CoolKeyKeyHandle::verifySignature(const Context &context,
	CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
{
    Syslog::notice("CoolKeyHandle::verifySignature");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void CoolKeyKeyHandle::generateMac(const Context &context,
	const CssmData &input, CssmData &output)
{
    Syslog::notice("CoolKeyHandle::generateMac");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void CoolKeyKeyHandle::verifyMac(const Context &context,
	const CssmData &input, const CssmData &compare)
{
    Syslog::notice("CoolKeyHandle::verifyMac");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void CoolKeyKeyHandle::encrypt(const Context &context,
	const CssmData &clear, CssmData &cipher)
{
    Syslog::notice("CoolKeyHandle::encrypt");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void CoolKeyKeyHandle::decrypt(const Context &context,
	const CssmData &cipher, CssmData &clear)
{

    Syslog::notice("CoolKeyHandle::decrypt type %d alg %d length %d",context.type(), context.algorithm(),cipher.length());

    CoolKeyObject * coolObj = mRecord.getCoolKeyObject();

    if(!coolObj || coolObj->getClass() != CKO_PRIVATE_KEY )
    {
        Syslog::notice("Can't find object for record or incorrect object %p", &mRecord);
        CssmError::throwMe(CSSM_ERRCODE_INVALID_DATA);
    }

    CoolKeyKeyObject * keyObj = (CoolKeyKeyObject *) coolObj;

    CK_ULONG keyLength = keyObj->getKeySize() / 8;


    Syslog::notice("keyLength %d",keyLength);

    if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
    {
        Syslog::error("In decrypt wrong key type, not asymmetric");
        CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);

    }

    if (context.algorithm() != CSSM_ALGID_RSA)
    {
        Syslog::error("In decrypt wrong algorithm, not RSA");
        CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
    }

    CoolKeyPK11 pk11Manager =  mToken.getPK11Manager();

    int loggedIn = pk11Manager.isTokenLoggedIn();

    if(!loggedIn)
    {
        Syslog::error("Can't decrypt , not logged in.");
        CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED);
    }

    clear.Data = (uint8 *) malloc((size_t) keyLength);
    clear.Length = keyLength;

    if(!clear.Data)
    {
        Syslog::error("Can't allocate data for decrype operation.");
        CssmError::throwMe(CSSM_ERRCODE_INVALID_DATA);
    }

    int result = pk11Manager.decryptData(coolObj,cipher.Data,cipher.Length,clear.Data,&clear.Length);

    if(!result)
    {
        Syslog::error("Problem with decrypt operation");

        if(clear.Data)
        {
            free(clear.Data);
        }

        CssmError::throwMe(CSSMERR_CSP_FUNCTION_FAILED);
    }
    Syslog::notice("decryptData returned %d data lenght %d", result, clear.Length);

}

void CoolKeyKeyHandle::exportKey(const Context &context,
	const AccessCredentials *cred, CssmKey &wrappedKey)
{
    Syslog::notice("CoolKeyHandle::exportKey");
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void CoolKeyKeyHandle::getOwner(AclOwnerPrototype &owner)
{
    Syslog::notice("CoolKeyKeyHandle::getOwner");
    if (!mAclOwner) {
        Allocator &alloc = Allocator::standard();

        mAclOwner.allocator(alloc);

        mAclOwner = AclFactory::AnySubject(alloc);
    }
    owner = mAclOwner;

}

void CoolKeyKeyHandle::getAcl(const char *tag, uint32 &count, AclEntryInfo *&aclList)
{
    Syslog::notice("CoolKeyKeyHandle::getAcl tag %s",tag);

    // we don't (yet) support queries by tag
    if (tag)
        CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_ENTRY_TAG);

    if(!mAclEntries) {
        mAclEntries.allocator(Allocator::standard());
        // Anyone can read the DB record for this key (which is a reference
                // CSSM_KEY)
        mAclEntries.add(CssmClient::AclFactory::AnySubject(
                        mAclEntries.allocator()),
                        AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
                
       CssmData prompt;

       CoolKeyPK11 pk11Manager =  mToken.getPK11Manager();

       int loggedIn = pk11Manager.isTokenLoggedIn();

       if(!loggedIn)
       {
           Syslog::notice("CoolKeyKeyHandle:getAcl token NOT logged in already");

           mAclEntries.add(CssmClient::AclFactory::PromptPWSubject(
                        mAclEntries.allocator(), prompt),
                        AclAuthorizationSet(
                                 CSSM_ACL_AUTHORIZATION_SIGN
                                , CSSM_ACL_AUTHORIZATION_DECRYPT,CSSM_ACL_AUTHORIZATION_ENCRYPT, 0));
           }
           else
           {
               Syslog::notice("CoolKeyKeyHandle:getAcl token logged in already"); 
               mAclEntries.add(CssmClient::AclFactory::AnySubject(
               mAclEntries.allocator()), 
               AclAuthorizationSet(
                   CSSM_ACL_AUTHORIZATION_SIGN
                   , CSSM_ACL_AUTHORIZATION_DECRYPT,CSSM_ACL_AUTHORIZATION_ENCRYPT, 0));
                   
           }
    }

    count = mAclEntries.size();
    aclList = mAclEntries.entries();
}



//
// CoolKeyKeyHandleFactory
//
CoolKeyKeyHandleFactory::~CoolKeyKeyHandleFactory()
{
}


Tokend::KeyHandle *CoolKeyKeyHandleFactory::keyHandle(
	Tokend::TokenContext *tokenContext, const Tokend::MetaRecord &metaRecord,
	Tokend::Record &record) const
{
    Syslog::notice("CoolKeyKeyHandleFactory::keyHandle record %p ",&record);

    CoolKeyToken &theToken = static_cast(*tokenContext);
    CoolKeyRecord &keyRecord = dynamic_cast(record);

    return new CoolKeyKeyHandle(theToken, metaRecord, keyRecord);
}


/* arch-tag: 3685A262-0DBC-11D9-BC66-000A9595DEEE */


--- NEW FILE CoolKeyHandle.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey KeyHandle implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyKeyHandle.h
 *  Tokend CoolKey 
 */

#ifndef _COOLKEY_KEYHANDLE_H_
#define _COOLKEY_KEYHANDLE_H_

#include "KeyHandle.h"

class CoolKeyToken;
class CoolKeyRecord;

//
// A KeyHandle object which implements the crypto interface to muscle.
//
class CoolKeyKeyHandle: public Tokend::KeyHandle
{
	NOCOPY(CoolKeyKeyHandle)
public:
    CoolKeyKeyHandle(CoolKeyToken &cacToken, const Tokend::MetaRecord &metaRecord,
		CoolKeyRecord &cacKey);
    ~CoolKeyKeyHandle();

    virtual void getKeySize(CSSM_KEY_SIZE &keySize);
    virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
		bool encrypting);
    virtual void generateSignature(const Context &context,
		CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
    virtual void verifySignature(const Context &context,
		CSSM_ALGORITHMS signOnly, const CssmData &input,
			const CssmData &signature);
    virtual void generateMac(const Context &context, const CssmData &input,
		CssmData &output);
    virtual void verifyMac(const Context &context, const CssmData &input,
		const CssmData &compare);
    virtual void encrypt(const Context &context, const CssmData &clear,
		CssmData &cipher);
    virtual void decrypt(const Context &context, const CssmData &cipher,
		CssmData &clear);

    virtual void exportKey(const Context &context,
		const AccessCredentials *cred, CssmKey &wrappedKey);

    virtual void getOwner(AclOwnerPrototype &owner);
    virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&aclList);

private:

    AutoAclOwnerPrototype mAclOwner;
    AutoAclEntryInfoList mAclEntries;


    CoolKeyToken &mToken;
    CoolKeyRecord &mRecord;
};


//
// A factory that creates CoolKeyKeyHandle objects.
//
class CoolKeyKeyHandleFactory : public Tokend::KeyHandleFactory
{
	NOCOPY(CoolKeyKeyHandleFactory)
public:
	CoolKeyKeyHandleFactory() {}
	virtual ~CoolKeyKeyHandleFactory();

	virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
		const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
};


#endif /* !_CoolKeyKEYHANDLE_H_ */

/* arch-tag: 36A35766-0DBC-11D9-BB4D-000A9595DEEE */



--- NEW FILE CoolKeyPK11.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey CoolKeyPK11 interface.
 *  @APPLE_LICENSE_HEADER_START@
 *
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 * CoolKeyPK11.cpp - CoolKey.tokend PKCS11 helper class 
 */
#include "CoolKeyPK11.h"
#include 
#include 


CK_ATTRIBUTE obj_classTemplate[] = {
       {CKA_CLASS,NULL,0}
};

CK_ATTRIBUTE certTemplate[] = {
       {CKA_CERTIFICATE_TYPE,NULL,0},{CKA_LABEL,NULL,0},
       {CKA_SUBJECT,NULL,0},{CKA_ID,NULL,0},{CKA_ISSUER,NULL,0},
       {CKA_SERIAL_NUMBER,NULL,0}, {CKA_VALUE,NULL,0}
};

CK_ATTRIBUTE public_keyTemplate[] = {
       {CKA_KEY_TYPE,NULL,0},{CKA_ID,NULL,0},{CKA_LABEL,NULL,0},{CKA_MODULUS,NULL,0},
       {CKA_PUBLIC_EXPONENT,NULL,0},{CKA_START_DATE,NULL,0},
       {CKA_END_DATE,NULL,0},
       {CKA_ENCRYPT,NULL,0},{CKA_VERIFY,NULL,0},{CKA_VERIFY_RECOVER,NULL,0},
       {CKA_WRAP,NULL,0}
};

CK_ATTRIBUTE private_keyTemplate[] = {
       
       {CKA_KEY_TYPE,NULL,0},{CKA_ID,NULL,0},{CKA_MODULUS,NULL,0},
       {CKA_LABEL,NULL,0},{CKA_START_DATE,NULL,0},
       {CKA_END_DATE,NULL,0}, {CKA_SENSITIVE,NULL,0},
       {CKA_DECRYPT,NULL,0}, {CKA_SIGN,NULL,0}, {CKA_SIGN_RECOVER,NULL,0},
       {CKA_UNWRAP,NULL,0}, {CKA_EXTRACTABLE,NULL,0}, {CKA_ALWAYS_SENSITIVE,NULL,0},
       {CKA_NEVER_EXTRACTABLE,NULL,0}, 
       {CKA_UNWRAP_TEMPLATE,NULL,0},{CKA_ALWAYS_AUTHENTICATE}
};

CK_ATTRIBUTE secret_keyTemplate[] = {

        {CKA_KEY_TYPE,NULL,0},{CKA_ID,NULL,0},{CKA_LABEL,NULL,0},
        {CKA_SENSITIVE,NULL,0},{CKA_ENCRYPT,NULL,0},{CKA_DECRYPT,NULL,0},
        {CKA_SIGN,NULL,0},{CKA_VERIFY,NULL,0},{CKA_WRAP,NULL,0},{CKA_UNWRAP,NULL,0},
        {CKA_EXTRACTABLE,NULL,0},{CKA_ALWAYS_SENSITIVE,NULL,0},{CKA_NEVER_EXTRACTABLE,NULL,0},
        {CKA_CHECK_VALUE,NULL,0},{CKA_WRAP_WITH_TRUSTED,NULL,0},{CKA_TRUSTED,NULL,0},
        {CKA_WRAP_TEMPLATE,NULL,0}  
}; 

int CoolKeyPK11::loginToken(char *aPIN)
{
    if(!mInitialized)
        return 0;

    if(!aPIN)
       return 0;

    CK_RV ck_rv = mEpv->C_Login(mSessHandle,CKU_USER,(CK_UTF8CHAR_PTR ) aPIN,(CK_ULONG) strlen(aPIN));

    Syslog::notice("CoolKeyPK11::loginToken result %d aPin %s ",ck_rv,"****");

    if(ck_rv == CKR_OK && !mCachedPIN.size())
    {
        //Syslog::notice("CoolKeyPK11::loginToken setting cached PIN");
        mCachedPIN = aPIN;
    }

    return ck_rv;
}

void CoolKeyPK11::logoutToken()
{
    if(!mInitialized)
        return;

    CK_RV ck_rv = mEpv->C_Logout(mSessHandle);

    //clear cached pin
    mCachedPIN = "";
    Syslog::notice("CoolKeyPK11::logout result %d ",ck_rv);
}

int CoolKeyPK11::verifyCachedPIN(char *aPIN)
{
    if(!aPIN || !mInitialized)
        return CKR_PIN_INCORRECT; 

    if(!strcmp(aPIN,(char *) mCachedPIN.c_str()))
    {
        Syslog::notice("PIN OK!");
        return CKR_OK;
    }

   Syslog::notice("PIN not OK!");

   return CKR_PIN_INCORRECT;
}

int CoolKeyPK11::isTokenLoggedIn()
{
    CK_RV ck_rv;

    if(!mInitialized)
        return 0;

    CK_SESSION_INFO sinfo;


    CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;

    ck_rv = mEpv->C_GetSessionInfo(mSessHandle, &sinfo);

    if( CKR_OK != ck_rv ) {
        Syslog::notice("isTokenLoggedIn C_GetSessionInfo(0x%08x) returned %lu ulDeviceError %lu", mSessHandle, ck_rv,sinfo.ulDeviceError);

        ck_rv = mEpv->C_OpenSession(mSlots[mOurSlotIndex], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
        if( CKR_OK != ck_rv ) {
            Syslog::error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x", mSlots[mOurSlotIndex], ck_rv);
            return 0;
        }

        ck_rv = mEpv->C_GetSessionInfo(h, &sinfo);

        if( CKR_OK != ck_rv)  {
            Syslog::error("Failed second chance to get session info!!");
            return 0;
        }
        else
        {
            Syslog::notice("Created new session handle, old one is invalid! 0x%08x ",h);
            mSessHandle = h;
        }
    }

   int loggedIn = 0;

   Syslog::notice("isTokenLoggedIn token state %d", sinfo.state);

   if(sinfo.state == CKS_RO_USER_FUNCTIONS || sinfo.state == CKS_RW_USER_FUNCTIONS)
   {
       Syslog::notice("isTokenLoggedIn Token IS logged in");
       loggedIn = 1;
   }
   else
   {
       Syslog::notice("isTokenLoggedIn Token IS NOT logged in");
   }

   return loggedIn; 
}

int CoolKeyPK11::loadModule()
{

    CK_RV ck_rv;
    CK_FUNCTION_LIST_PTR epv = (CK_FUNCTION_LIST_PTR) NULL;

    CK_C_GetFunctionList gfl;

    CK_C_INITIALIZE_ARGS InitArgs;
    InitArgs.CreateMutex=0;              //CK_CREATEMUTEX
    InitArgs.DestroyMutex=0;             //CK_DESTROYMUTEX
    InitArgs.LockMutex=0;                //CK_LOCKMUTEX
    InitArgs.UnlockMutex=0;              //CK_UNLOCKMUTEX
    InitArgs.flags=0;    //CK_FLAGS
    InitArgs.pReserved=0;                //CK_C_INITIALIZE_ARGS

    mTokenUid[0] = 0;

    mPk11Driver = dlopen(PKCS11_PATH_NAME,RTLD_LAZY);

    if(!mPk11Driver)
    {
        Syslog::error("Can't load pkcs11 driver error: %d ",dlerror());
        return 0;
    }
    else
    {
        Syslog::debug("In CoolKeyToken::loadPKCS11() . past load lib %p ",mPk11Driver);
    }

    // Now try to load the functions

    gfl =(CK_C_GetFunctionList) dlsym(mPk11Driver,"C_GetFunctionList");

    if(gfl == NULL)
    {
        Syslog::error("In CoolKeyToken::loadPKCS11() Can't load symbol C_GetFunctionList error: $d ",dlerror());
        dlclose(mPk11Driver);
        mPk11Driver = NULL;
        return 0;
    }

    //Syslog::debug("Found C_GetFunctionList : %p " , gfl);

    ck_rv = (*gfl)(&epv);
    
    if(ck_rv != CKR_OK)
    {
        Syslog::error("Can't get actual function list "); 
        dlclose(mPk11Driver);
        mPk11Driver = NULL;
        return 0;
        }
    
   //Syslog::debug("Function list found %p ", epv);
    
    mEpv = epv;
            //Now try to actually initialize the module
        
    ck_rv =  mEpv->C_Initialize(&InitArgs);

    if(ck_rv != CKR_OK)
    {
        Syslog::error("Error initializing PKCS11 module result: %d ",ck_rv);

        dlclose(mPk11Driver);
        mPk11Driver = NULL;
        mEpv = NULL;
        return 0;
    }

    //Syslog::debug("Successfully Initialized PKCS11 module. ");

    mInitialized = 1;
    int res = loadSlotList();

    if(res)
    {
        mIsOurToken = 1;
    }
    else
        mInitialized = 0; 

    return res;    

}

int CoolKeyPK11::freeModule()
{
    if(!mInitialized)
    {
        return 1;
    }

    if(mEpv)
    {
        mEpv->C_Finalize(NULL);

        mInitialized = NULL;
    }

    return 1;

}

int CoolKeyPK11::freeObjects()
{
    return 1;
}

int CoolKeyPK11::loadObjects()
{
    CK_RV ck_rv;

    if(!mInitialized)
        return 0;

    CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
    CK_SESSION_INFO sinfo;
    CK_ULONG tnObjects = 0;

    mSessHandle = 0;

    ck_rv = mEpv->C_OpenSession(mSlots[mOurSlotIndex], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
    if( CKR_OK != ck_rv ) {
        Syslog::error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x", mSlots[mOurSlotIndex], ck_rv);
        return 0;
    }

    Syslog::notice("    Opened a session: handle = 0x%08x", h);

    mSessHandle = h;

    ck_rv = mEpv->C_GetSessionInfo(h, &sinfo);
    if( CKR_OK != ck_rv ) {
      Syslog::notice("C_GetSessionInfo(%lu, ) returned 0x%08x", h, ck_rv);
      return 0;
    }

    Syslog::notice("    SESSION INFO:");
    Syslog::notice("        slotID = %lu", sinfo.slotID);
    Syslog::notice("        state = %lu", sinfo.state);
    Syslog::notice("        flags = 0x%08x", sinfo.flags);
    Syslog::notice("        ulDeviceError = %lu", sinfo.ulDeviceError);
   

    ck_rv = mEpv->C_FindObjectsInit(h, (CK_ATTRIBUTE_PTR)CK_NULL_PTR, 0);
    if( CKR_OK != ck_rv ) {
      Syslog::error("C_FindObjectsInit(%lu, NULL_PTR, 0) returned 0x%08x", h, ck_rv);
      return 0;
    }

    Syslog::notice("    All objects:");
    while(1) {
        CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
        CK_ULONG nObjects = 0;

        ck_rv = mEpv->C_FindObjects(h, &o, 1, &nObjects);

        if( CKR_OK != ck_rv ) {
            Syslog::notice("C_FindObjects(%lu, , 1, ) returned 0x%08x", h, ck_rv);
            return 0;
        }

        if( 0 == nObjects ) {
            break;
        }

        tnObjects++;

        Syslog::notice("        OBJECT HANDLE %lu", o);

        ck_rv = mEpv->C_GetAttributeValue(h, o, obj_classTemplate, 1);
        //Syslog::notice("ck_rv %d",ck_rv);
        switch( ck_rv ) {
            case CKR_OK:
            case CKR_ATTRIBUTE_SENSITIVE:
            case CKR_ATTRIBUTE_TYPE_INVALID:
            case CKR_BUFFER_TOO_SMALL:
            break;
            default:
                Syslog::notice("C_GetAtributeValue(%lu, %lu, {one attribute type}, %lu) returned 0x%08x",
                          h, o, 1, ck_rv);
                return 0;
        }

        if( 1 ) {
            if( -1 != (CK_LONG)obj_classTemplate[0].ulValueLen ) {
               
                obj_classTemplate[0].pValue = (CK_VOID_PTR) new char[obj_classTemplate[0].ulValueLen];

                if(!obj_classTemplate[0].pValue)
                {
                    Syslog::notice("Can't allocate memory for attribute of size %d",(int) obj_classTemplate[0].ulValueLen);
                    continue;
                } 

                ck_rv = mEpv->C_GetAttributeValue(h, o, obj_classTemplate, 1);
 
                if(ck_rv == CKR_OK)
                {

                      CK_LONG obj_class = (CK_LONG) *((CK_LONG *) obj_classTemplate[0].pValue); 

                      Syslog::notice("objclass: %lu",obj_class);
                      CoolKeyObject *newObject = NULL;

                      switch(obj_class)
                      {
                          case CKO_CERTIFICATE:
                              Syslog::notice("Found certificate:-----------------"); 

                               newObject = (CoolKeyObject *) new CoolKeyCertObject(o,h,obj_class,this);

                          break;

                          case CKO_PUBLIC_KEY:
                                  Syslog::notice("Found public key:----------------");
                                  newObject = (CoolKeyObject *) new CoolKeyKeyObject(o,h,obj_class,this); 
                              Syslog::notice("Found public key:");
                          break;
 
                          case CKO_PRIVATE_KEY:
                              Syslog::notice("Found private key:-------------------");
                              newObject = (CoolKeyObject *)  new CoolKeyKeyObject(o,h,obj_class,this);

                          break;
                
                          default:
                              Syslog::notice("Found something else:");
                          break;
                      };

                      if(newObject)
                      {
                          mObjects[o] = newObject;
                      } 
                      
                }
                    if(obj_classTemplate[0].pValue)
                        delete [] (char *) obj_classTemplate[0].pValue; 
                        obj_classTemplate[0].pValue = NULL;
                
              }
          }

    } /* while(1) */

    ck_rv = mEpv->C_FindObjectsFinal(h);
    if( CKR_OK != ck_rv ) {
        Syslog::notice("C_FindObjectsFinal(%lu) returned 0x%08x", h, ck_rv);
        return 0;
    }

    Syslog::notice("    (%lu objects total)", tnObjects);

    ck_rv = mEpv->C_CloseSession(h);
    if( CKR_OK != ck_rv ) {
        Syslog::notice( "C_CloseSession(%lu) returned 0x%08x", h, ck_rv);
        return 0;
    }

    return 1;
}

int CoolKeyPK11::loadSlotList()
{
    mTokenUid[0] = 0;
    int result = 0;

    if(!mInitialized)
    {
        return result;
    }

    CK_RV ck_rv = 0;

    CK_ULONG nSlots = 0;

    ck_rv = mEpv->C_GetSlotList(CK_FALSE,(CK_SLOT_ID) CK_NULL_PTR,&nSlots);

    if(ck_rv == CKR_OK)
    {
        Syslog::notice("In CoolKeyPK11:loadSlotList() GetSlotList found %d slot(s) ",nSlots);
     }     
     else
     {
         Syslog::notice("In CoolKeyToken::probe() GetSlotList error: %d ",ck_rv);
     } 

     if(nSlots > COOLKEY_MAX_SLOTS)
     {
         return result;
     }

     if(nSlots > 0)
     {
         ck_rv = mEpv->C_GetSlotList(CK_FALSE,mSlots, &nSlots);

         if(ck_rv != CKR_OK)
         {
             Syslog::debug("In CoolKeyToken::probe() GetSlotList error: %d ",ck_rv);
         }

         mOurSlotIndex = nSlots - 1;

         for(CK_ULONG i = 0; i < nSlots ; i++)
         {
             CK_SLOT_INFO sinfo;

             int j = 0;

             while( j++ < 5)
             {
             ck_rv = mEpv->C_GetSlotInfo(mSlots[i],&sinfo);


             if(ck_rv != CKR_OK)
             {
                 Syslog::error("In CoolKeyPK11::loadSlotListe() GetSlotInfo error: %d ",ck_rv);
                 break;
                 //continue;
             }
                    
             Syslog::notice("    Slot Info: Slot: %d" ,i);
             Syslog::notice("        slotDescription = \"%.64s\"", sinfo.slotDescription);
             Syslog::notice("        manufacturerID = \"%.32s\"", sinfo.manufacturerID);

             Syslog::notice("        flags = 0x%08lx", sinfo.flags);
             Syslog::notice("            -> TOKEN PRESENT = %s", 
                        sinfo.flags & CKF_TOKEN_PRESENT ? "TRUE" : "FALSE");
             Syslog::notice("            -> REMOVABLE DEVICE = %s",
                      sinfo.flags & CKF_REMOVABLE_DEVICE ? "TRUE" : "FALSE");
             Syslog::notice("            -> HW SLOT = %s", 
                               sinfo.flags & CKF_HW_SLOT ? "TRUE" : "FALSE");
             Syslog::notice("        hardwareVersion = %lu.%02lu", 
                           (uint32)sinfo.hardwareVersion.major, (uint32)sinfo.hardwareVersion.minor);
             Syslog::notice("        firmwareVersion = %lu.%02lu",
               (uint32)sinfo.firmwareVersion.major, (uint32)sinfo.firmwareVersion.minor); 

             Syslog::notice(" See if token is present in reader");


             if(!(sinfo.flags & CKF_TOKEN_PRESENT))
             {
                 Syslog::notice(" Failed to connect to the token try again.");
                 usleep(100000);
                 continue;
              }

              Syslog::notice(" Token is really present!");
              break;

             }

             if(sinfo.flags & CKF_TOKEN_PRESENT )
             {
                  CK_TOKEN_INFO tinfo;

                  (void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO));
                  ck_rv = mEpv->C_GetTokenInfo(mSlots[i], &tinfo);
                  if( CKR_OK != ck_rv ) {
                      Syslog::debug("C_GetTokenInfo(%lu, ) returned 0x%08x", mSlots[i], ck_rv);
                      return result;
                  }

                  Syslog::notice("    Token Info:");
                  Syslog::notice("        label = \"%.32s\"", tinfo.label);
                  Syslog::notice("        manufacturerID = \"%.32s\"", tinfo.manufacturerID);
                  Syslog::notice("        model = \"%.16s\"", tinfo.model);
                  Syslog::notice("        serialNumber = \"%.16s\"", tinfo.serialNumber);
                  Syslog::notice("        flags = 0x%08lx", tinfo.flags);

                  /*
                  Syslog::notice("            -> RNG = %s",
                        tinfo.flags & CKF_RNG ? "TRUE" : "FALSE");
                  Syslog::notice("            -> WRITE PROTECTED = %s",
                        tinfo.flags & CKF_WRITE_PROTECTED ? "TRUE" : "FALSE");
                  Syslog::notice("            -> LOGIN REQUIRED = %s",
                        tinfo.flags & CKF_LOGIN_REQUIRED ? "TRUE" : "FALSE");
                  Syslog::notice("            -> USER PIN INITIALIZED = %s",
                        tinfo.flags & CKF_USER_PIN_INITIALIZED ? "TRUE" : "FALSE");
                  Syslog::notice("            -> RESTORE KEY NOT NEEDED = %s",
                      tinfo.flags & CKF_RESTORE_KEY_NOT_NEEDED ? "TRUE" : "FALSE");
                  Syslog::debug("            -> CLOCK ON TOKEN = %s",
                             tinfo.flags & CKF_CLOCK_ON_TOKEN ? "TRUE" : "FALSE");
                  Syslog::notice( "        ulMaxSessionCount = %lu", tinfo.ulMaxSessionCount);
                  Syslog::notice( "        ulSessionCount = %lu", tinfo.ulSessionCount);
                  Syslog::notice( "        ulMaxRwSessionCount = %lu", tinfo.ulMaxRwSessionCount);
                  Syslog::notice("        ulRwSessionCount = %lu", tinfo.ulRwSessionCount);
                  Syslog::notice( "        ulMaxPinLen = %lu", tinfo.ulMaxPinLen);
                  Syslog::notice("        ulMinPinLen = %lu", tinfo.ulMinPinLen);
                  Syslog::notice("        ulTotalPublicMemory = %lu", tinfo.ulTotalPublicMemory);
                  Syslog::notice("        ulFreePublicMemory = %lu", tinfo.ulFreePublicMemory);
                  Syslog::notice("        ulTotalPrivateMemory = %lu", tinfo.ulTotalPrivateMemory);
                  Syslog::notice("        ulFreePrivateMemory = %lu", tinfo.ulFreePrivateMemory);
                  Syslog::notice("        hardwareVersion = %lu.%02lu", 
                      (uint32)tinfo.hardwareVersion.major, (uint32)tinfo.hardwareVersion.minor);
                       Syslog::notice("        firmwareVersion = %lu.%02lu",
                       (uint32)tinfo.firmwareVersion.major, (uint32)tinfo.firmwareVersion.minor);
                  Syslog::notice("        utcTime = \"%.16s\"", tinfo.utcTime);
                  */     

                  Syslog::notice(" Token is present uid %s",tinfo.label);
                  int label_size = 32;
                         
                  memcpy((void  *) mTokenUid, (void *) tinfo.label,label_size);
                  mTokenUid[label_size -1] = 0;
             }
             else
             {
                 Syslog::error(" Token not present in slot ");
                 return  result;
             }
             
         }
     }else
     {
         return result;
     }

     return 1;
}

//Actual crypto ops


int CoolKeyPK11::decryptData(CoolKeyObject *aObj,CK_BYTE *aEncData, CK_ULONG aEncDataLen, CK_BYTE *aData, CK_ULONG *aDataLen)
{
    int result = 0;

    if( !mEpv || !aObj ||  !aEncData || !aEncDataLen || !aData || !aDataLen
        || aDataLen <=0 || *aDataLen <= 0)
    {
        Syslog::error(" CoolKeyPK11::decryptData bad input data");
        return result;
    }

   CK_OBJECT_HANDLE objHandle = aObj->getHandle();

   CK_RV ck_rv = mEpv->C_DecryptInit(mSessHandle,NULL,objHandle);

   Syslog::notice("decryptData C_DecryptInit Init result %d", ck_rv);

   if(ck_rv != CKR_OK)
   {
       Syslog::notice("decryptData error calling C_DecryptInit");
       return result;
   }

   ck_rv = mEpv->C_Decrypt(mSessHandle,aEncData,aEncDataLen,aData,aDataLen);

   Syslog::notice("C_Decrypt result %d", ck_rv);

   if(ck_rv != CKR_OK)
   {
       Syslog::notice("C_Decrypt result in error");
       return 0;
   }

   Syslog::notice("decryptData return success");

   return 1;

}

int CoolKeyPK11::generateSignature(CoolKeyObject *aObj,CK_BYTE *aData, CK_ULONG aDataLen, CK_BYTE *aSignature, CK_ULONG *aSignatureLen)
{
    int result = 0;

    if( !mEpv || !aObj ||  !aData || !aDataLen || !aSignature || !aSignatureLen
        || aDataLen <=0 || *aSignatureLen <= 0)
    {
        Syslog::error(" CoolKeyPK11::generateSignature bad input data");
        return result;
    }

   CK_OBJECT_HANDLE objHandle = aObj->getHandle();

   CK_RV ck_rv = mEpv->C_SignInit(mSessHandle,NULL,objHandle);

   Syslog::notice("generateSignature C_SignInit result %d", ck_rv);

   if(ck_rv != CKR_OK)
   {
       Syslog::notice("generatSignature error calling C_SignInit");
       return result;
   }

   ck_rv = mEpv->C_Sign(mSessHandle,aData,aDataLen,aSignature,aSignatureLen);

   Syslog::notice("C_Sign result %d", ck_rv);

   if(ck_rv != CKR_OK)
   {
       Syslog::notice("C_Sign result in error");
       return 0;
   }
 
   Syslog::notice("generateSignature return success"); 
   return 1; 

}

void CoolKeyObject::dumpData(CK_CHAR *aData, CK_ULONG aDataLen)
{
    char line[256];

    Syslog::notice("dumping data %p len %lu",aData,aDataLen);

    CK_ULONG max = 8;
    for(CK_ULONG i = 0 ; i < aDataLen;  i ++)
    {

        if(i > max)
             break;

        sprintf(line," val[%lu]= %X",i,aData[i]);
        Syslog::notice(line);
    }
}

void CoolKeyObject::loadAttributes(CK_ATTRIBUTE *aTemplate,int aTemplateSize) 
{
    CK_RV ck_rv;

    Syslog::notice("CoolKeyObject::loadAttributes with args template size %d",aTemplateSize);

    if(!aTemplate || aTemplateSize <= 0 || mAttributesLoaded)
        return;

    CK_FUNCTION_LIST_PTR funcPtr = NULL;

    if(mParent && (funcPtr = mParent->getFunctionPointer()))
    {
         Syslog::notice("CoolKeyObject::loadAttributes got function pointer");
         ck_rv = funcPtr->C_GetAttributeValue(mSessHandle, mObjHandle, aTemplate, aTemplateSize);

         switch(ck_rv)
         {
             case CKR_OK:
             case CKR_ATTRIBUTE_SENSITIVE:
             case CKR_ATTRIBUTE_TYPE_INVALID:
             case CKR_BUFFER_TOO_SMALL:
             break;

             default:
                 Syslog::notice("CoolKeyObject::loadAttributes failed ck_rv %d",ck_rv);
                 return;
             break;
         };

         for(int i = 0 ; i < aTemplateSize ; i++)
         {
             Syslog::notice("Object attribute:  name % stype 0x%lx ,  size %d",
                 attributeName(aTemplate[i].type),aTemplate[i].type,
                 aTemplate[i].ulValueLen);             
         }

         //Do it again to get actual data

         for(int i = 0; i < aTemplateSize ; i++)
         {
             int size = (int)aTemplate[i].ulValueLen;

             if(size && size != -1)
             {
                 char *objData = new char [aTemplate[i].ulValueLen];

                 if(!objData)
                 {
                     continue;
                 }
         
                 aTemplate[i].pValue = objData;
             }
         }

         //Now have the data alocated go get it.

         ck_rv = funcPtr->C_GetAttributeValue(mSessHandle, mObjHandle, aTemplate, aTemplateSize);
          
         switch(ck_rv)
         {  
             case CKR_OK:
             case CKR_ATTRIBUTE_SENSITIVE:
             case CKR_ATTRIBUTE_TYPE_INVALID:
             case CKR_BUFFER_TOO_SMALL:
             break;

             default:
                 Syslog::notice("CoolKeyObject::loadAttributes failed ck_rv %d",ck_rv);
                 return;
             break;
         };

         //print out results of actually getting the data

         for(int i = 0 ; i < aTemplateSize ; i++)
         {
             int size = aTemplate[i].ulValueLen;
             char *data = (char *) aTemplate[i].pValue;

             if(size && size != -1 &&  data)
             {
                Syslog::notice("Legitimate Object attribute saving.... Name: %s : type 0x%lx ,  size %d",
                   attributeName(aTemplate[i].type),aTemplate[i].type,
                   aTemplate[i].ulValueLen);

                CK_ATTRIBUTE * newAttr = new CK_ATTRIBUTE ;

                //Check for CAC data, we want to let the Apple CAC TokenD take care of these.


                if(strstr(data,"CAC"))
                {
                     Syslog::notice("CAC related item found, exiting... \n");
                     exit(0);
                }

                if(!newAttr)
                {
                    Syslog::notice("Can't allocate memory for new attribute");
                    continue;
                }

                newAttr->ulValueLen = aTemplate[i].ulValueLen;
                newAttr->type = aTemplate[i].type;
                newAttr->pValue = aTemplate[i].pValue;

                //CoolKeyObject::dumpData((CK_BYTE *)newAttr->pValue,newAttr->ulValueLen);

                // put the attribute in our local map

                aTemplate[i].ulValueLen = 0;
                aTemplate[i].pValue = NULL;

                mAttributes[newAttr->type] = newAttr;
             } 
         }

    }    
}

void CoolKeyKeyObject::loadAttributes()
{
    Syslog::notice("CoolKeyKeyObject::loadAttributes no args");

    if(mAttributesLoaded)
        return;

    int templateSize = 0;

    if(mObjClass == CKO_PRIVATE_KEY)
    {
        templateSize = sizeof(private_keyTemplate)/sizeof(CK_ATTRIBUTE);

        CoolKeyObject::loadAttributes((CK_ATTRIBUTE *)private_keyTemplate,templateSize);
    }
    else
    {
        templateSize = sizeof(public_keyTemplate)/sizeof(CK_ATTRIBUTE);
        CoolKeyObject::loadAttributes((CK_ATTRIBUTE *)public_keyTemplate, templateSize);

    }

}

CK_BYTE CoolKeyKeyObject::getSensitive()
{
    CK_BYTE result = 0;

    result = getByteAttribute(CKA_SENSITIVE);

    Syslog::notice("In CoolKeyObject::getID type %c",result);
    return result;
}

CK_BYTE      CoolKeyKeyObject::getKeyEncrypt()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_ENCRYPT);

    Syslog::notice("In CoolKeyObject::getKeyEncrypt result %d",result);
    return result;


}

CK_BYTE      CoolKeyKeyObject::getKeyDecrypt()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_DECRYPT);

    Syslog::notice("In CoolKeyObject::getKeyDecrypt type %d",result);
    return result;

}

CK_BYTE      CoolKeyKeyObject::getKeySign()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_SIGN);

    Syslog::notice("In CoolKeyKeyObject::getKeySign type %d",result);
    return result;


}

CK_BYTE      CoolKeyKeyObject::getKeyWrap()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_WRAP);

    Syslog::notice("In CoolKeyKeyObject::getKeyWrap type %d",result);
    return result;


}

CK_BYTE      CoolKeyKeyObject::getKeyVerify()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_VERIFY);

    Syslog::notice("In CoolKeyKeyObject::getKeyVerify type %d",result);
    return result;


}

CK_BYTE      CoolKeyKeyObject::getKeyDerive()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_DERIVE);

    Syslog::notice("In CoolKeyKeyObject::getKeyDerive type %d",result);
    return result;


}

CK_BYTE      CoolKeyKeyObject::getKeyUnwrap()
{
             
    CK_BYTE result = 0;
         
    result = getByteAttribute(CKA_UNWRAP);

    Syslog::notice("In CoolKeyKeyObject::getKeyUnwrap type %d",result);
    return result;

         
}        

CK_BYTE      CoolKeyKeyObject::getKeySignRecover()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_SIGN_RECOVER);

    Syslog::notice("In CoolKeyKeyObject::getKeySignRecover type %d",result);
    return result;

}

CK_BYTE      CoolKeyKeyObject::getKeyVerifyRecover()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_VERIFY_RECOVER);

    Syslog::notice("In CoolKeyObject::getKeyKeyVerifyRecover type %d",result);
    return result;

}

CK_BYTE      CoolKeyKeyObject::getKeyExtractable()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_EXTRACTABLE);

    Syslog::notice("In CoolKeyKeyObject::getExtractable type %d",result);
    return result;

}

CK_BYTE      CoolKeyKeyObject::getKeyNeverExtractable()
{

    CK_BYTE result = 0;

    result = getByteAttribute(CKA_NEVER_EXTRACTABLE);

    Syslog::notice("In CoolKeyKeyObject::getNeverExtractable type %d",result);
    return result;

}

CK_BYTE CoolKeyKeyObject::getAlwaysSensitive()
{
    CK_BYTE result = 0;

    result = getByteAttribute(CKA_ALWAYS_SENSITIVE);

    Syslog::notice("In CoolKeyKeyObject::getAlwaysSensitive type %d",result);
    return result;
}

void CoolKeyKeyObject::getLabel(CK_BYTE *aData, CK_ULONG *aDataLen)
{

    if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_LABEL,aData,aDataLen);

   Syslog::notice("In CoolKeyKeyObject::getLabel %s",aData);
}

CK_BYTE CoolKeyObject::getID()
{
    CK_BYTE result = 0;

    result = getByteAttribute(CKA_ID);

    Syslog::notice("In CoolKeyObject::getID type %c",result);
    return result;
}

void CoolKeyObject::freeAttributes()
{

    Syslog::notice("CoolKeyObject::freeAttributes");

    map< CK_ATTRIBUTE_TYPE, CK_ATTRIBUTE  * >::iterator i;

    CK_ATTRIBUTE *cur = NULL;

    for(i = mAttributes.begin(); i!= mAttributes.end(); i++)
    {
         cur = (*i).second;

        if(cur)
        {
            if(cur->pValue)
                delete [] (char *) cur->pValue;
           
            delete cur;
        }

    }

}

void CoolKeyObject::loadAttributes() 
{
    //Syslog::notice("CoolKeyObject::loadAttributes no args");
}

void CoolKeyCertObject::loadAttributes()
{
    //Syslog::notice("In CoolKeyCertObject::loadAttributes no args");

    if(mAttributesLoaded)
        return;
    
    int templateSize = sizeof(certTemplate)/sizeof(CK_ATTRIBUTE);

    if(!templateSize)
        return;

    CoolKeyObject::loadAttributes(certTemplate,templateSize);
}

CoolKeyKeyObject::CoolKeyKeyObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent) : CoolKeyObject(aObjHandle,aSessHandle,aObjClass,aParent) 
{
    //Syslog::notice("CoolKeyKeyObject::CoolKeyKeyObject");

    loadAttributes();
}

CK_ULONG CoolKeyKeyObject::getKeySize()
{
     CK_ULONG size = 0;

     CK_ATTRIBUTE *theMod =  getAttribute(CKA_MODULUS);

     if(theMod)
     {    
         size =  (theMod->ulValueLen - 1 ) *  8;

     }

     return size;
}

CoolKeyCertObject::CoolKeyCertObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent) : CoolKeyObject(aObjHandle,aSessHandle,aObjClass,aParent)
{
    loadAttributes();
}

void CoolKeyCertObject::getIssuer(CK_BYTE *aData, CK_ULONG *aDataLen)
{
   if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_ISSUER,aData,aDataLen);

}

void CoolKeyCertObject::getSerialNo(CK_BYTE *aData,CK_ULONG *aDataLen)
{

    if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_SERIAL_NUMBER,aData,aDataLen);

}

void CoolKeyCertObject::getLabel(CK_BYTE *aData, CK_ULONG *aDataLen)
{

    if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_LABEL,aData,aDataLen);

}

void CoolKeyCertObject::getPublicKeyHash(CK_BYTE *aData,CK_ULONG *aDataLen)
{

    if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

}

void CoolKeyCertObject::getData(CK_BYTE *aData, CK_ULONG *aDataLen)
{

    if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_VALUE,aData,aDataLen);
}

void CoolKeyCertObject::getSubject(CK_BYTE *aData, CK_ULONG *aDataLen)
{

   if(!aData || !aDataLen || *aDataLen < 1)
       return;

   aData[0] = 0;

   getByteDataAttribute(CKA_SUBJECT,aData,aDataLen);

}

CK_ULONG CoolKeyCertObject::getType()
{

    CK_ULONG result = 0;

    result = getULongAttribute(CKA_CERTIFICATE_TYPE);

    Syslog::notice("In CoolKeyCertObject::getType type %lu",result);
    return result;

}

CoolKeyObject::CoolKeyObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent) : mObjHandle(aObjHandle),mSessHandle(aSessHandle),mAttributesLoaded(0),mObjClass(aObjClass),mParent(aParent)
{
    Syslog::notice("In CoolKeyObject::CoolKeyObject mObjClass %d",mObjClass);
}

CK_ATTRIBUTE * CoolKeyObject::getAttribute(CK_ATTRIBUTE_TYPE aAttr)
{
    CK_ATTRIBUTE *theAttr = mAttributes[aAttr];

    return theAttr;
}

CK_LONG CoolKeyObject::getLongAttribute(CK_ATTRIBUTE_TYPE aAttr)
{

    CK_ATTRIBUTE *theAttr = getAttribute(aAttr);

    if(!theAttr)
        return 0;


    CK_ULONG size = theAttr->ulValueLen   ;

    if(size != sizeof(CK_LONG))
        return 0;

    if(!theAttr->pValue)
        return 0;

    return (CK_LONG) *((CK_LONG *) theAttr->pValue);
}

CK_ULONG CoolKeyObject::getULongAttribute(CK_ATTRIBUTE_TYPE aAttr)
{

    CK_ATTRIBUTE *theAttr = getAttribute(aAttr);

    Syslog::notice("In CoolKeyObject::getULongAttr attr %p size %d  value %p",theAttr,theAttr->ulValueLen,theAttr->pValue);

    if(!theAttr)
        return 0;

    CK_ULONG size = theAttr->ulValueLen ;

    if(size != sizeof(CK_ULONG))
        return 0;

    if(!theAttr->pValue)
        return 0;

    return (CK_ULONG) *((CK_ULONG *) theAttr->pValue);
}

CK_BYTE CoolKeyObject::getByteAttribute(CK_ATTRIBUTE_TYPE aAttr)
{

    CK_ATTRIBUTE *theAttr = getAttribute(aAttr);

    if(!theAttr)
        return 0;

    CK_ULONG size = theAttr->ulValueLen ;

    if(size != sizeof(CK_BYTE))
        return 0;

    if(!theAttr->pValue)
        return 0;

    return (CK_BYTE) *((CK_BYTE *) theAttr->pValue);
}


void CoolKeyObject::getByteDataAttribute(CK_ATTRIBUTE_TYPE aAttr,CK_BYTE *aData, CK_ULONG *aDataLen)
{
   if(!aData || !aDataLen || *aDataLen <= 0 )
       return;

   CK_ATTRIBUTE *theAttr = getAttribute(aAttr);

   Syslog::notice("In CoolKeyObject::getByteData attr %p  attr size %d ",theAttr,theAttr->ulValueLen);
    if(!theAttr)
        return ;

    CK_ULONG size = theAttr->ulValueLen ;

    if(size < 1 || size >= *aDataLen)
        return;

    *aDataLen = 0;
    aData[0] = 0;

    if(!theAttr->pValue)
        return;

     memcpy( aData,  theAttr->pValue,size);

    *aDataLen = size;
}

char *CoolKeyObject::attributeName(uint32_t attributeId)
{
        static char buffer[20];

        switch (attributeId)
        {
        case CKA_CLASS: return "CLASS";
        case CKA_TOKEN: return "TOKEN";
        case CKA_PRIVATE: return "PRIVATE";
        case CKA_LABEL: return "LABEL";
        case CKA_APPLICATION: return "APPLICATION";
        case CKA_VALUE: return "VALUE";
        case CKA_OBJECT_ID: return "OBJECT_ID";
        case CKA_CERTIFICATE_TYPE: return "CERTIFICATE_TYPE";
        case CKA_ISSUER: return "ISSUER";
        case CKA_SERIAL_NUMBER: return "SERIAL_NUMBER";
        case CKA_AC_ISSUER: return "AC_ISSUER";
        case CKA_OWNER: return "OWNER";
        case CKA_ATTR_TYPES: return "ATTR_TYPES";
        case CKA_TRUSTED: return "TRUSTED";
        case CKA_KEY_TYPE: return "KEY_TYPE";
        case CKA_SUBJECT: return "SUBJECT";
        case CKA_ID: return "ID";
        case CKA_SENSITIVE: return "SENSITIVE";
        case CKA_ENCRYPT: return "ENCRYPT";
        case CKA_DECRYPT: return "DECRYPT";
        case CKA_WRAP: return "WRAP";
        case CKA_WRAP_TEMPLATE: return "WRAP_TEMPLATE";
        case CKA_UNWRAP: return "UNWRAP";
        case CKA_SIGN: return "SIGN";
        case CKA_SIGN_RECOVER: return "SIGN_RECOVER";
        case CKA_VERIFY: return "VERIFY";
        case CKA_VERIFY_RECOVER: return "VERIFY_RECOVER";
        case CKA_DERIVE: return "DERIVE";
        case CKA_START_DATE: return "START_DATE";
        case CKA_END_DATE: return "END_DATE";
        case CKA_MODULUS: return "MODULUS";
        case CKA_MODULUS_BITS: return "MODULUS_BITS";
        case CKA_PUBLIC_EXPONENT: return "PUBLIC_EXPONENT";
        case CKA_PRIVATE_EXPONENT: return "PRIVATE_EXPONENT";
        case CKA_PRIME_1: return "PRIME_1";
        case CKA_PRIME_2: return "PRIME_2";
        case CKA_EXPONENT_1: return "EXPONENT_1";
        case CKA_EXPONENT_2: return "EXPONENT_2";
        case CKA_COEFFICIENT: return "COEFFICIENT";
        case CKA_PRIME: return "PRIME";
        case CKA_SUBPRIME: return "SUBPRIME";
        case CKA_BASE: return "BASE";
        case CKA_PRIME_BITS: return "PRIME_BITS";
        case CKA_SUB_PRIME_BITS: return "SUB_PRIME_BITS";
        case CKA_VALUE_BITS: return "VALUE_BITS";
        case CKA_VALUE_LEN: return "VALUE_LEN";
        case CKA_EXTRACTABLE: return "EXTRACTABLE";
        case CKA_LOCAL: return "LOCAL";
        case CKA_NEVER_EXTRACTABLE: return "NEVER_EXTRACTABLE";
        case CKA_ALWAYS_SENSITIVE: return "ALWAYS_SENSITIVE";
        case CKA_KEY_GEN_MECHANISM: return "KEY_GEN_MECHANISM";
        case CKA_MODIFIABLE: return "MODIFIABLE";
        case CKA_EC_PARAMS: return "EC_PARAMS";
        case CKA_EC_POINT: return "EC_POINT";
        case CKA_SECONDARY_AUTH: return "SECONDARY_AUTH";
        case CKA_AUTH_PIN_FLAGS: return "AUTH_PIN_FLAGS";
        case CKA_HW_FEATURE_TYPE: return "HW_FEATURE_TYPE";
        case CKA_RESET_ON_INIT: return "RESET_ON_INIT";
        case CKA_HAS_RESET: return "HAS_RESET";
        case CKA_VENDOR_DEFINED: return "VENDOR_DEFINED";
        case CKA_ALWAYS_AUTHENTICATE: return "ALWAYS_AUTHENTICATE";
        case CKA_WRAP_WITH_TRUSTED: return "WRAP_WITH_TRUSTED";
        case CKA_UNWRAP_TEMPLATE: return "UNWRAP_TEMPLATE";
        case CKA_HASH_OF_SUBJECT_PUBLIC_KEY: return "HASH_OF_SUBJECT_PUBLIC_KEY";
        case CKA_HASH_OF_ISSUER_PUBLIC_KEY: return "HASH_OF_ISSUER_PUBLIC_KEY";
        default:
                snprintf(buffer, sizeof(buffer), "unknown(%0x08X)", attributeId);
                return buffer;
        }
}


--- NEW FILE CoolKeyPK11.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey CoolKeyPK11 interface.
 *  @APPLE_LICENSE_HEADER_START@
 *
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *
 *  @APPLE_LICENSE_HEADER_END@
 */


/*
 *  CoolKeyPK11.h
 *  Tokend CoolKey
 */

#ifndef _COOLKEYPK11_H_
#define _COOLKEYPK11_H_

#include "mypkcs11.h"
#include 
#include 
#include 

#define COOLKEY_MAX_SLOTS 20
#define PKCS11_PATH_NAME "/Library/Application Support/CoolKey/PKCS11/libcoolkeypk11.dylib"

class CoolKeyPK11;

class CoolKeyObject
{
public:
 
    CoolKeyObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent); 
    virtual ~CoolKeyObject() {  freeAttributes();};

    virtual void loadAttributes() ;

    char *CoolKeyObject::attributeName(uint32_t attributeId);

    CK_ATTRIBUTE * getAttribute(CK_ATTRIBUTE_TYPE aAttr);
    CK_LONG      getLongAttribute(CK_ATTRIBUTE_TYPE aAttr);
    CK_ULONG     getULongAttribute(CK_ATTRIBUTE_TYPE aAttr);
    CK_BYTE      getByteAttribute(CK_ATTRIBUTE_TYPE aAttr);    
    CK_BYTE      getID();

    void         getByteDataAttribute(CK_ATTRIBUTE_TYPE aAttr,CK_BYTE *aData, CK_ULONG *aDataLen);

    CK_OBJECT_CLASS   getClass() {return mObjClass;}    

    static void dumpData(CK_BYTE *aData, CK_ULONG aDataLen);

    CK_OBJECT_HANDLE getHandle() { return mObjHandle;}
    CK_SESSION_HANDLE getSessHandle() { return mSessHandle; } 

protected:

    void loadAttributes(CK_ATTRIBUTE *aTemplate,int aTemplateSize);
    void freeAttributes();

    CK_OBJECT_HANDLE mObjHandle;
    CK_SESSION_HANDLE mSessHandle;
    int mAttributesLoaded;
    CK_LONG mObjClass; 

    std::map< CK_ATTRIBUTE_TYPE, CK_ATTRIBUTE* > mAttributes;

private:

    CoolKeyPK11 *mParent;

public:


};

class CoolKeyKeyObject : public CoolKeyObject
{

public:

    CoolKeyKeyObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessionHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent) ;

    CK_ULONG getKeySize();
    void getLabel(CK_BYTE *aData, CK_ULONG *aDataLen);
    CK_BYTE getSensitive();
    CK_BYTE getAlwaysSensitive();
    CK_BYTE      getKeyEncrypt();
    CK_BYTE      getKeyDecrypt();
    CK_BYTE      getKeySign();
    CK_BYTE      getKeyWrap();
    CK_BYTE      getKeyExtractable();
    CK_BYTE      getKeyNeverExtractable();
    CK_BYTE      getKeyVerify();
    CK_BYTE      getKeyDerive();
    CK_BYTE      getKeyUnwrap();
    CK_BYTE      getKeySignRecover();
    CK_BYTE      getKeyVerifyRecover();

     void loadAttributes();

    ~CoolKeyKeyObject() {};

};

class CoolKeyCertObject : public CoolKeyObject
{

public:

    CoolKeyCertObject(CK_OBJECT_HANDLE aObjHandle, CK_SESSION_HANDLE aSessionHandle,CK_LONG aObjClass,CoolKeyPK11 *aParent) ;

    void loadAttributes();

    void getSubject(CK_BYTE *aData, CK_ULONG *aDataLen);
    void getIssuer(CK_BYTE *aData, CK_ULONG *aDataLen);
    void getSerialNo(CK_BYTE *aData,CK_ULONG *aDataLen);
    void getLabel(CK_BYTE *aData, CK_ULONG *aDataLen);
    void getData(CK_BYTE *aData, CK_ULONG *aDataLen);


    void getPublicKeyHash(CK_BYTE *aData,CK_ULONG *aDataLen);

    CK_ULONG getType();

    ~CoolKeyCertObject() {};

};

class CoolKeyPK11
{
public:

    typedef std::map< CK_OBJECT_HANDLE, CoolKeyObject  * >::iterator ObjIterator;

    CoolKeyPK11(): mPk11Driver(NULL),mEpv(NULL),mInitialized(0),mOurSlotIndex(0),mIsOurToken(0),mCachedPIN("") {} ;
    virtual ~CoolKeyPK11() {};

    int loadModule();
    int freeModule();

    int loginToken(char *aPIN);
    void logoutToken();

    int isTokenLoggedIn();

    int loadObjects();
    int freeObjects();

    int getIsOurToken() { return mIsOurToken;}
    char *getTokenId() {  
           if(mTokenUid[0] != 0) 
               return mTokenUid;
                   else 
               return NULL;
    }; 

    CK_FUNCTION_LIST_PTR getFunctionPointer() { return mEpv;}
    int                  getInitialized()     { return mInitialized; }

    int verifyCachedPIN(char *aPIN);


//Actual cryto operations

    int generateSignature(CoolKeyObject *aObj,CK_BYTE *aData, CK_ULONG aDataLen, CK_BYTE *aSignature, CK_ULONG *aSignatureLen);

    int decryptData(CoolKeyObject *aObj,CK_BYTE *aEncData, CK_ULONG aEncDataLen, CK_BYTE *aData, CK_ULONG *aDataLen);


protected:

private:

    int loadSlotList();

    void * mPk11Driver;
    CK_FUNCTION_LIST_PTR mEpv;

    int mInitialized;

    CK_SLOT_ID  mSlots[COOLKEY_MAX_SLOTS];
    int mOurSlotIndex;
    CK_SLOT_INFO mOurSlotInfo;

    char mTokenUid[32];
    int mIsOurToken;

    CK_SESSION_HANDLE  mSessHandle;

    std::map mObjects;

    std::string mCachedPIN;

public:

    ObjIterator begin() { return ObjIterator(mObjects.begin()); }
    ObjIterator end() { return ObjIterator(mObjects.end()); }
    
};

#endif /* !_COOLKEYPK11_H_ */



--- NEW FILE CoolKeyRecord.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Record implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source LicenseCoolKey
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyRecord.cpp
 *  Tokend CoolKey 
 */

#include "CoolKeyPK11.h"
#include "CoolKeyRecord.h"
#include "CoolKeyError.h"
#include "CoolKeyToken.h"
//#include "Attribute.h"
#include "MetaAttribute.h"
#include "MetaRecord.h"
#include 
#include 
#include 

//
// CoolKeyRecord
//
CoolKeyRecord::~CoolKeyRecord()
{
}

Tokend::Attribute *CoolKeyRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
{
    Syslog::notice("CoolKeyRecord::getDataAttribute");

    CoolKeyObject *obj = (CoolKeyObject *) getCoolKeyObject();

    CK_OBJECT_CLASS theClass = 0;
  
    if(obj)
    { 
        theClass =   obj->getClass(); 
    }

    if(!obj)
        return NULL;

    CK_BYTE tData[2048];
    CK_ULONG dataLen = 2048;

   CoolKeyCertObject *theCert = NULL;
    switch(theClass)
    {
         case CKO_CERTIFICATE: 
             Syslog::notice("getDataAttribute: Found certificate:-----------------");

             theCert =  (CoolKeyCertObject *) obj;

             if(theCert)
             {
                  theCert->getData((CK_BYTE *)tData,&dataLen);
             }

             return new Tokend::Attribute((const void *)tData,dataLen);
         break;
       
         case CKO_PUBLIC_KEY:
              Syslog::notice("getDataAttribute:Found public key:----------------");
         break;
 
         case CKO_PRIVATE_KEY:
             Syslog::notice("getDataAttribute:Found private key:-------------------");
         break;
                
         default:
             Syslog::notice("getDataAttribute:Found something else:");
         break;
    };

    return NULL;
}

void CoolKeyRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
{
    Syslog::notice("CoolKeyRecord::getAcl ----------------");
    if (!mAclEntries) {
            mAclEntries.allocator(Allocator::standard());
    // Anyone can read the DB record for this key (which is a reference
            // CSSM_KEY)
    mAclEntries.add(CssmClient::AclFactory::AnySubject(
        mAclEntries.allocator()),
        AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
    }

    count = mAclEntries.size();
    acls = mAclEntries.entries();
}

/* arch-tag: 9703BFF8-0E73-11D9-ACDD-000A9595DEEE */


--- NEW FILE CoolKeyRecord.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Record.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyRecord.h
 *  TokendMuscle
 */

#ifndef _COOLKEYRECORD_H_
#define _COOLKEYRECORD_H_

#include "Record.h"
#include "CoolKeyPK11.h"

//class CoolKeyObject;

class CoolKeyRecord : public Tokend::Record
{
	NOCOPY(CoolKeyRecord)
public:
	CoolKeyRecord(CoolKeyObject *aObject) :
		mObject(aObject) {}

	virtual ~CoolKeyRecord();

         CoolKeyObject *getCoolKeyObject() { return mObject; }

         virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);

         virtual void getAcl(const char *tag, uint32 &count,
                AclEntryInfo *&aclList);
private:
        AutoAclEntryInfoList mAclEntries;

protected:

        CoolKeyObject  *mObject;
};



#endif /* !_CACRECORD_H_ */

/* arch-tag: 96BC854C-0E73-11D9-B9B1-000A9595DEEE */



--- NEW FILE CoolKeySchema.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Schema implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  CoolKey
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeySchema.cpp
 *  Tokend CoolKey
 */

#include "CoolKeySchema.h"

#include "MetaAttribute.h"
#include "MetaRecord.h"

#include 
#include 
#include 
#include 
#include 

#include 

using namespace Tokend;

CoolKeySchema::CoolKeySchema() 
{
}

CoolKeySchema::~CoolKeySchema()
{
}

Tokend::Relation *CoolKeySchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
{
    Relation *rn = createStandardRelation(keyType);

    Syslog::info("createKeyRelation coder %p",&mCoolKeyKeyAttributeCoder);
    // Set up coders for key records.
    MetaRecord &mr = rn->metaRecord();
    mr.keyHandleFactory(&mCoolKeyKeyHandleFactory);

    mr.attributeCoder(kSecKeyPrintName, &mCoolKeyKeyAttributeCoder);

    // Other key valuess
    mr.attributeCoder(kSecKeyKeyType, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyKeySizeInBits, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyEffectiveKeySize, &mCoolKeyKeyAttributeCoder);

    // Key attributes
    mr.attributeCoder(kSecKeyExtractable, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeySensitive, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyModifiable, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyPrivate, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyNeverExtractable, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyAlwaysSensitive, &mCoolKeyKeyAttributeCoder);

    // Key usage
    mr.attributeCoder(kSecKeyEncrypt, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyDecrypt, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyWrap, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyUnwrap,&mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyVerify, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyDerive, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeySignRecover, &mCoolKeyKeyAttributeCoder);
    mr.attributeCoder(kSecKeyVerifyRecover, &mCoolKeyKeyAttributeCoder);

    mr.attributeCoder(kSecKeyLabel, &mPublicKeyHashCoder);
    mr.attributeCoder(kSecKeySign, &mCoolKeyKeyAttributeCoder);

    return rn;
}

Tokend::Relation *CoolKeySchema::createCertRelation(CSSM_DB_RECORDTYPE certType)
{
    Relation *rn = createStandardRelation(certType);

    // Set up coders for key records.
    MetaRecord &mr = rn->metaRecord();

    Syslog::info("createCertRelation coder %p",&mCoolKeyCertAttributeCoder);
    // cert attributes

    mr.attributeCoder(kSecAlias,&mCoolKeyCertAttributeCoder);

   mr.attributeCoder(kSecSubjectItemAttr, &mCoolKeyCertAttributeCoder);

   mr.attributeCoder(kSecLabelItemAttr,&mCoolKeyCertAttributeCoder);

   mr.attributeCoder(kSecIssuerItemAttr, &mCoolKeyCertAttributeCoder);
   mr.attributeCoder(kSecSerialNumberItemAttr, &mCoolKeyCertAttributeCoder);
   mr.attributeCoder(kSecPublicKeyHashItemAttr, &mCoolKeyCertAttributeCoder);

   mr.attributeCoder(kSecSubjectKeyIdentifierItemAttr, &mCoolKeyCertAttributeCoder);
   mr.attributeCoder(kSecCertTypeItemAttr, &mCoolKeyCertAttributeCoder);
   mr.attributeCoder(kSecCertEncodingItemAttr, &mCoolKeyCertAttributeCoder);

   return rn;
}

void CoolKeySchema::create()
{
    Schema::create();

    createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
    createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
    Relation *rn_publ = createKeyRelation(CSSM_DL_DB_RECORD_PUBLIC_KEY);
    // @@@ We need a coder that calculates the public key hash of a public key
    rn_publ->metaRecord().attributeCoder(kSecKeyLabel, &mPublicKeyHashCoder);
}

/* arch-tag: 36BF1864-0DBC-11D9-8518-000A9595DEEE */


--- NEW FILE CoolKeySchema.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Schema implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeySchema.h
 *  TokendMuscle
 */

#ifndef _COOLKEYCHEMA_H_
#define _COOLKEYSCHEMA_H_

#include "Schema.h"
#include "CoolKeyAttributeCoder.h"
#include "CoolKeyHandle.h"

namespace Tokend
{
	class Relation;
	class MetaRecord;
	class AttributeCoder;
}

class CoolKeySchema : public Tokend::Schema
{
	NOCOPY(CoolKeySchema)
public:
    CoolKeySchema();
    virtual ~CoolKeySchema();

	virtual void create();

protected:
	Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
        Tokend::Relation *createCertRelation(CSSM_DB_RECORDTYPE certType);

private:
	// Coders we need.
	CoolKeyDataAttributeCoder mCoolKeyDataAttributeCoder;

        CoolKeyCertAttributeCoder mCoolKeyCertAttributeCoder;
        CoolKeyKeyAttributeCoder  mCoolKeyKeyAttributeCoder;

	CoolKeyKeyHandleFactory mCoolKeyKeyHandleFactory;
};

#endif /* !_CACSCHEMA_H_ */

/* arch-tag: 36DB400E-0DBC-11D9-A9F5-000A9595DEEE */


--- NEW FILE CoolKeyToken.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Token implementation.
 * CoolKey
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */
/*
 *  CoolKeyToken.cpp
 *  Tokend CoolKey
 */

#include "CoolKeyToken.h"

#include "Adornment.h"
#include "AttributeCoder.h"
#include "CoolKeyError.h"
#include "CoolKeyRecord.h"
#include "CoolKeySchema.h"
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

using CssmClient::AclFactory;

static CoolKeyPK11 *coolKeyModule = NULL;

CoolKeyToken::CoolKeyToken() :
	mCurrentApplet(NULL),
	mPinStatus(1)
{
    mTokenContext = this;
}

CoolKeyToken::~CoolKeyToken()
{
    Syslog::notice("CoolKeyToken::~CoolKeyToken");
    delete mSchema;
}

// Here is where we initialize our PKCS11 module
void CoolKeyToken::initial()
{
    Syslog::notice("In CoolKeyToken::initial() . " );
}


bool CoolKeyToken::identify()
{
    Syslog::notice("In CoolKeyToken::identify");

    return true;
}

void CoolKeyToken::select(const unsigned char *applet)
{
    Syslog::debug("In CoolKeyToken::select");
}

uint32_t CoolKeyToken::exchangeAPDU(const unsigned char *apdu, size_t apduLength,
	unsigned char *result, size_t &resultLength)
{
    return 0;
}

void CoolKeyToken::didDisconnect()
{
    Syslog::debug("In CoolKeyToken::didDisconnect");
}

void CoolKeyToken::didEnd()
{
    mCurrentApplet = NULL;
}

void CoolKeyToken::changePIN(int pinNum,
	const unsigned char *oldPin, size_t oldPinLength,
	const unsigned char *newPin, size_t newPinLength)
{
    Syslog::debug("In CoolKeyToken::changePIN");
}

uint32_t CoolKeyToken::pinStatus(int pinNum)
{
    Syslog::notice("In CoolKeyToken::pinStatus num %d",pinNum);

    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

bool CoolKeyToken::isLocked()
{
    int result = mCoolKey.isTokenLoggedIn();
    mPinStatus =  1 - result;
    Syslog::notice("In CoolKeyToken::isLocked mPinStatus %d",mPinStatus);
    return mPinStatus;
}


void CoolKeyToken::verifyPIN(int pinNum,
	const unsigned char *pin, size_t pinLength)
{
    Syslog::notice("In CoolKeyToken::verifyPIN");

    int result = 0;

    if(mCoolKey.isTokenLoggedIn())
    {
        result = mCoolKey.verifyCachedPIN((char *) pin);
    }
    else
    {
        result = mCoolKey.loginToken((char *) pin);
    }

    Syslog::notice("Result of loginToken %d",result);
   
    if(result == CKR_OK)
        return; 

    //logout because we failed

    mCoolKey.logoutToken();

    //any other error complain

    CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED);

}

void CoolKeyToken::unverifyPIN(int pinNum)
{
    Syslog::notice("In CoolKeyToken::unverifyPIN");
    mPinStatus = 1;
}

uint32_t CoolKeyToken::getData(unsigned char *result, size_t &resultLength)
{
    Syslog::notice("In CoolKeyToken::getData");
    return NULL;
}

uint32 CoolKeyToken::probe(SecTokendProbeFlags flags,
	char tokenUid[TOKEND_MAX_UID])
{
    uint32 score =  0; //Tokend::ISO7816Token::probe(flags, tokenUid);

    uint32 max_uid = TOKEND_MAX_UID;

    const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
      
   Syslog::notice("TOKEND_MAX_UID %d",max_uid); 
   Syslog::notice("READER_STATE -> szReader %s", (char *) readerState.szReader);
   Syslog::notice ("READER_STATE -> dwCurrentState %u",readerState.dwCurrentState);
   Syslog::notice ("READER_STATE -> dwEventState %u",readerState.dwEventState);
   Syslog::notice ("READER_STATE -> cbAtr %u",readerState.cbAtr);
   Syslog::notice("READER_STATE -> rgbAtr %32x",(char *) readerState.rgbAtr);

    int res = mCoolKey.loadModule();
     
    /* if(res)
         res = mCoolKey.loadObjects();
     */


    if(!res || ! mCoolKey.getIsOurToken())
    {
        Syslog::error(" Can't load CoolKey pkcs11 module. ");
        return score;
    }

    if(coolKeyModule == NULL)
       coolKeyModule = &mCoolKey;

    char *tUid = mCoolKey.getTokenId();

    if(tUid)
    {
        sprintf((char *) tokenUid,"%s",(char *)tUid);
        Syslog::notice("tokenUid %s",(char *) tokenUid);
    }

    score = 199;

    signal(SIGTERM, cleanup); // register a SIGTERM handler

    return score;
}

void CoolKeyToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
	SecTokendEstablishFlags flags, const char *cacheDirectory,
	const char *workDirectory, char mdsDirectory[PATH_MAX],
	char printName[PATH_MAX])
{

    char *mCuid = mCoolKey.getTokenId();
      
    int pathSize = PATH_MAX;
 
    if(mCuid)
    {
        Syslog::notice("printName size %d", pathSize);

        int predictedSize = strlen(mCuid);

        if(predictedSize < pathSize)
        {
             sprintf((char *) printName, (char *) "%s",mCuid);
        }
    }

    Syslog::notice("In CoolKeyToken::establish setting printName to: %s subserviceId: %d",printName,subserviceId);

    int res = mCoolKey.loadObjects();

    if(!res)
        return;
    
    mSchema = new CoolKeySchema();
    mSchema->create();

    populate();
}

//
// Authenticate to the token
//

void CoolKeyToken::authenticate(CSSM_DB_ACCESS_TYPE mode, const AccessCredentials *cred)
{
    Syslog::notice("In CoolKeyToken::authenticate cred %p tag %s size %d",cred,cred->tag(),cred->size());

    if (cred) {   

        if(mode == CSSM_DB_ACCESS_RESET)
        {
            Syslog::notice("authenticate CSSM_DB_ACCESS_RESET");
            return;
        }
        const TypedList &sample = (*cred)[0];
        switch (sample.type()) {
            case CSSM_SAMPLE_TYPE_PASSWORD:
            case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
            case CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD:
            {
                 Syslog::notice("sample type %d",sample.type());
                 CssmData &pin = sample[1].data();
                                        
                verifyPIN(1, pin.Data,pin.Length);
            }
            break;
           default:
           Syslog::notice("sample type %ld not supported", sample.type());
           CssmError::throwMe(CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED);
       }
   } else
      Syslog::notice("authenticate without credentials ignored");
}

//
// Database-level ACLs
//
void CoolKeyToken::getOwner(AclOwnerPrototype &owner)
{
        Syslog::notice("In CoolKeyToken::getOwner");
	// we don't really know (right now), so claim we're owned by PIN #0
	if (!mAclOwner)
	{
		mAclOwner.allocator(Allocator::standard());
		mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
	}
	owner = mAclOwner;
}


void CoolKeyToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
{
    Syslog::notice("In CoolKeyToken::getAcl.");

    Allocator &alloc = Allocator::standard();

    // mAclEntries sets the handle of each AclEntryInfo to the
    // offset in the array.

    if (!mAclEntries) {
        mAclEntries.allocator(alloc);
        // Anyone can read the attributes and data of any record on this token
        // (it's further limited by the object itself).
		mAclEntries.add(CssmClient::AclFactory::AnySubject(
			mAclEntries.allocator()),
			AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
        // We support PIN1 with either a passed in password
        // subject or a prompted password subject.


          mAclEntries.addPin(AclFactory::PWSubject(alloc),1);
          mAclEntries.addPin(AclFactory::PromptPWSubject(alloc,CssmData()), CssmData());
              
	}

	count = mAclEntries.size();
	acls = mAclEntries.entries();
}


#pragma mark ---------------- CoolKey Specific --------------

void CoolKeyToken::populate()
{
    Syslog::notice("In CoolKeyToken::populate");

    Tokend::Relation &certRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
    Tokend::Relation &privateKeyRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
    Tokend::Relation &publicKeyRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_PUBLIC_KEY);

    std::map certs;
    std::map< CoolKeyObject *, RefPointer > keys;
    std::map< CoolKeyObject *, RefPointer >  certRecs;

    for(CoolKeyPK11::ObjIterator i = mCoolKey.begin(); i != mCoolKey.end() ; i++)
    {
        CoolKeyObject *obj =(*i).second;
        CK_OBJECT_CLASS oClass;
        if(obj)
        {
            CK_BYTE id = obj->getID();
            oClass = obj->getClass();
            Syslog::notice("Retrieved object %p class %lu id %d",obj,oClass,id); 
 
            CoolKeyRecord *newRecord = new CoolKeyRecord(obj); 

            RefPointer    theRecord( newRecord);
            if(!theRecord)
                continue;

            switch(oClass)
            {
                case CKO_PRIVATE_KEY:
                    privateKeyRelation.insertRecord(theRecord);
                    Syslog::notice("Inserting private key record %p",newRecord);
                    keys[obj] = theRecord;
                break;

                case CKO_PUBLIC_KEY:
                Syslog::notice("Inserting public key record %p theRefRecord %p",newRecord,theRecord.get());
                             publicKeyRelation.insertRecord(theRecord);
                             keys[obj] = theRecord;
                break;

                case CKO_CERTIFICATE:
                    certs[id] = obj;
                    certRecs[obj] = theRecord;
                    Syslog::notice("Inserting cert record %p",newRecord);
                    certRelation.insertRecord(theRecord);
                break; 

                default:
                break;

             };
         }

    }

    for(CoolKeyPK11::ObjIterator i = mCoolKey.begin(); i != mCoolKey.end() ; i++)
    {
        CoolKeyObject *obj =(*i).second;
        CoolKeyObject *cert = NULL;

        CK_OBJECT_CLASS oClass;
        if(obj)
        {
            CK_BYTE id = obj->getID();
            oClass = obj->getClass();

            switch(oClass)
            {
                case CKO_PRIVATE_KEY:
                case CKO_PUBLIC_KEY:
                    cert = certs[id];
                    if(cert)
                    {
                        RefPointer  coolKeyRecRef = keys[obj];
                        CoolKeyRecord *  coolKeyRec = coolKeyRecRef.get();  

                        Syslog::notice("Key %p  linked to cert %p",obj,cert);

                        if(coolKeyRec)
                        {
                            Syslog::notice("Found record to create adornment record: %p",coolKeyRec);
                            if(certRecs[cert])
                            {
                                Tokend::LinkedRecordAdornment * lra = new Tokend::LinkedRecordAdornment(certRecs[cert]);
                                 Syslog::notice("lra %p",lra);

                                 if(lra)
                                 { 
                                     coolKeyRec->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
                                             lra);
                                     Syslog::notice("certificateKey %p certRecs[cert] %p",mSchema->publicKeyHashCoder().certificateKey(),certRecs[cert].get());
                                 }
                             }
                         }
                     }
                     else
                         Syslog::notice("Key %p not linked to found cert");
                  break;

                  default:
                  break;

             };

         }

    }     

}

void CoolKeyToken::cleanup(int aSig)
{
    Syslog::notice("We are going away!");

    if(coolKeyModule)
    {
        coolKeyModule->logoutToken();
        coolKeyModule->freeModule();
    }

}

/* arch-tag: 36F733B4-0DBC-11D9-914C-000A9595DEEE */


--- NEW FILE CoolKeyToken.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com
 *  CoolKey Schema implementation.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this filCoolKeye except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  CoolKeyToken.h
 *  Tokend CoolKey
 */

#ifndef _COOLKEY_TOKEN_H_
#define _COOLKEY_TOKEN_H_

#include "mypkcs11.h"
#include 
#include "TokenContext.h"
#include "CoolKeyPK11.h"

#include 

class CoolKeySchema;

#define PKCS11_PATH_NAME "/Library/Application Support/CoolKey/PKCS11/libcoolkeypk11.dylib"
#define COOLKEY_PRESENT_SCORE 10000000
//
// "The" token
//
class CoolKeyToken : public Tokend::ISO7816Token
{
	NOCOPY(CoolKeyToken)
public:
	CoolKeyToken() ;
	~CoolKeyToken();

	virtual void didDisconnect();
	virtual void didEnd();

        virtual void initial();
        virtual uint32 probe(SecTokendProbeFlags flags,
		char tokenUid[TOKEND_MAX_UID]);
	virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
		SecTokendEstablishFlags flags, const char *cacheDirectory,
		const char *workDirectory, char mdsDirectory[PATH_MAX],
		char printName[PATH_MAX]);
	virtual void getOwner(AclOwnerPrototype &owner);
	virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);

	virtual void changePIN(int pinNum,
		const unsigned char *oldPin, size_t oldPinLength,
		const unsigned char *newPin, size_t newPinLength);
	virtual uint32_t pinStatus(int pinNum);
	virtual void verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
	virtual void unverifyPIN(int pinNum);
        virtual void authenticate(CSSM_DB_ACCESS_TYPE mode, const AccessCredentials *cred);
        virtual bool isLocked();

	bool identify();
	void select(const unsigned char *applet);
	uint32_t exchangeAPDU(const unsigned char *apdu, size_t apduLength,
                          unsigned char *result, size_t &resultLength);

	uint32_t getData(unsigned char *result, size_t &resultLength);

        CoolKeyPK11 &getPK11Manager() { return  mCoolKey; }

protected:
	void populate();

        CoolKeyPK11 mCoolKey; 
public:
	const unsigned char *mCurrentApplet;
	uint32_t mPinStatus;

	// temporary ACL cache hack - to be removed
	AutoAclOwnerPrototype mAclOwner;
	AutoAclEntryInfoList mAclEntries;

private:

        static void cleanup(int aSig);
};


#endif /* !_CACTOKEN_H_ */

/* arch-tag: 3714259E-0DBC-11D9-8D58-000A9595DEEE */


--- NEW FILE Info.plist ---




	CFBundleDevelopmentRegion
	English
	CFBundleExecutable
	COOLKEY
	CFBundleIdentifier
	com.apple.tokend.coolkey
	CFBundleInfoDictionaryVersion
	6.0
	CFBundleName
	COOLKEY
	CFBundlePackageType
	????
	CFBundleShortVersionString
	1.1.1
	CFBundleSignature
	????
	CFBundleVersion
	30557




--- NEW FILE coolkey.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 *  Portions Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
 *  Contributor(s):
 *  Jack Magne,jmagne at redhat.com 
 *  CoolKey main program implementation.
 *  @APPLE_LICENSE_HEADER_START at CoolKey
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */


/*
 * CoolKey.cpp - CoolKey.tokend main program
 */
#include "CoolKeyToken.h"
#include 

int main(int argc, const char *argv[])
{
    secdebug("CoolKey.tokend", "main starting with %d arguments", argc);
    secdelay("/tmp/delay/CoolKey");

    Syslog::notice("argc %d",argc);
    for(int i = 0; i < argc ; i++)
    {
        Syslog::notice("coolkey arg[%d]: %s",i,argv[i]);
    }

    token = new CoolKeyToken();
    return SecTokendMain(argc, argv, token->callbacks(), token->support());

    Syslog::notice("CoolKey.tokend exiting.... ");
}

/* arch-tag: 372EB7FE-0DBC-11D9-9A28-000A9595DEEE */



From fedora-directory-commits at redhat.com  Tue Jan 22 18:02:55 2008
From: fedora-directory-commits at redhat.com (Jack Magne (jmagne))
Date: Tue, 22 Jan 2008 13:02:55 -0500
Subject: [Fedora-directory-commits] esc/mac/Tokend-30557/Tokend
	Adornment.cpp, NONE, 1.1 Adornment.h, NONE, 1.1 Attribute.cpp,
	NONE, 1.1 Attribute.h, NONE, 1.1 AttributeCoder.cpp, NONE,
	1.1 AttributeCoder.h, NONE, 1.1 Cursor.cpp, NONE, 1.1 Cursor.h,
	NONE, 1.1 DbValue.cpp, NONE, 1.1 DbValue.h, NONE,
	1.1 KeyHandle.cpp, NONE, 1.1 KeyHandle.h, NONE,
	1.1 MetaAttribute.cpp, NONE, 1.1 MetaAttribute.h, NONE,
	1.1 MetaRecord.cpp, NONE, 1.1 MetaRecord.h, NONE,
	1.1 PKCS11Object.cpp, NONE, 1.1 PKCS11Object.h, NONE,
	1.1 Record.cpp, NONE, 1.1 Record.h, NONE, 1.1 RecordHandle.cpp,
	NONE, 1.1 RecordHandle.h, NONE, 1.1 Relation.cpp, NONE,
	1.1 Relation.h, NONE, 1.1 SCardError.cpp, NONE,
	1.1 SCardError.h, NONE, 1.1 Schema.cpp, NONE, 1.1 Schema.h,
	NONE, 1.1 SelectionPredicate.cpp, NONE,
	1.1 SelectionPredicate.h, NONE, 1.1 Token.cpp, NONE,
	1.1 Token.h, NONE, 1.1 TokenContext.cpp, NONE,
	1.1 TokenContext.h, NONE, 1.1
Message-ID: <200801221802.m0MI2tSm031591@cvs-int.fedora.redhat.com>

Author: jmagne

Update of /cvs/dirsec/esc/mac/Tokend-30557/Tokend
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31436/Tokend

Added Files:
	Adornment.cpp Adornment.h Attribute.cpp Attribute.h 
	AttributeCoder.cpp AttributeCoder.h Cursor.cpp Cursor.h 
	DbValue.cpp DbValue.h KeyHandle.cpp KeyHandle.h 
	MetaAttribute.cpp MetaAttribute.h MetaRecord.cpp MetaRecord.h 
	PKCS11Object.cpp PKCS11Object.h Record.cpp Record.h 
	RecordHandle.cpp RecordHandle.h Relation.cpp Relation.h 
	SCardError.cpp SCardError.h Schema.cpp Schema.h 
	SelectionPredicate.cpp SelectionPredicate.h Token.cpp Token.h 
	TokenContext.cpp TokenContext.h 
Log Message:
Initial revision


--- NEW FILE Adornment.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Adornment.cpp
 *  TokendMuscle
 */

#include "Adornment.h"
#include "MetaAttribute.h"
#include "MetaRecord.h"
#include "Record.h"

namespace Tokend
{


//
// LinkedRecordAdornment
//
//const Adornment::Key LinkedRecordAdornment::key = "LinkedRecordAdornment";

LinkedRecordAdornment::LinkedRecordAdornment(RefPointer record) :
	mRecord(record)
{
}

LinkedRecordAdornment::~LinkedRecordAdornment()
{
}

Record &LinkedRecordAdornment::record()
{
	return *mRecord;
}


//
// SecCertificateAdornment
//
SecCertificateAdornment::SecCertificateAdornment(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	// Get the data for record (the actual certificate).
	const MetaAttribute &dma =
		metaAttribute.metaRecord().metaAttributeForData();
	const Attribute &data = dma.attribute(tokenContext, record);

	// Data should have exactly one value.
	if (data.size() != 1)
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

	// Create a new adornment using the data from the certificate.
	OSStatus status = SecCertificateCreateFromData(&data[0], CSSM_CERT_X_509v3,
		CSSM_CERT_ENCODING_BER, &mCertificate);
	if (status)
		MacOSError::throwMe(status);
}

SecCertificateAdornment::~SecCertificateAdornment()
{
	CFRelease(mCertificate);
}

SecCertificateRef SecCertificateAdornment::certificate()
{
	return mCertificate; 
}

SecKeychainItemRef SecCertificateAdornment::certificateItem()
{
	return SecKeychainItemRef(mCertificate);
}


}	// end namespace Tokend

/* arch-tag: C7D4DE5C-F61D-11D8-B69C-000A9595DEEE */


--- NEW FILE Adornment.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Adornment.h
 *  TokendMuscle
 */

#ifndef _TOKEND_ADORNMENT_H_
#define _TOKEND_ADORNMENT_H_

#include 
#include 
#include 

namespace Tokend
{

class TokenContext;
class MetaRecord;
class MetaAttribute;
class Record;

//
// Adornment that refers to another record
//
class LinkedRecordAdornment : public Adornment
{
	NOCOPY(LinkedRecordAdornment)
public:
	LinkedRecordAdornment(RefPointer record);
	~LinkedRecordAdornment();
	Record &record();

private:
	RefPointer mRecord;
};


class SecCertificateAdornment : public Adornment
{
	NOCOPY(SecCertificateAdornment)
public:
	SecCertificateAdornment(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
	~SecCertificateAdornment();
	SecCertificateRef certificate();
	SecKeychainItemRef certificateItem();

private:
	SecCertificateRef mCertificate;
};

} // end namespace Tokend

#endif /* !_TOKEND_ADORNMENT_H_ */

/* arch-tag: C8628EDC-F61D-11D8-98CA-000A9595DEEE */


--- NEW FILE Attribute.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Attribute.cpp
 *  TokendMuscle
 */

#include "Attribute.h"

namespace Tokend
{


Attribute::Attribute()
{
	mCount = 0;
	mValues = NULL;
}

Attribute::Attribute(const Attribute &attribute)
{
	set(attribute.mValues, attribute.mCount);
}

Attribute::Attribute(bool value)
{
	uint32 v = value ? 1 : 0;
	set(&v, sizeof(v));
}

Attribute::Attribute(sint32 value)
{
	set(&value, sizeof(value));
}

Attribute::Attribute(uint32 value)
{
	set(&value, sizeof(value));
}

Attribute::Attribute(const char *value)
{
	set(value, strlen(value));
}

Attribute::Attribute(const std::string &value)
{
	set(value.c_str(), value.size());
}

Attribute::Attribute(const void *data, uint32 length)
{
	set(data, length);
}

Attribute::Attribute(const CSSM_DATA *datas, uint32 count)
{
	set(datas, count);
}

Attribute::~Attribute()
{
	if (mValues)
		free(mValues);
}

Attribute &Attribute::operator = (const Attribute &attribute)
{
	if (mValues)
		free(mValues);

	set(attribute.mValues, attribute.mCount);
	return *this;
}

void Attribute::set(const CSSM_DATA *datas, uint32 count)
{
	mCount = count;
	uint32 size = count * sizeof(CSSM_DATA);
	for (uint32 ix = 0; ix < count; ++ix)
		size += datas[ix].Length;

	uint8 *buffer = (uint8 *)malloc(size);
	mValues = CSSM_DATA_PTR(buffer);
	buffer += sizeof(CSSM_DATA) * count;
	for (uint32 ix = 0; ix < count; ++ix)
	{
		uint32 length = datas[ix].Length;
		mValues[ix].Data = buffer;
		mValues[ix].Length = length;
		memcpy(mValues[ix].Data, datas[ix].Data, length);
		buffer += length;
	}
}

void Attribute::set(const void *data, uint32 length)
{
	mCount = 1;
	uint8 *buffer = (uint8 *)malloc(sizeof(CSSM_DATA) + length);
	mValues = CSSM_DATA_PTR(buffer);
	mValues[0].Data = buffer + sizeof(CSSM_DATA);
	mValues[0].Length = length;
	memcpy(mValues[0].Data, data, length);
}

void Attribute::getDateValue(CSSM_DATE &date) const
{
	if (mCount == 0 || mValues[0].Length == 0)
	{
		memset(&date, 0, sizeof(date));
	}
	else if (mCount == 1 && mValues[0].Length == sizeof(date))
	{
		memcpy(&date, mValues[0].Data, sizeof(date));
	}
	else
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
}

uint32 Attribute::uint32Value() const
{
	if (mCount != 1 || mValues[0].Length != 4)
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

	return *reinterpret_cast(mValues[0].Data);
}


} // end namespace Tokend

/* arch-tag: 5C8EA178-F190-11D8-BEF2-000A9595DEEE */


--- NEW FILE Attribute.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Attribute.h
 *  TokendMuscle
 */

#ifndef _TOKEND_ATTRIBUTE_H_
#define _TOKEND_ATTRIBUTE_H_

#include 
#include 
#include 

namespace Tokend
{

class Attribute
{
public:
	Attribute();
	Attribute(const Attribute &attribute);
	Attribute(bool value);
	Attribute(sint32 value);
	Attribute(uint32 value);
	Attribute(const char *value);
	Attribute(const std::string &value);
	Attribute(const void *data, uint32 length);
	Attribute(const CSSM_DATA *datas, uint32 count);
	~Attribute();

	Attribute &operator = (const Attribute &attribute);

	uint32 size() const { return mCount; }
	const CSSM_DATA &operator [](uint32 ix) const { return mValues[ix]; }
	const CSSM_DATA *values() const { return mValues; }

	void getDateValue(CSSM_DATE &date) const;
	uint32 uint32Value() const;
	bool boolValue() const { return uint32Value() != 0; }

private:
	void set(const CSSM_DATA *datas, uint32 count);
	void set(const void *data, uint32 length);

    uint32 mCount;
    CSSM_DATA_PTR mValues;
};

} // end namespace Tokend

#endif /* !_TOKEND_ATTRIBUTE_H_ */

/* arch-tag: 5B8B0720-F190-11D8-9806-000A9595DEEE */


--- NEW FILE AttributeCoder.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  AttributeCoder.cpp
 *  TokendMuscle
 */

#include "AttributeCoder.h"

#include "Attribute.h"
#include "Adornment.h"
#include "MetaAttribute.h"
#include "MetaRecord.h"
#include "Record.h"

#include 
#include 
#include 

#include 
#include 
#include 
#include 

namespace Tokend
{


//
// AttributeCoder
//
AttributeCoder::~AttributeCoder() {}


//
// CertificateAttributeCoder
//
CertificateAttributeCoder::~CertificateAttributeCoder() {}

void CertificateAttributeCoder::decode(TokenContext *tokenContext,
                                       const MetaAttribute &metaAttribute,
                                       Record &record)
{
	// Get the SecCertificateAdornment off record using a pointer to ourself as
	// the key
	SecCertificateAdornment &sca =
		record.adornment(this, tokenContext,
			metaAttribute, record);

	// Get the keychain item for the certificate from the record's adornment.
	SecKeychainItemRef certificate = sca.certificateItem();
	// Read the attribute with the requested attributeId from the item.
	SecKeychainAttribute ska = { metaAttribute.attributeId() };
	SecKeychainAttributeList skal = { 1, &ska };
	OSStatus status = SecKeychainItemCopyContent(certificate, NULL, &skal,
		NULL, NULL);
	if (status)
		MacOSError::throwMe(status);
	// Add the retrieved attribute as an attribute to the record.
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(ska.data, ska.length));
	// Free the retrieved attribute.
	status = SecKeychainItemFreeContent(&skal, NULL);
	if (status)
		MacOSError::throwMe(status);

	// @@@ The code above only returns one email address.  Fix this.
}


//
// ConstAttributeCoder
//
ConstAttributeCoder::ConstAttributeCoder(uint32 value) : mValue(value) {}

ConstAttributeCoder::ConstAttributeCoder(bool value) : mValue(value ? 1 : 0) {}

ConstAttributeCoder::~ConstAttributeCoder() {}

void ConstAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(mValue));
}


//
// GuidAttributeCoder
//
GuidAttributeCoder::GuidAttributeCoder(const CSSM_GUID &guid) : mGuid(guid) {}

GuidAttributeCoder::~GuidAttributeCoder() {}

void GuidAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(&mGuid, sizeof(CSSM_GUID)));
}


//
// NullAttributeCoder
//
NullAttributeCoder::~NullAttributeCoder() {}

void NullAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute());
}


//
// ZeroAttributeCoder
//
ZeroAttributeCoder::~ZeroAttributeCoder() {}

void ZeroAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(reinterpret_cast(NULL), 0));
}


//
// KeyDataAttributeCoder
//
KeyDataAttributeCoder::~KeyDataAttributeCoder() {}

void KeyDataAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	const MetaRecord &mr = metaAttribute.metaRecord();
	CssmKey key;
	key.header().cspGuid(Guid::overlay(gGuidAppleSdCSPDL));
	key.blobType(CSSM_KEYBLOB_REFERENCE);
	key.blobFormat(CSSM_KEYBLOB_REF_FORMAT_INTEGER);
	key.algorithm(mr.metaAttribute(kSecKeyKeyType)
		.attribute(tokenContext, record).uint32Value());
	key.keyClass(mr.metaAttribute(kSecKeyKeyClass)
		.attribute(tokenContext, record).uint32Value());
	key.header().LogicalKeySizeInBits =
		mr.metaAttribute(kSecKeyKeySizeInBits).attribute(tokenContext, record)
			.uint32Value();

	key.header().KeyAttr =
		(mr.metaAttribute(kSecKeyPermanent).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYATTR_PERMANENT : 0)
		| (mr.metaAttribute(kSecKeyPrivate).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYATTR_PRIVATE : 0)
		| (mr.metaAttribute(kSecKeyModifiable).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYATTR_MODIFIABLE : 0)
		| (mr.metaAttribute(kSecKeySensitive).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYATTR_SENSITIVE : 0)
		| (mr.metaAttribute(kSecKeyAlwaysSensitive)
			.attribute(tokenContext, record)
				.boolValue() ? CSSM_KEYATTR_ALWAYS_SENSITIVE : 0)
		| (mr.metaAttribute(kSecKeyExtractable).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYATTR_EXTRACTABLE : 0)
		| (mr.metaAttribute(kSecKeyNeverExtractable)
			.attribute(tokenContext, record)
				.boolValue() ? CSSM_KEYATTR_NEVER_EXTRACTABLE : 0);

	CSSM_KEYUSE usage =
		(mr.metaAttribute(kSecKeyEncrypt).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_ENCRYPT : 0)
		| (mr.metaAttribute(kSecKeyDecrypt).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_DECRYPT : 0)
		| (mr.metaAttribute(kSecKeySign).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_SIGN : 0)
		| (mr.metaAttribute(kSecKeyVerify).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_VERIFY : 0)
		| (mr.metaAttribute(kSecKeySignRecover).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_SIGN_RECOVER : 0)
		| (mr.metaAttribute(kSecKeyVerifyRecover)
			.attribute(tokenContext, record)
				.boolValue() ? CSSM_KEYUSE_VERIFY_RECOVER : 0)
		| (mr.metaAttribute(kSecKeyWrap).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_WRAP : 0)
		| (mr.metaAttribute(kSecKeyUnwrap).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_UNWRAP : 0)
		| (mr.metaAttribute(kSecKeyDerive).attribute(tokenContext, record)
			.boolValue() ? CSSM_KEYUSE_DERIVE : 0);
	if (usage == (CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_SIGN
		| CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_SIGN_RECOVER
		| CSSM_KEYUSE_VERIFY_RECOVER | CSSM_KEYUSE_WRAP | CSSM_KEYUSE_UNWRAP
		| CSSM_KEYUSE_DERIVE))
		usage = CSSM_KEYUSE_ANY;

	key.header().KeyUsage = usage;

	// Dates
	mr.metaAttribute(kSecKeyStartDate).attribute(tokenContext, record)
		.getDateValue(key.header().StartDate);
	mr.metaAttribute(kSecKeyEndDate).attribute(tokenContext, record)
		.getDateValue(key.header().EndDate);

	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(&key, sizeof(key)));
}


//
// LinkedRecordAttributeCoder
//
LinkedRecordAttributeCoder::~LinkedRecordAttributeCoder() {}

void LinkedRecordAttributeCoder::decode(Tokend::TokenContext *tokenContext,
	const Tokend::MetaAttribute &metaAttribute,
	Tokend::Record &record)
{
    const Tokend::MetaAttribute *lma = NULL;
	LinkedRecordAdornment *lra = NULL;
    if (mCertificateMetaAttribute)
    {
        lma = mCertificateMetaAttribute;
        lra = record.getAdornment(certificateKey());
    }

	if (!lra && mPublicKeyMetaAttribute)
    {
        lma = mPublicKeyMetaAttribute;
        lra = record.getAdornment(publicKeyKey());
    }

    if (!lma || !lra)
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

    // Get the linked record's attribute and set it on record.
	const Attribute &attribute = lma->attribute(tokenContext, lra->record());
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(attribute));
}


//
// DecriptionAttributeCoder
//
DescriptionAttributeCoder::~DescriptionAttributeCoder()
{
}

void DescriptionAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{	
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		new Attribute(record.description()));
}


//
// DataAttributeCoder
//
DataAttributeCoder::~DataAttributeCoder()
{
}

void DataAttributeCoder::decode(TokenContext *tokenContext,
	const MetaAttribute &metaAttribute, Record &record)
{
	record.attributeAtIndex(metaAttribute.attributeIndex(),
		record.getDataAttribute(tokenContext));
}


}	// end namespace Tokend

/* arch-tag: BA054F22-F13E-11D8-B797-000A95C4302E */


--- NEW FILE AttributeCoder.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  AttributeCoder.h
 *  TokendMuscle
 */

#ifndef _TOKEND_ATTRIBUTECODER_H_
#define _TOKEND_ATTRIBUTECODER_H_

#include 
#include 

namespace Tokend
{

class MetaAttribute;
class Record;
class TokenContext;


class AttributeCoder
{
	NOCOPY(AttributeCoder)
public:
	AttributeCoder() {}
	virtual ~AttributeCoder() = 0;

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record) = 0;
};


//
// A coder that derives certificate attributes for the certificate data
//
class CertificateAttributeCoder : public AttributeCoder
{
	NOCOPY(CertificateAttributeCoder)
public:
	CertificateAttributeCoder() {}
	virtual ~CertificateAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
private:
};

//
// A coder with a constant value
//
class ConstAttributeCoder : public AttributeCoder
{
	NOCOPY(ConstAttributeCoder)
public:
	ConstAttributeCoder(uint32 value);
	ConstAttributeCoder(bool value);
	virtual ~ConstAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
private:
	uint32 mValue;
};


//
// A coder whose value is a guid.
//
class GuidAttributeCoder : public AttributeCoder
{
	NOCOPY(GuidAttributeCoder)
public:
	GuidAttributeCoder(const CSSM_GUID &guid);
	virtual ~GuidAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
private:
	const CSSM_GUID mGuid;
};


//
// A coder whose value contains 0 values.
//
class NullAttributeCoder : public AttributeCoder
{
	NOCOPY(NullAttributeCoder)
public:
	NullAttributeCoder() {}
	virtual ~NullAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
};


//
// A coder whose value contains 1 zero length value.
//
class ZeroAttributeCoder : public AttributeCoder
{
	NOCOPY(ZeroAttributeCoder)
public:
	ZeroAttributeCoder() {}
	virtual ~ZeroAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
};


//
// A data coder for key relations
//
class KeyDataAttributeCoder : public AttributeCoder
{
	NOCOPY(KeyDataAttributeCoder)
public:

	KeyDataAttributeCoder() {}
	virtual ~KeyDataAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
};


//
// A coder for private key objects value is the public key hash of a
// certificate.  Generic get an attribute of a linked record coder.
//
class LinkedRecordAttributeCoder : public Tokend::AttributeCoder
{
	NOCOPY(LinkedRecordAttributeCoder)
public:
	LinkedRecordAttributeCoder() {}
	virtual ~LinkedRecordAttributeCoder();
    
    const void *certificateKey() const { return mCertificateMetaAttribute; }
    const void *publicKeyKey() const { return mPublicKeyMetaAttribute; }

	void setCertificateMetaAttribute(
		const Tokend::MetaAttribute *linkedRecordMetaAttribute)
    { mCertificateMetaAttribute = linkedRecordMetaAttribute; }
	void setPublicKeyMetaAttribute(
		const Tokend::MetaAttribute *linkedRecordMetaAttribute)
    { mPublicKeyMetaAttribute = linkedRecordMetaAttribute; }

	virtual void decode(Tokend::TokenContext *tokenContext,
                        const Tokend::MetaAttribute &metaAttribute,
                        Tokend::Record &record);
    
private:
    const Tokend::MetaAttribute *mCertificateMetaAttribute;
    const Tokend::MetaAttribute *mPublicKeyMetaAttribute;
};


//
// A coder that reads the description of an object
//
class DescriptionAttributeCoder : public AttributeCoder
{
	NOCOPY(DescriptionAttributeCoder)
public:

	DescriptionAttributeCoder() {}
	virtual ~DescriptionAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
};


//
// A coder that reads the data of an object
//
class DataAttributeCoder : public Tokend::AttributeCoder
{
	NOCOPY(DataAttributeCoder)
public:

	DataAttributeCoder() {}
	virtual ~DataAttributeCoder();

	virtual void decode(TokenContext *tokenContext,
		const MetaAttribute &metaAttribute, Record &record);
};


}	// end namespace Tokend

#endif /* !_TOKEND_ATTRIBUTECODER_H_ */

/* arch-tag: BA06D3C6-F13E-11D8-83F1-000A95C4302E */


--- NEW FILE Cursor.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Cursor.cpp
 *  TokendMuscle
 */

#include "Cursor.h"

#include "MetaRecord.h"
#include "Record.h"
#include "RecordHandle.h"
#include "Relation.h"
#include "Token.h"
#include "SelectionPredicate.h"

namespace Tokend
{

#pragma mark ---------------- Cursor methods --------------

//
// Cursor implemetation
//
Cursor::Cursor()
{
}

Cursor::~Cursor()
{
}

//
// LinearCursor implemetation
//
LinearCursor::LinearCursor(const CSSM_QUERY *inQuery,
	const Relation &inRelation) :
	mIterator(inRelation.begin()),
	mEnd(inRelation.end()),
    mMetaRecord(inRelation.metaRecord())
{
	mConjunctive = inQuery->Conjunctive;
	mQueryFlags = inQuery->QueryFlags;
	// @@@ Do something with inQuery->QueryLimits?
	uint32 aPredicatesCount = inQuery->NumSelectionPredicates;
	mPredicates.resize(aPredicatesCount);
	try
	{
		for (uint32 anIndex = 0; anIndex < aPredicatesCount; anIndex++)
		{
			CSSM_SELECTION_PREDICATE &aPredicate =
				inQuery->SelectionPredicate[anIndex];
			mPredicates[anIndex] =
				new SelectionPredicate(mMetaRecord, aPredicate);
		}
	}
	catch (...)
	{
		for_each_delete(mPredicates.begin(), mPredicates.end());
		throw;
	}
}

LinearCursor::~LinearCursor()
{
	for_each_delete(mPredicates.begin(), mPredicates.end());
}

RecordHandle *LinearCursor::next(TokenContext *tokenContext)
{
	while (mIterator != mEnd)
	{
		RefPointer rec = *mIterator;
		++mIterator;

        PredicateVector::const_iterator anIt = mPredicates.begin();
        PredicateVector::const_iterator anEnd = mPredicates.end();
		bool aMatch;
		if (anIt == anEnd)	// If there are no predicates we have a match.
			aMatch = true;
		else if (mConjunctive == CSSM_DB_OR)
		{
			// If mConjunctive is OR, the first predicate that returns
			// true indicates a match. Dropthough means no match
			aMatch = false;
			for (; anIt != anEnd; anIt++)
			{
				if ((*anIt)->evaluate(tokenContext, *rec))
				{
					aMatch = true;
                    break;
				}
			}
		}
		else if (mConjunctive == CSSM_DB_AND || mConjunctive == CSSM_DB_NONE)
		{
			// If mConjunctive is AND (or NONE), the first predicate that
			// returns false indicates a mismatch. Dropthough means a match.
			aMatch = true;
			for (; anIt != anEnd; anIt++)
			{
				if (!(*anIt)->evaluate(tokenContext, *rec))
				{
					aMatch = false;
                    break;
				}
			}
		}
		else
		{
			CssmError::throwMe(CSSMERR_DL_INVALID_QUERY);
		}

        if (aMatch)
			return new RecordHandle(mMetaRecord, rec);
    }

	return NULL;
}

#pragma mark ---------------- MultiCursor methods --------------

MultiCursor::MultiCursor(const CSSM_QUERY *inQuery, const Schema &inSchema) :
	mRelationIterator(inSchema.begin()),
	mRelationEnd(inSchema.end())
{
	if (inQuery)
		mQuery.reset(new CssmAutoQuery(*inQuery));
	else
	{
		mQuery.reset(new CssmAutoQuery());
		mQuery->recordType(CSSM_DL_DB_RECORD_ANY);
	}
}

MultiCursor::~MultiCursor()
{
}

RecordHandle *MultiCursor::next(TokenContext *tokenContext)
{
	RecordHandle *result =  NULL;
	for (;;)
	{
		if (!mCursor.get())
		{
			if (mRelationIterator == mRelationEnd)
				return NULL;

			const Relation &aRelation = *(mRelationIterator->second);
			++mRelationIterator;
			if (!aRelation.matchesId(mQuery->recordType()))
				continue;

			mCursor.reset(new LinearCursor(mQuery.get(), aRelation));
		}

		if (result = mCursor->next(tokenContext))
			return result;
			
		mCursor.reset(NULL);
	}
}


}	// end namespace Tokend

/* arch-tag: D29D64E5-EBDA-11D8-AF32-000A95C4302E */



--- NEW FILE Cursor.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Cursor.h
 *  TokendMuscle
 */

#ifndef _TOKEND_CURSOR_H_
#define _TOKEND_CURSOR_H_

#include "Relation.h"
#include "Schema.h"
#include 
#include 

namespace Tokend
{

class MetaRecord;
class RecordHandle;
class Relation;
class SelectionPredicate;

class Cursor : public HandleObject
{
	NOCOPY(Cursor)
public:
	Cursor();
    virtual ~Cursor() = 0;
    virtual RecordHandle *next(TokenContext *tokenContext) = 0;
};

class LinearCursor : public Cursor
{
    NOCOPY(LinearCursor)
public:
    LinearCursor(const CSSM_QUERY *inQuery, const Relation &inRelation);
    virtual ~LinearCursor();
    virtual RecordHandle *next(TokenContext *tokenContext);

private:
	Relation::const_iterator mIterator;
	Relation::const_iterator mEnd;

    const MetaRecord &mMetaRecord;

    CSSM_DB_CONJUNCTIVE mConjunctive;

	// If CSSM_QUERY_RETURN_DATA is set return the raw key bits
    CSSM_QUERY_FLAGS mQueryFlags;
    typedef vector PredicateVector;

    PredicateVector mPredicates;
};

class MultiCursor : public Cursor
{
    NOCOPY(MultiCursor)
public:
    MultiCursor(const CSSM_QUERY *inQuery, const Schema &inSchema);
    virtual ~MultiCursor();
    virtual RecordHandle *next(TokenContext *tokenContext);

private:
	Schema::ConstRelationMapIterator mRelationIterator;
	Schema::ConstRelationMapIterator mRelationEnd;
	auto_ptr mQuery;
	auto_ptr mCursor;
};

} // end namespace Tokend

#endif /* !_TOKEND_CURSOR_H_ */

/* arch-tag: D2A1003C-EBDA-11D8-8F44-000A95C4302E */



--- NEW FILE DbValue.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  DbValue.cpp
 *  TokendMuscle
 */

#include "DbValue.h"
#include 

// @@@ missing "pack" methods with WriteSection parameter

namespace Tokend
{

//
// DbValue
//
DbValue::DbValue()
{
}

DbValue::~DbValue()
{
}

UInt32Value::UInt32Value(const CSSM_DATA &data)
{
	switch (data.Length)
	{
	case 1:	mValue = *reinterpret_cast(data.Data);		break;
	case 2:	mValue = *reinterpret_cast(data.Data);	break;
	case 4:	mValue = *reinterpret_cast(data.Data);	break;
	default:
		CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
	}
}

UInt32Value::~UInt32Value()
{
}

//
// SInt32Value
//

SInt32Value::SInt32Value(const CSSM_DATA &data)
{
	switch (data.Length)
	{
	case 1:	mValue = *reinterpret_cast(data.Data);		break;
	case 2:	mValue = *reinterpret_cast(data.Data);	break;
	case 4:	mValue = *reinterpret_cast(data.Data);	break;
	default:
		CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
	}
}

SInt32Value::~SInt32Value()
{
}

//
// DoubleValue
//

DoubleValue::DoubleValue(const CSSM_DATA &data)
{
	switch (data.Length)
	{
	case 4:	mValue = *reinterpret_cast(data.Data);		break;
	case 8:	mValue = *reinterpret_cast(data.Data);	break;
	default:
		CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
	}
}

DoubleValue::~DoubleValue()
{
}

//
// BlobValue
//

BlobValue::BlobValue(const CSSM_DATA &data) : CssmData(CssmData::overlay(data))
{
}

BlobValue::~BlobValue()
{
}

BlobValue::Comparator::~Comparator()
{
}

int
BlobValue::Comparator::operator ()(const uint8 *ptr1, const uint8 *ptr2,
	uint32 length)
{
	return memcmp(ptr1, ptr2, length);
}

bool
BlobValue::evaluate(const BlobValue &other, CSSM_DB_OPERATOR op) const
{
	return evaluate(*this, other, op, Comparator());
}

bool
BlobValue::evaluate(const CssmData &inData1, const CssmData &inData2,
	CSSM_DB_OPERATOR op, Comparator compare)
{
	uint32 length1 = inData1.Length, length2 = inData2.Length;
	const uint8 *data1 = inData1.Data;
	const uint8 *data2 = inData2.Data;
	
	switch (op) {
	
	case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
		if (length1 > length2)
            return false;
        length2 = length1;
        goto DB_EQUAL;
		
	case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
        if (length1 > length2)
            return false;
		data2 += (length2 - length1);
		length2 = length1;
        // dropthrough...

    case CSSM_DB_EQUAL:
	DB_EQUAL:
        if (length1 != length2)
            return false;
        if (length1 == 0)
            return true;
		return compare(data1, data2, length1) == 0;

    case CSSM_DB_NOT_EQUAL:
		if (length1 != length2)
			return true;
		if (length1 == 0)
			return false;
        return compare(data1, data2, length1) != 0;

    case CSSM_DB_LESS_THAN:
    case CSSM_DB_GREATER_THAN:
    {
        uint32 length = min(length1, length2);
		int result = (length == 0) ? 0 : compare(data1, data2, length);
		
		if (result < 0 || (result == 0 && length1 < length2))
			return op == CSSM_DB_LESS_THAN;
		else if (result > 0 || (result == 0 && length1 > length2))
			return op == CSSM_DB_GREATER_THAN;
		break;
	}

    case CSSM_DB_CONTAINS:
        if (length1 > length2)
            return false;
        if (length1 == 0)
            return true;
        // Both buffers are at least 1 byte long.
        for (const uint8 *data = data2; data + length1 <= data2 + length2;
			++data)
			if (compare(data1, data, length1) == 0)
				return true;
		break;

    default:
        CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
    }

    return false;
}

//
// TimeDateValue
//

TimeDateValue::TimeDateValue(const CSSM_DATA &data)
:	BlobValue(data)
{
	if (Length != kTimeDateSize || !isValidDate())
		CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
}

TimeDateValue::~TimeDateValue()
{
}

bool
TimeDateValue::isValidDate() const
{
	if (Length != kTimeDateSize || Data[kTimeDateSize - 1] != 0 ||
		Data[kTimeDateSize - 2] != 'Z')
		return false;
		
	for (uint32 i = 0; i < kTimeDateSize - 2; i++)
		if (!isdigit(Data[i]))
			return false;
			
	uint32 month = rangeValue(4, 2);
	if (month < 1 || month > 12)
		return false;
		
	uint32 day = rangeValue(6, 2);
	if (day < 1 || day > 31)
		return false;
		
	uint32 hour = rangeValue(8, 2);
	if (hour < 0 || hour > 23)
		return false;
		
	uint32 minute = rangeValue(10, 2);
	if (minute < 0 || minute > 59)
		return false;

	uint32 second = rangeValue(12, 2);
	if (second < 0 || second > 59)
		return false;		

	return true;
}

uint32
TimeDateValue::rangeValue(uint32 start, uint32 length) const
{
	uint32 value = 0;
	for (uint32 i = 0; i < length; i++)
		value = value * 10 + Data[start + i] - '0';
	return value;
}

//
// StringValue
//

StringValue::StringValue(const CSSM_DATA &data)
:	BlobValue(data)
{
}

StringValue::~StringValue()
{
}

int
StringValue::Comparator::operator ()(const uint8 *ptr1, const uint8 *ptr2,
	uint32 length)
{
	return strncmp(reinterpret_cast(ptr1),
		reinterpret_cast(ptr2), length);
}

bool
StringValue::evaluate(const StringValue &other, CSSM_DB_OPERATOR op) const
{
	return BlobValue::evaluate(*this, other, op, StringValue::Comparator());
}

//
// BigNumValue
//

BigNumValue::BigNumValue(const CSSM_DATA &data)
:	BlobValue(data)
{
	// remove trailing zero bytes
	while (Length > 1 && Data[Length - 1] == 0)
		Length--;
		
	// if the number is zero (positive or negative), make the length zero
	if (Length == 1 && (Data[0] & ~kSignBit) == 0)
		Length = 0;
}

BigNumValue::~BigNumValue()
{
}

// Walk the contents of two equal-sized bignums, moving backward
// from the high-order bytes, and return the comparison result
// ala memcmp.

int
BigNumValue::compare(const uint8 *a, const uint8 *b, int length)
{
	for (int diff, i = length - 1; i >= 1; i--)
		if ((diff = a[i] - b[i]))
			return diff;

	// for the last (i.e. first) byte, mask out the sign bit
	return (a[0] & ~kSignBit) - (b[0] & ~kSignBit);
}

// Compare two bignums, assuming they are in canonical form (i.e.,
// no bytes containing trailing zeros.

bool
BigNumValue::evaluate(const BigNumValue &other, CSSM_DB_OPERATOR op) const
{
	uint32 length1 = Length, length2 = other.Length;
	uint8 sign1 = length1 ? (Data[0] & kSignBit) : 0;
	uint8 sign2 = length2 ? (other.Data[0] & kSignBit) : 0;
	
	switch (op)
	{
	case CSSM_DB_EQUAL:
	case CSSM_DB_NOT_EQUAL:
		return BlobValue::evaluate(other, op);
		
	case CSSM_DB_LESS_THAN:
		if (sign1 ^ sign2)
			// different signs: return true iff left value is the negative one
			return sign1;
		else if (length1 != length2)
			// in canonical form, shorter numbers have smaller absolute value
			return sign1 ? (length1 > length2) : (length1 < length2);
		else {
			// same length, same sign...
			int c = compare(Data, other.Data, length1);
			return sign1 ? (c > 0) : (c < 0);
		}
		break;
		
	case CSSM_DB_GREATER_THAN:
		if (sign1 ^ sign2)
			return sign2;
		else if (length1 != length2)
			return sign1 ? (length1 < length2) : (length1 > length2);
		else {
			int c = compare(Data, other.Data, length1);
			return sign1 ? (c < 0) : (c > 0);
		}
		break;
		
	case CSSM_DB_CONTAINS:
	case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
	case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
	default:
		CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
	}
}

//
// MultiUInt32Value
//

MultiUInt32Value::MultiUInt32Value(const CSSM_DATA &data)
{
	if (data.Length & (sizeof(uint32) - 1))
		CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
		
	mNumValues = data.Length / sizeof(uint32);
	mValues = reinterpret_cast(data.Data);
	mOwnsValues = false;
}

MultiUInt32Value::~MultiUInt32Value()
{
	if (mOwnsValues)
		delete [] mValues;
}

static inline int
uint32cmp(const uint32 *a, const uint32 *b, uint32 length)
{
	return memcmp(a, b, length * sizeof(uint32));
}

bool
MultiUInt32Value::evaluate(const MultiUInt32Value &other,
	CSSM_DB_OPERATOR op) const
{
	uint32 length1 = mNumValues, length2 = other.mNumValues;
	const uint32 *values1 = mValues;
	const uint32 *values2 = other.mValues;
	
	switch (op)
	{
	case CSSM_DB_EQUAL:					
		if (length1 == length2)
			return uint32cmp(values1, values2, length1) == 0;
		break;
		
	case CSSM_DB_NOT_EQUAL:
		if (length1 != length2 || uint32cmp(values1, values2, length1))
			return true;
		break;

	case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
		if (length1 <= length2)
			return uint32cmp(values1, values2, length1) == 0;
		break;
		
	case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
		if (length1 <= length2)
			return uint32cmp(values1, values2 + (length2 - length1), length1)
				== 0;
		break;
		
	case CSSM_DB_CONTAINS:
		if (length1 <= length2) {
		
			if (length1 == 0)
				return true;
				
			for (const uint32 *values = values2;
				values + length1 < values2 + length2; values++)
				if (uint32cmp(values1, values, length1) == 0)
					return true;
		}
		break;
		
	case CSSM_DB_LESS_THAN:
		// this is not required by the spec, but is required to sort indexes
		// over multi uint32 keys...
		if (length1 < length2)
			return true;
		else if (length1 == length2)
			return uint32cmp(values1, values2, length1) < 0;
		break;

	default:
		CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
	}
	
	return false;
}

} // end namespace Tokend

/* arch-tag: E9534B59-DF80-11D8-A160-000A95C4302E */


--- NEW FILE DbValue.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  DbValue.h
 *  TokendMuscle
 */

#ifndef _TOKEND_DBVALUE_H_
#define _TOKEND_DBVALUE_H_

#include 
#include 
#include 
#include 
#include 

namespace Tokend
{

//
// DbValue -- A base class for all types of database values.
//
class DbValue
{
	NOCOPY(DbValue)
public:
	DbValue();
	virtual ~DbValue() = 0;
};

// A collection of subclasses of DbValue that work for simple
// data types, e.g. uint32, sint32, and double, that have
// the usual C comparison and sizeof operations. Defining this
// template saves typing below.

template 
class BasicValue : public DbValue
{
	NOCOPY(BasicValue)
public:
	BasicValue() {}
	BasicValue(T value) : mValue(value) {}

	bool evaluate(const BasicValue &other, CSSM_DB_OPERATOR op) const
	{
		switch (op)
		{
		case CSSM_DB_EQUAL:			return mValue == other.mValue;
		case CSSM_DB_NOT_EQUAL:		return mValue != other.mValue;
		case CSSM_DB_LESS_THAN:		return mValue < other.mValue;
		case CSSM_DB_GREATER_THAN:	return mValue > other.mValue;
		default: CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
		}
	}

	size_t size() const { return sizeof(T); }
	const uint8 *bytes() const
		{ return reinterpret_cast(&mValue); }

protected:
	T mValue;
};

// Actual useful subclasses of DbValue as instances of BasicValue.
// Note that all of these require a constructor of the form
// (const ReadSection &, uint32 &offset) that advances the offset
// to just after the value.

class UInt32Value : public BasicValue
{
	NOCOPY(UInt32Value)
public:
	UInt32Value(const CSSM_DATA &data);
	virtual ~UInt32Value();
};

class SInt32Value : public BasicValue
{
	NOCOPY(SInt32Value)
public:
	SInt32Value(const CSSM_DATA &data);
	virtual ~SInt32Value();
};

class DoubleValue : public BasicValue
{
	NOCOPY(DoubleValue)
public:
	DoubleValue(const CSSM_DATA &data);
	virtual ~DoubleValue();
};

// Subclasses of Value for more complex types.

class BlobValue : public DbValue, public CssmData
{
	NOCOPY(BlobValue)
public:
	BlobValue() {}
	BlobValue(const CSSM_DATA &data);
	virtual ~BlobValue();
	bool evaluate(const BlobValue &other, CSSM_DB_OPERATOR op) const;

	size_t size() const { return Length; }
	const uint8 *bytes() const { return Data; }
	
protected:
	class Comparator {
	public:
		virtual ~Comparator();
		virtual int operator ()(const uint8 *ptr1, const uint8 *ptr2,
			uint32 length);
	};

	static bool evaluate(const CssmData &data1, const CssmData &data2,
		CSSM_DB_OPERATOR op, Comparator compare);
};

class TimeDateValue : public BlobValue
{
	NOCOPY(TimeDateValue)
public:
	enum { kTimeDateSize = 16 };

	TimeDateValue(const CSSM_DATA &data);
	virtual ~TimeDateValue();

	bool isValidDate() const;
	
private:
	uint32 rangeValue(uint32 start, uint32 length) const;
};

class StringValue : public BlobValue
{
	NOCOPY(StringValue)
public:
	StringValue(const CSSM_DATA &data);
	virtual ~StringValue();
	bool evaluate(const StringValue &other, CSSM_DB_OPERATOR op) const;
	
private:
	class Comparator : public BlobValue::Comparator {
	public:
		virtual int operator ()(const uint8 *ptr1, const uint8 *ptr2,
			uint32 length);
	};

};

class BigNumValue : public BlobValue
{
	NOCOPY(BigNumValue)
public:
	static const uint8 kSignBit = 0x80;

	BigNumValue(const CSSM_DATA &data);
	virtual ~BigNumValue();
	bool evaluate(const BigNumValue &other, CSSM_DB_OPERATOR op) const;

private:
	static int compare(const uint8 *a, const uint8 *b, int length);
};

class MultiUInt32Value : public DbValue
{
	NOCOPY(MultiUInt32Value)
public:
	MultiUInt32Value(const CSSM_DATA &data);
	virtual ~MultiUInt32Value();
	bool evaluate(const MultiUInt32Value &other, CSSM_DB_OPERATOR op) const;

	size_t size() const { return mNumValues * sizeof(uint32); }
	const uint8 *bytes() const { return reinterpret_cast(mValues); }
	
private:
	uint32 mNumValues;
	uint32 *mValues;
	bool mOwnsValues;
};

} // end namespace Tokend

#endif /* !_TOKEND_DBVALUE_H_ */

/* arch-tag: E95684AF-DF80-11D8-A25B-000A95C4302E */


--- NEW FILE KeyHandle.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  KeyHandle.cpp
 *  TokendMuscle
 */

#include "KeyHandle.h"

namespace Tokend
{

//
// KeyHandle
//
KeyHandle::KeyHandle(const MetaRecord &metaRecord,
	const RefPointer &record) :
	RecordHandle(metaRecord, record)
{
}

KeyHandle::~KeyHandle()
{
}

void KeyHandle::wrapUsingKey(const Context &context,
	const AccessCredentials *cred, KeyHandle *wrappingKeyHandle,
	const CssmKey *wrappingKey, const CssmData *descriptiveData,
	CssmKey &wrappedKey)
{
	/* We are being asked to wrap this key using another key. */
	secdebug("crypto", "wrapKey alg: %lu", context.algorithm());
	IFDUMPING("crypto", context.dump("wrapKey context"));
	if (wrappingKeyHandle)
	{
		secdebug("tokend",
			"wrapKey of a reference key using a reference key not supported");
		CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	}

	/* First export the key from the card. */
	exportKey(context, cred, wrappedKey);

	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void KeyHandle::wrapKey(const Context &context, const CssmKey &subjectKey,
		const CssmData *descriptiveData, CssmKey &wrappedKey)
{
	/* We are being asked to wrap a raw subject key using a key on the card. */
	secdebug("tokend", "wrapKey of a raw subject key not supported");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void KeyHandle::unwrapKey(const Context &context,
	const AccessCredentials *cred, const AclEntryPrototype *access,
	const CssmKey &wrappedKey, CSSM_KEYUSE usage,
	CSSM_KEYATTR_FLAGS attributes, CssmData *descriptiveData,
	CSSM_HANDLE &hUnwrappedKey, CssmKey &unwrappedKey)
{
	secdebug("crypto", "unwrapKey alg: %lu", context.algorithm());
	IFDUMPING("crypto", context.dump("unwrapKey context"));
#if 0
	/* Make sure our key type matches the context type */
	if (keyClass() == CSSM_KEYCLASS_SESSION_KEY)
	{
		if (context.type() != CSSM_ALGCLASS_SYMMETRIC))
			CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
	}
	else
#endif
	if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
		CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);

	/* validate wrappedKey */
	if (wrappedKey.keyClass() != CSSM_KEYCLASS_SESSION_KEY)
		CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);

	if(wrappedKey.blobType() != CSSM_KEYBLOB_WRAPPED)
		CssmError::throwMe(CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT);

	/* validate requested storage and usage */
	if (!(attributes & CSSM_KEYATTR_RETURN_DATA)
		|| (attributes & (CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_RETURN_NONE
			| CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_PRIVATE)) != 0)
		CssmError::throwMe(CSSMERR_CSP_INVALID_KEYATTR_MASK);

	/* prepare outgoing header */
	CssmKey::Header &hdr = unwrappedKey.header();
	hdr.clearPod();
    hdr.HeaderVersion = CSSM_KEYHEADER_VERSION;
	hdr.cspGuid(gGuidAppleSdCSPDL);
	hdr.blobType(CSSM_KEYBLOB_RAW);
    hdr.algorithm(wrappedKey.algorithm());
    hdr.keyClass(wrappedKey.keyClass());
    hdr.KeyUsage = usage;
    hdr.KeyAttr = attributes & ~(CSSM_KEYATTR_RETURN_DATA
		| CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_RETURN_NONE);

    // defaults (change as needed)
	hdr.StartDate = wrappedKey.header().StartDate;
	hdr.EndDate = wrappedKey.header().EndDate;
	unwrappedKey.KeyData.Data = NULL;	// ignore possible incoming KeyData
	unwrappedKey.KeyData.Length = 0;

	/* validate wrappedKey format */
	if (wrappedKey.blobFormat() != CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7)
		CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT);

	/* There is no descriptiveData in a PKCS7 wrapped blob. */
	if (descriptiveData)
	{
		descriptiveData->Data = NULL;
		descriptiveData->Length = 0;
	}

	/* Decrypt the key blob. */
	decrypt(context, wrappedKey.keyData(), unwrappedKey.keyData());
	
	/* We are assuming a CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7 from here on. */
	hdr.blobFormat(CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING);
	hdr.LogicalKeySizeInBits = unwrappedKey.length() * 8;
}



//
// KeyHandleFactory
//
KeyHandleFactory::~KeyHandleFactory()
{
}


} // end namespace Tokend


/* arch-tag: 67BC00A5-05B2-11D9-8035-000393D5F80A */


--- NEW FILE KeyHandle.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  KeyHandle.h
 *  TokendMuscle
 */

#ifndef _TOKEND_KEYHANDLE_H_
#define _TOKEND_KEYHANDLE_H_

#include "RecordHandle.h"

#include 
#include 
#include 

namespace Tokend
{

class MetaRecord;
class Record;
class TokenContext;


//
// A (nearly pure virtual) KeyHandle object which implements the crypto
// interface.
//
class KeyHandle : public RecordHandle
{
	NOCOPY(KeyHandle)
public:
    KeyHandle(const MetaRecord &metaRecord, const RefPointer &record);
    ~KeyHandle();

    virtual void getKeySize(CSSM_KEY_SIZE &keySize) = 0;
    virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
		bool encrypting) = 0;
    virtual void generateSignature(const Context &context,
		CSSM_ALGORITHMS signOnly, const CssmData &input,
		CssmData &signature) = 0;
    virtual void verifySignature(const Context &context,
		CSSM_ALGORITHMS signOnly, const CssmData &input,
		const CssmData &signature) = 0;
    virtual void generateMac(const Context &context, const CssmData &input,
		CssmData &output) = 0;
    virtual void verifyMac(const Context &context, const CssmData &input,
		const CssmData &compare) = 0;
    virtual void encrypt(const Context &context, const CssmData &clear,
		CssmData &cipher) = 0;
    virtual void decrypt(const Context &context, const CssmData &cipher,
		CssmData &clear) = 0;

	virtual void exportKey(const Context &context,
		const AccessCredentials *cred, CssmKey &wrappedKey) = 0;

	virtual void wrapUsingKey(const Context &context,
		const AccessCredentials *cred, KeyHandle *wrappingKeyHandle,
		const CssmKey *wrappingKey, const CssmData *descriptiveData,
		CssmKey &wrappedKey);
	virtual void wrapKey(const Context &context, const CssmKey &subjectKey,
			const CssmData *descriptiveData, CssmKey &wrappedKey);
	virtual void unwrapKey(const Context &context,
		const AccessCredentials *cred, const AclEntryPrototype *access,
		const CssmKey &wrappedKey, CSSM_KEYUSE usage,
		CSSM_KEYATTR_FLAGS attributes, CssmData *descriptiveData,
		CSSM_HANDLE &hUnwrappedKey, CssmKey &unwrappedKey);
private:
};


//
// A (pure virtual) factory that creates KeyHandle objects.
//
class KeyHandleFactory
{
	NOCOPY(KeyHandleFactory)
public:
	KeyHandleFactory() {}
	virtual ~KeyHandleFactory() = 0;

	virtual KeyHandle *keyHandle(TokenContext *tokenContext,
		const MetaRecord &metaRecord, Record &record) const = 0;
};


} // end namespace Tokend

#endif /* !_TOKEND_KEYHANDLE_H_ */

/* arch-tag: 689EDCA0-05B2-11D9-AAAA-000393D5F80A */



--- NEW FILE MetaAttribute.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  MetaAttribute.cpp
 *  TokendMuscle
 */

#include "MetaAttribute.h"
#include "MetaRecord.h"
#include "Record.h"
#include "DbValue.h"
#include "DbValue.h"

namespace Tokend
{

MetaAttribute::~MetaAttribute()
{
}

// Construct an instance of an appropriate subclass of MetaAttribute based on
// the given format.  Called in MetaRecord.cpp createAttribute.
MetaAttribute *MetaAttribute::create(MetaRecord& metaRecord, Format format,
	uint32 attributeIndex, uint32 attributeId)
{
	switch (format)
	{
	case kAF_STRING:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);

	case kAF_SINT32:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);
		
	case kAF_UINT32:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);

	case kAF_BIG_NUM:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);
		
	case kAF_REAL:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);

	case kAF_TIME_DATE:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);

	case kAF_BLOB:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);
		
	case kAF_MULTI_UINT32:
		return new TypedMetaAttribute(metaRecord, format,
			attributeIndex, attributeId);
													
	case kAF_COMPLEX:
	default:
		CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT);
	}
}

const Attribute &
MetaAttribute::attribute(TokenContext *tokenContext, Record &record) const
{
	if (!record.hasAttributeAtIndex(mAttributeIndex))
	{
		if (!mCoder)
		{
			secdebug("coder",
				"No coder for r: %p rid: 0x%08lX aid: %lu aix: %lu",
				&record, mMetaRecord.relationId(), mAttributeId,
				mAttributeIndex);
			CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
		}

		secdebug("coder",
			"Asking coder %p for r: %p rid: 0x%08lX aid: %lu aix: %lu",
			mCoder, &record, mMetaRecord.relationId(), mAttributeId,
			mAttributeIndex);
		mCoder->decode(tokenContext, *this, record);

		// The coder had better put something useful in the attribute we asked it to.
		if (!record.hasAttributeAtIndex(mAttributeIndex))
		{
			secdebug("coder",
				"Coder %p did not set r: %p rid: 0x%08lX aid: %lu aix: %lu",
				mCoder, &record, mMetaRecord.relationId(), mAttributeId,
				mAttributeIndex);
			CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
		}
	}

	const Attribute &attribute = record.attributeAtIndex(mAttributeIndex);
#ifndef NDEBUG
	if (attribute.size() == 1)
		secdebug("mscread",
			"r: %p rid: 0x%08lX aid: %lu aix: %lu has: 1 value of length: %lu",
			&record, mMetaRecord.relationId(), mAttributeId, mAttributeIndex,
			attribute[0].Length);
	else
		secdebug("mscread",
			"r: %p rid: 0x%08lX aid: %lu aix: %lu has: %lu values",
			&record, mMetaRecord.relationId(), mAttributeId, mAttributeIndex,
			attribute.size());
#endif		
		
	return attribute;
}


}	// end namespace Tokend
/* arch-tag: E959F780-DF80-11D8-B2A9-000A95C4302E */


--- NEW FILE MetaAttribute.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  MetaAttribute.h
 *  TokendMuscle
 */

#ifndef _TOKEND_METAATTRIBUTE_H_
#define _TOKEND_METAATTRIBUTE_H_

#include 
#include 
#include "Attribute.h"

namespace Tokend
{

class Attribute;
class AttributeCoder;
class DbValue;
class MetaRecord;
class Record;
class TokenContext;

// A base class for all meta attributes.

class MetaAttribute
{
	NOCOPY(MetaAttribute)
public:
	typedef CSSM_DB_ATTRIBUTE_FORMAT Format;
	
	virtual ~MetaAttribute();
	
	// construct an appropriate subclass of MetaAttribute
	static MetaAttribute *create(MetaRecord& metaRecord, Format format,
		uint32 attributeIndex, uint32 attributeId);

	void attributeCoder(AttributeCoder *coder) { mCoder = coder; }

	Format attributeFormat() const { return mFormat; }
	uint32 attributeIndex() const { return mAttributeIndex; }
	uint32 attributeId() const { return mAttributeId; }

	const Attribute &attribute(TokenContext *tokenContext,
		Record &record) const;

	const MetaRecord &metaRecord() const { return mMetaRecord; }
	
	// interface required of all subclasses, implemented with templates below
	virtual DbValue *createValue(const CSSM_DATA &data) const = 0;

	virtual bool evaluate(TokenContext *tokenContext, const DbValue *value,
		Record& record, CSSM_DB_OPERATOR op) const = 0;

protected:
	MetaAttribute(MetaRecord& metaRecord, Format format, uint32 attributeIndex,
		uint32 attributeId)
		: mCoder(NULL), mMetaRecord(metaRecord), mFormat(format),
		mAttributeIndex(attributeIndex), mAttributeId(attributeId) {}

	AttributeCoder *mCoder;
	MetaRecord &mMetaRecord;
	Format mFormat;
	uint32 mAttributeIndex;
	uint32 mAttributeId;
};

// Template used to describe particular subclasses of MetaAttribute

template 
class TypedMetaAttribute : public MetaAttribute
{
public:
	TypedMetaAttribute(MetaRecord& metaRecord, Format format,
		uint32 attributeIndex, uint32 attributeId)
		: MetaAttribute(metaRecord, format, attributeIndex, attributeId) {}

	DbValue *createValue(const CSSM_DATA &data) const
	{
		return new T(data);
	}

	bool evaluate(TokenContext *tokenContext, const DbValue *value,
		Record &record, CSSM_DB_OPERATOR op) const
	{
		const Attribute &attr = attribute(tokenContext, record);
		uint32 numValues = attr.size();

		/* If any of the values for this attribute match we have a match. */
		for (uint32 ix = 0; ix < numValues; ++ix)
			if (dynamic_cast(value)->evaluate(static_cast(attr[ix]), op))
				return true;

		return false;
	}

	bool evaluate(const DbValue *value1, const DbValue *value2,
		CSSM_DB_OPERATOR op) const
	{
		return (dynamic_cast(value1))->
			evaluate(*dynamic_cast(value2), op);
	}
};

}	// end namespace Tokend

#endif /* !_TOKEND_METAATTRIBUTE_H_ */

/* arch-tag: E95D3E68-DF80-11D8-B030-000A95C4302E */


--- NEW FILE MetaRecord.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  MetaRecord.cpp
 *  TokendMuscle
 */

#include "MetaRecord.h"

#include "Attribute.h"
#include "KeyHandle.h"
#include "MetaAttribute.h"
#include "Record.h"
#include 
#include 

namespace Tokend
{

#pragma mark ---------------- MetaRecord methods --------------

// Used for normal relations.
MetaRecord::MetaRecord(RelationId inRelationId) : mRelationId(inRelationId),
	mKeyHandleFactory(NULL)
{
    // Passing in a bogus attributeId for the attribute at index 0 (which is
	// the data). It's not possible to look up the attribute by attributeId,
	// nor should any coder rely on it's value.
	mAttributeVector.push_back(MetaAttribute::create(*this, kAF_BLOB, 0,
		'data'));
}

MetaRecord::~MetaRecord()
{
	for_each_delete(mAttributeVector.begin(), mAttributeVector.end());
}

MetaAttribute &MetaRecord::createAttribute(const std::string &inAttributeName,
     CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat)
{
    uint32 anAttributeId = mAttributeVector.size() - 1;
    return createAttribute(&inAttributeName, NULL, anAttributeId,
		inAttributeFormat);
}

MetaAttribute &MetaRecord::createAttribute(const string *inAttributeName,
	const CssmOid *inAttributeOID, uint32 inAttributeID,
	CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat)
{
	// Index of new element is current size of vector
    uint32 anAttributeIndex = mAttributeVector.size();
    bool aInsertedAttributeName = false;
    bool aInsertedAttributeOID = false;
    bool aInsertedAttributeID = false;

    if (inAttributeName)
    {
        if (!mNameStringMap.insert(NameStringMap::value_type(*inAttributeName,
			anAttributeIndex)).second)
            CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
        aInsertedAttributeName = true;
    }
    try
    {
        if (inAttributeOID)
        {
            if (!mNameOIDMap.insert(NameOIDMap::value_type(*inAttributeOID,
				anAttributeIndex)).second)
                CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
            aInsertedAttributeOID = true;
        }

		if (!mNameIntMap.insert(NameIntMap::value_type(inAttributeID,
			anAttributeIndex)).second)
			CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
		aInsertedAttributeID = true;

		// Note: this no longer throws INVALID_FIELD_NAME since the attribute
		// will always have an attribute ID by which it is known.
		MetaAttribute *ma = MetaAttribute::create(*this, inAttributeFormat,
			anAttributeIndex, inAttributeID);
		mAttributeVector.push_back(ma);
		return *ma;
    }
    catch (...)
    {
        if (aInsertedAttributeName)
            mNameStringMap.erase(*inAttributeName);
        if (aInsertedAttributeOID)
            mNameOIDMap.erase(*inAttributeOID);
        if (inAttributeID)
            mNameIntMap.erase(inAttributeID);
		
        throw;
    }
}

// Return the index (0 though NumAttributes - 1) of the attribute
// represented by inAttributeInfo

uint32 MetaRecord::attributeIndex(
	const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const
{
	uint32 anIndex;
	switch (inAttributeInfo.AttributeNameFormat)
	{
	    case CSSM_DB_ATTRIBUTE_NAME_AS_STRING:
		{
			string aName(inAttributeInfo.Label.AttributeName);
			NameStringMap::const_iterator it = mNameStringMap.find(aName);
			if (it == mNameStringMap.end())
				CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);

			anIndex = it->second;
			break;
		}
	    case CSSM_DB_ATTRIBUTE_NAME_AS_OID:
	    {
			const CssmOid &aName =
				CssmOid::overlay(inAttributeInfo.Label.AttributeOID);
			NameOIDMap::const_iterator it = mNameOIDMap.find(aName);
			if (it == mNameOIDMap.end())
				CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
			anIndex = it->second;
			break;
		}
		case CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER:
		{
			uint32 aName = inAttributeInfo.Label.AttributeID;
			NameIntMap::const_iterator it = mNameIntMap.find(aName);
			if (it == mNameIntMap.end())
				CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
			anIndex = it->second;
			break;
		}
		default:
			CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
			break;
	}

	return anIndex;
}

const MetaAttribute &MetaRecord::metaAttribute(
	const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const
{
	return *mAttributeVector[attributeIndex(inAttributeInfo)];
}

const MetaAttribute &MetaRecord::metaAttribute(uint32 name) const
{
	NameIntMap::const_iterator it = mNameIntMap.find(name);
	if (it == mNameIntMap.end())
		CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);

	return *mAttributeVector[it->second];
}

const MetaAttribute &MetaRecord::metaAttribute(const std::string &name) const
{
	NameStringMap::const_iterator it = mNameStringMap.find(name);
	if (it == mNameStringMap.end())
		CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);

	return *mAttributeVector[it->second];
}

const MetaAttribute &MetaRecord::metaAttributeForData() const
{
	return *mAttributeVector[0];
}

void MetaRecord::attributeCoder(uint32 name, AttributeCoder *coder)
{
	const_cast(metaAttribute(name)).attributeCoder(coder);
}

void MetaRecord::attributeCoder(const std::string &name, AttributeCoder *coder)
{
	const_cast(metaAttribute(name)).attributeCoder(coder);
}

void MetaRecord::attributeCoderForData(AttributeCoder *coder)
{
	const_cast(metaAttributeForData()).attributeCoder(coder);
}

void
MetaRecord::get(TokenContext *tokenContext, Record &record,
	TOKEND_RETURN_DATA &data) const
{
	if (data.attributes)
	{
		// Fetch the requested attributes.
		CSSM_DB_RECORD_ATTRIBUTE_DATA &drad = *data.attributes;
		drad.DataRecordType = mRelationId;
		drad.SemanticInformation = 0;
		for (uint32 ix = 0; ix < drad.NumberOfAttributes; ++ix)
		{
			CSSM_DB_ATTRIBUTE_DATA &dad = drad.AttributeData[ix];
			const MetaAttribute &ma = metaAttribute(dad.Info);
			dad.Info.AttributeFormat = ma.attributeFormat();
			const Attribute &attr = ma.attribute(tokenContext, record);
			dad.NumberOfValues = attr.size();
			dad.Value = const_cast(attr.values());
		}
	}

	if (data.data)
	{
		// Fetch the data.
		const MetaAttribute &ma = metaAttributeForData();
		const Attribute &attr = ma.attribute(tokenContext, record);
		if (attr.size() != 1)
			CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

		(*data.data) = attr.values()[0];
        if (mKeyHandleFactory)
        {
			KeyHandle *keyHandle = mKeyHandleFactory->keyHandle(tokenContext,
				*this, record);
            data.keyhandle = keyHandle ? keyHandle->handle() : 0;
        }
        else
            data.keyhandle = 0;
	}
}


} // end namespace Tokend
/* arch-tag: E9605B3A-DF80-11D8-B3F2-000A95C4302E */


--- NEW FILE MetaRecord.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  MetaRecord.h
 *  TokendMuscle
 */

#ifndef _TOKEND_METARECORD_H_
#define _TOKEND_METARECORD_H_

#include 
#include 
#include 
#include 
#include 

namespace Tokend
{

// Shorter names for some long cssm constants
enum
{
	kAF_STRING = CSSM_DB_ATTRIBUTE_FORMAT_STRING,
	kAF_SINT32 = CSSM_DB_ATTRIBUTE_FORMAT_SINT32,
	kAF_UINT32 = CSSM_DB_ATTRIBUTE_FORMAT_UINT32,
	kAF_BIG_NUM = CSSM_DB_ATTRIBUTE_FORMAT_BIG_NUM,
	kAF_REAL = CSSM_DB_ATTRIBUTE_FORMAT_REAL,
	kAF_TIME_DATE = CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE,
	kAF_BLOB = CSSM_DB_ATTRIBUTE_FORMAT_BLOB,
	kAF_MULTI_UINT32 = CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32,
	kAF_COMPLEX = CSSM_DB_ATTRIBUTE_FORMAT_COMPLEX
};

typedef CSSM_DB_RECORDTYPE RelationId;


class AttributeCoder;
class KeyHandleFactory;
class MetaAttribute;
class Record;
class TokenContext;
//
// Meta (or Schema) representation of an a Record.  Used for packing and
// unpacking objects.
//

class MetaRecord
{
	NOCOPY(MetaRecord)
public:
	// Used for normal relations
	// dataCoder is the coder which will be used for the "data" value
	// (metaAttributeForData() returns a metaAttribute using this coder.
    MetaRecord(RelationId inRelationId);

	~MetaRecord();

    MetaAttribute &createAttribute(const std::string &inAttributeName,
                                   CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat);
    MetaAttribute &createAttribute(const std::string *inAttributeName,
						 const CssmOid *inAttributeOID,
                         uint32 inAttributeID,
						 CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat);

	const MetaAttribute &metaAttribute(
		const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const;
	const MetaAttribute &MetaRecord::metaAttribute(uint32 name) const;
	const MetaAttribute &MetaRecord::metaAttribute(
		const std::string &name) const;
	const MetaAttribute &metaAttributeForData() const;

	void attributeCoder(uint32 name, AttributeCoder *coder);
	void attributeCoder(const std::string &name, AttributeCoder *coder);
	void attributeCoderForData(AttributeCoder *coder);

	RelationId relationId() const { return mRelationId; }

    // Return the index (0 though NumAttributes - 1) of the attribute
	// represented by inAttributeInfo
    uint32 attributeIndex(const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const;

	void get(TokenContext *tokenContext, Record &record,
		TOKEND_RETURN_DATA &data) const;

	void keyHandleFactory(KeyHandleFactory *keyHandleFactory)
		{ mKeyHandleFactory = keyHandleFactory; }
private:

    //friend class MetaAttribute;

	RelationId mRelationId;
	
	typedef std::map NameStringMap;
	typedef std::map, uint32> NameOIDMap;
	typedef std::map NameIntMap;

	NameStringMap mNameStringMap;
	NameOIDMap mNameOIDMap;
	NameIntMap mNameIntMap;

	typedef std::vector AttributeVector;
    typedef AttributeVector::iterator AttributeIterator;
    typedef AttributeVector::const_iterator ConstAttributeIterator;
	AttributeVector mAttributeVector;
    KeyHandleFactory *mKeyHandleFactory;
};

} // end namespace Tokend

#endif /* !_TOKEND_METARECORD_H_ */

/* arch-tag: E9626F11-DF80-11D8-BBDF-000A95C4302E */


--- NEW FILE PKCS11Object.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  PKCS11Object.cpp
 *  TokendMuscle
 */

#include "PKCS11Object.h"

#include 
#include 
#include 

#if defined(DEBUGDUMP)
#include "cryptoki.h"
#include "pkcs11.h"
#endif /* !defined(DEBUGDUMP) */

namespace Tokend
{

PKCS11Object::PKCS11Object(const void *inData, size_t inSize)
{
	const PKCS11ObjectHeader *object =
		reinterpret_cast(inData);
	if (inSize < sizeof(PKCS11ObjectHeader) || !object
		|| inSize < (object->size() + sizeof(PKCS11ObjectHeader)))
		CssmError::throwMe(CSSM_ERRCODE_INTERNAL_ERROR);

	size_t objectSize = object->size();
	const uint8_t *data = object->data();
	for (size_t bytesRead = 0; bytesRead < objectSize;)
	{
		const PKCS11Attribute *attribute =
			reinterpret_cast(&data[bytesRead]);
		IFDUMPING("pkcs11", debugDump(*attribute));
		mAttributeMap.insert(pair(attribute->attributeId(), attribute));
		bytesRead += sizeof(PKCS11Attribute) + attribute->size();
	}
}

const PKCS11Object::PKCS11Attribute *
PKCS11Object::attribute(uint32_t attributeId) const
{
	AttributeMap::const_iterator it = mAttributeMap.find(attributeId);
	if (it == mAttributeMap.end())
	{
		secdebug("pkcs11", "pkcs11 attribute: %08X not found", attributeId);
		return NULL;
	}

	secdebug("pkcs11-d", "accessing pkcs11 attribute: %08X size: %lu",
		attributeId, it->second->size());
	return it->second;
}

bool PKCS11Object::attributeValueAsBool(uint32_t attributeId) const
{
	const PKCS11Attribute *attr = attribute(attributeId);
	if (!attr)
		return false;

	if (attr->size() != 1)
	{
		secdebug("pkcs11",
			"attributeValueAsBool: pkcs11 attribute: %08X size: %lu",
			attributeId, attr->size());
		CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);
	}

	return *attr->data() != 0;
}

uint32_t PKCS11Object::attributeValueAsUint32(uint32_t attributeId) const
{
	const PKCS11Attribute *attr = attribute(attributeId);
	if (!attr)
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

	if (attr->size() != 4)
	{
		secdebug("pkcs11",
			"attributeValueAsUint32: pkcs11 attribute: %08X size: %lu",
			attributeId, attr->size());
		CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);
	}

	const uint8_t *data = attr->data();
	return (data[0] << 24) + (data[1] << 16) + (data[2] << 8) + data[3]; 
}

void PKCS11Object::attributeValueAsData(uint32_t attributeId,
	const uint8_t *&data, size_t &size) const
{
	const PKCS11Attribute *attr = attribute(attributeId);
	if (!attr)
		CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);

	size = attr->size();
	data = attr->data();
}

#if defined(DEBUGDUMP)
void PKCS11Object::debugDump(const PKCS11Attribute &attribute)
{
	Debug::dump("found pkcs11 attribute: %s size: %lu ",
		attributeName(attribute.attributeId()), attribute.size());
	Debug::dumpData(attribute.data(), attribute.size());
	Debug::dump("\n");
}

const char *PKCS11Object::attributeName(uint32_t attributeId)
{
	static char buffer[20];

	switch (attributeId)
	{
	case CKA_CLASS: return "CLASS";
	case CKA_TOKEN: return "TOKEN";
	case CKA_PRIVATE: return "PRIVATE";
	case CKA_LABEL: return "LABEL";
	case CKA_APPLICATION: return "APPLICATION";
	case CKA_VALUE: return "VALUE";
	case CKA_OBJECT_ID: return "OBJECT_ID";
	case CKA_CERTIFICATE_TYPE: return "CERTIFICATE_TYPE";
	case CKA_ISSUER: return "ISSUER";
	case CKA_SERIAL_NUMBER: return "SERIAL_NUMBER";
	case CKA_AC_ISSUER: return "AC_ISSUER";
	case CKA_OWNER: return "OWNER";
	case CKA_ATTR_TYPES: return "ATTR_TYPES";
	case CKA_TRUSTED: return "TRUSTED";
	case CKA_KEY_TYPE: return "KEY_TYPE";
	case CKA_SUBJECT: return "SUBJECT";
	case CKA_ID: return "ID";
	case CKA_SENSITIVE: return "SENSITIVE";
	case CKA_ENCRYPT: return "ENCRYPT";
	case CKA_DECRYPT: return "DECRYPT";
	case CKA_WRAP: return "WRAP";
	case CKA_UNWRAP: return "UNWRAP";
	case CKA_SIGN: return "SIGN";
	case CKA_SIGN_RECOVER: return "SIGN_RECOVER";
	case CKA_VERIFY: return "VERIFY";
	case CKA_VERIFY_RECOVER: return "VERIFY_RECOVER";
	case CKA_DERIVE: return "DERIVE";
	case CKA_START_DATE: return "START_DATE";
	case CKA_END_DATE: return "END_DATE";
	case CKA_MODULUS: return "MODULUS";
	case CKA_MODULUS_BITS: return "MODULUS_BITS";
	case CKA_PUBLIC_EXPONENT: return "PUBLIC_EXPONENT";
	case CKA_PRIVATE_EXPONENT: return "PRIVATE_EXPONENT";
	case CKA_PRIME_1: return "PRIME_1";
	case CKA_PRIME_2: return "PRIME_2";
	case CKA_EXPONENT_1: return "EXPONENT_1";
	case CKA_EXPONENT_2: return "EXPONENT_2";
	case CKA_COEFFICIENT: return "COEFFICIENT";
	case CKA_PRIME: return "PRIME";
	case CKA_SUBPRIME: return "SUBPRIME";
	case CKA_BASE: return "BASE";
	case CKA_PRIME_BITS: return "PRIME_BITS";
	case CKA_SUB_PRIME_BITS: return "SUB_PRIME_BITS";
	case CKA_VALUE_BITS: return "VALUE_BITS";
	case CKA_VALUE_LEN: return "VALUE_LEN";
	case CKA_EXTRACTABLE: return "EXTRACTABLE";
	case CKA_LOCAL: return "LOCAL";
	case CKA_NEVER_EXTRACTABLE: return "NEVER_EXTRACTABLE";
	case CKA_ALWAYS_SENSITIVE: return "ALWAYS_SENSITIVE";
	case CKA_KEY_GEN_MECHANISM: return "KEY_GEN_MECHANISM";
	case CKA_MODIFIABLE: return "MODIFIABLE";
	case CKA_EC_PARAMS: return "EC_PARAMS";
	case CKA_EC_POINT: return "EC_POINT";
	case CKA_SECONDARY_AUTH: return "SECONDARY_AUTH";
	case CKA_AUTH_PIN_FLAGS: return "AUTH_PIN_FLAGS";
	case CKA_HW_FEATURE_TYPE: return "HW_FEATURE_TYPE";
	case CKA_RESET_ON_INIT: return "RESET_ON_INIT";
	case CKA_HAS_RESET: return "HAS_RESET";
	case CKA_VENDOR_DEFINED: return "VENDOR_DEFINED";
	default:
		snprintf(buffer, sizeof(buffer), "unknown(%0x08X)", attributeId);
		return buffer;
	}
}
#endif /* !defined(DEBUGDUMP) */


}	// end namespace Tokend

/* arch-tag: 91F38B1F-FE04-11D8-BD24-000A95C4302E */


--- NEW FILE PKCS11Object.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  PKCS11Object.h
 *  TokendMuscle
 */

#ifndef _TOKEND_PKCS11OBJECT_H_
#define _TOKEND_PKCS11OBJECT_H_

#include 
#include 
#include 

namespace Tokend
{

// This object doesn't copy it's data.  It's assumed that the data will live at
// least as long as this object does.
class PKCS11Object
{
public:
	PKCS11Object(const void *inData, size_t inSize);

	bool attributeValueAsBool(uint32_t attributeId) const;
	uint32_t attributeValueAsUint32(uint32_t attributeId) const;
	void PKCS11Object::attributeValueAsData(uint32_t attributeId,
		const uint8_t *&data, size_t &size) const;

private:
	struct PKCS11ObjectHeader
	{
		uint8_t oh_type;
		uint8_t oh_id[2];
		uint8_t oh_next_id[2];
		uint8_t oa_size[2];
		uint8_t oh_data[0];

		size_t size() const { return (oa_size[0] << 8) + oa_size[1]; }
		const uint8_t *data() const { return oh_data; }
	};

	struct PKCS11Attribute
	{
		uint8_t oa_id[4];  // big endian attribute type
		uint8_t oa_size[2]; // big endian attribute length
		uint8_t oa_data[0];

		uint32_t attributeId() const { return (oa_id[0] << 24)
			+ (oa_id[1] << 16) + (oa_id[2] << 8) + oa_id[3]; }
		size_t size() const { return (oa_size[0] << 8) + oa_size[1]; }
		const uint8_t *data() const { return oa_data; }
	};

	const PKCS11Attribute *attribute(uint32_t attributeId) const;

#if defined(DEBUGDUMP)
	void debugDump(const PKCS11Attribute &attribute);
	static const char *attributeName(uint32_t attributeId);
#endif /* !defined(DEBUGDUMP) */

	typedef std::map AttributeMap;
	AttributeMap mAttributeMap;
};


} // end namespace Tokend

#endif /* !_TOKEND_PKCS11OBJECT_H_ */

/* arch-tag: 9266465C-FE04-11D8-9E28-000A95C4302E */


--- NEW FILE Record.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Record.cpp
 *  TokendMuscle
 */

#include "Record.h"

#include 

namespace Tokend
{

AutoAclOwnerPrototype Record::gNobodyAclOwner;
AutoAclEntryInfoList Record::gAnyReadAclEntries;

Record::Record()
{
}

Record::~Record()
{
	for_each_delete(mAttributes.begin(), mAttributes.end());
}

bool
Record::hasAttributeAtIndex(uint32 attributeIndex) const
{
	if (attributeIndex < mAttributes.size())
		return mAttributes[attributeIndex] != NULL;

	return false;
}

const Attribute &
Record::attributeAtIndex(uint32 attributeIndex) const
{
	if (attributeIndex < mAttributes.size())
	{
		Attribute *attribute = mAttributes[attributeIndex];
		if (attribute)
			return *attribute;
	}

	CssmError::throwMe(CSSMERR_DL_INTERNAL_ERROR);
}

void Record::attributeAtIndex(uint32 attributeIndex, Attribute *attribute)
{
	auto_ptr _(attribute);
	if (attributeIndex >= mAttributes.size())
		mAttributes.resize(attributeIndex + 1);

	if (mAttributes[attributeIndex] != NULL)
		CssmError::throwMe(CSSMERR_DL_INTERNAL_ERROR);

	mAttributes[attributeIndex] = _.release();
}

void Record::getOwner(AclOwnerPrototype &owner)
{
	// Normally nobody can change the acl of an object on a smartcard.
	if (!gNobodyAclOwner)
	{
		Allocator &alloc = Allocator::standard();
		gNobodyAclOwner.allocator(alloc);
		gNobodyAclOwner = CssmClient::AclFactory::NobodySubject(alloc);
	}
	owner = gNobodyAclOwner;
}

void Record::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
{
	// Normally anyone can read an object on a smartcard (subclasses might
	// override this).
	if (!gAnyReadAclEntries) {
		gAnyReadAclEntries.allocator(Allocator::standard());
		gAnyReadAclEntries.add(CssmClient::AclFactory::AnySubject(
			gAnyReadAclEntries.allocator()),
			AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
	}
	count = gAnyReadAclEntries.size();
	acls = gAnyReadAclEntries.entries();
}

void Record::changeOwner(const AclOwnerPrototype &owner)
{
	// Default changeOwner on a record always fails.
	CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
}

void Record::changeAcl(const AccessCredentials &cred, const AclEdit &edit)
{
	// Default changeAcl on a record always fails.
	CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
}

const char *Record::description()
{
	CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
}

Attribute *Record::getDataAttribute(TokenContext *tokenContext)
{
	CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
}


} // end namespace Tokend


/* arch-tag: E92DB3E0-DF80-11D8-8D83-000A95C4302E */


--- NEW FILE Record.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Record.h
 *  TokendMuscle
 */

#ifndef _TOKEND_RECORD_H_
#define _TOKEND_RECORD_H_

#include "AttributeCoder.h"
#include "MetaRecord.h"
#include "Attribute.h"
#include 
#include 
#include 
#include 
#include 

namespace Tokend
{

class Record : public RefCount, public Security::Adornable
{
	NOCOPY(Record)
public:
	Record();
	virtual ~Record();

	bool hasAttributeAtIndex(uint32 attributeIndex) const;
	const Attribute &attributeAtIndex(uint32 attributeIndex) const;
	void attributeAtIndex(uint32 attributeIndex, Attribute *attribute);

    virtual void getOwner(AclOwnerPrototype &owner);
    virtual void getAcl(const char *tag, uint32 &count,
		AclEntryInfo *&aclList);
	virtual void changeOwner(const AclOwnerPrototype &owner);
	virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);

	virtual const char *description();
	virtual Attribute *getDataAttribute(TokenContext *tokenContext);

protected:
	typedef std::vector Attributes;
    typedef Attributes::iterator AttributesIterator;
    typedef Attributes::const_iterator ConstAttributesIterator;

	Attributes mAttributes;

	// temporary ACL cache hack - to be removed
	static AutoAclOwnerPrototype gNobodyAclOwner;
	static AutoAclEntryInfoList gAnyReadAclEntries;
};

} // end namespace Tokend

#endif /* !_TOKEND_RECORD_H_ */

/* arch-tag: E931F716-DF80-11D8-A25D-000A95C4302E */


--- NEW FILE RecordHandle.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  RecordHandle.cpp
 *  TokendMuscle
 */

#include "RecordHandle.h"

#include "MetaRecord.h"
#include "Record.h"

namespace Tokend
{

RecordHandle::RecordHandle(const MetaRecord &metaRecord,
	const RefPointer &record) :
	mMetaRecord(metaRecord), mRecord(record)
{
}

RecordHandle::~RecordHandle()
{
}

void RecordHandle::get(TokenContext *tokenContext, TOKEND_RETURN_DATA &data)
{
	mMetaRecord.get(tokenContext, *mRecord, data);
	data.record = handle();
}

void RecordHandle::getOwner(AclOwnerPrototype &owner)
{
	mRecord->getOwner(owner);
}

void RecordHandle::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
{
	mRecord->getAcl(tag, count, acls);
}

void RecordHandle::changeOwner(const AclOwnerPrototype &owner)
{
	mRecord->changeOwner(owner);
}

void RecordHandle::changeAcl(const AccessCredentials &cred,
	const AclEdit &edit)
{
	mRecord->changeAcl(cred, edit);
}


} // end namespace Tokend


/* arch-tag: 6974FF0F-F7B9-11D8-BDE2-000A9595DEEE */


--- NEW FILE RecordHandle.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  RecordHandle.h
 *  TokendMuscle
 */

#ifndef _TOKEND_RECORDHANDLE_H_
#define _TOKEND_RECORDHANDLE_H_

#include 
#include 
#include 
#include 
#include 

namespace Tokend
{

class MetaRecord;
class Record;
class TokenContext;

class RecordHandle: public HandleObject
{
	NOCOPY(RecordHandle)
public:
	RecordHandle(const MetaRecord &metaRecord,
		const RefPointer &record);
	virtual ~RecordHandle();
	virtual void get(TokenContext *tokenContext, TOKEND_RETURN_DATA &data);

    virtual void getOwner(AclOwnerPrototype &owner);
    virtual void getAcl(const char *tag, uint32 &count,
		AclEntryInfo *&aclList);
	virtual void changeOwner(const AclOwnerPrototype &owner);
	virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);

private:
	const MetaRecord &mMetaRecord;
	RefPointer mRecord;
};

} // end namespace Tokend

#endif /* !_TOKEND_RECORDHANDLE_H_ */

/* arch-tag: 3A2EEFFE-F7B9-11D8-BB62-000A9595DEEE */



--- NEW FILE Relation.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Relation.cpp
 *  TokendMuscle
 */

#include "Relation.h"

namespace Tokend
{

// @@@ need to distinguish between records that exist at db open time, and
// those that are being added and must be written back to the card

#pragma mark ---------------- Relation methods --------------

Relation::~Relation()
{
	delete mMetaRecord;
}

void Relation::insertRecord(const RefPointer &record)
{
	push_back(record);
}

bool Relation::matchesId(RelationId inRelationId) const
{
	RelationId anId = mMetaRecord->relationId();
	if (inRelationId == CSSM_DL_DB_RECORD_ANY) // All non schema tables.
		return !(CSSM_DB_RECORDTYPE_SCHEMA_START <= anId
			&& anId < CSSM_DB_RECORDTYPE_SCHEMA_END);

	if (inRelationId == CSSM_DL_DB_RECORD_ALL_KEYS) // All key tables.
		return (anId == CSSM_DL_DB_RECORD_PUBLIC_KEY
				|| anId == CSSM_DL_DB_RECORD_PRIVATE_KEY
				|| anId == CSSM_DL_DB_RECORD_SYMMETRIC_KEY);

	return inRelationId == anId; // Only if exact match.
}


} // end namespace Tokend

/* arch-tag: E9350280-DF80-11D8-B395-000A95C4302E */


--- NEW FILE Relation.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Relation.h
 *  TokendMuscle
 */

#ifndef _TOKEND_RELATION_H_
#define _TOKEND_RELATION_H_

#include "Record.h"
#include 

namespace Tokend
{	

class MetaRecord;
class Record;

class Relation : public std::vector< RefPointer >
{
	NOCOPY(Relation)
public:
	Relation(MetaRecord *metaRecord) : mMetaRecord(metaRecord) { }
	~Relation();

	const MetaRecord &metaRecord() const { return *mMetaRecord; }
	MetaRecord &metaRecord() { return *mMetaRecord; }

	void insertRecord(const RefPointer &record);
	bool matchesId(RelationId inRelationId) const;

protected:
	MetaRecord *mMetaRecord;
};

} // end namespace Tokend

#endif /* !_TOKEND_RELATION_H_ */

/* arch-tag: E936FF49-DF80-11D8-9195-000A95C4302E */



--- NEW FILE SCardError.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  SCardError.cpp
 *  TokendMuscle
 */

#include "SCardError.h"

#include 

namespace Tokend
{

/*
Excerpt from ISO/IEC 7816 part 3:

Status bytes (SW1=$6x or $9x, expect $60; SW2 any value) 
-------------------------------------------------------- 
The end sequence SW1-SW2 gives the card status at the end of the command.

The normal ending is indicated by SW1-SW2 = $90-$00.

When the most significant half byte SW1 is $6, the meaning of SW1 is
independant of the application. The following five values are defined:

$6E The card does not support the instruction class. 
$6D The instruction code is not programmed or is invalid. 
$6B The reference is incorrect. 
$67 The length is incorrect. 
$6F No precise diagnostic is given.

Other values are reserved for future use by ISO7816. When SW1 is neither $6E
nor $6D, the card support the instruction. This part of ISO7816 does not
interprets neither $9X SW1 bytes, nor SW2 
bytes; Their meaning relates to the application itself.

Supplement (were seen sometimes): 
--------------------------------- 
SW1 SW2 Meaning

62 81 Returned data may be corrupted. 
62 82 The end of the file has been reached before the end of reading. 
62 84 Selected file is not valid. 
65 01 Memory failure. There have been problems in writing or reading 
the EEPROM. Other hardware problems may also bring this error. 
68 00 The request function is not supported by the card. 
6A 00 Bytes P1 and/or P2 are incorrect. 
6A 80 The parameters in the data field are incorrect. 
6A 82 File not found. 
6A 83 Record not found. 
6A 84 There is insufficient memory space in record or file. 
6A 87 The P3 value is not consistent with the P1 and P2 values. 
6A 88 Referenced data not found. 
6C XX Incorrect P3 length.


Excerpt from ISO/IEC 7816 part 4:

Due to specifications in part 3 of ISO/IEC 7816, this part does not define the
following values of SW1-SW2 :

'60XX'
'67XX', '6BXX', '6DXX', '6EXX', '6FXX'; in each case if 'XX'!='00'
'9XXX', if 'XXX'!='000'
The following values of SW1-SW2 are defined whichever protocol is used (see
examples in annex A).

If a command is aborted with a response where SW1='6C', then SW2 indicates the
value to be given to the short Le field (exact length of requested data) when
re-issuing the same command before issuing any other command.
If a command (which may be of case 2 or 4, see table 4 and figure 4) is
processed with a response where SW1='61', then SW2 indicates the maximum value
to be given to the short Le field (length of extra data still available) in
a GET RESPONSE command issued before issuing any other command.
NOTE - A functionality similar to that offered by '61XX' may be offered at
application level by '9FXX'. However, applications may use '9FXX' for other
purposes.

Table 12 completed by tables 13 to 18 shows the general meanings of the values
of SW1-SW2 defined in this part of ISO/IEC 7816. For each command, an
appropriate clause provides more detailed meanings.

Tables 13 to 18 specify values of SW2 when SW1 is valued to '62', '63', '65',
'68', '69' and '6A'. The values of SW2 not defined in tables 13 to 18 are RFU,
except the values from 'F0' to 'FF' which are not defined in this part of
ISO/IEC 7816.


Table 12 - Coding of SW1-SW2

SW1-SW2	Meaning
Normal processing
'9000'	No further qualification
'61XX'	SW2 indicates the number of response bytes still available
(see text below)
Warning processings
'62XX'	State of non-volatile memory unchanged (further qualification in SW2,
see table 13)
'63XX'	State of non-volatile memory changed (further qualification in SW2,
see table 14)
Execution errors
'64XX'	State of non-volatile memory unchanged (SW2='00', other values are RFU)
'65XX'	State of non-volatile memory changed (further qualification in SW2,
see table 15)
'66XX'	Reserved for security-related issues (not defined in this part of
ISO/IEC 7816)
Checking errors
'6700'	Wrong length
'68XX'	Functions in CLA not supported (further qualification in SW2, see
table 16)
'69XX'	Command not allowed (further qualification in SW2, see table 17)
'6AXX'	Wrong parameter(s) P1-P2 (further qualification in SW2, see table 18)
'6B00'	Wrong parameter(s) P1-P2
'6CXX'	Wrong length Le: SW2 indicates the exact length (see text below)
'6D00'	Instruction code not supported or invalid
'6E00'	Class not supported
'6F00'	No precise diagnosis

Table 13 - Coding of SW2 when SW1='62'

SW2	Meaning
'00'	No information given
'81'	Part of returned data may be corrupted
'82'	End of file/record reached before reading Le bytes
'83'	Selected file invalidated
'84'	FCI not formatted according to 1.1.5

Table 14 - Coding of SW2 when SW1='63'

SW2	Meaning
'00'	No information given
'81'	File filled up by the last write
'CX'	Counter provided by 'X' (valued from 0 to 15) (exact meaning depending
on the command)

Table 15 - Coding of SW2 when SW1='65'

SW2	Meaning
'00'	No information given
'81'	Memory failure

Table 16 - Coding of SW2 when SW1='68'

SW2	Meaning
'00'	No information given
'81'	Logical channel not supported
'82'	Secure messaging not supported

Table 17 - Coding of SW2 when SW1='69'

SW2	Meaning
'00'	No information given
'81'	Command incompatible with file structure
'82'	Security status not satisfied
'83'	Authentication method blocked
'84'	Referenced data invalidated
'85'	Conditions of use not satisfied
'86'	Command not allowed (no current EF)
'87'	Expected SM data objects missing
'88'	SM data objects incorrect

Table 18 - Coding of SW2 when SW1='6A'

SW2	Meaning
'00'	No information given
'80'	Incorrect parameters in the data field
'81'	Function not supported
'82'	File not found
'83'	Record not found
'84'	Not enough memory space in the file
'85'	Lc inconsistent with TLV structure
'86'	Incorrect parameters P1-P2
'87'	Lc inconsistent with P1-P2
'88'	Referenced data not found

*/

//
// SCardError exceptions
//
SCardError::SCardError(uint16_t sw) : statusWord(sw)
{
	IFDEBUG(debugDiagnose(this));
}

const char *SCardError::what() const throw ()
{ return "SCardError"; }

OSStatus SCardError::osStatus() const
{
    switch (statusWord)
    {
	case SCARD_SUCCESS:
		return 0;

	case SCARD_FILE_FILLED:
	case SCARD_MEMORY_FAILURE:
	case SCARD_NO_MEMORY_LEFT:
		return CSSM_ERRCODE_MEMORY_ERROR;

	case SCARD_AUTHENTICATION_FAILED:
	case SCARD_AUTHENTICATION_FAILED_0:
	case SCARD_AUTHENTICATION_FAILED_1:
	case SCARD_AUTHENTICATION_FAILED_2:
	case SCARD_AUTHENTICATION_FAILED_3:
	case SCARD_AUTHENTICATION_FAILED_4:
	case SCARD_AUTHENTICATION_FAILED_5:
	case SCARD_AUTHENTICATION_FAILED_6:
	case SCARD_AUTHENTICATION_FAILED_7:
	case SCARD_AUTHENTICATION_FAILED_8:
	case SCARD_AUTHENTICATION_FAILED_9:
	case SCARD_AUTHENTICATION_FAILED_10:
	case SCARD_AUTHENTICATION_FAILED_11:
	case SCARD_AUTHENTICATION_FAILED_12:
	case SCARD_AUTHENTICATION_FAILED_13:
	case SCARD_AUTHENTICATION_FAILED_14:
	case SCARD_AUTHENTICATION_FAILED_15:
	case SCARD_AUTHENTICATION_BLOCKED:
        return CSSM_ERRCODE_OPERATION_AUTH_DENIED;

	case SCARD_COMMAND_NOT_ALLOWED:
	case SCARD_NOT_AUTHORIZED:
	case SCARD_USE_CONDITIONS_NOT_MET:
        return CSSM_ERRCODE_OBJECT_USE_AUTH_DENIED;

	case SCARD_FUNCTION_NOT_SUPPORTED:
	case SCARD_INSTRUCTION_CODE_INVALID:
		return CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED;

	case SCARD_FILE_NOT_FOUND:
	case SCARD_RECORD_NOT_FOUND:
		return CSSMERR_DL_RECORD_NOT_FOUND;

	case SCARD_BYTES_LEFT_IN_SW2:
	case SCARD_EXECUTION_WARNING:
	case SCARD_RETURNED_DATA_CORRUPTED:
	case SCARD_END_OF_FILE_REACHED:
	case SCARD_FILE_INVALIDATED:
	case SCARD_FCI_INVALID:
	case SCARD_EXECUTION_ERROR:
	case SCARD_CHANGED_ERROR:
	case SCARD_LENGTH_INCORRECT:
	case SCARD_CLA_UNSUPPORTED:
	case SCARD_LOGICAL_CHANNEL_UNSUPPORTED:
	case SCARD_SECURE_MESSAGING_UNSUPPORTED:
	case SCARD_COMMAND_INCOMPATIBLE:
	case SCARD_REFERENCED_DATA_INVALIDATED:
	case SCARD_NO_CURRENT_EF:
	case SCARD_SM_DATA_OBJECTS_MISSING:
	case SCARD_SM_DATA_NOT_ALLOWED:
	case SCARD_WRONG_PARAMETER:
	case SCARD_DATA_INCORRECT:
	case SCARD_LC_INCONSISTENT_TLV:
	case SCARD_INCORRECT_P1_P2:
	case SCARD_LC_INCONSISTENT_P1_P2:
	case SCARD_REFERENCED_DATA_NOT_FOUND:
	case SCARD_WRONG_PARAMETER_P1_P2:
	case SCARD_LE_IN_SW2:
	case SCARD_INSTRUCTION_CLASS_UNSUPPORTED:
	case SCARD_UNSPECIFIED_ERROR:
    default:
        return CSSM_ERRCODE_INTERNAL_ERROR;
    }
}

int SCardError::unixError() const
{
	switch (statusWord)
	{
        default:
            // cannot map this to errno space
            return -1;
    }
}

void SCardError::throwMe(uint16_t sw)
{ throw SCardError(sw); }

#if !defined(NDEBUG)

void SCardError::debugDiagnose(const void *id) const
{
    secdebug("exception", "%p Error %s (%04hX)",
             id, errorstr(statusWord), statusWord);
}

const char *SCardError::errorstr(uint16_t sw)
{
    switch (sw)
	{
	case SCARD_SUCCESS:
		return "Success";
	case SCARD_BYTES_LEFT_IN_SW2:
		return "SW2 indicates the number of response bytes still available";
	case SCARD_EXECUTION_WARNING:
		return "Execution warning, state of non-volatile memory unchanged";
	case SCARD_RETURNED_DATA_CORRUPTED:
		return "Part of returned data may be corrupted.";
	case SCARD_END_OF_FILE_REACHED:
		return "End of file/record reached before reading Le bytes.";
	case SCARD_FILE_INVALIDATED:
		return "Selected file invalidated.";
	case SCARD_FCI_INVALID:
		return "FCI not formatted according to 1.1.5.";
	case SCARD_AUTHENTICATION_FAILED:
		return "Authentication failed.";
	case SCARD_FILE_FILLED:
		return "File filled up by the last write.";
	case SCARD_AUTHENTICATION_FAILED_0:
		return "Authentication failed, 0 retries left.";
	case SCARD_AUTHENTICATION_FAILED_1:
		return "Authentication failed, 1 retry left.";
	case SCARD_AUTHENTICATION_FAILED_2:
		return "Authentication failed, 2 retries left.";
	case SCARD_AUTHENTICATION_FAILED_3:
		return "Authentication failed, 3 retries left.";
	case SCARD_AUTHENTICATION_FAILED_4:
		return "Authentication failed, 4 retries left.";
	case SCARD_AUTHENTICATION_FAILED_5:
		return "Authentication failed, 5 retries left.";
	case SCARD_AUTHENTICATION_FAILED_6:
		return "Authentication failed, 6 retries left.";
	case SCARD_AUTHENTICATION_FAILED_7:
		return "Authentication failed, 7 retries left.";
	case SCARD_AUTHENTICATION_FAILED_8:
		return "Authentication failed, 8 retries left.";
	case SCARD_AUTHENTICATION_FAILED_9:
		return "Authentication failed, 9 retries left.";
	case SCARD_AUTHENTICATION_FAILED_10:
		return "Authentication failed, 10 retries left.";
	case SCARD_AUTHENTICATION_FAILED_11:
		return "Authentication failed, 11 retries left.";
	case SCARD_AUTHENTICATION_FAILED_12:
		return "Authentication failed, 12 retries left.";
	case SCARD_AUTHENTICATION_FAILED_13:
		return "Authentication failed, 13 retries left.";
	case SCARD_AUTHENTICATION_FAILED_14:
		return "Authentication failed, 14 retries left.";
	case SCARD_AUTHENTICATION_FAILED_15:
		return "Authentication failed, 15 retries left.";
	case SCARD_EXECUTION_ERROR:
		return "Execution error, state of non-volatile memory unchanged.";
	case SCARD_CHANGED_ERROR:
		return "Execution error, state of non-volatile memory changed.";
	case SCARD_MEMORY_FAILURE:
		return "Memory failure.";
	case SCARD_LENGTH_INCORRECT:
		return "The length is incorrect.";
	case SCARD_CLA_UNSUPPORTED:
		return "Functions in CLA not supported.";
	case SCARD_LOGICAL_CHANNEL_UNSUPPORTED:
		return "Logical channel not supported.";
	case SCARD_SECURE_MESSAGING_UNSUPPORTED:
		return "Secure messaging not supported.";
	case SCARD_COMMAND_NOT_ALLOWED:
		return "Command not allowed.";
	case SCARD_COMMAND_INCOMPATIBLE:
		return "Command incompatible with file structure.";
	case SCARD_NOT_AUTHORIZED:
		return "Security status not satisfied.";
	case SCARD_AUTHENTICATION_BLOCKED:
		return "Authentication method blocked.";
	case SCARD_REFERENCED_DATA_INVALIDATED:
		return "Referenced data invalidated.";
	case SCARD_USE_CONDITIONS_NOT_MET:
		return "Conditions of use not satisfied.";
	case SCARD_NO_CURRENT_EF:
		return "Command not allowed (no current EF).";
	case SCARD_SM_DATA_OBJECTS_MISSING:
		return "Expected SM data objects missing.";
	case SCARD_SM_DATA_NOT_ALLOWED:
		return "SM data objects incorrect.";
	case SCARD_WRONG_PARAMETER:
		return "Wrong parameter.";
	case SCARD_DATA_INCORRECT:
		return "Incorrect parameters in the data field.";
	case SCARD_FUNCTION_NOT_SUPPORTED:
		return "Function not supported.";
	case SCARD_FILE_NOT_FOUND:
		return "File not found.";
	case SCARD_RECORD_NOT_FOUND:
		return "Record not found.";
	case SCARD_NO_MEMORY_LEFT:
		return "Not enough memory space in the file.";
	case SCARD_LC_INCONSISTENT_TLV:
		return "Lc inconsistent with TLV structure.";
	case SCARD_INCORRECT_P1_P2:
		return "Incorrect parameters P1-P2.";
	case SCARD_LC_INCONSISTENT_P1_P2:
		return "Lc inconsistent with P1-P2.";
	case SCARD_REFERENCED_DATA_NOT_FOUND:
		return "Referenced data not found.";
	case SCARD_WRONG_PARAMETER_P1_P2:
		return "Wrong parameter(s) P1-P2.";
	case SCARD_LE_IN_SW2:
		return "Wrong length Le: SW2 indicates the exact length";
	case SCARD_INSTRUCTION_CODE_INVALID:
		return "The instruction code is not programmed or is invalid.";
	case SCARD_INSTRUCTION_CLASS_UNSUPPORTED:
		return "The card does not support the instruction class.";
	case SCARD_UNSPECIFIED_ERROR:
		return "No precise diagnostic is given.";
	default:
		return "Unknown error";
	}
}

#endif //NDEBUG

} // end namespace Tokend

/* arch-tag: 0BEE055D-8BC7-49A8-B695-DD3C6FD9089A */


--- NEW FILE SCardError.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  SCardError.h
 *  TokendMuscle
 */

#ifndef _TOKEND_SCARDERROR_H_
#define _TOKEND_SCARDERROR_H_

#include 
#include 


/* ISO/IEC 7816 part 3 and 4 error codes. */

/** success */
#define SCARD_SUCCESS                        0x9000


/* '61XX'	SW2 indicates the number of response bytes still available. */
#define SCARD_BYTES_LEFT_IN_SW2              0x6100


/* '62XX'	Warning processings - State of non-volatile memory unchanged. */

/** Execution warning, state of non-volatile memory unchanged */
#define SCARD_EXECUTION_WARNING              0x6200

/** Part of returned data may be corrupted. */
#define SCARD_RETURNED_DATA_CORRUPTED        0x6281

/** End of file/record reached before reading Le bytes. */
#define SCARD_END_OF_FILE_REACHED            0x6282

/** Selected file invalidated. */
#define SCARD_FILE_INVALIDATED               0x6283

/** FCI not formatted according to 1.1.5. */
#define SCARD_FCI_INVALID                    0x6284


/* '62XX'	Warning processings - State of non-volatile memory changed. */

/** Authentication failed. */
#define SCARD_AUTHENTICATION_FAILED          0x6300

/** File filled up by the last write. */
#define SCARD_FILE_FILLED                    0x6381

/** Authentication failed, 0 retries left. */
#define SCARD_AUTHENTICATION_FAILED_0        0x63C0

/** Authentication failed, 1 retry left. */
#define SCARD_AUTHENTICATION_FAILED_1        0x63C1

/** Authentication failed, 2 retries left. */
#define SCARD_AUTHENTICATION_FAILED_2        0x63C2

/** Authentication failed, 3 retries left. */
#define SCARD_AUTHENTICATION_FAILED_3        0x63C3

/** Authentication failed, 4 retries left. */
#define SCARD_AUTHENTICATION_FAILED_4        0x63C4

/** Authentication failed, 5 retries left. */
#define SCARD_AUTHENTICATION_FAILED_5        0x63C5

/** Authentication failed, 6 retries left. */
#define SCARD_AUTHENTICATION_FAILED_6        0x63C6

/** Authentication failed, 7 retries left. */
#define SCARD_AUTHENTICATION_FAILED_7        0x63C7

/** Authentication failed, 8 retries left. */
#define SCARD_AUTHENTICATION_FAILED_8        0x63C8

/** Authentication failed, 9 retries left. */
#define SCARD_AUTHENTICATION_FAILED_9        0x63C9

/** Authentication failed, 10 retries left. */
#define SCARD_AUTHENTICATION_FAILED_10       0x63CA

/** Authentication failed, 11 retries left. */
#define SCARD_AUTHENTICATION_FAILED_11       0x63CB

/** Authentication failed, 12 retries left. */
#define SCARD_AUTHENTICATION_FAILED_12       0x63CC

/** Authentication failed, 13 retries left. */
#define SCARD_AUTHENTICATION_FAILED_13       0x63CD

/** Authentication failed, 14 retries left. */
#define SCARD_AUTHENTICATION_FAILED_14       0x63CE

/** Authentication failed, 15 retries left. */
#define SCARD_AUTHENTICATION_FAILED_15       0x63CF


/* '64XX'	Execution errors - State of non-volatile memory unchanged. */

/** Execution error, state of non-volatile memory unchanged. */
#define SCARD_EXECUTION_ERROR                0x6400


/* '65XX'	Execution errors - State of non-volatile memory changed. */

/** Execution error, state of non-volatile memory changed. */
#define SCARD_CHANGED_ERROR                  0x6500

/** Memory failure. */
#define SCARD_MEMORY_FAILURE                 0x6581


/* '66XX'	Reserved for security-related issues. */

/* '6700'	Wrong length. */

/** The length is incorrect. */
#define SCARD_LENGTH_INCORRECT               0x6700


/* '68XX'	Functions in CLA not supported. */

/** No information given. */
#define SCARD_CLA_UNSUPPORTED                0x6800

/** Logical channel not supported. */
#define SCARD_LOGICAL_CHANNEL_UNSUPPORTED    0x6881

/** Secure messaging not supported. */
#define SCARD_SECURE_MESSAGING_UNSUPPORTED   0x6882


/* '69XX'	Command not allowed. */

/** Command not allowed. */
#define SCARD_COMMAND_NOT_ALLOWED            0x6900

/** Command incompatible with file structure. */
#define SCARD_COMMAND_INCOMPATIBLE           0x6981

/** Security status not satisfied. */
#define SCARD_NOT_AUTHORIZED                 0x6982

/** Authentication method blocked. */
#define SCARD_AUTHENTICATION_BLOCKED         0x6983

/** Referenced data invalidated. */
#define SCARD_REFERENCED_DATA_INVALIDATED    0x6984

/** Conditions of use not satisfied. */
#define SCARD_USE_CONDITIONS_NOT_MET         0x6985

/** Command not allowed (no current EF). */
#define SCARD_NO_CURRENT_EF                  0x6986

/** Expected SM data objects missing. */
#define SCARD_SM_DATA_OBJECTS_MISSING        0x6987

/** SM data objects incorrect. */
#define SCARD_SM_DATA_NOT_ALLOWED            0x6988


/* '6AXX'	Wrong parameter(s) P1-P2. */

/** Wrong parameter. */
#define SCARD_WRONG_PARAMETER                0x6A00

/** Incorrect parameters in the data field. */
#define SCARD_DATA_INCORRECT                 0x6A80

/** Function not supported. */
#define SCARD_FUNCTION_NOT_SUPPORTED         0x6A81

/** File not found. */
#define SCARD_FILE_NOT_FOUND                 0x6A82

/** Record not found. */
#define SCARD_RECORD_NOT_FOUND               0x6A83

/** Not enough memory space in the file. */
#define SCARD_NO_MEMORY_LEFT                 0x6A84

/** Lc inconsistent with TLV structure. */
#define SCARD_LC_INCONSISTENT_TLV            0x6A85

/** Incorrect parameters P1-P2. */
#define SCARD_INCORRECT_P1_P2                0x6A86

/** Lc inconsistent with P1-P2. */
#define SCARD_LC_INCONSISTENT_P1_P2          0x6A87

/** Referenced data not found. */
#define SCARD_REFERENCED_DATA_NOT_FOUND      0x6A88


/* '6B00'	Wrong parameter(s) P1-P2. */

/** Wrong parameter(s) P1-P2. */
#define SCARD_WRONG_PARAMETER_P1_P2          0x6B00


/* '6CXX'	Wrong length Le: SW2 indicates the exact length */
#define SCARD_LE_IN_SW2                      0x6C00


/* '6D00'	Instruction code not supported or invalid. */

/** The instruction code is not programmed or is invalid. */
#define SCARD_INSTRUCTION_CODE_INVALID       0x6D00


/* '6E00'	Class not supported. */

/** The card does not support the instruction class. */
#define SCARD_INSTRUCTION_CLASS_UNSUPPORTED  0x6E00


/* '6F00'	No precise diagnosis. */

/** No precise diagnostic is given. */
#define SCARD_UNSPECIFIED_ERROR              0x6F00


namespace Tokend
{

class SCardError : public Security::CommonError
{
protected:
    SCardError(uint16_t sw);
public:
    const uint16_t statusWord;
    virtual OSStatus osStatus() const;
	virtual int unixError() const;
    virtual const char *what () const throw ();

    static void check(uint16_t sw)	{ if (sw != SCARD_SUCCESS) throwMe(sw); }
    static void throwMe(uint16_t sw) __attribute__((noreturn));
    
protected:
    IFDEBUG(void debugDiagnose(const void *id) const;)
    IFDEBUG(static const char *errorstr(uint16_t sw);)
};

} // end namespace Tokend

#endif /* !_TOKEND_SCARDERROR_H_ */


/* arch-tag: D03ECC8E-C502-473C-9A1D-AAF96094CA48 */


--- NEW FILE Schema.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Schema.cpp
 *  TokendMuscle
 */

#include "Schema.h"

#include "Attribute.h"
#include "MetaRecord.h"
#include "MetaAttribute.h"

#include 
#include 
#include 
#include 
#include 

namespace Tokend
{

#pragma mark ---------------- Schema --------------

Schema::Schema() :
	mTrueCoder(true),
	mFalseCoder(false),
	mCertEncodingBERCoder(CSSM_CERT_ENCODING(CSSM_CERT_ENCODING_BER)),
	mSdCSPDLGuidCoder(gGuidAppleSdCSPDL),
	mPublicKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_PUBLIC_KEY)),
	mPrivateKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_PRIVATE_KEY)),
	mSessionKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_SESSION_KEY))
{
}

Schema::~Schema()
{
	try
	{
		for_each_map_delete(mRelationMap.begin(), mRelationMap.end());
	}
	catch(...) {}
}

void Schema::create()
{
    // Attribute names.
    std::string
        an_RelationID("RelationID"),
        an_RelationName("RelationName"),
        an_AttributeID("AttributeID"),
        an_AttributeNameFormat("AttributeNameFormat"),
        an_AttributeName("AttributeName"),
        an_AttributeNameID("AttributeNameID"),
        an_AttributeFormat("AttributeFormat"),
        an_IndexID("IndexID"),
        an_IndexType("IndexType"),
        an_IndexedDataLocation("IndexedDataLocation");

    // Record the attributeIndex of each created attribute for use by our
	// register functions laster on.
	// Create CSSM_DL_DB_SCHEMA_INFO relation.
    MetaRecord *mrio = new MetaRecord(CSSM_DL_DB_SCHEMA_INFO);
    io_rid = mrio->createAttribute(an_RelationID,
		kAF_UINT32).attributeIndex();
    io_rn  = mrio->createAttribute(an_RelationName,
		kAF_STRING).attributeIndex();
    mInfo = createRelation(mrio);

    // Create CSSM_DL_DB_SCHEMA_ATTRIBUTES relation
    MetaRecord *mras = new MetaRecord(CSSM_DL_DB_SCHEMA_ATTRIBUTES);
    as_rid = mras->createAttribute(an_RelationID,
		kAF_UINT32).attributeIndex();
    as_aid = mras->createAttribute(an_AttributeID,
		kAF_UINT32).attributeIndex();
    as_anf = mras->createAttribute(an_AttributeNameFormat,
		kAF_UINT32).attributeIndex();
    as_an  = mras->createAttribute(an_AttributeName,
		kAF_STRING).attributeIndex();
    as_anid= mras->createAttribute(an_AttributeNameID,
		kAF_BLOB  ).attributeIndex();
    as_af  = mras->createAttribute(an_AttributeFormat,
		kAF_UINT32).attributeIndex();
    mAttributes = createRelation(mras);

    // Create CSSM_DL_DB_SCHEMA_INDEXES relation
    MetaRecord *mrix = new MetaRecord(CSSM_DL_DB_SCHEMA_INDEXES);
    ix_rid = mrix->createAttribute(an_RelationID,
		kAF_UINT32).attributeIndex();
    ix_iid = mrix->createAttribute(an_IndexID,
		kAF_UINT32).attributeIndex();
    ix_aid = mrix->createAttribute(an_AttributeID,
		kAF_UINT32).attributeIndex();
    ix_it  = mrix->createAttribute(an_IndexType,
		kAF_UINT32).attributeIndex();
    ix_idl = mrix->createAttribute(an_IndexedDataLocation,
		kAF_UINT32).attributeIndex();
    mIndices = createRelation(mrix);

#ifdef ADD_SCHEMA_PARSING_MODULE
    // @@@ Skipping CSSM_DL_DB_SCHEMA_PARSING_MODULE relation since no one uses
	// it and it's definition in CDSA is broken anyway

    // Attribute names.
    std::string
        an_ModuleID("ModuleID"),
        an_AddinVersion("AddinVersion"),
        an_SSID("SSID"),
        an_SubserviceType("SubserviceType");

    // Create CSSM_DL_DB_SCHEMA_PARSING_MODULE Relation
    MetaRecord *mr_parsing = new MetaRecord(CSSM_DL_DB_SCHEMA_PARSING_MODULE);
    mr_parsing->createAttribute(an_AttributeID,            kAF_UINT32);
    mr_parsing->createAttribute(an_ModuleID,               kAF_BLOB  );
    mr_parsing->createAttribute(an_AddinVersion,           kAF_STRING);
    mr_parsing->createAttribute(an_SSID,                   kAF_UINT32);
    mr_parsing->createAttribute(an_SubserviceType,         kAF_UINT32);
    createRelation(mr_parsing);
#endif

#ifdef REGISTER_SCHEMA_RELATIONS
	registerRelation("CSSM_DL_DB_SCHEMA_INFO", CSSM_DL_DB_SCHEMA_INFO)
	registerAttribute(CSSM_DL_DB_SCHEMA_INFO, &an_RelationID, 0,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_INFO, &an_RelationName, 1,
		kAF_UINT32, false);
	registerRelation("CSSM_DL_DB_SCHEMA_ATTRIBUTES",
		CSSM_DL_DB_SCHEMA_ATTRIBUTES)
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_RelationID, 0,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeID, 2,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeNameFormat, 3,
		kAF_UINT32, false);
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeName, 4,
		kAF_STRING, false);
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeNameId, 5,
		kAF_BLOB, false);
	registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeFormat, 6,
		kAF_UINT32, false);
	registerRelation("CSSM_DL_DB_SCHEMA_INDEXES", CSSM_DL_DB_SCHEMA_INDEXES)
	registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_RelationID, 0,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexID, 1,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_AttributeID, 2,
		kAF_UINT32, true);
	registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexType, 3,
		kAF_UINT32, false);
	registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexedDataLocation, 4,
		kAF_UINT32, false);
#endif
}

// Create one of the standard relations conforming to what the SecKeychain
// layer expects.
Relation *Schema::createStandardRelation(RelationId relationId)
{
	std::string relationName;
	// Get the name based on the relation
	switch (relationId)
	{
	case CSSM_DL_DB_RECORD_PRIVATE_KEY:
		relationName = "CSSM_DL_DB_RECORD_PRIVATE_KEY"; break;
	case CSSM_DL_DB_RECORD_PUBLIC_KEY:
		relationName = "CSSM_DL_DB_RECORD_PUBLIC_KEY"; break;
	case CSSM_DL_DB_RECORD_SYMMETRIC_KEY:
		relationName = "CSSM_DL_DB_RECORD_SYMMETRIC_KEY"; break;
	case CSSM_DL_DB_RECORD_X509_CERTIFICATE:
		relationName = "CSSM_DL_DB_RECORD_X509_CERTIFICATE"; break;
	case CSSM_DL_DB_RECORD_GENERIC:
		relationName = "CSSM_DL_DB_RECORD_GENERIC"; break;
	default: CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
	}

    Relation *rt = createRelation(relationName, relationId);

	std::string
        an_CertType = "CertType",
        an_CertEncoding = "CertEncoding",
        an_PrintName = "PrintName",
        an_Alias = "Alias",
        an_Subject = "Subject",
        an_Issuer = "Issuer",
        an_SerialNumber = "SerialNumber",
        an_SubjectKeyIdentifier = "SubjectKeyIdentifier",
        an_PublicKeyHash = "PublicKeyHash",
		an_KeyClass = "KeyClass",
		an_Permanent = "Permanent",
		an_Private = "Private",
		an_Modifiable = "Modifiable",
		an_Label = "Label",
		an_ApplicationTag = "ApplicationTag",
		an_KeyCreator = "KeyCreator",
		an_KeyType = "KeyType",
		an_KeySizeInBits = "KeySizeInBits",
		an_EffectiveKeySize = "EffectiveKeySize",
		an_StartDate = "StartDate",
		an_EndDate = "EndDate",
		an_Sensitive = "Sensitive",
		an_AlwaysSensitive = "AlwaysSensitive",
		an_Extractable = "Extractable",
		an_NeverExtractable = "NeverExtractable",
		an_Encrypt = "Encrypt",
		an_Decrypt = "Decrypt",
		an_Derive = "Derive",
		an_Sign = "Sign",
		an_Verify = "Verify",
		an_SignRecover = "SignRecover",
		an_VerifyRecover = "VerifyRecover",
		an_Wrap = "Wrap",
		an_Unwrap = "Unwrap";

	// @@@ HARDWIRED Based on what SecKeychain layer expects @@@
	switch (relationId)
	{
	case CSSM_DL_DB_RECORD_GENERIC:
		createAttribute(*rt, &an_PrintName, kSecLabelItemAttr, kAF_BLOB, false)
			.attributeCoder(&mDescriptionCoder);
		createAttribute(*rt, &an_Alias, kSecAliasItemAttr, kAF_BLOB, false)
			.attributeCoder(&mZeroCoder);
		rt->metaRecord().attributeCoderForData(&mDataAttributeCoder);
		break;
	case CSSM_DL_DB_RECORD_X509_CERTIFICATE:
        createAttribute(*rt, &an_CertType, kSecCertTypeItemAttr,
			kAF_UINT32, true).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_CertEncoding, kSecCertEncodingItemAttr,
			kAF_UINT32, false).attributeCoder(&mCertEncodingBERCoder);
        createAttribute(*rt, &an_PrintName, kSecLabelItemAttr,
			kAF_BLOB, false).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_Alias, kSecAliasItemAttr,
			kAF_BLOB, false).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_Subject, kSecSubjectItemAttr,
			kAF_BLOB, false).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_Issuer, kSecIssuerItemAttr,
			kAF_BLOB, true).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_SerialNumber, kSecSerialNumberItemAttr,
			kAF_BLOB, true).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_SubjectKeyIdentifier,
			kSecSubjectKeyIdentifierItemAttr,
			kAF_BLOB, false).attributeCoder(&mCertificateCoder);
        createAttribute(*rt, &an_PublicKeyHash, kSecPublicKeyHashItemAttr,
			kAF_BLOB, false).attributeCoder(&mCertificateCoder);
		rt->metaRecord().attributeCoderForData(&mDataAttributeCoder);
        // Initialize mPublicKeyHashCoder so it knows which attribute of a
		// certificate to use to get the public key hash of a key.
        mPublicKeyHashCoder.setCertificateMetaAttribute(&(rt->metaRecord()
			.metaAttribute(kSecPublicKeyHashItemAttr)));
		break;
	case CSSM_DL_DB_RECORD_PUBLIC_KEY:
	case CSSM_DL_DB_RECORD_PRIVATE_KEY:
	case CSSM_DL_DB_RECORD_SYMMETRIC_KEY:
		rt->metaRecord().attributeCoderForData(&mKeyDataCoder);
		createAttribute(*rt, &an_KeyClass, kSecKeyKeyClass,
			kAF_UINT32, false).attributeCoder(
				relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
				? &mPublicKeyClassCoder
				: relationId == CSSM_DL_DB_RECORD_PRIVATE_KEY
					? &mPrivateKeyClassCoder
					: &mSessionKeyClassCoder);
		createAttribute(*rt, &an_PrintName, kSecKeyPrintName,
			kAF_BLOB, false).attributeCoder(&mZeroCoder);
		createAttribute(*rt, &an_Alias, kSecKeyAlias,
			kAF_BLOB, false).attributeCoder(&mZeroCoder);
		createAttribute(*rt, &an_Permanent, kSecKeyPermanent,
			kAF_UINT32, false).attributeCoder(&mTrueCoder);
		createAttribute(*rt, &an_Private, kSecKeyPrivate,
			kAF_UINT32, false).attributeCoder(
				relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
				? &mFalseCoder : &mTrueCoder);
		createAttribute(*rt, &an_Modifiable, kSecKeyModifiable,
			kAF_UINT32, false).attributeCoder(&mFalseCoder);
		createAttribute(*rt, &an_Label, kSecKeyLabel,
			kAF_BLOB, true).attributeCoder(
				relationId == CSSM_DL_DB_RECORD_PRIVATE_KEY
				? &mPublicKeyHashCoder : NULL);
		createAttribute(*rt, &an_ApplicationTag, kSecKeyApplicationTag,
			kAF_BLOB, true).attributeCoder(&mZeroCoder);
		createAttribute(*rt, &an_KeyCreator, kSecKeyKeyCreator,
			kAF_BLOB, true).attributeCoder(&mSdCSPDLGuidCoder);
		createAttribute(*rt, &an_KeyType, kSecKeyKeyType, kAF_UINT32, true);
		createAttribute(*rt, &an_KeySizeInBits, kSecKeyKeySizeInBits,
			kAF_UINT32, true);
		createAttribute(*rt, &an_EffectiveKeySize, kSecKeyEffectiveKeySize,
			kAF_UINT32, true);
		createAttribute(*rt, &an_StartDate, kSecKeyStartDate,
			kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
		createAttribute(*rt, &an_EndDate, kSecKeyEndDate,
			kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
		createAttribute(*rt, &an_Sensitive, kSecKeySensitive,
			kAF_UINT32, false).attributeCoder(
				relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
				? &mFalseCoder : &mTrueCoder);
		createAttribute(*rt, &an_AlwaysSensitive, kSecKeyAlwaysSensitive,
			kAF_UINT32, false).attributeCoder(&mFalseCoder);
		createAttribute(*rt, &an_Extractable, kSecKeyExtractable,
			kAF_UINT32, false).attributeCoder(&mFalseCoder);
		createAttribute(*rt, &an_NeverExtractable, kSecKeyNeverExtractable,
			kAF_UINT32, false).attributeCoder(&mFalseCoder);
		createAttribute(*rt, &an_Encrypt, kSecKeyEncrypt, kAF_UINT32, false);
		createAttribute(*rt, &an_Decrypt, kSecKeyDecrypt, kAF_UINT32, false);
		createAttribute(*rt, &an_Derive, kSecKeyDerive, kAF_UINT32, false);
		createAttribute(*rt, &an_Sign, kSecKeySign, kAF_UINT32, false);
		createAttribute(*rt, &an_Verify, kSecKeyVerify, kAF_UINT32, false);
		createAttribute(*rt, &an_SignRecover, kSecKeySignRecover,
			kAF_UINT32, false);
		createAttribute(*rt, &an_VerifyRecover, kSecKeyVerifyRecover,
			kAF_UINT32, false);
		createAttribute(*rt, &an_Wrap, kSecKeyWrap, kAF_UINT32, false);
		createAttribute(*rt, &an_Unwrap, kSecKeyUnwrap, kAF_UINT32, false);
        // Initialize mPublicKeyHashCoder so it knows which attribute of a
		// public key to use to get the public key hash of a key.
        if (relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY)
            mPublicKeyHashCoder.setPublicKeyMetaAttribute(&(rt->metaRecord()
				.metaAttribute(kSecKeyLabel)));
		break;
	}

	return rt;
}

// Create a new relation using metaRecord.  Does not register this in the
// CSSM_DL_DB_SCHEMA_INFO relation.  This is used for creating the schema
// relations themselves only.
Relation *Schema::createRelation(MetaRecord *metaRecord)
{
	auto_ptr aRelation(new Relation(metaRecord));

	if (!mRelationMap.insert(RelationMap::value_type(metaRecord->relationId(),
		aRelation.get())).second)
	{
		// @@@ Should be CSSMERR_DL_DUPLICATE_RECORDTYPE.  Since that
		// doesn't exist we report that the meta-relation's unique index would
		// no longer be valid
        CssmError::throwMe(CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA);
	}

	return aRelation.release();
}

// Create a new relation and register this in the CSSM_DL_DB_SCHEMA_INFO
// relation.
Relation *Schema::createRelation(const std::string &relationName,
	RelationId relationId)
{
    MetaRecord *mr = new MetaRecord(relationId);
    Relation *rt = createRelation(mr);
	registerRelation(relationName, relationId);
    return rt;
}

// Create a new attribute and register this with the schema.  Do not use this
// for creating schema relations.
MetaAttribute &Schema::createAttribute(Relation &relation,
    const std::string *name, uint32 attributeId,
	CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex)
{
    MetaRecord &mr = relation.metaRecord();
	registerAttribute(mr.relationId(), name, attributeId, attributeFormat,
		isIndex);
    return mr.createAttribute(name, NULL, attributeId, attributeFormat);
}

// Insert a record containing a relationId and it's name into
// CSSM_DL_DB_SCHEMA_INFO relation
void Schema::registerRelation(const std::string &relationName,
	RelationId relationId)
{
    RefPointer record = new Record();
    record->attributeAtIndex(io_rid, new Attribute(relationId));
    record->attributeAtIndex(io_rn,  new Attribute(relationName));
    mInfo->insertRecord(record);
}

// Insert a record containing a relationId, attributeId and other meta
// information into the CSSM_DL_DB_SCHEMA_ATTRIBUTES relation.  In addition, if
// isIndex is true insert a record into the CSSM_DL_DB_SCHEMA_INDEXES relation. 
void Schema::registerAttribute(RelationId relationId, const std::string *name,
	uint32 attributeId, CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex)
{
    CSSM_DB_ATTRIBUTE_NAME_FORMAT nameFormat = name
		? CSSM_DB_ATTRIBUTE_NAME_AS_STRING : CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER;

    RefPointer rc_attribute = new Record();

    rc_attribute->attributeAtIndex(as_rid, new Attribute(relationId));
    rc_attribute->attributeAtIndex(as_aid, new Attribute(attributeId));
    rc_attribute->attributeAtIndex(as_anf, new Attribute(nameFormat));
    rc_attribute->attributeAtIndex(as_an, name
		? new Attribute(*name) : new Attribute());           // AttributeName
    rc_attribute->attributeAtIndex(as_anid, new Attribute());// AttributeNameId
    rc_attribute->attributeAtIndex(as_af,  new Attribute(attributeFormat));
    mAttributes->insertRecord(rc_attribute);

    if (isIndex)
    {
        RefPointer rc_index = new Record();
        rc_index->attributeAtIndex(ix_rid,               // RelationId
			new Attribute(relationId));
        rc_index->attributeAtIndex(ix_iid,               // IndexId
			new Attribute(uint32(0)));
        rc_index->attributeAtIndex(ix_aid,               // AttributeId
			new Attribute(attributeId));
        rc_index->attributeAtIndex(ix_it,                // IndexType
			new Attribute(uint32(CSSM_DB_INDEX_UNIQUE)));
        rc_index->attributeAtIndex(ix_idl,               // IndexedDataLocation
			new Attribute(uint32(CSSM_DB_INDEX_ON_UNKNOWN)));
        mIndices->insertRecord(rc_index);
    }
}


#pragma mark ---------------- Utility methods --------------

const Relation &Schema::findRelation(RelationId inRelationId) const
{
    RelationMap::const_iterator it = mRelationMap.find(inRelationId);
    if (it == mRelationMap.end())
		CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
	return *it->second;
}

Relation &Schema::findRelation(RelationId inRelationId)
{
    RelationMap::iterator it = mRelationMap.find(inRelationId);
    if (it == mRelationMap.end())
		CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
	return *it->second;
}

MetaRecord &Schema::findMetaRecord(RelationId inRelationId)
{
	return findRelation(inRelationId).metaRecord();
}

} // end namespace Tokend


/* arch-tag: BA0AF80B-F13E-11D8-AC69-000A95C4302E */


--- NEW FILE Schema.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Schema.h
 *  TokendMuscle
 */

#ifndef _TOKEND_SCHEMA_H_
#define _TOKEND_SCHEMA_H_

#include 
#include 
#include 

#include "MetaRecord.h"
#include "Relation.h"
#include "AttributeCoder.h"

namespace Tokend
{

class Relation;

//
// Schema
//
class Schema
{
	NOCOPY(Schema)
public:
	typedef std::map RelationMap;
    typedef RelationMap::const_iterator ConstRelationMapIterator;

    Schema();
    virtual ~Schema();

	virtual void create();

	const Relation &findRelation(RelationId inRelationId) const;
	Relation &findRelation(RelationId inRelationId);
	MetaRecord &findMetaRecord(RelationId inRelationId);

    ConstRelationMapIterator begin() const { return mRelationMap.begin(); }
    ConstRelationMapIterator end() const { return mRelationMap.end(); }

    const LinkedRecordAttributeCoder &publicKeyHashCoder() const
		{ return mPublicKeyHashCoder; }
protected:
    Relation *createRelation(const std::string &relationName,
		RelationId relationId);
	Relation *createStandardRelation(RelationId relationId);

    MetaAttribute &createAttribute(Relation &relation,
		const std::string *name, uint32 attributeId,
		CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex);
private:
	Relation *createRelation(MetaRecord *inMetaRecord);

    void registerRelation(const std::string &relationName,
		RelationId relationId);
    void registerAttribute(RelationId relationId, const std::string *name,
		uint32 attributeId, CSSM_DB_ATTRIBUTE_FORMAT attributeFormat,
		bool isIndex);

private:
    Relation *mInfo, *mAttributes, *mIndices;
    RelationMap mRelationMap;

	// AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_INFO relation.
	uint32 io_rid;
	uint32 io_rn;

	// AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_ATTRIBUTES
	// relation.
	uint32 as_rid;
	uint32 as_aid;
	uint32 as_anf;
	uint32 as_an;
	uint32 as_anid;
	uint32 as_af;

	// AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_INDEXES relation.
	uint32 ix_rid;
	uint32 ix_iid;
	uint32 ix_aid;
	uint32 ix_it;
	uint32 ix_idl;
protected:
	// Coders for some standard attributes
	ConstAttributeCoder mTrueCoder;
	ConstAttributeCoder mFalseCoder;
	ConstAttributeCoder mCertEncodingBERCoder;
	GuidAttributeCoder mSdCSPDLGuidCoder;
	CertificateAttributeCoder mCertificateCoder;
	ZeroAttributeCoder mZeroCoder;
	ConstAttributeCoder mPublicKeyClassCoder;
	ConstAttributeCoder mPrivateKeyClassCoder;
	ConstAttributeCoder mSessionKeyClassCoder;
	KeyDataAttributeCoder mKeyDataCoder;
	LinkedRecordAttributeCoder mPublicKeyHashCoder;
	DataAttributeCoder mDataAttributeCoder;
	DescriptionAttributeCoder mDescriptionCoder;
};


} // end namespace Tokend

#endif /* !_TOKEND_SCHEMA_H_ */

/* arch-tag: BA0C467A-F13E-11D8-BE5A-000A95C4302E */


--- NEW FILE SelectionPredicate.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  SelectionPredicate.cpp
 *  TokendMuscle
 */

#include "SelectionPredicate.h"
#include "MetaAttribute.h"
#include "MetaRecord.h"
#include "DbValue.h"
#include 

namespace Tokend
{

SelectionPredicate::SelectionPredicate(const MetaRecord &inMetaRecord,
	const CSSM_SELECTION_PREDICATE &inPredicate)
	:	mMetaAttribute(inMetaRecord.metaAttribute(inPredicate.Attribute.Info)),
		mDbOperator(inPredicate.DbOperator)
{
	// Make sure that the caller specified the attribute values in the correct
	// format.
	if (inPredicate.Attribute.Info.AttributeFormat
		!= mMetaAttribute.attributeFormat())
		CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);

	// @@@ See ISSUES
	if (inPredicate.Attribute.NumberOfValues != 1)
		CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);

	mData = inPredicate.Attribute.Value[0];
	mValue = mMetaAttribute.createValue(mData);
}

SelectionPredicate::~SelectionPredicate()
{
	delete mValue;
}

bool SelectionPredicate::evaluate(TokenContext *tokenContext,
	Record& record) const
{
    return mMetaAttribute.evaluate(tokenContext, mValue, record, mDbOperator);
}


}	// end namespace Tokend

/* arch-tag: E96BD4DB-DF80-11D8-8EA7-000A95C4302E */


--- NEW FILE SelectionPredicate.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  SelectionPredicate.h
 *  TokendMuscle
 */

#ifndef _TOKEND_SELECTIONPREDICATE_H_
#define _TOKEND_SELECTIONPREDICATE_H_

#include 

namespace Tokend
{

class DbValue;
class MetaAttribute;
class MetaRecord;
class Record;
class TokenContext;

class SelectionPredicate
{
    NOCOPY(SelectionPredicate)
public:
    SelectionPredicate(const MetaRecord &inMetaRecord,
		const CSSM_SELECTION_PREDICATE &inPredicate);
	~SelectionPredicate();
	
	bool evaluate(TokenContext *tokenContext, Record& record) const;

private:
    const MetaAttribute &mMetaAttribute;
    CSSM_DB_OPERATOR mDbOperator;
	CssmDataContainer mData;
	DbValue *mValue;
};

} // end namespace Tokend

#endif /* !_TOKEND_SELECTIONPREDICATE_H_ */

/* arch-tag: E96F0CEA-DF80-11D8-923F-000A95C4302E */


--- NEW FILE Token.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Token.cpp
 *  TokendMuscle
 */

#include "Token.h"

#include "Cursor.h"
#include "KeyHandle.h"
#include "RecordHandle.h"
#include "Schema.h"
#include 
#include 
#include 
#include 

//
// SPI wrapper macros
//
#define BEGIN	try {
#define END(SS) \
		return CSSM_OK; \
	} catch (const CommonError &err) { \
		return CssmError::cssmError(err, CSSM_##SS##_BASE_ERROR); \
	} catch (...) { \
		return CSSM_ERRCODE_INTERNAL_ERROR; \
	}

//
// Singleton
//
Tokend::Token *token;

namespace Tokend
{

Token::Token() : mSchema(NULL), mTokenContext(NULL)
{
}

Token::~Token()
{
}


//
// Initial: Your first chance to do anything with the tokend framework
// initialized.
//
CSSM_RETURN Token::_initial()
{
	BEGIN
	token->initial();
	secdebug("tokend", "using reader %s",
		token->startupReaderInfo()->szReader);
	END(CSSM)
}


//
// Probe:
//  (1) See if we support this token. Return zero if not.
//      Return a score if we do - the lower, the better. 1 beats everyone else.
//  (2) Generate a unique id string for the token. This doesn't have to be
//      human readable. If you REALLY can't make one up, leave tokenUid alone.
//      But do try.
//
CSSM_RETURN Token::_probe(SecTokendProbeFlags flags, uint32 *score,
	char tokenUid[TOKEND_MAX_UID])
{
	BEGIN
	*score = token->probe(flags, tokenUid);
	secdebug("tokend", "flags=%ld returning score=%ld  uid='%s'",
		flags, *score, tokenUid);
	END(CSSM)
}


//
// Establish:
// Okay, you're the one. The token is yours. Here's your GUID and subservice ID
// (in case you care); it'll get automatically inserted into your MDS unless
// you override it. If you can make up a nice, user-friendly print name for
// your token, return it in printName. If you can't, leave it alone and
// securityd will make something up for you.
//
CSSM_RETURN Token::_establish(const CSSM_GUID *guid, uint32 subserviceID,
	SecTokendEstablishFlags flags, const char *cacheDirectory,
	const char *workDirectory, char mdsDirectory[PATH_MAX],
	char printName[PATH_MAX])
{
	BEGIN
	secdebug("tokend", "establish(%s,%ld,0x%lX)",
		Guid::required(guid).toString().c_str(), subserviceID, flags);

	token->establish(guid, subserviceID, flags, cacheDirectory, workDirectory,
		mdsDirectory, printName);
	// if printName is left alone, securityd will make one up
	// if mdsDirectory is left alone, all MDS resources in the Resource bundle
	// will be loaded
	END(CSSM)
}


//
// Terminate() is called by security when it wants you to go away.
// This function does not (currently) return anything, so the CSSM_RETURN is
// effectively ignored. (It's still here for consistency's sake.)
//
CSSM_RETURN Token::_terminate(uint32 reason, uint32 options)
{
	BEGIN
	secdebug("tokend", "terminate(%ld,0x%ld)", reason, options);
	token->terminate(reason, options);
	END(CSSM)
}


CSSM_RETURN Token::_findFirst(const CSSM_QUERY *query,
	TOKEND_RETURN_DATA *data, CSSM_HANDLE *hSearch)
{
	BEGIN
	secdebug("tokend", "findFirst()");
	std::auto_ptr curs(token->createCursor(query));
	TokenContext *tokenContext = token->tokenContext();
	std::auto_ptr rh(curs->next(tokenContext));
	if (!rh.get())
	{
		secdebug("tokend", "findFirst() returning: CSSMERR_DL_ENDOFDATA");
#if 1
		data->record = 0;
		data->keyhandle = 0;
		return 0;
#else
		return CSSMERR_DL_ENDOFDATA;
#endif
	}

	rh->get(tokenContext, *data);
	// Release the RecordHandle until the caller kills the handle we returned.
	rh.release();

	// We didn't throw so return a search handle and keep the Cursor around.
	*hSearch = curs->handle();
	curs.release();
	secdebug("tokend", "end findFirst() returned: %ld", *hSearch);
	END(DL)
}

CSSM_RETURN Token::_findNext(CSSM_HANDLE hSearch, TOKEND_RETURN_DATA *data)
{
	BEGIN
	secdebug("tokend", "findNext(%ld)", hSearch);
	Cursor& curs = Security::HandleObject::find(hSearch,
		CSSMERR_DL_RECORD_NOT_FOUND);
	TokenContext *tokenContext = token->tokenContext();
	std::auto_ptr rh(curs.next(tokenContext));
	if (!rh.get())
	{
		secdebug("tokend", "findNext(%ld) returning: CSSMERR_DL_ENDOFDATA",
			hSearch);
#if 1
		data->record = 0;
		data->keyhandle = 0;
		return 0;
#else
		return CSSMERR_DL_ENDOFDATA;
#endif
	}

	rh->get(tokenContext, *data);
	rh.release();
	END(DL)
}

CSSM_RETURN Token::_findRecordHandle(CSSM_HANDLE hRecord,
	TOKEND_RETURN_DATA *data)
{
	BEGIN
	secdebug("tokend", "findRecordHandle(%ld)", hRecord);
	RecordHandle &rh = Security::HandleObject::find(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	rh.get(token->tokenContext(), *data);
	END(DL)
}

CSSM_RETURN Token::_insertRecord(CSSM_DB_RECORDTYPE recordType,
	const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes, const CSSM_DATA *data,
	CSSM_HANDLE *hRecord)
{
	BEGIN
	secdebug("tokend", "insertRecord");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(DL)
}

CSSM_RETURN Token::_modifyRecord(CSSM_DB_RECORDTYPE recordType,
	CSSM_HANDLE *hRecord, const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
	const CSSM_DATA *data, CSSM_DB_MODIFY_MODE modifyMode)
{
	BEGIN
	secdebug("tokend", "modifyRecord");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(DL)
}

CSSM_RETURN Token::_deleteRecord(CSSM_HANDLE hRecord)
{
	BEGIN
	secdebug("tokend", "deleteRecord");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(DL)
}

CSSM_RETURN Token::_releaseSearch(CSSM_HANDLE hSearch)
{
	BEGIN
	secdebug("tokend", "releaseSearch(%ld)", hSearch);
	Security::HandleObject::findAndKill(hSearch,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	END(DL)
}

CSSM_RETURN Token::_releaseRecord(CSSM_HANDLE hRecord)
{
	BEGIN
	secdebug("tokend", "releaseRecord(%ld)", hRecord);
	Security::HandleObject::findAndKill(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	END(DL)
}

CSSM_RETURN Token::_freeRetrievedData(TOKEND_RETURN_DATA *data)
{
	BEGIN
	secdebug("tokend", "freeRetrievedData");
	// Since we return pointers to our cached interal data this is also a noop
	END(DL)
}

CSSM_RETURN Token::_releaseKey(CSSM_HANDLE hKey)
{
	BEGIN
	secdebug("tokend", "releaseKey(%ld)", hKey);
	Security::HandleObject::findAndKill(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
	END(CSP)
}

CSSM_RETURN Token::_getKeySize(CSSM_HANDLE hKey, CSSM_KEY_SIZE *size)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.getKeySize(Required(size));
	END(CSP)
}

CSSM_RETURN Token::_getOutputSize(const CSSM_CONTEXT *context,
	CSSM_HANDLE hKey, uint32 inputSize, CSSM_BOOL encrypting,
	uint32 *outputSize)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    Required(outputSize) = key.getOutputSize(Context::required(context),
		inputSize, encrypting);
	END(CSP)
}
	
CSSM_RETURN Token::_generateSignature(const CSSM_CONTEXT *context,
	CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
	CSSM_DATA *signature)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.generateSignature(Context::required(context), signOnly,
		CssmData::required(input), CssmData::required(signature));
	END(CSP)
}


CSSM_RETURN Token::_verifySignature(const CSSM_CONTEXT *context,
	CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
	const CSSM_DATA *signature)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.verifySignature(Context::required(context), signOnly,
		CssmData::required(input), CssmData::required(signature));
	END(CSP)
}


CSSM_RETURN Token::_generateMac(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
	const CSSM_DATA *input, CSSM_DATA *output)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.generateMac(Context::required(context), CssmData::required(input),
		CssmData::required(output));
	END(CSP)
}


CSSM_RETURN Token::_verifyMac(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
	const CSSM_DATA *input, const CSSM_DATA *compare)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.verifyMac(Context::required(context), CssmData::required(input),
		CssmData::required(compare));
	END(CSP)
}


CSSM_RETURN Token::_encrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
	const CSSM_DATA *clear, CSSM_DATA *cipher)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.encrypt(Context::required(context), CssmData::required(clear),
		CssmData::required(cipher));
	END(CSP)
}


CSSM_RETURN Token::_decrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
	const CSSM_DATA *cipher, CSSM_DATA *clear)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
    key.decrypt(Context::required(context), CssmData::required(cipher),
		CssmData::required(clear));
	END(CSP)
}

CSSM_RETURN Token::_generateKey(const CSSM_CONTEXT *context,
	const CSSM_ACCESS_CREDENTIALS *creds,
	const CSSM_ACL_ENTRY_PROTOTYPE *owner, CSSM_KEYUSE usage,
	CSSM_KEYATTR_FLAGS attrs, CSSM_HANDLE *hKey, CSSM_KEY *header)
{
	BEGIN
	secdebug("tokend", "generateKey");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(CSP)
}

CSSM_RETURN Token::_generateKeyPair(const CSSM_CONTEXT *context,
	const CSSM_ACCESS_CREDENTIALS *creds,
	const CSSM_ACL_ENTRY_PROTOTYPE *owner,
	CSSM_KEYUSE pubUsage, CSSM_KEYATTR_FLAGS pubAttrs,
	CSSM_KEYUSE privUsage, CSSM_KEYATTR_FLAGS privAttrs,
	CSSM_HANDLE *hPubKey, CSSM_KEY *pubHeader,
	CSSM_HANDLE *hPrivKey, CSSM_KEY *privHeader)
{
	BEGIN
	secdebug("tokend", "generateKeyPair");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(CSP)
}

CSSM_RETURN Token::_wrapKey(const CSSM_CONTEXT *context,
	CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
	const CSSM_ACCESS_CREDENTIALS *cred,
	CSSM_HANDLE hSubjectKey, const CSSM_KEY *subjectKey,
	const CSSM_DATA *descriptiveData, CSSM_KEY *wrappedKey)
{
	BEGIN
	KeyHandle *subjectKeyHandle = hSubjectKey
		? &Security::HandleObject::find(hSubjectKey,
			CSSMERR_CSP_INVALID_KEY_REFERENCE) : NULL;
	KeyHandle *wrappingKeyHandle = hWrappingKey
		? &Security::HandleObject::find(hWrappingKey,
			CSSMERR_CSP_INVALID_KEY_REFERENCE) : NULL;

	if (subjectKeyHandle)
	{
		subjectKeyHandle->wrapUsingKey(Context::required(context),
			AccessCredentials::optional(cred),
			wrappingKeyHandle, CssmKey::optional(wrappingKey),
			CssmData::optional(descriptiveData),
				CssmKey::required(wrappedKey));
	}
	else if (wrappingKeyHandle)
	{
		wrappingKeyHandle->wrapKey(Context::required(context),
			CssmKey::required(subjectKey),
			CssmData::optional(descriptiveData),
				CssmKey::required(wrappedKey));
	}
	else
	{
		secdebug("tokend",
			"wrapKey without a reference subject or wrapping key not supported"
			);
		CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	}
	END(CSP)
}

CSSM_RETURN Token::_unwrapKey(const CSSM_CONTEXT *context,
	CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
	const CSSM_ACCESS_CREDENTIALS *cred,
	const CSSM_ACL_ENTRY_PROTOTYPE *access,
	CSSM_HANDLE hPublicKey, const CSSM_KEY *publicKey,
	const CSSM_KEY *wrappedKey, CSSM_KEYUSE usage,
	CSSM_KEYATTR_FLAGS attributes, CSSM_DATA *descriptiveData,
	CSSM_HANDLE *hUnwrappedKey, CSSM_KEY *unwrappedKey)
{
	BEGIN
	if (hWrappingKey)
	{
		KeyHandle &unwrappingKey =
			Security::HandleObject::find(hWrappingKey,
				CSSMERR_CSP_INVALID_KEY_REFERENCE);
		if (hPublicKey)
		{
			secdebug("tokend", "unwrapKey with a public key not supported");
			CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
		}

		unwrappingKey.unwrapKey(Context::required(context),
			AccessCredentials::optional(cred),
			AclEntryPrototype::optional(access), CssmKey::required(wrappedKey),
			usage, attributes, CssmData::optional(descriptiveData),
			*hUnwrappedKey, CssmKey::required(unwrappedKey));
	}
	else
	{
		secdebug("tokend",
			"unwrapKey without a wrapping key not supported (import)");
		/* There is no key doing the unwrap so this is basically an import. */
		CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	}
	END(CSP)
}

CSSM_RETURN Token::_deriveKey(const CSSM_CONTEXT *context,
	CSSM_HANDLE hSourceKey, const CSSM_KEY *sourceKey,
	const CSSM_ACCESS_CREDENTIALS *cred,
	const CSSM_ACL_ENTRY_PROTOTYPE *access, CSSM_DATA *parameters,
	CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attributes,
	CSSM_HANDLE *hKey, CSSM_KEY *key)
{
	BEGIN
	secdebug("tokend", "deriveKey");
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	END(CSP)
}

CSSM_RETURN Token::_getObjectOwner(CSSM_HANDLE hRecord,
	CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	secdebug("tokend", "getObjectOwner");
	RecordHandle &rh = Security::HandleObject::find(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	rh.getOwner(AclOwnerPrototype::required(owner));
	END(DL)
}

CSSM_RETURN Token::_getObjectAcl(CSSM_HANDLE hRecord,
	const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries)
{
	BEGIN
	secdebug("tokend", "getObjectAcl");
	RecordHandle &rh = Security::HandleObject::find(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	rh.getAcl(tag, Required(count), AclEntryInfo::overlayVar(*entries));
	END(DL)
}

CSSM_RETURN Token::_getDatabaseOwner(CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	token->getOwner(AclOwnerPrototype::required(owner));
	END(DL)
}

CSSM_RETURN Token::_getDatabaseAcl(const char *tag, uint32 *count,
	CSSM_ACL_ENTRY_INFO **entries)
{
	BEGIN
	token->getAcl(tag, *count, AclEntryInfo::overlayVar(*entries));
	END(DL)
}

CSSM_RETURN Token::_getKeyOwner(CSSM_HANDLE hKey,
	CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
	key.getOwner(AclOwnerPrototype::required(owner));
	END(CSP)
}

CSSM_RETURN Token::_getKeyAcl(CSSM_HANDLE hKey,
	const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries)
{
	BEGIN
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
	key.getAcl(tag, Required(count), AclEntryInfo::overlayVar(*entries));
	END(CSP)
}

CSSM_RETURN Token::_freeOwnerData(CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
    // @@@ Do something here based on how we return data above.
	END(CSP)
}

CSSM_RETURN Token::_freeAclData(uint32 count, CSSM_ACL_ENTRY_INFO *entries)
{
	BEGIN
#if 0
    AutoAclEntryInfoList aclList(&Allocator::standard());
    // Invoke braindead overloaded operators since there are no setters on
	// AutoAclEntryInfoList
    *static_cast(aclList) = count;
    *static_cast(aclList) = entries;
#endif
	END(CSP)
}

CSSM_RETURN Token::_authenticateDatabase(CSSM_DB_ACCESS_TYPE mode,
	const CSSM_ACCESS_CREDENTIALS *cred)
{
	BEGIN
	secdebug("tokend", "authenticateDatabase");
	token->authenticate(mode, AccessCredentials::overlay(cred));
	END(DL)
}

CSSM_RETURN Token::_changeDatabaseOwner(const CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	secdebug("tokend", "changeDatabaseOwner");
	token->changeOwner(AclOwnerPrototype::required(owner));
	END(DL)
}

CSSM_RETURN Token::_changeDatabaseAcl(const CSSM_ACCESS_CREDENTIALS *cred,
	const CSSM_ACL_EDIT *edit)
{
	BEGIN
	secdebug("tokend", "changeDatabaseAcl");
	token->changeAcl(AccessCredentials::required(cred),
		AclEdit::required(edit));
	END(DL)
}

CSSM_RETURN Token::_changeObjectOwner(CSSM_HANDLE hRecord,
	const CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	secdebug("tokend", "changeObjectOwner");
	RecordHandle &rh = Security::HandleObject::find(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	rh.changeOwner(AclOwnerPrototype::required(owner));
	END(DL)
}

CSSM_RETURN Token::_changeObjectAcl(CSSM_HANDLE hRecord,
	const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit)
{
	BEGIN
	secdebug("tokend", "changeObjectAcl");
	RecordHandle &rh = Security::HandleObject::find(hRecord,
		CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
	rh.changeAcl(AccessCredentials::required(cred), AclEdit::required(edit));
	END(DL)
}

CSSM_RETURN Token::_changeKeyOwner(CSSM_HANDLE hKey,
	const CSSM_ACL_OWNER_PROTOTYPE *owner)
{
	BEGIN
	secdebug("tokend", "changeKeyOwner");
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
	key.changeOwner(AclOwnerPrototype::required(owner));
	END(CSP)
}

CSSM_RETURN Token::_changeKeyAcl(CSSM_HANDLE hKey,
	const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit)
{
	BEGIN
	secdebug("tokend", "changeKeyAcl");
	KeyHandle &key = Security::HandleObject::find(hKey,
		CSSMERR_CSP_INVALID_KEY_REFERENCE);
	key.changeAcl(AccessCredentials::required(cred), AclEdit::required(edit));
	END(CSP)
}

CSSM_RETURN Token::_generateRandom(const CSSM_CONTEXT *context,
	CSSM_DATA *result)
{
	BEGIN
	secdebug("tokend", "generateRandom");
	token->generateRandom(Context::required(context),
		CssmData::required(result));
	END(CSP)
}

CSSM_RETURN Token::_getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS *result)
{
	BEGIN
	secdebug("tokend", "getStatistics");
	token->getStatistics(Required(result));
	END(CSP)
}

CSSM_RETURN Token::_getTime(CSSM_ALGORITHMS algorithm, CSSM_DATA *result)
{
	BEGIN
	secdebug("tokend", "getTime");
	token->getTime(algorithm, CssmData::required(result));
	END(CSP)
}

CSSM_RETURN Token::_getCounter(CSSM_DATA *result)
{
	BEGIN
	secdebug("tokend", "getCounter");
	token->getCounter(CssmData::required(result));
	END(CSP)
}

CSSM_RETURN Token::_selfVerify()
{
	BEGIN
	secdebug("tokend", "selfVerify");
	token->selfVerify();
	END(CSP)
}

CSSM_RETURN Token::_cspPassThrough(uint32 id, const CSSM_CONTEXT *context,
	CSSM_HANDLE hKey, const CSSM_KEY *key, const CSSM_DATA *input,
	CSSM_DATA *output)
{
	BEGIN
	secdebug("tokend", "cspPassThrough");
	CssmError::throwMe(CSSM_ERRCODE_INVALID_PASSTHROUGH_ID);
	END(CSP)
}

CSSM_RETURN Token::_dlPassThrough(uint32 id, const CSSM_DATA *input,
	CSSM_DATA *output)
{
	BEGIN
	secdebug("tokend", "dlPassThrough");
	CssmError::throwMe(CSSM_ERRCODE_INVALID_PASSTHROUGH_ID);
	END(DL)
}

CSSM_RETURN Token::_isLocked(uint32 *locked)
{
	BEGIN
	secdebug("tokend", "_isLocked");
	Required(locked) = token->isLocked();
	END(DL)
}

//
// Callback vector into SecTokendMain
//
const SecTokendCallbacks Token::mCallbacks = {
	kSecTokendCallbackVersion,
	kSecTokendCallbacksDefault,
	_initial, _probe, _establish, _terminate,
	_findFirst, _findNext, _findRecordHandle,
	_insertRecord, _modifyRecord, _deleteRecord,
	_releaseSearch, _releaseRecord,
	_freeRetrievedData,
	_releaseKey, _getKeySize, _getOutputSize,
	_generateSignature, _verifySignature,
	_generateMac, _verifyMac,
	_encrypt, _decrypt,
	_generateKey, _generateKeyPair,
	_wrapKey, _unwrapKey, _deriveKey,
	_getDatabaseOwner, _getDatabaseAcl,
	_getObjectOwner, _getObjectAcl,
	_getKeyOwner, _getKeyAcl,
	_freeOwnerData, _freeAclData,
	_authenticateDatabase,
	_changeDatabaseOwner, _changeDatabaseAcl,
	_changeObjectOwner, _changeObjectAcl,
	_changeKeyOwner, _changeKeyAcl,
	_generateRandom, _getStatistics,
	_getTime, _getCounter,
	_selfVerify,
	_cspPassThrough, _dlPassThrough,
	_isLocked
};

const SecTokendCallbacks *Token::callbacks()
{
	return &mCallbacks;
}

SecTokendSupport *Token::support()
{
	return this;
}

void Token::initial()
{
}

void Token::terminate(uint32 reason, uint32 options)
{
}

void Token::establish(const CSSM_GUID *guid, uint32 subserviceId,
	SecTokendEstablishFlags flags, const char *cacheDirectory,
	const char *workDirectory, char mdsDirectory[PATH_MAX],
	char printName[PATH_MAX])
{
	secdebug("establish", "cacheDirectory %s", cacheDirectory);
	mGuid = *guid;
	mSubserviceId = subserviceId;
	mCacheDirectory = cacheDirectory;
}


bool Token::cachedObject(CSSM_DB_RECORDTYPE relationId,
	const std::string &name, CssmData &object) const
{
	try
	{
		UnixPlusPlus::AutoFileDesc fd(cachedObjectPath(relationId, name));
		object.Length = fd.fileSize();
		object.Data = reinterpret_cast(malloc(object.Length));
		object.Length = fd.readAll(object.Data, object.Length);
	}
	catch (const UnixError &error)
	{
		return false;
 	}

	return true;
}

void Token::cacheObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
	const CssmData &object) const
{
	std::string path(cachedObjectPath(relationId, name));
	try
	{
		UnixPlusPlus::AutoFileDesc fd(path, O_WRONLY|O_CREAT|O_TRUNC);
		fd.writeAll(object.Data, object.Length);
	}
	catch (const UnixError &e)
	{
		Syslog::error("error writing cache file: %s: %s\n", path.c_str(),
			strerror(e.unixError()));
		::unlink(path.c_str());
	}
}

std::string Token::cachedObjectPath(CSSM_DB_RECORDTYPE relationId,
	const std::string &name) const
{
	char buffer[9];
	sprintf(buffer, "%lX", relationId);

	return mCacheDirectory + "/" + buffer + "-" + name;
}

Cursor *Token::createCursor(const CSSM_QUERY *inQuery)
{
	if (!inQuery || inQuery->RecordType == CSSM_DL_DB_RECORD_ANY
		|| inQuery->RecordType == CSSM_DL_DB_RECORD_ALL_KEYS)
	{
		return new MultiCursor(inQuery, *mSchema);
	}

	const Relation &relation = mSchema->findRelation(inQuery->RecordType);
	return new LinearCursor(inQuery, relation);
}

//
// Authenticate to the token
//
void Token::authenticate(CSSM_DB_ACCESS_TYPE mode,
	const AccessCredentials *cred)
{
	int pinNum;
	if (!cred || sscanf(cred->EntryTag, "PIN%d", &pinNum) != 1)
		pinNum = -1; // No PIN in tag.

	if (mode == CSSM_DB_ACCESS_RESET)
	{
		// A mode of CSSM_DB_ACCESS_RESET is a request to deauthenticate
		// the card completely.
		secdebug("authenticate", "unverifying PIN%d", pinNum);
		return unverifyPIN(pinNum);
	}
	else if (cred && pinNum > 0)
	{ // tag="PINk"; unlock a PIN
		if (cred->size() != 1) // just one, please
			CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
		const TypedList &sample = (*cred)[0];
		switch (sample.type())
		{
		case CSSM_SAMPLE_TYPE_PASSWORD:
		case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
		case CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD:
		{
			CssmData &pin = sample[1].data();
			return verifyPIN(pinNum, pin.Data, pin.Length);
		}
		default:
			break;
		}

		CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
	}
	else
		secdebug("authenticate", "ignoring non-PIN authentication request");
}

void Token::changeOwner(const AclOwnerPrototype &owner)
{
	// Default changeOwner on a token always fails.
	CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
}

void Token::changeAcl(const AccessCredentials &cred, const AclEdit &edit)
{
	// We don't allow adding or deleting of acls currently
	switch (edit.mode())
	{
	case CSSM_ACL_EDIT_MODE_DELETE:
		CssmError::throwMe(CSSM_ERRCODE_ACL_DELETE_FAILED);
	case CSSM_ACL_EDIT_MODE_REPLACE:
		break;
	case CSSM_ACL_EDIT_MODE_ADD:
		CssmError::throwMe(CSSM_ERRCODE_ACL_ADD_FAILED);
	default:
		CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_EDIT_MODE);
	}

#if 0
	// edit.handle() is the offset in mAclEntries of the acl we are replacing
	uint32 ix = edit.handle();
	if (ix >= mAclEntries.size())
		CssmError::throwMe(CSSM_ERRCODE_ACL_REPLACE_FAILED);

	// Now we have the actual AclEntryPrototype being changed
	const AclEntryPrototype &oldProto = mAclEntries.at(ix).proto();
#endif

	// Now get the new AclEntryPrototype for this entry.
	const AclEntryInput *newEntry = edit.newEntry();
	if (!newEntry)
		CssmError::throwMe(CSSM_ERRCODE_INVALID_INPUT_POINTER);
	const AclEntryPrototype &newProto = newEntry->proto();

	unsigned int pinNum;
	if (sscanf(newProto.EntryTag, "PIN%d", &pinNum) != 1)
		CssmError::throwMe(CSSM_ERRCODE_OBJECT_ACL_NOT_SUPPORTED);

	const TypedList &subject = newProto.subject();
	switch (subject.type()) 
	{
	case CSSM_ACL_SUBJECT_TYPE_PASSWORD:
	case CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD:
	case CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD:
		break;
	default:
		CssmError::throwMe(CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED);
	}
	const CssmData &newPin = subject[1].data();

	if (cred.size() != 1)
		CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);

	const TypedList &value = cred[0].value();
	switch (value.type())
	{
	case CSSM_SAMPLE_TYPE_PASSWORD:
	case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
	case CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD:
		break;
	default:
		CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
	}
	const CssmData &oldPin = value[1].data();

	secdebug("tokend", "CHANGE PIN%d from \"%.*s\" to \"%.*s\"",
		pinNum, static_cast(oldPin.Length), oldPin.Data,
		static_cast(newPin.Length), newPin.Data);

	changePIN(pinNum, oldPin.Data, oldPin.Length, newPin.Data, newPin.Length);
}

void Token::generateRandom(const Context &context, CssmData &result)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS &result)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::getTime(CSSM_ALGORITHMS algorithm, CssmData &result)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::getCounter(CssmData &result)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::selfVerify()
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::changePIN(int pinNum,
	const unsigned char *oldPin, size_t oldPinLength,
	const unsigned char *newPin, size_t newPinLength)
{
	// Default changePIN on a token always fails.
	CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
}

uint32_t Token::pinStatus(int pinNum)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Token::verifyPIN(int pinNum,
	const unsigned char *pin, size_t pinLength)
{
	CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
}

void Token::unverifyPIN(int pinNum)
{
}

bool Token::isLocked()
{
	// Check pin1 by default.  Subclasses may override.
	return pinStatus(1) != 0x9000;
}


//
// ISO7816Token
//
ISO7816Token::ISO7816Token()
{
	mPrintName[0]=0;
}

ISO7816Token::~ISO7816Token()
{
}

uint32 ISO7816Token::probe(SecTokendProbeFlags flags,
	char tokenUid[TOKEND_MAX_UID])
{
	const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
	connect(mSession, readerState.szReader);
	return 0;
}

void ISO7816Token::establish(const CSSM_GUID *guid, uint32 subserviceId,
	SecTokendEstablishFlags flags, const char *cacheDirectory,
	const char *workDirectory, char mdsDirectory[PATH_MAX],
	char printName[PATH_MAX])
{
	secdebug("establish", "cacheDirectory %s, workDirectory: %s, name: %s",
		cacheDirectory, workDirectory, mPrintName);
	if (mPrintName[0])
		::strlcpy(printName, mPrintName, PATH_MAX);
	Token::establish(guid, subserviceId, flags, cacheDirectory,
		workDirectory, mdsDirectory, printName);

	if (!isConnected())
	{
		const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
		connect(mSession, readerState.szReader);
	}
}

uint16_t ISO7816Token::transmitAPDU(uint8_t cla, uint8_t ins, uint8_t p1,
	uint8_t p2, size_t dataSize, const uint8_t *data,
	size_t outputLength, std::vector *output)
{
	std::vector apdu;
	uint32_t lc = data ? dataSize : 0;

	// Worst case we need this much
	apdu.reserve(10 + lc);

	apdu.push_back(cla);
	apdu.push_back(ins);
	apdu.push_back(p1);
	apdu.push_back(p2);

	if (lc > 0)
	{
		if (lc < 0x100)
		{
			// Normal length Lc
			apdu.push_back(lc);
		}
		else if (lc < 0x10000)
		{
			// Extended length Lc
			apdu.push_back(0);
			apdu.push_back(lc >> 8);
			apdu.push_back(lc);
		}
		else
		{
			// Lc too big.
            PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
		}
		apdu.insert(apdu.end(), data, data + dataSize);
	}

	if (output && outputLength > 0)
	{
		if (outputLength < 0x100)
		{
			// Normal length Le
			apdu.push_back(outputLength);
		}
		else if (outputLength < 0x10000)
		{
			// Extended length Le
			apdu.push_back(0);
			apdu.push_back(outputLength >> 8);
			apdu.push_back(outputLength);
		}
		else
		{
			// Le too big
            PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
		}

		// Append the response to what's already in output.
		size_t oldSize = output->size();
		// Make enough room for the data we are requesting plus the sw
		output->resize(oldSize + outputLength + 2);
		uint8_t *response = &output->at(oldSize);
		size_t responseLength = outputLength + 2;
		transmit(&apdu[0], apdu.size(), response, responseLength);
		if (responseLength < 2)
		{
			output->resize(oldSize + responseLength);
			PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
		}

		uint16_t sw = (response[responseLength - 2] << 8)
			+ response[responseLength - 1];
		// Remove the sw from the output.
		output->resize(oldSize + responseLength - 2);

		return sw;
	}
	else
	{
		uint8_t response[2];
		size_t responseLength = sizeof(response);
		transmit(&apdu[0], apdu.size(), response, responseLength);
		if (responseLength < 2)
			PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);

		return (response[responseLength - 2] << 8)
			+ response[responseLength - 1];
	}
}

void ISO7816Token::name(const char *printName)
{
	// Set the printName
	::strlcpy(mPrintName,printName,min(1+strlen(printName),size_t(PATH_MAX)));
}

} // end namespace Tokend


/* arch-tag: E93A5DC0-DF80-11D8-9F16-000A95C4302E */


--- NEW FILE Token.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  Token.h
 *  TokendMuscle
 */

#ifndef _TOKEND_TOKEN_H_
#define _TOKEND_TOKEN_H_

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

#include "TokenContext.h"

namespace Tokend
{

class Cursor;
class Schema;
class TokenContext;

//
// "The" token
//
class Token : public SecTokendSupport
{
	NOCOPY(Token)
public:
	Token();
	virtual ~Token();

	bool cachedObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
		CssmData &data) const;
	void cacheObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
		const CssmData &object) const;

	virtual const SecTokendCallbacks *callbacks();
	virtual SecTokendSupport *support();

    virtual void initial();
    virtual uint32 probe(SecTokendProbeFlags flags,
		char tokenUid[TOKEND_MAX_UID]) = 0;
	virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
		SecTokendEstablishFlags flags, const char *cacheDirectory,
		const char *workDirectory, char mdsDirectory[PATH_MAX],
		char printName[PATH_MAX]);
	virtual void terminate(uint32 reason, uint32 options);

	virtual void authenticate(CSSM_DB_ACCESS_TYPE mode,
		const AccessCredentials *cred);
	virtual void getOwner(AclOwnerPrototype &owner) = 0;
	virtual void getAcl(const char *tag, uint32 &count,
		AclEntryInfo *&acls) = 0;

	virtual	Cursor *createCursor(const CSSM_QUERY *inQuery);

	virtual void changeOwner(const AclOwnerPrototype &owner);
	virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);

	virtual void generateRandom(const Context &context, CssmData &result);
	virtual void getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS &result);
	virtual void getTime(CSSM_ALGORITHMS algorithm, CssmData &result);
	virtual void getCounter(CssmData &result);
	virtual void selfVerify();

	virtual void changePIN(int pinNum,
		const unsigned char *oldPin, size_t oldPinLength,
		const unsigned char *newPin, size_t newPinLength);
	virtual uint32_t pinStatus(int pinNum);
	virtual void verifyPIN(int pinNum,
		const unsigned char *pin, size_t pinLength);
	virtual void unverifyPIN(int pinNum);

	virtual bool isLocked();

	TokenContext *tokenContext() { return mTokenContext; }

protected:
	std::string cachedObjectPath(CSSM_DB_RECORDTYPE relationId,
		const std::string &name) const;

	static CSSM_RETURN _initial();
    static CSSM_RETURN _probe(SecTokendProbeFlags flags, uint32 *score,
		char tokenUid[TOKEND_MAX_UID]);
	static CSSM_RETURN _establish(const CSSM_GUID *guid, uint32 subserviceId,
		SecTokendEstablishFlags flags, const char *cacheDirectory,
		const char *workDirectory, char mdsDirectory[PATH_MAX],
		char printName[PATH_MAX]);
	static CSSM_RETURN _terminate(uint32 reason, uint32 options);

	static CSSM_RETURN _findFirst(const CSSM_QUERY *query,
		TOKEND_RETURN_DATA *data, CSSM_HANDLE *hSearch);
	static CSSM_RETURN _findNext(CSSM_HANDLE hSearch,
		TOKEND_RETURN_DATA *data);
	static CSSM_RETURN _findRecordHandle(CSSM_HANDLE hRecord,
		TOKEND_RETURN_DATA *data);
	static CSSM_RETURN _insertRecord(CSSM_DB_RECORDTYPE recordType,
		const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes, const CSSM_DATA *data,
		CSSM_HANDLE *hRecord);
	static CSSM_RETURN _modifyRecord(CSSM_DB_RECORDTYPE recordType,
		CSSM_HANDLE *hRecord, const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
		const CSSM_DATA *data, CSSM_DB_MODIFY_MODE modifyMode);
	static CSSM_RETURN _deleteRecord(CSSM_HANDLE hRecord);
	static CSSM_RETURN _releaseSearch(CSSM_HANDLE hSearch);
	static CSSM_RETURN _releaseRecord(CSSM_HANDLE hRecord);
	
	static CSSM_RETURN _freeRetrievedData(TOKEND_RETURN_DATA *data);
	
	static CSSM_RETURN _releaseKey(CSSM_HANDLE hKey);
	static CSSM_RETURN _getKeySize(CSSM_HANDLE hKey, CSSM_KEY_SIZE *size);
	static CSSM_RETURN _getOutputSize(const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, uint32 inputSize, CSSM_BOOL encrypting,
		uint32 *outputSize);
	
	static CSSM_RETURN _generateSignature(const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
		CSSM_DATA *signature);
	static CSSM_RETURN _verifySignature(const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
		const CSSM_DATA *signature);
	static CSSM_RETURN _generateMac(const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, const CSSM_DATA *input, CSSM_DATA *mac);
	static CSSM_RETURN _verifyMac(const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, const CSSM_DATA *input, const CSSM_DATA *mac);
	static CSSM_RETURN _encrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
		const CSSM_DATA *clear, CSSM_DATA *cipher);
	static CSSM_RETURN _decrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
		const CSSM_DATA *cipher, CSSM_DATA *clear);
	static CSSM_RETURN _generateKey(const CSSM_CONTEXT *context,
		const CSSM_ACCESS_CREDENTIALS *creds,
		const CSSM_ACL_ENTRY_PROTOTYPE *owner, CSSM_KEYUSE usage,
		CSSM_KEYATTR_FLAGS attrs, CSSM_HANDLE *hKey, CSSM_KEY *header);
	static CSSM_RETURN _generateKeyPair(const CSSM_CONTEXT *context,
		const CSSM_ACCESS_CREDENTIALS *creds,
		const CSSM_ACL_ENTRY_PROTOTYPE *owner,
		CSSM_KEYUSE pubUsage, CSSM_KEYATTR_FLAGS pubAttrs,
		CSSM_KEYUSE privUsage, CSSM_KEYATTR_FLAGS privAttrs,
		CSSM_HANDLE *hPubKey, CSSM_KEY *pubHeader,
		CSSM_HANDLE *hPrivKey, CSSM_KEY *privHeader);
	static CSSM_RETURN _wrapKey(const CSSM_CONTEXT *context,
		CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
		const CSSM_ACCESS_CREDENTIALS *cred, CSSM_HANDLE hSubjectKey,
		const CSSM_KEY *subjectKey, const CSSM_DATA *descriptiveData,
		CSSM_KEY *wrappedKey);
	static CSSM_RETURN _unwrapKey(const CSSM_CONTEXT *context,
		CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
		const CSSM_ACCESS_CREDENTIALS *cred,
		const CSSM_ACL_ENTRY_PROTOTYPE *access,
		CSSM_HANDLE hPublicKey, const CSSM_KEY *publicKey,
		const CSSM_KEY *wrappedKey, CSSM_KEYUSE usage,
		CSSM_KEYATTR_FLAGS attributes, CSSM_DATA *descriptiveData,
		CSSM_HANDLE *hUnwrappedKey, CSSM_KEY *unwrappedKey);
	static CSSM_RETURN _deriveKey(const CSSM_CONTEXT *context,
		CSSM_HANDLE hSourceKey, const CSSM_KEY *sourceKey,
		const CSSM_ACCESS_CREDENTIALS *cred, 
		const CSSM_ACL_ENTRY_PROTOTYPE *access, CSSM_DATA *parameters,
		CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attributes,
		CSSM_HANDLE *hKey, CSSM_KEY *hKey);

	static CSSM_RETURN _getObjectOwner(CSSM_HANDLE hKey,
		CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _getObjectAcl(CSSM_HANDLE hKey,
		const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries);
	static CSSM_RETURN _getDatabaseOwner(CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _getDatabaseAcl(const char *tag, uint32 *count,
		CSSM_ACL_ENTRY_INFO **entries);
	static CSSM_RETURN _getKeyOwner(CSSM_HANDLE hKey,
		CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _getKeyAcl(CSSM_HANDLE hKey, const char *tag,
		uint32 *count, CSSM_ACL_ENTRY_INFO **entries);
	
	static CSSM_RETURN _freeOwnerData(CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _freeAclData(uint32 count,
		CSSM_ACL_ENTRY_INFO *entries);

	static CSSM_RETURN _authenticateDatabase(CSSM_DB_ACCESS_TYPE mode,
		const CSSM_ACCESS_CREDENTIALS *cred);

	static CSSM_RETURN _changeDatabaseOwner(const CSSM_ACL_OWNER_PROTOTYPE *
		owner);
	static CSSM_RETURN _changeDatabaseAcl(const CSSM_ACCESS_CREDENTIALS *cred,
		const CSSM_ACL_EDIT *edit);
	static CSSM_RETURN _changeObjectOwner(CSSM_HANDLE hRecord,
		const CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _changeObjectAcl(CSSM_HANDLE hRecord,
		const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit);
	static CSSM_RETURN _changeKeyOwner(CSSM_HANDLE key,
		const CSSM_ACL_OWNER_PROTOTYPE *owner);
	static CSSM_RETURN _changeKeyAcl(CSSM_HANDLE key,
		const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit);

	static CSSM_RETURN _generateRandom(const CSSM_CONTEXT *context,
		CSSM_DATA *result);
	static CSSM_RETURN _getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS *result);
	static CSSM_RETURN _getTime(CSSM_ALGORITHMS algorithm, CSSM_DATA *result);
	static CSSM_RETURN _getCounter(CSSM_DATA *result);
	static CSSM_RETURN _selfVerify();

	static CSSM_RETURN _cspPassThrough(uint32 id, const CSSM_CONTEXT *context,
		CSSM_HANDLE hKey, const CSSM_KEY *key, const CSSM_DATA *input,
		CSSM_DATA *output);
	static CSSM_RETURN _dlPassThrough(uint32 id, const CSSM_DATA *input,
		CSSM_DATA *output);

	static CSSM_RETURN _isLocked(uint32 *locked);

private:
	static const SecTokendCallbacks mCallbacks;

protected:
	Schema *mSchema;
	TokenContext *mTokenContext;

	Guid mGuid;
	uint32 mSubserviceId;
	std::string mCacheDirectory;
};


class ISO7816Token : public Token, public TokenContext, public PCSC::Card
{
	NOCOPY(ISO7816Token)
public:
	ISO7816Token();
	virtual ~ISO7816Token();

    virtual uint32 probe(SecTokendProbeFlags flags,
		char tokenUid[TOKEND_MAX_UID]);
	virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
		SecTokendEstablishFlags flags, const char *cacheDirectory,
		const char *workDirectory, char mdsDirectory[PATH_MAX],
		char printName[PATH_MAX]);

	uint16_t transmitAPDU(uint8_t cla, uint8_t ins, uint8_t p1, uint8_t p2,
		size_t dataSize = 0, const uint8_t *data = NULL,
		size_t outputLength = 0, std::vector *output = NULL);

protected:
	PCSC::Session mSession;
	char mPrintName[PATH_MAX];
	
	virtual void name(const char *printName);
};


} // end namespace Tokend

//
// Singleton
//
extern Tokend::Token *token;

#endif /* !_TOKEND_TOKEN_H_ */

/* arch-tag: E93DF9EE-DF80-11D8-991E-000A95C4302E */


--- NEW FILE TokenContext.cpp ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  TokenContext.cpp
 *  TokendMuscle
 */

#include "TokenContext.h"

namespace Tokend
{

TokenContext::~TokenContext()
{
}

} // end namespace Tokend



/* arch-tag: 57027497-E707-11D8-B72A-000A95C4302E */



--- NEW FILE TokenContext.h ---
/*
 *  Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 * 
 *  @APPLE_LICENSE_HEADER_START@
 *  
 *  This file contains Original Code and/or Modifications of Original Code
 *  as defined in and that are subject to the Apple Public Source License
 *  Version 2.0 (the 'License'). You may not use this file except in
 *  compliance with the License. Please obtain a copy of the License at
 *  http://www.opensource.apple.com/apsl/ and read it before using this
 *  file.
 *  
 *  The Original Code and all software distributed under the License are
 *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 *  Please see the License for the specific language governing rights and
 *  limitations under the License.
 *  
 *  @APPLE_LICENSE_HEADER_END@
 */

/*
 *  TokenContext.h
 *  TokendMuscle
 */

#ifndef _TOKEND_TOKENCONTEXT_H_
#define _TOKEND_TOKENCONTEXT_H_

#include 

namespace Tokend
{

class TokenContext
{
	NOCOPY(TokenContext)
public:
	TokenContext() {}
	virtual ~TokenContext() = 0;
};

} // end namespace Tokend

#endif /* !_TOKEND_TOKENCONTEXT_H_ */

/* arch-tag: 57047250-E707-11D8-9366-000A95C4302E */




From fedora-directory-commits at redhat.com  Thu Jan 24 17:54:58 2008
From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder))
Date: Thu, 24 Jan 2008 12:54:58 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm
	import-threads.c, 1.13, 1.14
Message-ID: <200801241754.m0OHswdD025590@cvs-int.fedora.redhat.com>

Author: nkinder

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25500

Modified Files:
	import-threads.c 
Log Message:
Resolves: 429799
Summary: Allow import fifo to clear out all finished entries.



Index: import-threads.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/import-threads.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- import-threads.c	11 Jun 2007 17:22:38 -0000	1.13
+++ import-threads.c	24 Jan 2008 17:54:56 -0000	1.14
@@ -870,7 +870,7 @@
         for ( i = 0, slot_found = 0 ; i < job->fifo.size ; i++ ) {
             temp_ep = job->fifo.item[i].entry;
             if (temp_ep) {
-                if (temp_ep->ep_refcnt == 0 && temp_ep->ep_id < job->ready_ID) {
+                if (temp_ep->ep_refcnt == 0 && temp_ep->ep_id <= job->ready_ID) {
                     job->fifo.item[i].entry = NULL;
                     if (job->fifo.c_bsize > job->fifo.item[i].esize)
                         job->fifo.c_bsize -= job->fifo.item[i].esize;



From fedora-directory-commits at redhat.com  Thu Jan 24 20:17:02 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Thu, 24 Jan 2008 15:17:02 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm
	import-threads.c, 1.8.2.2, 1.8.2.3
Message-ID: <200801242017.m0OKH2CV017489@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17441

Modified Files:
      Tag: Directory71RtmBranch
	import-threads.c 
Log Message:
Resolves: #429799 (#430146 for 7.1sp4)
Summary: Online replication initialization spins endlessly with large entries
Description: applied the patch to Directory71RtmBranch



Index: import-threads.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/import-threads.c,v
retrieving revision 1.8.2.2
retrieving revision 1.8.2.3
diff -u -r1.8.2.2 -r1.8.2.3
--- import-threads.c	2 Mar 2006 01:12:31 -0000	1.8.2.2
+++ import-threads.c	24 Jan 2008 20:16:59 -0000	1.8.2.3
@@ -872,7 +872,7 @@
         for ( i = 0, slot_found = 0 ; i < job->fifo.size ; i++ ) {
             temp_ep = job->fifo.item[i].entry;
             if (temp_ep) {
-                if (temp_ep->ep_refcnt == 0 && temp_ep->ep_id < job->ready_ID) {
+                if (temp_ep->ep_refcnt == 0 && temp_ep->ep_id <= job->ready_ID) {
                     job->fifo.item[i].entry = NULL;
                     if (job->fifo.c_bsize > job->fifo.item[i].esize)
                         job->fifo.c_bsize -= job->fifo.item[i].esize;



From fedora-directory-commits at redhat.com  Fri Jan 25 00:59:02 2008
From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder))
Date: Thu, 24 Jan 2008 19:59:02 -0500
Subject: [Fedora-directory-commits] 
	ldapserver/ldap/servers/plugins/replication repl5_total.c,
	1.10, 1.11
Message-ID: <200801250059.m0P0x2o1020427@cvs-int.fedora.redhat.com>

Author: nkinder

Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20381/plugins/replication

Modified Files:
	repl5_total.c 
Log Message:
Resolves: 429793
Summary: Fixed crash in replication during bulk import.  Use bulk impport code more consistently.



Index: repl5_total.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_total.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- repl5_total.c	18 Oct 2007 00:08:31 -0000	1.10
+++ repl5_total.c	25 Jan 2008 00:59:00 -0000	1.11
@@ -872,12 +872,11 @@
 #endif
 
        rc = slapi_import_entry (pb, e); 
-       /* slapi_import_entry return an LDAP error in case of problem
-        * LDAP_BUSY is used to indicate that the import queue is full
-        * and that flow control must happen to stop the supplier 
-        * from sending entries
+       /* slapi_import_entry returns an LDAP error in case of a
+        * problem.  If there's a problem, it's our responsibility
+        * to free the slapi_entry that we're trying to import.
         */
-       if ((rc != LDAP_SUCCESS) && (rc != LDAP_BUSY))
+       if (rc != LDAP_SUCCESS)
 	   {
 		   const char *dn = slapi_entry_get_dn_const(e);
 		   slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
@@ -896,7 +895,7 @@
 						rc, connid, opid);
 	}
    
-    if ((rc != 0) && (rc != LDAP_BUSY))
+    if (rc != 0)
     {
         /* just disconnect from the supplier. bulk import is stopped when
            connection object is destroyed */



From fedora-directory-commits at redhat.com  Fri Jan 25 00:59:02 2008
From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder))
Date: Thu, 24 Jan 2008 19:59:02 -0500
Subject: [Fedora-directory-commits] 
	ldapserver/ldap/servers/slapd add.c, 1.11,
	1.12 bulk_import.c, 1.5, 1.6
Message-ID: <200801250059.m0P0x2DV020434@cvs-int.fedora.redhat.com>

Author: nkinder

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20381/slapd

Modified Files:
	add.c bulk_import.c 
Log Message:
Resolves: 429793
Summary: Fixed crash in replication during bulk import.  Use bulk impport code more consistently.



Index: add.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/add.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- add.c	18 Oct 2007 00:08:34 -0000	1.11
+++ add.c	25 Jan 2008 00:59:00 -0000	1.12
@@ -772,25 +772,19 @@
     slapi_pblock_set(pb, SLAPI_BULK_IMPORT_STATE, &ret);
     ret = (*be->be_wire_import)(pb);
     if (ret != 0) {
-        if (ret != LDAP_BUSY) {
-            LDAPDebug(LDAP_DEBUG_ANY,
-                      "wire import: error during import (%d)\n",
-                      ret, 0, 0);
-        } else {
-            LDAPDebug(LDAP_DEBUG_TRACE,
-                      "wire import: asking client to wait before resuming (returning LDAP_BUSY)\n",
-                      0, 0, 0);
-        }
-        send_ldap_result(pb,
-			 LDAP_BUSY == ret ? LDAP_BUSY : LDAP_OPERATIONS_ERROR,
+        LDAPDebug(LDAP_DEBUG_ANY,
+                  "wire import: error during import (%d)\n",
+                  ret, 0, 0);
+        send_ldap_result(pb, LDAP_OPERATIONS_ERROR,
 			 NULL, NULL, 0, NULL);
+        /* It's our responsibility to free the entry if
+         * be_wire_import doesn't succeed. */
         slapi_entry_free(entry);
 
-		if (LDAP_BUSY != ret) {
-        	/* turn off fast replica init -- import is now aborted */
-        	pb->pb_conn->c_bi_backend = NULL;
-        	pb->pb_conn->c_flags &= ~CONN_FLAG_IMPORT;
-		}
+       	/* turn off fast replica init -- import is now aborted */
+       	pb->pb_conn->c_bi_backend = NULL;
+       	pb->pb_conn->c_flags &= ~CONN_FLAG_IMPORT;
+
         return;
     }
 


Index: bulk_import.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/bulk_import.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- bulk_import.c	10 Nov 2006 23:45:40 -0000	1.5
+++ bulk_import.c	25 Jan 2008 00:59:00 -0000	1.6
@@ -176,10 +176,11 @@
     rc = be->be_wire_import (pb);
     if (rc != 0)
     {
-        if (rc != LDAP_BUSY)
-			slapi_log_error(SLAPI_LOG_FATAL, NULL, "slapi_start_bulk_import: "
+        /* The caller will free the entry (e), so we just
+         * leave it alone here. */
+        slapi_log_error(SLAPI_LOG_FATAL, NULL, "slapi_start_bulk_import: "
                         "failed; error = %d\n", rc);
-        return (LDAP_BUSY == rc ? LDAP_BUSY : LDAP_OPERATIONS_ERROR);
+        return LDAP_OPERATIONS_ERROR;
     }
 
     return LDAP_SUCCESS;



From fedora-directory-commits at redhat.com  Fri Jan 25 00:59:03 2008
From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder))
Date: Thu, 24 Jan 2008 19:59:03 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm
	import-threads.c, 1.14, 1.15
Message-ID: <200801250059.m0P0x377020440@cvs-int.fedora.redhat.com>

Author: nkinder

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20381/slapd/back-ldbm

Modified Files:
	import-threads.c 
Log Message:
Resolves: 429793
Summary: Fixed crash in replication during bulk import.  Use bulk impport code more consistently.



Index: import-threads.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/import-threads.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- import-threads.c	24 Jan 2008 17:54:56 -0000	1.14
+++ import-threads.c	25 Jan 2008 00:59:00 -0000	1.15
@@ -1517,15 +1517,11 @@
 /* returns 0 on success, or < 0 on error 
  *
  * on error, the import process is aborted -- so if this returns an error,
- * don't try to queue any more entries or you'll be sorry.
- *
- * flag_block in used to know if this thread should block when
- * the fifo is full or return an error LDAP_BUSY
- * Typically, import done on from the GUI or the command line will
- * block while online import as used by the replication total update
- * will not block
+ * don't try to queue any more entries or you'll be sorry.  The caller
+ * is also responsible for free'ing the passed in entry on error.  The
+ * entry will be consumed on success.
  */
-static int bulk_import_queue(ImportJob *job, Slapi_Entry *entry, int flag_block)
+static int bulk_import_queue(ImportJob *job, Slapi_Entry *entry)
 {
     struct backentry *ep = NULL, *old_ep = NULL;
     int idx;
@@ -1569,18 +1565,7 @@
     if (old_ep) {
         while ((old_ep->ep_refcnt > 0) && !(job->flags & FLAG_ABORT))
         {
-            if (flag_block)
-                DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
-            else
-            {
-				/* DBBD: Argh -- why not just block, what's the benefit to this ?? */
-				/* I think that to support pipelining in the transport, we need to block here, */
-				/* Otherwise evil things could happen where we say we're busy for operation N, but */
-				/* Not for operation N+1, but the sender doesn't find out about this until after sending */
-				/* Operation N+2 etc. Seems possible to end up with children processed before parents which won't work. */
-                PR_Unlock(job->wire_lock);
-                return LDAP_BUSY;
-            }
+            DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
         }
 
         /* the producer could be running thru the fifo while
@@ -1589,16 +1574,12 @@
          */
         while ((old_ep->ep_id >= job->ready_ID) && !(job->flags & FLAG_ABORT))
         {
-            if (flag_block)
-                DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
-            else
-            {
-                PR_Unlock(job->wire_lock);
-                return LDAP_BUSY;
-            }
+            DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
         }
 
         if (job->flags & FLAG_ABORT) {
+            backentry_clear_entry(ep);      /* entry is released in the frontend on failure*/
+            backentry_free( &ep );          /* release the backend wrapper, here */
             PR_Unlock(job->wire_lock);
             return -2;
         }
@@ -1618,8 +1599,9 @@
         import_log_notice(job, "WARNING: skipping entry \"%s\"",
                     escape_string(slapi_entry_get_dn(ep->ep_entry), ebuf));
         import_log_notice(job, "REASON: entry too large (%d bytes) for "
-                    "the buffer size (%d bytes)", newesize, job->fifo.bsize);
-        backentry_free(&ep);
+                    "the import buffer size (%d bytes).   Try increasing nsslapd-cachememsize.", newesize, job->fifo.bsize);
+        backentry_clear_entry(ep);      /* entry is released in the frontend on failure*/
+        backentry_free( &ep );          /* release the backend wrapper, here */
         PR_Unlock(job->wire_lock);
         return -1;
     }
@@ -1677,7 +1659,13 @@
     return;
 }
 
-/* plugin entry function for replica init */
+/* plugin entry function for replica init
+ *
+ * For the SLAPI_BI_STATE_ADD state:
+ * On success (rc=0), the entry in pb->pb_import_entry will be
+ * consumed.  For any other return value, the caller is
+ * responsible for freeing the entry in the pb.
+ */
 int ldbm_back_wire_import(Slapi_PBlock *pb)
 {
     struct ldbminfo *li;
@@ -1710,12 +1698,12 @@
         if (! import_entry_belongs_here(pb->pb_import_entry,
                                         job->inst->inst_be)) {
             /* silently skip */
+            /* We need to consume pb->pb_import_entry on success, so we free it here. */
+            slapi_entry_free(pb->pb_import_entry);
             return 0;
         }
-		/* These days, we don't want to return LDAP_BUSY (it makes pipelineing impossible 
-		and actually doesn't achieve anything anyway). So we pass '1' for the block flag. */
-        return bulk_import_queue(job, pb->pb_import_entry,
-                                        1);
+
+        return bulk_import_queue(job, pb->pb_import_entry);
     }
 
     thread = job->main_thread;



From fedora-directory-commits at redhat.com  Fri Jan 25 02:07:38 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Thu, 24 Jan 2008 21:07:38 -0500
Subject: [Fedora-directory-commits] 
	ldapserver/ldap/servers/plugins/replication repl5_total.c,
	1.5.2.1, 1.5.2.2
Message-ID: <200801250207.m0P27clx002838@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2794/plugins/replication

Modified Files:
      Tag: Directory71RtmBranch
	repl5_total.c 
Log Message:
Resolves: #430180 (original bug #429793)
Summary: RHDS7.1SP4: Replica crashes during online initialization with large
attribute value
Description: applied the patches to Directory71RtmBranch



Index: repl5_total.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_total.c,v
retrieving revision 1.5.2.1
retrieving revision 1.5.2.2
diff -u -r1.5.2.1 -r1.5.2.2
--- repl5_total.c	2 Mar 2006 01:11:55 -0000	1.5.2.1
+++ repl5_total.c	25 Jan 2008 02:07:36 -0000	1.5.2.2
@@ -869,12 +869,11 @@
 #endif
 
        rc = slapi_import_entry (pb, e); 
-       /* slapi_import_entry return an LDAP error in case of problem
-        * LDAP_BUSY is used to indicate that the import queue is full
-        * and that flow control must happen to stop the supplier 
-        * from sending entries
+       /* slapi_import_entry returns an LDAP error in case of a
+	* problem.  If there's a problem, it's our responsibility
+	* to free the slapi_entry that we're trying to import.
         */
-       if ((rc != LDAP_SUCCESS) && (rc != LDAP_BUSY))
+       if (rc != LDAP_SUCCESS)
 	   {
 		   const char *dn = slapi_entry_get_dn_const(e);
 		   slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
@@ -893,7 +892,7 @@
 						rc, connid, opid);
 	}
    
-    if ((rc != 0) && (rc != LDAP_BUSY))
+    if (rc != 0)
     {
         /* just disconnect from the supplier. bulk import is stopped when
            connection object is destroyed */



From fedora-directory-commits at redhat.com  Fri Jan 25 02:07:39 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Thu, 24 Jan 2008 21:07:39 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd add.c,
	1.5.2.1, 1.5.2.2 bulk_import.c, 1.4, 1.4.2.1
Message-ID: <200801250207.m0P27dtZ002845@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2794/slapd

Modified Files:
      Tag: Directory71RtmBranch
	add.c bulk_import.c 
Log Message:
Resolves: #430180 (original bug #429793)
Summary: RHDS7.1SP4: Replica crashes during online initialization with large
attribute value
Description: applied the patches to Directory71RtmBranch



Index: add.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/add.c,v
retrieving revision 1.5.2.1
retrieving revision 1.5.2.2
diff -u -r1.5.2.1 -r1.5.2.2
--- add.c	2 Mar 2006 01:12:23 -0000	1.5.2.1
+++ add.c	25 Jan 2008 02:07:36 -0000	1.5.2.2
@@ -753,25 +753,19 @@
     slapi_pblock_set(pb, SLAPI_BULK_IMPORT_STATE, &ret);
     ret = (*be->be_wire_import)(pb);
     if (ret != 0) {
-        if (ret != LDAP_BUSY) {
-            LDAPDebug(LDAP_DEBUG_ANY,
-                      "wire import: error during import (%d)\n",
-                      ret, 0, 0);
-        } else {
-            LDAPDebug(LDAP_DEBUG_TRACE,
-                      "wire import: asking client to wait before resuming (returning LDAP_BUSY)\n",
-                      0, 0, 0);
-        }
-        send_ldap_result(pb,
-			 LDAP_BUSY == ret ? LDAP_BUSY : LDAP_OPERATIONS_ERROR,
+        LDAPDebug(LDAP_DEBUG_ANY,
+                  "wire import: error during import (%d)\n",
+                  ret, 0, 0);
+        send_ldap_result(pb, LDAP_OPERATIONS_ERROR,
 			 NULL, NULL, 0, NULL);
+        /* It's our responsibility to free the entry if
+         * be_wire_import doesn't succeed. */
         slapi_entry_free(entry);
 
-		if (LDAP_BUSY != ret) {
-        	/* turn off fast replica init -- import is now aborted */
-        	pb->pb_conn->c_bi_backend = NULL;
-        	pb->pb_conn->c_flags &= ~CONN_FLAG_IMPORT;
-		}
+        /* turn off fast replica init -- import is now aborted */
+        pb->pb_conn->c_bi_backend = NULL;
+        pb->pb_conn->c_flags &= ~CONN_FLAG_IMPORT;
+
         return;
     }
 


Index: bulk_import.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/bulk_import.c,v
retrieving revision 1.4
retrieving revision 1.4.2.1
diff -u -r1.4 -r1.4.2.1
--- bulk_import.c	19 Apr 2005 22:07:36 -0000	1.4
+++ bulk_import.c	25 Jan 2008 02:07:36 -0000	1.4.2.1
@@ -171,10 +171,11 @@
     rc = be->be_wire_import (pb);
     if (rc != 0)
     {
-        if (rc != LDAP_BUSY)
-			slapi_log_error(SLAPI_LOG_FATAL, NULL, "slapi_start_bulk_import: "
+        /* The caller will free the entry (e), so we just
+         * leave it alone here. */
+	slapi_log_error(SLAPI_LOG_FATAL, NULL, "slapi_start_bulk_import: "
                         "failed; error = %d\n", rc);
-        return (LDAP_BUSY == rc ? LDAP_BUSY : LDAP_OPERATIONS_ERROR);
+        return LDAP_OPERATIONS_ERROR;
     }
 
     return LDAP_SUCCESS;



From fedora-directory-commits at redhat.com  Fri Jan 25 02:07:39 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Thu, 24 Jan 2008 21:07:39 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm
	import-threads.c, 1.8.2.3, 1.8.2.4
Message-ID: <200801250207.m0P27d6M002851@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2794/slapd/back-ldbm

Modified Files:
      Tag: Directory71RtmBranch
	import-threads.c 
Log Message:
Resolves: #430180 (original bug #429793)
Summary: RHDS7.1SP4: Replica crashes during online initialization with large
attribute value
Description: applied the patches to Directory71RtmBranch



Index: import-threads.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/import-threads.c,v
retrieving revision 1.8.2.3
retrieving revision 1.8.2.4
diff -u -r1.8.2.3 -r1.8.2.4
--- import-threads.c	24 Jan 2008 20:16:59 -0000	1.8.2.3
+++ import-threads.c	25 Jan 2008 02:07:37 -0000	1.8.2.4
@@ -1523,15 +1523,12 @@
 /* returns 0 on success, or < 0 on error 
  *
  * on error, the import process is aborted -- so if this returns an error,
- * don't try to queue any more entries or you'll be sorry.
+ * don't try to queue any more entries or you'll be sorry.  The caller
+ * is also responsible for free'ing the passed in entry on error.  The
+ * entry will be consumed on success.
  *
- * flag_block in used to know if this thread should block when
- * the fifo is full or return an error LDAP_BUSY
- * Typically, import done on from the GUI or the command line will
- * block while online import as used by the replication total update
- * will not block
  */
-static int bulk_import_queue(ImportJob *job, Slapi_Entry *entry, int flag_block)
+static int bulk_import_queue(ImportJob *job, Slapi_Entry *entry)
 {
     struct backentry *ep = NULL, *old_ep = NULL;
     int idx;
@@ -1575,18 +1572,7 @@
     if (old_ep) {
         while ((old_ep->ep_refcnt > 0) && !(job->flags & FLAG_ABORT))
         {
-            if (flag_block)
-                DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
-            else
-            {
-				/* DBBD: Argh -- why not just block, what's the benefit to this ?? */
-				/* I think that to support pipelining in the transport, we need to block here, */
-				/* Otherwise evil things could happen where we say we're busy for operation N, but */
-				/* Not for operation N+1, but the sender doesn't find out about this until after sending */
-				/* Operation N+2 etc. Seems possible to end up with children processed before parents which won't work. */
-                PR_Unlock(job->wire_lock);
-                return LDAP_BUSY;
-            }
+            DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
         }
 
         /* the producer could be running thru the fifo while
@@ -1595,16 +1581,12 @@
          */
         while ((old_ep->ep_id >= job->ready_ID) && !(job->flags & FLAG_ABORT))
         {
-            if (flag_block)
-                DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
-            else
-            {
-                PR_Unlock(job->wire_lock);
-                return LDAP_BUSY;
-            }
+            DS_Sleep(PR_MillisecondsToInterval(import_sleep_time));
         }
 
         if (job->flags & FLAG_ABORT) {
+	    backentry_clear_entry(ep);      /* entry is released in the frontend on failure*/
+	    backentry_free( &ep );          /* release the backend wrapper, here */
             PR_Unlock(job->wire_lock);
             return -2;
         }
@@ -1624,8 +1606,9 @@
         import_log_notice(job, "WARNING: skipping entry \"%s\"",
                     escape_string(slapi_entry_get_dn(ep->ep_entry), ebuf));
         import_log_notice(job, "REASON: entry too large (%d bytes) for "
-                    "the buffer size (%d bytes)", newesize, job->fifo.bsize);
-        backentry_free(&ep);
+                    "the import buffer size (%d bytes).  Try increasing nsslapd-cachememsize.", newesize, job->fifo.bsize);
+	backentry_clear_entry(ep);      /* entry is released in the frontend on failure*/
+	backentry_free( &ep );          /* release the backend wrapper, here */
         PR_Unlock(job->wire_lock);
         return -1;
     }
@@ -1683,7 +1666,13 @@
     return;
 }
 
-/* plugin entry function for replica init */
+/* plugin entry function for replica init
+ *
+ * For the SLAPI_BI_STATE_ADD state:
+ * On success (rc=0), the entry in pb->pb_import_entry will be
+ * consumed.  For any other return value, the caller is
+ * responsible for freeing the entry in the pb.
+ */
 int ldbm_back_wire_import(Slapi_PBlock *pb)
 {
     struct ldbminfo *li;
@@ -1716,12 +1705,12 @@
         if (! import_entry_belongs_here(pb->pb_import_entry,
                                         job->inst->inst_be)) {
             /* silently skip */
+            /* We need to consume pb->pb_import_entry on success, so we free it here. */
+	    slapi_entry_free(pb->pb_import_entry);
             return 0;
         }
-		/* These days, we don't want to return LDAP_BUSY (it makes pipelineing impossible 
-		and actually doesn't achieve anything anyway). So we pass '1' for the block flag. */
-        return bulk_import_queue(job, pb->pb_import_entry,
-                                        1);
+
+        return bulk_import_queue(job, pb->pb_import_entry);
     }
 
     thread = job->main_thread;



From fedora-directory-commits at redhat.com  Sat Jan 26 01:53:38 2008
From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi))
Date: Fri, 25 Jan 2008 20:53:38 -0500
Subject: [Fedora-directory-commits] ldapserver/ldap/cm fedora-patch.inf,
	1.1.2.18, 1.1.2.19 redhat-patch.inf, 1.1.2.19, 1.1.2.20
Message-ID: <200801260153.m0Q1rc8X030041@cvs-int.fedora.redhat.com>

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30024

Modified Files:
      Tag: Directory71RtmBranch
	fedora-patch.inf redhat-patch.inf 
Log Message:
updated the patch info file: added 429793 & 429799



Index: fedora-patch.inf
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/fedora-patch.inf,v
retrieving revision 1.1.2.18
retrieving revision 1.1.2.19
diff -u -r1.1.2.18 -r1.1.2.19
--- fedora-patch.inf	16 Jan 2008 01:55:56 -0000	1.1.2.18
+++ fedora-patch.inf	26 Jan 2008 01:53:35 -0000	1.1.2.19
@@ -57,7 +57,7 @@
 file: xxxxxx: bin/slapd/server/libdb42.*
 file: 151678: bin/slapd/admin/bin/ds_newinst
 file: 151678: bin/slapd/admin/bin/ds_create
-file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586: lib/libback-ldbm.*
+file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586,429793,429799: lib/libback-ldbm.*
 file: 160003: bin/slapd/admin/scripts/template-db2index.pl
 file: 160003: bin/slapd/admin/bin/upgradeServer
 file: 164836,165600,288321: lib/attr-unique-plugin.*
@@ -70,7 +70,7 @@
 file: 167478,160589: setup/setup
 file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi
 file: 167761: java/jars/ds71.jar
-file: 169388,169954,170071,170350,181827,179135,179137,238630: lib/replication-plugin.*
+file: 169388,169954,170071,170350,181827,179135,179137,238630,429793: lib/replication-plugin.*
 file: xxxxxx: bin/slapd/README.txt
 file: xxxxxx: README.txt
 file: M324525,M324529: shared/lib/libldap50.*


Index: redhat-patch.inf
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Attic/redhat-patch.inf,v
retrieving revision 1.1.2.19
retrieving revision 1.1.2.20
diff -u -r1.1.2.19 -r1.1.2.20
--- redhat-patch.inf	16 Jan 2008 01:55:56 -0000	1.1.2.19
+++ redhat-patch.inf	26 Jan 2008 01:53:35 -0000	1.1.2.20
@@ -57,7 +57,7 @@
 file: xxxxxx: bin/slapd/server/libdb42.*
 file: 151678: bin/slapd/admin/bin/ds_newinst
 file: 151678: bin/slapd/admin/bin/ds_create
-file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586: lib/libback-ldbm.*
+file: 155276,164843,165641,165827,165862,166012,175063,175897,179135,179137,179810,189264,192901,231507,183222,314851,171081,243820,219586,429793,429799: lib/libback-ldbm.*
 file: 160003: bin/slapd/admin/scripts/template-db2index.pl
 file: 160003: bin/slapd/admin/bin/upgradeServer
 file: 164836,165600,288321: lib/attr-unique-plugin.*
@@ -70,7 +70,7 @@
 file: 167478,160589: setup/setup
 file: 156120,159037,170321,170328,170556,170558,170816,185765: winsync/PassSync.msi
 file: 167761: java/jars/ds71.jar
-file: 169388,169954,170071,170350,181827,179135,179137,238630: lib/replication-plugin.*
+file: 169388,169954,170071,170350,181827,179135,179137,238630,429793: lib/replication-plugin.*
 file: xxxxxx: bin/slapd/README.txt
 file: xxxxxx: README.txt
 file: M324525,M324529: shared/lib/libldap50.*



From fedora-directory-commits at redhat.com  Mon Jan 28 21:22:50 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Mon, 28 Jan 2008 16:22:50 -0500
Subject: [Fedora-directory-commits] dsgw/config dsgw.tmpl.in,1.1,1.2
Message-ID: <200801282122.m0SLMog2024880@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/config
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24762/dsgw/config

Modified Files:
	dsgw.tmpl.in 
Log Message:
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent


Index: dsgw.tmpl.in
===================================================================
RCS file: /cvs/dirsec/dsgw/config/dsgw.tmpl.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- dsgw.tmpl.in	14 Jan 2008 22:45:23 -0000	1.1
+++ dsgw.tmpl.in	28 Jan 2008 21:22:48 -0000	1.2
@@ -44,7 +44,7 @@
 
 securitypath  "@contextdir@"
 
-url-orgchart-base     http://@host@:@port@/clients/orgchart/bin/org?context=dsgw&data=
+url-orgchart-base     http://@host@:@httpport@@cgiuri@/org?context=dsgw&data=
 
 # The attribute the orgchart uses to search for entries.
 # This value should correspond to the value of attrib-farleft-rdn



From fedora-directory-commits at redhat.com  Mon Jan 28 21:22:50 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Mon, 28 Jan 2008 16:22:50 -0500
Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.7, 1.8 auth.c, 1.2,
	1.3 config.c, 1.4, 1.5 configure.ac, 1.6, 1.7 csearch.c, 1.2,
	1.3 doauth.c, 1.2, 1.3 domodify.c, 1.1.1.1,
	1.2 dsgw-httpd.conf.in, 1.4, 1.5 dsgwgetlang.c, 1.3,
	1.4 dsgwutil.c, 1.5, 1.6 edit.c, 1.2, 1.3 emitauth.c, 1.1.1.1,
	1.2 entrydisplay.c, 1.2, 1.3 ldaputil.c, 1.1.1.1, 1.2 setup.in,
	1.2, 1.3 aclocal.m4, 1.4, 1.5 configure, 1.7, 1.8 missing, 1.3,
	1.4 install-sh, 1.3, 1.4 Makefile.in, 1.7, 1.8 depcomp, 1.3,
	1.4 config.sub, 1.3, 1.4 config.guess, 1.3, 1.4 compile, 1.3, 1.4
Message-ID: <200801282122.m0SLMoaK024867@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24762/dsgw

Modified Files:
	Makefile.am auth.c config.c configure.ac csearch.c doauth.c 
	domodify.c dsgw-httpd.conf.in dsgwgetlang.c dsgwutil.c edit.c 
	emitauth.c entrydisplay.c ldaputil.c setup.in aclocal.m4 
	configure missing install-sh Makefile.in depcomp config.sub 
	config.guess compile 
Log Message:
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Makefile.am	16 Jan 2008 22:56:02 -0000	1.7
+++ Makefile.am	28 Jan 2008 21:22:47 -0000	1.8
@@ -150,7 +150,7 @@
 	orghtml/branch-cc1.gif		orghtml/index.html		orghtml/ldap-person.gif \
 	orghtml/mag.gif			orghtml/mail.gif		orghtml/new-branch-blank.gif \
 	orghtml/new-branch-first.gif	orghtml/new-branch-straight.gif	orghtml/orgicon.gif \
-	orghtml/styles.css		orghtml/topframe.html
+	orghtml/styles.css		orghtml/topframe.html orghtml/starthelp.gif orghtml/orgchart.tmpl
 
 
 dist_config_DATA = \
@@ -253,9 +253,9 @@
         -e 's, at localstatedir\@,$(localstatedir),g' \
         -e 's, at cgibindir\@,$(cgibindir),g' \
         -e 's, at cgiuri\@,$(cgiuri),g' \
-	-e 's, at orguri\@,$(orguri),g' \
-	-e 's, at dsgwuri\@,$(dsgwuri),g' \
-	-e 's, at pburi\@,$(pburi),g' \
+	-e 's, at orguri\@, at orguri@,g' \
+	-e 's, at dsgwuri\@, at dsgwuri@,g' \
+	-e 's, at pburi\@, at pburi@,g' \
         -e 's, at cmdbindir\@,$(cmdbindir),g' \
         -e 's, at propertydir\@,$(propertydir),g' \
         -e 's, at htmldir\@,$(htmldir),g' \


Index: auth.c
===================================================================
RCS file: /cvs/dirsec/dsgw/auth.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- auth.c	14 Jan 2008 22:58:30 -0000	1.2
+++ auth.c	28 Jan 2008 21:22:47 -0000	1.3
@@ -122,3 +122,11 @@
 	
     dsgw_emit_auth_form( binddn );
 }
+
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: config.c
===================================================================
RCS file: /cvs/dirsec/dsgw/config.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- config.c	14 Jan 2008 22:58:30 -0000	1.4
+++ config.c	28 Jan 2008 21:22:47 -0000	1.5
@@ -192,6 +192,11 @@
 	gc->gc_ClientLanguage = p;
     }
 
+    /* set languages for string database */
+    SetLanguage(CLIENT_LANGUAGE,gc->gc_ClientLanguage);
+    SetLanguage(ADMIN_LANGUAGE,gc->gc_AdminLanguage);
+    SetLanguage(DEFAULT_LANGUAGE,gc->gc_DefaultLanguage);
+
     /* Set rest of config. by reading the appropriate config files */
     path = dsgw_ch_malloc( MAXPATHLEN );
 
@@ -1064,6 +1069,7 @@
 	tmp = next;
 
 	for ( inquote = 0; *next; ) {
+		size_t nextlen;
 		switch ( *next ) {
 		case '"':
 			if ( inquote ) {
@@ -1071,12 +1077,14 @@
 			} else {
 				inquote = 1;
 			}
-			strcpy( next, next + 1 );
+			nextlen = strlen(next); /* to include trailing null */
+			memmove( next, next + 1, nextlen );
 			break;
 
 #ifndef _WIN32
 		case '\\':
-			strcpy( next, next + 1 );
+			nextlen = strlen(next); /* to include trailing null */
+			memmove( next, next + 1, nextlen );
 			break;
 #endif
 


Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/dsgw/configure.ac,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- configure.ac	16 Jan 2008 22:56:02 -0000	1.6
+++ configure.ac	28 Jan 2008 21:22:47 -0000	1.7
@@ -287,8 +287,8 @@
 # URIs
 cgiuri=/cgi-bin
 dsgwuri=/dsgw
-orguri=/orgchart
-pburi=/dsgw/pbhtml
+orguri=/org
+pburi=/pb
 
 # Check for library dependencies
 m4_include(m4/nspr.m4)


Index: csearch.c
===================================================================
RCS file: /cvs/dirsec/dsgw/csearch.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- csearch.c	14 Jan 2008 22:58:30 -0000	1.2
+++ csearch.c	28 Jan 2008 21:22:47 -0000	1.3
@@ -330,3 +330,11 @@
     }
     fclose (html);
 }
+
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: doauth.c
===================================================================
RCS file: /cvs/dirsec/dsgw/doauth.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- doauth.c	15 Jan 2008 18:23:43 -0000	1.2
+++ doauth.c	28 Jan 2008 21:22:47 -0000	1.3
@@ -420,6 +420,6 @@
   emacs settings
   Local Variables:
   indent-tabs-mode: t
-  tab-width: 4
+  tab-width: 8
   End:
 */


Index: domodify.c
===================================================================
RCS file: /cvs/dirsec/dsgw/domodify.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- domodify.c	1 Jun 2006 19:43:47 -0000	1.1.1.1
+++ domodify.c	28 Jan 2008 21:22:47 -0000	1.2
@@ -1041,3 +1041,11 @@
 
     return( rc );
 }
+
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: dsgw-httpd.conf.in
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgw-httpd.conf.in,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dsgw-httpd.conf.in	14 Jan 2008 22:58:30 -0000	1.4
+++ dsgw-httpd.conf.in	28 Jan 2008 21:22:47 -0000	1.5
@@ -32,6 +32,7 @@
 
 # URI aliases for html content
 Alias @dsgwuri@ @htmldir@
+Alias @pburi@ @pbhtmldir@
 Alias @orguri@ @orghtmldir@
 
 # legacy mappings
@@ -39,6 +40,7 @@
 Alias /clients/dsgw/pbhtml @pbhtmldir@
 Alias /clients/dsgw/config @configdir@
 Alias /clients/dsgw/pbconfig @pbconfigdir@
+Alias /clients/orgchart/html @orghtmldir@
 
 # Allow access to the dsgw html files
 


Index: dsgwgetlang.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwgetlang.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dsgwgetlang.c	14 Jan 2008 22:58:30 -0000	1.3
+++ dsgwgetlang.c	28 Jan 2008 21:22:47 -0000	1.4
@@ -111,11 +111,11 @@
   the current language setting.
  *********************************************************************/
 
-static char emptyString[] = "";
+static char *emptyString = "";
  
-static char client_language[128] = "en";
-static char admin_language[128] = "en";
-static char default_language[128] = "en";
+static char *client_language;
+static char *admin_language;
+static char *default_language;
 
 PR_IMPLEMENT( void )
 SetLanguage(int type, char *language)
@@ -123,15 +123,15 @@
 	switch(type) {
 	case CLIENT_LANGUAGE:
 		if (language)
-			strcpy(client_language, language);
+			client_language = PL_strdup(language);
 		break;
 	case ADMIN_LANGUAGE:
 		if (language)
-			strcpy(admin_language, language);
+			admin_language = PL_strdup(language);
 		break;
 	case DEFAULT_LANGUAGE:
 		if (language)
-			strcpy(default_language, language);
+			default_language = PL_strdup(language);
 		break;
 	}
 	return ;
@@ -328,19 +328,19 @@
 PR_IMPLEMENT( char * )
 XP_GetClientStr(int key)
 {
-    static char staticbuf[256];
+    static char staticbuf[256] = {0};
     static char *resstring = staticbuf;
     static size_t bufsize = sizeof(staticbuf);
     int rc = 0;
     char keybuf[256];
+    char *lang = GetClientLanguage();
 
     PR_snprintf(keybuf, sizeof(keybuf), "%s%d", database_name, key);
-
-    resstring = res_getstring(i18nResource, keybuf, GetClientLanguage(),
+    resstring = res_getstring(i18nResource, keybuf, lang,
                               resstring, bufsize, &rc);
     if (rc == 1) { /* need more room */
         /* NULL means res_getstring will calculate and return needed memory */
-        resstring = res_getstring(i18nResource, keybuf, GetClientLanguage(),
+        resstring = res_getstring(i18nResource, keybuf, lang,
                                   NULL, bufsize, &rc);
         bufsize = strlen(resstring);
     }
@@ -352,4 +352,8 @@
 {
     database_name = strdup(dbname);
     i18nResource = res_init_resource(path, NULL);
+    /* set default languages for string database */
+    SetLanguage(CLIENT_LANGUAGE, "");
+    SetLanguage(ADMIN_LANGUAGE, "");
+    SetLanguage(DEFAULT_LANGUAGE, "");
 }


Index: dsgwutil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- dsgwutil.c	15 Jan 2008 18:23:43 -0000	1.5
+++ dsgwutil.c	28 Jan 2008 21:22:47 -0000	1.6
@@ -95,10 +95,6 @@
 
     /* initialize the string database */
     XP_InitStringDatabase(PROPERTYDIR, "dsgw");
-    /* set default default languages for string database */
-    SetLanguage(CLIENT_LANGUAGE, "");
-    SetLanguage(ADMIN_LANGUAGE, "");
-    SetLanguage(DEFAULT_LANGUAGE, "");
 
     if (( progname = strchr( argv[0], '/' )) == NULL ) {
 	progname = dsgw_ch_strdup( argv[0] );
@@ -178,11 +174,6 @@
 	}
     }
 
-    /* set languages for string database */
-    SetLanguage(CLIENT_LANGUAGE,gc->gc_ClientLanguage);
-    SetLanguage(ADMIN_LANGUAGE,gc->gc_AdminLanguage);
-    SetLanguage(DEFAULT_LANGUAGE,gc->gc_DefaultLanguage);
-
     /* Figure out the language that libsi18n is using */
     figure_out_langwich();
 


Index: edit.c
===================================================================
RCS file: /cvs/dirsec/dsgw/edit.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- edit.c	14 Jan 2008 22:58:30 -0000	1.2
+++ edit.c	28 Jan 2008 21:22:47 -0000	1.3
@@ -240,12 +240,10 @@
     ldap_unbind( ld );
 }
 
-
-
-
-
-
-
-
-
-
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: emitauth.c
===================================================================
RCS file: /cvs/dirsec/dsgw/emitauth.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- emitauth.c	1 Jun 2006 19:43:44 -0000	1.1.1.1
+++ emitauth.c	28 Jan 2008 21:22:47 -0000	1.2
@@ -326,9 +326,10 @@
     }
 }
 
-
-
-
-
-
-
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: entrydisplay.c
===================================================================
RCS file: /cvs/dirsec/dsgw/entrydisplay.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- entrydisplay.c	15 Jan 2008 18:23:43 -0000	1.2
+++ entrydisplay.c	28 Jan 2008 21:22:47 -0000	1.3
@@ -3199,3 +3199,11 @@
   
   return( (char *) obuf);
 }
+
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: ldaputil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/ldaputil.c,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- ldaputil.c	1 Jun 2006 19:43:43 -0000	1.1.1.1
+++ ldaputil.c	28 Jan 2008 21:22:47 -0000	1.2
@@ -1153,22 +1153,28 @@
     char *dnp;
     int i;
     char **rdns;
+    size_t len;
 
-    if ( dn == NULL ) {
+    if ( dn == NULL || !*dn ) {
 	return( NULL );
     }
 
-    dnp = dsgw_ch_malloc( strlen( dn ));
+    len = strlen(dn);
+    dnp = dsgw_ch_malloc( len );
     dnp[ 0 ] = '\0';
     if (( rdns = ldap_explode_dn( dn, 0 )) == NULL ) {
+	free(dnp);
 	return NULL;
     }
-    for ( i = 1; rdns[ i ] != NULL; i++ ) {
+    for ( i = 1; (rdns[0] != NULL) && (rdns[ i ] != NULL); i++ ) {
 	strcat( dnp, rdns[ i ] );
 	strcat( dnp, "," );
     }
     /* Get rid of the trailing "," we just appended */
-    dnp[ strlen( dnp ) - 1 ] = '\0';
+    len = strlen(dnp);
+    if (len > 0) {
+	dnp[ len - 1 ] = '\0';
+    }
     ldap_value_free( rdns );
     return( dnp );
 }
@@ -1566,3 +1572,11 @@
 	}
     }
 }
+
+/*
+  emacs settings
+  Local Variables:
+  indent-tabs-mode: t
+  tab-width: 8
+  End:
+*/


Index: setup.in
===================================================================
RCS file: /cvs/dirsec/dsgw/setup.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- setup.in	2 Jun 2006 22:57:17 -0000	1.2
+++ setup.in	28 Jan 2008 21:22:47 -0000	1.3
@@ -182,6 +182,7 @@
     port=`getValFromInf ServerPort $inffile`
     suffix=`getValFromInf Suffix $inffile`
     dirmgr=`getValFromInf RootDN $inffile`
+    httpport=`getValFromInf Port $inffile`
 fi
 
 # if silent mode, do not run the pre-installer programs
@@ -242,6 +243,7 @@
 # generate dsgw.conf and pb.conf and default.conf in the @contextdir@ directory
 sed -e "s#@host@#$hostname#g" \
     -e "s#@port@#$port#g" \
+    -e "s#@httpport@#$httpport#g" \
     -e "s#@suffix@#$suffix#g" \
     -e "s#@dirmgr@#$dirmgr#g" \
     -e "s#\@contextdir\@#@contextdir@#g" \
@@ -249,11 +251,20 @@
 
 sed -e "s#@host@#$hostname#g" \
     -e "s#@port@#$port#g" \
+    -e "s#@httpport@#$httpport#g" \
     -e "s#@suffix@#$suffix#g" \
     -e "s#@dirmgr@#$dirmgr#g" \
     -e "s#\@contextdir\@#@contextdir@#g" \
     @pbconfigdir@/pb.tmpl > @contextdir@/pb.conf
 
+sed -e "s#@host@#$hostname#g" \
+    -e "s#@port@#$port#g" \
+    -e "s#@httpport@#$httpport#g" \
+    -e "s#@suffix@#$suffix#g" \
+    -e "s#@dirmgr@#$dirmgr#g" \
+    -e "s#\@contextdir\@#@contextdir@#g" \
+    @orghtmldir@/orgchart.tmpl > @contextdir@/orgchart.conf
+
 # the default.conf is just a copy of dsgw.conf
 cp @contextdir@/dsgw.conf @contextdir@/default.conf
 




Index: configure
===================================================================
RCS file: /cvs/dirsec/dsgw/configure,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- configure	16 Jan 2008 22:56:02 -0000	1.7
+++ configure	28 Jan 2008 21:22:47 -0000	1.8
@@ -21569,8 +21569,8 @@
 # URIs
 cgiuri=/cgi-bin
 dsgwuri=/dsgw
-orguri=/orgchart
-pburi=/dsgw/pbhtml
+orguri=/org
+pburi=/pb
 
 # Check for library dependencies
 # BEGIN COPYRIGHT BLOCK






Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Makefile.in	16 Jan 2008 22:56:02 -0000	1.7
+++ Makefile.in	28 Jan 2008 21:22:47 -0000	1.8
@@ -456,7 +456,7 @@
 	orghtml/branch-cc1.gif		orghtml/index.html		orghtml/ldap-person.gif \
 	orghtml/mag.gif			orghtml/mail.gif		orghtml/new-branch-blank.gif \
 	orghtml/new-branch-first.gif	orghtml/new-branch-straight.gif	orghtml/orgicon.gif \
-	orghtml/styles.css		orghtml/topframe.html
+	orghtml/styles.css		orghtml/topframe.html orghtml/starthelp.gif orghtml/orgchart.tmpl
 
 dist_config_DATA = \
 	config/authPassword.html          config/dsgw-l10n.conf \
@@ -531,9 +531,9 @@
         -e 's, at localstatedir\@,$(localstatedir),g' \
         -e 's, at cgibindir\@,$(cgibindir),g' \
         -e 's, at cgiuri\@,$(cgiuri),g' \
-	-e 's, at orguri\@,$(orguri),g' \
-	-e 's, at dsgwuri\@,$(dsgwuri),g' \
-	-e 's, at pburi\@,$(pburi),g' \
+	-e 's, at orguri\@, at orguri@,g' \
+	-e 's, at dsgwuri\@, at dsgwuri@,g' \
+	-e 's, at pburi\@, at pburi@,g' \
         -e 's, at cmdbindir\@,$(cmdbindir),g' \
         -e 's, at propertydir\@,$(propertydir),g' \
         -e 's, at htmldir\@,$(htmldir),g' \











From fedora-directory-commits at redhat.com  Mon Jan 28 21:22:50 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Mon, 28 Jan 2008 16:22:50 -0500
Subject: [Fedora-directory-commits] dsgw/orgbin myorg.in, 1.1, 1.2 org.in,
	1.1, 1.2
Message-ID: <200801282122.m0SLMojU024894@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/orgbin
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24762/dsgw/orgbin

Modified Files:
	myorg.in org.in 
Log Message:
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent


Index: myorg.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orgbin/myorg.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- myorg.in	11 Jan 2008 21:58:10 -0000	1.1
+++ myorg.in	28 Jan 2008 21:22:48 -0000	1.2
@@ -42,8 +42,7 @@
 #set ts=4
 
 $|=1;
-print "Content-type: te at orguri@;charset=UTF-8\n\n";
-#print "Content-type: te at orguri@\n\n";
+print "Content-type: text/html;charset=UTF-8\n\n";
 
 #
 #  Read orgchart.conf settings for MyOrgChart-specific items
@@ -66,7 +65,7 @@
 
 &print_body(); 
 
-print @orguri@>";
+print "";
 
 exit(0);
 


Index: org.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orgbin/org.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- org.in	11 Jan 2008 21:58:10 -0000	1.1
+++ org.in	28 Jan 2008 21:22:48 -0000	1.2
@@ -2027,7 +2027,7 @@
 
 	if ( $js_output ne "with-javascript" )
 	{
-		print "     \n";
+		print "     \n";
 	}
 	if ( $js_output eq "with-javascript" )
 	{



From fedora-directory-commits at redhat.com  Mon Jan 28 21:22:51 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Mon, 28 Jan 2008 16:22:51 -0500
Subject: [Fedora-directory-commits] dsgw/pbconfig pb.tmpl.in,1.1,1.2
Message-ID: <200801282122.m0SLMpOT024907@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/pbconfig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24762/dsgw/pbconfig

Modified Files:
	pb.tmpl.in 
Log Message:
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent


Index: pb.tmpl.in
===================================================================
RCS file: /cvs/dirsec/dsgw/pbconfig/pb.tmpl.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- pb.tmpl.in	14 Jan 2008 22:31:23 -0000	1.1
+++ pb.tmpl.in	28 Jan 2008 21:22:49 -0000	1.2
@@ -44,7 +44,7 @@
 
 securitypath  "@contextdir@"
 
-url-orgchart-base     http://@host@:@port@/clients/orgchart/bin/org?context=pb&data=
+url-orgchart-base     http://@host@:@httpport@@cgiuri@/org?context=pb&data=
 
 # The attribute the orgchart uses to search for entries.
 # This value should correspond to the value of attrib-farleft-rdn



From fedora-directory-commits at redhat.com  Mon Jan 28 21:22:51 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Mon, 28 Jan 2008 16:22:51 -0500
Subject: [Fedora-directory-commits] dsgw/orghtml orgchart.tmpl.in, NONE,
	1.1 botframe.html, 1.1, 1.2 topframe.html.in, 1.1, 1.2
Message-ID: <200801282122.m0SLMpgs024900@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/orghtml
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24762/dsgw/orghtml

Modified Files:
	botframe.html topframe.html.in 
Added Files:
	orgchart.tmpl.in 
Log Message:
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent


--- NEW FILE orgchart.tmpl.in ---
#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
# 
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
# 
# In addition, as a special exception, Red Hat, Inc. gives You the additional
# right to link the code of this Program with code not covered under the GNU
# General Public License ("Non-GPL Code") and to distribute linked combinations
# including the two, subject to the limitations in this paragraph. Non-GPL Code
# permitted under this exception must only link to the code of this Program
# through those well defined interfaces identified in the file named EXCEPTION
# found in the source code files (the "Approved Interfaces"). The files of
# Non-GPL Code may instantiate templates or use macros or inline functions from
# the Approved Interfaces without causing the resulting work to be covered by
# the GNU General Public License. Only Red Hat, Inc. may make changes or
# additions to the list of Approved Interfaces. You must obey the GNU General
# Public License in all respects for all of the Program code and other code used
# in conjunction with the Program except the Non-GPL Code covered by this
# exception. If you modify this file, you may extend this exception to your
# version of the file, but you are not obligated to do so. If you do not wish to
# provide this exception without modification, you must delete this exception
# statement from your version and license this file solely under the GPL without
# exception. 
# 
# 
# Copyright (C) 2005 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
#

#############
#
#
#  Configuration file for Directory Server Org Chart
#  ----------------------------------------------------------
#
#
#############


#
#   Blank lines in this file, as well as lines that
#   start with at least one "#" character, are both ignored.
#
#
#   Name/Value pairs below are (and need to be) separated with
#   one or more tabs  (or spaces)
#
ldap-host	@host@
ldap-port	@port@
ldap-search-base	@suffix@

#
#  If you would like to have the phonebook icon visible, you must
#  supply the partial phonebook URL below, which will have each
#  given user's DN attribute value concatenated to the end.
#
#  For example, you could specify below something close to:
#
#      url-phonebook-base      http://hostname.domain.com/dsgw/bin/dosearch?context=default&hp=localhost&dn=
#

url-phonebook-base	http://@host@:@httpport@@cgiuri@/dosearch?context=pb&hp=@host@:@port@&dn=

#
#   A name that has no value after it equates to "" for the value, 
#   like the two below settings.
#
#   Not listing an entire name/value pair at all in this file
#   sets its value to "" as well.
#
#   So the below two names therefore don't even need to be in this file
#   (but are here to show them as possible options that can be changed).
#
#   Having no value below for "ldap-bind-dn" and "ldap-bind-pass"
#   indicates that you want anonymous binding to the LDAP server.
#

ldap-bind-dn	
ldap-bind-pass

#
#   Allowed values for below icon-related setting:
#
#	forefront	means show this icon next to the person's name 
#	layer		means show this icon inside the person's floating layer
#	no			means never show this icon anywhere, but MyOrgChart settings can override this setting.
#	disabled	means never show this icon. Period. So MyOrgChart will not even show this icon as a setting.
#

icons-aim-visible		disabled
icons-email-visible		layer
icons-phonebook-visible		forefront
icons-locator-visible		disabled

#
#  There is also the same concept below for a person-locator
#  type application, to show graphically where a given employee's office is located.
#  You also specify the partial URL, up until where the user's URL-
#  encoded cn value will be concatenated.
#
#	url-locator-base        http://hostname.domain.com/submit.cgi?empfullname=
#

url-locator-base	http://maps.example.com/submit2.cgi?r_loc=



#
#  This is where you specify which specific LDAP attributes
#  from your LDAP server that you would like used for both org chart
#  generation as well as final display values.
#
#  The value of the attribute specified for "attrib-job-title" will
#  be listed below anybody's name that is listed in their own box.
#  If you don't specify this setting in this file, the default used
#  will be "title".
#
#  For "attrib-farleft-rdn", this specifies which attribute you are
#  using as the leftmost RDN for the DN's of your user entries.
#

attrib-job-title    title
attrib-manager      manager
attrib-farleft-rdn  uid

#
#  This is where you specify the maximum levels that are allowed
#  to be generated for any given org chart, and the MyOrgChart version
#  of this setting will never be allowed to be higher than the below.
#
#  A "level" is defined as a reporting level, meaning that if you 
#  generate an org chart for a given director, all direct reports to him
#  (whether they have people below them or not) are level 1, people below
#  any of them are level 2, etc.
#
#  So a setting of 1 would list the full name of the user entered, and
#  then just people that directly report to that person only.
#
#  The purpose of having this configuration setting is to give you
#  control over users that may try to generate an org chart on the
#  CEO of a company, and heavily tax the LDAP server to generate
#  an org chart that may be thousands of people deep.
#
#  If this setting is not listed below, the default is 3.
#
#  The valid range of values for this setting would be a minimum of 1,
#  with no hard-coded maximum.
#

max-levels-drawn	3

#
#  The below setting relates to whether a specific assumption should be made
#  on all values that you currently have stored for your manager LDAP attribute. 
#
#  The assumption:	That all user entries are stored in LDAP on the
#			same flat level location, at least for a given
#			group of people that org charts will be generated for.
#
#  So when you enter:
#
#	Steve Jones
#
#  to generate an org chart on, which let's say equates to this DN:
#
#	uid=sjones, ou=People, dc=acme, dc=com
#
#  then should this application assume that the manager attrib value
#  of this entry is in this same location as Steve Jones:
#
#	manager =  "uid=XXXXXX, ou=People, dc=acme, dc=com" 
#
#  or is it possible that the manager's LDAP entry is at another level?
#
#
#  The below two options for this setting specifies one of two scenarios, 
#  based on how you have configured your directory information tree:
#
#
#  Either the value:
#
#	same		This means assume the same location (such as 
#			"ou=People, dc=acme, dc=com" above) that the inital
#			user entry is found at for all subsequent entries
#			involved in drawing that given org chart.
#
#			In other words, this setting assumes a totally
#			flat namespace, at least for all users that will
#			be in a given generated org chart.
#
#	search		This means there is no guarantee that other entries
#			that need to be discovered to draw the org chart
#			are in the same area of the directory tree, so when
#			searching the manager attribute DN values for a given
#			exact uid, search like this instead:  
#
#				manager = "uid=sjones,*"
#
#			This will be much more expensive of a search, so
#			if you fit this scenario, at least make sure on your LDAP
#			server that you have the substring index created for your
#			manager attribute, to make drawing the org chart as fast
#			as possible.
#
#  Default value (if this setting is not listed in this file):  same
#


manager-DN-location	same


#
#	This setting helps you configure against users entering LDAP  
#	queries for "A" or "MI" and then taxing the LDAP server by asking
#	for thousands of search results back.
#
#	The value you specify below for "min-chars-searchstring" means
#	that the user must enter AT LEAST this many characters for 
#	their request to even make it to the LDAP server.  If they type
#	less characters than this setting, they will get a message that
#	they need to enter at least X characters to search, where X will
#	be the below value.
#
#	NOTE: This setting purposely does not apply to allowing a user
#	to search for an exact UID (to avoid search results).  The logic
#	is that:
#
#	[1] Search LDAP for an equality search of (uid=XXXX), regardless
#	of both this below setting / how many characters were entered.
#
#	[2] If this single LDAP entry was not found, then make sure the
#	number of characters entered for the search are at least the below
#	number of characters, before sending a broader search to LDAP. 
#
#	If this setting is not configured below (the line is absent),
#	the default value used is 4.

min-chars-searchstring		4

#	Allowed characters in search filters.  If the user enters a search that
#	contains a character not in the allowed-filter-chars list, the user
#	will be notified the search needs to be modified.

allowed-filter-chars abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 _-


Index: botframe.html
===================================================================
RCS file: /cvs/dirsec/dsgw/orghtml/botframe.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- botframe.html	11 Jan 2008 21:58:10 -0000	1.1
+++ botframe.html	28 Jan 2008 21:22:48 -0000	1.2
@@ -57,6 +57,6 @@
 

 

 


-
+
 
 


Index: topframe.html.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orghtml/topframe.html.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- topframe.html.in	11 Jan 2008 21:58:10 -0000	1.1
+++ topframe.html.in	28 Jan 2008 21:22:48 -0000	1.2
@@ -100,12 +100,12 @@
 		
 		

 			
-			
-			
+				
+				
 			
-			
-			
 		
+		
+		
 		
 	 
 	



From fedora-directory-commits at redhat.com  Wed Jan 30 02:22:48 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Tue, 29 Jan 2008 21:22:48 -0500
Subject: [Fedora-directory-commits] dsgw setup-ds-dsgw.in, NONE,
	1.1 Makefile.am, 1.8, 1.9 csearch.c, 1.3, 1.4 dsgwgetlang.c,
	1.4, 1.5 dsgwutil.c, 1.6, 1.7 aclocal.m4, 1.5, 1.6 configure,
	1.8, 1.9 missing, 1.4, 1.5 install-sh, 1.4, 1.5 Makefile.in,
	1.8, 1.9 depcomp, 1.4, 1.5 config.sub, 1.4, 1.5 config.guess,
	1.4, 1.5 compile, 1.4, 1.5 setup.in, 1.3, NONE
Message-ID: <200801300222.m0U2MmrC020829@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw

Modified Files:
	Makefile.am csearch.c dsgwgetlang.c dsgwutil.c aclocal.m4 
	configure missing install-sh Makefile.in depcomp config.sub 
	config.guess compile 
Added Files:
	setup-ds-dsgw.in 
Removed Files:
	setup.in 
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it



--- NEW FILE setup-ds-dsgw.in ---
#!/bin/sh
#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
# 
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
# 
# Copyright (C) 2006 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
#

###########################
#
# This shell script provides a way to set up a new installation after
# the binaries have already been extracted.  This is typically after
# using native packaging support to install the package e.g. RPM,
# pkgadd, depot, etc.  This script will show the license, readme,
# dsktune, then run the usual setup pre and post installers.  This
# script should be run from the server root directory since it uses
# pwd to get the server root directory.
#
##########################

getValFromInf() {
	cattr=$1
	cfile=$2
	rval=`grep -i ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*=[ 	]*//"`
	echo $rval
}

getValFromConf() {
	cattr=$1
	cfile=$2
	rval=`grep -i ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*//"`
	echo $rval
}

getValFromLdif() {
	cattr=$1
	cfile=$2
    num=${3:-1}
	rval=`grep -i ^$cattr: $cfile | head -$num | sed -e "s/^$cattr:[ 	]*//"`
	echo $rval
}

# e.g. /etc/dirsrv/dsgw
dsgwconfigdir="@contextdir@"
basecfgdir=`dirname $dsgwconfigdir`
# default security dir
securitydir="@securitydir@"
defaultsecdir=1
httpdconf="@httpdconf@"

# see if there is a $dsgwconfigdir/../admin-serv
admservdir=$basecfgdir/admin-serv
if [ -f "$admservdir/local.conf" ] ; then
    host=`getValFromLdif serverHostName "$admservdir/local.conf"`
    port=`getValFromLdif configuration.nsServerPort "$admservdir/local.conf"`
    sec=`getValFromLdif configuration.nsServerSecurity "$admservdir/local.conf"`
    if [ "$sec" = "on" ] ; then
        httpurl="https://$host:$port"
        if [ -n "$defaultsecdir" ] ; then
            securitydir="$admservdir"
            defaultsecdir=
        fi
    else
        httpurl="http://$host:$port"
    fi
    httpdconf=$admservdir/httpd.conf
fi

# see if there are any directory servers here
for dir in $basecfgdir/slapd-* ; do
    case "$dir" in
    *.deleted) continue ;;
    esac
    if [ -d "$dir" -a -f "$dir/dse.ldif" ] ; then
        dirmgr=`getValFromLdif nsslapd-rootdn "$dir/dse.ldif"`
        host=`getValFromLdif nsslapd-localhost "$dir/dse.ldif"`
        sec=`getValFromLdif nsslapd-security "$dir/dse.ldif"`
        if [ "$sec" = "on" ] ; then
            port=`getValFromLdif nsslapd-secureport "$dir/dse.ldif"`
            ldapurl="ldaps://$host:$port"
            if [ -n "$defaultsecdir" ] ; then
                securitydir="$dir"
                defaultsecdir=
            fi
        else
            port=`getValFromLdif nsslapd-port "$dir/dse.ldif"`
            ldapurl="ldap://$host:$port"
        fi
        # get suffix
        suffixlist="`getValFromLdif nsslapd-suffix $dir/dse.ldif 2`"
        for suffix in $suffixlist ; do
            case $suffix in
            *netscaperoot) ;;
            *NetscapeRoot) ;;
            *) break ;; # find the first non-netscaperoot suffix
            esac
        done
    fi
done

# get command line arguments

myargs=
silent=
inffile=
tmpinffile=
nextisinffile=
keepinffile=
for arg in "$@" ; do
	if [ "$arg" = "-s" ]; then
		silent=1
	elif [ "$arg" = "-k" ]; then
		keepinffile=1
	elif [ "$arg" = "-f" ]; then
		nextisinffile=1
	elif [ $nextisinffile ]; then
		inffile="$arg"
		nextisinffile=
	else
		myargs="$myargs $arg"
	fi
done

if [ -f "$inffile" ] ; then
    hostname=`getValFromInf FullMachineName $inffile`
    port=`getValFromInf ServerPort $inffile`
    suffix=`getValFromInf Suffix $inffile`
    dirmgr=`getValFromInf RootDN $inffile`
    httpport=`getValFromInf Port $inffile`
    httpurl="http://$host:$httpport"
    ldapurl="ldap://$host:$port"
fi

# generate dsgw.conf and pb.conf and default.conf in the $dsgwconfigdir directory
sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitypath.*\$#securitypath $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    @configdir@/dsgw.tmpl > $dsgwconfigdir/dsgw.conf

sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitypath.*\$#securitypath $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    @pbconfigdir@/pb.tmpl > $dsgwconfigdir/pb.conf

sed -e "s#@host@#$hostname#g" \
    -e "s#@port@#$port#g" \
    -e "s#@httpport@#$httpport#g" \
    -e "s#@suffix@#$suffix#g" \
    -e "s#@dirmgr@#$dirmgr#g" \
    -e "s#^securitydir.*\$#securitydir $securitydir#g" \
    -e "s#@ldapurl@#$ldapurl#g" \
    -e "s#@httpurl@#$httpurl#g" \
    @orghtmldir@/orgchart.tmpl > $dsgwconfigdir/orgchart.conf

# the default.conf is just a copy of dsgw.conf
cp $dsgwconfigdir/dsgw.conf $dsgwconfigdir/default.conf

# tell Apache about the dsgw - must restart Apache
grep dsgw-httpd.conf "$httpdconf" > /dev/null 2>&1 || (echo "" ; echo "# DSGW configuration" ; echo "Include $dsgwconfigdir/dsgw-httpd.conf") >> $httpdconf

echo "The DSGW has been successfully configured."
if [ $isAdmServ ] ; then
    echo "Please restart the Admin Server - /path/to/start-admin "
else
    echo "Please restart Apache e.g."
    echo "    service httpd restart"
    echo "    OR"
    echo "    apachectl restart"
    echo "or however you restart apache on this system."
fi

exit 0


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- Makefile.am	28 Jan 2008 21:22:47 -0000	1.8
+++ Makefile.am	30 Jan 2008 02:22:46 -0000	1.9
@@ -194,7 +194,7 @@
 dist_gwinfo_DATA = html/info/infonav.html
 
 nodist_context_DATA = dsgw-httpd.conf
-#nodist_context_SCRIPTS = setup-dirsrv-gw
+nodist_bin_SCRIPTS = setup-ds-dsgw
 
 # add more here for localized bundles
 nodist_property_DATA = root.res en.res en_US.res


Index: csearch.c
===================================================================
RCS file: /cvs/dirsec/dsgw/csearch.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- csearch.c	28 Jan 2008 21:22:47 -0000	1.3
+++ csearch.c	30 Jan 2008 02:22:46 -0000	1.4
@@ -253,14 +253,17 @@
 
 	    } else if ( dsgw_directive_is( line, "DS_CSEARCH_TYPE_FORM" )) {
 		dsgw_form_begin ("searchTypeForm",
-				 "action=\"%s?file=attr\" target=searchAttrFrame", 
+				 "action=\"%s\" target=searchAttrFrame", 
 				 dsgw_getvp( DSGW_CGINUM_CSEARCH));
-		dsgw_emits("\n");
+		dsgw_emits ("\n"
+			    "\n");
 
 	    } else if ( dsgw_directive_is( line, "DS_CSEARCH_ATTR_FORM" )) {
 		dsgw_form_begin ("searchAttrForm",
-				 "action=\"%s?file=match\" target=searchMatchFrame", 
+				 "action=\"%s\" target=searchMatchFrame", 
 				 dsgw_getvp( DSGW_CGINUM_CSEARCH));
+		dsgw_emits ("\n"
+			    "\n");
 		dsgw_emits("\n");
 		{
 		    auto char* searchType = dsgw_get_cgi_var ("searchType", DSGW_CGIVAR_OPTIONAL);


Index: dsgwgetlang.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwgetlang.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- dsgwgetlang.c	28 Jan 2008 21:22:47 -0000	1.4
+++ dsgwgetlang.c	30 Jan 2008 02:22:46 -0000	1.5
@@ -319,30 +319,24 @@
 }
 
 /*
-  Note: This reuses a single static buffer to avoid memory leakage.
-  If the caller needs an actual unique copy, then we have two options
-  1) revert the code to just leak the string - probably ok as this is
-     CGI code not long running server code
-  2) have the caller free the pointer after use
+  Note: This function returns allocated memory.  Most of the callers in the
+  dsgw do not free this memory - they prefer to use exit() for free() - which
+  is usually fine for short lived CGI programs - so if you use valgrind you
+  will see a lot of memory leakage around this function
 */
 PR_IMPLEMENT( char * )
 XP_GetClientStr(int key)
 {
-    static char staticbuf[256] = {0};
-    static char *resstring = staticbuf;
-    static size_t bufsize = sizeof(staticbuf);
     int rc = 0;
     char keybuf[256];
     char *lang = GetClientLanguage();
+    char *resstring = NULL;
 
     PR_snprintf(keybuf, sizeof(keybuf), "%s%d", database_name, key);
     resstring = res_getstring(i18nResource, keybuf, lang,
-                              resstring, bufsize, &rc);
-    if (rc == 1) { /* need more room */
-        /* NULL means res_getstring will calculate and return needed memory */
-        resstring = res_getstring(i18nResource, keybuf, lang,
-                                  NULL, bufsize, &rc);
-        bufsize = strlen(resstring);
+                              NULL, 0, &rc);
+    if (rc) {
+        dsgw_emitf("The message keyword id [%d] was not found\n", key);
     }
     return resstring;
 }


Index: dsgwutil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgwutil.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- dsgwutil.c	28 Jan 2008 21:22:47 -0000	1.6
+++ dsgwutil.c	30 Jan 2008 02:22:46 -0000	1.7
@@ -1319,7 +1319,7 @@
                 httpsstr = "s";
             }
             server_url = PR_smprintf("http%s://%s:%s", httpsstr,
-                                     getenv("HTTP_HOST"), getenv("SERVER_PORT"));
+                                     getenv("SERVER_NAME"), getenv("SERVER_PORT"));
         }
     }
 










Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- Makefile.in	28 Jan 2008 21:22:47 -0000	1.8
+++ Makefile.in	30 Jan 2008 02:22:46 -0000	1.9
@@ -88,11 +88,11 @@
 am__EXEEXT_1 = unauth$(EXEEXT) search$(EXEEXT) csearch$(EXEEXT) \
 	newentry$(EXEEXT) tutor$(EXEEXT) lang$(EXEEXT)
 am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" \
-	"$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" \
-	"$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" \
-	"$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" \
-	"$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" \
-	"$(DESTDIR)$(propertydir)"
+	"$(DESTDIR)$(bindir)" "$(DESTDIR)$(configdir)" \
+	"$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" \
+	"$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" \
+	"$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" \
+	"$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"
 cgibinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
 PROGRAMS = $(cgibin_PROGRAMS) $(noinst_PROGRAMS)
 am__objects_1 = htmlout.$(OBJEXT) htmlparse.$(OBJEXT) error.$(OBJEXT) \
@@ -145,7 +145,8 @@
 unauth_OBJECTS = $(am_unauth_OBJECTS)
 unauth_LDADD = $(LDADD)
 cgibinSCRIPT_INSTALL = $(INSTALL_SCRIPT)
-SCRIPTS = $(cgibin_SCRIPTS)
+nodist_binSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+SCRIPTS = $(cgibin_SCRIPTS) $(nodist_bin_SCRIPTS)
 DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
@@ -498,7 +499,7 @@
 
 dist_gwinfo_DATA = html/info/infonav.html
 nodist_context_DATA = dsgw-httpd.conf
-#nodist_context_SCRIPTS = setup-dirsrv-gw
+nodist_bin_SCRIPTS = setup-ds-dsgw
 
 # add more here for localized bundles
 nodist_property_DATA = root.res en.res en_US.res
@@ -705,6 +706,25 @@
 	  echo " rm -f '$(DESTDIR)$(cgibindir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(cgibindir)/$$f"; \
 	done
+install-nodist_binSCRIPTS: $(nodist_bin_SCRIPTS)
+	@$(NORMAL_INSTALL)
+	test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)"
+	@list='$(nodist_bin_SCRIPTS)'; for p in $$list; do \
+	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+	  if test -f $$d$$p; then \
+	    f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+	    echo " $(nodist_binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(bindir)/$$f'"; \
+	    $(nodist_binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(bindir)/$$f"; \
+	  else :; fi; \
+	done
+
+uninstall-nodist_binSCRIPTS:
+	@$(NORMAL_UNINSTALL)
+	@list='$(nodist_bin_SCRIPTS)'; for p in $$list; do \
+	  f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
+	  echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
+	  rm -f "$(DESTDIR)$(bindir)/$$f"; \
+	done
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -1109,7 +1129,7 @@
 check: check-am
 all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(DATA) config.h
 installdirs:
-	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
+	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
 	  test -z "$$dir" || $(mkdir_p) "$$dir"; \
 	done
 install: install-am
@@ -1166,7 +1186,7 @@
 	install-dist_pbhtmlDATA install-nodist_contextDATA \
 	install-nodist_propertyDATA
 
-install-exec-am:
+install-exec-am: install-nodist_binSCRIPTS
 
 install-info: install-info-am
 
@@ -1199,7 +1219,8 @@
 	uninstall-dist_htmlDATA uninstall-dist_maninstDATA \
 	uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \
 	uninstall-dist_pbhtmlDATA uninstall-info-am \
-	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA
+	uninstall-nodist_binSCRIPTS uninstall-nodist_contextDATA \
+	uninstall-nodist_propertyDATA
 
 .PHONY: CTAGS GTAGS all all-am am--refresh check check-am clean \
 	clean-cgibinPROGRAMS clean-generic clean-libtool \
@@ -1215,16 +1236,17 @@
 	install-dist_orghtmlDATA install-dist_pbconfigDATA \
 	install-dist_pbhtmlDATA install-exec install-exec-am \
 	install-info install-info-am install-man \
-	install-nodist_contextDATA install-nodist_propertyDATA \
-	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
-	mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
-	pdf pdf-am ps ps-am tags uninstall uninstall-am \
-	uninstall-cgibinPROGRAMS uninstall-cgibinSCRIPTS \
-	uninstall-dist_configDATA uninstall-dist_gwinfoDATA \
-	uninstall-dist_htmlDATA uninstall-dist_maninstDATA \
-	uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \
-	uninstall-dist_pbhtmlDATA uninstall-info-am \
+	install-nodist_binSCRIPTS install-nodist_contextDATA \
+	install-nodist_propertyDATA install-strip installcheck \
+	installcheck-am installdirs maintainer-clean \
+	maintainer-clean-generic mostlyclean mostlyclean-compile \
+	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	tags uninstall uninstall-am uninstall-cgibinPROGRAMS \
+	uninstall-cgibinSCRIPTS uninstall-dist_configDATA \
+	uninstall-dist_gwinfoDATA uninstall-dist_htmlDATA \
+	uninstall-dist_maninstDATA uninstall-dist_orghtmlDATA \
+	uninstall-dist_pbconfigDATA uninstall-dist_pbhtmlDATA \
+	uninstall-info-am uninstall-nodist_binSCRIPTS \
 	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA
 
 










--- setup.in DELETED ---



From fedora-directory-commits at redhat.com  Wed Jan 30 02:22:48 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Tue, 29 Jan 2008 21:22:48 -0500
Subject: [Fedora-directory-commits] dsgw/config dsgw.tmpl.in,1.2,1.3
Message-ID: <200801300222.m0U2Mmm5020847@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/config
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw/config

Modified Files:
	dsgw.tmpl.in 
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it



Index: dsgw.tmpl.in
===================================================================
RCS file: /cvs/dirsec/dsgw/config/dsgw.tmpl.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- dsgw.tmpl.in	28 Jan 2008 21:22:48 -0000	1.2
+++ dsgw.tmpl.in	30 Jan 2008 02:22:46 -0000	1.3
@@ -36,15 +36,15 @@
 # All rights reserved.
 # END COPYRIGHT BLOCK
 
-baseurl       "ldap://@host@:@port@/@suffix@"
+baseurl       "@ldapurl@/@suffix@"
 
 dirmgr        "@dirmgr@"
 
 location-suffix       @suffix@
 
-securitypath  "@contextdir@"
+securitypath  "@securitydir@"
 
-url-orgchart-base     http://@host@:@httpport@@cgiuri@/org?context=dsgw&data=
+url-orgchart-base     @httpurl@@cgiuri@/org?context=dsgw&data=
 
 # The attribute the orgchart uses to search for entries.
 # This value should correspond to the value of attrib-farleft-rdn



From fedora-directory-commits at redhat.com  Wed Jan 30 02:22:49 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Tue, 29 Jan 2008 21:22:49 -0500
Subject: [Fedora-directory-commits] dsgw/orgbin org.in,1.2,1.3
Message-ID: <200801300222.m0U2MnCR020853@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/orgbin
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw/orgbin

Modified Files:
	org.in 
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it



Index: org.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orgbin/org.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- org.in	28 Jan 2008 21:22:48 -0000	1.2
+++ org.in	30 Jan 2008 02:22:46 -0000	1.3
@@ -56,6 +56,7 @@
 
 use Mozilla::LDAP::Conn;
 use Mozilla::LDAP::Utils qw(:all);
+use Mozilla::LDAP::API qw(:constant ldap_url_parse ldap_explode_dn);
 
 use CGI;
 $cg = new CGI;
@@ -407,13 +408,26 @@
     local ($search) = "$config_tokens{'attrib-manager'}=$manager";
     local ($entry);
     local ($conn);
+    my $h = ldap_url_parse($config_tokens{"ldap-url"});
+    my $host = $h->{host};
+    my $port = $h->{port};
+    my $securitydir;
+    if ($h->{options} & LDAP_URL_OPT_SECURE) {
+		$securitydir = $config_tokens{"securitydir"};
+		if ($securitydir eq "none") {
+			&output_html_header("no-javascript");
+			print "

The orgchart config specifies to use TLS/SSL $config_tokens{\"ldap-url\"} but no securitydir has been configured 

";
+			print "\n";
+			exit (0);
+		}
+    }
 
-    $conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
-    die "Could't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
+    $conn = new Mozilla::LDAP::Conn($host, $port, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"}, $securitydir);
+    die "Could't connect to LDAP server $config_tokens{\"ldap-url\"}" unless $conn;
     $entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0, @return_attribs);
 
     $display_indent += 1;
-		
+
     while ($entry) 
 	{
 		if (not_terminated($entry) && not_own_manager($entry))
@@ -980,9 +994,11 @@
 	exit;
 }
 
-%config_tokens = ( 	"ldap-host","none", 
+%config_tokens = (	"ldap-url","none",
+					"ldap-host","none", 
 					"ldap-port","none",
 					"ldap-search-base","none",
+					"securitydir","none",
 					"ldap-bind-dn","",
 					"ldap-bind-pass","",
 					"icons-aim-visible","no",
@@ -1012,21 +1028,37 @@
 
 close (FILE);
 
+my $haveurl = 1;
+my $havehost = 1;
+my $haveport = 1;
+
+if ( $config_tokens{"ldap-url"} eq "none" )
+{
+	$haveurl = 0;
+}
 
 if ( $config_tokens{"ldap-host"} eq "none" )
 {
-	&output_html_header("no-javascript");
-	print "

The administrator of this application needs to configure an LDAP host to use.

";
-	print "\n";
-	exit(0);
+	$havehost = 0;
 }
+
 if ( $config_tokens{"ldap-port"} eq "none" )
 {
+	$haveport = 0;
+}
+
+if ( !$haveurl and (!$havehost or !$haveport) )
+{
 	&output_html_header("no-javascript");
-	print "

The administrator of this application needs to configure an LDAP port number to use.

";
+	print "

The administrator of this application needs to configure an LDAP URL, or an LDAP host and port number to use.

";
 	print "\n";
 	exit(0);
 }
+
+if ( !$haveurl ) {
+	$config_tokens{"ldap-url"} = "ldap://" . $config_tokens{"ldap-host"} . ":" . $config_tokens{"ldap-port"};
+}
+
 if ( $config_tokens{"ldap-search-base"} eq "none" )
 {
 	&output_html_header("no-javascript");
@@ -1258,8 +1290,21 @@
 
 	$search = "$config_tokens{'attrib-farleft-rdn'}=" . $uid;
 
-	$conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
-	die	"Couldn't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
+	my $h = ldap_url_parse($config_tokens{"ldap-url"});
+	my $host = $h->{host};
+	my $port = $h->{port};
+	my $securitydir;
+	if ($h->{options} & LDAP_URL_OPT_SECURE) {
+		$securitydir = $config_tokens{"securitydir"};
+		if ($securitydir eq "none") {
+			&output_html_header("no-javascript");
+			print "

The orgchart config specifies to use TLS/SSL $config_tokens{\"ldap-url\"} but no securitydir has been configured 

";
+			print "\n";
+			exit (0);
+		}
+	}
+	$conn = new Mozilla::LDAP::Conn($host, $port, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"}, $securitydir);
+	die	"Couldn't connect to LDAP server $config_tokens{\"ldap-url\"}" unless $conn;
 	$entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0 , @return_attribs);
 
 	#
@@ -1289,8 +1334,6 @@
 
 		$search = "(|(cn=*$uid*)(mail=*$uid*))";
 
-		$conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
-		die	"Couldn't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
 		$entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0, @return_attribs);
 
 		$anothertempnum = 0;



From fedora-directory-commits at redhat.com  Wed Jan 30 02:22:49 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Tue, 29 Jan 2008 21:22:49 -0500
Subject: [Fedora-directory-commits] dsgw/orghtml orgchart.tmpl.in,1.1,1.2
Message-ID: <200801300222.m0U2MneB020859@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/orghtml
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw/orghtml

Modified Files:
	orgchart.tmpl.in 
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it



Index: orgchart.tmpl.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orghtml/orgchart.tmpl.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- orgchart.tmpl.in	28 Jan 2008 21:22:48 -0000	1.1
+++ orgchart.tmpl.in	30 Jan 2008 02:22:47 -0000	1.2
@@ -55,9 +55,11 @@
 #   Name/Value pairs below are (and need to be) separated with
 #   one or more tabs  (or spaces)
 #
-ldap-host	@host@
-ldap-port	@port@
+ldap-url	@ldapurl@/@suffix@
+#ldap-host	@host@
+#ldap-port	@port@
 ldap-search-base	@suffix@
+securitydir	@securitydir@
 
 #
 #  If you would like to have the phonebook icon visible, you must
@@ -69,7 +71,7 @@
 #      url-phonebook-base      http://hostname.domain.com/dsgw/bin/dosearch?context=default&hp=localhost&dn=
 #
 
-url-phonebook-base	http://@host@:@httpport@@cgiuri@/dosearch?context=pb&hp=@host@:@port@&dn=
+url-phonebook-base	@httpurl@@cgiuri@/dosearch?context=pb&hp=@host@:@port@&dn=
 
 #
 #   A name that has no value after it equates to "" for the value, 



From fedora-directory-commits at redhat.com  Wed Jan 30 02:22:49 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Tue, 29 Jan 2008 21:22:49 -0500
Subject: [Fedora-directory-commits] dsgw/pbconfig pb.tmpl.in,1.2,1.3
Message-ID: <200801300222.m0U2MnUw020865@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw/pbconfig
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw/pbconfig

Modified Files:
	pb.tmpl.in 
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it



Index: pb.tmpl.in
===================================================================
RCS file: /cvs/dirsec/dsgw/pbconfig/pb.tmpl.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- pb.tmpl.in	28 Jan 2008 21:22:49 -0000	1.2
+++ pb.tmpl.in	30 Jan 2008 02:22:47 -0000	1.3
@@ -36,15 +36,15 @@
 # All rights reserved.
 # END COPYRIGHT BLOCK
 
-baseurl       "ldap://@host@:@port@/@suffix@"
+baseurl       "@ldapurl@/@suffix@"
 
 dirmgr        "@dirmgr@"
 
 location-suffix       @suffix@
 
-securitypath  "@contextdir@"
+securitypath  "@securitydir@"
 
-url-orgchart-base     http://@host@:@httpport@@cgiuri@/org?context=pb&data=
+url-orgchart-base     @httpurl@@cgiuri@/org?context=pb&data=
 
 # The attribute the orgchart uses to search for entries.
 # This value should correspond to the value of attrib-farleft-rdn
@@ -70,11 +70,6 @@
 # are valid (in seconds).
 authlifetime	7200
 
-# The libNLS data directory.  This directory should contain a directory
-# named "locales", which contains the configuration files LANG.ctx and
-# LANG.txt for each supported language (locale).
-NLS ../../../lib/nls
-
 # The default character set, for communication with HTTP clients.
 # A client may override this default, using an HTTP Accept-Charset header.
 # Or, this default may be overridden for a specific language, by creating



From fedora-directory-commits at redhat.com  Wed Jan 30 17:16:51 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 30 Jan 2008 12:16:51 -0500
Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.9, 1.10 cgiutil.c,
	1.3, 1.4 config.h.in, 1.2, 1.3 configure.ac, 1.7,
	1.8 entrydisplay.c, 1.3, 1.4 aclocal.m4, 1.6, 1.7 configure,
	1.9, 1.10 missing, 1.5, 1.6 install-sh, 1.5, 1.6 Makefile.in,
	1.9, 1.10 depcomp, 1.5, 1.6 config.sub, 1.5, 1.6 config.guess,
	1.5, 1.6 compile, 1.5, 1.6
Message-ID: <200801301716.m0UHGpko021984@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21875/dsgw

Modified Files:
	Makefile.am cgiutil.c config.h.in configure.ac entrydisplay.c 
	aclocal.m4 configure missing install-sh Makefile.in depcomp 
	config.sub config.guess compile 
Log Message:
fix build issues and compiler warnings on HP-UX


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- Makefile.am	30 Jan 2008 02:22:46 -0000	1.9
+++ Makefile.am	30 Jan 2008 17:16:45 -0000	1.10
@@ -205,7 +205,7 @@
 if WINNT
 ICU_GENRB = @icu_bin@/genrb.exe
 else
-ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@
+ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_libdir@
 endif
 
 # The root resource bundle is based on English (en) locale;


Index: cgiutil.c
===================================================================
RCS file: /cvs/dirsec/dsgw/cgiutil.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- cgiutil.c	15 Jan 2008 18:23:43 -0000	1.3
+++ cgiutil.c	30 Jan 2008 17:16:45 -0000	1.4
@@ -138,7 +138,7 @@
 int
 dsgw_post_begin(FILE *in) 
 {
-    char *ct, *tmp = NULL;
+    char *ct = NULL, *tmp = NULL;
     char **vars = NULL;
 
     if (( ct = getenv( "CONTENT_TYPE" )) == NULL ||
@@ -354,7 +354,7 @@
 
     *pErrorCode = U_ZERO_ERROR;
 
-    if(sourceSize<0 || source==NULL || nDest==NULL || nSource==NULL)
+    if(source==NULL || nDest==NULL || nSource==NULL)
     {
         *pErrorCode=U_ILLEGAL_ARGUMENT_ERROR;
         return -1;


Index: config.h.in
===================================================================
RCS file: /cvs/dirsec/dsgw/config.h.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- config.h.in	10 Jan 2008 01:19:36 -0000	1.2
+++ config.h.in	30 Jan 2008 17:16:45 -0000	1.3
@@ -214,6 +214,9 @@
 /* Define to 1 if your  declares `struct tm'. */
 #undef TM_IN_SYS_TIME
 
+/* use lockf instead of flock */
+#undef USE_LOCKF
+
 /* Version number of package */
 #undef VERSION
 


Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/dsgw/configure.ac,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- configure.ac	28 Jan 2008 21:22:47 -0000	1.7
+++ configure.ac	30 Jan 2008 17:16:45 -0000	1.8
@@ -59,6 +59,9 @@
 AC_FUNC_VPRINTF
 AC_CHECK_FUNCS([ftruncate getcwd isascii localtime_r memmove memset select strcasecmp strchr strdup strerror strncasecmp strpbrk strrchr strstr strtoul])
 
+# check for lockf
+AC_CHECK_FUNC([lockf], [AC_DEFINE([USE_LOCKF], [1], [use lockf instead of flock])])
+
 PACKAGE_BASE_NAME=`echo $PACKAGE_NAME | sed -e s/-gw//`
 AC_SUBST(PACKAGE_BASE_NAME)
 


Index: entrydisplay.c
===================================================================
RCS file: /cvs/dirsec/dsgw/entrydisplay.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- entrydisplay.c	28 Jan 2008 21:22:47 -0000	1.3
+++ entrydisplay.c	30 Jan 2008 17:16:45 -0000	1.4
@@ -2215,7 +2215,7 @@
 static void
 bool_display( struct dsgw_attrdispinfo *adip )
 {
-    int		boolval, free_onclick, pre_idx;
+    int		boolval, pre_idx;
     char	*usestr, *truestr, *falsestr, *checked;
     char	*nameprefix, *onclick;
 
@@ -2227,7 +2227,6 @@
 
     if (( adip->adi_opts & DSGW_ATTROPT_EDITABLE ) == 0 ) {
 	nameprefix = onclick = "";
-	free_onclick = 0;
     } else {
 	char *onclickfmt = " onClick=\"aChg('%s')\"";
 
@@ -2241,7 +2240,6 @@
 	onclick = dsgw_ch_malloc( strlen( onclickfmt ) +
 		strlen( adip->adi_attr ) + 1 );
 	sprintf( onclick, onclickfmt, adip->adi_attr );
-	free_onclick = 1;
     }
 
     if (( truestr = get_arg_by_name( DSGW_ATTRARG_TRUESTR, adip->adi_argc,




Index: configure
===================================================================
RCS file: /cvs/dirsec/dsgw/configure,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- configure	30 Jan 2008 02:22:46 -0000	1.9
+++ configure	30 Jan 2008 17:16:45 -0000	1.10
@@ -21059,6 +21059,106 @@
 done
 
 
+# check for lockf
+echo "$as_me:$LINENO: checking for lockf" >&5
+echo $ECHO_N "checking for lockf... $ECHO_C" >&6
+if test "${ac_cv_func_lockf+set}" = set; then
+  echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+  cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h.  */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h.  */
+/* Define lockf to an innocuous variant, in case  declares lockf.
+   For example, HP-UX 11i  declares gettimeofday.  */
+#define lockf innocuous_lockf
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char lockf (); below.
+    Prefer  to  if __STDC__ is defined, since
+     exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include 
+#else
+# include 
+#endif
+
+#undef lockf
+
+/* Override any gcc2 internal prototype to avoid an error.  */
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+/* We use char because int might match the return type of a gcc2
+   builtin and then its argument prototype would still apply.  */
+char lockf ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_lockf) || defined (__stub___lockf)
+choke me
+#else
+char (*f) () = lockf;
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+int
+main ()
+{
+return f != lockf;
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+  (eval $ac_link) 2>conftest.er1
+  ac_status=$?
+  grep -v '^ *+' conftest.er1 >conftest.err
+  rm -f conftest.er1
+  cat conftest.err >&5
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); } &&
+	 { ac_try='test -z "$ac_c_werror_flag"
+			 || test ! -s conftest.err'
+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+  (eval $ac_try) 2>&5
+  ac_status=$?
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); }; } &&
+	 { ac_try='test -s conftest$ac_exeext'
+  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+  (eval $ac_try) 2>&5
+  ac_status=$?
+  echo "$as_me:$LINENO: \$? = $ac_status" >&5
+  (exit $ac_status); }; }; then
+  ac_cv_func_lockf=yes
+else
+  echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_func_lockf=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+      conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_lockf" >&5
+echo "${ECHO_T}$ac_cv_func_lockf" >&6
+if test $ac_cv_func_lockf = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define USE_LOCKF 1
+_ACEOF
+
+fi
+
+
 PACKAGE_BASE_NAME=`echo $PACKAGE_NAME | sed -e s/-gw//`
 
 






Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- Makefile.in	30 Jan 2008 02:22:46 -0000	1.9
+++ Makefile.in	30 Jan 2008 17:16:45 -0000	1.10
@@ -504,7 +504,7 @@
 # add more here for localized bundles
 nodist_property_DATA = root.res en.res en_US.res
 MOSTLYCLEANFILES = dsgw.conf root.res dsgw.properties setup dsgw-httpd.conf en.res en_US.res
- at WINNT_FALSE@ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_lib@
+ at WINNT_FALSE@ICU_GENRB = sh $(srcdir)/genrb_wrapper.sh @icu_bin@ @icu_libdir@
 
 # Resource Bundle Compiler 
 @WINNT_TRUE at ICU_GENRB = @icu_bin@/genrb.exe











From fedora-directory-commits at redhat.com  Wed Jan 30 17:38:05 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 30 Jan 2008 12:38:05 -0500
Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.10, 1.11 aclocal.m4,
	1.7, 1.8 configure, 1.10, 1.11 missing, 1.6, 1.7 install-sh,
	1.6, 1.7 Makefile.in, 1.10, 1.11 depcomp, 1.6, 1.7 config.sub,
	1.6, 1.7 config.guess, 1.6, 1.7 compile, 1.6, 1.7
Message-ID: <200801301738.m0UHc6YC028241@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28167/dsgw

Modified Files:
	Makefile.am aclocal.m4 configure missing install-sh 
	Makefile.in depcomp config.sub config.guess compile 
Log Message:
added CXXLINK stuff for HP-UX


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- Makefile.am	30 Jan 2008 17:16:45 -0000	1.10
+++ Makefile.am	30 Jan 2008 17:38:03 -0000	1.11
@@ -67,6 +67,12 @@
 	@nss_lib@ -lsmime3 -lssl3 -lnss3 -lsoftokn3 \
 	@nspr_lib@ -lplds4 -lplc4 -lnspr4
 
+if CXXLINK_REQUIRED
+MYLINK = $(CXXLINK)
+else
+MYLINK = $(LINK)
+endif
+
 # these are programs which we do not want to link with nss
 NEED_SECGLUE = unauth search csearch newentry tutor lang
 # these are programs which are not used at runtime but may be useful
@@ -75,6 +81,20 @@
 
 cgibin_PROGRAMS = auth doauth edit domodify dnedit dosearch $(NEED_SECGLUE) $(CKUTILPROGS)
 
+# for c++ linkage on those platforms that require it
+auth_LINK = $(MYLINK)
+doauth_LINK = $(MYLINK)
+edit_LINK = $(MYLINK)
+domodify_LINK = $(MYLINK)
+dnedit_LINK = $(MYLINK)
+dosearch_LINK = $(MYLINK)
+unauth_LINK = $(MYLINK)
+search_LINK = $(MYLINK)
+csearch_LINK = $(MYLINK)
+newentry_LINK = $(MYLINK)
+tutor_LINK = $(MYLINK)
+lang_LINK = $(MYLINK)
+
 cgibin_SCRIPTS = orgbin/org orgbin/myorg
 if DEBUG
 DBGSCRIPTS = $(addsuffix .sh,$(cgibin_PROGRAMS))










Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- Makefile.in	30 Jan 2008 17:16:45 -0000	1.10
+++ Makefile.in	30 Jan 2008 17:38:03 -0000	1.11
@@ -387,9 +387,25 @@
 	-DINSTCONFIGDIR=\"$(instconfigdir)\" \
 	-DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\" \
 	-DMANUALSUBDIR=\"$(manualsubdir)\" -DINFODIR=\"$(gwinfodir)\"
+ at CXXLINK_REQUIRED_FALSE@MYLINK = $(LINK)
+ at CXXLINK_REQUIRED_TRUE@MYLINK = $(CXXLINK)
 
 # these are programs which we do not want to link with nss
 NEED_SECGLUE = unauth search csearch newentry tutor lang
+
+# for c++ linkage on those platforms that require it
+auth_LINK = $(MYLINK)
+doauth_LINK = $(MYLINK)
+edit_LINK = $(MYLINK)
+domodify_LINK = $(MYLINK)
+dnedit_LINK = $(MYLINK)
+dosearch_LINK = $(MYLINK)
+unauth_LINK = $(MYLINK)
+search_LINK = $(MYLINK)
+csearch_LINK = $(MYLINK)
+newentry_LINK = $(MYLINK)
+tutor_LINK = $(MYLINK)
+lang_LINK = $(MYLINK)
 cgibin_SCRIPTS = orgbin/org orgbin/myorg $(am__append_3)
 @DEBUG_TRUE at DBGSCRIPTS = $(addsuffix .sh,$(cgibin_PROGRAMS))
 # I need propmaker to build with no libraries - I don't know of any other way to set
@@ -650,43 +666,43 @@
 	done
 auth$(EXEEXT): $(auth_OBJECTS) $(auth_DEPENDENCIES) 
 	@rm -f auth$(EXEEXT)
-	$(LINK) $(auth_LDFLAGS) $(auth_OBJECTS) $(auth_LDADD) $(LIBS)
+	$(auth_LINK) $(auth_LDFLAGS) $(auth_OBJECTS) $(auth_LDADD) $(LIBS)
 csearch$(EXEEXT): $(csearch_OBJECTS) $(csearch_DEPENDENCIES) 
 	@rm -f csearch$(EXEEXT)
-	$(LINK) $(csearch_LDFLAGS) $(csearch_OBJECTS) $(csearch_LDADD) $(LIBS)
+	$(csearch_LINK) $(csearch_LDFLAGS) $(csearch_OBJECTS) $(csearch_LDADD) $(LIBS)
 dnedit$(EXEEXT): $(dnedit_OBJECTS) $(dnedit_DEPENDENCIES) 
 	@rm -f dnedit$(EXEEXT)
-	$(LINK) $(dnedit_LDFLAGS) $(dnedit_OBJECTS) $(dnedit_LDADD) $(LIBS)
+	$(dnedit_LINK) $(dnedit_LDFLAGS) $(dnedit_OBJECTS) $(dnedit_LDADD) $(LIBS)
 doauth$(EXEEXT): $(doauth_OBJECTS) $(doauth_DEPENDENCIES) 
 	@rm -f doauth$(EXEEXT)
-	$(LINK) $(doauth_LDFLAGS) $(doauth_OBJECTS) $(doauth_LDADD) $(LIBS)
+	$(doauth_LINK) $(doauth_LDFLAGS) $(doauth_OBJECTS) $(doauth_LDADD) $(LIBS)
 domodify$(EXEEXT): $(domodify_OBJECTS) $(domodify_DEPENDENCIES) 
 	@rm -f domodify$(EXEEXT)
-	$(LINK) $(domodify_LDFLAGS) $(domodify_OBJECTS) $(domodify_LDADD) $(LIBS)
+	$(domodify_LINK) $(domodify_LDFLAGS) $(domodify_OBJECTS) $(domodify_LDADD) $(LIBS)
 dosearch$(EXEEXT): $(dosearch_OBJECTS) $(dosearch_DEPENDENCIES) 
 	@rm -f dosearch$(EXEEXT)
-	$(LINK) $(dosearch_LDFLAGS) $(dosearch_OBJECTS) $(dosearch_LDADD) $(LIBS)
+	$(dosearch_LINK) $(dosearch_LDFLAGS) $(dosearch_OBJECTS) $(dosearch_LDADD) $(LIBS)
 edit$(EXEEXT): $(edit_OBJECTS) $(edit_DEPENDENCIES) 
 	@rm -f edit$(EXEEXT)
-	$(LINK) $(edit_LDFLAGS) $(edit_OBJECTS) $(edit_LDADD) $(LIBS)
+	$(edit_LINK) $(edit_LDFLAGS) $(edit_OBJECTS) $(edit_LDADD) $(LIBS)
 lang$(EXEEXT): $(lang_OBJECTS) $(lang_DEPENDENCIES) 
 	@rm -f lang$(EXEEXT)
-	$(LINK) $(lang_LDFLAGS) $(lang_OBJECTS) $(lang_LDADD) $(LIBS)
+	$(lang_LINK) $(lang_LDFLAGS) $(lang_OBJECTS) $(lang_LDADD) $(LIBS)
 newentry$(EXEEXT): $(newentry_OBJECTS) $(newentry_DEPENDENCIES) 
 	@rm -f newentry$(EXEEXT)
-	$(LINK) $(newentry_LDFLAGS) $(newentry_OBJECTS) $(newentry_LDADD) $(LIBS)
+	$(newentry_LINK) $(newentry_LDFLAGS) $(newentry_OBJECTS) $(newentry_LDADD) $(LIBS)
 propmaker$(EXEEXT): $(propmaker_OBJECTS) $(propmaker_DEPENDENCIES) 
 	@rm -f propmaker$(EXEEXT)
 	$(LINK) $(propmaker_LDFLAGS) $(propmaker_OBJECTS) $(propmaker_LDADD) $(LIBS)
 search$(EXEEXT): $(search_OBJECTS) $(search_DEPENDENCIES) 
 	@rm -f search$(EXEEXT)
-	$(LINK) $(search_LDFLAGS) $(search_OBJECTS) $(search_LDADD) $(LIBS)
+	$(search_LINK) $(search_LDFLAGS) $(search_OBJECTS) $(search_LDADD) $(LIBS)
 tutor$(EXEEXT): $(tutor_OBJECTS) $(tutor_DEPENDENCIES) 
 	@rm -f tutor$(EXEEXT)
-	$(LINK) $(tutor_LDFLAGS) $(tutor_OBJECTS) $(tutor_LDADD) $(LIBS)
+	$(tutor_LINK) $(tutor_LDFLAGS) $(tutor_OBJECTS) $(tutor_LDADD) $(LIBS)
 unauth$(EXEEXT): $(unauth_OBJECTS) $(unauth_DEPENDENCIES) 
 	@rm -f unauth$(EXEEXT)
-	$(LINK) $(unauth_LDFLAGS) $(unauth_OBJECTS) $(unauth_LDADD) $(LIBS)
+	$(unauth_LINK) $(unauth_LDFLAGS) $(unauth_OBJECTS) $(unauth_LDADD) $(LIBS)
 install-cgibinSCRIPTS: $(cgibin_SCRIPTS)
 	@$(NORMAL_INSTALL)
 	test -z "$(cgibindir)" || $(mkdir_p) "$(DESTDIR)$(cgibindir)"











From fedora-directory-commits at redhat.com  Wed Jan 30 17:47:52 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 30 Jan 2008 12:47:52 -0500
Subject: [Fedora-directory-commits] dsgw dummy.cpp, NONE, 1.1 Makefile.am,
	1.11, 1.12 aclocal.m4, 1.8, 1.9 configure, 1.11, 1.12 missing,
	1.7, 1.8 install-sh, 1.7, 1.8 depcomp, 1.7, 1.8 compile, 1.7,
	1.8 Makefile.in, 1.11, 1.12 config.sub, 1.7, 1.8 config.guess,
	1.7, 1.8
Message-ID: <200801301747.m0UHlqkC031428@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31357/dsgw

Modified Files:
	Makefile.am aclocal.m4 configure missing install-sh depcomp 
	compile Makefile.in config.sub config.guess 
Added Files:
	dummy.cpp 
Log Message:
add dummy c++ file to force automake to define CXXLINK


--- NEW FILE dummy.cpp ---
// this is just a dummy
// C++ program to make automake define
// the macro CXXLINK
int
main(int argc, char *argv[])
{
	int ii = 1;
	int jj = ii;
}


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- Makefile.am	30 Jan 2008 17:38:03 -0000	1.11
+++ Makefile.am	30 Jan 2008 17:47:50 -0000	1.12
@@ -67,6 +67,16 @@
 	@nss_lib@ -lsmime3 -lssl3 -lnss3 -lsoftokn3 \
 	@nspr_lib@ -lplds4 -lplc4 -lnspr4
 
+noinst_PROGRAMS = propmaker
+
+# this is just a dummy to make automake define
+# the CXXLINK macro
+if CXXLINK_REQUIRED
+noinst_PROGRAMS += dummy
+dummy_SOURCES = dummy.cpp
+dummy_LINK = $(CXXLINK)
+endif
+
 if CXXLINK_REQUIRED
 MYLINK = $(CXXLINK)
 else
@@ -101,7 +111,6 @@
 cgibin_SCRIPTS += $(DBGSCRIPTS)
 endif
 
-noinst_PROGRAMS = propmaker
 # I need propmaker to build with no libraries - I don't know of any other way to set
 # the LIBS for a specific program (no, propmaker_LIBS doesn't work) - LDADD is the
 # last thing on the link line before LIBS, so just have it terminate the command














Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- Makefile.in	30 Jan 2008 17:38:03 -0000	1.11
+++ Makefile.in	30 Jan 2008 17:47:50 -0000	1.12
@@ -60,11 +60,15 @@
 host_triplet = @host@
 @WINNT_TRUE at am__append_1 = -DXP_WINNT
 @WINNT_FALSE at am__append_2 = -DXP_UNIX
+noinst_PROGRAMS = propmaker$(EXEEXT) $(am__EXEEXT_2)
+
+# this is just a dummy to make automake define
+# the CXXLINK macro
+ at CXXLINK_REQUIRED_TRUE@am__append_3 = dummy
 cgibin_PROGRAMS = auth$(EXEEXT) doauth$(EXEEXT) edit$(EXEEXT) \
 	domodify$(EXEEXT) dnedit$(EXEEXT) dosearch$(EXEEXT) \
 	$(am__EXEEXT_1)
- at DEBUG_TRUE@am__append_3 = $(DBGSCRIPTS)
-noinst_PROGRAMS = propmaker$(EXEEXT)
+ at DEBUG_TRUE@am__append_4 = $(DBGSCRIPTS)
 DIST_COMMON = README $(am__configure_deps) $(dist_config_DATA) \
 	$(dist_gwinfo_DATA) $(dist_html_DATA) $(dist_maninst_DATA) \
 	$(dist_orghtml_DATA) $(dist_pbconfig_DATA) $(dist_pbhtml_DATA) \
@@ -94,6 +98,7 @@
 	"$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" \
 	"$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"
 cgibinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+ at CXXLINK_REQUIRED_TRUE@am__EXEEXT_2 = dummy$(EXEEXT)
 PROGRAMS = $(cgibin_PROGRAMS) $(noinst_PROGRAMS)
 am__objects_1 = htmlout.$(OBJEXT) htmlparse.$(OBJEXT) error.$(OBJEXT) \
 	cgiutil.$(OBJEXT) dsgwutil.$(OBJEXT) ldaputil.$(OBJEXT) \
@@ -120,6 +125,10 @@
 am_dosearch_OBJECTS = dosearch.$(OBJEXT) $(am__objects_1)
 dosearch_OBJECTS = $(am_dosearch_OBJECTS)
 dosearch_LDADD = $(LDADD)
+am__dummy_SOURCES_DIST = dummy.cpp
+ at CXXLINK_REQUIRED_TRUE@am_dummy_OBJECTS = dummy.$(OBJEXT)
+dummy_OBJECTS = $(am_dummy_OBJECTS)
+dummy_LDADD = $(LDADD)
 am_edit_OBJECTS = edit.$(OBJEXT) $(am__objects_1)
 edit_OBJECTS = $(am_edit_OBJECTS)
 edit_LDADD = $(LDADD)
@@ -158,16 +167,24 @@
 CCLD = $(CC)
 LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 	$(AM_LDFLAGS) $(LDFLAGS) -o $@
+CXXCOMPILE = $(CXX) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
+	$(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CXXFLAGS) $(CXXFLAGS)
+LTCXXCOMPILE = $(LIBTOOL) --tag=CXX --mode=compile $(CXX) $(DEFS) \
+	$(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+	$(AM_CXXFLAGS) $(CXXFLAGS)
+CXXLD = $(CXX)
+CXXLINK = $(LIBTOOL) --tag=CXX --mode=link $(CXXLD) $(AM_CXXFLAGS) \
+	$(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
 SOURCES = $(auth_SOURCES) $(csearch_SOURCES) $(dnedit_SOURCES) \
 	$(doauth_SOURCES) $(domodify_SOURCES) $(dosearch_SOURCES) \
-	$(edit_SOURCES) $(lang_SOURCES) $(newentry_SOURCES) \
-	propmaker.c $(search_SOURCES) $(tutor_SOURCES) \
-	$(unauth_SOURCES)
+	$(dummy_SOURCES) $(edit_SOURCES) $(lang_SOURCES) \
+	$(newentry_SOURCES) propmaker.c $(search_SOURCES) \
+	$(tutor_SOURCES) $(unauth_SOURCES)
 DIST_SOURCES = $(auth_SOURCES) $(csearch_SOURCES) $(dnedit_SOURCES) \
 	$(doauth_SOURCES) $(domodify_SOURCES) $(dosearch_SOURCES) \
-	$(edit_SOURCES) $(lang_SOURCES) $(newentry_SOURCES) \
-	propmaker.c $(search_SOURCES) $(tutor_SOURCES) \
-	$(unauth_SOURCES)
+	$(am__dummy_SOURCES_DIST) $(edit_SOURCES) $(lang_SOURCES) \
+	$(newentry_SOURCES) propmaker.c $(search_SOURCES) \
+	$(tutor_SOURCES) $(unauth_SOURCES)
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
 am__vpath_adj = case $$p in \
     $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
@@ -387,6 +404,8 @@
 	-DINSTCONFIGDIR=\"$(instconfigdir)\" \
 	-DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\" \
 	-DMANUALSUBDIR=\"$(manualsubdir)\" -DINFODIR=\"$(gwinfodir)\"
+ at CXXLINK_REQUIRED_TRUE@dummy_SOURCES = dummy.cpp
+ at CXXLINK_REQUIRED_TRUE@dummy_LINK = $(CXXLINK)
 @CXXLINK_REQUIRED_FALSE at MYLINK = $(LINK)
 @CXXLINK_REQUIRED_TRUE at MYLINK = $(CXXLINK)
 
@@ -406,8 +425,9 @@
 newentry_LINK = $(MYLINK)
 tutor_LINK = $(MYLINK)
 lang_LINK = $(MYLINK)
-cgibin_SCRIPTS = orgbin/org orgbin/myorg $(am__append_3)
+cgibin_SCRIPTS = orgbin/org orgbin/myorg $(am__append_4)
 @DEBUG_TRUE at DBGSCRIPTS = $(addsuffix .sh,$(cgibin_PROGRAMS))
+
 # I need propmaker to build with no libraries - I don't know of any other way to set
 # the LIBS for a specific program (no, propmaker_LIBS doesn't work) - LDADD is the
 # last thing on the link line before LIBS, so just have it terminate the command
@@ -578,7 +598,7 @@
 	$(MAKE) $(AM_MAKEFLAGS) all-am
 
 .SUFFIXES:
-.SUFFIXES: .c .lo .o .obj
+.SUFFIXES: .c .cpp .lo .o .obj
 am--refresh:
 	@:
 $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am  $(am__configure_deps)
@@ -682,6 +702,9 @@
 dosearch$(EXEEXT): $(dosearch_OBJECTS) $(dosearch_DEPENDENCIES) 
 	@rm -f dosearch$(EXEEXT)
 	$(dosearch_LINK) $(dosearch_LDFLAGS) $(dosearch_OBJECTS) $(dosearch_LDADD) $(LIBS)
+dummy$(EXEEXT): $(dummy_OBJECTS) $(dummy_DEPENDENCIES) 
+	@rm -f dummy$(EXEEXT)
+	$(dummy_LINK) $(dummy_LDFLAGS) $(dummy_OBJECTS) $(dummy_LDADD) $(LIBS)
 edit$(EXEEXT): $(edit_OBJECTS) $(edit_DEPENDENCIES) 
 	@rm -f edit$(EXEEXT)
 	$(edit_LINK) $(edit_LDFLAGS) $(edit_OBJECTS) $(edit_LDADD) $(LIBS)
@@ -761,6 +784,7 @@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/dosearch.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/dsgwgetlang.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/dsgwutil.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/dummy.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/edit.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/emitauth.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/emitf.Po at am__quote@
@@ -803,6 +827,30 @@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(LTCOMPILE) -c -o $@ $<
 
+.cpp.o:
+ at am__fastdepCXX_TRUE@	depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`; \
+ at am__fastdepCXX_TRUE@	if $(CXXCOMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ $<; \
+ at am__fastdepCXX_TRUE@	then mv -f "$$depbase.Tpo" "$$depbase.Po"; else rm -f "$$depbase.Tpo"; exit 1; fi
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ $<
+
+.cpp.obj:
+ at am__fastdepCXX_TRUE@	depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`; \
+ at am__fastdepCXX_TRUE@	if $(CXXCOMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
+ at am__fastdepCXX_TRUE@	then mv -f "$$depbase.Tpo" "$$depbase.Po"; else rm -f "$$depbase.Tpo"; exit 1; fi
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@	$(CXXCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.cpp.lo:
+ at am__fastdepCXX_TRUE@	depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`; \
+ at am__fastdepCXX_TRUE@	if $(LTCXXCOMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ $<; \
+ at am__fastdepCXX_TRUE@	then mv -f "$$depbase.Tpo" "$$depbase.Plo"; else rm -f "$$depbase.Tpo"; exit 1; fi
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+ at AMDEP_TRUE@@am__fastdepCXX_FALSE@	DEPDIR=$(DEPDIR) $(CXXDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ at am__fastdepCXX_FALSE@	$(LTCXXCOMPILE) -c -o $@ $<
+
 mostlyclean-libtool:
 	-rm -f *.lo
 







From fedora-directory-commits at redhat.com  Thu Jan 31 03:03:36 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 30 Jan 2008 22:03:36 -0500
Subject: [Fedora-directory-commits] dsgw dsgw.h,1.5,1.6
Message-ID: <200801310303.m0V33aoa023916@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23897

Modified Files:
	dsgw.h 
Log Message:
include config.h in dsgw.h so all of the dsgw code will include it


Index: dsgw.h
===================================================================
RCS file: /cvs/dirsec/dsgw/dsgw.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- dsgw.h	16 Jan 2008 22:56:02 -0000	1.5
+++ dsgw.h	31 Jan 2008 03:03:33 -0000	1.6
@@ -39,6 +39,10 @@
  * dsgw.h -- defines for HTTP gateway 
  */
 
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
 #include 
 #include 
 #include 



From fedora-directory-commits at redhat.com  Thu Jan 31 03:14:47 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Wed, 30 Jan 2008 22:14:47 -0500
Subject: [Fedora-directory-commits] dsgw configure.ac, 1.8, 1.9 aclocal.m4,
	1.9, 1.10 configure, 1.12, 1.13 missing, 1.8, 1.9 install-sh,
	1.8, 1.9 config.h.in, 1.3, 1.4 Makefile.in, 1.12, 1.13 depcomp,
	1.8, 1.9 config.sub, 1.8, 1.9 config.guess, 1.8, 1.9 compile,
	1.8, 1.9
Message-ID: <200801310314.m0V3ElQL027793@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27707

Modified Files:
	configure.ac aclocal.m4 configure missing install-sh 
	config.h.in Makefile.in depcomp config.sub config.guess 
	compile 
Log Message:
do not check for GNU compatible realloc


Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/dsgw/configure.ac,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- configure.ac	30 Jan 2008 17:16:45 -0000	1.8
+++ configure.ac	31 Jan 2008 03:14:44 -0000	1.9
@@ -52,7 +52,6 @@
 # Checks for library functions.
 AC_FUNC_MALLOC
 AC_FUNC_MEMCMP
-AC_FUNC_REALLOC
 AC_FUNC_SELECT_ARGTYPES
 AC_FUNC_STAT
 AC_FUNC_STRTOD




Index: configure
===================================================================
RCS file: /cvs/dirsec/dsgw/configure,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- configure	30 Jan 2008 17:47:50 -0000	1.12
+++ configure	31 Jan 2008 03:14:44 -0000	1.13
@@ -19879,237 +19879,6 @@
 
 
 
-for ac_header in stdlib.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
-  echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
-  echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-else
-  # Is the header compilable?
-echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h.  */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h.  */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
-  (eval $ac_compile) 2>conftest.er1
-  ac_status=$?
-  grep -v '^ *+' conftest.er1 >conftest.err
-  rm -f conftest.er1
-  cat conftest.err >&5
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); } &&
-	 { ac_try='test -z "$ac_c_werror_flag"
-			 || test ! -s conftest.err'
-  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
-  (eval $ac_try) 2>&5
-  ac_status=$?
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); }; } &&
-	 { ac_try='test -s conftest.$ac_objext'
-  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
-  (eval $ac_try) 2>&5
-  ac_status=$?
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); }; }; then
-  ac_header_compiler=yes
-else
-  echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-ac_header_compiler=no
-fi
-rm -f conftest.err conftest.$ac_objext conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6
-
-# Is the header present?
-echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h.  */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h.  */
-#include <$ac_header>
-_ACEOF
-if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
-  (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
-  ac_status=$?
-  grep -v '^ *+' conftest.er1 >conftest.err
-  rm -f conftest.er1
-  cat conftest.err >&5
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); } >/dev/null; then
-  if test -s conftest.err; then
-    ac_cpp_err=$ac_c_preproc_warn_flag
-    ac_cpp_err=$ac_cpp_err$ac_c_werror_flag
-  else
-    ac_cpp_err=
-  fi
-else
-  ac_cpp_err=yes
-fi
-if test -z "$ac_cpp_err"; then
-  ac_header_preproc=yes
-else
-  echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-  ac_header_preproc=no
-fi
-rm -f conftest.err conftest.$ac_ext
-echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6
-
-# So?  What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
-  yes:no: )
-    { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
-    ac_header_preproc=yes
-    ;;
-  no:yes:* )
-    { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header:     check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header:     check for missing prerequisite headers?" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header:     section \"Present But Cannot Be Compiled\"" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
-    { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
-    (
-      cat <<\_ASBOX
-## ------------------------------------------ ##
-## Report this to http://bugzilla.redhat.com/ ##
-## ------------------------------------------ ##
-_ASBOX
-    ) |
-      sed "s/^/$as_me: WARNING:     /" >&2
-    ;;
-esac
-echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
-if eval "test \"\${$as_ac_Header+set}\" = set"; then
-  echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-  eval "$as_ac_Header=\$ac_header_preproc"
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
-  cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-echo "$as_me:$LINENO: checking for GNU libc compatible realloc" >&5
-echo $ECHO_N "checking for GNU libc compatible realloc... $ECHO_C" >&6
-if test "${ac_cv_func_realloc_0_nonnull+set}" = set; then
-  echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-  if test "$cross_compiling" = yes; then
-  ac_cv_func_realloc_0_nonnull=no
-else
-  cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h.  */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h.  */
-#if STDC_HEADERS || HAVE_STDLIB_H
-# include 
-#else
-char *realloc ();
-#endif
-
-int
-main ()
-{
-exit (realloc (0, 0) ? 0 : 1);
-  ;
-  return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
-  (eval $ac_link) 2>&5
-  ac_status=$?
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
-  { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
-  (eval $ac_try) 2>&5
-  ac_status=$?
-  echo "$as_me:$LINENO: \$? = $ac_status" >&5
-  (exit $ac_status); }; }; then
-  ac_cv_func_realloc_0_nonnull=yes
-else
-  echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_func_realloc_0_nonnull=no
-fi
-rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_realloc_0_nonnull" >&5
-echo "${ECHO_T}$ac_cv_func_realloc_0_nonnull" >&6
-if test $ac_cv_func_realloc_0_nonnull = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_REALLOC 1
-_ACEOF
-
-else
-  cat >>confdefs.h <<\_ACEOF
-#define HAVE_REALLOC 0
-_ACEOF
-
-   case $LIBOBJS in
-    "realloc.$ac_objext"   | \
-  *" realloc.$ac_objext"   | \
-    "realloc.$ac_objext "* | \
-  *" realloc.$ac_objext "* ) ;;
-  *) LIBOBJS="$LIBOBJS realloc.$ac_objext" ;;
-esac
-
-
-cat >>confdefs.h <<\_ACEOF
-#define realloc rpl_realloc
-_ACEOF
-
-fi
-
-
-
-
 
 for ac_header in sys/select.h sys/socket.h
 do






Index: config.h.in
===================================================================
RCS file: /cvs/dirsec/dsgw/config.h.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- config.h.in	30 Jan 2008 17:16:45 -0000	1.3
+++ config.h.in	31 Jan 2008 03:14:44 -0000	1.4
@@ -52,10 +52,6 @@
 /* Define to 1 if you have the `memset' function. */
 #undef HAVE_MEMSET
 
-/* Define to 1 if your system has a GNU libc compatible `realloc' function,
-   and to 0 otherwise. */
-#undef HAVE_REALLOC
-
 /* Define to 1 if you have the `select' function. */
 #undef HAVE_SELECT
 
@@ -250,9 +246,6 @@
 /* Define to rpl_malloc if the replacement function should be used. */
 #undef malloc
 
-/* Define to rpl_realloc if the replacement function should be used. */
-#undef realloc
-
 /* Define to `unsigned' if  does not define. */
 #undef size_t
 













From fedora-directory-commits at redhat.com  Thu Jan 31 20:32:01 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Thu, 31 Jan 2008 15:32:01 -0500
Subject: [Fedora-directory-commits] dsgw setup-ds-dsgw.in,1.1,1.2
Message-ID: <200801312032.m0VKW1BH019999@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19979

Modified Files:
	setup-ds-dsgw.in 
Log Message:
better method of choosing suffix


Index: setup-ds-dsgw.in
===================================================================
RCS file: /cvs/dirsec/dsgw/setup-ds-dsgw.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- setup-ds-dsgw.in	30 Jan 2008 02:22:46 -0000	1.1
+++ setup-ds-dsgw.in	31 Jan 2008 20:31:59 -0000	1.2
@@ -99,9 +99,8 @@
             ldapurl="ldap://$host:$port"
         fi
         # get suffix
-        suffixlist="`getValFromLdif nsslapd-suffix $dir/dse.ldif 2`"
-        for suffix in $suffixlist ; do
-            case $suffix in
+	grep ^nsslapd-suffix: $dir/dse.ldif | sed -e 's/^nsslapd-suffix:[ 	]*//' | while read suffix ; do
+            case "$suffix" in
             *netscaperoot) ;;
             *NetscapeRoot) ;;
             *) break ;; # find the first non-netscaperoot suffix



From fedora-directory-commits at redhat.com  Thu Jan 31 21:43:39 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Thu, 31 Jan 2008 16:43:39 -0500
Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.12,
	1.13 setup-ds-dsgw.in, 1.2, 1.3 aclocal.m4, 1.10,
	1.11 configure, 1.13, 1.14 missing, 1.9, 1.10 install-sh, 1.9,
	1.10 Makefile.in, 1.13, 1.14 depcomp, 1.9, 1.10 config.sub,
	1.9, 1.10 config.guess, 1.9, 1.10 compile, 1.9, 1.10
Message-ID: <200801312143.m0VLhd88032709@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32675/dsgw

Modified Files:
	Makefile.am setup-ds-dsgw.in aclocal.m4 configure missing 
	install-sh Makefile.in depcomp config.sub config.guess compile 
Log Message:
enhance setup - move to sbin, check for already configured, add reconfig option to force reconfig, add support for users and groups


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- Makefile.am	30 Jan 2008 17:47:50 -0000	1.12
+++ Makefile.am	31 Jan 2008 21:43:36 -0000	1.13
@@ -223,7 +223,7 @@
 dist_gwinfo_DATA = html/info/infonav.html
 
 nodist_context_DATA = dsgw-httpd.conf
-nodist_bin_SCRIPTS = setup-ds-dsgw
+nodist_sbin_SCRIPTS = setup-ds-dsgw
 
 # add more here for localized bundles
 nodist_property_DATA = root.res en.res en_US.res


Index: setup-ds-dsgw.in
===================================================================
RCS file: /cvs/dirsec/dsgw/setup-ds-dsgw.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- setup-ds-dsgw.in	31 Jan 2008 20:31:59 -0000	1.2
+++ setup-ds-dsgw.in	31 Jan 2008 21:43:36 -0000	1.3
@@ -76,6 +76,8 @@
         httpurl="http://$host:$port"
     fi
     httpdconf=$admservdir/httpd.conf
+	dsgwuser=`ls -l $admservdir/local.conf | awk '{print $3}'`
+	dsgwgroup=`ls -l $admservdir/local.conf | awk '{print $4}'`
 fi
 
 # see if there are any directory servers here
@@ -98,14 +100,18 @@
             port=`getValFromLdif nsslapd-port "$dir/dse.ldif"`
             ldapurl="ldap://$host:$port"
         fi
-        # get suffix
-	grep ^nsslapd-suffix: $dir/dse.ldif | sed -e 's/^nsslapd-suffix:[ 	]*//' | while read suffix ; do
-            case "$suffix" in
-            *netscaperoot) ;;
-            *NetscapeRoot) ;;
-            *) break ;; # find the first non-netscaperoot suffix
-            esac
-        done
+        # get suffix - first non-netscaperoot suffix
+        savesuffix="$suffix"
+        suffix=`grep ^nsslapd-suffix: $dir/dse.ldif | sed -e 's/^nsslapd-suffix:[ 	]*//' | grep -v -i o=netscaperoot | head -1`
+        if [ -z "$suffix" ] ; then
+            suffix="$savesuffix"
+        fi
+        if [ -z "$dsgwuser" ] ; then
+            dsgwuser=`ls -l $dir/dse.ldif | awk '{print $3}'`
+        fi
+        if [ -z "$dsgwgroup" ] ; then
+            dsgwgroup=`ls -l $dir/dse.ldif | awk '{print $4}'`
+        fi
     fi
 done
 
@@ -122,6 +128,8 @@
 		silent=1
 	elif [ "$arg" = "-k" ]; then
 		keepinffile=1
+	elif [ "$arg" = "-r" ]; then
+		reconfig=1
 	elif [ "$arg" = "-f" ]; then
 		nextisinffile=1
 	elif [ $nextisinffile ]; then
@@ -140,9 +148,33 @@
     httpport=`getValFromInf Port $inffile`
     httpurl="http://$host:$httpport"
     ldapurl="ldap://$host:$port"
+    infuser=`getValFromInf SysUser $inffile`
+    infgroup=`getValFromInf SysGroup $inffile`
+    if [ -z "$infuser" ] ; then
+        infuser=`getValFromInf SuiteSpotUserID $inffile`
+    fi
+    if [ -z "$infgroup" ] ; then
+        infgroup=`getValFromInf SuiteSpotGroup $inffile`
+    fi
+    if [ -n "$infuser" ] ; then
+        dsgwuser="$infuser"
+    fi
+    if [ -n "$infgroup" ] ; then
+        dsgwgroup="$infgroup"
+    fi
+fi
+
+if [ -z "$reconfig" -a -f $dsgwconfigdir/dsgw.conf ] ; then
+    echo The Directory Server Gateway has already been configured.  The
+    echo file $dsgwconfigdir/dsgw.conf
+    echo exists already.  If you want to force a reconfiguration, removing
+    echo your existing configuration and recreating it, run this script
+    echo again with the "-r" argument.
+    exit 1
 fi
 
 # generate dsgw.conf and pb.conf and default.conf in the $dsgwconfigdir directory
+rm -f $dsgwconfigdir/dsgw.conf
 sed -e "s#@host@#$hostname#g" \
     -e "s#@port@#$port#g" \
     -e "s#@httpport@#$httpport#g" \
@@ -153,6 +185,10 @@
     -e "s#@httpurl@#$httpurl#g" \
     @configdir@/dsgw.tmpl > $dsgwconfigdir/dsgw.conf
 
+chown $dsgwuser:$dsgwgroup $dsgwconfigdir/dsgw.conf
+chmod 0400 $dsgwconfigdir/dsgw.conf
+
+rm -f $dsgwconfigdir/pb.conf
 sed -e "s#@host@#$hostname#g" \
     -e "s#@port@#$port#g" \
     -e "s#@httpport@#$httpport#g" \
@@ -163,6 +199,10 @@
     -e "s#@httpurl@#$httpurl#g" \
     @pbconfigdir@/pb.tmpl > $dsgwconfigdir/pb.conf
 
+chown $dsgwuser:$dsgwgroup $dsgwconfigdir/pb.conf
+chmod 0400 $dsgwconfigdir/pb.conf
+
+rm -f $dsgwconfigdir/orgchart.conf
 sed -e "s#@host@#$hostname#g" \
     -e "s#@port@#$port#g" \
     -e "s#@httpport@#$httpport#g" \
@@ -173,8 +213,14 @@
     -e "s#@httpurl@#$httpurl#g" \
     @orghtmldir@/orgchart.tmpl > $dsgwconfigdir/orgchart.conf
 
+chown $dsgwuser:$dsgwgroup $dsgwconfigdir/orgchart.conf
+chmod 0400 $dsgwconfigdir/orgchart.conf
+
 # the default.conf is just a copy of dsgw.conf
+rm -f $dsgwconfigdir/default.conf
 cp $dsgwconfigdir/dsgw.conf $dsgwconfigdir/default.conf
+chown $dsgwuser:$dsgwgroup $dsgwconfigdir/default.conf
+chmod 0400 $dsgwconfigdir/default.conf
 
 # tell Apache about the dsgw - must restart Apache
 grep dsgw-httpd.conf "$httpdconf" > /dev/null 2>&1 || (echo "" ; echo "# DSGW configuration" ; echo "Include $dsgwconfigdir/dsgw-httpd.conf") >> $httpdconf










Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- Makefile.in	31 Jan 2008 03:14:44 -0000	1.13
+++ Makefile.in	31 Jan 2008 21:43:36 -0000	1.14
@@ -92,7 +92,7 @@
 am__EXEEXT_1 = unauth$(EXEEXT) search$(EXEEXT) csearch$(EXEEXT) \
 	newentry$(EXEEXT) tutor$(EXEEXT) lang$(EXEEXT)
 am__installdirs = "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" \
-	"$(DESTDIR)$(bindir)" "$(DESTDIR)$(configdir)" \
+	"$(DESTDIR)$(sbindir)" "$(DESTDIR)$(configdir)" \
 	"$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" \
 	"$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" \
 	"$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" \
@@ -154,8 +154,8 @@
 unauth_OBJECTS = $(am_unauth_OBJECTS)
 unauth_LDADD = $(LDADD)
 cgibinSCRIPT_INSTALL = $(INSTALL_SCRIPT)
-nodist_binSCRIPT_INSTALL = $(INSTALL_SCRIPT)
-SCRIPTS = $(cgibin_SCRIPTS) $(nodist_bin_SCRIPTS)
+nodist_sbinSCRIPT_INSTALL = $(INSTALL_SCRIPT)
+SCRIPTS = $(cgibin_SCRIPTS) $(nodist_sbin_SCRIPTS)
 DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
@@ -535,7 +535,7 @@
 
 dist_gwinfo_DATA = html/info/infonav.html
 nodist_context_DATA = dsgw-httpd.conf
-nodist_bin_SCRIPTS = setup-ds-dsgw
+nodist_sbin_SCRIPTS = setup-ds-dsgw
 
 # add more here for localized bundles
 nodist_property_DATA = root.res en.res en_US.res
@@ -745,24 +745,24 @@
 	  echo " rm -f '$(DESTDIR)$(cgibindir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(cgibindir)/$$f"; \
 	done
-install-nodist_binSCRIPTS: $(nodist_bin_SCRIPTS)
+install-nodist_sbinSCRIPTS: $(nodist_sbin_SCRIPTS)
 	@$(NORMAL_INSTALL)
-	test -z "$(bindir)" || $(mkdir_p) "$(DESTDIR)$(bindir)"
-	@list='$(nodist_bin_SCRIPTS)'; for p in $$list; do \
+	test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)"
+	@list='$(nodist_sbin_SCRIPTS)'; for p in $$list; do \
 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
 	  if test -f $$d$$p; then \
 	    f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
-	    echo " $(nodist_binSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(bindir)/$$f'"; \
-	    $(nodist_binSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(bindir)/$$f"; \
+	    echo " $(nodist_sbinSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(sbindir)/$$f'"; \
+	    $(nodist_sbinSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(sbindir)/$$f"; \
 	  else :; fi; \
 	done
 
-uninstall-nodist_binSCRIPTS:
+uninstall-nodist_sbinSCRIPTS:
 	@$(NORMAL_UNINSTALL)
-	@list='$(nodist_bin_SCRIPTS)'; for p in $$list; do \
+	@list='$(nodist_sbin_SCRIPTS)'; for p in $$list; do \
 	  f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \
-	  echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \
-	  rm -f "$(DESTDIR)$(bindir)/$$f"; \
+	  echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \
+	  rm -f "$(DESTDIR)$(sbindir)/$$f"; \
 	done
 
 mostlyclean-compile:
@@ -1193,7 +1193,7 @@
 check: check-am
 all-am: Makefile $(PROGRAMS) $(SCRIPTS) $(DATA) config.h
 installdirs:
-	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
+	for dir in "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(cgibindir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(configdir)" "$(DESTDIR)$(gwinfodir)" "$(DESTDIR)$(htmldir)" "$(DESTDIR)$(maninstdir)" "$(DESTDIR)$(orghtmldir)" "$(DESTDIR)$(pbconfigdir)" "$(DESTDIR)$(pbhtmldir)" "$(DESTDIR)$(contextdir)" "$(DESTDIR)$(propertydir)"; do \
 	  test -z "$$dir" || $(mkdir_p) "$$dir"; \
 	done
 install: install-am
@@ -1250,7 +1250,7 @@
 	install-dist_pbhtmlDATA install-nodist_contextDATA \
 	install-nodist_propertyDATA
 
-install-exec-am: install-nodist_binSCRIPTS
+install-exec-am: install-nodist_sbinSCRIPTS
 
 install-info: install-info-am
 
@@ -1283,8 +1283,8 @@
 	uninstall-dist_htmlDATA uninstall-dist_maninstDATA \
 	uninstall-dist_orghtmlDATA uninstall-dist_pbconfigDATA \
 	uninstall-dist_pbhtmlDATA uninstall-info-am \
-	uninstall-nodist_binSCRIPTS uninstall-nodist_contextDATA \
-	uninstall-nodist_propertyDATA
+	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA \
+	uninstall-nodist_sbinSCRIPTS
 
 .PHONY: CTAGS GTAGS all all-am am--refresh check check-am clean \
 	clean-cgibinPROGRAMS clean-generic clean-libtool \
@@ -1300,8 +1300,8 @@
 	install-dist_orghtmlDATA install-dist_pbconfigDATA \
 	install-dist_pbhtmlDATA install-exec install-exec-am \
 	install-info install-info-am install-man \
-	install-nodist_binSCRIPTS install-nodist_contextDATA \
-	install-nodist_propertyDATA install-strip installcheck \
+	install-nodist_contextDATA install-nodist_propertyDATA \
+	install-nodist_sbinSCRIPTS install-strip installcheck \
 	installcheck-am installdirs maintainer-clean \
 	maintainer-clean-generic mostlyclean mostlyclean-compile \
 	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
@@ -1310,8 +1310,8 @@
 	uninstall-dist_gwinfoDATA uninstall-dist_htmlDATA \
 	uninstall-dist_maninstDATA uninstall-dist_orghtmlDATA \
 	uninstall-dist_pbconfigDATA uninstall-dist_pbhtmlDATA \
-	uninstall-info-am uninstall-nodist_binSCRIPTS \
-	uninstall-nodist_contextDATA uninstall-nodist_propertyDATA
+	uninstall-info-am uninstall-nodist_contextDATA \
+	uninstall-nodist_propertyDATA uninstall-nodist_sbinSCRIPTS
 
 
 # By default create only the default root bundle (english).











From fedora-directory-commits at redhat.com  Thu Jan 31 22:48:20 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Thu, 31 Jan 2008 17:48:20 -0500
Subject: [Fedora-directory-commits] dsgw Makefile.am, 1.13, 1.14 aclocal.m4,
	1.11, 1.12 configure, 1.14, 1.15 missing, 1.10,
	1.11 install-sh, 1.10, 1.11 Makefile.in, 1.14, 1.15 depcomp,
	1.10, 1.11 config.sub, 1.10, 1.11 config.guess, 1.10,
	1.11 compile, 1.10, 1.11
Message-ID: <200801312248.m0VMmKFP011696@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11649/dsgw

Modified Files:
	Makefile.am aclocal.m4 configure missing install-sh 
	Makefile.in depcomp config.sub config.guess compile 
Log Message:
add pthread lib for HP-UX


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- Makefile.am	31 Jan 2008 21:43:36 -0000	1.13
+++ Makefile.am	31 Jan 2008 22:48:17 -0000	1.14
@@ -69,6 +69,11 @@
 
 noinst_PROGRAMS = propmaker
 
+# We need to make sure that libpthread is linked before libc on HP-UX.
+if HPUX
+AM_LDFLAGS = -lpthread
+endif
+
 # this is just a dummy to make automake define
 # the CXXLINK macro
 if CXXLINK_REQUIRED










Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- Makefile.in	31 Jan 2008 21:43:36 -0000	1.14
+++ Makefile.in	31 Jan 2008 22:48:17 -0000	1.15
@@ -404,6 +404,9 @@
 	-DINSTCONFIGDIR=\"$(instconfigdir)\" \
 	-DMANUALDIR=\"$(manualdir)\" -DCGIURIBASE=\"$(cgiuri)\" \
 	-DMANUALSUBDIR=\"$(manualsubdir)\" -DINFODIR=\"$(gwinfodir)\"
+
+# We need to make sure that libpthread is linked before libc on HP-UX.
+ at HPUX_TRUE@AM_LDFLAGS = -lpthread
 @CXXLINK_REQUIRED_TRUE at dummy_SOURCES = dummy.cpp
 @CXXLINK_REQUIRED_TRUE at dummy_LINK = $(CXXLINK)
 @CXXLINK_REQUIRED_FALSE at MYLINK = $(LINK)











From fedora-directory-commits at redhat.com  Thu Jan 31 23:51:49 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Thu, 31 Jan 2008 18:51:49 -0500
Subject: [Fedora-directory-commits] dsgw setup-ds-dsgw.in,1.3,1.4
Message-ID: <200801312351.m0VNpnVl020881@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20864

Modified Files:
	setup-ds-dsgw.in 
Log Message:
attributes in LDIF may be in mixed case - sed cannot portably do case insensitive matching - just use a simple sed search and replace for ldif attributes


Index: setup-ds-dsgw.in
===================================================================
RCS file: /cvs/dirsec/dsgw/setup-ds-dsgw.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- setup-ds-dsgw.in	31 Jan 2008 21:43:36 -0000	1.3
+++ setup-ds-dsgw.in	31 Jan 2008 23:51:47 -0000	1.4
@@ -33,22 +33,22 @@
 getValFromInf() {
 	cattr=$1
 	cfile=$2
-	rval=`grep -i ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*=[ 	]*//"`
+	rval=`grep ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*=[ 	]*//"`
 	echo $rval
 }
 
 getValFromConf() {
 	cattr=$1
 	cfile=$2
-	rval=`grep -i ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*//"`
+	rval=`grep ^$cattr $cfile | head -1 | sed -e "s/^$cattr[ 	]*//"`
 	echo $rval
 }
 
 getValFromLdif() {
 	cattr=$1
 	cfile=$2
-    num=${3:-1}
-	rval=`grep -i ^$cattr: $cfile | head -$num | sed -e "s/^$cattr:[ 	]*//"`
+	num=${3:-1}
+	rval=`grep -i ^$cattr: $cfile | head -$num | sed -e "s/^..*:[ 	]*//"`
 	echo $rval
 }
 
@@ -76,8 +76,8 @@
         httpurl="http://$host:$port"
     fi
     httpdconf=$admservdir/httpd.conf
-	dsgwuser=`ls -l $admservdir/local.conf | awk '{print $3}'`
-	dsgwgroup=`ls -l $admservdir/local.conf | awk '{print $4}'`
+    dsgwuser=`ls -l $admservdir/local.conf | awk '{print $3}'`
+    dsgwgroup=`ls -l $admservdir/local.conf | awk '{print $4}'`
 fi
 
 # see if there are any directory servers here



From fedora-directory-commits at redhat.com  Thu Jan 31 23:53:36 2008
From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins))
Date: Thu, 31 Jan 2008 18:53:36 -0500
Subject: [Fedora-directory-commits] 
	dsgw Makefile.am, 1.14, 1.15 Makefile.in, 1.15, 1.16
Message-ID: <200801312353.m0VNraqe020927@cvs-int.fedora.redhat.com>

Author: rmeggins

Update of /cvs/dirsec/dsgw
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20908

Modified Files:
	Makefile.am Makefile.in 
Log Message:
added perlpath for bundled installs


Index: Makefile.am
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.am,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- Makefile.am	31 Jan 2008 22:48:17 -0000	1.14
+++ Makefile.am	31 Jan 2008 23:53:34 -0000	1.15
@@ -35,12 +35,19 @@
 securitydir=$(instconfigdir)@securitydir@
 # relative to $localstatedir
 cookiedir=$(localstatedir)@cookiedir@
-perldir = $(libdir)@perldir@
 manualdir = $(datadir)@manualdir@
 manualsubdir = @manualsubdir@
 gwinfodir = $(manualdir)/en/$(manualsubdir)/info
 # this is the directory where the manuals will actually be installed
 maninstdir = $(manualdir)/en/$(manualsubdir)
+perldir = $(libdir)@perldir@
+
+# for a bundle, all of the components will be under libdir (e.g. prefix/lib)
+if BUNDLE
+perlpath=$(perldir) $(libdir)/perl/arch $(libdir)/perl
+else
+perlpath=$(perldir)
+endif
 
 DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)"
 


Index: Makefile.in
===================================================================
RCS file: /cvs/dirsec/dsgw/Makefile.in,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- Makefile.in	31 Jan 2008 22:48:17 -0000	1.15
+++ Makefile.in	31 Jan 2008 23:53:34 -0000	1.16
@@ -393,6 +393,10 @@
 gwinfodir = $(manualdir)/en/$(manualsubdir)/info
 # this is the directory where the manuals will actually be installed
 maninstdir = $(manualdir)/en/$(manualsubdir)
+ at BUNDLE_FALSE@perlpath = $(perldir)
+
+# for a bundle, all of the components will be under libdir (e.g. prefix/lib)
+ at BUNDLE_TRUE@perlpath = $(perldir) $(libdir)/perl/arch $(libdir)/perl
 DSGW_VER_STR := "Directory-Server-Gateway/$(PACKAGE_VERSION)"
 AM_CPPFLAGS = -DDSGW_VER_STR=\"$(DSGW_VER_STR)\" $(DEBUG_DEFINES) \
 	@adminutil_inc@ @icu_inc@ @ldapsdk_inc@ @nss_inc@ @nspr_inc@ \