[Fedora-directory-commits] adminutil/include/libadmsslutil admsslutil.h, 1.2, 1.3 certmgt.h, 1.2, 1.3 sslpset.h, 1.2, NONE
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Wed Apr 4 19:37:49 UTC 2007
- Previous message (by thread): [Fedora-directory-commits] adminutil/include/libadminutil admutil.h, 1.5, 1.6 distadm.h, 1.3, 1.4 psetc.h, 1.2, 1.3 resource.h, 1.2, 1.3
- Next message (by thread): [Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.6, 1.7 certmgt.c, 1.1.1.1, 1.2 psetcssl.c, 1.2, 1.3 secpwd.c, 1.1.1.1, 1.2 srvutilssl.c, 1.3, 1.4 uginfossl.c, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rmeggins
Update of /cvs/dirsec/adminutil/include/libadmsslutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30346/adminutil/include/libadmsslutil
Modified Files:
admsslutil.h certmgt.h
Removed Files:
sslpset.h
Log Message:
Resolves: bug 234420
Bug Description: adminutil: Use FHS paths and general code cleanup
Reviewed by: nkinder (Thanks!)
Fix Description:
1) Added a propertydir parameter to Makefile.am. This is where the .res files go. This also gets baked into the code so that the library knows where to find them.
2) The icu code expects the .res files to be in a packagename directory - packagename/foo.res not packagename_foo.res. I don't know how this ever worked. I also added en_US.res and en.res - icu recommends having the actual locale file rather than just falling back to the default root.res - see http://icu-project.org/userguide/ResourceManagement.html
3) There was quite a bit of dead code that I got rid of
4) Fixed many compiler warnings
5) There were quite a few memory leaks. The biggest one was probably in psetDelete, which did not actually delete the pset. Another one was the resource string handling - this returns malloc'd memory, and was never freed. I added the option to pass in a static sized buffer to hold the resource string - this may be truncated but we usually won't care. There were several places where the code was calling PR_Free on a data structure pointer - doing a "shallow" free rather than a "deep" free of all of the pointers in the data structure.
6) I merged in configuration from dbswitch.conf and other config files so that we could get rid of them and just have adm.conf. We'll have to take care of this during migration.
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: no
Index: admsslutil.h
===================================================================
RCS file: /cvs/dirsec/adminutil/include/libadmsslutil/admsslutil.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- admsslutil.h 6 Dec 2005 18:38:36 -0000 1.2
+++ admsslutil.h 4 Apr 2007 19:37:46 -0000 1.3
@@ -39,14 +39,16 @@
admldapBuildInfoSSL(AdmldapInfo info, int *errorcode);
PR_IMPLEMENT(int)
-admldapSetAdmGrpUserDirectoryCGI(char* directoryURL,
+admldapSetAdmGrpUserDirectoryCGI(AdmldapInfo info,
+ char* directoryURL,
char* bindDN,
char* bindPassword,
char* directoryInfoRef,
int* error_code);
PR_IMPLEMENT(int)
-admldapSetDomainUserDirectoryCGI(char* directoryURL,
+admldapSetDomainUserDirectoryCGI(AdmldapInfo info,
+ char* directoryURL,
char* bindDN,
char* bindPassword,
char* directoryInfoRef,
@@ -56,16 +58,10 @@
void MC_sslSecmodInit(char *path);
PR_IMPLEMENT(int)
-ADMSSL_Init(AdmldapInfo info, char *admroot);
+ADMSSL_Init(AdmldapInfo info, char *securitydir);
PR_IMPLEMENT(int)
-ADMSSL_InitSimple();
-
-PR_IMPLEMENT(int)
-ADMSSL_InitSimple2(char* serverRoot);
-
-PR_IMPLEMENT(void)
-servssl_init(PsetHndl pset, PRFileDesc *fd, char *admroot);
+ADMSSL_InitSimple(char *configdir, char *securitydir);
char *ADM_GetPassword(char *prompt);
@@ -74,11 +70,9 @@
#endif
void set_security(PsetHndl pset,
- char *sroot,
- char *security,
- char *cert_file,
- char *key_file);
-
+ char *securitydir, /* where security files (key/cert db) may be found */
+ char *configdir, /* where config files may be found */
+ char *security); /* on or off */
void _conf_setdefaults(void);
char *_conf_setciphers(char *ciphers);
@@ -87,7 +81,8 @@
const char *SSL_Strerror(PRErrorCode errNum);
-PR_IMPLEMENT(PRFileDesc*) SSLSocket_init(PRFileDesc *req_socket);
+PR_IMPLEMENT(PRFileDesc*)
+SSLSocket_init(PRFileDesc *req_socket, const char *configdir, const char *securitydir);
#ifdef __cplusplus
}
Index: certmgt.h
===================================================================
RCS file: /cvs/dirsec/adminutil/include/libadmsslutil/certmgt.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- certmgt.h 6 Dec 2005 18:38:36 -0000 1.2
+++ certmgt.h 4 Apr 2007 19:37:46 -0000 1.3
@@ -38,75 +38,9 @@
*/
#include "cert.h"
-
-/*
- * Description (CertMap_t)
- *
- * This is an alternative format to the CertObj_t structure. It
- * contains less information, but what is there is easier to use.
- */
-
-/*typedef struct CertMap_s CertMap_t;*/
-/*struct CertMap_s {*/
-/* char * username;*/ /* login name associated with cert */
-/* char * issuercn;*/ /* issuer common name */
-/* char * subjectcn;*/ /* subject common name */
-/* USI_t certid;*/ /* cert id in database */
-/*};*/
-
-/* common flags for all types of certificates */
-/* [copied from libsec/certdb.h] */
-#define CERTDB_VALID_PEER (1<<0)
-#define CERTDB_TRUSTED (1<<1)
-#define CERTDB_SEND_WARN (1<<2)
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4)
-#define CERTDB_NS_TRUSTED_CA (1<<5)
-#define CERTDB_USER (1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7)
-
-/*
- * This is the data stored in the permanent certificate database.
- * It is actually stored in the database as a stream of bytes of the
- * following format:
- *
- * byte offset field
- * ----------- -----
- * 0 sslFlags
- * 1 emailFlags
- * 2 paymentFlags
- * 3 derCert-len-msb
- * 4 derCert-len-lsb
- * 5 nickname-len-msb
- * 6 nickname-len-lsb
- * ... derCert
- * ... nickname
- *
- * NOTE: the nickname string as stored in the database is null terminated,
- * in other words, the last byte of the db entry is always 0
- * if a nickname is present.
- * NOTE: if nickname is not present, then nickname-len-msb and
- * nickname-len-lsb will both be zero.
- */
-struct _dbCert {
- PRArenaPool *arena;
- CERTCertTrust trust;
- SECItem derCert;
- char *nickname;
-};
-
-/* Flag values for cmgFilterCerts() */
-#define CMGF_REVERSE 0x1 /* reverse filter */
+#include "certdb.h"
/* Functions in certmgt.c */
-PR_EXPORT(int) cmgOpenCertDB(char * alias, CERTCertDBHandle**dbhandle);
-PR_EXPORT(void) cmgCloseCertDB(CERTCertDBHandle * handle);
-PR_EXPORT(int) cmgShowCerts(void * handle, char * caption);
-PR_EXPORT(int) cmgShowCertsBySlot(PK11SlotInfo *slot);
-PR_EXPORT(int) cmgShowInternalCerts(CERTCertDBHandle *handle);
-PR_EXPORT(CERTCertificate *) cmgFindCertByNickname(void * handle,
- char *nickname);
-PR_EXPORT(char *) cmgFormatName(CERTName *name);
PR_EXPORT(char *) cmgHTMLCertInfo(CERTCertificate *cert);
PR_EXPORT(CERTSignedCrl *) cmgFindCrlByName(CERTCertDBHandle *handle, char *name, int list_type);
PR_EXPORT(char *) cmgHTMLCrlInfo(CERTSignedCrl *crl);
--- sslpset.h DELETED ---
- Previous message (by thread): [Fedora-directory-commits] adminutil/include/libadminutil admutil.h, 1.5, 1.6 distadm.h, 1.3, 1.4 psetc.h, 1.2, 1.3 resource.h, 1.2, 1.3
- Next message (by thread): [Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.6, 1.7 certmgt.c, 1.1.1.1, 1.2 psetcssl.c, 1.2, 1.3 secpwd.c, 1.1.1.1, 1.2 srvutilssl.c, 1.3, 1.4 uginfossl.c, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Fedora-directory-commits
mailing list