diff options
author | Wan-Teh Chang <wtc@google.com> | 2014-01-23 19:13:44 -0800 |
---|---|---|
committer | Wan-Teh Chang <wtc@google.com> | 2014-01-23 19:13:44 -0800 |
commit | 6c28d3b3cf83498f65d56fe7c3f8fea2384f078b (patch) | |
tree | efe44ff8b90e7ec6472b947bb4e76212270bdf8e /lib/libpkix | |
parent | bdc8caef376306b7cddb6286793989c0ab43d627 (diff) | |
download | nss-hg-6c28d3b3cf83498f65d56fe7c3f8fea2384f078b.tar.gz |
Bug 928141: Add a build variable NSS_PKIX_NO_LDAP to conditionally
disable the LDAP code in libpkix. r=ryan.sleevi,rrelyea.
Diffstat (limited to 'lib/libpkix')
-rwxr-xr-x | lib/libpkix/include/pkix_errorstrings.h | 2 | ||||
-rwxr-xr-x | lib/libpkix/include/pkix_pl_pki.h | 2 | ||||
-rwxr-xr-x | lib/libpkix/include/pkix_sample_modules.h | 2 | ||||
-rwxr-xr-x | lib/libpkix/pkix/top/pkix_build.h | 2 | ||||
-rwxr-xr-x | lib/libpkix/pkix_pl_nss/module/config.mk | 20 | ||||
-rwxr-xr-x | lib/libpkix/pkix_pl_nss/module/manifest.mn | 12 | ||||
-rw-r--r-- | lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c | 12 | ||||
-rw-r--r-- | lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h | 4 | ||||
-rw-r--r-- | lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c | 4 | ||||
-rw-r--r-- | lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h | 2 | ||||
-rwxr-xr-x | lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h | 4 | ||||
-rwxr-xr-x | lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c | 2 | ||||
-rwxr-xr-x | lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h | 2 |
13 files changed, 60 insertions, 10 deletions
diff --git a/lib/libpkix/include/pkix_errorstrings.h b/lib/libpkix/include/pkix_errorstrings.h index dedf98c5b..c9910e7ab 100755 --- a/lib/libpkix/include/pkix_errorstrings.h +++ b/lib/libpkix/include/pkix_errorstrings.h @@ -576,7 +576,9 @@ PKIX_ERRORENTRY(INFOACCESSCREATELISTFAILED,pkix_pl_InfoAccess_CreateList failed, PKIX_ERRORENTRY(INFOACCESSGETLOCATIONFAILED,PKIX_PL_InfoAccess_GetLocation failed,0), PKIX_ERRORENTRY(INFOACCESSGETLOCATIONTYPEFAILED,PKIX_PL_InfoAccess_GetLocationType failed,0), PKIX_ERRORENTRY(INFOACCESSGETMETHODFAILED,PKIX_PL_InfoAccess_GetMethod failed,0), +#ifndef NSS_PKIX_NO_LDAP PKIX_ERRORENTRY(INFOACCESSPARSELOCATIONFAILED,pkix_pl_InfoAccess_ParseLocation failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION), +#endif PKIX_ERRORENTRY(INFOACCESSPARSETOKENSFAILED,pkix_pl_InfoAccess_ParseTokens failed,SEC_ERROR_BAD_INFO_ACCESS_LOCATION), PKIX_ERRORENTRY(INITIALIZECHECKERSFAILED,pkix_InitializeCheckers failed,0), PKIX_ERRORENTRY(INITIALIZEFAILED,PKIX_PL_Initialize failed,0), diff --git a/lib/libpkix/include/pkix_pl_pki.h b/lib/libpkix/include/pkix_pl_pki.h index 1157916f5..ac9deb8fd 100755 --- a/lib/libpkix/include/pkix_pl_pki.h +++ b/lib/libpkix/include/pkix_pl_pki.h @@ -1827,7 +1827,9 @@ PKIX_PL_Cert_GetCrlDp(PKIX_PL_Cert *cert, #define PKIX_INFOACCESS_LOCATION_UNKNOWN 0 #define PKIX_INFOACCESS_LOCATION_HTTP 1 +#ifndef NSS_PKIX_NO_LDAP #define PKIX_INFOACCESS_LOCATION_LDAP 2 +#endif /* * FUNCTION: PKIX_PL_InfoAccess_GetMethod diff --git a/lib/libpkix/include/pkix_sample_modules.h b/lib/libpkix/include/pkix_sample_modules.h index c031a1246..75d9618c5 100755 --- a/lib/libpkix/include/pkix_sample_modules.h +++ b/lib/libpkix/include/pkix_sample_modules.h @@ -117,6 +117,7 @@ PKIX_PL_Pk11CertStore_Create( PKIX_CertStore **pPk11CertStore, void *plContext); +#ifndef NSS_PKIX_NO_LDAP /* PKIX_PL_LdapCertStore * * A PKIX_PL_LdapCertStore retrieves certificates and CRLs from an LDAP server @@ -249,6 +250,7 @@ PKIX_PL_LdapCertStore_Create( PKIX_PL_LdapClient *client, PKIX_CertStore **pCertStore, void *plContext); +#endif /* !NSS_PKIX_NO_LDAP */ /* PKIX_PL_NssContext * diff --git a/lib/libpkix/pkix/top/pkix_build.h b/lib/libpkix/pkix/top/pkix_build.h index 91916d4c8..c23f45f1d 100755 --- a/lib/libpkix/pkix/top/pkix_build.h +++ b/lib/libpkix/pkix/top/pkix_build.h @@ -11,7 +11,9 @@ #ifndef _PKIX_BUILD_H #define _PKIX_BUILD_H #include "pkix_tools.h" +#ifndef NSS_PKIX_NO_LDAP #include "pkix_pl_ldapt.h" +#endif #include "pkix_ekuchecker.h" #ifdef __cplusplus diff --git a/lib/libpkix/pkix_pl_nss/module/config.mk b/lib/libpkix/pkix_pl_nss/module/config.mk index b8c03de79..2926747a2 100755 --- a/lib/libpkix/pkix_pl_nss/module/config.mk +++ b/lib/libpkix/pkix_pl_nss/module/config.mk @@ -13,3 +13,23 @@ SHARED_LIBRARY = IMPORT_LIBRARY = PROGRAM = +ifdef NSS_PKIX_NO_LDAP +LDAP_HEADERS = +LDAP_CSRCS = +else +LDAP_HEADERS = \ + pkix_pl_ldapt.h \ + pkix_pl_ldapcertstore.h \ + pkix_pl_ldapresponse.h \ + pkix_pl_ldaprequest.h \ + pkix_pl_ldapdefaultclient.h \ + $(NULL) + +LDAP_CSRCS = \ + pkix_pl_ldaptemplates.c \ + pkix_pl_ldapcertstore.c \ + pkix_pl_ldapresponse.c \ + pkix_pl_ldaprequest.c \ + pkix_pl_ldapdefaultclient.c \ + $(NULL) +endif diff --git a/lib/libpkix/pkix_pl_nss/module/manifest.mn b/lib/libpkix/pkix_pl_nss/module/manifest.mn index 12d3ceeaf..63bfd707e 100755 --- a/lib/libpkix/pkix_pl_nss/module/manifest.mn +++ b/lib/libpkix/pkix_pl_nss/module/manifest.mn @@ -12,11 +12,7 @@ PRIVATE_EXPORTS = \ pkix_pl_colcertstore.h \ pkix_pl_httpcertstore.h \ pkix_pl_httpdefaultclient.h \ - pkix_pl_ldapt.h \ - pkix_pl_ldapcertstore.h \ - pkix_pl_ldapresponse.h \ - pkix_pl_ldaprequest.h \ - pkix_pl_ldapdefaultclient.h \ + $(LDAP_HEADERS) \ pkix_pl_nsscontext.h \ pkix_pl_pk11certstore.h \ pkix_pl_socket.h \ @@ -32,11 +28,7 @@ CSRCS = \ pkix_pl_colcertstore.c \ pkix_pl_httpcertstore.c \ pkix_pl_httpdefaultclient.c \ - pkix_pl_ldaptemplates.c \ - pkix_pl_ldapcertstore.c \ - pkix_pl_ldapresponse.c \ - pkix_pl_ldaprequest.c \ - pkix_pl_ldapdefaultclient.c \ + $(LDAP_CSRCS) \ pkix_pl_nsscontext.c \ pkix_pl_pk11certstore.c \ pkix_pl_socket.c \ diff --git a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c index ffbab7f25..148c2c193 100644 --- a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c +++ b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.c @@ -11,6 +11,7 @@ #include "pkix_pl_aiamgr.h" extern PKIX_PL_HashTable *aiaConnectionCache; +#ifndef NSS_PKIX_NO_LDAP /* --Virtual-LdapClient-Functions------------------------------------ */ PKIX_Error * @@ -51,6 +52,7 @@ cleanup: PKIX_RETURN(LDAPCLIENT); } +#endif /* !NSS_PKIX_NO_LDAP */ /* --Private-AIAMgr-Functions----------------------------------*/ @@ -81,7 +83,9 @@ pkix_pl_AIAMgr_Destroy( PKIX_DECREF(aiaMgr->aia); PKIX_DECREF(aiaMgr->location); PKIX_DECREF(aiaMgr->results); +#ifndef NSS_PKIX_NO_LDAP PKIX_DECREF(aiaMgr->client.ldapClient); +#endif cleanup: @@ -114,6 +118,7 @@ pkix_pl_AIAMgr_RegisterSelf(void *plContext) PKIX_RETURN(AIAMGR); } +#ifndef NSS_PKIX_NO_LDAP /* * FUNCTION: pkix_pl_AiaMgr_FindLDAPClient * DESCRIPTION: @@ -212,6 +217,7 @@ cleanup: PKIX_RETURN(AIAMGR); } +#endif /* !NSS_PKIX_NO_LDAP */ PKIX_Error * pkix_pl_AIAMgr_GetHTTPCerts( @@ -388,6 +394,7 @@ cleanup: PKIX_RETURN(AIAMGR); } +#ifndef NSS_PKIX_NO_LDAP PKIX_Error * pkix_pl_AIAMgr_GetLDAPCerts( PKIX_PL_AIAMgr *aiaMgr, @@ -496,6 +503,7 @@ cleanup: PKIX_RETURN(AIAMGR); } +#endif /* !NSS_PKIX_NO_LDAP */ /* * FUNCTION: PKIX_PL_AIAMgr_Create @@ -632,10 +640,12 @@ PKIX_PL_AIAMgr_GetAIACerts( PKIX_CHECK(pkix_pl_AIAMgr_GetHTTPCerts (aiaMgr, ia, &nbio, &certs, plContext), PKIX_AIAMGRGETHTTPCERTSFAILED); +#ifndef NSS_PKIX_NO_LDAP } else if (iaType == PKIX_INFOACCESS_LOCATION_LDAP) { PKIX_CHECK(pkix_pl_AIAMgr_GetLDAPCerts (aiaMgr, ia, &nbio, &certs, plContext), PKIX_AIAMGRGETLDAPCERTSFAILED); +#endif } else { /* We only support http and ldap requests. */ PKIX_DECREF(ia); @@ -677,7 +687,9 @@ cleanup: if (PKIX_ERROR_RECEIVED) { PKIX_DECREF(aiaMgr->aia); PKIX_DECREF(aiaMgr->results); +#ifndef NSS_PKIX_NO_LDAP PKIX_DECREF(aiaMgr->client.ldapClient); +#endif } PKIX_DECREF(certs); diff --git a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h index 00b872f58..356c1ecdf 100644 --- a/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h +++ b/lib/libpkix/pkix_pl_nss/module/pkix_pl_aiamgr.h @@ -27,7 +27,9 @@ struct PKIX_PL_AIAMgrStruct { PKIX_PL_GeneralName *location; PKIX_List *results; union { +#ifndef NSS_PKIX_NO_LDAP PKIX_PL_LdapClient *ldapClient; +#endif struct { const SEC_HttpClientFcn *httpClient; SEC_HTTP_SERVER_SESSION serverSession; @@ -41,6 +43,7 @@ struct PKIX_PL_AIAMgrStruct { PKIX_Error *pkix_pl_AIAMgr_RegisterSelf(void *plContext); +#ifndef NSS_PKIX_NO_LDAP PKIX_Error *PKIX_PL_LdapClient_InitiateRequest( PKIX_PL_LdapClient *client, LDAPRequestParams *requestParams, @@ -53,6 +56,7 @@ PKIX_Error *PKIX_PL_LdapClient_ResumeRequest( void **pPollDesc, PKIX_List **pResponse, void *plContext); +#endif /* !NSS_PKIX_NO_LDAP */ #ifdef __cplusplus } diff --git a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c index 3ce6cbec2..9fa8e9260 100644 --- a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c +++ b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c @@ -481,9 +481,11 @@ PKIX_PL_InfoAccess_GetLocationType( PKIX_STRINGGETENCODEDFAILED); PKIX_OID_DEBUG("\tCalling PORT_Strcmp).\n"); +#ifndef NSS_PKIX_NO_LDAP if (PORT_Strncmp(location, "ldap:", 5) == 0){ type = PKIX_INFOACCESS_LOCATION_LDAP; } else +#endif if (PORT_Strncmp(location, "http:", 5) == 0){ type = PKIX_INFOACCESS_LOCATION_HTTP; } @@ -499,6 +501,7 @@ cleanup: PKIX_RETURN(INFOACCESS); } +#ifndef NSS_PKIX_NO_LDAP /* * FUNCTION: pkix_pl_InfoAccess_ParseTokens * DESCRIPTION: @@ -868,3 +871,4 @@ cleanup: PKIX_RETURN(INFOACCESS); } +#endif /* !NSS_PKIX_NO_LDAP */ diff --git a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h index f56bfe1ca..e69d7b413 100644 --- a/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h +++ b/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.h @@ -32,6 +32,7 @@ pkix_pl_InfoAccess_CreateList( PKIX_List **pAiaList, /* of PKIX_PL_InfoAccess */ void *plContext); +#ifndef NSS_PKIX_NO_LDAP PKIX_Error * pkix_pl_InfoAccess_ParseLocation( PKIX_PL_GeneralName *generalName, @@ -39,6 +40,7 @@ pkix_pl_InfoAccess_ParseLocation( LDAPRequestParams *request, char **pDomainName, void *plContext); +#endif /* !NSS_PKIX_NO_LDAP */ #ifdef __cplusplus } diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h b/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h index e1cb0283a..2946e07a6 100755 --- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h +++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_common.h @@ -38,7 +38,9 @@ /* private PKIX_PL_NSS system headers */ #include "pkix_pl_object.h" #include "pkix_pl_string.h" +#ifndef NSS_PKIX_NO_LDAP #include "pkix_pl_ldapt.h" +#endif /* !NSS_PKIX_NO_LDAP */ #include "pkix_pl_aiamgr.h" #include "pkix_pl_bigint.h" #include "pkix_pl_oid.h" @@ -62,9 +64,11 @@ #include "pkix_pl_ocspresponse.h" #include "pkix_pl_pk11certstore.h" #include "pkix_pl_socket.h" +#ifndef NSS_PKIX_NO_LDAP #include "pkix_pl_ldapcertstore.h" #include "pkix_pl_ldaprequest.h" #include "pkix_pl_ldapresponse.h" +#endif /* !NSS_PKIX_NO_LDAP */ #include "pkix_pl_nsscontext.h" #include "pkix_pl_httpcertstore.h" #include "pkix_pl_httpdefaultclient.h" diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c b/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c index 33381e63f..6bc74b611 100755 --- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c +++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.c @@ -204,9 +204,11 @@ PKIX_PL_Initialize( pkix_ForwardBuilderState_RegisterSelf(plContext); pkix_SignatureCheckerState_RegisterSelf(plContext); pkix_NameConstraintsCheckerState_RegisterSelf(plContext); +#ifndef NSS_PKIX_NO_LDAP pkix_pl_LdapRequest_RegisterSelf(plContext); pkix_pl_LdapResponse_RegisterSelf(plContext); pkix_pl_LdapDefaultClient_RegisterSelf(plContext); +#endif pkix_pl_Socket_RegisterSelf(plContext); pkix_ResourceLimits_RegisterSelf(plContext); /* 51-59 */ diff --git a/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h b/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h index 21c20333e..9660af123 100755 --- a/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h +++ b/lib/libpkix/pkix_pl_nss/system/pkix_pl_lifecycle.h @@ -33,10 +33,12 @@ #include "pkix_pl_crlentry.h" #include "pkix_pl_crl.h" #include "pkix_pl_colcertstore.h" +#ifndef NSS_PKIX_NO_LDAP #include "pkix_pl_ldapcertstore.h" #include "pkix_pl_ldapdefaultclient.h" #include "pkix_pl_ldaprequest.h" #include "pkix_pl_ldapresponse.h" +#endif /* !NSS_PKIX_NO_LDAP */ #include "pkix_pl_socket.h" #include "pkix_pl_infoaccess.h" #include "pkix_store.h" |