From 549ce82227f1dd8d17925e381f3447d2c834da8c Mon Sep 17 00:00:00 2001 From: cvs2hg Date: Thu, 7 Jun 2001 21:51:30 +0000 Subject: fixup commit for tag 'PREDJN_20010612' --- security/coreconf/.cshrc | 273 - security/coreconf/.profile | 216 - security/coreconf/AIX.mk | 74 - security/coreconf/AIX3.2.mk | 35 - security/coreconf/AIX4.1.mk | 46 - security/coreconf/AIX4.2.mk | 45 - security/coreconf/AIX4.3.mk | 52 - security/coreconf/BSD_OS.mk | 83 - security/coreconf/FreeBSD.mk | 79 - security/coreconf/HP-UX.mk | 71 - security/coreconf/HP-UXA.09.03.mk | 44 - security/coreconf/HP-UXA.09.07.mk | 43 - security/coreconf/HP-UXA.09.mk | 38 - security/coreconf/HP-UXB.10.01.mk | 40 - security/coreconf/HP-UXB.10.10.mk | 50 - security/coreconf/HP-UXB.10.20.mk | 50 - security/coreconf/HP-UXB.10.30.mk | 56 - security/coreconf/HP-UXB.10.mk | 38 - security/coreconf/HP-UXB.11.00.mk | 55 - security/coreconf/HP-UXB.11.mk | 65 - security/coreconf/IRIX.mk | 120 - security/coreconf/IRIX5.2.mk | 35 - security/coreconf/IRIX5.3.mk | 37 - security/coreconf/IRIX5.mk | 40 - security/coreconf/IRIX6.2.mk | 43 - security/coreconf/IRIX6.3.mk | 42 - security/coreconf/IRIX6.5.mk | 45 - security/coreconf/IRIX6.mk | 47 - security/coreconf/Linux.mk | 105 - security/coreconf/Linux2.1.mk | 44 - security/coreconf/Linux2.2.mk | 43 - security/coreconf/Linux2.4.mk | 43 - security/coreconf/LinuxELF1.2.mk | 36 - security/coreconf/LinuxELF2.0.mk | 36 - security/coreconf/Makefile | 43 - security/coreconf/NCR3.0.mk | 90 - security/coreconf/NEC4.2.mk | 61 - security/coreconf/NetBSD.mk | 77 - security/coreconf/OS2.mk | 220 - security/coreconf/OSF1.mk | 66 - security/coreconf/OSF1V2.0.mk | 35 - security/coreconf/OSF1V3.0.mk | 35 - security/coreconf/OSF1V3.2.mk | 44 - security/coreconf/OSF1V4.0.mk | 51 - security/coreconf/OSF1V4.0B.mk | 35 - security/coreconf/OSF1V4.0D.mk | 39 - security/coreconf/OSF1V5.0.mk | 47 - security/coreconf/OpenVMS.mk | 56 - security/coreconf/OpenVMSV7.1-2.mk | 22 - security/coreconf/README | 563 - security/coreconf/ReliantUNIX.mk | 83 - security/coreconf/ReliantUNIX5.4.mk | 35 - security/coreconf/SCOOS5.0.mk | 36 - security/coreconf/SCO_SV3.2.mk | 86 - security/coreconf/SunOS4.1.3_U1.mk | 58 - security/coreconf/SunOS5.3.mk | 38 - security/coreconf/SunOS5.4.mk | 38 - security/coreconf/SunOS5.4_i86pc.mk | 68 - security/coreconf/SunOS5.5.1.mk | 44 - security/coreconf/SunOS5.5.1_i86pc.mk | 46 - security/coreconf/SunOS5.5.mk | 42 - security/coreconf/SunOS5.6.mk | 44 - security/coreconf/SunOS5.6_i86pc.mk | 46 - security/coreconf/SunOS5.7.mk | 44 - security/coreconf/SunOS5.7_i86pc.mk | 48 - security/coreconf/SunOS5.8.mk | 44 - security/coreconf/SunOS5.8_i86pc.mk | 48 - security/coreconf/SunOS5.9.mk | 44 - security/coreconf/SunOS5.9_i86pc.mk | 48 - security/coreconf/SunOS5.mk | 151 - security/coreconf/UNIX.mk | 92 - security/coreconf/UNIXWARE2.1.mk | 51 - security/coreconf/WIN16.mk | 117 - security/coreconf/WIN32.mk | 104 - security/coreconf/WIN954.0.mk | 66 - security/coreconf/WINNT3.51.mk | 70 - security/coreconf/WINNT4.0.mk | 72 - security/coreconf/WINNT5.0.mk | 72 - security/coreconf/arch.mk | 305 - security/coreconf/command.mk | 54 - security/coreconf/config.mk | 150 - security/coreconf/coreconf.pl | 156 - security/coreconf/cpdist.pl | 195 - security/coreconf/headers.mk | 58 - security/coreconf/import.pl | 218 - security/coreconf/jdk.mk | 612 - security/coreconf/jniregen.pl | 92 - security/coreconf/location.mk | 58 - security/coreconf/makefile.win | 100 - security/coreconf/module.mk | 64 - security/coreconf/nsinstall/Makefile | 68 - security/coreconf/nsinstall/nfspwd | 46 - security/coreconf/nsinstall/nfspwd.pl | 46 - security/coreconf/nsinstall/nsinstall.c | 424 - security/coreconf/nsinstall/pathsub.c | 302 - security/coreconf/nsinstall/pathsub.h | 77 - security/coreconf/nsinstall/sunos4.h | 163 - security/coreconf/outofdate.pl | 67 - security/coreconf/platform.mk | 38 - security/coreconf/prefix.mk | 79 - security/coreconf/release.pl | 136 - security/coreconf/rules.mk | 937 - security/coreconf/ruleset.mk | 296 - security/coreconf/source.mk | 187 - security/coreconf/suffix.mk | 123 - security/coreconf/tree.mk | 114 - security/coreconf/version.mk | 103 - security/coreconf/version.pl | 76 - security/dbm/Makefile | 80 - security/dbm/include/Makefile | 86 - security/dbm/include/manifest.mn | 57 - security/dbm/manifest.mn | 46 - security/dbm/src/Makefile | 85 - security/dbm/src/config.mk | 66 - security/dbm/src/manifest.mn | 57 - security/dbm/tests/Makefile | 125 - security/nss/Makefile | 111 - security/nss/cmd/.cvsignore | 1 - security/nss/cmd/Makefile | 182 - security/nss/cmd/SSLsample/Makefile | 44 - security/nss/cmd/SSLsample/Makefile.NSS | 58 - security/nss/cmd/SSLsample/NSPRerrs.h | 133 - security/nss/cmd/SSLsample/README | 43 - security/nss/cmd/SSLsample/SECerrs.h | 441 - security/nss/cmd/SSLsample/SSLerrs.h | 366 - security/nss/cmd/SSLsample/client.c | 449 - security/nss/cmd/SSLsample/client.mn | 50 - security/nss/cmd/SSLsample/gencerts | 79 - security/nss/cmd/SSLsample/make.client | 78 - security/nss/cmd/SSLsample/make.server | 77 - security/nss/cmd/SSLsample/nmakefile95.nss | 60 - security/nss/cmd/SSLsample/nmakefilent.nss | 59 - security/nss/cmd/SSLsample/server.c | 821 - security/nss/cmd/SSLsample/server.mn | 48 - security/nss/cmd/SSLsample/sslerror.h | 110 - security/nss/cmd/SSLsample/sslsample.c | 590 - security/nss/cmd/SSLsample/sslsample.h | 178 - security/nss/cmd/addbuiltin/Makefile | 76 - security/nss/cmd/addbuiltin/addbuiltin.c | 337 - security/nss/cmd/addbuiltin/manifest.mn | 49 - security/nss/cmd/atob/Makefile | 76 - security/nss/cmd/atob/atob.c | 177 - security/nss/cmd/atob/makefile.win | 155 - security/nss/cmd/atob/manifest.mn | 50 - security/nss/cmd/bltest/Makefile | 82 - security/nss/cmd/bltest/blapitest.c | 2282 - security/nss/cmd/bltest/manifest.mn | 52 - security/nss/cmd/bltest/tests/README | 26 - security/nss/cmd/bltest/tests/aes_cbc/numtests | 1 - security/nss/cmd/bltest/tests/aes_ecb/numtests | 1 - security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 | 1 - security/nss/cmd/bltest/tests/des3_cbc/iv0 | 1 - security/nss/cmd/bltest/tests/des3_cbc/key0 | 1 - security/nss/cmd/bltest/tests/des3_cbc/numtests | 1 - security/nss/cmd/bltest/tests/des3_cbc/plaintext0 | 1 - security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 | 1 - security/nss/cmd/bltest/tests/des3_ecb/key0 | 1 - security/nss/cmd/bltest/tests/des3_ecb/numtests | 1 - security/nss/cmd/bltest/tests/des3_ecb/plaintext0 | 1 - security/nss/cmd/bltest/tests/des_cbc/ciphertext0 | 1 - security/nss/cmd/bltest/tests/des_cbc/iv0 | 1 - security/nss/cmd/bltest/tests/des_cbc/key0 | 1 - security/nss/cmd/bltest/tests/des_cbc/numtests | 1 - security/nss/cmd/bltest/tests/des_cbc/plaintext0 | 1 - security/nss/cmd/bltest/tests/des_ecb/ciphertext0 | 1 - security/nss/cmd/bltest/tests/des_ecb/key0 | 1 - security/nss/cmd/bltest/tests/des_ecb/numtests | 1 - security/nss/cmd/bltest/tests/des_ecb/plaintext0 | 1 - security/nss/cmd/bltest/tests/dsa/ciphertext0 | 1 - security/nss/cmd/bltest/tests/dsa/key0 | 6 - security/nss/cmd/bltest/tests/dsa/keyseed0 | 1 - security/nss/cmd/bltest/tests/dsa/numtests | 1 - security/nss/cmd/bltest/tests/dsa/plaintext0 | 1 - security/nss/cmd/bltest/tests/dsa/pqg0 | 4 - security/nss/cmd/bltest/tests/dsa/sigseed0 | 1 - security/nss/cmd/bltest/tests/md2/ciphertext0 | 1 - security/nss/cmd/bltest/tests/md2/numtests | 1 - security/nss/cmd/bltest/tests/md2/plaintext0 | 1 - security/nss/cmd/bltest/tests/md5/ciphertext0 | 1 - security/nss/cmd/bltest/tests/md5/numtests | 1 - security/nss/cmd/bltest/tests/md5/plaintext0 | 1 - security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rc2_cbc/iv0 | 1 - security/nss/cmd/bltest/tests/rc2_cbc/key0 | 1 - security/nss/cmd/bltest/tests/rc2_cbc/numtests | 1 - security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 | 1 - security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rc2_ecb/key0 | 1 - security/nss/cmd/bltest/tests/rc2_ecb/numtests | 1 - security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 | 1 - security/nss/cmd/bltest/tests/rc4/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rc4/ciphertext1 | 1 - security/nss/cmd/bltest/tests/rc4/key0 | 1 - security/nss/cmd/bltest/tests/rc4/key1 | 1 - security/nss/cmd/bltest/tests/rc4/numtests | 1 - security/nss/cmd/bltest/tests/rc4/plaintext0 | 1 - security/nss/cmd/bltest/tests/rc4/plaintext1 | 1 - security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rc5_cbc/iv0 | 1 - security/nss/cmd/bltest/tests/rc5_cbc/key0 | 1 - security/nss/cmd/bltest/tests/rc5_cbc/numtests | 1 - security/nss/cmd/bltest/tests/rc5_cbc/params0 | 2 - security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 | 1 - security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rc5_ecb/key0 | 1 - security/nss/cmd/bltest/tests/rc5_ecb/numtests | 1 - security/nss/cmd/bltest/tests/rc5_ecb/params0 | 2 - security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 | 1 - security/nss/cmd/bltest/tests/rsa/ciphertext0 | 1 - security/nss/cmd/bltest/tests/rsa/key0 | 4 - security/nss/cmd/bltest/tests/rsa/numtests | 1 - security/nss/cmd/bltest/tests/rsa/plaintext0 | 1 - security/nss/cmd/bltest/tests/sha1/ciphertext0 | 1 - security/nss/cmd/bltest/tests/sha1/numtests | 1 - security/nss/cmd/bltest/tests/sha1/plaintext0 | 1 - security/nss/cmd/btoa/Makefile | 75 - security/nss/cmd/btoa/btoa.c | 196 - security/nss/cmd/btoa/makefile.win | 130 - security/nss/cmd/btoa/manifest.mn | 49 - security/nss/cmd/certcgi/Makefile | 76 - security/nss/cmd/certcgi/ca.html | 48 - security/nss/cmd/certcgi/ca_form.html | 385 - security/nss/cmd/certcgi/certcgi.c | 2431 - security/nss/cmd/certcgi/index.html | 956 - security/nss/cmd/certcgi/main.html | 105 - security/nss/cmd/certcgi/manifest.mn | 50 - security/nss/cmd/certcgi/nscp_ext_form.html | 113 - security/nss/cmd/certcgi/stnd_ext_form.html | 247 - security/nss/cmd/certutil/Makefile | 76 - security/nss/cmd/certutil/certutil.c | 2671 - security/nss/cmd/certutil/keystuff.c | 498 - security/nss/cmd/certutil/makefile.win | 155 - security/nss/cmd/certutil/manifest.mn | 52 - security/nss/cmd/checkcert/Makefile | 76 - security/nss/cmd/checkcert/checkcert.c | 640 - security/nss/cmd/checkcert/makefile.win | 130 - security/nss/cmd/checkcert/manifest.mn | 47 - security/nss/cmd/crlutil/Makefile | 76 - security/nss/cmd/crlutil/crlutil.c | 371 - security/nss/cmd/crlutil/makefile.win | 130 - security/nss/cmd/crlutil/manifest.mn | 53 - security/nss/cmd/crmf-cgi/Makefile | 81 - security/nss/cmd/crmf-cgi/config.mk | 44 - security/nss/cmd/crmf-cgi/crmfcgi.c | 1123 - security/nss/cmd/crmf-cgi/crmfcgi.html | 165 - security/nss/cmd/crmf-cgi/manifest.mn | 61 - security/nss/cmd/crmftest/Makefile | 99 - security/nss/cmd/crmftest/config.mk | 43 - security/nss/cmd/crmftest/manifest.mn | 53 - security/nss/cmd/crmftest/testcrmf.c | 1527 - security/nss/cmd/dbck/Makefile | 75 - security/nss/cmd/dbck/dbck.c | 1869 - security/nss/cmd/dbck/manifest.mn | 49 - security/nss/cmd/derdump/Makefile | 76 - security/nss/cmd/derdump/derdump.c | 135 - security/nss/cmd/derdump/makefile.win | 130 - security/nss/cmd/derdump/manifest.mn | 49 - security/nss/cmd/digest/Makefile | 76 - security/nss/cmd/digest/digest.c | 250 - security/nss/cmd/digest/makefile.win | 130 - security/nss/cmd/digest/manifest.mn | 50 - security/nss/cmd/ilock/Makefile | 75 - security/nss/cmd/ilock/ilock.c | 199 - security/nss/cmd/ilock/manifest.mn | 44 - security/nss/cmd/include/secnew.h | 163 - security/nss/cmd/keyutil/Makefile | 73 - security/nss/cmd/keyutil/keyutil.c | 340 - security/nss/cmd/keyutil/manifest.mn | 50 - security/nss/cmd/lib/Makefile | 75 - security/nss/cmd/lib/NSPRerrs.h | 133 - security/nss/cmd/lib/SECerrs.h | 441 - security/nss/cmd/lib/SSLerrs.h | 366 - security/nss/cmd/lib/berparse.c | 404 - security/nss/cmd/lib/config.mk | 43 - security/nss/cmd/lib/derprint.c | 619 - security/nss/cmd/lib/dongle.c | 249 - security/nss/cmd/lib/fe_util.c | 40 - security/nss/cmd/lib/ffs.c | 48 - security/nss/cmd/lib/filestub.c | 1118 - security/nss/cmd/lib/makefile.win | 66 - security/nss/cmd/lib/manifest.mn | 68 - security/nss/cmd/lib/secarb.c | 372 - security/nss/cmd/lib/seccnames.c | 202 - security/nss/cmd/lib/secerror.c | 107 - security/nss/cmd/lib/secpwd.c | 187 - security/nss/cmd/lib/secutil.c | 2526 - security/nss/cmd/lib/secutil.h | 356 - security/nss/cmd/lib/sslstubs.c | 74 - security/nss/cmd/lib/strerror.c | 127 - security/nss/cmd/lib/stubs.c | 50 - security/nss/cmd/makefile.inc | 84 - security/nss/cmd/makefile.win | 48 - security/nss/cmd/makepqg/Makefile | 77 - security/nss/cmd/makepqg/makefile.win | 156 - security/nss/cmd/makepqg/makepqg.c | 277 - security/nss/cmd/makepqg/manifest.mn | 47 - security/nss/cmd/makepqg/testit.ksh | 41 - security/nss/cmd/manifest.mn | 87 - security/nss/cmd/modutil/Makefile | 80 - security/nss/cmd/modutil/README | 7 - security/nss/cmd/modutil/README.TXT | 7 - security/nss/cmd/modutil/config.mk | 77 - security/nss/cmd/modutil/error.h | 180 - security/nss/cmd/modutil/install-ds.c | 1541 - security/nss/cmd/modutil/install-ds.h | 290 - security/nss/cmd/modutil/install.c | 979 - security/nss/cmd/modutil/install.h | 130 - security/nss/cmd/modutil/installparse.c | 429 - security/nss/cmd/modutil/installparse.h | 3 - security/nss/cmd/modutil/installparse.l | 166 - security/nss/cmd/modutil/installparse.y | 133 - security/nss/cmd/modutil/instsec.c | 178 - security/nss/cmd/modutil/lex.Pk11Install_yy.c | 1691 - security/nss/cmd/modutil/manifest.mn | 59 - security/nss/cmd/modutil/modutil.c | 882 - security/nss/cmd/modutil/modutil.h | 64 - security/nss/cmd/modutil/pk11.c | 811 - security/nss/cmd/modutil/pk11jar.html | 309 - security/nss/cmd/modutil/rules.mk | 54 - security/nss/cmd/modutil/specification.html | 351 - security/nss/cmd/ocspclnt/Makefile | 73 - security/nss/cmd/ocspclnt/manifest.mn | 54 - security/nss/cmd/ocspclnt/ocspclnt.c | 1220 - security/nss/cmd/oidcalc/Makefile | 76 - security/nss/cmd/oidcalc/manifest.mn | 47 - security/nss/cmd/oidcalc/oidcalc.c | 117 - security/nss/cmd/p7content/Makefile | 75 - security/nss/cmd/p7content/manifest.mn | 46 - security/nss/cmd/p7content/p7content.c | 267 - security/nss/cmd/p7env/Makefile | 75 - security/nss/cmd/p7env/manifest.mn | 46 - security/nss/cmd/p7env/p7env.c | 273 - security/nss/cmd/p7sign/Makefile | 75 - security/nss/cmd/p7sign/manifest.mn | 46 - security/nss/cmd/p7sign/p7sign.c | 267 - security/nss/cmd/p7verify/Makefile | 75 - security/nss/cmd/p7verify/manifest.mn | 46 - security/nss/cmd/p7verify/p7verify.c | 301 - security/nss/cmd/pk12util/Makefile | 76 - security/nss/cmd/pk12util/manifest.mn | 51 - security/nss/cmd/pk12util/pk12util.c | 983 - security/nss/cmd/pk12util/pk12util.h | 70 - security/nss/cmd/platlibs.mk | 179 - security/nss/cmd/platrules.mk | 47 - security/nss/cmd/pp/Makefile | 75 - security/nss/cmd/pp/manifest.mn | 47 - security/nss/cmd/pp/pp.c | 174 - security/nss/cmd/rsaperf/Makefile | 82 - security/nss/cmd/rsaperf/defkey.c | 201 - security/nss/cmd/rsaperf/manifest.mn | 50 - security/nss/cmd/rsaperf/rsaperf.c | 402 - security/nss/cmd/samples/cert | 15 - security/nss/cmd/samples/cert0 | Bin 505 -> 0 bytes security/nss/cmd/samples/cert1 | Bin 515 -> 0 bytes security/nss/cmd/samples/cert2 | Bin 528 -> 0 bytes security/nss/cmd/samples/pkcs7.ber | Bin 1771 -> 0 bytes security/nss/cmd/samples/pkcs7bday.ber | Bin 1881 -> 0 bytes security/nss/cmd/samples/pkcs7cnet.ber | Bin 3330 -> 0 bytes security/nss/cmd/samples/pkcs7news.ber | Bin 255328 -> 0 bytes security/nss/cmd/samples/x509v3.der | Bin 463 -> 0 bytes security/nss/cmd/samples/x509v3.txt | 10 - security/nss/cmd/sdrtest/Makefile | 73 - security/nss/cmd/sdrtest/manifest.mn | 54 - security/nss/cmd/sdrtest/sdrtest.c | 282 - security/nss/cmd/selfserv/Makefile | 74 - security/nss/cmd/selfserv/makefile.win | 136 - security/nss/cmd/selfserv/manifest.mn | 48 - security/nss/cmd/selfserv/selfserv.c | 1508 - security/nss/cmd/signtool/Makefile | 87 - security/nss/cmd/signtool/README | 119 - security/nss/cmd/signtool/README.TXT | 119 - security/nss/cmd/signtool/certgen.c | 727 - security/nss/cmd/signtool/javascript.c | 1787 - security/nss/cmd/signtool/list.c | 281 - security/nss/cmd/signtool/manifest.mn | 55 - security/nss/cmd/signtool/sign.c | 853 - security/nss/cmd/signtool/signtool.c | 1011 - security/nss/cmd/signtool/signtool.h | 139 - security/nss/cmd/signtool/util.c | 969 - security/nss/cmd/signtool/verify.c | 366 - security/nss/cmd/signtool/zip.c | 678 - security/nss/cmd/signtool/zip.h | 100 - security/nss/cmd/signver/Makefile | 71 - security/nss/cmd/signver/examples/1/form.pl | 50 - .../nss/cmd/signver/examples/1/signedForm.html | 84 - .../nss/cmd/signver/examples/1/signedForm.nt.html | 84 - security/nss/cmd/signver/examples/1/signedForm.pl | 88 - security/nss/cmd/signver/manifest.mn | 54 - security/nss/cmd/signver/pk7print.c | 918 - security/nss/cmd/signver/signver.c | 448 - security/nss/cmd/smimetools/Makefile | 73 - security/nss/cmd/smimetools/cmsutil.c | 1357 - security/nss/cmd/smimetools/manifest.mn | 45 - security/nss/cmd/smimetools/rules.mk | 37 - security/nss/cmd/smimetools/smime | 573 - security/nss/cmd/sslstrength/Makefile | 72 - security/nss/cmd/sslstrength/manifest.mn | 50 - security/nss/cmd/sslstrength/sslstr.cgi | 296 - security/nss/cmd/sslstrength/sslstrength.c | 640 - security/nss/cmd/sslstrength/sslwrap | 181 - security/nss/cmd/ssltap/Makefile | 79 - security/nss/cmd/ssltap/config.mk | 52 - security/nss/cmd/ssltap/manifest.mn | 53 - security/nss/cmd/ssltap/ssltap-manual.html | 199 - security/nss/cmd/ssltap/ssltap.c | 1339 - security/nss/cmd/strsclnt/Makefile | 75 - security/nss/cmd/strsclnt/manifest.mn | 47 - security/nss/cmd/strsclnt/strsclnt.c | 1095 - security/nss/cmd/swfort/Makefile | 108 - security/nss/cmd/swfort/instinit/Makefile | 75 - security/nss/cmd/swfort/instinit/instinit.c | 422 - security/nss/cmd/swfort/instinit/manifest.mn | 46 - security/nss/cmd/swfort/manifest.mn | 38 - security/nss/cmd/swfort/newuser/Makefile | 83 - security/nss/cmd/swfort/newuser/manifest.mn | 45 - security/nss/cmd/swfort/newuser/mktst.c | 254 - security/nss/cmd/swfort/newuser/newuser.c | 1140 - security/nss/cmd/tstclnt/Makefile | 82 - security/nss/cmd/tstclnt/makefile.win | 130 - security/nss/cmd/tstclnt/manifest.mn | 50 - security/nss/cmd/tstclnt/tstclnt.c | 690 - security/nss/cmd/ttformat/Makefile | 74 - security/nss/cmd/ttformat/manifest.mn | 48 - security/nss/cmd/ttformat/nClient | 49 - security/nss/cmd/ttformat/nServ | 49 - security/nss/cmd/ttformat/redux.pl | 77 - security/nss/cmd/ttformat/reduxhwm.pl | 33 - security/nss/cmd/ttformat/ttformat.c | 135 - security/nss/cmd/zlib/Makefile | 75 - security/nss/cmd/zlib/README | 99 - security/nss/cmd/zlib/adler32.c | 48 - security/nss/cmd/zlib/compress.c | 57 - security/nss/cmd/zlib/config.mk | 67 - security/nss/cmd/zlib/crc32.c | 162 - security/nss/cmd/zlib/deflate.c | 1209 - security/nss/cmd/zlib/deflate.h | 275 - security/nss/cmd/zlib/example.c | 503 - security/nss/cmd/zlib/gzio.c | 537 - security/nss/cmd/zlib/infblock.c | 406 - security/nss/cmd/zlib/infblock.h | 37 - security/nss/cmd/zlib/infcodes.c | 247 - security/nss/cmd/zlib/infcodes.h | 27 - security/nss/cmd/zlib/inffast.c | 168 - security/nss/cmd/zlib/inffast.h | 17 - security/nss/cmd/zlib/inflate.c | 346 - security/nss/cmd/zlib/inftrees.c | 479 - security/nss/cmd/zlib/inftrees.h | 59 - security/nss/cmd/zlib/infutil.c | 87 - security/nss/cmd/zlib/infutil.h | 99 - security/nss/cmd/zlib/makefile.win | 91 - security/nss/cmd/zlib/manifest.mn | 60 - security/nss/cmd/zlib/minigzip.c | 246 - security/nss/cmd/zlib/netscape_mods.doc | 43 - security/nss/cmd/zlib/stubs.c | 17 - security/nss/cmd/zlib/trees.c | 1143 - security/nss/cmd/zlib/uncompr.c | 58 - security/nss/cmd/zlib/zconf.h | 190 - security/nss/cmd/zlib/zip16.def | 24 - security/nss/cmd/zlib/zip_nodl.c | 50 - security/nss/cmd/zlib/zlib.h | 892 - security/nss/cmd/zlib/zutil.c | 215 - security/nss/cmd/zlib/zutil.h | 210 - security/nss/lib/Makefile | 89 - security/nss/lib/asn1/Makefile | 38 - security/nss/lib/asn1/asn1.c | 1726 - security/nss/lib/asn1/asn1.h | 879 - security/nss/lib/asn1/asn1m.h | 80 - security/nss/lib/asn1/asn1t.h | 166 - security/nss/lib/asn1/config.mk | 37 - security/nss/lib/asn1/manifest.mn | 55 - security/nss/lib/asn1/nssasn1t.h | 67 - security/nss/lib/base/Makefile | 40 - security/nss/lib/base/arena.c | 1121 - security/nss/lib/base/base.h | 1063 - security/nss/lib/base/baset.h | 147 - security/nss/lib/base/config.mk | 48 - security/nss/lib/base/error.c | 298 - security/nss/lib/base/errorval.c | 77 - security/nss/lib/base/hashops.c | 117 - security/nss/lib/base/item.c | 228 - security/nss/lib/base/libc.c | 197 - security/nss/lib/base/manifest.mn | 62 - security/nss/lib/base/nssbase.h | 167 - security/nss/lib/base/nssbaset.h | 153 - security/nss/lib/base/tracker.c | 544 - security/nss/lib/base/utf8.c | 759 - security/nss/lib/base/whatnspr.c | 170 - security/nss/lib/certdb/.cvsignore | 1 - security/nss/lib/certdb/Makefile | 76 - security/nss/lib/certdb/alg1485.c | 970 - security/nss/lib/certdb/cdbhdl.h | 57 - security/nss/lib/certdb/cert.h | 1421 - security/nss/lib/certdb/certdb.c | 2433 - security/nss/lib/certdb/certdb.h | 396 - security/nss/lib/certdb/certinit.c | 414 - security/nss/lib/certdb/certt.h | 818 - security/nss/lib/certdb/certv3.c | 406 - security/nss/lib/certdb/certxutl.c | 482 - security/nss/lib/certdb/certxutl.h | 79 - security/nss/lib/certdb/config.mk | 43 - security/nss/lib/certdb/crl.c | 398 - security/nss/lib/certdb/genname.c | 1610 - security/nss/lib/certdb/genname.h | 125 - security/nss/lib/certdb/manifest.mn | 71 - security/nss/lib/certdb/polcyxtn.c | 541 - security/nss/lib/certdb/secname.c | 639 - security/nss/lib/certdb/xauthkid.c | 147 - security/nss/lib/certdb/xbsconst.c | 167 - security/nss/lib/certdb/xconst.c | 253 - security/nss/lib/certdb/xconst.h | 85 - security/nss/lib/certhigh/Makefile | 76 - security/nss/lib/certhigh/certhigh.c | 1118 - security/nss/lib/certhigh/certhtml.c | 623 - security/nss/lib/certhigh/certreq.c | 230 - security/nss/lib/certhigh/certvfy.c | 1575 - security/nss/lib/certhigh/config.mk | 43 - security/nss/lib/certhigh/crlv2.c | 126 - security/nss/lib/certhigh/manifest.mn | 59 - security/nss/lib/certhigh/ocsp.c | 3897 -- security/nss/lib/certhigh/ocsp.h | 452 - security/nss/lib/certhigh/ocspt.h | 59 - security/nss/lib/certhigh/ocspti.h | 398 - security/nss/lib/certhigh/xcrldist.c | 222 - security/nss/lib/ckfw/.cvsignore | 4 - security/nss/lib/ckfw/Makefile | 49 - security/nss/lib/ckfw/builtins/.cvsignore | 1 - security/nss/lib/ckfw/builtins/Makefile | 97 - security/nss/lib/ckfw/builtins/anchor.c | 50 - security/nss/lib/ckfw/builtins/builtins.h | 103 - security/nss/lib/ckfw/builtins/certdata.c | 7661 --- security/nss/lib/ckfw/builtins/certdata.perl | 292 - security/nss/lib/ckfw/builtins/certdata.txt | 7669 --- security/nss/lib/ckfw/builtins/config.mk | 51 - security/nss/lib/ckfw/builtins/constants.c | 82 - security/nss/lib/ckfw/builtins/find.c | 237 - security/nss/lib/ckfw/builtins/instance.c | 130 - security/nss/lib/ckfw/builtins/manifest.mn | 55 - security/nss/lib/ckfw/builtins/object.c | 254 - security/nss/lib/ckfw/builtins/session.c | 108 - security/nss/lib/ckfw/builtins/slot.c | 124 - security/nss/lib/ckfw/builtins/token.c | 184 - security/nss/lib/ckfw/ck.api | 571 - security/nss/lib/ckfw/ck.h | 121 - security/nss/lib/ckfw/ckapi.perl | 510 - security/nss/lib/ckfw/ckfw.h | 1858 - security/nss/lib/ckfw/ckfwm.h | 161 - security/nss/lib/ckfw/ckfwtm.h | 56 - security/nss/lib/ckfw/ckmd.h | 65 - security/nss/lib/ckfw/ckt.h | 199 - security/nss/lib/ckfw/config.mk | 54 - security/nss/lib/ckfw/dbm/Makefile | 38 - security/nss/lib/ckfw/dbm/anchor.c | 50 - security/nss/lib/ckfw/dbm/ckdbm.h | 281 - security/nss/lib/ckfw/dbm/config.mk | 37 - security/nss/lib/ckfw/dbm/db.c | 1065 - security/nss/lib/ckfw/dbm/find.c | 166 - security/nss/lib/ckfw/dbm/instance.c | 196 - security/nss/lib/ckfw/dbm/manifest.mn | 54 - security/nss/lib/ckfw/dbm/object.c | 204 - security/nss/lib/ckfw/dbm/session.c | 298 - security/nss/lib/ckfw/dbm/slot.c | 214 - security/nss/lib/ckfw/dbm/token.c | 315 - security/nss/lib/ckfw/find.c | 408 - security/nss/lib/ckfw/hash.c | 334 - security/nss/lib/ckfw/instance.c | 1310 - security/nss/lib/ckfw/manifest.mn | 81 - security/nss/lib/ckfw/mechanism.c | 165 - security/nss/lib/ckfw/mutex.c | 346 - security/nss/lib/ckfw/nsprstub.c | 442 - security/nss/lib/ckfw/nssck.api | 1889 - security/nss/lib/ckfw/nssckepv.h | 132 - security/nss/lib/ckfw/nssckft.h | 492 - security/nss/lib/ckfw/nssckfw.h | 499 - security/nss/lib/ckfw/nssckfwc.h | 1046 - security/nss/lib/ckfw/nssckfwt.h | 111 - security/nss/lib/ckfw/nssckg.h | 560 - security/nss/lib/ckfw/nssckmdt.h | 2014 - security/nss/lib/ckfw/nssckp.h | 66 - security/nss/lib/ckfw/nssckt.h | 1123 - security/nss/lib/ckfw/nsscku.h | 71 - security/nss/lib/ckfw/object.c | 1044 - security/nss/lib/ckfw/session.c | 1962 - security/nss/lib/ckfw/sessobj.c | 1091 - security/nss/lib/ckfw/slot.c | 753 - security/nss/lib/ckfw/token.c | 1864 - security/nss/lib/ckfw/wrap.c | 3419 -- security/nss/lib/crmf/Makefile | 77 - security/nss/lib/crmf/asn1cmn.c | 243 - security/nss/lib/crmf/challcli.c | 285 - security/nss/lib/crmf/cmmf.h | 1119 - security/nss/lib/crmf/cmmfasn1.c | 158 - security/nss/lib/crmf/cmmfchal.c | 322 - security/nss/lib/crmf/cmmfi.h | 127 - security/nss/lib/crmf/cmmfit.h | 145 - security/nss/lib/crmf/cmmfrec.c | 337 - security/nss/lib/crmf/cmmfresp.c | 312 - security/nss/lib/crmf/cmmft.h | 102 - security/nss/lib/crmf/config.mk | 44 - security/nss/lib/crmf/crmf.h | 1779 - security/nss/lib/crmf/crmfcont.c | 1165 - security/nss/lib/crmf/crmfdec.c | 380 - security/nss/lib/crmf/crmfenc.c | 84 - security/nss/lib/crmf/crmffut.h | 390 - security/nss/lib/crmf/crmfget.c | 478 - security/nss/lib/crmf/crmfi.h | 186 - security/nss/lib/crmf/crmfit.h | 216 - security/nss/lib/crmf/crmfpop.c | 604 - security/nss/lib/crmf/crmfreq.c | 697 - security/nss/lib/crmf/crmft.h | 217 - security/nss/lib/crmf/crmftmpl.c | 289 - security/nss/lib/crmf/encutil.c | 63 - security/nss/lib/crmf/manifest.mn | 73 - security/nss/lib/crmf/respcli.c | 167 - security/nss/lib/crmf/respcmn.c | 415 - security/nss/lib/crmf/servget.c | 1008 - security/nss/lib/cryptohi/Makefile | 77 - security/nss/lib/cryptohi/config.mk | 43 - security/nss/lib/cryptohi/cryptohi.h | 250 - security/nss/lib/cryptohi/cryptoht.h | 45 - security/nss/lib/cryptohi/dsautil.c | 229 - security/nss/lib/cryptohi/hasht.h | 93 - security/nss/lib/cryptohi/key.h | 44 - security/nss/lib/cryptohi/keyhi.h | 233 - security/nss/lib/cryptohi/keyt.h | 46 - security/nss/lib/cryptohi/keythi.h | 83 - security/nss/lib/cryptohi/manifest.mn | 64 - security/nss/lib/cryptohi/sechash.c | 281 - security/nss/lib/cryptohi/sechash.h | 79 - security/nss/lib/cryptohi/seckey.c | 1695 - security/nss/lib/cryptohi/secsign.c | 500 - security/nss/lib/cryptohi/secvfy.c | 495 - security/nss/lib/fortcrypt/Makefile | 168 - security/nss/lib/fortcrypt/config.mk | 43 - security/nss/lib/fortcrypt/cryptint.h | 703 - security/nss/lib/fortcrypt/fmutex.c | 113 - security/nss/lib/fortcrypt/fmutex.h | 57 - security/nss/lib/fortcrypt/forsock.c | 815 - security/nss/lib/fortcrypt/fortinst.htm | 161 - security/nss/lib/fortcrypt/fortpk11.c | 4544 -- security/nss/lib/fortcrypt/fortsock.h | 105 - security/nss/lib/fortcrypt/fpkcs11.h | 170 - security/nss/lib/fortcrypt/fpkcs11f.h | 953 - security/nss/lib/fortcrypt/fpkcs11i.h | 269 - security/nss/lib/fortcrypt/fpkcs11t.h | 1098 - security/nss/lib/fortcrypt/fpkmem.h | 48 - security/nss/lib/fortcrypt/fpkstrs.h | 122 - security/nss/lib/fortcrypt/genci.h | 145 - security/nss/lib/fortcrypt/globinst.htm | 139 - security/nss/lib/fortcrypt/handinst.htm | 180 - security/nss/lib/fortcrypt/homeinst.htm | 211 - security/nss/lib/fortcrypt/inst.js | 268 - security/nss/lib/fortcrypt/inst_PPC.js | 134 - security/nss/lib/fortcrypt/install.js | 134 - security/nss/lib/fortcrypt/maci.c | 901 - security/nss/lib/fortcrypt/maci.h | 776 - security/nss/lib/fortcrypt/macinst.htm | 148 - security/nss/lib/fortcrypt/manifest.mn | 50 - security/nss/lib/fortcrypt/replace.c | 101 - security/nss/lib/fortcrypt/secmodjar.html | 441 - security/nss/lib/fortcrypt/swfort/.cvsignore | 1 - security/nss/lib/fortcrypt/swfort/Makefile | 83 - security/nss/lib/fortcrypt/swfort/config.mk | 43 - security/nss/lib/fortcrypt/swfort/manifest.mn | 52 - security/nss/lib/fortcrypt/swfort/nsmap.h | 86 - .../nss/lib/fortcrypt/swfort/pkcs11/.cvsignore | 15 - security/nss/lib/fortcrypt/swfort/pkcs11/Makefile | 179 - security/nss/lib/fortcrypt/swfort/pkcs11/config.mk | 43 - security/nss/lib/fortcrypt/swfort/pkcs11/inst.js | 189 - .../nss/lib/fortcrypt/swfort/pkcs11/manifest.mn | 63 - security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst | 49 - security/nss/lib/fortcrypt/swfort/pkcs11/stub.c | 350 - security/nss/lib/fortcrypt/swfort/swfalg.c | 506 - security/nss/lib/fortcrypt/swfort/swflib.c | 1028 - security/nss/lib/fortcrypt/swfort/swfort.h | 70 - security/nss/lib/fortcrypt/swfort/swforti.h | 176 - security/nss/lib/fortcrypt/swfort/swfortt.h | 56 - security/nss/lib/fortcrypt/swfort/swfortti.h | 153 - security/nss/lib/fortcrypt/swfort/swfparse.c | 538 - security/nss/lib/fortcrypt/swfort/swfutl.c | 742 - security/nss/lib/freebl/Makefile | 310 - security/nss/lib/freebl/alg2268.c | 491 - security/nss/lib/freebl/arcfive.c | 114 - security/nss/lib/freebl/arcfour.c | 564 - security/nss/lib/freebl/blapi.h | 794 - security/nss/lib/freebl/blapi_bsf.c | 2095 - security/nss/lib/freebl/blapit.h | 225 - security/nss/lib/freebl/config.mk | 101 - security/nss/lib/freebl/des.c | 683 - security/nss/lib/freebl/des.h | 69 - security/nss/lib/freebl/desblapi.c | 275 - security/nss/lib/freebl/dh.c | 385 - security/nss/lib/freebl/dh_bsf.c | 82 - security/nss/lib/freebl/dsa.c | 415 - security/nss/lib/freebl/fblstdlib.c | 120 - security/nss/lib/freebl/ldvector.c | 124 - security/nss/lib/freebl/loader.c | 933 - security/nss/lib/freebl/loader.h | 264 - security/nss/lib/freebl/manifest.mn | 109 - security/nss/lib/freebl/mapfile.Solaris | 39 - security/nss/lib/freebl/md2.c | 288 - security/nss/lib/freebl/md5.c | 529 - security/nss/lib/freebl/mknewpc2.c | 236 - security/nss/lib/freebl/mksp.c | 153 - security/nss/lib/freebl/mpi/Makefile | 421 - security/nss/lib/freebl/mpi/Makefile.win | 277 - security/nss/lib/freebl/mpi/README | 795 - security/nss/lib/freebl/mpi/all-tests | 112 - security/nss/lib/freebl/mpi/doc/LICENSE | 11 - security/nss/lib/freebl/mpi/doc/LICENSE-MPL | 32 - security/nss/lib/freebl/mpi/doc/basecvt.pod | 63 - security/nss/lib/freebl/mpi/doc/build | 63 - security/nss/lib/freebl/mpi/doc/div.txt | 96 - security/nss/lib/freebl/mpi/doc/expt.txt | 127 - security/nss/lib/freebl/mpi/doc/gcd.pod | 27 - security/nss/lib/freebl/mpi/doc/invmod.pod | 33 - security/nss/lib/freebl/mpi/doc/isprime.pod | 62 - security/nss/lib/freebl/mpi/doc/lap.pod | 35 - security/nss/lib/freebl/mpi/doc/mpi-test.pod | 49 - security/nss/lib/freebl/mpi/doc/mul.txt | 109 - security/nss/lib/freebl/mpi/doc/pi.txt | 85 - security/nss/lib/freebl/mpi/doc/prime.txt | 6542 --- security/nss/lib/freebl/mpi/doc/prng.pod | 41 - security/nss/lib/freebl/mpi/doc/redux.txt | 118 - security/nss/lib/freebl/mpi/doc/sqrt.txt | 82 - security/nss/lib/freebl/mpi/doc/square.txt | 104 - security/nss/lib/freebl/mpi/doc/timing.txt | 245 - security/nss/lib/freebl/mpi/hpma512.s | 640 - security/nss/lib/freebl/mpi/hppa20.s | 929 - security/nss/lib/freebl/mpi/hppatch.adb | 49 - security/nss/lib/freebl/mpi/logtab.h | 59 - security/nss/lib/freebl/mpi/make-logtab | 60 - security/nss/lib/freebl/mpi/make-test-arrays | 129 - security/nss/lib/freebl/mpi/mdxptest.c | 339 - security/nss/lib/freebl/mpi/montmulf.c | 326 - security/nss/lib/freebl/mpi/montmulf.h | 100 - security/nss/lib/freebl/mpi/montmulf.il | 137 - security/nss/lib/freebl/mpi/montmulf.s | 1976 - security/nss/lib/freebl/mpi/montmulfv8.il | 137 - security/nss/lib/freebl/mpi/montmulfv8.s | 1856 - security/nss/lib/freebl/mpi/montmulfv9.il | 122 - security/nss/lib/freebl/mpi/montmulfv9.s | 2386 - security/nss/lib/freebl/mpi/mpi-config.h | 109 - security/nss/lib/freebl/mpi/mpi-priv.h | 247 - security/nss/lib/freebl/mpi/mpi-test.c | 1973 - security/nss/lib/freebl/mpi/mpi.c | 4797 -- security/nss/lib/freebl/mpi/mpi.h | 332 - security/nss/lib/freebl/mpi/mpi_hp.c | 112 - security/nss/lib/freebl/mpi/mpi_i86pc.s | 342 - security/nss/lib/freebl/mpi/mpi_mips.s | 502 - security/nss/lib/freebl/mpi/mpi_sparc.c | 358 - security/nss/lib/freebl/mpi/mpi_x86.asm | 351 - security/nss/lib/freebl/mpi/mpi_x86.s | 342 - security/nss/lib/freebl/mpi/mplogic.c | 459 - security/nss/lib/freebl/mpi/mplogic.h | 82 - security/nss/lib/freebl/mpi/mpmontg.c | 561 - security/nss/lib/freebl/mpi/mpprime.c | 619 - security/nss/lib/freebl/mpi/mpprime.h | 67 - security/nss/lib/freebl/mpi/mpv_sparc.c | 249 - security/nss/lib/freebl/mpi/mpv_sparcv8.s | 1651 - security/nss/lib/freebl/mpi/mpv_sparcv9.s | 1683 - security/nss/lib/freebl/mpi/mulsqr.c | 111 - security/nss/lib/freebl/mpi/multest | 107 - security/nss/lib/freebl/mpi/primes.c | 871 - security/nss/lib/freebl/mpi/stats | 70 - security/nss/lib/freebl/mpi/test-arrays.txt | 86 - security/nss/lib/freebl/mpi/test-info.c | 191 - security/nss/lib/freebl/mpi/tests/LICENSE | 6 - security/nss/lib/freebl/mpi/tests/LICENSE-MPL | 32 - security/nss/lib/freebl/mpi/tests/mptest-1.c | 72 - security/nss/lib/freebl/mpi/tests/mptest-2.c | 83 - security/nss/lib/freebl/mpi/tests/mptest-3.c | 128 - security/nss/lib/freebl/mpi/tests/mptest-3a.c | 141 - security/nss/lib/freebl/mpi/tests/mptest-4.c | 123 - security/nss/lib/freebl/mpi/tests/mptest-4a.c | 135 - security/nss/lib/freebl/mpi/tests/mptest-4b.c | 132 - security/nss/lib/freebl/mpi/tests/mptest-5.c | 100 - security/nss/lib/freebl/mpi/tests/mptest-5a.c | 162 - security/nss/lib/freebl/mpi/tests/mptest-6.c | 108 - security/nss/lib/freebl/mpi/tests/mptest-7.c | 104 - security/nss/lib/freebl/mpi/tests/mptest-8.c | 95 - security/nss/lib/freebl/mpi/tests/mptest-9.c | 113 - security/nss/lib/freebl/mpi/tests/pi1k.txt | 1 - security/nss/lib/freebl/mpi/tests/pi2k.txt | 1 - security/nss/lib/freebl/mpi/tests/pi5k.txt | 1 - security/nss/lib/freebl/mpi/timetest | 131 - security/nss/lib/freebl/mpi/types.pl | 158 - security/nss/lib/freebl/mpi/utils/LICENSE | 4 - security/nss/lib/freebl/mpi/utils/LICENSE-MPL | 32 - security/nss/lib/freebl/mpi/utils/PRIMES | 41 - security/nss/lib/freebl/mpi/utils/README | 239 - security/nss/lib/freebl/mpi/utils/basecvt.c | 97 - security/nss/lib/freebl/mpi/utils/bbs_rand.c | 93 - security/nss/lib/freebl/mpi/utils/bbs_rand.h | 55 - security/nss/lib/freebl/mpi/utils/bbsrand.c | 64 - security/nss/lib/freebl/mpi/utils/dec2hex.c | 68 - security/nss/lib/freebl/mpi/utils/exptmod.c | 80 - security/nss/lib/freebl/mpi/utils/fact.c | 112 - security/nss/lib/freebl/mpi/utils/gcd.c | 116 - security/nss/lib/freebl/mpi/utils/hex2dec.c | 68 - security/nss/lib/freebl/mpi/utils/identest.c | 79 - security/nss/lib/freebl/mpi/utils/invmod.c | 89 - security/nss/lib/freebl/mpi/utils/isprime.c | 118 - security/nss/lib/freebl/mpi/utils/lap.c | 116 - security/nss/lib/freebl/mpi/utils/makeprime.c | 144 - security/nss/lib/freebl/mpi/utils/metime.c | 132 - security/nss/lib/freebl/mpi/utils/pi.c | 194 - security/nss/lib/freebl/mpi/utils/primegen.c | 198 - security/nss/lib/freebl/mpi/utils/prng.c | 82 - security/nss/lib/freebl/mpi/utils/ptab.pl | 58 - security/nss/lib/freebl/mpi/utils/sieve.c | 265 - security/nss/lib/freebl/mpi/vis_32.il | 1320 - security/nss/lib/freebl/mpi/vis_64.il | 1026 - security/nss/lib/freebl/mpi/vis_proto.h | 263 - security/nss/lib/freebl/pqg.c | 667 - security/nss/lib/freebl/prng_fips1861.c | 512 - security/nss/lib/freebl/rijndael.c | 787 - security/nss/lib/freebl/rijndael.h | 83 - security/nss/lib/freebl/rijndael32.tab | 1190 - security/nss/lib/freebl/rijndael_tables.c | 243 - security/nss/lib/freebl/rsa.c | 694 - security/nss/lib/freebl/secmpi.h | 60 - security/nss/lib/freebl/sha.c | 160 - security/nss/lib/freebl/sha.h | 48 - security/nss/lib/freebl/sha_fast.c | 421 - security/nss/lib/freebl/sha_fast.h | 59 - security/nss/lib/freebl/sparcfix.c | 95 - security/nss/lib/jar/Makefile | 39 - security/nss/lib/jar/config.mk | 43 - security/nss/lib/jar/jar-ds.c | 70 - security/nss/lib/jar/jar-ds.h | 106 - security/nss/lib/jar/jar.c | 833 - security/nss/lib/jar/jar.h | 477 - security/nss/lib/jar/jarevil.c | 571 - security/nss/lib/jar/jarevil.h | 76 - security/nss/lib/jar/jarfile.c | 1150 - security/nss/lib/jar/jarfile.h | 114 - security/nss/lib/jar/jarint.c | 81 - security/nss/lib/jar/jarint.h | 116 - security/nss/lib/jar/jarjart.c | 354 - security/nss/lib/jar/jarjart.h | 72 - security/nss/lib/jar/jarnav.c | 107 - security/nss/lib/jar/jarsign.c | 378 - security/nss/lib/jar/jarver.c | 2030 - security/nss/lib/jar/jzconf.h | 190 - security/nss/lib/jar/jzlib.h | 896 - security/nss/lib/jar/manifest.mn | 53 - security/nss/lib/macbuild/NSS/NSS/NSS.mcp | Bin 939 -> 0 bytes security/nss/lib/macbuild/SecurityLib.mcp | Bin 56096 -> 0 bytes security/nss/lib/manifest.mn | 44 - security/nss/lib/nss/Makefile | 78 - security/nss/lib/nss/config.mk | 185 - security/nss/lib/nss/manifest.mn | 53 - security/nss/lib/nss/nss.rc | 98 - security/nss/lib/nss/nssrenam.h | 49 - security/nss/lib/nss/nsssym.c | 429 - security/nss/lib/nss/nssver.c | 53 - security/nss/lib/pk11wrap/Makefile | 90 - security/nss/lib/pk11wrap/config.mk | 43 - security/nss/lib/pk11wrap/manifest.mn | 65 - security/nss/lib/pk11wrap/pk11db.c | 649 - security/nss/lib/pk11wrap/pk11err.c | 147 - security/nss/lib/pk11wrap/pk11kea.c | 224 - security/nss/lib/pk11wrap/pk11list.c | 169 - security/nss/lib/pk11wrap/pk11load.c | 282 - security/nss/lib/pk11wrap/pk11pqg.c | 190 - security/nss/lib/pk11wrap/pk11pqg.h | 149 - security/nss/lib/pk11wrap/pk11sdr.c | 288 - security/nss/lib/pk11wrap/pk11sdr.h | 59 - security/nss/lib/pk11wrap/pk11slot.c | 4437 -- security/nss/lib/pk11wrap/pk11util.c | 623 - security/nss/lib/pk11wrap/secmod.h | 135 - security/nss/lib/pk11wrap/secmodi.h | 82 - security/nss/lib/pk11wrap/secmodti.h | 186 - security/nss/lib/pkcs12/Makefile | 77 - security/nss/lib/pkcs12/config.mk | 44 - security/nss/lib/pkcs12/manifest.mn | 58 - security/nss/lib/pkcs12/p12.h | 181 - security/nss/lib/pkcs12/p12creat.c | 251 - security/nss/lib/pkcs12/p12d.c | 3230 -- security/nss/lib/pkcs12/p12dec.c | 692 - security/nss/lib/pkcs12/p12e.c | 2266 - security/nss/lib/pkcs12/p12exp.c | 1407 - security/nss/lib/pkcs12/p12local.c | 1362 - security/nss/lib/pkcs12/p12local.h | 88 - security/nss/lib/pkcs12/p12plcy.c | 198 - security/nss/lib/pkcs12/p12plcy.h | 57 - security/nss/lib/pkcs12/p12t.h | 182 - security/nss/lib/pkcs12/p12tmpl.c | 320 - security/nss/lib/pkcs12/pkcs12.h | 67 - security/nss/lib/pkcs12/pkcs12t.h | 386 - security/nss/lib/pkcs7/Makefile | 76 - security/nss/lib/pkcs7/certread.c | 537 - security/nss/lib/pkcs7/config.mk | 42 - security/nss/lib/pkcs7/manifest.mn | 60 - security/nss/lib/pkcs7/p7common.c | 738 - security/nss/lib/pkcs7/p7create.c | 1321 - security/nss/lib/pkcs7/p7decode.c | 2090 - security/nss/lib/pkcs7/p7encode.c | 1332 - security/nss/lib/pkcs7/p7local.c | 1442 - security/nss/lib/pkcs7/p7local.h | 176 - security/nss/lib/pkcs7/pkcs7t.h | 292 - security/nss/lib/pkcs7/secmime.c | 901 - security/nss/lib/pkcs7/secmime.h | 192 - security/nss/lib/pkcs7/secpkcs7.h | 616 - security/nss/lib/pki/nsspki.h | 3161 -- security/nss/lib/pki/nsspkit.h | 261 - security/nss/lib/pki1/.cvsignore | 3 - security/nss/lib/pki1/Makefile | 38 - security/nss/lib/pki1/atav.c | 1803 - security/nss/lib/pki1/config.mk | 37 - security/nss/lib/pki1/genname.c | 94 - security/nss/lib/pki1/gnseq.c | 71 - security/nss/lib/pki1/manifest.mn | 63 - security/nss/lib/pki1/name.c | 77 - security/nss/lib/pki1/nsspki1.h | 2869 -- security/nss/lib/pki1/nsspki1t.h | 202 - security/nss/lib/pki1/oid.c | 1615 - security/nss/lib/pki1/oidgen.perl | 311 - security/nss/lib/pki1/oids.txt | 2115 - security/nss/lib/pki1/pki1.h | 3032 -- security/nss/lib/pki1/pki1t.h | 104 - security/nss/lib/pki1/rdn.c | 73 - security/nss/lib/pki1/rdnseq.c | 71 - security/nss/lib/pkix/doc/name_rules.html | 178 - security/nss/lib/pkix/include/nsspkix.h | 24377 --------- security/nss/lib/pkix/include/nsspkixt.h | 2281 - security/nss/lib/pkix/include/pkix.h | 26086 ---------- security/nss/lib/pkix/include/pkixm.h | 969 - security/nss/lib/pkix/include/pkixt.h | 57 - security/nss/lib/pkix/include/pkixtm.h | 1581 - .../nss/lib/pkix/src/AlgorithmIdentifier/Create.c | 85 - .../nss/lib/pkix/src/AlgorithmIdentifier/Decode.c | 79 - .../nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c | 71 - .../lib/pkix/src/AlgorithmIdentifier/Duplicate.c | 79 - .../nss/lib/pkix/src/AlgorithmIdentifier/Encode.c | 81 - .../nss/lib/pkix/src/AlgorithmIdentifier/Equal.c | 83 - .../pkix/src/AlgorithmIdentifier/GetAlgorithm.c | 71 - .../pkix/src/AlgorithmIdentifier/GetParameters.c | 80 - .../nss/lib/pkix/src/AlgorithmIdentifier/MClear.c | 71 - .../nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c | 138 - .../nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c | 137 - .../lib/pkix/src/AlgorithmIdentifier/PDestroy.c | 76 - .../lib/pkix/src/AlgorithmIdentifier/PDuplicate.c | 144 - .../nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c | 117 - .../nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c | 88 - .../pkix/src/AlgorithmIdentifier/PGetAlgorithm.c | 69 - .../pkix/src/AlgorithmIdentifier/PGetParameters.c | 78 - .../pkix/src/AlgorithmIdentifier/PSetAlgorithm.c | 75 - .../pkix/src/AlgorithmIdentifier/PSetParameters.c | 86 - .../pkix/src/AlgorithmIdentifier/SetAlgorithm.c | 76 - .../pkix/src/AlgorithmIdentifier/SetParameters.c | 77 - .../pkix/src/AlgorithmIdentifier/verifyPointer.c | 182 - security/nss/lib/pkix/src/Attribute/AddValue.c | 79 - security/nss/lib/pkix/src/Attribute/Create.c | 141 - .../nss/lib/pkix/src/Attribute/CreateFromArray.c | 97 - security/nss/lib/pkix/src/Attribute/Decode.c | 84 - security/nss/lib/pkix/src/Attribute/Destroy.c | 74 - security/nss/lib/pkix/src/Attribute/Duplicate.c | 79 - security/nss/lib/pkix/src/Attribute/Encode.c | 85 - security/nss/lib/pkix/src/Attribute/Equal.c | 88 - security/nss/lib/pkix/src/Attribute/FindValue.c | 84 - security/nss/lib/pkix/src/Attribute/GetType.c | 72 - security/nss/lib/pkix/src/Attribute/GetValue.c | 86 - .../nss/lib/pkix/src/Attribute/GetValueCount.c | 75 - security/nss/lib/pkix/src/Attribute/GetValues.c | 88 - security/nss/lib/pkix/src/Attribute/MClear.c | 71 - security/nss/lib/pkix/src/Attribute/MCount.c | 87 - security/nss/lib/pkix/src/Attribute/MVCreate.c | 165 - security/nss/lib/pkix/src/Attribute/PAddValue.c | 140 - security/nss/lib/pkix/src/Attribute/PCreate.c | 139 - .../nss/lib/pkix/src/Attribute/PCreateFromArray.c | 191 - security/nss/lib/pkix/src/Attribute/PDecode.c | 153 - security/nss/lib/pkix/src/Attribute/PDestroy.c | 82 - security/nss/lib/pkix/src/Attribute/PDuplicate.c | 189 - security/nss/lib/pkix/src/Attribute/PEncode.c | 126 - security/nss/lib/pkix/src/Attribute/PEqual.c | 164 - security/nss/lib/pkix/src/Attribute/PFindValue.c | 107 - security/nss/lib/pkix/src/Attribute/PGetType.c | 79 - security/nss/lib/pkix/src/Attribute/PGetValue.c | 98 - .../nss/lib/pkix/src/Attribute/PGetValueCount.c | 88 - security/nss/lib/pkix/src/Attribute/PGetValues.c | 145 - security/nss/lib/pkix/src/Attribute/PRemoveValue.c | 121 - security/nss/lib/pkix/src/Attribute/PSetType.c | 90 - security/nss/lib/pkix/src/Attribute/PSetValue.c | 102 - security/nss/lib/pkix/src/Attribute/PSetValues.c | 135 - security/nss/lib/pkix/src/Attribute/RemoveValue.c | 76 - security/nss/lib/pkix/src/Attribute/SetType.c | 80 - security/nss/lib/pkix/src/Attribute/SetValue.c | 80 - security/nss/lib/pkix/src/Attribute/SetValues.c | 85 - security/nss/lib/pkix/src/Attribute/template.c | 58 - .../nss/lib/pkix/src/Attribute/verifyPointer.c | 170 - .../lib/pkix/src/AttributeTypeAndValue/Create.c | 85 - .../src/AttributeTypeAndValue/CreateFromUTF8.c | 81 - .../lib/pkix/src/AttributeTypeAndValue/Decode.c | 79 - .../lib/pkix/src/AttributeTypeAndValue/Destroy.c | 70 - .../lib/pkix/src/AttributeTypeAndValue/Duplicate.c | 79 - .../lib/pkix/src/AttributeTypeAndValue/Encode.c | 81 - .../nss/lib/pkix/src/AttributeTypeAndValue/Equal.c | 85 - .../lib/pkix/src/AttributeTypeAndValue/GetType.c | 71 - .../src/AttributeTypeAndValue/GetUTF8Encoding.c | 79 - .../lib/pkix/src/AttributeTypeAndValue/GetValue.c | 80 - .../lib/pkix/src/AttributeTypeAndValue/MClear.c | 73 - .../lib/pkix/src/AttributeTypeAndValue/PCreate.c | 154 - .../src/AttributeTypeAndValue/PCreateFromUTF8.c | 137 - .../lib/pkix/src/AttributeTypeAndValue/PDecode.c | 144 - .../lib/pkix/src/AttributeTypeAndValue/PDestroy.c | 78 - .../pkix/src/AttributeTypeAndValue/PDuplicate.c | 165 - .../lib/pkix/src/AttributeTypeAndValue/PEncode.c | 101 - .../lib/pkix/src/AttributeTypeAndValue/PEqual.c | 95 - .../lib/pkix/src/AttributeTypeAndValue/PGetType.c | 78 - .../src/AttributeTypeAndValue/PGetUTF8Encoding.c | 81 - .../lib/pkix/src/AttributeTypeAndValue/PGetValue.c | 83 - .../lib/pkix/src/AttributeTypeAndValue/PSetType.c | 86 - .../lib/pkix/src/AttributeTypeAndValue/PSetValue.c | 85 - .../lib/pkix/src/AttributeTypeAndValue/SetType.c | 76 - .../lib/pkix/src/AttributeTypeAndValue/SetValue.c | 77 - .../lib/pkix/src/AttributeTypeAndValue/template.c | 56 - .../pkix/src/AttributeTypeAndValue/verifyPointer.c | 184 - security/nss/lib/pkix/src/Name/Create.c | 93 - .../nss/lib/pkix/src/Name/CreateFromRDNSequence.c | 79 - security/nss/lib/pkix/src/Name/CreateFromUTF8.c | 81 - security/nss/lib/pkix/src/Name/Decode.c | 79 - security/nss/lib/pkix/src/Name/Destroy.c | 71 - security/nss/lib/pkix/src/Name/Duplicate.c | 79 - security/nss/lib/pkix/src/Name/Encode.c | 81 - security/nss/lib/pkix/src/Name/Equal.c | 85 - security/nss/lib/pkix/src/Name/GetChoice.c | 70 - security/nss/lib/pkix/src/Name/GetRDNSequence.c | 80 - .../nss/lib/pkix/src/Name/GetSpecifiedChoice.c | 90 - security/nss/lib/pkix/src/Name/GetUTF8Encoding.c | 79 - security/nss/lib/pkix/src/Name/MClear.c | 73 - security/nss/lib/pkix/src/Name/Mregister.c | 72 - security/nss/lib/pkix/src/Name/PCreate.c | 173 - .../nss/lib/pkix/src/Name/PCreateFromRDNSequence.c | 145 - security/nss/lib/pkix/src/Name/PCreateFromUTF8.c | 145 - security/nss/lib/pkix/src/Name/PDecode.c | 138 - security/nss/lib/pkix/src/Name/PDestroy.c | 76 - security/nss/lib/pkix/src/Name/PDuplicate.c | 172 - security/nss/lib/pkix/src/Name/PEncode.c | 118 - security/nss/lib/pkix/src/Name/PEqual.c | 104 - security/nss/lib/pkix/src/Name/PGetChoice.c | 68 - security/nss/lib/pkix/src/Name/PGetRDNSequence.c | 87 - .../nss/lib/pkix/src/Name/PGetSpecifiedChoice.c | 93 - security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c | 81 - security/nss/lib/pkix/src/Name/template.c | 56 - security/nss/lib/pkix/src/Name/verifyPointer.c | 210 - .../RDNSequence/AppendRelativeDistinguishedName.c | 77 - security/nss/lib/pkix/src/RDNSequence/Create.c | 125 - .../nss/lib/pkix/src/RDNSequence/CreateFromArray.c | 86 - .../nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c | 81 - security/nss/lib/pkix/src/RDNSequence/Decode.c | 79 - security/nss/lib/pkix/src/RDNSequence/Destroy.c | 70 - security/nss/lib/pkix/src/RDNSequence/Duplicate.c | 79 - security/nss/lib/pkix/src/RDNSequence/Encode.c | 81 - security/nss/lib/pkix/src/RDNSequence/Equal.c | 85 - .../RDNSequence/FindRelativeDistinguishedName.c | 78 - .../src/RDNSequence/GetRelativeDistinguishedName.c | 81 - .../GetRelativeDistinguishedNameCount.c | 71 - .../RDNSequence/GetRelativeDistinguishedNames.c | 85 - .../nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c | 79 - .../RDNSequence/InsertRelativeDistinguishedName.c | 79 - security/nss/lib/pkix/src/RDNSequence/MClear.c | 73 - security/nss/lib/pkix/src/RDNSequence/MCount.c | 82 - security/nss/lib/pkix/src/RDNSequence/MVCreate.c | 141 - .../RDNSequence/PAppendRelativeDistinguishedName.c | 105 - security/nss/lib/pkix/src/RDNSequence/PCreate.c | 123 - .../lib/pkix/src/RDNSequence/PCreateFromArray.c | 151 - .../nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c | 139 - security/nss/lib/pkix/src/RDNSequence/PDecode.c | 138 - security/nss/lib/pkix/src/RDNSequence/PDestroy.c | 76 - security/nss/lib/pkix/src/RDNSequence/PDuplicate.c | 177 - security/nss/lib/pkix/src/RDNSequence/PEncode.c | 118 - security/nss/lib/pkix/src/RDNSequence/PEqual.c | 107 - .../RDNSequence/PFindRelativeDistinguishedName.c | 90 - .../RDNSequence/PGetRelativeDistinguishedName.c | 96 - .../PGetRelativeDistinguishedNameCount.c | 85 - .../RDNSequence/PGetRelativeDistinguishedNames.c | 135 - .../lib/pkix/src/RDNSequence/PGetUTF8Encoding.c | 81 - .../RDNSequence/PInsertRelativeDistinguishedName.c | 117 - .../RDNSequence/PRemoveRelativeDistinguishedName.c | 104 - .../RDNSequence/PSetRelativeDistinguishedName.c | 103 - .../RDNSequence/PSetRelativeDistinguishedNames.c | 153 - .../RDNSequence/RemoveRelativeDistinguishedName.c | 72 - .../src/RDNSequence/SetRelativeDistinguishedName.c | 79 - .../RDNSequence/SetRelativeDistinguishedNames.c | 115 - security/nss/lib/pkix/src/RDNSequence/template.c | 55 - .../nss/lib/pkix/src/RDNSequence/verifyPointer.c | 205 - .../AddAttributeTypeAndValue.c | 77 - .../pkix/src/RelativeDistinguishedName/Create.c | 125 - .../RelativeDistinguishedName/CreateFromArray.c | 86 - .../src/RelativeDistinguishedName/CreateFromUTF8.c | 81 - .../pkix/src/RelativeDistinguishedName/Decode.c | 79 - .../pkix/src/RelativeDistinguishedName/Destroy.c | 70 - .../pkix/src/RelativeDistinguishedName/Duplicate.c | 80 - .../pkix/src/RelativeDistinguishedName/Encode.c | 81 - .../lib/pkix/src/RelativeDistinguishedName/Equal.c | 85 - .../FindAttributeTypeAndValue.c | 78 - .../GetAttributeTypeAndValue.c | 81 - .../GetAttributeTypeAndValueCount.c | 72 - .../GetAttributeTypeAndValues.c | 83 - .../RelativeDistinguishedName/GetUTF8Encoding.c | 79 - .../pkix/src/RelativeDistinguishedName/MClear.c | 73 - .../pkix/src/RelativeDistinguishedName/MCount.c | 82 - .../pkix/src/RelativeDistinguishedName/MVCreate.c | 158 - .../PAddAttributeTypeAndValue.c | 107 - .../pkix/src/RelativeDistinguishedName/PCreate.c | 123 - .../RelativeDistinguishedName/PCreateFromArray.c | 151 - .../RelativeDistinguishedName/PCreateFromUTF8.c | 139 - .../pkix/src/RelativeDistinguishedName/PDecode.c | 142 - .../pkix/src/RelativeDistinguishedName/PDestroy.c | 76 - .../src/RelativeDistinguishedName/PDuplicate.c | 177 - .../pkix/src/RelativeDistinguishedName/PEncode.c | 123 - .../pkix/src/RelativeDistinguishedName/PEqual.c | 101 - .../PFindAttributeTypeAndValue.c | 96 - .../PGetAttributeTypeAndValue.c | 89 - .../PGetAttributeTypeAndValueCount.c | 85 - .../PGetAttributeTypeAndValues.c | 133 - .../RelativeDistinguishedName/PGetUTF8Encoding.c | 81 - .../PRemoveAttributeTypeAndValue.c | 121 - .../PSetAttributeTypeAndValue.c | 102 - .../PSetAttributeTypeAndValues.c | 166 - .../RemoveAttributeTypeAndValue.c | 73 - .../SetAttributeTypeAndValue.c | 79 - .../SetAttributeTypeAndValues.c | 113 - .../pkix/src/RelativeDistinguishedName/template.c | 55 - .../src/RelativeDistinguishedName/verifyPointer.c | 205 - security/nss/lib/pkix/src/Time/Compare.c | 75 - security/nss/lib/pkix/src/Time/CreateFromPRTime.c | 65 - security/nss/lib/pkix/src/Time/CreateFromUTF8.c | 70 - security/nss/lib/pkix/src/Time/Decode.c | 79 - security/nss/lib/pkix/src/Time/Destroy.c | 62 - security/nss/lib/pkix/src/Time/Duplicate.c | 69 - security/nss/lib/pkix/src/Time/Encode.c | 71 - security/nss/lib/pkix/src/Time/Equal.c | 74 - security/nss/lib/pkix/src/Time/GetPRTime.c | 64 - security/nss/lib/pkix/src/Time/GetUTF8Encoding.c | 69 - security/nss/lib/pkix/src/Time/PCreateFromPRTime.c | 117 - security/nss/lib/pkix/src/Time/PCreateFromUTF8.c | 121 - security/nss/lib/pkix/src/Time/PDecode.c | 137 - security/nss/lib/pkix/src/Time/PDestroy.c | 68 - security/nss/lib/pkix/src/Time/PEncode.c | 66 - security/nss/lib/pkix/src/Time/template.c | 54 - .../nss/lib/pkix/src/X520Name/CreateFromUTF8.c | 105 - security/nss/lib/pkix/src/X520Name/Decode.c | 79 - security/nss/lib/pkix/src/X520Name/Destroy.c | 70 - security/nss/lib/pkix/src/X520Name/Duplicate.c | 79 - security/nss/lib/pkix/src/X520Name/Encode.c | 80 - security/nss/lib/pkix/src/X520Name/Equal.c | 83 - .../nss/lib/pkix/src/X520Name/GetUTF8Encoding.c | 78 - security/nss/lib/pkix/src/X520Name/MDoUTF8.c | 97 - security/nss/lib/pkix/src/X520Name/PCreate.c | 169 - .../nss/lib/pkix/src/X520Name/PCreateFromUTF8.c | 164 - security/nss/lib/pkix/src/X520Name/PDecode.c | 135 - security/nss/lib/pkix/src/X520Name/PDestroy.c | 87 - security/nss/lib/pkix/src/X520Name/PDuplicate.c | 158 - security/nss/lib/pkix/src/X520Name/PEncode.c | 93 - security/nss/lib/pkix/src/X520Name/PEqual.c | 100 - .../nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c | 82 - security/nss/lib/pkix/src/X520Name/template.c | 56 - security/nss/lib/pkix/src/X520Name/verifyPointer.c | 169 - security/nss/lib/smime/Makefile | 76 - security/nss/lib/smime/cms.h | 1082 - security/nss/lib/smime/cmsarray.c | 212 - security/nss/lib/smime/cmsasn1.c | 575 - security/nss/lib/smime/cmsattr.c | 453 - security/nss/lib/smime/cmscinfo.c | 327 - security/nss/lib/smime/cmscipher.c | 792 - security/nss/lib/smime/cmsdecode.c | 688 - security/nss/lib/smime/cmsdigdata.c | 223 - security/nss/lib/smime/cmsdigest.c | 259 - security/nss/lib/smime/cmsencdata.c | 279 - security/nss/lib/smime/cmsencode.c | 740 - security/nss/lib/smime/cmsenvdata.c | 422 - security/nss/lib/smime/cmslocal.h | 330 - security/nss/lib/smime/cmsmessage.c | 313 - security/nss/lib/smime/cmspubkey.c | 531 - security/nss/lib/smime/cmsrecinfo.c | 422 - security/nss/lib/smime/cmsreclist.c | 187 - security/nss/lib/smime/cmsreclist.h | 59 - security/nss/lib/smime/cmssigdata.c | 887 - security/nss/lib/smime/cmssiginfo.c | 872 - security/nss/lib/smime/cmst.h | 489 - security/nss/lib/smime/cmsutil.c | 393 - security/nss/lib/smime/config.mk | 128 - security/nss/lib/smime/manifest.mn | 76 - security/nss/lib/smime/smime.h | 148 - security/nss/lib/smime/smime.rc | 98 - security/nss/lib/smime/smimemessage.c | 215 - security/nss/lib/smime/smimesym.c | 8 - security/nss/lib/smime/smimeutil.c | 742 - security/nss/lib/smime/smimever.c | 53 - security/nss/lib/softoken/Makefile | 90 - security/nss/lib/softoken/alghmac.c | 169 - security/nss/lib/softoken/alghmac.h | 90 - security/nss/lib/softoken/config.mk | 43 - security/nss/lib/softoken/fipstest.c | 1093 - security/nss/lib/softoken/fipstokn.c | 951 - security/nss/lib/softoken/keydb.c | 2482 - security/nss/lib/softoken/keydbt.h | 99 - security/nss/lib/softoken/keylow.h | 251 - security/nss/lib/softoken/keytboth.h | 99 - security/nss/lib/softoken/keytlow.h | 100 - security/nss/lib/softoken/lowkey.c | 330 - security/nss/lib/softoken/manifest.mn | 77 - security/nss/lib/softoken/padbuf.c | 77 - security/nss/lib/softoken/pkcs11.c | 4112 -- security/nss/lib/softoken/pkcs11.h | 324 - security/nss/lib/softoken/pkcs11c.c | 5474 --- security/nss/lib/softoken/pkcs11f.h | 933 - security/nss/lib/softoken/pkcs11i.h | 428 - security/nss/lib/softoken/pkcs11p.h | 49 - security/nss/lib/softoken/pkcs11t.h | 1128 - security/nss/lib/softoken/pkcs11u.c | 1270 - security/nss/lib/softoken/pkcs11u.h | 48 - security/nss/lib/softoken/private.h | 78 - security/nss/lib/softoken/rawhash.c | 111 - security/nss/lib/softoken/rsawrapr.c | 1049 - security/nss/lib/softoken/secpkcs5.c | 1849 - security/nss/lib/softoken/secpkcs5.h | 185 - security/nss/lib/softoken/softoken.h | 158 - security/nss/lib/softoken/softoknt.h | 61 - security/nss/lib/ssl/Makefile | 87 - security/nss/lib/ssl/authcert.c | 115 - security/nss/lib/ssl/cmpcert.c | 117 - security/nss/lib/ssl/config.mk | 107 - security/nss/lib/ssl/emulate.c | 626 - security/nss/lib/ssl/manifest.mn | 78 - security/nss/lib/ssl/notes.txt | 161 - security/nss/lib/ssl/nsskea.c | 75 - security/nss/lib/ssl/os2_err.c | 310 - security/nss/lib/ssl/os2_err.h | 83 - security/nss/lib/ssl/preenc.h | 161 - security/nss/lib/ssl/prelib.c | 251 - security/nss/lib/ssl/ssl.def | 107 - security/nss/lib/ssl/ssl.h | 439 - security/nss/lib/ssl/ssl.rc | 98 - security/nss/lib/ssl/ssl3con.c | 7812 --- security/nss/lib/ssl/ssl3gthr.c | 238 - security/nss/lib/ssl/ssl3prot.h | 307 - security/nss/lib/ssl/sslauth.c | 260 - security/nss/lib/ssl/sslcon.c | 3711 -- security/nss/lib/ssl/ssldef.c | 247 - security/nss/lib/ssl/sslenum.c | 85 - security/nss/lib/ssl/sslerr.c | 71 - security/nss/lib/ssl/sslerr.h | 188 - security/nss/lib/ssl/sslgathr.c | 479 - security/nss/lib/ssl/sslimpl.h | 1256 - security/nss/lib/ssl/sslnonce.c | 350 - security/nss/lib/ssl/sslproto.h | 158 - security/nss/lib/ssl/sslreveal.c | 97 - security/nss/lib/ssl/sslsecur.c | 1343 - security/nss/lib/ssl/sslsnce.c | 1955 - security/nss/lib/ssl/sslsock.c | 1870 - security/nss/lib/ssl/ssltrace.c | 269 - security/nss/lib/ssl/sslver.c | 53 - security/nss/lib/ssl/unix_err.c | 542 - security/nss/lib/ssl/unix_err.h | 87 - security/nss/lib/ssl/win32err.c | 373 - security/nss/lib/ssl/win32err.h | 81 - security/nss/lib/util/Makefile | 86 - security/nss/lib/util/base64.h | 71 - security/nss/lib/util/ciferfam.h | 87 - security/nss/lib/util/config.mk | 43 - security/nss/lib/util/derdec.c | 552 - security/nss/lib/util/derenc.c | 504 - security/nss/lib/util/dersubr.c | 258 - security/nss/lib/util/dertime.c | 334 - security/nss/lib/util/mac_rand.c | 280 - security/nss/lib/util/manifest.mn | 102 - security/nss/lib/util/nssb64.h | 124 - security/nss/lib/util/nssb64d.c | 861 - security/nss/lib/util/nssb64e.c | 762 - security/nss/lib/util/nssb64t.h | 45 - security/nss/lib/util/nssilock.c | 519 - security/nss/lib/util/nssilock.h | 388 - security/nss/lib/util/nsslocks.c | 105 - security/nss/lib/util/nsslocks.h | 67 - security/nss/lib/util/nssrwlk.c | 512 - security/nss/lib/util/nssrwlk.h | 160 - security/nss/lib/util/nssrwlkt.h | 47 - security/nss/lib/util/os2_rand.c | 329 - security/nss/lib/util/portreg.c | 317 - security/nss/lib/util/portreg.h | 92 - security/nss/lib/util/pqgutil.c | 267 - security/nss/lib/util/pqgutil.h | 127 - security/nss/lib/util/ret_cr16.s | 54 - security/nss/lib/util/secalgid.c | 173 - security/nss/lib/util/secasn1.h | 281 - security/nss/lib/util/secasn1d.c | 2964 -- security/nss/lib/util/secasn1e.c | 1468 - security/nss/lib/util/secasn1t.h | 280 - security/nss/lib/util/secasn1u.c | 106 - security/nss/lib/util/seccomon.h | 109 - security/nss/lib/util/secder.h | 193 - security/nss/lib/util/secdert.h | 170 - security/nss/lib/util/secdig.c | 232 - security/nss/lib/util/secdig.h | 135 - security/nss/lib/util/secdigt.h | 57 - security/nss/lib/util/secerr.h | 187 - security/nss/lib/util/secinit.c | 50 - security/nss/lib/util/secitem.c | 240 - security/nss/lib/util/secitem.h | 106 - security/nss/lib/util/secoid.c | 1533 - security/nss/lib/util/secoid.h | 115 - security/nss/lib/util/secoidt.h | 309 - security/nss/lib/util/secplcy.c | 114 - security/nss/lib/util/secplcy.h | 133 - security/nss/lib/util/secport.c | 574 - security/nss/lib/util/secport.h | 274 - security/nss/lib/util/secrng.h | 82 - security/nss/lib/util/secrngt.h | 44 - security/nss/lib/util/sectime.c | 177 - security/nss/lib/util/sysrand.c | 43 - security/nss/lib/util/unix_rand.c | 891 - security/nss/lib/util/utf8.c | 2061 - security/nss/lib/util/watcomfx.h | 59 - security/nss/lib/util/win_rand.c | 415 - security/nss/macbuild/LoadableRoots.mcp | Bin 59099 -> 0 bytes security/nss/macbuild/LoadableRoots.mcp.exp | 1 - security/nss/macbuild/NSS.Prefix | 3 - security/nss/macbuild/NSS.mcp | Bin 97893 -> 0 bytes security/nss/macbuild/NSSCommon.h | 5 - security/nss/macbuild/NSSDebug.Prefix | 3 - security/nss/macbuild/NSSckfw.mcp | Bin 44740 -> 0 bytes security/nss/macbuild/macstubs.c | 45 - security/nss/makefile.win | 99 - security/nss/manifest.mn | 44 - security/nss/relnotes.txt | 284 - security/nss/tests/all.sh | 115 - security/nss/tests/cert/cert.sh | 458 - security/nss/tests/cipher/cipher.sh | 110 - security/nss/tests/cipher/cipher.txt | 29 - security/nss/tests/cipher/dsa.txt | 8 - security/nss/tests/cipher/hash.txt | 8 - security/nss/tests/cipher/performance.sh | 144 - security/nss/tests/cipher/rsa.txt | 8 - security/nss/tests/cipher/symmkey.txt | 19 - security/nss/tests/common/Makefile | 43 - security/nss/tests/common/arch.sh | 313 - security/nss/tests/common/cleanup.sh | 48 - security/nss/tests/common/init.sh | 357 - security/nss/tests/common/results_header.html | 6 - security/nss/tests/core_watch | 45 - security/nss/tests/doc/clean.gif | Bin 5503 -> 0 bytes security/nss/tests/doc/nssqa.txt | 108 - security/nss/tests/doc/platform_specific_problems | 110 - security/nss/tests/doc/qa_wrapper.html | 269 - security/nss/tests/header | 1205 - security/nss/tests/mksymlinks | 72 - security/nss/tests/nssqa | 279 - security/nss/tests/path_uniq | 82 - security/nss/tests/perf/perf.sh | 87 - security/nss/tests/pkcs11/netscape/suites/Makefile | 76 - .../nss/tests/pkcs11/netscape/suites/config.mk | 42 - .../nss/tests/pkcs11/netscape/suites/manifest.mn | 46 - .../tests/pkcs11/netscape/suites/security/Makefile | 75 - .../pkcs11/netscape/suites/security/config.mk | 54 - .../pkcs11/netscape/suites/security/manifest.mn | 40 - .../netscape/suites/security/pkcs11/Makefile | 76 - .../netscape/suites/security/pkcs11/config.mk | 57 - .../netscape/suites/security/pkcs11/manifest.mn | 46 - .../netscape/suites/security/pkcs11/pk11test.c | 1360 - .../netscape/suites/security/pkcs11/pk11test.h | 111 - .../netscape/suites/security/pkcs11/pk11test.htp | 50 - .../netscape/suites/security/pkcs11/pkcs11.h | 190 - .../netscape/suites/security/pkcs11/pkcs11.reg | 960 - .../netscape/suites/security/pkcs11/pkcs11.rep | 157 - .../netscape/suites/security/pkcs11/rules.mk | 34 - .../pkcs11/netscape/suites/security/ssl/Makefile | 77 - .../pkcs11/netscape/suites/security/ssl/README | 11 - .../pkcs11/netscape/suites/security/ssl/cert7.db | Bin 90112 -> 0 bytes .../pkcs11/netscape/suites/security/ssl/config.mk | 61 - .../pkcs11/netscape/suites/security/ssl/key3.db | Bin 16384 -> 0 bytes .../netscape/suites/security/ssl/manifest.mn | 60 - .../pkcs11/netscape/suites/security/ssl/ssl.reg | 49194 ------------------- .../pkcs11/netscape/suites/security/ssl/sslc.c | 293 - .../pkcs11/netscape/suites/security/ssl/sslc.h | 96 - .../pkcs11/netscape/suites/security/ssl/ssls.c | 105 - .../pkcs11/netscape/suites/security/ssl/ssls.h | 127 - .../pkcs11/netscape/suites/security/ssl/sslt.c | 1183 - .../pkcs11/netscape/suites/security/ssl/sslt.h | 238 - .../pkcs11/netscape/suites/security/ssl/sslt.htp | 136 - .../pkcs11/netscape/suites/security/ssl/sslt.rep | 417 - .../nss/tests/pkcs11/netscape/trivial/.cvsignore | 6 - .../nss/tests/pkcs11/netscape/trivial/Makefile.in | 175 - .../nss/tests/pkcs11/netscape/trivial/README.txt | 56 - .../nss/tests/pkcs11/netscape/trivial/acconfig.h | 36 - .../nss/tests/pkcs11/netscape/trivial/config.h.in | 28 - .../nss/tests/pkcs11/netscape/trivial/configure | 1906 - .../nss/tests/pkcs11/netscape/trivial/configure.in | 180 - .../nss/tests/pkcs11/netscape/trivial/install-sh | 251 - .../nss/tests/pkcs11/netscape/trivial/trivial.c | 1313 - security/nss/tests/platformlist | 17 - security/nss/tests/platformlist.tbx | 14 - security/nss/tests/qa_stat | 720 - security/nss/tests/qaclean | 132 - security/nss/tests/sdr/sdr.sh | 121 - security/nss/tests/set_environment | 214 - security/nss/tests/smime/alice.txt | 6 - security/nss/tests/smime/bob.txt | 6 - security/nss/tests/smime/smime.sh | 165 - security/nss/tests/ssl/ssl.sh | 331 - security/nss/tests/ssl/ssl_dist_stress.sh | 344 - security/nss/tests/ssl/sslauth.txt | 21 - security/nss/tests/ssl/sslcov.txt | 37 - security/nss/tests/ssl/sslreq.txt | 3 - security/nss/tests/ssl/sslstress.txt | 14 - security/nss/tests/tools/sign.html | 5 - security/nss/tests/tools/signjs.html | 8 - security/nss/tests/tools/tools.sh | 191 - security/nss/trademarks.txt | 130 - 1411 files changed, 529299 deletions(-) delete mode 100644 security/coreconf/.cshrc delete mode 100644 security/coreconf/.profile delete mode 100644 security/coreconf/AIX.mk delete mode 100644 security/coreconf/AIX3.2.mk delete mode 100644 security/coreconf/AIX4.1.mk delete mode 100644 security/coreconf/AIX4.2.mk delete mode 100644 security/coreconf/AIX4.3.mk delete mode 100644 security/coreconf/BSD_OS.mk delete mode 100644 security/coreconf/FreeBSD.mk delete mode 100644 security/coreconf/HP-UX.mk delete mode 100644 security/coreconf/HP-UXA.09.03.mk delete mode 100644 security/coreconf/HP-UXA.09.07.mk delete mode 100644 security/coreconf/HP-UXA.09.mk delete mode 100644 security/coreconf/HP-UXB.10.01.mk delete mode 100644 security/coreconf/HP-UXB.10.10.mk delete mode 100644 security/coreconf/HP-UXB.10.20.mk delete mode 100644 security/coreconf/HP-UXB.10.30.mk delete mode 100644 security/coreconf/HP-UXB.10.mk delete mode 100644 security/coreconf/HP-UXB.11.00.mk delete mode 100644 security/coreconf/HP-UXB.11.mk delete mode 100644 security/coreconf/IRIX.mk delete mode 100644 security/coreconf/IRIX5.2.mk delete mode 100644 security/coreconf/IRIX5.3.mk delete mode 100644 security/coreconf/IRIX5.mk delete mode 100644 security/coreconf/IRIX6.2.mk delete mode 100644 security/coreconf/IRIX6.3.mk delete mode 100644 security/coreconf/IRIX6.5.mk delete mode 100644 security/coreconf/IRIX6.mk delete mode 100644 security/coreconf/Linux.mk delete mode 100644 security/coreconf/Linux2.1.mk delete mode 100644 security/coreconf/Linux2.2.mk delete mode 100644 security/coreconf/Linux2.4.mk delete mode 100644 security/coreconf/LinuxELF1.2.mk delete mode 100644 security/coreconf/LinuxELF2.0.mk delete mode 100644 security/coreconf/Makefile delete mode 100644 security/coreconf/NCR3.0.mk delete mode 100644 security/coreconf/NEC4.2.mk delete mode 100644 security/coreconf/NetBSD.mk delete mode 100644 security/coreconf/OS2.mk delete mode 100644 security/coreconf/OSF1.mk delete mode 100644 security/coreconf/OSF1V2.0.mk delete mode 100644 security/coreconf/OSF1V3.0.mk delete mode 100644 security/coreconf/OSF1V3.2.mk delete mode 100644 security/coreconf/OSF1V4.0.mk delete mode 100644 security/coreconf/OSF1V4.0B.mk delete mode 100644 security/coreconf/OSF1V4.0D.mk delete mode 100644 security/coreconf/OSF1V5.0.mk delete mode 100755 security/coreconf/OpenVMS.mk delete mode 100755 security/coreconf/OpenVMSV7.1-2.mk delete mode 100644 security/coreconf/README delete mode 100644 security/coreconf/ReliantUNIX.mk delete mode 100644 security/coreconf/ReliantUNIX5.4.mk delete mode 100644 security/coreconf/SCOOS5.0.mk delete mode 100644 security/coreconf/SCO_SV3.2.mk delete mode 100644 security/coreconf/SunOS4.1.3_U1.mk delete mode 100644 security/coreconf/SunOS5.3.mk delete mode 100644 security/coreconf/SunOS5.4.mk delete mode 100644 security/coreconf/SunOS5.4_i86pc.mk delete mode 100644 security/coreconf/SunOS5.5.1.mk delete mode 100644 security/coreconf/SunOS5.5.1_i86pc.mk delete mode 100644 security/coreconf/SunOS5.5.mk delete mode 100644 security/coreconf/SunOS5.6.mk delete mode 100644 security/coreconf/SunOS5.6_i86pc.mk delete mode 100644 security/coreconf/SunOS5.7.mk delete mode 100644 security/coreconf/SunOS5.7_i86pc.mk delete mode 100644 security/coreconf/SunOS5.8.mk delete mode 100644 security/coreconf/SunOS5.8_i86pc.mk delete mode 100755 security/coreconf/SunOS5.9.mk delete mode 100755 security/coreconf/SunOS5.9_i86pc.mk delete mode 100644 security/coreconf/SunOS5.mk delete mode 100644 security/coreconf/UNIX.mk delete mode 100644 security/coreconf/UNIXWARE2.1.mk delete mode 100644 security/coreconf/WIN16.mk delete mode 100644 security/coreconf/WIN32.mk delete mode 100644 security/coreconf/WIN954.0.mk delete mode 100644 security/coreconf/WINNT3.51.mk delete mode 100644 security/coreconf/WINNT4.0.mk delete mode 100644 security/coreconf/WINNT5.0.mk delete mode 100644 security/coreconf/arch.mk delete mode 100644 security/coreconf/command.mk delete mode 100644 security/coreconf/config.mk delete mode 100644 security/coreconf/coreconf.pl delete mode 100755 security/coreconf/cpdist.pl delete mode 100644 security/coreconf/headers.mk delete mode 100755 security/coreconf/import.pl delete mode 100644 security/coreconf/jdk.mk delete mode 100755 security/coreconf/jniregen.pl delete mode 100644 security/coreconf/location.mk delete mode 100644 security/coreconf/makefile.win delete mode 100644 security/coreconf/module.mk delete mode 100644 security/coreconf/nsinstall/Makefile delete mode 100755 security/coreconf/nsinstall/nfspwd delete mode 100644 security/coreconf/nsinstall/nfspwd.pl delete mode 100644 security/coreconf/nsinstall/nsinstall.c delete mode 100644 security/coreconf/nsinstall/pathsub.c delete mode 100644 security/coreconf/nsinstall/pathsub.h delete mode 100644 security/coreconf/nsinstall/sunos4.h delete mode 100755 security/coreconf/outofdate.pl delete mode 100644 security/coreconf/platform.mk delete mode 100644 security/coreconf/prefix.mk delete mode 100755 security/coreconf/release.pl delete mode 100644 security/coreconf/rules.mk delete mode 100644 security/coreconf/ruleset.mk delete mode 100644 security/coreconf/source.mk delete mode 100644 security/coreconf/suffix.mk delete mode 100644 security/coreconf/tree.mk delete mode 100644 security/coreconf/version.mk delete mode 100644 security/coreconf/version.pl delete mode 100644 security/dbm/Makefile delete mode 100644 security/dbm/include/Makefile delete mode 100644 security/dbm/include/manifest.mn delete mode 100644 security/dbm/manifest.mn delete mode 100644 security/dbm/src/Makefile delete mode 100644 security/dbm/src/config.mk delete mode 100644 security/dbm/src/manifest.mn delete mode 100644 security/dbm/tests/Makefile delete mode 100644 security/nss/Makefile delete mode 100644 security/nss/cmd/.cvsignore delete mode 100644 security/nss/cmd/Makefile delete mode 100644 security/nss/cmd/SSLsample/Makefile delete mode 100644 security/nss/cmd/SSLsample/Makefile.NSS delete mode 100644 security/nss/cmd/SSLsample/NSPRerrs.h delete mode 100644 security/nss/cmd/SSLsample/README delete mode 100644 security/nss/cmd/SSLsample/SECerrs.h delete mode 100644 security/nss/cmd/SSLsample/SSLerrs.h delete mode 100644 security/nss/cmd/SSLsample/client.c delete mode 100644 security/nss/cmd/SSLsample/client.mn delete mode 100755 security/nss/cmd/SSLsample/gencerts delete mode 100644 security/nss/cmd/SSLsample/make.client delete mode 100644 security/nss/cmd/SSLsample/make.server delete mode 100755 security/nss/cmd/SSLsample/nmakefile95.nss delete mode 100755 security/nss/cmd/SSLsample/nmakefilent.nss delete mode 100644 security/nss/cmd/SSLsample/server.c delete mode 100644 security/nss/cmd/SSLsample/server.mn delete mode 100644 security/nss/cmd/SSLsample/sslerror.h delete mode 100644 security/nss/cmd/SSLsample/sslsample.c delete mode 100644 security/nss/cmd/SSLsample/sslsample.h delete mode 100644 security/nss/cmd/addbuiltin/Makefile delete mode 100644 security/nss/cmd/addbuiltin/addbuiltin.c delete mode 100644 security/nss/cmd/addbuiltin/manifest.mn delete mode 100644 security/nss/cmd/atob/Makefile delete mode 100644 security/nss/cmd/atob/atob.c delete mode 100644 security/nss/cmd/atob/makefile.win delete mode 100644 security/nss/cmd/atob/manifest.mn delete mode 100644 security/nss/cmd/bltest/Makefile delete mode 100644 security/nss/cmd/bltest/blapitest.c delete mode 100644 security/nss/cmd/bltest/manifest.mn delete mode 100644 security/nss/cmd/bltest/tests/README delete mode 100644 security/nss/cmd/bltest/tests/aes_cbc/numtests delete mode 100644 security/nss/cmd/bltest/tests/aes_ecb/numtests delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/iv0 delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/key0 delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/numtests delete mode 100644 security/nss/cmd/bltest/tests/des3_cbc/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/key0 delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/numtests delete mode 100644 security/nss/cmd/bltest/tests/des3_ecb/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/iv0 delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/key0 delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/numtests delete mode 100644 security/nss/cmd/bltest/tests/des_cbc/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/key0 delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/numtests delete mode 100644 security/nss/cmd/bltest/tests/des_ecb/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/key0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/keyseed0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/numtests delete mode 100644 security/nss/cmd/bltest/tests/dsa/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/pqg0 delete mode 100644 security/nss/cmd/bltest/tests/dsa/sigseed0 delete mode 100644 security/nss/cmd/bltest/tests/md2/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/md2/numtests delete mode 100644 security/nss/cmd/bltest/tests/md2/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/md5/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/md5/numtests delete mode 100644 security/nss/cmd/bltest/tests/md5/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/iv0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/key0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/numtests delete mode 100644 security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/key0 delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/numtests delete mode 100644 security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rc4/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rc4/ciphertext1 delete mode 100644 security/nss/cmd/bltest/tests/rc4/key0 delete mode 100644 security/nss/cmd/bltest/tests/rc4/key1 delete mode 100644 security/nss/cmd/bltest/tests/rc4/numtests delete mode 100644 security/nss/cmd/bltest/tests/rc4/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rc4/plaintext1 delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/iv0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/key0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/numtests delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/params0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/key0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/numtests delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/params0 delete mode 100644 security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/rsa/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/rsa/key0 delete mode 100644 security/nss/cmd/bltest/tests/rsa/numtests delete mode 100644 security/nss/cmd/bltest/tests/rsa/plaintext0 delete mode 100644 security/nss/cmd/bltest/tests/sha1/ciphertext0 delete mode 100644 security/nss/cmd/bltest/tests/sha1/numtests delete mode 100644 security/nss/cmd/bltest/tests/sha1/plaintext0 delete mode 100644 security/nss/cmd/btoa/Makefile delete mode 100644 security/nss/cmd/btoa/btoa.c delete mode 100644 security/nss/cmd/btoa/makefile.win delete mode 100644 security/nss/cmd/btoa/manifest.mn delete mode 100644 security/nss/cmd/certcgi/Makefile delete mode 100644 security/nss/cmd/certcgi/ca.html delete mode 100644 security/nss/cmd/certcgi/ca_form.html delete mode 100644 security/nss/cmd/certcgi/certcgi.c delete mode 100644 security/nss/cmd/certcgi/index.html delete mode 100644 security/nss/cmd/certcgi/main.html delete mode 100644 security/nss/cmd/certcgi/manifest.mn delete mode 100644 security/nss/cmd/certcgi/nscp_ext_form.html delete mode 100644 security/nss/cmd/certcgi/stnd_ext_form.html delete mode 100644 security/nss/cmd/certutil/Makefile delete mode 100644 security/nss/cmd/certutil/certutil.c delete mode 100644 security/nss/cmd/certutil/keystuff.c delete mode 100644 security/nss/cmd/certutil/makefile.win delete mode 100644 security/nss/cmd/certutil/manifest.mn delete mode 100644 security/nss/cmd/checkcert/Makefile delete mode 100644 security/nss/cmd/checkcert/checkcert.c delete mode 100644 security/nss/cmd/checkcert/makefile.win delete mode 100644 security/nss/cmd/checkcert/manifest.mn delete mode 100644 security/nss/cmd/crlutil/Makefile delete mode 100644 security/nss/cmd/crlutil/crlutil.c delete mode 100644 security/nss/cmd/crlutil/makefile.win delete mode 100644 security/nss/cmd/crlutil/manifest.mn delete mode 100644 security/nss/cmd/crmf-cgi/Makefile delete mode 100644 security/nss/cmd/crmf-cgi/config.mk delete mode 100644 security/nss/cmd/crmf-cgi/crmfcgi.c delete mode 100644 security/nss/cmd/crmf-cgi/crmfcgi.html delete mode 100644 security/nss/cmd/crmf-cgi/manifest.mn delete mode 100644 security/nss/cmd/crmftest/Makefile delete mode 100644 security/nss/cmd/crmftest/config.mk delete mode 100644 security/nss/cmd/crmftest/manifest.mn delete mode 100644 security/nss/cmd/crmftest/testcrmf.c delete mode 100644 security/nss/cmd/dbck/Makefile delete mode 100644 security/nss/cmd/dbck/dbck.c delete mode 100644 security/nss/cmd/dbck/manifest.mn delete mode 100644 security/nss/cmd/derdump/Makefile delete mode 100644 security/nss/cmd/derdump/derdump.c delete mode 100644 security/nss/cmd/derdump/makefile.win delete mode 100644 security/nss/cmd/derdump/manifest.mn delete mode 100644 security/nss/cmd/digest/Makefile delete mode 100644 security/nss/cmd/digest/digest.c delete mode 100644 security/nss/cmd/digest/makefile.win delete mode 100644 security/nss/cmd/digest/manifest.mn delete mode 100644 security/nss/cmd/ilock/Makefile delete mode 100644 security/nss/cmd/ilock/ilock.c delete mode 100644 security/nss/cmd/ilock/manifest.mn delete mode 100644 security/nss/cmd/include/secnew.h delete mode 100644 security/nss/cmd/keyutil/Makefile delete mode 100644 security/nss/cmd/keyutil/keyutil.c delete mode 100644 security/nss/cmd/keyutil/manifest.mn delete mode 100644 security/nss/cmd/lib/Makefile delete mode 100644 security/nss/cmd/lib/NSPRerrs.h delete mode 100644 security/nss/cmd/lib/SECerrs.h delete mode 100644 security/nss/cmd/lib/SSLerrs.h delete mode 100644 security/nss/cmd/lib/berparse.c delete mode 100644 security/nss/cmd/lib/config.mk delete mode 100644 security/nss/cmd/lib/derprint.c delete mode 100644 security/nss/cmd/lib/dongle.c delete mode 100644 security/nss/cmd/lib/fe_util.c delete mode 100644 security/nss/cmd/lib/ffs.c delete mode 100644 security/nss/cmd/lib/filestub.c delete mode 100644 security/nss/cmd/lib/makefile.win delete mode 100644 security/nss/cmd/lib/manifest.mn delete mode 100644 security/nss/cmd/lib/secarb.c delete mode 100644 security/nss/cmd/lib/seccnames.c delete mode 100644 security/nss/cmd/lib/secerror.c delete mode 100644 security/nss/cmd/lib/secpwd.c delete mode 100644 security/nss/cmd/lib/secutil.c delete mode 100644 security/nss/cmd/lib/secutil.h delete mode 100644 security/nss/cmd/lib/sslstubs.c delete mode 100644 security/nss/cmd/lib/strerror.c delete mode 100644 security/nss/cmd/lib/stubs.c delete mode 100644 security/nss/cmd/makefile.inc delete mode 100644 security/nss/cmd/makefile.win delete mode 100644 security/nss/cmd/makepqg/Makefile delete mode 100644 security/nss/cmd/makepqg/makefile.win delete mode 100644 security/nss/cmd/makepqg/makepqg.c delete mode 100644 security/nss/cmd/makepqg/manifest.mn delete mode 100644 security/nss/cmd/makepqg/testit.ksh delete mode 100644 security/nss/cmd/manifest.mn delete mode 100644 security/nss/cmd/modutil/Makefile delete mode 100644 security/nss/cmd/modutil/README delete mode 100644 security/nss/cmd/modutil/README.TXT delete mode 100644 security/nss/cmd/modutil/config.mk delete mode 100644 security/nss/cmd/modutil/error.h delete mode 100644 security/nss/cmd/modutil/install-ds.c delete mode 100644 security/nss/cmd/modutil/install-ds.h delete mode 100644 security/nss/cmd/modutil/install.c delete mode 100644 security/nss/cmd/modutil/install.h delete mode 100644 security/nss/cmd/modutil/installparse.c delete mode 100644 security/nss/cmd/modutil/installparse.h delete mode 100644 security/nss/cmd/modutil/installparse.l delete mode 100644 security/nss/cmd/modutil/installparse.y delete mode 100644 security/nss/cmd/modutil/instsec.c delete mode 100644 security/nss/cmd/modutil/lex.Pk11Install_yy.c delete mode 100644 security/nss/cmd/modutil/manifest.mn delete mode 100644 security/nss/cmd/modutil/modutil.c delete mode 100644 security/nss/cmd/modutil/modutil.h delete mode 100644 security/nss/cmd/modutil/pk11.c delete mode 100644 security/nss/cmd/modutil/pk11jar.html delete mode 100644 security/nss/cmd/modutil/rules.mk delete mode 100644 security/nss/cmd/modutil/specification.html delete mode 100644 security/nss/cmd/ocspclnt/Makefile delete mode 100644 security/nss/cmd/ocspclnt/manifest.mn delete mode 100644 security/nss/cmd/ocspclnt/ocspclnt.c delete mode 100644 security/nss/cmd/oidcalc/Makefile delete mode 100644 security/nss/cmd/oidcalc/manifest.mn delete mode 100644 security/nss/cmd/oidcalc/oidcalc.c delete mode 100644 security/nss/cmd/p7content/Makefile delete mode 100644 security/nss/cmd/p7content/manifest.mn delete mode 100644 security/nss/cmd/p7content/p7content.c delete mode 100644 security/nss/cmd/p7env/Makefile delete mode 100644 security/nss/cmd/p7env/manifest.mn delete mode 100644 security/nss/cmd/p7env/p7env.c delete mode 100644 security/nss/cmd/p7sign/Makefile delete mode 100644 security/nss/cmd/p7sign/manifest.mn delete mode 100644 security/nss/cmd/p7sign/p7sign.c delete mode 100644 security/nss/cmd/p7verify/Makefile delete mode 100644 security/nss/cmd/p7verify/manifest.mn delete mode 100644 security/nss/cmd/p7verify/p7verify.c delete mode 100644 security/nss/cmd/pk12util/Makefile delete mode 100644 security/nss/cmd/pk12util/manifest.mn delete mode 100644 security/nss/cmd/pk12util/pk12util.c delete mode 100644 security/nss/cmd/pk12util/pk12util.h delete mode 100644 security/nss/cmd/platlibs.mk delete mode 100644 security/nss/cmd/platrules.mk delete mode 100644 security/nss/cmd/pp/Makefile delete mode 100644 security/nss/cmd/pp/manifest.mn delete mode 100644 security/nss/cmd/pp/pp.c delete mode 100644 security/nss/cmd/rsaperf/Makefile delete mode 100644 security/nss/cmd/rsaperf/defkey.c delete mode 100644 security/nss/cmd/rsaperf/manifest.mn delete mode 100644 security/nss/cmd/rsaperf/rsaperf.c delete mode 100644 security/nss/cmd/samples/cert delete mode 100644 security/nss/cmd/samples/cert0 delete mode 100644 security/nss/cmd/samples/cert1 delete mode 100644 security/nss/cmd/samples/cert2 delete mode 100644 security/nss/cmd/samples/pkcs7.ber delete mode 100644 security/nss/cmd/samples/pkcs7bday.ber delete mode 100644 security/nss/cmd/samples/pkcs7cnet.ber delete mode 100644 security/nss/cmd/samples/pkcs7news.ber delete mode 100644 security/nss/cmd/samples/x509v3.der delete mode 100644 security/nss/cmd/samples/x509v3.txt delete mode 100644 security/nss/cmd/sdrtest/Makefile delete mode 100644 security/nss/cmd/sdrtest/manifest.mn delete mode 100644 security/nss/cmd/sdrtest/sdrtest.c delete mode 100644 security/nss/cmd/selfserv/Makefile delete mode 100644 security/nss/cmd/selfserv/makefile.win delete mode 100644 security/nss/cmd/selfserv/manifest.mn delete mode 100644 security/nss/cmd/selfserv/selfserv.c delete mode 100644 security/nss/cmd/signtool/Makefile delete mode 100644 security/nss/cmd/signtool/README delete mode 100644 security/nss/cmd/signtool/README.TXT delete mode 100644 security/nss/cmd/signtool/certgen.c delete mode 100644 security/nss/cmd/signtool/javascript.c delete mode 100644 security/nss/cmd/signtool/list.c delete mode 100644 security/nss/cmd/signtool/manifest.mn delete mode 100644 security/nss/cmd/signtool/sign.c delete mode 100644 security/nss/cmd/signtool/signtool.c delete mode 100644 security/nss/cmd/signtool/signtool.h delete mode 100644 security/nss/cmd/signtool/util.c delete mode 100644 security/nss/cmd/signtool/verify.c delete mode 100644 security/nss/cmd/signtool/zip.c delete mode 100644 security/nss/cmd/signtool/zip.h delete mode 100644 security/nss/cmd/signver/Makefile delete mode 100755 security/nss/cmd/signver/examples/1/form.pl delete mode 100644 security/nss/cmd/signver/examples/1/signedForm.html delete mode 100644 security/nss/cmd/signver/examples/1/signedForm.nt.html delete mode 100755 security/nss/cmd/signver/examples/1/signedForm.pl delete mode 100644 security/nss/cmd/signver/manifest.mn delete mode 100644 security/nss/cmd/signver/pk7print.c delete mode 100644 security/nss/cmd/signver/signver.c delete mode 100644 security/nss/cmd/smimetools/Makefile delete mode 100644 security/nss/cmd/smimetools/cmsutil.c delete mode 100644 security/nss/cmd/smimetools/manifest.mn delete mode 100644 security/nss/cmd/smimetools/rules.mk delete mode 100755 security/nss/cmd/smimetools/smime delete mode 100644 security/nss/cmd/sslstrength/Makefile delete mode 100644 security/nss/cmd/sslstrength/manifest.mn delete mode 100644 security/nss/cmd/sslstrength/sslstr.cgi delete mode 100644 security/nss/cmd/sslstrength/sslstrength.c delete mode 100755 security/nss/cmd/sslstrength/sslwrap delete mode 100644 security/nss/cmd/ssltap/Makefile delete mode 100644 security/nss/cmd/ssltap/config.mk delete mode 100644 security/nss/cmd/ssltap/manifest.mn delete mode 100644 security/nss/cmd/ssltap/ssltap-manual.html delete mode 100644 security/nss/cmd/ssltap/ssltap.c delete mode 100644 security/nss/cmd/strsclnt/Makefile delete mode 100644 security/nss/cmd/strsclnt/manifest.mn delete mode 100644 security/nss/cmd/strsclnt/strsclnt.c delete mode 100644 security/nss/cmd/swfort/Makefile delete mode 100644 security/nss/cmd/swfort/instinit/Makefile delete mode 100644 security/nss/cmd/swfort/instinit/instinit.c delete mode 100644 security/nss/cmd/swfort/instinit/manifest.mn delete mode 100644 security/nss/cmd/swfort/manifest.mn delete mode 100644 security/nss/cmd/swfort/newuser/Makefile delete mode 100644 security/nss/cmd/swfort/newuser/manifest.mn delete mode 100644 security/nss/cmd/swfort/newuser/mktst.c delete mode 100644 security/nss/cmd/swfort/newuser/newuser.c delete mode 100644 security/nss/cmd/tstclnt/Makefile delete mode 100644 security/nss/cmd/tstclnt/makefile.win delete mode 100644 security/nss/cmd/tstclnt/manifest.mn delete mode 100644 security/nss/cmd/tstclnt/tstclnt.c delete mode 100644 security/nss/cmd/ttformat/Makefile delete mode 100644 security/nss/cmd/ttformat/manifest.mn delete mode 100755 security/nss/cmd/ttformat/nClient delete mode 100755 security/nss/cmd/ttformat/nServ delete mode 100755 security/nss/cmd/ttformat/redux.pl delete mode 100644 security/nss/cmd/ttformat/reduxhwm.pl delete mode 100644 security/nss/cmd/ttformat/ttformat.c delete mode 100644 security/nss/cmd/zlib/Makefile delete mode 100644 security/nss/cmd/zlib/README delete mode 100644 security/nss/cmd/zlib/adler32.c delete mode 100644 security/nss/cmd/zlib/compress.c delete mode 100644 security/nss/cmd/zlib/config.mk delete mode 100644 security/nss/cmd/zlib/crc32.c delete mode 100644 security/nss/cmd/zlib/deflate.c delete mode 100644 security/nss/cmd/zlib/deflate.h delete mode 100644 security/nss/cmd/zlib/example.c delete mode 100644 security/nss/cmd/zlib/gzio.c delete mode 100644 security/nss/cmd/zlib/infblock.c delete mode 100644 security/nss/cmd/zlib/infblock.h delete mode 100644 security/nss/cmd/zlib/infcodes.c delete mode 100644 security/nss/cmd/zlib/infcodes.h delete mode 100644 security/nss/cmd/zlib/inffast.c delete mode 100644 security/nss/cmd/zlib/inffast.h delete mode 100644 security/nss/cmd/zlib/inflate.c delete mode 100644 security/nss/cmd/zlib/inftrees.c delete mode 100644 security/nss/cmd/zlib/inftrees.h delete mode 100644 security/nss/cmd/zlib/infutil.c delete mode 100644 security/nss/cmd/zlib/infutil.h delete mode 100644 security/nss/cmd/zlib/makefile.win delete mode 100644 security/nss/cmd/zlib/manifest.mn delete mode 100644 security/nss/cmd/zlib/minigzip.c delete mode 100644 security/nss/cmd/zlib/netscape_mods.doc delete mode 100644 security/nss/cmd/zlib/stubs.c delete mode 100644 security/nss/cmd/zlib/trees.c delete mode 100644 security/nss/cmd/zlib/uncompr.c delete mode 100644 security/nss/cmd/zlib/zconf.h delete mode 100644 security/nss/cmd/zlib/zip16.def delete mode 100644 security/nss/cmd/zlib/zip_nodl.c delete mode 100644 security/nss/cmd/zlib/zlib.h delete mode 100644 security/nss/cmd/zlib/zutil.c delete mode 100644 security/nss/cmd/zlib/zutil.h delete mode 100644 security/nss/lib/Makefile delete mode 100644 security/nss/lib/asn1/Makefile delete mode 100644 security/nss/lib/asn1/asn1.c delete mode 100644 security/nss/lib/asn1/asn1.h delete mode 100644 security/nss/lib/asn1/asn1m.h delete mode 100644 security/nss/lib/asn1/asn1t.h delete mode 100644 security/nss/lib/asn1/config.mk delete mode 100644 security/nss/lib/asn1/manifest.mn delete mode 100644 security/nss/lib/asn1/nssasn1t.h delete mode 100644 security/nss/lib/base/Makefile delete mode 100644 security/nss/lib/base/arena.c delete mode 100644 security/nss/lib/base/base.h delete mode 100644 security/nss/lib/base/baset.h delete mode 100644 security/nss/lib/base/config.mk delete mode 100644 security/nss/lib/base/error.c delete mode 100644 security/nss/lib/base/errorval.c delete mode 100644 security/nss/lib/base/hashops.c delete mode 100644 security/nss/lib/base/item.c delete mode 100644 security/nss/lib/base/libc.c delete mode 100644 security/nss/lib/base/manifest.mn delete mode 100644 security/nss/lib/base/nssbase.h delete mode 100644 security/nss/lib/base/nssbaset.h delete mode 100644 security/nss/lib/base/tracker.c delete mode 100644 security/nss/lib/base/utf8.c delete mode 100644 security/nss/lib/base/whatnspr.c delete mode 100644 security/nss/lib/certdb/.cvsignore delete mode 100644 security/nss/lib/certdb/Makefile delete mode 100644 security/nss/lib/certdb/alg1485.c delete mode 100644 security/nss/lib/certdb/cdbhdl.h delete mode 100644 security/nss/lib/certdb/cert.h delete mode 100644 security/nss/lib/certdb/certdb.c delete mode 100644 security/nss/lib/certdb/certdb.h delete mode 100644 security/nss/lib/certdb/certinit.c delete mode 100644 security/nss/lib/certdb/certt.h delete mode 100644 security/nss/lib/certdb/certv3.c delete mode 100644 security/nss/lib/certdb/certxutl.c delete mode 100644 security/nss/lib/certdb/certxutl.h delete mode 100644 security/nss/lib/certdb/config.mk delete mode 100644 security/nss/lib/certdb/crl.c delete mode 100644 security/nss/lib/certdb/genname.c delete mode 100644 security/nss/lib/certdb/genname.h delete mode 100644 security/nss/lib/certdb/manifest.mn delete mode 100644 security/nss/lib/certdb/polcyxtn.c delete mode 100644 security/nss/lib/certdb/secname.c delete mode 100644 security/nss/lib/certdb/xauthkid.c delete mode 100644 security/nss/lib/certdb/xbsconst.c delete mode 100644 security/nss/lib/certdb/xconst.c delete mode 100644 security/nss/lib/certdb/xconst.h delete mode 100644 security/nss/lib/certhigh/Makefile delete mode 100644 security/nss/lib/certhigh/certhigh.c delete mode 100644 security/nss/lib/certhigh/certhtml.c delete mode 100644 security/nss/lib/certhigh/certreq.c delete mode 100644 security/nss/lib/certhigh/certvfy.c delete mode 100644 security/nss/lib/certhigh/config.mk delete mode 100644 security/nss/lib/certhigh/crlv2.c delete mode 100644 security/nss/lib/certhigh/manifest.mn delete mode 100644 security/nss/lib/certhigh/ocsp.c delete mode 100644 security/nss/lib/certhigh/ocsp.h delete mode 100644 security/nss/lib/certhigh/ocspt.h delete mode 100644 security/nss/lib/certhigh/ocspti.h delete mode 100644 security/nss/lib/certhigh/xcrldist.c delete mode 100644 security/nss/lib/ckfw/.cvsignore delete mode 100644 security/nss/lib/ckfw/Makefile delete mode 100644 security/nss/lib/ckfw/builtins/.cvsignore delete mode 100644 security/nss/lib/ckfw/builtins/Makefile delete mode 100644 security/nss/lib/ckfw/builtins/anchor.c delete mode 100644 security/nss/lib/ckfw/builtins/builtins.h delete mode 100644 security/nss/lib/ckfw/builtins/certdata.c delete mode 100644 security/nss/lib/ckfw/builtins/certdata.perl delete mode 100644 security/nss/lib/ckfw/builtins/certdata.txt delete mode 100644 security/nss/lib/ckfw/builtins/config.mk delete mode 100644 security/nss/lib/ckfw/builtins/constants.c delete mode 100644 security/nss/lib/ckfw/builtins/find.c delete mode 100644 security/nss/lib/ckfw/builtins/instance.c delete mode 100644 security/nss/lib/ckfw/builtins/manifest.mn delete mode 100644 security/nss/lib/ckfw/builtins/object.c delete mode 100644 security/nss/lib/ckfw/builtins/session.c delete mode 100644 security/nss/lib/ckfw/builtins/slot.c delete mode 100644 security/nss/lib/ckfw/builtins/token.c delete mode 100644 security/nss/lib/ckfw/ck.api delete mode 100644 security/nss/lib/ckfw/ck.h delete mode 100644 security/nss/lib/ckfw/ckapi.perl delete mode 100644 security/nss/lib/ckfw/ckfw.h delete mode 100644 security/nss/lib/ckfw/ckfwm.h delete mode 100644 security/nss/lib/ckfw/ckfwtm.h delete mode 100644 security/nss/lib/ckfw/ckmd.h delete mode 100644 security/nss/lib/ckfw/ckt.h delete mode 100644 security/nss/lib/ckfw/config.mk delete mode 100644 security/nss/lib/ckfw/dbm/Makefile delete mode 100644 security/nss/lib/ckfw/dbm/anchor.c delete mode 100644 security/nss/lib/ckfw/dbm/ckdbm.h delete mode 100644 security/nss/lib/ckfw/dbm/config.mk delete mode 100644 security/nss/lib/ckfw/dbm/db.c delete mode 100644 security/nss/lib/ckfw/dbm/find.c delete mode 100644 security/nss/lib/ckfw/dbm/instance.c delete mode 100644 security/nss/lib/ckfw/dbm/manifest.mn delete mode 100644 security/nss/lib/ckfw/dbm/object.c delete mode 100644 security/nss/lib/ckfw/dbm/session.c delete mode 100644 security/nss/lib/ckfw/dbm/slot.c delete mode 100644 security/nss/lib/ckfw/dbm/token.c delete mode 100644 security/nss/lib/ckfw/find.c delete mode 100644 security/nss/lib/ckfw/hash.c delete mode 100644 security/nss/lib/ckfw/instance.c delete mode 100644 security/nss/lib/ckfw/manifest.mn delete mode 100644 security/nss/lib/ckfw/mechanism.c delete mode 100644 security/nss/lib/ckfw/mutex.c delete mode 100644 security/nss/lib/ckfw/nsprstub.c delete mode 100644 security/nss/lib/ckfw/nssck.api delete mode 100644 security/nss/lib/ckfw/nssckepv.h delete mode 100644 security/nss/lib/ckfw/nssckft.h delete mode 100644 security/nss/lib/ckfw/nssckfw.h delete mode 100644 security/nss/lib/ckfw/nssckfwc.h delete mode 100644 security/nss/lib/ckfw/nssckfwt.h delete mode 100644 security/nss/lib/ckfw/nssckg.h delete mode 100644 security/nss/lib/ckfw/nssckmdt.h delete mode 100644 security/nss/lib/ckfw/nssckp.h delete mode 100644 security/nss/lib/ckfw/nssckt.h delete mode 100644 security/nss/lib/ckfw/nsscku.h delete mode 100644 security/nss/lib/ckfw/object.c delete mode 100644 security/nss/lib/ckfw/session.c delete mode 100644 security/nss/lib/ckfw/sessobj.c delete mode 100644 security/nss/lib/ckfw/slot.c delete mode 100644 security/nss/lib/ckfw/token.c delete mode 100644 security/nss/lib/ckfw/wrap.c delete mode 100644 security/nss/lib/crmf/Makefile delete mode 100644 security/nss/lib/crmf/asn1cmn.c delete mode 100644 security/nss/lib/crmf/challcli.c delete mode 100644 security/nss/lib/crmf/cmmf.h delete mode 100644 security/nss/lib/crmf/cmmfasn1.c delete mode 100644 security/nss/lib/crmf/cmmfchal.c delete mode 100644 security/nss/lib/crmf/cmmfi.h delete mode 100644 security/nss/lib/crmf/cmmfit.h delete mode 100644 security/nss/lib/crmf/cmmfrec.c delete mode 100644 security/nss/lib/crmf/cmmfresp.c delete mode 100644 security/nss/lib/crmf/cmmft.h delete mode 100644 security/nss/lib/crmf/config.mk delete mode 100644 security/nss/lib/crmf/crmf.h delete mode 100644 security/nss/lib/crmf/crmfcont.c delete mode 100644 security/nss/lib/crmf/crmfdec.c delete mode 100644 security/nss/lib/crmf/crmfenc.c delete mode 100644 security/nss/lib/crmf/crmffut.h delete mode 100644 security/nss/lib/crmf/crmfget.c delete mode 100644 security/nss/lib/crmf/crmfi.h delete mode 100644 security/nss/lib/crmf/crmfit.h delete mode 100644 security/nss/lib/crmf/crmfpop.c delete mode 100644 security/nss/lib/crmf/crmfreq.c delete mode 100644 security/nss/lib/crmf/crmft.h delete mode 100644 security/nss/lib/crmf/crmftmpl.c delete mode 100644 security/nss/lib/crmf/encutil.c delete mode 100644 security/nss/lib/crmf/manifest.mn delete mode 100644 security/nss/lib/crmf/respcli.c delete mode 100644 security/nss/lib/crmf/respcmn.c delete mode 100644 security/nss/lib/crmf/servget.c delete mode 100644 security/nss/lib/cryptohi/Makefile delete mode 100644 security/nss/lib/cryptohi/config.mk delete mode 100644 security/nss/lib/cryptohi/cryptohi.h delete mode 100644 security/nss/lib/cryptohi/cryptoht.h delete mode 100644 security/nss/lib/cryptohi/dsautil.c delete mode 100644 security/nss/lib/cryptohi/hasht.h delete mode 100644 security/nss/lib/cryptohi/key.h delete mode 100644 security/nss/lib/cryptohi/keyhi.h delete mode 100644 security/nss/lib/cryptohi/keyt.h delete mode 100644 security/nss/lib/cryptohi/keythi.h delete mode 100644 security/nss/lib/cryptohi/manifest.mn delete mode 100644 security/nss/lib/cryptohi/sechash.c delete mode 100644 security/nss/lib/cryptohi/sechash.h delete mode 100644 security/nss/lib/cryptohi/seckey.c delete mode 100644 security/nss/lib/cryptohi/secsign.c delete mode 100644 security/nss/lib/cryptohi/secvfy.c delete mode 100644 security/nss/lib/fortcrypt/Makefile delete mode 100644 security/nss/lib/fortcrypt/config.mk delete mode 100644 security/nss/lib/fortcrypt/cryptint.h delete mode 100644 security/nss/lib/fortcrypt/fmutex.c delete mode 100644 security/nss/lib/fortcrypt/fmutex.h delete mode 100644 security/nss/lib/fortcrypt/forsock.c delete mode 100644 security/nss/lib/fortcrypt/fortinst.htm delete mode 100644 security/nss/lib/fortcrypt/fortpk11.c delete mode 100644 security/nss/lib/fortcrypt/fortsock.h delete mode 100644 security/nss/lib/fortcrypt/fpkcs11.h delete mode 100644 security/nss/lib/fortcrypt/fpkcs11f.h delete mode 100644 security/nss/lib/fortcrypt/fpkcs11i.h delete mode 100644 security/nss/lib/fortcrypt/fpkcs11t.h delete mode 100644 security/nss/lib/fortcrypt/fpkmem.h delete mode 100644 security/nss/lib/fortcrypt/fpkstrs.h delete mode 100644 security/nss/lib/fortcrypt/genci.h delete mode 100644 security/nss/lib/fortcrypt/globinst.htm delete mode 100644 security/nss/lib/fortcrypt/handinst.htm delete mode 100644 security/nss/lib/fortcrypt/homeinst.htm delete mode 100644 security/nss/lib/fortcrypt/inst.js delete mode 100644 security/nss/lib/fortcrypt/inst_PPC.js delete mode 100644 security/nss/lib/fortcrypt/install.js delete mode 100644 security/nss/lib/fortcrypt/maci.c delete mode 100644 security/nss/lib/fortcrypt/maci.h delete mode 100644 security/nss/lib/fortcrypt/macinst.htm delete mode 100644 security/nss/lib/fortcrypt/manifest.mn delete mode 100644 security/nss/lib/fortcrypt/replace.c delete mode 100644 security/nss/lib/fortcrypt/secmodjar.html delete mode 100644 security/nss/lib/fortcrypt/swfort/.cvsignore delete mode 100644 security/nss/lib/fortcrypt/swfort/Makefile delete mode 100644 security/nss/lib/fortcrypt/swfort/config.mk delete mode 100644 security/nss/lib/fortcrypt/swfort/manifest.mn delete mode 100644 security/nss/lib/fortcrypt/swfort/nsmap.h delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/Makefile delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/config.mk delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/inst.js delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn delete mode 100755 security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst delete mode 100644 security/nss/lib/fortcrypt/swfort/pkcs11/stub.c delete mode 100644 security/nss/lib/fortcrypt/swfort/swfalg.c delete mode 100644 security/nss/lib/fortcrypt/swfort/swflib.c delete mode 100644 security/nss/lib/fortcrypt/swfort/swfort.h delete mode 100644 security/nss/lib/fortcrypt/swfort/swforti.h delete mode 100644 security/nss/lib/fortcrypt/swfort/swfortt.h delete mode 100644 security/nss/lib/fortcrypt/swfort/swfortti.h delete mode 100644 security/nss/lib/fortcrypt/swfort/swfparse.c delete mode 100644 security/nss/lib/fortcrypt/swfort/swfutl.c delete mode 100644 security/nss/lib/freebl/Makefile delete mode 100644 security/nss/lib/freebl/alg2268.c delete mode 100644 security/nss/lib/freebl/arcfive.c delete mode 100644 security/nss/lib/freebl/arcfour.c delete mode 100644 security/nss/lib/freebl/blapi.h delete mode 100644 security/nss/lib/freebl/blapi_bsf.c delete mode 100644 security/nss/lib/freebl/blapit.h delete mode 100644 security/nss/lib/freebl/config.mk delete mode 100644 security/nss/lib/freebl/des.c delete mode 100644 security/nss/lib/freebl/des.h delete mode 100644 security/nss/lib/freebl/desblapi.c delete mode 100644 security/nss/lib/freebl/dh.c delete mode 100644 security/nss/lib/freebl/dh_bsf.c delete mode 100644 security/nss/lib/freebl/dsa.c delete mode 100755 security/nss/lib/freebl/fblstdlib.c delete mode 100644 security/nss/lib/freebl/ldvector.c delete mode 100644 security/nss/lib/freebl/loader.c delete mode 100644 security/nss/lib/freebl/loader.h delete mode 100644 security/nss/lib/freebl/manifest.mn delete mode 100644 security/nss/lib/freebl/mapfile.Solaris delete mode 100644 security/nss/lib/freebl/md2.c delete mode 100644 security/nss/lib/freebl/md5.c delete mode 100644 security/nss/lib/freebl/mknewpc2.c delete mode 100644 security/nss/lib/freebl/mksp.c delete mode 100644 security/nss/lib/freebl/mpi/Makefile delete mode 100644 security/nss/lib/freebl/mpi/Makefile.win delete mode 100644 security/nss/lib/freebl/mpi/README delete mode 100755 security/nss/lib/freebl/mpi/all-tests delete mode 100644 security/nss/lib/freebl/mpi/doc/LICENSE delete mode 100644 security/nss/lib/freebl/mpi/doc/LICENSE-MPL delete mode 100644 security/nss/lib/freebl/mpi/doc/basecvt.pod delete mode 100755 security/nss/lib/freebl/mpi/doc/build delete mode 100644 security/nss/lib/freebl/mpi/doc/div.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/expt.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/gcd.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/invmod.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/isprime.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/lap.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/mpi-test.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/mul.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/pi.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/prime.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/prng.pod delete mode 100644 security/nss/lib/freebl/mpi/doc/redux.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/sqrt.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/square.txt delete mode 100644 security/nss/lib/freebl/mpi/doc/timing.txt delete mode 100644 security/nss/lib/freebl/mpi/hpma512.s delete mode 100644 security/nss/lib/freebl/mpi/hppa20.s delete mode 100644 security/nss/lib/freebl/mpi/hppatch.adb delete mode 100644 security/nss/lib/freebl/mpi/logtab.h delete mode 100755 security/nss/lib/freebl/mpi/make-logtab delete mode 100755 security/nss/lib/freebl/mpi/make-test-arrays delete mode 100644 security/nss/lib/freebl/mpi/mdxptest.c delete mode 100644 security/nss/lib/freebl/mpi/montmulf.c delete mode 100644 security/nss/lib/freebl/mpi/montmulf.h delete mode 100644 security/nss/lib/freebl/mpi/montmulf.il delete mode 100644 security/nss/lib/freebl/mpi/montmulf.s delete mode 100644 security/nss/lib/freebl/mpi/montmulfv8.il delete mode 100644 security/nss/lib/freebl/mpi/montmulfv8.s delete mode 100644 security/nss/lib/freebl/mpi/montmulfv9.il delete mode 100644 security/nss/lib/freebl/mpi/montmulfv9.s delete mode 100644 security/nss/lib/freebl/mpi/mpi-config.h delete mode 100644 security/nss/lib/freebl/mpi/mpi-priv.h delete mode 100644 security/nss/lib/freebl/mpi/mpi-test.c delete mode 100644 security/nss/lib/freebl/mpi/mpi.c delete mode 100644 security/nss/lib/freebl/mpi/mpi.h delete mode 100644 security/nss/lib/freebl/mpi/mpi_hp.c delete mode 100644 security/nss/lib/freebl/mpi/mpi_i86pc.s delete mode 100644 security/nss/lib/freebl/mpi/mpi_mips.s delete mode 100644 security/nss/lib/freebl/mpi/mpi_sparc.c delete mode 100644 security/nss/lib/freebl/mpi/mpi_x86.asm delete mode 100644 security/nss/lib/freebl/mpi/mpi_x86.s delete mode 100644 security/nss/lib/freebl/mpi/mplogic.c delete mode 100644 security/nss/lib/freebl/mpi/mplogic.h delete mode 100644 security/nss/lib/freebl/mpi/mpmontg.c delete mode 100644 security/nss/lib/freebl/mpi/mpprime.c delete mode 100644 security/nss/lib/freebl/mpi/mpprime.h delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparc.c delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparcv8.s delete mode 100644 security/nss/lib/freebl/mpi/mpv_sparcv9.s delete mode 100644 security/nss/lib/freebl/mpi/mulsqr.c delete mode 100755 security/nss/lib/freebl/mpi/multest delete mode 100644 security/nss/lib/freebl/mpi/primes.c delete mode 100755 security/nss/lib/freebl/mpi/stats delete mode 100644 security/nss/lib/freebl/mpi/test-arrays.txt delete mode 100644 security/nss/lib/freebl/mpi/test-info.c delete mode 100644 security/nss/lib/freebl/mpi/tests/LICENSE delete mode 100644 security/nss/lib/freebl/mpi/tests/LICENSE-MPL delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-1.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-2.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-3.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-3a.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4a.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-4b.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-5.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-5a.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-6.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-7.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-8.c delete mode 100644 security/nss/lib/freebl/mpi/tests/mptest-9.c delete mode 100644 security/nss/lib/freebl/mpi/tests/pi1k.txt delete mode 100644 security/nss/lib/freebl/mpi/tests/pi2k.txt delete mode 100644 security/nss/lib/freebl/mpi/tests/pi5k.txt delete mode 100755 security/nss/lib/freebl/mpi/timetest delete mode 100755 security/nss/lib/freebl/mpi/types.pl delete mode 100644 security/nss/lib/freebl/mpi/utils/LICENSE delete mode 100644 security/nss/lib/freebl/mpi/utils/LICENSE-MPL delete mode 100644 security/nss/lib/freebl/mpi/utils/PRIMES delete mode 100644 security/nss/lib/freebl/mpi/utils/README delete mode 100644 security/nss/lib/freebl/mpi/utils/basecvt.c delete mode 100644 security/nss/lib/freebl/mpi/utils/bbs_rand.c delete mode 100644 security/nss/lib/freebl/mpi/utils/bbs_rand.h delete mode 100644 security/nss/lib/freebl/mpi/utils/bbsrand.c delete mode 100644 security/nss/lib/freebl/mpi/utils/dec2hex.c delete mode 100644 security/nss/lib/freebl/mpi/utils/exptmod.c delete mode 100644 security/nss/lib/freebl/mpi/utils/fact.c delete mode 100644 security/nss/lib/freebl/mpi/utils/gcd.c delete mode 100644 security/nss/lib/freebl/mpi/utils/hex2dec.c delete mode 100644 security/nss/lib/freebl/mpi/utils/identest.c delete mode 100644 security/nss/lib/freebl/mpi/utils/invmod.c delete mode 100644 security/nss/lib/freebl/mpi/utils/isprime.c delete mode 100644 security/nss/lib/freebl/mpi/utils/lap.c delete mode 100644 security/nss/lib/freebl/mpi/utils/makeprime.c delete mode 100644 security/nss/lib/freebl/mpi/utils/metime.c delete mode 100644 security/nss/lib/freebl/mpi/utils/pi.c delete mode 100644 security/nss/lib/freebl/mpi/utils/primegen.c delete mode 100644 security/nss/lib/freebl/mpi/utils/prng.c delete mode 100755 security/nss/lib/freebl/mpi/utils/ptab.pl delete mode 100644 security/nss/lib/freebl/mpi/utils/sieve.c delete mode 100644 security/nss/lib/freebl/mpi/vis_32.il delete mode 100644 security/nss/lib/freebl/mpi/vis_64.il delete mode 100644 security/nss/lib/freebl/mpi/vis_proto.h delete mode 100644 security/nss/lib/freebl/pqg.c delete mode 100644 security/nss/lib/freebl/prng_fips1861.c delete mode 100644 security/nss/lib/freebl/rijndael.c delete mode 100644 security/nss/lib/freebl/rijndael.h delete mode 100644 security/nss/lib/freebl/rijndael32.tab delete mode 100644 security/nss/lib/freebl/rijndael_tables.c delete mode 100644 security/nss/lib/freebl/rsa.c delete mode 100644 security/nss/lib/freebl/secmpi.h delete mode 100644 security/nss/lib/freebl/sha.c delete mode 100644 security/nss/lib/freebl/sha.h delete mode 100644 security/nss/lib/freebl/sha_fast.c delete mode 100644 security/nss/lib/freebl/sha_fast.h delete mode 100644 security/nss/lib/freebl/sparcfix.c delete mode 100644 security/nss/lib/jar/Makefile delete mode 100644 security/nss/lib/jar/config.mk delete mode 100644 security/nss/lib/jar/jar-ds.c delete mode 100644 security/nss/lib/jar/jar-ds.h delete mode 100644 security/nss/lib/jar/jar.c delete mode 100644 security/nss/lib/jar/jar.h delete mode 100644 security/nss/lib/jar/jarevil.c delete mode 100644 security/nss/lib/jar/jarevil.h delete mode 100644 security/nss/lib/jar/jarfile.c delete mode 100644 security/nss/lib/jar/jarfile.h delete mode 100644 security/nss/lib/jar/jarint.c delete mode 100644 security/nss/lib/jar/jarint.h delete mode 100644 security/nss/lib/jar/jarjart.c delete mode 100644 security/nss/lib/jar/jarjart.h delete mode 100644 security/nss/lib/jar/jarnav.c delete mode 100644 security/nss/lib/jar/jarsign.c delete mode 100644 security/nss/lib/jar/jarver.c delete mode 100644 security/nss/lib/jar/jzconf.h delete mode 100644 security/nss/lib/jar/jzlib.h delete mode 100644 security/nss/lib/jar/manifest.mn delete mode 100644 security/nss/lib/macbuild/NSS/NSS/NSS.mcp delete mode 100644 security/nss/lib/macbuild/SecurityLib.mcp delete mode 100644 security/nss/lib/manifest.mn delete mode 100644 security/nss/lib/nss/Makefile delete mode 100644 security/nss/lib/nss/config.mk delete mode 100644 security/nss/lib/nss/manifest.mn delete mode 100644 security/nss/lib/nss/nss.rc delete mode 100644 security/nss/lib/nss/nssrenam.h delete mode 100644 security/nss/lib/nss/nsssym.c delete mode 100644 security/nss/lib/nss/nssver.c delete mode 100644 security/nss/lib/pk11wrap/Makefile delete mode 100644 security/nss/lib/pk11wrap/config.mk delete mode 100644 security/nss/lib/pk11wrap/manifest.mn delete mode 100644 security/nss/lib/pk11wrap/pk11db.c delete mode 100644 security/nss/lib/pk11wrap/pk11err.c delete mode 100644 security/nss/lib/pk11wrap/pk11kea.c delete mode 100644 security/nss/lib/pk11wrap/pk11list.c delete mode 100644 security/nss/lib/pk11wrap/pk11load.c delete mode 100644 security/nss/lib/pk11wrap/pk11pqg.c delete mode 100644 security/nss/lib/pk11wrap/pk11pqg.h delete mode 100644 security/nss/lib/pk11wrap/pk11sdr.c delete mode 100644 security/nss/lib/pk11wrap/pk11sdr.h delete mode 100644 security/nss/lib/pk11wrap/pk11slot.c delete mode 100644 security/nss/lib/pk11wrap/pk11util.c delete mode 100644 security/nss/lib/pk11wrap/secmod.h delete mode 100644 security/nss/lib/pk11wrap/secmodi.h delete mode 100644 security/nss/lib/pk11wrap/secmodti.h delete mode 100644 security/nss/lib/pkcs12/Makefile delete mode 100644 security/nss/lib/pkcs12/config.mk delete mode 100644 security/nss/lib/pkcs12/manifest.mn delete mode 100644 security/nss/lib/pkcs12/p12.h delete mode 100644 security/nss/lib/pkcs12/p12creat.c delete mode 100644 security/nss/lib/pkcs12/p12d.c delete mode 100644 security/nss/lib/pkcs12/p12dec.c delete mode 100644 security/nss/lib/pkcs12/p12e.c delete mode 100644 security/nss/lib/pkcs12/p12exp.c delete mode 100644 security/nss/lib/pkcs12/p12local.c delete mode 100644 security/nss/lib/pkcs12/p12local.h delete mode 100644 security/nss/lib/pkcs12/p12plcy.c delete mode 100644 security/nss/lib/pkcs12/p12plcy.h delete mode 100644 security/nss/lib/pkcs12/p12t.h delete mode 100644 security/nss/lib/pkcs12/p12tmpl.c delete mode 100644 security/nss/lib/pkcs12/pkcs12.h delete mode 100644 security/nss/lib/pkcs12/pkcs12t.h delete mode 100644 security/nss/lib/pkcs7/Makefile delete mode 100644 security/nss/lib/pkcs7/certread.c delete mode 100644 security/nss/lib/pkcs7/config.mk delete mode 100644 security/nss/lib/pkcs7/manifest.mn delete mode 100644 security/nss/lib/pkcs7/p7common.c delete mode 100644 security/nss/lib/pkcs7/p7create.c delete mode 100644 security/nss/lib/pkcs7/p7decode.c delete mode 100644 security/nss/lib/pkcs7/p7encode.c delete mode 100644 security/nss/lib/pkcs7/p7local.c delete mode 100644 security/nss/lib/pkcs7/p7local.h delete mode 100644 security/nss/lib/pkcs7/pkcs7t.h delete mode 100644 security/nss/lib/pkcs7/secmime.c delete mode 100644 security/nss/lib/pkcs7/secmime.h delete mode 100644 security/nss/lib/pkcs7/secpkcs7.h delete mode 100644 security/nss/lib/pki/nsspki.h delete mode 100644 security/nss/lib/pki/nsspkit.h delete mode 100644 security/nss/lib/pki1/.cvsignore delete mode 100644 security/nss/lib/pki1/Makefile delete mode 100644 security/nss/lib/pki1/atav.c delete mode 100644 security/nss/lib/pki1/config.mk delete mode 100644 security/nss/lib/pki1/genname.c delete mode 100644 security/nss/lib/pki1/gnseq.c delete mode 100644 security/nss/lib/pki1/manifest.mn delete mode 100644 security/nss/lib/pki1/name.c delete mode 100644 security/nss/lib/pki1/nsspki1.h delete mode 100644 security/nss/lib/pki1/nsspki1t.h delete mode 100644 security/nss/lib/pki1/oid.c delete mode 100755 security/nss/lib/pki1/oidgen.perl delete mode 100644 security/nss/lib/pki1/oids.txt delete mode 100644 security/nss/lib/pki1/pki1.h delete mode 100644 security/nss/lib/pki1/pki1t.h delete mode 100644 security/nss/lib/pki1/rdn.c delete mode 100644 security/nss/lib/pki1/rdnseq.c delete mode 100644 security/nss/lib/pkix/doc/name_rules.html delete mode 100644 security/nss/lib/pkix/include/nsspkix.h delete mode 100644 security/nss/lib/pkix/include/nsspkixt.h delete mode 100644 security/nss/lib/pkix/include/pkix.h delete mode 100644 security/nss/lib/pkix/include/pkixm.h delete mode 100644 security/nss/lib/pkix/include/pkixt.h delete mode 100644 security/nss/lib/pkix/include/pkixtm.h delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c delete mode 100644 security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/Attribute/AddValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Create.c delete mode 100644 security/nss/lib/pkix/src/Attribute/CreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Decode.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Destroy.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Encode.c delete mode 100644 security/nss/lib/pkix/src/Attribute/Equal.c delete mode 100644 security/nss/lib/pkix/src/Attribute/FindValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/GetType.c delete mode 100644 security/nss/lib/pkix/src/Attribute/GetValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/GetValueCount.c delete mode 100644 security/nss/lib/pkix/src/Attribute/GetValues.c delete mode 100644 security/nss/lib/pkix/src/Attribute/MClear.c delete mode 100644 security/nss/lib/pkix/src/Attribute/MCount.c delete mode 100644 security/nss/lib/pkix/src/Attribute/MVCreate.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PAddValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PCreate.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PCreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PDecode.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PEncode.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PEqual.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PFindValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PGetType.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PGetValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PGetValueCount.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PGetValues.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PRemoveValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PSetType.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PSetValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/PSetValues.c delete mode 100644 security/nss/lib/pkix/src/Attribute/RemoveValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/SetType.c delete mode 100644 security/nss/lib/pkix/src/Attribute/SetValue.c delete mode 100644 security/nss/lib/pkix/src/Attribute/SetValues.c delete mode 100644 security/nss/lib/pkix/src/Attribute/template.c delete mode 100644 security/nss/lib/pkix/src/Attribute/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/template.c delete mode 100644 security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/Name/Create.c delete mode 100644 security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c delete mode 100644 security/nss/lib/pkix/src/Name/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/Name/Decode.c delete mode 100644 security/nss/lib/pkix/src/Name/Destroy.c delete mode 100644 security/nss/lib/pkix/src/Name/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/Name/Encode.c delete mode 100644 security/nss/lib/pkix/src/Name/Equal.c delete mode 100644 security/nss/lib/pkix/src/Name/GetChoice.c delete mode 100644 security/nss/lib/pkix/src/Name/GetRDNSequence.c delete mode 100644 security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c delete mode 100644 security/nss/lib/pkix/src/Name/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/Name/MClear.c delete mode 100644 security/nss/lib/pkix/src/Name/Mregister.c delete mode 100644 security/nss/lib/pkix/src/Name/PCreate.c delete mode 100644 security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c delete mode 100644 security/nss/lib/pkix/src/Name/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/Name/PDecode.c delete mode 100644 security/nss/lib/pkix/src/Name/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/Name/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/Name/PEncode.c delete mode 100644 security/nss/lib/pkix/src/Name/PEqual.c delete mode 100644 security/nss/lib/pkix/src/Name/PGetChoice.c delete mode 100644 security/nss/lib/pkix/src/Name/PGetRDNSequence.c delete mode 100644 security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c delete mode 100644 security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/Name/template.c delete mode 100644 security/nss/lib/pkix/src/Name/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Create.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Decode.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Destroy.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Encode.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/Equal.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/MClear.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/MCount.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/MVCreate.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PCreate.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PDecode.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PEncode.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PEqual.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/template.c delete mode 100644 security/nss/lib/pkix/src/RDNSequence/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/template.c delete mode 100644 security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c delete mode 100644 security/nss/lib/pkix/src/Time/Compare.c delete mode 100644 security/nss/lib/pkix/src/Time/CreateFromPRTime.c delete mode 100644 security/nss/lib/pkix/src/Time/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/Time/Decode.c delete mode 100644 security/nss/lib/pkix/src/Time/Destroy.c delete mode 100644 security/nss/lib/pkix/src/Time/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/Time/Encode.c delete mode 100644 security/nss/lib/pkix/src/Time/Equal.c delete mode 100644 security/nss/lib/pkix/src/Time/GetPRTime.c delete mode 100644 security/nss/lib/pkix/src/Time/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/Time/PCreateFromPRTime.c delete mode 100644 security/nss/lib/pkix/src/Time/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/Time/PDecode.c delete mode 100644 security/nss/lib/pkix/src/Time/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/Time/PEncode.c delete mode 100644 security/nss/lib/pkix/src/Time/template.c delete mode 100644 security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/X520Name/Decode.c delete mode 100644 security/nss/lib/pkix/src/X520Name/Destroy.c delete mode 100644 security/nss/lib/pkix/src/X520Name/Duplicate.c delete mode 100644 security/nss/lib/pkix/src/X520Name/Encode.c delete mode 100644 security/nss/lib/pkix/src/X520Name/Equal.c delete mode 100644 security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/X520Name/MDoUTF8.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PCreate.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PDecode.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PDestroy.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PDuplicate.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PEncode.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PEqual.c delete mode 100644 security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c delete mode 100644 security/nss/lib/pkix/src/X520Name/template.c delete mode 100644 security/nss/lib/pkix/src/X520Name/verifyPointer.c delete mode 100644 security/nss/lib/smime/Makefile delete mode 100644 security/nss/lib/smime/cms.h delete mode 100644 security/nss/lib/smime/cmsarray.c delete mode 100644 security/nss/lib/smime/cmsasn1.c delete mode 100644 security/nss/lib/smime/cmsattr.c delete mode 100644 security/nss/lib/smime/cmscinfo.c delete mode 100644 security/nss/lib/smime/cmscipher.c delete mode 100644 security/nss/lib/smime/cmsdecode.c delete mode 100644 security/nss/lib/smime/cmsdigdata.c delete mode 100644 security/nss/lib/smime/cmsdigest.c delete mode 100644 security/nss/lib/smime/cmsencdata.c delete mode 100644 security/nss/lib/smime/cmsencode.c delete mode 100644 security/nss/lib/smime/cmsenvdata.c delete mode 100644 security/nss/lib/smime/cmslocal.h delete mode 100644 security/nss/lib/smime/cmsmessage.c delete mode 100644 security/nss/lib/smime/cmspubkey.c delete mode 100644 security/nss/lib/smime/cmsrecinfo.c delete mode 100644 security/nss/lib/smime/cmsreclist.c delete mode 100644 security/nss/lib/smime/cmsreclist.h delete mode 100644 security/nss/lib/smime/cmssigdata.c delete mode 100644 security/nss/lib/smime/cmssiginfo.c delete mode 100644 security/nss/lib/smime/cmst.h delete mode 100644 security/nss/lib/smime/cmsutil.c delete mode 100644 security/nss/lib/smime/config.mk delete mode 100644 security/nss/lib/smime/manifest.mn delete mode 100644 security/nss/lib/smime/smime.h delete mode 100644 security/nss/lib/smime/smime.rc delete mode 100644 security/nss/lib/smime/smimemessage.c delete mode 100644 security/nss/lib/smime/smimesym.c delete mode 100644 security/nss/lib/smime/smimeutil.c delete mode 100644 security/nss/lib/smime/smimever.c delete mode 100644 security/nss/lib/softoken/Makefile delete mode 100644 security/nss/lib/softoken/alghmac.c delete mode 100644 security/nss/lib/softoken/alghmac.h delete mode 100644 security/nss/lib/softoken/config.mk delete mode 100644 security/nss/lib/softoken/fipstest.c delete mode 100644 security/nss/lib/softoken/fipstokn.c delete mode 100644 security/nss/lib/softoken/keydb.c delete mode 100644 security/nss/lib/softoken/keydbt.h delete mode 100644 security/nss/lib/softoken/keylow.h delete mode 100644 security/nss/lib/softoken/keytboth.h delete mode 100644 security/nss/lib/softoken/keytlow.h delete mode 100644 security/nss/lib/softoken/lowkey.c delete mode 100644 security/nss/lib/softoken/manifest.mn delete mode 100644 security/nss/lib/softoken/padbuf.c delete mode 100644 security/nss/lib/softoken/pkcs11.c delete mode 100644 security/nss/lib/softoken/pkcs11.h delete mode 100644 security/nss/lib/softoken/pkcs11c.c delete mode 100644 security/nss/lib/softoken/pkcs11f.h delete mode 100644 security/nss/lib/softoken/pkcs11i.h delete mode 100644 security/nss/lib/softoken/pkcs11p.h delete mode 100644 security/nss/lib/softoken/pkcs11t.h delete mode 100644 security/nss/lib/softoken/pkcs11u.c delete mode 100644 security/nss/lib/softoken/pkcs11u.h delete mode 100644 security/nss/lib/softoken/private.h delete mode 100644 security/nss/lib/softoken/rawhash.c delete mode 100644 security/nss/lib/softoken/rsawrapr.c delete mode 100644 security/nss/lib/softoken/secpkcs5.c delete mode 100644 security/nss/lib/softoken/secpkcs5.h delete mode 100644 security/nss/lib/softoken/softoken.h delete mode 100644 security/nss/lib/softoken/softoknt.h delete mode 100644 security/nss/lib/ssl/Makefile delete mode 100644 security/nss/lib/ssl/authcert.c delete mode 100644 security/nss/lib/ssl/cmpcert.c delete mode 100644 security/nss/lib/ssl/config.mk delete mode 100644 security/nss/lib/ssl/emulate.c delete mode 100644 security/nss/lib/ssl/manifest.mn delete mode 100644 security/nss/lib/ssl/notes.txt delete mode 100644 security/nss/lib/ssl/nsskea.c delete mode 100644 security/nss/lib/ssl/os2_err.c delete mode 100644 security/nss/lib/ssl/os2_err.h delete mode 100644 security/nss/lib/ssl/preenc.h delete mode 100644 security/nss/lib/ssl/prelib.c delete mode 100644 security/nss/lib/ssl/ssl.def delete mode 100644 security/nss/lib/ssl/ssl.h delete mode 100644 security/nss/lib/ssl/ssl.rc delete mode 100644 security/nss/lib/ssl/ssl3con.c delete mode 100644 security/nss/lib/ssl/ssl3gthr.c delete mode 100644 security/nss/lib/ssl/ssl3prot.h delete mode 100644 security/nss/lib/ssl/sslauth.c delete mode 100644 security/nss/lib/ssl/sslcon.c delete mode 100644 security/nss/lib/ssl/ssldef.c delete mode 100644 security/nss/lib/ssl/sslenum.c delete mode 100644 security/nss/lib/ssl/sslerr.c delete mode 100644 security/nss/lib/ssl/sslerr.h delete mode 100644 security/nss/lib/ssl/sslgathr.c delete mode 100644 security/nss/lib/ssl/sslimpl.h delete mode 100644 security/nss/lib/ssl/sslnonce.c delete mode 100644 security/nss/lib/ssl/sslproto.h delete mode 100644 security/nss/lib/ssl/sslreveal.c delete mode 100644 security/nss/lib/ssl/sslsecur.c delete mode 100644 security/nss/lib/ssl/sslsnce.c delete mode 100644 security/nss/lib/ssl/sslsock.c delete mode 100644 security/nss/lib/ssl/ssltrace.c delete mode 100644 security/nss/lib/ssl/sslver.c delete mode 100644 security/nss/lib/ssl/unix_err.c delete mode 100644 security/nss/lib/ssl/unix_err.h delete mode 100644 security/nss/lib/ssl/win32err.c delete mode 100644 security/nss/lib/ssl/win32err.h delete mode 100644 security/nss/lib/util/Makefile delete mode 100644 security/nss/lib/util/base64.h delete mode 100644 security/nss/lib/util/ciferfam.h delete mode 100644 security/nss/lib/util/config.mk delete mode 100644 security/nss/lib/util/derdec.c delete mode 100644 security/nss/lib/util/derenc.c delete mode 100644 security/nss/lib/util/dersubr.c delete mode 100644 security/nss/lib/util/dertime.c delete mode 100644 security/nss/lib/util/mac_rand.c delete mode 100644 security/nss/lib/util/manifest.mn delete mode 100644 security/nss/lib/util/nssb64.h delete mode 100644 security/nss/lib/util/nssb64d.c delete mode 100644 security/nss/lib/util/nssb64e.c delete mode 100644 security/nss/lib/util/nssb64t.h delete mode 100644 security/nss/lib/util/nssilock.c delete mode 100644 security/nss/lib/util/nssilock.h delete mode 100644 security/nss/lib/util/nsslocks.c delete mode 100644 security/nss/lib/util/nsslocks.h delete mode 100644 security/nss/lib/util/nssrwlk.c delete mode 100644 security/nss/lib/util/nssrwlk.h delete mode 100644 security/nss/lib/util/nssrwlkt.h delete mode 100644 security/nss/lib/util/os2_rand.c delete mode 100644 security/nss/lib/util/portreg.c delete mode 100644 security/nss/lib/util/portreg.h delete mode 100644 security/nss/lib/util/pqgutil.c delete mode 100644 security/nss/lib/util/pqgutil.h delete mode 100644 security/nss/lib/util/ret_cr16.s delete mode 100644 security/nss/lib/util/secalgid.c delete mode 100644 security/nss/lib/util/secasn1.h delete mode 100644 security/nss/lib/util/secasn1d.c delete mode 100644 security/nss/lib/util/secasn1e.c delete mode 100644 security/nss/lib/util/secasn1t.h delete mode 100644 security/nss/lib/util/secasn1u.c delete mode 100644 security/nss/lib/util/seccomon.h delete mode 100644 security/nss/lib/util/secder.h delete mode 100644 security/nss/lib/util/secdert.h delete mode 100644 security/nss/lib/util/secdig.c delete mode 100644 security/nss/lib/util/secdig.h delete mode 100644 security/nss/lib/util/secdigt.h delete mode 100644 security/nss/lib/util/secerr.h delete mode 100644 security/nss/lib/util/secinit.c delete mode 100644 security/nss/lib/util/secitem.c delete mode 100644 security/nss/lib/util/secitem.h delete mode 100644 security/nss/lib/util/secoid.c delete mode 100644 security/nss/lib/util/secoid.h delete mode 100644 security/nss/lib/util/secoidt.h delete mode 100644 security/nss/lib/util/secplcy.c delete mode 100644 security/nss/lib/util/secplcy.h delete mode 100644 security/nss/lib/util/secport.c delete mode 100644 security/nss/lib/util/secport.h delete mode 100644 security/nss/lib/util/secrng.h delete mode 100644 security/nss/lib/util/secrngt.h delete mode 100644 security/nss/lib/util/sectime.c delete mode 100644 security/nss/lib/util/sysrand.c delete mode 100644 security/nss/lib/util/unix_rand.c delete mode 100644 security/nss/lib/util/utf8.c delete mode 100644 security/nss/lib/util/watcomfx.h delete mode 100644 security/nss/lib/util/win_rand.c delete mode 100644 security/nss/macbuild/LoadableRoots.mcp delete mode 100644 security/nss/macbuild/LoadableRoots.mcp.exp delete mode 100755 security/nss/macbuild/NSS.Prefix delete mode 100755 security/nss/macbuild/NSS.mcp delete mode 100755 security/nss/macbuild/NSSCommon.h delete mode 100755 security/nss/macbuild/NSSDebug.Prefix delete mode 100644 security/nss/macbuild/NSSckfw.mcp delete mode 100644 security/nss/macbuild/macstubs.c delete mode 100644 security/nss/makefile.win delete mode 100644 security/nss/manifest.mn delete mode 100644 security/nss/relnotes.txt delete mode 100755 security/nss/tests/all.sh delete mode 100755 security/nss/tests/cert/cert.sh delete mode 100755 security/nss/tests/cipher/cipher.sh delete mode 100644 security/nss/tests/cipher/cipher.txt delete mode 100644 security/nss/tests/cipher/dsa.txt delete mode 100644 security/nss/tests/cipher/hash.txt delete mode 100755 security/nss/tests/cipher/performance.sh delete mode 100644 security/nss/tests/cipher/rsa.txt delete mode 100644 security/nss/tests/cipher/symmkey.txt delete mode 100644 security/nss/tests/common/Makefile delete mode 100755 security/nss/tests/common/arch.sh delete mode 100755 security/nss/tests/common/cleanup.sh delete mode 100644 security/nss/tests/common/init.sh delete mode 100644 security/nss/tests/common/results_header.html delete mode 100755 security/nss/tests/core_watch delete mode 100644 security/nss/tests/doc/clean.gif delete mode 100755 security/nss/tests/doc/nssqa.txt delete mode 100644 security/nss/tests/doc/platform_specific_problems delete mode 100755 security/nss/tests/doc/qa_wrapper.html delete mode 100644 security/nss/tests/header delete mode 100755 security/nss/tests/mksymlinks delete mode 100755 security/nss/tests/nssqa delete mode 100755 security/nss/tests/path_uniq delete mode 100755 security/nss/tests/perf/perf.sh delete mode 100644 security/nss/tests/pkcs11/netscape/suites/Makefile delete mode 100644 security/nss/tests/pkcs11/netscape/suites/config.mk delete mode 100644 security/nss/tests/pkcs11/netscape/suites/manifest.mn delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/Makefile delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/config.mk delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/manifest.mn delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/README delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c delete mode 100755 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp delete mode 100644 security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/.cvsignore delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/Makefile.in delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/README.txt delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/acconfig.h delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/config.h.in delete mode 100755 security/nss/tests/pkcs11/netscape/trivial/configure delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/configure.in delete mode 100755 security/nss/tests/pkcs11/netscape/trivial/install-sh delete mode 100644 security/nss/tests/pkcs11/netscape/trivial/trivial.c delete mode 100644 security/nss/tests/platformlist delete mode 100644 security/nss/tests/platformlist.tbx delete mode 100755 security/nss/tests/qa_stat delete mode 100755 security/nss/tests/qaclean delete mode 100755 security/nss/tests/sdr/sdr.sh delete mode 100644 security/nss/tests/set_environment delete mode 100644 security/nss/tests/smime/alice.txt delete mode 100644 security/nss/tests/smime/bob.txt delete mode 100755 security/nss/tests/smime/smime.sh delete mode 100755 security/nss/tests/ssl/ssl.sh delete mode 100755 security/nss/tests/ssl/ssl_dist_stress.sh delete mode 100644 security/nss/tests/ssl/sslauth.txt delete mode 100644 security/nss/tests/ssl/sslcov.txt delete mode 100644 security/nss/tests/ssl/sslreq.txt delete mode 100644 security/nss/tests/ssl/sslstress.txt delete mode 100644 security/nss/tests/tools/sign.html delete mode 100644 security/nss/tests/tools/signjs.html delete mode 100644 security/nss/tests/tools/tools.sh delete mode 100755 security/nss/trademarks.txt (limited to 'security') diff --git a/security/coreconf/.cshrc b/security/coreconf/.cshrc deleted file mode 100644 index 659e4f7aa..000000000 --- a/security/coreconf/.cshrc +++ /dev/null @@ -1,273 +0,0 @@ -#!/bin/csh -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Startup file for csh and tcsh. It is meant to work on: -# -# SunOS 4.1.3_U1, -# Sun Solaris, -# Sun Solaris on Intel, -# SGI IRIX, -# SGI IRIX64, -# UNIX_SV, -# IBM AIX, -# Hewlett-Packard HP-UX, -# SCO_SV, -# FreeBSD, -# DEC OSF/1, -# Linux, -# and everything else. -# - -############################################### -# Set operating system name and release level # -############################################### - -set os_name=`uname -s` -set os_release=`uname -r` - -########################################################## -# Set environment variables based upon operating system # -########################################################## - -if ($os_name == "SunOS" && $os_release == "4.1.3_U1") then - ############################## - # SunOS 4.1.3_U1 - # - - setenv NO_MDUPDATE 1 - - set path = ( /tools/ns/soft/gcc-2.6.3/run/default/sparc_sun_sunos4.1.3_U1/bin \ - /tools/ns/bin \ - /sbin \ - /usr/bin \ - /usr/openwin/bin \ - /usr/openwin/include \ - /usr/ucb \ - /usr/local/bin \ - /etc \ - /usr/etc \ - /usr/etc/install \ - . ) - -else if ($os_name == "SunOS") then - ################################ - # Assume it is Sun Solaris - # - - # To build Navigator on Solaris 2.5, I must set the environment - # variable NO_MDUPDATE and use gcc-2.6.3. - setenv NO_MDUPDATE 1 - - set path = ( /share/builds/components/jdk/1.2.2_01/SunOS \ - /usr/ccs/bin \ - /usr/opt/bin \ - /tools/ns/bin \ - /usr/sbin \ - /sbin \ - /usr/bin \ - /usr/dt/bin \ - /usr/openwin/bin \ - /usr/openwin/include \ - /usr/ucb \ - /usr/opt/java/bin \ - /usr/local/bin \ - /etc \ - /usr/etc \ - /usr/etc/install \ - /opt/Acrobat3/bin \ - . ) - - # To get the native Solaris cc - if (`uname -m` == i86pc) then - set path = ( /h/solx86/export/home/opt/SUNWspro/SC3.0.1/bin \ - $path ) - else - set path = ( /tools/ns/workshop/bin \ - /tools/ns/soft/gcc-2.6.3/run/default/sparc_sun_solaris2.4/bin \ - $path ) - endif - - setenv LD_LIBRARY_PATH /share/builds/components/jdk/1.2.2_01/SunOS/lib/sparc/native_threads - - setenv MANPATH /usr/local/man:/usr/local/lib/mh/man:/usr/local/lib/rcscvs/man:/usr/local/lib/fvwm/man:/usr/local/lib/xscreensaver/man:/usr/share/man:/usr/openwin/man:/usr/opt/man - - # For Purify - setenv PURIFYHOME /usr/local-sparc-solaris/pure/purify-4.0-solaris2 - setenv PATH ${PURIFYHOME}:$PATH - setenv MANPATH $PURIFYHOME/man:$MANPATH - setenv LD_LIBRARY_PATH ${LD_LIBRARY_PATH}:$PURIFYHOME - setenv PURIFYOPTIONS "-max_threads=1000 -follow-child-processes=yes" - -else if ($os_name == "IRIX" || $os_name == "IRIX64") then - ############# - # SGI Irix - # - - set path = ( /share/builds/components/jdk/1.2.1/IRIX \ - /tools/ns/bin \ - /tools/contrib/bin \ - /usr/local/bin \ - /usr/sbin \ - /usr/bsd \ - /usr/bin \ - /bin \ - /etc \ - /usr/etc \ - /usr/bin/X11 \ - . ) - -else if ($os_name == "UNIX_SV") then - ################# - # UNIX_SV - # - - set path = ( /usr/local/bin \ - /tools/ns/bin \ - /bin \ - /usr/bin \ - /usr/bin/X11 \ - /X11/bin \ - /usr/X/bin \ - /usr/ucb \ - /usr/sbin \ - /sbin \ - /usr/ccs/bin \ - . ) - -else if ($os_name == "AIX") then - ################# - # IBM AIX - # - - set path = ( /share/builds/components/jdk/1.2.2/AIX \ - /usr/ucb/ \ - /tools/ns-arch/rs6000_ibm_aix4.1/bin \ - /tools/ns-arch/rs6000_ibm_aix3.2.5/bin \ - /share/tools/ns/soft/cvs-1.8/run/default/rs6000_ibm_aix3.2.5/bin \ - /bin \ - /usr/bin \ - /usr/ccs/bin \ - /usr/sbin \ - /usr/local/bin \ - /usr/bin/X11 \ - /usr/etc \ - /etc \ - /sbin \ - . ) - -else if ($os_name == "HP-UX") then - ################# - # HP UX - # - - set path = ( /share/builds/components/jdk/1.1.6/HP-UX \ - /usr/bin \ - /opt/ansic/bin \ - /usr/ccs/bin \ - /usr/contrib/bin \ - /opt/nettladm/bin \ - /opt/graphics/common/bin \ - /usr/bin/X11 \ - /usr/contrib/bin/X11 \ - /opt/upgrade/bin \ - /opt/CC/bin \ - /opt/aCC/bin \ - /opt/langtools/bin \ - /opt/imake/bin \ - /etc \ - /usr/etc \ - /usr/local/bin \ - /tools/ns/bin \ - /tools/contrib/bin \ - /usr/sbin \ - /usr/local/bin \ - /tools/ns/bin \ - /tools/contrib/bin \ - /usr/sbin \ - /usr/include/X11R5 \ - . ) - -else if ($os_name == "SCO_SV") then - ################# - # SCO - # - - set path = ( /bin \ - /usr/bin \ - /tools/ns/bin \ - /tools/contrib/bin \ - /usr/sco/bin \ - /usr/bin/X11 \ - /usr/local/bin \ - . ) - -else if ($os_name == "FreeBSD") then - ################# - # FreeBSD - # - - setenv PATH /usr/bin:/bin:/usr/sbin:/sbin:/usr/X11R6/bin:/usr/local/java/bin:/usr/local/bin:/usr/ucb:/usr/ccs/bin:/tools/contrib/bin:/tools/ns/bin:. - -else if ($os_name == "OSF1") then - ################# - # DEC OSF1 - # - - set path = ( /share/builds/components/jdk/1.2.2_3/OSF1 \ - /tools/ns-arch/alpha_dec_osf4.0/bin \ - /tools/ns-arch/soft/cvs-1.8.3/run/default/alpha_dec_osf2.0/bin \ - /usr/local-alpha-osf/bin \ - /usr3/local/bin \ - /usr/local/bin \ - /usr/sbin \ - /usr/bin \ - /bin \ - /usr/bin/X11 \ - /usr/ucb \ - . ) - -else if ($os_name == "Linux") then - ################# - # Linux - # - - set path = ( /share/builds/components/jdk/1.2.2/Linux \ - $path ) - -endif - -############################### -# Reset any "tracked" aliases # -############################### - -rehash diff --git a/security/coreconf/.profile b/security/coreconf/.profile deleted file mode 100644 index 5474405e2..000000000 --- a/security/coreconf/.profile +++ /dev/null @@ -1,216 +0,0 @@ -#!/bin/sh -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Startup file for sh, ksh and bash. It is meant to work on: -# -# SunOS 4.1.3_U1, -# Sun Solaris, -# Sun Solaris on Intel, -# SGI IRIX, -# SGI IRIX64, -# UNIX_SV, -# IBM AIX, -# Hewlett-Packard HP-UX, -# SCO_SV, -# FreeBSD, -# DEC OSF/1, -# Linux, -# and everything else. -# - -############################################### -# Set operating system name and release level # -############################################### - -OS_NAME=`uname -s` -export OS_NAME - -OS_RELEASE=`uname -r` -export OS_RELEASE - -########################################################## -# Set environment variables based upon operating system # -########################################################## - -case $OS_NAME in - - SunOS) - ############################## - # Sun - # - - case $OS_RELEASE in - - 4.1.3_U1) - ############################## - # SunOS 4.1.3_U1 - # - - NO_MDUPDATE=1 - export NO_MDUPDATE - - PATH=/tools/ns/soft/gcc-2.6.3/run/default/sparc_sun_sunos4.1.3_U1/bin:tools/ns/bin:/sbin:/usr/bin:/usr/openwin/bin:/usr/openwin/include:/usr/ucb:/usr/local/bin:/etc:/usr/etc:/usr/etc/install:. - export PATH - ;; - - *) - ################################ - # Assume it is Sun Solaris - # - - # To build Navigator on Solaris 2.5, I must set the environment - # variable NO_MDUPDATE and use gcc-2.6.3. - NO_MDUPDATE=1 - export NO_MDUPDATE - - PATH=/share/builds/components/jdk/1.2.2_01/SunOS:/usr/ccs/bin:/usr/opt/bin:/tools/ns/bin:/usr/sbin:/sbin:/usr/bin:/usr/dt/bin:/usr/openwin/bin:/usr/openwin/include:/usr/ucb:/usr/opt/java/bin:/usr/local/bin:/etc:/usr/etc:/usr/etc/install:/opt/Acrobat3/bin:. - export PATH - - # To get the native Solaris cc - OS_TEST=`uname -m` - export OS_TEST - - case $OS_TEST in - - i86pc) - PATH=/h/solx86/export/home/opt/SUNWspro/SC3.0.1/bin:$PATH - export PATH - ;; - - *) - PATH=/tools/ns/workshop/bin:/tools/ns/soft/gcc-2.6.3/run/default/sparc_sun_solaris2.4/bin:$PATH - export PATH - ;; - esac - - LD_LIBRARY_PATH=/share/builds/components/jdk/1.2.2_01/SunOS/lib/sparc/native_threads - export LD_LIBRARY_PATH - - MANPATH=/usr/local/man:/usr/local/lib/mh/man:/usr/local/lib/rcscvs/man:/usr/local/lib/fvwm/man:/usr/local/lib/xscreensaver/man:/usr/share/man:/usr/openwin/man:/usr/opt/man - export MANPATH - - # For Purify - PURIFYHOME=/usr/local-sparc-solaris/pure/purify-4.0-solaris2 - export PURIFYHOME - PATH=/usr/local-sparc-solaris/pure/purify-4.0-solaris2:$PATH - export PATH - MANPATH=$PURIFYHOME/man:$MANPATH - export MANPATH - LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local-sparc-solaris/pure/purify-4.0-solaris2 - export LD_LIBRARY_PATH - PURIFYOPTIONS="-max_threads=1000 -follow-child-processes=yes" - export PURIFYOPTIONS - ;; - esac - ;; - - IRIX | IRIX64) - ############# - # SGI Irix - # - - PATH=/share/builds/components/jdk/1.2.1/IRIX:/tools/ns/bin:/tools/contrib/bin:/usr/local/bin:/usr/sbin:/usr/bsd:/usr/bin:/bin:/etc:/usr/etc:/usr/bin/X11:. - export PATH - ;; - - UNIX_SV) - ################# - # UNIX_SV - # - - PATH=/usr/local/bin:/tools/ns/bin:/bin:/usr/bin:/usr/bin/X11:/X11/bin:/usr/X/bin:/usr/ucb:/usr/sbin:/sbin:/usr/ccs/bin:. - export PATH - ;; - - AIX) - ################# - # IBM AIX - # - - PATH=/share/builds/components/jdk/1.2.2/AIX:/usr/ucb/:/tools/ns-arch/rs6000_ibm_aix4.1/bin:/tools/ns-arch/rs6000_ibm_aix3.2.5/bin:/share/tools/ns/soft/cvs-1.8/run/default/rs6000_ibm_aix3.2.5/bin:/bin:/usr/bin:/usr/ccs/bin:/usr/sbin:/usr/local/bin:/usr/bin/X11:/usr/etc:/etc:/sbin:. - export PATH - ;; - - HP-UX) - ################# - # HP UX - # - - PATH=/share/builds/components/jdk/1.1.6/HP-UX:/usr/bin:/opt/ansic/bin:/usr/ccs/bin:/usr/contrib/bin:/opt/nettladm/bin:/opt/graphics/common/bin:/usr/bin/X11:/usr/contrib/bin/X11:/opt/upgrade/bin:/opt/CC/bin:/opt/aCC/bin:/opt/langtools/bin:/opt/imake/bin:/etc:/usr/etc:/usr/local/bin:/tools/ns/bin:/tools/contrib/bin:/usr/sbin:/usr/local/bin:/tools/ns/bin:/tools/contrib/bin:/usr/sbin:/usr/include/X11R5:. - export PATH - ;; - - SCO_SV) - ################# - # SCO - # - - PATH=/bin:/usr/bin:/tools/ns/bin:/tools/contrib/bin:/usr/sco/bin:/usr/bin/X11:/usr/local/bin:. - export PATH - ;; - - FreeBSD) - - ################# - # FreeBSD - # - - PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/X11R6/bin:/usr/local/java/bin:/usr/local/bin:/usr/ucb:/usr/ccs/bin:/tools/contrib/bin:/tools/ns/bin:. - export PATH - ;; - - OSF1) - ################# - # DEC OSF1 - # - - PATH=/share/builds/components/jdk/1.2.2_3/OSF1:/tools/ns-arch/alpha_dec_osf4.0/bin:/tools/ns-arch/soft/cvs-1.8.3/run/default/alpha_dec_osf2.0/bin:/usr/local-alpha-osf/bin:/usr3/local/bin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/usr/bin/X11:/usr/ucb:. - export PATH - ;; - - Linux) - - ################# - # Linux - # - - PATH=/share/builds/components/jdk/1.2.2/Linux:$PATH - export PATH - ;; -esac - -############################### -# Reset any "tracked" aliases # -############################### - -hash -r diff --git a/security/coreconf/AIX.mk b/security/coreconf/AIX.mk deleted file mode 100644 index 1f62cb0a3..000000000 --- a/security/coreconf/AIX.mk +++ /dev/null @@ -1,74 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for AIX. -# -include $(CORE_DEPTH)/coreconf/UNIX.mk - -# -# There are two implementation strategies available on AIX: -# pthreads, and pthreads-user. The default is pthreads. -# In both strategies, we need to use pthread_user.c, instead of -# aix.c. The fact that aix.c is never used is somewhat strange. -# -# So we need to do the following: -# - Default (PTHREADS_USER not defined in the environment or on -# the command line): -# Set PTHREADS_USER=1, USE_PTHREADS=1 -# - PTHREADS_USER=1 set in the environment or on the command line: -# Do nothing. -# -ifeq ($(PTHREADS_USER),1) - USE_PTHREADS = # just to be safe - IMPL_STRATEGY = _PTH_USER -else - USE_PTHREADS = 1 - PTHREADS_USER = 1 -endif - -DEFAULT_COMPILER = xlC_r - -CC = xlC_r -CCC = xlC_r - -CPU_ARCH = rs6000 - -RANLIB = ranlib - -OS_CFLAGS = -DAIX -DSYSV -ifeq ($(CC),xlC_r) - OS_CFLAGS += -qarch=com -endif - -AIX_WRAP = $(DIST)/lib/aixwrap.o -AIX_TMP = $(OBJDIR)/_aix_tmp.o -OS_LIBS += -lsvld diff --git a/security/coreconf/AIX3.2.mk b/security/coreconf/AIX3.2.mk deleted file mode 100644 index c93a00eef..000000000 --- a/security/coreconf/AIX3.2.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for AIX3.2.5 -# -include $(CORE_DEPTH)/coreconf/AIX.mk diff --git a/security/coreconf/AIX4.1.mk b/security/coreconf/AIX4.1.mk deleted file mode 100644 index ba93b4ce2..000000000 --- a/security/coreconf/AIX4.1.mk +++ /dev/null @@ -1,46 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for AIX4.1 -# - -include $(CORE_DEPTH)/coreconf/AIX.mk - - -AIX_LINK_OPTS += -bnso -berok -#AIX_LINK_OPTS += -bnso -berok -brename:.select,.wrap_select -brename:.poll,.wrap_poll -bI:/usr/lib/syscalls.exp - -# The AIX4.1 linker had a bug which always looked for a dynamic library -# with an extension of .a. AIX4.2 fixed this problem -DLL_SUFFIX = a - -OS_LIBS += -lsvld diff --git a/security/coreconf/AIX4.2.mk b/security/coreconf/AIX4.2.mk deleted file mode 100644 index e68846ff4..000000000 --- a/security/coreconf/AIX4.2.mk +++ /dev/null @@ -1,45 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. - -# -# Config stuff for AIX4.2 -# - -include $(CORE_DEPTH)/coreconf/AIX.mk - -OS_CFLAGS += -DAIX4_2 -DSO_LDOPTS = -brtl -bM:SRE -bnoentry $(EXPORT_RULES) -MKSHLIB = $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm - -OS_LIBS += -L/usr/lpp/xlC/lib -lc -lm -EXPORT_RULES = -bexpall - diff --git a/security/coreconf/AIX4.3.mk b/security/coreconf/AIX4.3.mk deleted file mode 100644 index 1446ccc9c..000000000 --- a/security/coreconf/AIX4.3.mk +++ /dev/null @@ -1,52 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for AIX4.3 -# - -include $(CORE_DEPTH)/coreconf/AIX.mk - - -ifeq ($(USE_64), 1) -# Next line replaced by generic name handling in arch.mk -# COMPILER_TAG = _64 - OS_CFLAGS += -DAIX_64BIT - OBJECT_MODE=64 - export OBJECT_MODE -endif -OS_CFLAGS += -DAIX4_3 -DSO_LDOPTS = -brtl -bM:SRE -bnoentry $(EXPORT_RULES) -MKSHLIB = $(LD) $(DSO_LDOPTS) -lsvld -L/usr/lpp/xlC/lib -lc -lm - -OS_LIBS += -L/usr/lpp/xlC/lib -lc -lm -EXPORT_RULES = -bexpall - diff --git a/security/coreconf/BSD_OS.mk b/security/coreconf/BSD_OS.mk deleted file mode 100644 index fe0fe92ec..000000000 --- a/security/coreconf/BSD_OS.mk +++ /dev/null @@ -1,83 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): Kurt J. Lidl -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for BSD/OS -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = gcc -CC = gcc -CCC = g++ -RANLIB = ranlib - -ifeq ($(OS_TEST),i386) - OS_REL_CFLAGS = -D__i386__ - CPU_ARCH = x86 -else -ifeq ($(OS_TEST),ppc) - OS_REL_CFLAGS = -D__ppc__ - CPU_ARCH = ppc -else -ifeq ($(OS_TEST),sparc) - OS_REL_CFLAGS = -D__sparc__ - CPU_ARCH = sparc -else -# treat the ultrasparc like a regular sparc, at least for now! -ifeq ($(OS_TEST),sparc_v9) - OS_REL_CFLAGS = -D__sparc__ - CPU_ARCH = sparc -endif -endif -endif -endif - -DLL_SUFFIX = so - -OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -Wall -DBSD_OS -DBSDI -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK - -ARCH = bsdos - -DSO_CFLAGS = -fPIC -DPIC -DSO_LDOPTS = -shared -DSO_LDFLAGS = -DSO_LDOPTS += -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) - -ifdef LIBRUNPATH -DSO_LDOPTS += -Wl,-R$(LIBRUNPATH) -endif - -MKSHLIB = $(CC) $(DSO_LDOPTS) - -G++INCLUDES = -I/usr/include/g++ - -INCLUDES += -I/usr/X11R6/include diff --git a/security/coreconf/FreeBSD.mk b/security/coreconf/FreeBSD.mk deleted file mode 100644 index a6136baba..000000000 --- a/security/coreconf/FreeBSD.mk +++ /dev/null @@ -1,79 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for FreeBSD -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = gcc -CC = gcc -CCC = g++ -RANLIB = ranlib - -ifeq ($(OS_TEST),alpha) -CPU_ARCH = alpha -else -OS_REL_CFLAGS = -Di386 -CPU_ARCH = x86 -endif - -OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe $(THREAD_FLAG) -DFREEBSD -DHAVE_STRERROR -DHAVE_BSD_FLOCK - -# -# The default implementation strategy for FreeBSD is pthreads. -# -ifndef CLASSIC_NSPR -USE_PTHREADS = 1 -DEFINES += -D_THREAD_SAFE -THREAD_FLAG = -pthread -endif - -ARCH = freebsd - -MOZ_OBJFORMAT := $(shell test -x /usr/bin/objformat && /usr/bin/objformat || echo aout) - -ifeq ($(MOZ_OBJFORMAT),elf) -DLL_SUFFIX = so -else -DLL_SUFFIX = so.1.0 -endif - -DSO_CFLAGS = -fPIC -DSO_LDOPTS = -Bshareable -DSO_LDFLAGS = - -MKSHLIB = $(LD) $(DSO_LDOPTS) - -G++INCLUDES = -I/usr/include/g++ - -INCLUDES += -I/usr/X11R6/include diff --git a/security/coreconf/HP-UX.mk b/security/coreconf/HP-UX.mk deleted file mode 100644 index 2519ec3de..000000000 --- a/security/coreconf/HP-UX.mk +++ /dev/null @@ -1,71 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. - -# -# Config stuff for HP-UX -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -CPU_ARCH = hppa -DLL_SUFFIX = sl -CC = cc -CCC = CC -OS_CFLAGS += -Ae $(DSO_CFLAGS) -DHPUX -D$(CPU_ARCH) -D_HPUX_SOURCE - -ifeq ($(DEFAULT_IMPL_STRATEGY),_PTH) - USE_PTHREADS = 1 - ifeq ($(CLASSIC_NSPR),1) - USE_PTHREADS = - IMPL_STRATEGY = _CLASSIC - endif - ifeq ($(PTHREADS_USER),1) - USE_PTHREADS = - IMPL_STRATEGY = _PTH_USER - endif -endif - -ifdef PTHREADS_USER - OS_CFLAGS += -D_POSIX_C_SOURCE=199506L -endif - -LDFLAGS = -z -Wl,+s - -MKSHLIB = $(LD) $(DSO_LDOPTS) - -DSO_LDOPTS = -b +h $(notdir $@) -DSO_LDFLAGS = - -# +Z generates position independent code for use in shared libraries. -DSO_CFLAGS = +Z diff --git a/security/coreconf/HP-UXA.09.03.mk b/security/coreconf/HP-UXA.09.03.mk deleted file mode 100644 index 7ac02ae2a..000000000 --- a/security/coreconf/HP-UXA.09.03.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. - -# -# On HP-UX 9, the default (and only) implementation strategy is -# classic nspr. -# -ifeq ($(OS_RELEASE),A.09.03) - DEFAULT_IMPL_STRATEGY = _CLASSIC -endif - -# -# Config stuff for HP-UXA.09.03 -# -include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk diff --git a/security/coreconf/HP-UXA.09.07.mk b/security/coreconf/HP-UXA.09.07.mk deleted file mode 100644 index 9fcf4c826..000000000 --- a/security/coreconf/HP-UXA.09.07.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On HP-UX 9, the default (and only) implementation strategy is -# classic nspr. -# -ifeq ($(OS_RELEASE),A.09.07) - DEFAULT_IMPL_STRATEGY = _CLASSIC -endif - -# -# Config stuff for HP-UXA.09.07 -# -include $(CORE_DEPTH)/coreconf/HP-UXA.09.mk diff --git a/security/coreconf/HP-UXA.09.mk b/security/coreconf/HP-UXA.09.mk deleted file mode 100644 index 813a16f40..000000000 --- a/security/coreconf/HP-UXA.09.mk +++ /dev/null @@ -1,38 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. - -# -# Config stuff for HP-UXA.09 -# -include $(CORE_DEPTH)/coreconf/HP-UX.mk - -OS_CFLAGS += -DHPUX9 diff --git a/security/coreconf/HP-UXB.10.01.mk b/security/coreconf/HP-UXB.10.01.mk deleted file mode 100644 index 718ee1184..000000000 --- a/security/coreconf/HP-UXB.10.01.mk +++ /dev/null @@ -1,40 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -ifeq ($(OS_RELEASE),B.10.01) - DEFAULT_IMPL_STRATEGY = _CLASSIC -endif - -# -# Config stuff for HP-UXB.10.01 -# -include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk diff --git a/security/coreconf/HP-UXB.10.10.mk b/security/coreconf/HP-UXB.10.10.mk deleted file mode 100644 index 54a78e6e2..000000000 --- a/security/coreconf/HP-UXB.10.10.mk +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On HP-UX 10.10 and 10.20, the default implementation strategy is -# pthreads (actually DCE threads). Classic nspr is also available. -# - -ifeq ($(OS_RELEASE),B.10.10) - DEFAULT_IMPL_STRATEGY = _PTH -endif - -# -# Config stuff for HP-UXB.10.10 -# -include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk - -OS_CFLAGS += -DHPUX10_10 - -ifeq ($(USE_PTHREADS),1) - OS_CFLAGS += -D_REENTRANT -endif diff --git a/security/coreconf/HP-UXB.10.20.mk b/security/coreconf/HP-UXB.10.20.mk deleted file mode 100644 index 5c14b9844..000000000 --- a/security/coreconf/HP-UXB.10.20.mk +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On HP-UX 10.10 and 10.20, the default implementation strategy is -# pthreads (actually DCE threads). Classic nspr is also available. -# - -ifeq ($(OS_RELEASE),B.10.20) - DEFAULT_IMPL_STRATEGY = _PTH -endif - -# -# Config stuff for HP-UXB.10.20 -# -include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk - -OS_CFLAGS += -DHPUX10_20 - -ifeq ($(USE_PTHREADS),1) - OS_CFLAGS += -D_REENTRANT -endif diff --git a/security/coreconf/HP-UXB.10.30.mk b/security/coreconf/HP-UXB.10.30.mk deleted file mode 100644 index ef52d1122..000000000 --- a/security/coreconf/HP-UXB.10.30.mk +++ /dev/null @@ -1,56 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On HP-UX 10.30 and 11.00, the default implementation strategy is -# pthreads. Classic nspr and pthreads-user are also available. -# - -ifeq ($(OS_RELEASE),B.10.30) - DEFAULT_IMPL_STRATEGY = _PTH -endif - -# -# Config stuff for HP-UXB.10.30. -# -include $(CORE_DEPTH)/coreconf/HP-UXB.10.mk - -OS_CFLAGS += -DHPUX10_30 - -# -# To use the true pthread (kernel thread) library on 10.30 and -# 11.00, we should define _POSIX_C_SOURCE to be 199506L. -# The _REENTRANT macro is deprecated. -# - -ifdef USE_PTHREADS - OS_CFLAGS += -D_POSIX_C_SOURCE=199506L -endif diff --git a/security/coreconf/HP-UXB.10.mk b/security/coreconf/HP-UXB.10.mk deleted file mode 100644 index 77ca9bce7..000000000 --- a/security/coreconf/HP-UXB.10.mk +++ /dev/null @@ -1,38 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for HP-UXB.10 -# -include $(CORE_DEPTH)/coreconf/HP-UX.mk - -OS_CFLAGS += -DHPUX10 -OS_LIBS += -lpthread -lm diff --git a/security/coreconf/HP-UXB.11.00.mk b/security/coreconf/HP-UXB.11.00.mk deleted file mode 100644 index 0732202ae..000000000 --- a/security/coreconf/HP-UXB.11.00.mk +++ /dev/null @@ -1,55 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On HP-UX 10.30 and 11.00, the default implementation strategy is -# pthreads. Classic nspr and pthreads-user are also available. -# - -ifeq ($(OS_RELEASE),B.11.00) -OS_CFLAGS += -DHPUX10 -DEFAULT_IMPL_STRATEGY = _PTH -endif - -# -# To use the true pthread (kernel thread) library on 10.30 and -# 11.00, we should define _POSIX_C_SOURCE to be 199506L. -# The _REENTRANT macro is deprecated. -# - -ifdef USE_PTHREADS - OS_CFLAGS += -D_POSIX_C_SOURCE=199506L -endif - -# -# Config stuff for HP-UXB.11.00. -# -include $(CORE_DEPTH)/coreconf/HP-UXB.11.mk diff --git a/security/coreconf/HP-UXB.11.mk b/security/coreconf/HP-UXB.11.mk deleted file mode 100644 index 08463214d..000000000 --- a/security/coreconf/HP-UXB.11.mk +++ /dev/null @@ -1,65 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for HP-UXB.11 -# -include $(CORE_DEPTH)/coreconf/HP-UX.mk - -ifdef USE_LONG_LONGS -USE_HYBRID = 1 -endif - -ifndef NS_USE_GCC - CCC = /opt/aCC/bin/aCC -ext - ifeq ($(USE_64), 1) - OS_CFLAGS += -Aa +e +DA2.0W +DS2.0 +DChpux -# Next line replaced by generic name handling in arch.mk -# COMPILER_TAG = _64 - else - ifdef USE_HYBRID - OS_CFLAGS += -Aa +e +DA2.0 +DS2.0 - else - OS_CFLAGS += +DAportable +DS2.0 - endif - endif -else - CCC = aCC -endif - -OS_CFLAGS += -DHPUX11 -OS_LIBS += -lpthread -lm -lrt -#ifeq ($(USE_64), 1) -#OS_LIBS += -ldl -#else -#OS_LIBS += -ldld -#endif -HPUX11 = 1 diff --git a/security/coreconf/IRIX.mk b/security/coreconf/IRIX.mk deleted file mode 100644 index cc976e04c..000000000 --- a/security/coreconf/IRIX.mk +++ /dev/null @@ -1,120 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -# -# The default implementation strategy for Irix is classic nspr. -# -ifeq ($(USE_PTHREADS),1) - ifeq ($(USE_N32),1) - IMPL_STRATEGY = _n32_PTH - else - IMPL_STRATEGY = _PTH - endif -endif - -DEFAULT_COMPILER = cc - -ifdef NS_USE_GCC - CC = gcc - AS = $(CC) -x assembler-with-cpp - ODD_CFLAGS = -Wall -Wno-format - ifdef BUILD_OPT - OPTIMIZER = -O6 - endif -else - CC = cc - CCC = CC - ODD_CFLAGS = -fullwarn -xansi - ifdef BUILD_OPT - ifeq ($(USE_N32),1) - OPTIMIZER = -O -OPT:Olimit=4000 - else - OPTIMIZER = -O -Olimit 4000 - endif - endif - - # For 6.x machines, include this flag - ifeq (6., $(findstring 6., $(OS_RELEASE))) - ifeq ($(USE_N32),1) - ODD_CFLAGS += -n32 -mips3 -exceptions - else - ODD_CFLAGS += -32 -multigot - endif - else - ODD_CFLAGS += -xgot - endif - ifeq ($(USE_N32),1) - OS_CFLAGS += -dollar - endif -endif - -ODD_CFLAGS += -DSVR4 -DIRIX - -CPU_ARCH = mips - -RANLIB = /bin/true -# For purify -# NOTE: should always define _SGI_MP_SOURCE -NOMD_OS_CFLAGS += $(ODD_CFLAGS) -D_SGI_MP_SOURCE - -ifndef NO_MDUPDATE - OS_CFLAGS += $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES) -else - OS_CFLAGS += $(NOMD_OS_CFLAGS) -endif - -ifeq ($(USE_N32),1) - SHLIB_LD_OPTS += -n32 -mips3 -endif - -MKSHLIB += $(LD) $(SHLIB_LD_OPTS) -shared -soname $(@:$(OBJDIR)/%.so=%.so) - -DSO_LDOPTS = -elf -shared -all - -ifdef DSO_BACKEND - DSO_LDOPTS += -soname $(DSO_NAME) -endif - -# -# Revision notes: -# -# In the IRIX compilers prior to version 7.2, -n32 implied -mips3. -# Beginning in the 7.2 compilers, -n32 implies -mips4 when the compiler -# is running on a system with a mips4 CPU (e.g. R8K, R10K). -# We want our code to explicitly be mips3 code, so we now explicitly -# set -mips3 whenever we set -n32. -# diff --git a/security/coreconf/IRIX5.2.mk b/security/coreconf/IRIX5.2.mk deleted file mode 100644 index fbb4a137b..000000000 --- a/security/coreconf/IRIX5.2.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 5.2 -# -include $(CORE_DEPTH)/coreconf/IRIX5.mk diff --git a/security/coreconf/IRIX5.3.mk b/security/coreconf/IRIX5.3.mk deleted file mode 100644 index b7134592b..000000000 --- a/security/coreconf/IRIX5.3.mk +++ /dev/null @@ -1,37 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 5.3 -# -include $(CORE_DEPTH)/coreconf/IRIX5.mk - -OS_CFLAGS += -DIRIX5_3 diff --git a/security/coreconf/IRIX5.mk b/security/coreconf/IRIX5.mk deleted file mode 100644 index 56bfb0ea5..000000000 --- a/security/coreconf/IRIX5.mk +++ /dev/null @@ -1,40 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 5 -# - -include $(CORE_DEPTH)/coreconf/IRIX.mk - -ifndef NS_USE_GCC - ODD_CFLAGS += -xgot -endif diff --git a/security/coreconf/IRIX6.2.mk b/security/coreconf/IRIX6.2.mk deleted file mode 100644 index e17a0c3b6..000000000 --- a/security/coreconf/IRIX6.2.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 6.2 -# - - -# catch unresolved symbols - -SHLIB_LD_OPTS += -no_unresolved - -include $(CORE_DEPTH)/coreconf/IRIX6.mk - -OS_CFLAGS += -DIRIX6_2 diff --git a/security/coreconf/IRIX6.3.mk b/security/coreconf/IRIX6.3.mk deleted file mode 100644 index a684a1e11..000000000 --- a/security/coreconf/IRIX6.3.mk +++ /dev/null @@ -1,42 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 6.3 -# - -# catch unresolved symbols - -SHLIB_LD_OPTS += -no_unresolved - -include $(CORE_DEPTH)/coreconf/IRIX6.mk - -OS_CFLAGS += -DIRIX6_3 diff --git a/security/coreconf/IRIX6.5.mk b/security/coreconf/IRIX6.5.mk deleted file mode 100644 index 2341580b4..000000000 --- a/security/coreconf/IRIX6.5.mk +++ /dev/null @@ -1,45 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 6.5 -# - -# catch unresolved symbols - -SHLIB_LD_OPTS += -no_unresolved - -include $(CORE_DEPTH)/coreconf/IRIX6.mk - -OS_CFLAGS += -DIRIX6_5 -ifndef NS_USE_GCC -OS_CFLAGS += -mips3 -endif diff --git a/security/coreconf/IRIX6.mk b/security/coreconf/IRIX6.mk deleted file mode 100644 index a401dc6f3..000000000 --- a/security/coreconf/IRIX6.mk +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for IRIX 6 -# - -include $(CORE_DEPTH)/coreconf/IRIX.mk - -ifndef NS_USE_GCC - ifneq ($(USE_N32),1) - OS_CFLAGS += -32 - endif - ODD_CFLAGS += -multigot -endif - -ifeq ($(USE_PTHREADS),1) -OS_LIBS += -lpthread -endif diff --git a/security/coreconf/Linux.mk b/security/coreconf/Linux.mk deleted file mode 100644 index 8024ac7e7..000000000 --- a/security/coreconf/Linux.mk +++ /dev/null @@ -1,105 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -# -# The default implementation strategy for Linux is now pthreads -# -USE_PTHREADS = 1 - -ifeq ($(USE_PTHREADS),1) - IMPL_STRATEGY = _PTH -endif - -CC = gcc -CCC = g++ -RANLIB = ranlib - -DEFAULT_COMPILER = gcc - -ifeq ($(OS_TEST),ppc) - OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE - CPU_ARCH = ppc -else -ifeq ($(OS_TEST),alpha) - OS_REL_CFLAGS = -D_ALPHA_ -DLINUX1_2 -D_XOPEN_SOURCE - CPU_ARCH = alpha -else -ifeq ($(OS_TEST),sparc) - OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE - CPU_ARCH = sparc -else -ifeq ($(OS_TEST),sparc64) - OS_REL_CFLAGS = -DLINUX1_2 -D_XOPEN_SOURCE - CPU_ARCH = sparc -else - OS_REL_CFLAGS = -DLINUX1_2 -Di386 -D_XOPEN_SOURCE - CPU_ARCH = x86 -endif -endif -endif -endif - - -LIBC_TAG = _glibc - -ifeq ($(OS_RELEASE),2.0) - OS_REL_CFLAGS += -DLINUX2_0 - MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) - ifdef BUILD_OPT - OPTIMIZER = -O2 - endif -endif - -ifeq ($(USE_PTHREADS),1) -OS_PTHREAD = -lpthread -endif - -OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR -OS_LIBS = -L/lib $(OS_PTHREAD) -ldl -lc - -ifdef USE_PTHREADS - DEFINES += -D_REENTRANT -endif - -ARCH = linux - -DSO_CFLAGS = -fPIC -DSO_LDOPTS = -shared -DSO_LDFLAGS = - -# INCLUDES += -I/usr/include -Y/usr/include/linux -G++INCLUDES = -I/usr/include/g++ diff --git a/security/coreconf/Linux2.1.mk b/security/coreconf/Linux2.1.mk deleted file mode 100644 index bfbfe6b90..000000000 --- a/security/coreconf/Linux2.1.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux 2.1 (ELF) -# - -include $(CORE_DEPTH)/coreconf/Linux.mk -ifeq ($(OS_RELEASE),2.1) - OS_REL_CFLAGS += -DLINUX2_1 - MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) - ifdef BUILD_OPT - OPTIMIZER = -O2 - endif -endif - diff --git a/security/coreconf/Linux2.2.mk b/security/coreconf/Linux2.2.mk deleted file mode 100644 index c552c1d76..000000000 --- a/security/coreconf/Linux2.2.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux 2.2 (ELF) -# - -include $(CORE_DEPTH)/coreconf/Linux.mk - -OS_REL_CFLAGS += -DLINUX2_1 -MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) -ifdef BUILD_OPT - OPTIMIZER = -O2 -endif - diff --git a/security/coreconf/Linux2.4.mk b/security/coreconf/Linux2.4.mk deleted file mode 100644 index 3665f5bb3..000000000 --- a/security/coreconf/Linux2.4.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux 2.4 (ELF) -# - -include $(CORE_DEPTH)/coreconf/Linux.mk - -OS_REL_CFLAGS += -DLINUX2_1 -MKSHLIB = $(CC) -shared -Wl,-soname -Wl,$(@:$(OBJDIR)/%.so=%.so) -ifdef BUILD_OPT - OPTIMIZER = -O2 -endif - diff --git a/security/coreconf/LinuxELF1.2.mk b/security/coreconf/LinuxELF1.2.mk deleted file mode 100644 index 860787958..000000000 --- a/security/coreconf/LinuxELF1.2.mk +++ /dev/null @@ -1,36 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux 1.2 (ELF) -# - -include $(CORE_DEPTH)/coreconf/Linux.mk diff --git a/security/coreconf/LinuxELF2.0.mk b/security/coreconf/LinuxELF2.0.mk deleted file mode 100644 index a85dfafa9..000000000 --- a/security/coreconf/LinuxELF2.0.mk +++ /dev/null @@ -1,36 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Linux 2.0 (ELF) -# - -include $(CORE_DEPTH)/coreconf/Linux.mk diff --git a/security/coreconf/Makefile b/security/coreconf/Makefile deleted file mode 100644 index fc9f73af2..000000000 --- a/security/coreconf/Makefile +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -DEPTH = .. -CORE_DEPTH = .. - -MODULE = coreconf - -DIRS = nsinstall - -include $(DEPTH)/coreconf/config.mk -include $(DEPTH)/coreconf/rules.mk - -export:: libs diff --git a/security/coreconf/NCR3.0.mk b/security/coreconf/NCR3.0.mk deleted file mode 100644 index 8193bd1f5..000000000 --- a/security/coreconf/NCR3.0.mk +++ /dev/null @@ -1,90 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for NCR SysVr4 v 3.0 -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -### -NS_USE_NATIVE = 1 - -# NS_USE_GCC = 1 - -export PATH:=$(PATH):/opt/ncc/bin -### - -RANLIB = true -GCC_FLAGS_EXTRA += -pipe - -DEFINES += -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR - -OS_CFLAGS += -Hnocopyr -DSVR4 -DSYSV -DHAVE_STRERROR -DNCR -DPRFSTREAMS_BROKEN - -ifdef NS_USE_NATIVE - CC = cc - CCC = ncc - CXX = ncc -# OS_LIBS += -L/opt/ncc/lib -else -# OS_LIBS += -endif - -#OS_LIBS += -lsocket -lnsl -ldl -lc - -MKSHLIB += $(LD) $(DSO_LDOPTS) -#DSO_LDOPTS += -G -z defs -DSO_LDOPTS += -G - -CPU_ARCH = x86 -ARCH = ncr - -NOSUCHFILE = /solaris-rm-f-sucks - -# now take care of default GCC (rus@5/5/97) - -ifdef NS_USE_GCC - # if gcc-settings are redefined already - don't touch it - # - ifeq (,$(findstring gcc, $(CC))) - CC = gcc - CCC = g++ - CXX = g++ - # always use -fPIC - some makefiles are still broken and don't distinguish - # situation when they build shared and static libraries - CFLAGS += -fPIC -Wall $(GCC_FLAGS_EXTRA) -# OS_LIBS += -L/usr/local/lib -lstdc++ -lg++ -lgcc - endif -endif -### diff --git a/security/coreconf/NEC4.2.mk b/security/coreconf/NEC4.2.mk deleted file mode 100644 index 8e635f1ca..000000000 --- a/security/coreconf/NEC4.2.mk +++ /dev/null @@ -1,61 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for NEC Mips SYSV -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc - -CPU_ARCH = mips - -ifdef NS_USE_GCC -CC = gcc -CCC = g++ -else -CC = $(CORE_DEPTH)/build/hcc -OS_CFLAGS = -Xa -KGnum=0 -KOlimit=4000 -CCC = g++ -endif - -MKSHLIB = $(LD) $(DSO_LDOPTS) - -RANLIB = /bin/true - -OS_CFLAGS += $(ODD_CFLAGS) -DSVR4 -D__SVR4 -DNEC -Dnec_ews -DHAVE_STRERROR -OS_LIBS = -lsocket -lnsl -ldl $(LDOPTIONS) -LDOPTIONS = -lc -L/usr/ucblib -lucb - -NOSUCHFILE = /nec-rm-f-sucks - -DSO_LDOPTS = -G diff --git a/security/coreconf/NetBSD.mk b/security/coreconf/NetBSD.mk deleted file mode 100644 index cecf69695..000000000 --- a/security/coreconf/NetBSD.mk +++ /dev/null @@ -1,77 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for NetBSD -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = gcc -CC = gcc -CCC = g++ -RANLIB = ranlib - -OS_REL_CFLAGS = -Di386 -CPU_ARCH = x86 - -ifndef OBJECT_FMT -OBJECT_FMT := $(shell if echo __ELF__ | $${CC:-cc} -E - | grep -q __ELF__ ; then echo a.out ; else echo ELF ; fi) -endif - -ifeq ($(OBJECT_FMT),ELF) -DLL_SUFFIX = so -else -DLL_SUFFIX = so.1.0 -endif - -OS_CFLAGS = $(DSO_CFLAGS) $(OS_REL_CFLAGS) -ansi -Wall -pipe -DNETBSD -Dunix -DHAVE_STRERROR -DHAVE_BSD_FLOCK - -OS_LIBS = -lcompat - -ARCH = netbsd - -DSO_CFLAGS = -fPIC -DPIC -DSO_LDOPTS = -shared -DSO_LDFLAGS = -ifeq ($(OBJECT_FMT),ELF) -DSO_LDOPTS += -Wl,-soname,lib$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) -endif - -ifdef LIBRUNPATH -DSO_LDOPTS += -Wl,-R$(LIBRUNPATH) -endif - -MKSHLIB = $(CC) $(DSO_LDOPTS) - -G++INCLUDES = -I/usr/include/g++ - -INCLUDES += -I/usr/X11R6/include diff --git a/security/coreconf/OS2.mk b/security/coreconf/OS2.mk deleted file mode 100644 index 117e1e38d..000000000 --- a/security/coreconf/OS2.mk +++ /dev/null @@ -1,220 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -MOZ_WIDGET_TOOLKIT = os2 - -# Specify toolset. Default to EMX. -ifeq ($(MOZ_OS2_TOOLS),VACPP) -XP_OS2_VACPP = 1 -else -ifeq ($(MOZ_OS2_TOOLS),PGCC) -XP_OS2_EMX = 1 -else -MOZ_OS2_TOOLS = EMX -XP_OS2_EMX = 1 -endif -endif - -# XP_PC is for Window and OS2 on Intel X86 -# XP_OS2 is strictly for OS2 only -XP_DEFINE += -DXP_PC=1 -DXP_OS2=1 - -# Override suffix in suffix.mk -LIB_SUFFIX = lib -DLL_SUFFIX = dll -OBJ_SUFFIX = .obj -ASM_SUFFIX = .asm -PROG_SUFFIX = .exe - - -ifdef XP_OS2_EMX - -# -# On OS/2 we proudly support gbash... -# -SHELL = GBASH.EXE -CCC = gcc -LINK = gcc -AR = emxomfar -p256 r $@ -# Keep AR_FLAGS blank so that we do not have to change rules.mk -AR_FLAGS = -RANLIB = @echo OS2 RANLIB -BSDECHO = @echo OS2 BSDECHO -IMPLIB = emximp -o -FILTER = emxexp - -ifndef NO_SHARED_LIB -WRAP_MALLOC_LIB = -WRAP_MALLOC_CFLAGS = -DSO_CFLAGS = -DSO_PIC_CFLAGS = -MKSHLIB = $(CXX) $(CXXFLAGS) $(DSO_LDOPTS) -o $@ -MKCSHLIB = $(CC) $(CFLAGS) $(DSO_LDOPTS) -o $@ -MKSHLIB_FORCE_ALL = -MKSHLIB_UNFORCE_ALL = -DSO_LDOPTS = -Zomf -Zdll -Zmt -Zcrtdll -Zlinker /NOO -# DLL_SUFFIX = .dll -SHLIB_LDSTARTFILE = -SHLIB_LDENDFILE = -endif #NO_SHARED_LIB - -OS_CFLAGS = -Wall -W -Wno-unused -Wpointer-arith -Wcast-align -Zmtd -Zomf -Zmt -DDEBUG -DDEBUG_wintrinh -DTRACING -g - -# Where the libraries are -MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS) -NSPR_LIBS = -lplds4 -lplc4 -lnspr4 -NSPR_INCLUDE_DIR = - - -ifdef BUILD_OPT -OPTIMIZER = -O6 -DEFINES += -UDEBUG -U_DEBUG -DNDEBUG -DLLFLAGS = -DLL -OUT:$@ -MAP:$(@:.dll=.map) -EXEFLAGS = -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE -OBJDIR_TAG = _OPT -else -#OPTIMIZER = -O+ -Oi -DEFINES += -DDEBUG -D_DEBUG -DDEBUGPRINTS #HCT Need += to avoid overidding manifest.mn -DLLFLAGS = -DEBUG -DLL -OUT:$@ -MAP:$(@:.dll=.map) -EXEFLAGS = -DEBUG -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE -OBJDIR_TAG = _DBG -LDFLAGS = -DEBUG -endif # BUILD_OPT - -else # XP_OS2_VACPP - -# -# On OS/2 we proudly support gbash... -# -SHELL = GBASH.EXE -CCC = icc -q -DXP_OS2 -DOS2=4 -N10 -LINK = -ilink -AR = -ilib /NOL /NOI /O:$(subst /,\\,$@) -# Keep AR_FLAGS blank so that we do not have to change rules.mk -AR_FLAGS = -RANLIB = @echo OS2 RANLIB -BSDECHO = @echo OS2 BSDECHO -IMPLIB = implib /NOL /NOI -FILTER = cppfilt -b -p -q - -ifndef NO_SHARED_LIB -WRAP_MALLOC_LIB = -WRAP_MALLOC_CFLAGS = -DSO_CFLAGS = -DSO_PIC_CFLAGS = -MKSHLIB = $(LD) $(DSO_LDOPTS) -MKCSHLIB = $(LD) $(DSO_LDOPTS) -MKSHLIB_FORCE_ALL = -MKSHLIB_UNFORCE_ALL = -DSO_LDOPTS = -# DLL_SUFFIX = .dll -SHLIB_LDSTARTFILE = -SHLIB_LDENDFILE = -endif #NO_SHARED_LIB - -OS_CFLAGS = /Q /qlibansi /Gd /Gm /Su4 /Mp /Tl- -INCLUDES += -I$(CORE_DEPTH)/../dist/include -DEFINES += -DXP_OS2_VACPP -DTCPV40HDRS - -# Where the libraries are -NSPR_LIBS = $(DIST)/lib/nspr4.lib $(DIST)/lib/plc4.lib $(DIST)/lib/plds4.lib -MOZ_COMPONENT_NSPR_LIBS=-L$(DIST)/lib $(NSPR_LIBS) -NSPR_INCLUDE_DIR = - - -ifdef BUILD_OPT -OPTIMIZER = -Oi -G5 -DEFINES += -UDEBUG -U_DEBUG -DNDEBUG -DLLFLAGS = /DLL /O:$@ /INC:_dllentry /MAP:$(@:.dll=.map) -EXEFLAGS = -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE -OBJDIR_TAG = _OPT -LDFLAGS = /FREE /NODEBUG /NOE /LINENUMBERS /nologo -else -OS_CFLAGS += /Ti+ -DEFINES += -DDEBUG -D_DEBUG -DDEBUGPRINTS #HCT Need += to avoid overidding manifest.mn -DLLFLAGS = /DEBUG /DLL /O:$@ /INC:_dllentry /MAP:$(@:.dll=.map) -EXEFLAGS = -DEBUG -PMTYPE:VIO -OUT:$@ -MAP:$(@:.exe=.map) -nologo -NOE -OBJDIR_TAG = _DBG -LDFLAGS = /FREE /DE /NOE /LINENUMBERS /nologo -endif # BUILD_OPT - -endif # XP_OS2_VACPP - -# OS/2 use nsinstall that is included in the toolkit. -# since we do not wish to support and maintain 3 version of nsinstall in mozilla, nspr and nss - -ifdef BUILD_TREE -NSINSTALL_DIR = $(BUILD_TREE)/nss -else -NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall -endif -# NSINSTALL = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall -NSINSTALL = nsinstall # HCT4OS2 -INSTALL = $(NSINSTALL) - -MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend -MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend -MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk - -#################################################################### -# -# One can define the makefile variable NSDISTMODE to control -# how files are published to the 'dist' directory. If not -# defined, the default is "install using relative symbolic -# links". The two possible values are "copy", which copies files -# but preserves source mtime, and "absolute_symlink", which -# installs using absolute symbolic links. The "absolute_symlink" -# option requires NFSPWD. -# - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97 -# - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY -#################################################################### - -ifeq ($(NSDISTMODE),copy) - # copy files, but preserve source mtime - INSTALL = $(NSINSTALL) - INSTALL += -t -else - ifeq ($(NSDISTMODE),absolute_symlink) - # install using absolute symbolic links - INSTALL = $(NSINSTALL) - INSTALL += -L `$(NFSPWD)` - else - # install using relative symbolic links - INSTALL = $(NSINSTALL) - INSTALL += -R - endif -endif - -define MAKE_OBJDIR -if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi -endef diff --git a/security/coreconf/OSF1.mk b/security/coreconf/OSF1.mk deleted file mode 100644 index 0db32e30c..000000000 --- a/security/coreconf/OSF1.mk +++ /dev/null @@ -1,66 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for DEC OSF/1 -# - -# -# The Bourne shell (sh) on OSF1 doesn't handle "set -e" correctly, -# which we use to stop LOOP_OVER_DIRS submakes as soon as any -# submake fails. So we use the Korn shell instead. -# -SHELL = /usr/bin/ksh - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -CC = cc -OS_CFLAGS += $(NON_LD_FLAGS) -std1 -CCC = cxx -RANLIB = /bin/true -CPU_ARCH = alpha - -ifdef BUILD_OPT - OPTIMIZER += -Olimit 4000 -endif - -NON_LD_FLAGS += -ieee_with_inexact -OS_CFLAGS += -DOSF1 -D_REENTRANT - -ifeq ($(USE_PTHREADS),1) - OS_CFLAGS += -pthread -endif - -# The command to build a shared library on OSF1. -MKSHLIB += ld -shared -expect_unresolved "*" -soname $(notdir $@) -DSO_LDOPTS += -shared diff --git a/security/coreconf/OSF1V2.0.mk b/security/coreconf/OSF1V2.0.mk deleted file mode 100644 index de7dab643..000000000 --- a/security/coreconf/OSF1V2.0.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for DEC OSF/1 V2.0 -# -include $(CORE_DEPTH)/coreconf/OSF1.mk diff --git a/security/coreconf/OSF1V3.0.mk b/security/coreconf/OSF1V3.0.mk deleted file mode 100644 index 623b2f971..000000000 --- a/security/coreconf/OSF1V3.0.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for DEC OSF/1 V3.0 -# -include $(CORE_DEPTH)/coreconf/OSF1.mk diff --git a/security/coreconf/OSF1V3.2.mk b/security/coreconf/OSF1V3.2.mk deleted file mode 100644 index 9d584b37b..000000000 --- a/security/coreconf/OSF1V3.2.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On OSF1 V3.2, classic nspr is the default (and only) implementation -# strategy. -# - -# -# Config stuff for DEC OSF/1 V3.2 -# -include $(CORE_DEPTH)/coreconf/OSF1.mk - -ifeq ($(OS_RELEASE),V3.2) - OS_CFLAGS += -DOSF1V3 -endif diff --git a/security/coreconf/OSF1V4.0.mk b/security/coreconf/OSF1V4.0.mk deleted file mode 100644 index 164a6613a..000000000 --- a/security/coreconf/OSF1V4.0.mk +++ /dev/null @@ -1,51 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On OSF1 V4.0, pthreads is the default implementation strategy. -# Classic nspr is also available. -# -ifneq ($(OS_RELEASE),V3.2) - USE_PTHREADS = 1 - ifeq ($(CLASSIC_NSPR), 1) - USE_PTHREADS = - IMPL_STRATEGY := _CLASSIC - endif -endif - -# -# Config stuff for DEC OSF/1 V4.0 -# -include $(CORE_DEPTH)/coreconf/OSF1.mk - -ifeq ($(OS_RELEASE),V4.0) - OS_CFLAGS += -DOSF1V4 -endif diff --git a/security/coreconf/OSF1V4.0B.mk b/security/coreconf/OSF1V4.0B.mk deleted file mode 100644 index 73f357d17..000000000 --- a/security/coreconf/OSF1V4.0B.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for DEC OSF/1 V4.0B -# -include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk diff --git a/security/coreconf/OSF1V4.0D.mk b/security/coreconf/OSF1V4.0D.mk deleted file mode 100644 index 515c76d5f..000000000 --- a/security/coreconf/OSF1V4.0D.mk +++ /dev/null @@ -1,39 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for DEC OSF/1 V4.0D -# -include $(CORE_DEPTH)/coreconf/OSF1V4.0.mk -DEFINES += -DOSF1V4D - -OS_LIBS += -lpthread -lrt - diff --git a/security/coreconf/OSF1V5.0.mk b/security/coreconf/OSF1V5.0.mk deleted file mode 100644 index 176ca0845..000000000 --- a/security/coreconf/OSF1V5.0.mk +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# On OSF1 V5.0, pthreads is the default implementation strategy. -# Classic nspr is also available. -# -ifneq ($(OS_RELEASE),V3.2) - USE_PTHREADS = 1 - ifeq ($(CLASSIC_NSPR), 1) - USE_PTHREADS = - IMPL_STRATEGY := _CLASSIC - endif -endif - -# -# Config stuff for DEC OSF/1 V5.0 -# -include $(CORE_DEPTH)/coreconf/OSF1.mk diff --git a/security/coreconf/OpenVMS.mk b/security/coreconf/OpenVMS.mk deleted file mode 100755 index f387eeaa9..000000000 --- a/security/coreconf/OpenVMS.mk +++ /dev/null @@ -1,56 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public License -# Version 1.1 (the "NPL"); you may not use this file except in -# compliance with the NPL. You may obtain a copy of the NPL at -# http://www.mozilla.org/NPL/ -# -# Software distributed under the NPL is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL -# for the specific language governing rights and limitations under the -# NPL. -# -# The Initial Developer of this code under the NPL is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All Rights -# Reserved. -# - -# -# Config stuff for Compaq OpenVMS -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -ifdef INTERNAL_TOOLS -CC = c89 -CCC = cxx -OPTIMIZER = -O -else -CC = ccc -CCC = ccc -endif - -RANLIB = /bin/true - -CPU_ARCH := $(shell uname -Wh) - -OS_CFLAGS = -DVMS -DVMS_AS_IS -Wc,names=\(short,as\) \ - -DGENERIC_PTHREAD_REDEFINES -DNO_UDSOCK -OS_CXXFLAGS = -DVMS -DVMS_AS_IS -Wc,names=\(short,as\) \ - -DGENERIC_PTHREAD_REDEFINES -DNO_UDSOCK - -# Maybe this should go into rules.mk or something? -ifdef NSPR_INCLUDE_DIR -INCLUDES += -I$(NSPR_INCLUDE_DIR) -endif - -# -# XCFLAGS are the only CFLAGS that are used during a link operation. Defining -# OPTIMIZER in XCFLAGS means that each compilation line gets OPTIMIZER -# included twice, but at least we get OPTIMIZER included in the link -# operations; and OpenVMS needs it! -# -XCFLAGS += $(OPTIMIZER) - -# The command to build a shared library in POSIX on OpenVMS. -MKSHLIB = vmsld_psm $(OPTIMIZER) diff --git a/security/coreconf/OpenVMSV7.1-2.mk b/security/coreconf/OpenVMSV7.1-2.mk deleted file mode 100755 index eb7d67a3f..000000000 --- a/security/coreconf/OpenVMSV7.1-2.mk +++ /dev/null @@ -1,22 +0,0 @@ -# -# The contents of this file are subject to the Netscape Public License -# Version 1.1 (the "NPL"); you may not use this file except in -# compliance with the NPL. You may obtain a copy of the NPL at -# http://www.mozilla.org/NPL/ -# -# Software distributed under the NPL is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL -# for the specific language governing rights and limitations under the -# NPL. -# -# The Initial Developer of this code under the NPL is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1998 Netscape Communications Corporation. All Rights -# Reserved. -# - -# -# Config stuff for Compaq OpenVMS -# - -include $(CORE_DEPTH)/coreconf/OpenVMS.mk diff --git a/security/coreconf/README b/security/coreconf/README deleted file mode 100644 index dcacd2a85..000000000 --- a/security/coreconf/README +++ /dev/null @@ -1,563 +0,0 @@ -OVERVIEW of "ns/coreconf": - - This README file is an attempt to provide the reader with a simple - synopsis of the "ns/coreconf" build system which was originally - fundamentally designed and built to accomodate Netscape's binary - release model. Wherever possible, an attempt has been made to - comply with the NSPR 2.0 build system, including mimicing the - compiler/linker flags, and directory naming structure. The reader - should keep in mind that the system builds binary releases of - header files, class files, libraries, and executables on numerous - flavors of UNIX and Windows operating systems. Unfortunately, - no serious attempt has ever been made to incorporate an ability to - generate cross-platform binaries on an Apple MacIntosh platform. - - Note that this file will not attempt to redefine or document the - architecture of this system. However, documents on this subject - are available at the following URL: - - http://warp/hardcore/prj-ttools/specs/release/index.html - - - -DEPENDENCIES of "ns/coreconf": - - The "ns/coreconf" build system requires the specified versions of - the following platform-dependent tools: - - UNIX Platforms: - -------------- - gmake (version 3.74 or later) - perl 4.0 (NOTE: perl 5.003 or later recommended) - uname - - Windows Platforms: - ----------------- - gmake 3.74 (must use hacked Netscape version) - shmsdos.exe (contained in Netscape gmake.exe) - nsinstall.exe (contained in Netscape gmake.exe) - perl.exe (version 4.0 for everything except testing; - NOTE: MKS toolkit perl 5.002 is broken) - perl5.exe (for testing; - NOTE: perl 5.003 or later recommended; - MKS toolkit perl 5.002 is broken) - uname.exe (use nstools version) - -ENHANCEMENTS to "ns/coreconf": - - With the advent of Certificate Server 4.0 using the ns/coreconf - build system, several changes had to be made to enhance - ns/coreconf support for building Java/JNI classes/programs, as - well as libraries slated to be released as binaries. While the - following may not represent an exhaustive list of these changes, - it does attempt to be at least somewhat comprehensive: - - (1) During the course of these enhancements, a total of - four files have been modified, and four new files have - been added. - - The following files have been modified: - - - command.mk: removed old definition of JAR - - - config.mk: added include statement of new - "jdk.mk" file - - - ruleset.mk: allowed the $(MKPROG) variable to be - overridden by supplying it with a - default value of $(CC); augmented - numerous definitions to enhance - ability of ns/coreconf to produce - a more robust set of libraries; - added some JNI definitions; PACKAGE - definition may be overridden by new - "jdk.mk" file - - - rules.mk: separated the compile phase of a - program from the link phase of a - program such that a developer can - now strictly override program linkage - by simply supplying a $(MKPROG) - variable; augmented NETLIBDEPTH - to use CORE_DEPTH but retain backward - compatibility; added JNI section; - modified .PRECIOUS rule; - - The following files have been added: - - - README: this file; an ASCII-based text - document used to summarize the - ns/coreconf build system and - suitable (paginated) for printing - - - jdk.mk: a file comprising most (if not all) - of the default Java related build - information; the definitions in this - file are only included if NS_USE_JDK - has been defined - - - jniregen.pl: a perl script used to create a - dependency for when JNI files should - be regenerated (based upon any change - to the ".class" file from which the - ".h" file was originally generated) - - - outofdate.pl: a perl script used to create a - dependency for when ".class" files - should be regenerated (based upon - any change to the ".java" file - from which the ".class" file was - originally generated) - - (2) As stated above, the ns/coreconf build system now separates - the link phase of a program from its compilation phase. - While ns/coreconf still works exactly as it used to because - the $(MKPROG) variable is assigned $(CC) by default, a developer - may now override this behavior by simply supplying their - own unique value for $(MKPROG) on every platform. This allows - a program compiled with $(CC) to link with external libraries - that may contain "C++" linkage. Before this change, a - programmer would need to reference their own local copy of - rules.mk (see the ns/sectools/cmd/pk12util program for - an example of how this used to be accomplished). - - (3) Currently, the ns/coreconf build system differs from the - NSPR 2.0 build system which utilizes an "_s" to denote - static libraries from import libraries. In fact, the - ns/coreconf build system adds no prefixes or suffixes to - distinguish one version of static libraries from another. - Note that both the ns/coreconf build system as well as the - NSPR 2.0 build system do nothing to provide a method of - distinguishing 16-bit from 32-bit static libraries on the - same machine, either, since: - - a) this might only provide difficulty during - development, since static libraries always - need to be embedded within a program - (note this is highly unlikely, since libraries - for different platforms are subdivided via - a well-known subdirectory structure, and - a developer may use multiple trees for - development), - - b) this maintains backwards compatibility, - something very important since no legacy - programs will need to change their link phase, and - - c) Netscape as a company has dropped any plans - of future development of 16-bit products. - - (4) Since several members of the Hardcore Security group did - not favor NSPR 2.0's solution of adding an "_s" to static - libraries on Windows platforms as a method to distinguish - them from their import library cousins, a different solution - was proposed and has been recently implemented for ns/coreconf: - - - a 16 has been added as a suffix to both dynamic and - import libraries built on 16-bit Windows platforms - - - a 32 has been added as a suffix to both dynamic and - import libraries built on 32-bit Windows platforms - - Since, the HCL release process currently only contains a - single instance of building a dynamic library, - ns/security/lib/fortcrypt/fort12.dll, the impact of this - change should be relatively small. - - It should be noted that although this would additionally - limit the 8.3 namespace on 16-bit platforms, it is highly - unlikely that any future development will be performed on - this platform. - - (5) The $(LIBRARY_VERSION) tag has been added to all non-static - libraries created on UNIX operating systems to alleviate - any future confusion for binary releases which utilize this - tag. Again, it should be noted that this tag is only - utilized on non-static libraries, since more than one - version of the library may need to exist simultaneously - if multiple products are utilized. - - Currently, only one HCL released library utilizes this tag: - - ns/security/lib/fortcrypt/fort12.a - (e. g. - in this library, the tag has been set to '12') - - Again, it should be noted that although this would - additionally limit the 8.3 namespace on 16-bit platforms, - it is highly unlikely that any future development will be - performed on this platform. - - (6) The $(JDK_DEBUG_SUFFIX) extension has been added to all - library and program names to support debug versions of - Java programs (e. g. - java_g, javac_g, etc). - - Once again, it should be noted that although this would - additionally limit the 8.3 namespace on 16-bit platforms, - it is highly unlikely that any future Java development - will be performed on this platform. - - (7) Most (if not all) default definitions for java have been - encapsulated within their own file, jdk.mk, which is - always included by default in ns/coreconf/config.mk. - However, the definitions within this file are only ever - activated if NS_USE_JDK has been set to be 1. - - - (8) Two perl scripts (jniregen.pl and outofdate.pl) have been - added to the system to foster a more robust development - environment for composing Java and JNI programs - utilizing the ns/coreconf build system. Both of these - perl scripts are related to resolving dependencies which - can not be accomplished through normal makefile dependencies. - - (9) This file, README, was created in an attempt to allow - developers who have familiarity with ns/coreconf a simple - roadmap for what has changed, as well as a top-level view of - what comprises ns/coreconf. This file was written in - ASCII (rather than HTML) primarily to promote simple - paginated printing. - -OVERVIEW of "config.mk": - - This file contains the configuration information necessary to - build each "Core Components" source module: - - include file name Purpose - =================== ======================================= - arch.mk source and release tags - - command.mk default command macros - (NOTE: may be overridden in $(OS_CONFIG).mk) - - $(OS_CONFIG).mk -specific macros - (dependent upon tags) - - platform.mk source and release tags - (dependent upon tags) - - tree.mk release tags - (dependent upon tags) - - module.mk source and release tags - (NOTE: A component is also called a module - or a subsystem. This file is dependent upon - $(MODULE) being defined on the command - line, as an environment variable, or in - individual makefiles, or more - appropriately, manifest.mn) - - version.mk release tags - (dependent upon $(MODULE) being defined on - the command line, as an environment variable, - or in individual makefiles, or more - appropriately, manifest.mn) - - location.mk macros to figure out binary code location - (dependent upon tags) - - source.mk -specific source path - (dependent upon , - , , and - tags) - - headers.mk include switch for support header files - (dependent upon , , , - and tags) - - prefix.mk compute program prefixes - - suffix.mk compute program suffixes - (dependent upon tags) - - jdk.mk define JDK - (dependent upon , - , and tags) - - ruleset.mk Master "Core Components" rule set - (should always be the last file - included by config.mk) - - - -OVERVIEW of "rules.mk": - - The "rules.mk" file consists of four sections. The first section - contains the "master" build rules for all binary releases. While - this section can (and should) largely be thought of as "language" - independent, it does utilize the "perl" scripting language to - perform both the "import" and "release" of binary modules. - - The rules which dwell in this section and their purpose: - - - CATEGORY/rule:: Purpose - =================== ======================================= - - GENERAL - ------- - all:: "default" all-encompassing rule which - performs "export libs program install" - - export:: recursively copy specified - cross-platform header files to the - $(SOURCE_XPHEADERS_DIR) directory; - recursively copy specified - machine-dependent header files to the - $(SOURCE_MDHEADERS_DIR) directory; - although all rules can be written to - repetively "chain" into other sections, - this rule is the most commonly used - rule to "chain" into other sections - such as Java providing a simple - mechanism which allows no need for - developers to memorize specialized - rules - - libs:: recursively build - static (archival) $(LIBRARY), shared - (dynamic link) $(SHARED_LIBRARY), - and/or import $(IMPORT_LIBRARY) - libraries - - program:: recursively build $(PROGRAM) - executable - - install:: recursively copy all libraries to - $(SOURCE_LIB_DIR) directory; - recursively copy all executables to - $(SOURCE_BIN_DIR) directory - - clean:: remove all files specified in the - $(ALL_TRASH) variable - - clobber:: synonym for "clean::" rule - - realclean:: remove all files specified by - $(wildcard *.OBJ), dist, and in - the $(ALL_TRASH) variable - - clobber_all:: synonym for "realclean::" rule - - private_export:: recursively copy specified - cross-platform header files to the - $(SOURCE_XPPRIVATE_DIR) directory - - - IMPORT - ------ - import:: uses perl script to retrieve specified - VERSION of the binary release from - $(RELEASE_TREE) - - RELEASE - ------- - release_clean:: remove all files from the - $(SOURCE_RELEASE_PREFIX) directory - - release:: place specified VERSION of the - binary release in the appropriate - $(RELEASE_TREE) directory - - release_export:: recursively copy specified - cross-platform header files to the - $(SOURCE_XPHEADERS_DIR)/include - directory - - release_md:: recursively copy all libraries to - $(SOURCE_RELEASE_PREFIX)/ - $(SOURCE_RELEASE_LIB_DIR) directory; - recursively copy all executables to - $(SOURCE_RELEASE_PREFIX)/ - $(SOURCE_RELEASE_BIN_DIR) directory - - release_jars:: use perl script to package appropriate - files in the $(XPCLASS_JAR), - $(XPHEADER_JAR), $(MDHEADER_JAR), and - $(MDBINARY_JAR) jar files - - release_cpdistdir:: use perl script to copy the - $(XPCLASS_JAR), $(XPHEADER_JAR), - $(MDHEADER_JAR), and $(MDBINARY_JAR) - jar files to the specified VERSION - of the $(RELEASE_TREE) directory - - - - TOOLS and AUTOMATION - -------------------- - platform:: tool used to display the platform name - as composed within the "arch.mk" file - - autobuild:: automation rule used by "Bonsai" and - "Tinderbox" to automatically generate - binary releases on various platforms - - tests:: automation tool used to run the - "regress" and "reporter" tools - on various regression test suites - - The second section of "rules.mk" primarily contains several - "language" dependent build rules for binary releases. These are - generally "computed" rules (created on the "fly"), and include - rules used by "C", "C++", assembly, the preprocessor, perl, and - the shell. - - The rules which dwell in this section and their purpose: - - - CATEGORY/rule:: Purpose - =================== ============================= - - LIBRARIES - --------- - $(LIBRARY): build the static library - specified by the $(LIBRARY) - variable - - $(IMPORT_LIBRARY): build the import library - specified by the - $(IMPORT_LIBRARY) variable - - $(SHARED_LIBRARY): build the shared - (dynamic link) library - specified by the - $(SHARED_LIBRARY) variable - - - PROGRAMS - -------- - $(PROGRAM): build the binary executable - specified by the $(PROGRAM) - rule - - $(OBJDIR)/ - $(PROG_PREFIX)%.pure: build the "purified" binary - executable specified by this - rule - - - OBJECTS - ------- - $(OBJDIR)/ - $(PROG_PREFIX)%$(OBJ_SUFFIX): build the object file - associated with the - makefile rule dependency: - - %.c = C file - %.cpp = C++ file - %.cc = C++ file - %.s = assembly file - %.S = assembly file - - $(OBJDIR)/ - $(PROG_PREFIX)%: (NOTE: deprecated rule) - build the object file - associated with the - makefile rule dependency: - - %.cpp = C++ file - - MISCELLANEOUS - ------------- - $(DIRS):: specifies a helper method - used by $(LOOP_THROUGH_DIRS) - to recursively change - directories and invoke - $(MAKE) - - %.i: build the preprocessor file - associated with the - makefile rule dependency: - - %.c = C file - %.cpp = C++ file - - %: process the specified file - using the method associated - with the makefile rule - dependency: - - %.pl = perl script - %.sh = shell script - - alltags: tool used to recursively - create a "ctags"-style - file for reference - - The third section of "rules.mk' primarily contains several JAVA - "language" build rules for binary releases. These are also - generally "computed" rules (created on the "fly"). - - The rules which dwell in this section and their purpose: - - - CATEGORY/rule:: Purpose - =================== ============================= - $(JAVA_DESTPATH):: create directory specified - as the Java destination path - for where classes are - deposited - - $(JAVA_DESTPATH)/$(PACKAGE):: create directories specified - within the $(PACKAGE) - variable - - $(JMCSRCDIR):: create directory specified - as the JMC destination path - - $(JRI_HEADER_CFILES): used to generate/regenerate - JRI header files for "C" - - $(JRI_STUB_CFILES): used to generate/regenerate - JRI stub files for "C" - - $(JNI_HEADERS): used to generate/regenerate - JNI header files for "C" - - The fourth section of "rules.mk" primarily contains miscellaneous - build rules for binary releases. Many of these rules are here to - create new subdirectories, manage dependencies, and/or override - standard gmake "Makefile" rules. - - The rules which dwell in this section and their purpose: - - - CATEGORY/rule:: Purpose - =================== ============================= - - $(PUBLIC_EXPORT_DIR):: create directory used to - house public "C" header files - - $(PRIVATE_EXPORT_DIR):: create directory used to - house private "C" header - files - - $(SOURCE_XP_DIR)/ - release/include:: create directory used to - house "C" header files - contained in a release - - $(MKDEPENDENCIES):: for UNIX systems, create - a directory used to house - dependencies and utilize - the $(MKDEPEND) rule to - create them - - $(MKDEPEND):: cd to the dependency - directory and create them - - depend:: if $(OBJS) exist, perform the - $(MKDEPEND) rule followed by - the $(MKDEPENDENCIES) rule - - dependclean:: remove all files contained - in the dependency repository - - .DEFAULT: standard gmake rule - - .SUFFIXES: standard gmake rule - - .PRECIOUS: standard gmake rule - - .PHONY: standard gmake rule - diff --git a/security/coreconf/ReliantUNIX.mk b/security/coreconf/ReliantUNIX.mk deleted file mode 100644 index 8167394cb..000000000 --- a/security/coreconf/ReliantUNIX.mk +++ /dev/null @@ -1,83 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for ReliantUNIX -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -ifdef NS_USE_GCC - ## gcc-2.7.2 homebrewn - CC = gcc - CCC = g++ - AS = $(CC) - ASFLAGS += -x assembler-with-cpp - LD = gld - ODD_CFLAGS = -pipe -Wall -Wno-format - ifdef BUILD_OPT - OPTIMIZER += -O6 - endif - MKSHLIB = $(LD) - MKSHLIB += -G -h $(@:$(OBJDIR)/%.so=%.so) - DSO_LDOPTS += -G -Xlinker -Blargedynsym -else - ## native compiler (CDS++ 1.0) -# CC = /usr/bin/cc - CC = cc - CCC = /usr/bin/CC - AS = /usr/bin/cc - ODD_CFLAGS = - ifdef BUILD_OPT - OPTIMIZER += -O -F Olimit,4000 - endif - MKSHLIB = $(CC) - MKSHLIB += -G -h $(@:$(OBJDIR)/%.so=%.so) - DSO_LDOPTS += -G -W l,-Blargedynsym -endif - -NOSUCHFILE = /sni-rm-f-sucks -ODD_CFLAGS += -DSVR4 -DSNI -DRELIANTUNIX -CPU_ARCH = mips -RANLIB = /bin/true - -# For purify -NOMD_OS_CFLAGS += $(ODD_CFLAGS) - -# we do not have -MDupdate ... -OS_CFLAGS += $(NOMD_OS_CFLAGS) -OS_LIBS += -lsocket -lnsl -lresolv -lgen -ldl -lc /usr/ucblib/libucb.a - -ifdef DSO_BACKEND - DSO_LDOPTS += -h $(DSO_NAME) -endif diff --git a/security/coreconf/ReliantUNIX5.4.mk b/security/coreconf/ReliantUNIX5.4.mk deleted file mode 100644 index a5bca60a3..000000000 --- a/security/coreconf/ReliantUNIX5.4.mk +++ /dev/null @@ -1,35 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for ReliantUNIX5.4 -# -include $(CORE_DEPTH)/coreconf/ReliantUNIX.mk diff --git a/security/coreconf/SCOOS5.0.mk b/security/coreconf/SCOOS5.0.mk deleted file mode 100644 index b3370a1fd..000000000 --- a/security/coreconf/SCOOS5.0.mk +++ /dev/null @@ -1,36 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SCO OpenServer 5.0 for x86. -# - -include $(CORE_DEPTH)/coreconf/SCO_SV3.2.mk diff --git a/security/coreconf/SCO_SV3.2.mk b/security/coreconf/SCO_SV3.2.mk deleted file mode 100644 index e9d13b30c..000000000 --- a/security/coreconf/SCO_SV3.2.mk +++ /dev/null @@ -1,86 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SCO Unix for x86. -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -CC = cc -OS_CFLAGS += -b elf -KPIC -CCC = g++ -CCC += -b elf -DPRFSTREAMS_BROKEN -I/usr/local/lib/g++-include -# CCC = $(CORE_DEPTH)/build/hcpp -# CCC += +.cpp +w -RANLIB = /bin/true - -# -# -DSCO_PM - Policy Manager AKA: SCO Licensing -# -DSCO - Changes to Netscape source (consistent with AIX, LINUX, etc..) -# -Dsco - Needed for /usr/include/X11/* -# -OS_CFLAGS += -DSCO_SV -DSYSV -D_SVID3 -DHAVE_STRERROR -DSW_THREADS -DSCO_PM -DSCO -Dsco -#OS_LIBS += -lpmapi -lsocket -lc -MKSHLIB = $(LD) -MKSHLIB += $(DSO_LDOPTS) -XINC = /usr/include/X11 -MOTIFLIB += -lXm -INCLUDES += -I$(XINC) -CPU_ARCH = x86 -GFX_ARCH = x -ARCH = sco -LOCALE_MAP = $(CORE_DEPTH)/cmd/xfe/intl/sco.lm -EN_LOCALE = C -DE_LOCALE = de_DE.ISO8859-1 -FR_LOCALE = fr_FR.ISO8859-1 -JP_LOCALE = ja -SJIS_LOCALE = ja_JP.SJIS -KR_LOCALE = ko_KR.EUC -CN_LOCALE = zh -TW_LOCALE = zh -I2_LOCALE = i2 -LOC_LIB_DIR = /usr/lib/X11 -NOSUCHFILE = /solaris-rm-f-sucks -BSDECHO = /bin/echo - -# -# These defines are for building unix plugins -# -BUILD_UNIX_PLUGINS = 1 -#DSO_LDOPTS += -b elf -G -z defs -DSO_LDOPTS += -b elf -G -DSO_LDFLAGS += -nostdlib -L/lib -L/usr/lib -lXm -lXt -lX11 -lgen - -# Used for Java compiler -EXPORT_FLAGS += -W l,-Bexport diff --git a/security/coreconf/SunOS4.1.3_U1.mk b/security/coreconf/SunOS4.1.3_U1.mk deleted file mode 100644 index 1bea16fc3..000000000 --- a/security/coreconf/SunOS4.1.3_U1.mk +++ /dev/null @@ -1,58 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS4.1 -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -INCLUDES += -I/usr/dt/include -I/usr/openwin/include -I/home/motif/usr/include - -# SunOS 4 _requires_ that shared libs have a version number. -# XXX FIXME: Version number should use NSPR_VERSION_NUMBER? -DLL_SUFFIX = so.1.0 -CC = gcc -RANLIB = ranlib -CPU_ARCH = sparc - -# Purify doesn't like -MDupdate -NOMD_OS_CFLAGS += -Wall -Wno-format -DSUNOS4 -OS_CFLAGS += $(DSO_CFLAGS) $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES) -MKSHLIB = $(LD) -MKSHLIB += $(DSO_LDOPTS) -NOSUCHFILE = /solaris-rm-f-sucks -DSO_LDOPTS = - -# -fPIC generates position-independent code for use in a shared library. -DSO_CFLAGS += -fPIC diff --git a/security/coreconf/SunOS5.3.mk b/security/coreconf/SunOS5.3.mk deleted file mode 100644 index e103d9f57..000000000 --- a/security/coreconf/SunOS5.3.mk +++ /dev/null @@ -1,38 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.3 -# - -SOL_CFLAGS = - -include $(CORE_DEPTH)/coreconf/SunOS5.mk diff --git a/security/coreconf/SunOS5.4.mk b/security/coreconf/SunOS5.4.mk deleted file mode 100644 index fe24c33e0..000000000 --- a/security/coreconf/SunOS5.4.mk +++ /dev/null @@ -1,38 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.4 -# - -SOL_CFLAGS = - -include $(CORE_DEPTH)/coreconf/SunOS5.mk diff --git a/security/coreconf/SunOS5.4_i86pc.mk b/security/coreconf/SunOS5.4_i86pc.mk deleted file mode 100644 index bed9893ed..000000000 --- a/security/coreconf/SunOS5.4_i86pc.mk +++ /dev/null @@ -1,68 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 2.4 on x86 -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = cc - -ifdef NS_USE_GCC - CC = gcc - OS_CFLAGS += -Wall -Wno-format - CCC = g++ - CCC += -Wall -Wno-format - ASFLAGS += -x assembler-with-cpp - ifdef NO_MDUPDATE - OS_CFLAGS += $(NOMD_OS_CFLAGS) - else - OS_CFLAGS += $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES) - endif -else - CC = cc - CCC = CC - ASFLAGS += -Wa,-P - OS_CFLAGS += $(NOMD_OS_CFLAGS) -endif - -CPU_ARCH = x86 - -MKSHLIB = $(LD) -MKSHLIB += $(DSO_LDOPTS) -NOSUCHFILE = /solx86-rm-f-sucks -RANLIB = echo - -# for purify -NOMD_OS_CFLAGS += -DSVR4 -DSYSV -D_REENTRANT -DSOLARIS -D__svr4__ -Di386 - -DSO_LDOPTS += -G diff --git a/security/coreconf/SunOS5.5.1.mk b/security/coreconf/SunOS5.5.1.mk deleted file mode 100644 index f85932b59..000000000 --- a/security/coreconf/SunOS5.5.1.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.5.1 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.5.1) - OS_DEFINES += -DSOLARIS2_5 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.5.1_i86pc.mk b/security/coreconf/SunOS5.5.1_i86pc.mk deleted file mode 100644 index a8a111dde..000000000 --- a/security/coreconf/SunOS5.5.1_i86pc.mk +++ /dev/null @@ -1,46 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 2.5.1 on x86 -# - -SOL_CFLAGS = -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -CPU_ARCH = x86 -ARCHFLAG = -OS_DEFINES += -Di386 - -ifeq ($(OS_RELEASE),5.5.1_i86pc) - OS_DEFINES += -DSOLARIS2_5 -endif diff --git a/security/coreconf/SunOS5.5.mk b/security/coreconf/SunOS5.5.mk deleted file mode 100644 index e83356f15..000000000 --- a/security/coreconf/SunOS5.5.mk +++ /dev/null @@ -1,42 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.5 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.5) - OS_DEFINES += -DSOLARIS2_5 -endif diff --git a/security/coreconf/SunOS5.6.mk b/security/coreconf/SunOS5.6.mk deleted file mode 100644 index 774d2b7a6..000000000 --- a/security/coreconf/SunOS5.6.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.6 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.6) - OS_DEFINES += -DSOLARIS2_6 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.6_i86pc.mk b/security/coreconf/SunOS5.6_i86pc.mk deleted file mode 100644 index 763c6810f..000000000 --- a/security/coreconf/SunOS5.6_i86pc.mk +++ /dev/null @@ -1,46 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 2.6 on x86 -# - -SOL_CFLAGS = -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -CPU_ARCH = x86 -ARCHFLAG = -OS_DEFINES += -Di386 - -ifeq ($(OS_RELEASE),5.6_i86pc) - OS_DEFINES += -DSOLARIS2_6 -endif diff --git a/security/coreconf/SunOS5.7.mk b/security/coreconf/SunOS5.7.mk deleted file mode 100644 index dd676e2a9..000000000 --- a/security/coreconf/SunOS5.7.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.7 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.7) - OS_DEFINES += -DSOLARIS2_7 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.7_i86pc.mk b/security/coreconf/SunOS5.7_i86pc.mk deleted file mode 100644 index 6ece4defb..000000000 --- a/security/coreconf/SunOS5.7_i86pc.mk +++ /dev/null @@ -1,48 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 7 on x86 -# - -SOL_CFLAGS = -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -CPU_ARCH = x86 -ARCHFLAG = -OS_DEFINES += -Di386 - -ifeq ($(OS_RELEASE),5.7_i86pc) - OS_DEFINES += -DSOLARIS2_7 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.8.mk b/security/coreconf/SunOS5.8.mk deleted file mode 100644 index 95fc01090..000000000 --- a/security/coreconf/SunOS5.8.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.8 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.8) - OS_DEFINES += -DSOLARIS2_8 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.8_i86pc.mk b/security/coreconf/SunOS5.8_i86pc.mk deleted file mode 100644 index 58b66b503..000000000 --- a/security/coreconf/SunOS5.8_i86pc.mk +++ /dev/null @@ -1,48 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 8 on x86 -# - -SOL_CFLAGS = -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -CPU_ARCH = x86 -ARCHFLAG = -OS_DEFINES += -Di386 - -ifeq ($(OS_RELEASE),5.8_i86pc) - OS_DEFINES += -DSOLARIS2_8 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.9.mk b/security/coreconf/SunOS5.9.mk deleted file mode 100755 index 63a1a003b..000000000 --- a/security/coreconf/SunOS5.9.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.9 -# - -SOL_CFLAGS += -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -ifeq ($(OS_RELEASE),5.9) - OS_DEFINES += -DSOLARIS2_9 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.9_i86pc.mk b/security/coreconf/SunOS5.9_i86pc.mk deleted file mode 100755 index 8ad8d0ba5..000000000 --- a/security/coreconf/SunOS5.9_i86pc.mk +++ /dev/null @@ -1,48 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for Solaris 9 on x86 -# - -SOL_CFLAGS = -D_SVID_GETTOD - -include $(CORE_DEPTH)/coreconf/SunOS5.mk - -CPU_ARCH = x86 -ARCHFLAG = -OS_DEFINES += -Di386 - -ifeq ($(OS_RELEASE),5.9_i86pc) - OS_DEFINES += -DSOLARIS2_9 -endif - -OS_LIBS += -lthread -lnsl -lsocket -lposix4 -ldl -lc diff --git a/security/coreconf/SunOS5.mk b/security/coreconf/SunOS5.mk deleted file mode 100644 index 37b65293f..000000000 --- a/security/coreconf/SunOS5.mk +++ /dev/null @@ -1,151 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Config stuff for SunOS5.x -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -# -# Temporary define for the Client; to be removed when binary release is used -# -ifdef MOZILLA_CLIENT - LOCAL_THREADS_ONLY = 1 - ifndef NS_USE_NATIVE - NS_USE_GCC = 1 - endif -endif - -# Sun's WorkShop defines v8, v8plus and v9 architectures. -# gcc on Solaris defines v8 and v9 "cpus". -# gcc's v9 is equivalent to Workshop's v8plus. -# gcc apparently has no equivalent to Workshop's v9 -# We always use Sun's assembler and linker, which use Sun's naming convention. - -ifeq ($(USE_64), 1) - ifdef NS_USE_GCC - ARCHFLAG= UNKNOWN - else - ARCHFLAG=-xarch=v9 - endif - LD=/usr/ccs/bin/ld -else - ifdef NS_USE_GCC - ifdef USE_HYBRID - ARCHFLAG=-mcpu=v9 -Wa,-xarch=v8plus - else - ARCHFLAG=-mcpu=v8 - endif - else - ifdef USE_HYBRID - ARCHFLAG=-xarch=v8plus - else - ARCHFLAG=-xarch=v8 - endif - endif -endif - -# -# The default implementation strategy for Solaris is classic nspr. -# -ifeq ($(USE_PTHREADS),1) - IMPL_STRATEGY = _PTH -else - ifeq ($(LOCAL_THREADS_ONLY),1) - IMPL_STRATEGY = _LOCAL - endif -endif - -# -# Temporary define for the Client; to be removed when binary release is used -# -ifdef MOZILLA_CLIENT - IMPL_STRATEGY = -endif - -DEFAULT_COMPILER = cc - -ifdef NS_USE_GCC - CC = gcc - OS_CFLAGS += -Wall -Wno-format - CCC = g++ - CCC += -Wall -Wno-format - ASFLAGS += -x assembler-with-cpp - ifdef NO_MDUPDATE - OS_CFLAGS += $(NOMD_OS_CFLAGS) - else - OS_CFLAGS += $(NOMD_OS_CFLAGS) -MDupdate $(DEPENDENCIES) - endif - OS_CFLAGS += $(ARCHFLAG) -else - CC = cc - CCC = CC - ASFLAGS += -Wa,-P - OS_CFLAGS += $(NOMD_OS_CFLAGS) $(ARCHFLAG) - ifndef BUILD_OPT - OS_CFLAGS += -xs -# else -# OPTIMIZER += -fast - endif - -endif - -INCLUDES += -I/usr/dt/include -I/usr/openwin/include - -RANLIB = echo -CPU_ARCH = sparc -OS_DEFINES += -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS - -ifneq ($(LOCAL_THREADS_ONLY),1) - OS_DEFINES += -D_REENTRANT -endif - -# Purify doesn't like -MDupdate -NOMD_OS_CFLAGS += $(DSO_CFLAGS) $(OS_DEFINES) $(SOL_CFLAGS) - -MKSHLIB = $(LD) $(DSO_LDOPTS) - -# ld options: -# -G: produce a shared object -# -z defs: no unresolved symbols allowed -DSO_LDOPTS += -G -h $(notdir $@) - -# -KPIC generates position independent code for use in shared libraries. -# (Similarly for -fPIC in case of gcc.) -ifdef NS_USE_GCC - DSO_CFLAGS += -fPIC -else - DSO_CFLAGS += -KPIC -endif - -NOSUCHFILE = /solaris-rm-f-sucks - diff --git a/security/coreconf/UNIX.mk b/security/coreconf/UNIX.mk deleted file mode 100644 index b47bb8ac4..000000000 --- a/security/coreconf/UNIX.mk +++ /dev/null @@ -1,92 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -XP_DEFINE += -DXP_UNIX -LIB_SUFFIX = a -DLL_SUFFIX = so -AR = ar -AR += cr $@ -LDOPTS += -L$(SOURCE_LIB_DIR) - -ifdef BUILD_OPT - OPTIMIZER += -O - DEFINES += -UDEBUG -DNDEBUG -else - OPTIMIZER += -g - DEFINES += -DDEBUG -UNDEBUG -DDEBUG_$(shell whoami) -endif - -ifdef BUILD_TREE -NSINSTALL_DIR = $(BUILD_TREE)/nss -NSINSTALL = $(BUILD_TREE)/nss/nsinstall -else -NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall -NSINSTALL = $(NSINSTALL_DIR)/$(OBJDIR_NAME)/nsinstall -endif - -MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend -MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend -MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk - -#################################################################### -# -# One can define the makefile variable NSDISTMODE to control -# how files are published to the 'dist' directory. If not -# defined, the default is "install using relative symbolic -# links". The two possible values are "copy", which copies files -# but preserves source mtime, and "absolute_symlink", which -# installs using absolute symbolic links. The "absolute_symlink" -# option requires NFSPWD. -# - THIS IS NOT PART OF THE NEW BINARY RELEASE PLAN for 9/30/97 -# - WE'RE KEEPING IT ONLY FOR BACKWARDS COMPATIBILITY -#################################################################### - -ifeq ($(NSDISTMODE),copy) - # copy files, but preserve source mtime - INSTALL = $(NSINSTALL) - INSTALL += -t -else - ifeq ($(NSDISTMODE),absolute_symlink) - # install using absolute symbolic links - INSTALL = $(NSINSTALL) - INSTALL += -L `$(NFSPWD)` - else - # install using relative symbolic links - INSTALL = $(NSINSTALL) - INSTALL += -R - endif -endif - -define MAKE_OBJDIR -if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi -endef diff --git a/security/coreconf/UNIXWARE2.1.mk b/security/coreconf/UNIXWARE2.1.mk deleted file mode 100644 index b9bd69900..000000000 --- a/security/coreconf/UNIXWARE2.1.mk +++ /dev/null @@ -1,51 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Config stuff for SCO Unixware 2.1 -# - -include $(CORE_DEPTH)/coreconf/UNIX.mk - -DEFAULT_COMPILER = $(CORE_DEPTH)/build/hcc - -CC = $(CORE_DEPTH)/build/hcc -CCC = $(CORE_DEPTH)/build/hcpp -RANLIB = true -OS_CFLAGS = -KPIC -DSVR4 -DSYSV -DUNIXWARE -MKSHLIB = $(LD) -MKSHLIB += $(DSO_LDOPTS) -DSO_LDOPTS += -G -CPU_ARCH = x86 -ARCH = sco -NOSUCHFILE = /solaris-rm-f-sucks diff --git a/security/coreconf/WIN16.mk b/security/coreconf/WIN16.mk deleted file mode 100644 index 68832d21c..000000000 --- a/security/coreconf/WIN16.mk +++ /dev/null @@ -1,117 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# win16_3.11.mk -- Make configuration for Win16 -# -# This file configures gmake to build the Win16 variant of -# NSPR 2.0. This file has the function of two files commonly -# used on other platforms, for example: winnt.mk and -# winnt4.0.mk. ... The packaging is easier and there is only -# one variant of the Win16 target. -# -# Win16 is built using the Watcom C/C++ version 11.0 -# compiler. You gotta set up the compiler first. -# The Watcom compiler depends on a few environment -# variables; these environment variables define where the -# compiler components are installed; they must be set before -# running the make. -# -# Notes: -# OS_CFLAGS is the command line options for the compiler when -# building the .DLL object files. -# OS_EXE_CFLAGS is the command line options for the compiler -# when building the .EXE object files; this is for the test -# programs. -# the macro OS_CFLAGS is set to OS_EXE_CFLAGS inside of the -# makefile for the pr/tests directory. ... Hack. -# -# -# -# - -# -- configuration ----------------------------------------- - -DEFAULT_COMPILER = wcc - -CC = wcc -CCC = wcl -LINK = wlink -AR = wlib -AR += -q $@ -RC = wrc.exe -RC += /r /dWIN16=1 /bt=windows -RANLIB = echo -BSDECHO = echo -NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall -NSINSTALL = nsinstall -INSTALL = $(NSINSTALL) -MAKE_OBJDIR = mkdir -MAKE_OBJDIR += $(OBJDIR) -XP_DEFINE += -DXP_PC -LIB_SUFFIX = lib -DLL_SUFFIX = dll - -ifdef BUILD_OPT - OPTIMIZER = -oneatx -oh -oi -ei -3 -fpi87 -fp3 -else - OPTIMIZER += -d2 -hc -DDEBUG -# OPTIMIZER += -d2 -hw -DDEBUG -# LDFLAGS += -DEBUG -DEBUGTYPE:CV -endif - -# -# $(CPU_ARCH) has been commented out so that its contents -# are not added to the WIN16_?.OBJ names thus expanding -# them beyond the 8.3 character limit for this platform. -# -#CPU_ARCH = x386 -# -# added "-s" to avoid dependency on watcom's libs (e.g. on _STK) -# added "-zt3" for compatibility with MSVC's "/Gt3" option -# -OS_CFLAGS += -ml -3 -bd -zc -zu -bt=windows -s -zt3 -d_X86_ -dWIN16 -d_WINDLL -#OS_EXE_CFLAGS += -ml -3 -bt=windows -d_X86_ -dWIN16 -OS_LIB_FLAGS = -c -iro - -# Name of the binary code directories -OS_DLL_OPTION = CASEEXACT -OS_DLLFLAGS = -OS_LIBS = -W16_EXPORTS = # - -# -# The following is NOT needed for the NSPR 2.0 library. -# - -OS_CFLAGS += -d_WINDOWS -d_MSC_VER=700 diff --git a/security/coreconf/WIN32.mk b/security/coreconf/WIN32.mk deleted file mode 100644 index f961e3e51..000000000 --- a/security/coreconf/WIN32.mk +++ /dev/null @@ -1,104 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Configuration common to all versions of Windows NT -# and Windows 95 -# - -DEFAULT_COMPILER = cl - -CC = cl -CCC = cl -LINK = link -AR = lib -AR += -NOLOGO -OUT:"$@" -RANLIB = echo -BSDECHO = echo - -ifdef BUILD_TREE -NSINSTALL_DIR = $(BUILD_TREE)/nss -else -NSINSTALL_DIR = $(CORE_DEPTH)/coreconf/nsinstall -endif -NSINSTALL = nsinstall - -MKDEPEND_DIR = $(CORE_DEPTH)/coreconf/mkdepend -MKDEPEND = $(MKDEPEND_DIR)/$(OBJDIR_NAME)/mkdepend.exe -# Note: MKDEPENDENCIES __MUST__ be a relative pathname, not absolute. -# If it is absolute, gmake will crash unless the named file exists. -MKDEPENDENCIES = $(OBJDIR_NAME)/depend.mk - -INSTALL = $(NSINSTALL) -MAKE_OBJDIR = mkdir -MAKE_OBJDIR += $(OBJDIR) -RC = rc.exe -GARBAGE += $(OBJDIR)/vc20.pdb $(OBJDIR)/vc40.pdb -XP_DEFINE += -DXP_PC -LIB_SUFFIX = lib -DLL_SUFFIX = dll - -ifdef BUILD_OPT - OS_CFLAGS += -MD - OPTIMIZER += -O2 - DEFINES += -UDEBUG -U_DEBUG -DNDEBUG - DLLFLAGS += -OUT:"$@" -else - # - # Define USE_DEBUG_RTL if you want to use the debug runtime library - # (RTL) in the debug build - # - ifdef USE_DEBUG_RTL - OS_CFLAGS += -MDd - else - OS_CFLAGS += -MD - endif - OPTIMIZER += -Od -Z7 - #OPTIMIZER += -Zi -Fd$(OBJDIR)/ -Od - DEFINES += -DDEBUG -D_DEBUG -UNDEBUG -DDEBUG_$(USERNAME) - DLLFLAGS += -DEBUG -DEBUGTYPE:CV -OUT:"$@" - LDFLAGS += -DEBUG -DEBUGTYPE:CV -endif - -DEFINES += -DWIN32 - -# -# The following is NOT needed for the NSPR 2.0 library. -# - -DEFINES += -D_WINDOWS - -# override default, which is ASFLAGS = CFLAGS -AS = ml.exe -ASFLAGS = -Cp -Sn -Zi -coff $(INCLUDES) - diff --git a/security/coreconf/WIN954.0.mk b/security/coreconf/WIN954.0.mk deleted file mode 100644 index 8b99703fe..000000000 --- a/security/coreconf/WIN954.0.mk +++ /dev/null @@ -1,66 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Config stuff for WIN95 -# -# This makefile defines the following variables: -# CPU_ARCH, OS_CFLAGS, and OS_DLLFLAGS. -# PROCESSOR is an internal variable. - -include $(CORE_DEPTH)/coreconf/WIN32.mk - -PROCESSOR := $(shell uname -p) -ifeq ($(PROCESSOR), I386) - CPU_ARCH = x386 - OS_CFLAGS += -W3 -nologo - DEFINES += -D_X86_ -else - ifeq ($(PROCESSOR), MIPS) - CPU_ARCH = MIPS - #OS_CFLAGS += -W3 -nologo - #DEFINES += -D_MIPS_ - OS_CFLAGS += -W3 -nologo - else - ifeq ($(PROCESSOR), ALPHA) - CPU_ARCH = ALPHA - OS_CFLAGS += -W3 -nologo - DEFINES += -D_ALPHA_=1 - else - CPU_ARCH = processor_is_undefined - endif - endif -endif - -OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE -DEFINES += -DWIN95 diff --git a/security/coreconf/WINNT3.51.mk b/security/coreconf/WINNT3.51.mk deleted file mode 100644 index 606e7a3b1..000000000 --- a/security/coreconf/WINNT3.51.mk +++ /dev/null @@ -1,70 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Config stuff for WINNT 3.51 -# -# This makefile defines the following variables: -# CPU_ARCH, OS_CFLAGS, and OS_DLLFLAGS. -# It has the following internal variables: -# OS_PROC_CFLAGS and OS_WIN_CFLAGS. - -include $(CORE_DEPTH)/coreconf/WIN32.mk - -PROCESSOR := $(shell uname -p) -ifeq ($(PROCESSOR), I386) - CPU_ARCH = x386 - OS_PROC_CFLAGS += -D_X86_ -else - ifeq ($(PROCESSOR), MIPS) - CPU_ARCH = MIPS - OS_PROC_CFLAGS += -D_MIPS_ - else - ifeq ($(PROCESSOR), ALPHA) - CPU_ARCH = ALPHA - OS_PROC_CFLAGS += -D_ALPHA_ - else - CPU_ARCH = processor_is_undefined - endif - endif -endif - -OS_WIN_CFLAGS += -W3 -OS_CFLAGS += -nologo $(OS_WIN_CFLAGS) $(OS_PROC_CFLAGS) -#OS_DLLFLAGS += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS -OS_DLLFLAGS += -nologo -DLL -PDB:NONE -SUBSYSTEM:WINDOWS -# -# Win NT needs -GT so that fibers can work -# -OS_CFLAGS += -GT -OS_CFLAGS += -DWINNT diff --git a/security/coreconf/WINNT4.0.mk b/security/coreconf/WINNT4.0.mk deleted file mode 100644 index c760bb4fb..000000000 --- a/security/coreconf/WINNT4.0.mk +++ /dev/null @@ -1,72 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Config stuff for WINNT 4.0 -# -# This makefile defines the following variables: -# CPU_ARCH, OS_CFLAGS, and OS_DLLFLAGS. -# PROCESSOR is an internal variable. - -include $(CORE_DEPTH)/coreconf/WIN32.mk - -PROCESSOR := $(shell uname -p) -ifeq ($(PROCESSOR), I386) - CPU_ARCH = x386 - OS_CFLAGS += -W3 -nologo - DEFINES += -D_X86_ -else - ifeq ($(PROCESSOR), MIPS) - CPU_ARCH = MIPS - #OS_CFLAGS += -W3 -nologo - #DEFINES += -D_MIPS_ - OS_CFLAGS += -W3 -nologo - else - ifeq ($(PROCESSOR), ALPHA) - CPU_ARCH = ALPHA - OS_CFLAGS += -W3 -nologo - DEFINES += -D_ALPHA_=1 - else - CPU_ARCH = processor_is_undefined - endif - endif -endif - -OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE -# -# Win NT needs -GT so that fibers can work -# -OS_CFLAGS += -GT -DEFINES += -DWINNT - -NSPR31_LIB_PREFIX = lib diff --git a/security/coreconf/WINNT5.0.mk b/security/coreconf/WINNT5.0.mk deleted file mode 100644 index 844e7c048..000000000 --- a/security/coreconf/WINNT5.0.mk +++ /dev/null @@ -1,72 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Config stuff for WINNT 5.0 (Windows 2000) -# -# This makefile defines the following variables: -# CPU_ARCH, OS_CFLAGS, and OS_DLLFLAGS. -# PROCESSOR is an internal variable. - -include $(CORE_DEPTH)/coreconf/WIN32.mk - -PROCESSOR := $(shell uname -p) -ifeq ($(PROCESSOR), I386) - CPU_ARCH = x386 - OS_CFLAGS += -W3 -nologo - DEFINES += -D_X86_ -else - ifeq ($(PROCESSOR), MIPS) - CPU_ARCH = MIPS - #OS_CFLAGS += -W3 -nologo - #DEFINES += -D_MIPS_ - OS_CFLAGS += -W3 -nologo - else - ifeq ($(PROCESSOR), ALPHA) - CPU_ARCH = ALPHA - OS_CFLAGS += -W3 -nologo - DEFINES += -D_ALPHA_=1 - else - CPU_ARCH = processor_is_undefined - endif - endif -endif - -OS_DLLFLAGS += -nologo -DLL -SUBSYSTEM:WINDOWS -PDB:NONE -# -# Win NT needs -GT so that fibers can work -# -OS_CFLAGS += -GT -DEFINES += -DWINNT - -NSPR31_LIB_PREFIX = lib diff --git a/security/coreconf/arch.mk b/security/coreconf/arch.mk deleted file mode 100644 index 9d27f4c17..000000000 --- a/security/coreconf/arch.mk +++ /dev/null @@ -1,305 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" macros for getting the OS architecture # -####################################################################### - -# -# Macros for getting the OS architecture -# - -ifeq ($(USE_64), 1) - 64BIT_TAG=_64 -else - 64BIT_TAG= -endif - -OS_ARCH := $(subst /,_,$(shell uname -s)) - -# -# Attempt to differentiate between sparc and x86 Solaris -# - -OS_TEST := $(shell uname -m) -ifeq ($(OS_TEST),i86pc) - OS_RELEASE := $(shell uname -r)_$(OS_TEST) -else - OS_RELEASE := $(shell uname -r) -endif - -# -# Force the IRIX64 machines to use IRIX. -# - -ifeq ($(OS_ARCH),IRIX64) - OS_ARCH = IRIX -endif - -# -# Force the older BSD/OS versions to use the new arch name. -# - -ifeq ($(OS_ARCH),BSD_386) - OS_ARCH = BSD_OS -endif - -# -# Catch Deterim if SVR4 is NCR or UNIXWARE -# - -ifeq ($(OS_ARCH),UNIX_SV) - ifneq ($(findstring NCR, $(shell grep NCR /etc/bcheckrc | head -1 )),) - OS_ARCH = NCR - else - # Make UnixWare something human readable - OS_ARCH = UNIXWARE - endif - - # Get the OS release number, not 4.2 - OS_RELEASE := $(shell uname -v) -endif - -ifeq ($(OS_ARCH),UNIX_System_V) - OS_ARCH = NEC -endif - -ifeq ($(OS_ARCH),AIX) - OS_RELEASE := $(shell uname -v).$(shell uname -r) -endif - -# -# Distinguish between OSF1 V4.0B and V4.0D -# - -ifeq ($(OS_ARCH)$(OS_RELEASE),OSF1V4.0) - OS_VERSION := $(shell uname -v) - ifeq ($(OS_VERSION),564) - OS_RELEASE := V4.0B - endif - ifeq ($(OS_VERSION),878) - OS_RELEASE := V4.0D - endif -endif - -# -# SINIX changes name to ReliantUNIX with 5.43 -# - -ifeq ($(OS_ARCH),ReliantUNIX-N) - OS_ARCH = ReliantUNIX - OS_RELEASE = 5.4 -endif - -ifeq ($(OS_ARCH),SINIX-N) - OS_ARCH = ReliantUNIX - OS_RELEASE = 5.4 -endif - -# -# Handle FreeBSD 2.2-STABLE and Linux 2.0.30-osfmach3 -# - -ifeq (,$(filter-out Linux FreeBSD,$(OS_ARCH))) -OS_RELEASE := $(shell echo $(OS_RELEASE) | sed 's/-.*//') -endif - -ifeq ($(OS_ARCH),Linux) - OS_RELEASE := $(basename $(OS_RELEASE)) -endif - -# -# For OS/2 -# -ifeq ($(OS_ARCH),OS_2) - OS_ARCH = OS2 - OS_RELEASE := $(shell uname -v) -endif - -ifneq (,$(findstring OpenVMS,$(OS_ARCH))) - OS_ARCH = OpenVMS - OS_RELEASE := $(shell uname -v) -endif - -####################################################################### -# Master "Core Components" macros for getting the OS target # -####################################################################### - -# -# Note: OS_TARGET should be specified on the command line for gmake. -# When OS_TARGET=WIN95 is specified, then a Windows 95 target is built. -# The difference between the Win95 target and the WinNT target is that -# the WinNT target uses Windows NT specific features not available -# in Windows 95. The Win95 target will run on Windows NT, but (supposedly) -# at lesser performance (the Win95 target uses threads; the WinNT target -# uses fibers). -# -# When OS_TARGET=WIN16 is specified, then a Windows 3.11 (16bit) target -# is built. See: win16_3.11.mk for lots more about the Win16 target. -# -# If OS_TARGET is not specified, it defaults to $(OS_ARCH), i.e., no -# cross-compilation. -# - -# -# The following hack allows one to build on a WIN95 machine (as if -# s/he were cross-compiling on a WINNT host for a WIN95 target). -# It also accomodates for MKS's uname.exe. If you never intend -# to do development on a WIN95 machine, you don't need this. It doesn't -# work any more anyway. -# -ifeq ($(OS_ARCH),WIN95) - OS_ARCH = WINNT - OS_TARGET = WIN95 -endif -ifeq ($(OS_ARCH),Windows_95) - OS_ARCH = Windows_NT - OS_TARGET = WIN95 -endif - -# -# On WIN32, we also define the variable CPU_ARCH. -# - -ifeq ($(OS_ARCH), WINNT) - CPU_ARCH := $(shell uname -p) - ifeq ($(CPU_ARCH),I386) - CPU_ARCH = x386 - endif -else -# -# If uname -s returns "Windows_NT", we assume that we are using -# the uname.exe in MKS toolkit. -# -# The -r option of MKS uname only returns the major version number. -# So we need to use its -v option to get the minor version number. -# Moreover, it doesn't have the -p option, so we need to use uname -m. -# -ifeq ($(OS_ARCH), Windows_NT) - OS_ARCH = WINNT - OS_MINOR_RELEASE := $(shell uname -v) - ifeq ($(OS_MINOR_RELEASE),00) - OS_MINOR_RELEASE = 0 - endif - OS_RELEASE := $(OS_RELEASE).$(OS_MINOR_RELEASE) - CPU_ARCH := $(shell uname -m) - # - # MKS's uname -m returns "586" on a Pentium machine. - # - ifneq (,$(findstring 86,$(CPU_ARCH))) - CPU_ARCH = x386 - endif -endif -endif - -ifndef OS_TARGET - OS_TARGET = $(OS_ARCH) -endif - -ifeq ($(OS_TARGET), WIN95) - OS_RELEASE = 4.0 -endif - -ifeq ($(OS_TARGET), WIN16) - OS_RELEASE = -# OS_RELEASE = _3.11 -endif - -# -# This variable is used to get OS_CONFIG.mk. -# - -OS_CONFIG = $(OS_TARGET)$(OS_RELEASE) - -# -# OBJDIR_TAG depends on the predefined variable BUILD_OPT, -# to distinguish between debug and release builds. -# - -ifdef BUILD_OPT - ifeq ($(OS_TARGET),WIN16) - OBJDIR_TAG = _O - else - OBJDIR_TAG = $(64BIT_TAG)_OPT - endif -else - ifdef BUILD_IDG - ifeq ($(OS_TARGET),WIN16) - OBJDIR_TAG = _I - else - OBJDIR_TAG = $(64BIT_TAG)_IDG - endif - else - ifeq ($(OS_TARGET),WIN16) - OBJDIR_TAG = _D - else - OBJDIR_TAG = $(64BIT_TAG)_DBG - endif - endif -endif - -# -# The following flags are defined in the individual $(OS_CONFIG).mk -# files. -# -# CPU_TAG is defined if the CPU is not the most common CPU. -# COMPILER_TAG is defined if the compiler is not the native compiler. -# IMPL_STRATEGY may be defined too. -# - -# Name of the binary code directories -ifeq ($(OS_ARCH), WINNT) - ifeq ($(CPU_ARCH),x386) - OBJDIR_NAME = $(OS_CONFIG)$(OBJDIR_TAG).OBJ - else - OBJDIR_NAME = $(OS_CONFIG)$(CPU_ARCH)$(OBJDIR_TAG).OBJ - endif -else -endif - -OBJDIR_NAME = $(OS_CONFIG)$(CPU_TAG)$(COMPILER_TAG)$(LIBC_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJ - -ifeq ($(OS_ARCH), WINNT) -ifneq ($(OS_TARGET),WIN16) -ifndef BUILD_OPT -# -# Define USE_DEBUG_RTL if you want to use the debug runtime library -# (RTL) in the debug build -# -ifdef USE_DEBUG_RTL - OBJDIR_NAME = $(OS_CONFIG)$(CPU_TAG)$(COMPILER_TAG)$(IMPL_STRATEGY)$(OBJDIR_TAG).OBJD -endif -endif -endif -endif - diff --git a/security/coreconf/command.mk b/security/coreconf/command.mk deleted file mode 100644 index 7789b3f7d..000000000 --- a/security/coreconf/command.mk +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" default command macros; # -# can be overridden in .mk # -####################################################################### - -AS = $(CC) -ASFLAGS += $(CFLAGS) -CCF = $(CC) $(CFLAGS) -LINK_DLL = $(LINK) $(OS_DLLFLAGS) $(DLLFLAGS) -LINK_EXE = $(LINK) $(OS_LFLAGS) $(LFLAGS) -NFSPWD = $(NSINSTALL_DIR)/nfspwd -CFLAGS += $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \ - $(XCFLAGS) -RANLIB = echo -TAR = /bin/tar -# -# For purify -# -NOMD_CFLAGS += $(OPTIMIZER) $(NOMD_OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \ - $(XCFLAGS) - diff --git a/security/coreconf/config.mk b/security/coreconf/config.mk deleted file mode 100644 index 9e606f2d5..000000000 --- a/security/coreconf/config.mk +++ /dev/null @@ -1,150 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# Configuration information for building in the "Core Components" source module -# - -####################################################################### -# [1.0] Master "Core Components" source and release # -# tags # -####################################################################### - -include $(CORE_DEPTH)/coreconf/arch.mk - -####################################################################### -# [2.0] Master "Core Components" default command macros # -# (NOTE: may be overridden in $(OS_CONFIG).mk) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/command.mk - -####################################################################### -# [3.0] Master "Core Components" -specific macros # -# (dependent upon tags) # -# # -# We are moving towards just having a $(OS_TARGET).mk file # -# as opposed to multiple $(OS_CONFIG).mk files, one for # -# each OS release. # -####################################################################### - -ifeq (,$(filter-out FreeBSD BSD_OS NetBSD OS2,$(OS_TARGET))) -include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk -else -include $(CORE_DEPTH)/coreconf/$(OS_CONFIG).mk -endif - -####################################################################### -# [4.0] Master "Core Components" source and release tags # -# (dependent upon tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/platform.mk - -####################################################################### -# [5.0] Master "Core Components" release tags # -# (dependent upon tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/tree.mk - -####################################################################### -# [6.0] Master "Core Components" source and release tags # -# NOTE: A component is also called a module or a subsystem. # -# (dependent upon $(MODULE) being defined on the # -# command line, as an environment variable, or in individual # -# makefiles, or more appropriately, manifest.mn) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/module.mk - -####################################################################### -# [7.0] Master "Core Components" release tags # -# (dependent upon $(MODULE) being defined on the # -# command line, as an environment variable, or in individual # -# makefiles, or more appropriately, manifest.mn) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/version.mk - -####################################################################### -# [8.0] Master "Core Components" macros to figure out # -# binary code location # -# (dependent upon tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/location.mk - -####################################################################### -# [9.0] Master "Core Components" -specific source path # -# (dependent upon , , # -# , and tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/source.mk - -####################################################################### -# [10.0] Master "Core Components" include switch for support header # -# files # -# (dependent upon , , , # -# and tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/headers.mk - -####################################################################### -# [11.0] Master "Core Components" for computing program prefixes # -####################################################################### - -include $(CORE_DEPTH)/coreconf/prefix.mk - -####################################################################### -# [12.0] Master "Core Components" for computing program suffixes # -# (dependent upon tags) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/suffix.mk - -####################################################################### -# [13.0] Master "Core Components" for defining JDK # -# (dependent upon , , and tags)# -####################################################################### - -include $(CORE_DEPTH)/coreconf/jdk.mk - -####################################################################### -# [14.0] Master "Core Components" rule set # -# (should always be the last file included by config.mk) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/ruleset.mk --include $(MKDEPENDENCIES) - diff --git a/security/coreconf/coreconf.pl b/security/coreconf/coreconf.pl deleted file mode 100644 index 8471b0ead..000000000 --- a/security/coreconf/coreconf.pl +++ /dev/null @@ -1,156 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -sub recursive_copy { - local($fromdir); - local($todir); - local(@dirlist); - $fromdir = shift; - $todir = shift; - - print STDERR "recursive copy called with $fromdir, $todir\n"; - -#remove any trailing slashes. - $fromdir =~ s/\/$//; - $todir =~ s/\/$//; - - opendir(DIR, $fromdir); - @dirlist = readdir DIR; - close DIR; - - - foreach $file (@dirlist) { - if (! (($file eq "." ) || ($file eq "..") )) { - - if (-d "$fromdir/$file") { - print STDERR "handling directory $todir/$file\n"; - &rec_mkdir("$todir/$file"); - &recursive_copy("$fromdir/$file","$todir/$file"); - } - else { - print STDERR "handling file $fromdir/$file\n"; - &my_copy("$fromdir/$file","$todir/$file"); - } - } - } -} - -sub parse_argv { - -# print STDERR "Parsing Variables\n"; - - foreach $q ( @ARGV ) { - if (! ($q =~ /=/)) { - $var{$lastassigned} .= " $q"; - } - else { - $q =~ /^([^=]*)=(.*)/; - $left = $1; - $right = $2; - - $right =~ s/ *$//; - $var{$left} = $right; - - $lastassigned = $left; - - } - print STDERR "Assigned $lastassigned = $var{$lastassigned}\n"; - } -} - - -# usage: &my_copy("dir/fromfile","dir2/tofile"); -# do a 'copy' - files only, 'to' MUST be a filename, not a directory. - -# fix this to be able to use copy on win nt. - -sub my_copy { - local($from); - local($to); - local($cpcmd); - - $from = shift; - $to = shift; - - if ( ! defined $var{OS_ARCH}) { - die "OS_ARCH not defined!"; - } - else { - if ($var{OS_ARCH} eq 'WINNT') { - $cpcmd = 'cp'; - } - else { - $cpcmd = 'cp'; - } - print STDERR "COPYING: $cpcmd $from $to\n"; - system("$cpcmd $from $to"); - } -} - - -sub old_my_copy { - local($from); - local($to); - - $from = shift; - $to = shift; - open(FIN, "<$from") || die("Can't read from file $from\n"); - if ( ! open(FOUT,">$to")) { - close FIN; - die "Can't write to file $to\n"; - } - while (read(FIN, $buf, 100000)) { - print FOUT $buf; - } - close (FIN); - close (FOUT); -} - -sub rec_mkdir { - local($arg); - local($t); - local($q); - - $arg = shift; - $t = ""; - foreach $q (split(/\//,$arg)) { - $t .= $q; - if (! ($t =~ /\.\.$/)) { - if ($t =~ /./) { - mkdir($t,0775); - } - } - $t.= '/'; - } -} - -1; diff --git a/security/coreconf/cpdist.pl b/security/coreconf/cpdist.pl deleted file mode 100755 index cea077990..000000000 --- a/security/coreconf/cpdist.pl +++ /dev/null @@ -1,195 +0,0 @@ -#! /usr/local/bin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -require('coreconf.pl'); - -#######-- read in variables on command line into %var - -&parse_argv; - -### do the copy - -print STDERR "RELEASE TREE / MODULE = $var{RELEASE_TREE} $var{MODULE}\n"; - - - -# 1 -if ($var{RELEASE} eq "") { exit; } # Can't do release here, so exit. - -# 2 -#if (! ($var{RELEASE} =~ /\//)) { # if no specific version is specified in RELEASE variable -# $component = $var{RELEASE}; -#} -#else { # if a subcomponent/version is given in the RELEASE variable -# $var{RELEASE} =~ m|^([^/]*)/|; -# $component = $1; # everything before the first slash; -# } - -# 3 -$path = $var{RELEASE}; - - -# 4 -# find out what directory we would create for 'today' - -$year = (localtime)[5] + 1900; -$month = (localtime)[4] + 1; -$day = (localtime)[3]; -$today = sprintf( "%d%02d%02d", $year, $month, $day ); - -# 5 -# if version is null, then set the version to today. -if ($var{"RELEASE_VERSION"} eq "") { - $var{"RELEASE_VERSION"} = $today; -} - -#6 -$version = $var{"RELEASE_VERSION"}; # set RELEASE_VERSION to passed in variable - -#7 -# if version is today, then we will want to make a 'current' link. - -if ($version eq $today) { - $create_current = 1; -} - -#8 -# version can be a) passed in value from command line, b) value in manifest.mn -# or c) computed value such as '19970909' - - -$dir = "$var{'RELEASE_TREE'}/$path"; - -#9 -if (! (-e "$dir/$version" && -d "$dir/$version")) { - print "making dir $dir \n"; - &rec_mkdir("$dir/$version"); -} - - - -print "version = $version\n"; -print "path = $path\n"; -print "var{release_tree} = $var{'RELEASE_TREE'}\n"; -print "dir = $dir = RELEASE_TREE/path\n"; - - -#10 -if ($create_current == 1) { - -# unlinking and linking always occurs, even if the link is correct - print "unlinking $dir/current\n"; - unlink("$dir/current"); - - print "putting version number $today into 'current' file.."; - - open(FILE,">$dir/current") || die " couldn't open current\n"; - print FILE "$today\n"; - close(FILE); - print " ..done\n" - -} - -&rec_mkdir("$dir/$version/$var{'RELEASE_MD_DIR'}"); -&rec_mkdir("$dir/$version/$var{'RELEASE_XP_DIR'}"); - - - - -foreach $jarfile (split(/ /,$var{FILES}) ) { - print STDERR "---------------------------------------------\n"; - - $jarinfo = $var{$jarfile}; - - ($jardir,$jaropts) = split(/\|/,$jarinfo); - - if ($jaropts =~ /f/) { - print STDERR "Copying files $jardir....\n"; - } - else { - print STDERR "Copying jar file $jarfile....\n"; - } - - print "jaropts = $jaropts\n"; - - if ($jaropts =~ /m/) { - $destdir = $var{"RELEASE_MD_DIR"}; - print "found m, using MD dir $destdir\n"; - } - elsif ($jaropts =~ /x/) { - $destdir = $var{"RELEASE_XP_DIR"}; - print "found x, using XP dir $destdir\n"; - } - else { - die "Error: must specify m or x in jar options in $jarinfo line\n"; - } - - - $distdir = "$dir/$version/$destdir"; - - - - if ($jaropts =~ /f/) { - - print "splitting: \"$jardir\"\n"; - for $srcfile (split(/ /,$jardir)) { - -#if srcfile has a slash - if ($srcfile =~ m|/|) { -#pull out everything before the last slash into $1 - $srcfile =~ m|(.*)/|; - $distsubdir = "/$1"; - print "making dir $distdir$distsubdir\n"; - &rec_mkdir("$distdir$distsubdir"); - } - print "copy: from $srcfile\n"; - print " to $distdir$distsubdir\n"; - $srcprefix = ""; - if ($jaropts =~/m/) { - $srcprefix = "$var{'PLATFORM'}/"; - } - system("cp $srcprefix$srcfile $distdir$distsubdir"); - } - } - else { - $srcfile = "$var{SOURCE_RELEASE_PREFIX}/$jardir/$jarfile"; - - print "copy: from $srcfile\n"; - print " to $distdir\n"; - - system("cp $srcfile $distdir"); - - } - - } - diff --git a/security/coreconf/headers.mk b/security/coreconf/headers.mk deleted file mode 100644 index c23eefd9a..000000000 --- a/security/coreconf/headers.mk +++ /dev/null @@ -1,58 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" include switch for support header files # -####################################################################### - -# -# Always append source-side machine-dependent (md) and cross-platform -# (xp) include paths -# - -INCLUDES += -I$(SOURCE_MDHEADERS_DIR) - -ifneq ($(OS_TARGET),WIN16) -INCLUDES += -I$(SOURCE_XPHEADERS_DIR) -endif - -# -# Only append source-side private cross-platform include paths for -# sectools -# - -INCLUDES += -I$(SOURCE_XPPRIVATE_DIR) - -ifdef MOZILLA_CLIENT -INCLUDES += -I$(SOURCE_XP_DIR)/include $(MOZILLA_INCLUDES) -endif diff --git a/security/coreconf/import.pl b/security/coreconf/import.pl deleted file mode 100755 index 0bba3c820..000000000 --- a/security/coreconf/import.pl +++ /dev/null @@ -1,218 +0,0 @@ -#! /usr/local/bin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -print STDERR "import.pl\n"; - -require('coreconf.pl'); - - -$returncode =0; - - -#######-- read in variables on command line into %var - -$var{ZIP} = "zip"; -$var{UNZIP} = "unzip -o"; - -&parse_argv; - -if (! ($var{IMPORTS} =~ /\w/)) { - print STDERR "nothing to import\n"; -} - -######-- Do the import! - -foreach $import (split(/ /,$var{IMPORTS}) ) { - - print STDERR "\n\nIMPORTING .... $import\n-----------------------------\n"; - - -# if a specific version specified in IMPORT variable -# (if $import has a slash in it) - - if ($import =~ /\//) { - # $component=everything before the first slash of $import - - $import =~ m|^([^/]*)/|; - $component = $1; - - $import =~ m|^(.*)/([^/]*)$|; - - # $path=everything before the last slash of $import - $path = $1; - - # $version=everything after the last slash of $import - $version = $2; - - if ($var{VERSION} ne "current") { - $version = $var{VERSION}; - } - } - else { - $component = $import; - $path = $import; - $version = $var{VERSION}; - } - - $releasejardir = "$var{RELEASE_TREE}/$path"; - if ($version eq "current") { - print STDERR "Current version specified. Reading 'current' file ... \n"; - - open(CURRENT,"$releasejardir/current") || die "NO CURRENT FILE\n"; - $version = ; - $version =~ s/(\r?\n)*$//; # remove any trailing [CR/]LF's - close(CURRENT); - print STDERR "Using version $version\n"; - if ( $version eq "") { - die "Current version file empty. Stopping\n"; - } - } - - $releasejardir = "$releasejardir/$version"; - if ( ! -d $releasejardir) { - die "$releasejardir doesn't exist (Invalid Version?)\n"; - } - foreach $jarfile (split(/ /,$var{FILES})) { - - ($relpath,$distpath,$options) = split(/\|/, $var{$jarfile}); - - if ($var{'OVERRIDE_IMPORT_CHECK'} eq 'YES') { - $options =~ s/v//g; - } - - if ( $relpath ne "") { $releasejarpathname = "$releasejardir/$relpath";} - else { $releasejarpathname = $releasejardir; } - -# If a component doesn't have IDG versions, import the DBG ones - if( ! -e "$releasejarpathname/$jarfile" ) { - if( $relpath =~ /IDG\.OBJ$/ ) { - $relpath =~ s/IDG.OBJ/DBG.OBJ/; - $releasejarpathname = "$releasejardir/$relpath"; - } elsif( $relpath =~ /IDG\.OBJD$/ ) { - $relpath =~ s/IDG.OBJD/DBG.OBJD/; - $releasejarpathname = "$releasejardir/$relpath"; - } - } - - if (-e "$releasejarpathname/$jarfile") { - print STDERR "\nWorking on jarfile: $jarfile\n"; - - if ($distpath =~ m|/$|) { - $distpathname = "$distpath$component"; - } - else { - $distpathname = "$distpath"; - } - - -#the block below is used to determine whether or not the xp headers have -#already been imported for this component - - $doimport = 1; - if ($options =~ /v/) { # if we should check the imported version - print STDERR "Checking if version file exists $distpathname/version\n"; - if (-e "$distpathname/version") { - open( VFILE, "<$distpathname/version") || - die "Cannot open $distpathname/version for reading. Permissions?\n"; - $importversion = ; - close (VFILE); - $importversion =~ s/\r?\n$//; # Strip off any trailing CR/LF - if ($version eq $importversion) { - print STDERR "$distpathname version '$importversion' already imported. Skipping...\n"; - $doimport =0; - } - } - } - - if ($doimport == 1) { - if (! -d "$distpathname") { - &rec_mkdir("$distpathname"); - } - # delete the stuff in there already. - # (this should really be recursive delete.) - - if ($options =~ /v/) { - $remheader = "\nREMOVING files in '$distpathname/' :"; - opendir(DIR,"$distpathname") || - die ("Cannot read directory $distpathname\n"); - @filelist = readdir(DIR); - closedir(DIR); - foreach $file ( @filelist ) { - if (! ($file =~ m!/.?.$!) ) { - if (! (-d $file)) { - $file =~ m!([^/]*)$!; - print STDERR "$remheader $1"; - $remheader = " "; - unlink "$distpathname/$file"; - } - } - } - } - - - print STDERR "\n\n"; - - print STDERR "\nExtracting jarfile '$jarfile' to local directory $distpathname/\n"; - - print STDERR "$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname\n"; - system("$var{UNZIP} $releasejarpathname/$jarfile -d $distpathname"); - - $r = $?; - - if ($options =~ /v/) { - if ($r == 0) { - unlink ("$distpathname/version"); - if (open(VFILE,">$distpathname/version")) { - print VFILE "$version\n"; - close(VFILE); - } - } - else { - print STDERR "Could not create '$distpathname/version'. Permissions?\n"; - $returncode ++; - } - } - } # if (doimport) - } # if (-e releasejarpathname/jarfile) - } # foreach jarfile) -} # foreach IMPORT - - - -exit($returncode); - - - - - diff --git a/security/coreconf/jdk.mk b/security/coreconf/jdk.mk deleted file mode 100644 index 9cbfc3dfe..000000000 --- a/security/coreconf/jdk.mk +++ /dev/null @@ -1,612 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -ifdef NS_USE_JDK -####################################################################### -# [1] Define preliminary JDK "Core Components" toolset options # -####################################################################### - -# set default JDK java threading model -ifeq ($(JDK_THREADING_MODEL),) - JDK_THREADING_MODEL = native_threads -# no such thing as -native flag - JDK_THREADING_MODEL_OPT = -endif - -####################################################################### -# [2] Define platform-independent JDK "Core Components" options # -####################################################################### - -# set default location of the java classes repository -ifeq ($(JAVA_DESTPATH),) -ifdef BUILD_OPT - JAVA_DESTPATH = $(SOURCE_CLASSES_DIR) -else - JAVA_DESTPATH = $(SOURCE_CLASSES_DBG_DIR) -endif -endif - -# set default location of the package under the java classes repository -# note that this overrides the default package value in ruleset.mk -ifeq ($(PACKAGE),) - PACKAGE = . -endif - -# set default location of the java source code repository -ifeq ($(JAVA_SOURCEPATH),) - JAVA_SOURCEPATH = . -endif - -# add JNI directory to default include search path -ifneq ($(JNI_GEN),) - ifdef NSBUILDROOT - INCLUDES += -I$(JNI_GEN_DIR) -I$(SOURCE_XP_DIR) - else - INCLUDES += -I$(JNI_GEN_DIR) - endif -endif - -####################################################################### -# [3] Define platform-dependent JDK "Core Components" options # -####################################################################### - -# set [Microsoft Windows] platforms -ifeq ($(OS_ARCH), WINNT) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = ; - - # (2) specify "header" information - JAVA_ARCH = win32 - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = - - JAVA_LIBDIR = lib - - JAVA_CLIBS = - - JAVA_LIBS = -LIBPATH:$(JAVA_HOME)/$(JAVA_LIBDIR) jvm.lib - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # currently, disable JIT option on this platform - JDK_JIT_OPT = -nojit -endif - -# set [Sun Solaris] platforms -ifeq ($(OS_ARCH), SunOS) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = solaris - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = sparc - -ifeq ($(JDK_VERSION), 1.1) - JAVA_LIBDIR = lib/$(JAVA_CPU) -else - JAVA_LIBDIR = jre/lib/$(JAVA_CPU) -endif - - # ** IMPORTANT ** having -lthread before -lnspr is critical on solaris - # when linking with -ljava as nspr redefines symbols in libthread that - # cause JNI executables to fail with assert of bad thread stack values. - JAVA_CLIBS = -lthread - -ifneq ($(JDK_VERSION), 1.1) - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava -else - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -ljava -endif - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # currently, disable JIT option on this platform - JDK_JIT_OPT = -endif - -# set [Hewlett Packard HP-UX] platforms -ifeq ($(OS_ARCH), HP-UX) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = hp-ux - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = PA_RISC - - JAVA_LIBDIR = jre/lib/$(JAVA_CPU) - - JAVA_CLIBS = - - JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # no JIT option available on this platform - JDK_JIT_OPT = -endif - -# set [Redhat Linux] platforms -ifeq ($(OS_ARCH), Linux) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = linux - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = i386 - - JAVA_LIBDIR = jre/lib/$(JAVA_CPU) - - JAVA_CLIBS = - - JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # no JIT option available on this platform - JDK_JIT_OPT = -endif - -# set [IBM AIX] platforms -ifeq ($(OS_ARCH), AIX) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = aix - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = aix - - JAVA_LIBDIR = jre/bin - - JAVA_CLIBS = - - JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR) -lhpi - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # no JIT option available on this platform - JDK_JIT_OPT = -endif - -# set [Digital UNIX] platforms -ifeq ($(OS_ARCH), OSF1) - JAVA_CLASSES = $(JAVA_HOME)/lib/classes.zip - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/classes.zip - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = alpha - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "linker" information - JAVA_CPU = alpha - - JAVA_LIBDIR = jre/lib/$(JAVA_CPU) - - JAVA_CLIBS = - - JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # no JIT option available on this platform - JDK_JIT_OPT = -endif - -# set [Silicon Graphics IRIX] platforms -ifeq ($(OS_ARCH), IRIX) - JAVA_CLASSES = $(JAVA_HOME)/lib/dev.jar:$(JAVA_HOME)/lib/rt.jar - - ifeq ($(JRE_HOME),) - JRE_HOME = $(JAVA_HOME) - JRE_CLASSES = $(JAVA_CLASSES) - else - ifeq ($(JRE_CLASSES),) - JRE_CLASSES = $(JRE_HOME)/lib/dev.jar:$(JRE_HOME)/lib/rt.jar - endif - endif - - PATH_SEPARATOR = : - - # (2) specify "header" information - JAVA_ARCH = irix - - INCLUDES += -I$(JAVA_HOME)/include - INCLUDES += -I$(JAVA_HOME)/include/$(JAVA_ARCH) - - # (3) specify "-n32 linker" information - JAVA_CPU = sgi - - JAVA_LIBDIR = lib32/$(JAVA_CPU) - - JAVA_CLIBS = - - JAVA_LIBS = -L$(JAVA_HOME)/$(JAVA_LIBDIR)/$(JDK_THREADING_MODEL) -lhpi - JAVA_LIBS += -lirixextra - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR)/classic -ljvm - JAVA_LIBS += -L$(JAVA_HOME)/$(JAVA_LIBDIR) -ljava - JAVA_LIBS += $(JAVA_CLIBS) - - LDFLAGS += $(JAVA_LIBS) - - # no JIT option available on this platform - JDK_JIT_OPT = -endif - -####################################################################### -# [4] Define remaining JDK "Core Components" default toolset options # -####################################################################### - -# set JDK optimization model -ifeq ($(BUILD_OPT),1) - JDK_OPTIMIZER_OPT = -O -else - JDK_OPTIMIZER_OPT = -g -endif - -# set minimal JDK debugging model -ifeq ($(JDK_DEBUG),1) - JDK_DEBUG_OPT = -debug -else - JDK_DEBUG_OPT = -endif - -# set default path to repository for JDK classes -ifeq ($(JDK_CLASS_REPOSITORY_OPT),) - JDK_CLASS_REPOSITORY_OPT = -d $(JAVA_DESTPATH) -endif - -# define a default JDK classpath -ifeq ($(JDK_CLASSPATH),) - JDK_CLASSPATH = '$(JAVA_DESTPATH)$(PATH_SEPARATOR)$(JAVA_SOURCEPATH)$(PATH_SEPARATOR)$(JAVA_CLASSES)' -endif - -# by default, override CLASSPATH environment variable using the JDK classpath option with $(JDK_CLASSPATH) -ifeq ($(JDK_CLASSPATH_OPT),) - JDK_CLASSPATH_OPT = -classpath $(JDK_CLASSPATH) -endif - - -endif - - -ifdef NS_USE_JDK_TOOLSET -####################################################################### -# [5] Define JDK "Core Components" toolset; # -# (always allow a user to override these values) # -####################################################################### - -# -# (1) appletviewer -# - -ifeq ($(APPLETVIEWER),) - APPLETVIEWER_PROG = $(JAVA_HOME)/bin/appletviewer$(PROG_SUFFIX) - APPLETVIEWER_FLAGS = $(JDK_THREADING_MODEL_OPT) - APPLETVIEWER_FLAGS += $(JDK_DEBUG_OPT) - APPLETVIEWER_FLAGS += $(JDK_JIT_OPT) - APPLETVIEWER = $(APPLETVIEWER_PROG) $(APPLETVIEWER_FLAGS) -endif - -# -# (2) jar -# - -ifeq ($(JAR),) - JAR_PROG = $(JAVA_HOME)/bin/jar$(PROG_SUFFIX) - JAR_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAR = $(JAR_PROG) $(JAR_FLAGS) -endif - -# -# (3) java -# - -ifeq ($(JAVA),) - JAVA_PROG = $(JAVA_HOME)/bin/java$(PROG_SUFFIX) - JAVA_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVA_FLAGS += $(JDK_DEBUG_OPT) - JAVA_FLAGS += $(JDK_CLASSPATH_OPT) - JAVA_FLAGS += $(JDK_JIT_OPT) - JAVA = $(JAVA_PROG) $(JAVA_FLAGS) -endif - -# -# (4) javac -# - -ifeq ($(JAVAC),) - JAVAC_PROG = $(JAVA_HOME)/bin/javac$(PROG_SUFFIX) - JAVAC_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAC_FLAGS += $(JDK_OPTIMIZER_OPT) - JAVAC_FLAGS += $(JDK_DEBUG_OPT) - JAVAC_FLAGS += $(JDK_CLASSPATH_OPT) - JAVAC_FLAGS += $(JDK_CLASS_REPOSITORY_OPT) - JAVAC = $(JAVAC_PROG) $(JAVAC_FLAGS) -endif - -# -# (5) javadoc -# - -ifeq ($(JAVADOC),) - JAVADOC_PROG = $(JAVA_HOME)/bin/javadoc$(PROG_SUFFIX) - JAVADOC_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVADOC_FLAGS += $(JDK_CLASSPATH_OPT) - JAVADOC = $(JAVADOC_PROG) $(JAVADOC_FLAGS) -endif - -# -# (6) javah -# - -ifeq ($(JAVAH),) - JAVAH_PROG = $(JAVA_HOME)/bin/javah$(PROG_SUFFIX) - JAVAH_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAH_FLAGS += $(JDK_CLASSPATH_OPT) - JAVAH = $(JAVAH_PROG) $(JAVAH_FLAGS) -endif - -# -# (7) javakey -# - -ifeq ($(JAVAKEY),) - JAVAKEY_PROG = $(JAVA_HOME)/bin/javakey$(PROG_SUFFIX) - JAVAKEY_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAKEY = $(JAVAKEY_PROG) $(JAVAKEY_FLAGS) -endif - -# -# (8) javap -# - -ifeq ($(JAVAP),) - JAVAP_PROG = $(JAVA_HOME)/bin/javap$(PROG_SUFFIX) - JAVAP_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAP_FLAGS += $(JDK_CLASSPATH_OPT) - JAVAP = $(JAVAP_PROG) $(JAVAP_FLAGS) -endif - -# -# (9) javat -# - -ifeq ($(JAVAT),) - JAVAT_PROG = $(JAVA_HOME)/bin/javat$(PROG_SUFFIX) - JAVAT_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAT = $(JAVAT_PROG) $(JAVAT_FLAGS) -endif - -# -# (10) javaverify -# - -ifeq ($(JAVAVERIFY),) - JAVAVERIFY_PROG = $(JAVA_HOME)/bin/javaverify$(PROG_SUFFIX) - JAVAVERIFY_FLAGS = $(JDK_THREADING_MODEL_OPT) - JAVAVERIFY = $(JAVAVERIFY_PROG) $(JAVAVERIFY_FLAGS) -endif - -# -# (11) javaw -# - -ifeq ($(JAVAW),) - jJAVAW_PROG = $(JAVA_HOME)/bin/javaw$(PROG_SUFFIX) - jJAVAW_FLAGS = $(JDK_THREADING_MODEL_OPT) - jJAVAW_FLAGS += $(JDK_DEBUG_OPT) - jJAVAW_FLAGS += $(JDK_CLASSPATH_OPT) - jJAVAW_FLAGS += $(JDK_JIT_OPT) - jJAVAW = $(JAVAW_PROG) $(JAVAW_FLAGS) -endif - -# -# (12) jdb -# - -ifeq ($(JDB),) - JDB_PROG = $(JAVA_HOME)/bin/jdb$(PROG_SUFFIX) - JDB_FLAGS = $(JDK_THREADING_MODEL_OPT) - JDB_FLAGS += $(JDK_DEBUG_OPT) - JDB_FLAGS += $(JDK_CLASSPATH_OPT) - JDB_FLAGS += $(JDK_JIT_OPT) - JDB = $(JDB_PROG) $(JDB_FLAGS) -endif - -# -# (13) jre -# - -ifeq ($(JRE),) - JRE_PROG = $(JAVA_HOME)/bin/jre$(PROG_SUFFIX) - JRE_FLAGS = $(JDK_THREADING_MODEL_OPT) - JRE_FLAGS += $(JDK_CLASSPATH_OPT) - JRE_FLAGS += $(JDK_JIT_OPT) - JRE = $(JRE_PROG) $(JRE_FLAGS) -endif - -# -# (14) jrew -# - -ifeq ($(JREW),) - JREW_PROG = $(JAVA_HOME)/bin/jrew$(PROG_SUFFIX) - JREW_FLAGS = $(JDK_THREADING_MODEL_OPT) - JREW_FLAGS += $(JDK_CLASSPATH_OPT) - JREW_FLAGS += $(JDK_JIT_OPT) - JREW = $(JREW_PROG) $(JREW_FLAGS) -endif - -# -# (15) native2ascii -# - -ifeq ($(NATIVE2ASCII),) - NATIVE2ASCII_PROG = $(JAVA_HOME)/bin/native2ascii$(PROG_SUFFIX) - NATIVE2ASCII_FLAGS = $(JDK_THREADING_MODEL_OPT) - NATIVE2ASCII = $(NATIVE2ASCII_PROG) $(NATIVE2ASCII_FLAGS) -endif - -# -# (16) rmic -# - -ifeq ($(RMIC),) - RMIC_PROG = $(JAVA_HOME)/bin/rmic$(PROG_SUFFIX) - RMIC_FLAGS = $(JDK_THREADING_MODEL_OPT) - RMIC_FLAGS += $(JDK_OPTIMIZER_OPT) - RMIC_FLAGS += $(JDK_CLASSPATH_OPT) - RMIC = $(RMIC_PROG) $(RMIC_FLAGS) -endif - -# -# (17) rmiregistry -# - -ifeq ($(RMIREGISTRY),) - RMIREGISTRY_PROG = $(JAVA_HOME)/bin/rmiregistry$(PROG_SUFFIX) - RMIREGISTRY_FLAGS = $(JDK_THREADING_MODEL_OPT) - RMIREGISTRY = $(RMIREGISTRY_PROG) $(RMIREGISTRY_FLAGS) -endif - -# -# (18) serialver -# - -ifeq ($(SERIALVER),) - SERIALVER_PROG = $(JAVA_HOME)/bin/serialver$(PROG_SUFFIX) - SERIALVER_FLAGS = $(JDK_THREADING_MODEL_OPT) - SERIALVER = $(SERIALVER_PROG) $(SERIALVER_FLAGS) -endif - -endif diff --git a/security/coreconf/jniregen.pl b/security/coreconf/jniregen.pl deleted file mode 100755 index 607eaf68b..000000000 --- a/security/coreconf/jniregen.pl +++ /dev/null @@ -1,92 +0,0 @@ -#!/usr/local/bin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# Input: -d dir foo1 foo2 . . . -# Compares generated "_jni/foo1.h" file with "foo1.class", and -# generated "_jni/foo2.h" file with "foo2.class", etc. -# (NOTE: unlike its closely related cousin, outofdate.pl, -# the "-d dir" must always be specified) -# -# Returns: list of headers which are OLDER than corresponding class -# files (non-existant class files are considered to be real old :-) - -$found = 1; - -if ($ARGV[0] eq '-d') -{ - $classdir = $ARGV[1]; - $classdir .= "/"; - shift; - shift; -} -else -{ - print STDERR "Usage: perl ", $0, " -d dir foo1 foo2 . . .\n"; - exit -1; -} - -foreach $filename (@ARGV) -{ - $headerfilename = "_jni/"; - $headerfilename .= $filename; - $headerfilename =~ s/\./_/g; - $headerfilename .= ".h"; - - $classfilename = $filename; - $classfilename =~ s|\.|/|g; - $classfilename .= ".class"; - - $classfilename = $classdir . $classfilename; - - - ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $headermtime, - $ctime, $blksize, $blocks ) = stat( $headerfilename ); - - ( $dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $classmtime, - $ctime, $blksize, $blocks ) = stat( $classfilename ); - - if( $headermtime < $classmtime ) - { - # NOTE: Since this is used by "javah", and "javah" refuses to overwrite - # an existing file, we force an unlink from this script, since - # we actually want to regenerate the header file at this time. - unlink $headerfilename; - print $filename, " "; - $found = 0; - } -} - -print "\n"; -exit 0; - diff --git a/security/coreconf/location.mk b/security/coreconf/location.mk deleted file mode 100644 index d235272ab..000000000 --- a/security/coreconf/location.mk +++ /dev/null @@ -1,58 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" macros to figure out binary code location # -####################################################################### - -# -# Figure out where the binary code lives. -# - -ifdef BUILD_TREE -BUILD = $(BUILD_TREE)/nss/$(LIBRARY_NAME) -OBJDIR = $(BUILD_TREE)/nss/$(LIBRARY_NAME) -DEPENDENCIES = $(BUILD_TREE)/nss/$(LIBRARY_NAME)/.md -else -BUILD = $(PLATFORM) -OBJDIR = $(PLATFORM) -DEPENDENCIES = $(PLATFORM)/.md -endif - -DIST = $(SOURCE_PREFIX)/$(PLATFORM) - -ifdef BUILD_DEBUG_GC - DEFINES += -DDEBUG_GC -endif - -GARBAGE += $(DEPENDENCIES) core $(wildcard core.[0-9]*) diff --git a/security/coreconf/makefile.win b/security/coreconf/makefile.win deleted file mode 100644 index c3abce76b..000000000 --- a/security/coreconf/makefile.win +++ /dev/null @@ -1,100 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# An NMAKE file to set up and adjust coreconf's build system for -# Client build. Client build should invoke NMAKE on this file -# instead of invoking gmake directly. -# - -NS_DEPTH = .. -include <$(NS_DEPTH)\config\config.mak> -#include <$(NS_DEPTH)\config\rules.mak> - -# -# Backslashes are escape characters to gmake, so flip all backslashes -# in $(MOZ_TOOLS) to forward slashes and pass that to gmake. -# - -GMAKE = $(MOZ_TOOLS)\bin\gmake.exe MOZ_TOOLS_FLIPPED=$(MOZ_TOOLS:\=/) - -GMAKE = $(GMAKE) PR_CLIENT_BUILD=1 PR_CLIENT_BUILD_WINDOWS=1 - -# -# The Client's debug build uses MSVC's debug runtime library (/MDd). -# - -!ifdef MOZ_DEBUG -GMAKE = $(GMAKE) USE_DEBUG_RTL=1 -!else -GMAKE = $(GMAKE) BUILD_OPT=1 -!endif - -!if "$(MOZ_BITS)" == "16" -GMAKE = $(GMAKE) OS_TARGET=WIN16 -!else - -GMAKE = $(GMAKE) OS_TARGET=WIN95 -!ifdef MOZ_DEBUG -PR_OBJDIR = WIN954.0_DBG.OBJD -!else -PR_OBJDIR = WIN954.0_OPT.OBJ -!endif - -!endif - -# -# The rules. Simply invoke gmake with the same target -# for Win16, use the watcom compiler with the MSVC headers and libs -# - -# this rule is needed so that nmake with no explicit target will only build -# all, and not build all the targets named below in succession! -default:: all - -# a rule like this one must only be used for explicitly named targets! -all depend export libs install clobber clobber_all clean:: -!if "$(MOZ_BITS)" == "16" - set PATH=%WATCPATH% - set INCLUDE=%MSVC_INC% - set LIB=%MSVC_LIB% -!endif - $(GMAKE) $@ -!if "$(MOZ_BITS)" == "16" - set PATH=%MSVCPATH% - set INCLUDE=%MSVC_INC% - set LIB=%MSVC_LIB% -!endif - -show: - @echo "MAKEFLAGS = $(MAKEFLAGS)" diff --git a/security/coreconf/module.mk b/security/coreconf/module.mk deleted file mode 100644 index 55f7f8691..000000000 --- a/security/coreconf/module.mk +++ /dev/null @@ -1,64 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# The master "Core Components" source and release component directory # -# names are ALWAYS identical and are the value of $(MODULE). # -# NOTE: A component is also called a module or a subsystem. # -####################################################################### - -# -# All "Core Components" -specific source-side tags must -# always be identified for compiling/linking purposes -# - -ifndef JAVA_SOURCE_COMPONENT - JAVA_SOURCE_COMPONENT = java -endif - -ifndef NETLIB_SOURCE_COMPONENT - NETLIB_SOURCE_COMPONENT = netlib -endif - -ifndef NSPR_SOURCE_COMPONENT - NSPR_SOURCE_COMPONENT = nspr20 -endif - -ifndef SECTOOLS_SOURCE_COMPONENT - SECTOOLS_SOURCE_COMPONENT = sectools -endif - -ifndef SECURITY_SOURCE_COMPONENT - SECURITY_SOURCE_COMPONENT = security -endif - diff --git a/security/coreconf/nsinstall/Makefile b/security/coreconf/nsinstall/Makefile deleted file mode 100644 index 80534139c..000000000 --- a/security/coreconf/nsinstall/Makefile +++ /dev/null @@ -1,68 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEPTH = ../.. -CORE_DEPTH = ../.. - -MODULE = coreconf - -CSRCS = nsinstall.c pathsub.c - -PLSRCS = nfspwd.pl - -PROGRAM = nsinstall - - -include $(DEPTH)/coreconf/config.mk - -ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH))) -PROGRAM = -else -TARGETS = $(PROGRAM) $(PLSRCS:.pl=) -endif - -ifdef NATIVE_CC -CC=$(NATIVE_CC) -endif - -ifdef NATIVE_FLAGS -OS_CFLAGS=$(NATIVE_FLAGS) -endif - -include $(DEPTH)/coreconf/rules.mk - -# Redefine MAKE_OBJDIR for just this directory -define MAKE_OBJDIR -if test ! -d $(@D); then rm -rf $(@D); mkdir $(@D); fi -endef - diff --git a/security/coreconf/nsinstall/nfspwd b/security/coreconf/nsinstall/nfspwd deleted file mode 100755 index 339abead3..000000000 --- a/security/coreconf/nsinstall/nfspwd +++ /dev/null @@ -1,46 +0,0 @@ -#! perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -require "fastcwd.pl"; - -$_ = &fastcwd; -if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) { - print("$_\n"); -} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o) - && readlink("/u/$user") eq "/usr/people/$user") { - print("/u/$user/$rest\n"); -} else { - chop($host = `hostname`); - print("/h/$host$_\n"); -} diff --git a/security/coreconf/nsinstall/nfspwd.pl b/security/coreconf/nsinstall/nfspwd.pl deleted file mode 100644 index 339abead3..000000000 --- a/security/coreconf/nsinstall/nfspwd.pl +++ /dev/null @@ -1,46 +0,0 @@ -#! perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -require "fastcwd.pl"; - -$_ = &fastcwd; -if (m@^/[uh]/@o || s@^/tmp_mnt/@/@o) { - print("$_\n"); -} elsif ((($user, $rest) = m@^/usr/people/(\w+)/(.*)@o) - && readlink("/u/$user") eq "/usr/people/$user") { - print("/u/$user/$rest\n"); -} else { - chop($host = `hostname`); - print("/h/$host$_\n"); -} diff --git a/security/coreconf/nsinstall/nsinstall.c b/security/coreconf/nsinstall/nsinstall.c deleted file mode 100644 index 698f11365..000000000 --- a/security/coreconf/nsinstall/nsinstall.c +++ /dev/null @@ -1,424 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** Netscape portable install command. -*/ -#include /* OSF/1 requires this before grp.h, so put it first */ -#include -#include -#include -#if defined(_WINDOWS) -#include -typedef unsigned int mode_t; -#else -#include -#include -#include -#include -#include -#include -#endif -#include -#include -#include "pathsub.h" - -#define HAVE_LCHOWN - -#if defined(AIX) || defined(BSDI) || defined(HPUX) || defined(LINUX) || defined(SUNOS4) || defined(SCO) || defined(UNIXWARE) || defined(VMS) -#undef HAVE_LCHOWN -#endif - -#ifdef LINUX -#include -#endif - -#if defined(SCO) || defined(UNIXWARE) || defined(SNI) || defined(NCR) || defined(NEC) -#if !defined(S_ISLNK) && defined(S_IFLNK) -#define S_ISLNK(a) (((a) & S_IFMT) == S_IFLNK) -#endif -#endif - -#if defined(SNI) -extern int fchmod(int fildes, mode_t mode); -#endif - - -#ifdef GETCWD_CANT_MALLOC -/* - * this should probably go into a utility library in case other applications - * need it. - */ -static char * -getcwd_do_malloc(char *path, int len) { - - if (!path) { - path = malloc(PATH_MAX +1); - if (!path) return NULL; - } - return getcwd(path, PATH_MAX); -} -#define GETCWD getcwd_do_malloc -#else -#define GETCWD getcwd -#endif - - -static void -usage(void) -{ - fprintf(stderr, - "usage: %s [-C cwd] [-L linkprefix] [-m mode] [-o owner] [-g group]\n" - " %*s [-DdltR] file [file ...] directory\n", - program, strlen(program), ""); - exit(2); -} - -/* this is more-or-less equivalent to mkdir -p */ -static int -mkdirs(char *path, mode_t mode) -{ - char * cp; - int rv; - struct stat sb; - - if (!path || !path[0]) - fail("Null pointer or empty string passed to mkdirs()"); - while (*path == '/' && path[1] == '/') - path++; - while ((cp = strrchr(path, '/')) && cp[1] == '\0') - *cp = '\0'; - if (cp && cp != path) { - *cp = '\0'; - if ((stat(path, &sb) < 0 || !S_ISDIR(sb.st_mode)) && - mkdirs(path, mode) < 0) { - return -1; - } - *cp = '/'; - } - rv = mkdir(path, mode); - if (rv) { - if (errno != EEXIST) - fail("mkdirs cannot make %s", path); - fprintf(stderr, "directory creation race: %s\n", path); - if (!stat(path, &sb) && S_ISDIR(sb.st_mode)) - rv = 0; - } - return rv; -} - -static uid_t -touid(char *owner) -{ - struct passwd *pw; - uid_t uid; - char *cp; - - if (!owner || !owner[0]) - fail("Null pointer or empty string passed to touid()"); - pw = getpwnam(owner); - if (pw) - return pw->pw_uid; - uid = strtol(owner, &cp, 0); - if (uid == 0 && cp == owner) - fail("cannot find uid for %s", owner); - return uid; -} - -static gid_t -togid(char *group) -{ - struct group *gr; - gid_t gid; - char *cp; - - if (!group || !group[0]) - fail("Null pointer or empty string passed to togid()"); - gr = getgrnam(group); - if (gr) - return gr->gr_gid; - gid = strtol(group, &cp, 0); - if (gid == 0 && cp == group) - fail("cannot find gid for %s", group); - return gid; -} - -void * const uninit = (void *)0xdeadbeef; - -int -main(int argc, char **argv) -{ - char * base = uninit; - char * bp = uninit; - char * cp = uninit; - char * cwd = 0; - char * group = 0; - char * linkname = 0; - char * linkprefix = 0; - char * name = uninit; - char * owner = 0; - char * todir = uninit; - char * toname = uninit; - - int bnlen = -1; - int cc = 0; - int dodir = 0; - int dolink = 0; - int dorelsymlink = 0; - int dotimes = 0; - int exists = 0; - int fromfd = -1; - int len = -1; - int lplen = 0; - int onlydir = 0; - int opt = -1; - int tdlen = -1; - int tofd = -1; - int wc = -1; - - mode_t mode = 0755; - - uid_t uid = -1; - gid_t gid = -1; - - struct stat sb; - struct stat tosb; - struct utimbuf utb; - char buf[BUFSIZ]; - - program = strrchr(argv[0], '/'); - if (!program) - program = strrchr(argv[0], '\\'); - program = program ? program+1 : argv[0]; - - - while ((opt = getopt(argc, argv, "C:DdlL:Rm:o:g:t")) != EOF) { - switch (opt) { - case 'C': cwd = optarg; break; - case 'D': onlydir = 1; break; - case 'd': dodir = 1; break; - case 'l': dolink = 1; break; - case 'L': - linkprefix = optarg; - lplen = strlen(linkprefix); - dolink = 1; - break; - case 'R': dolink = dorelsymlink = 1; break; - case 'm': - mode = strtoul(optarg, &cp, 8); - if (mode == 0 && cp == optarg) - usage(); - break; - case 'o': owner = optarg; break; - case 'g': group = optarg; break; - case 't': dotimes = 1; break; - default: usage(); - } - } - - argc -= optind; - argv += optind; - if (argc < 2 - onlydir) - usage(); - - todir = argv[argc-1]; - if ((stat(todir, &sb) < 0 || !S_ISDIR(sb.st_mode)) && - mkdirs(todir, 0777) < 0) { - fail("cannot mkdir -p %s", todir); - } - if (onlydir) - return 0; - - if (!cwd) { - cwd = GETCWD(0, PATH_MAX); - if (!cwd) - fail("could not get CWD"); - } - - /* make sure we can get into todir. */ - xchdir(todir); - todir = GETCWD(0, PATH_MAX); - if (!todir) - fail("could not get CWD in todir"); - tdlen = strlen(todir); - - /* back to original directory. */ - xchdir(cwd); - - uid = owner ? touid(owner) : -1; - gid = group ? togid(group) : -1; - - while (--argc > 0) { - name = *argv++; - len = strlen(name); - base = xbasename(name); - bnlen = strlen(base); - toname = (char*)xmalloc(tdlen + 1 + bnlen + 1); - sprintf(toname, "%s/%s", todir, base); -retry: - exists = (lstat(toname, &tosb) == 0); - - if (dodir) { - /* -d means create a directory, always */ - if (exists && !S_ISDIR(tosb.st_mode)) { - int rv = unlink(toname); - if (rv) - fail("cannot unlink %s", toname); - exists = 0; - } - if (!exists && mkdir(toname, mode) < 0) { - /* we probably have two nsinstall programs in a race here. */ - if (errno == EEXIST && !stat(toname, &sb) && - S_ISDIR(sb.st_mode)) { - fprintf(stderr, "directory creation race: %s\n", toname); - goto retry; - } - fail("cannot make directory %s", toname); - } - if ((owner || group) && chown(toname, uid, gid) < 0) - fail("cannot change owner of %s", toname); - } else if (dolink) { - if (*name == '/') { - /* source is absolute pathname, link to it directly */ - linkname = 0; - } else { - if (linkprefix) { - /* -L implies -l and prefixes names with a $cwd arg. */ - len += lplen + 1; - linkname = (char*)xmalloc(len + 1); - sprintf(linkname, "%s/%s", linkprefix, name); - } else if (dorelsymlink) { - /* Symlink the relative path from todir to source name. */ - linkname = (char*)xmalloc(PATH_MAX); - - if (*todir == '/') { - /* todir is absolute: skip over common prefix. */ - lplen = relatepaths(todir, cwd, linkname); - strcpy(linkname + lplen, name); - } else { - /* todir is named by a relative path: reverse it. */ - reversepath(todir, name, len, linkname); - xchdir(cwd); - } - - len = strlen(linkname); - } - name = linkname; - } - - /* Check for a pre-existing symlink with identical content. */ - if (exists && - (!S_ISLNK(tosb.st_mode) || - readlink(toname, buf, sizeof buf) != len || - strncmp(buf, name, len) != 0)) { - int rmrv; - rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname); - if (rmrv < 0) { - fail("destination exists, cannot remove %s", toname); - } - exists = 0; - } - if (!exists && symlink(name, toname) < 0) { - if (errno == EEXIST) { - fprintf(stderr, "symlink creation race: %s\n", toname); - goto retry; - } - diagnosePath(toname); - fail("cannot make symbolic link %s", toname); - } -#ifdef HAVE_LCHOWN - if ((owner || group) && lchown(toname, uid, gid) < 0) - fail("cannot change owner of %s", toname); -#endif - - if (linkname) { - free(linkname); - linkname = 0; - } - } else { - /* Copy from name to toname, which might be the same file. */ - fromfd = open(name, O_RDONLY); - if (fromfd < 0 || fstat(fromfd, &sb) < 0) - fail("cannot access %s", name); - if (exists && - (!S_ISREG(tosb.st_mode) || access(toname, W_OK) < 0)) { - int rmrv; - rmrv = (S_ISDIR(tosb.st_mode) ? rmdir : unlink)(toname); - if (rmrv < 0) { - fail("destination exists, cannot remove %s", toname); - } - } - tofd = open(toname, O_CREAT | O_WRONLY, 0666); - if (tofd < 0) - fail("cannot create %s", toname); - - bp = buf; - while ((cc = read(fromfd, bp, sizeof buf)) > 0) { - while ((wc = write(tofd, bp, cc)) > 0) { - if ((cc -= wc) == 0) - break; - bp += wc; - } - if (wc < 0) - fail("cannot write to %s", toname); - } - if (cc < 0) - fail("cannot read from %s", name); - - if (ftruncate(tofd, sb.st_size) < 0) - fail("cannot truncate %s", toname); - if (dotimes) { - utb.actime = sb.st_atime; - utb.modtime = sb.st_mtime; - if (utime(toname, &utb) < 0) - fail("cannot set times of %s", toname); - } - if (fchmod(tofd, mode) < 0) - fail("cannot change mode of %s", toname); - if ((owner || group) && fchown(tofd, uid, gid) < 0) - fail("cannot change owner of %s", toname); - - /* Must check for delayed (NFS) write errors on close. */ - if (close(tofd) < 0) - fail("close reports write error on %s", toname); - close(fromfd); - } - - free(toname); - } - - free(cwd); - free(todir); - return 0; -} - diff --git a/security/coreconf/nsinstall/pathsub.c b/security/coreconf/nsinstall/pathsub.c deleted file mode 100644 index ee1e981cf..000000000 --- a/security/coreconf/nsinstall/pathsub.c +++ /dev/null @@ -1,302 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** Pathname subroutines. -*/ -#include -#if defined(FREEBSD) || defined(BSDI) -#include -#endif /* FREEBSD */ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "pathsub.h" -#ifdef USE_REENTRANT_LIBC -#include "libc_r.h" -#endif /* USE_REENTRANT_LIBC */ - -char *program; - -void -fail(char *format, ...) -{ - int error; - va_list ap; - -#ifdef USE_REENTRANT_LIBC - R_STRERROR_INIT_R(); -#endif - - error = errno; - fprintf(stderr, "%s: ", program); - va_start(ap, format); - vfprintf(stderr, format, ap); - va_end(ap); - if (error) - -#ifdef USE_REENTRANT_LIBC - R_STRERROR_R(errno); - fprintf(stderr, ": %s", r_strerror_r); -#else - fprintf(stderr, ": %s", strerror(errno)); -#endif - - putc('\n', stderr); - abort(); - exit(1); -} - -char * -getcomponent(char *path, char *name) -{ - if (*path == '\0') - return 0; - if (*path == '/') { - *name++ = '/'; - } else { - do { - *name++ = *path++; - } while (*path != '/' && *path != '\0'); - } - *name = '\0'; - while (*path == '/') - path++; - return path; -} - -#ifdef UNIXWARE -/* The static buffer in Unixware's readdir is too small. */ -struct dirent * readdir(DIR *d) -{ - static struct dirent *buf = NULL; -#define MAX_PATH_LEN 1024 - - if (buf == NULL) - buf = (struct dirent *)xmalloc(sizeof(struct dirent) + MAX_PATH_LEN) ; - return readdir_r(d, buf); -} -#endif - -/* APPARENT BUG - ignores argument "dir", uses ".." instead. */ -char * -ino2name(ino_t ino, char *dir) -{ - DIR *dp; - struct dirent *ep; - char *name; - - dp = opendir(".."); /* XXX */ - if (!dp) - fail("cannot read parent directory"); - for (;;) { - if (!(ep = readdir(dp))) - fail("cannot find current directory"); - if (ep->d_ino == ino) - break; - } - name = xstrdup(ep->d_name); - closedir(dp); - return name; -} - -void * -xmalloc(size_t size) -{ - void *p; - - if (size <= 0) - fail("attempted to allocate %u bytes", size); - p = malloc(size); - if (!p) - fail("cannot allocate %u bytes", size); - return p; -} - -char * -xstrdup(char *s) -{ - if (!s || !s[0]) - fail("Null pointer or empty string passed to xstrdup()"); - return strcpy((char*)xmalloc(strlen(s) + 1), s); -} - -char * -xbasename(char *path) -{ - char *cp; - - if (!path || !path[0]) - fail("Null pointer or empty string passed to xbasename()"); - while ((cp = strrchr(path, '/')) && cp[1] == '\0') - *cp = '\0'; - if (!cp) return path; - return cp + 1; -} - -void -xchdir(char *dir) -{ - if (!dir || !dir[0]) - fail("Null pointer or empty string passed to xchdir()"); - if (chdir(dir) < 0) - fail("cannot change directory to %s", dir); -} - -int -relatepaths(char *from, char *to, char *outpath) -{ - char *cp, *cp2; - int len; - char buf[NAME_MAX]; - - assert(*from == '/' && *to == '/'); - if (!from || *from != '/') - fail("relatepaths: from path does not start with /"); - if (!to || *to != '/') - fail("relatepaths: to path does not start with /"); - - for (cp = to, cp2 = from; *cp == *cp2; cp++, cp2++) - if (*cp == '\0') - break; - while (cp[-1] != '/') - cp--, cp2--; - if (cp - 1 == to) { - /* closest common ancestor is /, so use full pathname */ - len = strlen(strcpy(outpath, to)); - if (outpath[len] != '/') { - outpath[len++] = '/'; - outpath[len] = '\0'; - } - } else { - len = 0; - while ((cp2 = getcomponent(cp2, buf)) != 0) { - strcpy(outpath + len, "../"); - len += 3; - } - while ((cp = getcomponent(cp, buf)) != 0) { - sprintf(outpath + len, "%s/", buf); - len += strlen(outpath + len); - } - } - return len; -} - -void -reversepath(char *inpath, char *name, int len, char *outpath) -{ - char *cp, *cp2; - char buf[NAME_MAX]; - struct stat sb; - - cp = strcpy(outpath + PATH_MAX - (len + 1), name); - cp2 = inpath; - while ((cp2 = getcomponent(cp2, buf)) != 0) { - if (strcmp(buf, ".") == 0) - continue; - if (strcmp(buf, "..") == 0) { - if (stat(".", &sb) < 0) - fail("cannot stat current directory"); - name = ino2name(sb.st_ino, ".."); - len = strlen(name); - cp -= len + 1; - strcpy(cp, name); - cp[len] = '/'; - free(name); - xchdir(".."); - } else { - cp -= 3; - strncpy(cp, "../", 3); - xchdir(buf); - } - } - strcpy(outpath, cp); -} - -void -diagnosePath(const char * path) -{ - char * myPath; - char * slash; - int rv; - struct stat sb; - char buf[BUFSIZ]; - - if (!path || !path[0]) - fail("Null pointer or empty string passed to mkdirs()"); - myPath = strdup(path); - if (!myPath) - fail("strdup() failed!"); - do { - rv = lstat(myPath, &sb); - if (rv < 0) { - perror(myPath); - } else if (S_ISLNK(sb.st_mode)) { - rv = readlink(myPath, buf, sizeof buf); - if (rv < 0) { - perror("readlink"); - buf[0] = 0; - } else { - buf[rv] = 0; - } - fprintf(stderr, "%s is a link to %s\n", myPath, buf); - } else if (S_ISDIR(sb.st_mode)) { - fprintf(stderr, "%s is a directory\n", myPath); - rv = access(myPath, X_OK); - if (rv < 0) { - fprintf(stderr, "%s: no search permission\n", myPath); - } - } else { - fprintf(stderr, "%s is a file !?!\n", myPath); - rv = access(myPath, F_OK); - if (rv < 0) { - fprintf(stderr, "%s does not exist\n", myPath); - } - } - - /* chop path off one level. */ - slash = strrchr(myPath, '/'); - if (!slash) - slash = strrchr(myPath, '\\'); - if (!slash) - slash = myPath; - *slash = 0; - } while (myPath[0]); - free(myPath); -} diff --git a/security/coreconf/nsinstall/pathsub.h b/security/coreconf/nsinstall/pathsub.h deleted file mode 100644 index 718c2206f..000000000 --- a/security/coreconf/nsinstall/pathsub.h +++ /dev/null @@ -1,77 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef pathsub_h___ -#define pathsub_h___ -/* -** Pathname subroutines. -** -** Brendan Eich, 8/29/95 -*/ -#include -#include - -#if SUNOS4 -#include "sunos4.h" -#endif - -#ifndef PATH_MAX -#define PATH_MAX 1024 -#endif - -/* - * Just keep sane lengths - */ -#undef NAME_MAX -#define NAME_MAX 256 - -extern char *program; - -extern void fail(char *format, ...); -extern char *getcomponent(char *path, char *name); -extern char *ino2name(ino_t ino, char *dir); -extern void *xmalloc(size_t size); -extern char *xstrdup(char *s); -extern char *xbasename(char *path); -extern void xchdir(char *dir); - -/* Relate absolute pathnames from and to returning the result in outpath. */ -extern int relatepaths(char *from, char *to, char *outpath); - -/* NOTE: changes current working directory -- caveat emptor */ -extern void reversepath(char *inpath, char *name, int len, char *outpath); - -/* stats every directory in path, reports results. */ -extern void diagnosePath(const char * path); - -#endif /* pathsub_h___ */ diff --git a/security/coreconf/nsinstall/sunos4.h b/security/coreconf/nsinstall/sunos4.h deleted file mode 100644 index 9bdae872c..000000000 --- a/security/coreconf/nsinstall/sunos4.h +++ /dev/null @@ -1,163 +0,0 @@ -/* -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. - */ - -#ifndef pr_sunos4_h___ -#define pr_sunos4_h___ - -#ifndef SVR4 - -/* -** Hodge podge of random missing prototypes for the Sunos4 system -*/ -#include -#include -#include -#include -#include - -#define PATH_MAX _POSIX_PATH_MAX - -struct timeval; -struct timezone; -struct itimerval; -struct sockaddr; -struct stat; -struct tm; - -/* ctype.h */ -extern int tolower(int); -extern int toupper(int); - -/* errno.h */ -extern char *sys_errlist[]; -extern int sys_nerr; - -#define strerror(e) sys_errlist[((unsigned)(e) < sys_nerr) ? e : 0] - -extern void perror(const char *); - -/* getopt */ -extern char *optarg; -extern int optind; -extern int getopt(int argc, char **argv, char *spec); - -/* math.h */ -extern int srandom(long val); -extern long random(void); - -/* memory.h */ -#define memmove(to,from,len) bcopy((char*)(from),(char*)(to),len) - -extern void bcopy(const char *, char *, int); - -/* signal.h */ -/* -** SunOS4 sigaction hides interrupts by default, so we can safely define -** SA_RESTART to 0 (HP-UX is a counter-example -- its sigaction does not -** hide interrupts but lacks an SA_RESTART option; you must use sigvector -** and tweak the sigcontext from within each signal handler!). -*/ -#define SA_RESTART 0 -#define SA_SIGINFO 0 - -/* stdio.h */ -extern int printf(const char *, ...); -extern int fprintf(FILE *, const char *, ...); -extern int vprintf(const char *, va_list); -extern int vfprintf(FILE *, const char *, va_list); -extern char *vsprintf(char *, const char *, va_list); -extern int scanf(const char *, ...); -extern int sscanf(const char *, const char *, ...); -extern int fscanf(FILE *, const char *, ...); -extern int fgetc(FILE *); -extern int fputc(int, FILE *); -extern int fputs(const char *, FILE *); -extern int puts(const char *); -extern int fread(void *, size_t, size_t, FILE *); -extern int fwrite(const char *, int, int, FILE *); -extern int fseek(FILE *, long, int); -extern long ftell(FILE *); -extern int rewind(FILE *); -extern int fflush(FILE *); -extern int _flsbuf(unsigned char, FILE *); -extern int fclose(FILE *); -extern int remove(const char *); -extern int setvbuf(FILE *, char *, int, size_t); -extern int system(const char *); -extern FILE *popen(const char *, const char *); -extern int pclose(FILE *); - -/* stdlib.h */ -#define strtoul strtol - -extern int isatty(int fildes); -extern long strtol(const char *, char **, int); -extern int putenv(const char *); -extern void srand48(long); -extern long lrand48(void); -extern double drand48(void); - -/* string.h */ -extern int strcasecmp(const char *, const char *); -extern int strncasecmp(const char *, const char *, size_t); -extern int strcoll(const char *, const char *); - -/* time.h */ -extern time_t mktime(struct tm *); -extern size_t strftime(char *, size_t, const char *, const struct tm *); -extern int gettimeofday(struct timeval *, struct timezone *); -extern int setitimer(int, struct itimerval *, struct itimerval *); -extern time_t time(time_t *); -extern time_t timegm(struct tm *); -extern struct tm *localtime(const time_t *); -extern struct tm *gmtime(const time_t *); - -/* unistd.h */ -extern int rename(const char *, const char *); -extern int ioctl(int, int, int *arg); -extern int connect(int, struct sockaddr *, int); -extern int readlink(const char *, char *, int); -extern int symlink(const char *, const char *); -extern int ftruncate(int, off_t); -extern int fchmod(int, mode_t); -extern int fchown(int, uid_t, gid_t); -extern int lstat(const char *, struct stat *); -extern int fstat(int, struct stat *); -extern int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -extern int gethostname(char *, int); -extern char *getwd(char *); -extern int getpagesize(void); - -#endif /* SVR4 */ - -#endif /* pr_sunos4_h___ */ diff --git a/security/coreconf/outofdate.pl b/security/coreconf/outofdate.pl deleted file mode 100755 index 1044639e8..000000000 --- a/security/coreconf/outofdate.pl +++ /dev/null @@ -1,67 +0,0 @@ -#!/usr/local/bin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -#Input: [-d dir] foo1.java foo2.java -#Compares with: foo1.class foo2.class (if -d specified, checks in 'dir', -# otherwise assumes .class files in same directory as .java files) -#Returns: list of input arguments which are newer than corresponding class -#files (non-existant class files are considered to be real old :-) - -$found = 1; - -if ($ARGV[0] eq '-d') { - $classdir = $ARGV[1]; - $classdir .= "/"; - shift; - shift; -} else { - $classdir = "./"; -} - -foreach $filename (@ARGV) { - $classfilename = $classdir; - $classfilename .= $filename; - $classfilename =~ s/.java$/.class/; - ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime, - $ctime,$blksize,$blocks) = stat($filename); - ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$classmtime, - $ctime,$blksize,$blocks) = stat($classfilename); -# print $filename, " ", $mtime, ", ", $classfilename, " ", $classmtime, "\n"; - if ($mtime > $classmtime) { - print $filename, " "; - $found = 0; - } -} - -print "\n"; diff --git a/security/coreconf/platform.mk b/security/coreconf/platform.mk deleted file mode 100644 index a4826d315..000000000 --- a/security/coreconf/platform.mk +++ /dev/null @@ -1,38 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" tag # -####################################################################### - -PLATFORM = $(OBJDIR_NAME) diff --git a/security/coreconf/prefix.mk b/security/coreconf/prefix.mk deleted file mode 100644 index fd34edbd7..000000000 --- a/security/coreconf/prefix.mk +++ /dev/null @@ -1,79 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" for computing program prefixes # -####################################################################### - -# -# Object prefixes -# - -ifndef OBJ_PREFIX - OBJ_PREFIX = -endif - -# -# Library suffixes -# - -ifndef LIB_PREFIX - ifeq ($(OS_ARCH), WINNT) - LIB_PREFIX = - else - LIB_PREFIX = lib - endif -endif - - -ifndef DLL_PREFIX - ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH))) - DLL_PREFIX = - else - DLL_PREFIX = lib - endif -endif - - -ifndef IMPORT_LIB_PREFIX - IMPORT_LIB_PREFIX = -endif - -# -# Program prefixes -# - -ifndef PROG_PREFIX - PROG_PREFIX = -endif - diff --git a/security/coreconf/release.pl b/security/coreconf/release.pl deleted file mode 100755 index 0a16727e1..000000000 --- a/security/coreconf/release.pl +++ /dev/null @@ -1,136 +0,0 @@ -#! /usr/local/bin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - - -require('coreconf.pl'); - -#######-- read in variables on command line into %var - -$var{ZIP} = "zip"; - -&parse_argv; - - -######-- Do the packaging of jars. - -foreach $jarfile (split(/ /,$var{FILES}) ) { - print STDERR "---------------------------------------------\n"; - print STDERR "Packaging jar file $jarfile....\n"; - - $jarinfo = $var{$jarfile}; - - ($jardir,$jaropts) = split(/\|/,$jarinfo); - - $zipoptions = "-T"; - if ($jaropts =~ /a/) { - if ($var{OS_ARCH} eq 'WINNT') { - $zipoptions .= ' -ll'; - } - } - -# don't compress jar files containing classes since some java -# implementations do not implement decompression correctly - if ( ($jarfile eq 'xpclass.jar') || ($jarfile eq 'xpclass_dbg.jar') ) { - $zipoptions .= ' -0'; - } - - -# just in case the directory ends in a /, remove it - if ($jardir =~ /\/$/) { - chop $jardir; - } - - $dirdepth --; - - print STDERR "jardir = $jardir\n"; - system("ls $jardir"); - - if (-d $jardir) { - - -# count the number of slashes - - $slashes =0; - - foreach $i (split(//,$jardir)) { - if ($i =~ /\//) { - $slashes++; - } - } - - $dotdots =0; - - foreach $i (split(m|/|,$jardir)) { - if ($i eq '..') { - $dotdots ++; - } - } - - $dirdepth = ($slashes +1) - (2*$dotdots); - - print STDERR "changing dir $jardir\n"; - chdir($jardir); - print STDERR "making dir META-INF\n"; - mkdir("META-INF",0755); - - $filelist = ""; - opendir(DIR,"."); - while ($_ = readdir(DIR)) { - if (! ( ($_ eq '.') || ($_ eq '..'))) { - if ( $jaropts =~ /i/) { - if (! /^include$/) { - $filelist .= "$_ "; - } - } - else { - $filelist .= "$_ "; - } - } - } - closedir(DIR); - - print STDERR "zip $zipoptions -r $jarfile $filelist\n"; - system("zip $zipoptions -r $jarfile $filelist"); - rmdir("META-INF"); - for $i (1 .. $dirdepth) { - chdir(".."); - print STDERR "chdir ..\n"; - } - } - else { - print STDERR "Directory $jardir doesn't exist\n"; - } - -} - diff --git a/security/coreconf/rules.mk b/security/coreconf/rules.mk deleted file mode 100644 index db1838622..000000000 --- a/security/coreconf/rules.mk +++ /dev/null @@ -1,937 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -### ### -### R U L E S O F E N G A G E M E N T ### -### ### -####################################################################### - -####################################################################### -# Double-Colon rules for utilizing the binary release model. # -####################################################################### - -all:: export libs - -ifeq ($(AUTOCLEAN),1) -autobuild:: clean export private_export libs program install -else -autobuild:: export private_export libs program install -endif - -platform:: - @echo $(OBJDIR_NAME) - -ifeq ($(OS_ARCH), WINNT) -USE_NT_C_SYNTAX=1 -endif - -ifdef XP_OS2_VACPP -USE_NT_C_SYNTAX=1 -endif - -# -# IMPORTS will always be associated with a component. Therefore, -# the "import" rule will always change directory to the top-level -# of a component, and traverse the IMPORTS keyword from the -# "manifest.mn" file located at this level only. -# -# note: if there is a trailing slash, the component will be appended -# (see import.pl - only used for xpheader.jar) - -import:: - @echo "== import.pl ==" - @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/import.pl \ - "RELEASE_TREE=$(RELEASE_TREE)" \ - "IMPORTS=$(IMPORTS)" \ - "VERSION=$(VERSION)" \ - "OS_ARCH=$(OS_ARCH)" \ - "PLATFORM=$(PLATFORM)" \ - "OVERRIDE_IMPORT_CHECK=$(OVERRIDE_IMPORT_CHECK)" \ - "ALLOW_VERSION_OVERRIDE=$(ALLOW_VERSION_OVERRIDE)" \ - "SOURCE_RELEASE_PREFIX=$(SOURCE_RELEASE_XP_DIR)" \ - "SOURCE_MD_DIR=$(SOURCE_MD_DIR)" \ - "SOURCE_XP_DIR=$(SOURCE_XP_DIR)" \ - "FILES=$(IMPORT_XPCLASS_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR)" \ - "$(IMPORT_XPCLASS_JAR)=$(IMPORT_XP_DIR)|$(IMPORT_XPCLASS_DIR)|" \ - "$(XPHEADER_JAR)=$(IMPORT_XP_DIR)|$(SOURCE_XP_DIR)/public/|v" \ - "$(MDHEADER_JAR)=$(IMPORT_MD_DIR)|$(SOURCE_MD_DIR)/include|" \ - "$(MDBINARY_JAR)=$(IMPORT_MD_DIR)|$(SOURCE_MD_DIR)|" - -export:: - +$(LOOP_OVER_DIRS) - -private_export:: - +$(LOOP_OVER_DIRS) - -release_export:: - +$(LOOP_OVER_DIRS) - -release_classes:: - +$(LOOP_OVER_DIRS) - -libs program install:: $(TARGETS) -ifdef LIBRARY - $(INSTALL) -m 664 $(LIBRARY) $(SOURCE_LIB_DIR) -endif -ifdef SHARED_LIBRARY - $(INSTALL) -m 775 $(SHARED_LIBRARY) $(SOURCE_LIB_DIR) -ifeq ($(OS_ARCH),OpenVMS) - $(INSTALL) -m 775 $(SHARED_LIBRARY:$(DLL_SUFFIX)=vms) $(SOURCE_LIB_DIR) -endif -endif -ifdef IMPORT_LIBRARY - $(INSTALL) -m 775 $(IMPORT_LIBRARY) $(SOURCE_LIB_DIR) -endif -ifdef PROGRAM - $(INSTALL) -m 775 $(PROGRAM) $(SOURCE_BIN_DIR) -endif -ifdef PROGRAMS - $(INSTALL) -m 775 $(PROGRAMS) $(SOURCE_BIN_DIR) -endif - +$(LOOP_OVER_DIRS) - -tests:: - +$(LOOP_OVER_DIRS) - -clean clobber:: - rm -rf $(ALL_TRASH) - +$(LOOP_OVER_DIRS) - -realclean clobber_all:: - rm -rf $(wildcard *.OBJ) dist $(ALL_TRASH) - +$(LOOP_OVER_DIRS) - -#ifdef ALL_PLATFORMS -#all_platforms:: $(NFSPWD) -# @d=`$(NFSPWD)`; \ -# if test ! -d LOGS; then rm -rf LOGS; mkdir LOGS; fi; \ -# for h in $(PLATFORM_HOSTS); do \ -# echo "On $$h: $(MAKE) $(ALL_PLATFORMS) >& LOGS/$$h.log";\ -# rsh $$h -n "(chdir $$d; \ -# $(MAKE) $(ALL_PLATFORMS) >& LOGS/$$h.log; \ -# echo DONE) &" 2>&1 > LOGS/$$h.pid & \ -# sleep 1; \ -# done -# -#$(NFSPWD): -# cd $(@D); $(MAKE) $(@F) -#endif - -####################################################################### -# Double-Colon rules for populating the binary release model. # -####################################################################### - - -release_clean:: - rm -rf $(SOURCE_XP_DIR)/release/$(RELEASE_MD_DIR) - -release:: release_clean release_export release_classes release_policy release_md release_jars release_cpdistdir - -release_cpdistdir:: - @echo "== cpdist.pl ==" - @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/cpdist.pl \ - "RELEASE_TREE=$(RELEASE_TREE)" \ - "CORE_DEPTH=$(CORE_DEPTH)" \ - "MODULE=${MODULE}" \ - "OS_ARCH=$(OS_ARCH)" \ - "RELEASE=$(RELEASE)" \ - "PLATFORM=$(PLATFORM)" \ - "RELEASE_VERSION=$(RELEASE_VERSION)" \ - "SOURCE_RELEASE_PREFIX=$(SOURCE_RELEASE_XP_DIR)" \ - "RELEASE_XP_DIR=$(RELEASE_XP_DIR)" \ - "RELEASE_MD_DIR=$(RELEASE_MD_DIR)" \ - "FILES=$(XPCLASS_JAR) $(XPCLASS_DBG_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR) XP_FILES MD_FILES" \ - "$(XPCLASS_JAR)=$(SOURCE_RELEASE_CLASSES_DIR)|x"\ - "$(XPCLASS_DBG_JAR)=$(SOURCE_RELEASE_CLASSES_DBG_DIR)|x"\ - "$(XPHEADER_JAR)=$(SOURCE_RELEASE_XPHEADERS_DIR)|x" \ - "$(MDHEADER_JAR)=$(SOURCE_RELEASE_MDHEADERS_DIR)|m" \ - "$(MDBINARY_JAR)=$(SOURCE_RELEASE_MD_DIR)|m" \ - "XP_FILES=$(XP_FILES)|xf" \ - "MD_FILES=$(MD_FILES)|mf" - - -# $(SOURCE_RELEASE_xxx_JAR) is a name like yyy.jar -# $(SOURCE_RELEASE_xx_DIR) is a name like - -release_jars:: - @echo "== release.pl ==" - @perl -I$(CORE_DEPTH)/coreconf $(CORE_DEPTH)/coreconf/release.pl \ - "RELEASE_TREE=$(RELEASE_TREE)" \ - "PLATFORM=$(PLATFORM)" \ - "OS_ARCH=$(OS_ARCH)" \ - "RELEASE_VERSION=$(RELEASE_VERSION)" \ - "SOURCE_RELEASE_DIR=$(SOURCE_RELEASE_DIR)" \ - "FILES=$(XPCLASS_JAR) $(XPCLASS_DBG_JAR) $(XPHEADER_JAR) $(MDHEADER_JAR) $(MDBINARY_JAR)" \ - "$(XPCLASS_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DIR)|b"\ - "$(XPCLASS_DBG_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DBG_DIR)|b"\ - "$(XPHEADER_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_XPHEADERS_DIR)|a" \ - "$(MDHEADER_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_MDHEADERS_DIR)|a" \ - "$(MDBINARY_JAR)=$(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_MD_DIR)|bi" - -# Rules for releasing classes. -# We have to do some REALLY gross stuff to deal with multiple classes in one -# file, as well as nested classes, which have a filename of the form -# ContainingClass$NestedClass.class. -# RELEASE_CLASSES simply performs a required patsubst on CLASSES -# RELEASE_CLASS_PATH is RELEASE_CLASSES with the path (in ns/dist) prepended -# RELEASE_NESTED is all the nested classes in RELEASE_CLASS_PATH. We use a -# foreach and wildcard to get all the files that start out like one of the -# class files, then have a $. So, for each class file, we look for file$* -# RELEASE_FILES is the combination of RELEASE_NESTED and the class files -# specified by RELEASE_CLASSES which have .class appended to them. Note that -# the RELEASE_NESTED don't need to have .class appended because they were -# read in from the wildcard as complete filenames. -# -# The _DBG versions are the debuggable ones. -ifneq ($(CLASSES),) - -RELEASE_CLASSES := $(patsubst %,%,$(CLASSES)) - -ifdef BUILD_OPT - RELEASE_CLASS_PATH := $(patsubst %,$(SOURCE_CLASSES_DIR)/$(PACKAGE)/%, $(RELEASE_CLASSES)) - RELEASE_NESTED := $(foreach file,$(RELEASE_CLASS_PATH),$(wildcard $(file)$$*)) - RELEASE_FILES := $(patsubst %,%.class,$(RELEASE_CLASS_PATH)) $(RELEASE_NESTED) -else - RELEASE_DBG_CLASS_PATH:= $(patsubst %,$(SOURCE_CLASSES_DBG_DIR)/$(PACKAGE)/%, $(RELEASE_CLASSES)) - RELEASE_DBG_NESTED := $(foreach file,$(RELEASE_DBG_CLASS_PATH),$(wildcard $(file)$$*)) - RELEASE_DBG_FILES := $(patsubst %,%.class,$(RELEASE_DBG_CLASS_PATH)) $(RELEASE_DBG_NESTED) -endif - -# Substitute \$ for $ so the shell doesn't choke -ifdef BUILD_OPT -release_classes:: - $(INSTALL) -m 444 $(subst $$,\$$,$(RELEASE_FILES)) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DIR)/$(PACKAGE) -else -release_classes:: - $(INSTALL) -m 444 $(subst $$,\$$,$(RELEASE_DBG_FILES)) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_CLASSES_DBG_DIR)/$(PACKAGE) -endif - -endif - -release_policy:: - +$(LOOP_OVER_DIRS) - -release_md:: -ifdef LIBRARY - $(INSTALL) -m 444 $(LIBRARY) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR) -endif -ifdef SHARED_LIBRARY - $(INSTALL) -m 555 $(SHARED_LIBRARY) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR) -endif -ifdef IMPORT_LIBRARY - $(INSTALL) -m 555 $(IMPORT_LIBRARY) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_LIB_DIR) -endif -ifdef PROGRAM - $(INSTALL) -m 555 $(PROGRAM) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_BIN_DIR) -endif -ifdef PROGRAMS - $(INSTALL) -m 555 $(PROGRAMS) $(SOURCE_RELEASE_PREFIX)/$(SOURCE_RELEASE_BIN_DIR) -endif - +$(LOOP_OVER_DIRS) - - -alltags: - rm -f TAGS - find . -name dist -prune -o \( -name '*.[hc]' -o -name '*.cp' -o -name '*.cpp' \) -print | xargs etags -a - find . -name dist -prune -o \( -name '*.[hc]' -o -name '*.cp' -o -name '*.cpp' \) -print | xargs ctags -a - -ifdef XP_OS2_VACPP -# list of libs (such as -lnspr4) do not work for our compiler -# change it to be $(DIST)/lib/nspr4.lib -EXTRA_SHARED_LIBS := $(filter-out -L%,$(EXTRA_SHARED_LIBS)) -EXTRA_SHARED_LIBS := $(patsubst -l%,$(DIST)/lib/%.$(LIB_SUFFIX),$(EXTRA_SHARED_LIBS)) -endif - -$(PROGRAM): $(BUILT_SRCS) $(OBJS) $(EXTRA_LIBS) - @$(MAKE_OBJDIR) -ifeq ($(OS_ARCH),WINNT) - $(MKPROG) $(subst /,\\,$(OBJS)) -Fe$@ -link $(LDFLAGS) $(subst /,\\,$(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS)) -else -ifdef XP_OS2_VACPP - $(MKPROG) -Fe$@ $(CFLAGS) $(OBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) -else - $(MKPROG) -o $@ $(CFLAGS) $(OBJS) $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) -endif -endif - -get_objs: - @echo $(OBJS) - -$(LIBRARY): $(BUILT_SRCS) $(OBJS) - @$(MAKE_OBJDIR) - rm -f $@ -ifeq ($(OS_ARCH), WINNT) - $(AR) $(subst /,\\,$(OBJS)) -else - $(AR) $(OBJS) -endif - $(RANLIB) $@ - - -ifeq ($(OS_ARCH),OS2) -$(IMPORT_LIBRARY): $(BUILT_SRCS) $(SHARED_LIBRARY) - rm -f $@ - $(IMPLIB) $@ $(patsubst %.lib,%.dll.def,$@) - $(RANLIB) $@ -endif - -ifdef SHARED_LIBRARY_LIBS -ifdef BUILD_TREE -SUB_SHLOBJS = $(foreach dir,$(SHARED_LIBRARY_DIRS),$(shell $(MAKE) -C $(dir) --no-print-directory get_objs)) -else -SUB_SHLOBJS = $(foreach dir,$(SHARED_LIBRARY_DIRS),$(addprefix $(dir)/,$(shell $(MAKE) -C $(dir) --no-print-directory get_objs))) -endif -endif - -$(SHARED_LIBRARY): $(BUILT_SRCS) $(OBJS) $(MAPFILE) - @$(MAKE_OBJDIR) - rm -f $@ -ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1) - echo "#!" > $(OBJDIR)/lib$(LIBRARY_NAME)_syms - nm -B -C -g $(OBJS) \ - | awk '/ [T,D] / {print $$3}' \ - | sed -e 's/^\.//' \ - | sort -u >> $(OBJDIR)/lib$(LIBRARY_NAME)_syms - $(LD) $(XCFLAGS) -o $@ $(OBJS) -bE:$(OBJDIR)/lib$(LIBRARY_NAME)_syms \ - -bM:SRE -bnoentry $(OS_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) -else -ifeq ($(OS_ARCH), WINNT) - $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJS) $(SUB_SHLOBJS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) $(LD_LIBS)) -else -ifeq ($(OS_ARCH),OS2) - @cmd /C "echo LIBRARY $(notdir $(basename $(SHARED_LIBRARY))) INITINSTANCE TERMINSTANCE >$@.def" - @cmd /C "echo PROTMODE >>$@.def" - @cmd /C "echo CODE LOADONCALL MOVEABLE DISCARDABLE >>$@.def" - @cmd /C "echo DATA PRELOAD MOVEABLE MULTIPLE NONSHARED >>$@.def" - @cmd /C "echo EXPORTS >>$@.def" - $(FILTER) $(OBJS) >>$@.def -ifdef SUB_SHLOBJS - @echo Number of words in OBJ list = $(words $(SUB_SHLOBJS)) - @echo If above number is over 100, need to reedit coreconf/rules.mk - -$(FILTER) $(wordlist 1,20,$(SUB_SHLOBJS)) >>$@.def - -$(FILTER) $(wordlist 21,40,$(SUB_SHLOBJS)) >>$@.def - -$(FILTER) $(wordlist 41,60,$(SUB_SHLOBJS)) >>$@.def - -$(FILTER) $(wordlist 61,80,$(SUB_SHLOBJS)) >>$@.def - -$(FILTER) $(wordlist 81,100,$(SUB_SHLOBJS)) >>$@.def -endif -endif #OS2 -ifdef XP_OS2_VACPP - $(MKSHLIB) $(DLLFLAGS) $(LDFLAGS) $(OBJS) $(SUB_SHLOBJS) $(LD_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $@.def -else - $(MKSHLIB) -o $@ $(OBJS) $(SUB_SHLOBJS) $(LD_LIBS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) -endif - chmod +x $@ -ifeq ($(OS_ARCH),OpenVMS) - @echo "`translate $@`" > $(@:$(DLL_SUFFIX)=vms) -endif -endif -endif - -ifeq ($(OS_ARCH), WINNT) -$(RES): $(RESNAME) - @$(MAKE_OBJDIR) -# The resource compiler does not understand the -U option. - $(RC) $(filter-out -U%,$(DEFINES)) $(INCLUDES) -Fo$@ $< - @echo $(RES) finished -endif - -$(MAPFILE): $(LIBRARY_NAME).def - @$(MAKE_OBJDIR) -ifeq ($(OS_ARCH),SunOS) - grep -v ';-' $(LIBRARY_NAME).def | \ - sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@ -endif -ifeq ($(OS_ARCH),Linux) - grep -v ';-' $(LIBRARY_NAME).def | \ - sed -e 's,;+,,' -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,;,' > $@ -endif -ifeq ($(OS_ARCH),AIX) - grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \ - sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' > $@ -endif -ifeq ($(OS_ARCH), HP-UX) - grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \ - sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,+e ,' > $@ -endif -ifeq ($(OS_ARCH), OSF1) - grep -v ';+' $(LIBRARY_NAME).def | grep -v ';-' | \ - sed -e 's; DATA ;;' -e 's,;;,,' -e 's,;.*,,' -e 's,^,-exported_symbol ,' > $@ -endif - - - -$(OBJDIR)/$(PROG_PREFIX)%$(PROG_SUFFIX): $(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX) - @$(MAKE_OBJDIR) -ifeq ($(OS_ARCH),WINNT) - $(MKPROG) $(OBJDIR)/$(PROG_PREFIX)$*$(OBJ_SUFFIX) -Fe$@ -link \ - $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) -else - $(MKPROG) -o $@ $(OBJDIR)/$(PROG_PREFIX)$*$(OBJ_SUFFIX) \ - $(LDFLAGS) $(EXTRA_LIBS) $(EXTRA_SHARED_LIBS) $(OS_LIBS) -endif - -WCCFLAGS1 := $(subst /,\\,$(CFLAGS)) -WCCFLAGS2 := $(subst -I,-i=,$(WCCFLAGS1)) -WCCFLAGS3 := $(subst -D,-d,$(WCCFLAGS2)) - -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c - @$(MAKE_OBJDIR) -ifdef USE_NT_C_SYNTAX - $(CC) -Fo$@ -c $(CFLAGS) $(subst /,\\,$<) -else - $(CC) -o $@ -c $(CFLAGS) $< -endif - -$(PROG_PREFIX)%$(OBJ_SUFFIX): %.c -ifdef USE_NT_C_SYNTAX - $(CC) -Fo$@ -c $(CFLAGS) $(subst /,\\,$<) -else - $(CC) -o $@ -c $(CFLAGS) $< -endif - -ifneq ($(OS_ARCH), WINNT) -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.s - @$(MAKE_OBJDIR) - $(AS) -o $@ $(ASFLAGS) -c $< -endif - -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.asm - @$(MAKE_OBJDIR) - $(AS) -Fo$@ $(ASFLAGS) -c $< - -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.S - @$(MAKE_OBJDIR) - $(AS) -o $@ $(ASFLAGS) -c $< - -$(OBJDIR)/$(PROG_PREFIX)%: %.cpp - @$(MAKE_OBJDIR) -ifdef USE_NT_C_SYNTAX - $(CCC) -Fo$@ -c $(CFLAGS) $< -else - $(CCC) -o $@ -c $(CFLAGS) $< -endif - -# -# Please keep the next two rules in sync. -# -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cc - @$(MAKE_OBJDIR) - $(CCC) -o $@ -c $(CFLAGS) $< - -$(OBJDIR)/$(PROG_PREFIX)%$(OBJ_SUFFIX): %.cpp - @$(MAKE_OBJDIR) -ifdef STRICT_CPLUSPLUS_SUFFIX - echo "#line 1 \"$<\"" | cat - $< > $(OBJDIR)/t_$*.cc - $(CCC) -o $@ -c $(CFLAGS) $(OBJDIR)/t_$*.cc - rm -f $(OBJDIR)/t_$*.cc -else -ifdef USE_NT_C_SYNTAX - $(CCC) -Fo$@ -c $(CFLAGS) $< -else - $(CCC) -o $@ -c $(CFLAGS) $< -endif -endif #STRICT_CPLUSPLUS_SUFFIX - -%.i: %.cpp - $(CCC) -C -E $(CFLAGS) $< > $*.i - -%.i: %.c -ifeq ($(OS_ARCH),WINNT) - $(CC) -C /P $(CFLAGS) $< -else - $(CC) -C -E $(CFLAGS) $< > $*.i -endif - -ifneq ($(OS_ARCH), WINNT) -%.i: %.s - $(CC) -C -E $(CFLAGS) $< > $*.i -endif - -%: %.pl - rm -f $@; cp $*.pl $@; chmod +x $@ - -%: %.sh - rm -f $@; cp $*.sh $@; chmod +x $@ - -ifdef DIRS -$(DIRS):: - @if test -d $@; then \ - set $(EXIT_ON_ERROR); \ - echo "cd $@; $(MAKE)"; \ - cd $@; $(MAKE); \ - set +e; \ - else \ - echo "Skipping non-directory $@..."; \ - fi; \ - $(CLICK_STOPWATCH) -endif - -################################################################################ -# Bunch of things that extend the 'export' rule (in order): -################################################################################ - -$(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE) $(JMCSRCDIR):: - @if test ! -d $@; then \ - echo Creating $@; \ - rm -rf $@; \ - $(NSINSTALL) -D $@; \ - fi - -################################################################################ -## IDL_GEN - -ifneq ($(IDL_GEN),) - -#export:: -# $(IDL2JAVA) $(IDL_GEN) - -#all:: export - -#clobber:: -# rm -f $(IDL_GEN:.idl=.class) # XXX wrong! - -endif - -################################################################################ -### JSRCS -- for compiling java files -### -### NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined, -### replace $(CORE_DEPTH) with $(NETLIBDEPTH). -### - -ifneq ($(JSRCS),) -ifneq ($(JAVAC),) -ifdef NETLIBDEPTH - CORE_DEPTH := $(NETLIBDEPTH) -endif - -JAVA_EXPORT_SRCS=$(shell perl $(CORE_DEPTH)/coreconf/outofdate.pl $(PERLARG) -d $(JAVA_DESTPATH)/$(PACKAGE) $(JSRCS) $(PRIVATE_JSRCS)) - -export:: $(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE) -ifneq ($(JAVA_EXPORT_SRCS),) - $(JAVAC) $(JAVA_EXPORT_SRCS) -endif - -all:: export - -clobber:: - rm -f $(SOURCE_XP_DIR)/classes/$(PACKAGE)/*.class - -endif -endif - -# -# JDIRS -- like JSRCS, except you can give a list of directories and it will -# compile all the out-of-date java files in those directories. -# -# NOTE: recursing through these can speed things up, but they also cause -# some builds to run out of memory -# -# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined, -# replace $(CORE_DEPTH) with $(NETLIBDEPTH). -# -ifdef JDIRS -ifneq ($(JAVAC),) -ifdef NETLIBDEPTH - CORE_DEPTH := $(NETLIBDEPTH) -endif - -export:: $(JAVA_DESTPATH) $(JAVA_DESTPATH)/$(PACKAGE) - @for d in $(JDIRS); do \ - if test -d $$d; then \ - set $(EXIT_ON_ERROR); \ - files=`echo $$d/*.java`; \ - list=`perl $(CORE_DEPTH)/coreconf/outofdate.pl $(PERLARG) \ - -d $(JAVA_DESTPATH)/$(PACKAGE) $$files`; \ - if test "$${list}x" != "x"; then \ - echo Building all java files in $$d; \ - echo $(JAVAC) $$list; \ - $(JAVAC) $$list; \ - fi; \ - set +e; \ - else \ - echo "Skipping non-directory $$d..."; \ - fi; \ - $(CLICK_STOPWATCH); \ - done -endif -endif - -# -# JDK_GEN -- for generating "old style" native methods -# -# Generate JDK Headers and Stubs into the '_gen' and '_stubs' directory -# -# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined, -# replace $(CORE_DEPTH) with $(NETLIBDEPTH). -# -ifneq ($(JDK_GEN),) -ifneq ($(JAVAH),) -ifdef NSBUILDROOT - INCLUDES += -I$(JDK_GEN_DIR) -I$(SOURCE_XP_DIR) -else - INCLUDES += -I$(JDK_GEN_DIR) -endif - -ifdef NETLIBDEPTH - CORE_DEPTH := $(NETLIBDEPTH) -endif - -JDK_PACKAGE_CLASSES := $(JDK_GEN) -JDK_PATH_CLASSES := $(subst .,/,$(JDK_PACKAGE_CLASSES)) -JDK_HEADER_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JDK_PATH_CLASSES)) -JDK_STUB_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JDK_PATH_CLASSES)) -JDK_HEADER_CFILES := $(patsubst %,$(JDK_GEN_DIR)/%.h,$(JDK_GEN)) -JDK_STUB_CFILES := $(patsubst %,$(JDK_STUB_DIR)/%.c,$(JDK_GEN)) - -$(JDK_HEADER_CFILES): $(JDK_HEADER_CLASSFILES) -$(JDK_STUB_CFILES): $(JDK_STUB_CLASSFILES) - -export:: - @echo Generating/Updating JDK headers - $(JAVAH) -d $(JDK_GEN_DIR) $(JDK_PACKAGE_CLASSES) - @echo Generating/Updating JDK stubs - $(JAVAH) -stubs -d $(JDK_STUB_DIR) $(JDK_PACKAGE_CLASSES) -ifndef NO_MAC_JAVA_SHIT - @if test ! -d $(CORE_DEPTH)/lib/mac/Java/; then \ - echo "!!! You need to have a ns/lib/mac/Java directory checked out."; \ - echo "!!! This allows us to automatically update generated files for the mac."; \ - echo "!!! If you see any modified files there, please check them in."; \ - fi - @echo Generating/Updating JDK headers for the Mac - $(JAVAH) -mac -d $(CORE_DEPTH)/lib/mac/Java/_gen $(JDK_PACKAGE_CLASSES) - @echo Generating/Updating JDK stubs for the Mac - $(JAVAH) -mac -stubs -d $(CORE_DEPTH)/lib/mac/Java/_stubs $(JDK_PACKAGE_CLASSES) -endif -endif -endif - -# -# JRI_GEN -- for generating "old style" JRI native methods -# -# Generate JRI Headers and Stubs into the 'jri' directory -# -# NOTE: For backwards compatibility, if $(NETLIBDEPTH) is defined, -# replace $(CORE_DEPTH) with $(NETLIBDEPTH). -# -ifneq ($(JRI_GEN),) -ifneq ($(JAVAH),) -ifdef NSBUILDROOT - INCLUDES += -I$(JRI_GEN_DIR) -I$(SOURCE_XP_DIR) -else - INCLUDES += -I$(JRI_GEN_DIR) -endif - -ifdef NETLIBDEPTH - CORE_DEPTH := $(NETLIBDEPTH) -endif - -JRI_PACKAGE_CLASSES := $(JRI_GEN) -JRI_PATH_CLASSES := $(subst .,/,$(JRI_PACKAGE_CLASSES)) -JRI_HEADER_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JRI_PATH_CLASSES)) -JRI_STUB_CLASSFILES := $(patsubst %,$(JAVA_DESTPATH)/%.class,$(JRI_PATH_CLASSES)) -JRI_HEADER_CFILES := $(patsubst %,$(JRI_GEN_DIR)/%.h,$(JRI_GEN)) -JRI_STUB_CFILES := $(patsubst %,$(JRI_GEN_DIR)/%.c,$(JRI_GEN)) - -$(JRI_HEADER_CFILES): $(JRI_HEADER_CLASSFILES) -$(JRI_STUB_CFILES): $(JRI_STUB_CLASSFILES) - -export:: - @echo Generating/Updating JRI headers - $(JAVAH) -jri -d $(JRI_GEN_DIR) $(JRI_PACKAGE_CLASSES) - @echo Generating/Updating JRI stubs - $(JAVAH) -jri -stubs -d $(JRI_GEN_DIR) $(JRI_PACKAGE_CLASSES) -ifndef NO_MAC_JAVA_SHIT - @if test ! -d $(CORE_DEPTH)/lib/mac/Java/; then \ - echo "!!! You need to have a ns/lib/mac/Java directory checked out."; \ - echo "!!! This allows us to automatically update generated files for the mac."; \ - echo "!!! If you see any modified files there, please check them in."; \ - fi - @echo Generating/Updating JRI headers for the Mac - $(JAVAH) -jri -mac -d $(CORE_DEPTH)/lib/mac/Java/_jri $(JRI_PACKAGE_CLASSES) - @echo Generating/Updating JRI stubs for the Mac - $(JAVAH) -jri -mac -stubs -d $(CORE_DEPTH)/lib/mac/Java/_jri $(JRI_PACKAGE_CLASSES) -endif -endif -endif - -# -# JNI_GEN -- for generating JNI native methods -# -# Generate JNI Headers into the 'jni' directory -# -ifneq ($(JNI_GEN),) -ifneq ($(JAVAH),) -JNI_HEADERS := $(patsubst %,$(JNI_GEN_DIR)/%.h,$(JNI_GEN)) - -export:: - @if test ! -d $(JNI_GEN_DIR); then \ - echo $(JAVAH) -jni -d $(JNI_GEN_DIR) $(JNI_GEN); \ - $(JAVAH) -jni -d $(JNI_GEN_DIR) $(JNI_GEN); \ - else \ - echo "Checking for out of date header files" ; \ - cmd="perl $(CORE_DEPTH)/coreconf/jniregen.pl $(PERLARG) \ - -d $(JAVA_DESTPATH) $(JNI_GEN)"; \ - echo $$cmd; \ - list=`$$cmd`; \ - if test "$${list}x" != "x"; then \ - echo $(JAVAH) -jni -d $(JNI_GEN_DIR) $$list; \ - $(JAVAH) -jni -d $(JNI_GEN_DIR) $$list; \ - fi \ - fi -endif -endif - -# -# JMC_EXPORT -- for declaring which java classes are to be exported for jmc -# -ifneq ($(JMC_EXPORT),) -JMC_EXPORT_PATHS := $(subst .,/,$(JMC_EXPORT)) -JMC_EXPORT_FILES := $(patsubst %,$(JAVA_DESTPATH)/$(PACKAGE)/%.class,$(JMC_EXPORT_PATHS)) - -# -# We're doing NSINSTALL -t here (copy mode) because calling INSTALL will pick up -# your NSDISTMODE and make links relative to the current directory. This is a -# problem because the source isn't in the current directory: -# -export:: $(JMC_EXPORT_FILES) $(JMCSRCDIR) - $(NSINSTALL) -t -m 444 $(JMC_EXPORT_FILES) $(JMCSRCDIR) -endif - -# -# JMC_GEN -- for generating java modules -# -# Provide default export & install rules when using JMC_GEN -# -ifneq ($(JMC_GEN),) -ifneq ($(JMC),) - INCLUDES += -I$(JMC_GEN_DIR) -I. - JMC_HEADERS := $(patsubst %,$(JMC_GEN_DIR)/%.h,$(JMC_GEN)) - JMC_STUBS := $(patsubst %,$(JMC_GEN_DIR)/%.c,$(JMC_GEN)) - JMC_OBJS := $(patsubst %,$(OBJDIR)/%$(OBJ_SUFFIX),$(JMC_GEN)) - -$(JMC_GEN_DIR)/M%.h: $(JMCSRCDIR)/%.class - $(JMC) -d $(JMC_GEN_DIR) -interface $(JMC_GEN_FLAGS) $(?F:.class=) - -$(JMC_GEN_DIR)/M%.c: $(JMCSRCDIR)/%.class - $(JMC) -d $(JMC_GEN_DIR) -module $(JMC_GEN_FLAGS) $(?F:.class=) - -$(OBJDIR)/M%$(OBJ_SUFFIX): $(JMC_GEN_DIR)/M%.h $(JMC_GEN_DIR)/M%.c - @$(MAKE_OBJDIR) - $(CC) -o $@ -c $(CFLAGS) $(JMC_GEN_DIR)/M$*.c - -export:: $(JMC_HEADERS) $(JMC_STUBS) -endif -endif - -# -# Copy each element of EXPORTS to $(SOURCE_XP_DIR)/public/$(MODULE)/ -# -PUBLIC_EXPORT_DIR = $(SOURCE_XP_DIR)/public/$(MODULE) - -ifneq ($(EXPORTS),) -$(PUBLIC_EXPORT_DIR):: - @if test ! -d $@; then \ - echo Creating $@; \ - $(NSINSTALL) -D $@; \ - fi - -export:: $(PUBLIC_EXPORT_DIR) - -export:: $(EXPORTS) - $(INSTALL) -m 444 $^ $(PUBLIC_EXPORT_DIR) - -export:: $(BUILT_SRCS) -endif - -# Duplicate export rule for private exports, with different directories - -PRIVATE_EXPORT_DIR = $(SOURCE_XP_DIR)/private/$(MODULE) - -ifneq ($(PRIVATE_EXPORTS),) -$(PRIVATE_EXPORT_DIR):: - @if test ! -d $@; then \ - echo Creating $@; \ - $(NSINSTALL) -D $@; \ - fi - -private_export:: $(PRIVATE_EXPORT_DIR) - -private_export:: $(PRIVATE_EXPORTS) - $(INSTALL) -m 444 $^ $(PRIVATE_EXPORT_DIR) -else -private_export:: - @echo There are no private exports.; -endif - -########################################################################## -### RULES FOR RUNNING REGRESSION SUITE TESTS -### REQUIRES 'REGRESSION_SPEC' TO BE SET TO THE NAME OF A REGRESSION SPECFILE -### AND RESULTS_SUBDIR TO BE SET TO SOMETHING LIKE SECURITY/PKCS5 -########################################################################## - -TESTS_DIR = $(RESULTS_DIR)/$(RESULTS_SUBDIR)/$(OS_CONFIG)$(CPU_TAG)$(COMPILER_TAG)$(IMPL_STRATEGY) - -ifneq ($(REGRESSION_SPEC),) -tests:: $(REGRESSION_SPEC) - cd $(PLATFORM); \ - ../$(SOURCE_MD_DIR)/bin/regress$(PROG_SUFFIX) specfile=../$(REGRESSION_SPEC) progress $(EXTRA_REGRESS_OPTIONS); \ - if test ! -d $(TESTS_DIR); then \ - echo Creating $(TESTS_DIR); \ - $(NSINSTALL) -D $(TESTS_DIR); \ - fi -ifneq ($(BUILD_OPT),) - $(NSINSTALL) -m 664 $(PLATFORM)/$(REGDATE).sum $(TESTS_DIR); \ - $(NSINSTALL) -m 664 $(PLATFORM)/$(REGDATE).htm $(TESTS_DIR); \ - echo "Please now make sure your results files are copied to $(TESTS_DIR), "; \ - echo "then run 'reporter specfile=$(RESULTS_DIR)/rptspec'" -endif -else -tests:: - @echo Error: you didn't specify REGRESSION_SPEC in your manifest.mn file!; -endif - - -# Duplicate export rule for releases, with different directories - -ifneq ($(EXPORTS),) -$(SOURCE_RELEASE_XP_DIR)/include:: - @if test ! -d $@; then \ - echo Creating $@; \ - $(NSINSTALL) -D $@; \ - fi - -release_export:: $(EXPORTS) $(SOURCE_RELEASE_XP_DIR)/include - $(INSTALL) -m 444 $(EXPORTS) $(SOURCE_RELEASE_XP_DIR)/include -endif - - - - -################################################################################ - --include $(DEPENDENCIES) - -ifneq (,$(filter-out OS2 WINNT,$(OS_ARCH))) -# Can't use sed because of its 4000-char line length limit, so resort to perl -.DEFAULT: - @perl -e ' \ - open(MD, "< $(DEPENDENCIES)"); \ - while () { \ - if (m@ \.*/*$< @) { \ - $$found = 1; \ - last; \ - } \ - } \ - if ($$found) { \ - print "Removing stale dependency $< from $(DEPENDENCIES)\n"; \ - seek(MD, 0, 0); \ - $$tmpname = "$(OBJDIR)/fix.md" . $$$$; \ - open(TMD, "> " . $$tmpname); \ - while () { \ - s@ \.*/*$< @ @; \ - if (!print TMD "$$_") { \ - unlink(($$tmpname)); \ - exit(1); \ - } \ - } \ - close(TMD); \ - if (!rename($$tmpname, "$(DEPENDENCIES)")) { \ - unlink(($$tmpname)); \ - } \ - } elsif ("$<" ne "$(DEPENDENCIES)") { \ - print "$(MAKE): *** No rule to make target $<. Stop.\n"; \ - exit(1); \ - }' -endif - -############################################################################# -# X dependency system -############################################################################# - -ifdef MKDEPENDENCIES - -# For Windows, $(MKDEPENDENCIES) must be -included before including rules.mk - -$(MKDEPENDENCIES):: - @$(MAKE_OBJDIR) - touch $(MKDEPENDENCIES) - chmod u+w $(MKDEPENDENCIES) -#on NT, the preceeding touch command creates a read-only file !?!?! -#which is why we have to explicitly chmod it. - $(MKDEPEND) -p$(OBJDIR_NAME)/ -o'$(OBJ_SUFFIX)' -f$(MKDEPENDENCIES) \ -$(NOMD_CFLAGS) $(YOPT) $(CSRCS) $(CPPSRCS) $(ASFILES) - -$(MKDEPEND):: $(MKDEPEND_DIR)/*.c $(MKDEPEND_DIR)/*.h - cd $(MKDEPEND_DIR); $(MAKE) - -ifdef OBJS -depend:: $(MKDEPEND) $(MKDEPENDENCIES) -else -depend:: -endif - +$(LOOP_OVER_DIRS) - -dependclean:: - rm -f $(MKDEPENDENCIES) - +$(LOOP_OVER_DIRS) - -#-include $(NSINSTALL_DIR)/$(OBJDIR)/depend.mk - -else -depend:: -endif - -################################################################################ -# Special gmake rules. -################################################################################ - -# -# Re-define the list of default suffixes, so gmake won't have to churn through -# hundreds of built-in suffix rules for stuff we don't need. -# -.SUFFIXES: -.SUFFIXES: .out .a .ln .o .obj .c .cc .C .cpp .y .l .s .S .h .sh .i .pl .class .java .html .asm - -# -# Don't delete these files if we get killed. -# -.PRECIOUS: .java $(JDK_HEADERS) $(JDK_STUBS) $(JRI_HEADERS) $(JRI_STUBS) $(JMC_HEADERS) $(JMC_STUBS) $(JNI_HEADERS) - -# -# Fake targets. Always run these rules, even if a file/directory with that -# name already exists. -# -.PHONY: all all_platforms alltags boot clean clobber clobber_all export install libs program realclean release $(OBJDIR) $(DIRS) - diff --git a/security/coreconf/ruleset.mk b/security/coreconf/ruleset.mk deleted file mode 100644 index 7ee92ab81..000000000 --- a/security/coreconf/ruleset.mk +++ /dev/null @@ -1,296 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# # -# Parameters to this makefile (set these in this file): # -# # -# a) # -# TARGETS -- the target to create # -# (defaults to $LIBRARY $PROGRAM) # -# b) # -# DIRS -- subdirectories for make to recurse on # -# (the 'all' rule builds $TARGETS $DIRS) # -# c) # -# CSRCS, CPPSRCS -- .c and .cpp files to compile # -# (used to define $OBJS) # -# d) # -# PROGRAM -- the target program name to create from $OBJS # -# ($OBJDIR automatically prepended to it) # -# e) # -# LIBRARY -- the target library name to create from $OBJS # -# ($OBJDIR automatically prepended to it) # -# f) # -# JSRCS -- java source files to compile into class files # -# (if you don't specify this it will default # -# to *.java) # -# g) # -# PACKAGE -- the package to put the .class files into # -# (e.g. netscape/applet) # -# (NOTE: the default definition for this may be # -# overridden if "jdk.mk" is included) # -# h) # -# JMC_EXPORT -- java files to be exported for use by JMC_GEN # -# (this is a list of Class names) # -# i) # -# JRI_GEN -- files to run through javah to generate headers # -# and stubs # -# (output goes into the _jri sub-dir) # -# j) # -# JMC_GEN -- files to run through jmc to generate headers # -# and stubs # -# (output goes into the _jmc sub-dir) # -# k) # -# JNI_GEN -- files to run through javah to generate headers # -# (output goes into the _jni sub-dir) # -# # -####################################################################### - -# -# At this time, the CPU_TAG value is actually assigned. -# - -CPU_TAG = - -# -# When the processor is NOT 386-based on Windows NT, override the -# value of $(CPU_TAG). -# -ifeq ($(OS_ARCH), WINNT) - ifneq ($(CPU_ARCH),x386) - CPU_TAG = _$(CPU_ARCH) - endif -endif - -# -# Always set CPU_TAG on Linux. -# -ifeq ($(OS_ARCH), Linux) - CPU_TAG = _$(CPU_ARCH) -endif - -# -# Always set CPU_TAG on OpenVMS. -# -ifeq ($(OS_ARCH), OpenVMS) - CPU_TAG = _$(CPU_ARCH) -endif - -# -# At this time, the COMPILER_TAG value is actually assigned. -# - -ifndef COMPILER_TAG -ifneq ($(DEFAULT_COMPILER), $(CC)) -# -# Temporary define for the Client; to be removed when binary release is used -# - ifdef MOZILLA_CLIENT - COMPILER_TAG = - else - COMPILER_TAG = _$(CC) - endif -else - COMPILER_TAG = -endif -endif - -# -# At this time, a default value of $(CC) is assigned to MKPROG. -# - -ifeq ($(MKPROG),) - MKPROG = $(CC) -endif - -# -# This makefile contains rules for building the following kinds of -# objects: -# - (1) LIBRARY: a static (archival) library -# - (2) SHARED_LIBRARY: a shared (dynamic link) library -# - (3) IMPORT_LIBRARY: an import library, used only on Windows -# - (4) PROGRAM: an executable binary -# -# NOTE: The names of libraries can be generated by simply specifying -# LIBRARY_NAME (and LIBRARY_VERSION in the case of non-static libraries). -# - -ifdef LIBRARY_NAME - ifeq ($(OS_ARCH), WINNT) - LIBRARY = $(OBJDIR)/$(LIBRARY_NAME).lib - SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).dll - IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)32$(JDK_DEBUG_SUFFIX).lib - else - ifeq ($(OS_ARCH), OS2) - LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME).lib - SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).dll - IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).lib - else - LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME).$(LIB_SUFFIX) - ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1) - SHARED_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)_shr$(JDK_DEBUG_SUFFIX).a - else - SHARED_LIBRARY = $(OBJDIR)/lib$(LIBRARY_NAME)$(LIBRARY_VERSION)$(JDK_DEBUG_SUFFIX).$(DLL_SUFFIX) - endif - endif - endif -endif - -# -# Common rules used by lots of makefiles... -# - -ifdef PROGRAM - PROGRAM := $(addprefix $(OBJDIR)/, $(PROGRAM)$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX)) -endif - -ifdef PROGRAMS - PROGRAMS := $(addprefix $(OBJDIR)/, $(PROGRAMS:%=%$(JDK_DEBUG_SUFFIX)$(PROG_SUFFIX))) -endif - -ifndef TARGETS - ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH))) - TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(IMPORT_LIBRARY) $(PROGRAM) - else - TARGETS = $(LIBRARY) $(SHARED_LIBRARY) $(PROGRAM) - endif -endif - -ifndef OBJS - SIMPLE_OBJS = $(JRI_STUB_CFILES) \ - $(addsuffix $(OBJ_SUFFIX), $(JMC_GEN)) \ - $(CSRCS:.c=$(OBJ_SUFFIX)) \ - $(CPPSRCS:.cpp=$(OBJ_SUFFIX)) \ - $(ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX)) \ - $(BUILT_CSRCS:.c=$(OBJ_SUFFIX)) \ - $(BUILT_CPPSRCS:.cpp=$(OBJ_SUFFIX)) \ - $(BUILT_ASFILES:$(ASM_SUFFIX)=$(OBJ_SUFFIX)) - OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS)) -endif - -ifndef BUILT_SRCS - BUILT_SRCS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), \ - $(BUILT_CSRCS) $(BUILT_CPPSRCS) $(BUILT_ASFILES)) -endif - - -ifeq ($(OS_ARCH),WINNT) - OBJS += $(RES) - MAKE_OBJDIR = $(INSTALL) -D $(OBJDIR) -else - define MAKE_OBJDIR - if test ! -d $(@D); then rm -rf $(@D); $(NSINSTALL) -D $(@D); fi - endef -endif - -ifndef PACKAGE - PACKAGE = . -endif - -ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \ - $(NOSUCHFILE) $(JDK_HEADER_CFILES) $(JDK_STUB_CFILES) \ - $(JRI_HEADER_CFILES) $(JRI_STUB_CFILES) $(JNI_HEADERS) $(JMC_STUBS) \ - $(JMC_HEADERS) $(JMC_EXPORT_FILES) so_locations \ - _gen _jmc _jri _jni _stubs \ - $(wildcard $(JAVA_DESTPATH)/$(PACKAGE)/*.class) \ - $(BUILT_SRCS) - -ifdef JDIRS - ALL_TRASH += $(addprefix $(JAVA_DESTPATH)/,$(JDIRS)) -endif - -ifdef NSBUILDROOT - JDK_GEN_DIR = $(SOURCE_XP_DIR)/_gen - JMC_GEN_DIR = $(SOURCE_XP_DIR)/_jmc - JNI_GEN_DIR = $(SOURCE_XP_DIR)/_jni - JRI_GEN_DIR = $(SOURCE_XP_DIR)/_jri - JDK_STUB_DIR = $(SOURCE_XP_DIR)/_stubs -else - JDK_GEN_DIR = _gen - JMC_GEN_DIR = _jmc - JNI_GEN_DIR = _jni - JRI_GEN_DIR = _jri - JDK_STUB_DIR = _stubs -endif - -# -# If this is an "official" build, try to build everything. -# I.e., don't exit on errors. -# - -ifdef BUILD_OFFICIAL - EXIT_ON_ERROR = +e - CLICK_STOPWATCH = date -else - EXIT_ON_ERROR = -e - CLICK_STOPWATCH = true -endif - -ifdef REQUIRES - MODULE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/public/, $(REQUIRES)) - INCLUDES += $(MODULE_INCLUDES) - ifeq ($(MODULE), sectools) - PRIVATE_INCLUDES := $(addprefix -I$(SOURCE_XP_DIR)/private/, $(REQUIRES)) - INCLUDES += $(PRIVATE_INCLUDES) - endif -endif - -ifdef SYSTEM_INCL_DIR - YOPT = -Y$(SYSTEM_INCL_DIR) -endif - -ifdef DIRS - LOOP_OVER_DIRS = \ - @for directory in $(DIRS); do \ - if test -d $$directory; then \ - set $(EXIT_ON_ERROR); \ - echo "cd $$directory; $(MAKE) $@"; \ - $(MAKE) -C $$directory $@; \ - set +e; \ - else \ - echo "Skipping non-directory $$directory..."; \ - fi; \ - $(CLICK_STOPWATCH); \ - done -endif - - - -# special stuff for tests rule in rules.mk - -ifneq ($(OS_ARCH),WINNT) - REGDATE = $(subst \ ,, $(shell perl $(CORE_DEPTH)/$(MODULE)/scripts/now)) -else - REGCOREDEPTH = $(subst \\,/,$(CORE_DEPTH)) - REGDATE = $(subst \ ,, $(shell perl $(CORE_DEPTH)/$(MODULE)/scripts/now)) -endif diff --git a/security/coreconf/source.mk b/security/coreconf/source.mk deleted file mode 100644 index 170d7dc25..000000000 --- a/security/coreconf/source.mk +++ /dev/null @@ -1,187 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master -specific source import/export directories # -####################################################################### - -# -# master import/export directory prefix -# - -ifndef SOURCE_PREFIX -ifndef BUILD_TREE -SOURCE_PREFIX = $(CORE_DEPTH)/../dist -else -SOURCE_PREFIX = $(BUILD_TREE)/dist -endif -endif - -# -# cross-platform (xp) master import/export directory -# - -ifndef SOURCE_XP_DIR -SOURCE_XP_DIR = $(SOURCE_PREFIX) -endif - -# -# cross-platform (xp) import/export directories -# - -SOURCE_CLASSES_DIR = $(SOURCE_XP_DIR)/classes -SOURCE_CLASSES_DBG_DIR = $(SOURCE_XP_DIR)/classes_DBG -SOURCE_XPHEADERS_DIR = $(SOURCE_XP_DIR)/public/$(MODULE) -SOURCE_XPPRIVATE_DIR = $(SOURCE_XP_DIR)/private/$(MODULE) - -ifdef BUILD_OPT - IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DIR) -else - IMPORT_XPCLASS_DIR = $(SOURCE_CLASSES_DBG_DIR) -endif - -# -# machine-dependent (md) master import/export directory -# - -ifndef SOURCE_MD_DIR -SOURCE_MD_DIR = $(SOURCE_PREFIX)/$(PLATFORM) -endif - -# -# machine-dependent (md) import/export directories -# - -#This is where we install built executables and (for Windows only) DLLs. -ifndef SOURCE_BIN_DIR -SOURCE_BIN_DIR = $(SOURCE_MD_DIR)/bin -endif - -#This is where we install built libraries (.a, .so, .lib). -ifndef SOURCE_LIB_DIR -SOURCE_LIB_DIR = $(SOURCE_MD_DIR)/lib -endif - -# This is where NSPR header files are found. -ifndef SOURCE_MDHEADERS_DIR -SOURCE_MDHEADERS_DIR = $(SOURCE_MD_DIR)/include -endif - -####################################################################### -# Master -specific source release directories and files # -####################################################################### - -# -# source-side master release directory prefix -# NOTE: export control policy enforced for XP and MD files released to -# the staging area -# - -ifeq ($(POLICY), domestic) - SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/domestic -else - ifeq ($(POLICY), export) - SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/export - else - ifeq ($(POLICY), france) - SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/france - else -#We shouldn't have to put another directory under here, but without it the perl -#script for releasing doesn't find the directory. It thinks it doesn't exist. -#So we're adding this no-policy directory so that the script for releasing works -#in all casese when policy is not set. This doesn't affect where the final jar -#files land, only where they are placed in the local tree when building the jar -#files. When there is no policy, the jar files will still land in -#/// like they used to. - SOURCE_RELEASE_PREFIX = $(SOURCE_PREFIX)/release/no-policy - endif - endif -endif - -# -# cross-platform (xp) source-side master release directory -# - -SOURCE_RELEASE_XP_DIR = $(SOURCE_RELEASE_PREFIX) - -# -# cross-platform (xp) source-side release directories -# - -SOURCE_RELEASE_CLASSES_DIR = classes -SOURCE_RELEASE_CLASSES_DBG_DIR = classes_DBG -SOURCE_RELEASE_XPHEADERS_DIR = include - -# -# cross-platform (xp) JAR source-side release files -# - -XPCLASS_JAR = xpclass.jar -XPCLASS_DBG_JAR = xpclass_dbg.jar -XPHEADER_JAR = xpheader.jar - -ifdef BUILD_OPT - IMPORT_XPCLASS_JAR = $(XPCLASS_JAR) -else - IMPORT_XPCLASS_JAR = $(XPCLASS_DBG_JAR) -endif - -# -# machine-dependent (md) source-side master release directory -# - -SOURCE_RELEASE_MD_DIR = $(PLATFORM) - -# -# machine-dependent (md) source-side release directories -# - -SOURCE_RELEASE_BIN_DIR = $(PLATFORM)/bin -SOURCE_RELEASE_LIB_DIR = $(PLATFORM)/lib -SOURCE_RELEASE_MDHEADERS_DIR = $(PLATFORM)/include -SOURCE_RELEASE_SPEC_DIR = $(SOURCE_RELEASE_MD_DIR) - -# -# machine-dependent (md) JAR/tar source-side release files -# - -MDBINARY_JAR = mdbinary.jar -MDHEADER_JAR = mdheader.jar - - -# Where to put the results - -ifneq ($(RESULTS_DIR),) - RESULTS_DIR = $(RELEASE_TREE)/sectools/results -endif - diff --git a/security/coreconf/suffix.mk b/security/coreconf/suffix.mk deleted file mode 100644 index 2739f9fe6..000000000 --- a/security/coreconf/suffix.mk +++ /dev/null @@ -1,123 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" suffixes # -####################################################################### - -# -# Object suffixes -# - -ifndef OBJ_SUFFIX - ifeq ($(OS_ARCH), WINNT) - OBJ_SUFFIX = .obj - else - ifeq ($(OS_ARCH), OS2) - OBJ_SUFFIX = .obj - else - OBJ_SUFFIX = .o - endif - endif -endif - -# -# Assembler source suffixes -# - -ifndef ASM_SUFFIX - ifeq ($(OS_ARCH), WINNT) - ASM_SUFFIX = .asm - else - ASM_SUFFIX = .s - endif -endif - -# -# Library suffixes -# - -STATIC_LIB_EXTENSION = - -ifndef DYNAMIC_LIB_EXTENSION - ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1) - DYNAMIC_LIB_EXTENSION = _shr - else - DYNAMIC_LIB_EXTENSION = - endif -endif - - -ifndef STATIC_LIB_SUFFIX - STATIC_LIB_SUFFIX = .$(LIB_SUFFIX) -endif - - -ifndef DYNAMIC_LIB_SUFFIX - DYNAMIC_LIB_SUFFIX = .$(DLL_SUFFIX) -endif - - -ifndef IMPORT_LIB_SUFFIX - ifeq ($(OS_ARCH), WINNT) - IMPORT_LIB_SUFFIX = .$(LIB_SUFFIX) - else - IMPORT_LIB_SUFFIX = - endif -endif - - -ifndef STATIC_LIB_SUFFIX_FOR_LINKING - STATIC_LIB_SUFFIX_FOR_LINKING = $(STATIC_LIB_SUFFIX) -endif - - -ifndef DYNAMIC_LIB_SUFFIX_FOR_LINKING - ifeq ($(OS_ARCH), WINNT) - DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(IMPORT_LIB_SUFFIX) - else - DYNAMIC_LIB_SUFFIX_FOR_LINKING = $(DYNAMIC_LIB_SUFFIX) - endif -endif - -# -# Program suffixes -# - -ifndef PROG_SUFFIX - ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH))) - PROG_SUFFIX = .exe - else - PROG_SUFFIX = - endif -endif diff --git a/security/coreconf/tree.mk b/security/coreconf/tree.mk deleted file mode 100644 index ae391b7ef..000000000 --- a/security/coreconf/tree.mk +++ /dev/null @@ -1,114 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Master "Core Components" file system "release" prefixes # -####################################################################### - -# RELEASE_TREE = $(CORE_DEPTH)/../coredist - - -ifndef RELEASE_TREE - ifdef BUILD_SHIP - ifdef USE_SHIPS - RELEASE_TREE = $(BUILD_SHIP) - else - RELEASE_TREE = /share/builds/components - endif - else - RELEASE_TREE = /share/builds/components - endif - ifeq ($(OS_TARGET), WINNT) - ifdef BUILD_SHIP - ifdef USE_SHIPS - RELEASE_TREE = $(NTBUILD_SHIP) - else - RELEASE_TREE = //blds-sca15a/components - endif - else - RELEASE_TREE = //blds-sca15a/components - endif - endif - - ifeq ($(OS_TARGET), WIN95) - ifdef BUILD_SHIP - ifdef USE_SHIPS - RELEASE_TREE = $(NTBUILD_SHIP) - else - RELEASE_TREE = //blds-sca15a/components - endif - else - RELEASE_TREE = //blds-sca15a/components - endif - endif - ifeq ($(OS_TARGET), WIN16) - ifdef BUILD_SHIP - ifdef USE_SHIPS - RELEASE_TREE = $(NTBUILD_SHIP) - else - RELEASE_TREE = //blds-sca15a/components - endif - else - RELEASE_TREE = //blds-sca15a/components - endif - endif -endif - -# -# NOTE: export control policy enforced for XP and MD files -# released to the binary release tree -# - -ifeq ($(POLICY), domestic) - RELEASE_XP_DIR = domestic - RELEASE_MD_DIR = domestic/$(PLATFORM) -else - ifeq ($(POLICY), export) - RELEASE_XP_DIR = export - RELEASE_MD_DIR = export/$(PLATFORM) - else - ifeq ($(POLICY), france) - RELEASE_XP_DIR = france - RELEASE_MD_DIR = france/$(PLATFORM) - else - RELEASE_XP_DIR = - RELEASE_MD_DIR = $(PLATFORM) - endif - endif -endif - - -REPORTER_TREE = $(subst \,\\,$(RELEASE_TREE)) - -IMPORT_XP_DIR = -IMPORT_MD_DIR = $(PLATFORM) diff --git a/security/coreconf/version.mk b/security/coreconf/version.mk deleted file mode 100644 index b2a55d180..000000000 --- a/security/coreconf/version.mk +++ /dev/null @@ -1,103 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Build master "Core Components" release version directory name # -####################################################################### - -# -# Always set CURRENT_VERSION_SYMLINK to the symbolic link. -# - -CURRENT_VERSION_SYMLINK = current - - -# -# For the sake of backwards compatibility (*sigh*) ... -# - -ifndef VERSION - ifdef BUILD_NUM - VERSION = $(BUILD_NUM) - endif -endif - -ifndef RELEASE_VERSION - ifdef BUILD_NUM - RELEASE_VERSION = $(BUILD_NUM) - endif -endif - -# -# If VERSION has still NOT been set on the command line, -# as an environment variable, by the individual Makefile, or -# by the -specific "version.mk" file, set VERSION equal -# to $(CURRENT_VERSION_SYMLINK). - -ifndef VERSION - VERSION = $(CURRENT_VERSION_SYMLINK) -endif - -# If RELEASE_VERSION has still NOT been set on the command line, -# as an environment variable, by the individual Makefile, or -# by the -specific "version.mk" file, automatically -# generate the next available version number via a perl script. -# - -ifndef RELEASE_VERSION - RELEASE_VERSION = -endif - -# -# Set -specific versions for compiliation and linkage. -# - -ifndef JAVA_VERSION - JAVA_VERSION = $(CURRENT_VERSION_SYMLINK) -endif - -ifndef NETLIB_VERSION - NETLIB_VERSION = $(CURRENT_VERSION_SYMLINK) -endif - -ifndef NSPR_VERSION - NSPR_VERSION = $(CURRENT_VERSION_SYMLINK) -endif - -ifndef SECTOOLS_VERSION - SECTOOLS_VERSION = $(CURRENT_VERSION_SYMLINK) -endif - -ifndef SECURITY_VERSION - SECURITY_VERSION = $(CURRENT_VERSION_SYMLINK) -endif diff --git a/security/coreconf/version.pl b/security/coreconf/version.pl deleted file mode 100644 index 47a71395b..000000000 --- a/security/coreconf/version.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/sbin/perl -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# Compose lowercase alphabet -@alphabet = ( "a", "b", "c", "d", "e", "f", "g", "h", - "i", "j", "k", "l", "m", "n", "o", "p", - "q", "r", "s", "t", "u", "v", "w", "x", - "y", "z" ); - -# Compute year -$year = (localtime)[5] + 1900; - -# Compute month -$month = (localtime)[4] + 1; - -# Compute day -$day = (localtime)[3]; - -# Compute base build number -$version = sprintf( "%d%02d%02d", $year, $month, $day ); -$directory = sprintf( "%s\/%s\/%d%02d%02d", $ARGV[0], $ARGV[1], $year, $month, $day ); - -# Print out the name of the first version directory which does not exist -#if( ! -e $directory ) -#{ - print $version; -#} -#else -#{ -# # Loop through combinations -# foreach $ch1 (@alphabet) -# { -# foreach $ch2 (@alphabet) -# { -# $version = sprintf( "%d%02d%02d%s%s", $year, $month, $day, $ch1, $ch2 ); -# $directory = sprintf( "%s\/%s\/%d%02d%02d%s%s", $ARGV[0], $ARGV[1], $year, $month, $day, $ch1, $ch2 ); -# if( ! -e $directory ) -# { -# print STDOUT $version; -# exit; -# } -# } -# } -#} - diff --git a/security/dbm/Makefile b/security/dbm/Makefile deleted file mode 100644 index 34cd6d899..000000000 --- a/security/dbm/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -coreconf_hack: - cd ../coreconf; gmake - gmake import - -RelEng_bld: coreconf_hack - gmake diff --git a/security/dbm/include/Makefile b/security/dbm/include/Makefile deleted file mode 100644 index 4d34d8832..000000000 --- a/security/dbm/include/Makefile +++ /dev/null @@ -1,86 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -DBM_SRCS = $(EXPORTS) $(PRIVATE_EXPORTS) watcomfx.h - -export:: $(DBM_SRCS) - -libs:: $(DBM_SRCS) - -program:: $(DBM_SRCS) - -private_export:: $(DBM_SRCS) - -echo:: - echo "$(DBM_SRCS)" diff --git a/security/dbm/include/manifest.mn b/security/dbm/include/manifest.mn deleted file mode 100644 index 886fedd98..000000000 --- a/security/dbm/include/manifest.mn +++ /dev/null @@ -1,57 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/include - -MODULE = dbm - -EXPORTS = nsres.h \ - cdefs.h \ - mcom_db.h \ - ncompat.h \ - winfile.h \ - $(NULL) - -PRIVATE_EXPORTS = hsearch.h \ - page.h \ - extern.h \ - ndbm.h \ - queue.h \ - hash.h \ - mpool.h \ - search.h \ - $(NULL) - diff --git a/security/dbm/manifest.mn b/security/dbm/manifest.mn deleted file mode 100644 index 4cfffae43..000000000 --- a/security/dbm/manifest.mn +++ /dev/null @@ -1,46 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = .. - -MODULE = dbm - -#IMPORTS = nspr20/v3.5 -IMPORTS = nspr20/v4.0 - -RELEASE = dbm - -DIRS = include \ - src \ - $(NULL) diff --git a/security/dbm/src/Makefile b/security/dbm/src/Makefile deleted file mode 100644 index b41b41671..000000000 --- a/security/dbm/src/Makefile +++ /dev/null @@ -1,85 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -DBM_SRCS = $(CSRCS) - -export:: $(DBM_SRCS) - -libs:: $(DBM_SRCS) - -program:: $(DBM_SRCS) - -private_export:: $(DBM_SRCS) - -echo:: - echo "$(DBM_SRCS)" diff --git a/security/dbm/src/config.mk b/security/dbm/src/config.mk deleted file mode 100644 index f6863d966..000000000 --- a/security/dbm/src/config.mk +++ /dev/null @@ -1,66 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEFINES += -DMEMMOVE -D__DBINTERFACE_PRIVATE $(SECURITY_FLAG) -DNSPR20=1 - -INCLUDES += -I../include -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -# -# Currently, override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PURE_LIBRARY = -PROGRAM = - -ifdef SHARED_LIBRARY - ifeq ($(OS_ARCH),WINNT) - ifneq ($(OS_TARGET),WIN16) - DLLBASE=/BASE:0x30000000 - RES=$(OBJDIR)/dbm.res - RESNAME=../include/dbm.rc - endif - endif - ifeq ($(DLL_SUFFIX),dll) - DEFINES += -D_DLL - endif -endif - -ifeq ($(OS_ARCH),AIX) - OS_LIBS += -lc_r -endif diff --git a/security/dbm/src/manifest.mn b/security/dbm/src/manifest.mn deleted file mode 100644 index 4b64ffb4b..000000000 --- a/security/dbm/src/manifest.mn +++ /dev/null @@ -1,57 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/src - -MODULE = dbm - -CSRCS = db.c \ - h_bigkey.c \ - h_func.c \ - h_log2.c \ - h_page.c \ - hash.c \ - hash_buf.c \ - hsearch.c \ - memmove.c \ - mktemp.c \ - ndbm.c \ -# snprintf.c \ - strerror.c \ - nsres.c \ - $(NULL) - -LIBRARY_NAME = dbm diff --git a/security/dbm/tests/Makefile b/security/dbm/tests/Makefile deleted file mode 100644 index c095d87c7..000000000 --- a/security/dbm/tests/Makefile +++ /dev/null @@ -1,125 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -DEPTH = ../.. -CORE_DEPTH = ../.. - -VPATH = $(CORE_DEPTH)/../dbm/tests - -MODULE = dbm - -CSRCS = lots.c - -PROGRAM = lots - -include $(DEPTH)/coreconf/config.mk - -ifeq ($(OS_ARCH),WINNT) -DEFINES += -DSTDARG -DSTDC_HEADERS -LIBDBM = ../src/$(PLATFORM)/dbm$(STATIC_LIB_SUFFIX) -else -LIBDBM = ../src/$(PLATFORM)/libdbm$(STATIC_LIB_SUFFIX) -endif - -ifeq ($(OS_ARCH),AIX) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),BSD_386) -CFLAGS += -g -I../../../include -DXP_UNIX -g -DBSDI -DHAVE_STRERROR -D__386BSD__ -DDEBUG -DMEMMOVE -D__DBINTERFACE_PRIVATE -endif - -ifeq ($(OS_ARCH),FreeBSD) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),HP-UX) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),IRIX) -CFLAGS += -g -I../../../include -DDEBUG -DSTDARG -endif - -ifeq ($(OS_ARCH),OSF1) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),Linux) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),NCR) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),SCO_SV) -CFLAGS += -DSTDARG -endif - -ifeq ($(OS_ARCH),SunOS) -CFLAGS += -g -I../../../include -D_sun_ -endif - -ifeq ($(OS_ARCH),UNIXWARE) -CFLAGS += -DSTDARG -endif - -INCLUDES += -I../include -INCLUDES += -I$(CORE_DEPTH)/../dbm/include - -LDFLAGS = $(LDOPTS) $(LIBDBM) - -include $(DEPTH)/coreconf/rules.mk - -lots.pure: lots - purify $(CC) -o lots.pure $(CFLAGS) $(OBJS) $(MYLIBS) - -crash: crash.o $(MYLIBS) - $(CC) -o crash $(CFLAGS) $^ - -crash.pure: crash.o $(MYLIBS) - purify $(CC) -o crash.pure $(CFLAGS) $^ - - - -DBM_SRCS = $(CSRCS) - -export:: $(DBM_SRCS) - -libs:: $(DBM_SRCS) - -program:: $(DBM_SRCS) - -private_export:: $(DBM_SRCS) - diff --git a/security/nss/Makefile b/security/nss/Makefile deleted file mode 100644 index 8c2d74331..000000000 --- a/security/nss/Makefile +++ /dev/null @@ -1,111 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -nss_build_all: build_coreconf build_nspr build_dbm all - -build_coreconf: - cd $(CORE_DEPTH)/coreconf ; $(MAKE) - -build_nspr: - cd $(CORE_DEPTH)/../nsprpub ; $(MAKE) OBJDIR_NAME=${OBJDIR_NAME} - -build_dbm: - cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs - - - -moz_import:: -ifeq ($(OS_ARCH),WINNT) - $(NSINSTALL) -D $(DIST)/include/nspr - cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr - cp $(DIST)/../include/* $(DIST)/include -ifdef BUILD_OPT - cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib -else - cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib -endif - mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib -else -ifeq ($(OS_ARCH),OS2) - cp -rf $(DIST)/../include $(DIST) - cp -rf $(DIST)/../lib $(DIST) - cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX) -else - $(NSINSTALL) -L ../../dist include $(DIST) - $(NSINSTALL) -L ../../dist lib $(DIST) - cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX) -endif -endif - -nss_RelEng_bld: build_coreconf import all diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore deleted file mode 100644 index 6329db22e..000000000 --- a/security/nss/cmd/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -.gdbinit diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile deleted file mode 100644 index dd012940e..000000000 --- a/security/nss/cmd/Makefile +++ /dev/null @@ -1,182 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../.. -DEPTH = ../.. - -include manifest.mn -include $(CORE_DEPTH)/coreconf/config.mk - -# These sources were once in this directory, but now are gone. -MISSING_SOURCES = \ - addcert.c \ - berparse.c \ - cert.c \ - key.c \ - key_rand.c \ - keygen.c \ - sec_fe.c \ - sec_read.c \ - secarb.c \ - secutil.c \ - $(NULL) - -# we don't build these any more, but the sources are still here -OBSOLETE = \ - berdec.c \ - berdump.c \ - cypher.c \ - dumpcert.c \ - listcerts.c \ - mkdongle.c \ - p12exprt.c \ - p12imprt.c \ - rc4.c \ - sign.c \ - unwrap.c \ - vector.c \ - verify.c \ - wrap.c \ - $(NULL) - -# the base files for the executables -# hey -- keep these alphabetical, please -EXEC_SRCS = \ - $(NULL) - -# files that generate two separate objects and executables -# BI_SRCS = \ -# keyutil.c \ -# p7env.c \ -# tstclnt.c \ -# $(NULL) - -# -I$(CORE_DEPTH)/security/lib/cert \ -# -I$(CORE_DEPTH)/security/lib/key \ -# -I$(CORE_DEPTH)/security/lib/util \ - -INCLUDES += \ - -I$(DIST)/../public/security \ - -I./include \ - $(NULL) - -TBD_DIRS = rsh rshd rdist ssld - -# For the time being, sec stuff is export only -# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION - -US_FLAGS = -DEXPORT_VERSION -EXPORT_FLAGS = -DEXPORT_VERSION - -BASE_LIBS = \ - $(DIST)/lib/libdbm.$(LIB_SUFFIX) \ - $(DIST)/lib/libxp.$(LIB_SUFFIX) \ - $(DIST)/lib/libnspr.$(LIB_SUFFIX) \ - $(NULL) - -# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \ - -#There is a circular dependancy in security/lib, and here is a gross fix -SEC_LIBS = \ - $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \ - $(DIST)/lib/libssl.$(LIB_SUFFIX) \ - $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \ - $(DIST)/lib/libcert.$(LIB_SUFFIX) \ - $(DIST)/lib/libkey.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \ - $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \ - $(DIST)/lib/libssl.$(LIB_SUFFIX) \ - $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \ - $(DIST)/lib/libcert.$(LIB_SUFFIX) \ - $(DIST)/lib/libkey.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \ - $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \ - $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \ - $(DIST)/lib/libhash.$(LIB_SUFFIX) \ - $(NULL) - -MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX) - -US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) -EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) - -REQUIRES = libxp nspr security - -CSRCS = $(EXEC_SRCS) $(BI_SRCS) - -OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o) - -PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX))) -US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX))) -EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX))) - - -NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS) -TARGETS = $(NON_DIRS) - -include $(CORE_DEPTH)/coreconf/rules.mk - - -ifneq ($(OS_ARCH),OS2) -$(OBJDIR)/%-us.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(US_FLAGS) -c $*.c - -$(OBJDIR)/%-ex.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c - -$(OBJDIR)/%.o: %.c - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c - -$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS) - -$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS) - -$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS) - @$(MAKE_OBJDIR) - $(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS) - -#install:: $(TARGETS) -# $(INSTALL) $(TARGETS) $(DIST)/bin -endif - -symbols:: - @echo "TARGETS = $(TARGETS)" diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile deleted file mode 100644 index cf741f387..000000000 --- a/security/nss/cmd/SSLsample/Makefile +++ /dev/null @@ -1,44 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# do these once for each target program -all default export libs program install release_export:: - $(MAKE) -f make.client $@ - $(MAKE) -f make.server $@ - -# only do these things once for the whole directory -depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show:: - $(MAKE) -f make.client $@ - - diff --git a/security/nss/cmd/SSLsample/Makefile.NSS b/security/nss/cmd/SSLsample/Makefile.NSS deleted file mode 100644 index 0a3545f4f..000000000 --- a/security/nss/cmd/SSLsample/Makefile.NSS +++ /dev/null @@ -1,58 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -ARCH := $(shell uname) - -ifeq ($(ARCH), SunOS) - DEFINES = -KPIC -DSVR4 -DSOLARIS -DSYSV -D__svr4 -D__svr4__ \ - -D_REENTRANT -DSOLARIS2_5 -D_SVID_GETTOD -DXP_UNIX -UDEBUG -DNDEBUG \ - -DXP_UNIX - INCPATH = -I. -I../include/dbm -I../include/nspr -I../include/security - LIBPATH = -L../lib - LIBS = -lnss -lssl -lpkcs7 -lpkcs12 -lsecmod -lcert -lkey \ - -lcrypto -lsecutil -lhash -ldbm -lplc4 -lplds4 -lnspr4 -lsocket -lnsl - CFLAGS = -g - CC = cc -endif # SunOS - -# The rules to build the sample apps appear below. - -server: - $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS) - -client: - $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS) - -clean: - rm -fr server client server.o client.o - diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h deleted file mode 100644 index bacdef6b2..000000000 --- a/security/nss/cmd/SSLsample/NSPRerrs.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* General NSPR 2.0 errors */ -/* Caller must #include "prerror.h" */ - -ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." ) -ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." ) -ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." ) -ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." ) -ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." ) -ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." ) -ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." ) -ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." ) -ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." ) -ER2( PR_IO_ERROR, "I/O function error." ) -ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." ) -ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." ) -ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." ) -ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." ) -ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." ) -ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." ) -ER2( PR_IS_CONNECTED_ERROR, "Already connected." ) -ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." ) -ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." ) -ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." ) -ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." ) -ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." ) -ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." ) -ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." ) -ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." ) -ER2( PR_FIND_SYMBOL_ERROR, -"Symbol not found in any of the loaded dynamic libraries." ) -ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." ) -ER2( PR_DIRECTORY_LOOKUP_ERROR, -"A directory lookup on a network address has failed." ) -ER2( PR_TPD_RANGE_ERROR, -"Attempt to access a TPD key that is out of range." ) -ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." ) -ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." ) -ER2( PR_NOT_SOCKET_ERROR, -"Network operation attempted on non-network file descriptor." ) -ER2( PR_NOT_TCP_SOCKET_ERROR, -"TCP-specific function attempted on a non-TCP file descriptor." ) -ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." ) -ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." ) -ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, -"The requested operation is not supported by the platform." ) -ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, -"The host operating system does not support the protocol requested." ) -ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." ) -ER2( PR_BUFFER_OVERFLOW_ERROR, -"The value requested is too large to be stored in the data buffer provided." ) -ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." ) -ER2( PR_RANGE_ERROR, "Unused." ) -ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." ) -ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." ) -ER2( PR_FILE_TOO_BIG_ERROR, -"Write would result in file larger than the system allows." ) -ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." ) -ER2( PR_PIPE_ERROR, "Unused." ) -ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." ) -ER2( PR_IS_DIRECTORY_ERROR, -"Cannot perform a normal file operation on a directory." ) -ER2( PR_LOOP_ERROR, "Symbolic link loop." ) -ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." ) -ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." ) -ER2( PR_NOT_DIRECTORY_ERROR, -"Cannot perform directory operation on a normal file." ) -ER2( PR_READ_ONLY_FILESYSTEM_ERROR, -"Cannot write to a read-only file system." ) -ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, -"Cannot delete a directory that is not empty." ) -ER2( PR_FILESYSTEM_MOUNTED_ERROR, -"Cannot delete or rename a file object while the file system is busy." ) -ER2( PR_NOT_SAME_DEVICE_ERROR, -"Cannot rename a file to a file system on another device." ) -ER2( PR_DIRECTORY_CORRUPTED_ERROR, -"The directory object in the file system is corrupted." ) -ER2( PR_FILE_EXISTS_ERROR, -"Cannot create or rename a filename that already exists." ) -ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, -"Directory is full. No additional filenames may be added." ) -ER2( PR_INVALID_DEVICE_STATE_ERROR, -"The required device was in an invalid state." ) -ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." ) -ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." ) -ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." ) -ER2( PR_FILE_SEEK_ERROR, "Seek error." ) -ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." ) -ER2( PR_IN_PROGRESS_ERROR, -"Operation is still in progress (probably a non-blocking connect)." ) -ER2( PR_ALREADY_INITIATED_ERROR, -"Operation has already been initiated (probably a non-blocking connect)." ) - -#ifdef PR_GROUP_EMPTY_ERROR -ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." ) -#endif - -#ifdef PR_INVALID_STATE_ERROR -ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." ) -#endif - -ER2( PR_MAX_ERROR, "Placeholder for the end of the list" ) diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README deleted file mode 100644 index 2c4c09110..000000000 --- a/security/nss/cmd/SSLsample/README +++ /dev/null @@ -1,43 +0,0 @@ -These sample programs can be built in either of two ways: -1) is the NSS source tree, using the coreconf build system, and -2) stand alone (as part of the NSS distribution). - -The following makefiles are used only when building in the NSS source tree -using coreconf. These are NOT part of the distribution. - -Makefile -client.mn -server.mn -config.mk -make.client -make.server - -The following makefiles are used only when building in the NSS distribution. -These files are part of the distribution. - -Makefile.NSS -nmakefile95.nss -nmakefilent.nss - - -The following source files are common to both build environments and are -part of the distribution. - -NSPRerrs.h -SECerrs.h -SSLerrs.h -client.c -getopt.c -server.c -sslerror.h - -In the NSS 2.0 distribution, the sample code and makefiles are in a -directory named "samples". The directories relevant to building -in the distributed tree are: - -./samples -./include/dbm -./include/nspr -./include/security -./lib - diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h deleted file mode 100644 index 2059df6a2..000000000 --- a/security/nss/cmd/SSLsample/SECerrs.h +++ /dev/null @@ -1,441 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* General security error codes */ -/* Caller must #include "secerr.h" */ - -ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0, -"An I/O error occurred during security authorization.") - -ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1, -"security library failure.") - -ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2, -"security library: received bad data.") - -ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3, -"security library: output length error.") - -ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4, -"security library has experienced an input length error.") - -ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5, -"security library: invalid arguments.") - -ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6, -"security library: invalid algorithm.") - -ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7, -"security library: invalid AVA.") - -ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8, -"Improperly formatted time string.") - -ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9, -"security library: improperly formatted DER-encoded message.") - -ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10, -"Peer's certificate has an invalid signature.") - -ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11, -"Peer's Certificate has expired.") - -ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12, -"Peer's Certificate has been revoked.") - -ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13, -"Peer's Certificate issuer is not recognized.") - -ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14, -"Peer's public key is invalid.") - -ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15, -"The security password entered is incorrect.") - -ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16, -"New password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17, -"security library: no nodelock.") - -ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18, -"security library: bad database.") - -ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19, -"security library: memory allocation failure.") - -ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20, -"Peer's certificate issuer has been marked as not trusted by the user.") - -ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21, -"Peer's certificate has been marked as not trusted by the user.") - -ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22), -"Certificate already exists in your database.") - -ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23), -"Downloaded certificate's name duplicates one already in your database.") - -ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24), -"Error adding certificate to database.") - -ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25), -"Error refiling the key for this certificate.") - -ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26), -"The private key for this certificate cannot be found in key database") - -ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27), -"This certificate is valid.") - -ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28), -"This certificate is not valid.") - -ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29), -"Cert Library: No Response") - -ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30), -"The certificate issuer's certificate has expired. Check your system date and time.") - -ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31), -"The CRL for the certificate's issuer has expired. Update it or check your system data and time.") - -ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32), -"The CRL for the certificate's issuer has an invalid signature.") - -ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33), -"New CRL has an invalid format.") - -ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34), -"Certificate extension value is invalid.") - -ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35), -"Certificate extension not found.") - -ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36), -"Issuer certificate is invalid.") - -ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37), -"Certificate path length constraint is invalid.") - -ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38), -"Certificate usages field is invalid.") - -ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39), -"**Internal ONLY module**") - -ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40), -"The key does not support the requested operation.") - -ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41), -"Certificate contains unknown critical extension.") - -ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42), -"New CRL is not later than the current one.") - -ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43), -"Not encrypted or signed: you do not yet have an email certificate.") - -ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44), -"Not encrypted: you do not have certificates for each of the recipients.") - -ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45), -"Cannot decrypt: you are not a recipient, or matching certificate and \ -private key not found.") - -ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46), -"Cannot decrypt: key encryption algorithm does not match your certificate.") - -ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47), -"Signature verification failed: no signer found, too many signers found, \ -or improper or corrupted data.") - -ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48), -"Unsupported or unknown key algorithm.") - -ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49), -"Cannot decrypt: encrypted using a disallowed algorithm or key size.") - - -/* Fortezza Alerts */ -ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50), -"Fortezza card has not been properly initialized. \ -Please remove it and return it to your issuer.") - -ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51), -"No Fortezza cards Found") - -ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52), -"No Fortezza card selected") - -ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53), -"Please select a personality to get more info on") - -ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54), -"Personality not found") - -ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55), -"No more information on that Personality") - -ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56), -"Invalid Pin") - -ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57), -"Couldn't initialize Fortezza personalities.") -/* end fortezza alerts. */ - -ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58), -"No KRL for this site's certificate has been found.") - -ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59), -"The KRL for this site's certificate has expired.") - -ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60), -"The KRL for this site's certificate has an invalid signature.") - -ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61), -"The key for this site's certificate has been revoked.") - -ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62), -"New KRL has an invalid format.") - -ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63), -"security library: need random data.") - -ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64), -"security library: no security module can perform the requested operation.") - -ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65), -"The security card or token does not exist, needs to be initialized, or has been removed.") - -ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66), -"security library: read-only database.") - -ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67), -"No slot or token was selected.") - -ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68), -"A certificate with the same nickname already exists.") - -ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69), -"A key with the same nickname already exists.") - -ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70), -"error while creating safe object") - -ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71), -"error while creating baggage object") - -ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72), -"Couldn't remove the principal") - -ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73), -"Couldn't delete the privilege") - -ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74), -"This principal doesn't have a certificate") - -ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75), -"Required algorithm is not allowed.") - -ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76), -"Error attempting to export certificates.") - -ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77), -"Error attempting to import certificates.") - -ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78), -"Unable to import. Decoding error. File not valid.") - -ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79), -"Unable to import. Invalid MAC. Incorrect password or corrupt file.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80), -"Unable to import. MAC algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81), -"Unable to import. Only password integrity and privacy modes supported.") - -ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82), -"Unable to import. File structure is corrupt.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83), -"Unable to import. Encryption algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84), -"Unable to import. File version not supported.") - -ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85), -"Unable to import. Incorrect privacy password.") - -ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86), -"Unable to import. Same nickname already exists in database.") - -ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87), -"The user pressed cancel.") - -ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88), -"Not imported, already in database.") - -ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89), -"Message not sent.") - -ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90), -"Certificate key usage inadequate for attempted operation.") - -ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91), -"Certificate type not approved for application.") - -ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92), -"Address in signing certificate does not match address in message headers.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93), -"Unable to import. Error attempting to import private key.") - -ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94), -"Unable to import. Error attempting to import certificate chain.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95), -"Unable to export. Unable to locate certificate or key by nickname.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96), -"Unable to export. Private Key could not be located and exported.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97), -"Unable to export. Unable to write the export file.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98), -"Unable to import. Unable to read the import file.") - -ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99), -"Unable to export. Key database corrupt or deleted.") - -ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100), -"Unable to generate public/private key pair.") - -ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101), -"Password entered is invalid. Please pick a different one.") - -ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102), -"Old password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103), -"Certificate nickname already in use.") - -ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104), -"Peer FORTEZZA chain has a non-FORTEZZA Certificate.") - -/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */ - -ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106), -"Invalid module name.") - -ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107), -"Invalid module path/filename") - -ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108), -"Unable to add module") - -ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109), -"Unable to delete module") - -ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110), -"New KRL is not later than the current one.") - -ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111), -"New CKL has different issuer than current CKL. Delete current CKL.") - -ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112), -"The Certifying Authority for this certificate is not permitted to issue a \ -certificate with this name.") - -ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113), -"The key revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114), -"The certificate revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115), -"The requested certificate could not be found.") - -ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116), -"The signer's certificate could not be found.") - -ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117), -"The location for the certificate status server has invalid format.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118), -"The OCSP response cannot be fully decoded; it is of an unknown type.") - -ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119), -"The OCSP server returned unexpected/invalid HTTP data.") - -ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120), -"The OCSP server found the request to be corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121), -"The OCSP server experienced an internal error.") - -ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122), -"The OCSP server suggests trying again later.") - -ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123), -"The OCSP server requires a signature on this request.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124), -"The OCSP server has refused this request as unauthorized.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125), -"The OCSP server returned an unrecognizable status.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126), -"The OCSP server has no status for the certificate.") - -ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127), -"You must enable OCSP before performing this operation.") - -ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128), -"You must set the OCSP default responder before performing this operation.") - -ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129), -"The response from the OCSP server was corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130), -"The signer of the OCSP response is not authorized to give status for \ -this certificate.") - -ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131), -"The OCSP response is not yet valid (contains a date in the future).") - -ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132), -"The OCSP response contains out-of-date information.") diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h deleted file mode 100644 index 06803b849..000000000 --- a/security/nss/cmd/SSLsample/SSLerrs.h +++ /dev/null @@ -1,366 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* SSL-specific security error codes */ -/* caller must include "sslerr.h" */ - -ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, -"Unable to communicate securely. Peer does not support high-grade encryption.") - -ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, -"Unable to communicate securely. Peer requires high-grade encryption which is not supported.") - -ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, -"Cannot communicate securely with peer: no common encryption algorithm(s).") - -ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, -"Unable to find the certificate or key necessary for authentication.") - -ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, -"Unable to communicate securely with peer: peers's certificate was rejected.") - -/* unused (SSL_ERROR_BASE + 5),*/ - -ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, -"The server has encountered bad data from the client.") - -ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, -"The client has encountered bad data from the server.") - -ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, -"Unsupported certificate type.") - -ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, -"Peer using unsupported version of security protocol.") - -/* unused (SSL_ERROR_BASE + 10),*/ - -ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, -"Client authentication failed: private key in key database does not match public key in certificate database.") - -ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, -"Unable to communicate securely with peer: requested domain name does not match the server's certificate.") - -/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13), - defined in sslerr.h -*/ - -ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), -"Peer only supports SSL version 2, which is locally disabled.") - - -ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), -"SSL received a record with an incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), -"SSL peer reports incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), -"SSL peer cannot verify your certificate.") - -ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), -"SSL peer rejected your certificate as revoked.") - -ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), -"SSL peer rejected your certificate as expired.") - -ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), -"Cannot connect: SSL is disabled.") - -ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), -"Cannot connect: SSL peer is in another FORTEZZA domain.") - - -ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), -"An unknown SSL cipher suite has been requested.") - -ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), -"No cipher suites are present and enabled in this program.") - -ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), -"SSL received a record with bad block padding.") - -ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), -"SSL received a record that exceeded the maximum permissible length.") - -ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), -"SSL attempted to send a record that exceeded the maximum permissible length.") - -/* - * Received a malformed (too long or short or invalid content) SSL handshake. - */ -ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), -"SSL received a malformed Hello Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), -"SSL received a malformed Client Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), -"SSL received a malformed Server Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), -"SSL received a malformed Certificate handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), -"SSL received a malformed Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), -"SSL received a malformed Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), -"SSL received a malformed Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), -"SSL received a malformed Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), -"SSL received a malformed Client Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), -"SSL received a malformed Finished handshake message.") - -/* - * Received a malformed (too long or short) SSL record. - */ -ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), -"SSL received a malformed Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), -"SSL received a malformed Alert record.") - -ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), -"SSL received a malformed Handshake record.") - -ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), -"SSL received a malformed Application Data record.") - -/* - * Received an SSL handshake that was inappropriate for the state we're in. - * E.g. Server received message from server, or wrong state in state machine. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), -"SSL received an unexpected Hello Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), -"SSL received an unexpected Client Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), -"SSL received an unexpected Server Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), -"SSL received an unexpected Certificate handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), -"SSL received an unexpected Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), -"SSL received an unexpected Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), -"SSL received an unexpected Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), -"SSL received an unexpected Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), -"SSL received an unexpected Cllient Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), -"SSL received an unexpected Finished handshake message.") - -/* - * Received an SSL record that was inappropriate for the state we're in. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), -"SSL received an unexpected Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), -"SSL received an unexpected Alert record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), -"SSL received an unexpected Handshake record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), -"SSL received an unexpected Application Data record.") - -/* - * Received record/message with unknown discriminant. - */ -ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), -"SSL received a record with an unknown content type.") - -ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), -"SSL received a handshake message with an unknown message type.") - -ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), -"SSL received an alert record with an unknown alert description.") - -/* - * Received an alert reporting what we did wrong. (more alerts above) - */ -ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), -"SSL peer has closed this connection.") - -ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), -"SSL peer was not expecting a handshake message it received.") - -ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), -"SSL peer was unable to succesfully decompress an SSL record it received.") - -ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), -"SSL peer was unable to negotiate an acceptable set of security parameters.") - -ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), -"SSL peer rejected a handshake message for unacceptable content.") - -ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), -"SSL peer does not support certificates of the type it received.") - -ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), -"SSL peer had some unspecified issue with the certificate it received.") - - -ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), -"SSL experienced a failure of its random number generator.") - -ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), -"Unable to digitally sign data required to verify your certificate.") - -ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), -"SSL was unable to extract the public key from the peer's certificate.") - -ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), -"Unspecified failure while processing SSL Server Key Exchange handshake.") - -ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), -"Unspecified failure while processing SSL Client Key Exchange handshake.") - -ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), -"Bulk data encryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), -"Bulk data decryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), -"Attempt to write encrypted data to underlying socket failed.") - -ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), -"MD5 digest function failed.") - -ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), -"SHA-1 digest function failed.") - -ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), -"MAC computation failed.") - -ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), -"Failure to create Symmetric Key context.") - -ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), -"Failure to unwrap the Symmetric key in Client Key Exchange message.") - -ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), -"SSL Server attempted to use domestic-grade public key with export cipher suite.") - -ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), -"PKCS11 code failed to translate an IV into a param.") - -ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), -"Failed to initialize the selected cipher suite.") - -ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), -"Client failed to generate session keys for SSL session.") - -ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), -"Server has no key for the attempted key exchange algorithm.") - -ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), -"PKCS#11 token was inserted or removed while operation was in progress.") - -ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), -"No PKCS#11 token could be found to do a required operation.") - -ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), -"Cannot communicate securely with peer: no common compression algorithm(s).") - -ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), -"Cannot initiate another SSL handshake until current handshake is complete.") - -ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), -"Received incorrect handshakes hash values from peer.") - -ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), -"The certificate provided cannot be used with the selected key exchange algorithm.") - -ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89), -"No certificate authority is trusted for SSL client authentication.") - -ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90), -"Client's SSL session ID not found in server's session cache.") - -ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91), -"Peer was unable to decrypt an SSL record it received.") - -ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92), -"Peer received an SSL record that was longer than is permitted.") - -ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93), -"Peer does not recognize and trust the CA that issued your certificate.") - -ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94), -"Peer received a valid certificate, but access was denied.") - -ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95), -"Peer could not decode an SSL handshake message.") - -ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96), -"Peer reports failure of signature verification or key exchange.") - -ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97), -"Peer reports negotiation not in compliance with export regulations.") - -ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98), -"Peer reports incompatible or unsupported protocol version.") - -ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99), -"Server requires ciphers more secure than those supported by client.") - -ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100), -"Peer reports it experienced an internal error.") - -ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101), -"Peer user canceled handshake.") - -ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102), -"Peer does not permit renegotiation of SSL security parameters.") - diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c deleted file mode 100644 index 30b7de93b..000000000 --- a/security/nss/cmd/SSLsample/client.c +++ /dev/null @@ -1,449 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/**************************************************************************** - * SSL client program that sets up a connection to SSL server, transmits * - * some data and then reads the reply * - ****************************************************************************/ - -#include -#include - -#if defined(XP_UNIX) -#include -#endif - -#include "prerror.h" - -#include "pk11func.h" -#include "secitem.h" - - -#include -#include -#include -#include - -#include "nspr.h" -#include "plgetopt.h" -#include "prio.h" -#include "prnetdb.h" -#include "nss.h" - -#include "sslsample.h" - -#define RD_BUF_SIZE (60 * 1024) - -extern int ssl2CipherSuites[]; -extern int ssl3CipherSuites[]; - -GlobalThreadMgr threadMGR; -char *certNickname = NULL; -char *hostName = NULL; -char *password = NULL; -unsigned short port = 0; - -static void -Usage(const char *progName) -{ - fprintf(stderr, - "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n" - " [-w dbpasswd] [-C cipher(s)] hostname\n", - progName); - exit(1); -} - -PRFileDesc * -setupSSLSocket(PRNetAddr *addr) -{ - PRFileDesc *tcpSocket; - PRFileDesc *sslSocket; - PRSocketOptionData socketOption; - PRStatus prStatus; - SECStatus secStatus; - -retry: - - tcpSocket = PR_NewTCPSocket(); - if (tcpSocket == NULL) { - errWarn("PR_NewTCPSocket"); - } - - /* Make the socket blocking. */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - - prStatus = PR_SetSocketOption(tcpSocket, &socketOption); - if (prStatus != PR_SUCCESS) { - errWarn("PR_SetSocketOption"); - goto loser; - } - -#if 0 - /* Verify that a connection can be made to the socket. */ - prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT); - if (prStatus != PR_SUCCESS) { - PRErrorCode err = PR_GetError(); - if (err == PR_CONNECT_REFUSED_ERROR) { - PR_Close(tcpSocket); - PR_Sleep(PR_MillisecondsToInterval(10)); - fprintf(stderr, "Connection to port refused, retrying.\n"); - goto retry; - } - errWarn("PR_Connect"); - goto loser; - } -#endif - - /* Import the socket into the SSL layer. */ - sslSocket = SSL_ImportFD(NULL, tcpSocket); - if (!sslSocket) { - errWarn("SSL_ImportFD"); - goto loser; - } - - /* Set configuration options. */ - secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_SECURITY"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT"); - goto loser; - } - - /* Set SSL callback routines. */ - secStatus = SSL_GetClientAuthDataHook(sslSocket, - (SSLGetClientAuthData)myGetClientAuthData, - (void *)certNickname); - if (secStatus != SECSuccess) { - errWarn("SSL_GetClientAuthDataHook"); - goto loser; - } - - secStatus = SSL_AuthCertificateHook(sslSocket, - (SSLAuthCertificate)myAuthCertificate, - (void *)CERT_GetDefaultCertDB()); - if (secStatus != SECSuccess) { - errWarn("SSL_AuthCertificateHook"); - goto loser; - } - - secStatus = SSL_BadCertHook(sslSocket, - (SSLBadCertHandler)myBadCertHandler, NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_BadCertHook"); - goto loser; - } - - secStatus = SSL_HandshakeCallback(sslSocket, - (SSLHandshakeCallback)myHandshakeCallback, - NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - return sslSocket; - -loser: - - PR_Close(tcpSocket); - return NULL; -} - - -const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" }; - -SECStatus -handle_connection(PRFileDesc *sslSocket, int connection) -{ - int countRead = 0; - PRInt32 numBytes; - char *readBuffer; - - readBuffer = PORT_Alloc(RD_BUF_SIZE); - if (!readBuffer) { - exitErr("PORT_Alloc"); - } - - /* compose the http request here. */ - - numBytes = PR_Write(sslSocket, requestString, strlen(requestString)); - if (numBytes <= 0) { - errWarn("PR_Write"); - PR_Free(readBuffer); - readBuffer = NULL; - return SECFailure; - } - - /* read until EOF */ - while (PR_TRUE) { - numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE); - if (numBytes == 0) { - break; /* EOF */ - } - if (numBytes < 0) { - errWarn("PR_Read"); - break; - } - countRead += numBytes; - fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n", - connection, numBytes, countRead ); - readBuffer[numBytes] = '\0'; - fprintf(stderr, "************\n%s\n************\n", readBuffer); - } - - printSecurityInfo(sslSocket); - - PR_Free(readBuffer); - readBuffer = NULL; - - /* Caller closes the socket. */ - - fprintf(stderr, - "***** Connection %d read %d bytes total.\n", - connection, countRead); - - return SECSuccess; /* success */ -} - -/* one copy of this function is launched in a separate thread for each -** connection to be made. -*/ -SECStatus -do_connects(void *a, int connection) -{ - PRNetAddr *addr = (PRNetAddr *)a; - PRFileDesc *sslSocket; - PRHostEnt hostEntry; - char buffer[PR_NETDB_BUF_SIZE]; - PRStatus prStatus; - PRIntn hostenum; - SECStatus secStatus; - - /* Set up SSL secure socket. */ - sslSocket = setupSSLSocket(addr); - if (sslSocket == NULL) { - errWarn("setupSSLSocket"); - return SECFailure; - } - - secStatus = SSL_SetPKCS11PinArg(sslSocket, password); - if (secStatus != SECSuccess) { - errWarn("SSL_SetPKCS11PinArg"); - return secStatus; - } - - secStatus = SSL_SetURL(sslSocket, hostName); - if (secStatus != SECSuccess) { - errWarn("SSL_SetURL"); - return secStatus; - } - - /* Prepare and setup network connection. */ - prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry); - if (prStatus != PR_SUCCESS) { - errWarn("PR_GetHostByName"); - return SECFailure; - } - - hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr); - if (hostenum == -1) { - errWarn("PR_EnumerateHostEnt"); - return SECFailure; - } - - prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Connect"); - return SECFailure; - } - - /* Established SSL connection, ready to send data. */ -#if 0 - secStatus = SSL_ForceHandshake(sslSocket); - if (secStatus != SECSuccess) { - errWarn("SSL_ForceHandshake"); - return secStatus; - } -#endif - - secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE); - if (secStatus != SECSuccess) { - errWarn("SSL_ResetHandshake"); - prStatus = PR_Close(sslSocket); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Close"); - } - return secStatus; - } - - secStatus = handle_connection(sslSocket, connection); - if (secStatus != SECSuccess) { - errWarn("handle_connection"); - return secStatus; - } - - PR_Close(sslSocket); - return SECSuccess; -} - -void -client_main(unsigned short port, - int connections, - const char * hostName) -{ - int i; - SECStatus secStatus; - PRStatus prStatus; - PRInt32 rv; - PRNetAddr addr; - PRHostEnt hostEntry; - char buffer[256]; - - /* Setup network connection. */ - prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry); - if (prStatus != PR_SUCCESS) { - exitErr("PR_GetHostByName"); - } - - rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr); - if (rv < 0) { - exitErr("PR_EnumerateHostEnt"); - } - - secStatus = launch_thread(&threadMGR, do_connects, &addr, 1); - if (secStatus != SECSuccess) { - exitErr("launch_thread"); - } - - if (connections > 1) { - /* wait for the first connection to terminate, then launch the rest. */ - reap_threads(&threadMGR); - /* Start up the connections */ - for (i = 2; i <= connections; ++i) { - secStatus = launch_thread(&threadMGR, do_connects, &addr, i); - if (secStatus != SECSuccess) { - errWarn("launch_thread"); - } - } - } - - reap_threads(&threadMGR); - destroy_thread_data(&threadMGR); -} - -int -main(int argc, char **argv) -{ - char * certDir = "."; - char * progName = NULL; - int connections = 1; - char * cipherString = NULL; - SECStatus secStatus; - PLOptState * optstate; - PLOptStatus status; - - /* Call the NSPR initialization routines */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - - progName = PL_strdup(argv[0]); - - hostName = NULL; - optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch(optstate->option) { - case 'C' : cipherString = PL_strdup(optstate->value); break; - case 'c' : connections = PORT_Atoi(optstate->value); break; - case 'd' : certDir = PL_strdup(optstate->value); break; - case 'n' : certNickname = PL_strdup(optstate->value); break; - case 'p' : port = PORT_Atoi(optstate->value); break; - case 'w' : password = PL_strdup(optstate->value); break; - case '\0': hostName = PL_strdup(optstate->value); break; - default : Usage(progName); - } - } - - if (port == 0 || hostName == NULL) - Usage(progName); - - if (certDir == NULL) { - certDir = PR_smprintf("%s/.netscape", getenv("HOME")); - } - - /* Set our password function callback. */ - PK11_SetPasswordFunc(myPasswd); - - /* Initialize the NSS libraries. */ - secStatus = NSS_Init(certDir); - if (secStatus != SECSuccess) { - exitErr("NSS_Init"); - } - - /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */ - NSS_SetDomesticPolicy(); - SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE); - - /* all the SSL2 and SSL3 cipher suites are enabled by default. */ - if (cipherString) { - int ndx; - - /* disable all the ciphers, then enable the ones we want. */ - disableAllSSLCiphers(); - - while (0 != (ndx = *cipherString++)) { - int *cptr; - int cipher; - - if (! isalpha(ndx)) - Usage(progName); - cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites; - for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) - /* do nothing */; - if (cipher) { - SSL_CipherPrefSetDefault(cipher, PR_TRUE); - } - } - } - - client_main(port, connections, hostName); - - NSS_Shutdown(); - PR_Cleanup(); - return 0; -} - diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn deleted file mode 100644 index 74930c5e5..000000000 --- a/security/nss/cmd/SSLsample/client.mn +++ /dev/null @@ -1,50 +0,0 @@ -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = security - -EXPORTS = - -CSRCS = client.c \ - sslsample.c \ - $(NULL) - -PROGRAM = client - -REQUIRES = dbm - -IMPORTS = security/lib/nss - -DEFINES = -DNSPR20 - diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts deleted file mode 100755 index 80be66a43..000000000 --- a/security/nss/cmd/SSLsample/gencerts +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# -# Script to generate sample db files neccessary for SSL. - -# Directory for db's, use in all subsequent -d flags. -rm -rf SampleCertDBs -mkdir SampleCertDBs - -# Password to use. -echo sample > passfile - -# Generate the db files, using the above password. -certutil -N -d SampleCertDBs -f passfile - -# Generate the CA cert. This cert is self-signed and only useful for -# test purposes. Set the trust bits to allow it to sign SSL client/server -# certs. -certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \ - -s "CN=My Sample Root CA, O=My Organization" \ - -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \ - -d SampleCertDBs -f passfile - -# Generate the server cert. This cert is signed by the CA cert generated -# above. The CN must be hostname.domain.[com|org|net|...]. -certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \ - -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \ - -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \ - -d SampleCertDBs -f passfile - -# Generate the client cert. This cert is signed by the CA cert generated -# above. -certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \ - -s "CN=My Client Cert, O=Client Organization" \ - -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \ - -d SampleCertDBs -f passfile - -# Verify the certificates. -certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs -certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs - -# Remove unneccessary files. -rm -f passfile -rm -f tempcert* - -# You are now ready to run your client/server! Example command lines: -# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R -# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client deleted file mode 100644 index 3dd7705e3..000000000 --- a/security/nss/cmd/SSLsample/make.client +++ /dev/null @@ -1,78 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include client.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -#include $(CORE_DEPTH)/$(MODULE)/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -#CC = cc - - diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server deleted file mode 100644 index 7969df798..000000000 --- a/security/nss/cmd/SSLsample/make.server +++ /dev/null @@ -1,77 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include server.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -#include $(CORE_DEPTH)/$(MODULE)/config/config.mk - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - diff --git a/security/nss/cmd/SSLsample/nmakefile95.nss b/security/nss/cmd/SSLsample/nmakefile95.nss deleted file mode 100755 index 5684478cd..000000000 --- a/security/nss/cmd/SSLsample/nmakefile95.nss +++ /dev/null @@ -1,60 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# NSS 2.6.2 Sample Win95 Makefile -# -# -# This nmake file will build server.c and client.c on Windows 95. -# - -DEFINES=-D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS - -INCPATH=/I. /I..\include\dbm /I..\include\nspr /I..\include\security - -LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib - -CFLAGS=-O2 -MD -W3 -nologo - -CC=cl - -LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console - -server: - $(CC) $(CFLAGS) $(INCPATH) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS) - -client: - $(CC) $(CFLAGS) $(INCPATH) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS) - -clean: - del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj - diff --git a/security/nss/cmd/SSLsample/nmakefilent.nss b/security/nss/cmd/SSLsample/nmakefilent.nss deleted file mode 100755 index 9d2d1ccc4..000000000 --- a/security/nss/cmd/SSLsample/nmakefilent.nss +++ /dev/null @@ -1,59 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# NSS 2.6.2 Sample NT Makefile -# -# -# This nmake file will build server.c and client.c on Windows NT 4 SP3. -# - -DEFINES=-D_X86_ -GT -DWINNT -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS -INCPATH=-I. -I..\include\dbm -I..\include\nspr -I..\include\security - -LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib - -CFLAGS=-O2 -MD -W3 -nologo - -CC=cl - -LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console - -server: - $(CC) $(CFLAGS) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS) - -client: - $(CC) $(CFLAGS) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS) - -clean: - del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj - diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c deleted file mode 100644 index 0e85f8cec..000000000 --- a/security/nss/cmd/SSLsample/server.c +++ /dev/null @@ -1,821 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/**************************************************************************** - * SSL server program listens on a port, accepts client connection, reads * - * request and responds to it * - ****************************************************************************/ - -/* Generic header files */ - -#include -#include - -/* NSPR header files */ - -#include "nspr.h" -#include "plgetopt.h" -#include "prerror.h" -#include "prnetdb.h" - -/* NSS header files */ - -#include "pk11func.h" -#include "secitem.h" -#include "ssl.h" -#include "certt.h" -#include "nss.h" -#include "secrng.h" -#include "secder.h" -#include "key.h" -#include "sslproto.h" - -/* Custom header files */ - -#include "sslsample.h" - -#ifndef PORT_Sprintf -#define PORT_Sprintf sprintf -#endif - -#define REQUEST_CERT_ONCE 1 -#define REQUIRE_CERT_ONCE 2 -#define REQUEST_CERT_ALL 3 -#define REQUIRE_CERT_ALL 4 - -/* Global variables */ -GlobalThreadMgr threadMGR; -char *password = NULL; -CERTCertificate *cert = NULL; -SECKEYPrivateKey *privKey = NULL; -int stopping; - -static void -Usage(const char *progName) -{ - fprintf(stderr, - -"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n" -" [-c ciphers] [-d dbdir] \n" -"-3 means disable SSL v3\n" -"-r means request certificate on first handshake.\n" -"-f means require certificate on first handshake.\n" -"-R means request certificate on all handshakes.\n" -"-F means require certificate on all handshakes.\n" -"-c ciphers Letter(s) chosen from the following list\n" -"A SSL2 RC4 128 WITH MD5\n" -"B SSL2 RC4 128 EXPORT40 WITH MD5\n" -"C SSL2 RC2 128 CBC WITH MD5\n" -"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n" -"E SSL2 DES 64 CBC WITH MD5\n" -"F SSL2 DES 192 EDE3 CBC WITH MD5\n" -"\n" -"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n" -"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n" -"c SSL3 RSA WITH RC4 128 MD5\n" -"d SSL3 RSA WITH 3DES EDE CBC SHA\n" -"e SSL3 RSA WITH DES CBC SHA\n" -"f SSL3 RSA EXPORT WITH RC4 40 MD5\n" -"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n" -"h SSL3 FORTEZZA DMS WITH NULL SHA\n" -"i SSL3 RSA WITH NULL MD5\n" -"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n" -"k SSL3 RSA FIPS WITH DES CBC SHA\n" -"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n" -"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n", - progName); - exit(1); -} - -/* Function: readDataFromSocket() - * - * Purpose: Parse an HTTP request by reading data from a GET or POST. - * - */ -SECStatus -readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName) -{ - char *post; - int numBytes = 0; - int newln = 0; /* # of consecutive newlns */ - - /* Read data while it comes in from the socket. */ - while (PR_TRUE) { - buffer->index = 0; - newln = 0; - - /* Read the buffer. */ - numBytes = PR_Read(sslSocket, &buffer->data[buffer->index], - buffer->remaining); - if (numBytes <= 0) { - errWarn("PR_Read"); - return SECFailure; - } - buffer->dataEnd = buffer->dataStart + numBytes; - - /* Parse the input, starting at the beginning of the buffer. - * Stop when we detect two consecutive \n's (or \r\n's) - * as this signifies the end of the GET or POST portion. - * The posted data follows. - */ - while (buffer->index < buffer->dataEnd && newln < 2) { - int octet = buffer->data[buffer->index++]; - if (octet == '\n') { - newln++; - } else if (octet != '\r') { - newln = 0; - } - } - - /* Came to the end of the buffer, or second newline. - * If we didn't get an empty line ("\r\n\r\n"), then keep on reading. - */ - if (newln < 2) - continue; - - /* we're at the end of the HTTP request. - * If the request is a POST, then there will be one more - * line of data. - * This parsing is a hack, but ok for SSL test purposes. - */ - post = PORT_Strstr(buffer->data, "POST "); - if (!post || *post != 'P') - break; - - /* It's a post, so look for the next and final CR/LF. */ - /* We should parse content length here, but ... */ - while (buffer->index < buffer->dataEnd && newln < 3) { - int octet = buffer->data[buffer->index++]; - if (octet == '\n') { - newln++; - } - } - - if (newln == 3) - break; - } - - /* Have either (a) a complete get, (b) a complete post, (c) EOF */ - - /* Execute a "GET " operation. */ - if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) { - int fnLength; - - /* File name is the part after "GET ". */ - fnLength = strcspn(buffer->data + 5, " \r\n"); - *fileName = (char *)PORT_Alloc(fnLength + 1); - PORT_Strncpy(*fileName, buffer->data + 5, fnLength); - (*fileName)[fnLength] = '\0'; - } - - return SECSuccess; -} - -/* Function: authenticateSocket() - * - * Purpose: Configure a socket for SSL. - * - * - */ -PRFileDesc * -setupSSLSocket(PRFileDesc *tcpSocket, int requestCert) -{ - PRFileDesc *sslSocket; - SSLKEAType certKEA; - int certErr = 0; - SECStatus secStatus; - - /* Set the appropriate flags. */ - - sslSocket = SSL_ImportFD(NULL, tcpSocket); - if (sslSocket == NULL) { - errWarn("SSL_ImportFD"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet SSL_SECURITY"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, - (requestCert >= REQUEST_CERT_ONCE)); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE"); - goto loser; - } - - secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, - (requestCert == REQUIRE_CERT_ONCE)); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE"); - goto loser; - } - - /* Set the appropriate callback routines. */ - - secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate, - CERT_GetDefaultCertDB()); - if (secStatus != SECSuccess) { - errWarn("SSL_AuthCertificateHook"); - goto loser; - } - - secStatus = SSL_BadCertHook(sslSocket, - (SSLBadCertHandler)myBadCertHandler, &certErr); - if (secStatus != SECSuccess) { - errWarn("SSL_BadCertHook"); - goto loser; - } - - secStatus = SSL_HandshakeCallback(sslSocket, - (SSLHandshakeCallback)myHandshakeCallback, - NULL); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - secStatus = SSL_SetPKCS11PinArg(sslSocket, password); - if (secStatus != SECSuccess) { - errWarn("SSL_HandshakeCallback"); - goto loser; - } - - certKEA = NSS_FindCertKEAType(cert); - - secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA); - if (secStatus != SECSuccess) { - errWarn("SSL_ConfigSecureServer"); - goto loser; - } - - return sslSocket; - -loser: - - PR_Close(tcpSocket); - return NULL; -} - -/* Function: authenticateSocket() - * - * Purpose: Perform client authentication on the socket. - * - */ -SECStatus -authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert) -{ - CERTCertificate *cert; - SECStatus secStatus; - - /* Returns NULL if client authentication is not enabled or if the - * client had no certificate. */ - cert = SSL_PeerCertificate(sslSocket); - if (cert) { - /* Client had a certificate, so authentication is through. */ - CERT_DestroyCertificate(cert); - return SECSuccess; - } - - /* Request client to authenticate itself. */ - secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE"); - return SECFailure; - } - - /* If desired, require client to authenticate itself. Note - * SSL_REQUEST_CERTIFICATE must also be on, as above. */ - secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert); - if (secStatus != SECSuccess) { - errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE"); - return SECFailure; - } - - /* Having changed socket configuration parameters, redo handshake. */ - secStatus = SSL_ReHandshake(sslSocket, PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_ReHandshake"); - return SECFailure; - } - - /* Force the handshake to complete before moving on. */ - secStatus = SSL_ForceHandshake(sslSocket); - if (secStatus != SECSuccess) { - errWarn("SSL_ForceHandshake"); - return SECFailure; - } - - return SECSuccess; -} - -/* Function: writeDataToSocket - * - * Purpose: Write the client's request back to the socket. If the client - * requested a file, dump it to the socket. - * - */ -SECStatus -writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName) -{ - int headerLength; - int numBytes; - char messageBuffer[120]; - PRFileDesc *local_file_fd = NULL; - char header[] = "

Sample SSL server



"; - char filehd[] = "

The file you requested:


"; - char reqhd[] = "

This is your request:


"; - char link[] = "Try getting a file
"; - char footer[] = "

End of request.


"; - - headerLength = PORT_Strlen(defaultHeader); - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, header, PORT_Strlen(header)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - if (fileName) { - PRFileInfo info; - PRStatus prStatus; - - /* Try to open the local file named. - * If successful, then write it to the client. - */ - prStatus = PR_GetFileInfo(fileName, &info); - if (prStatus != PR_SUCCESS || - info.type != PR_FILE_FILE || - info.size < 0) { - PORT_Free(fileName); - /* Maybe a GET not sent from client.c? */ - goto writerequest; - return SECSuccess; - } - - local_file_fd = PR_Open(fileName, PR_RDONLY, 0); - if (local_file_fd == NULL) { - PORT_Free(fileName); - goto writerequest; - } - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Transmit the local file prepended by the default header - * across the socket. - */ - numBytes = PR_TransmitFile(sslSocket, local_file_fd, - defaultHeader, headerLength, - PR_TRANSMITFILE_KEEP_OPEN, - PR_INTERVAL_NO_TIMEOUT); - - /* Error in transmission. */ - if (numBytes < 0) { - errWarn("PR_TransmitFile"); - /* - i = PORT_Strlen(errString); - PORT_Memcpy(buf, errString, i); - */ - /* Transmitted bytes successfully. */ - } else { - numBytes -= headerLength; - fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n", - numBytes, fileName); - } - - PORT_Free(fileName); - PR_Close(local_file_fd); - } - -writerequest: - - /* Write a header to the socket. */ - numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Write the buffer data to the socket. */ - if (buffer->index <= 0) { - /* Reached the EOF. Report incomplete transaction to socket. */ - PORT_Sprintf(messageBuffer, - "GET or POST incomplete after %d bytes.\r\n", - buffer->dataEnd); - numBytes = PR_Write(sslSocket, messageBuffer, - PORT_Strlen(messageBuffer)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - } else { - /* Display the buffer data. */ - fwrite(buffer->data, 1, buffer->index, stdout); - /* Write the buffer data to the socket. */ - numBytes = PR_Write(sslSocket, buffer->data, buffer->index); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - /* Display security information for the socket. */ - printSecurityInfo(sslSocket); - /* Write any discarded data out to the socket. */ - if (buffer->index < buffer->dataEnd) { - PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n", - buffer->dataEnd - buffer->index); - numBytes = PR_Write(sslSocket, buffer->data, - PORT_Strlen(buffer->data)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - } - } - - /* Write a footer to the socket. */ - numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Write a link to the socket. */ - numBytes = PR_Write(sslSocket, link, PORT_Strlen(link)); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Complete the HTTP transaction. */ - numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9); - if (numBytes < 0) { - errWarn("PR_Write"); - goto loser; - } - - /* Do a nice shutdown if asked. */ - if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) { - stopping = 1; - } - return SECSuccess; - -loser: - - /* Do a nice shutdown if asked. */ - if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) { - stopping = 1; - } - return SECFailure; -} - -/* Function: int handle_connection() - * - * Purpose: Thread to handle a connection to a socket. - * - */ -SECStatus -handle_connection(void *tcp_sock, int requestCert) -{ - PRFileDesc * tcpSocket = (PRFileDesc *)tcp_sock; - PRFileDesc * sslSocket = NULL; - SECStatus secStatus = SECFailure; - PRStatus prStatus; - PRSocketOptionData socketOption; - DataBuffer buffer; - char * fileName = NULL; - - /* Initialize the data buffer. */ - memset(buffer.data, 0, BUFFER_SIZE); - buffer.remaining = BUFFER_SIZE; - buffer.index = 0; - buffer.dataStart = 0; - buffer.dataEnd = 0; - - /* Make sure the socket is blocking. */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - PR_SetSocketOption(tcpSocket, &socketOption); - - sslSocket = setupSSLSocket(tcpSocket, requestCert); - if (sslSocket == NULL) { - errWarn("setupSSLSocket"); - goto cleanup; - } - - secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE); - if (secStatus != SECSuccess) { - errWarn("SSL_ResetHandshake"); - goto cleanup; - } - - /* Read data from the socket, parse it for HTTP content. - * If the user is requesting/requiring authentication, authenticate - * the socket. Then write the result back to the socket. */ - fprintf(stdout, "\nReading data from socket...\n\n"); - secStatus = readDataFromSocket(sslSocket, &buffer, &fileName); - if (secStatus != SECSuccess) { - goto cleanup; - } - if (requestCert >= REQUEST_CERT_ALL) { - fprintf(stdout, "\nAuthentication requested.\n\n"); - secStatus = authenticateSocket(sslSocket, - (requestCert == REQUIRE_CERT_ALL)); - if (secStatus != SECSuccess) { - goto cleanup; - } - } - - fprintf(stdout, "\nWriting data to socket...\n\n"); - secStatus = writeDataToSocket(sslSocket, &buffer, fileName); - -cleanup: - - /* Close down the socket. */ - prStatus = PR_Close(tcpSocket); - if (prStatus != PR_SUCCESS) { - errWarn("PR_Close"); - } - - return secStatus; -} - -/* Function: int accept_connection() - * - * Purpose: Thread to accept a connection to the socket. - * - */ -SECStatus -accept_connection(void *listener, int requestCert) -{ - PRFileDesc *listenSocket = (PRFileDesc*)listener; - PRNetAddr addr; - PRStatus prStatus; - - /* XXX need an SSL socket here? */ - while (!stopping) { - PRFileDesc *tcpSocket; - SECStatus result; - - fprintf(stderr, "\n\n\nAbout to call accept.\n"); - - /* Accept a connection to the socket. */ - tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT); - if (tcpSocket == NULL) { - errWarn("PR_Accept"); - break; - } - - /* Accepted the connection, now handle it. */ - result = launch_thread(&threadMGR, handle_connection, - tcpSocket, requestCert); - - if (result != SECSuccess) { - prStatus = PR_Close(tcpSocket); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Close"); - } - break; - } - } - - fprintf(stderr, "Closing listen socket.\n"); - - prStatus = PR_Close(listenSocket); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Close"); - } - return SECSuccess; -} - -/* Function: void server_main() - * - * Purpose: This is the server's main function. It configures a socket - * and listens to it. - * - */ -void -server_main( - unsigned short port, - int requestCert, - SECKEYPrivateKey * privKey, - CERTCertificate * cert, - PRBool disableSSL3) -{ - SECStatus secStatus; - PRStatus prStatus; - PRFileDesc * listenSocket; - PRNetAddr addr; - PRSocketOptionData socketOption; - - /* Create a new socket. */ - listenSocket = PR_NewTCPSocket(); - if (listenSocket == NULL) { - exitErr("PR_NewTCPSocket"); - } - - /* Set socket to be blocking - - * on some platforms the default is nonblocking. - */ - socketOption.option = PR_SockOpt_Nonblocking; - socketOption.value.non_blocking = PR_FALSE; - - prStatus = PR_SetSocketOption(listenSocket, &socketOption); - if (prStatus != PR_SUCCESS) { - exitErr("PR_SetSocketOption"); - } - - /* This cipher is not on by default. The Acceptance test - * would like it to be. Turn this cipher on. - */ - secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE); - if (secStatus != SECSuccess) { - exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5"); - } - - /* Configure the network connection. */ - addr.inet.family = PR_AF_INET; - addr.inet.ip = PR_INADDR_ANY; - addr.inet.port = PR_htons(port); - - /* Bind the address to the listener socket. */ - prStatus = PR_Bind(listenSocket, &addr); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Bind"); - } - - /* Listen for connection on the socket. The second argument is - * the maximum size of the queue for pending connections. - */ - prStatus = PR_Listen(listenSocket, 5); - if (prStatus != PR_SUCCESS) { - exitErr("PR_Listen"); - } - - /* Launch thread to handle connections to the socket. */ - secStatus = launch_thread(&threadMGR, accept_connection, - listenSocket, requestCert); - if (secStatus != SECSuccess) { - PR_Close(listenSocket); - } else { - reap_threads(&threadMGR); - destroy_thread_data(&threadMGR); - } -} - -/* Function: int main() - * - * Purpose: Parses command arguments and configures SSL server. - * - */ -int -main(int argc, char **argv) -{ - char * progName = NULL; - char * nickName = NULL; - char * cipherString = NULL; - char * dir = "."; - int requestCert = 0; - unsigned short port = 0; - SECStatus secStatus; - PRBool disableSSL3 = PR_FALSE; - PLOptState * optstate; - PLOptStatus status; - - /* Zero out the thread manager. */ - PORT_Memset(&threadMGR, 0, sizeof(threadMGR)); - - progName = PL_strdup(argv[0]); - - optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch(optstate->option) { - case '3': disableSSL3 = PR_TRUE; break; - case 'F': requestCert = REQUIRE_CERT_ALL; break; - case 'R': requestCert = REQUEST_CERT_ALL; break; - case 'c': cipherString = PL_strdup(optstate->value); break; - case 'd': dir = PL_strdup(optstate->value); break; - case 'f': requestCert = REQUIRE_CERT_ONCE; break; - case 'n': nickName = PL_strdup(optstate->value); break; - case 'p': port = PORT_Atoi(optstate->value); break; - case 'r': requestCert = REQUEST_CERT_ONCE; break; - case 'w': password = PL_strdup(optstate->value); break; - default: - case '?': Usage(progName); - } - } - - if (nickName == NULL || port == 0) - Usage(progName); - - /* Call the NSPR initialization routines. */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - - /* Set the cert database password callback. */ - PK11_SetPasswordFunc(myPasswd); - - /* Initialize NSS. */ - secStatus = NSS_Init(dir); - if (secStatus != SECSuccess) { - exitErr("NSS_Init"); - } - - /* Set the policy for this server (REQUIRED - no default). */ - secStatus = NSS_SetDomesticPolicy(); - if (secStatus != SECSuccess) { - exitErr("NSS_SetDomesticPolicy"); - } - - /* XXX keep this? */ - /* all the SSL2 and SSL3 cipher suites are enabled by default. */ - if (cipherString) { - int ndx; - - /* disable all the ciphers, then enable the ones we want. */ - disableAllSSLCiphers(); - - while (0 != (ndx = *cipherString++)) { - int *cptr; - int cipher; - - if (! isalpha(ndx)) - Usage(progName); - cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites; - for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; ) - /* do nothing */; - if (cipher) { - SECStatus status; - status = SSL_CipherPrefSetDefault(cipher, PR_TRUE); - if (status != SECSuccess) - errWarn("SSL_CipherPrefSetDefault()"); - } - } - } - - /* Get own certificate and private key. */ - cert = PK11_FindCertFromNickname(nickName, password); - if (cert == NULL) { - exitErr("PK11_FindCertFromNickname"); - } - - privKey = PK11_FindKeyByAnyCert(cert, password); - if (privKey == NULL) { - exitErr("PK11_FindKeyByAnyCert"); - } - - /* Configure the server's cache for a multi-process application - * using default timeout values (24 hrs) and directory location (/tmp). - */ - SSL_ConfigMPServerSIDCache(256, 0, 0, NULL); - - /* Launch server. */ - server_main(port, requestCert, privKey, cert, disableSSL3); - - /* Shutdown NSS and exit NSPR gracefully. */ - NSS_Shutdown(); - PR_Cleanup(); - return 0; -} diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn deleted file mode 100644 index 74226f08f..000000000 --- a/security/nss/cmd/SSLsample/server.mn +++ /dev/null @@ -1,48 +0,0 @@ -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = security - -EXPORTS = - -CSRCS = server.c \ - sslsample.c \ - $(NULL) - -PROGRAM = server - -REQUIRES = dbm - -DEFINES = -DNSPR20 - diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h deleted file mode 100644 index fd0275c37..000000000 --- a/security/nss/cmd/SSLsample/sslerror.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "nspr.h" - -struct tuple_str { - PRErrorCode errNum; - const char * errString; -}; - -typedef struct tuple_str tuple_str; - -#define ER2(a,b) {a, b}, -#define ER3(a,b,c) {a, c}, - -#include "secerr.h" -#include "sslerr.h" - -const tuple_str errStrings[] = { - -/* keep this list in asceding order of error numbers */ -#include "SSLerrs.h" -#include "SECerrs.h" -#include "NSPRerrs.h" - -}; - -const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str); - -/* Returns a UTF-8 encoded constant error string for "errNum". - * Returns NULL of errNum is unknown. - */ -const char * -SSL_Strerror(PRErrorCode errNum) { - PRInt32 low = 0; - PRInt32 high = numStrings - 1; - PRInt32 i; - PRErrorCode num; - static int initDone; - - /* make sure table is in ascending order. - * binary search depends on it. - */ - if (!initDone) { - PRErrorCode lastNum = 0x80000000; - for (i = low; i <= high; ++i) { - num = errStrings[i].errNum; - if (num <= lastNum) { - fprintf(stderr, -"sequence error in error strings at item %d\n" -"error %d (%s)\n" -"should come after \n" -"error %d (%s)\n", - i, lastNum, errStrings[i-1].errString, - num, errStrings[i].errString); - } - lastNum = num; - } - initDone = 1; - } - - /* Do binary search of table. */ - while (low + 1 < high) { - i = (low + high) / 2; - num = errStrings[i].errNum; - if (errNum == num) - return errStrings[i].errString; - if (errNum < num) - high = i; - else - low = i; - } - if (errNum == errStrings[low].errNum) - return errStrings[low].errString; - if (errNum == errStrings[high].errNum) - return errStrings[high].errString; - return NULL; -} diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c deleted file mode 100644 index 47b7d0d4f..000000000 --- a/security/nss/cmd/SSLsample/sslsample.c +++ /dev/null @@ -1,590 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "sslsample.h" -#include "sslerror.h" - -/* Declare SSL cipher suites. */ - -int ssl2CipherSuites[] = { - SSL_EN_RC4_128_WITH_MD5, /* A */ - SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */ - SSL_EN_RC2_128_CBC_WITH_MD5, /* C */ - SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */ - SSL_EN_DES_64_CBC_WITH_MD5, /* E */ - SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */ - 0 -}; - -int ssl3CipherSuites[] = { - SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */ - SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */ - SSL_RSA_WITH_RC4_128_MD5, /* c */ - SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */ - SSL_RSA_WITH_DES_CBC_SHA, /* e */ - SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */ - SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */ - SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */ - SSL_RSA_WITH_NULL_MD5, /* i */ - SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */ - SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */ - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */ - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */ - 0 -}; - -/************************************************************************** -** -** SSL callback routines. -** -**************************************************************************/ - -/* Function: char * myPasswd() - * - * Purpose: This function is our custom password handler that is called by - * SSL when retreiving private certs and keys from the database. Returns a - * pointer to a string that with a password for the database. Password pointer - * should point to dynamically allocated memory that will be freed later. - */ -char * -myPasswd(PK11SlotInfo *info, PRBool retry, void *arg) -{ - char * passwd = NULL; - - if ( (!retry) && arg ) { - passwd = PORT_Strdup((char *)arg); - } - - return passwd; -} - -/* Function: SECStatus myAuthCertificate() - * - * Purpose: This function is our custom certificate authentication handler. - * - * Note: This implementation is essentially the same as the default - * SSL_AuthCertificate(). - */ -SECStatus -myAuthCertificate(void *arg, PRFileDesc *socket, - PRBool checksig, PRBool isServer) -{ - - SECCertUsage certUsage; - CERTCertificate * cert; - void * pinArg; - char * hostName; - SECStatus secStatus; - - if (!arg || !socket) { - errWarn("myAuthCertificate"); - return SECFailure; - } - - /* Define how the cert is being used based upon the isServer flag. */ - - certUsage = isServer ? certUsageSSLClient : certUsageSSLServer; - - cert = SSL_PeerCertificate(socket); - - pinArg = SSL_RevealPinArg(socket); - - secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg, - cert, - checksig, - certUsage, - pinArg); - - /* If this is a server, we're finished. */ - if (isServer || secStatus != SECSuccess) { - CERT_DestroyCertificate(cert); - return secStatus; - } - - /* Certificate is OK. Since this is the client side of an SSL - * connection, we need to verify that the name field in the cert - * matches the desired hostname. This is our defense against - * man-in-the-middle attacks. - */ - - /* SSL_RevealURL returns a hostName, not an URL. */ - hostName = SSL_RevealURL(socket); - - if (hostName && hostName[0]) { - secStatus = CERT_VerifyCertName(cert, hostName); - } else { - PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0); - secStatus = SECFailure; - } - - if (hostName) - PR_Free(hostName); - - CERT_DestroyCertificate(cert); - return secStatus; -} - -/* Function: SECStatus myBadCertHandler() - * - * Purpose: This callback is called when the incoming certificate is not - * valid. We define a certain set of parameters that still cause the - * certificate to be "valid" for this session, and return SECSuccess to cause - * the server to continue processing the request when any of these conditions - * are met. Otherwise, SECFailure is return and the server rejects the - * request. - */ -SECStatus -myBadCertHandler(void *arg, PRFileDesc *socket) -{ - - SECStatus secStatus = SECFailure; - PRErrorCode err; - - /* log invalid cert here */ - - if (!arg) { - return secStatus; - } - - *(PRErrorCode *)arg = err = PORT_GetError(); - - /* If any of the cases in the switch are met, then we will proceed */ - /* with the processing of the request anyway. Otherwise, the default */ - /* case will be reached and we will reject the request. */ - - switch (err) { - case SEC_ERROR_INVALID_AVA: - case SEC_ERROR_INVALID_TIME: - case SEC_ERROR_BAD_SIGNATURE: - case SEC_ERROR_EXPIRED_CERTIFICATE: - case SEC_ERROR_UNKNOWN_ISSUER: - case SEC_ERROR_UNTRUSTED_CERT: - case SEC_ERROR_CERT_VALID: - case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: - case SEC_ERROR_CRL_EXPIRED: - case SEC_ERROR_CRL_BAD_SIGNATURE: - case SEC_ERROR_EXTENSION_VALUE_INVALID: - case SEC_ERROR_CA_CERT_INVALID: - case SEC_ERROR_CERT_USAGES_INVALID: - case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION: - secStatus = SECSuccess; - break; - default: - secStatus = SECFailure; - break; - } - - printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err)); - - return secStatus; -} - -/* Function: SECStatus ownGetClientAuthData() - * - * Purpose: This callback is used by SSL to pull client certificate - * information upon server request. - */ -SECStatus -myGetClientAuthData(void *arg, - PRFileDesc *socket, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey) -{ - - CERTCertificate * cert; - SECKEYPrivateKey * privKey; - char * chosenNickName = (char *)arg; - void * proto_win = NULL; - SECStatus secStatus = SECFailure; - - proto_win = SSL_RevealPinArg(socket); - - if (chosenNickName) { - cert = PK11_FindCertFromNickname(chosenNickName, proto_win); - if (cert) { - privKey = PK11_FindKeyByAnyCert(cert, proto_win); - if (privKey) { - secStatus = SECSuccess; - } else { - CERT_DestroyCertificate(cert); - } - } - } else { /* no nickname given, automatically find the right cert */ - CERTCertNicknames *names; - int i; - - names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(), - SEC_CERT_NICKNAMES_USER, proto_win); - - if (names != NULL) { - for(i = 0; i < names->numnicknames; i++ ) { - - cert = PK11_FindCertFromNickname(names->nicknames[i], - proto_win); - if (!cert) { - continue; - } - - /* Only check unexpired certs */ - if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE) - != secCertTimeValid ) { - CERT_DestroyCertificate(cert); - continue; - } - - secStatus = NSS_CmpCertChainWCANames(cert, caNames); - if (secStatus == SECSuccess) { - privKey = PK11_FindKeyByAnyCert(cert, proto_win); - if (privKey) { - break; - } - secStatus = SECFailure; - break; - } - CERT_FreeNicknames(names); - } /* for loop */ - } - } - - if (secStatus == SECSuccess) { - *pRetCert = cert; - *pRetKey = privKey; - } - - return secStatus; -} - -/* Function: SECStatus myHandshakeCallback() - * - * Purpose: Called by SSL to inform application that the handshake is - * complete. This function is mostly used on the server side of an SSL - * connection, although it is provided for a client as well. - * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake - * is used to initiate a handshake. - * - * A typical scenario would be: - * - * 1. Server accepts an SSL connection from the client without client auth. - * 2. Client sends a request. - * 3. Server determines that to service request it needs to authenticate the - * client and initiates another handshake requesting client auth. - * 4. While handshake is in progress, server can do other work or spin waiting - * for the handshake to complete. - * 5. Server is notified that handshake has been successfully completed by - * the custom handshake callback function and it can service the client's - * request. - * - * Note: This function is not implemented in this sample, as we are using - * blocking sockets. - */ -SECStatus -myHandshakeCallback(PRFileDesc *socket, void *arg) -{ - printf("Handshake has completed, ready to send data securely.\n"); - return SECSuccess; -} - - -/************************************************************************** -** -** Routines for disabling SSL ciphers. -** -**************************************************************************/ - -void -disableAllSSLCiphers(void) -{ - const PRUint16 *cipherSuites = SSL_ImplementedCiphers; - int i = SSL_NumImplementedCiphers; - SECStatus rv; - - /* disable all the SSL3 cipher suites */ - while (--i >= 0) { - PRUint16 suite = cipherSuites[i]; - rv = SSL_CipherPrefSetDefault(suite, PR_FALSE); - if (rv != SECSuccess) { - printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n", - suite, i); - errWarn("SSL_CipherPrefSetDefault"); - exit(2); - } - } -} - -/************************************************************************** -** -** Error and information routines. -** -**************************************************************************/ - -void -errWarn(char *function) -{ - PRErrorCode errorNumber = PR_GetError(); - const char * errorString = SSL_Strerror(errorNumber); - - printf("Error in function %s: %d\n - %s\n", - function, errorNumber, errorString); -} - -void -exitErr(char *function) -{ - errWarn(function); - /* Exit gracefully. */ - NSS_Shutdown(); - PR_Cleanup(); - exit(1); -} - -void -printSecurityInfo(PRFileDesc *fd) -{ - char * cp; /* bulk cipher name */ - char * ip; /* cert issuer DN */ - char * sp; /* cert subject DN */ - int op; /* High, Low, Off */ - int kp0; /* total key bits */ - int kp1; /* secret key bits */ - int result; - SSL3Statistics * ssl3stats = SSL_GetStatistics(); - - result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp); - if (result != SECSuccess) - return; - printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n" - "subject DN: %s\n" - "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip); - PR_Free(cp); - PR_Free(ip); - PR_Free(sp); - - printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n", - ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses, - ssl3stats->hch_sid_cache_not_ok); - -} - - -/************************************************************************** -** Begin thread management routines and data. -**************************************************************************/ - -void -thread_wrapper(void * arg) -{ - GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg; - perThread *slot = &threadMGR->threads[threadMGR->index]; - - /* wait for parent to finish launching us before proceeding. */ - PR_Lock(threadMGR->threadLock); - PR_Unlock(threadMGR->threadLock); - - slot->rv = (* slot->startFunc)(slot->a, slot->b); - - PR_Lock(threadMGR->threadLock); - slot->running = rs_zombie; - - /* notify the thread exit handler. */ - PR_NotifyCondVar(threadMGR->threadEndQ); - - PR_Unlock(threadMGR->threadLock); -} - -SECStatus -launch_thread(GlobalThreadMgr *threadMGR, - startFn *startFunc, - void *a, - int b) -{ - perThread *slot; - int i; - - if (!threadMGR->threadStartQ) { - threadMGR->threadLock = PR_NewLock(); - threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock); - threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock); - } - PR_Lock(threadMGR->threadLock); - while (threadMGR->numRunning >= MAX_THREADS) { - PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT); - } - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running == rs_idle) - break; - } - if (i >= threadMGR->numUsed) { - if (i >= MAX_THREADS) { - /* something's really wrong here. */ - PORT_Assert(i < MAX_THREADS); - PR_Unlock(threadMGR->threadLock); - return SECFailure; - } - ++(threadMGR->numUsed); - PORT_Assert(threadMGR->numUsed == i + 1); - slot = &threadMGR->threads[i]; - } - - slot->a = a; - slot->b = b; - slot->startFunc = startFunc; - - threadMGR->index = i; - - slot->prThread = PR_CreateThread(PR_USER_THREAD, - thread_wrapper, threadMGR, - PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, - PR_JOINABLE_THREAD, 0); - - if (slot->prThread == NULL) { - PR_Unlock(threadMGR->threadLock); - printf("Failed to launch thread!\n"); - return SECFailure; - } - - slot->inUse = 1; - slot->running = 1; - ++(threadMGR->numRunning); - PR_Unlock(threadMGR->threadLock); - printf("Launched thread in slot %d \n", threadMGR->index); - - return SECSuccess; -} - -SECStatus -reap_threads(GlobalThreadMgr *threadMGR) -{ - perThread * slot; - int i; - - if (!threadMGR->threadLock) - return 0; - PR_Lock(threadMGR->threadLock); - while (threadMGR->numRunning > 0) { - PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT); - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running == rs_zombie) { - /* Handle cleanup of thread here. */ - printf("Thread in slot %d returned %d\n", i, slot->rv); - - /* Now make sure the thread has ended OK. */ - PR_JoinThread(slot->prThread); - slot->running = rs_idle; - --threadMGR->numRunning; - - /* notify the thread launcher. */ - PR_NotifyCondVar(threadMGR->threadStartQ); - } - } - } - - /* Safety Sam sez: make sure count is right. */ - for (i = 0; i < threadMGR->numUsed; ++i) { - slot = &threadMGR->threads[i]; - if (slot->running != rs_idle) { - fprintf(stderr, "Thread in slot %d is in state %d!\n", - i, slot->running); - } - } - PR_Unlock(threadMGR->threadLock); - return 0; -} - -void -destroy_thread_data(GlobalThreadMgr *threadMGR) -{ - PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads)); - - if (threadMGR->threadEndQ) { - PR_DestroyCondVar(threadMGR->threadEndQ); - threadMGR->threadEndQ = NULL; - } - if (threadMGR->threadStartQ) { - PR_DestroyCondVar(threadMGR->threadStartQ); - threadMGR->threadStartQ = NULL; - } - if (threadMGR->threadLock) { - PR_DestroyLock(threadMGR->threadLock); - threadMGR->threadLock = NULL; - } -} - -/************************************************************************** -** End thread management routines. -**************************************************************************/ - -void -lockedVars_Init( lockedVars * lv) -{ - lv->count = 0; - lv->waiters = 0; - lv->lock = PR_NewLock(); - lv->condVar = PR_NewCondVar(lv->lock); -} - -void -lockedVars_Destroy( lockedVars * lv) -{ - PR_DestroyCondVar(lv->condVar); - lv->condVar = NULL; - - PR_DestroyLock(lv->lock); - lv->lock = NULL; -} - -void -lockedVars_WaitForDone(lockedVars * lv) -{ - PR_Lock(lv->lock); - while (lv->count > 0) { - PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT); - } - PR_Unlock(lv->lock); -} - -int /* returns count */ -lockedVars_AddToCount(lockedVars * lv, int addend) -{ - int rv; - - PR_Lock(lv->lock); - rv = lv->count += addend; - if (rv <= 0) { - PR_NotifyCondVar(lv->condVar); - } - PR_Unlock(lv->lock); - return rv; -} diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h deleted file mode 100644 index ca6b6a489..000000000 --- a/security/nss/cmd/SSLsample/sslsample.h +++ /dev/null @@ -1,178 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef SSLSAMPLE_H -#define SSLSAMPLE_H - -/* Generic header files */ - -#include -#include - -/* NSPR header files */ - -#include "nspr.h" -#include "prerror.h" -#include "prnetdb.h" - -/* NSS header files */ - -#include "pk11func.h" -#include "secitem.h" -#include "ssl.h" -#include "certt.h" -#include "nss.h" -#include "secrng.h" -#include "secder.h" -#include "key.h" -#include "sslproto.h" - -/* Custom header files */ - -/* -#include "sslerror.h" -*/ - -#define BUFFER_SIZE 10240 - -/* Declare SSL cipher suites. */ - -extern int cipherSuites[]; -extern int ssl2CipherSuites[]; -extern int ssl3CipherSuites[]; - -/* Data buffer read from a socket. */ -typedef struct DataBufferStr { - char data[BUFFER_SIZE]; - int index; - int remaining; - int dataStart; - int dataEnd; -} DataBuffer; - -/* SSL callback routines. */ - -char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg); - -SECStatus myAuthCertificate(void *arg, PRFileDesc *socket, - PRBool checksig, PRBool isServer); - -SECStatus myBadCertHandler(void *arg, PRFileDesc *socket); - -SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg); - -SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey); - -/* Disable all v2/v3 SSL ciphers. */ - -void disableAllSSLCiphers(void); - - -/* Error and information utilities. */ - -void errWarn(char *function); - -void exitErr(char *function); - -void printSecurityInfo(PRFileDesc *fd); - -/* Some simple thread management routines. */ - -#define MAX_THREADS 32 - -typedef SECStatus startFn(void *a, int b); - -typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState; - -typedef struct perThreadStr { - PRFileDesc *a; - int b; - int rv; - startFn *startFunc; - PRThread *prThread; - PRBool inUse; - runState running; -} perThread; - -typedef struct GlobalThreadMgrStr { - PRLock *threadLock; - PRCondVar *threadStartQ; - PRCondVar *threadEndQ; - perThread threads[MAX_THREADS]; - int index; - int numUsed; - int numRunning; -} GlobalThreadMgr; - -void thread_wrapper(void * arg); - -SECStatus launch_thread(GlobalThreadMgr *threadMGR, - startFn *startFunc, void *a, int b); - -SECStatus reap_threads(GlobalThreadMgr *threadMGR); - -void destroy_thread_data(GlobalThreadMgr *threadMGR); - -/* Management of locked variables. */ - -struct lockedVarsStr { - PRLock * lock; - int count; - int waiters; - PRCondVar * condVar; -}; - -typedef struct lockedVarsStr lockedVars; - -void lockedVars_Init(lockedVars *lv); - -void lockedVars_Destroy(lockedVars *lv); - -void lockedVars_WaitForDone(lockedVars *lv); - -int lockedVars_AddToCount(lockedVars *lv, int addend); - -/* Buffer stuff. */ - -static const char stopCmd[] = { "GET /stop " }; -static const char defaultHeader[] = { - "HTTP/1.0 200 OK\r\n" - "Server: SSL sample server\r\n" - "Content-type: text/plain\r\n" - "\r\n" -}; - -#endif diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile deleted file mode 100644 index 8650a607d..000000000 --- a/security/nss/cmd/addbuiltin/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c deleted file mode 100644 index c43b9ec2e..000000000 --- a/security/nss/cmd/addbuiltin/addbuiltin.c +++ /dev/null @@ -1,337 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* - * Tool for converting builtin CA certs. - * - * $Id$ - */ - -#include "nss.h" -#include "cert.h" -#include "secutil.h" -#include "pk11func.h" - -void dumpbytes(unsigned char *buf, int len) -{ - int i; - for (i=0; i < len; i++) { - if ((i !=0) && ((i & 0xf) == 0)) { - printf("\n"); - } - printf("\\%03o",buf[i]); - } - printf("\n"); -} - -char *getTrustString(unsigned int trust) -{ - if (trust & CERTDB_TRUSTED) { - if (trust & CERTDB_TRUSTED_CA) { - return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED"; - } else { - return "CKT_NETSCAPE_TRUSTED"; - } - } else { - if (trust & CERTDB_TRUSTED_CA) { - return "CKT_NETSCAPE_TRUSTED_DELEGATOR"; - } else { - return "CKT_NETSCAPE_VALID"; - } - } - return "CKT_NETSCAPE_VALID"; /* not reached */ -} - -static SECStatus -ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust) -{ - SECStatus rv = SECSuccess; - CERTCertificate *cert; - unsigned char sha1_hash[SHA1_LENGTH]; - unsigned char md5_hash[MD5_LENGTH]; - - cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname); - if (!cert) { - return SECFailure; - } - - printf("\n#\n# Certificate \"%s\"\n#\n",nickname); - printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"); - printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); - printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); - printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); - printf("CKA_LABEL UTF8 \"%s\"\n",nickname); - printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"); - printf("CKA_SUBJECT MULTILINE_OCTAL\n"); - dumpbytes(cert->derSubject.data,cert->derSubject.len); - printf("END\n"); - printf("CKA_ID UTF8 \"0\"\n"); - printf("CKA_ISSUER MULTILINE_OCTAL\n"); - dumpbytes(cert->derIssuer.data,cert->derIssuer.len); - printf("END\n"); - printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n"); - dumpbytes(cert->serialNumber.data,cert->serialNumber.len); - printf("END\n"); - printf("CKA_VALUE MULTILINE_OCTAL\n"); - dumpbytes(sdder->data,sdder->len); - printf("END\n"); - - PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len); - PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len); - printf("\n# Trust for Certificate \"%s\"\n",nickname); - printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n"); - printf("CKA_TOKEN CK_BBOOL CK_TRUE\n"); - printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n"); - printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"); - printf("CKA_LABEL UTF8 \"%s\"\n",nickname); - printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n"); - dumpbytes(sha1_hash,SHA1_LENGTH); - printf("END\n"); - printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n"); - dumpbytes(md5_hash,MD5_LENGTH); - printf("END\n"); - - printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n", - getTrustString(trust->sslFlags)); - printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n", - getTrustString(trust->emailFlags)); - printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n", - getTrustString(trust->objectSigningFlags)); -#ifdef notdef - printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/ - printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); - printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n"); -#endif - - - PORT_Free(sdder->data); - return(rv); - -} - -printheader() { - printf("# \n" - "# The contents of this file are subject to the Mozilla Public\n" - "# License Version 1.1 (the \"License\"); you may not use this file\n" - "# except in compliance with the License. You may obtain a copy of\n" - "# the License at http://www.mozilla.org/MPL/\n" - "# \n" - "# Software distributed under the License is distributed on an \"AS\n" - "# IS\" basis, WITHOUT WARRANTY OF ANY KIND, either express or\n" - "# implied. See the License for the specific language governing\n" - "# rights and limitations under the License.\n" - "# \n" - "# The Original Code is the Netscape security libraries.\n" - "# \n" - "# The Initial Developer of the Original Code is Netscape\n" - "# Communications Corporation. Portions created by Netscape are \n" - "# Copyright (C) 1994-2000 Netscape Communications Corporation. All\n" - "# Rights Reserved.\n" - "# \n" - "# Contributor(s):\n" - "# \n" - "# Alternatively, the contents of this file may be used under the\n" - "# terms of the GNU General Public License Version 2 or later (the\n" - "# \"GPL\"), in which case the provisions of the GPL are applicable \n" - "# instead of those above. If you wish to allow use of your \n" - "# version of this file only under the terms of the GPL and not to\n" - "# allow others to use your version of this file under the MPL,\n" - "# indicate your decision by deleting the provisions above and\n" - "# replace them with the notice and other provisions required by\n" - "# the GPL. If you do not delete the provisions above, a recipient\n" - "# may use your version of this file under either the MPL or the\n" - "# GPL.\n" - "#\n" - "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$ $Name$\"\n" - "\n" - "#\n" - "# certdata.txt\n" - "#\n" - "# This file contains the object definitions for the certs and other\n" - "# information \"built into\" NSS.\n" - "#\n" - "# Object definitions:\n" - "#\n" - "# Certificates\n" - "#\n" - "# -- Attribute -- -- type -- -- value --\n" - "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n" - "# CKA_TOKEN CK_BBOOL CK_TRUE\n" - "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "# CKA_LABEL UTF8 (varies)\n" - "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n" - "# CKA_SUBJECT DER+base64 (varies)\n" - "# CKA_ID byte array (varies)\n" - "# CKA_ISSUER DER+base64 (varies)\n" - "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" - "# CKA_VALUE DER+base64 (varies)\n" - "# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n" - "#\n" - "# Trust\n" - "#\n" - "# -- Attribute -- -- type -- -- value --\n" - "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n" - "# CKA_TOKEN CK_BBOOL CK_TRUE\n" - "# CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "# CKA_LABEL UTF8 (varies)\n" - "# CKA_ISSUER DER+base64 (varies)\n" - "# CKA_SERIAL_NUMBER DER+base64 (varies)\n" - "# CKA_CERT_HASH binary+base64 (varies)\n" - "# CKA_EXPIRES CK_DATE (not used here)\n" - "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n" - "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n" - "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n" - "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n" - "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n" - "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n" - "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n" - "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n" - "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n" - "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n" - "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n" - "# (other trust attributes can be defined)\n" - "#\n" - "\n" - "#\n" - "# The object to tell NSS that this is a root list and we don't\n" - "# have to go looking for others.\n" - "#\n" - "BEGINDATA\n" - "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n" - "CKA_TOKEN CK_BBOOL CK_TRUE\n" - "CKA_PRIVATE CK_BBOOL CK_FALSE\n" - "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n" - "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n"); -} - -static void Usage(char *progName) -{ - fprintf(stderr, "%s -n nickname -t trust\n", progName); - fprintf(stderr, - "read a der-encoded cert from stdin in, and output\n" - "it to stdout in a format suitable for the builtin root module.\n" - "example: %s -n MyCA -t \"C,C,C\" < myca.der >> certdata.txt\n" - "(pipe through atob if the cert is b64-encoded)\n"); - fprintf(stderr, "%15s nickname to assign to builtin cert.\n", - "-n nickname"); - fprintf(stderr, "%15s default trust flags (cCTpPuw).\n", - "-t trust"); - exit(-1); -} - -enum { - opt_Input = 0, - opt_Nickname, - opt_Trust -}; - -static secuCommandFlag addbuiltin_options[] = -{ - { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, - { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE } -}; - -main(int argc, char **argv) -{ - SECStatus rv; - char *nickname; - char *trusts; - char *progName; - PRFileDesc *infile; - CERTCertTrust trust = { 0 }; - SECItem derCert = { 0 }; - - secuCommand addbuiltin = { 0 }; - addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag); - addbuiltin.options = addbuiltin_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin); - - if (rv != SECSuccess) - Usage(progName); - - if (!addbuiltin.options[opt_Nickname].activated && - !addbuiltin.options[opt_Trust].activated) { - fprintf(stderr, "%s: you must specify both a nickname and trust.\n"); - Usage(progName); - } - - if (addbuiltin.options[opt_Input].activated) { - infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660); - if (!infile) { - fprintf(stderr, "%s: failed to open input file.\n"); - exit(1); - } - } else { - infile = PR_STDIN; - } - - nickname = strdup(addbuiltin.options[opt_Nickname].arg); - trusts = strdup(addbuiltin.options[opt_Trust].arg); - - NSS_NoDB_Init(NULL); - - rv = CERT_DecodeTrustString(&trust, trusts); - if (rv) { - fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName); - Usage(progName); - } - - SECU_FileToItem(&derCert, infile); - - /*printheader();*/ - - rv = ConvertCertificate(&derCert, nickname, &trust); - if (rv) { - fprintf(stderr, "%s: failed to convert certificate.\n", progName); - exit(1); - } - - NSS_Shutdown(); - - return(SECSuccess); -} diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn deleted file mode 100644 index c664c2d6c..000000000 --- a/security/nss/cmd/addbuiltin/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = \ - addbuiltin.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = addbuiltin - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile deleted file mode 100644 index ff6f06e7e..000000000 --- a/security/nss/cmd/atob/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c deleted file mode 100644 index 8d632b6bf..000000000 --- a/security/nss/cmd/atob/atob.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "plgetopt.h" -#include "secutil.h" -#include "nssb64.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -static PRInt32 -output_binary (void *arg, const unsigned char *obuf, PRInt32 size) -{ - FILE *outFile = arg; - int nb; - - nb = fwrite(obuf, 1, size, outFile); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return nb; -} - -static SECStatus -decode_file(FILE *outFile, FILE *inFile) -{ - NSSBase64Decoder *cx; - int nb; - SECStatus status = SECFailure; - char ibuf[4096]; - - cx = NSSBase64Decoder_Create(output_binary, outFile); - if (!cx) { - return -1; - } - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - /* eof */ - break; - } - } - - status = NSSBase64Decoder_Update(cx, ibuf, nb); - if (status != SECSuccess) goto loser; - } - - return NSSBase64Decoder_Destroy(cx, PR_FALSE); - - loser: - (void) NSSBase64Decoder_Destroy(cx, PR_TRUE); - return status; -} - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - SECStatus rv; - FILE *inFile, *outFile; - PLOptState *optstate; - PLOptStatus status; - - inFile = 0; - outFile = 0; - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "r"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "wb"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - } - } - if (!inFile) inFile = stdin; - if (!outFile) { -#if defined(WIN32) - int smrv = _setmode(_fileno(stdout), _O_BINARY); - if (smrv == -1) { - fprintf(stderr, - "%s: Cannot change stdout to binary mode. Use -o option instead.\n", - progName); - return smrv; - } -#endif - outFile = stdout; - } - rv = decode_file(outFile, inFile); - if (rv != SECSuccess) { - fprintf(stderr, "%s: lossage: error=%d errno=%d\n", - progName, PORT_GetError(), errno); - return -1; - } - return 0; -} diff --git a/security/nss/cmd/atob/makefile.win b/security/nss/cmd/atob/makefile.win deleted file mode 100644 index ecccc7bf3..000000000 --- a/security/nss/cmd/atob/makefile.win +++ /dev/null @@ -1,155 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = atob -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn deleted file mode 100644 index ed3717be6..000000000 --- a/security/nss/cmd/atob/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = atob.c - -PROGRAM = atob - diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile deleted file mode 100644 index c99a3c017..000000000 --- a/security/nss/cmd/bltest/Makefile +++ /dev/null @@ -1,82 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn -#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \ -# -always-use-cache-dir $(CC) - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -#EXTRA_SHARED_LIBS += \ -# -L/usr/lib \ -# -lposix4 \ -# $(NULL) - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c deleted file mode 100644 index 05c72df5b..000000000 --- a/security/nss/cmd/bltest/blapitest.c +++ /dev/null @@ -1,2282 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include - -#include "blapi.h" -#include "prmem.h" -#include "prprf.h" -#include "prtime.h" -#include "prsystem.h" -#include "plstr.h" -#include "nssb64.h" -#include "secutil.h" -#include "plgetopt.h" -#include "softoken.h" -#include "nss.h" - -char *progName; -char *testdir = NULL; - -#define BLTEST_DEFAULT_CHUNKSIZE 4096 - -#define WORDSIZE sizeof(unsigned long) - -#define CHECKERROR(rv, ln) \ - if (rv) { \ - PRErrorCode prerror = PR_GetError(); \ - PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \ - prerror, SECU_Strerror(prerror), ln); \ - exit(-1); \ - } - -/* Macros for performance timing. */ -#define TIMESTART() \ - time1 = PR_IntervalNow(); - -#define TIMEFINISH(time, reps) \ - time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \ - time1 = PR_IntervalToMilliseconds(time2); \ - time = ((double)(time1))/reps; - -static void Usage() -{ -#define PRINTUSAGE(subject, option, predicate) \ - fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */ - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); - PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]"); - PRINTUSAGE("", "", "[-w wordsize] [-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for output buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-v", "file which contains initialization vector"); - PRINTUSAGE("", "-b", "size of input buffer"); - PRINTUSAGE("", "-g", "key size (in bytes)"); - PRINTUSAGE("", "-p", "do performance test"); - PRINTUSAGE("(rsa)", "-e", "rsa public exponent"); - PRINTUSAGE("(rc5)", "-r", "number of rounds"); - PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for output buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-v", "file which contains initialization vector"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-H -m mode", "Hash a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o hash]"); - PRINTUSAGE("", "", "[-b bufsize]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for hash"); - PRINTUSAGE("", "-b", "size of input buffer"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-S -m mode", "Sign a buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]"); - PRINTUSAGE("", "", "[-b bufsize]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-o", "file for signature"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer"); - PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]"); - PRINTUSAGE("", "", "[-p repetitions]"); - PRINTUSAGE("", "-m", "cipher mode to use"); - PRINTUSAGE("", "-i", "file which contains input buffer"); - PRINTUSAGE("", "-s", "file which contains signature of input buffer"); - PRINTUSAGE("", "-k", "file which contains key"); - PRINTUSAGE("", "-p", "do performance test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-N -m mode -b bufsize", - "Create a nonce plaintext and key"); - PRINTUSAGE("", "", "[-g keysize] [-u cxreps]"); - PRINTUSAGE("", "-g", "key size (in bytes)"); - PRINTUSAGE("", "-u", "number of repetitions of context creation"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-F", "Run the FIPS self-test"); - fprintf(stderr, "\n"); - PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test"); - fprintf(stderr, "\n"); - exit(1); -} - -/* Helper functions for ascii<-->binary conversion/reading/writing */ - -/* XXX argh */ -struct item_with_arena { - SECItem *item; - PRArenaPool *arena; -}; - -static PRInt32 -get_binary(void *arg, const unsigned char *ibuf, PRInt32 size) -{ - struct item_with_arena *it = arg; - SECItem *binary = it->item; - SECItem *tmp; - int index; - if (binary->data == NULL) { - tmp = SECITEM_AllocItem(it->arena, NULL, size); - binary->data = tmp->data; - binary->len = tmp->len; - index = 0; - } else { - SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size); - index = binary->len; - } - PORT_Memcpy(&binary->data[index], ibuf, size); - return binary->len; -} - -static SECStatus -atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena) -{ - SECStatus status; - NSSBase64Decoder *cx; - struct item_with_arena it; - int len; - binary->data = NULL; - binary->len = 0; - it.item = binary; - it.arena = arena; - len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ? - ascii->len : ascii->len-2; - cx = NSSBase64Decoder_Create(get_binary, &it); - status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len); - status = NSSBase64Decoder_Destroy(cx, PR_FALSE); - return status; -} - -static PRInt32 -output_ascii(void *arg, const char *obuf, PRInt32 size) -{ - PRFileDesc *outfile = arg; - PRInt32 nb = PR_Write(outfile, obuf, size); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - return nb; -} - -static SECStatus -btoa_file(SECItem *binary, PRFileDesc *outfile) -{ - SECStatus status; - NSSBase64Encoder *cx; - SECItem ascii; - ascii.data = NULL; - ascii.len = 0; - if (binary->len == 0) - return SECSuccess; - cx = NSSBase64Encoder_Create(output_ascii, outfile); - status = NSSBase64Encoder_Update(cx, binary->data, binary->len); - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - status = PR_Write(outfile, "\r\n", 2); - return status; -} - -SECStatus -hex_from_2char(unsigned char *c2, unsigned char *byteval) -{ - int i; - unsigned char offset; - *byteval = 0; - for (i=0; i<2; i++) { - if (c2[i] >= '0' && c2[i] <= '9') { - offset = c2[i] - '0'; - *byteval |= offset << 4*(1-i); - } else if (c2[i] >= 'a' && c2[i] <= 'f') { - offset = c2[i] - 'a'; - *byteval |= (offset + 10) << 4*(1-i); - } else if (c2[i] >= 'A' && c2[i] <= 'F') { - offset = c2[i] - 'A'; - *byteval |= (offset + 10) << 4*(1-i); - } else { - return SECFailure; - } - } - return SECSuccess; -} - -SECStatus -char2_from_hex(unsigned char byteval, unsigned char *c2) -{ - int i; - unsigned char offset; - for (i=0; i<2; i++) { - offset = (byteval >> 4*(1-i)) & 0x0f; - if (offset < 10) { - c2[i] = '0' + offset; - } else { - c2[i] = 'A' + offset - 10; - } - } - return SECSuccess; -} - -void -serialize_key(SECItem *it, int ni, PRFileDesc *file) -{ - unsigned char len[4]; - int i; - SECStatus status; - NSSBase64Encoder *cx; - SECItem ascii; - ascii.data = NULL; - ascii.len = 0; - cx = NSSBase64Encoder_Create(output_ascii, file); - for (i=0; ilen >> 24) & 0xff; - len[1] = (it->len >> 16) & 0xff; - len[2] = (it->len >> 8) & 0xff; - len[3] = (it->len & 0xff); - status = NSSBase64Encoder_Update(cx, len, 4); - status = NSSBase64Encoder_Update(cx, it->data, it->len); - } - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - status = PR_Write(file, "\r\n", 2); -} - -void -key_from_filedata(PRArenaPool *arena, SECItem *it, int ni, SECItem *filedata) -{ - int fpos = 0; - int i; - unsigned char *buf = filedata->data; - for (i=0; ilen = (buf[fpos++] & 0xff) << 24; - it->len |= (buf[fpos++] & 0xff) << 16; - it->len |= (buf[fpos++] & 0xff) << 8; - it->len |= (buf[fpos++] & 0xff); - if (it->len > 0) { - it->data = PORT_ArenaAlloc(arena, it->len); - PORT_Memcpy(it->data, &buf[fpos], it->len); - } else { - it->data = NULL; - } - fpos += it->len; - } -} - -static RSAPrivateKey * -rsakey_from_filedata(SECItem *filedata) -{ - RSAPrivateKey *key; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey)); - key->arena = arena; - key_from_filedata(arena, &key->version, 9, filedata); - return key; -} - -static PQGParams * -pqg_from_filedata(SECItem *filedata) -{ - PQGParams *pqg; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams)); - pqg->arena = arena; - key_from_filedata(arena, &pqg->prime, 3, filedata); - return pqg; -} - -static DSAPrivateKey * -dsakey_from_filedata(SECItem *filedata) -{ - DSAPrivateKey *key; - PRArenaPool *arena; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); - key->params.arena = arena; - key_from_filedata(arena, &key->params.prime, 5, filedata); - return key; -} - -static void -dump_pqg(PQGParams *pqg) -{ - SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0); - SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0); - SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0); -} - -static void -dump_dsakey(DSAPrivateKey *key) -{ - dump_pqg(&key->params); - SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0); - SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0); -} - -static void -dump_rsakey(RSAPrivateKey *key) -{ - SECU_PrintInteger(stdout, &key->version, "VERSION:", 0); - SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0); - SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0); - SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0); - SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0); - SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0); - SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0); - SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0); - SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0); -} - -typedef enum { - bltestBase64Encoded, /* Base64 encoded ASCII */ - bltestBinary, /* straight binary */ - bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */ - bltestHexStream /* 1234abCD ... */ -} bltestIOMode; - -typedef struct -{ - SECItem buf; - SECItem pBuf; - bltestIOMode mode; - PRFileDesc* file; -} bltestIO; - -typedef SECStatus (* bltestSymmCipherFn)(void *cx, - unsigned char *output, - unsigned int *outputLen, - unsigned int maxOutputLen, - const unsigned char *input, - unsigned int inputLen); - -typedef SECStatus (* bltestPubKeyCipherFn)(void *key, - unsigned char *output, - const unsigned char *input); - -typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest, - const unsigned char *src, - uint32 src_length); - -typedef enum { - bltestINVALID = -1, - bltestDES_ECB, /* Symmetric Key Ciphers */ - bltestDES_CBC, /* . */ - bltestDES_EDE_ECB, /* . */ - bltestDES_EDE_CBC, /* . */ - bltestRC2_ECB, /* . */ - bltestRC2_CBC, /* . */ - bltestRC4, /* . */ - bltestRC5_ECB, /* . */ - bltestRC5_CBC, /* . */ - bltestAES_ECB, /* . */ - bltestAES_CBC, /* . */ - bltestRSA, /* Public Key Ciphers */ - bltestDSA, /* . (Public Key Sig.) */ - bltestMD2, /* Hash algorithms */ - bltestMD5, /* . */ - bltestSHA1, /* . */ - NUMMODES -} bltestCipherMode; - -static char *mode_strings[] = -{ - "des_ecb", - "des_cbc", - "des3_ecb", - "des3_cbc", - "rc2_ecb", - "rc2_cbc", - "rc4", - "rc5_ecb", - "rc5_cbc", - "aes_ecb", - "aes_cbc", - "rsa", - /*"pqg",*/ - "dsa", - "md2", - "md5", - "sha1", -}; - -typedef struct -{ - bltestIO key; - bltestIO iv; -} bltestSymmKeyParams; - -typedef struct -{ - bltestIO key; - bltestIO iv; - int rounds; - int wordsize; -} bltestRC5Params; - -typedef struct -{ - bltestIO key; - int keysizeInBits; - RSAPrivateKey *rsakey; -} bltestRSAParams; - -typedef struct -{ - bltestIO key; - bltestIO pqgdata; - unsigned int j; - bltestIO keyseed; - bltestIO sigseed; - bltestIO sig; /* if doing verify, have additional input */ - PQGParams *pqg; - DSAPrivateKey *dsakey; -} bltestDSAParams; - -typedef struct -{ - bltestIO key; /* unused */ - PRBool restart; -} bltestHashParams; - -typedef union -{ - bltestIO key; - bltestSymmKeyParams sk; - bltestRC5Params rc5; - bltestRSAParams rsa; - bltestDSAParams dsa; - bltestHashParams hash; -} bltestParams; - -typedef struct -{ - PRArenaPool *arena; - /* cipher context */ - void *cx; - /* I/O streams */ - bltestIO input; - bltestIO output; - /* Cipher-specific parameters */ - bltestParams params; - /* Cipher mode */ - bltestCipherMode mode; - /* Cipher function (encrypt/decrypt/sign/verify/hash) */ - union { - bltestSymmCipherFn symmkeyCipher; - bltestPubKeyCipherFn pubkeyCipher; - bltestHashCipherFn hashCipher; - } cipher; - /* performance testing */ - int repetitions; - int cxreps; - double cxtime; - double optime; -} bltestCipherInfo; - -PRBool -is_symmkeyCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestDES_ECB && mode <= bltestAES_CBC) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_pubkeyCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestRSA && mode <= bltestDSA) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_hashCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestMD2 && mode <= bltestSHA1) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -is_sigCipher(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode >= bltestDSA && mode <= bltestDSA) - return PR_TRUE; - return PR_FALSE; -} - -PRBool -cipher_requires_IV(bltestCipherMode mode) -{ - /* change as needed! */ - if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC || - mode == bltestRC2_CBC || mode == bltestRC5_CBC || - mode == bltestAES_CBC) - return PR_TRUE; - return PR_FALSE; -} - -SECStatus finishIO(bltestIO *output, PRFileDesc *file); - -SECStatus -setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file, - char *str, int numBytes) -{ - SECStatus rv; - SECItem fileData; - SECItem *in; - unsigned char *tok; - unsigned int i, j; - - if (file && (numBytes == 0 || file == PR_STDIN)) { - /* grabbing data from a file */ - rv = SECU_FileToItem(&fileData, file); - if (rv != SECSuccess) { - PR_Close(file); - return SECFailure; - } - in = &fileData; - } else if (str) { - /* grabbing data from command line */ - fileData.data = str; - fileData.len = PL_strlen(str); - in = &fileData; - } else if (file) { - /* create nonce */ - SECITEM_AllocItem(arena, &input->buf, numBytes); - RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes); - return finishIO(input, file); - } else { - return SECFailure; - } - - switch (input->mode) { - case bltestBase64Encoded: - rv = atob(in, &input->buf, arena); - break; - case bltestBinary: - if (in->data[in->len-1] == '\n') --in->len; - if (in->data[in->len-1] == '\r') --in->len; - SECITEM_CopyItem(arena, &input->buf, in); - break; - case bltestHexSpaceDelim: - SECITEM_AllocItem(arena, &input->buf, in->len/5); - for (i=0, j=0; ilen; i+=5, j++) { - tok = &in->data[i]; - if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ') - /* bad hex token */ - break; - - rv = hex_from_2char(&tok[2], input->buf.data + j); - if (rv) - break; - } - break; - case bltestHexStream: - SECITEM_AllocItem(arena, &input->buf, in->len/2); - for (i=0, j=0; ilen; i+=2, j++) { - tok = &in->data[i]; - rv = hex_from_2char(tok, input->buf.data + j); - if (rv) - break; - } - break; - } - - if (file) - SECITEM_FreeItem(&fileData, PR_FALSE); - return rv; -} - -SECStatus -finishIO(bltestIO *output, PRFileDesc *file) -{ - SECStatus rv; - PRInt32 nb; - unsigned char byteval; - SECItem *it; - char hexstr[5]; - unsigned int i; - if (output->pBuf.len > 0) { - it = &output->pBuf; - } else { - it = &output->buf; - } - switch (output->mode) { - case bltestBase64Encoded: - rv = btoa_file(it, file); - break; - case bltestBinary: - nb = PR_Write(file, it->data, it->len); - rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure; - break; - case bltestHexSpaceDelim: - hexstr[0] = '0'; - hexstr[1] = 'x'; - hexstr[4] = ' '; - for (i=0; ilen; i++) { - byteval = it->data[i]; - rv = char2_from_hex(byteval, hexstr + 2); - nb = PR_Write(file, hexstr, 5); - if (rv) - break; - } - PR_Write(file, "\n", 1); - break; - case bltestHexStream: - for (i=0; ilen; i++) { - byteval = it->data[i]; - rv = char2_from_hex(byteval, hexstr); - if (rv) - break; - nb = PR_Write(file, hexstr, 2); - } - PR_Write(file, "\n", 1); - break; - } - return rv; -} - -void -bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src) -{ - SECITEM_CopyItem(arena, &dest->buf, &src->buf); - if (src->pBuf.len > 0) { - dest->pBuf.len = src->pBuf.len; - dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data); - } - dest->mode = src->mode; - dest->file = src->file; -} - -void -misalignBuffer(PRArenaPool *arena, bltestIO *io, int off) -{ - ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE; - int length = io->buf.len; - if (offset != off) { - SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE); - /* offset may have changed? */ - offset = (ptrdiff_t)io->buf.data % WORDSIZE; - if (offset != off) { - memmove(io->buf.data + off, io->buf.data, length); - io->pBuf.data = io->buf.data + off; - io->pBuf.len = length; - } else { - io->pBuf.data = io->buf.data; - io->pBuf.len = length; - } - } else { - io->pBuf.data = io->buf.data; - io->pBuf.len = length; - } -} - -SECStatus -des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen, - unsigned int maxOutputLen, const unsigned char *input, - unsigned int inputLen) -{ - return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen, - input, inputLen); -} - -SECStatus -rsa_PublicKeyOp(void *key, unsigned char *output, const unsigned char *input) -{ - return RSA_PublicKeyOp((RSAPublicKey *)key, output, input); -} - -SECStatus -rsa_PrivateKeyOp(void *key, unsigned char *output, const unsigned char *input) -{ - return RSA_PrivateKeyOp((RSAPrivateKey *)key, output, input); -} - -SECStatus -bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *desp = &cipherInfo->params.sk; - int minorMode; - int i; - switch (cipherInfo->mode) { - case bltestDES_ECB: minorMode = NSS_DES; break; - case bltestDES_CBC: minorMode = NSS_DES_CBC; break; - case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break; - case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data, - desp->iv.buf.data, - minorMode, encrypt); - if (cipherInfo->cxreps > 0) { - DESContext **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data, - desp->iv.buf.data, - minorMode, encrypt); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - DES_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = des_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = des_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *rc2p = &cipherInfo->params.sk; - int minorMode; - int i; - switch (cipherInfo->mode) { - case bltestRC2_ECB: minorMode = NSS_RC2; break; - case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data, - rc2p->key.buf.len, - rc2p->iv.buf.data, - minorMode, - rc2p->key.buf.len); - if (cipherInfo->cxreps > 0) { - RC2Context **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data, - rc2p->key.buf.len, - rc2p->iv.buf.data, - minorMode, - rc2p->key.buf.len); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - RC2_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = rc2_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = rc2_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - int i; - bltestSymmKeyParams *rc4p = &cipherInfo->params.sk; - cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data, - rc4p->key.buf.len); - if (cipherInfo->cxreps > 0) { - RC4Context **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data, - rc4p->key.buf.len); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - RC4_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = rc4_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = rc4_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ -#if NSS_SOFTOKEN_DOES_RC5 - PRIntervalTime time1, time2; - bltestRC5Params *rc5p = &cipherInfo->params.rc5; - int minorMode; - switch (cipherInfo->mode) { - case bltestRC5_ECB: minorMode = NSS_RC5; break; - case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break; - default: - return SECFailure; - } - TIMESTART(); - cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf, - rc5p->rounds, rc5p->wordsize, - rc5p->iv.buf.data, minorMode); - TIMEFINISH(cipherInfo->cxtime, 1.0); - if (encrypt) - cipherInfo->cipher.symmkeyCipher = RC5_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = RC5_Decrypt; - return SECSuccess; -#else - return SECFailure; -#endif -} - -SECStatus -bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRIntervalTime time1, time2; - bltestSymmKeyParams *aesp = &cipherInfo->params.sk; - int minorMode; - int i; - /* XXX */ int keylen, blocklen; - keylen = aesp->key.buf.len; - blocklen = cipherInfo->input.buf.len; - switch (cipherInfo->mode) { - case bltestAES_ECB: minorMode = NSS_AES; break; - case bltestAES_CBC: minorMode = NSS_AES_CBC; break; - default: - return SECFailure; - } - cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data, - aesp->iv.buf.data, - minorMode, encrypt, - keylen, blocklen); - if (cipherInfo->cxreps > 0) { - AESContext **dummycx; - dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *)); - TIMESTART(); - for (i=0; icxreps; i++) { - dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data, - aesp->iv.buf.data, - minorMode, encrypt, - keylen, blocklen); - } - TIMEFINISH(cipherInfo->cxtime, 1.0); - for (i=0; icxreps; i++) { - AES_DestroyContext(dummycx[i], PR_TRUE); - } - PORT_Free(dummycx); - } - if (encrypt) - cipherInfo->cipher.symmkeyCipher = aes_Encrypt; - else - cipherInfo->cipher.symmkeyCipher = aes_Decrypt; - return SECSuccess; -} - -SECStatus -bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - int i; - RSAPrivateKey **dummyKey; - PRIntervalTime time1, time2; - bltestRSAParams *rsap = &cipherInfo->params.rsa; - /* RSA key gen was done during parameter setup */ - cipherInfo->cx = cipherInfo->params.rsa.rsakey; - /* For performance testing */ - if (cipherInfo->cxreps > 0) { - /* Create space for n private key objects */ - dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps * - sizeof(RSAPrivateKey *)); - /* Time n keygens, storing in the array */ - TIMESTART(); - for (i=0; icxreps; i++) - dummyKey[i] = RSA_NewKey(rsap->keysizeInBits, - &rsap->rsakey->publicExponent); - TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); - /* Free the n key objects */ - for (i=0; icxreps; i++) - PORT_FreeArena(dummyKey[i]->arena, PR_TRUE); - PORT_Free(dummyKey); - } - if (encrypt) { - /* Have to convert private key to public key. Memory - * is freed with private key's arena */ - RSAPublicKey *pubkey; - RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx; - pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena, - sizeof(RSAPublicKey)); - pubkey->modulus.len = key->modulus.len; - pubkey->modulus.data = key->modulus.data; - pubkey->publicExponent.len = key->publicExponent.len; - pubkey->publicExponent.data = key->publicExponent.data; - cipherInfo->cx = (void *)pubkey; - cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp; - } else { - cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp; - } - return SECSuccess; -} - -SECStatus -bltest_pqg_init(bltestDSAParams *dsap) -{ - SECStatus rv, res; - PQGVerify *vfy = NULL; - rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy); - CHECKERROR(rv, __LINE__); - rv = PQG_VerifyParams(dsap->pqg, vfy, &res); - CHECKERROR(res, __LINE__); - CHECKERROR(rv, __LINE__); - return rv; -} - -SECStatus -bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - int i; - DSAPrivateKey **dummyKey; - PQGParams *dummypqg; - PRIntervalTime time1, time2; - bltestDSAParams *dsap = &cipherInfo->params.dsa; - PQGVerify *ignore = NULL; - /* DSA key gen was done during parameter setup */ - cipherInfo->cx = cipherInfo->params.dsa.dsakey; - /* For performance testing */ - if (cipherInfo->cxreps > 0) { - /* Create space for n private key objects */ - dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps * - sizeof(DSAPrivateKey *)); - /* Time n keygens, storing in the array */ - TIMESTART(); - for (i=0; icxreps; i++) { - dummypqg = NULL; - PQG_ParamGen(dsap->j, &dummypqg, &ignore); - DSA_NewKey(dummypqg, &dummyKey[i]); - } - TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps); - /* Free the n key objects */ - for (i=0; icxreps; i++) - PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE); - PORT_Free(dummyKey); - } - if (!dsap->pqg && dsap->pqgdata.buf.len > 0) { - dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf); - } - if (!cipherInfo->cx && dsap->key.buf.len > 0) { - cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf); - } - if (encrypt) { - cipherInfo->cipher.pubkeyCipher = DSA_SignDigest; - } else { - /* Have to convert private key to public key. Memory - * is freed with private key's arena */ - DSAPublicKey *pubkey; - DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx; - pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena, - sizeof(DSAPublicKey)); - pubkey->params.prime.len = key->params.prime.len; - pubkey->params.prime.data = key->params.prime.data; - pubkey->params.subPrime.len = key->params.subPrime.len; - pubkey->params.subPrime.data = key->params.subPrime.data; - pubkey->params.base.len = key->params.base.len; - pubkey->params.base.data = key->params.base.data; - pubkey->publicValue.len = key->publicValue.len; - pubkey->publicValue.data = key->publicValue.data; - cipherInfo->cipher.pubkeyCipher = DSA_VerifyDigest; - } - return SECSuccess; -} - -/* XXX unfortunately, this is not defined in blapi.h */ -SECStatus -md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - unsigned int len; - MD2Context *cx = MD2_NewContext(); - if (cx == NULL) return SECFailure; - MD2_Begin(cx); - MD2_Update(cx, src, src_length); - MD2_End(cx, dest, &len, MD2_LENGTH); - MD2_DestroyContext(cx, PR_TRUE); - return SECSuccess; -} - -SECStatus -md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - MD2Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - SECStatus rv; - cx = MD2_NewContext(); - /* divide message by 4, restarting 3 times */ - quarter = src_length / 4; - for (i=0; i<4; i++) { - MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = MD2_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - MD2_Flatten(cx, cxbytes); - cx_cpy = MD2_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName); - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - MD2_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName); - goto finish; - } - MD2_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - MD2_End(cx, dest, &len, MD2_LENGTH); -finish: - MD2_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv; - MD5Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = MD5_NewContext(); - /* divide message by 4, restarting 3 times */ - quarter = src_length / 4; - for (i=0; i<4; i++) { - MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = MD5_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - MD5_Flatten(cx, cxbytes); - cx_cpy = MD5_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName); - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - MD5_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName); - goto finish; - } - MD5_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - MD5_End(cx, dest, &len, MD5_LENGTH); -finish: - MD5_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length) -{ - SECStatus rv; - SHA1Context *cx, *cx_cpy; - unsigned char *cxbytes; - unsigned int len; - unsigned int i, quarter; - cx = SHA1_NewContext(); - /* divide message by 4, restarting 3 times */ - quarter = src_length / 4; - for (i=0; i<4; i++) { - SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length)); - len = SHA1_FlattenSize(cx); - cxbytes = PORT_Alloc(len); - SHA1_Flatten(cx, cxbytes); - cx_cpy = SHA1_Resurrect(cxbytes, NULL); - if (!cx_cpy) { - PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName); - goto finish; - } - rv = PORT_Memcmp(cx, cx_cpy, len); - if (rv) { - SHA1_DestroyContext(cx_cpy, PR_TRUE); - PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName); - goto finish; - } - SHA1_DestroyContext(cx_cpy, PR_TRUE); - PORT_Free(cxbytes); - src_length -= quarter; - } - SHA1_End(cx, dest, &len, MD5_LENGTH); -finish: - SHA1_DestroyContext(cx, PR_TRUE); - return rv; -} - -SECStatus -pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file, - int keysize, int exponent) -{ - int i; - SECStatus rv; - bltestRSAParams *rsap; - bltestDSAParams *dsap; - switch (cipherInfo->mode) { - case bltestRSA: - rsap = &cipherInfo->params.rsa; - if (keysize > 0) { - SECItem expitem = { 0, 0, 0 }; - SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int)); - for (i = 1; i <= sizeof(int); i++) - expitem.data[i-1] = exponent >> (8*(sizeof(int) - i)); - rsap->rsakey = RSA_NewKey(keysize * 8, &expitem); - serialize_key(&rsap->rsakey->version, 9, file); - rsap->keysizeInBits = keysize * 8; - } else { - setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0); - rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf); - rsap->keysizeInBits = rsap->rsakey->modulus.len * 8; - } - break; - case bltestDSA: - dsap = &cipherInfo->params.dsa; - if (keysize > 0) { - dsap->j = PQG_PBITS_TO_INDEX(8*keysize); - if (!dsap->pqg) - bltest_pqg_init(dsap); - rv = DSA_NewKey(dsap->pqg, &dsap->dsakey); - CHECKERROR(rv, __LINE__); - serialize_key(&dsap->dsakey->params.prime, 5, file); - } else { - setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0); - dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf); - dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len); - } - break; - default: - return SECFailure; - } - return SECSuccess; -} - -SECStatus -cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt) -{ - PRBool restart; - switch (cipherInfo->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_des_init(cipherInfo, encrypt); - break; - case bltestRC2_ECB: - case bltestRC2_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rc2_init(cipherInfo, encrypt); - break; - case bltestRC4: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rc4_init(cipherInfo, encrypt); - break; - case bltestRC5_ECB: - case bltestRC5_CBC: -#if NSS_SOFTOKEN_DOES_RC5 - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); -#endif - return bltest_rc5_init(cipherInfo, encrypt); - break; - case bltestAES_ECB: - case bltestAES_CBC: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_aes_init(cipherInfo, encrypt); - break; - case bltestRSA: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - cipherInfo->input.pBuf.len); - return bltest_rsa_init(cipherInfo, encrypt); - break; - case bltestDSA: - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - DSA_SIGNATURE_LEN); - return bltest_dsa_init(cipherInfo, encrypt); - break; - case bltestMD2: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - MD2_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf; - return SECSuccess; - break; - case bltestMD5: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - MD5_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf; - return SECSuccess; - break; - case bltestSHA1: - restart = cipherInfo->params.hash.restart; - SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf, - SHA1_LENGTH); - cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf; - return SECSuccess; - break; - default: - return SECFailure; - } - return SECSuccess; -} - -SECStatus -dsaOp(bltestCipherInfo *cipherInfo) -{ - PRIntervalTime time1, time2; - SECStatus rv; - int i; - int maxLen = cipherInfo->output.pBuf.len; - SECItem dummyOut = { 0, 0, 0 }; - SECITEM_AllocItem(NULL, &dummyOut, maxLen); - if (cipherInfo->cipher.pubkeyCipher == - (bltestPubKeyCipherFn)DSA_SignDigest) { - if (cipherInfo->params.dsa.sigseed.buf.len > 0) { - rv = DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx, - &cipherInfo->output.pBuf, - &cipherInfo->input.pBuf, - cipherInfo->params.dsa.sigseed.buf.data); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - rv |= DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx, - &dummyOut, - &cipherInfo->input.pBuf, - cipherInfo->params.dsa.sigseed.buf.data); - } - TIMEFINISH(cipherInfo->optime, 1.0); - CHECKERROR(rv, __LINE__); - } else { - rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, - &cipherInfo->output.pBuf, - &cipherInfo->input.pBuf); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, &dummyOut, - &cipherInfo->input.pBuf); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig, - &cipherInfo->output); - } else { - rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx, - &cipherInfo->params.dsa.sig.buf, - &cipherInfo->input.pBuf); - CHECKERROR(rv, __LINE__); - TIMESTART(); - for (i=0; irepetitions; i++) { - DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx, - &cipherInfo->params.dsa.sig.buf, - &cipherInfo->input.pBuf); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - SECITEM_FreeItem(&dummyOut, PR_FALSE); - return rv; -} - -SECStatus -cipherDoOp(bltestCipherInfo *cipherInfo) -{ - PRIntervalTime time1, time2; - SECStatus rv; - int i, len; - int maxLen = cipherInfo->output.pBuf.len; - unsigned char *dummyOut; - if (cipherInfo->mode == bltestDSA) - return dsaOp(cipherInfo); - dummyOut = PORT_Alloc(maxLen); - if (is_symmkeyCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, - cipherInfo->output.pBuf.data, - &len, maxLen, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - TIMESTART(); - for (i=0; irepetitions; i++) { - (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut, - &len, maxLen, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - - } - TIMEFINISH(cipherInfo->optime, 1.0); - } else if (is_pubkeyCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, - cipherInfo->output.pBuf.data, - cipherInfo->input.pBuf.data); - TIMESTART(); - for (i=0; irepetitions; i++) { - (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, dummyOut, - cipherInfo->input.pBuf.data); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } else if (is_hashCipher(cipherInfo->mode)) { - rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - TIMESTART(); - for (i=0; irepetitions; i++) { - (*cipherInfo->cipher.hashCipher)(dummyOut, - cipherInfo->input.pBuf.data, - cipherInfo->input.pBuf.len); - } - TIMEFINISH(cipherInfo->optime, 1.0); - } - PORT_Free(dummyOut); - return rv; -} - -SECStatus -cipherFinish(bltestCipherInfo *cipherInfo) -{ - switch (cipherInfo->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE); - break; - case bltestRC2_ECB: - case bltestRC2_CBC: - RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE); - break; - case bltestRC4: - RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE); - break; -#endif - case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */ - case bltestDSA: /* will be freed with it. */ - case bltestMD2: /* hash contexts are ephemeral */ - case bltestMD5: - case bltestSHA1: - return SECSuccess; - break; - default: - return SECFailure; - } - return SECSuccess; -} - -void -print_exponent(SECItem *exp) -{ - int i; - int e = 0; - if (exp->len <= 4) { - for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1); - fprintf(stdout, "%12d", e); - } else { - e = 8*exp->len; - fprintf(stdout, "~2**%-8d", e); - } -} - -void -dump_performance_info(bltestCipherInfo *info, PRBool encrypt, PRBool cxonly) -{ - PRBool td = PR_TRUE; - fprintf(stdout, "#%9s", "mode"); - fprintf(stdout, "%12s", "in"); -print_td: - switch (info->mode) { - case bltestDES_ECB: - case bltestDES_CBC: - case bltestDES_EDE_ECB: - case bltestDES_EDE_CBC: - case bltestRC2_ECB: - case bltestRC2_CBC: - case bltestRC4: - if (td) - fprintf(stdout, "%8s", "symmkey"); - else - fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - if (info->params.sk.key.buf.len > 0) - printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len); - if (info->rounds > 0) - printf("rounds=%d,", info->params.rc5.rounds); - if (info->wordsize > 0) - printf("wordsize(bytes)=%d,", info->params.rc5.wordsize); - break; -#endif - case bltestRSA: - if (td) { - fprintf(stdout, "%8s", "rsa_mod"); - fprintf(stdout, "%12s", "rsa_pe"); - } else { - fprintf(stdout, "%8d", info->params.rsa.keysizeInBits); - print_exponent(&info->params.rsa.rsakey->publicExponent); - } - break; - case bltestDSA: - if (td) - fprintf(stdout, "%8s", "pqg_mod"); - else - fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j)); - break; - case bltestMD2: - case bltestMD5: - case bltestSHA1: - default: - break; - } - if (!td) { - fprintf(stdout, "%8d", info->repetitions); - fprintf(stdout, "%8d", info->cxreps); - fprintf(stdout, "%12.3f", info->cxtime); - fprintf(stdout, "%12.3f", info->optime); - fprintf(stdout, "\n"); - return; - } - - fprintf(stdout, "%8s", "opreps"); - fprintf(stdout, "%8s", "cxreps"); - fprintf(stdout, "%12s", "context"); - fprintf(stdout, "%12s", "op"); - fprintf(stdout, "\n"); - fprintf(stdout, "%8s", mode_strings[info->mode]); - fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd'); - fprintf(stdout, "%12d", info->input.buf.len * info->repetitions); - - td = !td; - goto print_td; -} - -void -printmodes() -{ - bltestCipherMode mode; - int nummodes = sizeof(mode_strings) / sizeof(char *); - fprintf(stderr, "%s: Available modes (specify with -m):\n", progName); - for (mode=0; modemode = ioMode; - data->file = NULL; /* don't use -- not saving anything */ - data->pBuf.data = NULL; - data->pBuf.len = 0; - file = PR_Open(fn, PR_RDONLY, 00660); - if (file) - setupIO(arena, data, file, NULL, 0); -} - -void -get_params(PRArenaPool *arena, bltestParams *params, - bltestCipherMode mode, int j) -{ - char filename[256]; - char *modestr = mode_strings[mode]; -#if NSS_SOFTOKEN_DOES_RC5 - FILE *file; - char *mark, *param, *val; - int index = 0; -#endif - switch (mode) { - case bltestDES_CBC: - case bltestDES_EDE_CBC: - case bltestRC2_CBC: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); - load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); - case bltestDES_ECB: - case bltestDES_EDE_ECB: - case bltestRC2_ECB: - case bltestRC4: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); - break; -#if NSS_SOFTOKEN_DOES_RC5 - case bltestRC5_ECB: - case bltestRC5_CBC: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j); - load_file_data(arena, ¶ms->sk.iv, filename, bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->sk.key, filename, bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "params", j); - file = fopen(filename, "r"); - if (!file) return; - param = malloc(100); - len = fread(param, 1, 100, file); - while (index < len) { - mark = PL_strchr(param, '='); - *mark = '\0'; - val = mark + 1; - mark = PL_strchr(val, '\n'); - *mark = '\0'; - if (PL_strcmp(param, "rounds") == 0) { - params->rc5.rounds = atoi(val); - } else if (PL_strcmp(param, "wordsize") == 0) { - params->rc5.wordsize = atoi(val); - } - index += PL_strlen(param) + PL_strlen(val) + 2; - param = mark + 1; - } - break; -#endif - case bltestRSA: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->rsa.key, filename, bltestBase64Encoded); - params->rsa.rsakey = rsakey_from_filedata(¶ms->key.buf); - break; - case bltestDSA: - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j); - load_file_data(arena, ¶ms->dsa.key, filename, bltestBase64Encoded); - params->dsa.dsakey = dsakey_from_filedata(¶ms->key.buf); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j); - load_file_data(arena, ¶ms->dsa.pqgdata, filename, - bltestBase64Encoded); - params->dsa.pqg = pqg_from_filedata(¶ms->dsa.pqgdata.buf); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j); - load_file_data(arena, ¶ms->dsa.keyseed, filename, - bltestBase64Encoded); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j); - load_file_data(arena, ¶ms->dsa.sigseed, filename, - bltestBase64Encoded); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j); - load_file_data(arena, ¶ms->dsa.sig, filename, bltestBase64Encoded); - break; - case bltestMD2: - case bltestMD5: - case bltestSHA1: - /*params->hash.restart = PR_TRUE;*/ - params->hash.restart = PR_FALSE; - break; - default: - break; - } -} - -SECStatus -verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode, - PRBool forward, SECStatus sigstatus) -{ - int res; - char *modestr = mode_strings[mode]; - res = SECITEM_CompareItem(&result->buf, &cmp->buf); - if (is_sigCipher(mode)) { - if (forward) { - if (res == 0) { - printf("Signature self-test for %s passed.\n", modestr); - } else { - printf("Signature self-test for %s failed!\n", modestr); - } - } else { - if (sigstatus == SECSuccess) { - printf("Verification self-test for %s passed.\n", modestr); - } else { - printf("Verification self-test for %s failed!\n", modestr); - } - } - return sigstatus; - } else if (is_hashCipher(mode)) { - if (res == 0) { - printf("Hash self-test for %s passed.\n", modestr); - } else { - printf("Hash self-test for %s failed!\n", modestr); - } - } else { - if (forward) { - if (res == 0) { - printf("Encryption self-test for %s passed.\n", modestr); - } else { - printf("Encryption self-test for %s failed!\n", modestr); - } - } else { - if (res == 0) { - printf("Decryption self-test for %s passed.\n", modestr); - } else { - printf("Decryption self-test for %s failed!\n", modestr); - } - } - } - return (res != 0); -} - -static SECStatus -blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff, - PRBool encrypt, PRBool decrypt) -{ - bltestCipherInfo cipherInfo; - bltestIO pt, ct; - bltestCipherMode mode; - bltestParams *params; - int i, j, nummodes; - char *modestr; - char filename[256]; - PRFileDesc *file; - PRArenaPool *arena; - SECItem item; - PRBool finished; - SECStatus rv, srv; - - PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo)); - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - cipherInfo.arena = arena; - - finished = PR_FALSE; - nummodes = (numModes == 0) ? NUMMODES : numModes; - for (i=0; i < nummodes && !finished; i++) { - if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue; - if (numModes > 0) - mode = modes[i]; - else - mode = i; - modestr = mode_strings[mode]; - cipherInfo.mode = mode; - params = &cipherInfo.params; - if (mode == bltestINVALID) { - fprintf(stderr, "%s: Skipping invalid mode %s.\n",progName,modestr); - continue; - } - /* get the number of tests in the directory */ - sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests"); - file = PR_Open(filename, PR_RDONLY, 00660); - if (!file) { - fprintf(stderr, "%s: File %s does not exist.\n", progName,filename); - return SECFailure; - } - rv = SECU_FileToItem(&item, file); - PR_Close(file); - /* loop over the tests in the directory */ - for (j=0; j<(int)(item.data[0] - '0'); j++) { /* XXX bug when > 10 */ - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "plaintext", j); - if (mode == bltestDSA) - load_file_data(arena, &pt, filename, bltestBase64Encoded); - else - load_file_data(arena, &pt, filename, bltestBinary); - sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, - "ciphertext", j); - load_file_data(arena, &ct, filename, bltestBase64Encoded); - get_params(arena, params, mode, j); - /* Forward Operation (Encrypt/Sign/Hash) - ** Align the input buffer (plaintext) according to request - ** then perform operation and compare to ciphertext - */ - /* XXX for now */ - rv = SECSuccess; - if (encrypt) { - bltestCopyIO(arena, &cipherInfo.input, &pt); - misalignBuffer(arena, &cipherInfo.input, inoff); - memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); - rv |= cipherInit(&cipherInfo, PR_TRUE); - misalignBuffer(arena, &cipherInfo.output, outoff); - rv |= cipherDoOp(&cipherInfo); - rv |= cipherFinish(&cipherInfo); - rv |= verify_self_test(&cipherInfo.output, - &ct, mode, PR_TRUE, 0); - /* If testing hash, only one op to test */ - if (is_hashCipher(mode)) - continue; - /*if (rv) return rv;*/ - } - if (!decrypt) - continue; - /* XXX for now */ - rv = SECSuccess; - /* Reverse Operation (Decrypt/Verify) - ** Align the input buffer (ciphertext) according to request - ** then perform operation and compare to plaintext - */ - if (mode != bltestDSA) - bltestCopyIO(arena, &cipherInfo.input, &ct); - else - bltestCopyIO(arena, &cipherInfo.input, &pt); - misalignBuffer(arena, &cipherInfo.input, outoff); - memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf); - rv |= cipherInit(&cipherInfo, PR_FALSE); - misalignBuffer(arena, &cipherInfo.output, outoff); - srv = SECSuccess; - srv |= cipherDoOp(&cipherInfo); - rv |= cipherFinish(&cipherInfo); - rv |= verify_self_test(&cipherInfo.output, - &pt, mode, PR_FALSE, srv); - /*if (rv) return rv;*/ - } - } - return rv; -} - -SECStatus -dump_file(bltestCipherMode mode, char *filename) -{ - bltestIO keydata; - PRArenaPool *arena = NULL; - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - if (mode == bltestRSA) { - RSAPrivateKey *key; - load_file_data(arena, &keydata, filename, bltestBase64Encoded); - key = rsakey_from_filedata(&keydata.buf); - dump_rsakey(key); - } else if (mode == bltestDSA) { -#if 0 - PQGParams *pqg; - get_file_data(filename, &item, PR_TRUE); - pqg = pqg_from_filedata(&item); - dump_pqg(pqg); -#endif - DSAPrivateKey *key; - load_file_data(arena, &keydata, filename, bltestBase64Encoded); - key = dsakey_from_filedata(&keydata.buf); - dump_dsakey(key); - } - PORT_FreeArena(arena, PR_FALSE); - return SECFailure; -} - -/* bltest commands */ -enum { - cmd_Decrypt = 0, - cmd_Encrypt, - cmd_FIPS, - cmd_Hash, - cmd_Nonce, - cmd_Dump, - cmd_Sign, - cmd_SelfTest, - cmd_Verify -}; - -/* bltest options */ -enum { - opt_B64 = 0, - opt_BufSize, - opt_Restart, - opt_SelfTestDir, - opt_Exponent, - opt_SigFile, - opt_KeySize, - opt_Hex, - opt_Input, - opt_PQGFile, - opt_Key, - opt_HexWSpc, - opt_Mode, - opt_Output, - opt_Repetitions, - opt_ZeroBuf, - opt_Rounds, - opt_Seed, - opt_SigSeedFile, - opt_CXReps, - opt_IV, - opt_WordSize, - opt_UseSeed, - opt_UseSigSeed, - opt_SeedFile, - opt_InputOffset, - opt_OutputOffset, - opt_CmdLine -}; - -static secuCommandFlag bltest_commands[] = -{ - { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE }, - { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE }, - { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag bltest_options[] = -{ - { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE }, - { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE }, - { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE }, - { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, - { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE }, - { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE }, - { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE }, - { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE }, - { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE }, - { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE }, - { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE }, - { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE }, - { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE }, - { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE }, - { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE }, - { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE }, - { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE }, - { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE }, - { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE }, - { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE }, - { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE }, - { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE } -}; - -int main(int argc, char **argv) -{ - char *infileName, *outfileName, *keyfileName, *ivfileName; - SECStatus rv; - - bltestCipherInfo cipherInfo; - bltestParams *params; - PRFileDesc *file, *infile, *outfile; - char *instr = NULL; - PRArenaPool *arena; - bltestIOMode ioMode; - int keysize, bufsize, exponent; - int i, commandsEntered; - int inoff, outoff; - - secuCommand bltest; - bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag); - bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag); - bltest.commands = bltest_commands; - bltest.options = bltest_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = NSS_NoDB_Init(NULL); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - - rv = SECU_ParseCommandLine(argc, argv, progName, &bltest); - - PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo)); - arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE); - cipherInfo.arena = arena; - params = &cipherInfo.params; - /* set some defaults */ - infileName = outfileName = keyfileName = ivfileName = NULL; - - /* Check the number of commands entered on the command line. */ - commandsEntered = 0; - for (i=0; i 1 && - !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) { - fprintf(stderr, "%s: one command at a time!\n", progName); - Usage(); - } - if (commandsEntered == 0) { - fprintf(stderr, "%s: you must enter a command!\n", progName); - Usage(); - } - - if (bltest.commands[cmd_Sign].activated) - bltest.commands[cmd_Encrypt].activated = PR_TRUE; - if (bltest.commands[cmd_Verify].activated) - bltest.commands[cmd_Decrypt].activated = PR_TRUE; - if (bltest.commands[cmd_Hash].activated) - bltest.commands[cmd_Encrypt].activated = PR_TRUE; - - inoff = outoff = 0; - if (bltest.options[opt_InputOffset].activated) - inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg); - if (bltest.options[opt_OutputOffset].activated) - outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg); - - testdir = (bltest.options[opt_SelfTestDir].activated) ? - strdup(bltest.options[opt_SelfTestDir].arg) : "."; - - /* - * Handle three simple cases first - */ - - /* Do BLAPI self-test */ - if (bltest.commands[cmd_SelfTest].activated) { - PRBool encrypt = PR_TRUE, decrypt = PR_TRUE; - /* user may specified a set of ciphers to test. parse them. */ - bltestCipherMode modesToTest[NUMMODES]; - int numModesToTest = 0; - char *tok, *str; - str = bltest.options[opt_Mode].arg; - while (str) { - tok = strchr(str, ','); - if (tok) *tok = '\0'; - modesToTest[numModesToTest++] = get_mode(str); - if (tok) { - *tok = ','; - str = tok + 1; - } else { - break; - } - } - if (bltest.commands[cmd_Decrypt].activated && - !bltest.commands[cmd_Encrypt].activated) - encrypt = PR_FALSE; - if (bltest.commands[cmd_Encrypt].activated && - !bltest.commands[cmd_Decrypt].activated) - decrypt = PR_FALSE; - return blapi_selftest(modesToTest, numModesToTest, inoff, outoff, - encrypt, decrypt); - } - - /* Do FIPS self-test */ - if (bltest.commands[cmd_FIPS].activated) { - CK_RV ckrv = pk11_fipsPowerUpSelfTest(); - fprintf(stdout, "CK_RV: %ld.\n", ckrv); - return 0; - } - - /* - * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify - */ - - if ((bltest.commands[cmd_Decrypt].activated || - bltest.commands[cmd_Verify].activated) && - bltest.options[opt_BufSize].activated) { - fprintf(stderr, "%s: cannot use a nonce as input to decrypt/verify.\n", - progName); - Usage(); - } - - if (bltest.options[opt_Mode].activated) { - cipherInfo.mode = get_mode(bltest.options[opt_Mode].arg); - if (cipherInfo.mode == bltestINVALID) { - fprintf(stderr, "%s: Invalid mode \"%s\"\n", progName, - bltest.options[opt_Mode].arg); - Usage(); - } - } else { - fprintf(stderr, "%s: You must specify a cipher mode with -m.\n", - progName); - Usage(); - } - - if (bltest.options[opt_Repetitions].activated) { - cipherInfo.repetitions = PORT_Atoi(bltest.options[opt_Repetitions].arg); - } else { - cipherInfo.repetitions = 0; - } - - - if (bltest.options[opt_CXReps].activated) { - cipherInfo.cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg); - } else { - cipherInfo.cxreps = 0; - } - - /* Dump a file (rsakey, dsakey, etc.) */ - if (bltest.commands[cmd_Dump].activated) { - return dump_file(cipherInfo.mode, bltest.options[opt_Input].arg); - } - - /* default input mode is binary */ - ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded : - (bltest.options[opt_Hex].activated) ? bltestHexStream : - (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim : - bltestBinary; - - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 0; - - if (bltest.options[opt_Exponent].activated) - exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); - else - exponent = 65537; - - /* Set up an encryption key. */ - keysize = 0; - file = NULL; - if (is_symmkeyCipher(cipherInfo.mode)) { - char *keystr = NULL; /* if key is on command line */ - if (bltest.options[opt_Key].activated) { - if (bltest.options[opt_CmdLine].activated) { - keystr = bltest.options[opt_Key].arg; - } else { - file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); - } - } else { - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 8; /* use 64-bit default (DES) */ - /* save the random key for reference */ - file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660); - } - params->key.mode = ioMode; - setupIO(cipherInfo.arena, ¶ms->key, file, keystr, keysize); - if (file) - PR_Close(file); - } else if (is_pubkeyCipher(cipherInfo.mode)) { - if (bltest.options[opt_Key].activated) { - file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660); - } else { - if (bltest.options[opt_KeySize].activated) - keysize = PORT_Atoi(bltest.options[opt_KeySize].arg); - else - keysize = 64; /* use 512-bit default */ - file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660); - } - params->key.mode = bltestBase64Encoded; - pubkeyInitKey(&cipherInfo, file, keysize, exponent); - PR_Close(file); - } - - /* set up an initialization vector. */ - if (cipher_requires_IV(cipherInfo.mode)) { - char *ivstr = NULL; - bltestSymmKeyParams *skp; - file = NULL; - if (cipherInfo.mode == bltestRC5_CBC) - skp = (bltestSymmKeyParams *)¶ms->rc5; - else - skp = ¶ms->sk; - if (bltest.options[opt_IV].activated) { - if (bltest.options[opt_CmdLine].activated) { - ivstr = bltest.options[opt_IV].arg; - } else { - file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660); - } - } else { - /* save the random iv for reference */ - file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660); - } - memset(&skp->iv, 0, sizeof skp->iv); - skp->iv.mode = ioMode; - setupIO(cipherInfo.arena, &skp->iv, file, ivstr, keysize); - if (file) - PR_Close(file); - } - - if (bltest.commands[cmd_Verify].activated) { - if (!bltest.options[opt_SigFile].activated) { - fprintf(stderr, "%s: You must specify a signature file with -f.\n", - progName); - exit(-1); - } - file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660); - memset(&cipherInfo.params.dsa.sig, 0, sizeof(bltestIO)); - cipherInfo.params.dsa.sig.mode = ioMode; - setupIO(cipherInfo.arena, &cipherInfo.params.dsa.sig, file, NULL, 0); - } - - if (bltest.options[opt_PQGFile].activated) { - file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660); - params->dsa.pqgdata.mode = bltestBase64Encoded; - setupIO(cipherInfo.arena, ¶ms->dsa.pqgdata, file, NULL, 0); - } - - /* Set up the input buffer */ - if (bltest.options[opt_Input].activated) { - if (bltest.options[opt_CmdLine].activated) { - instr = bltest.options[opt_Input].arg; - infile = NULL; - } else { - infile = PR_Open(bltest.options[opt_Input].arg, PR_RDONLY, 00660); - } - } else if (bltest.options[opt_BufSize].activated) { - /* save the random plaintext for reference */ - infile = PR_Open("tmp.in", PR_WRONLY|PR_CREATE_FILE, 00660); - } else { - infile = PR_STDIN; - } - cipherInfo.input.mode = ioMode; - - /* Set up the output stream */ - if (bltest.options[opt_Output].activated) { - outfile = PR_Open(bltest.options[opt_Output].arg, - PR_WRONLY|PR_CREATE_FILE, 00660); - } else { - outfile = PR_STDOUT; - } - cipherInfo.output.mode = ioMode; - - if (is_hashCipher(cipherInfo.mode)) - cipherInfo.params.hash.restart = bltest.options[opt_Restart].activated; - - bufsize = 0; - if (bltest.options[opt_BufSize].activated) - bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg); - - /*infile = NULL;*/ - setupIO(cipherInfo.arena, &cipherInfo.input, infile, instr, bufsize); - misalignBuffer(cipherInfo.arena, &cipherInfo.input, inoff); - - cipherInit(&cipherInfo, bltest.commands[cmd_Encrypt].activated); - misalignBuffer(cipherInfo.arena, &cipherInfo.output, outoff); - - if (!bltest.commands[cmd_Nonce].activated) { - cipherDoOp(&cipherInfo); - cipherFinish(&cipherInfo); - finishIO(&cipherInfo.output, outfile); - } - - if (cipherInfo.repetitions > 0 || cipherInfo.cxreps > 0) - dump_performance_info(&cipherInfo, - bltest.commands[cmd_Encrypt].activated, - (cipherInfo.repetitions == 0)); - - if (infile && infile != PR_STDIN) - PR_Close(infile); - if (outfile && outfile != PR_STDOUT) - PR_Close(outfile); - PORT_FreeArena(cipherInfo.arena, PR_TRUE); - - /*NSS_Shutdown();*/ - - return SECSuccess; -} diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn deleted file mode 100644 index 36bfadc9c..000000000 --- a/security/nss/cmd/bltest/manifest.mn +++ /dev/null @@ -1,52 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -MODULE = security - -REQUIRES = seccmd dbm - -PROGRAM = bltest - - USE_STATIC_LIBS = 1 - -EXPORTS = \ - $(NULL) - -PRIVATE_EXPORTS = \ - $(NULL) - -CSRCS = \ - blapitest.c \ - $(NULL) - diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README deleted file mode 100644 index 998639aee..000000000 --- a/security/nss/cmd/bltest/tests/README +++ /dev/null @@ -1,26 +0,0 @@ -This directory contains a set of tests for each cipher supported by BLAPI. Each subdirectory contains known plaintext and ciphertext pairs (and keys and/or iv's if needed). The tests can be run as a full set with: -bltest -T -or as subsets, for example: -bltest -T des_ecb rc2 rsa - -In each subdirectory, the plaintext, key, and iv are ascii, and treated as such. The ciphertext is base64-encoded to avoid the hassle of binary files. - -To add a test, incremement the value in the numtests file. Create a plaintext, key, and iv file, such that the name of the file is incrememted one from the last set of tests. For example, if you are adding the second test, put your data in files named plaintext1, key1, and iv1 (ignoring key and iv if they are not needed, of course). Make sure your key and iv are the correct number of bytes for your cipher (a trailing \n is okay, but any other trailing bytes will be used!). Once you have your input data, create output data by running bltest on a trusted implementation. For example, for a new DES ECB test, run -bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a -in the tests/des_ecb directory. Then run -bltest -T des_ecb -from the cmd/bltest directory in the tree of the implementation you want to test. - -Note that the -a option above is important, it tells bltest to expect the input to be straight ASCII, and not base64 encoded binary! - -Special cases: - -RC5: -RC5 can take additional parameters, the number of rounds to perform and the wordsize to use. The number of rounds is between is between 0 and 255, and the wordsize is either is either 16, 32, or 64 bits (at this time only 32-bit is supported). These parameters are specified in a paramsN file, where N is an index as above. The format of the file is "rounds=R\nwordsize=W\n". - -public key modes (RSA and DSA): -Asymmetric key ciphers use keys with special properties, so creating a key file with "Mozilla!" in it will not get you very far! To create a public key, run bltest with the plaintext you want to encrypt, using a trusted implementation. bltest will generate a key and store it in "tmp.key", rename that file to keyN. For example: -bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a -mv tmp.key key0 - -[note: specifying a keysize (-g) when using RSA is important!] \ No newline at end of file diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests deleted file mode 100644 index 573541ac9..000000000 --- a/security/nss/cmd/bltest/tests/aes_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -0 diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests deleted file mode 100644 index 573541ac9..000000000 --- a/security/nss/cmd/bltest/tests/aes_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -0 diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 deleted file mode 100644 index 61dae3192..000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -KV3MDNGKWOc= diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0 deleted file mode 100644 index 97b5955f7..000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0 deleted file mode 100644 index 588efd111..000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -abcdefghijklmnopqrstuvwx diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 deleted file mode 100644 index 76dc820d3..000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -RgckVNh4QcM= diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0 deleted file mode 100644 index 588efd111..000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -abcdefghijklmnopqrstuvwx diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 deleted file mode 100644 index 67d2ad1aa..000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -Perdg9FMYQ4= diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0 deleted file mode 100644 index 97b5955f7..000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 deleted file mode 100644 index 8be22fa5c..000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -3bNoWzzNiFc= diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0 deleted file mode 100644 index 8e7150562..000000000 --- a/security/nss/cmd/bltest/tests/dsa/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg== diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0 deleted file mode 100644 index e582eeb04..000000000 --- a/security/nss/cmd/bltest/tests/dsa/key0 +++ /dev/null @@ -1,6 +0,0 @@ -AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s -Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA -Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc -xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW -ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv -3hwP/HsuO0mLJgYU diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0 deleted file mode 100644 index 6eea359db..000000000 --- a/security/nss/cmd/bltest/tests/dsa/keyseed0 +++ /dev/null @@ -1 +0,0 @@ -AAAAAAAAAAAAAAAAAAAAAAAAAAA= diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/dsa/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0 deleted file mode 100644 index 48fbdb6fd..000000000 --- a/security/nss/cmd/bltest/tests/dsa/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -qZk+NkcGgWq6PiVxeFDCbJzQ2J0= diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0 deleted file mode 100644 index f16326ccc..000000000 --- a/security/nss/cmd/bltest/tests/dsa/pqg0 +++ /dev/null @@ -1,4 +0,0 @@ -AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s -Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA -Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc -xC6fb0ZLCIzFcq9T5teIAg== diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0 deleted file mode 100644 index 05d7fd2d6..000000000 --- a/security/nss/cmd/bltest/tests/dsa/sigseed0 +++ /dev/null @@ -1 +0,0 @@ -aHpm2QZI+ZOGfhIfTd+d2wEgVYQ= diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0 deleted file mode 100644 index 22e1fc496..000000000 --- a/security/nss/cmd/bltest/tests/md2/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -CS/UNcrWhB5Knt7Gf8Tz3Q== diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/md2/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0 deleted file mode 100644 index dce2994ba..000000000 --- a/security/nss/cmd/bltest/tests/md2/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -16-bytes to MD2. diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0 deleted file mode 100644 index ea11ee523..000000000 --- a/security/nss/cmd/bltest/tests/md5/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -XN8lnQuWAiMqmSGfvd8Hdw== diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/md5/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0 deleted file mode 100644 index 5ae3875e2..000000000 --- a/security/nss/cmd/bltest/tests/md5/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -63-byte input to MD5 can be a bit tricky, but no problems here. diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 deleted file mode 100644 index d964ef864..000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -3ki6eVsWpY8= diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0 deleted file mode 100644 index 97b5955f7..000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 deleted file mode 100644 index 337d30765..000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -WT+tc4fANhQ= diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0 deleted file mode 100644 index 004f13472..000000000 --- a/security/nss/cmd/bltest/tests/rc4/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -34sTZJtr20k= diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1 deleted file mode 100644 index 6050da4c6..000000000 --- a/security/nss/cmd/bltest/tests/rc4/ciphertext1 +++ /dev/null @@ -1 +0,0 @@ -34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M= diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc4/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc4/key1 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests deleted file mode 100644 index 0cfbf0888..000000000 --- a/security/nss/cmd/bltest/tests/rc4/numtests +++ /dev/null @@ -1 +0,0 @@ -2 diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/rc4/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1 deleted file mode 100644 index d41abc7b8..000000000 --- a/security/nss/cmd/bltest/tests/rc4/plaintext1 +++ /dev/null @@ -1 +0,0 @@ -Mozilla!Mozilla!Mozilla!Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 deleted file mode 100644 index 544713b33..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -qsv4Fn2J6d0= diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0 deleted file mode 100644 index 97b5955f7..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 +++ /dev/null @@ -1 +0,0 @@ -12345678 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0 deleted file mode 100644 index d68e0362d..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/params0 +++ /dev/null @@ -1,2 +0,0 @@ -rounds=10 -wordsize=4 diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 deleted file mode 100644 index 133777dd0..000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -4ZKK/1v5Ohc= diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0 deleted file mode 100644 index 65513c116..000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/key0 +++ /dev/null @@ -1 +0,0 @@ -zyxwvuts diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0 deleted file mode 100644 index d68e0362d..000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/params0 +++ /dev/null @@ -1,2 +0,0 @@ -rounds=10 -wordsize=4 diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 deleted file mode 100644 index 5513e438c..000000000 --- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -Mozilla! diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0 deleted file mode 100644 index 943ea599a..000000000 --- a/security/nss/cmd/bltest/tests/rsa/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as= diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0 deleted file mode 100644 index 1352fe986..000000000 --- a/security/nss/cmd/bltest/tests/rsa/key0 +++ /dev/null @@ -1,4 +0,0 @@ -AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA -IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39 -oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA -EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ== diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/rsa/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0 deleted file mode 100644 index d915bc88c..000000000 --- a/security/nss/cmd/bltest/tests/rsa/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -512bitsforRSAPublicKeyEncryption diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0 deleted file mode 100644 index 1fe4bd2bd..000000000 --- a/security/nss/cmd/bltest/tests/sha1/ciphertext0 +++ /dev/null @@ -1 +0,0 @@ -cDSMAygXMPIJZC5bntZ4ZhecQ9g= diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests deleted file mode 100644 index d00491fd7..000000000 --- a/security/nss/cmd/bltest/tests/sha1/numtests +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0 deleted file mode 100644 index 863e79c65..000000000 --- a/security/nss/cmd/bltest/tests/sha1/plaintext0 +++ /dev/null @@ -1 +0,0 @@ -A cage went in search of a bird. diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile deleted file mode 100644 index 763faa253..000000000 --- a/security/nss/cmd/btoa/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c deleted file mode 100644 index d58805c65..000000000 --- a/security/nss/cmd/btoa/btoa.c +++ /dev/null @@ -1,196 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "plgetopt.h" -#include "secutil.h" -#include "nssb64.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -static PRInt32 -output_ascii (void *arg, const char *obuf, PRInt32 size) -{ - FILE *outFile = arg; - int nb; - - nb = fwrite(obuf, 1, size, outFile); - if (nb != size) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return nb; -} - -static SECStatus -encode_file(FILE *outFile, FILE *inFile) -{ - NSSBase64Encoder *cx; - int nb; - SECStatus status = SECFailure; - unsigned char ibuf[4096]; - - cx = NSSBase64Encoder_Create(output_ascii, outFile); - if (!cx) { - return -1; - } - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - /* eof */ - break; - } - } - - status = NSSBase64Encoder_Update(cx, ibuf, nb); - if (status != SECSuccess) goto loser; - } - - status = NSSBase64Encoder_Destroy(cx, PR_FALSE); - if (status != SECSuccess) - return status; - - /* - * Add a trailing CRLF. Note this must be done *after* the call - * to Destroy above (because only then are we sure all data has - * been written out). - */ - fwrite("\r\n", 1, 2, outFile); - return SECSuccess; - - loser: - (void) NSSBase64Encoder_Destroy(cx, PR_TRUE); - return status; -} - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - SECStatus rv; - FILE *inFile, *outFile; - PLOptState *optstate; - PLOptStatus status; - - inFile = 0; - outFile = 0; - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - default: - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "rb"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - } - } - if (status == PL_OPT_BAD) - Usage(progName); - if (!inFile) { -#if defined(WIN32) - /* If we're going to read binary data from stdin, we must put stdin - ** into O_BINARY mode or else incoming \r\n's will become \n's. - */ - - int smrv = _setmode(_fileno(stdin), _O_BINARY); - if (smrv == -1) { - fprintf(stderr, - "%s: Cannot change stdin to binary mode. Use -i option instead.\n", - progName); - return smrv; - } -#endif - inFile = stdin; - } - if (!outFile) - outFile = stdout; - rv = encode_file(outFile, inFile); - if (rv != SECSuccess) { - fprintf(stderr, "%s: lossage: error=%d errno=%d\n", - progName, PORT_GetError(), errno); - return -1; - } - return 0; -} diff --git a/security/nss/cmd/btoa/makefile.win b/security/nss/cmd/btoa/makefile.win deleted file mode 100644 index 28d3ee873..000000000 --- a/security/nss/cmd/btoa/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = btoa -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn deleted file mode 100644 index 8bbf6ee00..000000000 --- a/security/nss/cmd/btoa/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# MODULE is implicitly REQUIRED, doesn't need to be listed below. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = btoa.c - -PROGRAM = btoa - diff --git a/security/nss/cmd/certcgi/Makefile b/security/nss/cmd/certcgi/Makefile deleted file mode 100644 index 573c12cac..000000000 --- a/security/nss/cmd/certcgi/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/certcgi/ca.html b/security/nss/cmd/certcgi/ca.html deleted file mode 100644 index b9ffd8238..000000000 --- a/security/nss/cmd/certcgi/ca.html +++ /dev/null @@ -1,48 +0,0 @@ - - -
- - Use the Cert-O-matic certificate to issue the cert

- Use a - CA long - automatically generated chain ending with the Cert-O-Matic Cert - (18 maximum)

- Use a - CA long - user input chain ending in the Cert-O-Matic Cert.

-
diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html deleted file mode 100644 index 6858903a6..000000000 --- a/security/nss/cmd/certcgi/ca_form.html +++ /dev/null @@ -1,385 +0,0 @@ - - -
- - - - - - - - - - - - - -
- Common Name:

- 		- Mail:

- RFC 1274 - e-mail
- Organization:

- Organizational Unit:

- RFC 1274 UID:

- Locality:

- State or Province:

- Country:

- - - - - - - -
- Serial Number:

-
- Auto Generate

-
- - Use this value:

-
- X.509 version:

-
- Version 1

-
- Version 3

 - Key Type:

-
- RSA

-
- DSA

- DN:

- -

-
-

- - - - - - - - - - - - - - - - - -
- Netscape Certificate Type:

- Activate extension:

- Critical: - 		- SSL Client

- SSL Server

- S/MIME

- Object Signing

- Reserved for future use (bit 4)

- SSL CA

- S/MIME CA

- Object Signing CA

-
- Netscape Base URL:

- Activate extension:

- Critical: - 		- -
- Netscape Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape Certificate Renewal URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Policy URL:

- Activate extension:

- Critical: - 		- -
- Netscape SSL Server Name:

- Activate extension:

- Critical: - 		- -
- Netscape Comment:

- Activate extension:

- Critical: - 		- -
-

-
-

- - - - - - - - - - - - - - - - - - - - - - - -
- Key Usage:

- Activate extension:

- Critical: - 		- Digital Signature

- Non Repudiation

- Key Encipherment

- Data Encipherment

- Key Agreement

- Key Certificate Signing

- CRL Signing

-
- Extended Key Usage:

- Activate extension:

- Critical: - 		- Server Auth

- Client Auth

- Code Signing

- Email Protection

- Timestamp

- OCSP Responder

- Step-up

-
- Basic Constraints:

- Activate extension:

- Critical: - 		- CA:

-
True

-
False

- - Include Path length:

-
- Authority Key Identifier:

- Activate extension: - 		- Key Identider

- Issuer Name and Serial number

-
- Subject Key Identifier:

- Activate extension: - 		- Key Identifier: -

- This is an:

-

ascii text value

-

hex value

-

- Private Key Usage Period:

- Activate extension:

- Critical: - 		- Use:

-
Not Before

-
Not After

-
Both

- Not to be used to sign before:

-
Set to time of certificate issue

-
Use This value

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

- Not to be used to sign after:

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

-
- Subject Alternative Name:

- Activate extension:

- Critical: - 		- - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID - Netscape Certificate Nickname
- Name: - Binary Encoded:

-
-
- Issuer Alternative Name:

- Activate extension:

- Critical: - 		- Use the Subject Alternative Name from the Issuers Certificate

- Use this Name: - - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

-
-
- Name Constraints:

- Activate extension:

- 		- - - -
- Name Constraints:

- - -

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

- Constraint type:

-

permited

-

excluded

- Minimum:

- Maximum:

- - - -
-
-
- - - - - - - - - - diff --git a/security/nss/cmd/certcgi/certcgi.c b/security/nss/cmd/certcgi/certcgi.c deleted file mode 100644 index 7e5a7624e..000000000 --- a/security/nss/cmd/certcgi/certcgi.c +++ /dev/null @@ -1,2431 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* Cert-O-Matic CGI */ - - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "cert.h" -#include "cryptohi.h" -#include "secoid.h" -#include "secder.h" -#include "genname.h" -#include "xconst.h" -#include "secutil.h" -#include "pqgutil.h" -#include "certxutl.h" -#include "secrng.h" /* for RNG_ */ -#include "nss.h" - - -/* #define TEST 1 */ -/* #define FILEOUT 1 */ -/* #define OFFLINE 1 */ -#define START_FIELDS 100 -#define PREFIX_LEN 6 -#define SERIAL_FILE "../serial" -#define DB_DIRECTORY ".." - -static char *progName; - -typedef struct PairStr Pair; - -struct PairStr { - char *name; - char *data; -}; - - -char prefix[PREFIX_LEN]; - - -const SEC_ASN1Template CERTIA5TypeTemplate[] = { - { SEC_ASN1_IA5_STRING } -}; - - - -SECKEYPrivateKey *privkeys[9] = {NULL, NULL, NULL, NULL, NULL, NULL, NULL, - NULL, NULL}; - - -#ifdef notdef -const SEC_ASN1Template CERT_GeneralNameTemplate[] = { - { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate } -}; -#endif - - -static void -error_out(char *error_string) -{ - printf("Content-type: text/plain\n\n"); - printf(error_string); - fflush(stderr); - fflush(stdout); - exit(1); -} - -static void -error_allocate(void) -{ - error_out("ERROR: Unable to allocate memory"); -} - - -static char * -make_copy_string(char *read_pos, - int length, - char sentinal_value) - /* copys string from to a new string it creates and - returns a pointer to the new string */ -{ - int remaining = length; - char *write_pos; - char *new; - - new = write_pos = (char *) PORT_Alloc (length); - if (new == NULL) { - error_allocate(); - } - while (*read_pos != sentinal_value) { - if (remaining == 1) { - remaining += length; - length = length * 2; - new = PORT_Realloc(new,length); - if (new == NULL) { - error_allocate(); - } - write_pos = new + length - remaining; - } - *write_pos = *read_pos; - ++write_pos; - ++read_pos; - remaining = remaining - 1; - } - *write_pos = '\0'; - return new; -} - - -static char * -PasswordStub(PK11SlotInfo *slot, - void *cx) -{ - return NULL; -} - - -static SECStatus -clean_input(Pair *data) - /* converts the non-alphanumeric characters in a form post - from hex codes back to characters */ -{ - int length; - int hi_digit; - int low_digit; - char character; - char *begin_pos; - char *read_pos; - char *write_pos; - PRBool name = PR_TRUE; - - begin_pos = data->name; - while (begin_pos != NULL) { - length = strlen(begin_pos); - read_pos = write_pos = begin_pos; - while ((read_pos - begin_pos) < length) { - if (*read_pos == '+') { - *read_pos = ' '; - } - if (*read_pos == '%') { - hi_digit = *(read_pos + 1); - low_digit = *(read_pos +2); - read_pos += 3; - if (isdigit(hi_digit)){ - hi_digit = hi_digit - '0'; - } else { - hi_digit = toupper(hi_digit); - if (isxdigit(hi_digit)) { - hi_digit = (hi_digit - 'A') + 10; - } else { - error_out("ERROR: Form data incorrectly formated"); - } - } - if (isdigit(low_digit)){ - low_digit = low_digit - '0'; - } else { - low_digit = toupper(low_digit); - if ((low_digit >='A') && (low_digit <= 'F')) { - low_digit = (low_digit - 'A') + 10; - } else { - error_out("ERROR: Form data incorrectly formated"); - } - } - character = (hi_digit << 4) | low_digit; - if (character != 10) { - *write_pos = character; - ++write_pos; - } - } else { - *write_pos = *read_pos; - ++write_pos; - ++read_pos; - } - } - *write_pos = '\0'; - if (name == PR_TRUE) { - begin_pos = data->data; - name = PR_FALSE; - } else { - data++; - begin_pos = data->name; - name = PR_TRUE; - } - } - return SECSuccess; -} - -static char * -make_name(char *new_data) - /* gets the next field name in the input string and returns - a pointer to a string containing a copy of it */ -{ - int length = 20; - char *name; - - name = make_copy_string(new_data, length, '='); - return name; -} - -static char * -make_data(char *new_data) - /* gets the data for the next field in the input string - and returns a pointer to a string containing it */ -{ - int length = 100; - char *data; - char *read_pos; - - read_pos = new_data; - while (*(read_pos - 1) != '=') { - ++read_pos; - } - data = make_copy_string(read_pos, length, '&'); - return data; -} - - -static Pair -make_pair(char *new_data) - /* makes a pair name/data pair from the input string */ -{ - Pair temp; - - temp.name = make_name(new_data); - temp.data = make_data(new_data); - return temp; -} - - - -static Pair * -make_datastruct(char *data, int len) - /* parses the input from the form post into a data - structure of field name/data pairs */ -{ - Pair *datastruct; - Pair *current; - char *curr_pos; - int fields = START_FIELDS; - int remaining = START_FIELDS; - - curr_pos = data; - datastruct = current = (Pair *) PORT_Alloc(fields * sizeof(Pair)); - if (datastruct == NULL) { - error_allocate(); - } - while (curr_pos - data < len) { - if (remaining == 1) { - remaining += fields; - fields = fields * 2; - datastruct = (Pair *) PORT_Realloc - (datastruct, fields * sizeof(Pair)); - if (datastruct == NULL) { - error_allocate; - } - current = datastruct + (fields - remaining); - } - *current = make_pair(curr_pos); - while (*curr_pos != '&') { - ++curr_pos; - } - ++curr_pos; - ++current; - remaining = remaining - 1; - } - current->name = NULL; - return datastruct; -} - -static char * -return_name(Pair *data_struct, - int n) - /* returns a pointer to the name of the nth - (starting from 0) item in the data structure */ -{ - char *name; - - if ((data_struct + n)->name != NULL) { - name = (data_struct + n)->name; - return name; - } else { - return NULL; - } -} - -static char * -return_data(Pair *data_struct,int n) - /* returns a pointer to the data of the nth (starting from 0) - itme in the data structure */ -{ - char *data; - - data = (data_struct + n)->data; - return data; -} - - -static char * -add_prefix(char *field_name) -{ - extern char prefix[PREFIX_LEN]; - int i = 0; - char *rv; - char *write; - - rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1); - for(i = 0; i < PORT_Strlen(prefix); i++) { - *write = prefix[i]; - write++; - } - *write = '\0'; - rv = PORT_Strcat(rv,field_name); - return rv; -} - - -static char * -find_field(Pair *data, - char *field_name, - PRBool add_pre) - /* returns a pointer to the data of the first pair - thats name matches the string it is passed */ -{ - int i = 0; - char *retrieved; - int found = 0; - - if (add_pre) { - field_name = add_prefix(field_name); - } - while(return_name(data, i) != NULL) { - if (PORT_Strcmp(return_name(data, i), field_name) == 0) { - retrieved = return_data(data, i); - found = 1; - break; - } - i++; - } - if (!found) { - retrieved = NULL; - } - return retrieved; -} - -static PRBool -find_field_bool(Pair *data, - char *fieldname, - PRBool add_pre) -{ - char *rv; - - rv = find_field(data, fieldname, add_pre); - - if ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) { - return PR_TRUE; - } else { - return PR_FALSE; - } -} - -static char * -update_data_by_name(Pair *data, - char *field_name, - char *new_data) - /* replaces the data in the data structure associated with - a name with new data, returns null if not found */ -{ - int i = 0; - int found = 0; - int length = 100; - char *new; - - while (return_name(data, i) != NULL) { - if (PORT_Strcmp(return_name(data, i), field_name) == 0) { - new = make_copy_string( new_data, length, '\0'); - PORT_Free(return_data(data, i)); - found = 1; - (*(data + i)).data = new; - break; - } - i++; - } - if (!found) { - new = NULL; - } - return new; -} - -static char * -update_data_by_index(Pair *data, - int n, - char *new_data) - /* replaces the data of a particular index in the data structure */ -{ - int length = 100; - char *new; - - new = make_copy_string(new_data, length, '\0'); - PORT_Free(return_data(data, n)); - (*(data + n)).data = new; - return new; -} - - -static Pair * -add_field(Pair *data, - char* field_name, - char* field_data) - /* adds a new name/data pair to the data structure */ -{ - int i = 0; - int j; - int name_length = 100; - int data_length = 100; - - while(return_name(data, i) != NULL) { - i++; - } - j = START_FIELDS; - while ( j < (i + 1) ) { - j = j * 2; - } - if (j == (i + 1)) { - data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair)); - if (data == NULL) { - error_allocate(); - } - } - (*(data + i)).name = make_copy_string(field_name, name_length, '\0'); - (*(data + i)).data = make_copy_string(field_data, data_length, '\0'); - (data + i + 1)->name = NULL; - return data; -} - - -static CERTCertificateRequest * -makeCertReq(Pair *form_data, - int which_priv_key) - /* makes and encodes a certrequest */ -{ - - PK11SlotInfo *slot; - CERTCertificateRequest *certReq = NULL; - CERTSubjectPublicKeyInfo *spki; - SECKEYPrivateKey *privkey = NULL; - SECKEYPublicKey *pubkey = NULL; - CERTName *name; - char *key; - extern SECKEYPrivateKey *privkeys[9]; - int keySizeInBits; - char *challenge = "foo"; - SECStatus rv = SECSuccess; - PQGParams *pqgParams = NULL; - PQGVerify *pqgVfy = NULL; - - name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE)); - if (name == NULL) { - error_out("ERROR: Unable to create Subject Name"); - } - key = find_field(form_data, "key", PR_TRUE); - if (key == NULL) { - switch (*find_field(form_data, "keysize", PR_TRUE)) { - case '0': - keySizeInBits = 2048; - break; - case '1': - keySizeInBits = 1024; - break; - case '2': - keySizeInBits = 512; - break; - default: - error_out("ERROR: Unsupported Key length selected"); - } - if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) { - rv = PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy); - if (rv != SECSuccess) { - error_out("ERROR: Unable to generate PQG parameters"); - } - slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL); - privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN, - pqgParams,&pubkey, PR_FALSE, - PR_TRUE, NULL); - } else { - privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL); - } - privkeys[which_priv_key] = privkey; - spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey); - } else { - spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge, - NULL); - if (spki == NULL) { - error_out("ERROR: Unable to decode Public Key and Challenge String"); - } - } - certReq = CERT_CreateCertificateRequest(name, spki, NULL); - if (certReq == NULL) { - error_out("ERROR: Unable to create Certificate Request"); - } - if (pubkey != NULL) { - SECKEY_DestroyPublicKey(pubkey); - } - if (spki != NULL) { - SECKEY_DestroySubjectPublicKeyInfo(spki); - } - if (pqgParams != NULL) { - PQG_DestroyParams(pqgParams); - } - if (pqgVfy != NULL) { - PQG_DestroyVerify(pqgVfy); - } - return certReq; -} - - - -static CERTCertificate * -MakeV1Cert(CERTCertDBHandle *handle, - CERTCertificateRequest *req, - char *issuerNameStr, - PRBool selfsign, - int serialNumber, - int warpmonths, - Pair *data) -{ - CERTCertificate *issuerCert = NULL; - CERTValidity *validity; - CERTCertificate *cert = NULL; - PRExplodedTime printableTime; - PRTime now, - after; - SECStatus rv; - - - - if ( !selfsign ) { - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - if (!issuerCert) { - error_out("ERROR: Could not find issuer's certificate"); - return NULL; - } - } - if (find_field_bool(data, "manValidity", PR_TRUE)) { - rv = DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE)); - } else { - now = PR_Now(); - } - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - if ( warpmonths ) { - printableTime.tm_month += warpmonths; - now = PR_ImplodeTime (&printableTime); - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); - } - if (find_field_bool(data, "manValidity", PR_TRUE)) { - rv = DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE)); - PR_ExplodeTime (after, PR_GMTParameters, &printableTime); - } else { - printableTime.tm_month += 3; - after = PR_ImplodeTime (&printableTime); - } - /* note that the time is now in micro-second unit */ - validity = CERT_CreateValidity (now, after); - - if ( selfsign ) { - cert = CERT_CreateCertificate - (serialNumber,&(req->subject), validity, req); - } else { - cert = CERT_CreateCertificate - (serialNumber,&(issuerCert->subject), validity, req); - } - - CERT_DestroyValidity(validity); - if ( issuerCert ) { - CERT_DestroyCertificate (issuerCert); - } - return(cert); -} - -static int -get_serial_number(Pair *data) -{ - int serial = 0; - int error; - char *filename = SERIAL_FILE; - char *SN; - FILE *serialFile; - - - if (find_field_bool(data, "serial-auto", PR_TRUE)) { - serialFile = fopen(filename, "r"); - if (serialFile != NULL) { - fread(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to read serial number file"); - } - if (serial == 4294967295) { - serial = 21; - } - fclose(serialFile); - ++serial; - serialFile = fopen(filename,"w"); - if (serialFile == NULL) { - error_out("ERROR: Unable to open serial number file for writing"); - } - fwrite(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to write to serial number file"); - } - } else { - fclose(serialFile); - serialFile = fopen(filename,"w"); - if (serialFile == NULL) { - error_out("ERROR: Unable to open serial number file"); - } - serial = 21; - fwrite(&serial, sizeof(int), 1, serialFile); - if (ferror(serialFile) != 0) { - error_out("Error: Unable to write to serial number file"); - } - error = ferror(serialFile); - if (error != 0) { - error_out("ERROR: Unable to write to serial file"); - } - } - fclose(serialFile); - } else { - SN = find_field(data, "serial_value", PR_TRUE); - while (*SN != '\0') { - serial = serial * 16; - if ((*SN >= 'A') && (*SN <='F')) { - serial += *SN - 'A' + 10; - } else { - if ((*SN >= 'a') && (*SN <='f')) { - serial += *SN - 'a' + 10; - } else { - serial += *SN - '0'; - } - } - ++SN; - } - } - return serial; -} - - - -typedef SECStatus (* EXTEN_VALUE_ENCODER) - (PRArenaPool *extHandle, void *value, SECItem *encodedValue); - -static SECStatus -EncodeAndAddExtensionValue( - PRArenaPool *arena, - void *extHandle, - void *value, - PRBool criticality, - int extenType, - EXTEN_VALUE_ENCODER EncodeValueFn) -{ - SECItem encodedValue; - SECStatus rv; - - - encodedValue.data = NULL; - encodedValue.len = 0; - rv = (*EncodeValueFn)(arena, value, &encodedValue); - if (rv != SECSuccess) { - error_out("ERROR: Unable to encode extension value"); - } - rv = CERT_AddExtension - (extHandle, extenType, &encodedValue, criticality, PR_TRUE); - return (rv); -} - - - -static SECStatus -AddKeyUsage (void *extHandle, - Pair *data) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - - if (find_field_bool(data,"keyUsage-digitalSignature", PR_TRUE)){ - keyUsage |= (0x80 >> 0); - } - if (find_field_bool(data,"keyUsage-nonRepudiation", PR_TRUE)){ - keyUsage |= (0x80 >> 1); - } - if (find_field_bool(data,"keyUsage-keyEncipherment", PR_TRUE)){ - keyUsage |= (0x80 >> 2); - } - if (find_field_bool(data,"keyUsage-dataEncipherment", PR_TRUE)){ - keyUsage |= (0x80 >> 3); - } - if (find_field_bool(data,"keyUsage-keyAgreement", PR_TRUE)){ - keyUsage |= (0x80 >> 4); - } - if (find_field_bool(data,"keyUsage-keyCertSign", PR_TRUE)) { - keyUsage |= (0x80 >> 5); - } - if (find_field_bool(data,"keyUsage-cRLSign", PR_TRUE)) { - keyUsage |= (0x80 >> 6); - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, - (find_field_bool(data, "keyUsage-crit", PR_TRUE)))); - -} - -static CERTOidSequence * -CreateOidSequence(void) -{ - CERTOidSequence *rv = (CERTOidSequence *)NULL; - PRArenaPool *arena = (PRArenaPool *)NULL; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if( (PRArenaPool *)NULL == arena ) { - goto loser; - } - - rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); - if( (CERTOidSequence *)NULL == rv ) { - goto loser; - } - - rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *)); - if( (SECItem **)NULL == rv->oids ) { - goto loser; - } - - rv->arena = arena; - return rv; - - loser: - if( (PRArenaPool *)NULL != arena ) { - PORT_FreeArena(arena, PR_FALSE); - } - - return (CERTOidSequence *)NULL; -} - -static SECStatus -AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) -{ - SECItem **oids; - PRUint32 count = 0; - SECOidData *od; - - od = SECOID_FindOIDByTag(oidTag); - if( (SECOidData *)NULL == od ) { - return SECFailure; - } - - for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) { - count++; - } - - /* ArenaZRealloc */ - - { - PRUint32 i; - - oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2)); - if( (SECItem **)NULL == oids ) { - return SECFailure; - } - - for( i = 0; i < count; i++ ) { - oids[i] = os->oids[i]; - } - - /* ArenaZFree(os->oids); */ - } - - os->oids = oids; - os->oids[count] = &od->oid; - - return SECSuccess; -} - -static SECItem * -EncodeOidSequence(CERTOidSequence *os) -{ - SECItem *rv; - extern const SEC_ASN1Template CERT_OidSeqTemplate[]; - - rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem)); - if( (SECItem *)NULL == rv ) { - goto loser; - } - - if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) { - goto loser; - } - - return rv; - - loser: - return (SECItem *)NULL; -} - -static SECStatus -AddExtKeyUsage(void *extHandle, Pair *data) -{ - SECStatus rv; - CERTOidSequence *os; - SECItem *value; - PRBool crit; - - os = CreateOidSequence(); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - if( find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); - if( SECSuccess != rv ) goto loser; - } - - if( find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE) ) { - rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); - if( SECSuccess != rv ) goto loser; - } - - value = EncodeOidSequence(os); - - crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE); - - rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value, - crit, PR_TRUE); - /*FALLTHROUGH*/ - loser: - CERT_DestroyOidSequence(os); - return rv; -} - -static SECStatus -AddSubKeyID(void *extHandle, - Pair *data, - CERTCertificate *subjectCert) -{ - SECItem encodedValue; - SECStatus rv; - char *read; - char *write; - char *first; - char character; - int high_digit = 0, - low_digit = 0; - int len; - PRBool odd = PR_FALSE; - - - encodedValue.data = NULL; - encodedValue.len = 0; - first = read = write = find_field(data,"subjectKeyIdentifier-text", - PR_TRUE); - len = PORT_Strlen(first); - odd = ((len % 2) != 0 ) ? PR_TRUE : PR_FALSE; - if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) { - if (odd) { - error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string"); - } - while (*read != '\0') { - if (!isxdigit(*read)) { - error_out("ERROR: Improperly formated subject key identifier"); - } - *read = toupper(*read); - if ((*read >= 'A') && (*read <= 'F')) { - high_digit = *read - 'A' + 10; - } else { - high_digit = *read - '0'; - } - ++read; - if (!isxdigit(*read)) { - error_out("ERROR: Improperly formated subject key identifier"); - } - *read = toupper(*read); - if ((*read >= 'A') && (*read <= 'F')) { - low_digit = *(read) - 'A' + 10; - } else { - low_digit = *(read) - '0'; - } - character = (high_digit << 4) | low_digit; - *write = character; - ++write; - ++read; - } - *write = '\0'; - len = write - first; - } - subjectCert->subjectKeyID.data = (unsigned char *) find_field - (data,"subjectKeyIdentifier-text", PR_TRUE); - subjectCert->subjectKeyID.len = len; - rv = CERT_EncodeSubjectKeyID - (NULL, find_field(data,"subjectKeyIdentifier-text", PR_TRUE), - len, &encodedValue); - if (rv) { - return (rv); - } - return (CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_KEY_ID, - &encodedValue, PR_FALSE, PR_TRUE)); -} - - -static SECStatus -AddAuthKeyID (void *extHandle, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle) -{ - CERTAuthKeyID *authKeyID = NULL; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - CERTCertificate *issuerCert = NULL; - CERTGeneralName *genNames; - CERTName *directoryName = NULL; - - - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - error_allocate(); - } - - authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID)); - if (authKeyID == NULL) { - error_allocate(); - } - if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier", - PR_TRUE)) { - authKeyID->keyID.data = PORT_ArenaAlloc (arena, PORT_Strlen - ((char *)issuerCert->subjectKeyID.data)); - if (authKeyID->keyID.data == NULL) { - error_allocate(); - } - PORT_Memcpy (authKeyID->keyID.data, issuerCert->subjectKeyID.data, - authKeyID->keyID.len = - PORT_Strlen((char *)issuerCert->subjectKeyID.data)); - } else { - - PORT_Assert (arena); - genNames = (CERTGeneralName *) PORT_ArenaZAlloc (arena, (sizeof(CERTGeneralName))); - if (genNames == NULL){ - error_allocate(); - } - genNames->l.next = genNames->l.prev = &(genNames->l); - genNames->type = certDirectoryName; - - directoryName = CERT_AsciiToName(issuerCert->subjectName); - if (!directoryName) { - error_out("ERROR: Unable to create Directory Name"); - } - rv = CERT_CopyName (arena, &genNames->name.directoryName, - directoryName); - CERT_DestroyName (directoryName); - if (rv != SECSuccess) { - error_out("ERROR: Unable to copy Directory Name"); - } - authKeyID->authCertIssuer = genNames; - if (authKeyID->authCertIssuer == NULL && SECFailure == - PORT_GetError ()) { - error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension"); - } - authKeyID->authCertSerialNumber = issuerCert->serialNumber; - } - rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE, - SEC_OID_X509_AUTH_KEY_ID, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAuthKeyID); - if (arena) { - PORT_FreeArena (arena, PR_FALSE); - } - return (rv); -} - - -static SECStatus -AddPrivKeyUsagePeriod(void *extHandle, - Pair *data, - CERTCertificate *cert) -{ - char *notBeforeStr; - char *notAfterStr; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - PKUPEncodedContext *pkup; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - error_allocate(); - } - pkup = PORT_ArenaZAlloc (arena, sizeof (PKUPEncodedContext)); - if (pkup == NULL) { - error_allocate(); - } - notBeforeStr = (char *) PORT_Alloc(16 * sizeof(char)); - notAfterStr = (char *) PORT_Alloc(16 * sizeof(char)); - *notBeforeStr = '\0'; - *notAfterStr = '\0'; - pkup->arena = arena; - pkup->notBefore.len = 0; - pkup->notBefore.data = NULL; - pkup->notAfter.len = 0; - pkup->notAfter.data = NULL; - if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) || - find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { - pkup->notBefore.len = 15; - pkup->notBefore.data = (unsigned char *)notBeforeStr; - if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual", - PR_TRUE)) { - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-year", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-month", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-day", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-hour", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-minute", - PR_TRUE)); - PORT_Strcat(notBeforeStr,find_field(data, - "privKeyUsagePeriod-notBefore-second", - PR_TRUE)); - if ((*(notBeforeStr + 14) != '\0') || - (!isdigit(*(notBeforeStr + 13))) || - (*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') || - (!isdigit(*(notBeforeStr + 11))) || - (*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') || - (!isdigit(*(notBeforeStr + 9))) || - (*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') || - (!isdigit(*(notBeforeStr + 7))) || - (*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') || - (!isdigit(*(notBeforeStr + 5))) || - (*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') || - (!isdigit(*(notBeforeStr + 3))) || - (!isdigit(*(notBeforeStr + 2))) || - (!isdigit(*(notBeforeStr + 1))) || - (!isdigit(*(notBeforeStr + 0))) || - (*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') || - (*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') || - (*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) { - error_out("ERROR: Improperly formated private key usage period"); - } - *(notBeforeStr + 14) = 'Z'; - *(notBeforeStr + 15) = '\0'; - } else { - if ((*(cert->validity.notBefore.data) > '5') || - ((*(cert->validity.notBefore.data) == '5') && - (*(cert->validity.notBefore.data + 1) != '0'))) { - PORT_Strcat(notBeforeStr, "19"); - } else { - PORT_Strcat(notBeforeStr, "20"); - } - PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data); - } - } - if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) || - find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) { - pkup->notAfter.len = 15; - pkup->notAfter.data = (unsigned char *)notAfterStr; - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-year", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-month", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-day", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-hour", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-minute", - PR_TRUE)); - PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-second", - PR_TRUE)); - if ((*(notAfterStr + 14) != '\0') || - (!isdigit(*(notAfterStr + 13))) || - (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') || - (!isdigit(*(notAfterStr + 11))) || - (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') || - (!isdigit(*(notAfterStr + 9))) || - (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') || - (!isdigit(*(notAfterStr + 7))) || - (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') || - (!isdigit(*(notAfterStr + 5))) || - (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') || - (!isdigit(*(notAfterStr + 3))) || - (!isdigit(*(notAfterStr + 2))) || - (!isdigit(*(notAfterStr + 1))) || - (!isdigit(*(notAfterStr + 0))) || - (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') || - (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') || - (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) { - error_out("ERROR: Improperly formated private key usage period"); - } - *(notAfterStr + 14) = 'Z'; - *(notAfterStr + 15) = '\0'; - } - - PORT_Assert (arena); - - rv = EncodeAndAddExtensionValue(arena, extHandle, pkup, - find_field_bool(data, - "privKeyUsagePeriod-crit", - PR_TRUE), - SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD, - (EXTEN_VALUE_ENCODER) - CERT_EncodePublicKeyUsagePeriod); - if (arena) { - PORT_FreeArena (arena, PR_FALSE); - } - if (notBeforeStr != NULL) { - PORT_Free(notBeforeStr); - } - if (notAfterStr != NULL) { - PORT_Free(notAfterStr); - } - return (rv); -} - -static SECStatus -AddBasicConstraint(void *extHandle, - Pair *data) -{ - CERTBasicConstraints basicConstraint; - SECItem encodedValue; - SECStatus rv; - - encodedValue.data = NULL; - encodedValue.len = 0; - basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; - basicConstraint.isCA = (find_field_bool(data,"basicConstraints-cA-radio-CA", - PR_TRUE)); - if (find_field_bool(data,"basicConstraints-pathLengthConstraint", PR_TRUE)){ - basicConstraint.pathLenConstraint = atoi - (find_field(data,"basicConstraints-pathLengthConstraint-text", - PR_TRUE)); - } - - rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, - &encodedValue); - if (rv) - return (rv); - rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, - &encodedValue, - (find_field_bool(data,"basicConstraints-crit", - PR_TRUE)), PR_TRUE); - - PORT_Free (encodedValue.data); - return (rv); -} - - - -static SECStatus -AddNscpCertType (void *extHandle, - Pair *data) -{ - SECItem bitStringValue; - unsigned char CertType = 0x0; - - if (find_field_bool(data,"netscape-cert-type-ssl-client", PR_TRUE)){ - CertType |= (0x80 >> 0); - } - if (find_field_bool(data,"netscape-cert-type-ssl-server", PR_TRUE)){ - CertType |= (0x80 >> 1); - } - if (find_field_bool(data,"netscape-cert-type-smime", PR_TRUE)){ - CertType |= (0x80 >> 2); - } - if (find_field_bool(data,"netscape-cert-type-object-signing", PR_TRUE)){ - CertType |= (0x80 >> 3); - } - if (find_field_bool(data,"netscape-cert-type-reserved", PR_TRUE)){ - CertType |= (0x80 >> 4); - } - if (find_field_bool(data,"netscape-cert-type-ssl-ca", PR_TRUE)) { - CertType |= (0x80 >> 5); - } - if (find_field_bool(data,"netscape-cert-type-smime-ca", PR_TRUE)) { - CertType |= (0x80 >> 6); - } - if (find_field_bool(data,"netscape-cert-type-object-signing-ca", PR_TRUE)) { - CertType |= (0x80 >> 7); - } - - bitStringValue.data = &CertType; - bitStringValue.len = 1; - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, - (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE)))); -} - - -static SECStatus -add_IA5StringExtension(void *extHandle, - char *string, - PRBool crit, - int idtag) -{ - SECItem encodedValue; - SECStatus rv; - - encodedValue.data = NULL; - encodedValue.len = 0; - - rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue); - if (rv) { - return (rv); - } - return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE)); -} - -static SECItem * -string_to_oid(char *string) -{ - int i; - int length = 20; - int remaining; - int first_value; - int second_value; - int value; - int oidLength; - unsigned char *oidString; - unsigned char *write; - unsigned char *read; - unsigned char *temp; - SECItem *oid; - - - remaining = length; - i = 0; - while (*string == ' ') { - string++; - } - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - } else { - error_out("ERROR: Improperly formated OID"); - } - first_value = atoi(string); - if (first_value < 0 || first_value > 2) { - error_out("ERROR: Improperly formated OID"); - } - string += i + 1; - i = 0; - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - } else { - error_out("ERROR: Improperly formated OID"); - } - second_value = atoi(string); - if (second_value < 0 || second_value > 39) { - error_out("ERROR: Improperly formated OID"); - } - oidString = PORT_ZAlloc(2); - *oidString = (first_value * 40) + second_value; - *(oidString + 1) = '\0'; - oidLength = 1; - string += i + 1; - i = 0; - temp = write = PORT_ZAlloc(length); - while (*string != '\0') { - value = 0; - while(isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '\0') { - value = atoi(string); - string += i; - } else { - if (*(string + i) == '.') { - *(string + i) == '\0'; - value = atoi(string); - string += i + 1; - } else { - *(string + i) = '\0'; - i++; - value = atoi(string); - if (*(string + i) == ' ') { - while (*(string + i) == ' ') - i++; - } - if (*(string + i) != '\0') { - error_out("ERROR: Improperly formated OID"); - } - } - } - i = 0; - while (value != 0) { - if (remaining < 1) { - remaining += length; - length = length * 2; - temp = PORT_Realloc(temp, length); - write = temp + length - remaining; - } - *write = (value & 0x7f) | (0x80); - write++; - remaining--; - value = value >> 7; - } - *temp = *temp & (0x7f); - oidLength += write - temp; - oidString = PORT_Realloc(oidString, (oidLength + 1)); - read = write - 1; - write = oidLength + oidString - 1; - for (i = 0; i < (length - remaining); i++) { - *write = *read; - write--; - read++; - } - write = temp; - remaining = length; - } - *(oidString + oidLength) = '\0'; - oid = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - oid->data = oidString; - oid->len = oidLength; - PORT_Free(temp); - return oid; -} - -static SECItem * -string_to_ipaddress(char *string) -{ - int i = 0; - int value; - int j = 0; - SECItem *ipaddress; - - - while (*string == ' ') { - string++; - } - ipaddress = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - ipaddress->data = PORT_ZAlloc(9); - while (*string != '\0' && j < 8) { - while (isdigit(*(string + i))) { - i++; - } - if (*(string + i) == '.') { - *(string + i) = '\0'; - value = atoi(string); - string = string + i + 1; - i = 0; - } else { - if (*(string + i) == '\0') { - value = atoi(string); - string = string + i; - i = 0; - } else { - *(string + i) = '\0'; - while (*(string + i) == ' ') { - i++; - } - if (*(string + i) == '\0') { - value = atoi(string); - string = string + i; - i = 0; - } else { - error_out("ERROR: Improperly formated IP Address"); - } - } - } - if (value >= 0 || value < 256) { - *(ipaddress->data + j) = value; - } else { - error_out("ERROR: Improperly formated IP Address"); - } - j++; - } - *(ipaddress->data + j) = '\0'; - if (j != 4 && j != 8) { - error_out("ERROR: Improperly formated IP Address"); - } - ipaddress->len = j; - return ipaddress; -} - -static SECItem * -string_to_binary(char *string) -{ - SECItem *rv; - int high_digit; - int low_digit; - - rv = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - if (rv == NULL) { - error_allocate(); - } - rv->data = (unsigned char *) PORT_ZAlloc((PORT_Strlen(string))/3 + 2); - while (!isxdigit(*string)) { - string++; - } - rv->len = 0; - while (*string != '\0') { - if (isxdigit(*string)) { - if (*string >= '0' && *string <= '9') { - high_digit = *string - '0'; - } else { - *string = toupper(*string); - high_digit = *string - 'A'; - } - string++; - if (*string >= '0' && *string <= '9') { - low_digit = *string - '0'; - } else { - *string = toupper(*string); - low_digit = *string = 'A'; - } - (rv->len)++; - } else { - if (*string == ':') { - string++; - } else { - if (*string == ' ') { - while (*string == ' ') { - string++; - } - } - if (*string != '\0') { - error_out("ERROR: Improperly formated binary encoding"); - } - } - } - } - - return rv; -} - -static SECStatus -MakeGeneralName(char *name, - CERTGeneralName *genName, - PRArenaPool *arena) -{ - SECItem *oid; - SECOidData *oidData; - SECItem *ipaddress; - SECItem *temp = NULL; - int i; - int nameType; - PRBool binary = PR_FALSE; - SECStatus rv = SECSuccess; - PRBool nickname; - - PORT_Assert(genName); - PORT_Assert(arena); - nameType = *(name + PORT_Strlen(name) - 1) - '0'; - if (nameType == 0 && *(name +PORT_Strlen(name) - 2) == '1') { - nickname = PR_TRUE; - nameType = certOtherName; - } - if (nameType < 1 || nameType > 9) { - error_out("ERROR: Unknown General Name Type"); - } - *(name + PORT_Strlen(name) - 4) = '\0'; - genName->type = nameType; - - switch (genName->type) { - case certURI: - case certRFC822Name: - case certDNSName: { - genName->name.other.data = (unsigned char *)name; - genName->name.other.len = PORT_Strlen(name); - break; - } - - case certIPAddress: { - ipaddress = string_to_ipaddress(name); - genName->name.other.data = ipaddress->data; - genName->name.other.len = ipaddress->len; - break; - } - - case certRegisterID: { - oid = string_to_oid(name); - genName->name.other.data = oid->data; - genName->name.other.len = oid->len; - break; - } - - case certEDIPartyName: - case certX400Address: { - - genName->name.other.data = PORT_ArenaAlloc (arena, - PORT_Strlen (name) + 2); - if (genName->name.other.data == NULL) { - error_allocate(); - } - - PORT_Memcpy (genName->name.other.data + 2, name, PORT_Strlen (name)); - /* This may not be accurate for all cases. - For now, use this tag type */ - genName->name.other.data[0] = (char)(((genName->type - 1) & - 0x1f)| 0x80); - genName->name.other.data[1] = (char)PORT_Strlen (name); - genName->name.other.len = PORT_Strlen (name) + 2; - break; - } - - case certOtherName: { - i = 0; - if (!nickname) { - while (!isdigit(*(name + PORT_Strlen(name) - i))) { - i++; - } - if (*(name + PORT_Strlen(name) - i) == '1') { - binary = PR_TRUE; - } else { - binary = PR_FALSE; - } - while (*(name + PORT_Strlen(name) - i) != '-') { - i++; - } - *(name + PORT_Strlen(name) - i - 1) = '\0'; - i = 0; - while (*(name + i) != '-') { - i++; - } - *(name + i - 1) = '\0'; - oid = string_to_oid(name + i + 2); - } else { - oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME); - oid = &oidData->oid; - while (*(name + PORT_Strlen(name) - i) != '-') { - i++; - } - *(name + PORT_Strlen(name) - i) = '\0'; - } - genName->name.OthName.oid.data = oid->data; - genName->name.OthName.oid.len = oid->len; - if (binary) { - temp = string_to_binary(name); - genName->name.OthName.name.data = temp->data; - genName->name.OthName.name.len = temp->len; - } else { - temp = (SECItem *) PORT_ZAlloc(sizeof(SECItem)); - if (temp == NULL) { - error_allocate(); - } - temp->data = (unsigned char *)name; - temp->len = PORT_Strlen(name); - SEC_ASN1EncodeItem (arena, &(genName->name.OthName.name), temp, - CERTIA5TypeTemplate); - } - PORT_Free(temp); - break; - } - - case certDirectoryName: { - CERTName *directoryName = NULL; - - directoryName = CERT_AsciiToName (name); - if (!directoryName) { - error_out("ERROR: Improperly formated alternative name"); - break; - } - rv = CERT_CopyName (arena, &genName->name.directoryName, - directoryName); - CERT_DestroyName (directoryName); - - break; - } - } - genName->l.next = &(genName->l); - genName->l.prev = &(genName->l); - return rv; -} - - -static CERTGeneralName * -MakeAltName(Pair *data, - char *which, - PRArenaPool *arena) -{ - CERTGeneralName *SubAltName; - CERTGeneralName *current; - CERTGeneralName *newname; - char *name = NULL; - SECStatus rv = SECSuccess; - int len; - - - len = PORT_Strlen(which); - name = find_field(data, which, PR_TRUE); - SubAltName = current = (CERTGeneralName *) PORT_ZAlloc - (sizeof(CERTGeneralName)); - if (current == NULL) { - error_allocate(); - } - while (name != NULL) { - - rv = MakeGeneralName(name, current, arena); - - if (rv != SECSuccess) { - break; - } - if (*(which + len -1) < '9') { - *(which + len - 1) = *(which + len - 1) + 1; - } else { - if (isdigit(*(which + len - 2) )) { - *(which + len - 2) = *(which + len - 2) + 1; - *(which + len - 1) = '0'; - } else { - *(which + len - 1) = '1'; - *(which + len) = '0'; - *(which + len + 1) = '\0'; - len++; - } - } - len = PORT_Strlen(which); - name = find_field(data, which, PR_TRUE); - if (name != NULL) { - newname = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName)); - if (newname == NULL) { - error_allocate(); - } - current->l.next = &(newname->l); - newname->l.prev = &(current->l); - current = newname; - newname = NULL; - } else { - current->l.next = &(SubAltName->l); - SubAltName->l.prev = &(current->l); - } - } - if (rv == SECFailure) { - return NULL; - } - return SubAltName; -} - -static CERTNameConstraints * -MakeNameConstraints(Pair *data, - PRArenaPool *arena) -{ - CERTNameConstraints *NameConstraints; - CERTNameConstraint *current = NULL; - CERTNameConstraint *last_permited = NULL; - CERTNameConstraint *last_excluded = NULL; - char *constraint = NULL; - char *which; - SECStatus rv = SECSuccess; - int len; - int i; - long max; - long min; - PRBool permited; - - - NameConstraints = (CERTNameConstraints *) PORT_ZAlloc - (sizeof(CERTNameConstraints)); - which = make_copy_string("NameConstraintSelect0", 25,'\0'); - len = PORT_Strlen(which); - constraint = find_field(data, which, PR_TRUE); - NameConstraints->permited = NameConstraints->excluded = NULL; - while (constraint != NULL) { - current = (CERTNameConstraint *) PORT_ZAlloc - (sizeof(CERTNameConstraint)); - if (current == NULL) { - error_allocate(); - } - i = 0; - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - max = (long) atoi(constraint + PORT_Strlen(constraint) + 3); - if (max > 0) { - (void) SEC_ASN1EncodeInteger(arena, ¤t->max, max); - } - i = 0; - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - min = (long) atoi(constraint + PORT_Strlen(constraint) + 3); - (void) SEC_ASN1EncodeInteger(arena, ¤t->min, min); - while (*(constraint + PORT_Strlen(constraint) - i) != '-') { - i++; - } - *(constraint + PORT_Strlen(constraint) - i - 1) = '\0'; - if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') { - permited = PR_TRUE; - } else { - permited = PR_FALSE; - } - rv = MakeGeneralName(constraint, &(current->name), arena); - - if (rv != SECSuccess) { - break; - } - if (*(which + len - 1) < '9') { - *(which + len - 1) = *(which + len - 1) + 1; - } else { - if (isdigit(*(which + len - 2) )) { - *(which + len - 2) = *(which + len - 2) + 1; - *(which + len - 1) = '0'; - } else { - *(which + len - 1) = '1'; - *(which + len) = '0'; - *(which + len + 1) = '\0'; - len++; - } - } - len = PORT_Strlen(which); - if (permited) { - if (NameConstraints->permited == NULL) { - NameConstraints->permited = last_permited = current; - } - last_permited->l.next = &(current->l); - current->l.prev = &(last_permited->l); - last_permited = current; - } else { - if (NameConstraints->excluded == NULL) { - NameConstraints->excluded = last_excluded = current; - } - last_excluded->l.next = &(current->l); - current->l.prev = &(last_excluded->l); - last_excluded = current; - } - constraint = find_field(data, which, PR_TRUE); - if (constraint != NULL) { - current = (CERTNameConstraint *) PORT_ZAlloc(sizeof(CERTNameConstraint)); - if (current = NULL) { - error_allocate(); - } - } - } - if (NameConstraints->permited != NULL) { - last_permited->l.next = &(NameConstraints->permited->l); - NameConstraints->permited->l.prev = &(last_permited->l); - } - if (NameConstraints->excluded != NULL) { - last_excluded->l.next = &(NameConstraints->excluded->l); - NameConstraints->excluded->l.prev = &(last_excluded->l); - } - if (which != NULL) { - PORT_Free(which); - } - if (rv == SECFailure) { - return NULL; - } - return NameConstraints; -} - - - -static SECStatus -AddAltName(void *extHandle, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle, - int type) -{ - PRBool autoIssuer = PR_FALSE; - PRArenaPool *arena = NULL; - CERTGeneralName *genName = NULL; - CERTName *directoryName = NULL; - char *which = NULL; - char *name = NULL; - SECStatus rv = SECSuccess; - SECItem *issuersAltName = NULL; - CERTCertificate *issuerCert = NULL; - void *mark; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - error_allocate(); - } - if (type == 0) { - which = make_copy_string("SubAltNameSelect0", 20,'\0'); - genName = MakeAltName(data, which, arena); - } else { - if (autoIssuer) { - autoIssuer = find_field_bool(data,"IssuerAltNameSourceRadio-auto", - PR_TRUE); - issuerCert = CERT_FindCertByNameString(handle, issuerNameStr); - rv = cert_FindExtension((*issuerCert).extensions, - SEC_OID_X509_SUBJECT_ALT_NAME, - issuersAltName); - if (issuersAltName == NULL) { - name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4); - PORT_Strcpy(name, (*issuerCert).subjectName); - PORT_Strcat(name, " - 5"); - } - } else { - which = make_copy_string("IssuerAltNameSelect0", 20,'\0'); - genName = MakeAltName(data, which, arena); - } - } - if (type == 0) { - EncodeAndAddExtensionValue(arena, extHandle, genName, - find_field_bool(data, "SubAltName-crit", - PR_TRUE), - SEC_OID_X509_SUBJECT_ALT_NAME, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAltNameExtension); - - } else { - if (autoIssuer && (name == NULL)) { - rv = CERT_AddExtension - (extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName, - find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE); - } else { - EncodeAndAddExtensionValue(arena, extHandle, genName, - find_field_bool(data, - "IssuerAltName-crit", - PR_TRUE), - SEC_OID_X509_ISSUER_ALT_NAME, - (EXTEN_VALUE_ENCODER) - CERT_EncodeAltNameExtension); - } - } - if (which != NULL) { - PORT_Free(which); - } - if (issuerCert != NULL) { - CERT_DestroyCertificate(issuerCert); - } - if (arena != NULL) { - PORT_ArenaRelease (arena, mark); - } - return rv; -} - - -static SECStatus -AddNameConstraints(void *extHandle, - Pair *data) -{ - PRBool autoIssuer = PR_FALSE; - PRArenaPool *arena = NULL; - CERTNameConstraints *constraints = NULL; - char *constraint = NULL; - SECStatus rv = SECSuccess; - - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - error_allocate(); - } - constraints = MakeNameConstraints(data, arena); - if (constraints != NULL) { - EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE, - SEC_OID_X509_NAME_CONSTRAINTS, - (EXTEN_VALUE_ENCODER) - CERT_EncodeNameConstraintsExtension); - } - if (arena != NULL) { - PORT_ArenaRelease (arena, NULL); - } - return rv; -} - - -static SECStatus -add_extensions(CERTCertificate *subjectCert, - Pair *data, - char *issuerNameStr, - CERTCertDBHandle *handle) -{ - void *extHandle; - SECStatus rv = SECSuccess; - - - extHandle = CERT_StartCertExtensions (subjectCert); - if (extHandle == NULL) { - error_out("ERROR: Unable to get certificates extension handle"); - } - if (find_field_bool(data, "keyUsage", PR_TRUE)) { - rv = AddKeyUsage(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Key Usage extension"); - } - } - - if( find_field_bool(data, "extKeyUsage", PR_TRUE) ) { - rv = AddExtKeyUsage(extHandle, data); - if( SECSuccess != rv ) { - error_out("ERROR: Unable to add Extended Key Usage extension"); - } - } - - if (find_field_bool(data, "basicConstraints", PR_TRUE)) { - rv = AddBasicConstraint(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Basic Constraint extension"); - } - } - if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) { - rv = AddSubKeyID(extHandle, data, subjectCert); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Subject Key Identifier Extension"); - } - } - if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) { - rv = AddAuthKeyID (extHandle, data, issuerNameStr, handle); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Authority Key Identifier extension"); - } - } - if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) { - rv = AddPrivKeyUsagePeriod (extHandle, data, subjectCert); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Private Key Usage Period extension"); - } - } - if (find_field_bool(data, "SubAltName", PR_TRUE)) { - rv = AddAltName (extHandle, data, NULL, NULL, 0); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Subject Alternative Name extension"); - } - } - if (find_field_bool(data, "IssuerAltName", PR_TRUE)) { - rv = AddAltName (extHandle, data, issuerNameStr, handle, 1); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Issuer Alternative Name Extension"); - } - } - if (find_field_bool(data, "NameConstraints", PR_TRUE)) { - rv = AddNameConstraints(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Name Constraints Extension"); - } - } - if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) { - rv = AddNscpCertType(extHandle, data); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Certificate Type Extension"); - } - } - if (find_field_bool(data, "netscape-base-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, "netscape-base-url-text", - PR_TRUE), - find_field_bool(data, - "netscape-base-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_BASE_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Base URL Extension"); - } - } - if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-revocation-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-revocation-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_REVOCATION_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Revocation URL Extension"); - } - } - if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ca-revocation-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-ca-revocation-url-crit" - , PR_TRUE), - SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape CA Revocation URL Extension"); - } - } - if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-cert-renewal-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-cert-renewal-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension"); - } - } - if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ca-policy-url-text", - PR_TRUE), - find_field_bool - (data, "netscape-ca-policy-url-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_CA_POLICY_URL); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape CA Policy URL Extension"); - } - } - if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, - "netscape-ssl-server-name-text", - PR_TRUE), - find_field_bool - (data, "netscape-ssl-server-name-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape SSL Server Name Extension"); - } - } - if (find_field_bool(data, "netscape-comment", PR_TRUE)) { - rv = add_IA5StringExtension(extHandle, - find_field(data, "netscape-comment-text", - PR_TRUE), - find_field_bool(data, - "netscape-comment-crit", - PR_TRUE), - SEC_OID_NS_CERT_EXT_COMMENT); - if (rv != SECSuccess) { - error_out("ERROR: Unable to add Netscape Comment Extension"); - } - } - CERT_FinishExtensions(extHandle); - return (rv); -} - - - -char * -return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data) -{ - char *rv; - - /* don't clobber our poor smart card */ - if (retry == PR_TRUE) { - return NULL; - } - rv = PORT_Alloc(sizeof(char) * 4); - PORT_Strcpy(rv, "foo"); - return rv; -} - - -SECKEYPrivateKey * -FindPrivateKeyFromNameStr(char *name, - CERTCertDBHandle *certHandle) -{ - SECKEYPrivateKey *key; - CERTCertificate *cert; - SECStatus status = SECSuccess; - - - cert = CERT_FindCertByNameString(certHandle, name); - if (cert == NULL) { - error_out("ERROR: Unable to retrieve issuers certificate"); - } - key = PK11_FindKeyByAnyCert(cert, NULL); - return key; -} - -static SECItem * -SignCert(CERTCertificate *cert, - char *issuerNameStr, - Pair *data, - CERTCertDBHandle *handle, - int which_key) -{ - SECItem der; - SECItem *result = NULL; - SECKEYPrivateKey *caPrivateKey = NULL; - SECStatus rv; - PRArenaPool *arena; - SECOidTag algID; - - if (which_key == 0) { - caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle); - } else { - caPrivateKey = privkeys[which_key - 1]; - } - if (caPrivateKey == NULL) { - error_out("ERROR: unable to retrieve issuers key"); - } - - arena = cert->arena; - - switch(caPrivateKey->keyType) { - case rsaKey: - algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - error_out("ERROR: Unknown key type for issuer."); - goto done; - break; - } - - rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0); - if (rv != SECSuccess) { - error_out("ERROR: Could not set signature algorithm id."); - } - - if (find_field_bool(data,"ver-1", PR_TRUE)) { - *(cert->version.data) = 0; - cert->version.len = 1; - } else { - *(cert->version.data) = 2; - cert->version.len = 1; - } - der.data = NULL; - der.len = 0; - (void) SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate); - if (der.data == NULL) { - error_out("ERROR: Could not encode certificate.\n"); - } - rv = SEC_DerSignData (arena, &(cert->derCert), der.data, der.len, caPrivateKey, - algID); - if (rv != SECSuccess) { - error_out("ERROR: Could not sign encoded certificate data.\n"); - } -done: - SECKEY_DestroyPrivateKey(caPrivateKey); - return &(cert->derCert); -} - - -int -main(int argc, char **argv) -{ - int length = 500; - int remaining = 500; - int n; - int fields = 3; - int i; - int serial; - int chainLen; - int which_key; - char *pos; -#ifdef OFFLINE - char *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iydzPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXcsAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZaOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dtrue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoiceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24"; -#else - char *form_output; -#endif - char *issuerNameStr; - char *certName; - char *DBdir = DB_DIRECTORY; - char *prefixs[10] = {"CA#1-", "CA#2-", "CA#3-", - "CA#4-", "CA#5-", "CA#6-", - "CA#7-", "CA#8-", "CA#9-", ""}; - Pair *form_data; - CERTCertificate *cert; - CERTCertDBHandle *handle; - CERTCertificateRequest *certReq = NULL; - int warpmonths = 0; - SECItem *certDER; -#ifdef FILEOUT - FILE *outfile; -#endif - SECStatus status = SECSuccess; - extern char prefix[PREFIX_LEN]; - SEC_PKCS7ContentInfo *certChain; - SECItem *encodedCertChain; - PRBool UChain = PR_FALSE; - - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - -#ifdef TEST - sleep(20); -#endif - RNG_SystemInfoForRNG(); - SECU_ConfigDirectory(DBdir); - - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - - PK11_SetPasswordFunc(return_dbpasswd); - NSS_InitReadWrite(DBdir); - if (status != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - handle = CERT_GetDefaultCertDB(); - - prefix[0]= '\0'; -#if !defined(OFFLINE) - form_output = (char*) PORT_Alloc(length); - if (form_output == NULL) { - error_allocate(); - } - pos = form_output; - while (feof(stdin) == 0 ) { - if (remaining <= 1) { - remaining += length; - length = length * 2; - form_output = PORT_Realloc(form_output, (length)); - if (form_output == NULL) { - error_allocate(); - } - pos = form_output + length - remaining; - } - n = fread(pos, sizeof(char), (size_t) (remaining - 1), stdin); - pos += n; - remaining -= n; - } - *pos = '&'; - pos++; - length = pos - form_output; -#else - length = PORT_Strlen(form_output); -#endif -#ifdef FILEOUT - printf("Content-type: text/plain\n\n"); - fwrite(form_output, sizeof(char), (size_t)length, stdout); - printf("\n"); -#endif -#ifdef FILEOUT - fwrite(form_output, sizeof(char), (size_t)length, stdout); - printf("\n"); - fflush(stdout); -#endif - form_data = make_datastruct(form_output, length); - status = clean_input(form_data); -#if !defined(OFFLINE) - PORT_Free(form_output); -#endif -#ifdef FILEOUT - i = 0; - while(return_name(form_data, i) != NULL) { - printf("%s",return_name(form_data,i)); - printf("=\n"); - printf("%s",return_data(form_data,i)); - printf("\n"); - i++; - } - printf("I got that done, woo hoo\n"); - fflush(stdout); -#endif - issuerNameStr = PORT_Alloc(35 * sizeof(char)); - if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain", - PR_FALSE)) { - UChain = PR_TRUE; - chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE)); - PORT_Strcpy(prefix, prefixs[0]); - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=Cert-O-Matic II, O=Cert-O-Matic II"); - if (chainLen == 0) { - UChain = PR_FALSE; - } - } else { - if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain", - PR_FALSE)) { - PORT_Strcpy(prefix,prefixs[9]); - chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE)); - if (chainLen < 1 || chainLen > 18) { - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=CA18, O=Cert-O-Matic II"); - } - issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA"); - issuerNameStr = PORT_Strcat(issuerNameStr, - find_field(form_data,"autoCAs", PR_FALSE)); - issuerNameStr = PORT_Strcat(issuerNameStr,", O=Cert-O-Matic II"); - } else { - issuerNameStr = PORT_Strcpy(issuerNameStr, - "CN=Cert-O-Matic II, O=Cert-O-Matic II"); - } - chainLen = 0; - } - - i = -1; - which_key = 0; - do { - extern SECStatus cert_GetKeyID(CERTCertificate *cert); - i++; - if (i != 0 && UChain) { - PORT_Strcpy(prefix, prefixs[i]); - } - /* find_field(form_data,"subject", PR_TRUE); */ - certReq = makeCertReq(form_data, which_key); -#ifdef OFFLINE - serial = 900; -#else - serial = get_serial_number(form_data); -#endif - cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE, - serial, warpmonths, form_data); - if (certReq != NULL) { - CERT_DestroyCertificateRequest(certReq); - } - if (find_field_bool(form_data,"ver-3", PR_TRUE)) { - status = add_extensions(cert, form_data, issuerNameStr, handle); - if (status != SECSuccess) { - error_out("ERROR: Unable to add extensions"); - } - } - status = cert_GetKeyID(cert); - if (status == SECFailure) { - error_out("ERROR: Unable to get Key ID."); - } - certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key); - CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE); - issuerNameStr = find_field(form_data, "subject", PR_TRUE); - /* SECITEM_FreeItem(certDER, PR_TRUE); */ - CERT_DestroyCertificate(cert); - if (i == (chainLen - 1)) { - i = 8; - } - ++which_key; - } while (i < 9 && UChain); - - - -#ifdef FILEOUT - outfile = fopen("../certout", "wb"); -#endif - certName = find_field(form_data, "subject", PR_FALSE); - cert = CERT_FindCertByNameString(handle, certName); - certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, handle); - if (certChain == NULL) { - error_out("ERROR: No certificates in cert chain"); - } - encodedCertChain = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, - NULL); - if (encodedCertChain) { -#if !defined(FILEOUT) - printf("Content-type: application/x-x509-user-cert\n\n"); - fwrite (encodedCertChain->data, 1, encodedCertChain->len, stdout); -#else - fwrite (encodedCertChain->data, 1, encodedCertChain->len, outfile); -#endif - - } else { - error_out("Error: Unable to DER encode certificate"); - } -#ifdef FILEOUT - printf("\nI got here!\n"); - fflush(outfile); - fclose(outfile); -#endif - fflush(stdout); - return; -} - - - - - - - - - - - diff --git a/security/nss/cmd/certcgi/index.html b/security/nss/cmd/certcgi/index.html deleted file mode 100644 index d7a80d7a2..000000000 --- a/security/nss/cmd/certcgi/index.html +++ /dev/null @@ -1,956 +0,0 @@ - - - - - - - -Cert-O-Matic - - - - - diff --git a/security/nss/cmd/certcgi/main.html b/security/nss/cmd/certcgi/main.html deleted file mode 100644 index 2c47a8b76..000000000 --- a/security/nss/cmd/certcgi/main.html +++ /dev/null @@ -1,105 +0,0 @@ - - - - Main Layer for CertOMatic - - -
- - - - - - - - - - - - - - - - - - - - - - -
- Common Name:

- 		- Organization:

- MAIL= - - E= - - - - Organizational Unit:

- UID=

- Locality:

- State or Province:

- Country:

- Serial Number: -
Auto Generate -
- Use this value: 

-
- X.509 version: -
Version 1 -
Version 3

- Key Type: -
RSA -
DSA

- Intermediate CA Key Sizes: -
-
- Validity: -
- Generate Automatically -
Use these values: -
Not Before:  -
Not After:    -
         - YYMMDDhhmm[ss]{Z|+hhmm|-hhmm} -
- DN:

-
- diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn deleted file mode 100644 index e065a8e1a..000000000 --- a/security/nss/cmd/certcgi/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIREd. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = certcgi.c - -PROGRAM = certcgi - -USE_STATIC_LIBS = 1 - diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html deleted file mode 100644 index b0d385534..000000000 --- a/security/nss/cmd/certcgi/nscp_ext_form.html +++ /dev/null @@ -1,113 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - -
- Netscape Certificate Type:

- Activate extension:

- Critical: - 		- SSL Client

- SSL Server

- S/MIME

- Object Signing

- Reserved for future use (bit 4)

- SSL CA

- S/MIME CA

- Object Signing CA

-
- Netscape Base URL:

- Activate extension:

- Critical: - 		- -
- Netscape Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Revocation URL:

- Activate extension:

- Critical: - 		- -
- Netscape Certificate Renewal URL:

- Activate extension:

- Critical: - 		- -
- Netscape CA Policy URL:

- Activate extension:

- Critical: - 		- -
- Netscape SSL Server Name:

- Activate extension:

- Critical: - 		- -
- Netscape Comment:

- Activate extension:

- Critical: - 		- -
- - diff --git a/security/nss/cmd/certcgi/stnd_ext_form.html b/security/nss/cmd/certcgi/stnd_ext_form.html deleted file mode 100644 index 26868c62c..000000000 --- a/security/nss/cmd/certcgi/stnd_ext_form.html +++ /dev/null @@ -1,247 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Key Usage:

- Activate extension:

- Critical: - 		- Digital Signature

- Non Repudiation

- Key Encipherment

- Data Encipherment

- Key Agreement

- Key Certificate Signing

- CRL Signing

-
- Extended Key Usage:

- Activate extension:

- Critical: - 		- Server Auth

- Client Auth

- Code Signing

- Email Protection

- Timestamp

- OCSP Responder

- Step-up

-
- Basic Constraints:

- Activate extension:

- Critical: - 		- CA:

-
True

-
False

- - Include Path length:

-
- Authority Key Identifier:

- Activate extension: - 		- Key Identider

- Issuer Name and Serial number

-
- Subject Key Identifier:

- Activate extension: - 		- Key Identifier: -

- This is an:

-

ascii text value

-

hex value

-

- Private Key Usage Period:

- Activate extension:

- Critical: - 		- Use:

-
Not Before

-
Not After

-
Both

- Not to be used to sign before:

-
Set to time of certificate issue

-
Use This value

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

- Not to be used to sign after:

-
(YYYY/MM/DD HH:MM:SS): - / - / - - : - : -

-
- Subject Alternative Name:

- Activate extension:

- Critical: - 		- - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID - Netscape Certificate Nickname
- Name: - Binary Encoded:

-
-
- Issuer Alternative Name:

- Activate extension:

- Critical: - 		- Use the Subject Alternative Name from the Issuers Certificate

- Use this Name: - - - -
- General Names:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

-
-
- Name Constraints:

- Activate extension:

- 		- - - -
- Name Constraints:

-

- - - 		- -
- Name Type:
- Other Name, - OID: - RFC 822 Name
- DNS Name - X400 Address
- Directory Name - EDI Party Name
- Uniform Resource Locator - IP Address
- Registered ID
- Name: - Binary Encoded:

- Constraint type:

-

permited

-

excluded

- Minimum:

- Maximum:

-
-
- - - - - - - - - - diff --git a/security/nss/cmd/certutil/Makefile b/security/nss/cmd/certutil/Makefile deleted file mode 100644 index 8650a607d..000000000 --- a/security/nss/cmd/certutil/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c deleted file mode 100644 index 02350a903..000000000 --- a/security/nss/cmd/certutil/certutil.c +++ /dev/null @@ -1,2671 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** certutil.c -** -** utility for managing certificates and the cert database -** -*/ -#include -#include - -#if defined(WIN32) -#include "fcntl.h" -#include "io.h" -#endif - -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "secasn1.h" -#include "cert.h" -#include "cryptohi.h" -#include "secoid.h" -#include "certdb.h" -#include "nss.h" - -#define MIN_KEY_BITS 512 -#define MAX_KEY_BITS 2048 -#define DEFAULT_KEY_BITS 1024 - -#define GEN_BREAK(e) rv=e; break; - - -extern SECKEYPrivateKey *CERTUTIL_GeneratePrivateKey(KeyType keytype, - PK11SlotInfo *slot, - int rsasize, - int publicExponent, - char *noise, - SECKEYPublicKey **pubkeyp, - char *pqgFile, - char *passFile); - -static char *progName; - -static CERTGeneralName * -GetGeneralName (PRArenaPool *arena) -{ - CERTGeneralName *namesList = NULL; - CERTGeneralName *current; - CERTGeneralName *tail = NULL; - SECStatus rv = SECSuccess; - int intValue; - char buffer[512]; - void *mark; - - PORT_Assert (arena); - mark = PORT_ArenaMark (arena); - do { - puts ("\nSelect one of the following general name type: \n"); - puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n"); - puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n"); - puts ("\t7 - uniformResourceidentifier\n\t8 - ipAddress\n\t9 - registerID\n"); - puts ("\tOther - omit\n\t\tChoice:"); - scanf ("%d", &intValue); - if (intValue >= certOtherName || intValue <= certRegisterID) { - if (namesList == NULL) { - namesList = current = tail = (CERTGeneralName *) PORT_ArenaAlloc - (arena, sizeof (CERTGeneralName)); - } else { - current = (CERTGeneralName *) PORT_ArenaAlloc(arena, - sizeof (CERTGeneralName)); - } - if (current == NULL) { - GEN_BREAK (SECFailure); - } - } else { - break; - } - current->type = intValue; - puts ("\nEnter data:"); - fflush (stdout); - gets (buffer); - switch (current->type) { - case certURI: - case certDNSName: - case certRFC822Name: - current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer)); - if (current->name.other.data == NULL) { - GEN_BREAK (SECFailure); - } - PORT_Memcpy - (current->name.other.data, buffer, current->name.other.len = strlen(buffer)); - break; - - case certEDIPartyName: - case certIPAddress: - case certOtherName: - case certRegisterID: - case certX400Address: { - - current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer) + 2); - if (current->name.other.data == NULL) { - GEN_BREAK (SECFailure); - } - - PORT_Memcpy (current->name.other.data + 2, buffer, strlen (buffer)); - /* This may not be accurate for all cases. For now, use this tag type */ - current->name.other.data[0] = (char)(((current->type - 1) & 0x1f)| 0x80); - current->name.other.data[1] = (char)strlen (buffer); - current->name.other.len = strlen (buffer) + 2; - break; - } - - case certDirectoryName: { - CERTName *directoryName = NULL; - - directoryName = CERT_AsciiToName (buffer); - if (!directoryName) { - fprintf(stderr, "certutil: improperly formatted name: \"%s\"\n", buffer); - break; - } - - rv = CERT_CopyName (arena, ¤t->name.directoryName, directoryName); - CERT_DestroyName (directoryName); - - break; - } - } - if (rv != SECSuccess) - break; - current->l.next = &(namesList->l); - current->l.prev = &(tail->l); - tail->l.next = &(current->l); - tail = current; - - }while (1); - - if (rv != SECSuccess) { - PORT_SetError (rv); - PORT_ArenaRelease (arena, mark); - namesList = NULL; - } - return (namesList); -} - -static SECStatus -GetString(PRArenaPool *arena, char *prompt, SECItem *value) -{ - char buffer[251]; - - value->data = NULL; - value->len = 0; - - puts (prompt); - gets (buffer); - if (strlen (buffer) > 0) { - value->data = PORT_ArenaAlloc (arena, strlen (buffer)); - if (value->data == NULL) { - PORT_SetError (SEC_ERROR_NO_MEMORY); - return (SECFailure); - } - PORT_Memcpy (value->data, buffer, value->len = strlen(buffer)); - } - return (SECSuccess); -} - -static CERTCertificateRequest * -GetCertRequest(PRFileDesc *inFile, PRBool ascii) -{ - CERTCertificateRequest *certReq = NULL; - CERTSignedData signedData; - PRArenaPool *arena = NULL; - SECItem reqDER; - SECStatus rv; - - reqDER.data = NULL; - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == NULL) { - GEN_BREAK (SEC_ERROR_NO_MEMORY); - } - - rv = SECU_ReadDERFromFile(&reqDER, inFile, ascii); - if (rv) - break; - certReq = (CERTCertificateRequest*) PORT_ArenaZAlloc - (arena, sizeof(CERTCertificateRequest)); - if (!certReq) - break; - certReq->arena = arena; - - /* Since cert request is a signed data, must decode to get the inner - data - */ - PORT_Memset(&signedData, 0, sizeof(signedData)); - rv = SEC_ASN1DecodeItem(arena, &signedData, CERT_SignedDataTemplate, - &reqDER); - if (rv) - break; - - rv = SEC_ASN1DecodeItem(arena, certReq, CERT_CertificateRequestTemplate, - &signedData.data); - } while (0); - - if (rv) { - PRErrorCode perr = PR_GetError(); - fprintf(stderr, "%s: unable to decode DER cert request (%s)\n", progName, - SECU_Strerror(perr)); - } - return (certReq); -} - -static PRBool -GetYesNo(char *prompt) -{ - char buf[3]; - - PR_Sync(PR_STDIN); - PR_Write(PR_STDOUT, prompt, strlen(prompt)+1); - PR_Read(PR_STDIN, buf, sizeof(buf)); - return (buf[0] == 'y' || buf[0] == 'Y') ? PR_TRUE : PR_FALSE; -#if 0 - char charValue; - - puts (prompt); - scanf ("%c", &charValue); - if (charValue != 'y' && charValue != 'Y') - return (0); - return (1); -#endif -} - -static SECStatus -AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts, - PRFileDesc *inFile, PRBool ascii, PRBool emailcert) -{ - CERTCertTrust *trust = NULL; - CERTCertificate *cert = NULL, *tempCert = NULL; - SECItem certDER; - SECStatus rv; - - certDER.data = NULL; - do { - /* Read in the entire file specified with the -i argument */ - rv = SECU_ReadDERFromFile(&certDER, inFile, ascii); - if (rv != SECSuccess) { - SECU_PrintError(progName, "unable to read input file"); - break; - } - - /* Read in an ASCII cert and return a CERTCertificate */ - cert = CERT_DecodeCertFromPackage((char *)certDER.data, certDER.len); - if (!cert) { - SECU_PrintError(progName, "could not obtain certificate from file"); - GEN_BREAK(SECFailure); - } - - /* Create a cert trust to pass to SEC_AddPermCertificate */ - trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); - if (!trust) { - SECU_PrintError(progName, "unable to allocate cert trust"); - GEN_BREAK(SECFailure); - } - - rv = CERT_DecodeTrustString(trust, trusts); - if (rv) { - SECU_PrintError(progName, "unable to decode trust string"); - GEN_BREAK(SECFailure); - } - - /* CERT_ImportCert only collects certificates and returns the - * first certficate. It does not insert these certificates into - * the dbase. For now, just call CERT_NewTempCertificate. - * This will result in decoding the der twice. This have to - * be handle properly. - */ - - tempCert = CERT_NewTempCertificate(handle, &cert->derCert, NULL, - PR_FALSE, PR_TRUE); - - if (!PK11_IsInternal(slot)) { - tempCert->trust = trust; - rv = PK11_ImportCertForKeyToSlot(slot, tempCert, name, - PR_FALSE, NULL); - } - - if (tempCert == NULL) { - SECU_PrintError(progName,"unable to add cert to the temp database"); - GEN_BREAK(SECFailure); - } - - rv = CERT_AddTempCertToPerm(tempCert, name, trust); - if (rv) { - SECU_PrintError(progName, "could not add certificate to database"); - GEN_BREAK(SECFailure); - } - - if ( emailcert ) - CERT_SaveSMimeProfile(tempCert, NULL, NULL); - } while (0); - - CERT_DestroyCertificate (tempCert); - CERT_DestroyCertificate (cert); - PORT_Free(trust); - PORT_Free(certDER.data); - - return rv; -} - -static SECStatus -CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType, - CERTName *subject, char *phone, int ascii, PRFileDesc *outFile) -{ - CERTSubjectPublicKeyInfo *spki; - CERTCertificateRequest *cr; - SECItem *encoding; - SECItem result; - SECStatus rv; - PRArenaPool *arena; - PRInt32 numBytes; - - /* Create info about public key */ - spki = SECKEY_CreateSubjectPublicKeyInfo(pubk); - if (!spki) { - SECU_PrintError(progName, "unable to create subject public key"); - return SECFailure; - } - - /* Generate certificate request */ - cr = CERT_CreateCertificateRequest(subject, spki, 0); - if (!cr) { - SECU_PrintError(progName, "unable to make certificate request"); - return SECFailure; - } - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - SECU_PrintError(progName, "out of memory"); - return SECFailure; - } - - /* Der encode the request */ - encoding = SEC_ASN1EncodeItem(arena, NULL, cr, - CERT_CertificateRequestTemplate); - if (encoding == NULL) { - SECU_PrintError(progName, "der encoding of request failed"); - return SECFailure; - } - - /* Sign the request */ - switch (keyType) { - case rsaKey: - rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, - privk, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION); - break; - case dsaKey: - rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len, - privk, SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST); - break; - default: - SECU_PrintError(progName, "Must use rsa or dsa key type"); - return SECFailure; - } - - if (rv) { - SECU_PrintError(progName, "signing of data failed"); - return SECFailure; - } - - /* Encode request in specified format */ - if (ascii) { - char *obuf; - char *name, *email, *org, *state, *country; - SECItem *it; - int total; - - it = &result; - - obuf = BTOA_ConvertItemToAscii(it); - total = PL_strlen(obuf); - - name = CERT_GetCommonName(subject); - if (!name) { - fprintf(stderr, "You must specify a common name\n"); - return SECFailure; - } - - if (!phone) - phone = strdup("(not specified)"); - - email = CERT_GetCertEmailAddress(subject); - if (!email) - email = strdup("(not specified)"); - - org = CERT_GetOrgName(subject); - if (!org) - org = strdup("(not specified)"); - - state = CERT_GetStateName(subject); - if (!state) - state = strdup("(not specified)"); - - country = CERT_GetCountryName(subject); - if (!country) - country = strdup("(not specified)"); - - PR_fprintf(outFile, - "\nCertificate request generated by Netscape certutil\n"); - PR_fprintf(outFile, "Phone: %s\n\n", phone); - PR_fprintf(outFile, "Common Name: %s\n", name); - PR_fprintf(outFile, "Email: %s\n", email); - PR_fprintf(outFile, "Organization: %s\n", org); - PR_fprintf(outFile, "State: %s\n", state); - PR_fprintf(outFile, "Country: %s\n\n", country); - - PR_fprintf(outFile, "%s\n", NS_CERTREQ_HEADER); - numBytes = PR_Write(outFile, obuf, total); - if (numBytes != total) { - SECU_PrintSystemError(progName, "write error"); - return SECFailure; - } - PR_fprintf(outFile, "%s\n", NS_CERTREQ_TRAILER); - } else { - numBytes = PR_Write(outFile, result.data, result.len); - if (numBytes != (int)result.len) { - SECU_PrintSystemError(progName, "write error"); - return SECFailure; - } - } - return SECSuccess; -} - -static SECStatus -ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts) -{ - SECStatus rv; - CERTCertificate *cert; - CERTCertTrust *trust; - - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - return SECFailure; - } - - trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust)); - if (!trust) { - SECU_PrintError(progName, "unable to allocate cert trust"); - return SECFailure; - } - - /* This function only decodes these characters: pPwcTCu, */ - rv = CERT_DecodeTrustString(trust, trusts); - if (rv) { - SECU_PrintError(progName, "unable to decode trust string"); - return SECFailure; - } - - rv = CERT_ChangeCertTrust(handle, cert, trust); - if (rv) { - SECU_PrintError(progName, "unable to modify trust attributes"); - return SECFailure; - } - - return SECSuccess; -} - -static SECStatus -printCertCB(CERTCertificate *cert, void *arg) -{ - SECStatus rv; - SECItem data; - - data.data = cert->derCert.data; - data.len = cert->derCert.len; - - rv = SECU_PrintSignedData(stdout, &data, "Certificate", 0, - SECU_PrintCertificate); - if (rv) { - SECU_PrintError(progName, "problem printing certificate"); - return(SECFailure); - } - SECU_PrintTrustFlags(stdout, &cert->dbEntry->trust, - "Certificate Trust Flags", 1); - - printf("\n"); - - return(SECSuccess); -} - -static SECStatus -listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot, - PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg) -{ - CERTCertificate *cert; - SECItem data; - PRInt32 numBytes; - SECStatus rv; - - /* For now, split handling of slot to internal vs. other. slot should - * probably be allowed to be NULL so that all slots can be listed. - * In that case, need to add a call to PK11_TraverseSlotCerts(). - */ - if (PK11_IsInternal(slot)) { - if (name == NULL) { - /* Print all certs in internal slot db. */ - rv = SECU_PrintCertificateNames(handle, PR_STDOUT, - PR_FALSE, PR_TRUE); - if (rv) { - SECU_PrintError(progName, - "problem printing certificate nicknames"); - return SECFailure; - } - } else if (raw || ascii) { - /* Dump binary or ascii DER for the cert to stdout. */ - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, - "could not find certificate named \"%s\"", name); - return SECFailure; - } - data.data = cert->derCert.data; - data.len = cert->derCert.len; - if (ascii) { - PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER, - BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER); - } else if (raw) { - numBytes = PR_Write(outfile, data.data, data.len); - if (numBytes != data.len) { - SECU_PrintSystemError(progName, "error writing raw cert"); - return SECFailure; - } - } - } else { - /* Pretty-print cert. */ - rv = CERT_TraversePermCertsForNickname(handle, name, printCertCB, - NULL); - } - } else { - /* List certs on a non-internal slot. */ - if (PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, pwarg); - rv = PK11_TraverseCertsInSlot(slot, SECU_PrintCertNickname, stdout); - if (rv) { - SECU_PrintError(progName, "problem printing certificate nicknames"); - return SECFailure; - } - } - - return SECSuccess; /* not rv ?? */ -} - -static SECStatus -ListCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot, - PRBool raw, PRBool ascii, PRFileDesc *outfile, char *passFile) -{ - SECStatus rv; - secuPWData pwdata = { PW_NONE, 0 }; - - if (passFile) { - pwdata.source = PW_FROMFILE; - pwdata.data = passFile; - } - - if (slot == NULL) { - PK11SlotList *list; - PK11SlotListElement *le; - - list= PK11_GetAllTokens(CKM_INVALID_MECHANISM, - PR_FALSE,PR_FALSE,&pwdata); - if (list) for (le = list->head; le; le = le->next) { - rv = listCerts(handle,name,le->slot,raw,ascii,outfile,&pwdata); - } - } else { - rv = listCerts(handle,name,slot,raw,ascii,outfile,&pwdata); - } - return rv; -} - - -static SECStatus -DeleteCert(CERTCertDBHandle *handle, char *name) -{ - SECStatus rv; - CERTCertificate *cert; - - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - return SECFailure; - } - - rv = SEC_DeletePermCertificate(cert); - if (rv) { - SECU_PrintError(progName, "unable to delete certificate"); - return SECFailure; - } - - return SECSuccess; -} - -static SECStatus -ValidateCert(CERTCertDBHandle *handle, char *name, char *date, - char *certUsage, PRBool checkSig, PRBool logit) -{ - SECStatus rv; - CERTCertificate *cert; - int64 timeBoundary; - SECCertUsage usage; - CERTVerifyLog reallog; - CERTVerifyLog *log = NULL; - - switch (*certUsage) { - case 'C': - usage = certUsageSSLClient; - break; - case 'V': - usage = certUsageSSLServer; - break; - case 'S': - usage = certUsageEmailSigner; - break; - case 'R': - usage = certUsageEmailRecipient; - break; - default: - PORT_SetError (SEC_ERROR_INVALID_ARGS); - return (SECFailure); - } - do { - cert = CERT_FindCertByNicknameOrEmailAddr(handle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - name); - GEN_BREAK (SECFailure) - } - - if (date != NULL) { - rv = DER_AsciiToTime(&timeBoundary, date); - if (rv) { - SECU_PrintError(progName, "invalid input date"); - GEN_BREAK (SECFailure) - } - } else { - timeBoundary = PR_Now(); - } - - if ( logit ) { - log = &reallog; - - log->count = 0; - log->head = NULL; - log->tail = NULL; - log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( log->arena == NULL ) { - SECU_PrintError(progName, "out of memory"); - GEN_BREAK (SECFailure) - } - } - - rv = CERT_VerifyCert(handle, cert, checkSig, usage, - timeBoundary, NULL, log); - if ( log ) { - if ( log->head == NULL ) { - fprintf(stdout, "%s: certificate is valid\n", progName); - GEN_BREAK (SECSuccess) - } else { - char *name; - CERTVerifyLogNode *node; - - node = log->head; - while ( node ) { - if ( node->cert->nickname != NULL ) { - name = node->cert->nickname; - } else { - name = node->cert->subjectName; - } - fprintf(stderr, "%s : %s\n", name, - SECU_Strerror(node->error)); - CERT_DestroyCertificate(node->cert); - node = node->next; - } - } - } else { - if (rv != SECSuccess) { - PRErrorCode perr = PORT_GetError(); - fprintf(stdout, "%s: certificate is invalid: %s\n", - progName, SECU_Strerror(perr)); - GEN_BREAK (SECFailure) - } - fprintf(stdout, "%s: certificate is valid\n", progName); - GEN_BREAK (SECSuccess) - } - } while (0); - - return (rv); -} - -#ifdef notdef -static SECStatus -DumpPublicKey(int dbindex, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *privKey; - SECKEYLowPublicKey *publicKey; - - if (dbindex) { - /*privKey = secu_GetPrivKeyFromIndex(dbindex);*/ - } else { - privKey = GetPrivKeyFromNickname(nickname); - } - publicKey = SECKEY_LowConvertToPublicKey(privKey); - - /* Output public key (in the clear) */ - switch(publicKey->keyType) { - case rsaKey: - fprintf(out, "RSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent, - "publicExponent", 1); - break; - case dsaKey: - fprintf(out, "DSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime, - "subPrime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -DumpPrivateKey(int dbindex, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *key; - if (dbindex) { - /*key = secu_GetPrivKeyFromIndex(dbindex);*/ - } else { - key = GetPrivKeyFromNickname(nickname); - } - - switch(key->keyType) { - case rsaKey: - fprintf(out, "RSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.privateExponent, - "privateExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1); - SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent2", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1); - SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1); - break; - case dsaKey: - fprintf(out, "DSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1); - SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} -#endif - -static SECStatus -printKeyCB(SECKEYPublicKey *key, SECItem *data, void *arg) -{ - if (key->keyType == rsaKey) { - fprintf(stdout, "RSA Public-Key:\n"); - SECU_PrintInteger(stdout, &key->u.rsa.modulus, "modulus", 1); - } else { - fprintf(stdout, "DSA Public-Key:\n"); - SECU_PrintInteger(stdout, &key->u.dsa.publicValue, "publicValue", 1); - } - return SECSuccess; -} - -/* callback for listing certs through pkcs11 */ -SECStatus -secu_PrintKeyFromCert(CERTCertificate *cert, void *data) -{ - FILE *out; - char *name; - SECKEYPublicKey *key; - - out = (FILE *)data; - key = CERT_ExtractPublicKey(cert); - if (!key) { - fprintf(out, "XXX could not extract key for %s.\n", cert->nickname); - return SECFailure; - } - /* XXX should have a type field also */ - fprintf(out, "<%d> %s\n", 0, cert->nickname); - - return SECSuccess; -} - -static SECStatus -listKeys(PK11SlotInfo *slot, KeyType keyType, void *pwarg) -{ - SECStatus rv = SECSuccess; - -#ifdef notdef - if (PK11_IsInternal(slot)) { - /* Print all certs in internal slot db. */ - rv = SECU_PrintKeyNames(SECKEY_GetDefaultKeyDB(), stdout); - if (rv) { - SECU_PrintError(progName, "problem listing keys"); - return SECFailure; - } - } else { -#endif - /* XXX need a function as below */ - /* could iterate over certs on slot and print keys */ - /* this would miss stranded keys */ - /*rv = PK11_TraverseSlotKeys(slotname, keyType, printKeyCB, NULL, NULL);*/ - if (PK11_NeedLogin(slot)) - PK11_Authenticate(slot, PR_TRUE, pwarg); - rv = PK11_TraverseCertsInSlot(slot, secu_PrintKeyFromCert, stdout); - if (rv) { - SECU_PrintError(progName, "problem listing keys"); - return SECFailure; - } - return SECSuccess; -#ifdef notdef - } - return rv; -#endif -} - -static SECStatus -ListKeys(PK11SlotInfo *slot, char *keyname, int index, - KeyType keyType, PRBool dopriv, char *passFile) -{ - SECStatus rv = SECSuccess; - secuPWData pwdata = { PW_NONE, 0 }; - - if (passFile) { - pwdata.source = PW_FROMFILE; - pwdata.data = passFile; - } - -#ifdef notdef - if (keyname) { - if (dopriv) { - return DumpPrivateKey(index, keyname, stdout); - } else { - return DumpPublicKey(index, keyname, stdout); - } - } -#endif - /* For now, split handling of slot to internal vs. other. slot should - * probably be allowed to be NULL so that all slots can be listed. - * In that case, need to add a call to PK11_TraverseSlotCerts(). - */ - if (slot == NULL) { - PK11SlotList *list; - PK11SlotListElement *le; - - list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,&pwdata); - if (list) for (le = list->head; le; le = le->next) { - rv = listKeys(le->slot,keyType,&pwdata); - } - } else { - rv = listKeys(slot,keyType,&pwdata); - } - return rv; -} - -#ifdef notdef -static SECStatus -DeleteKey(SECKEYKeyDBHandle *handle, char *nickname) -{ - SECStatus rv; - - rv = SECU_DeleteKeyByName(handle, nickname); - if (rv != SECSuccess) { - SECU_PrintError("problem deleting private key \"%s\"\n", nickname); - } - return rv; -} -#endif - - -/* - * L i s t M o d u l e s - * - * Print a list of the PKCS11 modules that are - * available. This is useful for smartcard people to - * make sure they have the drivers loaded. - * - */ -static SECStatus -ListModules(void) -{ - PK11SlotList *list; - PK11SlotListElement *le; - - /* get them all! */ - list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,NULL); - if (list == NULL) return SECFailure; - - /* look at each slot*/ - for (le = list->head ; le; le = le->next) { - printf ("\n"); - printf (" slot: %s\n", PK11_GetSlotName(le->slot)); - printf (" token: %s\n", PK11_GetTokenName(le->slot)); - } - PK11_FreeSlotList(list); - - return SECSuccess; -} - -static void -Usage(char *progName) -{ -#define FPS fprintf(stderr, - FPS "Type %s -H for more detailed descriptions\n", progName); - FPS "Usage: %s -N [-d certdir] [-P dbprefix] [-f pwfile]\n", progName); - FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", - progName); - FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n" - "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" - "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5] [-6]\n", - progName); - FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n", - progName); - FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n" - "\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n" - "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|rsa|all]\n", - progName); - FPS "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"); - FPS "\t%s -L [-n cert-name] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName); - FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n", - progName); - FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n" - "\t\t [-k key-type] [-h token-name] [-f pwfile] [-g key-size]\n", - progName); - FPS "\t%s -V -n cert-name -u usage [-b time] [-e] [-d certdir] [-P dbprefix]\n", - progName); - FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n" - "\t\t [-k key-type] [-h token-name] [-g key-size]\n" - "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n" - "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n" - "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6]\n", - progName); - FPS "\t%s -U [-d certdir] [-P dbprefix]\n", progName); - exit(-1); -} - -static void LongUsage(char *progName) -{ - - FPS "%-15s Add a certificate to the database (create if needed)\n", - "-A"); - FPS "%-15s Add an Email certificate to the database (create if needed)\n", - "-E"); - FPS "%-20s Specify the nickname of the certificate to add\n", - " -n cert-name"); - FPS "%-20s Set the certificate trust attributes:\n", - " -t trustargs"); - FPS "%-25s p \t valid peer\n", ""); - FPS "%-25s P \t trusted peer (implies p)\n", ""); - FPS "%-25s c \t valid CA\n", ""); - FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", ""); - FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", ""); - FPS "%-25s u \t user cert\n", ""); - FPS "%-25s w \t send warning\n", ""); -#ifdef DEBUG_NSSTEAM_ONLY - FPS "%-25s g \t make step-up cert\n", ""); -#endif /* DEBUG_NSSTEAM_ONLY */ - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n", - " -a"); - FPS "%-20s Specify the certificate file (default is stdin)\n", - " -i input"); - FPS "\n"); - - FPS "%-15s Create a new binary certificate from a BINARY cert request\n", - "-C"); - FPS "%-20s The nickname of the issuer cert\n", - " -c issuer-name"); - FPS "%-20s The BINARY certificate request file\n", - " -i cert-request "); - FPS "%-20s Output binary cert to this file (default is stdout)\n", - " -o output-cert"); - FPS "%-20s Self sign\n", - " -x"); - FPS "%-20s Cert serial number\n", - " -m serial-number"); - FPS "%-20s Time Warp\n", - " -w warp-months"); - FPS "%-20s Months valid (default is 3)\n", - " -v months-valid"); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Create key usage extension\n", - " -1 "); - FPS "%-20s Create basic constraint extension\n", - " -2 "); - FPS "%-20s Create authority key ID extension\n", - " -3 "); - FPS "%-20s Create crl distribution point extension\n", - " -4 "); - FPS "%-20s Create netscape cert type extension\n", - " -5 "); - FPS "%-20s Create extended key usage extension\n", - " -6 "); - FPS "\n"); - - FPS "%-15s Generate a new key pair\n", - "-G"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Key size in bits, (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n", - " -y exp"); - FPS "%-20s Specify the password file\n", - " -f password-file"); - FPS "%-20s Specify the noise file to be used\n", - " -z noisefile"); - FPS "%-20s read PQG value from pqgfile (dsa only)\n", - " -q pqgfile"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Delete a certificate from the database\n", - "-D"); - FPS "%-20s The nickname of the cert to delete\n", - " -n cert-name"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/ - "-U"); - FPS "%-20s Module database directory (default is '~/.netscape')\n", - " -d moddir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - - FPS "%-15s List all keys\n", /*, or print out a single named key\n",*/ - "-K"); - FPS "%-20s Name of token in which to look for keys (default is internal," - " use \"all\" to list keys on all tokens)\n", - " -h token-name "); - FPS "%-20s Type of key pair to list (\"all\", \"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Specify the password file\n", - " -f password-file"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s List all certs, or print out a single named cert\n", - "-L"); - FPS "%-20s Pretty print named cert (list all if unspecified)\n", - " -n cert-name"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s For single cert, print binary DER encoding\n", - " -r"); - FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n", - " -a"); - FPS "\n"); - - FPS "%-15s Modify trust attributes of certificate\n", - "-M"); - FPS "%-20s The nickname of the cert to modify\n", - " -n cert-name"); - FPS "%-20s Set the certificate trust attributes (see -A above)\n", - " -t trustargs"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Create a new certificate database\n", - "-N"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Generate a certificate request (stdout)\n", - "-R"); - FPS "%-20s Specify the subject name (using RFC1485)\n", - " -s subject"); - FPS "%-20s Output the cert request to this file\n", - " -o output-req"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Key database directory (default is ~/.netscape)\n", - " -d keydir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", - " -p phone"); - FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n", - " -a"); - FPS "\n"); - - FPS "%-15s Validate a certificate\n", - "-V"); - FPS "%-20s The nickname of the cert to Validate\n", - " -n cert-name"); - FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n", - " -b time"); - FPS "%-20s Check certificate signature \n", - " -e "); - FPS "%-20s Specify certificate usage:\n", " -u certusage"); - FPS "%-25s C \t SSL Client\n", ""); - FPS "%-25s V \t SSL Server\n", ""); - FPS "%-25s S \t Email signer\n", ""); - FPS "%-25s R \t Email Recipient\n", ""); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "\n"); - - FPS "%-15s Make a certificate and add to database\n", - "-S"); - FPS "%-20s Specify the nickname of the cert\n", - " -n key-name"); - FPS "%-20s Specify the subject name (using RFC1485)\n", - " -s subject"); - FPS "%-20s The nickname of the issuer cert\n", - " -c issuer-name"); - FPS "%-20s Set the certificate trust attributes (see -A above)\n", - " -t trustargs"); - FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n", - " -k key-type"); - FPS "%-20s Name of token in which to generate key (default is internal)\n", - " -h token-name"); - FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n", - " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS); - FPS "%-20s Self sign\n", - " -x"); - FPS "%-20s Cert serial number\n", - " -m serial-number"); - FPS "%-20s Time Warp\n", - " -w warp-months"); - FPS "%-20s Months valid (default is 3)\n", - " -v months-valid"); - FPS "%-20s Specify the password file\n", - " -f pwfile"); - FPS "%-20s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-20s Cert & Key database prefix\n", - " -P dbprefix"); - FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n", - " -p phone"); - FPS "%-20s Create key usage extension\n", - " -1 "); - FPS "%-20s Create basic constraint extension\n", - " -2 "); - FPS "%-20s Create authority key ID extension\n", - " -3 "); - FPS "%-20s Create crl distribution point extension\n", - " -4 "); - FPS "%-20s Create netscape cert type extension\n", - " -5 "); - FPS "%-20s Create extended key usage extension\n", - " -6 "); - FPS "\n"); - - exit(-1); -#undef FPS -} - - -static CERTCertificate * -MakeV1Cert( CERTCertDBHandle * handle, - CERTCertificateRequest *req, - char * issuerNickName, - PRBool selfsign, - int serialNumber, - int warpmonths, - int validitylength) -{ - CERTCertificate *issuerCert = NULL; - CERTValidity *validity; - CERTCertificate *cert = NULL; -#ifndef NSPR20 - PRTime printableTime; - int64 now, after; -#else - PRExplodedTime printableTime; - PRTime now, after; -#endif - - - - if ( !selfsign ) { - issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName); - if (!issuerCert) { - SECU_PrintError(progName, "could not find certificate named \"%s\"", - issuerNickName); - return NULL; - } - } - - now = PR_Now(); -#ifndef NSPR20 - PR_ExplodeGMTTime (&printableTime, now); -#else - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); -#endif - if ( warpmonths ) { -#ifndef NSPR20 - printableTime.tm_mon += warpmonths; - now = PR_ImplodeTime (&printableTime, 0, 0); - PR_ExplodeGMTTime (&printableTime, now); -#else - printableTime.tm_month += warpmonths; - now = PR_ImplodeTime (&printableTime); - PR_ExplodeTime (now, PR_GMTParameters, &printableTime); -#endif - } -#ifndef NSPR20 - printableTime.tm_mon += validitylength; - printableTime.tm_mon += 3; - after = PR_ImplodeTime (&printableTime, 0, 0); - -#else - printableTime.tm_month += validitylength; - printableTime.tm_month += 3; - after = PR_ImplodeTime (&printableTime); -#endif - - /* note that the time is now in micro-second unit */ - validity = CERT_CreateValidity (now, after); - - if ( selfsign ) { - cert = CERT_CreateCertificate - (serialNumber,&(req->subject), validity, req); - } else { - cert = CERT_CreateCertificate - (serialNumber,&(issuerCert->subject), validity, req); - } - - CERT_DestroyValidity(validity); - if ( issuerCert ) { - CERT_DestroyCertificate (issuerCert); - } - - return(cert); -} - -static SECStatus -AddKeyUsage (void *extHandle) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - char buffer[5]; - int value; - - while (1) { - fprintf(stdout, "%-25s 0 - Digital Signature\n", ""); - fprintf(stdout, "%-25s 1 - Non-repudiation\n", ""); - fprintf(stdout, "%-25s 2 - Key encipherment\n", ""); - fprintf(stdout, "%-25s 3 - Data encipherment\n", ""); - fprintf(stdout, "%-25s 4 - Key agreement\n", ""); - fprintf(stdout, "%-25s 5 - Cert signning key\n", ""); - fprintf(stdout, "%-25s 6 - CRL signning key\n", ""); - fprintf(stdout, "%-25s Other to finish\n", ""); - if (gets (buffer)) { - value = atoi (buffer); - if (value < 0 || value > 6) - break; - keyUsage |= (0x80 >> value); - } - else { /* gets() returns NULL on EOF or error */ - break; - } - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE)); - -} - - -static CERTOidSequence * -CreateOidSequence(void) -{ - CERTOidSequence *rv = (CERTOidSequence *)NULL; - PRArenaPool *arena = (PRArenaPool *)NULL; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if( (PRArenaPool *)NULL == arena ) { - goto loser; - } - - rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence)); - if( (CERTOidSequence *)NULL == rv ) { - goto loser; - } - - rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *)); - if( (SECItem **)NULL == rv->oids ) { - goto loser; - } - - rv->arena = arena; - return rv; - - loser: - if( (PRArenaPool *)NULL != arena ) { - PORT_FreeArena(arena, PR_FALSE); - } - - return (CERTOidSequence *)NULL; -} - -static SECStatus -AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag) -{ - SECItem **oids; - PRUint32 count = 0; - SECOidData *od; - - od = SECOID_FindOIDByTag(oidTag); - if( (SECOidData *)NULL == od ) { - return SECFailure; - } - - for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) { - count++; - } - - /* ArenaZRealloc */ - - { - PRUint32 i; - - oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2)); - if( (SECItem **)NULL == oids ) { - return SECFailure; - } - - for( i = 0; i < count; i++ ) { - oids[i] = os->oids[i]; - } - - /* ArenaZFree(os->oids); */ - } - - os->oids = oids; - os->oids[count] = &od->oid; - - return SECSuccess; -} - -static SECItem * -EncodeOidSequence(CERTOidSequence *os) -{ - SECItem *rv; - extern const SEC_ASN1Template CERT_OidSeqTemplate[]; - - rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem)); - if( (SECItem *)NULL == rv ) { - goto loser; - } - - if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) { - goto loser; - } - - return rv; - - loser: - return (SECItem *)NULL; -} - -static SECStatus -AddExtKeyUsage (void *extHandle) -{ - char buffer[5]; - int value; - CERTOidSequence *os; - SECStatus rv; - SECItem *item; - - os = CreateOidSequence(); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - while (1) { - fprintf(stdout, "%-25s 0 - Server Auth\n", ""); - fprintf(stdout, "%-25s 1 - Client Auth\n", ""); - fprintf(stdout, "%-25s 2 - Code Signing\n", ""); - fprintf(stdout, "%-25s 3 - Email Protection\n", ""); - fprintf(stdout, "%-25s 4 - Timestamp\n", ""); - fprintf(stdout, "%-25s 5 - OSCP Responder\n", ""); -#ifdef DEBUG_NSSTEAM_ONLY - fprintf(stdout, "%-25s 6 - Step-up\n", ""); -#endif /* DEBUG_NSSTEAM_ONLY */ - fprintf(stdout, "%-25s Other to finish\n", ""); - - gets(buffer); - value = atoi(buffer); - - switch( value ) { - case 0: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH); - break; - case 1: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH); - break; - case 2: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN); - break; - case 3: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT); - break; - case 4: - rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP); - break; - case 5: - rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER); - break; -#ifdef DEBUG_NSSTEAM_ONLY - case 6: - rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED); - break; -#endif /* DEBUG_NSSTEAM_ONLY */ - default: - goto endloop; - } - - if( SECSuccess != rv ) goto loser; - } - - endloop:; - item = EncodeOidSequence(os); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item, - ((buffer[0] == 'y' || buffer[0] == 'Y') - ? PR_TRUE : PR_FALSE), PR_TRUE); - /*FALLTHROUGH*/ - loser: - CERT_DestroyOidSequence(os); - return rv; -} - -static SECStatus -AddNscpCertType (void *extHandle) -{ - SECItem bitStringValue; - unsigned char keyUsage = 0x0; - char buffer[5]; - int value; - - while (1) { - fprintf(stdout, "%-25s 0 - SSL Client\n", ""); - fprintf(stdout, "%-25s 1 - SSL Server\n", ""); - fprintf(stdout, "%-25s 2 - S/MIME\n", ""); - fprintf(stdout, "%-25s 3 - Object Signing\n", ""); - fprintf(stdout, "%-25s 4 - Reserved for futuer use\n", ""); - fprintf(stdout, "%-25s 5 - SSL CA\n", ""); - fprintf(stdout, "%-25s 6 - S/MIME CA\n", ""); - fprintf(stdout, "%-25s 7 - Object Signing CA\n", ""); - fprintf(stdout, "%-25s Other to finish\n", ""); - gets (buffer); - value = atoi (buffer); - if (value < 0 || value > 7) - break; - keyUsage |= (0x80 >> value); - } - - bitStringValue.data = &keyUsage; - bitStringValue.len = 1; - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - return (CERT_EncodeAndAddBitStrExtension - (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE)); - -} - -typedef SECStatus (* EXTEN_VALUE_ENCODER) - (PRArenaPool *extHandle, void *value, SECItem *encodedValue); - -static SECStatus -EncodeAndAddExtensionValue( - PRArenaPool * arena, - void * extHandle, - void * value, - PRBool criticality, - int extenType, - EXTEN_VALUE_ENCODER EncodeValueFn) -{ - SECItem encodedValue; - SECStatus rv; - - - encodedValue.data = NULL; - encodedValue.len = 0; - do { - rv = (*EncodeValueFn)(arena, value, &encodedValue); - if (rv != SECSuccess) - break; - - rv = CERT_AddExtension - (extHandle, extenType, &encodedValue, criticality,PR_TRUE); - } while (0); - - return (rv); -} - -static SECStatus -AddBasicConstraint(void *extHandle) -{ - CERTBasicConstraints basicConstraint; - SECItem encodedValue; - SECStatus rv; - char buffer[10]; - - encodedValue.data = NULL; - encodedValue.len = 0; - do { - basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT; - puts ("Is this a CA certificate [y/n]?"); - gets (buffer); - basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ? - PR_TRUE : PR_FALSE; - - puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:"); - gets (buffer); - if (PORT_Strlen (buffer) > 0) - basicConstraint.pathLenConstraint = atoi (buffer); - - rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, &encodedValue); - if (rv) - return (rv); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - rv = CERT_AddExtension - (extHandle, SEC_OID_X509_BASIC_CONSTRAINTS, - &encodedValue, (buffer[0] == 'y' || buffer[0] == 'Y') ? - PR_TRUE : PR_FALSE ,PR_TRUE); - } while (0); - PORT_Free (encodedValue.data); - return (rv); -} - -static SECItem * -SignCert(CERTCertDBHandle *handle, -CERTCertificate *cert, PRBool selfsign, -SECKEYPrivateKey *selfsignprivkey, char *issuerNickName, void *pwarg) -{ - SECItem der; - SECItem *result = NULL; - SECKEYPrivateKey *caPrivateKey = NULL; - SECStatus rv; - PRArenaPool *arena; - SECOidTag algID; - void *dummy; - - if( selfsign ) { - caPrivateKey = selfsignprivkey; - } else { - /*CERTCertificate *issuer = CERT_FindCertByNickname(handle, issuerNickName);*/ - CERTCertificate *issuer = PK11_FindCertFromNickname(issuerNickName, pwarg); - if( (CERTCertificate *)NULL == issuer ) { - SECU_PrintError(progName, "unable to find issuer with nickname %s", - issuerNickName); - return (SECItem *)NULL; - } - - caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg); - if (caPrivateKey == NULL) { - SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName); - return NULL; - } - } - - arena = cert->arena; - - switch(caPrivateKey->keyType) { - case rsaKey: - algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - fprintf(stderr, "Unknown key type for issuer."); - goto done; - break; - } - - rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0); - if (rv != SECSuccess) { - fprintf(stderr, "Could not set signature algorithm id."); - goto done; - } - - /* we only deal with cert v3 here */ - *(cert->version.data) = 2; - cert->version.len = 1; - - der.len = 0; - der.data = NULL; - dummy = SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate); - if (!dummy) { - fprintf (stderr, "Could not encode certificate.\n"); - goto done; - } - - result = (SECItem *) PORT_ArenaZAlloc (arena, sizeof (SECItem)); - if (result == NULL) { - fprintf (stderr, "Could not allocate item for certificate data.\n"); - goto done; - } - - rv = SEC_DerSignData (arena, result, der.data, der.len, caPrivateKey, - algID); - if (rv != SECSuccess) { - fprintf (stderr, "Could not sign encoded certificate data.\n"); - PORT_Free(result); - result = NULL; - goto done; - } - cert->derCert = *result; -done: - SECKEY_DestroyPrivateKey(caPrivateKey); - return result; -} - -static SECStatus -AddAuthKeyID (void *extHandle) -{ - CERTAuthKeyID *authKeyID = NULL; - PRArenaPool *arena = NULL; - SECStatus rv = SECSuccess; - char buffer[512]; - - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - SECU_PrintError(progName, "out of memory"); - GEN_BREAK (SECFailure); - } - - if (GetYesNo ("Enter value for the authKeyID extension [y/n]?\n") == 0) - break; - - authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID)); - if (authKeyID == NULL) { - GEN_BREAK (SECFailure); - } - - rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:", - &authKeyID->keyID); - if (rv != SECSuccess) - break; - authKeyID->authCertIssuer = GetGeneralName (arena); - if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError ()) - break; - - - rv = GetString (arena, "Enter value for the authCertSerial field, enter to omit:", - &authKeyID->authCertSerialNumber); - - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = EncodeAndAddExtensionValue - (arena, extHandle, authKeyID, - (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE, - SEC_OID_X509_AUTH_KEY_ID, - (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID); - if (rv) - break; - - } while (0); - if (arena) - PORT_FreeArena (arena, PR_FALSE); - return (rv); -} - -static SECStatus -AddCrlDistPoint(void *extHandle) -{ - PRArenaPool *arena = NULL; - CERTCrlDistributionPoints *crlDistPoints = NULL; - CRLDistributionPoint *current; - SECStatus rv = SECSuccess; - int count = 0, intValue; - char buffer[5]; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) - return (SECFailure); - - do { - current = NULL; - current = PORT_ArenaZAlloc (arena, sizeof (*current)); - if (current == NULL) { - GEN_BREAK (SECFailure); - } - - /* Get the distributionPointName fields - this field is optional */ - puts ("Enter the type of the distribution point name:\n"); - puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: "); - scanf ("%d", &intValue); - switch (intValue) { - case generalName: - current->distPointType = intValue; - current->distPoint.fullName = GetGeneralName (arena); - rv = PORT_GetError(); - break; - - case relativeDistinguishedName: { - CERTName *name; - char buffer[512]; - - current->distPointType = intValue; - puts ("Enter the relative name: "); - fflush (stdout); - gets (buffer); - /* For simplicity, use CERT_AsciiToName to converse from a string - to NAME, but we only interest in the first RDN */ - name = CERT_AsciiToName (buffer); - if (!name) { - GEN_BREAK (SECFailure); - } - rv = CERT_CopyRDN (arena, ¤t->distPoint.relativeName, name->rdns[0]); - CERT_DestroyName (name); - break; - } - } - if (rv != SECSuccess) - break; - - /* Get the reason flags */ - puts ("\nSelect one of the following for the reason flags\n"); - puts ("\t0 - unused\n\t1 - keyCompromise\n\t2 - caCompromise\n\t3 - affiliationChanged\n"); - puts ("\t4 - superseded\n\t5 - cessationOfOperation\n\t6 - certificateHold\n"); - puts ("\tother - omit\t\tChoice: "); - - scanf ("%d", &intValue); - if (intValue >= 0 && intValue <8) { - current->reasons.data = PORT_ArenaAlloc (arena, sizeof(char)); - if (current->reasons.data == NULL) { - GEN_BREAK (SECFailure); - } - *current->reasons.data = (char)(0x80 >> intValue); - current->reasons.len = 1; - } - puts ("Enter value for the CRL Issuer name:\n"); - current->crlIssuer = GetGeneralName (arena); - if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure) - break; - - if (crlDistPoints == NULL) { - crlDistPoints = PORT_ArenaZAlloc (arena, sizeof (*crlDistPoints)); - if (crlDistPoints == NULL) { - GEN_BREAK (SECFailure); - } - } - - crlDistPoints->distPoints = PORT_ArenaGrow (arena, - crlDistPoints->distPoints, - sizeof (*crlDistPoints->distPoints) * count, - sizeof (*crlDistPoints->distPoints) *(count + 1)); - if (crlDistPoints->distPoints == NULL) { - GEN_BREAK (SECFailure); - } - - crlDistPoints->distPoints[count] = current; - ++count; - if (GetYesNo ("Enter more value for the CRL distribution point extension [y/n]\n") == 0) { - /* Add null to the end of the crlDistPoints to mark end of data */ - crlDistPoints->distPoints = PORT_ArenaGrow(arena, - crlDistPoints->distPoints, - sizeof (*crlDistPoints->distPoints) * count, - sizeof (*crlDistPoints->distPoints) *(count + 1)); - crlDistPoints->distPoints[count] = NULL; - break; - } - - - } while (1); - - if (rv == SECSuccess) { - buffer[0] = 'n'; - puts ("Is this a critical extension [y/n]? "); - gets (buffer); - - rv = EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints, - (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE, - SEC_OID_X509_CRL_DIST_POINTS, - (EXTEN_VALUE_ENCODER) CERT_EncodeCRLDistributionPoints); - } - if (arena) - PORT_FreeArena (arena, PR_FALSE); - return (rv); -} - -static SECStatus -CreateCert( - CERTCertDBHandle *handle, - char * issuerNickName, - PRFileDesc *inFile, - PRFileDesc *outFile, - SECKEYPrivateKey *selfsignprivkey, - void *pwarg, - int serialNumber, - int warpmonths, - int validitylength, - PRBool ascii, - PRBool selfsign, - PRBool keyUsage, - PRBool extKeyUsage, - PRBool basicConstraint, - PRBool authKeyID, - PRBool crlDistPoints, - PRBool nscpCertType) -{ - void * extHandle; - SECItem * certDER; - PRArenaPool *arena = NULL; - CERTCertificate *subjectCert = NULL; - /*CERTCertificate *issuerCert = NULL;*/ - CERTCertificateRequest *certReq = NULL; - SECStatus rv = SECSuccess; - SECItem reqDER; - - reqDER.data = NULL; - do { - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) { - GEN_BREAK (SEC_ERROR_NO_MEMORY); - } - - /* Create a certrequest object from the input cert request der */ - certReq = GetCertRequest(inFile, ascii); - if (certReq == NULL) { - GEN_BREAK (SECFailure) - } - - subjectCert = MakeV1Cert (handle, certReq, issuerNickName, selfsign, - serialNumber, warpmonths, validitylength); - if (subjectCert == NULL) { - GEN_BREAK (SECFailure) - } - - extHandle = CERT_StartCertExtensions (subjectCert); - if (extHandle == NULL) { - GEN_BREAK (SECFailure) - } - - /* Add key usage extension */ - if (keyUsage) { - rv = AddKeyUsage(extHandle); - if (rv) - break; - } - - /* Add extended key usage extension */ - if (extKeyUsage) { - rv = AddExtKeyUsage(extHandle); - if (rv) - break; - } - - /* Add basic constraint extension */ - if (basicConstraint) { - rv = AddBasicConstraint(extHandle); - if (rv) - break; - } - - if (authKeyID) { - rv = AddAuthKeyID (extHandle); - if (rv) - break; - } - - - if (crlDistPoints) { - rv = AddCrlDistPoint (extHandle); - if (rv) - break; - } - - if (nscpCertType) { - rv = AddNscpCertType(extHandle); - if (rv) - break; - } - - - CERT_FinishExtensions(extHandle); - - certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName,pwarg); - - if (certDER) { - if (ascii) { - PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CERT_HEADER, - BTOA_DataToAscii(certDER->data, certDER->len), NS_CERT_TRAILER); - } else { - PR_Write(outFile, certDER->data, certDER->len); - } - } - - } while (0); - CERT_DestroyCertificateRequest (certReq); - CERT_DestroyCertificate (subjectCert); - PORT_FreeArena (arena, PR_FALSE); - if (rv != SECSuccess) { - PRErrorCode perr = PR_GetError(); - fprintf(stderr, "%s: unable to create cert (%s)\n", progName, - SECU_Strerror(perr)); - } - return (rv); -} - -/* Certutil commands */ -enum { - cmd_AddCert = 0, - cmd_CreateNewCert, - cmd_DeleteCert, - cmd_AddEmailCert, - cmd_DeleteKey, - cmd_GenKeyPair, - cmd_PrintHelp, - cmd_ListKeys, - cmd_ListCerts, - cmd_ModifyCertTrust, - cmd_NewDBs, - cmd_CertReq, - cmd_CreateAndAddCert, - cmd_ListModules, - cmd_CheckCertValidity, - cmd_ChangePassword, - cmd_Version -}; - -/* Certutil options */ -enum { - opt_AddKeyUsageExt = 0, - opt_AddBasicConstraintExt, - opt_AddAuthorityKeyIDExt, - opt_AddCRLDistPtsExt, - opt_AddNSCertTypeExt, - opt_AddExtKeyUsageExt, - opt_ASCIIForIO, - opt_ValidityTime, - opt_IssuerName, - opt_CertDir, - opt_VerifySig, - opt_PasswordFile, - opt_KeySize, - opt_TokenName, - opt_InputFile, - opt_KeyIndex, - opt_KeyType, - opt_DetailedInfo, - opt_SerialNumber, - opt_Nickname, - opt_OutputFile, - opt_PhoneNumber, - opt_DBPrefix, - opt_PQGFile, - opt_BinaryDER, - opt_Subject, - opt_Trust, - opt_Usage, - opt_Validity, - opt_OffsetMonths, - opt_SelfSign, - opt_Exponent, - opt_NoiseFile -}; - -static secuCommandFlag certutil_commands[] = -{ - { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE }, - { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE }, - { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE }, - { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE }, - { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE }, - { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE }, - { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag certutil_options[] = -{ - { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE }, - { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE }, - { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE }, - { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE }, - { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE }, - { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE }, - { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE }, - { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE }, - { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE }, - { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE }, - { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE }, - { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE }, - { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE }, - { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE }, - { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE }, - { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE }, - { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }, - { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE }, - { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE }, - { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE }, - { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE }, - { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE }, - { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE } -}; - -int -main(int argc, char **argv) -{ - CERTCertDBHandle *certHandle; - PK11SlotInfo *slot = NULL; - CERTName * subject = 0; - PRFileDesc *inFile = 0; - PRFileDesc *outFile = 0; - char * certfile = "tempcert"; - char * certreqfile = "tempcertreq"; - char * slotname = "internal"; - char * certPrefix = ""; - KeyType keytype = rsaKey; - /*char * keyslot = NULL;*/ - /*char * keynickname = NULL;*/ - char * name = NULL; - int keysize = DEFAULT_KEY_BITS; - int publicExponent = 0x010001; - int serialNumber = 0; - int warpmonths = 0; - int validitylength = 0; - int commandsEntered = 0; - char commandToRun = '\0'; - secuPWData pwdata = { PW_NONE, 0 }; - - SECKEYPrivateKey *privkey; - SECKEYPublicKey *pubkey = NULL; - - int i; - SECStatus rv; - - secuCommand certutil; - certutil.numCommands = sizeof(certutil_commands) / sizeof(secuCommandFlag); - certutil.numOptions = sizeof(certutil_options) / sizeof(secuCommandFlag); - certutil.commands = certutil_commands; - certutil.options = certutil_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &certutil); - - if (rv != SECSuccess) - Usage(progName); - - if (certutil.commands[cmd_PrintHelp].activated) - LongUsage(progName); - - if (certutil.options[opt_PasswordFile].arg) { - pwdata.source = PW_FROMFILE; - pwdata.data = certutil.options[opt_PasswordFile].arg; - } - - if (certutil.options[opt_CertDir].activated) - SECU_ConfigDirectory(certutil.options[opt_CertDir].arg); - - if (certutil.options[opt_KeySize].activated) { - keysize = PORT_Atoi(certutil.options[opt_KeySize].arg); - if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) { - PR_fprintf(PR_STDERR, - "%s -g: Keysize must be between %d and %d.\n", - MIN_KEY_BITS, MAX_KEY_BITS); - return -1; - } - } - - /* -h specify token name */ - if (certutil.options[opt_TokenName].activated) { - if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0) - slotname = NULL; - else - slotname = PL_strdup(certutil.options[opt_TokenName].arg); - } - - /* -k key type */ - if (certutil.options[opt_KeyType].activated) { - if (PL_strcmp(certutil.options[opt_KeyType].arg, "rsa") == 0) { - keytype = rsaKey; - } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "dsa") == 0) { - keytype = dsaKey; - } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "all") == 0) { - keytype = nullKey; - } else { - PR_fprintf(PR_STDERR, "%s -k: %s is not a recognized type.\n", - progName, certutil.options[opt_KeyType].arg); - return -1; - } - } - - /* -m serial number */ - if (certutil.options[opt_SerialNumber].activated) { - serialNumber = PORT_Atoi(certutil.options[opt_SerialNumber].arg); - if (serialNumber < 0) { - PR_fprintf(PR_STDERR, "%s -m: %s is not a valid serial number.\n", - progName, certutil.options[opt_SerialNumber].arg); - return -1; - } - } - - /* -P certdb name prefix */ - if (certutil.options[opt_DBPrefix].activated) - certPrefix = strdup(certutil.options[opt_DBPrefix].arg); - - /* -q PQG file */ - if (certutil.options[opt_PQGFile].activated) { - if (keytype != dsaKey) { - PR_fprintf(PR_STDERR, "%s -q: PQG file is for DSA key (-k dsa).\n)", - progName); - return -1; - } - } - - /* -s subject name */ - if (certutil.options[opt_Subject].activated) { - subject = CERT_AsciiToName(certutil.options[opt_Subject].arg); - if (!subject) { - PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n", - progName, certutil.options[opt_Subject].arg); - return -1; - } - } - - /* -v validity period */ - if (certutil.options[opt_Validity].activated) { - validitylength = PORT_Atoi(certutil.options[opt_Validity].arg); - if (validitylength < 0) { - PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n", - progName, certutil.options[opt_Validity].arg); - return -1; - } - } - - /* -w warp months */ - if (certutil.options[opt_OffsetMonths].activated) - warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg); - - /* -y public exponent (for RSA) */ - if (certutil.options[opt_Exponent].activated) { - publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg); - if ((publicExponent != 3) && - (publicExponent != 17) && - (publicExponent != 65537)) { - PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.", - progName, publicExponent); - PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n"); - return -1; - } - } - - /* Check number of commands entered. */ - commandsEntered = 0; - for (i=0; i< certutil.numCommands; i++) { - if (certutil.commands[i].activated) { - commandToRun = certutil.commands[i].flag; - commandsEntered++; - } - if (commandsEntered > 1) - break; - } - if (commandsEntered > 1) { - PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName); - PR_fprintf(PR_STDERR, "You entered: "); - for (i=0; i< certutil.numCommands; i++) { - if (certutil.commands[i].activated) - PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag); - } - PR_fprintf(PR_STDERR, "\n"); - return -1; - } - if (commandsEntered == 0) { - PR_fprintf(PR_STDERR, "%s: you must enter a command!\n", progName); - Usage(progName); - } - - /* -A, -D, -F, -M, -S, -V, and all require -n */ - if ((certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_DeleteCert].activated || - certutil.commands[cmd_DeleteKey].activated || - certutil.commands[cmd_ModifyCertTrust].activated || - certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CheckCertValidity].activated) && - !certutil.options[opt_Nickname].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: nickname is required for this command (-n).\n", - progName, commandToRun); - return -1; - } - - /* -A, -E, -M, -S require trust */ - if ((certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_AddEmailCert].activated || - certutil.commands[cmd_ModifyCertTrust].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_Trust].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: trust is required for this command (-t).\n", - progName, commandToRun); - return -1; - } - - /* if -L is given raw or ascii mode, it must be for only one cert. */ - if (certutil.commands[cmd_ListCerts].activated && - (certutil.options[opt_ASCIIForIO].activated || - certutil.options[opt_BinaryDER].activated) && - !certutil.options[opt_Nickname].activated) { - PR_fprintf(PR_STDERR, - "%s: nickname is required to dump cert in raw or ascii mode.\n", - progName); - return -1; - } - - /* -L can only be in (raw || ascii). */ - if (certutil.commands[cmd_ListCerts].activated && - certutil.options[opt_ASCIIForIO].activated && - certutil.options[opt_BinaryDER].activated) { - PR_fprintf(PR_STDERR, - "%s: cannot specify both -r and -a when dumping cert.\n", - progName); - return -1; - } - - /* For now, deny -C -x combination */ - if (certutil.commands[cmd_CreateNewCert].activated && - certutil.options[opt_SelfSign].activated) { - PR_fprintf(PR_STDERR, - "%s: self-signing a cert request is not supported.\n", - progName); - return -1; - } - - /* If making a cert request, need a subject. */ - if ((certutil.commands[cmd_CertReq].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_Subject].activated) { - PR_fprintf(PR_STDERR, - "%s -%c: subject is required to create a cert request.\n", - progName, commandToRun); - return -1; - } - - /* If making a cert, need a serial number. */ - if ((certutil.commands[cmd_CreateNewCert].activated || - certutil.commands[cmd_CreateAndAddCert].activated) && - !certutil.options[opt_SerialNumber].activated) { - /* Make a default serial number from the current time. */ - PRTime now = PR_Now(); - serialNumber = LL_L2UI(serialNumber, now); - } - - /* Validation needs the usage to validate for. */ - if (certutil.commands[cmd_CheckCertValidity].activated && - !certutil.options[opt_Usage].activated) { - PR_fprintf(PR_STDERR, - "%s -V: specify a usage to validate the cert for (-u).\n", - progName); - return -1; - } - - /* To make a cert, need either a issuer or to self-sign it. */ - if (certutil.commands[cmd_CreateAndAddCert].activated && - !(certutil.options[opt_IssuerName].activated || - certutil.options[opt_SelfSign].activated)) { - PR_fprintf(PR_STDERR, - "%s -S: must specify issuer (-c) or self-sign (-x).\n", - progName); - return -1; - } - - /* Using slotname == NULL for listing keys and certs on all slots, - * but only that. */ - if (!(certutil.commands[cmd_ListKeys].activated || - certutil.commands[cmd_ListCerts].activated) && slotname == NULL) { - PR_fprintf(PR_STDERR, - "%s -%c: cannot use \"-h all\" for this command.\n", - progName, commandToRun); - return -1; - } - - /* Using keytype == nullKey for list all key types, but only that. */ - if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) { - PR_fprintf(PR_STDERR, - "%s -%c: cannot use \"-k all\" for this command.\n", - progName, commandToRun); - return -1; - } - - /* -S open outFile, temporary file for cert request. */ - if (certutil.commands[cmd_CreateAndAddCert].activated) { - outFile = PR_Open(certreqfile, PR_RDWR | PR_CREATE_FILE, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, - "%s -o: unable to open \"%s\" for writing (%ld, %ld)\n", - progName, certreqfile, - PR_GetError(), PR_GetOSError()); - return -1; - } - } - - /* Open the input file. */ - if (certutil.options[opt_InputFile].activated) { - inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, - "%s: unable to open \"%s\" for reading (%ld, %ld).\n", - progName, certutil.options[opt_InputFile].arg, - PR_GetError(), PR_GetOSError()); - return -1; - } - } - - /* Open the output file. */ - if (certutil.options[opt_OutputFile].activated && !outFile) { - outFile = PR_Open(certutil.options[opt_OutputFile].arg, - PR_CREATE_FILE | PR_RDWR, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, - "%s: unable to open \"%s\" for writing (%ld, %ld).\n", - progName, certutil.options[opt_OutputFile].arg, - PR_GetError(), PR_GetOSError()); - return -1; - } - } - - name = SECU_GetOptionArg(&certutil, opt_Nickname); - - PK11_SetPasswordFunc(SECU_GetModulePassword); - - /* Initialize NSPR and NSS. */ - PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix, - "secmod.db", 0); - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - certHandle = CERT_GetDefaultCertDB(); - - if (certutil.commands[cmd_Version].activated) { - int version = CERT_GetDBContentVersion(certHandle); - printf("Certificate database content version: %d\n", version); - } - - if (PL_strcmp(slotname, "internal") == 0) - slot = PK11_GetInternalKeySlot(); - else if (slotname != NULL) - slot = PK11_FindSlotByName(slotname); - - /* If creating new database, initialize the password. */ - if (certutil.commands[cmd_NewDBs].activated) { - SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg); - } - - /* The following 8 options are mutually exclusive with all others. */ - - /* List certs (-L) */ - if (certutil.commands[cmd_ListCerts].activated) { - rv = ListCerts(certHandle, name, slot, - certutil.options[opt_BinaryDER].activated, - certutil.options[opt_ASCIIForIO].activated, - (outFile) ? outFile : PR_STDOUT, - certutil.options[opt_PasswordFile].arg); - return !rv - 1; - } - /* XXX needs work */ - /* List keys (-K) */ - if (certutil.commands[cmd_ListKeys].activated) { - rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/, - certutil.options[opt_PasswordFile].arg); - return !rv - 1; - } - /* List modules (-U) */ - if (certutil.commands[cmd_ListModules].activated) { - rv = ListModules(); - return !rv - 1; - } - /* Delete cert (-D) */ - if (certutil.commands[cmd_DeleteCert].activated) { - rv = DeleteCert(certHandle, name); - return !rv - 1; - } -#ifdef notdef - /* Delete key (-F) */ - if (certutil.commands[cmd_DeleteKey].activated) { - rv = DeleteKey(keyHandle, name); - return !rv - 1; - } -#endif - /* Modify trust attribute for cert (-M) */ - if (certutil.commands[cmd_ModifyCertTrust].activated) { - rv = ChangeTrustAttributes(certHandle, name, - certutil.options[opt_Trust].arg); - return !rv - 1; - } - /* Change key db password (-W) (future - change pw to slot?) */ - if (certutil.commands[cmd_ChangePassword].activated) { - rv = SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg); - return !rv - 1; - } - /* Check cert validity against current time (-V) */ - if (certutil.commands[cmd_CheckCertValidity].activated) { - rv = ValidateCert(certHandle, name, - certutil.options[opt_ValidityTime].arg, - certutil.options[opt_Usage].arg, - certutil.options[opt_VerifySig].activated, - certutil.options[opt_DetailedInfo].activated); - return !rv - 1; - } - - /* - * Key generation - */ - - /* These commands require keygen. */ - if (certutil.commands[cmd_CertReq].activated || - certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_GenKeyPair].activated) { - /* XXX Give it a nickname. */ - privkey = - CERTUTIL_GeneratePrivateKey(keytype, slot, keysize, - publicExponent, - certutil.options[opt_NoiseFile].arg, - &pubkey, - certutil.options[opt_PQGFile].arg, - certutil.options[opt_PasswordFile].arg); - if (privkey == NULL) { - SECU_PrintError(progName, "unable to generate key(s)\n"); - return -1; - } - PORT_Assert(pubkey != NULL); - - /* If all that was needed was keygen, exit. */ - if (certutil.commands[cmd_GenKeyPair].activated) { - return SECSuccess; - } - } - - /* - * Certificate request - */ - - /* Make a cert request (-R or -S). */ - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CertReq].activated) { - rv = CertReq(privkey, pubkey, keytype, subject, - certutil.options[opt_PhoneNumber].arg, - certutil.options[opt_ASCIIForIO].activated, - outFile ? outFile : PR_STDOUT); - if (rv) - return -1; - } - - /* - * Certificate creation - */ - - /* If making and adding a cert, load the cert request file - * and output the cert to another file. - */ - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PR_Close(outFile); - inFile = PR_Open(certreqfile, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certreqfile, PR_GetError(), PR_GetOSError()); - return -1; - } - outFile = PR_Open(certfile, PR_RDWR | PR_CREATE_FILE, 00660); - if (!outFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certfile, PR_GetError(), PR_GetOSError()); - return -1; - } - } - - /* Create a certificate (-C or -S). */ - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_CreateNewCert].activated) { - rv = CreateCert(certHandle, - certutil.options[opt_IssuerName].arg, - inFile, outFile, privkey, &pwdata, - serialNumber, warpmonths, validitylength, - certutil.options[opt_ASCIIForIO].activated, - certutil.options[opt_SelfSign].activated, - certutil.options[opt_AddKeyUsageExt].activated, - certutil.options[opt_AddExtKeyUsageExt].activated, - certutil.options[opt_AddBasicConstraintExt].activated, - certutil.options[opt_AddAuthorityKeyIDExt].activated, - certutil.options[opt_AddCRLDistPtsExt].activated, - certutil.options[opt_AddNSCertTypeExt].activated); - if (rv) - return -1; - } - - /* - * Adding a cert to the database (or slot) - */ - - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PR_Close(inFile); - PR_Close(outFile); - inFile = PR_Open(certfile, PR_RDONLY, 0); - if (!inFile) { - PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n", - certfile, PR_GetError(), PR_GetOSError()); - return -1; - } - } - - if (certutil.commands[cmd_CreateAndAddCert].activated || - certutil.commands[cmd_AddCert].activated || - certutil.commands[cmd_AddEmailCert].activated) { - rv = AddCert(slot, certHandle, name, - certutil.options[opt_Trust].arg, - inFile, - certutil.options[opt_ASCIIForIO].activated, - certutil.commands[cmd_AddEmailCert].activated); - if (rv) - return -1; - } - - if (certutil.commands[cmd_CreateAndAddCert].activated) { - PR_Close(inFile); - PR_Delete(certfile); - PR_Delete(certreqfile); - } - - if ( certHandle ) { - CERT_ClosePermCertDB(certHandle); - } - - return rv; -} diff --git a/security/nss/cmd/certutil/keystuff.c b/security/nss/cmd/certutil/keystuff.c deleted file mode 100644 index d0d5ddd4d..000000000 --- a/security/nss/cmd/certutil/keystuff.c +++ /dev/null @@ -1,498 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#include -#include -#endif - -#if defined(XP_WIN) || defined (XP_PC) -#include -#include -#endif - -#if defined(__sun) && !defined(SVR4) -extern int fclose(FILE*); -extern int fprintf(FILE *, char *, ...); -extern int isatty(int); -extern char *sys_errlist[]; -#define strerror(errno) sys_errlist[errno] -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "pk11func.h" -#include "secrng.h" -#include "pqgutil.h" - -#define NUM_KEYSTROKES 120 -#define RAND_BUF_SIZE 60 - -#define ERROR_BREAK rv = SECFailure;break; - - -static void -UpdateRNG(void) -{ - char * randbuf; - int fd, i, count; - char c; -#ifdef XP_UNIX - cc_t orig_cc_min; - cc_t orig_cc_time; - tcflag_t orig_lflag; - struct termios tio; -#endif - -#define FPS fprintf(stderr, - FPS "\n"); - FPS "A random seed must be generated that will be used in the\n"); - FPS "creation of your key. One of the easiest ways to create a\n"); - FPS "random seed is to use the timing of keystrokes on a keyboard.\n"); - FPS "\n"); - FPS "To begin, type keys on the keyboard until this progress meter\n"); - FPS "is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n"); - FPS "\n"); - FPS "\n"); - FPS "Continue typing until the progress meter is full:\n\n"); - FPS "| |\r"); - - /* turn off echo on stdin & return on 1 char instead of NL */ - fd = fileno(stdin); - -#if defined(XP_UNIX) && !defined(VMS) - tcgetattr(fd, &tio); - orig_lflag = tio.c_lflag; - orig_cc_min = tio.c_cc[VMIN]; - orig_cc_time = tio.c_cc[VTIME]; - tio.c_lflag &= ~ECHO; - tio.c_lflag &= ~ICANON; - tio.c_cc[VMIN] = 1; - tio.c_cc[VTIME] = 0; - tcsetattr(fd, TCSAFLUSH, &tio); -#endif - - /* Get random noise from keyboard strokes */ - randbuf = (char *) PORT_Alloc(RAND_BUF_SIZE); - count = 0; - while (count < NUM_KEYSTROKES+1) { -#ifdef VMS - c = GENERIC_GETCHAR_NOECHO(); -#elif XP_UNIX - c = getc(stdin); -#else - c = getch(); -#endif - RNG_GetNoise(&randbuf[1], sizeof(randbuf)-1); - RNG_RandomUpdate(randbuf, sizeof(randbuf)); - if (c != randbuf[0]) { - randbuf[0] = c; - FPS "\r|"); - for (i=0; iarena = arena; - - buf = (char *)ATOB_AsciiToData(str, &len); - if ((buf == NULL) || (len == 0)) - goto loser; - - status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len); - if (status != SECSuccess) - goto loser; - - return params; - -loser: - if (arena != NULL) - PORT_FreeArena(arena, PR_FALSE); - return NULL; -} - -static int -pqg_prime_bits(char *str) -{ - PQGParams *params = NULL; - int primeBits = 0, i; - - params = decode_pqg_params(str); - if (params == NULL) - goto done; /* lose */ - - for (i = 0; params->prime.data[i] == 0; i++) - /* empty */; - primeBits = (params->prime.len - i) * 8; - -done: - if (params != NULL) - PQG_DestroyParams(params); - return primeBits; -} - -static char * -SECU_GetpqgString(char *filename) -{ - unsigned char phrase[400]; - FILE *fh; - char *rv; - - fh = fopen(filename,"r"); - rv = fgets ((char*) phrase, sizeof(phrase), fh); - - fclose(fh); - if (phrase[strlen(phrase)-1] == '\n') - phrase[strlen(phrase)-1] = '\0'; - if (rv) { - return (char*) PORT_Strdup((char*)phrase); - } - fprintf(stderr,"pqg file contain no data\n"); - return NULL; -} - -PQGParams* -getpqgfromfile(int keyBits, char *pqgFile) -{ - char *end, *str, *pqgString; - int primeBits; - - pqgString = SECU_GetpqgString(pqgFile); - if (pqgString) - str = PORT_Strdup(pqgString); - else - return NULL; - - do { - end = PORT_Strchr(str, ','); - if (end) - *end = '\0'; - primeBits = pqg_prime_bits(str); - if (keyBits == primeBits) - goto found_match; - str = end + 1; - } while (end); - - PORT_Free(pqgString); - PORT_Free(str); - return NULL; - -found_match: - PORT_Free(pqgString); - PORT_Free(str); - return decode_pqg_params(str); -} - -SECKEYPrivateKey * -CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size, - int publicExponent, char *noise, - SECKEYPublicKey **pubkeyp, char *pqgFile, - char *passFile) -{ - CK_MECHANISM_TYPE mechanism; - SECOidTag algtag; - PK11RSAGenParams rsaparams; - PQGParams *dsaparams = NULL; - void *params; - secuPWData pwdata = { PW_NONE, 0 }; - - /* - * Do some random-number initialization. - */ - RNG_SystemInfoForRNG(); - - if (noise) { - RNG_FileForRNG(noise); - } else { - UpdateRNG(); - } - - switch (keytype) { - case rsaKey: - rsaparams.keySizeInBits = size; - rsaparams.pe = publicExponent; - mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; - algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - params = &rsaparams; - break; - case dsaKey: - mechanism = CKM_DSA_KEY_PAIR_GEN; - algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - if (pqgFile) { - dsaparams = getpqgfromfile(size, pqgFile); - } else { - dsaparams = &default_pqg_params; - } - params = dsaparams; - default: - return NULL; - } - - if (slot == NULL) - return NULL; - - if (passFile) { - pwdata.source = PW_FROMFILE; - pwdata.data = passFile; - } - - if (PK11_Authenticate(slot, PR_TRUE, &pwdata) != SECSuccess) - return NULL; - - fprintf(stderr, "\n\n"); - fprintf(stderr, "Generating key. This may take a few moments...\n\n"); - - return PK11_GenerateKeyPair(slot, mechanism, params, pubkeyp, - PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, - NULL /*wincx*/); -} - -/* - * The following is all functionality moved over from keyutil, which may - * or may not become completely obsolete. So, some of this stuff may - * end up being turned on from within certutil. Some is probably not - * even feasible anymore (Add/Delete?). - */ -#ifdef LATER - -static SECStatus -ListKeys(FILE *out) -{ - int rt; - - rt = SECU_PrintKeyNames(handle, out); - if (rt) { - SECU_PrintError(progName, "unable to list nicknames"); - return SECFailure; - } - return SECSuccess; -} - -static SECStatus -DumpPublicKey(char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *privKey; - SECKEYLowPublicKey *publicKey; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - privKey = SECU_GetPrivateKey(handle, nickname); - if (!privKey) { - return SECFailure; - } - - publicKey = SECKEY_LowConvertToPublicKey(privKey); - - /* Output public key (in the clear) */ - switch(publicKey->keyType) { - case rsaKey: - fprintf(out, "RSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent, - "publicExponent", 1); - break; - case dsaKey: - fprintf(out, "DSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime, - "subPrime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -DumpPrivateKey(char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *key; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - key = SECU_GetPrivateKey(handle, nickname); - if (!key) { - SECU_PrintError(progName, "error retrieving key"); - return SECFailure; - } - - switch(key->keyType) { - case rsaKey: - fprintf(out, "RSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.privateExponent, - "privateExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.prime[0], "prime[0]", 1); - SECU_PrintInteger(out, &key->u.rsa.prime[1], "prime[1]", 1); - SECU_PrintInteger(out, &key->u.rsa.primeExponent[0], - "primeExponent[0]", 1); - SECU_PrintInteger(out, &key->u.rsa.primeExponent[1], - "primeExponent[1]", 1); - SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1); - break; - case dsaKey: - fprintf(out, "DSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1); - SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -ChangePassword(void) -{ - SECStatus rv; - - /* Write out database with a new password */ - rv = SECU_ChangeKeyDBPassword(handle); - if (rv) { - SECU_PrintError(progName, "unable to change key password"); - } - return rv; -} - -static SECStatus DeletePrivateKey (char *nickName) -{ - int rv; - - rv = SECU_DeleteKeyByName (keyHandle, nickName); - if (rv != SECSuccess) - fprintf(stderr, "%s: problem deleting private key (%s)\n", - progName, SECU_Strerror(PR_GetError())); - return (rv); - -} - -#endif /* LATER */ diff --git a/security/nss/cmd/certutil/makefile.win b/security/nss/cmd/certutil/makefile.win deleted file mode 100644 index 26cdc0651..000000000 --- a/security/nss/cmd/certutil/makefile.win +++ /dev/null @@ -1,155 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -PROGRAM = certutil -PROGRAM = $(OBJDIR)\$(PROGRAM).exe - -include <$(DEPTH)\config\config.mak> - - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/certutil/manifest.mn b/security/nss/cmd/certutil/manifest.mn deleted file mode 100644 index 3b175bcf3..000000000 --- a/security/nss/cmd/certutil/manifest.mn +++ /dev/null @@ -1,52 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 -DSECUTIL_NEW - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = \ - certutil.c \ - keystuff.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = certutil - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/checkcert/Makefile b/security/nss/cmd/checkcert/Makefile deleted file mode 100644 index 573c12cac..000000000 --- a/security/nss/cmd/checkcert/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/checkcert/checkcert.c b/security/nss/cmd/checkcert/checkcert.c deleted file mode 100644 index 0cd5e61aa..000000000 --- a/security/nss/cmd/checkcert/checkcert.c +++ /dev/null @@ -1,640 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "plgetopt.h" -#include "cert.h" -#include "secoid.h" -#include "cryptohi.h" - -/* maximum supported modulus length in bits (indicate problem if over this) */ -#define MAX_MODULUS (1024) - - -static void Usage(char *progName) -{ - fprintf(stderr, "Usage: %s [aAvf] [certtocheck] [issuingcert]\n", - progName); - fprintf(stderr, "%-20s Cert to check is base64 encoded\n", - "-a"); - fprintf(stderr, "%-20s Issuer's cert is base64 encoded\n", - "-A"); - fprintf(stderr, "%-20s Verbose (indicate decoding progress etc.)\n", - "-v"); - fprintf(stderr, "%-20s Force sanity checks even if pretty print fails.\n", - "-f"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - fprintf(stderr, "%-20s Specify the input type (no default)\n", - "-t type"); - exit(-1); -} - - -/* - * Check integer field named fieldName, printing out results and - * returning the length of the integer in bits - */ - -static -int checkInteger(SECItem *intItem, char *fieldName, int verbose) -{ - int len, bitlen; - if (verbose) { - printf("Checking %s\n", fieldName); - } - - len = intItem->len; - - if (len && (intItem->data[0] & 0x80)) { - printf("PROBLEM: %s is NEGATIVE 2's-complement integer.\n", - fieldName); - } - - - /* calculate bit length and check for unnecessary leading zeros */ - bitlen = len << 3; - if (len > 1 && intItem->data[0] == 0) { - /* leading zero byte(s) */ - if (!(intItem->data[1] & 0x80)) { - printf("PROBLEM: %s has unneeded leading zeros. Violates DER.\n", - fieldName); - } - /* strip leading zeros in length calculation */ - { - int i=0; - while (bitlen > 8 && intItem->data[i] == 0) { - bitlen -= 8; - i++; - } - } - } - return bitlen; -} - - - - -static -void checkName(CERTName *n, char *fieldName, int verbose) -{ - char *v=0; - if (verbose) { - printf("Checking %s\n", fieldName); - } - - v = CERT_GetCountryName(n); - if (!v) { - printf("PROBLEM: %s lacks Country Name (C)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetOrgName(n); - if (!v) { - printf("PROBLEM: %s lacks Organization Name (O)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetOrgUnitName(n); - if (!v) { - printf("WARNING: %s lacks Organization Unit Name (OU)\n", - fieldName); - } - PORT_Free(v); - - v = CERT_GetCommonName(n); - if (!v) { - printf("PROBLEM: %s lacks Common Name (CN)\n", - fieldName); - } - PORT_Free(v); -} - - - - -/* - * Private version of verification that checks for agreement between - * signature algorithm oid (at the SignedData level) and oid in DigestInfo. - * - */ - - -/* Returns the tag for the hash algorithm in the given signature algorithm */ - static - int hashAlg(int sigAlgTag) { - int rv; - switch(sigAlgTag) { - case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION: - rv = SEC_OID_MD2; - break; - case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION: - rv = SEC_OID_MD5; - break; - case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: - rv = SEC_OID_SHA1; - break; - default: - rv = -1; - } - return rv; - } - - - -struct VFYContextStr { - int alg; - unsigned char digest[32]; - void *hasher; - void (*begin)(void *); - void (*update)(void *, unsigned char*, unsigned); - SECStatus (*end)(void *, unsigned char*, unsigned int*, unsigned); - void (*destroy)(void *, PRBool); -}; - - -static -SECStatus -OurVerifyData(unsigned char *buf, int len, SECKEYPublicKey *key, - SECItem *sig, SECAlgorithmID *sigAlgorithm) -{ - SECStatus rv; - VFYContext *cx; - SECOidData *sigAlgOid, *oiddata; - int sigAlgTag; - int hashAlgTag; - int showDigestOid=0; - - cx = VFY_CreateContext(key, sig, SECOID_GetAlgorithmTag(sigAlgorithm), - NULL); - if (cx == NULL) - return SECFailure; - - sigAlgOid = SECOID_FindOID(&sigAlgorithm->algorithm); - if (sigAlgOid == 0) - return SECFailure; - sigAlgTag = sigAlgOid->offset; - - hashAlgTag = hashAlg(sigAlgTag); - if (hashAlgTag == -1) { - printf("PROBLEM: Unsupported Digest Algorithm in DigestInfo"); - showDigestOid = 1; - } else if (hashAlgTag != cx->alg) { - printf("PROBLEM: Digest OID in DigestInfo is incompatible " - "with Signature Algorithm\n"); - showDigestOid = 1; - } - - if (showDigestOid) { - oiddata = SECOID_FindOIDByTag(cx->alg); - if ( oiddata ) { - printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc); - } else { - SECU_PrintAsHex(stdout, - &oiddata->oid, "PROBLEM: UNKNOWN OID", 0); - } - } - - rv = VFY_Begin(cx); - if (rv == SECSuccess) { - rv = VFY_Update(cx, buf, len); - if (rv == SECSuccess) - rv = VFY_End(cx); - } - - VFY_DestroyContext(cx, PR_TRUE); - return rv; -} - - - -static -SECStatus -OurVerifySignedData(CERTSignedData *sd, CERTCertificate *cert) -{ - SECItem sig; - SECKEYPublicKey *pubKey = 0; - SECStatus rv; - - /* check the certificate's validity */ - rv = CERT_CertTimesValid(cert); - if ( rv ) { - return(SECFailure); - } - - /* get cert's public key */ - pubKey = CERT_ExtractPublicKey(cert); - if ( !pubKey ) { - return(SECFailure); - } - - /* check the signature */ - sig = sd->signature; - DER_ConvertBitString(&sig); - rv = OurVerifyData(sd->data.data, sd->data.len, pubKey, &sig, - &sd->signatureAlgorithm); - - SECKEY_DestroyPublicKey(pubKey); - - if ( rv ) { - return(SECFailure); - } - - return(SECSuccess); -} - - - - -static -CERTCertificate *createEmptyCertificate(void) -{ - PRArenaPool *arena = 0; - CERTCertificate *c = 0; - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if ( !arena ) { - return 0; - } - - - c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate)); - - if (c) { - c->referenceCount = 1; - c->arena = arena; - } else { - PORT_FreeArena(arena,PR_TRUE); - } - - return c; -} - - - - -int main(int argc, char **argv) -{ - int rv, verbose=0, force=0; - int ascii=0, issuerAscii=0; - char *progName=0; - PRFileDesc *inFile=0, *issuerCertFile=0; - SECItem derCert, derIssuerCert; - PRArenaPool *arena=0; - CERTSignedData *signedData=0; - CERTCertificate *cert=0, *issuerCert=0; - SECKEYPublicKey *rsapubkey=0; - SECAlgorithmID md5WithRSAEncryption, md2WithRSAEncryption; - SECAlgorithmID sha1WithRSAEncryption, rsaEncryption; - SECItem spk; - int selfSigned=0; - int invalid=0; - char *inFileName = NULL, *issuerCertFileName = NULL; - PLOptState *optstate; - PLOptStatus status; - - PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption)); - PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption)); - PORT_Memset(&sha1WithRSAEncryption, 0, sizeof(sha1WithRSAEncryption)); - PORT_Memset(&rsaEncryption, 0, sizeof(rsaEncryption)); - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - optstate = PL_CreateOptState(argc, argv, "aAvf"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case 'v': - verbose = 1; - break; - - case 'f': - force = 1; - break; - - case 'a': - ascii = 1; - break; - - case 'A': - issuerAscii = 1; - break; - - case '\0': - if (!inFileName) - inFileName = PL_strdup(optstate->value); - else if (!issuerCertFileName) - issuerCertFileName = PL_strdup(optstate->value); - else - Usage(progName); - break; - } - } - - if (!inFileName || !issuerCertFileName || status == PL_OPT_BAD) { - /* insufficient or excess args */ - Usage(progName); - } - - inFile = PR_Open(inFileName, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, inFileName); - exit(1); - } - - issuerCertFile = PR_Open(issuerCertFileName, PR_RDONLY, 0); - if (!issuerCertFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, issuerCertFileName); - exit(1); - } - - if (SECU_ReadDERFromFile(&derCert, inFile, ascii) != SECSuccess) { - printf("Couldn't read input certificate as DER binary or base64\n"); - exit(1); - } - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (arena == 0) { - fprintf(stderr,"%s: can't allocate scratch arena!", progName); - exit(1); - } - - if (issuerCertFile) { - CERTSignedData *issuerCertSD=0; - if (SECU_ReadDERFromFile(&derIssuerCert, issuerCertFile, issuerAscii) - != SECSuccess) { - printf("Couldn't read issuer certificate as DER binary or base64.\n"); - exit(1); - } - issuerCertSD = (CERTSignedData *) PORT_ArenaZAlloc(arena, - sizeof(CERTSignedData)); - if (!issuerCertSD) { - fprintf(stderr,"%s: can't allocate issuer signed data!", progName); - exit(1); - } - rv = SEC_ASN1DecodeItem(arena, issuerCertSD, - SEC_ASN1_GET(CERT_SignedDataTemplate), - &derIssuerCert); - if (rv) { - fprintf(stderr, "%s: Issuer cert isn't X509 SIGNED Data?\n", - progName); - exit(1); - } - issuerCert = createEmptyCertificate(); - if (!issuerCert) { - printf("%s: can't allocate space for issuer cert.", progName); - exit(1); - } - rv = SEC_ASN1DecodeItem(arena, issuerCert, - SEC_ASN1_GET(CERT_CertificateTemplate), - &issuerCertSD->data); - if (rv) { - printf("%s: Does not appear to be an X509 Certificate.\n", - progName); - exit(1); - } - } - - signedData = (CERTSignedData *) PORT_ArenaZAlloc(arena,sizeof(CERTSignedData)); - if (!signedData) { - fprintf(stderr,"%s: can't allocate signedData!", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, signedData, - SEC_ASN1_GET(CERT_SignedDataTemplate), - &derCert); - if (rv) { - fprintf(stderr, "%s: Does not appear to be X509 SIGNED Data.\n", - progName); - exit(1); - } - - if (verbose) { - printf("Decoded ok as X509 SIGNED data.\n"); - } - - cert = createEmptyCertificate(); - if (!cert) { - fprintf(stderr, "%s: can't allocate cert", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, cert, - SEC_ASN1_GET(CERT_CertificateTemplate), - &signedData->data); - if (rv) { - fprintf(stderr, "%s: Does not appear to be an X509 Certificate.\n", - progName); - exit(1); - } - - - if (verbose) { - printf("Decoded ok as an X509 certificate.\n"); - } - - - rv = SECU_PrintSignedData(stdout, &derCert, "Certificate", 0, - SECU_PrintCertificate); - - if (rv) { - fprintf(stderr, "%s: Unable to pretty print cert. Error: %d\n", - progName, PORT_GetError()); - if (!force) { - exit(1); - } - } - - - /* Do various checks on the cert */ - - printf("\n"); - - /* Check algorithms */ - SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption, - SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption, - SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption, - SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL); - - SECOID_SetAlgorithmID(arena, &rsaEncryption, - SEC_OID_PKCS1_RSA_ENCRYPTION, NULL); - - { - int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &md5WithRSAEncryption) == 0); - int isMD2RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &md2WithRSAEncryption) == 0); - int isSHA1RSA = (SECOID_CompareAlgorithmID(&cert->signature, - &sha1WithRSAEncryption) == 0); - - if (verbose) { - printf("\nDoing algorithm checks.\n"); - } - - if (!(isMD5RSA || isMD2RSA || isSHA1RSA)) { - printf("PROBLEM: Signature not PKCS1 MD5, MD2, or SHA1 + RSA.\n"); - } else if (!isMD5RSA) { - printf("WARNING: Signature not PKCS1 MD5 with RSA Encryption\n"); - } - - if (SECOID_CompareAlgorithmID(&cert->signature, - &signedData->signatureAlgorithm)) { - printf("PROBLEM: Algorithm in sig and certInfo don't match.\n"); - } - } - - if (SECOID_CompareAlgorithmID(&cert->subjectPublicKeyInfo.algorithm, - &rsaEncryption)) { - printf("PROBLEM: Public key algorithm is not PKCS1 RSA Encryption.\n"); - } - - /* Check further public key properties */ - spk = cert->subjectPublicKeyInfo.subjectPublicKey; - DER_ConvertBitString(&spk); - - if (verbose) { - printf("\nsubjectPublicKey DER\n"); - rv = DER_PrettyPrint(stdout, &spk, PR_FALSE); - printf("\n"); - } - - rsapubkey = (SECKEYPublicKey *) - PORT_ArenaZAlloc(arena,sizeof(SECKEYPublicKey)); - if (!rsapubkey) { - fprintf(stderr, "%s: rsapubkey allocation failed.\n", progName); - exit(1); - } - - rv = SEC_ASN1DecodeItem(arena, rsapubkey, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), &spk); - if (rv) { - printf("PROBLEM: subjectPublicKey is not a DER PKCS1 RSAPublicKey.\n"); - } else { - int mlen; - int pubexp; - if (verbose) { - printf("Decoded RSA Public Key ok. Doing key checks.\n"); - } - PORT_Assert(rsapubkey->keyType == rsaKey); /* XXX RSA */ - mlen = checkInteger(&rsapubkey->u.rsa.modulus, "Modulus", verbose); - printf("INFO: Public Key modulus length in bits: %d\n", mlen); - if (mlen > MAX_MODULUS) { - printf("PROBLEM: Modulus length exceeds %d bits.\n", - MAX_MODULUS); - } - if (mlen < 512) { - printf("WARNING: Short modulus.\n"); - } - if (mlen != (1 << (ffs(mlen)-1))) { - printf("WARNING: Unusual modulus length (not a power of two).\n"); - } - checkInteger(&rsapubkey->u.rsa.publicExponent, "Public Exponent", - verbose); - pubexp = DER_GetInteger(&rsapubkey->u.rsa.publicExponent); - if (pubexp != 17 && pubexp != 3 && pubexp != 65537) { - printf("WARNING: Public exponent not any of: 3, 17, 65537\n"); - } - } - - - /* Name checks */ - checkName(&cert->issuer, "Issuer Name", verbose); - checkName(&cert->subject, "Subject Name", verbose); - - if (issuerCert) { - SECComparison c = - CERT_CompareName(&cert->issuer, &issuerCert->subject); - if (c) { - printf("PROBLEM: Issuer Name and Subject in Issuing Cert differ\n"); - } - } - - /* Check if self-signed */ - selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0); - if (selfSigned) { - printf("INFO: Certificate is self signed.\n"); - } else { - printf("INFO: Certificate is NOT self-signed.\n"); - } - - - /* Validity time check */ - if (CERT_CertTimesValid(cert) == SECSuccess) { - printf("INFO: Inside validity period of certificate.\n"); - } else { - printf("PROBLEM: Not in validity period of certificate.\n"); - invalid = 1; - } - - /* Signature check if self-signed */ - if (selfSigned && !invalid) { - if (rsapubkey->u.rsa.modulus.len) { - SECStatus ver; - if (verbose) { - printf("Checking self signature.\n"); - } - ver = OurVerifySignedData(signedData, cert); - if (ver != SECSuccess) { - printf("PROBLEM: Verification of self-signature failed!\n"); - } else { - printf("INFO: Self-signature verifies ok.\n"); - } - } else { - printf("INFO: Not checking signature due to key problems.\n"); - } - } else if (!selfSigned && !invalid && issuerCert) { - SECStatus ver; - ver = OurVerifySignedData(signedData, issuerCert); - if (ver != SECSuccess) { - printf("PROBLEM: Verification of issuer's signature failed!\n"); - } else { - printf("INFO: Issuer's signature verifies ok.\n"); - } - } else { - printf("INFO: Not checking signature.\n"); - } - - return 0; -} - - - diff --git a/security/nss/cmd/checkcert/makefile.win b/security/nss/cmd/checkcert/makefile.win deleted file mode 100644 index ff1fe62a7..000000000 --- a/security/nss/cmd/checkcert/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = checkcert -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/checkcert/manifest.mn b/security/nss/cmd/checkcert/manifest.mn deleted file mode 100644 index 9d5a99f73..000000000 --- a/security/nss/cmd/checkcert/manifest.mn +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = checkcert.c - -PROGRAM = checkcert diff --git a/security/nss/cmd/crlutil/Makefile b/security/nss/cmd/crlutil/Makefile deleted file mode 100644 index 573c12cac..000000000 --- a/security/nss/cmd/crlutil/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c deleted file mode 100644 index b2633c40d..000000000 --- a/security/nss/cmd/crlutil/crlutil.c +++ /dev/null @@ -1,371 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** certutil.c -** -** utility for managing certificates and the cert database -** -*/ -/* test only */ - -#include "nspr.h" -#include "plgetopt.h" -#include "secutil.h" -#include "cert.h" -#include "certdb.h" -#include "nss.h" - -#define SEC_CERT_DB_EXISTS 0 -#define SEC_CREATE_CERT_DB 1 - -static char *progName; - -static CERTSignedCrl *FindCRL - (CERTCertDBHandle *certHandle, char *name, int type) -{ - CERTSignedCrl *crl = NULL; - CERTCertificate *cert = NULL; - - - cert = CERT_FindCertByNickname(certHandle, name); - if (!cert) { - SECU_PrintError(progName, "could not find certificate named %s", name); - return ((CERTSignedCrl *)NULL); - } - - crl = SEC_FindCrlByKey(certHandle, &cert->derSubject, type); - if (crl ==NULL) - SECU_PrintError - (progName, "could not find %s's CRL", name); - CERT_DestroyCertificate (cert); - return (crl); -} - -static void DisplayCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType) -{ - CERTCertificate *cert = NULL; - CERTSignedCrl *crl = NULL; - - crl = FindCRL (certHandle, nickName, crlType); - - if (crl) { - SECU_PrintCRLInfo (stdout, &crl->crl, "CRL Info:\n", 0); - CERT_DestroyCrl (crl); - } -} - -static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType) -{ - CERTCrlHeadNode *crlList = NULL; - CERTCrlNode *crlNode = NULL; - CERTName *name = NULL; - PRArenaPool *arena = NULL; - SECStatus rv; - void *mark; - - do { - arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE); - if (arena == NULL) { - fprintf(stderr, "%s: fail to allocate memory\n", progName); - break; - } - - name = PORT_ArenaZAlloc (arena, sizeof(*name)); - if (name == NULL) { - fprintf(stderr, "%s: fail to allocate memory\n", progName); - break; - } - name->arena = arena; - - rv = SEC_LookupCrls (certHandle, &crlList, crlType); - if (rv != SECSuccess) { - fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName, - SECU_Strerror(PORT_GetError())); - break; - } - - /* just in case */ - if (!crlList) - break; - - crlNode = crlList->first; - - fprintf (stdout, "\n"); - fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type"); - while (crlNode) { - mark = PORT_ArenaMark (arena); - rv = SEC_ASN1DecodeItem - (arena, name, CERT_NameTemplate, &(crlNode->crl->crl.derName)); - if (!name){ - fprintf(stderr, "%s: fail to get the CRL issuer name\n", progName, - SECU_Strerror(PORT_GetError())); - break; - } - - fprintf (stdout, "\n%-40s %-5s\n", CERT_NameToAscii(name), "CRL"); - crlNode = crlNode->next; - PORT_ArenaRelease (arena, mark); - } - - } while (0); - if (crlList) - PORT_FreeArena (crlList->arena, PR_FALSE); - PORT_FreeArena (arena, PR_FALSE); -} - -static void ListCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType) -{ - if (nickName == NULL) - ListCRLNames (certHandle, crlType); - else - DisplayCRL (certHandle, nickName, crlType); -} - - - -static SECStatus DeleteCRL (CERTCertDBHandle *certHandle, char *name, int type) -{ - CERTSignedCrl *crl = NULL; - SECStatus rv = SECFailure; - - crl = FindCRL (certHandle, name, type); - if (!crl) { - SECU_PrintError - (progName, "could not find the issuer %s's CRL", name); - return SECFailure; - } - rv = SEC_DeletePermCRL (crl); - if (rv != SECSuccess) { - SECU_PrintError - (progName, "fail to delete the issuer %s's CRL from the perm dbase (reason: %s)", - name, SECU_Strerror(PORT_GetError())); - return SECFailure; - } - - rv = SEC_DeleteTempCrl (crl); - if (rv != SECSuccess) { - SECU_PrintError - (progName, "fail to delete the issuer %s's CRL from the temp dbase (reason: %s)", - name, SECU_Strerror(PORT_GetError())); - return SECFailure; - } - return (rv); -} - -SECStatus ImportCRL (CERTCertDBHandle *certHandle, char *url, int type, - PRFileDesc *inFile) -{ - CERTCertificate *cert = NULL; - CERTSignedCrl *crl = NULL; - SECItem crlDER; - int rv; - - crlDER.data = NULL; - - - /* Read in the entire file specified with the -f argument */ - rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE); - if (rv != SECSuccess) { - SECU_PrintError(progName, "unable to read input file"); - return (SECFailure); - } - - crl = CERT_ImportCRL (certHandle, &crlDER, url, type, NULL); - if (!crl) { - const char *errString; - - errString = SECU_Strerror(PORT_GetError()); - if (PORT_Strlen (errString) == 0) - SECU_PrintError - (progName, "CRL is not import (error: input CRL is not up to date.)"); - else - SECU_PrintError - (progName, "unable to import CRL"); - } - PORT_Free (crlDER.data); - CERT_DestroyCrl (crl); - return (rv); -} - - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s -L [-n nickname[ [-d keydir] [-t crlType]\n" - " %s -D -n nickname [-d keydir]\n" - " %s -I -i crl -t crlType [-u url] [-d keydir]\n", - progName, progName, progName); - - fprintf (stderr, "%-15s List CRL\n", "-L"); - fprintf(stderr, "%-20s Specify the nickname of the CA certificate\n", - "-n nickname"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - - fprintf (stderr, "%-15s Delete a CRL from the cert dbase\n", "-D"); - fprintf(stderr, "%-20s Specify the nickname for the CA certificate\n", - "-n nickname"); - fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType"); - - fprintf (stderr, "%-15s Import a CRL to the cert dbase\n", "-I"); - fprintf(stderr, "%-20s Specify the file which contains the CRL to import\n", - "-i crl"); - fprintf(stderr, "%-20s Specify the url.\n", "-u url"); - fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType"); - - fprintf(stderr, "%-20s CRL Types (default is SEC_CRL_TYPE):\n", " "); - fprintf(stderr, "%-20s \t 0 - SEC_KRL_TYPE\n", " "); - fprintf(stderr, "%-20s \t 1 - SEC_CRL_TYPE\n", " "); - - exit(-1); -} - -int main(int argc, char **argv) -{ - SECItem privKeyDER; - CERTCertDBHandle *certHandle; - FILE *certFile; - PRFileDesc *inFile; - int listCRL; - int importCRL; - int opt; - int deleteCRL; - int rv; - char *nickName; - char *progName; - char *url; - int crlType; - PLOptState *optstate; - PLOptStatus status; - SECStatus secstatus; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = 0; - deleteCRL = importCRL = listCRL = 0; - certFile = NULL; - inFile = NULL; - nickName = url = NULL; - privKeyDER.data = NULL; - certHandle = NULL; - crlType = SEC_CRL_TYPE; - /* - * Parse command line arguments - */ - optstate = PL_CreateOptState(argc, argv, "IALd:i:Dn:Ct:u:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'C': - listCRL = 1; - break; - - case 'D': - deleteCRL = 1; - break; - - case 'I': - importCRL = 1; - break; - - case 'L': - listCRL = 1; - break; - - case 'd': - SECU_ConfigDirectory(optstate->value); - break; - - case 'i': - inFile = PR_Open(optstate->value, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'n': - nickName = strdup(optstate->value); - break; - - case 'u': - url = strdup(optstate->value); - break; - - case 't': { - char *type; - - type = strdup(optstate->value); - crlType = atoi (type); - if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) { - fprintf(stderr, "%s: invalid crl type\n", progName); - return -1; - } - break; - } - } - } - - if (deleteCRL && !nickName) Usage (progName); - if (!(listCRL || deleteCRL || importCRL)) Usage (progName); - if (importCRL && !inFile) Usage (progName); - - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - secstatus = NSS_InitReadWrite(SECU_ConfigDirectory(NULL)); - if (secstatus != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - - certHandle = CERT_GetDefaultCertDB(); - if (certHandle == NULL) { - SECU_PrintError(progName, "unable to open the cert db"); - return (-1); - } - - /* Read in the private key info */ - if (deleteCRL) - DeleteCRL (certHandle, nickName, crlType); - else if (listCRL) - ListCRL (certHandle, nickName, crlType); - else if (importCRL) - rv = ImportCRL (certHandle, url, crlType, inFile); - - return (rv); -} diff --git a/security/nss/cmd/crlutil/makefile.win b/security/nss/cmd/crlutil/makefile.win deleted file mode 100644 index 1f1b627ff..000000000 --- a/security/nss/cmd/crlutil/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = crlutil -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/crlutil/manifest.mn b/security/nss/cmd/crlutil/manifest.mn deleted file mode 100644 index e63d71c05..000000000 --- a/security/nss/cmd/crlutil/manifest.mn +++ /dev/null @@ -1,53 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = crlutil.c - -# this has to be different for NT and UNIX. -# PROGRAM = ./$(OBJDIR)/crlutil.exe -PROGRAM = crlutil - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/crmf-cgi/Makefile b/security/nss/cmd/crmf-cgi/Makefile deleted file mode 100644 index cc2f035d6..000000000 --- a/security/nss/cmd/crmf-cgi/Makefile +++ /dev/null @@ -1,81 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### -ifeq ($(OS_ARCH), WINNT) -EXTRA_LIBS += $(DIST)/lib/crmf.lib -else -EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) -endif -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk - diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/nss/cmd/crmf-cgi/config.mk deleted file mode 100644 index bcbaa2804..000000000 --- a/security/nss/cmd/crmf-cgi/config.mk +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(PROGRAM) -SHARED_LIBRARY = -IMPORT_LIBRARY = -LIBRARY = - diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c deleted file mode 100644 index c5fd2d451..000000000 --- a/security/nss/cmd/crmf-cgi/crmfcgi.c +++ /dev/null @@ -1,1123 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "seccomon.h" -#include "nss.h" -#include "key.h" -#include "cert.h" -#include "pk11func.h" -#include "secmod.h" -#include "cmmf.h" -#include "crmf.h" -#include "base64.h" -#include "secasn1.h" -#include "cryptohi.h" -#include -#include -#include - -#define DEFAULT_ALLOC_SIZE 200 -#define DEFAULT_CGI_VARS 20 - -typedef struct CGIVariableStr { - char *name; - char *value; -} CGIVariable; - -typedef struct CGIVarTableStr { - CGIVariable **variables; - int numVars; - int numAlloc; -} CGIVarTable; - -typedef struct CertResponseInfoStr { - CERTCertificate *cert; - long certReqID; -} CertResponseInfo; - -typedef struct ChallengeCreationInfoStr { - long random; - SECKEYPublicKey *pubKey; -} ChallengeCreationInfo; - -char *missingVar = NULL; - -/* - * Error values. - */ -typedef enum { - NO_ERROR = 0, - NSS_INIT_FAILED, - AUTH_FAILED, - REQ_CGI_VAR_NOT_PRESENT, - CRMF_REQ_NOT_PRESENT, - BAD_ASCII_FOR_REQ, - CGI_VAR_MISSING, - COULD_NOT_FIND_CA, - COULD_NOT_DECODE_REQS, - OUT_OF_MEMORY, - ERROR_RETRIEVING_REQUEST_MSG, - ERROR_RETRIEVING_CERT_REQUEST, - ERROR_RETRIEVING_SUBJECT_FROM_REQ, - ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ, - ERROR_CREATING_NEW_CERTIFICATE, - COULD_NOT_START_EXTENSIONS, - ERROR_RETRIEVING_EXT_FROM_REQ, - ERROR_ADDING_EXT_TO_CERT, - ERROR_ENDING_EXTENSIONS, - COULD_NOT_FIND_ISSUER_PRIVATE_KEY, - UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER, - ERROR_SETTING_SIGN_ALG, - ERROR_ENCODING_NEW_CERT, - ERROR_SIGNING_NEW_CERT, - ERROR_CREATING_CERT_REP_CONTENT, - ERROR_CREATING_SINGLE_CERT_RESPONSE, - ERROR_SETTING_CERT_RESPONSES, - ERROR_CREATING_CA_LIST, - ERROR_ADDING_ISSUER_TO_CA_LIST, - ERROR_ENCODING_CERT_REP_CONTENT, - NO_POP_FOR_REQUEST, - UNSUPPORTED_POP, - ERROR_RETRIEVING_POP_SIGN_KEY, - ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY, - ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY, - DO_CHALLENGE_RESPONSE, - ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT, - ERROR_ENCODING_CERT_REQ_FOR_POP, - ERROR_VERIFYING_SIGNATURE_POP, - ERROR_RETRIEVING_PUB_KEY_FOR_CHALL, - ERROR_CREATING_EMPTY_CHAL_CONTENT, - ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER, - ERROR_SETTING_CHALLENGE, - ERROR_ENCODING_CHALL, - ERROR_CONVERTING_CHALL_TO_BASE64, - ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN, - ERROR_CREATING_KEY_RESP_FROM_DER, - ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE, - ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED, - ERROR_GETTING_KEY_ENCIPHERMENT, - ERROR_NO_POP_FOR_PRIVKEY, - ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE -} ErrorCode; - -const char * -CGITableFindValue(CGIVarTable *varTable, const char *key); - -void -spitOutHeaders(void) -{ - printf("Content-type: text/html\n\n"); -} - -void -dumpRequest(CGIVarTable *varTable) -{ - int i; - CGIVariable *var; - - printf ("\n"); - printf ("" - "\n"); - for (i=0; inumVars; i++) { - var = varTable->variables[i]; - printf ("\n", - var->name, var->value); - } - printf("
Variable Name
Value
%s
%s
\n"); -} - -void -echo_request(CGIVarTable *varTable) -{ - spitOutHeaders(); - printf("CGI Echo Page\n" - "

Got the following request

\n"); - dumpRequest(varTable); - printf(""); -} - -void -processVariable(CGIVariable *var) -{ - char *plusSign, *percentSign; - - /*First look for all of the '+' and convert them to spaces */ - plusSign = var->value; - while ((plusSign=strchr(plusSign, '+')) != NULL) { - *plusSign = ' '; - } - percentSign = var->value; - while ((percentSign=strchr(percentSign, '%')) != NULL) { - char string[3]; - int value; - - string[0] = percentSign[1]; - string[1] = percentSign[2]; - string[2] = '\0'; - - sscanf(string,"%x", &value); - *percentSign = (char)value; - memmove(&percentSign[1], &percentSign[3], 1+strlen(&percentSign[3])); - } -} - -char * -parseNextVariable(CGIVarTable *varTable, char *form_output) -{ - char *ampersand, *equal; - CGIVariable *var; - - if (varTable->numVars == varTable->numAlloc) { - CGIVariable **newArr = realloc(varTable->variables, - (varTable->numAlloc + DEFAULT_CGI_VARS)*sizeof(CGIVariable*)); - if (newArr == NULL) { - return NULL; - } - varTable->variables = newArr; - varTable->numAlloc += DEFAULT_CGI_VARS; - } - equal = strchr(form_output, '='); - if (equal == NULL) { - return NULL; - } - ampersand = strchr(equal, '&'); - if (ampersand == NULL) { - return NULL; - } - equal[0] = '\0'; - if (ampersand != NULL) { - ampersand[0] = '\0'; - } - var = malloc(sizeof(CGIVariable)); - var->name = form_output; - var->value = &equal[1]; - varTable->variables[varTable->numVars] = var; - varTable->numVars++; - processVariable(var); - return (ampersand != NULL) ? &ersand[1] : NULL; -} - -void -ParseInputVariables(CGIVarTable *varTable, char *form_output) -{ - varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS); - varTable->numVars = 0; - varTable->numAlloc = DEFAULT_CGI_VARS; - while (form_output && form_output[0] != '\0') { - form_output = parseNextVariable(varTable, form_output); - } -} - -const char * -CGITableFindValue(CGIVarTable *varTable, const char *key) -{ - const char *retVal = NULL; - int i; - - for (i=0; inumVars; i++) { - if (strcmp(varTable->variables[i]->name, key) == 0) { - retVal = varTable->variables[i]->value; - break; - } - } - return retVal; -} - -char* -passwordCallback(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - const char *passwd; - if (retry) { - return NULL; - } - passwd = CGITableFindValue((CGIVarTable*)arg, "dbPassword"); - if (passwd == NULL) { - return NULL; - } - return PORT_Strdup(passwd); -} - -ErrorCode -initNSS(CGIVarTable *varTable) -{ - const char *nssDir; - PK11SlotInfo *keySlot; - SECStatus rv; - - nssDir = CGITableFindValue(varTable,"NSSDirectory"); - if (nssDir == NULL) { - missingVar = "NSSDirectory"; - return REQ_CGI_VAR_NOT_PRESENT; - } - rv = NSS_Init(nssDir); - if (rv != SECSuccess) { - return NSS_INIT_FAILED; - } - PK11_SetPasswordFunc(passwordCallback); - keySlot = PK11_GetInternalKeySlot(); - rv = PK11_Authenticate(keySlot, PR_FALSE, varTable); - if (rv != SECSuccess) { - return AUTH_FAILED; - } - return NO_ERROR; -} - -void -dumpErrorMessage(ErrorCode errNum) -{ - spitOutHeaders(); - printf("Error

Error processing " - "data

Received the error %d

", errNum); - if (errNum == REQ_CGI_VAR_NOT_PRESENT) { - printf ("The missing variable is %s.", missingVar); - } - printf ("More useful information here in the future."); -} - -ErrorCode -initOldCertReq(CERTCertificateRequest *oldCertReq, - CERTName *subject, CERTSubjectPublicKeyInfo *spki) -{ - PRArenaPool *poolp; - - poolp = oldCertReq->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SEC_ASN1EncodeInteger(poolp, &oldCertReq->version, - SEC_CERTIFICATE_VERSION_3); - CERT_CopyName(poolp, &oldCertReq->subject, subject); - SECKEY_CopySubjectPublicKeyInfo(poolp, &oldCertReq->subjectPublicKeyInfo, - spki); - oldCertReq->attributes = NULL; - return NO_ERROR; -} - -ErrorCode -addExtensions(CERTCertificate *newCert, CRMFCertRequest *certReq) -{ - int numExtensions, i; - void *extHandle; - ErrorCode rv = NO_ERROR; - CRMFCertExtension *ext; - SECStatus srv; - - numExtensions = CRMF_CertRequestGetNumberOfExtensions(certReq); - if (numExtensions == 0) { - /* No extensions to add */ - return NO_ERROR; - } - extHandle = CERT_StartCertExtensions(newCert); - if (extHandle == NULL) { - rv = COULD_NOT_START_EXTENSIONS; - goto loser; - } - for (i=0; idata, der->len); - PR_Close(outfile); - -} - -ErrorCode -createNewCert(CERTCertificate**issuedCert,CERTCertificateRequest *oldCertReq, - CRMFCertReqMsg *currReq, CRMFCertRequest *certReq, - CERTCertificate *issuerCert, CGIVarTable *varTable) -{ - CERTCertificate *newCert = NULL; - CERTValidity *validity; - PRExplodedTime printableTime; - PRTime now, after; - ErrorCode rv=NO_ERROR; - SECKEYPrivateKey *issuerPrivKey; - SECItem derCert = { 0 }; - SECOidTag signTag; - SECStatus srv; - long version; - - now = PR_Now(); - PR_ExplodeTime(now, PR_GMTParameters, &printableTime); - printableTime.tm_month += 9; - after = PR_ImplodeTime(&printableTime); - validity = CERT_CreateValidity(now, after); - newCert = *issuedCert = - CERT_CreateCertificate(rand(), &(issuerCert->subject), validity, - oldCertReq); - if (newCert == NULL) { - rv = ERROR_CREATING_NEW_CERTIFICATE; - goto loser; - } - rv = addExtensions(newCert, certReq); - if (rv != NO_ERROR) { - goto loser; - } - issuerPrivKey = PK11_FindKeyByAnyCert(issuerCert, varTable); - if (issuerPrivKey == NULL) { - rv = COULD_NOT_FIND_ISSUER_PRIVATE_KEY; - } - switch(issuerPrivKey->keyType) { - case rsaKey: - signTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; - break; - case dsaKey: - signTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; - break; - default: - rv = UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER; - goto loser; - } - srv = SECOID_SetAlgorithmID(newCert->arena, &newCert->signature, - signTag, 0); - if (srv != SECSuccess) { - rv = ERROR_SETTING_SIGN_ALG; - goto loser; - } - srv = CRMF_CertRequestGetCertTemplateVersion(certReq, &version); - if (srv != SECSuccess) { - /* No version included in the request */ - *(newCert->version.data) = SEC_CERTIFICATE_VERSION_3; - } else { - SECITEM_FreeItem(&newCert->version, PR_FALSE); - SEC_ASN1EncodeInteger(newCert->arena, &newCert->version, version); - } - SEC_ASN1EncodeItem(newCert->arena, &derCert, newCert, - CERT_CertificateTemplate); - if (derCert.data == NULL) { - rv = ERROR_ENCODING_NEW_CERT; - goto loser; - } - srv = SEC_DerSignData(newCert->arena, &(newCert->derCert), derCert.data, - derCert.len, issuerPrivKey, signTag); - if (srv != SECSuccess) { - rv = ERROR_SIGNING_NEW_CERT; - goto loser; - } -#ifdef WRITE_OUT_RESPONSE - writeOutItem("newcert.der", &newCert->derCert); -#endif - return NO_ERROR; - loser: - *issuedCert = NULL; - if (newCert) { - CERT_DestroyCertificate(newCert); - } - return rv; - -} - -void -formatCMMFResponse(char *nickname, char *base64Response) -{ - char *currLine, *nextLine; - - printf("var retVal = crypto.importUserCertificates(\"%s\",\n", nickname); - currLine = base64Response; - while (1) { - nextLine = strchr(currLine, '\n'); - if (nextLine == NULL) { - /* print out the last line here. */ - printf ("\"%s\",\n", currLine); - break; - } - nextLine[0] = '\0'; - printf("\"%s\\n\"+\n", currLine); - currLine = nextLine+1; - } - printf("true);\n" - "if(retVal == '') {\n" - "\tdocument.write(\"

New Certificate Succesfully Imported.

\");\n" - "} else {\n" - "\tdocument.write(\"

Unable to import New Certificate

\");\n" - "\tdocument.write(\"crypto.importUserCertificates returned \");\n" - "\tdocument.write(retVal);\n" - "\tdocument.write(\"\");\n" - "}\n"); -} - -void -spitOutCMMFResponse(char *nickname, char *base64Response) -{ - spitOutHeaders(); - printf("\n\nCMMF Resonse Page\n\n\n" - "

CMMF Response Page

\n" - "\n\n"); -} - -char* -getNickname(CERTCertificate *cert) -{ - char *nickname; - - if (cert->nickname != NULL) { - return cert->nickname; - } - nickname = CERT_GetCommonName(&cert->subject); - if (nickname != NULL) { - return nickname; - } - return CERT_NameToAscii(&cert->subject); -} - -ErrorCode -createCMMFResponse(CertResponseInfo *issuedCerts, int numCerts, - CERTCertificate *issuerCert, char **base64der) -{ - CMMFCertRepContent *certRepContent=NULL; - ErrorCode rv = NO_ERROR; - CMMFCertResponse **responses, *currResponse; - CERTCertList *caList; - int i; - SECStatus srv; - PRArenaPool *poolp; - SECItem *der; - - certRepContent = CMMF_CreateCertRepContent(); - if (certRepContent == NULL) { - rv = ERROR_CREATING_CERT_REP_CONTENT; - goto loser; - } - responses = PORT_NewArray(CMMFCertResponse*, numCerts); - if (responses == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - for (i=0; idata, der->len); - return NO_ERROR; - loser: - return rv; -} - -ErrorCode -issueCerts(CertResponseInfo *issuedCerts, int numCerts, - CERTCertificate *issuerCert) -{ - ErrorCode rv; - char *base64Response; - - rv = createCMMFResponse(issuedCerts, numCerts, issuerCert, &base64Response); - if (rv != NO_ERROR) { - goto loser; - } - spitOutCMMFResponse(getNickname(issuedCerts[0].cert),base64Response); - return NO_ERROR; - loser: - return rv; -} - -ErrorCode -verifySignature(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert) -{ - SECStatus srv; - ErrorCode rv = NO_ERROR; - CRMFPOPOSigningKey *signKey = NULL; - SECAlgorithmID *algID = NULL; - SECItem *signature = NULL; - SECKEYPublicKey *pubKey = NULL; - SECItem *reqDER = NULL; - - srv = CRMF_CertReqMsgGetPOPOSigningKey(currReq, &signKey); - if (srv != SECSuccess || signKey == NULL) { - rv = ERROR_RETRIEVING_POP_SIGN_KEY; - goto loser; - } - algID = CRMF_POPOSigningKeyGetAlgID(signKey); - if (algID == NULL) { - rv = ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY; - goto loser; - } - signature = CRMF_POPOSigningKeyGetSignature(signKey); - if (signature == NULL) { - rv = ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY; - goto loser; - } - /* Make the length the number of bytes instead of bits */ - signature->len = (signature->len+7)/8; - pubKey = CERT_ExtractPublicKey(newCert); - if (pubKey == NULL) { - rv = ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT; - goto loser; - } - reqDER = SEC_ASN1EncodeItem(NULL, NULL, certReq, CRMFCertRequestTemplate); - if (reqDER == NULL) { - rv = ERROR_ENCODING_CERT_REQ_FOR_POP; - goto loser; - } - srv = VFY_VerifyData(reqDER->data, reqDER->len, pubKey, signature, - SECOID_FindOIDTag(&algID->algorithm), varTable); - if (srv != SECSuccess) { - rv = ERROR_VERIFYING_SIGNATURE_POP; - goto loser; - } - /* Fall thru in successfull case. */ - loser: - if (pubKey != NULL) { - SECKEY_DestroyPublicKey(pubKey); - } - if (reqDER != NULL) { - SECITEM_FreeItem(reqDER, PR_TRUE); - } - if (signature != NULL) { - SECITEM_FreeItem(signature, PR_TRUE); - } - if (algID != NULL) { - SECOID_DestroyAlgorithmID(algID, PR_TRUE); - } - if (signKey != NULL) { - CRMF_DestroyPOPOSigningKey(signKey); - } - return rv; -} - -ErrorCode -doChallengeResponse(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert, - ChallengeCreationInfo *challs, int *numChall) -{ - CRMFPOPOPrivKey *privKey = NULL; - CRMFPOPOPrivKeyChoice privKeyChoice; - SECStatus srv; - ErrorCode rv = NO_ERROR; - - srv = CRMF_CertReqMsgGetPOPKeyEncipherment(currReq, &privKey); - if (srv != SECSuccess || privKey == NULL) { - rv = ERROR_GETTING_KEY_ENCIPHERMENT; - goto loser; - } - privKeyChoice = CRMF_POPOPrivKeyGetChoice(privKey); - CRMF_DestroyPOPOPrivKey(privKey); - switch (privKeyChoice) { - case crmfSubsequentMessage: - challs = &challs[*numChall]; - challs->random = rand(); - challs->pubKey = CERT_ExtractPublicKey(newCert); - if (challs->pubKey == NULL) { - rv = ERROR_RETRIEVING_PUB_KEY_FOR_CHALL; - goto loser; - } - (*numChall)++; - rv = DO_CHALLENGE_RESPONSE; - break; - case crmfThisMessage: - /* There'd better be a PKIArchiveControl in this message */ - if (!CRMF_CertRequestIsControlPresent(certReq, - crmfPKIArchiveOptionsControl)) { - rv = ERROR_NO_POP_FOR_PRIVKEY; - goto loser; - } - break; - default: - rv = ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE; - goto loser; - } -loser: - return rv; -} - -ErrorCode -doProofOfPossession(CGIVarTable *varTable, CRMFCertReqMsg *currReq, - CRMFCertRequest *certReq, CERTCertificate *newCert, - ChallengeCreationInfo *challs, int *numChall) -{ - CRMFPOPChoice popChoice; - ErrorCode rv = NO_ERROR; - - popChoice = CRMF_CertReqMsgGetPOPType(currReq); - if (popChoice == crmfNoPOPChoice) { - rv = NO_POP_FOR_REQUEST; - goto loser; - } - switch (popChoice) { - case crmfSignature: - rv = verifySignature(varTable, currReq, certReq, newCert); - break; - case crmfKeyEncipherment: - rv = doChallengeResponse(varTable, currReq, certReq, newCert, - challs, numChall); - break; - case crmfRAVerified: - case crmfKeyAgreement: - default: - rv = UNSUPPORTED_POP; - goto loser; - } - loser: - return rv; -} - -void -convertB64ToJS(char *base64) -{ - int i; - - for (i=0; base64[i] != '\0'; i++) { - if (base64[i] == '\n') { - printf ("\\n"); - }else { - printf ("%c", base64[i]); - } - } -} - -void -formatChallenge(char *chall64, char *certRepContentDER, - ChallengeCreationInfo *challInfo, int numChalls) -{ - printf ("function respondToChallenge() {\n" - " var chalForm = document.chalForm;\n\n" - " chalForm.CertRepContent.value = '"); - convertB64ToJS(certRepContentDER); - printf ("';\n" - " chalForm.ChallResponse.value = crypto.popChallengeResponse('"); - convertB64ToJS(chall64); - printf("');\n" - " chalForm.submit();\n" - "}\n"); - -} - -void -spitOutChallenge(char *chall64, char *certRepContentDER, - ChallengeCreationInfo *challInfo, int numChalls, - char *nickname) -{ - int i; - - spitOutHeaders(); - printf("\n" - "\n" - "Challenge Page\n" - "\n" - "\n" - "\n" - "

Cartman is now responding to the Challenge " - "presented by the CGI

\n" - "\n" - "\n" - "\n"); - for (i=0;i\n", - i+1, challInfo[i].random); - } - printf("\n", nickname); - printf("\n\n"); -} - -ErrorCode -issueChallenge(CertResponseInfo *issuedCerts, int numCerts, - ChallengeCreationInfo *challInfo, int numChalls, - CERTCertificate *issuer, CGIVarTable *varTable) -{ - ErrorCode rv = NO_ERROR; - CMMFPOPODecKeyChallContent *chalContent = NULL; - int i; - SECStatus srv; - PRArenaPool *poolp; - CERTGeneralName *genName; - SECItem *challDER = NULL; - char *chall64, *certRepContentDER; - - rv = createCMMFResponse(issuedCerts, numCerts, issuer, - &certRepContentDER); - if (rv != NO_ERROR) { - goto loser; - } - chalContent = CMMF_CreatePOPODecKeyChallContent(); - if (chalContent == NULL) { - rv = ERROR_CREATING_EMPTY_CHAL_CONTENT; - goto loser; - } - poolp = PORT_NewArena(1024); - if (poolp == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - genName = CERT_GetCertificateNames(issuer, poolp); - if (genName == NULL) { - rv = ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER; - goto loser; - } - for (i=0;idata, challDER->len); - SECITEM_FreeItem(challDER, PR_TRUE); - if (chall64 == NULL) { - rv = ERROR_CONVERTING_CHALL_TO_BASE64; - goto loser; - } - spitOutChallenge(chall64, certRepContentDER, challInfo, numChalls, - getNickname(issuedCerts[0].cert)); - loser: - return rv; -} - - -ErrorCode -processRequest(CGIVarTable *varTable) -{ - CERTCertDBHandle *certdb; - SECKEYKeyDBHandle *keydb; - CRMFCertReqMessages *certReqs = NULL; - const char *crmfReq; - const char *caNickname; - CERTCertificate *caCert = NULL; - CertResponseInfo *issuedCerts = NULL; - CERTSubjectPublicKeyInfo spki = { 0 }; - ErrorCode rv=NO_ERROR; - PRBool doChallengeResponse = PR_FALSE; - SECItem der = { 0 }; - SECStatus srv; - CERTCertificateRequest oldCertReq = { 0 }; - CRMFCertReqMsg **reqMsgs = NULL,*currReq = NULL; - CRMFCertRequest **reqs = NULL, *certReq = NULL; - CERTName subject = { 0 }; - int numReqs,i; - ChallengeCreationInfo *challInfo=NULL; - int numChalls = 0; - - certdb = CERT_GetDefaultCertDB(); - keydb = SECKEY_GetDefaultKeyDB(); - crmfReq = CGITableFindValue(varTable, "CRMFRequest"); - if (crmfReq == NULL) { - rv = CGI_VAR_MISSING; - missingVar = "CRMFRequest"; - goto loser; - } - caNickname = CGITableFindValue(varTable, "CANickname"); - if (caNickname == NULL) { - rv = CGI_VAR_MISSING; - missingVar = "CANickname"; - goto loser; - } - caCert = CERT_FindCertByNickname(certdb, caNickname); - if (caCert == NULL) { - rv = COULD_NOT_FIND_CA; - goto loser; - } - srv = ATOB_ConvertAsciiToItem(&der, crmfReq); - if (srv != SECSuccess) { - rv = BAD_ASCII_FOR_REQ; - goto loser; - } - certReqs = CRMF_CreateCertReqMessagesFromDER(der.data, der.len); - SECITEM_FreeItem(&der, PR_FALSE); - if (certReqs == NULL) { - rv = COULD_NOT_DECODE_REQS; - goto loser; - } - numReqs = CRMF_CertReqMessagesGetNumMessages(certReqs); - issuedCerts = PORT_ZNewArray(CertResponseInfo, numReqs); - challInfo = PORT_ZNewArray(ChallengeCreationInfo, numReqs); - if (issuedCerts == NULL || challInfo == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - reqMsgs = PORT_ZNewArray(CRMFCertReqMsg*, numReqs); - reqs = PORT_ZNewArray(CRMFCertRequest*, numReqs); - if (reqMsgs == NULL || reqs == NULL) { - rv = OUT_OF_MEMORY; - goto loser; - } - for (i=0; i= form_output_len) { - form_output_len += DEFAULT_ALLOC_SIZE; - form_output = PORT_Realloc(form_output, form_output_len+1); - } - form_output_used += fread(&form_output[form_output_used], sizeof(char), - DEFAULT_ALLOC_SIZE, stdin); - } - ParseInputVariables(&varTable, form_output); - certRepContent = CGITableFindValue(&varTable, "CertRepContent"); - if (certRepContent == NULL) { - errNum = initNSS(&varTable); - if (errNum != 0) { - goto loser; - } - errNum = processRequest(&varTable); - } else { - errNum = processChallengeResponse(&varTable, certRepContent); - } - if (errNum != NO_ERROR) { - goto loser; - } - goto done; -loser: - dumpErrorMessage(errNum); -done: - free (form_output); - return 0; -} - diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.html b/security/nss/cmd/crmf-cgi/crmfcgi.html deleted file mode 100644 index e91923ece..000000000 --- a/security/nss/cmd/crmf-cgi/crmfcgi.html +++ /dev/null @@ -1,165 +0,0 @@ - - - - -CRMF Test Page for PSM - - - -

CRMF Test page for PSM

-This page is designed to be used in combination with the executable -produced by ns/security/cmd/crmf-cgi in a CGI environment. In order -to successfully use this page, modify its action to post to a a server -where you have installed the crmfcgi executable and you'll be able to -test the functionality. -
-
-

Certificate Database information

-First, enter all the information for the CGI to use for initializing -NSS. The CGI will use the directory entered below as the directory -where to look for the certificate and key databases. -
-Path for NSS Config: 
-
-Enter the password for the certificate database found in the direcotry -above. -
-Database Password:   
-
-Now enter the nickname of the certificate to use for signing the -certificate issued during this test. -
-CA Nickname:         
-
-

Now, figure out which type of key generation you want to test:

- - -
- -
- - diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn deleted file mode 100644 index ceaf5a635..000000000 --- a/security/nss/cmd/crmf-cgi/manifest.mn +++ /dev/null @@ -1,61 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. -MODULE = sectools - -EXPORTS = \ - $(NULL) - -CSRCS = \ - crmfcgi.c \ - $(NULL) - - -REQUIRES = security dbm seccmd - -ifdef ATTACH_CGI -DEFINES += -DATTACH_CGI -endif - -ifdef WRITE_OUT_RESPONSE -DEFINES += -DWRITE_OUT_RESPONSE -endif - -PROGRAM = crmfcgi - -USE_STATIC_LIBS = 1 - -INCLUDES = - -DEFINES = -DNSPR20 diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile deleted file mode 100644 index 9eae3715a..000000000 --- a/security/nss/cmd/crmftest/Makefile +++ /dev/null @@ -1,99 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### -include config.mk - -ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.2) -OS_LIBS += -lsvld -endif - -ifeq ($(OS_ARCH)$(OS_RELEASE), SunOS5.6) -OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl -endif - -ifeq ($(OS_ARCH), WINNT) -EXTRA_LIBS += $(DIST)/lib/crmf.lib -else -EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX) -endif - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -LDDIST = $(DIST)/lib - -ifeq ($(OS_ARCH), WINNT) -EXTRA_LIBS += $(LDDIST)/sectool.lib -endif - -lame: - echo $(CPU_ARCH) - -include ../platrules.mk diff --git a/security/nss/cmd/crmftest/config.mk b/security/nss/cmd/crmftest/config.mk deleted file mode 100644 index 7343609f8..000000000 --- a/security/nss/cmd/crmftest/config.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(PROGRAM) -SHARED_LIBRARY = -IMPORT_LIBRARY = -LIBRARY = - diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn deleted file mode 100644 index b27e4a3d8..000000000 --- a/security/nss/cmd/crmftest/manifest.mn +++ /dev/null @@ -1,53 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. -DEPTH = . - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -EXPORTS = \ - $(NULL) - -CSRCS = \ - testcrmf.c \ - $(NULL) - - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm - -PROGRAM = crmftest - diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c deleted file mode 100644 index db9add0bc..000000000 --- a/security/nss/cmd/crmftest/testcrmf.c +++ /dev/null @@ -1,1527 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "crmf.h" -#include "secrng.h" -#include "secpkcs5.h" -#include "pk11func.h" -#include "pkcs11.h" -#include "secmod.h" -#include "secmodi.h" -#include "key.h" -#include "prio.h" -#include "pqggen.h" -#include "cmmf.h" -#include "seccomon.h" -#include "secmod.h" -#include "prlock.h" -#include "secmodi.h" -#include "pkcs11.h" -#include "pk11func.h" -#include "secitem.h" -#include "key.h" -#include "rsa.h" -#include "secpkcs5.h" -#include "secasn1.h" -#include "sechash.h" -#include "cert.h" -#include "secerr.h" -#include -#include "prprf.h" -#if !defined(XP_UNIX) && !defined(LINUX) -extern int getopt(int, char **, char*); -extern char *optarg; -#endif -#define MAX_KEY_LEN 512 - -int64 notBefore; -char *personalCert = NULL; -char *recoveryEncrypter = NULL; -char *caCertName = NULL; - -CERTCertDBHandle *db; -SECKEYKeyDBHandle *keydb; - -void -debug_test(SECItem *src, char *filePath) -{ - PRFileDesc *fileDesc; - - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not cretae file %s.\n", filePath); - return; - } - PR_Write(fileDesc, src->data, src->len); - -} - -SECStatus -get_serial_number(long *dest) -{ - RNGContext *rng; - SECStatus rv; - - if (dest == NULL) { - return SECFailure; - } - rng = RNG_CreateContext(); - if (rng == NULL) { - *dest = 0; - return SECFailure; - } - rv = RNG_GenerateRandomBytes(rng, (void*)dest, sizeof(long)); - RNG_DestroyContext(rng, PR_TRUE); - return SECSuccess; -} - -char * -promptForPassword (PK11SlotInfo *slot, PRBool retry, void *cx) -{ - char passWord[80]; - char *retPass = NULL; - - if (retry) { - printf ("Incorrect password. Please re-enter the password.\n"); - } - printf ("WARNING: Password will be echoed to the screen.\n"); - printf ("Please enter the password for slot \"%s\":", - PK11_GetTokenName(slot)); - scanf ("%s", passWord); - retPass = PORT_Strdup(passWord); - return retPass; -} - -PK11RSAGenParams * -GetRSAParams(void) -{ - PK11RSAGenParams *rsaParams; - - rsaParams = PORT_ZNew(PK11RSAGenParams); - - if (rsaParams == NULL) - return NULL; - - rsaParams->keySizeInBits = MAX_KEY_LEN; - rsaParams->pe = 0x1001; - - return rsaParams; - -} - -SECStatus -SetSlotPassword(PK11SlotInfo *slot) -{ - char userPin[80]; - - printf ("Initialization of PIN's for your Database.\n"); - printf ("------------------------------------------\n"); - printf ("Please enter the PIN's for your Database.\n"); - printf ("Warning: ALL PIN'S WILL BE ECHOED TO SCREEN!!!\n"); - printf ("Now enter the PIN for the user: "); - scanf ("%s", userPin); - return PK11_InitPin (slot, NULL, userPin); -} - -PQGParams* -GetDSAParams(void) -{ - PQGParams *params = NULL; - PQGVerify *vfy = NULL; - - SECStatus rv; - - rv = PQG_ParamGen(0, ¶ms, &vfy); - if (rv != SECSuccess) { - return NULL; - } - PQG_DestroyVerify(vfy); - return params; -} - -CERTSubjectPublicKeyInfo * -GetSubjectPubKeyInfo(SECKEYPrivateKey **destPrivKey, - SECKEYPublicKey **destPubKey) { - CERTSubjectPublicKeyInfo *spki = NULL; - SECKEYPrivateKey *privKey = NULL; - SECKEYPublicKey *pubKey = NULL; - PK11SlotInfo *keySlot = NULL; - PK11RSAGenParams *rsaParams = NULL; - PQGParams *dsaParams = NULL; - - keySlot = PK11_GetInternalKeySlot(); - PK11_Authenticate(keySlot, PR_FALSE, NULL); - PK11_Authenticate(PK11_GetInternalSlot(), PR_FALSE, NULL); - rsaParams = GetRSAParams(); - privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN, - (void*)rsaParams, &pubKey, PR_FALSE, - PR_FALSE, NULL); -/* dsaParams = GetDSAParams(); - if (dsaParams == NULL) { - return NULL; - } - privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN, - (void*)dsaParams, &pubKey, PR_FALSE, - PR_FALSE, NULL);*/ - if (privKey == NULL || pubKey == NULL) { - if (pubKey) { - SECKEY_DestroyPublicKey(pubKey); - } - if (privKey) { - SECKEY_DestroyPrivateKey(privKey); - } - return NULL; - } - - spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey); - *destPrivKey = privKey; - *destPubKey = pubKey; - return spki; -} - - -SECStatus -InitPKCS11(void) -{ - PK11SlotInfo *cryptoSlot, *keySlot; - - PK11_SetPasswordFunc(promptForPassword); - - cryptoSlot = PK11_GetInternalSlot(); - keySlot = PK11_GetInternalKeySlot(); - - if (PK11_NeedUserInit(cryptoSlot) && PK11_NeedLogin(cryptoSlot)) { - if (SetSlotPassword (cryptoSlot) != SECSuccess) { - printf ("Initializing the PIN's failed.\n"); - return SECFailure; - } - } - - if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) { - if (SetSlotPassword (keySlot) != SECSuccess) { - printf ("Initializing the PIN's failed.\n"); - return SECFailure; - } - } - - PK11_FreeSlot(cryptoSlot); - PK11_FreeSlot(keySlot); - return SECSuccess; -} - - -void -WriteItOut (void *arg, const char *buf, unsigned long len) -{ - PRFileDesc *fileDesc = (PRFileDesc*)arg; - - PR_Write(fileDesc, (void*)buf, len); -} - -SECItem -GetRandomBitString(void) -{ -#define NUM_BITS 800 -#define BITS_IN_BYTE 8 - SECItem bitString; - int numBytes = NUM_BITS/BITS_IN_BYTE; - unsigned char *bits = PORT_ZNewArray(unsigned char, numBytes); - RNGContext *rng; - - rng = RNG_CreateContext(); - RNG_GenerateRandomBytes(rng, (void*)bits, numBytes); - RNG_DestroyContext(rng, PR_TRUE); - bitString.data = bits; - bitString.len = NUM_BITS; - bitString.type = siBuffer; - return bitString; -} - -CRMFCertExtCreationInfo* -GetExtensions(void) -{ - CRMFCertExtCreationInfo *extInfo; - CRMFCertExtension *currExt; - CRMFCertExtension *extension; - SECItem data; - PRBool prFalse = PR_FALSE; - unsigned char keyUsage[4]; - - data.len = 4; - data.data = keyUsage; - keyUsage[0] = 0x03; - keyUsage[1] = 0x02; - keyUsage[2] = 0x07; - keyUsage[3] = KU_DIGITAL_SIGNATURE; - extension = CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE,prFalse, - &data); - extInfo = PORT_ZNew(CRMFCertExtCreationInfo); - extInfo->numExtensions = 1; - extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1); - extInfo->extensions[0] = extension; - return extInfo; -} - -void -FreeExtInfo(CRMFCertExtCreationInfo *extInfo) -{ - int i; - - for (i=0; inumExtensions; i++) { - CRMF_DestroyCertExtension(extInfo->extensions[i]); - } - PORT_Free(extInfo->extensions); - PORT_Free(extInfo); -} - -int -CreateCertRequest (CRMFCertRequest **inCertReq, SECKEYPrivateKey **privKey, - SECKEYPublicKey **pubKey) -{ - long serialNumber; - long version = 3; - char *issuerStr = PORT_Strdup ("CN=Javi's CA Shack, O=Information Systems"); - char *subjectStr = PORT_Strdup ("CN=Javi's CA Shack ID, O=Engineering, " - "C=US"); - CRMFCertRequest *certReq; - SECAlgorithmID * algID; - CERTName *issuer, *subject; - CRMFValidityCreationInfo validity; - CERTSubjectPublicKeyInfo *spki; - SECStatus rv; - SECOidTag tag, tag2; - SECItem issuerUID, subjectUID; - CRMFCertExtCreationInfo *extInfo; - CRMFEncryptedKey *encKey; - CERTCertificate *caCert; - CRMFPKIArchiveOptions *pkiArchOpt; - - *inCertReq = NULL; - certReq = CRMF_CreateCertRequest(0x0ff02345); - if (certReq == NULL) { - printf ("Could not initialize a certificate request.\n"); - return 1; - } - rv = CRMF_CertRequestSetTemplateField (certReq, crmfVersion, (void*)(&version)); - if (rv != SECSuccess) { - printf("Could not add the version number to the " - "Certificate Request.\n"); - CRMF_DestroyCertRequest(certReq); - return 2; - } - - if (get_serial_number(&serialNumber) != SECSuccess) { - printf ("Could not generate a serial number for cert request.\n"); - CRMF_DestroyCertRequest(certReq); - return 3; - } - - rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber, - (void*)(&serialNumber)); - if (rv != SECSuccess) { - printf ("Could not add serial number to certificate template\n."); - CRMF_DestroyCertRequest(certReq); - return 4; - } - - issuer = CERT_AsciiToName(issuerStr); - if (issuer == NULL) { - printf ("Could not create CERTName structure from %s.\n", issuerStr); - CRMF_DestroyCertRequest(certReq); - return 5; - } - rv = CRMF_CertRequestSetTemplateField (certReq, crmfIssuer, (void*) issuer); - PORT_Free(issuerStr); - CERT_DestroyName(issuer); - if (rv != SECSuccess) { - printf ("Could not add issuer to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 6; - } - - subject = CERT_AsciiToName(subjectStr); - if (subject == NULL) { - printf ("Could not create CERTName structure from %s.\n", subjectStr); - CRMF_DestroyCertRequest(certReq); - return 7; - } - PORT_Free(subjectStr); - rv = CRMF_CertRequestSetTemplateField (certReq, crmfSubject, (void*)subject); - if (rv != SECSuccess) { - printf ("Could not add subject to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 8; - } - CERT_DestroyName(subject); - - algID = - SEC_PKCS5CreateAlgorithmID (SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC, - NULL, 1); - if (algID == NULL) { - printf ("Couldn't create algorithm ID\n"); - CRMF_DestroyCertRequest(certReq); - return 9; - } - rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID); - SECOID_DestroyAlgorithmID(algID, PR_TRUE); - if (rv != SECSuccess) { - printf ("Could not add the signing algorithm to the cert template.\n"); - CRMF_DestroyCertRequest(certReq); - return 10; - } - - validity.notBefore = ¬Before; - validity.notAfter = NULL; - notBefore = PR_Now(); - rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity)); - if (rv != SECSuccess) { - printf ("Could not add validity to cert template\n"); - CRMF_DestroyCertRequest(certReq); - return 11; - } - - spki = GetSubjectPubKeyInfo(privKey, pubKey); - if (spki == NULL) { - printf ("Could not create a Subject Public Key Info to add\n"); - CRMF_DestroyCertRequest(certReq); - return 12; - } - rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki); - SECKEY_DestroySubjectPublicKeyInfo(spki); - if (rv != SECSuccess) { - printf ("Could not add the public key to the template\n"); - CRMF_DestroyCertRequest(certReq); - return 13; - } - - caCert = - CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName); - if (caCert == NULL) { - printf ("Could not find the certificate for %s\n", caCertName); - CRMF_DestroyCertRequest(certReq); - return 50; - } - - issuerUID = GetRandomBitString(); - subjectUID = GetRandomBitString(); - CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID, (void*)&issuerUID); - CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID); - PORT_Free(issuerUID.data); - PORT_Free(subjectUID.data); - extInfo = GetExtensions(); - CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo); - FreeExtInfo(extInfo); - encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(*privKey, caCert); - CERT_DestroyCertificate(caCert); - if (encKey == NULL) { - printf ("Could not create Encrypted Key with Encrypted Value.\n"); - return 14; - } - pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey); - CRMF_DestroyEncryptedKey(encKey); - if (pkiArchOpt == NULL) { - printf ("Could not create PKIArchiveOptions.\n"); - return 15; - } - rv = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt); - CRMF_DestroyPKIArchiveOptions(pkiArchOpt); - if (rv != SECSuccess) { - printf ("Could not add the PKIArchiveControl to Cert Request.\n"); - return 16; - } - *inCertReq = certReq; - return 0; -} - -int -Encode (CRMFCertReqMsg *inCertReq, - CRMFCertReqMsg *secondReq, char *configdir) -{ -#define PATH_LEN 150 -#define CRMF_FILE "CertReqMessages.der" - char filePath[PATH_LEN]; - PRFileDesc *fileDesc; - SECStatus rv; - int irv = 0; - CRMFCertReqMsg *msgArr[3]; - CRMFCertReqMsg *newMsg; - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - irv = 14; - goto finish; - } -/* rv = CRMF_EncodeCertReqMsg (inCertReq, WriteItOut, (void*)fileDesc);*/ - msgArr[0] = inCertReq; - msgArr[1] = secondReq; - msgArr[2] = NULL; - rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc); - if (rv != SECSuccess) { - printf ("An error occurred while encoding.\n"); - irv = 15; - goto finish; - } - finish: - PR_Close(fileDesc); - return irv; -} - -int -AddProofOfPossession(CRMFCertReqMsg *certReqMsg, SECKEYPrivateKey *privKey, - SECKEYPublicKey *pubKey, CRMFPOPChoice inPOPChoice) -{ - - switch(inPOPChoice){ - case crmfSignature: - CRMF_CertReqMsgSetSignaturePOP(certReqMsg, privKey, pubKey, NULL, NULL, - NULL); - break; - case crmfRAVerified: - CRMF_CertReqMsgSetRAVerifiedPOP(certReqMsg); - break; - case crmfKeyEncipherment: - CRMF_CertReqMsgSetKeyEnciphermentPOP(certReqMsg, - crmfSubsequentMessage, - crmfChallengeResp, NULL); - break; - case crmfKeyAgreement: - { - SECItem pendejo; - unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 }; - - pendejo.data = lame; - pendejo.len = 5; - - CRMF_CertReqMsgSetKeyAgreementPOP(certReqMsg, crmfThisMessage, - crmfNoSubseqMess, &pendejo); - } - break; - default: - return 1; - } - return 0; -} - -#define BUFF_SIZE 150 - -int -Decode(char *configdir) -{ - char filePath[PATH_LEN]; - unsigned char buffer[BUFF_SIZE]; - char *asn1Buff; - PRFileDesc *fileDesc; - PRInt32 fileLen = 0; - PRInt32 bytesRead; - CRMFCertReqMsg *certReqMsg; - CRMFCertRequest *certReq; - CRMFGetValidity validity= {NULL, NULL}; - CRMFCertReqMessages *certReqMsgs; - int numMsgs, i; - long lame; - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE); - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - while (1) { - bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE); - if (bytesRead <= 0) break; - fileLen += bytesRead; - } - if (bytesRead < 0) { - printf ("Error while getting the length of the file %s\n", filePath); - return 200; - } - - PR_Close(fileDesc); - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - asn1Buff = PORT_ZNewArray(char, fileLen); - bytesRead = PR_Read(fileDesc, asn1Buff, fileLen); - if (bytesRead != fileLen) { - printf ("Error while reading in the contents of %s\n", filePath); - return 201; - } - /*certReqMsg = CRMF_CreateCertReqMsgFromDER(asn1Buff, fileLen); - if (certReqMsg == NULL) { - printf ("Error while decoding the CertReqMsg\n"); - return 202; - } - certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg); -*/ - certReqMsgs = CRMF_CreateCertReqMessagesFromDER(asn1Buff, fileLen); - if (certReqMsgs == NULL) { - printf ("Error decoding CertReqMessages.\n"); - return 202; - } - numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs); - if (numMsgs <= 0) { - printf ("WARNING: The DER contained %d messages.\n", numMsgs); - } - for (i=0; i < numMsgs; i++) { - certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i); - if (certReqMsg == NULL) { - printf ("ERROR: Could not access the message at index %d of %s\n", - i, filePath); - } - CRMF_CertReqMsgGetID(certReqMsg, &lame); - certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg); - CRMF_CertRequestGetCertTemplateValidity(certReq, &validity); - CRMF_DestroyGetValidity(&validity); - CRMF_DestroyCertRequest(certReq); - CRMF_DestroyCertReqMsg(certReqMsg); - } - CRMF_DestroyCertReqMessages(certReqMsgs); - PORT_Free(asn1Buff); - return 0; -} - -void -GetBitsFromFile(char *filePath, SECItem *fileBits) -{ - PRFileDesc *fileDesc; - int bytesRead, fileLen=0; - char buffer[BUFF_SIZE], *asn1Buf; - - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - while (1) { - bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE); - if (bytesRead <= 0) break; - fileLen += bytesRead; - } - if (bytesRead < 0) { - printf ("Error while getting the length of file %s.\n", filePath); - goto loser; - } - PR_Close(fileDesc); - - fileDesc = PR_Open(filePath, PR_RDONLY, 0644); - asn1Buf = PORT_ZNewArray(char, fileLen); - if (asn1Buf == NULL) { - printf ("Out of memory in function GetBitsFromFile\n"); - goto loser; - } - bytesRead = PR_Read(fileDesc, asn1Buf, fileLen); - if (bytesRead != fileLen) { - printf ("Error while reading the contents of %s\n", filePath); - goto loser; - } - fileBits->data = (unsigned char*)asn1Buf; - fileBits->len = fileLen; - return; - loser: - if (asn1Buf) { - PORT_Free(asn1Buf); - } - fileBits->data = NULL; - fileBits->len = 0; -} - -int -DecodeCMMFCertRepContent(char *derFile) -{ - int fileLen=0; - char *asn1Buf; - SECItem fileBits; - CMMFCertRepContent *certRepContent; - - - GetBitsFromFile(derFile, &fileBits); - if (fileBits.data == NULL) { - printf("Could not get bits from file %s\n", derFile); - return 304; - } - asn1Buf = (char*)fileBits.data; - fileLen = fileBits.len; - certRepContent = CMMF_CreateCertRepContentFromDER(db, asn1Buf, fileLen); - if (certRepContent == NULL) { - printf ("Error while decoding %s\n", derFile); - return 303; - } - CMMF_DestroyCertRepContent(certRepContent); - PORT_Free(asn1Buf); - return 0; -} - -int -DoCMMFStuff(char *configdir) -{ - CMMFCertResponse *certResp=NULL, *certResp2=NULL, *certResponses[3]; - CMMFCertRepContent *certRepContent=NULL; - CERTCertificate *cert=NULL, *caCert=NULL; - CERTCertList *list=NULL; - PRFileDesc *fileDesc=NULL; - char filePath[PATH_LEN]; - int rv = 0; - long random; - CMMFKeyRecRepContent *repContent=NULL; - SECKEYPrivateKey *privKey = NULL; - SECKEYPublicKey *caPubKey; - SECStatus srv; - SECItem fileBits; - - certResp = CMMF_CreateCertResponse(0xff123); - CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted); - cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert); - if (cert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - rv = 416; - goto finish; - } - CMMF_CertResponseSetCertificate(certResp, cert); - certResp2 = CMMF_CreateCertResponse(0xff122); - CMMF_CertResponseSetPKIStatusInfoStatus(certResp2, cmmfGranted); - CMMF_CertResponseSetCertificate(certResp2, cert); - - certResponses[0] = certResp; - certResponses[1] = NULL; - certResponses[2] = NULL; - - certRepContent = CMMF_CreateCertRepContent(); - CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1); - - list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner); - CMMF_CertRepContentSetCAPubs(certRepContent, list); - - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - rv = 400; - goto finish; - } - - srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut, - (void*)fileDesc); - PORT_Assert (srv == SECSuccess); - PR_Close(fileDesc); - rv = DecodeCMMFCertRepContent(filePath); - if (rv != 0) { - goto finish; - } - random = 0xa4e7; - caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName); - if (caCert == NULL) { - printf ("Could not get the certifcate for %s\n", caCertName); - rv = 411; - goto finish; - } - repContent = CMMF_CreateKeyRecRepContent(); - if (repContent == NULL) { - printf ("Could not allocate a CMMFKeyRecRepContent structure\n"); - rv = 407; - goto finish; - } - srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent, - cmmfGrantedWithMods); - if (srv != SECSuccess) { - printf ("Error trying to set PKIStatusInfo for " - "CMMFKeyRecRepContent.\n"); - rv = 406; - goto finish; - } - srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert); - if (srv != SECSuccess) { - printf ("Error trying to set the new signing certificate for " - "key recovery\n"); - rv = 408; - goto finish; - } - srv = CMMF_KeyRecRepContentSetCACerts(repContent, list); - if (srv != SECSuccess) { - printf ("Errory trying to add the list of CA certs to the " - "CMMFKeyRecRepContent structure.\n"); - rv = 409; - goto finish; - } - privKey = PK11_FindKeyByAnyCert(cert, NULL); - if (privKey == NULL) { - printf ("Could not get the private key associated with the\n" - "certificate %s\n", personalCert); - rv = 410; - goto finish; - } - caPubKey = CERT_ExtractPublicKey(caCert); - if (caPubKey == NULL) { - printf ("Could not extract the public from the " - "certificate for \n%s\n", caCertName); - rv = 412; - goto finish; - } - CERT_DestroyCertificate(caCert); - caCert = NULL; - srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey, - caPubKey); - SECKEY_DestroyPrivateKey(privKey); - SECKEY_DestroyPublicKey(caPubKey); - if (srv != SECSuccess) { - printf ("Could not set the Certified Key Pair\n"); - rv = 413; - goto finish; - } - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, - "KeyRecRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - rv = 414; - goto finish; - } - - srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut, - (void*)fileDesc); - PORT_Assert (srv == SECSuccess); - PR_Close(fileDesc); - CMMF_DestroyKeyRecRepContent(repContent); - GetBitsFromFile(filePath, &fileBits); - repContent = - CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data, - fileBits.len); - if (repContent == NULL) { - printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n" - "\t%s\n", filePath); - rv = 415; - goto finish; - } - finish: - if (repContent) { - CMMF_DestroyKeyRecRepContent(repContent); - } - if (cert) { - CERT_DestroyCertificate(cert); - } - if (list) { - CERT_DestroyCertList(list); - } - if (certResp) { - CMMF_DestroyCertResponse(certResp); - } - if (certResp2) { - CMMF_DestroyCertResponse(certResp2); - } - if (certRepContent) { - CMMF_DestroyCertRepContent(certRepContent); - } - return rv; -} - -static CK_MECHANISM_TYPE -mapWrapKeyType(KeyType keyType) -{ - switch (keyType) { - case rsaKey: - return CKM_RSA_PKCS; - default: - break; - } - return CKM_INVALID_MECHANISM; -} - -#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/ - -int -DoKeyRecovery(char *configdir, SECKEYPrivateKey *privKey) -{ - SECKEYPublicKey *pubKey; - PK11SlotInfo *slot; - CK_OBJECT_HANDLE id; - CK_MECHANISM mech = { CKM_INVALID_MECHANISM, NULL, 0}; - unsigned char *known_message = (unsigned char*)"Known Crypto Message"; - unsigned char plaintext[KNOWN_MESSAGE_LENGTH]; - char filePath[PATH_LEN]; - CK_RV crv; - unsigned char *ciphertext; - CK_ULONG max_bytes_encrypted, bytes_encrypted; - unsigned char *text_compared; - CK_ULONG bytes_compared, bytes_decrypted; - SECKEYPrivateKey *unwrappedPrivKey, *caPrivKey; - CMMFKeyRecRepContent *keyRecRep; - SECStatus rv; - CERTCertificate *caCert, *myCert; - SECKEYPublicKey *caPubKey; - PRFileDesc *fileDesc; - SECItem fileBits, nickname; - CMMFCertifiedKeyPair *certKeyPair; - - /*caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - caCertName);*/ - myCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert); - if (myCert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - return 700; - } - caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), - recoveryEncrypter); - if (caCert == NULL) { - printf ("Could not find the certificate for %s\n", recoveryEncrypter); - return 701; - } - caPubKey = CERT_ExtractPublicKey(caCert); - pubKey = SECKEY_ConvertToPublicKey(privKey); - max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey); - slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL); - id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE); - switch(privKey->keyType) { - case rsaKey: - mech.mechanism = CKM_RSA_PKCS; - break; - case dsaKey: - mech.mechanism = CKM_DSA; - break; - case dhKey: - mech.mechanism = CKM_DH_PKCS_DERIVE; - break; - default: - printf ("Bad Key type in key recovery.\n"); - return 512; - - } - PK11_EnterSlotMonitor(slot); - crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id); - if (crv != CKR_OK) { - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - printf ("C_EncryptInit failed in KeyRecovery\n"); - return 500; - } - ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted); - if (ciphertext == NULL) { - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - printf ("Could not allocate memory for ciphertext.\n"); - return 501; - } - bytes_encrypted = max_bytes_encrypted; - crv = PK11_GETTAB(slot)->C_Encrypt(slot->session, - known_message, - KNOWN_MESSAGE_LENGTH, - ciphertext, - &bytes_encrypted); - PK11_ExitSlotMonitor(slot); - PK11_FreeSlot(slot); - if (crv != CKR_OK) { - PORT_Free(ciphertext); - return 502; - } - /* Always use the smaller of these two values . . . */ - bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH ) - ? KNOWN_MESSAGE_LENGTH - : bytes_encrypted; - - /* If there was a failure, the plaintext */ - /* goes at the end, therefore . . . */ - text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH ) - ? (ciphertext + bytes_encrypted - - KNOWN_MESSAGE_LENGTH ) - : ciphertext; - - keyRecRep = CMMF_CreateKeyRecRepContent(); - if (keyRecRep == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not allocate a CMMFKeyRecRepContent structre.\n"); - return 503; - } - rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep, - cmmfGranted); - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not set the status for the KeyRecRepContent\n"); - return 504; - } - /* The myCert here should correspond to the certificate corresponding - * to the private key, but for this test any certificate will do. - */ - rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert, - privKey, caPubKey); - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not set the Certified Key Pair\n"); - return 505; - } - PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, - "KeyRecRepContent.der"); - fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("Could not open file %s\n", filePath); - return 506; - } - rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc); - CMMF_DestroyKeyRecRepContent(keyRecRep); - PR_Close(fileDesc); - - if (rv != SECSuccess) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Error while encoding CMMFKeyRecRepContent\n"); - return 507; - } - GetBitsFromFile(filePath, &fileBits); - if (fileBits.data == NULL) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Could not get the bits from file %s\n", filePath); - return 508; - } - keyRecRep = - CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data, - fileBits.len); - if (keyRecRep == NULL) { - printf ("Could not decode the KeyRecRepContent in file %s\n", - filePath); - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - return 509; - } - caPrivKey = PK11_FindKeyByAnyCert(caCert, NULL); - if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) != - cmmfGranted) { - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - CMMF_DestroyKeyRecRepContent(keyRecRep); - printf ("A bad status came back with the " - "KeyRecRepContent structure\n"); - return 510; - } -#define NICKNAME "Key Recovery Test Key" - nickname.data = (unsigned char*)NICKNAME; - nickname.len = PORT_Strlen(NICKNAME); - certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0); - CMMF_DestroyKeyRecRepContent(keyRecRep); - rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair, - caPrivKey, - &nickname, - PK11_GetInternalKeySlot(), - db, - &unwrappedPrivKey, NULL); - CMMF_DestroyCertifiedKeyPair(certKeyPair); - if (rv != SECSuccess) { - printf ("Unwrapping the private key failed.\n"); - return 511; - } - /*Now let's try to decrypt the ciphertext with the "recovered" key*/ - PK11_EnterSlotMonitor(slot); - crv = - PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session, - &mech, - unwrappedPrivKey->pkcs11ID); - if (crv != CKR_OK) { - PK11_ExitSlotMonitor(slot); - PORT_Free(ciphertext); - PK11_FreeSlot(slot); - printf ("Decrypting with the recovered key failed.\n"); - return 513; - } - bytes_decrypted = KNOWN_MESSAGE_LENGTH; - crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session, - ciphertext, - bytes_encrypted, plaintext, - &bytes_decrypted); - SECKEY_DestroyPrivateKey(unwrappedPrivKey); - PK11_ExitSlotMonitor(slot); - PORT_Free(ciphertext); - if (crv != CKR_OK) { - PK11_FreeSlot(slot); - printf ("Decrypting the ciphertext with recovered key failed.\n"); - return 514; - } - if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) || - (PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) { - PK11_FreeSlot(slot); - printf ("The recovered plaintext does not equal the known message:\n" - "\tKnown message: %s\n" - "\tRecovered plaintext: %s\n", known_message, plaintext); - return 515; - } - return 0; -} - -int -DoChallengeResponse(char *configdir, SECKEYPrivateKey *privKey, - SECKEYPublicKey *pubKey) -{ - CMMFPOPODecKeyChallContent *chalContent = NULL; - CMMFPOPODecKeyRespContent *respContent = NULL; - CERTCertificate *myCert = NULL; - CERTGeneralName *myGenName = NULL; - PRArenaPool *poolp = NULL; - SECItem DecKeyChallBits; - long *randomNums; - int numChallengesFound=0; - int numChallengesSet = 1,i; - long retrieved; - char filePath[PATH_LEN]; - RNGContext *rng; - SECStatus rv; - PRFileDesc *fileDesc; - SECItem *publicValue, *keyID; - SECKEYPrivateKey *foundPrivKey; - - chalContent = CMMF_CreatePOPODecKeyChallContent(); - myCert = CERT_FindCertByNickname(db, personalCert); - if (myCert == NULL) { - printf ("Could not find the certificate for %s\n", personalCert); - return 900; - } - poolp = PORT_NewArena(1024); - if (poolp == NULL) { - printf("Could no allocate a new arena in DoChallengeResponse\n"); - return 901; - } - myGenName = CERT_GetCertificateNames(myCert, poolp); - if (myGenName == NULL) { - printf ("Could not get the general names for %s certificate\n", - personalCert); - return 902; - } - randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet); - rng = RNG_CreateContext(); - RNG_GenerateRandomBytes(rng, randomNums, numChallengesSet*sizeof(long)); - for (i=0; ipkcs11Slot,keyID, NULL); - if (foundPrivKey == NULL) { - printf ("Could not find the private key corresponding to the public" - " value.\n"); - return 910; - } - rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i, - foundPrivKey); - if (rv != SECSuccess) { - printf ("Could not decrypt the challenge at index %d\n", i); - return 911; - } - rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i, - &retrieved); - if (rv != SECSuccess) { - printf ("Could not get the random number from the challenge at " - "index %d\n", i); - return 912; - } - if (retrieved != randomNums[i]) { - printf ("Retrieved the number (%d), expected (%d)\n", retrieved, - randomNums[i]); - return 913; - } - } - CMMF_DestroyPOPODecKeyChallContent(chalContent); - PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der", - configdir); - fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE, - 0666); - if (fileDesc == NULL) { - printf ("Could not open file %s\n", filePath); - return 914; - } - rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet, - WriteItOut, fileDesc); - PR_Close(fileDesc); - if (rv != 0) { - printf ("Could not encode the POPODecKeyRespContent\n"); - return 915; - } - GetBitsFromFile(filePath, &DecKeyChallBits); - respContent = - CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data, - DecKeyChallBits.len); - if (respContent == NULL) { - printf ("Could not decode the contents of the file %s\n", filePath); - return 916; - } - numChallengesFound = - CMMF_POPODecKeyRespContentGetNumResponses(respContent); - if (numChallengesFound != numChallengesSet) { - printf ("Number of responses found (%d) does not match the number " - "of challenges set (%d)\n", - numChallengesFound, numChallengesSet); - return 917; - } - for (i=0; i -#include - -#include "secutil.h" -#include "cdbhdl.h" -#include "certdb.h" -#include "cert.h" -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -static char *progName; - -/* placeholders for pointer error types */ -static void *WrongEntry; -static void *NoNickname; -static void *NoSMime; - -enum { - GOBOTH = 0, - GORIGHT, - GOLEFT -}; - -typedef struct -{ - PRBool verbose; - PRBool dograph; - PRFileDesc *out; - PRFileDesc *graphfile; - int dbErrors[10]; -} dbDebugInfo; - -/* - * A list node for a cert db entry. The index is a unique identifier - * to use for creating generic maps of a db. This struct handles - * the cert, nickname, and smime db entry types, as all three have a - * single handle to a subject entry. - * This structure is pointed to by certDBEntryListNode->appData. - */ -typedef struct -{ - PRArenaPool *arena; - int index; - certDBEntryListNode *pSubject; -} certDBEntryMap; - -/* - * Subject entry is special case, it has bidirectional handles. One - * subject entry can point to several certs (using the same DN), and - * a nickname and/or smime entry. - * This structure is pointed to by certDBEntryListNode->appData. - */ -typedef struct -{ - PRArenaPool *arena; - int index; - int numCerts; - certDBEntryListNode **pCerts; - certDBEntryListNode *pNickname; - certDBEntryListNode *pSMime; -} certDBSubjectEntryMap; - -/* - * A map of a certdb. - */ -typedef struct -{ - int numCerts; - int numSubjects; - int numNicknames; - int numSMime; - certDBEntryListNode certs; /* pointer to head of cert list */ - certDBEntryListNode subjects; /* pointer to head of subject list */ - certDBEntryListNode nicknames; /* pointer to head of nickname list */ - certDBEntryListNode smime; /* pointer to head of smime list */ -} certDBArray; - -/* Cast list to the base element, a certDBEntryListNode. */ -#define LISTNODE_CAST(node) \ - ((certDBEntryListNode *)(node)) - -static void -Usage(char *progName) -{ -#define FPS fprintf(stderr, - FPS "Type %s -H for more detailed descriptions\n", progName); - FPS "Usage: %s -D [-d certdir] [-i dbname] [-m] [-v [-f dumpfile]]\n", - progName); - FPS " %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n", - progName); - exit(-1); -} - -static void -LongUsage(char *progName) -{ - FPS "%-15s Display this help message.\n", - "-H"); - FPS "%-15s Dump analysis. No changes will be made to the database.\n", - "-D"); - FPS "%-15s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-15s Input cert database name (default is cert7.db)\n", - " -i dbname"); - FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n", - " -m"); - FPS "%-15s This will produce an index graph of your cert db and send\n", - ""); - FPS "%-15s it to Netscape for analysis. Personal info will be removed.\n", - ""); - FPS "%-15s Verbose mode. Dumps the entire contents of your cert7.db.\n", - " -v"); - FPS "%-15s File to dump verbose output into.\n", - " -f dumpfile"); - FPS "%-15s Repair the database. The program will look for broken\n", - "-R"); - FPS "%-15s dependencies between subject entries and certificates,\n", - ""); - FPS "%-15s between nickname entries and subjects, and between SMIME\n", - ""); - FPS "%-15s profiles and subjects. Any duplicate entries will be\n", - ""); - FPS "%-15s removed, any missing entries will be created.\n", - ""); - FPS "%-15s File to store new database in (default is new_cert7.db)\n", - " -o newdbname"); - FPS "%-15s Cert database directory (default is ~/.netscape)\n", - " -d certdir"); - FPS "%-15s Input cert database name (default is cert7.db)\n", - " -i dbname"); - FPS "%-15s Prompt before removing any certificates.\n", - " -p"); - FPS "%-15s Keep all possible certificates. Only remove certificates\n", - " -a"); - FPS "%-15s which prevent creation of a consistent database. Thus any\n", - ""); - FPS "%-15s expired or redundant entries will be kept.\n", - ""); - FPS "%-15s Keep redundant nickname/email entries. It is possible\n", - " -r"); - FPS "%-15s only one such entry will be usable.\n", - ""); - FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n", - " -s"); - FPS "%-15s cert. An empty profile will be created.\n", - ""); - FPS "%-15s Keep expired certificates.\n", - " -x"); - FPS "%-15s Verbose mode - report all activity while recovering db.\n", - " -v"); - FPS "%-15s File to dump verbose output into.\n", - " -f dumpfile"); - FPS "\n"); - exit(-1); -#undef FPS -} - -/******************************************************************* - * - * Functions for dbck. - * - ******************************************************************/ - -void -printHexString(PRFileDesc *out, SECItem *hexval) -{ - int i; - for (i = 0; i < hexval->len; i++) { - if (i != hexval->len - 1) { - PR_fprintf(out, "%02x:", hexval->data[i]); - } else { - PR_fprintf(out, "%02x", hexval->data[i]); - } - } - PR_fprintf(out, "\n"); -} - -typedef enum { -/* 0*/ NoSubjectForCert = 0, -/* 1*/ SubjectHasNoKeyForCert, -/* 2*/ NoNicknameOrSMimeForSubject, -/* 3*/ WrongNicknameForSubject, -/* 4*/ NoNicknameEntry, -/* 5*/ WrongSMimeForSubject, -/* 6*/ NoSMimeEntry, -/* 7*/ NoSubjectForNickname, -/* 8*/ NoSubjectForSMime, -/* 9*/ NicknameAndSMimeEntry -} dbErrorType; - -static char *dbErrorString[] = { -/* 0*/ "\nDid not find a subject entry for this certificate.", -/* 1*/ "\nSubject has certKey which is not in db.", -/* 2*/ "\nSubject does not have a nickname or email address.", -/* 3*/ "\nUsing this subject's nickname, found a nickname entry for a different subject.", -/* 4*/ "\nDid not find a nickname entry for this subject.", -/* 5*/ "\nUsing this subject's email, found an S/MIME entry for a different subject.", -/* 6*/ "\nDid not find an S/MIME entry for this subject.", -/* 7*/ "\nDid not find a subject entry for this nickname.", -/* 8*/ "\nDid not find a subject entry for this S/MIME profile.", -}; - -SECStatus -dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile) -{ - int userCert = 0; - CERTCertTrust *trust = cert->trust; - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - if (num >= 0) { - PR_fprintf(outfile, "Certificate: %3d\n", num); - } else { - PR_fprintf(outfile, "Certificate:\n"); - } - PR_fprintf(outfile, "----------------\n"); - if (userCert) - PR_fprintf(outfile, "(User Cert)\n"); - PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName); - PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName); - PR_fprintf(outfile, "## SERIAL NUMBER: "); - printHexString(outfile, &cert->serialNumber); - { /* XXX should be separate function. */ - int64 timeBefore, timeAfter; - PRExplodedTime beforePrintable, afterPrintable; - char *beforestr, *afterstr; - DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore); - DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter); - PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable); - PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable); - beforestr = PORT_Alloc(100); - afterstr = PORT_Alloc(100); - PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable); - PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable); - PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr); - } - PR_fprintf(outfile, "\n"); - return SECSuccess; -} - -SECStatus -dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile) -{ - CERTCertificate *cert; - cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL); - if (!cert) { - fprintf(stderr, "Failed to decode certificate.\n"); - return SECFailure; - } - cert->trust = &entry->trust; - dumpCertificate(cert, num, outfile); - CERT_DestroyCertificate(cert); - return SECSuccess; -} - -SECStatus -dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile) -{ - char *subjectName; - subjectName = CERT_DerNameToAscii(&entry->derSubject); - PR_fprintf(outfile, "Subject: %3d\n", num); - PR_fprintf(outfile, "------------\n"); - PR_fprintf(outfile, "## %s\n", subjectName); - if (entry->nickname) - PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname); - if (entry->emailAddr) - PR_fprintf(outfile, "## Subject email address: %s\n", - entry->emailAddr); - PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts); - PR_fprintf(outfile, "\n"); - PORT_Free(subjectName); - return SECSuccess; -} - -SECStatus -dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile) -{ - PR_fprintf(outfile, "Nickname: %3d\n", num); - PR_fprintf(outfile, "-------------\n"); - PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname); - return SECSuccess; -} - -SECStatus -dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile) -{ - PR_fprintf(outfile, "S/MIME Profile: %3d\n", num); - PR_fprintf(outfile, "-------------------\n"); - PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr); - PR_fprintf(outfile, "## OPTIONS: "); - printHexString(outfile, &entry->smimeOptions); - PR_fprintf(outfile, "## TIMESTAMP: "); - printHexString(outfile, &entry->optionsDate); - PR_fprintf(outfile, "\n"); - return SECSuccess; -} - -SECStatus -mapCertEntries(certDBArray *dbArray) -{ - certDBEntryCert *certEntry; - certDBEntrySubject *subjectEntry; - certDBEntryListNode *certNode, *subjNode; - certDBSubjectEntryMap *smap; - certDBEntryMap *map; - PRArenaPool *tmparena; - SECItem derSubject; - SECItem certKey; - PRCList *cElem, *sElem; - int i; - - /* Arena for decoded entries */ - tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (tmparena == NULL) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - return SECFailure; - } - - /* Iterate over cert entries and map them to subject entries. - * NOTE: mapSubjectEntries must be called first to alloc memory - * for array of subject->cert map. - */ - for (cElem = PR_LIST_HEAD(&dbArray->certs.link); - cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { - certNode = LISTNODE_CAST(cElem); - certEntry = (certDBEntryCert *)&certNode->entry; - map = (certDBEntryMap *)certNode->appData; - CERT_NameFromDERCert(&certEntry->derCert, &derSubject); - CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey); - /* Loop over found subjects for cert's DN. */ - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - subjNode = LISTNODE_CAST(sElem); - subjectEntry = (certDBEntrySubject *)&subjNode->entry; - if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) { - /* Found matching subject name, create link. */ - map->pSubject = subjNode; - /* Make sure subject entry has cert's key. */ - for (i=0; incerts; i++) { - if (SECITEM_ItemsAreEqual(&certKey, - &subjectEntry->certKeys[i])) { - /* Found matching cert key. */ - smap = (certDBSubjectEntryMap *)subjNode->appData; - smap->pCerts[i] = certNode; - break; - } - } - } - } - } - PORT_FreeArena(tmparena, PR_FALSE); - return SECSuccess; -} - -SECStatus -mapSubjectEntries(certDBArray *dbArray) -{ - certDBEntrySubject *subjectEntry; - certDBEntryNickname *nicknameEntry; - certDBEntrySMime *smimeEntry; - certDBEntryListNode *subjNode, *nickNode, *smimeNode; - certDBSubjectEntryMap *subjMap; - certDBEntryMap *nickMap, *smimeMap; - PRCList *sElem, *nElem, *mElem; - - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - /* Iterate over subject entries and map subjects to nickname - * and smime entries. The cert<->subject map will be handled - * by a subsequent call to mapCertEntries. - */ - subjNode = LISTNODE_CAST(sElem); - subjectEntry = (certDBEntrySubject *)&subjNode->entry; - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - /* need to alloc memory here for array of matching certs. */ - subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena, - subjectEntry->ncerts*sizeof(int)); - subjMap->numCerts = subjectEntry->ncerts; - if (subjectEntry->nickname) { - /* Subject should have a nickname entry, so create a link. */ - for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); - nElem != &dbArray->nicknames.link; - nElem = PR_NEXT_LINK(nElem)) { - /* Look for subject's nickname in nickname entries. */ - nickNode = LISTNODE_CAST(nElem); - nicknameEntry = (certDBEntryNickname *)&nickNode->entry; - nickMap = (certDBEntryMap *)nickNode->appData; - if (PL_strcmp(subjectEntry->nickname, - nicknameEntry->nickname) == 0) { - /* Found a nickname entry for subject's nickname. */ - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &nicknameEntry->subjectName)) { - /* Nickname and subject match. */ - subjMap->pNickname = nickNode; - nickMap->pSubject = subjNode; - } else { - /* Nickname entry found is for diff. subject. */ - subjMap->pNickname = WrongEntry; - } - } - } - } else { - subjMap->pNickname = NoNickname; - } - if (subjectEntry->emailAddr) { - /* Subject should have an smime entry, so create a link. */ - for (mElem = PR_LIST_HEAD(&dbArray->smime.link); - mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { - /* Look for subject's email in S/MIME entries. */ - smimeNode = LISTNODE_CAST(mElem); - smimeEntry = (certDBEntrySMime *)&smimeNode->entry; - smimeMap = (certDBEntryMap *)smimeNode->appData; - if (PL_strcmp(subjectEntry->emailAddr, - smimeEntry->emailAddr) == 0) { - /* Found a S/MIME entry for subject's email. */ - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &smimeEntry->subjectName)) { - /* S/MIME entry and subject match. */ - subjMap->pSMime = smimeNode; - smimeMap->pSubject = subjNode; - } else { - /* S/MIME entry found is for diff. subject. */ - subjMap->pSMime = WrongEntry; - } - } - } - } else { - subjMap->pSMime = NoSMime; - } - } - return SECSuccess; -} - -void -printnode(dbDebugInfo *info, const char *str, int num) -{ - if (!info->dograph) - return; - if (num < 0) { - PR_fprintf(info->graphfile, str); - } else { - PR_fprintf(info->graphfile, str, num); - } -} - -PRBool -map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent) -{ - if (mapPtr == NULL) { - if (indent > 0) - printnode(info, " ", -1); - if (indent >= 0) - printnode(info, "******************* ", -1); - return PR_FALSE; - } else if (mapPtr == WrongEntry) { - if (indent > 0) - printnode(info, " ", -1); - if (indent >= 0) - printnode(info, "??????????????????? ", -1); - return PR_FALSE; - } else { - return PR_TRUE; - } -} - -/* these call each other */ -void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, - int direction); -void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, - int direction); -void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, - int direction, int optindex, int opttype); -void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, - int direction); - -/* Given an smime entry, print its unique identifier. If GOLEFT is - * specified, print the cert<-subject<-smime map, else just print - * the smime entry. - */ -void -print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - /* Need to output subject and cert first, see print_subject_graph */ - subjNode = smimeMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 1)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GOLEFT, - smimeMap->index, certDBEntryTypeSMimeProfile); - } else { - printnode(info, "<---- S/MIME %5d ", smimeMap->index); - } - } else { - printnode(info, "S/MIME %5d ", smimeMap->index); - } -} - -/* Given a nickname entry, print its unique identifier. If GOLEFT is - * specified, print the cert<-subject<-nickname map, else just print - * the nickname entry. - */ -void -print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - /* Need to output subject and cert first, see print_subject_graph */ - subjNode = nickMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 1)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GOLEFT, - nickMap->index, certDBEntryTypeNickname); - } else { - printnode(info, "<---- Nickname %5d ", nickMap->index); - } - } else { - printnode(info, "Nickname %5d ", nickMap->index); - } -} - -/* Given a subject entry, if going right print the graph of the nickname|smime - * that it maps to (by its unique identifier); and if going left - * print the list of certs that it points to. - */ -void -print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap, - int direction, int optindex, int opttype) -{ - certDBEntryMap *map; - certDBEntryListNode *node; - int i; - /* The first line of output always contains the cert id, subject id, - * and nickname|smime id. Subsequent lines may contain additional - * cert id's for the subject if going left or both directions. - * Ex. of printing the graph for a subject entry: - * Cert 3 <- Subject 5 -> Nickname 32 - * Cert 8 / - * Cert 9 / - * means subject 5 has 3 certs, 3, 8, and 9, and corresponds - * to nickname entry 32. - * To accomplish the above, it is required to dump the entire first - * line left-to-right, regardless of the input direction, and then - * finish up any remaining cert entries. Hence the code is uglier - * than one may expect. - */ - if (direction == GOLEFT || direction == GOBOTH) { - /* In this case, nothing should be output until the first cert is - * located and output (cert 3 in the above example). - */ - if (subjMap->numCerts == 0 || subjMap->pCerts == NULL) - /* XXX uh-oh */ - return; - /* get the first cert and dump it. */ - node = subjMap->pCerts[0]; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going left here stops. */ - print_cert_graph(info, map, GOLEFT); - } - /* Now it is safe to output the subject id. */ - if (direction == GOLEFT) - printnode(info, "Subject %5d <---- ", subjMap->index); - else /* direction == GOBOTH */ - printnode(info, "Subject %5d ----> ", subjMap->index); - } - if (direction == GORIGHT || direction == GOBOTH) { - /* Okay, now output the nickname|smime for this subject. */ - if (direction != GOBOTH) /* handled above */ - printnode(info, "Subject %5d ----> ", subjMap->index); - if (subjMap->pNickname) { - node = subjMap->pNickname; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going right here stops. */ - print_nickname_graph(info, map, GORIGHT); - } - } - if (subjMap->pSMime) { - node = subjMap->pSMime; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going right here stops. */ - print_smime_graph(info, map, GORIGHT); - } - } - if (!subjMap->pNickname && !subjMap->pSMime) { - printnode(info, "******************* ", -1); - } - } - if (direction != GORIGHT) { /* going right has only one cert */ - if (opttype == certDBEntryTypeNickname) - printnode(info, "Nickname %5d ", optindex); - else if (opttype == certDBEntryTypeSMimeProfile) - printnode(info, "S/MIME %5d ", optindex); - for (i=1 /* 1st one already done */; inumCerts; i++) { - printnode(info, "\n", -1); /* start a new line */ - node = subjMap->pCerts[i]; - if (map_handle_is_ok(info, (void *)node, 0)) { - map = (certDBEntryMap *)node->appData; - /* going left here stops. */ - print_cert_graph(info, map, GOLEFT); - printnode(info, "/", -1); - } - } - } -} - -/* Given a cert entry, print its unique identifer. If GORIGHT is specified, - * print the cert->subject->nickname|smime map, else just print - * the cert entry. - */ -void -print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction) -{ - certDBSubjectEntryMap *subjMap; - certDBEntryListNode *subjNode; - if (direction == GOLEFT) { - printnode(info, "Cert %5d <---- ", certMap->index); - /* only want cert entry, terminate here. */ - return; - } - /* Keep going right then. */ - printnode(info, "Cert %5d ----> ", certMap->index); - subjNode = certMap->pSubject; - if (map_handle_is_ok(info, (void *)subjNode, 0)) { - subjMap = (certDBSubjectEntryMap *)subjNode->appData; - print_subject_graph(info, subjMap, GORIGHT, -1, -1); - } -} - -SECStatus -computeDBGraph(certDBArray *dbArray, dbDebugInfo *info) -{ - PRCList *cElem, *sElem, *nElem, *mElem; - certDBEntryListNode *node; - certDBEntryMap *map; - certDBSubjectEntryMap *subjMap; - - /* Graph is of this form: - * - * certs: - * cert ---> subject ---> (nickname|smime) - * - * subjects: - * cert <--- subject ---> (nickname|smime) - * - * nicknames and smime: - * cert <--- subject <--- (nickname|smime) - */ - - /* Print cert graph. */ - for (cElem = PR_LIST_HEAD(&dbArray->certs.link); - cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) { - /* Print graph of everything to right of cert entry. */ - node = LISTNODE_CAST(cElem); - map = (certDBEntryMap *)node->appData; - print_cert_graph(info, map, GORIGHT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print subject graph. */ - for (sElem = PR_LIST_HEAD(&dbArray->subjects.link); - sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) { - /* Print graph of everything to both sides of subject entry. */ - node = LISTNODE_CAST(sElem); - subjMap = (certDBSubjectEntryMap *)node->appData; - print_subject_graph(info, subjMap, GOBOTH, -1, -1); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print nickname graph. */ - for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link); - nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) { - /* Print graph of everything to left of nickname entry. */ - node = LISTNODE_CAST(nElem); - map = (certDBEntryMap *)node->appData; - print_nickname_graph(info, map, GOLEFT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - /* Print smime graph. */ - for (mElem = PR_LIST_HEAD(&dbArray->smime.link); - mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) { - /* Print graph of everything to left of smime entry. */ - node = LISTNODE_CAST(mElem); - if (node == NULL) break; - map = (certDBEntryMap *)node->appData; - print_smime_graph(info, map, GOLEFT); - printnode(info, "\n", -1); - } - printnode(info, "\n", -1); - - return SECSuccess; -} - -/* - * List the entries in the db, showing handles between entry types. - */ -void -verboseOutput(certDBArray *dbArray, dbDebugInfo *info) -{ - int i, ref; - PRCList *elem; - certDBEntryListNode *node; - certDBEntryMap *map; - certDBSubjectEntryMap *smap; - certDBEntrySubject *subjectEntry; - - /* List certs */ - for (elem = PR_LIST_HEAD(&dbArray->certs.link); - elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out); - /* walk the cert handle to it's subject entry */ - if (map_handle_is_ok(info, map->pSubject, -1)) { - smap = (certDBSubjectEntryMap *)map->pSubject->appData; - ref = smap->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - /* List subjects */ - for (elem = PR_LIST_HEAD(&dbArray->subjects.link); - elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - subjectEntry = (certDBEntrySubject *)&node->entry; - smap = (certDBSubjectEntryMap *)node->appData; - dumpSubjectEntry(subjectEntry, smap->index, info->out); - /* iterate over subject's certs */ - for (i=0; inumCerts; i++) { - /* walk each subject handle to it's cert entries */ - if (map_handle_is_ok(info, smap->pCerts[i], -1)) { - ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index; - PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref); - } else { - PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i); - } - } - if (subjectEntry->nickname) { - /* walk each subject handle to it's nickname entry */ - if (map_handle_is_ok(info, smap->pNickname, -1)) { - ref = ((certDBEntryMap *)smap->pNickname->appData)->index; - PR_fprintf(info->out, "-->(nickname %d)\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n"); - } - } - if (subjectEntry->emailAddr) { - /* walk each subject handle to it's smime entry */ - if (map_handle_is_ok(info, smap->pSMime, -1)) { - ref = ((certDBEntryMap *)smap->pSMime->appData)->index; - PR_fprintf(info->out, "-->(s/mime %d)\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n"); - } - } - PR_fprintf(info->out, "\n\n"); - } - for (elem = PR_LIST_HEAD(&dbArray->nicknames.link); - elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index, - info->out); - if (map_handle_is_ok(info, map->pSubject, -1)) { - ref = ((certDBEntryMap *)map->pSubject->appData)->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - for (elem = PR_LIST_HEAD(&dbArray->smime.link); - elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - map = (certDBEntryMap *)node->appData; - dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out); - if (map_handle_is_ok(info, map->pSubject, -1)) { - ref = ((certDBEntryMap *)map->pSubject->appData)->index; - PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref); - } else { - PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n"); - } - } - PR_fprintf(info->out, "\n\n"); -} - -char *errResult[] = { - "Certificate entries that had no subject entry.", - "Certificate entries that had no key in their subject entry.", - "Subject entries that had no nickname or email address.", - "Redundant nicknames (subjects with the same nickname).", - "Subject entries that had no nickname entry.", - "Redundant email addresses (subjects with the same email address).", - "Subject entries that had no S/MIME entry.", - "Nickname entries that had no subject entry.", - "S/MIME entries that had no subject entry.", -}; - -int -fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type, - certDBEntryListNode *list) -{ - PRCList *elem; - certDBEntryListNode *node; - certDBEntryMap *mnode; - certDBSubjectEntryMap *smnode; - PRArenaPool *arena; - int count = 0; - /* Initialize a dummy entry in the list. The list head will be the - * next element, so this element is skipped by for loops. - */ - PR_INIT_CLIST((PRCList *)list); - /* Collect all of the cert db entries for this type into a list. */ - SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList, - (PRCList *)list); - for (elem = PR_LIST_HEAD(&list->link); - elem != &list->link; elem = PR_NEXT_LINK(elem)) { - /* Iterate over the entries and ... */ - node = (certDBEntryListNode *)elem; - if (type != certDBEntryTypeSubject) { - arena = PORT_NewArena(sizeof(*mnode)); - mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode)); - mnode->arena = arena; - /* ... assign a unique index number to each node, and ... */ - mnode->index = count; - /* ... set the map pointer for the node. */ - node->appData = (void *)mnode; - } else { - /* allocate some room for the cert pointers also */ - arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *)); - smnode = (certDBSubjectEntryMap *) - PORT_ArenaZAlloc(arena, sizeof(*smnode)); - smnode->arena = arena; - smnode->index = count; - node->appData = (void *)smnode; - } - count++; - } - return count; -} - -void -freeDBEntryList(PRCList *list) -{ - PRCList *next, *elem; - certDBEntryListNode *node; - certDBEntryMap *map; - - for (elem = PR_LIST_HEAD(list); elem != list;) { - next = PR_NEXT_LINK(elem); - node = (certDBEntryListNode *)elem; - map = (certDBEntryMap *)node->appData; - PR_REMOVE_LINK(&node->link); - PORT_FreeArena(map->arena, PR_TRUE); - PORT_FreeArena(node->entry.common.arena, PR_TRUE); - elem = next; - } -} - -void -DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile) -{ - int i, nCertsFound, nSubjFound, nErr; - int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime; - PRCList *elem; - char c; - dbDebugInfo info; - certDBArray dbArray; - - PORT_Memset(&dbArray, 0, sizeof(dbArray)); - PORT_Memset(&info, 0, sizeof(info)); - info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ; - info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ; - info.out = (out) ? out : PR_STDOUT; - info.graphfile = mailfile; - - /* Fill the array structure with cert/subject/nickname/smime entries. */ - dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert, - &dbArray.certs); - dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject, - &dbArray.subjects); - dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname, - &dbArray.nicknames); - dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile, - &dbArray.smime); - - /* Compute the map between the database entries. */ - mapSubjectEntries(&dbArray); - mapCertEntries(&dbArray); - computeDBGraph(&dbArray, &info); - - /* Store the totals for later reference. */ - nCerts = dbArray.numCerts; - nSubjects = dbArray.numSubjects; - nNicknames = dbArray.numNicknames; - nSMime = dbArray.numSMime; - nSubjCerts = 0; - for (elem = PR_LIST_HEAD(&dbArray.subjects.link); - elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) { - certDBSubjectEntryMap *smap; - smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData; - nSubjCerts += smap->numCerts; - } - - if (info.verbose) { - /* Dump the database contents. */ - verboseOutput(&dbArray, &info); - } - - freeDBEntryList(&dbArray.certs.link); - freeDBEntryList(&dbArray.subjects.link); - freeDBEntryList(&dbArray.nicknames.link); - freeDBEntryList(&dbArray.smime.link); - - PR_fprintf(info.out, "\n"); - PR_fprintf(info.out, "Database statistics:\n"); - PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n", - nCerts); - PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n", - nSubjects); - PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n", - nSubjCerts); - PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n", - nNicknames); - PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n", - nSMime); - PR_fprintf(info.out, "\n"); - - nErr = 0; - for (i=0; isubjectName) { - return NULL; - } - - tmp1 = PORT_Strstr(cert->subjectName, "E="); - tmp2 = PORT_Strstr(cert->subjectName, "MAIL="); - /* XXX Nelson has cert for KTrilli which does not have either - * of above but is email cert (has cert->emailAddr). - */ - if (!tmp1 && !tmp2 && !cert->emailAddr) { - return NULL; - } - - /* Server or CA cert, not personal email. */ - isCA = CERT_IsCACert(cert, NULL); - if (isCA) - return NULL; - - /* XXX CERT_IsCACert advertises checking the key usage ext., - but doesn't appear to. */ - /* Check the key usage extension. */ - if (cert->keyUsagePresent) { - /* Must at least be able to sign or encrypt (not neccesarily - * both if it is one of a dual cert). - */ - if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) || - (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT))) - return NULL; - - /* CA cert, not personal email. */ - if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN)) - return NULL; - } - - if (cert->emailAddr) { - email = PORT_Strdup(cert->emailAddr); - } else { - if (tmp1) - tmp1 += 2; /* "E=" */ - else - tmp1 = tmp2 + 5; /* "MAIL=" */ - len = strcspn(tmp1, ", "); - email = (char*)PORT_Alloc(len+1); - PORT_Strncpy(email, tmp1, len); - email[len] = '\0'; - } - - return email; -} - -SECStatus -deleteit(CERTCertificate *cert, void *arg) -{ - return SEC_DeletePermCertificate(cert); -} - -/* Different than DeleteCertificate - has the added bonus of removing - * all certs with the same DN. - */ -SECStatus -deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert, - PRFileDesc *outfile) -{ -#if 0 - certDBEntrySubject *subjectEntry; - certDBEntryNickname *nicknameEntry; - certDBEntrySMime *smimeEntry; - int i; -#endif - - if (outfile) { - PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n"); - PR_fprintf(outfile, "Deleting redundant certificate:\n"); - dumpCertificate(cert, -1, outfile); - } - - CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL); -#if 0 - CERT_LockDB(handle); - subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject); - /* It had better be there, or created a bad db. */ - PORT_Assert(subjectEntry); - for (i=0; incerts; i++) { - DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]); - } - DeleteDBSubjectEntry(handle, &cert->derSubject); - if (subjectEntry->emailAddr) { - smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr); - if (smimeEntry) { - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &smimeEntry->subjectName)) - /* Only delete it if it's for this subject! */ - DeleteDBSMimeEntry(handle, subjectEntry->emailAddr); - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - } - } - if (subjectEntry->nickname) { - nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname); - if (nicknameEntry) { - if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject, - &nicknameEntry->subjectName)) - /* Only delete it if it's for this subject! */ - DeleteDBNicknameEntry(handle, subjectEntry->nickname); - SEC_DestroyDBEntry((certDBEntry*)nicknameEntry); - } - } - SEC_DestroyDBEntry((certDBEntry*)subjectEntry); - CERT_UnlockDB(handle); -#endif - return SECSuccess; -} - -void -getCertsToDelete(char *numlist, int len, int *certNums, int nCerts) -{ - int j, num; - char *numstr, *numend, *end; - - numstr = numlist; - end = numstr + len - 1; - while (numstr != end) { - numend = strpbrk(numstr, ", \n"); - *numend = '\0'; - if (PORT_Strlen(numstr) == 0) - return; - num = PORT_Atoi(numstr); - if (numstr == numlist) - certNums[0] = num; - for (j=1; jpromptUser[errtype] == PR_FALSE) - return (info->removeType[errtype]); - switch (errtype) { - case dbInvalidCert: - PR_fprintf(PR_STDOUT, "******** Expired ********\n"); - PR_fprintf(PR_STDOUT, "Cert has expired.\n\n"); - dumpCertificate(certs[0], -1, PR_STDOUT); - PR_fprintf(PR_STDOUT, - "Keep it? (y/n - this one, Y/N - all expired certs) [n] "); - break; - case dbNoSMimeProfile: - PR_fprintf(PR_STDOUT, "******** No Profile ********\n"); - PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n"); - dumpCertificate(certs[0], -1, PR_STDOUT); - PR_fprintf(PR_STDOUT, - "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] "); - break; - case dbOlderCert: - PR_fprintf(PR_STDOUT, "******* Redundant nickname/email *******\n\n"); - PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n"); - for (i=0; ipromptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_TRUE; - return PR_TRUE; - } - getCertsToDelete(response, nb, certNums, nCerts); - return PR_TRUE; - } - /* User doesn't want to be prompted for this type anymore. */ - if (response[0] == 'Y') { - info->promptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_FALSE; - return PR_FALSE; - } else if (response[0] == 'N') { - info->promptUser[errtype] = PR_FALSE; - info->removeType[errtype] = PR_TRUE; - return PR_TRUE; - } - return (response[0] != 'y') ? PR_TRUE : PR_FALSE; -} - -SECStatus -addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info, - CERTCertDBHandle *oldhandle) -{ - SECStatus rv = SECSuccess; - PRBool allowOverride; - PRBool userCert; - SECCertTimeValidity validity; - CERTCertificate *oldCert = NULL; - CERTCertificate *dbCert = NULL; - CERTCertificate *newCert = NULL; - CERTCertTrust *trust; - certDBEntrySMime *smimeEntry = NULL; - char *email = NULL; - char *nickname = NULL; - int nCertsForSubject = 1; - - oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE, - certEntry->nickname); - if (!oldCert) { - info->dbErrors[dbBadCertificate]++; - SEC_DestroyDBEntry((certDBEntry*)certEntry); - return SECSuccess; - } - - oldCert->dbEntry = certEntry; - oldCert->trust = &certEntry->trust; - oldCert->dbhandle = oldhandle; - - trust = oldCert->trust; - - info->nOldCerts++; - - if (info->verbose) - PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n"); - - if (oldCert->nickname) - nickname = PORT_Strdup(oldCert->nickname); - - /* Always keep user certs. Skip ahead. */ - /* XXX if someone sends themselves a signed message, it is possible - for their cert to be imported as an "other" cert, not a user cert. - this mucks with smime entries... */ - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - if (userCert) - goto createcert; - - /* If user chooses so, ignore expired certificates. */ - allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) || - (oldCert->keyUsage == certUsageSSLServerWithStepUp)); - validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride); - /* If cert expired and user wants to delete it, ignore it. */ - if ((validity != secCertTimeValid) && - userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) { - info->dbErrors[dbInvalidCert]++; - if (info->verbose) { - PR_fprintf(info->out, "Deleting expired certificate:\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } - - /* New database will already have default certs, don't attempt - to overwrite them. */ - dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert); - if (dbCert) { - info->nCerts++; - if (info->verbose) { - PR_fprintf(info->out, "Added certificate to database:\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } - - /* Determine if cert is S/MIME and get its email if so. */ - email = IsEmailCert(oldCert); - - /* - XXX Just create empty profiles? - if (email) { - SECItem *profile = CERT_FindSMimeProfile(oldCert); - if (!profile && - userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) { - info->dbErrors[dbNoSMimeProfile]++; - if (info->verbose) { - PR_fprintf(info->out, - "Deleted cert missing S/MIME profile.\n"); - dumpCertificate(oldCert, -1, info->out); - } - goto cleanup; - } else { - SECITEM_FreeItem(profile); - } - } - */ - -createcert: - - /* Sometimes happens... */ - if (!nickname && userCert) - nickname = PORT_Strdup(oldCert->subjectName); - - /* Create a new certificate, copy of the old one. */ - newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert, - nickname, PR_FALSE, PR_TRUE); - if (!newCert) { - PR_fprintf(PR_STDERR, "Unable to create new certificate.\n"); - dumpCertificate(oldCert, -1, PR_STDERR); - info->dbErrors[dbBadCertificate]++; - goto cleanup; - } - - /* Add the cert to the new database. */ - rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust); - if (rv) { - PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n"); - dumpCertificate(oldCert, -1, PR_STDERR); - info->dbErrors[dbCertNotWrittenToDB]++; - goto cleanup; - } - - if (info->verbose) { - PR_fprintf(info->out, "Added certificate to database:\n"); - dumpCertificate(oldCert, -1, info->out); - } - - /* If the cert is an S/MIME cert, and the first with it's subject, - * modify the subject entry to include the email address, - * CERT_AddTempCertToPerm does not do email addresses and S/MIME entries. - */ - if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */ -#if 0 - UpdateSubjectWithEmailAddr(newCert, email); -#endif - SECItem emailProfile, profileTime; - rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime); - /* calls UpdateSubjectWithEmailAddr */ - if (rv == SECSuccess) - rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime); - } - - info->nCerts++; - -cleanup: - - if (nickname) - PORT_Free(nickname); - if (email) - PORT_Free(email); - if (oldCert) - CERT_DestroyCertificate(oldCert); - if (dbCert) - CERT_DestroyCertificate(dbCert); - if (newCert) - CERT_DestroyCertificate(newCert); - if (smimeEntry) - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - return SECSuccess; -} - -#if 0 -SECStatus -copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata) -{ - SECStatus rv; - CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata; - certDBEntryCommon common; - SECItem dbkey; - - common.type = type; - common.version = CERT_DB_FILE_VERSION; - common.flags = data->data[2]; - common.arena = NULL; - - dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN; - dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char)); - PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len); - dbkey.data[0] = type; - - rv = WriteDBEntry(newdb, &common, &dbkey, data); - - PORT_Free(dbkey.data); - return rv; -} -#endif - -int -certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2) -{ - return !CERT_IsNewer(*cert1, *cert2); -} - -int -findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum, - certDBArray *dbArray, dbRestoreInfo *info, - int *subjectWithSMime, int *smimeForSubject) -{ - int newestSubject; - int subjectsForEmail[50]; - int i, j, ns, sNum; - certDBEntryListNode *subjects = &dbArray->subjects; - certDBEntryListNode *smime = &dbArray->smime; - certDBEntrySubject *subjectEntry1, *subjectEntry2; - certDBEntrySMime *smimeEntry; - CERTCertificate **certs; - CERTCertificate *cert; - CERTCertTrust *trust; - PRBool userCert; - int *certNums; - - ns = 0; - subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum]; - subjectsForEmail[ns++] = subjectNum; - - *subjectWithSMime = -1; - *smimeForSubject = -1; - newestSubject = subjectNum; - - cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]); - if (cert) { - trust = cert->trust; - userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) || - (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER); - CERT_DestroyCertificate(cert); - } - - /* Loop over the remaining subjects. */ - for (i=subjectNum+1; iemailAddr && - PORT_Strcmp(subjectEntry1->emailAddr, - subjectEntry2->emailAddr) == 0) { - /* Found a subject using the same email address. */ - subjectsForEmail[ns++] = i; - } - } - - /* Find the S/MIME entry for this email address. */ - for (i=0; icommon.arena == NULL) - continue; - if (PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) { - /* Find which of the subjects uses this S/MIME entry. */ - for (j=0; jsubjectName, - &subjectEntry2->derSubject)) { - /* Found the subject corresponding to the S/MIME entry. */ - *subjectWithSMime = sNum; - *smimeForSubject = i; - } - } - SEC_DestroyDBEntry((certDBEntry*)smimeEntry); - PORT_Memset(smimeEntry, 0, sizeof(certDBEntry)); - break; - } - } - - if (ns <= 1) - return subjectNum; - - if (userCert) - return *subjectWithSMime; - - /* Now find which of the subjects has the newest cert. */ - certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*)); - certNums = (int*)PORT_Alloc((ns+1)*sizeof(int)); - certNums[0] = 0; - for (i=0; icertKeys[0]); - certNums[i+1] = i; - } - /* Sort the array by validity. */ - qsort(certs, ns, sizeof(CERTCertificate*), - (int (*)(const void *, const void *))certIsOlder); - newestSubject = -1; - for (i=0; iderSubject, - &certs[0]->derSubject)) - newestSubject = sNum; - else - SEC_DestroyDBEntry((certDBEntry*)subjectEntry1); - } - if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) { - for (i=1; i= 0 && certNums[i] != certNums[0]) { - deleteAllEntriesForCert(handle, certs[certNums[i]], info->out); - info->dbErrors[dbOlderCert]++; - } - } - } - CERT_DestroyCertArray(certs, ns); - return newestSubject; -} - -CERTCertDBHandle * -DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname, - PRFileDesc *outfile, PRBool removeExpired, - PRBool requireProfile, PRBool singleEntry, - PRBool promptUser) -{ - SECStatus rv; - dbRestoreInfo info; - certDBEntryContentVersion *oldContentVersion; - certDBArray dbArray; - int i; - - PORT_Memset(&dbArray, 0, sizeof(dbArray)); - PORT_Memset(&info, 0, sizeof(info)); - info.verbose = (outfile) ? PR_TRUE : PR_FALSE; - info.out = (outfile) ? outfile : PR_STDOUT; - info.removeType[dbInvalidCert] = removeExpired; - info.removeType[dbNoSMimeProfile] = requireProfile; - info.removeType[dbOlderCert] = singleEntry; - info.promptUser[dbInvalidCert] = promptUser; - info.promptUser[dbNoSMimeProfile] = promptUser; - info.promptUser[dbOlderCert] = promptUser; - - /* Allocate a handle to fill with CERT_OpenCertDB below. */ - info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle)); - if (!info.handle) { - fprintf(stderr, "unable to get database handle"); - return NULL; - } - - /* Create a certdb with the most recent set of roots. */ - rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE); - - if (rv) { - fprintf(stderr, "could not open certificate database"); - goto loser; - } - - /* Create certificate, subject, nickname, and email records. - * mcom_db seems to have a sequential access bug. Though reads and writes - * should be allowed during traversal, they seem to screw up the sequence. - * So, stuff all the cert entries into an array, and loop over the array - * doing read/writes in the db. - */ - fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs); - for (elem = PR_LIST_HEAD(&dbArray->certs.link); - elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) { - node = LISTNODE_CAST(elem); - addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle); - /* entries get destroyed in addCertToDB */ - } -#if 0 - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile, - copyDBEntry, info.handle); -#endif - - /* Fix up the pointers between (nickname|S/MIME) --> (subject). - * Create S/MIME entries for S/MIME certs. - * Have the S/MIME entry point to the last-expiring cert using - * an email address. - */ -#if 0 - CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info); -#endif - - freeDBEntryList(&dbArray.certs.link); - - /* Copy over the version record. */ - /* XXX Already exists - and _must_ be correct... */ - /* - versionEntry = ReadDBVersionEntry(oldhandle); - rv = WriteDBVersionEntry(info.handle, versionEntry); - */ - - /* Copy over the content version record. */ - /* XXX Can probably get useful info from old content version? - * Was this db created before/after this tool? etc. - */ -#if 0 - oldContentVersion = ReadDBContentVersionEntry(oldhandle); - CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle); -#endif - -#if 0 - /* Copy over the CRL & KRL records. */ - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation, - copyDBEntry, info.handle); - /* XXX Only one KRL, just do db->get? */ - rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation, - copyDBEntry, info.handle); -#endif - - PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts); - - PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts); - PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n", - info.dbErrors[dbInvalidCert]); - PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n", - info.dbErrors[dbNoSMimeProfile]); - PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n", - info.dbErrors[dbOlderCert]); - PR_fprintf(info.out, " Rejected %d corrupt certificates.\n", - info.dbErrors[dbBadCertificate]); - PR_fprintf(info.out, " Rejected %d certificates which did not write to the DB.\n", - info.dbErrors[dbCertNotWrittenToDB]); - - if (rv) - goto loser; - - return info.handle; - -loser: - if (info.handle) - PORT_Free(info.handle); - return NULL; -} -#endif /* DORECOVER */ - -enum { - cmd_Debug = 0, - cmd_LongUsage, - cmd_Recover -}; - -enum { - opt_KeepAll = 0, - opt_CertDir, - opt_Dumpfile, - opt_InputDB, - opt_OutputDB, - opt_Mailfile, - opt_Prompt, - opt_KeepRedundant, - opt_KeepNoSMimeProfile, - opt_Verbose, - opt_KeepExpired -}; - -static secuCommandFlag dbck_commands[] = -{ - { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE }, - { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE }, - { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE } -}; - -static secuCommandFlag dbck_options[] = -{ - { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE }, - { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE }, - { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE }, - { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE }, - { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE }, - { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE }, - { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE }, - { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE }, - { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE } -}; - -int -main(int argc, char **argv) -{ - CERTCertDBHandle *certHandle; - - PRFileInfo fileInfo; - PRFileDesc *mailfile = NULL; - PRFileDesc *dumpfile = NULL; - - char * pathname = 0; - char * fullname = 0; - char * newdbname = 0; - - PRBool removeExpired, requireProfile, singleEntry; - - SECStatus rv; - - secuCommand dbck; - dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag); - dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag); - dbck.commands = dbck_commands; - dbck.options = dbck_options; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - rv = SECU_ParseCommandLine(argc, argv, progName, &dbck); - - if (rv != SECSuccess) - Usage(progName); - - if (dbck.commands[cmd_LongUsage].activated) - LongUsage(progName); - - if (!dbck.commands[cmd_Debug].activated && - !dbck.commands[cmd_Recover].activated) { - PR_fprintf(PR_STDERR, "Please specify -D or -R.\n"); - Usage(progName); - } - - removeExpired = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepExpired].activated); - - requireProfile = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepNoSMimeProfile].activated); - - singleEntry = !(dbck.options[opt_KeepAll].activated || - dbck.options[opt_KeepRedundant].activated); - - if (dbck.options[opt_OutputDB].activated) { - newdbname = PL_strdup(dbck.options[opt_OutputDB].arg); - } else { - newdbname = PL_strdup("new_cert7.db"); - } - - /* Create a generic graph of the database. */ - if (dbck.options[opt_Mailfile].activated) { - mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660); - if (!mailfile) { - fprintf(stderr, "Unable to create mailfile.\n"); - return -1; - } - } - - /* Dump all debugging info while running. */ - if (dbck.options[opt_Verbose].activated) { - if (dbck.options[opt_Dumpfile].activated) { - dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg, - PR_RDWR | PR_CREATE_FILE, 00660); - } - if (!dumpfile) { - fprintf(stderr, "Unable to create dumpfile.\n"); - return -1; - } - } - - /* Set the cert database directory. */ - if (dbck.options[opt_CertDir].activated) { - SECU_ConfigDirectory(dbck.options[opt_CertDir].arg); - } - - PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SEC_Init(); - - certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle)); - if (!certHandle) { - SECU_PrintError(progName, "unable to get database handle"); - return -1; - } - - /* Open the possibly corrupt database. */ - if (dbck.options[opt_InputDB].activated) { - pathname = SECU_ConfigDirectory(NULL); - fullname = PR_smprintf("%s/%s", pathname, - dbck.options[opt_InputDB].arg); - if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { - fprintf(stderr, "Unable to read file \"%s\".\n", fullname); - return -1; - } - rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE); - } else { - /* Use the default. */ - fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION); - if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) { - fprintf(stderr, "Unable to read file \"%s\".\n", fullname); - return -1; - } - rv = CERT_OpenCertDB(certHandle, PR_TRUE, - SECU_CertDBNameCallback, NULL); - } - - if (rv) { - SECU_PrintError(progName, "unable to open cert database"); - return -1; - } - - if (dbck.commands[cmd_Debug].activated) { - DBCK_DebugDB(certHandle, dumpfile, mailfile); - return 0; - } - -#ifdef DORECOVER - if (dbck.commands[cmd_Recover].activated) { - DBCK_ReconstructDBFromCerts(certHandle, newdbname, - dumpfile, removeExpired, - requireProfile, singleEntry, - dbck.options[opt_Prompt].activated); - return 0; - } -#endif - - if (mailfile) - PR_Close(mailfile); - if (dumpfile) - PR_Close(dumpfile); - if (certHandle) { - CERT_ClosePermCertDB(certHandle); - PORT_Free(certHandle); - } - return -1; -} diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn deleted file mode 100644 index 8424f819d..000000000 --- a/security/nss/cmd/dbck/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = \ - dbck.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = dbm seccmd - -PROGRAM = dbck diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile deleted file mode 100644 index 573c12cac..000000000 --- a/security/nss/cmd/derdump/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c deleted file mode 100644 index 603d5f772..000000000 --- a/security/nss/cmd/derdump/derdump.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "nss.h" -#include - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fprintf(FILE *, char *, ...); -#endif -#endif -#include "plgetopt.h" - -static void Usage(char *progName) -{ - fprintf(stderr, - "Usage: %s [-r] [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n", - "-r"); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -int main(int argc, char **argv) -{ - char *progName; - int option; - FILE *outFile; - PRFileDesc *inFile; - SECItem der; - SECStatus rv; - int16 xp_error; - PRBool raw = PR_FALSE; - PLOptState *optstate; - PLOptStatus status; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - inFile = 0; - outFile = 0; - optstate = PL_CreateOptState(argc, argv, "i:o:r"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case 'i': - inFile = PR_Open(optstate->value, PR_RDONLY, 0); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - - case 'r': - raw = PR_TRUE; - break; - - default: - Usage(progName); - break; - } - } - if (status == PL_OPT_BAD) - Usage(progName); - - if (!inFile) inFile = PR_STDIN; - if (!outFile) outFile = stdout; - - rv = NSS_NoDB_Init(NULL); /* XXX */ - if (rv != SECSuccess) { - SECU_PrintPRandOSError(progName); - return -1; - } - - rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE); - if (rv == SECSuccess) { - rv = DER_PrettyPrint(outFile, &der, raw); - if (rv == SECSuccess) - return 0; - } - - xp_error = PORT_GetError(); - if (xp_error) { - SECU_PrintError(progName, "error %d", xp_error); - } - if (errno) { - SECU_PrintSystemError(progName, "errno=%d", errno); - } - return 1; -} diff --git a/security/nss/cmd/derdump/makefile.win b/security/nss/cmd/derdump/makefile.win deleted file mode 100644 index 9a9d4edef..000000000 --- a/security/nss/cmd/derdump/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = derdump -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn deleted file mode 100644 index c00df3509..000000000 --- a/security/nss/cmd/derdump/manifest.mn +++ /dev/null @@ -1,49 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = derdump.c - -PROGRAM = derdump diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile deleted file mode 100644 index 573c12cac..000000000 --- a/security/nss/cmd/digest/Makefile +++ /dev/null @@ -1,76 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - - -include ../platrules.mk - diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c deleted file mode 100644 index b9987265b..000000000 --- a/security/nss/cmd/digest/digest.c +++ /dev/null @@ -1,250 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "secutil.h" -#include "pk11func.h" -#include "secoid.h" - -#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4)) -#if !defined(WIN32) -extern int fread(char *, size_t, size_t, FILE*); -extern int fwrite(char *, size_t, size_t, FILE*); -extern int fprintf(FILE *, char *, ...); -#endif -#endif - -#include "plgetopt.h" - -static SECOidData * -HashTypeToOID(HASH_HashType hashtype) -{ - SECOidTag hashtag; - - if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL) - return NULL; - - switch (hashtype) { - case HASH_AlgMD2: - hashtag = SEC_OID_MD2; - break; - case HASH_AlgMD5: - hashtag = SEC_OID_MD5; - break; - case HASH_AlgSHA1: - hashtag = SEC_OID_SHA1; - break; - default: - fprintf(stderr, "A new hash type has been added to HASH_HashType.\n"); - fprintf(stderr, "This program needs to be updated!\n"); - return NULL; - } - - return SECOID_FindOIDByTag(hashtag); -} - -static SECOidData * -HashNameToOID(const char *hashName) -{ - HASH_HashType htype; - SECOidData *hashOID; - - for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) { - hashOID = HashTypeToOID(htype); - if (PORT_Strcasecmp(hashName, hashOID->desc) == 0) - break; - } - - if (htype == HASH_AlgTOTAL) - return NULL; - - return hashOID; -} - -static void -Usage(char *progName) -{ - HASH_HashType htype; - - fprintf(stderr, - "Usage: %s -t type [-i input] [-o output]\n", - progName); - fprintf(stderr, "%-20s Specify the digest method (must be one of\n", - "-t type"); - fprintf(stderr, "%-20s ", ""); - for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) { - fprintf(stderr, HashTypeToOID(htype)->desc); - if (htype == (HASH_AlgTOTAL - 2)) - fprintf(stderr, " or "); - else if (htype != (HASH_AlgTOTAL - 1)) - fprintf(stderr, ", "); - } - fprintf(stderr, " (case ignored))\n"); - fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n", - "-i input"); - fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n", - "-o output"); - exit(-1); -} - -static int -DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID) -{ - int nb; - unsigned char ibuf[4096], digest[32]; - PK11Context *hashcx; - unsigned int len; - SECStatus rv; - - hashcx = PK11_CreateDigestContext(hashOID->offset); - if (hashcx == NULL) { - return -1; - } - PK11_DigestBegin(hashcx); - - - for (;;) { - if (feof(inFile)) break; - nb = fread(ibuf, 1, sizeof(ibuf), inFile); - if (nb != sizeof(ibuf)) { - if (nb == 0) { - if (ferror(inFile)) { - PORT_SetError(SEC_ERROR_IO); - PK11_DestroyContext(hashcx,PR_TRUE); - return -1; - } - /* eof */ - break; - } - } - rv = PK11_DigestOp(hashcx, ibuf, nb); - if (rv != SECSuccess) { - PK11_DestroyContext(hashcx, PR_TRUE); - return -1; - } - } - - rv = PK11_DigestFinal(hashcx, digest, &len, 32); - PK11_DestroyContext(hashcx, PR_TRUE); - - if (rv != SECSuccess) return -1; - - nb = fwrite(digest, 1, len, outFile); - if (nb != len) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - - return 0; -} - -#include "nss.h" - -int -main(int argc, char **argv) -{ - char *progName; - int opt; - FILE *inFile, *outFile; - char *hashName; - SECOidData *hashOID; - PLOptState *optstate; - PLOptStatus status; - SECStatus rv; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - inFile = NULL; - outFile = NULL; - hashName = NULL; - - rv = NSS_Init("/tmp"); - if (rv != SECSuccess) { - fprintf(stderr, "%s: NSS_Init failed in directory %s\n", - progName, "/tmp"); - return -1; - } - - /* - * Parse command line arguments - */ - optstate = PL_CreateOptState(argc, argv, "t:i:o:"); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - case '?': - Usage(progName); - break; - - case 'i': - inFile = fopen(optstate->value, "r"); - if (!inFile) { - fprintf(stderr, "%s: unable to open \"%s\" for reading\n", - progName, optstate->value); - return -1; - } - break; - - case 'o': - outFile = fopen(optstate->value, "w"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - return -1; - } - break; - - case 't': - hashName = strdup(optstate->value); - break; - } - } - - if (!hashName) Usage(progName); - - if (!inFile) inFile = stdin; - if (!outFile) outFile = stdout; - - hashOID = HashNameToOID(hashName); - if (hashOID == NULL) { - fprintf(stderr, "%s: invalid digest type\n", progName); - Usage(progName); - } - - if (DigestFile(outFile, inFile, hashOID)) { - fprintf(stderr, "%s: problem digesting data (%s)\n", - progName, SECU_Strerror(PORT_GetError())); - return -1; - } - - return 0; -} diff --git a/security/nss/cmd/digest/makefile.win b/security/nss/cmd/digest/makefile.win deleted file mode 100644 index e8ec27ca2..000000000 --- a/security/nss/cmd/digest/makefile.win +++ /dev/null @@ -1,130 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -#cannot define PROGRAM in manifest compatibly with NT and UNIX -PROGRAM = digest -PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe -include <$(DEPTH)\config\config.mak> - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - $(NULL) - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -include <$(DEPTH)\config\rules.mak> - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn deleted file mode 100644 index 8150b2c1d..000000000 --- a/security/nss/cmd/digest/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - -DEFINES = -DNSPR20 - -CSRCS = digest.c - -PROGRAM = digest - diff --git a/security/nss/cmd/ilock/Makefile b/security/nss/cmd/ilock/Makefile deleted file mode 100644 index 4e39ffc3f..000000000 --- a/security/nss/cmd/ilock/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - diff --git a/security/nss/cmd/ilock/ilock.c b/security/nss/cmd/ilock/ilock.c deleted file mode 100644 index 3e2390b8d..000000000 --- a/security/nss/cmd/ilock/ilock.c +++ /dev/null @@ -1,199 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape Portable Runtime (NSPR). - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* -** File: ilock.c -** Description: ilock.c is a unit test for nssilock. ilock.c -** tests the basic operation of nssilock. It should not be -** considered a complete test suite. -** -** To check that logging works, before running this test, -** define the following environment variables: -** -** -** -** -** -*/ - -#include -#include -#include -#include -#include - - -/* -** Test harness infrastructure -*/ -PRLogModuleInfo *lm; -PRLogModuleLevel msgLevel = PR_LOG_NONE; -PRIntn debug = 0; -PRUint32 failed_already = 0; -/* end Test harness infrastructure */ - -PRIntn optIterations = 1; /* default iterations */ - -PRIntn main(PRIntn argc, char *argv[]) -{ - PRIntn i; - { - /* - ** Get command line options - */ - PLOptStatus os; - PLOptState *opt = PL_CreateOptState(argc, argv, "hdvi:"); - - while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) - { - if (PL_OPT_BAD == os) continue; - switch (opt->option) - { - case 'd': /* debug */ - debug = 1; - msgLevel = PR_LOG_ERROR; - break; - case 'v': /* verbose mode */ - msgLevel = PR_LOG_DEBUG; - break; - case 'i': /* number of iterations */ - optIterations = atol( opt->value ); - if ( 0 == optIterations ) optIterations = 1; /* coerce default on zero */ - break; - default: - break; - } - } - PL_DestroyOptState(opt); - } - - for ( i = 0 ; i < optIterations ; i++ ) { - /* First, test Lock */ - { - PZLock *pl; - PZMonitor *pm; - PZCondVar *cv; - PRStatus rc; - - pl = PZ_NewLock( nssILockOther ); - if ( NULL == pl ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_Lock( pl ); - - rc = PZ_Unlock( pl ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_DestroyLock( pl ); - - /* now, test CVar */ - /* re-create the lock we just destroyed */ - pl = PZ_NewLock( nssILockOther ); - if ( NULL == pl ) { - failed_already = PR_TRUE; - goto Finished; - } - - cv = PZ_NewCondVar( pl ); - if ( NULL == cv ) { - failed_already = PR_TRUE; - goto Finished; - } - - PZ_Lock( pl ); - rc = PZ_NotifyCondVar( cv ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - - rc = PZ_NotifyAllCondVar( cv ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - - rc = PZ_WaitCondVar( cv, PR_SecondsToInterval(1)); - if ( PR_FAILURE == rc ) { - if ( PR_UNKNOWN_ERROR != PR_GetError()) { - failed_already = PR_TRUE; - goto Finished; - } - } - PZ_Unlock( pl ); - PZ_DestroyCondVar( cv ); - - /* Now, test Monitor */ - pm = PZ_NewMonitor( nssILockOther ); - if ( NULL == pm ) { - failed_already = PR_TRUE; - goto Finished; - } - - PZ_EnterMonitor( pm ); - - rc = PZ_Notify( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_NotifyAll( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_Wait( pm, PR_INTERVAL_NO_WAIT ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - rc = PZ_ExitMonitor( pm ); - if ( PR_FAILURE == rc ) { - failed_already = PR_TRUE; - goto Finished; - } - PZ_DestroyMonitor( pm ); - } - } /* --- end for() --- */ - - -Finished: - if (debug) printf("%s\n", (failed_already)? "FAIL" : "PASS"); - return( (failed_already == PR_TRUE )? 1 : 0 ); -} /* main() */ -/* end ilock.c */ - diff --git a/security/nss/cmd/ilock/manifest.mn b/security/nss/cmd/ilock/manifest.mn deleted file mode 100644 index fcea16608..000000000 --- a/security/nss/cmd/ilock/manifest.mn +++ /dev/null @@ -1,44 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = ilock.c - -PROGRAM = ilock -# PROGRAM = ./$(OBJDIR)/ilock.exe - diff --git a/security/nss/cmd/include/secnew.h b/security/nss/cmd/include/secnew.h deleted file mode 100644 index eb4c30acd..000000000 --- a/security/nss/cmd/include/secnew.h +++ /dev/null @@ -1,163 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifndef __secnew_h_ -#define __secnew_h_ - -#include - -typedef struct BERTemplateStr BERTemplate; -typedef struct BERParseStr BERParse; -typedef struct SECArbStr SECArb; - -/* - * An array of these structures define an encoding for an object using - * DER. The array is terminated with an entry where kind == 0. - */ -struct BERTemplateStr { - /* Kind of item to decode/encode */ - unsigned long kind; - - /* - * Offset from base of structure to SECItem that will hold - * decoded/encoded value. - */ - unsigned short offset; - - /* - * Used with DER_SET or DER_SEQUENCE. If not zero then points to a - * sub-template. The sub-template is filled in and completed before - * continuing on. - */ - BERTemplate *sub; - - /* - * Argument value, dependent on kind. Size of structure to allocate - * when kind==DER_POINTER For Context-Specific Implicit types its the - * underlying type to use. - */ - unsigned long arg; -}; - -/* - * an arbitrary object - */ -struct SECArbStr { - unsigned long tag; /* NOTE: does not support high tag form */ - unsigned long length; /* as reported in stream */ - union { - SECItem item; - struct { - int numSubs; - SECArb **subs; - } cons; - } body; -}; - -/* - * Decode a piece of der encoded data. - * "dest" points to a structure that will be filled in with the - * decoding results. - * "t" is a template structure which defines the shape of the - * expected data. - * "src" is the ber encoded data. - */ - -extern SECStatus BER_Decode(PRArenaPool * arena, void *dest, BERTemplate *t, - SECArb *arb); - - -/* - * Encode a data structure into DER. - * "dest" will be filled in (and memory allocated) to hold the der - * encoded structure in "src" - * "t" is a template structure which defines the shape of the - * stored data - * "src" is a pointer to the structure that will be encoded - */ - -extern SECStatus BER_Encode(PRArenaPool *arena, SECItem *dest, BERTemplate *t, - void *src); - -/* - * Client provided function that will get called with all the bytes - * passing through the parser - */ -typedef void (*BERFilterProc)(void *instance, unsigned char *buf, int length); - -/* - * Client provided function that can will be called after the tag and - * length information has been collected. It can be set up to be called - * either before or after the data has been colleced. - */ -typedef void (*BERNotifyProc)( - void *instance, SECArb *arb, int depth, PRBool before); - -extern BERParse *BER_ParseInit(PRArenaPool *arena, PRBool forceDER); -extern SECArb *BER_ParseFini(BERParse *h); -extern SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len); - -extern void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance); -extern void BER_SetLeafStorage(BERParse *h, PRBool keep); -extern void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance, - PRBool beforeData); - -/* - * A BERUnparseProc is used as a callback to put the encoded SECArb tree - * tree to some stream. It returns PR_TRUE if the unparsing is to be - * aborted. - */ -typedef SECStatus (*BERUnparseProc)( - void *instance, unsigned char *data, int length, SECArb* arb); - -/* - * BER_Unparse walks the SECArb tree calling the BERUnparseProc with - * various pieces. It returns SECFailure if there was an error during that - * tree walk. - */ -extern SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance); - -/* - * BER_ResolveLengths does a recursive walk through the tree generating - * non-zero entries for the length field of each node. It will fail if it - * discoveres a non-constructed node with a unknown length data field. - * Leaves are supposed to be of known length. - */ -extern SECStatus BER_ResolveLengths(SECArb *arb); - -/* - * BER_PRettyPrintArb will write an ASCII version of the tree to the FILE - * out. - */ -extern SECStatus BER_PrettyPrintArb(FILE *out, SECArb* a); - -#endif /* __secnew_h_ */ diff --git a/security/nss/cmd/keyutil/Makefile b/security/nss/cmd/keyutil/Makefile deleted file mode 100644 index a2ed814be..000000000 --- a/security/nss/cmd/keyutil/Makefile +++ /dev/null @@ -1,73 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - -include ../platrules.mk diff --git a/security/nss/cmd/keyutil/keyutil.c b/security/nss/cmd/keyutil/keyutil.c deleted file mode 100644 index 65e6ad8b0..000000000 --- a/security/nss/cmd/keyutil/keyutil.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#include -#include -#endif - -#include "secopt.h" - -#if defined(XP_WIN) -#include -#include -#endif - -#if defined(__sun) && !defined(SVR4) -extern int fclose(FILE*); -extern int fprintf(FILE *, char *, ...); -extern int getopt(int, char**, char*); -extern int isatty(int); -extern char *optarg; -extern char *sys_errlist[]; -#define strerror(errno) sys_errlist[errno] -#endif - -#include "nspr.h" -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -static char *progName; - -static SECStatus -ListKeys(SECKEYKeyDBHandle *handle, FILE *out) -{ - int rt; - - rt = SECU_PrintKeyNames(handle, out); - if (rt) { - SECU_PrintError(progName, "unable to list nicknames"); - return SECFailure; - } - return SECSuccess; -} - -static SECStatus -DumpPublicKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *privKey; - SECKEYLowPublicKey *publicKey; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - privKey = SECU_GetPrivateKey(handle, nickname); - if (!privKey) { - return SECFailure; - } - - publicKey = SECKEY_LowConvertToPublicKey(privKey); - - /* Output public key (in the clear) */ - switch(publicKey->keyType) { - case rsaKey: - fprintf(out, "RSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent, - "publicExponent", 1); - break; - case dsaKey: - fprintf(out, "DSA Public-Key:\n"); - SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime, - "subPrime", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -DumpPrivateKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out) -{ - SECKEYLowPrivateKey *key; - - /* check if key actually exists */ - if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) { - SECU_PrintError(progName, "the key \"%s\" does not exist", nickname); - return SECFailure; - } - - /* Read in key */ - key = SECU_GetPrivateKey(handle, nickname); - if (!key) { - SECU_PrintError(progName, "error retrieving key"); - return SECFailure; - } - - switch(key->keyType) { - case rsaKey: - fprintf(out, "RSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1); - SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.privateExponent, - "privateExponent", 1); - SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1); - SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent1", 1); - SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1); - SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1); - break; - case dsaKey: - fprintf(out, "DSA Private-Key:\n"); - SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1); - SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1); - SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1); - SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1); - break; - default: - fprintf(out, "unknown key type\n"); - break; - } - return SECSuccess; -} - -static SECStatus -ChangePassword(SECKEYKeyDBHandle *handle) -{ - SECStatus rv; - - /* Write out database with a new password */ - rv = SECU_ChangeKeyDBPassword(handle, NULL); - if (rv) { - SECU_PrintError(progName, "unable to change key password"); - } - return rv; -} - -static SECStatus -DeletePrivateKey (SECKEYKeyDBHandle *keyHandle, char *nickName) -{ - SECStatus rv; - - rv = SECU_DeleteKeyByName (keyHandle, nickName); - if (rv != SECSuccess) - fprintf(stderr, "%s: problem deleting private key (%s)\n", - progName, SECU_Strerror(PR_GetError())); - return (rv); - -} - - -static void -Usage(const char *progName) -{ - fprintf(stderr, - "Usage: %s -p name [-d keydir]\n", progName); - fprintf(stderr, - " %s -P name [-d keydir]\n", progName); - fprintf(stderr, - " %s -D name [-d keydir]\n", progName); - fprintf(stderr, - " %s -l [-d keydir]\n", progName); - fprintf(stderr, - " %s -c [-d keydir]\n", progName); - - fprintf(stderr, "%-20s Pretty print public key info for named key\n", - "-p nickname"); - fprintf(stderr, "%-20s Pretty print private key info for named key\n", - "-P nickname"); - fprintf(stderr, "%-20s Delete named private key from the key database\n", - "-D nickname"); - fprintf(stderr, "%-20s List the nicknames for the keys in a database\n", - "-l"); - fprintf(stderr, "%-20s Change the key database password\n", - "-c"); - fprintf(stderr, "\n"); - fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n", - "-d keydir"); - - exit(-1); -} - -int main(int argc, char **argv) -{ - int o, changePassword, deleteKey, dumpPublicKey, dumpPrivateKey, list; - char *nickname; - SECStatus rv; - SECKEYKeyDBHandle *keyHandle; - - progName = strrchr(argv[0], '/'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - changePassword = deleteKey = dumpPublicKey = dumpPrivateKey = list = 0; - nickname = NULL; - - while ((o = getopt(argc, argv, "ADP:cd:glp:")) != -1) { - switch (o) { - case '?': - Usage(progName); - break; - - case 'A': - fprintf(stderr, "%s: Can no longer add a key.", progName); - fprintf(stderr, " Use pkcs12 to import a key.\n\n"); - Usage(progName); - break; - - case 'D': - deleteKey = 1; - nickname = optarg; - break; - - case 'P': - dumpPrivateKey = 1; - nickname = optarg; - break; - - case 'c': - changePassword = 1; - break; - - case 'd': - SECU_ConfigDirectory(optarg); - break; - - case 'g': - fprintf(stderr, "%s: Can no longer generate a key.", progName); - fprintf(stderr, " Use certutil to generate a cert request.\n\n"); - Usage(progName); - break; - - case 'l': - list = 1; - break; - - case 'p': - dumpPublicKey = 1; - nickname = optarg; - break; - } - } - - if (dumpPublicKey+changePassword+dumpPrivateKey+list+deleteKey != 1) - Usage(progName); - - if ((list || changePassword) && nickname) - Usage(progName); - - if ((dumpPublicKey || dumpPrivateKey || deleteKey) && !nickname) - Usage(progName); - - - /* Call the libsec initialization routines */ - PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); - SEC_Init(); - - /* - * XXX Note that the following opens the key database writable. - * If dumpPublicKey or dumpPrivateKey or list, though, we only want - * to open it read-only. There needs to be a better interface - * to the initialization routines so that we can specify which way - * to open it. - */ - rv = SECU_PKCS11Init(); - if (rv != SECSuccess) { - SECU_PrintError(progName, "SECU_PKCS11Init failed"); - return -1; - } - - keyHandle = SECKEY_GetDefaultKeyDB(); - if (keyHandle == NULL) { - SECU_PrintError(progName, "could not open key database"); - return -1; - } - - if (dumpPublicKey) { - rv = DumpPublicKey(keyHandle, nickname, stdout); - } else - if (changePassword) { - rv = ChangePassword(keyHandle); - } else - if (dumpPrivateKey) { - rv = DumpPrivateKey(keyHandle, nickname, stdout); - } else - if (list) { - rv = ListKeys(keyHandle, stdout); - } else - if (deleteKey) { - rv = DeletePrivateKey(keyHandle, nickname); - } - - - return rv ? -1 : 0; -} diff --git a/security/nss/cmd/keyutil/manifest.mn b/security/nss/cmd/keyutil/manifest.mn deleted file mode 100644 index 40b938cac..000000000 --- a/security/nss/cmd/keyutil/manifest.mn +++ /dev/null @@ -1,50 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -DEFINES += -DNSPR20 - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = \ - keyutil.c \ - $(NULL) - -# The MODULE is always implicitly required. -# Listing it here in REQUIRES makes it appear twice in the cc command line. -REQUIRES = seccmd dbm - - -PROGRAM = keyutil diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile deleted file mode 100644 index 0769c80a3..000000000 --- a/security/nss/cmd/lib/Makefile +++ /dev/null @@ -1,75 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include config.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h deleted file mode 100644 index bacdef6b2..000000000 --- a/security/nss/cmd/lib/NSPRerrs.h +++ /dev/null @@ -1,133 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* General NSPR 2.0 errors */ -/* Caller must #include "prerror.h" */ - -ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." ) -ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." ) -ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." ) -ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." ) -ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." ) -ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." ) -ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." ) -ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." ) -ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." ) -ER2( PR_IO_ERROR, "I/O function error." ) -ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." ) -ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." ) -ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." ) -ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." ) -ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." ) -ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." ) -ER2( PR_IS_CONNECTED_ERROR, "Already connected." ) -ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." ) -ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." ) -ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." ) -ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." ) -ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." ) -ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." ) -ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." ) -ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." ) -ER2( PR_FIND_SYMBOL_ERROR, -"Symbol not found in any of the loaded dynamic libraries." ) -ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." ) -ER2( PR_DIRECTORY_LOOKUP_ERROR, -"A directory lookup on a network address has failed." ) -ER2( PR_TPD_RANGE_ERROR, -"Attempt to access a TPD key that is out of range." ) -ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." ) -ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." ) -ER2( PR_NOT_SOCKET_ERROR, -"Network operation attempted on non-network file descriptor." ) -ER2( PR_NOT_TCP_SOCKET_ERROR, -"TCP-specific function attempted on a non-TCP file descriptor." ) -ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." ) -ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." ) -ER2( PR_OPERATION_NOT_SUPPORTED_ERROR, -"The requested operation is not supported by the platform." ) -ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR, -"The host operating system does not support the protocol requested." ) -ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." ) -ER2( PR_BUFFER_OVERFLOW_ERROR, -"The value requested is too large to be stored in the data buffer provided." ) -ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." ) -ER2( PR_RANGE_ERROR, "Unused." ) -ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." ) -ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." ) -ER2( PR_FILE_TOO_BIG_ERROR, -"Write would result in file larger than the system allows." ) -ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." ) -ER2( PR_PIPE_ERROR, "Unused." ) -ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." ) -ER2( PR_IS_DIRECTORY_ERROR, -"Cannot perform a normal file operation on a directory." ) -ER2( PR_LOOP_ERROR, "Symbolic link loop." ) -ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." ) -ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." ) -ER2( PR_NOT_DIRECTORY_ERROR, -"Cannot perform directory operation on a normal file." ) -ER2( PR_READ_ONLY_FILESYSTEM_ERROR, -"Cannot write to a read-only file system." ) -ER2( PR_DIRECTORY_NOT_EMPTY_ERROR, -"Cannot delete a directory that is not empty." ) -ER2( PR_FILESYSTEM_MOUNTED_ERROR, -"Cannot delete or rename a file object while the file system is busy." ) -ER2( PR_NOT_SAME_DEVICE_ERROR, -"Cannot rename a file to a file system on another device." ) -ER2( PR_DIRECTORY_CORRUPTED_ERROR, -"The directory object in the file system is corrupted." ) -ER2( PR_FILE_EXISTS_ERROR, -"Cannot create or rename a filename that already exists." ) -ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR, -"Directory is full. No additional filenames may be added." ) -ER2( PR_INVALID_DEVICE_STATE_ERROR, -"The required device was in an invalid state." ) -ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." ) -ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." ) -ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." ) -ER2( PR_FILE_SEEK_ERROR, "Seek error." ) -ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." ) -ER2( PR_IN_PROGRESS_ERROR, -"Operation is still in progress (probably a non-blocking connect)." ) -ER2( PR_ALREADY_INITIATED_ERROR, -"Operation has already been initiated (probably a non-blocking connect)." ) - -#ifdef PR_GROUP_EMPTY_ERROR -ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." ) -#endif - -#ifdef PR_INVALID_STATE_ERROR -ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." ) -#endif - -ER2( PR_MAX_ERROR, "Placeholder for the end of the list" ) diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h deleted file mode 100644 index 2059df6a2..000000000 --- a/security/nss/cmd/lib/SECerrs.h +++ /dev/null @@ -1,441 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* General security error codes */ -/* Caller must #include "secerr.h" */ - -ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0, -"An I/O error occurred during security authorization.") - -ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1, -"security library failure.") - -ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2, -"security library: received bad data.") - -ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3, -"security library: output length error.") - -ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4, -"security library has experienced an input length error.") - -ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5, -"security library: invalid arguments.") - -ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6, -"security library: invalid algorithm.") - -ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7, -"security library: invalid AVA.") - -ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8, -"Improperly formatted time string.") - -ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9, -"security library: improperly formatted DER-encoded message.") - -ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10, -"Peer's certificate has an invalid signature.") - -ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11, -"Peer's Certificate has expired.") - -ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12, -"Peer's Certificate has been revoked.") - -ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13, -"Peer's Certificate issuer is not recognized.") - -ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14, -"Peer's public key is invalid.") - -ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15, -"The security password entered is incorrect.") - -ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16, -"New password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17, -"security library: no nodelock.") - -ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18, -"security library: bad database.") - -ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19, -"security library: memory allocation failure.") - -ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20, -"Peer's certificate issuer has been marked as not trusted by the user.") - -ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21, -"Peer's certificate has been marked as not trusted by the user.") - -ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22), -"Certificate already exists in your database.") - -ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23), -"Downloaded certificate's name duplicates one already in your database.") - -ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24), -"Error adding certificate to database.") - -ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25), -"Error refiling the key for this certificate.") - -ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26), -"The private key for this certificate cannot be found in key database") - -ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27), -"This certificate is valid.") - -ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28), -"This certificate is not valid.") - -ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29), -"Cert Library: No Response") - -ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30), -"The certificate issuer's certificate has expired. Check your system date and time.") - -ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31), -"The CRL for the certificate's issuer has expired. Update it or check your system data and time.") - -ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32), -"The CRL for the certificate's issuer has an invalid signature.") - -ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33), -"New CRL has an invalid format.") - -ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34), -"Certificate extension value is invalid.") - -ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35), -"Certificate extension not found.") - -ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36), -"Issuer certificate is invalid.") - -ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37), -"Certificate path length constraint is invalid.") - -ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38), -"Certificate usages field is invalid.") - -ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39), -"**Internal ONLY module**") - -ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40), -"The key does not support the requested operation.") - -ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41), -"Certificate contains unknown critical extension.") - -ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42), -"New CRL is not later than the current one.") - -ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43), -"Not encrypted or signed: you do not yet have an email certificate.") - -ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44), -"Not encrypted: you do not have certificates for each of the recipients.") - -ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45), -"Cannot decrypt: you are not a recipient, or matching certificate and \ -private key not found.") - -ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46), -"Cannot decrypt: key encryption algorithm does not match your certificate.") - -ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47), -"Signature verification failed: no signer found, too many signers found, \ -or improper or corrupted data.") - -ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48), -"Unsupported or unknown key algorithm.") - -ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49), -"Cannot decrypt: encrypted using a disallowed algorithm or key size.") - - -/* Fortezza Alerts */ -ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50), -"Fortezza card has not been properly initialized. \ -Please remove it and return it to your issuer.") - -ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51), -"No Fortezza cards Found") - -ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52), -"No Fortezza card selected") - -ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53), -"Please select a personality to get more info on") - -ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54), -"Personality not found") - -ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55), -"No more information on that Personality") - -ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56), -"Invalid Pin") - -ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57), -"Couldn't initialize Fortezza personalities.") -/* end fortezza alerts. */ - -ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58), -"No KRL for this site's certificate has been found.") - -ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59), -"The KRL for this site's certificate has expired.") - -ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60), -"The KRL for this site's certificate has an invalid signature.") - -ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61), -"The key for this site's certificate has been revoked.") - -ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62), -"New KRL has an invalid format.") - -ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63), -"security library: need random data.") - -ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64), -"security library: no security module can perform the requested operation.") - -ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65), -"The security card or token does not exist, needs to be initialized, or has been removed.") - -ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66), -"security library: read-only database.") - -ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67), -"No slot or token was selected.") - -ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68), -"A certificate with the same nickname already exists.") - -ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69), -"A key with the same nickname already exists.") - -ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70), -"error while creating safe object") - -ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71), -"error while creating baggage object") - -ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72), -"Couldn't remove the principal") - -ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73), -"Couldn't delete the privilege") - -ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74), -"This principal doesn't have a certificate") - -ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75), -"Required algorithm is not allowed.") - -ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76), -"Error attempting to export certificates.") - -ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77), -"Error attempting to import certificates.") - -ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78), -"Unable to import. Decoding error. File not valid.") - -ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79), -"Unable to import. Invalid MAC. Incorrect password or corrupt file.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80), -"Unable to import. MAC algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81), -"Unable to import. Only password integrity and privacy modes supported.") - -ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82), -"Unable to import. File structure is corrupt.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83), -"Unable to import. Encryption algorithm not supported.") - -ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84), -"Unable to import. File version not supported.") - -ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85), -"Unable to import. Incorrect privacy password.") - -ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86), -"Unable to import. Same nickname already exists in database.") - -ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87), -"The user pressed cancel.") - -ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88), -"Not imported, already in database.") - -ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89), -"Message not sent.") - -ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90), -"Certificate key usage inadequate for attempted operation.") - -ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91), -"Certificate type not approved for application.") - -ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92), -"Address in signing certificate does not match address in message headers.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93), -"Unable to import. Error attempting to import private key.") - -ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94), -"Unable to import. Error attempting to import certificate chain.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95), -"Unable to export. Unable to locate certificate or key by nickname.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96), -"Unable to export. Private Key could not be located and exported.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97), -"Unable to export. Unable to write the export file.") - -ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98), -"Unable to import. Unable to read the import file.") - -ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99), -"Unable to export. Key database corrupt or deleted.") - -ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100), -"Unable to generate public/private key pair.") - -ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101), -"Password entered is invalid. Please pick a different one.") - -ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102), -"Old password entered incorrectly. Please try again.") - -ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103), -"Certificate nickname already in use.") - -ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104), -"Peer FORTEZZA chain has a non-FORTEZZA Certificate.") - -/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */ - -ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106), -"Invalid module name.") - -ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107), -"Invalid module path/filename") - -ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108), -"Unable to add module") - -ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109), -"Unable to delete module") - -ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110), -"New KRL is not later than the current one.") - -ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111), -"New CKL has different issuer than current CKL. Delete current CKL.") - -ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112), -"The Certifying Authority for this certificate is not permitted to issue a \ -certificate with this name.") - -ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113), -"The key revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114), -"The certificate revocation list for this certificate is not yet valid.") - -ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115), -"The requested certificate could not be found.") - -ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116), -"The signer's certificate could not be found.") - -ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117), -"The location for the certificate status server has invalid format.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118), -"The OCSP response cannot be fully decoded; it is of an unknown type.") - -ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119), -"The OCSP server returned unexpected/invalid HTTP data.") - -ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120), -"The OCSP server found the request to be corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121), -"The OCSP server experienced an internal error.") - -ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122), -"The OCSP server suggests trying again later.") - -ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123), -"The OCSP server requires a signature on this request.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124), -"The OCSP server has refused this request as unauthorized.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125), -"The OCSP server returned an unrecognizable status.") - -ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126), -"The OCSP server has no status for the certificate.") - -ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127), -"You must enable OCSP before performing this operation.") - -ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128), -"You must set the OCSP default responder before performing this operation.") - -ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129), -"The response from the OCSP server was corrupted or improperly formed.") - -ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130), -"The signer of the OCSP response is not authorized to give status for \ -this certificate.") - -ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131), -"The OCSP response is not yet valid (contains a date in the future).") - -ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132), -"The OCSP response contains out-of-date information.") diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h deleted file mode 100644 index 06803b849..000000000 --- a/security/nss/cmd/lib/SSLerrs.h +++ /dev/null @@ -1,366 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* SSL-specific security error codes */ -/* caller must include "sslerr.h" */ - -ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0, -"Unable to communicate securely. Peer does not support high-grade encryption.") - -ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1, -"Unable to communicate securely. Peer requires high-grade encryption which is not supported.") - -ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2, -"Cannot communicate securely with peer: no common encryption algorithm(s).") - -ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3, -"Unable to find the certificate or key necessary for authentication.") - -ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4, -"Unable to communicate securely with peer: peers's certificate was rejected.") - -/* unused (SSL_ERROR_BASE + 5),*/ - -ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6, -"The server has encountered bad data from the client.") - -ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7, -"The client has encountered bad data from the server.") - -ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8, -"Unsupported certificate type.") - -ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9, -"Peer using unsupported version of security protocol.") - -/* unused (SSL_ERROR_BASE + 10),*/ - -ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11, -"Client authentication failed: private key in key database does not match public key in certificate database.") - -ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12, -"Unable to communicate securely with peer: requested domain name does not match the server's certificate.") - -/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13), - defined in sslerr.h -*/ - -ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14), -"Peer only supports SSL version 2, which is locally disabled.") - - -ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15), -"SSL received a record with an incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16), -"SSL peer reports incorrect Message Authentication Code.") - -ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17), -"SSL peer cannot verify your certificate.") - -ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18), -"SSL peer rejected your certificate as revoked.") - -ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19), -"SSL peer rejected your certificate as expired.") - -ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20), -"Cannot connect: SSL is disabled.") - -ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21), -"Cannot connect: SSL peer is in another FORTEZZA domain.") - - -ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22), -"An unknown SSL cipher suite has been requested.") - -ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23), -"No cipher suites are present and enabled in this program.") - -ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24), -"SSL received a record with bad block padding.") - -ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25), -"SSL received a record that exceeded the maximum permissible length.") - -ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26), -"SSL attempted to send a record that exceeded the maximum permissible length.") - -/* - * Received a malformed (too long or short or invalid content) SSL handshake. - */ -ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27), -"SSL received a malformed Hello Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28), -"SSL received a malformed Client Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29), -"SSL received a malformed Server Hello handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30), -"SSL received a malformed Certificate handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31), -"SSL received a malformed Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32), -"SSL received a malformed Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33), -"SSL received a malformed Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34), -"SSL received a malformed Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35), -"SSL received a malformed Client Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36), -"SSL received a malformed Finished handshake message.") - -/* - * Received a malformed (too long or short) SSL record. - */ -ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37), -"SSL received a malformed Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38), -"SSL received a malformed Alert record.") - -ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39), -"SSL received a malformed Handshake record.") - -ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40), -"SSL received a malformed Application Data record.") - -/* - * Received an SSL handshake that was inappropriate for the state we're in. - * E.g. Server received message from server, or wrong state in state machine. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41), -"SSL received an unexpected Hello Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42), -"SSL received an unexpected Client Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43), -"SSL received an unexpected Server Hello handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44), -"SSL received an unexpected Certificate handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45), -"SSL received an unexpected Server Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46), -"SSL received an unexpected Certificate Request handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47), -"SSL received an unexpected Server Hello Done handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48), -"SSL received an unexpected Certificate Verify handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49), -"SSL received an unexpected Cllient Key Exchange handshake message.") - -ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50), -"SSL received an unexpected Finished handshake message.") - -/* - * Received an SSL record that was inappropriate for the state we're in. - */ -ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51), -"SSL received an unexpected Change Cipher Spec record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52), -"SSL received an unexpected Alert record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53), -"SSL received an unexpected Handshake record.") - -ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54), -"SSL received an unexpected Application Data record.") - -/* - * Received record/message with unknown discriminant. - */ -ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55), -"SSL received a record with an unknown content type.") - -ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56), -"SSL received a handshake message with an unknown message type.") - -ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57), -"SSL received an alert record with an unknown alert description.") - -/* - * Received an alert reporting what we did wrong. (more alerts above) - */ -ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58), -"SSL peer has closed this connection.") - -ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59), -"SSL peer was not expecting a handshake message it received.") - -ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60), -"SSL peer was unable to succesfully decompress an SSL record it received.") - -ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61), -"SSL peer was unable to negotiate an acceptable set of security parameters.") - -ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62), -"SSL peer rejected a handshake message for unacceptable content.") - -ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63), -"SSL peer does not support certificates of the type it received.") - -ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64), -"SSL peer had some unspecified issue with the certificate it received.") - - -ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65), -"SSL experienced a failure of its random number generator.") - -ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66), -"Unable to digitally sign data required to verify your certificate.") - -ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67), -"SSL was unable to extract the public key from the peer's certificate.") - -ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68), -"Unspecified failure while processing SSL Server Key Exchange handshake.") - -ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69), -"Unspecified failure while processing SSL Client Key Exchange handshake.") - -ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70), -"Bulk data encryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71), -"Bulk data decryption algorithm failed in selected cipher suite.") - -ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72), -"Attempt to write encrypted data to underlying socket failed.") - -ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73), -"MD5 digest function failed.") - -ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74), -"SHA-1 digest function failed.") - -ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75), -"MAC computation failed.") - -ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76), -"Failure to create Symmetric Key context.") - -ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77), -"Failure to unwrap the Symmetric key in Client Key Exchange message.") - -ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78), -"SSL Server attempted to use domestic-grade public key with export cipher suite.") - -ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79), -"PKCS11 code failed to translate an IV into a param.") - -ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80), -"Failed to initialize the selected cipher suite.") - -ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81), -"Client failed to generate session keys for SSL session.") - -ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82), -"Server has no key for the attempted key exchange algorithm.") - -ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83), -"PKCS#11 token was inserted or removed while operation was in progress.") - -ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84), -"No PKCS#11 token could be found to do a required operation.") - -ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85), -"Cannot communicate securely with peer: no common compression algorithm(s).") - -ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86), -"Cannot initiate another SSL handshake until current handshake is complete.") - -ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87), -"Received incorrect handshakes hash values from peer.") - -ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88), -"The certificate provided cannot be used with the selected key exchange algorithm.") - -ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89), -"No certificate authority is trusted for SSL client authentication.") - -ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90), -"Client's SSL session ID not found in server's session cache.") - -ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91), -"Peer was unable to decrypt an SSL record it received.") - -ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92), -"Peer received an SSL record that was longer than is permitted.") - -ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93), -"Peer does not recognize and trust the CA that issued your certificate.") - -ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94), -"Peer received a valid certificate, but access was denied.") - -ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95), -"Peer could not decode an SSL handshake message.") - -ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96), -"Peer reports failure of signature verification or key exchange.") - -ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97), -"Peer reports negotiation not in compliance with export regulations.") - -ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98), -"Peer reports incompatible or unsupported protocol version.") - -ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99), -"Server requires ciphers more secure than those supported by client.") - -ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100), -"Peer reports it experienced an internal error.") - -ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101), -"Peer user canceled handshake.") - -ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102), -"Peer does not permit renegotiation of SSL security parameters.") - diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c deleted file mode 100644 index c040ab2b1..000000000 --- a/security/nss/cmd/lib/berparse.c +++ /dev/null @@ -1,404 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -typedef enum { - tagDone, lengthDone, leafDone, compositeDone, - notDone, - parseError, parseComplete -} ParseState; - -typedef unsigned char Byte; -typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len); -typedef struct { - SECArb arb; - int pos; /* length from global start to item start */ - SECArb *parent; -} ParseStackElem; - -struct BERParseStr { - PRArenaPool *his; - PRArenaPool *mine; - ParseProc proc; - int stackDepth; - ParseStackElem *stackPtr; - ParseStackElem *stack; - int pending; /* bytes remaining to complete this part */ - int pos; /* running length of consumed characters */ - ParseState state; - PRBool keepLeaves; - PRBool derOnly; - BERFilterProc filter; - void *filterArg; - BERNotifyProc before; - void *beforeArg; - BERNotifyProc after; - void *afterArg; -}; - -#define UNKNOWN -1 - -static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len) -{ - unsigned char c = *(*buf)++; - (*len)--; - h->pos++; - if (h->filter) - (*h->filter)(h->filterArg, &c, 1); - return c; -} - -static void ParseTag(BERParse *h, unsigned char **buf, int *len) -{ - SECArb* arb = &(h->stackPtr->arb); - arb->tag = NextChar(h, buf, len); - - PORT_Assert(h->state == notDone); - - /* - * NOTE: This does not handle the high-tag-number form - */ - if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return; - } - - h->pending = UNKNOWN; - arb->length = UNKNOWN; - if (arb->tag & DER_CONSTRUCTED) { - arb->body.cons.numSubs = 0; - arb->body.cons.subs = NULL; - } else { - arb->body.item.len = UNKNOWN; - arb->body.item.data = NULL; - } - - h->state = tagDone; -} - -static void ParseLength(BERParse *h, unsigned char **buf, int *len) -{ - Byte b; - SECArb *arb = &(h->stackPtr->arb); - - PORT_Assert(h->state == notDone); - - if (h->pending == UNKNOWN) { - b = NextChar(h, buf, len); - if ((b & 0x80) == 0) { /* short form */ - arb->length = b; - /* - * if the tag and the length are both zero bytes, then this - * should be the marker showing end of list for the - * indefinite length composite - */ - if (arb->length == 0 && arb->tag == 0) - h->state = compositeDone; - else - h->state = lengthDone; - return; - } - - h->pending = b & 0x7f; - /* 0 implies this is an indefinite length */ - if (h->pending > 4) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return; - } - arb->length = 0; - } - - while ((*len > 0) && (h->pending > 0)) { - b = NextChar(h, buf, len); - arb->length = (arb->length << 8) + b; - h->pending--; - } - if (h->pending == 0) { - if (h->derOnly && (arb->length == 0)) - h->state = parseError; - else - h->state = lengthDone; - } - return; -} - -static void ParseLeaf(BERParse *h, unsigned char **buf, int *len) -{ - int count; - SECArb *arb = &(h->stackPtr->arb); - - PORT_Assert(h->state == notDone); - PORT_Assert(h->pending >= 0); - - if (*len < h->pending) - count = *len; - else - count = h->pending; - - if (h->keepLeaves) - memcpy(arb->body.item.data + arb->body.item.len, *buf, count); - if (h->filter) - (*h->filter)(h->filterArg, *buf, count); - *buf += count; - *len -= count; - arb->body.item.len += count; - h->pending -= count; - h->pos += count; - if (h->pending == 0) { - h->state = leafDone; - } - return; -} - -static void CreateArbNode(BERParse *h) -{ - SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb)); - - *arb = h->stackPtr->arb; - - /* - * Special case closing the root - */ - if (h->stackPtr == h->stack) { - PORT_Assert(arb->tag & DER_CONSTRUCTED); - h->state = parseComplete; - } else { - SECArb *parent = h->stackPtr->parent; - parent->body.cons.subs = DS_ArenaGrow( - h->his, parent->body.cons.subs, - (parent->body.cons.numSubs) * sizeof(SECArb*), - (parent->body.cons.numSubs + 1) * sizeof(SECArb*)); - parent->body.cons.subs[parent->body.cons.numSubs] = arb; - parent->body.cons.numSubs++; - h->proc = ParseTag; - h->state = notDone; - h->pending = UNKNOWN; - } - if (h->after) - (*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE); -} - -SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len) -{ - if (h->state == parseError) return PR_TRUE; - - while (len) { - (*h->proc)(h, &buf, &len); - if (h->state == parseComplete) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - if (h->state == parseError) return PR_TRUE; - PORT_Assert(h->state != parseComplete); - - if (h->state <= compositeDone) { - if (h->proc == ParseTag) { - PORT_Assert(h->state == tagDone); - h->proc = ParseLength; - h->state = notDone; - } else if (h->proc == ParseLength) { - SECArb *arb = &(h->stackPtr->arb); - PORT_Assert(h->state == lengthDone || h->state == compositeDone); - - if (h->before) - (*h->before)(h->beforeArg, arb, - h->stackPtr - h->stack, PR_TRUE); - - /* - * Check to see if this is the end of an indefinite - * length composite - */ - if (h->state == compositeDone) { - SECArb *parent = h->stackPtr->parent; - PORT_Assert(parent); - PORT_Assert(parent->tag & DER_CONSTRUCTED); - if (parent->length != 0) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - /* - * NOTE: This does not check for an indefinite length - * composite being contained inside a definite length - * composite. It is not clear that is legal. - */ - h->stackPtr--; - CreateArbNode(h); - } else { - h->stackPtr->pos = h->pos; - - - if (arb->tag & DER_CONSTRUCTED) { - SECArb *parent; - /* - * Make sure there is room on the stack before we - * stick anything else there. - */ - PORT_Assert(h->stackPtr - h->stack < h->stackDepth); - if (h->stackPtr - h->stack == h->stackDepth - 1) { - int newDepth = h->stackDepth * 2; - h->stack = DS_ArenaGrow(h->mine, h->stack, - sizeof(ParseStackElem) * h->stackDepth, - sizeof(ParseStackElem) * newDepth); - h->stackPtr = h->stack + h->stackDepth + 1; - h->stackDepth = newDepth; - } - parent = &(h->stackPtr->arb); - h->stackPtr++; - h->stackPtr->parent = parent; - h->proc = ParseTag; - h->state = notDone; - h->pending = UNKNOWN; - } else { - if (arb->length < 0) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - arb->body.item.len = 0; - if (arb->length > 0 && h->keepLeaves) { - arb->body.item.data = - PORT_ArenaAlloc(h->his, arb->length); - } else { - arb->body.item.data = NULL; - } - h->proc = ParseLeaf; - h->state = notDone; - h->pending = arb->length; - } - } - } else { - ParseStackElem *parent; - PORT_Assert(h->state = leafDone); - PORT_Assert(h->proc == ParseLeaf); - - for (;;) { - CreateArbNode(h); - if (h->stackPtr == h->stack) - break; - parent = (h->stackPtr - 1); - PORT_Assert(parent->arb.tag & DER_CONSTRUCTED); - if (parent->arb.length == 0) /* need explicit end */ - break; - if (parent->pos + parent->arb.length > h->pos) - break; - if (parent->pos + parent->arb.length < h->pos) { - PORT_SetError(SEC_ERROR_BAD_DER); - h->state = parseError; - return PR_TRUE; - } - h->stackPtr = parent; - } - } - - } - } - return PR_FALSE; -} -BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly) -{ - BERParse *h; - PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (temp == NULL) { - PORT_SetError(SEC_ERROR_NO_MEMORY); - return NULL; - } - h = PORT_ArenaAlloc(temp, sizeof(BERParse)); - if (h == NULL) { - PORT_FreeArena(temp, PR_FALSE); - PORT_SetError(SEC_ERROR_NO_MEMORY); - return NULL; - } - h->his = arena; - h->mine = temp; - h->proc = ParseTag; - h->stackDepth = 20; - h->stack = PORT_ArenaZAlloc(h->mine, - sizeof(ParseStackElem) * h->stackDepth); - h->stackPtr = h->stack; - h->state = notDone; - h->pos = 0; - h->keepLeaves = PR_TRUE; - h->before = NULL; - h->after = NULL; - h->filter = NULL; - h->derOnly = derOnly; - return h; -} - -SECArb *BER_ParseFini(BERParse *h) -{ - PRArenaPool *myArena = h->mine; - SECArb *arb; - - if (h->state != parseComplete) { - arb = NULL; - } else { - arb = PORT_ArenaAlloc(h->his, sizeof(SECArb)); - *arb = h->stackPtr->arb; - } - - PORT_FreeArena(myArena, PR_FALSE); - - return arb; -} - - -void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance) -{ - h->filter = proc; - h->filterArg = instance; -} - -void BER_SetLeafStorage(BERParse *h, PRBool keep) -{ - h->keepLeaves = keep; -} - -void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance, - PRBool beforeData) -{ - if (beforeData) { - h->before = proc; - h->beforeArg = instance; - } else { - h->after = proc; - h->afterArg = instance; - } -} - - - diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk deleted file mode 100644 index 0a00dc61e..000000000 --- a/security/nss/cmd/lib/config.mk +++ /dev/null @@ -1,43 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PROGRAM = - diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c deleted file mode 100644 index 7f699dec4..000000000 --- a/security/nss/cmd/lib/derprint.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" -#include "secoid.h" - -#ifdef __sun -extern int fprintf(FILE *strm, const char *format, .../* args */); -extern int fflush(FILE *stream); -#endif - -#define RIGHT_MARGIN 24 -/*#define RAW_BYTES 1 */ - -static int prettyColumn = 0; - -static int -getInteger256(unsigned char *data, unsigned int nb) -{ - int val; - - switch (nb) { - case 1: - val = data[0]; - break; - case 2: - val = (data[0] << 8) | data[1]; - break; - case 3: - val = (data[0] << 16) | (data[1] << 8) | data[2]; - break; - case 4: - val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3]; - break; - default: - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - return val; -} - -static int -prettyNewline(FILE *out) -{ - int rv; - - if (prettyColumn != -1) { - rv = fprintf(out, "\n"); - prettyColumn = -1; - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - return 0; -} - -static int -prettyIndent(FILE *out, unsigned level) -{ - unsigned int i; - int rv; - - if (prettyColumn == -1) { - prettyColumn = level; - for (i = 0; i < level; i++) { - rv = fprintf(out, " "); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - } - - return 0; -} - -static int -prettyPrintByte(FILE *out, unsigned char item, unsigned int level) -{ - int rv; - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - rv = fprintf(out, "%02x ", item); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - prettyColumn++; - if (prettyColumn >= RIGHT_MARGIN) { - return prettyNewline(out); - } - - return 0; -} - -static int -prettyPrintLeaf(FILE *out, unsigned char *data, - unsigned int len, unsigned int lv) -{ - unsigned int i; - int rv; - - for (i = 0; i < len; i++) { - rv = prettyPrintByte(out, *data++, lv); - if (rv < 0) - return rv; - } - return prettyNewline(out); -} - -static int -prettyPrintStringStart(FILE *out, unsigned char *str, - unsigned int len, unsigned int level) -{ -#define BUF_SIZE 100 - unsigned char buf[BUF_SIZE]; - int rv; - - if (len >= BUF_SIZE) - len = BUF_SIZE - 1; - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - memcpy(buf, str, len); - buf[len] = '\000'; - - rv = fprintf(out, "\"%s\"", buf); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - return 0; -#undef BUF_SIZE -} - -static int -prettyPrintString(FILE *out, unsigned char *str, - unsigned int len, unsigned int level, PRBool raw) -{ - int rv; - - rv = prettyPrintStringStart(out, str, len, level); - if (rv < 0) - return rv; - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - if (raw) { - rv = prettyPrintLeaf(out, str, len, level); - if (rv < 0) - return rv; - } - - return 0; -} - -static int -prettyPrintTime(FILE *out, unsigned char *str, - unsigned int len, unsigned int level, PRBool raw, PRBool utc) -{ - SECItem time_item; - int rv; - - rv = prettyPrintStringStart(out, str, len, level); - if (rv < 0) - return rv; - - time_item.data = str; - time_item.len = len; - - rv = fprintf(out, " ("); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - if (utc) - SECU_PrintUTCTime(out, &time_item, NULL, 0); - else - SECU_PrintGeneralizedTime(out, &time_item, NULL, 0); - - rv = fprintf(out, ")"); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - if (raw) { - rv = prettyPrintLeaf(out, str, len, level); - if (rv < 0) - return rv; - } - - return 0; -} - -static int -prettyPrintObjectID(FILE *out, unsigned char *data, - unsigned int len, unsigned int level, PRBool raw) -{ - SECOidData *oiddata; - SECItem oiditem; - unsigned int i; - unsigned long val; - int rv; - - - /* - * First print the Object Id in numeric format - */ - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - val = data[0]; - i = val % 40; - val = val / 40; - rv = fprintf(out, "%lu %u ", val, i); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - val = 0; - for (i = 1; i < len; ++i) { - unsigned long j; - - j = data[i]; - val = (val << 7) | (j & 0x7f); - if (j & 0x80) - continue; - rv = fprintf(out, "%lu ", val); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - val = 0; - } - - /* - * Now try to look it up and print a symbolic version. - */ - oiditem.data = data; - oiditem.len = len; - oiddata = SECOID_FindOID(&oiditem); - if (oiddata != NULL) { - i = PORT_Strlen(oiddata->desc); - if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) { - rv = prettyNewline(out); - if (rv < 0) - return rv; - } - - rv = prettyIndent(out, level); - if (rv < 0) - return rv; - - rv = fprintf(out, "(%s)", oiddata->desc); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - - /* - * Finally, on a new line, print the raw bytes (if requested). - */ - if (raw) { - rv = prettyNewline(out); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - for (i = 0; i < len; i++) { - rv = prettyPrintByte(out, *data++, level); - if (rv < 0) - return rv; - } - } - - return prettyNewline(out); -} - -static char *prettyTagType [32] = { - "End of Contents", - "Boolean", - "Integer", - "Bit String", - "Octet String", - "NULL", - "Object Identifier", - "0x07", - "0x08", - "0x09", - "Enumerated", - "0x0B", - "UTF8 String", - "0x0D", - "0x0E", - "0x0F", - "Sequence", - "Set", - "0x12", - "Printable String", - "T61 String", - "0x15", - "IA5 String", - "UTC Time", - "Generalized Time", - "0x19", - "Visible String", - "0x1B", - "Universal String", - "0x1D", - "BMP String", - "High-Tag-Number" -}; - -static int -prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end, - unsigned char *codep, unsigned int level, PRBool raw) -{ - int rv; - unsigned char code, tagnum; - - if (src >= end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - code = *src; - tagnum = code & SEC_ASN1_TAGNUM_MASK; - - /* - * NOTE: This code does not (yet) handle the high-tag-number form! - */ - if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - if (raw) - rv = prettyPrintByte(out, code, level); - else - rv = prettyIndent(out, level); - - if (rv < 0) - return rv; - - if (code & SEC_ASN1_CONSTRUCTED) { - rv = fprintf(out, "C-"); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - } - - switch (code & SEC_ASN1_CLASS_MASK) { - case SEC_ASN1_UNIVERSAL: - rv = fprintf(out, "%s ", prettyTagType[tagnum]); - break; - case SEC_ASN1_APPLICATION: - rv = fprintf(out, "Application: %d ", tagnum); - break; - case SEC_ASN1_CONTEXT_SPECIFIC: - rv = fprintf(out, "[%d] ", tagnum); - break; - case SEC_ASN1_PRIVATE: - rv = fprintf(out, "Private: %d ", tagnum); - break; - } - - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - *codep = code; - - return 1; -} - -static int -prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end, - int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw) -{ - unsigned char lbyte; - int lenLen; - int rv; - - if (data >= end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - rv = fprintf(out, " "); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - *indefinitep = PR_FALSE; - - lbyte = *data++; - if (lbyte >= 0x80) { - /* Multibyte length */ - unsigned nb = (unsigned) (lbyte & 0x7f); - if (nb > 4) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - if (nb > 0) { - int il; - - if ((data + nb) > end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - il = getInteger256(data, nb); - if (il < 0) return -1; - *lenp = (unsigned) il; - } else { - *lenp = 0; - *indefinitep = PR_TRUE; - } - lenLen = nb + 1; - if (raw) { - int i; - - rv = prettyPrintByte(out, lbyte, lv); - if (rv < 0) - return rv; - for (i = 0; i < nb; i++) { - rv = prettyPrintByte(out, data[i], lv); - if (rv < 0) - return rv; - } - } - } else { - *lenp = lbyte; - lenLen = 1; - if (raw) { - rv = prettyPrintByte(out, lbyte, lv); - if (rv < 0) - return rv; - } - } - if (*indefinitep) - rv = fprintf(out, "(indefinite)\n"); - else - rv = fprintf(out, "(%d)\n", *lenp); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return rv; - } - - prettyColumn = -1; - return lenLen; -} - -static int -prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end, - unsigned int lv, PRBool raw) -{ - int slen; - int lenLen; - unsigned char *orig = data; - int rv; - - while (data < end) { - unsigned char code; - PRBool indefinite; - - slen = prettyPrintTag(out, data, end, &code, lv, raw); - if (slen < 0) - return slen; - data += slen; - - lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw); - if (lenLen < 0) - return lenLen; - data += lenLen; - - /* - * Just quit now if slen more bytes puts us off the end. - */ - if ((data + slen) > end) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - - if (code & SEC_ASN1_CONSTRUCTED) { - if (slen > 0 || indefinite) { - slen = prettyPrintItem(out, data, - slen == 0 ? end : data + slen, - lv+1, raw); - if (slen < 0) - return slen; - data += slen; - } - } else if (code == 0) { - if (slen != 0 || lenLen != 1) { - PORT_SetError(SEC_ERROR_BAD_DER); - return -1; - } - break; - } else { - switch (code) { - case SEC_ASN1_PRINTABLE_STRING: - case SEC_ASN1_IA5_STRING: - case SEC_ASN1_VISIBLE_STRING: - rv = prettyPrintString(out, data, slen, lv+1, raw); - if (rv < 0) - return rv; - break; - case SEC_ASN1_UTC_TIME: - rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE); - if (rv < 0) - return rv; - break; - case SEC_ASN1_GENERALIZED_TIME: - rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE); - if (rv < 0) - return rv; - break; - case SEC_ASN1_OBJECT_ID: - rv = prettyPrintObjectID(out, data, slen, lv+1, raw); - if (rv < 0) - return rv; - break; - case SEC_ASN1_BOOLEAN: /* could do nicer job */ - case SEC_ASN1_INTEGER: /* could do nicer job */ - case SEC_ASN1_BIT_STRING: /* could do nicer job */ - case SEC_ASN1_OCTET_STRING: - case SEC_ASN1_NULL: - case SEC_ASN1_ENUMERATED: /* could do nicer job, as INTEGER */ - case SEC_ASN1_UTF8_STRING: - case SEC_ASN1_T61_STRING: /* print as printable string? */ - case SEC_ASN1_UNIVERSAL_STRING: - case SEC_ASN1_BMP_STRING: - default: - rv = prettyPrintLeaf(out, data, slen, lv+1); - if (rv < 0) - return rv; - break; - } - data += slen; - } - } - - rv = prettyNewline(out); - if (rv < 0) - return rv; - - return data - orig; -} - -SECStatus -DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw) -{ - int rv; - - prettyColumn = -1; - - rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw); - if (rv < 0) - return SECFailure; - return SECSuccess; -} diff --git a/security/nss/cmd/lib/dongle.c b/security/nss/cmd/lib/dongle.c deleted file mode 100644 index 1c819ee51..000000000 --- a/security/nss/cmd/lib/dongle.c +++ /dev/null @@ -1,249 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" -#include "sechash.h" - -#ifdef XP_UNIX -#include -#include -#include -#include -#endif -#ifdef XP_WIN -#include -#include -#include -#include -#endif -#ifdef XP_MAC -#include -#endif - -#ifdef XP_UNIX -#include "prnetdb.h" -#else -#define PRHostEnt struct hostent -#define PR_NETDB_BUF_SIZE 5 -#endif - -static RC4Context * -sec_MakeDongleKey(void) -{ - RC4Context *rc4; - char hostname[64]; - PRHostEnt hpbuf, *hent; - char dbbuf[PR_NETDB_BUF_SIZE]; - int ipaddr; - struct stat s; - int found = 1; /* Whether /vmunix, etc. found */ - unsigned char *buf, *totalbuf; - MD5Context *md5 = 0; - unsigned char digest[16]; - unsigned int digestLen; - - /* NOTE: Fix MAC and WIN to stat something comparable to kernel on UNIX */ -#ifdef XP_MAC - return NULL; -#elif defined(XP_WIN) - return NULL; -#endif - - /* gather system data */ - if( gethostname( hostname, 64 ) < 0 ) { - return(NULL); - } - -#ifdef XP_UNIX -#ifndef NSPR20 - hent = PR_gethostbyname(hostname, &hpbuf, dbbuf, sizeof(dbbuf), 0); -#else - if (PR_GetHostByName(hostname, dbbuf, sizeof(dbbuf), &hpbuf) == PR_SUCCESS) - hent = &hpbuf; - else - hent = NULL; -#endif -#else - hent = gethostbyname(hostname); -#endif - if (hent == NULL) { - return(NULL); - } - - ipaddr = htonl(((struct in_addr *)hent->h_addr)->s_addr); - - /* - ** /unix IRIX & AIX & SCO - ** /vmunix SunOS & OSF - ** /kernel/unix Solaris - ** /vmlinuz Linux - ** /hp-ux HP-UX - ** /bsd BSD - */ - if ( (stat("/unix", &s) == -1 ) && (stat("/vmunix", &s) == -1) && - (stat("/bsd", &s) == -1) && (stat("kernel/unix", &s)== -1) && - (stat("/hp-ux", &s) == -1) && (stat("/vmlinuz", &s) == -1) ) { - found = 0; - } - - buf = totalbuf = (unsigned char *) - XP_CALLOC(1, 1000 + sizeof(ipaddr) + sizeof(s) + PORT_Strlen(hostname)); - - if ( buf == 0 ) { - return(NULL); - } - - PORT_Memcpy(buf, hostname, PORT_Strlen(hostname)); - buf += PORT_Strlen(hostname); - - PORT_Memcpy(buf, &ipaddr, sizeof(ipaddr)); - buf += sizeof(ipaddr); - - if (found) { - PORT_Memcpy(buf, &s.st_mode, sizeof(s.st_mode)); - buf += sizeof(s.st_mode); - - PORT_Memcpy(buf, &s.st_ino, sizeof(s.st_ino)); - buf += sizeof(s.st_ino); - - PORT_Memcpy(buf, &s.st_dev, sizeof(s.st_dev)); - buf += sizeof(s.st_dev); - - PORT_Memcpy(buf, &s.st_mtime, sizeof(s.st_mtime)); - buf += sizeof(s.st_mtime); - } - - /* Digest the system info using MD5 */ - md5 = MD5_NewContext(); - if (md5 == NULL) { - return (NULL); - } - - MD5_Begin(md5); - MD5_Update(md5, totalbuf, PORT_Strlen((char *)totalbuf)); - MD5_End(md5, digest, &digestLen, MD5_LENGTH); - - /* Make an RC4 key using the digest */ - rc4 = RC4_CreateContext(digest, digestLen); - - /* Zero out information */ - MD5_DestroyContext(md5, PR_TRUE); - PORT_Memset(digest, 0 , sizeof(digest)); - - - return(rc4); -} - -extern unsigned char * -SEC_ReadDongleFile(int fd) -{ - RC4Context *rc4; - struct stat s; - unsigned char *inbuf, *pw; - int nb; - unsigned int pwlen, inlen; - SECStatus rv; - - rc4 = sec_MakeDongleKey(); - if (rc4 == NULL) { - return(0); - } - - /* get size of file */ - if ( fstat(fd, &s) < 0 ) { - return(0); - } - - inlen = s.st_size; - - inbuf = (unsigned char *) PORT_Alloc(inlen); - if (!inbuf) { - return(0); - } - - nb = read(fd, (char *)inbuf, inlen); - if (nb != inlen) { - return(0); - } - - pw = (unsigned char *) PORT_Alloc(inlen); - if (pw == 0) { - return(0); - } - - rv = RC4_Decrypt(rc4, pw, &pwlen, inlen, inbuf, inlen); - if (rv) { - return(0); - } - - PORT_Free(inbuf); - - return(pw); -} - -extern SECStatus -SEC_WriteDongleFile(int fd, unsigned char *pw) -{ - RC4Context *rc4; - unsigned char *outbuf; - unsigned int outlen; - SECStatus rv; - int nb; - - rc4 = sec_MakeDongleKey(); - if (rc4 == NULL) { - return(SECFailure); - } - - outbuf = (unsigned char *) PORT_Alloc(PORT_Strlen((char *)pw) + 1); - if (!outbuf) { - return(SECFailure); - } - - rv = RC4_Encrypt(rc4, outbuf, &outlen, PORT_Strlen((char *)pw), pw, - PORT_Strlen((char *)pw)); - if (rv) { - return(SECFailure); - } - - RC4_DestroyContext(rc4, PR_TRUE); - - nb = write(fd, (char *)outbuf, outlen); - if (nb != outlen) { - return(SECFailure); - } - - PORT_Free(outbuf); - - return(SECSuccess); -} - diff --git a/security/nss/cmd/lib/fe_util.c b/security/nss/cmd/lib/fe_util.c deleted file mode 100644 index 646277e35..000000000 --- a/security/nss/cmd/lib/fe_util.c +++ /dev/null @@ -1,40 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secpkcs7.h" - -void -fe_GetProgramDirectory(char *path, int len) -{ - PORT_Strcpy( path, "."); -} - diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c deleted file mode 100644 index 3fce2c7c2..000000000 --- a/security/nss/cmd/lib/ffs.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifdef XP_PC - -int ffs( unsigned int i) -{ - int rv = 1; - - if (!i) return 0; - - while (!(i & 1)) { - i >>= 1; - ++rv; - } - - return rv; -} -#endif diff --git a/security/nss/cmd/lib/filestub.c b/security/nss/cmd/lib/filestub.c deleted file mode 100644 index 368b7284d..000000000 --- a/security/nss/cmd/lib/filestub.c +++ /dev/null @@ -1,1118 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#define CMD_STUB 1 /* this is just a stub for security/cmd/* */ -#define MOZ_LITE 1 /* don't need that other stuff, either */ - -#if 0 -#include "stdafx.h" -#include "dialog.h" -#include "mainfrm.h" -#include "custom.h" -#include "shcut.h" -#include "edt.h" -#include "prmon.h" -#include "fegui.h" -#include "prefapi.h" -#include -#include "secrng.h" -#include "mailass.h" -#include "ipframe.h" -#include "mnprefs.h" - -#else - -#include -#include -#include - -#define ASSERT assert -#endif - -#ifdef XP_MAC -#include "prpriv.h" /* For PR_NewNamedMonitor */ -#else -#include "private/prpriv.h" -#endif - -#ifdef XP_WIN - -#ifndef _AFXDLL -/* MSVC Debugging new...goes to regular new in release mode */ -#define new DEBUG_NEW -#endif - -#ifdef __BORLANDC__ - #define _lseek lseek -#endif - -#define WIDTHBYTES(i) ((i + 31) / 32 * 4) -#define MAXREAD 32767 - -MODULE_PRIVATE char * XP_CacheFileName(); - -#define MAXSTRINGLEN 8192 - -#ifndef CMD_STUB - -/* Return a string the same as the In string -** but with all of the \n's replaced with \r\n's -*/ -MODULE_PRIVATE char * -FE_Windowsify(const char * In) -{ - char *Out; - char *o, *i; - int32 len; - - if(!In) - return NULL; - - /* if every character is a \n then new string is twice as long */ - len = (int32) XP_STRLEN(In) * 2 + 1; - Out = (char *) XP_ALLOC(len); - if(!Out) - return NULL; - - /* Move the characters over one by one. If the current character is */ - /* a \n replace add a \r before moving the \n over */ - for(i = (char *) In, o = Out; i && *i; *o++ = *i++) - if(*i == '\n') - *o++ = '\r'; - - /* Make sure our new string is NULL terminated */ - *o = '\0'; - return(Out); -} - - -/* Return some adjusted out full path on the mac. */ -/* For windows, we just return what was passed in. */ -/* We must provide it in a seperate buffer, otherwise they might change */ -/* the original and change also what they believe to be saved. */ -char * -WH_FilePlatformName(const char *pName) -{ - - if(pName) { - return XP_STRDUP(pName); - } - - return NULL; -} - - -char * -FE_GetProgramDirectory(char *buffer, int length) -{ - ::GetModuleFileName(theApp.m_hInstance, buffer, length); - - /* Find the trailing slash. */ - char *pSlash = ::strrchr(buffer, '\\'); - if(pSlash) { - *(pSlash+1) = '\0'; - } else { - buffer[0] = '\0'; - } - return (buffer); -} - - -char* -XP_TempDirName(void) -{ - char *tmp = theApp.m_pTempDir; - if (!tmp) - return XP_STRDUP("."); - return XP_STRDUP(tmp); -} - -/* Windows _tempnam() lets the TMP environment variable override things sent -** in so it look like we're going to have to make a temp name by hand. - -** The user should *NOT* free the returned string. -** It is stored in static space -** and so is not valid across multiple calls to this function. - -** The names generated look like -** c:\netscape\cache\m0.moz -** c:\netscape\cache\m1.moz -** up to... -** c:\netscape\cache\m9999999.moz -** after that if fails -** */ -PUBLIC char * -xp_TempFileName(int type, const char * request_prefix, const char * extension, - char* file_buf) -{ - const char * directory = NULL; - char * ext = NULL; /* file extension if any */ - char * prefix = NULL; /* file prefix if any */ - - - XP_StatStruct statinfo; - int status; - - /* */ - /* based on the type of request determine what directory we should be */ - /* looking into */ - /* */ - switch(type) { - case xpCache: - directory = theApp.m_pCacheDir; - ext = ".MOZ"; - prefix = CACHE_PREFIX; - break; -#ifndef MOZ_LITE - case xpSNewsRC: - case xpNewsRC: - case xpNewsgroups: - case xpSNewsgroups: - case xpTemporaryNewsRC: - directory = g_MsgPrefs.m_csNewsDir; - ext = (char *)extension; - prefix = (char *)request_prefix; - break; - case xpMailFolderSummary: - case xpMailFolder: - directory = g_MsgPrefs.m_csMailDir; - ext = (char *)extension; - prefix = (char *)request_prefix; - break; - case xpAddrBook: - /*changed to support multi-profile */ - /*directory = theApp.m_pInstallDir->GetCharValue(); */ - directory = (const char *)theApp.m_UserDirectory; - if ((request_prefix == 0) || (XP_STRLEN (request_prefix) == 0)) - prefix = "abook"; - ext = ".nab"; - break; -#endif /* MOZ_LITE */ - case xpCacheFAT: - directory = theApp.m_pCacheDir; - prefix = "fat"; - ext = "db"; - break; - case xpJPEGFile: - directory = theApp.m_pTempDir; - ext = ".jpg"; - prefix = (char *)request_prefix; - break; - case xpPKCS12File: - directory = theApp.m_pTempDir; - ext = ".p12"; - prefix = (char *)request_prefix; - break; - case xpTemporary: - default: - directory = theApp.m_pTempDir; - ext = (char *)extension; - prefix = (char *)request_prefix; - break; - } - - if(!directory) - return(NULL); - - if(!prefix) - prefix = "X"; - - if(!ext) - ext = ".TMP"; - - /* We need to base our temporary file names on time, and not on sequential */ - /* addition because of the cache not being updated when the user */ - /* crashes and files that have been deleted are over written with */ - /* other files; bad data. */ - /* The 52 valid DOS file name characters are */ - /* 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_^$~!#%&-{}@`'() */ - /* We will only be using the first 32 of the choices. */ - /* */ - /* Time name format will be M+++++++.MOZ */ - /* Where M is the single letter prefix (can be longer....) */ - /* Where +++++++ is the 7 character time representation (a full 8.3 */ - /* file name will be made). */ - /* Where .MOZ is the file extension to be used. */ - /* */ - /* In the event that the time requested is the same time as the last call */ - /* to this function, then the current time is incremented by one, */ - /* as is the last time called to facilitate unique file names. */ - /* In the event that the invented file name already exists (can't */ - /* really happen statistically unless the clock is messed up or we */ - /* manually incremented the time), then the times are incremented */ - /* until an open name can be found. */ - /* */ - /* time_t (the time) has 32 bits, or 4,294,967,296 combinations. */ - /* We will map the 32 bits into the 7 possible characters as follows: */ - /* Starting with the lsb, sets of 5 bits (32 values) will be mapped */ - /* over to the appropriate file name character, and then */ - /* incremented to an approprate file name character. */ - /* The left over 2 bits will be mapped into the seventh file name */ - /* character. */ - /* */ - - int i_letter, i_timechars, i_numtries = 0; - char ca_time[8]; - time_t this_call = (time_t)0; - - /* We have to base the length of our time string on the length */ - /* of the incoming prefix.... */ - /* */ - i_timechars = 8 - strlen(prefix); - - /* Infinite loop until the conditions are satisfied. */ - /* There is no danger, unless every possible file name is used. */ - /* */ - while(1) { - /* We used to use the time to generate this. */ - /* Now, we use some crypto to avoid bug #47027 */ - RNG_GenerateGlobalRandomBytes((void *)&this_call, sizeof(this_call)); - - /* Convert the time into a 7 character string. */ - /* Strip only the signifigant 5 bits. */ - /* We'll want to reverse the string to make it look coherent */ - /* in a directory of file names. */ - /* */ - for(i_letter = 0; i_letter < i_timechars; i_letter++) { - ca_time[i_letter] = (char)((this_call >> (i_letter * 5)) & 0x1F); - - /* Convert any numbers to their equivalent ascii code */ - /* */ - if(ca_time[i_letter] <= 9) { - ca_time[i_letter] += '0'; - } - /* Convert the character to it's equivalent ascii code */ - /* */ - else { - ca_time[i_letter] += 'A' - 10; - } - } - - /* End the created time string. */ - /* */ - ca_time[i_letter] = '\0'; - - /* Reverse the time string. */ - /* */ - _strrev(ca_time); - - /* Create the fully qualified path and file name. */ - /* */ - sprintf(file_buf, "%s\\%s%s%s", directory, prefix, ca_time, ext); - - /* Determine if the file exists, and mark that we've tried yet */ - /* another file name (mark to be used later). */ - /* */ - /* Use the system call instead of XP_Stat since we already */ - /* know the name and we don't want recursion */ - /* */ - status = _stat(file_buf, &statinfo); - i_numtries++; - - /* If it does not exists, we are successful, return the name. */ - /* */ - if(status == -1) { - /* don't generate a directory as part of the cache temp names. - * When the cache file name is passed into the other XP_File - * functions we will append the cache directory to the name - * to get the complete path. - * This will allow the cache to be moved around - * and for netscape to be used to generate external cache FAT's. - */ - if(type == xpCache ) - sprintf(file_buf, "%s%s%s", prefix, ca_time, ext); - - TRACE("Temp file name is %s\n", file_buf); - return(file_buf); - } - - /* If there is no room for additional characters in the time, */ - /* we'll have to return NULL here, or we go infinite. */ - /* This is a one case scenario where the requested prefix is */ - /* actually 8 letters long! */ - /* Infinite loops could occur with a 7, 6, 5, etc character prefixes */ - /* if available files are all eaten up (rare to impossible), in */ - /* which case, we should check at some arbitrary frequency of */ - /* tries before we give up instead of attempting to Vulcanize */ - /* this code. Live long and prosper. */ - /* */ - if(i_timechars == 0) { - break; - } else if(i_numtries == 0x00FF) { - break; - } - } - - /* Requested name is thought to be impossible to generate. */ - /* */ - TRACE("No more temp file names....\n"); - return(NULL); - -} - -PUBLIC char * -WH_TempFileName(int type, const char * request_prefix, const char * extension) -{ - static char file_buf[_MAX_PATH]; /* protected by _pr_TempName_lock */ - char* result; - - if (_pr_TempName_lock == NULL) - _pr_TempName_lock = PR_NewNamedMonitor("TempName-lock"); - PR_EnterMonitor(_pr_TempName_lock); - - result = XP_STRDUP(xp_TempFileName(type, request_prefix, extension, file_buf)); - PR_ExitMonitor(_pr_TempName_lock); - return result; -} - -#endif /* CMD_STUB */ - -/* */ -/* Return a string that is equal to the NetName string but with the */ -/* cross-platform characters changed back into DOS characters */ -/* The caller is responsible for XP_FREE()ing the string */ -/* */ -MODULE_PRIVATE char * -XP_NetToDosFileName(const char * NetName) -{ - char *p, *newName; - BOOL bChopSlash = FALSE; - - if(!NetName) - return NULL; - - /* If the name is only '/' or begins '//' keep the */ - /* whole name else strip the leading '/' */ - - if(NetName[0] == '/') - bChopSlash = TRUE; - - /* save just / as a path */ - if(NetName[0] == '/' && NetName[1] == '\0') - bChopSlash = FALSE; - - /* spanky Win9X path name */ - if(NetName[0] == '/' && NetName[1] == '/') - bChopSlash = FALSE; - - if(bChopSlash) - newName = XP_STRDUP(&(NetName[1])); - else - newName = XP_STRDUP(NetName); - - if(!newName) - return NULL; - - for(p = newName; *p; p++) { - switch(*p) { - case '|': - *p = ':'; - break; - case '/': - *p = '\\'; - break; - default: - break; - } - } - - return(newName); - -} - - -/* */ -/* Returns the absolute name of a file */ -/* */ -/* The result of this function can be used with the standard */ -/* open/fopen ansi file functions */ -/* */ -PUBLIC char * -xp_FileName(const char * name, XP_FileType type, char* *myName) -{ - char * newName = NULL; - char * netLibName = NULL; - char * tempName = NULL; - char * prefStr = NULL; - BOOL bNeedToRegister = FALSE; /* == do we need to register a new */ - /* newshost->file name mapping */ - struct _stat sInfo; - int iDot; - int iColon; - -#ifndef CMD_STUB - CString csHostName; - CString csHost; - CString fileName; -#endif - - switch(type) { - -#ifndef CMD_STUB - case xpCacheFAT: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\fat.db", (const char *)theApp.m_pCacheDir); - break; - case xpExtCacheIndex: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\extcache.fat", (const char *)theApp.m_pCacheDir); - break; - - case xpSARCacheIndex: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\archive.fat", theApp.m_pSARCacheDir); - break; - - case xpHTTPCookie: - newName = (char *) XP_ALLOC(_MAX_PATH); - /*sprintf(newName, "%s\\cookies.txt", theApp.m_pInstallDir->GetCharValue()); */ - /* changed to support multi-profile */ - sprintf(newName, "%s\\cookies.txt", (const char *)theApp.m_UserDirectory); - break; -#ifndef MOZ_LITE - case xpSNewsRC: - case xpNewsRC: - /* see if we are asking about the default news host */ - /* else look up in netlib */ - if ( !name || !strlen(name) ) - name = g_MsgPrefs.m_csNewsHost; - - netLibName = NET_MapNewsrcHostToFilename((char *)name, - (type == xpSNewsRC), - FALSE); - - /* if we found something in our map just skip the rest of this */ - if(netLibName && *netLibName) { - newName = XP_STRDUP(netLibName); - break; - } - - /* whatever name we eventually end up with we will need to register it */ - /* before we leave the function */ - bNeedToRegister = TRUE; - - /* If we are on the default host see if there is a newsrc file in the */ - /* news directory. If so, that is what we want */ - if(!stricmp(name, g_MsgPrefs.m_csNewsHost)) { - csHostName = g_MsgPrefs.m_csNewsDir; - csHostName += "\\newsrc"; - if(_stat((const char *) csHostName, &sInfo) == 0) { - newName = XP_STRDUP((const char *) csHostName); - break; - } - } - - /* See if we are going to be able to build a file name based */ - /* on the hostname */ - csHostName = g_MsgPrefs.m_csNewsDir; - csHostName += '\\'; - - /* build up '.rc' so we can tell how long its going to be */ - /* we will use that as the default name to try */ - if(type == xpSNewsRC) - csHost += 's'; - csHost += name; - - /* if we have a news host news.foo.com we just want to use the "news" */ - /* part */ - iDot = csHost.Find('.'); - if(iDot != -1) - csHost = csHost.Left(iDot); - -#ifdef XP_WIN16 - if(csHost.GetLength() > 8) - csHost = csHost.Left(8); -#endif - - iColon = csHost.Find(':'); - if (iColon != -1) { - /* Windows file system seems to do horrid things if you have */ - /* a filename with a colon in it. */ - csHost = csHost.Left(iColon); - } - - csHost += ".rc"; - - /* csHost is now of the form .rc and is in 8.3 format */ - /* if we are on a Win16 box */ - - csHostName += csHost; - - /* looks like a file with that name already exists -- panic */ - if(_stat((const char *) csHostName, &sInfo) != -1) { - - char host[5]; - - /* else generate a new file in news directory */ - strncpy(host, name, 4); - host[4] = '\0'; - - newName = WH_TempFileName(type, host, ".rc"); - if(!newName) - return(NULL); - - } else { - - newName = XP_STRDUP((const char *) csHostName); - - } - - break; - case xpNewsrcFileMap: - /* return name of FAT file in news directory */ - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\fat", (const char *)g_MsgPrefs.m_csNewsDir); - break; - case xpNewsgroups: - case xpSNewsgroups: - /* look up in netlib */ - if ( !name || !strlen(name) ) - name = g_MsgPrefs.m_csNewsHost; - - netLibName = NET_MapNewsrcHostToFilename((char *)name, - (type == xpSNewsgroups), - TRUE); - - if(!netLibName) { - - csHostName = g_MsgPrefs.m_csNewsDir; - csHostName += '\\'; - - if(type == xpSNewsgroups) - csHost += 's'; - csHost += name; - - /* see if we can just use ".rcg" */ - /* it might be news.foo.com so just take "news" */ - int iDot = csHost.Find('.'); - if(iDot != -1) - csHost = csHost.Left(iDot); - -#ifdef XP_WIN16 - if(csHost.GetLength() > 8) - csHost = csHost.Left(8); -#endif - - iColon = csHost.Find(':'); - if (iColon != -1) { - /* Windows file system seems to do horrid things if you have */ - /* a filename with a colon in it. */ - csHost = csHost.Left(iColon); - } - - csHost += ".rcg"; - - /* csHost is now of the form .rcg */ - - csHostName += csHost; - - /* looks like a file with that name already exists -- panic */ - if(_stat((const char *) csHostName, &sInfo) != -1) { - - char host[5]; - - /* else generate a new file in news directory */ - strncpy(host, name, 4); - host[4] = '\0'; - - newName = WH_TempFileName(type, host, ".rcg"); - if(!newName) - return(NULL); - - } else { - - newName = XP_STRDUP((const char *) csHostName); - - } - - if ( !name || !strlen(name)) - NET_RegisterNewsrcFile(newName,(char *)(const char *)g_MsgPrefs.m_csNewsHost, - (type == xpSNewsgroups), TRUE ); - else - NET_RegisterNewsrcFile(newName,(char*)name,(type == xpSNewsgroups), TRUE ); - - } else { - - newName = XP_STRDUP(netLibName); - - } - break; - case xpMimeTypes: - name = NULL; - break; -#endif /* MOZ_LITE */ - case xpGlobalHistory: - newName = (char *) XP_ALLOC(_MAX_PATH); - /* changed to support multi-profile */ - /*sprintf(newName, "%s\\netscape.hst", theApp.m_pInstallDir->GetCharValue()); */ - sprintf(newName, "%s\\netscape.hst", (const char *)theApp.m_UserDirectory); - break; - case xpGlobalHistoryList: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf( newName, "%s\\ns_hstry.htm" ); - break; - case xpKeyChain: - name = NULL; - break; - - /* larubbio */ - case xpSARCache: - if(!name) { - return NULL; - } - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\%s", theApp.m_pSARCacheDir, name); - break; - - case xpCache: - if(!name) { - tempName = WH_TempFileName(xpCache, NULL, NULL); - if (!tempName) return NULL; - name = tempName; - } - newName = (char *) XP_ALLOC(_MAX_PATH); - if ((strchr(name,'|') || strchr(name,':'))) { /* Local File URL if find a | */ - if(name[0] == '/') - strcpy(newName,name+1); /* skip past extra slash */ - else - strcpy(newName,name); /* absolute path is valid */ - } else { - sprintf(newName, "%s\\%s", (const char *)theApp.m_pCacheDir, name); - } - break; - case xpBookmarks: - case xpHotlist: - if (!name || !strlen(name)) - name = theApp.m_pBookmarkFile; - break; -#endif /* CMD_STUB */ - - case xpSocksConfig: - prefStr = NULL; -#ifndef CMD_STUB - PREF_CopyCharPref("browser.socksfile_location", &prefStr); -#else - ASSERT(0); -#endif - name = prefStr; - break; - -#ifndef CMD_STUB - case xpCertDB: - newName = (char *) XP_ALLOC(_MAX_PATH); - if ( name ) { - sprintf(newName, "%s\\cert%s.db", (const char *)theApp.m_UserDirectory, name); - } else { - sprintf(newName, "%s\\cert.db", (const char *)theApp.m_UserDirectory); - } - break; - case xpCertDBNameIDX: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\certni.db", (const char *)theApp.m_UserDirectory); - break; - case xpKeyDB: - newName = (char *) XP_ALLOC(_MAX_PATH); - if ( name ) { - sprintf(newName, "%s\\key%s.db", (const char *)theApp.m_UserDirectory, name); - } else { - sprintf(newName, "%s\\key.db", (const char *)theApp.m_UserDirectory); - } - break; - case xpSecModuleDB: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\secmod.db", (const char *)theApp.m_UserDirectory); - break; - case xpSignedAppletDB: - newName = (char *) XP_ALLOC(_MAX_PATH); - if ( name ) { - sprintf(newName, "%s\\signed%s.db", (const char *)theApp.m_UserDirectory, name); - } else { - sprintf(newName, "%s\\signed.db", (const char *)theApp.m_UserDirectory); - } - break; -#ifndef MOZ_LITE - case xpAddrBook: -#ifdef XP_WIN16 - if(!name || !strlen(name) ) - newName = WH_TempName(type, NULL); -#else - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the extension */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - - pEnd = strchr(pEnd, '.'); - if(pEnd) - *pEnd = '\0'; - } - strcat(newName, ".nab"); -#endif - break; - case xpAddrBookNew: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\%s", (const char *)theApp.m_UserDirectory, name); - break; - case xpVCardFile: - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the extension */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - - pEnd = strchr(pEnd, '.'); - if(pEnd) - *pEnd = '\0'; - } - strcat(newName, ".vcf"); - break; - case xpLDIFFile: - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the extension */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - - pEnd = strchr(pEnd, '.'); - if(pEnd) - *pEnd = '\0'; - } -#ifdef XP_WIN16 - strcat(newName, ".ldi"); -#else - strcat(newName, ".ldif"); -#endif - break; - case xpTemporaryNewsRC: - { - CString csHostName = g_MsgPrefs.m_csNewsDir; - csHostName += "\\news.tmp"; - newName = XP_STRDUP((const char *) csHostName); - } - break; -#endif /* MOZ_LITE */ - case xpPKCS12File: - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the extension */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - - pEnd = strchr(pEnd, '.'); - if(pEnd) - *pEnd = '\0'; - } - strcat(newName, ".p12"); - break; - case xpTemporary: - if(!name || !strlen(name) ) - newName = WH_TempName(type, NULL); - break; -#ifndef MOZ_LITE - case xpMailFolder: - if(!name) - name = g_MsgPrefs.m_csMailDir; - break; - case xpMailFolderSummary: - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the extension */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - -#ifdef XP_WIN16 /* backend won't allow '.' in win16 folder names, but just to be safe. */ - pEnd = strchr(pEnd, '.'); - if(pEnd) - *pEnd = '\0'; -#endif - } - strcat(newName, ".snm"); - break; - case xpMailSort: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\rules.dat", (const char *)g_MsgPrefs.m_csMailDir); - break; - case xpMailFilterLog: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\mailfilt.log", (const char *)g_MsgPrefs.m_csMailDir); - break; - case xpNewsFilterLog: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\newsfilt.log", (const char *)g_MsgPrefs.m_csNewsDir); - break; - case xpMailPopState: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\popstate.dat", (const char *)g_MsgPrefs.m_csMailDir); - break; - case xpMailSubdirectory: - newName = (char *) XP_ALLOC(_MAX_PATH); - strcpy(newName, name); - - /* strip off the trailing slash if any */ - { - char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/')); - if(!pEnd) - pEnd = newName; - } - - strcat(newName, ".sbd"); - break; -#endif /* MOZ_LITE */ - /* name of global cross-platform registry */ - case xpRegistry: - /* eventually need to support arbitrary names; this is the default */ - newName = (char *) XP_ALLOC(_MAX_PATH); - if ( newName != NULL ) { - GetWindowsDirectory(newName, _MAX_PATH); - int namelen = strlen(newName); - if ( newName[namelen-1] == '\\' ) - namelen--; - strcpy(newName+namelen, "\\nsreg.dat"); - } - break; - /* name of news group database */ -#ifndef MOZ_LITE - case xpXoverCache: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\%s", (const char *)g_MsgPrefs.m_csNewsDir, name); - break; -#endif /* MOZ_LITE */ - case xpProxyConfig: - newName = (char *) XP_ALLOC(_MAX_PATH); - /*sprintf(newName, "%s\\proxy.cfg", theApp.m_pInstallDir->GetCharValue()); */ - sprintf(newName, "%s\\proxy.cfg", (const char *)theApp.m_UserDirectory); - break; - - /* add any cases where no modification is necessary here */ - /* The name is fine all by itself, no need to modify it */ - case xpFileToPost: - case xpExtCache: - case xpURL: - /* name is OK as it is */ - break; -#ifndef MOZ_LITE - case xpNewsHostDatabase: - newName = (char *) XP_ALLOC(_MAX_PATH); - sprintf(newName, "%s\\news.db", (const char *)g_MsgPrefs.m_csNewsDir); - break; - - case xpImapRootDirectory: - newName = PR_smprintf ("%s\\ImapMail", (const char *)theApp.m_UserDirectory); - break; - case xpImapServerDirectory: - { - int len = 0; - char *tempImapServerDir = XP_STRDUP(name); - char *imapServerDir = tempImapServerDir; -#ifdef XP_WIN16 - if ((len = XP_STRLEN(imapServerDir)) > 8) { - imapServerDir = imapServerDir + len - 8; - } -#endif - newName = PR_smprintf ("%s\\ImapMail\\%s", (const char *)theApp.m_UserDirectory, imapServerDir); - if (tempImapServerDir) XP_FREE(tempImapServerDir); - } - break; - - case xpJSMailFilters: - newName = PR_smprintf("%s\\filters.js", (const char *)g_MsgPrefs.m_csMailDir); - break; -#endif /* MOZ_LITE */ - case xpFolderCache: - newName = PR_smprintf ("%s\\summary.dat", (const char *)theApp.m_UserDirectory); - break; - - case xpCryptoPolicy: - newName = (char *) XP_ALLOC(_MAX_PATH); - FE_GetProgramDirectory(newName, _MAX_PATH); - strcat(newName, "moz40p3"); - break; -#endif /* CMD_STUB */ - - default: - ASSERT(0); /* all types should be covered */ - break; - } - -#ifndef MOZ_LITE - /* make sure we have the correct newsrc file registered for next time */ - if((type == xpSNewsRC || type == xpNewsRC) && bNeedToRegister) - NET_RegisterNewsrcFile(newName, (char *)name, (type == xpSNewsRC), FALSE ); -#endif - - /* determine what file we are supposed to load and make sure it looks */ - /* like a DOS pathname and not some unix-like name */ - if(newName) { - *myName = XP_NetToDosFileName((const char*)newName); - XP_FREE(newName); - } else { - *myName = XP_NetToDosFileName((const char*)name); - } - - if (tempName) XP_FREE(tempName); - - if (prefStr) XP_FREE(prefStr); - - /* whee, we're done */ - return(*myName); -} - -/* */ -/* Open a file with the given name */ -/* If a special file type is provided we might need to get the name */ -/* out of the preferences list */ -/* */ -PUBLIC XP_File -XP_FileOpen(const char * name, XP_FileType type, const XP_FilePerm perm) -{ - XP_File fp; - char *filename = WH_FileName(name, type); - - if(!filename) - return(NULL); - -#ifdef DEBUG_nobody - TRACE("Opening a file type (%d) permissions: %s (%s)\n", type, perm, filename); -#endif - -#ifdef XP_WIN32 - if (type == xpURL) { - HANDLE hFile; - DWORD dwType; - - /* Check if we're trying to open a device. We don't allow this */ - hFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL, - OPEN_EXISTING, 0, NULL); - - if (hFile != INVALID_HANDLE_VALUE) { - dwType = GetFileType(hFile); - CloseHandle(hFile); - - if (dwType != FILE_TYPE_DISK) { - XP_FREE(filename); - return NULL; - } - } - } -#endif - -#ifdef XP_WIN16 - /* Windows uses ANSI codepage, DOS uses OEM codepage, */ - /* fopen takes OEM codepage */ - /* That's why we need to do conversion here. */ - CString oembuff = filename; - oembuff.AnsiToOem(); - fp = fopen(oembuff, (char *) perm); - - if (fp && type == xpURL) { - union _REGS inregs, outregs; - - /* Check if we opened a device. Execute an Interrupt 21h to invoke */ - /* MS-DOS system call 44h */ - inregs.x.ax = 0x4400; /* MS-DOS function to get device information */ - inregs.x.bx = _fileno(fp); - _int86(0x21, &inregs, &outregs); - - if (outregs.x.dx & 0x80) { - /* It's a device. Don't allow any reading/writing */ - fclose(fp); - XP_FREE(filename); - return NULL; - } - } -#else - fp = fopen(filename, (char *) perm); -#endif - XP_FREE(filename); - return(fp); -} - - - -/******************************************************************************/ -/* Thread-safe entry points: */ - -extern PRMonitor* _pr_TempName_lock; - -#ifndef CMD_STUB - -char * -WH_TempName(XP_FileType type, const char * prefix) -{ - static char buf[_MAX_PATH]; /* protected by _pr_TempName_lock */ - char* result; - - if (_pr_TempName_lock == NULL) - _pr_TempName_lock = PR_NewNamedMonitor("TempName-lock"); - PR_EnterMonitor(_pr_TempName_lock); - - result = XP_STRDUP(xp_TempFileName(type, prefix, NULL, buf)); - - PR_ExitMonitor(_pr_TempName_lock); - - return result; -} - -#endif /* CMD_STUB */ - -PUBLIC char * -WH_FileName (const char *name, XP_FileType type) -{ - char* myName; - char* result; - /* - ** I'm not sure this lock is really needed by windows, but just - ** to be safe: - */ - /* XP_ASSERT(_pr_TempName_lock); */ - /* PR_EnterMonitor(_pr_TempName_lock); */ - result = xp_FileName(name, type, &myName); - /* PR_ExitMonitor(_pr_TempName_lock); */ - return myName; -} - -#endif /* XP_WIN */ diff --git a/security/nss/cmd/lib/makefile.win b/security/nss/cmd/lib/makefile.win deleted file mode 100644 index 92081a2f8..000000000 --- a/security/nss/cmd/lib/makefile.win +++ /dev/null @@ -1,66 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -include - -include <$(DEPTH)\config\config.mak> - -# include files are aought in LINCS and INCS. -# LINCS are generated from REQUIRES in manigest.mn -INCS = $(INCS) \ - -I..\include \ - -I..\..\lib\cert \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)\dist\public\security \ - -I$(DEPTH)\dist\public\nspr \ - -I$(DEPTH)\cmd\winfe \ - $(NULL) - -LCFLAGS = -DUSE_SSL -DEXPORT_VERSION - -PDBFILE = $(LIBNAME).pdb - -# work around a bug in rules.mak -LIBRARY_SUFFIX = $(MOZ_BITS) - -include <$(DEPTH)\config\rules.mak> - -install:: $(LIBRARY) -# $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib - - -symbols:: - @echo "LIBRARY_NAME is $(LIBRARY_NAME)" - @echo "LIBRARY is $(LIBRARY)" diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn deleted file mode 100644 index 969596863..000000000 --- a/security/nss/cmd/lib/manifest.mn +++ /dev/null @@ -1,68 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# -CORE_DEPTH = ../../.. - -LIBRARY_NAME = sectool - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = seccmd - -DEFINES = -DNSPR20 - -EXPORTS = secutil.h \ - $(NULL) - -CSRCS = secutil.c \ - secpwd.c \ - derprint.c \ - secerror.c \ - seccnames.c \ - ffs.c \ - $(NULL) - -OLD_CSRCS = dongle.c \ - derprint.c \ - err.c \ - fe_util.c \ - ffs.c \ - filestub.c \ - secarb.c \ - secpwd.c \ - secutil.c \ - sslstubs.c \ - strerror.c \ - stubs.c \ - $(NULL) - -REQUIRES = security nspr dbm - diff --git a/security/nss/cmd/lib/secarb.c b/security/nss/cmd/lib/secarb.c deleted file mode 100644 index 176fcbf8b..000000000 --- a/security/nss/cmd/lib/secarb.c +++ /dev/null @@ -1,372 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -#ifdef __sun -extern int fprintf(FILE *strm, const char *format, .../* args */); -extern int fflush(FILE *stream); -#endif - -#define RIGHT_MARGIN 24 -/*#define RAW_BYTES 1 */ - -typedef unsigned char Byte; - -static int prettyColumn; /* NOTE: This is NOT reentrant. */ - -static char *prettyTagType [32] = { - "End of Contents", "Boolean", "Integer", "Bit String", "Octet String", - "NULL", "Object Identifier", "0x07", "0x08", "0x09", "0x0A", - "0x0B", "0X0C", "0X0D", "0X0E", "0X0F", "Sequence", "Set", - "0x12", "Printable String", "T61 String", "0x15", "IA5 String", - "UTCTime", - "0x18", "0x19", "0x1A", "0x1B", "0x1C", "0x1D", "0x1E", - "High-Tag-Number" -}; - -static SECStatus prettyNewline(FILE *out) -{ - int rv; - - if (prettyColumn != -1) { - rv = fprintf(out, "\n"); - prettyColumn = -1; - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - } - return SECSuccess; -} - -static SECStatus prettyIndent(FILE *out, unsigned level) -{ - unsigned i; - SECStatus rv; - - if (prettyColumn == -1) { - prettyColumn = level; - for (i = 0; i < level; i++) { - rv = (SECStatus) fprintf(out, " "); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - } - } - return SECSuccess; -} - -static SECStatus prettyPrintByte(FILE *out, Byte item, unsigned level) -{ - SECStatus rv; - - rv = prettyIndent(out, level); - if (rv) return rv; - - rv = (SECStatus) fprintf(out, "%02x ", item); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - prettyColumn++; - if (prettyColumn >= RIGHT_MARGIN) { - rv = prettyNewline(out); - return rv; - } - return SECSuccess; -} - -static SECStatus prettyPrintCString(FILE *out, char *str, unsigned level) -{ - SECStatus rv; - - rv = prettyNewline(out); - if (rv) return rv; - - rv = prettyIndent(out, level); - if (rv) return rv; - - rv = (SECStatus) fprintf(out, str); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - - rv = prettyNewline(out); - return rv; -} - -static SECStatus prettyPrintLeafString(FILE *out, SECArb *arb, unsigned lv) -{ - unsigned char buf[100]; - SECStatus rv; - int length = arb->body.item.len; - - if (length > 0 && arb->body.item.data == NULL) - return prettyPrintCString(out, "(string contents not available)", lv); - - if (length >= sizeof(buf)) - length = sizeof(buf) - 1; - - rv = prettyNewline(out); - if (rv) return rv; - - rv = prettyIndent(out, lv); - if (rv) return rv; - - memcpy(buf, arb->body.item.data, length); - buf[length] = '\000'; - - rv = (SECStatus) fprintf(out, "\"%s\"", buf); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - rv = prettyNewline(out); - if (rv) return rv; - - return SECSuccess; -} - -static SECStatus prettyPrintLeaf(FILE *out, SECArb* arb, unsigned lv) -{ - unsigned i; - SECStatus rv; - Byte *data = arb->body.item.data; - - if (data == NULL && arb->body.item.len > 0) - return prettyPrintCString(out, "(data not availabe)", lv); - - for (i = 0; i < arb->body.item.len; i++) { - rv = prettyPrintByte(out, *data++, lv); - if (rv) return rv; - } - - rv = prettyNewline(out); - return rv; -} - -static SECStatus prettyPrintEndContents(FILE *out, unsigned level) -{ - return prettyPrintCString(out, prettyTagType[0], level); -} - -static SECStatus prettyPrintTag(FILE *out, SECArb *arb, unsigned level) -{ - int rv; - -#ifdef RAW_BYTES - if (prettyPrintByte(out, arb->tag, level)) return PR_TRUE; -#else - if (prettyIndent(out, level)) return PR_TRUE; -#endif - - if (arb->tag & DER_CONSTRUCTED) { - rv = fprintf(out, "C-"); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return PR_TRUE; - } - } - - switch(arb->tag & 0xC0) { - case DER_UNIVERSAL: - rv = fprintf(out, "%s ", prettyTagType[arb->tag & 0x17]); - break; - case DER_APPLICATION: - rv = fprintf(out, "Application: %d ", arb->tag & 0x17); - break; - case DER_CONTEXT_SPECIFIC: - rv = fprintf(out, "[%d] ", arb->tag & 0x17); - break; - case DER_PRIVATE: - rv = fprintf(out, "Private: %d ", arb->tag & 0x17); - break; - } - - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return PR_TRUE; - } - return PR_FALSE; -} - -static SECStatus prettyPrintLength(FILE *out, SECArb *arb, unsigned lv) -{ - int rv = fprintf(out, " (%d)\n", arb->length); - if (rv < 0) { - PORT_SetError(SEC_ERROR_IO); - return -1; - } - prettyColumn = -1; - return PR_FALSE; -} - -static SECStatus prettyPrint(FILE *out, SECArb *arb, unsigned lv) -{ - int i; - - prettyPrintTag(out, arb, lv); - prettyPrintLength(out, arb, lv); - - if (arb->tag & DER_CONSTRUCTED) { - for (i = 0; i < arb->body.cons.numSubs; i++) - prettyPrint(out, arb->body.cons.subs[i], lv + 1); - if (arb->length == 0) - prettyPrintEndContents(out, lv); - } else { - if (arb->tag == DER_PRINTABLE_STRING || arb->tag == DER_UTC_TIME) { - if (prettyPrintLeafString(out, arb, lv+1)) return PR_TRUE; -#ifdef RAW_BYTES - if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE; -#endif - } else { - if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE; - } - } - - return prettyNewline(out); -} - -SECStatus BER_PrettyPrintArb(FILE *out, SECArb *a) -{ - prettyColumn = -1; - return prettyPrint(out, a, 0); -} - -/* - * PackHeader puts the tag and length field into a buffer provided by the - * client. It assumes the client has made the buffer at least big - * enough. (8 bytes will suffice for now). It returns the number of - * valid bytes - */ -static int PackHeader(SECArb *arb, unsigned char *header) -{ - int tagBytes, lengthBytes; - unsigned long length = arb->length; - /* - * XXX only handles short form tags - */ - header[0] = arb->tag; - tagBytes = 1; - - if (length < 0x80) { - if ((arb->tag & DER_CONSTRUCTED) && (arb->length == 0)) - header[tagBytes] = 0x80; /* indefinite length form */ - else - header[tagBytes] = arb->length; - lengthBytes = 1; - } else { - int i; - lengthBytes = 0; - for (i = 0; i < 4; i++) { - if ((length & 0xFF000000) || (lengthBytes > 0)) { - header[tagBytes + lengthBytes + 1] = length >> 24; - lengthBytes++; - } - length <<= 8; - } - header[tagBytes] = 0x80 + lengthBytes; - lengthBytes++; /* allow for the room for the length length */ - } - return tagBytes + lengthBytes; -} - -SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance) -{ - int i, length; - SECStatus rv; - unsigned char header[12]; - - length = PackHeader(arb, header); - rv = (*proc)(instance, header, length, arb); - if (rv) return rv; - - if (arb->tag & DER_CONSTRUCTED) { - for (i = 0; i < arb->body.cons.numSubs; i++) { - rv = BER_Unparse(arb->body.cons.subs[i], proc, instance); - if (rv) return rv; - } - if (arb->length == 0) { - rv = (*proc)(instance, "\0\0", 2, arb); - if (rv) return rv; - } - } else { - if ((arb->length > 0) && (arb->body.item.data == NULL)) - return SECFailure; - if (arb->length != arb->body.item.len) - return SECFailure; - rv = (*proc)(instance, arb->body.item.data, arb->length, arb); - } - return SECSuccess; -} - -static int ResolveLength(SECArb *arb) -{ - int length, i, rv; - unsigned char header[12]; - - /* - * One theory is that there might be valid subtrees along with - * still yet uknown length trees. That would imply that the scan - * should not be aborted on first failure. - */ - - length = PackHeader(arb, header); - if (arb->tag | DER_CONSTRUCTED) { - if (arb->length > 0) - length += arb->length; - else { - for (i = 0; i < arb->body.cons.numSubs; i++) { - rv = ResolveLength(arb->body.cons.subs[i]); - if (rv < 0) return -1; - length += rv; - } - arb->length = length; - } - } else { - if (arb->length != arb->body.item.len) - return -1; - length += arb->length; - } - return length; -} - -SECStatus BER_ResolveLengths(SECArb *arb) -{ - int rv; - rv = ResolveLength(arb); - if (rv < 0) return SECFailure; - return SECSuccess; -} diff --git a/security/nss/cmd/lib/seccnames.c b/security/nss/cmd/lib/seccnames.c deleted file mode 100644 index b2acdfb37..000000000 --- a/security/nss/cmd/lib/seccnames.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* -** secutil.c - various functions used by security stuff -** -*/ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" -#include "prerror.h" -#include "prprf.h" -#include "plgetopt.h" - -#include "secutil.h" -#include "secpkcs7.h" -#include "secrng.h" -#include -#include - -#ifdef XP_UNIX -#include -#endif - -/* for SEC_TraverseNames */ -#include "cert.h" -#include "certt.h" -#include "certdb.h" - -typedef struct { - char * name; - CERTCertTrust trust; -} certNameAndTrustEntry; - -typedef struct { - int numCerts; - certNameAndTrustEntry *nameAndTrustEntries; -} certNameAndTrustList; - -SECStatus -sec_CountCerts(CERTCertificate *cert, SECItem *unknown, void *arg) -{ - (*(int*)arg)++; - return SECSuccess; -} - -SECStatus -sec_CollectCertNamesAndTrust(CERTCertificate *cert, SECItem *unknown, void *arg) -{ - certNameAndTrustList *pCertNames = (certNameAndTrustList*)arg; - char *name; - int i; - - i = pCertNames->numCerts; - name = cert->dbEntry->nickname ? cert->dbEntry->nickname : cert->emailAddr; - - if (name) - pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(name); - else - pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(""); - - PORT_Memcpy(&pCertNames->nameAndTrustEntries[i].trust, cert->trust, sizeof(*cert->trust)); - - pCertNames->numCerts++; - - return SECSuccess; -} - - -static int -sec_name_and_trust_compare_by_name(const void *p1, const void *p2) -{ - certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1; - certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2; - return PORT_Strcmp(e1->name, e2->name); -} - -static int -sec_combine_trust_flags(CERTCertTrust *trust) -{ - if (trust == NULL) - return 0; - return trust->sslFlags | trust->emailFlags | trust->objectSigningFlags; -} - -static int -sec_name_and_trust_compare_by_trust(const void *p1, const void *p2) -{ - certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1; - certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2; - int e1_is_ca, e2_is_ca; - int e1_is_user, e2_is_user; - int rv; - - e1_is_ca = (sec_combine_trust_flags(&e1->trust) & CERTDB_VALID_CA) != 0; - e2_is_ca = (sec_combine_trust_flags(&e2->trust) & CERTDB_VALID_CA) != 0; - e1_is_user = (sec_combine_trust_flags(&e1->trust) & CERTDB_USER) != 0; - e2_is_user = (sec_combine_trust_flags(&e2->trust) & CERTDB_USER) != 0; - - /* first, sort by user status, then CA status, */ - /* then by actual comparison of CA flags, then by name */ - if ((rv = (e2_is_user - e1_is_user)) == 0 && (rv = (e1_is_ca - e2_is_ca)) == 0) - if (e1_is_ca || (rv = memcmp(&e1->trust, &e2->trust, sizeof(CERTCertTrust))) == 0) - return PORT_Strcmp(e1->name, e2->name); - else - return rv; - else - return rv; -} - -SECStatus -SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc *out, - PRBool sortByName, PRBool sortByTrust) -{ - certNameAndTrustList certNames = { 0, NULL }; - int numCerts, i; - SECStatus rv; - int (*comparefn)(const void *, const void *); - char trusts[30]; - - numCerts = 0; - - rv = SEC_TraversePermCerts(handle, sec_CountCerts, &numCerts); - if (rv != SECSuccess) - return SECFailure; - - certNames.nameAndTrustEntries = - (certNameAndTrustEntry *)PORT_Alloc(numCerts * sizeof(certNameAndTrustEntry)); - if (certNames.nameAndTrustEntries == NULL) - return SECFailure; - - rv = SEC_TraversePermCerts(handle, sec_CollectCertNamesAndTrust, &certNames); - if (rv != SECSuccess) - return SECFailure; - - if (sortByName) - comparefn = sec_name_and_trust_compare_by_name; - else if (sortByTrust) - comparefn = sec_name_and_trust_compare_by_trust; - else - comparefn = NULL; - - if (comparefn) - qsort(certNames.nameAndTrustEntries, certNames.numCerts, - sizeof(certNameAndTrustEntry), comparefn); - - PR_fprintf(out, "\n%-60s %-5s\n\n", "Certificate Name", "Trust Attributes"); - for (i = 0; i < certNames.numCerts; i++) { - PORT_Memset (trusts, 0, sizeof(trusts)); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.sslFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.emailFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, certNames.nameAndTrustEntries[i].trust.objectSigningFlags); - PR_fprintf(out, "%-60s %-5s\n", - certNames.nameAndTrustEntries[i].name, trusts); - } - PR_fprintf(out, "\n"); - PR_fprintf(out, "p Valid peer\n"); - PR_fprintf(out, "P Trusted peer (implies p)\n"); - PR_fprintf(out, "c Valid CA\n"); - PR_fprintf(out, "T Trusted CA to issue client certs (implies c)\n"); - PR_fprintf(out, "C Trusted CA to certs(only server certs for ssl) (implies c)\n"); - PR_fprintf(out, "u User cert\n"); - PR_fprintf(out, "w Send warning\n"); - - for (i = 0; i < certNames.numCerts; i++) - PORT_Free(certNames.nameAndTrustEntries[i].name); - PORT_Free(certNames.nameAndTrustEntries); - - return rv; -} diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c deleted file mode 100644 index 3cfe28b50..000000000 --- a/security/nss/cmd/lib/secerror.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "nspr.h" - -struct tuple_str { - PRErrorCode errNum; - const char * errString; -}; - -typedef struct tuple_str tuple_str; - -#define ER2(a,b) {a, b}, -#define ER3(a,b,c) {a, c}, - -#include "secerr.h" -#include "sslerr.h" - -const tuple_str errStrings[] = { - -/* keep this list in asceding order of error numbers */ -#include "SSLerrs.h" -#include "SECerrs.h" -#include "NSPRerrs.h" - -}; - -const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str); - -/* Returns a UTF-8 encoded constant error string for "errNum". - * Returns NULL of errNum is unknown. - */ -const char * -SECU_Strerror(PRErrorCode errNum) { - PRInt32 low = 0; - PRInt32 high = numStrings - 1; - PRInt32 i; - PRErrorCode num; - static int initDone; - - /* make sure table is in ascending order. - * binary search depends on it. - */ - if (!initDone) { - PRErrorCode lastNum = 0x80000000; - for (i = low; i <= high; ++i) { - num = errStrings[i].errNum; - if (num <= lastNum) { - fprintf(stderr, -"sequence error in error strings at item %d\n" -"error %d (%s)\n" -"should come after \n" -"error %d (%s)\n", - i, lastNum, errStrings[i-1].errString, - num, errStrings[i].errString); - } - lastNum = num; - } - initDone = 1; - } - - /* Do binary search of table. */ - while (low + 1 < high) { - i = (low + high) / 2; - num = errStrings[i].errNum; - if (errNum == num) - return errStrings[i].errString; - if (errNum < num) - high = i; - else - low = i; - } - if (errNum == errStrings[low].errNum) - return errStrings[low].errString; - if (errNum == errStrings[high].errNum) - return errStrings[high].errString; - return NULL; -} diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c deleted file mode 100644 index 290538a0e..000000000 --- a/security/nss/cmd/lib/secpwd.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -/* - * NOTE: The contents of this file are NOT used by the client. - * (They are part of the security library as a whole, but they are - * NOT USED BY THE CLIENT.) Do not change things on behalf of the - * client (like localizing strings), or add things that are only - * for the client (put them elsewhere). - */ - - -#ifdef XP_UNIX -#include -#include -#endif - -#ifdef _WINDOWS -#include -#include -#define QUIET_FGETS quiet_fgets -static char * quiet_fgets (char *buf, int length, FILE *input); -#else -#define QUIET_FGETS fgets -#endif - -static void echoOff(int fd) -{ -#if defined(XP_UNIX) && !defined(VMS) - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag &= ~ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -#endif -} - -static void echoOn(int fd) -{ -#if defined(XP_UNIX) && !defined(VMS) - if (isatty(fd)) { - struct termios tio; - tcgetattr(fd, &tio); - tio.c_lflag |= ECHO; - tcsetattr(fd, TCSAFLUSH, &tio); - } -#endif -} - -char *SEC_GetPassword(FILE *input, FILE *output, char *prompt, - PRBool (*ok)(char *)) -{ - char phrase[200]; - int infd = fileno(input); -#ifdef _WINDOWS - int isTTY = (input == stdin); -#else - int isTTY = isatty(infd); -#endif - for (;;) { - /* Prompt for password */ - if (isTTY) { - fprintf(output, "%s", prompt); - fflush (output); - echoOff(infd); - } - - QUIET_FGETS ( phrase, sizeof(phrase), input); - - if (isTTY) { - fprintf(output, "\n"); - echoOn(infd); - } - - /* stomp on newline */ - phrase[PORT_Strlen(phrase)-1] = 0; - - /* Validate password */ - if (!(*ok)(phrase)) { - /* Not weird enough */ - if (!isTTY) return 0; - fprintf(output, "Password must be at least 8 characters long with one or more\n"); - fprintf(output, "non-alphabetic characters\n"); - continue; - } - return (char*) PORT_Strdup(phrase); - } -} - - - -PRBool SEC_CheckPassword(char *cp) -{ - int len; - char *end; - - len = PORT_Strlen(cp); - if (len < 8) { - return PR_FALSE; - } - end = cp + len; - while (cp < end) { - unsigned char ch = *cp++; - if (!((ch >= 'A') && (ch <= 'Z')) && - !((ch >= 'a') && (ch <= 'z'))) { - /* pass phrase has at least one non alphabetic in it */ - return PR_TRUE; - } - } - return PR_FALSE; -} - -PRBool SEC_BlindCheckPassword(char *cp) -{ - if (cp != NULL) { - return PR_TRUE; - } - return PR_FALSE; -} - -/* Get a password from the input terminal, without echoing */ - -#ifdef _WINDOWS -static char * quiet_fgets (char *buf, int length, FILE *input) - { - int c; - char *end = buf; - - /* fflush (input); */ - memset (buf, 0, length); - - if (input != stdin) { - return fgets(buf,length,input); - } - - while (1) - { - c = getch(); - - if (c == '\b') - { - if (end > buf) - end--; - } - - else if (--length > 0) - *end++ = c; - - if (!c || c == '\n' || c == '\r') - break; - } - - return buf; - } -#endif diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c deleted file mode 100644 index 78a914210..000000000 --- a/security/nss/cmd/lib/secutil.c +++ /dev/null @@ -1,2526 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -/* -** secutil.c - various functions used by security stuff -** -*/ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" -#include "prerror.h" -#include "prprf.h" -#include "plgetopt.h" - -#include "secutil.h" -#include "secpkcs7.h" -#include "secrng.h" -#include -#include -#include - -#ifdef XP_UNIX -#include -#endif - -/* for SEC_TraverseNames */ -#include "cert.h" -#include "certt.h" -#include "certdb.h" - -/* #include "secmod.h" */ -#include "pk11func.h" -#include "secoid.h" - -static char consoleName[] = { -#ifdef XP_UNIX -#ifdef VMS - "TT" -#else - "/dev/tty" -#endif -#else - "CON:" -#endif -}; - -char * -SECU_GetString(int16 error_number) -{ - - static char errString[80]; - sprintf(errString, "Unknown error string (%d)", error_number); - return errString; -} - -void -SECU_PrintError(char *progName, char *msg, ...) -{ - va_list args; - PRErrorCode err = PORT_GetError(); - const char * errString = SECU_Strerror(err); - - va_start(args, msg); - - fprintf(stderr, "%s: ", progName); - vfprintf(stderr, msg, args); - if (errString != NULL && PORT_Strlen(errString) > 0) - fprintf(stderr, ": %s\n", errString); - else - fprintf(stderr, "\n"); - - va_end(args); -} - -void -SECU_PrintSystemError(char *progName, char *msg, ...) -{ - va_list args; - - va_start(args, msg); - fprintf(stderr, "%s: ", progName); - vfprintf(stderr, msg, args); - fprintf(stderr, ": %s\n", strerror(errno)); - va_end(args); -} - -static void -secu_ClearPassword(char *p) -{ - if (p) { - PORT_Memset(p, 0, PORT_Strlen(p)); - PORT_Free(p); - } -} - -char * -SECU_GetPasswordString(void *arg, char *prompt) -{ -#ifndef _WINDOWS - char *p = NULL; - FILE *input, *output; - - /* open terminal */ - input = fopen(consoleName, "r"); - if (input == NULL) { - fprintf(stderr, "Error opening input terminal for read\n"); - return NULL; - } - - output = fopen(consoleName, "w"); - if (output == NULL) { - fprintf(stderr, "Error opening output terminal for write\n"); - return NULL; - } - - p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword); - - - fclose(input); - fclose(output); - - return p; - -#else - /* Win32 version of above. opening the console may fail - on windows95, and certainly isn't necessary.. */ - - char *p = NULL; - - p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword); - return p; - -#endif -} - - -/* - * p a s s w o r d _ h a r d c o d e - * - * A function to use the password passed in the -f(pwfile) argument - * of the command line. - * After use once, null it out otherwise PKCS11 calls us forever.? - * - */ -char * -SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - unsigned char phrase[200]; - PRFileDesc *fd; - PRInt32 nb; - char *pwFile = arg; - int i; - - if (!pwFile) - return 0; - - if (retry) { - return 0; /* no good retrying - the files contents will be the same */ - } - - fd = PR_Open(pwFile, PR_RDONLY, 0); - if (!fd) { - fprintf(stderr, "No password file \"%s\" exists.\n", pwFile); - return NULL; - } - - nb = PR_Read(fd, phrase, sizeof(phrase)); - - PR_Close(fd); - /* handle the Windows EOL case */ - i = 0; - while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++; - phrase[i] = '\0'; - if (nb == 0) { - fprintf(stderr,"password file contains no data\n"); - return NULL; - } else { - return (char*) PORT_Strdup((char*)phrase); - } - return (char*) PORT_Strdup((char*)phrase); -} - -char * -SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - char prompt[255]; - secuPWData *pwdata = arg; - secuPWData pwnull = { PW_NONE, 0 }; - - if (arg == NULL) - pwdata = &pwnull; - - if (retry && pwdata->source != PW_NONE) { - PR_fprintf(PR_STDERR, "incorrect password entered at command line.\n"); - return NULL; - } - - sprintf(prompt, "Enter Password or Pin for \"%s\":", - PK11_GetTokenName(slot)); - - switch (pwdata->source) { - case PW_NONE: - return SECU_GetPasswordString(NULL, prompt); - case PW_FROMFILE: - return SECU_FilePasswd(slot, retry, pwdata->data); - case PW_PLAINTEXT: - return PL_strdup(arg); - default: - break; - } - - return NULL; -} - -char * -secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg) -{ - char *p0 = NULL; - char *p1 = NULL; - FILE *input, *output; - secuPWData *pwdata = arg; - - if (pwdata->source == PW_FROMFILE) { - return SECU_FilePasswd(slot, retry, pwdata->data); - } else if (pwdata->source == PW_PLAINTEXT) { - return PL_strdup(pwdata->data); - } - - /* PW_NONE - get it from tty */ - /* open terminal */ -#ifdef _WINDOWS - input = stdin; -#else - input = fopen(consoleName, "r"); -#endif - if (input == NULL) { - PR_fprintf(PR_STDERR, "Error opening input terminal for read\n"); - return NULL; - } - - /* we have no password, so initialize database with one */ - PR_fprintf(PR_STDERR, "In order to finish creating your database, you\n"); - PR_fprintf(PR_STDERR, "must enter a password which will be used to\n"); - PR_fprintf(PR_STDERR, "encrypt this key and any future keys.\n\n"); - PR_fprintf(PR_STDERR, "The password must be at least 8 characters long,\n"); - PR_fprintf(PR_STDERR, "and must contain at least one non-alphabetic "); - PR_fprintf(PR_STDERR, "character.\n\n"); - - output = fopen(consoleName, "w"); - if (output == NULL) { - PR_fprintf(PR_STDERR, "Error opening output terminal for write\n"); - return NULL; - } - - - for (;;) { - if (!p0) { - p0 = SEC_GetPassword(input, output, "Enter new password: ", - SEC_BlindCheckPassword); - } - if (pwdata->source == PW_NONE) { - p1 = SEC_GetPassword(input, output, "Re-enter password: ", - SEC_BlindCheckPassword); - } - if (pwdata->source != PW_NONE || (PORT_Strcmp(p0, p1) == 0)) { - break; - } - PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n"); - } - - /* clear out the duplicate password string */ - secu_ClearPassword(p1); - - fclose(input); - fclose(output); - - return p0; -} - -SECStatus -SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile) -{ - SECStatus rv; - secuPWData pwdata, newpwdata; - char *oldpw = NULL, *newpw = NULL; - - if (passwd) { - pwdata.source = PW_PLAINTEXT; - pwdata.data = passwd; - } else if (pwFile) { - pwdata.source = PW_FROMFILE; - pwdata.data = pwFile; - } else { - pwdata.source = PW_NONE; - pwdata.data = NULL; - } - - if (PK11_NeedUserInit(slot)) { - newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata); - rv = PK11_InitPin(slot, (char*)NULL, newpw); - goto done; - } - - for (;;) { - oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata); - - if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { - if (pwdata.source == PW_NONE) { - PR_fprintf(PR_STDERR, "Invalid password. Try again.\n"); - } else { - PR_fprintf(PR_STDERR, "Invalid password.\n"); - PORT_Memset(oldpw, 0, PL_strlen(oldpw)); - PORT_Free(oldpw); - return SECFailure; - } - } else - break; - - PORT_Free(oldpw); - } - - newpwdata.source = PW_NONE; - newpwdata.data = NULL; - - newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata); - - if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, "Failed to change password.\n"); - return SECFailure; - } - - PORT_Memset(oldpw, 0, PL_strlen(oldpw)); - PORT_Free(oldpw); - - PR_fprintf(PR_STDOUT, "Password changed successfully.\n"); - -done: - PORT_Memset(newpw, 0, PL_strlen(newpw)); - PORT_Free(newpw); - return SECSuccess; -} - -struct matchobj { - SECItem index; - char *nname; - PRBool found; -}; - -char * -SECU_DefaultSSLDir(void) -{ - char *dir; - static char sslDir[1000]; - - dir = getenv("SSL_DIR"); - if (!dir) - return NULL; - - sprintf(sslDir, "%s", dir); - - if (sslDir[strlen(sslDir)-1] == '/') - sslDir[strlen(sslDir)-1] = 0; - - return sslDir; -} - -char * -SECU_AppendFilenameToDir(char *dir, char *filename) -{ - static char path[1000]; - - if (dir[strlen(dir)-1] == '/') - sprintf(path, "%s%s", dir, filename); - else - sprintf(path, "%s/%s", dir, filename); - return path; -} - -char * -SECU_ConfigDirectory(const char* base) -{ - static PRBool initted = PR_FALSE; - const char *dir = ".netscape"; - char *home; - static char buf[1000]; - - if (initted) return buf; - - - if (base == NULL || *base == 0) { - home = getenv("HOME"); - if (!home) home = ""; - - if (*home && home[strlen(home) - 1] == '/') - sprintf (buf, "%.900s%s", home, dir); - else - sprintf (buf, "%.900s/%s", home, dir); - } else { - sprintf(buf, "%.900s", base); - if (buf[strlen(buf) - 1] == '/') - buf[strlen(buf) - 1] = 0; - } - - - initted = PR_TRUE; - return buf; -} - -/*Turn off SSL for now */ -/* This gets called by SSL when server wants our cert & key */ -int -SECU_GetClientAuthData(void *arg, PRFileDesc *fd, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey) -{ - SECKEYPrivateKey *key; - CERTCertificate *cert; - int errsave; - - if (arg == NULL) { - fprintf(stderr, "no key/cert name specified for client auth\n"); - return -1; - } - cert = PK11_FindCertFromNickname(arg, NULL); - errsave = PORT_GetError(); - if (!cert) { - if (errsave == SEC_ERROR_BAD_PASSWORD) - fprintf(stderr, "Bad password\n"); - else if (errsave > 0) - fprintf(stderr, "Unable to read cert (error %d)\n", errsave); - else if (errsave == SEC_ERROR_BAD_DATABASE) - fprintf(stderr, "Unable to get cert from database (%d)\n", errsave); - else - fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave); - return -1; - } - - key = PK11_FindKeyByAnyCert(arg,NULL); - if (!key) { - fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError()); - return -1; - } - - - *pRetCert = cert; - *pRetKey = key; - - return 0; -} - -SECStatus -secu_StdinToItem(SECItem *dst) -{ - unsigned char buf[1000]; - PRInt32 numBytes; - PRBool notDone = PR_TRUE; - - dst->len = 0; - dst->data = NULL; - - while (notDone) { - numBytes = PR_Read(PR_STDIN, buf, sizeof(buf)); - - if (numBytes < 0) { - PORT_SetError(PR_IO_ERROR); - return SECFailure; - } - - if (numBytes == 0) - break; - - if (buf[numBytes-1] == '\n') { - buf[numBytes-1] = '\0'; - notDone = PR_FALSE; - } - - if (dst->data) { - dst->data = (unsigned char*)PORT_Realloc(dst->data, - dst->len+numBytes); - PORT_Memcpy(dst->data+dst->len, buf, numBytes); - } else { - dst->data = (unsigned char*)PORT_Alloc(numBytes); - PORT_Memcpy(dst->data, buf, numBytes); - } - dst->len += numBytes; - } - - return SECSuccess; -} - -SECStatus -SECU_FileToItem(SECItem *dst, PRFileDesc *src) -{ - PRFileInfo info; - PRInt32 numBytes; - PRStatus prStatus; - - if (src == PR_STDIN) - return secu_StdinToItem(dst); - - prStatus = PR_GetOpenFileInfo(src, &info); - - if (prStatus != PR_SUCCESS) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - - /* XXX workaround for 3.1, not all utils zero dst before sending */ - dst->data = 0; - if (!SECITEM_AllocItem(NULL, dst, info.size)) - goto loser; - - numBytes = PR_Read(src, dst->data, info.size); - if (numBytes != info.size) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - - return SECSuccess; -loser: - SECITEM_FreeItem(dst, PR_FALSE); - return SECFailure; -} - -SECStatus -SECU_TextFileToItem(SECItem *dst, PRFileDesc *src) -{ - PRFileInfo info; - PRInt32 numBytes; - PRStatus prStatus; - unsigned char *buf; - - if (src == PR_STDIN) - return secu_StdinToItem(dst); - - prStatus = PR_GetOpenFileInfo(src, &info); - - if (prStatus != PR_SUCCESS) { - PORT_SetError(SEC_ERROR_IO); - return SECFailure; - } - - buf = (unsigned char*)PORT_Alloc(info.size); - if (!buf) - return SECFailure; - - numBytes = PR_Read(src, buf, info.size); - if (numBytes != info.size) { - PORT_SetError(SEC_ERROR_IO); - goto loser; - } - - if (buf[numBytes-1] == '\n') numBytes--; -#ifdef _WINDOWS - if (buf[numBytes-1] == '\r') numBytes--; -#endif - - /* XXX workaround for 3.1, not all utils zero dst before sending */ - dst->data = 0; - if (!SECITEM_AllocItem(NULL, dst, numBytes)) - goto loser; - - memcpy(dst->data, buf, numBytes); - - PORT_Free(buf); - return SECSuccess; -loser: - PORT_Free(buf); - return SECFailure; -} - -SECStatus -SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii) -{ - SECStatus rv; - char *asc, *body, *trailer; - if (ascii) { - /* First convert ascii to binary */ - SECItem filedata; - - /* Read in ascii data */ - rv = SECU_FileToItem(&filedata, inFile); - asc = (char *)filedata.data; - if (!asc) { - fprintf(stderr, "unable to read data from input file\n"); - return SECFailure; - } - - /* check for headers and trailers and remove them */ - if ((body = strstr(asc, "-----BEGIN")) != NULL) { - body = PORT_Strchr(body, '\n') + 1; - trailer = strstr(body, "-----END"); - if (trailer != NULL) { - *trailer = '\0'; - } else { - fprintf(stderr, "input has header but no trailer\n"); - return SECFailure; - } - } else { - body = asc; - } - - /* Convert to binary */ - rv = ATOB_ConvertAsciiToItem(der, body); - if (rv) { - fprintf(stderr, "error converting ascii to binary (%s)\n", - SECU_Strerror(PORT_GetError())); - return SECFailure; - } - PORT_Free(asc); - } else { - /* Read in binary der */ - rv = SECU_FileToItem(der, inFile); - if (rv) { - fprintf(stderr, "error converting der (%s)\n", - SECU_Strerror(PORT_GetError())); - return SECFailure; - } - } - return SECSuccess; -} - -#define INDENT_MULT 4 -void -SECU_Indent(FILE *out, int level) -{ - int i; - for (i = 0; i < level; i++) { - fprintf(out, " "); - } -} - -static void secu_Newline(FILE *out) -{ - fprintf(out, "\n"); -} - -void -SECU_PrintAsHex(FILE *out, SECItem *data, char *m, int level) -{ - unsigned i; - int column; - - if ( m ) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - level++; - } - - SECU_Indent(out, level); column = level*INDENT_MULT; - for (i = 0; i < data->len; i++) { - if (i != data->len - 1) { - fprintf(out, "%02x:", data->data[i]); - column += 4; - } else { - fprintf(out, "%02x", data->data[i]); - column += 3; - break; - } - if (column > 76) { - secu_Newline(out); - SECU_Indent(out, level); column = level*INDENT_MULT; - } - } - level--; - if (column != level*INDENT_MULT) { - secu_Newline(out); - } -} - -static const char *hex = "0123456789abcdef"; - -static const char printable[257] = { - "................" /* 0x */ - "................" /* 1x */ - " !\"#$%&'()*+,-./" /* 2x */ - "0123456789:;<=>?" /* 3x */ - "@ABCDEFGHIJKLMNO" /* 4x */ - "PQRSTUVWXYZ[\\]^_" /* 5x */ - "`abcdefghijklmno" /* 6x */ - "pqrstuvwxyz{|}~." /* 7x */ - "................" /* 8x */ - "................" /* 9x */ - "................" /* ax */ - "................" /* bx */ - "................" /* cx */ - "................" /* dx */ - "................" /* ex */ - "................" /* fx */ -}; - -void -SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len) -{ - const unsigned char *cp = (const unsigned char *)vp; - char buf[80]; - char *bp; - char *ap; - - fprintf(out, "%s [Len: %d]\n", msg, len); - memset(buf, ' ', sizeof buf); - bp = buf; - ap = buf + 50; - while (--len >= 0) { - unsigned char ch = *cp++; - *bp++ = hex[(ch >> 4) & 0xf]; - *bp++ = hex[ch & 0xf]; - *bp++ = ' '; - *ap++ = printable[ch]; - if (ap - buf >= 66) { - *ap = 0; - fprintf(out, " %s\n", buf); - memset(buf, ' ', sizeof buf); - bp = buf; - ap = buf + 50; - } - } - if (bp > buf) { - *ap = 0; - fprintf(out, " %s\n", buf); - } -} - -void -SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level) -{ - int iv; - - if (i->len > 4) { - SECU_PrintAsHex(out, i, m, level); - } else { - iv = DER_GetInteger(i); - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: %d (0x%x)\n", m, iv, iv); - } else { - fprintf(out, "%d (0x%x)\n", iv, iv); - } - } -} - -void -SECU_PrintString(FILE *out, SECItem *i, char *m, int level) -{ - char *string; - unsigned char *data = i->data; - int len = i->len; - int lenlen; - int tag; - - string = PORT_ZAlloc(i->len+1); - - tag = *data++; len--; - if (data[1] & 0x80) { - lenlen = data[1] & 0x1f; - } else { - lenlen = 1; - } - data += lenlen; len -= lenlen; - if (len <= 0) return; - PORT_Memcpy(string,data,len); - - /* should check the validity of tag, and convert the string as necessary */ - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: \"%s\"\n", m, string); - } else { - fprintf(out, "\"%s\"\n", string); - } -} - -static void -secu_PrintBoolean(FILE *out, SECItem *i, char *m, int level) -{ - int val = 0; - - if ( i->data ) { - val = i->data[0]; - } - - if (m) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); level++; - } - if ( val ) { - SECU_Indent(out, level); fprintf(out, "%s\n", "True"); - } else { - SECU_Indent(out, level); fprintf(out, "%s\n", "False"); - } -} - -/* - * Format and print "time". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -static void -secu_PrintTime(FILE *out, int64 time, char *m, int level) -{ - PRExplodedTime printableTime; - char *timeString; - - /* Convert to local time */ - PR_ExplodeTime(time, PR_GMTParameters, &printableTime); - - timeString = PORT_Alloc(100); - if (timeString == NULL) - return; - - if (m != NULL) { - SECU_Indent(out, level); - fprintf(out, "%s: ", m); - } - - PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime); - fprintf(out, timeString); - - if (m != NULL) - fprintf(out, "\n"); - - PORT_Free(timeString); -} - -/* - * Format and print the UTC Time "t". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -void -SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level) -{ - int64 time; - SECStatus rv; - - rv = DER_UTCTimeToTime(&time, t); - if (rv != SECSuccess) - return; - - secu_PrintTime(out, time, m, level); -} - -/* - * Format and print the Generalized Time "t". If the tag message "m" - * is not NULL, * do indent formatting based on "level" and add a newline - * afterward; otherwise just print the formatted time string only. - */ -void -SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level) -{ - int64 time; - SECStatus rv; - - - rv = DER_GeneralizedTimeToTime(&time, t); - if (rv != SECSuccess) - return; - - secu_PrintTime(out, time, m, level); -} - -static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level); - -void -SECU_PrintSet(FILE *out, SECItem *t, char *m, int level) -{ - int type= t->data[0] & 0x1f; - int start; - unsigned char *bp; - - SECU_Indent(out, level); - if (m) { - fprintf(out, "%s: ", m); - } - fprintf(out,"%s {\n", - type == SEC_ASN1_SET ? "Set" : "Sequence"); - - start = 2; - if (t->data[1] & 0x80) { - start = (t->data[1] & 0x7f) +1; - } - for (bp=&t->data[start]; bp < &t->data[t->len]; ) { - SECItem tmp; - unsigned int i,len,lenlen; - - if (bp[1] & 0x80) { - lenlen = bp[1] & 0x1f; - len = 0; - for (i=0; i < lenlen; i++) { - len = len * 255 + bp[2+i]; - } - } else { - lenlen = 1; - len = bp[1]; - } - tmp.len = len+lenlen+1; - tmp.data = bp; - bp += tmp.len; - secu_PrintAny(out,&tmp,NULL,level+1); - } - SECU_Indent(out, level); fprintf(out, "}\n"); - -} - -static void -secu_PrintAny(FILE *out, SECItem *i, char *m, int level) -{ - if ( i->len ) { - switch (i->data[0] & 0x1f) { - case SEC_ASN1_INTEGER: - SECU_PrintInteger(out, i, m, level); - break; - case SEC_ASN1_OBJECT_ID: - SECU_PrintObjectID(out, i, m, level); - break; - case SEC_ASN1_BOOLEAN: - secu_PrintBoolean(out, i, m, level); - break; - case SEC_ASN1_UTF8_STRING: - case SEC_ASN1_PRINTABLE_STRING: - case SEC_ASN1_VISIBLE_STRING: - case SEC_ASN1_BMP_STRING: - case SEC_ASN1_IA5_STRING: - case SEC_ASN1_T61_STRING: - case SEC_ASN1_UNIVERSAL_STRING: - SECU_PrintString(out, i, m, level); - break; - case SEC_ASN1_GENERALIZED_TIME: - SECU_PrintGeneralizedTime(out, i, m, level); - break; - case SEC_ASN1_UTC_TIME: - SECU_PrintUTCTime(out, i, m, level); - break; - case SEC_ASN1_NULL: - SECU_Indent(out, level); fprintf(out, "%s: NULL\n", m); - break; - case SEC_ASN1_SET: - case SEC_ASN1_SEQUENCE: - SECU_PrintSet(out, i, m, level); - break; - - default: - SECU_PrintAsHex(out, i, m, level); - break; - } - } -} - -static int -secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintUTCTime(out, &v->notBefore, "Not Before", level+1); - SECU_PrintUTCTime(out, &v->notAfter, "Not After", level+1); - return 0; -} - -void -SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level) -{ - char *name; - SECOidData *oiddata; - - oiddata = SECOID_FindOID(oid); - if (oiddata == NULL) { - SECU_PrintAsHex(out, oid, m, level); - return; - } - name = oiddata->desc; - - SECU_Indent(out, level); - if (m != NULL) - fprintf(out, "%s: ", m); - fprintf(out, "%s\n", name); -} - -void -SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level) -{ - SECU_PrintObjectID(out, &a->algorithm, m, level); - - if (a->parameters.len == 0 - || (a->parameters.len == 2 - && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) { - /* No arguments or NULL argument */ - } else { - /* Print args to algorithm */ - SECU_PrintAsHex(out, &a->parameters, "Args", level+1); - } -} - -static void -secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level) -{ - SECItem *value; - int i; - char om[100]; - - if (m) { - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - } - - /* - * Should make this smarter; look at the type field and then decode - * and print the value(s) appropriately! - */ - SECU_PrintObjectID(out, &(attr->type), "Type", level+1); - if (attr->values != NULL) { - i = 0; - while ((value = attr->values[i++]) != NULL) { - sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : ""); - if (attr->encoded || attr->typeTag == NULL) { - SECU_PrintAsHex(out, value, om, level+1); - } else { - switch (attr->typeTag->offset) { - default: - SECU_PrintAsHex(out, value, om, level+1); - break; - case SEC_OID_PKCS9_CONTENT_TYPE: - SECU_PrintObjectID(out, value, om, level+1); - break; - case SEC_OID_PKCS9_SIGNING_TIME: - SECU_PrintUTCTime(out, value, om, level+1); - break; - } - } - } - } -} - -static void -secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level) -{ -#if 0 /* - * um, yeah, that might be nice, but if you look at the callers - * you will see that they do not *set* this, so this will not work! - * Instead, somebody needs to fix the callers to be smarter about - * public key stuff, if that is important. - */ - PORT_Assert(pk->keyType == rsaKey); -#endif - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1); - SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1); -} - -static void -secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1); - SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1); - SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1); - SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1); -} - -static int -secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena, - CERTSubjectPublicKeyInfo *i, char *msg, int level) -{ - SECKEYPublicKey *pk; - int rv; - - SECU_Indent(out, level); fprintf(out, "%s:\n", msg); - SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1); - - pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey)); - if (!pk) - return PORT_GetError(); - - DER_ConvertBitString(&i->subjectPublicKey); - switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) { - case SEC_OID_PKCS1_RSA_ENCRYPTION: - rv = SEC_ASN1DecodeItem(arena, pk, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), - &i->subjectPublicKey); - if (rv) - return rv; - secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1); - break; - case SEC_OID_ANSIX9_DSA_SIGNATURE: - rv = SEC_ASN1DecodeItem(arena, pk, - SEC_ASN1_GET(SECKEY_DSAPublicKeyTemplate), - &i->subjectPublicKey); - if (rv) - return rv; - secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1); - break; - default: - fprintf(out, "bad SPKI algorithm type\n"); - return 0; - } - - return 0; -} - -static SECStatus -secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level) -{ - SECItem decodedValue; - SECStatus rv; - int64 invalidTime; - char *formattedTime = NULL; - - decodedValue.data = NULL; - rv = SEC_ASN1DecodeItem (NULL, &decodedValue, - SEC_ASN1_GET(SEC_GeneralizedTimeTemplate), - value); - if (rv == SECSuccess) { - rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue); - if (rv == SECSuccess) { - formattedTime = CERT_GenTime2FormattedAscii - (invalidTime, "%a %b %d %H:%M:%S %Y"); - SECU_Indent(out, level +1); - fprintf (out, "%s: %s\n", msg, formattedTime); - PORT_Free (formattedTime); - } - } - PORT_Free (decodedValue.data); - return (rv); -} - -static SECStatus -PrintExtKeyUsageExten (FILE *out, SECItem *value, char *msg, int level) -{ - CERTOidSequence *os; - SECItem **op; - - SECU_Indent(out, level); fprintf(out, "Extended Key Usage Extension:\n"); - - os = CERT_DecodeOidSequence(value); - if( (CERTOidSequence *)NULL == os ) { - return SECFailure; - } - - for( op = os->oids; *op; op++ ) { - SECOidData *od = SECOID_FindOID(*op); - - if( (SECOidData *)NULL == od ) { - SECU_Indent(out, level+1); - SECU_PrintAsHex(out, *op, "Unknown:", level+2); - secu_Newline(out); - continue; - } - - SECU_Indent(out, level+1); - if( od->desc ) fprintf(out, "%s", od->desc); - else SECU_PrintAsHex(out, &od->oid, "", level+2); - - secu_Newline(out); - } - - return SECSuccess; -} - -char * -itemToString(SECItem *item) -{ - char *string; - - string = PORT_ZAlloc(item->len+1); - if (string == NULL) return NULL; - PORT_Memcpy(string,item->data,item->len); - string[item->len] = 0; - return string; -} - -static SECStatus -secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,char *msg,int level) -{ - CERTUserNotice *userNotice; - SECItem **itemList = NULL; - char *string; - - SECU_PrintObjectID(out, &policyQualifier->qualifierID , - "Policy Qualifier Name", level); - - switch (policyQualifier->oid) { - case SEC_OID_PKIX_USER_NOTICE_QUALIFIER: - userNotice = CERT_DecodeUserNotice(&policyQualifier->qualifierValue); - if (userNotice) { - if (userNotice->noticeReference.organization.len != 0) { - string=itemToString(&userNotice->noticeReference.organization); - itemList = userNotice->noticeReference.noticeNumbers; - while (*itemList) { - SECU_PrintInteger(out,*itemList,string,level+1); - itemList++; - } - PORT_Free(string); - } - if (userNotice->displayText.len != 0) { - SECU_PrintString(out,&userNotice->displayText, - "Display Text", level+1); - } - break; - } - /* fall through on error */ - case SEC_OID_PKIX_CPS_POINTER_QUALIFIER: - default: - secu_PrintAny(out, &policyQualifier->qualifierValue, "Policy Qualifier Data", level+1); - break; - } - - return SECSuccess; - -} - -static SECStatus -secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level) -{ - CERTPolicyQualifier **policyQualifiers; - - policyQualifiers = policyInfo->policyQualifiers; - SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level); - - while (*policyQualifiers != NULL) { - secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1); - policyQualifiers++; - } - return SECSuccess; - -} - -static SECStatus -secu_PrintPolicy(FILE *out, SECItem *value, char *msg, int level) -{ - CERTCertificatePolicies *policies = NULL; - CERTPolicyInfo **policyInfos; - - if (msg) { - SECU_Indent(out, level); - fprintf(out,"%s: \n",msg); - level++; - } - policies = CERT_DecodeCertificatePoliciesExtension(value); - if (policies == NULL) { - SECU_PrintAsHex(out, value, "Invalid Policy Data", level); - return SECFailure; - } - - policyInfos = policies->policyInfos; - while (*policyInfos != NULL) { - secu_PrintPolicyInfo(out,*policyInfos,"",level); - policyInfos++; - } - - CERT_DestroyCertificatePoliciesExtension(policies); - return SECSuccess; -} - -char *nsTypeBits[] = { -"SSL Client","SSL Server","S/MIME","Object Signing","Reserved","SSL CA","S/MIME CA","ObjectSigning CA" }; - -static SECStatus -secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) { - CERTBasicConstraints constraints; - SECStatus rv; - - SECU_Indent(out, level); - if (msg) { - fprintf(out,"%s: ",msg); - } - rv = CERT_DecodeBasicConstraintValue(&constraints,value); - if (rv == SECSuccess && constraints.isCA) { - fprintf(out,"Is a CA with a maximum path length of %d.\n", - constraints.pathLenConstraint); - } else { - fprintf(out,"Is not a CA.\n"); - } - return SECSuccess; -} - -static SECStatus -secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level) { - char NS_Type=0; - int len, i, found=0; - - if (value->data[1] & 0x80) { - len = 3; - } else { - len = value->data[1]; - } - if ((value->data[0] != SEC_ASN1_BIT_STRING) || (len < 2)) { - secu_PrintAny(out, value, "Data", level); - return SECSuccess; - } - NS_Type=value->data[3]; - - - if (msg) { - SECU_Indent(out, level); - fprintf(out,"%s: ",msg); - } else { - SECU_Indent(out, level); - fprintf(out,"Netscape Certificate Type: "); - } - for (i=0; i < 8; i++) { - if ( (0x80 >> i) & NS_Type) { - fprintf(out,"%c%s",found?',':'<',nsTypeBits[i]); - found = 1; - } - } - if (found) { fprintf(out,">\n"); } else { fprintf(out,"none\n"); } - return SECSuccess; -} - -void -SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions, - char *msg, int level) -{ - SECOidTag oidTag; - - if ( extensions ) { - SECU_Indent(out, level); fprintf(out, "%s:\n", msg); - - while ( *extensions ) { - SECItem *tmpitem; - SECU_Indent(out, level+1); fprintf(out, "Name:\n"); - - tmpitem = &(*extensions)->id; - SECU_PrintObjectID(out, tmpitem, NULL, level+2); - - tmpitem = &(*extensions)->critical; - if ( tmpitem->len ) { - secu_PrintBoolean(out, tmpitem, "Critical", level+1); - } - - oidTag = SECOID_FindOIDTag (&((*extensions)->id)); - tmpitem = &((*extensions)->value); - - switch (oidTag) { - case SEC_OID_X509_INVALID_DATE: - case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME: - secu_PrintX509InvalidDate(out, tmpitem, "Date", level + 1); - break; - case SEC_OID_X509_CERTIFICATE_POLICIES: - secu_PrintPolicy(out, tmpitem, "Data", level +1); - break; - case SEC_OID_NS_CERT_EXT_BASE_URL: - case SEC_OID_NS_CERT_EXT_REVOCATION_URL: - case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL: - case SEC_OID_NS_CERT_EXT_CA_CRL_URL: - case SEC_OID_NS_CERT_EXT_CA_CERT_URL: - case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL: - case SEC_OID_NS_CERT_EXT_CA_POLICY_URL: - case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL: - case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL: - case SEC_OID_OCSP_RESPONDER: - SECU_PrintString(out,tmpitem, "URL", level+1); - break; - case SEC_OID_NS_CERT_EXT_COMMENT: - SECU_PrintString(out,tmpitem, "Comment", level+1); - break; - case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME: - SECU_PrintString(out,tmpitem, "ServerName", level+1); - break; - case SEC_OID_NS_CERT_EXT_CERT_TYPE: - secu_PrintNSCertType(out,tmpitem,"Data",level+1); - break; - case SEC_OID_X509_BASIC_CONSTRAINTS: - secu_PrintBasicConstraints(out,tmpitem,"Data",level+1); - break; - case SEC_OID_X509_SUBJECT_ALT_NAME: - case SEC_OID_X509_ISSUER_ALT_NAME: - /* - * We should add at least some of the more interesting cases - * here, but need to have subroutines to back them up. - */ - case SEC_OID_NS_CERT_EXT_NETSCAPE_OK: - case SEC_OID_NS_CERT_EXT_ISSUER_LOGO: - case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO: - case SEC_OID_NS_CERT_EXT_ENTITY_LOGO: - case SEC_OID_NS_CERT_EXT_USER_PICTURE: - case SEC_OID_NS_KEY_USAGE_GOVT_APPROVED: - - /* x.509 v3 Extensions */ - case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR: - case SEC_OID_X509_SUBJECT_KEY_ID: - case SEC_OID_X509_KEY_USAGE: - case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD: - case SEC_OID_X509_NAME_CONSTRAINTS: - case SEC_OID_X509_CRL_DIST_POINTS: - case SEC_OID_X509_POLICY_MAPPINGS: - case SEC_OID_X509_POLICY_CONSTRAINTS: - case SEC_OID_X509_AUTH_KEY_ID: - goto defualt; - case SEC_OID_X509_EXT_KEY_USAGE: - PrintExtKeyUsageExten(out, tmpitem, "", level+1); - break; - case SEC_OID_X509_AUTH_INFO_ACCESS: - - case SEC_OID_X509_CRL_NUMBER: - case SEC_OID_X509_REASON_CODE: - - /* PKIX OIDs */ - case SEC_OID_PKIX_OCSP: - case SEC_OID_PKIX_OCSP_BASIC_RESPONSE: - case SEC_OID_PKIX_OCSP_NONCE: - case SEC_OID_PKIX_OCSP_CRL: - case SEC_OID_PKIX_OCSP_RESPONSE: - case SEC_OID_PKIX_OCSP_NO_CHECK: - case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF: - case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR: - case SEC_OID_PKIX_REGCTRL_REGTOKEN: - case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR: - case SEC_OID_PKIX_REGCTRL_PKIPUBINFO: - case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS: - case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID: - case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY: - case SEC_OID_PKIX_REGINFO_UTF8_PAIRS: - case SEC_OID_PKIX_REGINFO_CERT_REQUEST: - case SEC_OID_EXT_KEY_USAGE_SERVER_AUTH: - case SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH: - case SEC_OID_EXT_KEY_USAGE_CODE_SIGN: - case SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT: - case SEC_OID_EXT_KEY_USAGE_TIME_STAMP: - - default: - defualt: - /*SECU_PrintAsHex(out, tmpitem, "Data", level+1); */ - secu_PrintAny(out, tmpitem, "Data", level+1); - break; - } - - secu_Newline(out); - extensions++; - } - } -} - - -void -SECU_PrintName(FILE *out, CERTName *name, char *msg, int level) -{ - char *str; - - SECU_Indent(out, level); fprintf(out, "%s: ", msg); - - str = CERT_NameToAscii(name); - if (!str) - str = "!Invalid AVA!"; - fprintf(out, str); - - secu_Newline(out); -} - -void -printflags(char *trusts, unsigned int flags) -{ - if (flags & CERTDB_VALID_CA) - if (!(flags & CERTDB_TRUSTED_CA) && - !(flags & CERTDB_TRUSTED_CLIENT_CA)) - PORT_Strcat(trusts, "c"); - if (flags & CERTDB_VALID_PEER) - if (!(flags & CERTDB_TRUSTED)) - PORT_Strcat(trusts, "p"); - if (flags & CERTDB_TRUSTED_CA) - PORT_Strcat(trusts, "C"); - if (flags & CERTDB_TRUSTED_CLIENT_CA) - PORT_Strcat(trusts, "T"); - if (flags & CERTDB_TRUSTED) - PORT_Strcat(trusts, "P"); - if (flags & CERTDB_USER) - PORT_Strcat(trusts, "u"); - if (flags & CERTDB_SEND_WARN) - PORT_Strcat(trusts, "w"); - if (flags & CERTDB_INVISIBLE_CA) - PORT_Strcat(trusts, "I"); - if (flags & CERTDB_GOVT_APPROVED_CA) - PORT_Strcat(trusts, "G"); - return; -} - -/* callback for listing certs through pkcs11 */ -SECStatus -SECU_PrintCertNickname(CERTCertificate *cert, void *data) -{ - CERTCertTrust *trust; - FILE *out; - char trusts[30]; - char *name; - - PORT_Memset (trusts, 0, sizeof (trusts)); - out = (FILE *)data; - - if ( cert->dbEntry ) { - name = cert->dbEntry->nickname; - if ( name == NULL ) { - name = cert->emailAddr; - } - - trust = &cert->dbEntry->trust; - printflags(trusts, trust->sslFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->emailFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->objectSigningFlags); - fprintf(out, "%-60s %-5s\n", name, trusts); - } else { - name = cert->nickname; - if ( name == NULL ) { - name = cert->emailAddr; - } - - trust = cert->trust; - if (trust) { - printflags(trusts, trust->sslFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->emailFlags); - PORT_Strcat(trusts, ","); - printflags(trusts, trust->objectSigningFlags); - } else { - PORT_Memcpy(trusts,",,",3); - } - fprintf(out, "%-60s %-5s\n", name, trusts); - } - - return (SECSuccess); -} - -int -SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = NULL; - CERTCertificateRequest *cr; - int rv; - - /* Decode certificate request */ - cr = (CERTCertificateRequest*) PORT_ZAlloc(sizeof(CERTCertificateRequest)); - if (!cr) - return PORT_GetError(); - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) - return SEC_ERROR_NO_MEMORY; - - rv = SEC_ASN1DecodeItem(arena, cr, - SEC_ASN1_GET(CERT_CertificateRequestTemplate), der); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &cr->version, "Version", level+1); - SECU_PrintName(out, &cr->subject, "Subject", level+1); - rv = secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo, - "Subject Public Key Info", level+1); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - secu_PrintAny(out, cr->attributes[0], "Attributes", level+1); - - PORT_FreeArena(arena, PR_FALSE); - return 0; -} - -int -SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = NULL; - CERTCertificate *c; - int rv; - int iv; - - /* Decode certificate */ - c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate)); - if (!c) - return PORT_GetError(); - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) - return SEC_ERROR_NO_MEMORY; - - rv = SEC_ASN1DecodeItem(arena, c, - SEC_ASN1_GET(CERT_CertificateTemplate), der); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - iv = DER_GetInteger(&c->version); - SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv); - - SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1); - SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1); - SECU_PrintName(out, &c->issuer, "Issuer", level+1); - secu_PrintValidity(out, &c->validity, "Validity", level+1); - SECU_PrintName(out, &c->subject, "Subject", level+1); - rv = secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo, - "Subject Public Key Info", level+1); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1); - - SECU_PrintFingerprints(out, &c->derCert, "Fingerprint", level); - - PORT_FreeArena(arena, PR_FALSE); - return 0; -} - -int -SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = NULL; - SECKEYPublicKey key; - int rv; - - PORT_Memset(&key, 0, sizeof(key)); - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) - return SEC_ERROR_NO_MEMORY; - - rv = SEC_ASN1DecodeItem(arena, &key, - SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - - /* Pretty print it out */ - secu_PrintRSAPublicKey(out, &key, m, level); - - PORT_FreeArena(arena, PR_FALSE); - return 0; -} - -int -SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = NULL; - SECKEYEncryptedPrivateKeyInfo key; - int rv; - - PORT_Memset(&key, 0, sizeof(key)); - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) - return SEC_ERROR_NO_MEMORY; - - rv = SEC_ASN1DecodeItem(arena, &key, - SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der); - if (rv) { - PORT_FreeArena(arena, PR_TRUE); - return rv; - } - - /* Pretty print it out */ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm", - level+1); - SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1); - - PORT_FreeArena(arena, PR_TRUE); - return 0; -} - -int -SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level) -{ - unsigned char fingerprint[20]; - char *fpStr = NULL; - SECItem fpItem; - /* print MD5 fingerprint */ - memset(fingerprint, 0, sizeof fingerprint); - PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len); - fpItem.data = fingerprint; - fpItem.len = MD5_LENGTH; - fpStr = CERT_Hexify(&fpItem, 1); - SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m); - SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr); - PORT_Free(fpStr); - fpStr = NULL; - /* print SHA1 fingerprint */ - memset(fingerprint, 0, sizeof fingerprint); - PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len); - fpItem.data = fingerprint; - fpItem.len = SHA1_LENGTH; - fpStr = CERT_Hexify(&fpItem, 1); - SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m); - SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr); - PORT_Free(fpStr); - fprintf(out, "\n"); - return 0; -} - -/* -** PKCS7 Support -*/ - -/* forward declaration */ -static int -secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int); - -/* -** secu_PrintPKCS7EncContent -** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it) -*/ -static void -secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src, - char *m, int level) -{ - if (src->contentTypeTag == NULL) - src->contentTypeTag = SECOID_FindOID(&(src->contentType)); - - SECU_Indent(out, level); - fprintf(out, "%s:\n", m); - SECU_Indent(out, level + 1); - fprintf(out, "Content Type: %s\n", - (src->contentTypeTag != NULL) ? src->contentTypeTag->desc - : "Unknown"); - SECU_PrintAlgorithmID(out, &(src->contentEncAlg), - "Content Encryption Algorithm", level+1); - SECU_PrintAsHex(out, &(src->encContent), - "Encrypted Content", level+1); -} - -/* -** secu_PrintRecipientInfo -** Prints a PKCS7RecipientInfo type -*/ -static void -secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m, - int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(info->version), "Version", level + 1); - - SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", - level + 1); - SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), - "Serial Number", level + 1); - - /* Parse and display encrypted key */ - SECU_PrintAlgorithmID(out, &(info->keyEncAlg), - "Key Encryption Algorithm", level + 1); - SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1); -} - -/* -** secu_PrintSignerInfo -** Prints a PKCS7SingerInfo type -*/ -static void -secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level) -{ - SEC_PKCS7Attribute *attr; - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(info->version), "Version", level + 1); - - SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer", - level + 1); - SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber), - "Serial Number", level + 1); - - SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm", - level + 1); - - if (info->authAttr != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Authenticated Attributes:\n"); - iv = 0; - while ((attr = info->authAttr[iv++]) != NULL) { - sprintf(om, "Attribute (%d)", iv); - secu_PrintAttribute(out, attr, om, level + 2); - } - } - - /* Parse and display signature */ - SECU_PrintAlgorithmID(out, &(info->digestEncAlg), - "Digest Encryption Algorithm", level + 1); - SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1); - - if (info->unAuthAttr != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Unauthenticated Attributes:\n"); - iv = 0; - while ((attr = info->unAuthAttr[iv++]) != NULL) { - sprintf(om, "Attribute (%x)", iv); - secu_PrintAttribute(out, attr, om, level + 2); - } - } -} - -void -SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level) -{ - CERTCrlEntry *entry; - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm", - level + 1); - SECU_PrintName(out, &(crl->name), "Name", level + 1); - SECU_PrintUTCTime(out, &(crl->lastUpdate), "Last Update", level + 1); - SECU_PrintUTCTime(out, &(crl->nextUpdate), "Next Update", level + 1); - - if (crl->entries != NULL) { - iv = 0; - while ((entry = crl->entries[iv++]) != NULL) { - sprintf(om, "Entry (%x):\n", iv); - SECU_Indent(out, level + 1); fprintf(out, om); - SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number", - level + 2); - SECU_PrintUTCTime(out, &(entry->revocationDate), "Revocation Date", - level + 2); - SECU_PrintExtensions - (out, entry->extensions, "Signed CRL Entries Extensions", level + 1); - } - } - SECU_PrintExtensions - (out, crl->extensions, "Signed CRL Extension", level + 1); -} - -/* -** secu_PrintPKCS7Signed -** Pretty print a PKCS7 signed data type (up to version 1). -*/ -static int -secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src, char *m, int level) -{ - SECAlgorithmID *digAlg; /* digest algorithms */ - SECItem *aCert; /* certificate */ - CERTSignedCrl *aCrl; /* certificate revocation list */ - SEC_PKCS7SignerInfo *sigInfo; /* signer information */ - int rv, iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list digest algorithms (if any) */ - if (src->digestAlgorithms != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n"); - iv = 0; - while ((digAlg = src->digestAlgorithms[iv++]) != NULL) { - sprintf(om, "Digest Algorithm (%x)", iv); - SECU_PrintAlgorithmID(out, digAlg, om, level + 2); - } - } - - /* Now for the content */ - rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo), - "Content Information", level + 1); - if (rv != 0) - return rv; - - /* Parse and list certificates (if any) */ - if (src->rawCerts != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n"); - iv = 0; - while ((aCert = src->rawCerts[iv++]) != NULL) { - sprintf(om, "Certificate (%x)", iv); - rv = SECU_PrintSignedData(out, aCert, om, level + 2, - SECU_PrintCertificate); - if (rv) - return rv; - } - } - - /* Parse and list CRL's (if any) */ - if (src->crls != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signed Revocation Lists:\n"); - iv = 0; - while ((aCrl = src->crls[iv++]) != NULL) { - sprintf(om, "Signed Revocation List (%x)", iv); - SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om); - SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, - "Signature Algorithm", level+3); - DER_ConvertBitString(&aCrl->signatureWrap.signature); - SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature", - level+3); - SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", - level + 3); - } - } - - /* Parse and list signatures (if any) */ - if (src->signerInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signer Information List:\n"); - iv = 0; - while ((sigInfo = src->signerInfos[iv++]) != NULL) { - sprintf(om, "Signer Information (%x)", iv); - secu_PrintSignerInfo(out, sigInfo, om, level + 2); - } - } - - return 0; -} - -/* -** secu_PrintPKCS7Enveloped -** Pretty print a PKCS7 enveloped data type (up to version 1). -*/ -static void -secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src, - char *m, int level) -{ - SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */ - int iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list recipients (this is not optional) */ - if (src->recipientInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Recipient Information List:\n"); - iv = 0; - while ((recInfo = src->recipientInfos[iv++]) != NULL) { - sprintf(om, "Recipient Information (%x)", iv); - secu_PrintRecipientInfo(out, recInfo, om, level + 2); - } - } - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); -} - -/* -** secu_PrintPKCS7SignedEnveloped -** Pretty print a PKCS7 singed and enveloped data type (up to version 1). -*/ -static int -secu_PrintPKCS7SignedAndEnveloped(FILE *out, - SEC_PKCS7SignedAndEnvelopedData *src, - char *m, int level) -{ - SECAlgorithmID *digAlg; /* pointer for digest algorithms */ - SECItem *aCert; /* pointer for certificate */ - CERTSignedCrl *aCrl; /* pointer for certificate revocation list */ - SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */ - SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */ - int rv, iv; - char om[100]; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - /* Parse and list recipients (this is not optional) */ - if (src->recipientInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Recipient Information List:\n"); - iv = 0; - while ((recInfo = src->recipientInfos[iv++]) != NULL) { - sprintf(om, "Recipient Information (%x)", iv); - secu_PrintRecipientInfo(out, recInfo, om, level + 2); - } - } - - /* Parse and list digest algorithms (if any) */ - if (src->digestAlgorithms != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n"); - iv = 0; - while ((digAlg = src->digestAlgorithms[iv++]) != NULL) { - sprintf(om, "Digest Algorithm (%x)", iv); - SECU_PrintAlgorithmID(out, digAlg, om, level + 2); - } - } - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); - - /* Parse and list certificates (if any) */ - if (src->rawCerts != NULL) { - SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n"); - iv = 0; - while ((aCert = src->rawCerts[iv++]) != NULL) { - sprintf(om, "Certificate (%x)", iv); - rv = SECU_PrintSignedData(out, aCert, om, level + 2, - SECU_PrintCertificate); - if (rv) - return rv; - } - } - - /* Parse and list CRL's (if any) */ - if (src->crls != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signed Revocation Lists:\n"); - iv = 0; - while ((aCrl = src->crls[iv++]) != NULL) { - sprintf(om, "Signed Revocation List (%x)", iv); - SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om); - SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm, - "Signature Algorithm", level+3); - DER_ConvertBitString(&aCrl->signatureWrap.signature); - SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature", - level+3); - SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List", - level + 3); - } - } - - /* Parse and list signatures (if any) */ - if (src->signerInfos != NULL) { - SECU_Indent(out, level + 1); - fprintf(out, "Signer Information List:\n"); - iv = 0; - while ((sigInfo = src->signerInfos[iv++]) != NULL) { - sprintf(om, "Signer Information (%x)", iv); - secu_PrintSignerInfo(out, sigInfo, om, level + 2); - } - } - - return 0; -} - -int -SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level) -{ - PRArenaPool *arena = NULL; - CERTCrl *c = NULL; - int rv; - - do { - /* Decode CRL */ - c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl)); - if (!c) { - rv = PORT_GetError(); - break; - } - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) { - rv = SEC_ERROR_NO_MEMORY; - break; - } - - rv = SEC_ASN1DecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der); - if (rv != SECSuccess) - break; - SECU_PrintCRLInfo (out, c, m, level); - } while (0); - PORT_FreeArena (arena, PR_FALSE); - PORT_Free (c); - return (rv); -} - - -/* -** secu_PrintPKCS7Encrypted -** Pretty print a PKCS7 encrypted data type (up to version 1). -*/ -static void -secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src, - char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - secu_PrintPKCS7EncContent(out, &src->encContentInfo, - "Encrypted Content Information", level + 1); -} - -/* -** secu_PrintPKCS7Digested -** Pretty print a PKCS7 digested data type (up to version 1). -*/ -static void -secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src, - char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_PrintInteger(out, &(src->version), "Version", level + 1); - - SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm", - level + 1); - secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information", - level + 1); - SECU_PrintAsHex(out, &src->digest, "Digest", level + 1); -} - -/* -** secu_PrintPKCS7ContentInfo -** Takes a SEC_PKCS7ContentInfo type and sends the contents to the -** appropriate function -*/ -static int -secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src, - char *m, int level) -{ - char *desc; - SECOidTag kind; - int rv; - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - level++; - - if (src->contentTypeTag == NULL) - src->contentTypeTag = SECOID_FindOID(&(src->contentType)); - - if (src->contentTypeTag == NULL) { - desc = "Unknown"; - kind = SEC_OID_PKCS7_DATA; - } else { - desc = src->contentTypeTag->desc; - kind = src->contentTypeTag->offset; - } - - if (src->content.data == NULL) { - SECU_Indent(out, level); fprintf(out, "%s:\n", desc); - level++; - SECU_Indent(out, level); fprintf(out, "\n"); - return 0; - } - - rv = 0; - switch (kind) { - case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */ - rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level); - break; - - case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */ - secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level); - break; - - case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */ - rv = secu_PrintPKCS7SignedAndEnveloped(out, - src->content.signedAndEnvelopedData, - desc, level); - break; - - case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */ - secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level); - break; - - case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */ - secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level); - break; - - default: - SECU_PrintAsHex(out, src->content.data, desc, level); - break; - } - - return rv; -} - -/* -** SECU_PrintPKCS7ContentInfo -** Decode and print any major PKCS7 data type (up to version 1). -*/ -int -SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level) -{ - SEC_PKCS7ContentInfo *cinfo; - int rv; - - cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL); - if (cinfo != NULL) { - /* Send it to recursive parsing and printing module */ - rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level); - SEC_PKCS7DestroyContentInfo(cinfo); - } else { - rv = -1; - } - - return rv; -} - -/* -** End of PKCS7 functions -*/ - -void -printFlags(FILE *out, unsigned int flags, int level) -{ - if ( flags & CERTDB_VALID_PEER ) { - SECU_Indent(out, level); fprintf(out, "Valid Peer\n"); - } - if ( flags & CERTDB_TRUSTED ) { - SECU_Indent(out, level); fprintf(out, "Trusted\n"); - } - if ( flags & CERTDB_SEND_WARN ) { - SECU_Indent(out, level); fprintf(out, "Warn When Sending\n"); - } - if ( flags & CERTDB_VALID_CA ) { - SECU_Indent(out, level); fprintf(out, "Valid CA\n"); - } - if ( flags & CERTDB_TRUSTED_CA ) { - SECU_Indent(out, level); fprintf(out, "Trusted CA\n"); - } - if ( flags & CERTDB_NS_TRUSTED_CA ) { - SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n"); - } - if ( flags & CERTDB_USER ) { - SECU_Indent(out, level); fprintf(out, "User\n"); - } - if ( flags & CERTDB_TRUSTED_CLIENT_CA ) { - SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n"); - } -#ifdef DEBUG - if ( flags & CERTDB_GOVT_APPROVED_CA ) { - SECU_Indent(out, level); fprintf(out, "Step-up\n"); - } -#endif /* DEBUG */ -} - -void -SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level) -{ - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n"); - printFlags(out, trust->sslFlags, level+2); - SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n"); - printFlags(out, trust->emailFlags, level+2); - SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n"); - printFlags(out, trust->objectSigningFlags, level+2); -} - -int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, - int level, SECU_PPFunc inner) -{ - PRArenaPool *arena = NULL; - CERTSignedData *sd; - int rv; - - /* Strip off the signature */ - sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData)); - if (!sd) - return PORT_GetError(); - - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - if (!arena) - return SEC_ERROR_NO_MEMORY; - - rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate), - der); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - - SECU_Indent(out, level); fprintf(out, "%s:\n", m); - rv = (*inner)(out, &sd->data, "Data", level+1); - if (rv) { - PORT_FreeArena(arena, PR_FALSE); - return rv; - } - - SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm", - level+1); - DER_ConvertBitString(&sd->signature); - SECU_PrintAsHex(out, &sd->signature, "Signature", level+1); - - PORT_FreeArena(arena, PR_FALSE); - return 0; - -} - - -#ifdef AIX -int _OS_SELECT (int nfds, void *readfds, void *writefds, - void *exceptfds, struct timeval *timeout) { - return select (nfds,readfds,writefds,exceptfds,timeout); -} -#endif - -SECItem * -SECU_GetPBEPassword(void *arg) -{ - char *p = NULL; - SECItem *pwitem = NULL; - - p = SECU_GetPasswordString(arg,"Password: "); - - /* NOTE: This function is obviously unfinished. */ - - if ( pwitem == NULL ) { - fprintf(stderr, "Error hashing password\n"); - return NULL; - } - - return pwitem; -} - -SECStatus -SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd) -{ - PRBool found; - PLOptState *optstate; - PLOptStatus status; - char *optstring; - int i, j; - - optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions); - j = 0; - - for (i=0; inumCommands; i++) { - optstring[j++] = cmd->commands[i].flag; - } - for (i=0; inumOptions; i++) { - optstring[j++] = cmd->options[i].flag; - if (cmd->options[i].needsArg) - optstring[j++] = ':'; - } - optstring[j] = '\0'; - optstate = PL_CreateOptState(argc, argv, optstring); - - /* Parse command line arguments */ - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - - /* Wasn't really an option, just standalone arg. */ - if (optstate->option == '\0') - continue; - - found = PR_FALSE; - - for (i=0; inumCommands; i++) { - if (cmd->commands[i].flag == optstate->option) { - cmd->commands[i].activated = PR_TRUE; - if (optstate->value) { - cmd->commands[i].arg = (char *)optstate->value; - } - found = PR_TRUE; - break; - } - } - - if (found) - continue; - - for (i=0; inumOptions; i++) { - if (cmd->options[i].flag == optstate->option) { - cmd->options[i].activated = PR_TRUE; - if (optstate->value) { - cmd->options[i].arg = (char *)optstate->value; - } - found = PR_TRUE; - break; - } - } - - if (!found) - return SECFailure; - } - if (status == PL_OPT_BAD) - return SECFailure; - return SECSuccess; -} - -char * -SECU_GetOptionArg(secuCommand *cmd, int optionNum) -{ - if (optionNum < 0 || optionNum >= cmd->numOptions) - return NULL; - if (cmd->options[optionNum].activated) - return PL_strdup(cmd->options[optionNum].arg); - else - return NULL; -} - -static char SECUErrorBuf[64]; - -char * -SECU_ErrorStringRaw(int16 err) -{ - if (err == 0) - sprintf(SECUErrorBuf, ""); - else if (err == SEC_ERROR_BAD_DATA) - sprintf(SECUErrorBuf, "Bad data"); - else if (err == SEC_ERROR_BAD_DATABASE) - sprintf(SECUErrorBuf, "Problem with database"); - else if (err == SEC_ERROR_BAD_DER) - sprintf(SECUErrorBuf, "Problem with DER"); - else if (err == SEC_ERROR_BAD_KEY) - sprintf(SECUErrorBuf, "Problem with key"); - else if (err == SEC_ERROR_BAD_PASSWORD) - sprintf(SECUErrorBuf, "Incorrect password"); - else if (err == SEC_ERROR_BAD_SIGNATURE) - sprintf(SECUErrorBuf, "Bad signature"); - else if (err == SEC_ERROR_EXPIRED_CERTIFICATE) - sprintf(SECUErrorBuf, "Expired certificate"); - else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID) - sprintf(SECUErrorBuf, "Invalid extension value"); - else if (err == SEC_ERROR_INPUT_LEN) - sprintf(SECUErrorBuf, "Problem with input length"); - else if (err == SEC_ERROR_INVALID_ALGORITHM) - sprintf(SECUErrorBuf, "Invalid algorithm"); - else if (err == SEC_ERROR_INVALID_ARGS) - sprintf(SECUErrorBuf, "Invalid arguments"); - else if (err == SEC_ERROR_INVALID_AVA) - sprintf(SECUErrorBuf, "Invalid AVA"); - else if (err == SEC_ERROR_INVALID_TIME) - sprintf(SECUErrorBuf, "Invalid time"); - else if (err == SEC_ERROR_IO) - sprintf(SECUErrorBuf, "Security I/O error"); - else if (err == SEC_ERROR_LIBRARY_FAILURE) - sprintf(SECUErrorBuf, "Library failure"); - else if (err == SEC_ERROR_NO_MEMORY) - sprintf(SECUErrorBuf, "Out of memory"); - else if (err == SEC_ERROR_OLD_CRL) - sprintf(SECUErrorBuf, "CRL is older than the current one"); - else if (err == SEC_ERROR_OUTPUT_LEN) - sprintf(SECUErrorBuf, "Problem with output length"); - else if (err == SEC_ERROR_UNKNOWN_ISSUER) - sprintf(SECUErrorBuf, "Unknown issuer"); - else if (err == SEC_ERROR_UNTRUSTED_CERT) - sprintf(SECUErrorBuf, "Untrusted certificate"); - else if (err == SEC_ERROR_UNTRUSTED_ISSUER) - sprintf(SECUErrorBuf, "Untrusted issuer"); - else if (err == SSL_ERROR_BAD_CERTIFICATE) - sprintf(SECUErrorBuf, "Bad certificate"); - else if (err == SSL_ERROR_BAD_CLIENT) - sprintf(SECUErrorBuf, "Bad client"); - else if (err == SSL_ERROR_BAD_SERVER) - sprintf(SECUErrorBuf, "Bad server"); - else if (err == SSL_ERROR_EXPORT_ONLY_SERVER) - sprintf(SECUErrorBuf, "Export only server"); - else if (err == SSL_ERROR_NO_CERTIFICATE) - sprintf(SECUErrorBuf, "No certificate"); - else if (err == SSL_ERROR_NO_CYPHER_OVERLAP) - sprintf(SECUErrorBuf, "No cypher overlap"); - else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE) - sprintf(SECUErrorBuf, "Unsupported certificate type"); - else if (err == SSL_ERROR_UNSUPPORTED_VERSION) - sprintf(SECUErrorBuf, "Unsupported version"); - else if (err == SSL_ERROR_US_ONLY_SERVER) - sprintf(SECUErrorBuf, "U.S. only server"); - else if (err == PR_IO_ERROR) - sprintf(SECUErrorBuf, "I/O error"); - - else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE) - sprintf (SECUErrorBuf, "Expired Issuer Certificate"); - else if (err == SEC_ERROR_REVOKED_CERTIFICATE) - sprintf (SECUErrorBuf, "Revoked certificate"); - else if (err == SEC_ERROR_NO_KEY) - sprintf (SECUErrorBuf, "No private key in database for this cert"); - else if (err == SEC_ERROR_CERT_NOT_VALID) - sprintf (SECUErrorBuf, "Certificate is not valid"); - else if (err == SEC_ERROR_EXTENSION_NOT_FOUND) - sprintf (SECUErrorBuf, "Certificate extension was not found"); - else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID) - sprintf (SECUErrorBuf, "Certificate extension value invalid"); - else if (err == SEC_ERROR_CA_CERT_INVALID) - sprintf (SECUErrorBuf, "Issuer certificate is invalid"); - else if (err == SEC_ERROR_CERT_USAGES_INVALID) - sprintf (SECUErrorBuf, "Certificate usages is invalid"); - else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION) - sprintf (SECUErrorBuf, "Certificate has unknown critical extension"); - else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE) - sprintf (SECUErrorBuf, "Bad PKCS7 signature"); - else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE) - sprintf (SECUErrorBuf, "Certificate not approved for this operation"); - else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE) - sprintf (SECUErrorBuf, "Certificate not approved for this operation"); - - return SECUErrorBuf; -} - -char * -SECU_ErrorString(int16 err) -{ - char *error_string; - - *SECUErrorBuf = 0; - SECU_ErrorStringRaw (err); - - if (*SECUErrorBuf == 0) { - error_string = SECU_GetString(err); - if (error_string == NULL || *error_string == '\0') - sprintf(SECUErrorBuf, "No error string found for %d.", err); - else - return error_string; - } - - return SECUErrorBuf; -} - - -void -SECU_PrintPRandOSError(char *progName) -{ - char buffer[513]; - PRErrorCode err = PR_GetError(); - PRInt32 errLen = PR_GetErrorTextLength(); - if (errLen > 0 && errLen < sizeof buffer) { - PR_GetErrorText(buffer); - } - SECU_PrintError(progName, "NSS_Initialize failed"); - if (errLen > 0 && errLen < sizeof buffer) { - PR_fprintf(PR_STDERR, "\t%s\n", buffer); - } -} diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h deleted file mode 100644 index b42d457bb..000000000 --- a/security/nss/cmd/lib/secutil.h +++ /dev/null @@ -1,356 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#ifndef _SEC_UTIL_H_ -#define _SEC_UTIL_H_ - -#include "seccomon.h" -#include "secitem.h" -#include "prerror.h" -#include "base64.h" -#include "key.h" -#include "secpkcs7.h" -#include "secasn1.h" -#include "secder.h" -#include - -#define SEC_CT_PRIVATE_KEY "private-key" -#define SEC_CT_PUBLIC_KEY "public-key" -#define SEC_CT_CERTIFICATE "certificate" -#define SEC_CT_CERTIFICATE_REQUEST "certificate-request" -#define SEC_CT_PKCS7 "pkcs7" -#define SEC_CT_CRL "crl" - -#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----" -#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----" - -#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----" -#define NS_CERT_TRAILER "-----END CERTIFICATE-----" - -/* From libsec/pcertdb.c --- it's not declared in sec.h */ -extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle, - SECItem *derCert, char *nickname, CERTCertTrust *trust); - - -#ifdef SECUTIL_NEW -typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item, - char *msg, int level); -#else -typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level); -#endif - -typedef struct { - enum { - PW_NONE = 0, - PW_FROMFILE = 1, - PW_PLAINTEXT = 2 - } source; - char *data; -} secuPWData; - -/* -** Change a password on a token, or initialize a token with a password -** if it does not already have one. -** Use passwd to send the password in plaintext, pwFile to specify a -** file containing the password, or NULL for both to prompt the user. -*/ -SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile); - -/* These were stolen from the old sec.h... */ -/* -** Check a password for legitimacy. Passwords must be at least 8 -** characters long and contain one non-alphabetic. Return DSTrue if the -** password is ok, DSFalse otherwise. -*/ -extern PRBool SEC_CheckPassword(char *password); - -/* -** Blind check of a password. Complement to SEC_CheckPassword which -** ignores length and content type, just retuning DSTrue is the password -** exists, DSFalse if NULL -*/ -extern PRBool SEC_BlindCheckPassword(char *password); - -/* -** Get a password. -** First prompt with "msg" on "out", then read the password from "in". -** The password is then checked using "chkpw". -*/ -extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg, - PRBool (*chkpw)(char *)); - -char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg); - -char *SECU_GetPasswordString(void *arg, char *prompt); - -/* -** Write a dongle password. -** Uses MD5 to hash constant system data (hostname, etc.), and then -** creates RC4 key to encrypt a password "pw" into a file "fd". -*/ -extern SECStatus SEC_WriteDongleFile(int fd, char *pw); - -/* -** Get a dongle password. -** Uses MD5 to hash constant system data (hostname, etc.), and then -** creates RC4 key to decrypt and return a password from file "fd". -*/ -extern char *SEC_ReadDongleFile(int fd); - - -/* End stolen headers */ - - -/* Get the Key ID (modulus) from the cert with the given nickname. */ -extern SECItem * SECU_GetKeyIDFromNickname(char *name); - -/* Change the key db password in the database */ -extern SECStatus SECU_ChangeKeyDBPassword(SECKEYKeyDBHandle *kdbh); - -/* Check if a key name exists. Return PR_TRUE if true, PR_FALSE if not */ -extern PRBool SECU_CheckKeyNameExists(SECKEYKeyDBHandle *handle, char *nickname); - -/* Find a key by a nickname. Calls SECKEY_FindKeyByName */ -extern SECKEYLowPrivateKey *SECU_GetPrivateKey(SECKEYKeyDBHandle *kdbh, char *nickname); - -/* Get key encrypted with dongle file in "pathname" */ -extern SECKEYLowPrivateKey *SECU_GetPrivateDongleKey(SECKEYKeyDBHandle *handle, - char *nickname, char *pathname); - -extern SECItem *SECU_GetPassword(void *arg, SECKEYKeyDBHandle *handle); - -/* Just sticks the two strings together with a / if needed */ -char *SECU_AppendFilenameToDir(char *dir, char *filename); - -/* Returns result of getenv("SSL_DIR") or NULL */ -extern char *SECU_DefaultSSLDir(void); - -/* -** Should be called once during initialization to set the default -** directory for looking for cert.db, key.db, and cert-nameidx.db files -** Removes trailing '/' in 'base' -** If 'base' is NULL, defaults to set to .netscape in home directory. -*/ -extern char *SECU_ConfigDirectory(const char* base); - - -extern char *SECU_CertDBNameCallback(void *arg, int dbVersion); -extern char *SECU_KeyDBNameCallback(void *arg, int dbVersion); - -extern SECKEYPrivateKey *SECU_FindPrivateKeyFromNickname(char *name); -extern SECKEYLowPrivateKey *SECU_FindLowPrivateKeyFromNickname(char *name); -extern SECStatus SECU_DeleteKeyByName(SECKEYKeyDBHandle *handle, char *nickname); - -extern SECKEYKeyDBHandle *SECU_OpenKeyDB(PRBool readOnly); -extern CERTCertDBHandle *SECU_OpenCertDB(PRBool readOnly); - -/* -** Basic callback function for SSL_GetClientAuthDataHook -*/ -extern int -SECU_GetClientAuthData(void *arg, PRFileDesc *fd, - struct CERTDistNamesStr *caNames, - struct CERTCertificateStr **pRetCert, - struct SECKEYPrivateKeyStr **pRetKey); - -/* print out an error message */ -extern void SECU_PrintError(char *progName, char *msg, ...); - -/* print out a system error message */ -extern void SECU_PrintSystemError(char *progName, char *msg, ...); - -/* Return informative error string */ -extern const char * SECU_Strerror(PRErrorCode errNum); - -/* Read the contents of a file into a SECItem */ -extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src); -extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src); - -/* Read in a DER from a file, may be ascii */ -extern SECStatus -SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii); - -/* Indent based on "level" */ -extern void SECU_Indent(FILE *out, int level); - -/* Print integer value and hex */ -extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level); - -/* Print ObjectIdentifier symbolically */ -extern void SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level); - -/* Print AlgorithmIdentifier symbolically */ -extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, - int level); - -/* Print SECItem as hex */ -extern void SECU_PrintAsHex(FILE *out, SECItem *i, char *m, int level); - -/* dump a buffer in hex and ASCII */ -extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len); - -/* - * Format and print the UTC Time "t". If the tag message "m" is not NULL, - * do indent formatting based on "level" and add a newline afterward; - * otherwise just print the formatted time string only. - */ -extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level); - -/* - * Format and print the Generalized Time "t". If the tag message "m" - * is not NULL, * do indent formatting based on "level" and add a newline - * afterward; otherwise just print the formatted time string only. - */ -extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, - int level); - -/* Dump all key nicknames */ -extern int SECU_PrintKeyNames(SECKEYKeyDBHandle *handle, FILE *out); - -/* callback for listing certs through pkcs11 */ -extern SECStatus SECU_PrintCertNickname(CERTCertificate *cert, void *data); - -/* Dump all certificate nicknames in a database */ -extern SECStatus -SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out, - PRBool sortByName, PRBool sortByTrust); - -/* See if nickname already in database. Return 1 true, 0 false, -1 error */ -int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname); - -/* Dump contents of cert req */ -extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, - int level); - -/* Dump contents of certificate */ -extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level); - -/* print trust flags on a cert */ -extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level); - -/* Dump contents of public key */ -extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level); - -/* Dump contents of private key */ -extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level); - -/* Print the MD5 and SHA1 fingerprints of a cert */ -extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, - int level); - -/* Pretty-print any PKCS7 thing */ -extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, - int level); - -/* Init PKCS11 stuff */ -extern SECStatus SECU_PKCS11Init(PRBool readOnly); - -/* Dump contents of signed data */ -extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level, - SECU_PPFunc inner); - -extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level); - -extern void -SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level); - -extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions, - char *msg, int level); - -extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level); - -/* Convert a High public Key to a Low public Key */ -extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey); - -extern SECItem *SECU_GetPBEPassword(void *arg); - -extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg); - -extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw); -extern void SEC_Init(void); - -extern char *SECU_SECModDBName(void); - -extern void SECU_PrintPRandOSError(char *progName); - -/* - * - * Utilities for parsing security tools command lines - * - */ - -/* A single command flag */ -typedef struct { - char flag; - PRBool needsArg; - char *arg; - PRBool activated; -} secuCommandFlag; - -/* A full array of command/option flags */ -typedef struct -{ - int numCommands; - int numOptions; - - secuCommandFlag *commands; - secuCommandFlag *options; -} secuCommand; - -/* fill the "arg" and "activated" fields for each flag */ -SECStatus -SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd); -char * -SECU_GetOptionArg(secuCommand *cmd, int optionNum); - -/* - * - * Error messaging - * - */ - -/* Return informative error string */ -char *SECU_ErrorString(int16 err); - -/* Return informative error string. Does not call XP_GetString */ -char *SECU_ErrorStringRaw(int16 err); - -void printflags(char *trusts, unsigned int flags); - -#ifndef XP_UNIX -extern int ffs(unsigned int i); -#endif - -#include "secerr.h" -#include "sslerr.h" - -#endif /* _SEC_UTIL_H_ */ diff --git a/security/nss/cmd/lib/sslstubs.c b/security/nss/cmd/lib/sslstubs.c deleted file mode 100644 index a7ceda64a..000000000 --- a/security/nss/cmd/lib/sslstubs.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secport.h" /* for UUID */ -#ifdef XP_WIN -#include -#endif - -#ifndef NOT_NULL -char *NOT_NULL(const char *x) -{ - return((char *) x); -} -#endif - -/* Override the macro definition in xpassert.h if necessary. */ -#ifdef XP_AssertAtLine -#undef XP_AssertAtLine -#endif - -void XP_AssertAtLine(char *pFileName, int iLine) -{ - abort(); -} - -void FE_Trace(const char *msg) -{ - fputs(msg, stderr); -} - -#ifdef XP_WIN -RPC_STATUS __stdcall UuidCreate(UUID *Uuid) -{ - return 0; -} - -void FEU_StayingAlive(void) -{ -} - -int dupsocket(int sock) -{ - return dup(sock); -} -#endif diff --git a/security/nss/cmd/lib/strerror.c b/security/nss/cmd/lib/strerror.c deleted file mode 100644 index 32af63603..000000000 --- a/security/nss/cmd/lib/strerror.c +++ /dev/null @@ -1,127 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secutil.h" - -#if defined(XP_UNIX) -#include -#endif - -#if defined(XP_WIN) -#include -#include -#define EWOULDBLOCK WSAEWOULDBLOCK -#endif - -#include -#include - -static char *(mcom_include_merrors_i_strings)(int16 i) ; -static char *(mcom_include_secerr_i_strings)(int16 i) ; -static char *(mcom_include_sslerr_i_strings)(int16 i) ; -static char *(mcom_include_xp_error_i_strings)(int16 i) ; -static char *(mcom_include_xp_msg_i_strings)(int16 i) ; - - -#ifdef XP_WIN - -#define EWOULDBLOCK WSAEWOULDBLOCK -#define EINPROGRESS WSAEINPROGRESS -#define EALREADY WSAEALREADY -#define ENOTSOCK WSAENOTSOCK -#define EDESTADDRREQ WSAEDESTADDRREQ -#define EMSGSIZE WSAEMSGSIZE -#define EPROTOTYPE WSAEPROTOTYPE -#define ENOPROTOOPT WSAENOPROTOOPT -#define EPROTONOSUPPORT WSAEPROTONOSUPPORT -#define ESOCKTNOSUPPORT WSAESOCKTNOSUPPORT -#define EOPNOTSUPP WSAEOPNOTSUPP -#define EPFNOSUPPORT WSAEPFNOSUPPORT -#define EAFNOSUPPORT WSAEAFNOSUPPORT -#define EADDRINUSE WSAEADDRINUSE -#define EADDRNOTAVAIL WSAEADDRNOTAVAIL -#define ENETDOWN WSAENETDOWN -#define ENETUNREACH WSAENETUNREACH -#define ENETRESET WSAENETRESET -#define ECONNABORTED WSAECONNABORTED -#define ECONNRESET WSAECONNRESET -#define ENOBUFS WSAENOBUFS -#define EISCONN WSAEISCONN -#define ENOTCONN WSAENOTCONN -#define ESHUTDOWN WSAESHUTDOWN -#define ETOOMANYREFS WSAETOOMANYREFS -#define ETIMEDOUT WSAETIMEDOUT -#define ECONNREFUSED WSAECONNREFUSED -#define ELOOP WSAELOOP -#define EHOSTDOWN WSAEHOSTDOWN -#define EHOSTUNREACH WSAEHOSTUNREACH -#define EPROCLIM WSAEPROCLIM -#define EUSERS WSAEUSERS -#define EDQUOT WSAEDQUOT -#define ESTALE WSAESTALE -#define EREMOTE WSAEREMOTE - -#endif - -#undef XP_WIN -#undef XP_UNIX -#undef RESOURCE_STR_X -#undef RESOURCE_STR - -#define XP_UNIX 1 -#define RESOURCE_STR 1 - -#include "allxpstr.h" - -const char * -SECU_Strerror(int error) -{ - char * errString; - int16 err = error + RES_OFFSET; - - errString = mcom_include_merrors_i_strings(err) ; - if (!errString) - errString = mcom_include_secerr_i_strings(err) ; - if (!errString) - errString = mcom_include_sslerr_i_strings(err) ; - if (!errString) - errString = mcom_include_xp_error_i_strings(err) ; - if (!errString) - errString = mcom_include_xp_msg_i_strings(err) ; - if (!errString) - errString = "ERROR NOT FOUND! \n"; - -/* printf( "%s\n", errString); */ - - return (const char *)errString; -} - diff --git a/security/nss/cmd/lib/stubs.c b/security/nss/cmd/lib/stubs.c deleted file mode 100644 index 6dfafcb66..000000000 --- a/security/nss/cmd/lib/stubs.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ -#include "secport.h" /* for UUID */ - -#if !defined(SUNOS) && !defined(SUN) && !defined(SOLARIS) -void SSL_InitHashLock (void) - { - } - -void SSL3_Init (void) - { - } -#endif - -int -PREF_GetCharPref(const char *pref_name, char * return_buffer, int * length) -{ - assert(0); - return -1; -} diff --git a/security/nss/cmd/makefile.inc b/security/nss/cmd/makefile.inc deleted file mode 100644 index 029576e7c..000000000 --- a/security/nss/cmd/makefile.inc +++ /dev/null @@ -1,84 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -INCLUDES += \ - -I$(DEPTH)/security/lib/cert \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - -I../include \ - $(NULL) - - -# For the time being, sec stuff is export only -# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION - -US_FLAGS = -DEXPORT_VERSION -EXPORT_FLAGS = -DEXPORT_VERSION - -BASE_LIBS = \ - $(DIST)/lib/libdbm.a \ - $(DIST)/lib/libxp.a \ - $(DIST)/lib/libnspr21.a \ - $(NULL) - - -#There is a circular dependancy in security/lib, and here is a gross fix -SEC_LIBS = \ - $(DIST)/lib/libsecnav.a \ - $(DIST)/lib/libssl.a \ - $(DIST)/lib/libpkcs7.a \ - $(DIST)/lib/libcert.a \ - $(DIST)/lib/libkey.a \ - $(DIST)/lib/libsecmod.a \ - $(DIST)/lib/libcrypto.a \ - $(DIST)/lib/libsecutil.a \ - $(DIST)/lib/libssl.a \ - $(DIST)/lib/libpkcs7.a \ - $(DIST)/lib/libcert.a \ - $(DIST)/lib/libkey.a \ - $(DIST)/lib/libsecmod.a \ - $(DIST)/lib/libcrypto.a \ - $(DIST)/lib/libsecutil.a \ - $(DIST)/lib/libhash.a \ - $(NULL) - -MYLIBDIR= ../lib/$(OBJDIR) -MYLIB = $(MYLIBDIR)/libsectool.a - -US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) -EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS) - -# this hack is necessary because rules.mk doesn't put anything like $(LIBS) -# on the link command line (!?!?!?!) -LDFLAGS += $(EX_LIBS) - diff --git a/security/nss/cmd/makefile.win b/security/nss/cmd/makefile.win deleted file mode 100644 index 5e506590b..000000000 --- a/security/nss/cmd/makefile.win +++ /dev/null @@ -1,48 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -include <$(DEPTH)\config\config.mak> - -include <$(DEPTH)\config\rules.mak> - -objs: $(OBJS) - -programs: $(PROGRAM) - -syms: - @echo "OBJS is $(OBJS)" - @echo "INCS is $(INCS)" - diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile deleted file mode 100644 index 36bf774fb..000000000 --- a/security/nss/cmd/makepqg/Makefile +++ /dev/null @@ -1,77 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - - diff --git a/security/nss/cmd/makepqg/makefile.win b/security/nss/cmd/makepqg/makefile.win deleted file mode 100644 index 462448d73..000000000 --- a/security/nss/cmd/makepqg/makefile.win +++ /dev/null @@ -1,156 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -VERBOSE = 1 -include - -PROGRAM = makepqg -PROGRAM = $(OBJDIR)\$(PROGRAM).exe - -include <$(DEPTH)\config\config.mak> - - -# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/ -# rules.mak will append C_OBJS onto OBJS. -# OBJS = $(CSRCS:.c=.obj) - -# include files are looked for in $LINCS and $INCS. -# $LINCS is in manifest.mnw, computed from REQUIRES= -INCS = $(INCS) \ - -I$(DEPTH)/security/lib/cert \ - -I$(DEPTH)/security/lib/crypto \ - -I../include \ - $(NULL) - -IGNORE_ME = \ - -I$(DEPTH)/security/lib/key \ - -I$(DEPTH)/security/lib/util \ - - -WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg - -# these files are the content of libdbm -DBM_LIB = \ - $(WINFE)/DB.obj \ - $(WINFE)/HASH.obj \ - $(WINFE)/H_BIGKEY.obj \ - $(WINFE)/H_PAGE.obj \ - $(WINFE)/H_LOG2.obj \ - $(WINFE)/H_FUNC.obj \ - $(WINFE)/HASH_BUF.obj \ - $(NULL) - -MOZ_LIBS = \ - $(WINFE)/ALLXPSTR.obj \ - $(WINFE)/XP_ERROR.obj \ - $(WINFE)/XPASSERT.obj \ - $(WINFE)/XP_REG.obj \ - $(WINFE)/XP_TRACE.obj \ - $(DBM_LIB) \ - $(WINFE)/XP_STR.obj \ - $(WINFE)/MKTEMP.obj \ - $(NULL) - -SEC_LIBS = \ - $(DIST)/lib/cert$(MOZ_BITS).lib \ - $(DIST)/lib/crypto$(MOZ_BITS).lib \ - $(DIST)/lib/hash$(MOZ_BITS).lib \ - $(DIST)/lib/key$(MOZ_BITS).lib \ - $(DIST)/lib/pkcs7$(MOZ_BITS).lib \ - $(DIST)/lib/secmod$(MOZ_BITS).lib \ - $(DIST)/lib/secutl$(MOZ_BITS).lib \ - $(DIST)/lib/ssl$(MOZ_BITS).lib \ - $(NULL) - -LLFLAGS = $(LLFLAGS) \ - ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \ - $(SEC_LIBS) \ - $(MOZ_LIBS) \ - $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \ - $(LIBNSPR) \ - $(NULL) - - -# awt3240.lib # brpref32.lib # cert32.lib -# crypto32.lib # dllcom.lib # editor32.lib -# edpref32.lib # edtplug.lib # font.lib -# hash32.lib # htmldg32.lib # img32.lib -# javart32.lib # jbn3240.lib # jdb3240.lib -# jmc.lib # jpeg3240.lib # jpw3240.lib -# jrt3240.lib # js3240.lib # jsd3240.lib -# key32.lib # libapplet32.lib # libnjs32.lib -# libnsc32.lib # libreg32.lib # mm3240.lib -# mnpref32.lib # netcst32.lib # nsdlg32.lib -# nsldap32.lib # nsldaps32.lib # nsn32.lib -# pkcs1232.lib # pkcs732.lib # pr3240.lib -# prefui32.lib # prefuuid.lib # secmod32.lib -# secnav32.lib # secutl32.lib # softup32.lib -# sp3240.lib # ssl32.lib # uni3200.lib -# unicvt32.lib # win32md.lib # winfont.lib -# xppref32.lib # zlib32.lib - -include <$(DEPTH)\config\rules.mak> - - -INSTALL = $(MAKE_INSTALL) - -objs: $(OBJS) - -$(PROGRAM):: - $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR) - -programs: $(PROGRAM) - -install:: $(TARGETS) - $(INSTALL) $(TARGETS) $(DIST)/bin - -# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj -# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp -# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch -# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll -# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj -# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj - -symbols: - @echo "CSRCS = $(CSRCS)" - @echo "INCS = $(INCS)" - @echo "OBJS = $(OBJS)" - @echo "LIBRARY = $(LIBRARY)" - @echo "PROGRAM = $(PROGRAM)" - @echo "TARGETS = $(TARGETS)" - @echo "DIST = $(DIST)" - @echo "VERSION_NUMBER = $(VERSION_NUMBER)" - @echo "WINFE = $(WINFE)" - @echo "DBM_LIB = $(DBM_LIB)" - @echo "INSTALL = $(INSTALL)" - diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c deleted file mode 100644 index ead4698ad..000000000 --- a/security/nss/cmd/makepqg/makepqg.c +++ /dev/null @@ -1,277 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "prtypes.h" -#include "prtime.h" -#include "prlong.h" - -#include "secutil.h" -#include "secitem.h" -#include "pk11func.h" -#include "pqgutil.h" -#include "secrng.h" - -#if defined(XP_UNIX) -#include -#endif - -#include "plgetopt.h" - -#define BPB 8 /* bits per byte. */ - -char *progName; - - -void -Usage(void) -{ - fprintf(stderr, "Usage: %s\n", progName); - fprintf(stderr, -"-a Output DER-encoded PQG params, BTOA encoded.\n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-b Output DER-encoded PQG params in binary\n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-r Output P, Q and G in ASCII hexadecimal. \n" -" -l prime-length Length of prime in bits (1024 is default)\n" -" -o file Output to this file (default is stdout)\n" -"-g bits Generate SEED this many bits long.\n" -); - exit(-1); - -} - -int -outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw, - FILE * outFile) -{ - PRArenaPool * arena = NULL; - char * PQG; - SECItem encodedParams; - - if (output_raw) { - SECItem item; - - PQG_GetPrimeFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Prime", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PQG_GetSubPrimeFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Subprime", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PQG_GetBaseFromParams(pqgParams, &item); - SECU_PrintInteger(outFile, &item, "Base", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - fprintf(outFile, "\n"); - return 0; - } - - encodedParams.data = NULL; - encodedParams.len = 0; - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams, - SECKEY_PQGParamsTemplate); - if (output_binary) { - fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile); - printf("\n"); - return 0; - } - - /* must be output ASCII */ - PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len); - - fprintf(outFile,"%s",PQG); - printf("\n"); - return 0; -} - -int -outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw, - FILE * outFile) -{ - if (output_raw) { - SECItem item; - unsigned int counter; - - PQG_GetHFromVerify(pqgVerify, &item); - SECU_PrintInteger(outFile, &item, "h", 1); - SECITEM_FreeItem(&item, PR_FALSE); - - PQG_GetSeedFromVerify(pqgVerify, &item); - SECU_PrintInteger(outFile, &item, "SEED", 1); - fprintf(outFile, " g: %d\n", item.len * BPB); - SECITEM_FreeItem(&item, PR_FALSE); - - counter = PQG_GetCounterFromVerify(pqgVerify); - fprintf(outFile, " counter: %d\n", counter); - fprintf(outFile, "\n"); - return 0; - } - return 0; -} - -int -main(int argc, char **argv) -{ - FILE * outFile = NULL; - PQGParams * pqgParams = NULL; - PQGVerify * pqgVerify = NULL; - int keySizeInBits = 1024; - int j; - int o; - int g = 0; - SECStatus rv = 0; - SECStatus passed = 0; - PRBool output_ascii = PR_FALSE; - PRBool output_binary = PR_FALSE; - PRBool output_raw = PR_FALSE; - PLOptState *optstate; - PLOptStatus status; - - - progName = strrchr(argv[0], '/'); - if (!progName) - progName = strrchr(argv[0], '\\'); - progName = progName ? progName+1 : argv[0]; - - /* Parse command line arguments */ - optstate = PL_CreateOptState(argc, argv, "l:abro:g:" ); - while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { - switch (optstate->option) { - - case 'l': - keySizeInBits = atoi(optstate->value); - break; - - case 'a': - output_ascii = PR_TRUE; - break; - - case 'b': - output_binary = PR_TRUE; - break; - - case 'r': - output_raw = PR_TRUE; - break; - - case 'o': - outFile = fopen(optstate->value, "wb"); - if (!outFile) { - fprintf(stderr, "%s: unable to open \"%s\" for writing\n", - progName, optstate->value); - rv = -1; - } - break; - - case 'g': - g = atoi(optstate->value); - break; - - default: - case '?': - Usage(); - break; - - } - } - - if (rv != 0) { - return rv; - } - - /* exactly 1 of these options must be set. */ - if (1 != ((output_ascii != PR_FALSE) + - (output_binary != PR_FALSE) + - (output_raw != PR_FALSE))) { - Usage(); - } - - j = PQG_PBITS_TO_INDEX(keySizeInBits); - if (j < 0) { - fprintf(stderr, "%s: Illegal prime length, \n" - "\tacceptable values are between 512 and 1024,\n" - "\tand divisible by 64\n", progName); - return -1; - } - if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) { - fprintf(stderr, "%s: Illegal g bits, \n" - "\tacceptable values are between 160 and 2040,\n" - "\tand divisible by 8\n", progName); - return -1; - } - - if (outFile == NULL) { - outFile = stdout; - } - - RNG_RNGInit(); - RNG_SystemInfoForRNG(); - if (g) - rv = PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8), - &pqgParams, &pqgVerify); - else - rv = PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify); - - if (rv != SECSuccess || pqgParams == NULL) { - fprintf(stderr, "%s: PQG parameter generation failed.\n", progName); - goto loser; - } - fprintf(stderr, "%s: PQG parameter generation completed.\n", progName); - - o = outputPQGParams(pqgParams, output_binary, output_raw, outFile); - o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile); - - rv = PQG_VerifyParams(pqgParams, pqgVerify, &passed); - if (rv != SECSuccess) { - fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName); - goto loser; - } - if (passed != SECSuccess) { - fprintf(stderr, "%s: PQG parameters failed verification.\n", progName); - goto loser; - } - fprintf(stderr, "%s: PQG parameters passed verification.\n", progName); - - PQG_DestroyParams(pqgParams); - PQG_DestroyVerify(pqgVerify); - return 0; - -loser: - PQG_DestroyParams(pqgParams); - PQG_DestroyVerify(pqgVerify); - return 1; -} diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn deleted file mode 100644 index 1bf4337c1..000000000 --- a/security/nss/cmd/makepqg/manifest.mn +++ /dev/null @@ -1,47 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# This next line is used by .mk files -# and gets translated into $LINCS in manifest.mnw -REQUIRES = security seccmd dbm - -# DIRS = - -CSRCS = makepqg.c - -PROGRAM = makepqg - -USE_STATIC_LIBS = 1 - diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh deleted file mode 100644 index 98cb7fa9d..000000000 --- a/security/nss/cmd/makepqg/testit.ksh +++ /dev/null @@ -1,41 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -COUNTER=75 -while [ $COUNTER -ge "1" ] -do - COUNTER=$(eval expr $COUNTER - 1) - echo $COUNTER - */makepqg.exe -r -l 640 -g 160 || exit 1 -done - diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn deleted file mode 100644 index f0d928607..000000000 --- a/security/nss/cmd/manifest.mn +++ /dev/null @@ -1,87 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -DEPTH = ../.. -# MODULE = seccmd - -REQUIRES = security nspr libdbm - -DIRS = lib \ - zlib \ - atob \ - bltest \ - btoa \ - certcgi \ - certutil \ - checkcert \ - crlutil \ - derdump \ - digest \ - makepqg \ - ocspclnt \ - oidcalc \ - p7content \ - p7env \ - p7sign \ - p7verify \ - pk12util \ - pp \ - rngtest \ - rsaperf \ - sdrtest \ - selfserv \ - signtool \ - signver \ - smimetools \ - SSLsample \ - ssltap \ - strsclnt \ - swfort \ - tstclnt \ - modutil \ - $(NULL) - -TEMPORARILY_DONT_BUILD = \ - $(NULL) - -# rsaperf \ -# -# needs to look at what needs to happen to make jar build in -# the binary release environment. -# -# perror requires lib/strerror.c which requires the client code installed -# to build (requires allxpstr.h) -# -DONT_BULD = jar \ - perror \ -$(NULL) diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile deleted file mode 100644 index 3d2bbb412..000000000 --- a/security/nss/cmd/modutil/Makefile +++ /dev/null @@ -1,80 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk - -# -# Cancel the built-in implicit yacc and lex rules. -# - -%.c: %.y -%.c: %.l diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README deleted file mode 100644 index 12d192c9f..000000000 --- a/security/nss/cmd/modutil/README +++ /dev/null @@ -1,7 +0,0 @@ - CRYPTOGRAPHIC MODULE UTILITY (modutil) - VERSION 1.0 - =============================================== - -The file specification.html documentats the software. - -The file pk11jar.html documents the PKCS #11 JAR format. diff --git a/security/nss/cmd/modutil/README.TXT b/security/nss/cmd/modutil/README.TXT deleted file mode 100644 index 279e3ebe6..000000000 --- a/security/nss/cmd/modutil/README.TXT +++ /dev/null @@ -1,7 +0,0 @@ - CRYPTOGRAPHIC MODULE UTILITY (modutil) - VERSION 1.0 - =============================================== - -The file specification.html documentats the software. - -The file pk11jar.html documents the PKCS #11 JAR format. diff --git a/security/nss/cmd/modutil/config.mk b/security/nss/cmd/modutil/config.mk deleted file mode 100644 index 3da32a667..000000000 --- a/security/nss/cmd/modutil/config.mk +++ /dev/null @@ -1,77 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# Set the LDFLAGS value to encompass all normal link options, all # -# library names, and all special system linking options # -####################################################################### - -LDFLAGS = \ - $(DYNAMIC_LIB_PATH) \ - $(LDOPTS) \ - $(LIBSECTOOLS) \ - $(LIBSECMOD) \ - $(LIBHASH) \ - $(LIBCERT) \ - $(LIBKEY) \ - $(LIBCRYPTO) \ - $(LIBSECUTIL) \ - $(LIBDBM) \ - $(LIBPLC3) \ - $(LIBPLDS3) \ - $(LIBPR3) \ - $(DLLSYSTEM) \ - $(LIBJAR) \ - $(LIBZLIB) \ - $(LIBPKCS7) \ - $(LIBPLC3) - -# Strip out the symbols -ifdef BUILD_OPT - ifneq ($(OS_ARCH),WINNT) - LDFLAGS += -s - endif -endif - -####################################################################### -# Adjust specific variables for all platforms # -####################################################################### - - -ifeq ($(OS_ARCH),WINNT) - PACKAGE_FILES = license.txt README.TXT specification.html pk11jar.html modutil.exe -else - PACKAGE_FILES = license.doc README specification.html pk11jar.html modutil -endif - -ARCHIVE_NAME = modutil_$(OS_CONFIG) diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h deleted file mode 100644 index 42583a355..000000000 --- a/security/nss/cmd/modutil/error.h +++ /dev/null @@ -1,180 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef MODUTIL_ERROR_H -#define MODUTIL_ERROR_H - -typedef enum { - NO_ERR=0, - INVALID_USAGE_ERR, - UNEXPECTED_ARG_ERR, - UNKNOWN_OPTION_ERR, - MULTIPLE_COMMAND_ERR, - OPTION_NEEDS_ARG_ERR, - DUPLICATE_OPTION_ERR, - MISSING_PARAM_ERR, - INVALID_FIPS_ARG, - NO_COMMAND_ERR, - NO_DBDIR_ERR, - FIPS_SWITCH_FAILED_ERR, - FIPS_ALREADY_ON_ERR, - FIPS_ALREADY_OFF_ERR, - FILE_ALREADY_EXISTS_ERR, - FILE_DOESNT_EXIST_ERR, - FILE_NOT_READABLE_ERR, - FILE_NOT_WRITEABLE_ERR, - DIR_DOESNT_EXIST_ERR, - DIR_NOT_READABLE_ERR, - DIR_NOT_WRITEABLE_ERR, - INVALID_CONSTANT_ERR, - ADD_MODULE_FAILED_ERR, - OUT_OF_MEM_ERR, - DELETE_INTERNAL_ERR, - DELETE_FAILED_ERR, - NO_LIST_LOCK_ERR, - NO_MODULE_LIST_ERR, - NO_SUCH_MODULE_ERR, - MOD_INFO_ERR, - SLOT_INFO_ERR, - TOKEN_INFO_ERR, - NO_SUCH_TOKEN_ERR, - CHANGEPW_FAILED_ERR, - BAD_PW_ERR, - DB_ACCESS_ERR, - AUTHENTICATION_FAILED_ERR, - NO_SUCH_SLOT_ERR, - ENABLE_FAILED_ERR, - UPDATE_MOD_FAILED_ERR, - DEFAULT_FAILED_ERR, - UNDEFAULT_FAILED_ERR, - STDIN_READ_ERR, - UNSPECIFIED_ERR, - NOCERTDB_MISUSE_ERR, - NSS_INITIALIZE_FAILED_ERR, - - LAST_ERR /* must be last */ -} Error; -#define SUCCESS NO_ERR - -/* !!! Should move this into its own .c and un-static it. */ -static char *errStrings[] = { - "Operation completed successfully.\n", - "ERROR: Invalid command line.\n", - "ERROR: Not expecting argument \"%s\".\n", - "ERROR: Unknown option: %s.\n", - "ERROR: %s: multiple commands are not allowed on the command line.\n", - "ERROR: %s: option needs an argument.\n", - "ERROR: %s: option cannot be given more than once.\n", - "ERROR: Command \"%s\" requires parameter \"%s\".\n", - "ERROR: Argument to -fips must be \"true\" or \"false\".\n", - "ERROR: No command was specified.\n", - "ERROR: Cannot determine database directory: use the -dbdir option.\n", - "ERROR: Unable to switch FIPS modes.\n", - "FIPS mode already enabled.\n", - "FIPS mode already disabled.\n", - "ERROR: File \"%s\" already exists.\n", - "ERROR: File \"%s\" does not exist.\n", - "ERROR: File \"%s\" is not readable.\n", - "ERROR: File \"%s\" is not writeable.\n", - "ERROR: Directory \"%s\" does not exist.\n", - "ERROR: Directory \"%s\" is not readable.\n", - "ERROR: Directory \"%s\" is not writeable.\n", - "\"%s\" is not a recognized value.\n", - "ERROR: Failed to add module \"%s\".\n", - "ERROR: Out of memory.\n", - "ERROR: Cannot delete internal module.\n", - "ERROR: Failed to delete module \"%s\".\n", - "ERROR: Unable to obtain lock on module list.\n", - "ERROR: Unable to obtain module list.\n", - "ERROR: Module \"%s\" not found in database.\n", - "ERROR: Unable to get information about module \"%s\".\n", - "ERROR: Unable to get information about slot \"%s\".\n", - "ERROR: Unable to get information about token \"%s\".\n", - "ERROR: Token \"%s\" not found.\n", - "ERROR: Unable to change password on token \"%s\".\n", - "ERROR: Incorrect password.\n", - "ERROR: Unable to access database \"%s\".\n", - "ERROR: Unable to authenticate to token \"%s\".\n", - "ERROR: Slot \"%s\" not found.\n", - "ERROR: Failed to %s slot \"%s\".\n", - "ERROR: Failed to update module \"%s\".\n", - "ERROR: Failed to change defaults.\n", - "ERROR: Failed to change default.\n", - "ERROR: Unable to read from standard input.\n", - "ERROR: Unknown error occurred.\n", - "ERROR: -nocertdb option can only be used with the -jar command.\n" - "ERROR: NSS_Initialize() failed.\n" -}; - -typedef enum { - FIPS_ENABLED_MSG=0, - FIPS_DISABLED_MSG, - USING_DBDIR_MSG, - CREATING_DB_MSG, - ADD_MODULE_SUCCESS_MSG, - DELETE_SUCCESS_MSG, - CHANGEPW_SUCCESS_MSG, - BAD_PW_MSG, - PW_MATCH_MSG, - DONE_MSG, - ENABLE_SUCCESS_MSG, - DEFAULT_SUCCESS_MSG, - UNDEFAULT_SUCCESS_MSG, - BROWSER_RUNNING_MSG, - ABORTING_MSG, - - LAST_MSG /* must be last */ -} Message; - -static char *msgStrings[] = { - "FIPS mode enabled.\n", - "FIPS mode disabled.\n", - "Using database directory %s...\n", - "Creating \"%s\"...", - "Module \"%s\" added to database.\n", - "Module \"%s\" deleted from database.\n", - "Token \"%s\" password changed successfully.\n", - "Incorrect password, try again...\n", - "Passwords do not match, try again...\n", - "done.\n", - "Slot \"%s\" %s.\n", - "Successfully changed defaults.\n", - "Successfully changed defaults.\n", -"\nWARNING: Performing this operation while the browser is running could cause" -"\ncorruption of your security databases. If the browser is currently running," -"\nyou should exit browser before continuing this operation. Type " -"\n'q ' to abort, or to continue: ", - "\nAborting...\n" -}; - -#endif /* MODUTIL_ERROR_H */ diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c deleted file mode 100644 index e6b90ded3..000000000 --- a/security/nss/cmd/modutil/install-ds.c +++ /dev/null @@ -1,1541 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "install-ds.h" -#include -#include -#include -#include - -#define PORT_Strcasecmp PL_strcasecmp - -#define MODULE_FILE_STRING "ModuleFile" -#define MODULE_NAME_STRING "ModuleName" -#define MECH_FLAGS_STRING "DefaultMechanismFlags" -#define CIPHER_FLAGS_STRING "DefaultCipherFlags" -#define FILES_STRING "Files" -#define FORWARD_COMPATIBLE_STRING "ForwardCompatible" -#define PLATFORMS_STRING "Platforms" -#define RELATIVE_DIR_STRING "RelativePath" -#define ABSOLUTE_DIR_STRING "AbsolutePath" -#define FILE_PERMISSIONS_STRING "FilePermissions" -#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform" -#define EXECUTABLE_STRING "Executable" - -#define DEFAULT_PERMISSIONS 0777 - -#define PLATFORM_SEPARATOR_CHAR ':' - -/* Error codes */ -enum { - BOGUS_RELATIVE_DIR=0, - BOGUS_ABSOLUTE_DIR, - BOGUS_FILE_PERMISSIONS, - NO_RELATIVE_DIR, - NO_ABSOLUTE_DIR, - EMPTY_PLATFORM_STRING, - BOGUS_PLATFORM_STRING, - REPEAT_MODULE_FILE, - REPEAT_MODULE_NAME, - BOGUS_MODULE_FILE, - BOGUS_MODULE_NAME, - REPEAT_MECH, - BOGUS_MECH_FLAGS, - REPEAT_CIPHER, - BOGUS_CIPHER_FLAGS, - REPEAT_FILES, - REPEAT_EQUIV, - BOGUS_EQUIV, - EQUIV_TOO_MUCH_INFO, - NO_FILES, - NO_MODULE_FILE, - NO_MODULE_NAME, - NO_PLATFORMS, - EQUIV_LOOP, - UNKNOWN_MODULE_FILE -}; - -/* Indexed by the above error codes */ -static const char *errString[] = { - "%s: Invalid relative directory", - "%s: Invalid absolute directory", - "%s: Invalid file permissions", - "%s: No relative directory specified", - "%s: No absolute directory specified", - "Empty string given for platform name", - "%s: invalid platform string", - "More than one ModuleFile entry given for platform %s", - "More than one ModuleName entry given for platform %s", - "Invalid ModuleFile specification for platform %s", - "Invalid ModuleName specification for platform %s", - "More than one DefaultMechanismFlags entry given for platform %s", - "Invalid DefaultMechanismFlags specification for platform %s", - "More than one DefaultCipherFlags entry given for platform %s", - "Invalid DefaultCipherFlags entry given for platform %s", - "More than one Files entry given for platform %s", - "More than one EquivalentPlatform entry given for platform %s", - "Invalid EquivalentPlatform specification for platform %s", - "Module %s uses an EquivalentPlatform but also specifies its own" - " information", - "No Files specification in module %s", - "No ModuleFile specification in module %s", - "No ModuleName specification in module %s", - "No Platforms specification in installer script", - "Platform %s has an equivalency loop", - "Module file \"%s\" in platform \"%s\" does not exist" -}; - -static char* PR_Strdup(const char* str); - -#define PAD(x) {int i; for(i=0;ijarPath=NULL; - _this->relativePath=NULL; - _this->absolutePath=NULL; - _this->executable=PR_FALSE; - _this->permissions=0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_File -// Class: Pk11Install_File -// Notes: Destructor. -*/ -void -Pk11Install_File_delete(Pk11Install_File* _this) -{ - Pk11Install_File_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_File -*/ -void -Pk11Install_File_Cleanup(Pk11Install_File* _this) -{ - if(_this->jarPath) { - PR_Free(_this->jarPath); - _this->jarPath = NULL; - } - if(_this->relativePath) { - PR_Free(_this->relativePath); - _this->relativePath = NULL; - } - if(_this->absolutePath) { - PR_Free(_this->absolutePath); - _this->absolutePath = NULL; - } - - _this->permissions = 0; - _this->executable = PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_File -// Notes: Creates a file data structure from a syntax tree. -// Returns: NULL for success, otherwise an error message. -*/ -char* -Pk11Install_File_Generate(Pk11Install_File* _this, - const Pk11Install_Pair *pair) -{ - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Pair *subpair; - Pk11Install_ListIter *subiter; - Pk11Install_Value *subval; - char* errStr; - char *endp; - PRBool gotPerms; - - iter=NULL; - subiter=NULL; - errStr=NULL; - gotPerms=PR_FALSE; - - /* Clear out old values */ - Pk11Install_File_Cleanup(_this); - - _this->jarPath = PR_Strdup(pair->key); - - /* Go through all the pairs under this file heading */ - iter = Pk11Install_ListIter_new(pair->list); - for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type == PAIR_VALUE) { - subpair = val->pair; - - /* Relative directory */ - if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR], - _this->jarPath); - goto loser; - } - _this->relativePath = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - - /* Absolute directory */ - } else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR], - _this->jarPath); - goto loser; - } - _this->absolutePath = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - - /* file permissions */ - } else if( !PORT_Strcasecmp(subpair->key, - FILE_PERMISSIONS_STRING)) { - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)){ - errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS], - _this->jarPath); - goto loser; - } - _this->permissions = (int) strtol(subval->string, &endp, 8); - if(*endp != '\0' || subval->string == "\0") { - errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS], - _this->jarPath); - goto loser; - } - gotPerms = PR_TRUE; - Pk11Install_ListIter_delete(subiter); - subiter = NULL; - } - } else { - if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) { - _this->executable = PR_TRUE; - } - } - } - - /* Default permission value */ - if(!gotPerms) { - _this->permissions = DEFAULT_PERMISSIONS; - } - - /* Make sure we got all the information */ - if(!_this->relativePath && !_this->absolutePath) { - errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath); - goto loser; - } -#if 0 - if(!_this->relativePath ) { - errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath); - goto loser; - } - if(!_this->absolutePath) { - errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath); - goto loser; - } -#endif - -loser: - if(iter) { - Pk11Install_ListIter_delete(iter); - PR_Free(iter); - } - if(subiter) { - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_File -*/ -void -Pk11Install_File_Print(Pk11Install_File* _this, int pad) -{ - PAD(pad); printf("jarPath: %s\n", - _this->jarPath ? _this->jarPath : ""); - PAD(pad); printf("relativePath: %s\n", - _this->relativePath ? _this->relativePath: ""); - PAD(pad); printf("absolutePath: %s\n", - _this->absolutePath ? _this->absolutePath: ""); - PAD(pad); printf("permissions: %o\n", _this->permissions); -} - -Pk11Install_PlatformName* -Pk11Install_PlatformName_new() -{ - Pk11Install_PlatformName* new_this; - new_this = (Pk11Install_PlatformName*) - PR_Malloc(sizeof(Pk11Install_PlatformName)); - Pk11Install_PlatformName_init(new_this); - return new_this; -} - -void -Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this) -{ - _this->OS = NULL; - _this->verString = NULL; - _this->numDigits = 0; - _this->arch = NULL; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_PlatformName -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this) -{ - Pk11Install_PlatformName_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this) -{ - if(_this->OS) { - PR_Free(_this->OS); - _this->OS = NULL; - } - if(_this->verString) { - int i; - for (i=0; i<_this->numDigits; i++) { - PR_Free(_this->verString[i]); - } - PR_Free(_this->verString); - _this->verString = NULL; - } - if(_this->arch) { - PR_Free(_this->arch); - _this->arch = NULL; - } - _this->numDigits = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_PlatformName -// Notes: Extracts the information from a platform string. -*/ -char* -Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this, - const char *str) -{ - char *errStr; - char *copy; - char *end, *start; /* start and end of a section (OS, version, arch)*/ - char *pend, *pstart; /* start and end of one portion of version*/ - char *endp; /* used by strtol*/ - int periods, i; - - errStr=NULL; - copy=NULL; - - if(!str) { - errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]); - goto loser; - } - copy = PR_Strdup(str); - - /* - // Get the OS - */ - end = strchr(copy, PLATFORM_SEPARATOR_CHAR); - if(!end || end==copy) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *end = '\0'; - - _this->OS = PR_Strdup(copy); - - /* - // Get the digits of the version of form: x.x.x (arbitrary number of digits) - */ - - start = end+1; - end = strchr(start, PLATFORM_SEPARATOR_CHAR); - if(!end) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *end = '\0'; - - if(end!=start) { - /* Find out how many periods*/ - periods = 0; - pstart = start; - while( (pend=strchr(pstart, '.')) ) { - periods++; - pstart = pend+1; - } - _this->numDigits= 1+ periods; - _this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits); - - pstart = start; - i = 0; - /* Get the digits before each period*/ - while( (pend=strchr(pstart, '.')) ) { - if(pend == pstart) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - *pend = '\0'; - _this->verString[i] = PR_Strdup(pstart); - endp = pend; - if(endp==pstart || (*endp != '\0')) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - pstart = pend+1; - i++; - } - /* Last digit comes after the last period*/ - if(*pstart == '\0') { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - _this->verString[i] = PR_Strdup(pstart); - /* - if(endp==pstart || (*endp != '\0')) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - */ - } else { - _this->verString = NULL; - _this->numDigits = 0; - } - - /* - // Get the architecture - */ - start = end+1; - if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) { - errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str); - goto loser; - } - _this->arch = PR_Strdup(start); - - if(copy) { - PR_Free(copy); - } - return NULL; -loser: - if(_this->OS) { - PR_Free(_this->OS); - _this->OS = NULL; - } - if(_this->verString) { - for (i=0; i<_this->numDigits; i++) { - PR_Free(_this->verString[i]); - } - PR_Free(_this->verString); - _this->verString = NULL; - } - _this->numDigits = 0; - if(_this->arch) { - PR_Free(_this->arch); - _this->arch = NULL; - } - - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator == -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS, arch, and version -*/ -PRBool -Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - int i; - - if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) { - return PR_FALSE; - } - - if( PORT_Strcasecmp(_this->OS, cmp->OS) || - PORT_Strcasecmp(_this->arch, cmp->arch) || - _this->numDigits != cmp->numDigits ) { - return PR_FALSE; - } - - for(i=0; i < _this->numDigits; i++) { - if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) { - return PR_FALSE; - } - } - return PR_TRUE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator <= -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS and arch and a lower -// or equal release. -*/ -PRBool -Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - return (Pk11Install_PlatformName_equal(_this,cmp) || - Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: operator < -// Class: Pk11Install_PlatformName -// Returns: PR_TRUE if the platform have the same OS and arch and a greater -// release. -*/ -PRBool -Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp) -{ - int i, scmp; - - if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) { - return PR_FALSE; - } - - if( PORT_Strcasecmp(_this->OS, cmp->OS) ) { - return PR_FALSE; - } - if( PORT_Strcasecmp(_this->arch, cmp->arch) ) { - return PR_FALSE; - } - - for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) { - scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]); - if (scmp > 0) { - return PR_FALSE; - } else if (scmp < 0) { - return PR_TRUE; - } - } - /* All the digits they have in common are the same. */ - if(_this->numDigits < cmp->numDigits) { - return PR_TRUE; - } - - return PR_FALSE; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetString -// Class: Pk11Install_PlatformName -// Returns: String composed of OS, release, and architecture separated -// by the separator char. Memory is allocated by this function -// but is the responsibility of the caller to de-allocate. -*/ -char* -Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this) -{ - char *ret; - char *ver; - char *OS_; - char *arch_; - - OS_=NULL; - arch_=NULL; - - OS_ = _this->OS ? _this->OS : ""; - arch_ = _this->arch ? _this->arch : ""; - - ver = Pk11Install_PlatformName_GetVerString(_this); - ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver, - PLATFORM_SEPARATOR_CHAR, arch_); - - PR_Free(ver); - - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetVerString -// Class: Pk11Install_PlatformName -// Returns: The version string for this platform, in the form x.x.x with an -// arbitrary number of digits. Memory allocated by function, -// must be de-allocated by caller. -*/ -char* -Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this) -{ - char *tmp; - char *ret; - int i; - char buf[80]; - - tmp = (char*)PR_Malloc(80*_this->numDigits+1); - tmp[0] = '\0'; - - for(i=0; i < _this->numDigits-1; i++) { - sprintf(buf, "%s.", _this->verString[i]); - strcat(tmp, buf); - } - if(i < _this->numDigits) { - sprintf(buf, "%s", _this->verString[i]); - strcat(tmp, buf); - } - - ret = PR_Strdup(tmp); - free(tmp); - - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_PlatformName -*/ -void -Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad) -{ - PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : ""); - PAD(pad); printf("Digits: "); - if(_this->numDigits == 0) { - printf("None\n"); - } else { - printf("%s\n", Pk11Install_PlatformName_GetVerString(_this)); - } - PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : ""); -} - -Pk11Install_Platform* -Pk11Install_Platform_new() -{ - Pk11Install_Platform* new_this; - new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform)); - Pk11Install_Platform_init(new_this); - return new_this; -} - -void -Pk11Install_Platform_init(Pk11Install_Platform* _this) -{ - Pk11Install_PlatformName_init(&_this->name); - Pk11Install_PlatformName_init(&_this->equivName); - _this->equiv = NULL; - _this->usesEquiv = PR_FALSE; - _this->moduleFile = NULL; - _this->moduleName = NULL; - _this->modFile = -1; - _this->mechFlags = 0; - _this->cipherFlags = 0; - _this->files = NULL; - _this->numFiles = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_Platform -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_delete(Pk11Install_Platform* _this) -{ - Pk11Install_Platform_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this) -{ - int i; - if(_this->moduleFile) { - PR_Free(_this->moduleFile); - _this->moduleFile = NULL; - } - if(_this->moduleName) { - PR_Free(_this->moduleName); - _this->moduleName = NULL; - } - if(_this->files) { - for (i=0;i<_this->numFiles;i++) { - Pk11Install_File_delete(&_this->files[i]); - } - PR_Free(_this->files); - _this->files = NULL; - } - _this->equiv = NULL; - _this->usesEquiv = PR_FALSE; - _this->modFile = -1; - _this->numFiles = 0; - _this->mechFlags = _this->cipherFlags = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_Platform -// Notes: Creates a platform data structure from a syntax tree. -// Returns: NULL for success, otherwise an error message. -*/ -char* -Pk11Install_Platform_Generate(Pk11Install_Platform* _this, - const Pk11Install_Pair *pair) -{ - char* errStr; - char* endptr; - char* tmp; - int i; - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Value *subval; - Pk11Install_Pair *subpair; - Pk11Install_ListIter *subiter; - PRBool gotModuleFile, gotModuleName, gotMech, - gotCipher, gotFiles, gotEquiv; - - errStr=NULL; - iter=subiter=NULL; - val=subval=NULL; - subpair=NULL; - gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE; - Pk11Install_Platform_Cleanup(_this); - - errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key); - if(errStr) { - tmp = PR_smprintf("%s: %s", pair->key, errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - - iter = Pk11Install_ListIter_new(pair->list); - for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type==PAIR_VALUE) { - subpair = val->pair; - - if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) { - if(gotModuleFile) { - errStr = PR_smprintf(errString[REPEAT_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->moduleFile = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - gotModuleFile = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){ - if(gotModuleName) { - errStr = PR_smprintf(errString[REPEAT_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->moduleName = PR_Strdup(subval->string); - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - gotModuleName = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) { - endptr=NULL; - - if(gotMech) { - errStr = PR_smprintf(errString[REPEAT_MECH], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->mechFlags = strtol(subval->string, &endptr, 0); - if(*endptr!='\0' || (endptr==subval->string) ) { - errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter=NULL; - gotMech = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) { - endptr=NULL; - - if(gotCipher) { - errStr = PR_smprintf(errString[REPEAT_CIPHER], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE)) { - errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - _this->cipherFlags = strtol(subval->string, &endptr, 0); - if(*endptr!='\0' || (endptr==subval->string) ) { - errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter=NULL; - gotCipher = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) { - if(gotFiles) { - errStr = PR_smprintf(errString[REPEAT_FILES], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - _this->numFiles = subpair->list->numPairs; - _this->files = (Pk11Install_File*) - PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles); - for(i=0; i < _this->numFiles; i++, - Pk11Install_ListIter_nextItem(subiter)) { - Pk11Install_File_init(&_this->files[i]); - val = subiter->current; - if(val && (val->type==PAIR_VALUE)) { - errStr = Pk11Install_File_Generate(&_this->files[i],val->pair); - if(errStr) { - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name),errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - } - } - gotFiles = PR_TRUE; - } else if(!PORT_Strcasecmp(subpair->key, - EQUIVALENT_PLATFORM_STRING)) { - if(gotEquiv) { - errStr = PR_smprintf(errString[REPEAT_EQUIV], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - subiter = Pk11Install_ListIter_new(subpair->list); - subval = subiter->current; - if(!subval || (subval->type != STRING_VALUE) ) { - errStr = PR_smprintf(errString[BOGUS_EQUIV], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - errStr = Pk11Install_PlatformName_Generate(&_this->equivName, - subval->string); - if(errStr) { - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name), errStr); - tmp = PR_smprintf("%s: %s", - Pk11Install_PlatformName_GetString(&_this->name), errStr); - PR_smprintf_free(errStr); - errStr = tmp; - goto loser; - } - _this->usesEquiv = PR_TRUE; - } - } - } - - /* Make sure we either have an EquivalentPlatform or all the other info */ - if(_this->usesEquiv && - (gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) { - errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotFiles && !_this->usesEquiv) { - errStr = PR_smprintf(errString[NO_FILES], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotModuleFile && !_this->usesEquiv) { - errStr= PR_smprintf(errString[NO_MODULE_FILE], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - if(!gotModuleName && !_this->usesEquiv) { - errStr = PR_smprintf(errString[NO_MODULE_NAME], - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - - /* Point the modFile pointer to the correct file */ - if(gotModuleFile) { - for(i=0; i < _this->numFiles; i++) { - if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) { - _this->modFile = i; - break; - } - } - if(_this->modFile==-1) { - errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE], - _this->moduleFile, - Pk11Install_PlatformName_GetString(&_this->name)); - goto loser; - } - } - -loser: - if(iter) { - PR_Free(iter); - } - if(subiter) { - PR_Free(subiter); - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_Platform -*/ -void -Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad) -{ - int i; - - PAD(pad); printf("Name:\n"); - Pk11Install_PlatformName_Print(&_this->name,pad+PADINC); - PAD(pad); printf("equivName:\n"); - Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC); - PAD(pad); - if(_this->usesEquiv) { - printf("Uses equiv, which points to:\n"); - Pk11Install_Platform_Print(_this->equiv,pad+PADINC); - } else { - printf("Doesn't use equiv\n"); - } - PAD(pad); - printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile - : ""); - PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags); - PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags); - PAD(pad); printf("Files:\n"); - for(i=0; i < _this->numFiles; i++) { - Pk11Install_File_Print(&_this->files[i],pad+PADINC); - PAD(pad); printf("--------------------\n"); - } -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Pk11Install_Info -// Class: Pk11Install_Info -*/ -Pk11Install_Info* -Pk11Install_Info_new() -{ - Pk11Install_Info* new_this; - new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info)); - Pk11Install_Info_init(new_this); - return new_this; -} - -void -Pk11Install_Info_init(Pk11Install_Info* _this) -{ - _this->platforms = NULL; - _this->numPlatforms = 0; - _this->forwardCompatible = NULL; - _this->numForwardCompatible = 0; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: ~Pk11Install_Info -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_delete(Pk11Install_Info* _this) -{ - Pk11Install_Info_Cleanup(_this); -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Cleanup -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_Cleanup(Pk11Install_Info* _this) -{ - int i; - if(_this->platforms) { - for (i=0;i<_this->numPlatforms;i++) { - Pk11Install_Platform_delete(&_this->platforms[i]); - } - PR_Free(&_this->platforms); - _this->platforms = NULL; - _this->numPlatforms = 0; - } - - if(_this->forwardCompatible) { - for (i=0;i<_this->numForwardCompatible;i++) { - Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]); - } - PR_Free(&_this->forwardCompatible); - _this->numForwardCompatible = 0; - } -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Generate -// Class: Pk11Install_Info -// Takes: Pk11Install_ValueList *list, the top-level list -// resulting from parsing an installer file. -// Returns: char*, NULL if successful, otherwise an error string. -// Caller is responsible for freeing memory. -*/ -char* -Pk11Install_Info_Generate(Pk11Install_Info* _this, - const Pk11Install_ValueList *list) -{ - char *errStr; - Pk11Install_ListIter *iter; - Pk11Install_Value *val; - Pk11Install_Pair *pair; - Pk11Install_ListIter *subiter; - Pk11Install_Value *subval; - Pk11Install_Platform *first, *second; - int i, j; - - errStr=NULL; - iter=subiter=NULL; - Pk11Install_Info_Cleanup(_this); - - iter = Pk11Install_ListIter_new(list); - for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) { - if(val->type == PAIR_VALUE) { - pair = val->pair; - - if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) { - subiter = Pk11Install_ListIter_new(pair->list); - _this->numForwardCompatible = pair->list->numStrings; - _this->forwardCompatible = (Pk11Install_PlatformName*) - PR_Malloc(sizeof(Pk11Install_PlatformName)* - _this->numForwardCompatible); - for(i=0; i < _this->numForwardCompatible; i++, - Pk11Install_ListIter_nextItem(subiter)) { - subval = subiter->current; - if(subval->type == STRING_VALUE) { - errStr = Pk11Install_PlatformName_Generate( - &_this->forwardCompatible[i], subval->string); - if(errStr) { - goto loser; - } - } - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) { - subiter = Pk11Install_ListIter_new(pair->list); - _this->numPlatforms = pair->list->numPairs; - _this->platforms = (Pk11Install_Platform*) - PR_Malloc(sizeof(Pk11Install_Platform)* - _this->numPlatforms); - for(i=0; i < _this->numPlatforms; i++, - Pk11Install_ListIter_nextItem(subiter)) { - Pk11Install_Platform_init(&_this->platforms[i]); - subval = subiter->current; - if(subval->type == PAIR_VALUE) { - errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair); - if(errStr) { - goto loser; - } - } - } - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } - } - } - - if(_this->numPlatforms == 0) { - errStr = PR_smprintf(errString[NO_PLATFORMS]); - goto loser; - } - -/* - // - // Now process equivalent platforms - // - - // First the naive pass -*/ - for(i=0; i < _this->numPlatforms; i++) { - if(_this->platforms[i].usesEquiv) { - _this->platforms[i].equiv = NULL; - for(j=0; j < _this->numPlatforms; j++) { - if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName, - &_this->platforms[j].name)) { - if(i==j) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - _this->platforms[i].equiv = &_this->platforms[j]; - break; - } - } - if(_this->platforms[i].equiv == NULL) { - errStr = PR_smprintf(errString[BOGUS_EQUIV], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - } - } - -/* - // Now the intelligent pass, which will also detect loops. - // We will send two pointers through the linked list of equivalent - // platforms. Both start with the current node. "first" traverses - // two nodes for each iteration. "second" lags behind, only traversing - // one node per iteration. Eventually one of two things will happen: - // first will hit the end of the list (a platform that doesn't use - // an equivalency), or first will equal second if there is a loop. -*/ - for(i=0; i < _this->numPlatforms; i++) { - if(_this->platforms[i].usesEquiv) { - second = _this->platforms[i].equiv; - if(!second->usesEquiv) { - /* The first link is the terminal node */ - continue; - } - first = second->equiv; - while(first->usesEquiv) { - if(first == second) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - first = first->equiv; - if(!first->usesEquiv) { - break; - } - if(first == second) { - errStr = PR_smprintf(errString[EQUIV_LOOP], - Pk11Install_PlatformName_GetString(&_this->platforms[i].name)); - goto loser; - } - second = second->equiv; - first = first->equiv; - } - _this->platforms[i].equiv = first; - } - } - -loser: - if(iter) { - Pk11Install_ListIter_delete(iter); - PR_Free(iter); - iter = NULL; - } - if(subiter) { - Pk11Install_ListIter_delete(subiter); - PR_Free(subiter); - subiter = NULL; - } - return errStr; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: GetBestPlatform -// Class: Pk11Install_Info -// Takes: char *myPlatform, the platform we are currently running -// on. -*/ -Pk11Install_Platform* -Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform) -{ - Pk11Install_PlatformName plat; - char *errStr; - int i, j; - - errStr=NULL; - - Pk11Install_PlatformName_init(&plat); - if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) { - PR_smprintf_free(errStr); - return NULL; - } - - /* First try real platforms */ - for(i=0; i < _this->numPlatforms; i++) { - if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) { - if(_this->platforms[i].equiv) { - return _this->platforms[i].equiv; - } - else { - return &_this->platforms[i]; - } - } - } - - /* Now try forward compatible platforms */ - for(i=0; i < _this->numForwardCompatible; i++) { - if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) { - break; - } - } - if(i == _this->numForwardCompatible) { - return NULL; - } - - /* Got a forward compatible name, find the actual platform. */ - for(j=0; j < _this->numPlatforms; j++) { - if(Pk11Install_PlatformName_equal(&_this->platforms[j].name, - &_this->forwardCompatible[i])) { - if(_this->platforms[j].equiv) { - return _this->platforms[j].equiv; - } else { - return &_this->platforms[j]; - } - } - } - - return NULL; -} - -/* -////////////////////////////////////////////////////////////////////////// -// Method: Print -// Class: Pk11Install_Info -*/ -void -Pk11Install_Info_Print(Pk11Install_Info* _this, int pad) -{ - int i; - - PAD(pad); printf("Forward Compatible:\n"); - for(i = 0; i < _this->numForwardCompatible; i++) { - Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC); - PAD(pad); printf("-------------------\n"); - } - PAD(pad); printf("Platforms:\n"); - for( i = 0; i < _this->numPlatforms; i++) { - Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC); - PAD(pad); printf("-------------------\n"); - } -} - -/* -////////////////////////////////////////////////////////////////////////// -*/ -static char* -PR_Strdup(const char* str) -{ - char *tmp; - tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1)); - strcpy(tmp, str); - return tmp; -} - -/* The global value list, the top of the tree */ -Pk11Install_ValueList* Pk11Install_valueList=NULL; - -/****************************************************************************/ -void -Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this, - Pk11Install_Value *item) -{ - _this->numItems++; - if (item->type == STRING_VALUE) { - _this->numStrings++; - } else { - _this->numPairs++; - } - item->next = _this->head; - _this->head = item; -} - -/****************************************************************************/ -Pk11Install_ListIter* -Pk11Install_ListIter_new_default() -{ - Pk11Install_ListIter* new_this; - new_this = (Pk11Install_ListIter*) - PR_Malloc(sizeof(Pk11Install_ListIter)); - Pk11Install_ListIter_init(new_this); - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_init(Pk11Install_ListIter* _this) -{ - _this->list = NULL; - _this->current = NULL; -} - -/****************************************************************************/ -Pk11Install_ListIter* -Pk11Install_ListIter_new(const Pk11Install_ValueList *_list) -{ - Pk11Install_ListIter* new_this; - new_this = (Pk11Install_ListIter*) - PR_Malloc(sizeof(Pk11Install_ListIter)); - new_this->list = _list; - new_this->current = _list->head; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_delete(Pk11Install_ListIter* _this) -{ - _this->list=NULL; - _this->current=NULL; -} - -/****************************************************************************/ -void -Pk11Install_ListIter_reset(Pk11Install_ListIter* _this) -{ - if(_this->list) { - _this->current = _this->list->head; - } -} - -/*************************************************************************/ -Pk11Install_Value* -Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this) -{ - if(_this->current) { - _this->current = _this->current->next; - } - - return _this->current; -} - -/****************************************************************************/ -Pk11Install_ValueList* -Pk11Install_ValueList_new() -{ - Pk11Install_ValueList* new_this; - new_this = (Pk11Install_ValueList*) - PR_Malloc(sizeof(Pk11Install_ValueList)); - new_this->numItems = 0; - new_this->numPairs = 0; - new_this->numStrings = 0; - new_this->head = NULL; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_ValueList_delete(Pk11Install_ValueList* _this) -{ - - Pk11Install_Value *tmp; - Pk11Install_Value *list; - list = _this->head; - - while(list != NULL) { - tmp = list; - list = list->next; - PR_Free(tmp); - } - PR_Free(_this); -} - -/****************************************************************************/ -Pk11Install_Value* -Pk11Install_Value_new_default() -{ - Pk11Install_Value* new_this; - new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value)); - new_this->type = STRING_VALUE; - new_this->string = NULL; - new_this->pair = NULL; - new_this->next = NULL; - return new_this; -} - -/****************************************************************************/ -Pk11Install_Value* -Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr) -{ - Pk11Install_Value* new_this; - new_this = Pk11Install_Value_new_default(); - new_this->type = _type; - if(_type == STRING_VALUE) { - new_this->pair = NULL; - new_this->string = ptr.string; - } else { - new_this->string = NULL; - new_this->pair = ptr.pair; - } - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_Value_delete(Pk11Install_Value* _this) -{ - if(_this->type == STRING_VALUE) { - PR_Free(_this->string); - } else { - PR_Free(_this->pair); - } -} - -/****************************************************************************/ -Pk11Install_Pair* -Pk11Install_Pair_new_default() -{ - return Pk11Install_Pair_new(NULL,NULL); -} - -/****************************************************************************/ -Pk11Install_Pair* -Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list) -{ - Pk11Install_Pair* new_this; - new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair)); - new_this->key = _key; - new_this->list = _list; - return new_this; -} - -/****************************************************************************/ -void -Pk11Install_Pair_delete(Pk11Install_Pair* _this) -{ - PR_Free(_this->key); - Pk11Install_ValueList_delete(_this->list); - PR_Free(_this->list); -} - -/*************************************************************************/ -void -Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad) -{ - while (_this) { - /*PAD(pad); printf("**Pair\n"); - PAD(pad); printf("***Key====\n");*/ - PAD(pad); printf("%s {\n", _this->key); - /*PAD(pad); printf("====\n");*/ - /*PAD(pad); printf("***ValueList\n");*/ - Pk11Install_ValueList_Print(_this->list,pad+PADINC); - PAD(pad); printf("}\n"); - } -} - -/*************************************************************************/ -void -Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad) -{ - Pk11Install_Value *v; - - /*PAD(pad);printf("**Value List**\n");*/ - for(v = _this->head; v != NULL; v=v->next) { - Pk11Install_Value_Print(v,pad); - } -} - -/*************************************************************************/ -void -Pk11Install_Value_Print(Pk11Install_Value* _this, int pad) -{ - /*PAD(pad); printf("**Value, type=%s\n", - type==STRING_VALUE ? "string" : "pair");*/ - if(_this->type==STRING_VALUE) { - /*PAD(pad+PADINC); printf("====\n");*/ - PAD(pad); printf("%s\n", _this->string); - /*PAD(pad+PADINC); printf("====\n");*/ - } else { - Pk11Install_Pair_Print(_this->pair,pad+PADINC); - } -} diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h deleted file mode 100644 index eb7b7ce4e..000000000 --- a/security/nss/cmd/modutil/install-ds.h +++ /dev/null @@ -1,290 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef INSTALL_DS_H -#define INSTALL_DS_H - -#include -#include -#include - -extern PRFileDesc *Pk11Install_FD; -extern int Pk11Install_yylex(); -extern int Pk11Install_yylinenum; -extern char *Pk11Install_yyerrstr; - -typedef enum { STRING_VALUE, PAIR_VALUE } ValueType; - -typedef struct Pk11Install_Pair_str Pk11Install_Pair; -typedef union Pk11Install_Pointer_str Pk11Install_Pointer; -typedef struct Pk11Install_Value_str Pk11Install_Value; -typedef struct Pk11Install_ValueList_str Pk11Install_ValueList; -typedef struct Pk11Install_ListIter_str Pk11Install_ListIter; -typedef struct Pk11Install_File_str Pk11Install_File; -typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName; -typedef struct Pk11Install_Platform_str Pk11Install_Platform; -typedef struct Pk11Install_Info_str Pk11Install_Info; - -extern Pk11Install_Pointer Pk11Install_yylval; -extern Pk11Install_ValueList* Pk11Install_valueList; - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Pair -////////////////////////////////////////////////////////////////////////// -*/ - -struct Pk11Install_Pair_str { - char * key; - Pk11Install_ValueList *list; - -}; - -Pk11Install_Pair* -Pk11Install_Pair_new_default(); -Pk11Install_Pair* -Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list); -void -Pk11Install_Pair_delete(Pk11Install_Pair* _this); -void -Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad); - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Pointer -////////////////////////////////////////////////////////////////////////// -*/ -union Pk11Install_Pointer_str { - Pk11Install_ValueList *list; - Pk11Install_Value *value; - Pk11Install_Pair *pair; - char *string; -}; - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_Value -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_Value_str { - - ValueType type; - char *string; - Pk11Install_Pair *pair; - struct Pk11Install_Value_str *next; -}; - -Pk11Install_Value* -Pk11Install_Value_new_default(); -Pk11Install_Value* -Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr); -void -Pk11Install_Value_delete(Pk11Install_Value* _this); -void -Pk11Install_Value_Print(Pk11Install_Value* _this, int pad); - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_ValueList -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_ValueList_str { - int numItems; - int numPairs; - int numStrings; - Pk11Install_Value *head; -}; - -Pk11Install_ValueList* -Pk11Install_ValueList_new(); -void -Pk11Install_ValueList_delete(Pk11Install_ValueList* _this); -void -Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this, - Pk11Install_Value* item); -void -Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad); - - -/* -////////////////////////////////////////////////////////////////////////// -// Pk11Install_ListIter -////////////////////////////////////////////////////////////////////////// -*/ -struct Pk11Install_ListIter_str { - const Pk11Install_ValueList *list; - Pk11Install_Value *current; -}; - -Pk11Install_ListIter* -Pk11Install_ListIter_new_default(); -void -Pk11Install_ListIter_init(Pk11Install_ListIter* _this); -Pk11Install_ListIter* -Pk11Install_ListIter_new(const Pk11Install_ValueList* _list); -void -Pk11Install_ListIter_delete(Pk11Install_ListIter* _this); -void -Pk11Install_ListIter_reset(Pk11Install_ListIter* _this); -Pk11Install_Value* -Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this); - -/************************************************************************ - * - * Pk11Install_File - */ -struct Pk11Install_File_str { - char *jarPath; - char *relativePath; - char *absolutePath; - PRBool executable; - int permissions; -}; - -Pk11Install_File* -Pk11Install_File_new(); -void -Pk11Install_File_init(Pk11Install_File* _this); -void -Pk11Install_file_delete(Pk11Install_File* _this); -/*// Parses a syntax tree to obtain all attributes. -// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_File_Generate(Pk11Install_File* _this, - const Pk11Install_Pair* pair); -void -Pk11Install_File_Print(Pk11Install_File* _this, int pad); -void -Pk11Install_File_Cleanup(Pk11Install_File* _this); - -/************************************************************************ - * - * Pk11Install_PlatformName - */ -struct Pk11Install_PlatformName_str { - char *OS; - char **verString; - int numDigits; - char *arch; -}; - -Pk11Install_PlatformName* -Pk11Install_PlatformName_new(); -void -Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this); -void -Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this); -char* -Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this, - const char* str); -char* -Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this); -char* -Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this); -void -Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad); -void -Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this); -PRBool -Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); -PRBool -Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); -PRBool -Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this, - Pk11Install_PlatformName* cmp); - -/************************************************************************ - * - * Pk11Install_Platform - */ -struct Pk11Install_Platform_str { - Pk11Install_PlatformName name; - Pk11Install_PlatformName equivName; - struct Pk11Install_Platform_str *equiv; - PRBool usesEquiv; - char *moduleFile; - char *moduleName; - int modFile; - unsigned long mechFlags; - unsigned long cipherFlags; - Pk11Install_File *files; - int numFiles; -}; - -Pk11Install_Platform* -Pk11Install_Platform_new(); -void -Pk11Install_Platform_init(Pk11Install_Platform* _this); -void -Pk11Install_Platform_delete(Pk11Install_Platform* _this); -/*// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_Platform_Generate(Pk11Install_Platform* _this, - const Pk11Install_Pair *pair); -void -Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad); -void -Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this); - -/************************************************************************ - * - * Pk11Install_Info - */ -struct Pk11Install_Info_str { - Pk11Install_Platform *platforms; - int numPlatforms; - Pk11Install_PlatformName *forwardCompatible; - int numForwardCompatible; -}; - -Pk11Install_Info* -Pk11Install_Info_new(); -void -Pk11Install_Info_init(); -void -Pk11Install_Info_delete(Pk11Install_Info* _this); -/*// Returns NULL for success, error message if parse error.*/ -char* -Pk11Install_Info_Generate(Pk11Install_Info* _this, - const Pk11Install_ValueList *list); - /*// Returns NULL if there is no matching platform*/ -Pk11Install_Platform* -Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform); -void -Pk11Install_Info_Print(Pk11Install_Info* _this, int pad); -void -Pk11Install_Info_Cleanup(Pk11Install_Info* _this); - -#endif // INSTALL_DS_H diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c deleted file mode 100644 index 1d44da9e0..000000000 --- a/security/nss/cmd/modutil/install.c +++ /dev/null @@ -1,979 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "install.h" -#include "install-ds.h" -#include -#include -#include -#include -#include -#include - -/*extern "C" {*/ -#include -/*}*/ - -extern /*"C"*/ -int Pk11Install_AddNewModule(char* moduleName, char* dllPath, - unsigned long defaultMechanismFlags, - unsigned long cipherEnableFlags); -extern /*"C"*/ -short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, - PRBool query); -extern /*"C"*/ -char* mySECU_ErrorString(int16); -extern -int Pk11Install_yyparse(); - -#define INSTALL_METAINFO_TAG "Pkcs11_install_script" -#define SCRIPT_TEMP_FILE "pkcs11inst.tmp" -#define ROOT_MARKER "%root%" -#define TEMP_MARKER "%temp%" -#define PRINTF_ROOT_MARKER "%%root%%" -#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir" -#define JAR_BASE_END (JAR_BASE+100) - -static PRLock* errorHandlerLock=NULL; -static Pk11Install_ErrorHandler errorHandler=NULL; -static char* PR_Strdup(const char* str); -static int rm_dash_r (char *path); -static int make_dirs(char *path, int file_perms); -static int dir_perms(int perms); - -static Pk11Install_Error DoInstall(JAR *jar, const char *installDir, - const char* tempDir, Pk11Install_Platform *platform, - PRFileDesc *feedback, PRBool noverify); - -static char *errorString[]= { - "Operation was successful", /* PK11_INSTALL_NO_ERROR */ - "Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */ - "File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */ - "File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */ - "%s", /* PK11_INSTALL_ERROR_STRING */ - "Error in JAR file %s: %s", /* PK11_INSTALL_JAR_ERROR */ - "No Pkcs11_install_script specified in JAR metainfo file", - /* PK11_INSTALL_NO_INSTALLER_SCRIPT */ - "Could not delete temporary file \"%s\"", - /*PK11_INSTALL_DELETE_TEMP_FILE */ - "Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/ - "%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */ - "Error in script: %s", - "Unable to obtain system platform information", - "Installer script has no information about the current platform (%s)", - "Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER, - "Module File \"%s\" not found", - "Error occurred installing module \"%s\" into database", - "Error extracting \"%s\" from JAR file: %s", - "Directory \"%s\" is not writeable", - "Could not create directory \"%s\"", - "Could not remove directory \"%s\"", - "Unable to execute \"%s\"", - "Unable to wait for process \"%s\"", - "\"%s\" returned error code %d", - "User aborted operation", - "Unspecified error" -}; - -enum { - INSTALLED_FILE_MSG=0, - INSTALLED_MODULE_MSG, - INSTALLER_SCRIPT_NAME, - MY_PLATFORM_IS, - USING_PLATFORM, - PARSED_INSTALL_SCRIPT, - EXEC_FILE_MSG, - EXEC_SUCCESS, - INSTALLATION_COMPLETE_MSG, - USER_ABORT -}; - -static char *msgStrings[] = { - "Installed file %s to %s\n", - "Installed module \"%s\" into module database\n", - "Using installer script \"%s\"\n", - "Current platform is %s\n", - "Using installation parameters for platform %s\n", - "Successfully parsed installation script\n", - "Executing \"%s\"...\n", - "\"%s\" executed successfully\n", - "\nInstallation completed successfully\n", - "\nAborting...\n" -}; - -/************************************************************************** - * S t r i n g N o d e - */ -typedef struct StringNode_str { - char *str; - struct StringNode_str* next; -} StringNode; - -StringNode* StringNode_new() -{ - StringNode* new_this; - new_this = (StringNode*)malloc(sizeof(StringNode)); - new_this->str=NULL; - new_this->next=NULL; - return new_this; -} - -void StringNode_delete(StringNode* s) -{ - if(s->str) { - PR_Free(s->str); - s->str=NULL; - } -} - -/************************************************************************* - * S t r i n g L i s t - */ -typedef struct StringList_str { - StringNode* head; - StringNode* tail; -} StringList; - -void StringList_new(StringList* list) -{ - list->head=NULL; - list->tail=NULL; -} - -void StringList_delete(StringList* list) -{ - StringNode *tmp; - while(list->head) { - tmp = list->head; - list->head = list->head->next; - StringNode_delete(tmp); - } -} - -void -StringList_Append(StringList* list, char* str) -{ - if(!str) { - return; - } - - if(!list->tail) { - /* This is the first element */ - list->head = list->tail = StringNode_new(); - } else { - list->tail->next = StringNode_new(); - list->tail = list->tail->next; - } - - list->tail->str = PR_Strdup(str); - list->tail->next = NULL; /* just to be sure */ -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r - * - * Sets the error handler to be used by the library. Returns the current - * error handler function. - */ -Pk11Install_ErrorHandler -Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler) -{ - Pk11Install_ErrorHandler old; - - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } - - PR_Lock(errorHandlerLock); - - old = errorHandler; - errorHandler = handler; - - PR_Unlock(errorHandlerLock); - - return old; -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ I n i t - * - * Does initialization that otherwise would be done on the fly. Only - * needs to be called by multithreaded apps, before they make any calls - * to this library. - */ -void -Pk11Install_Init() -{ - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } -} - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ R e l e a s e - * - * Releases static data structures used by the library. Don't use the - * library after calling this, unless you call Pk11Install_Init() - * first. This function doesn't have to be called at all unless you're - * really anal about freeing memory before your program exits. - */ -void -Pk11Install_Release() -{ - if(errorHandlerLock) { - PR_Free(errorHandlerLock); - errorHandlerLock = NULL; - } -} - -/************************************************************************* - * - * e r r o r - * - * Takes an error code and its arguments, creates the error string, - * and sends the string to the handler function if it exists. - */ - -#ifdef OSF1 -/* stdarg has already been pulled in from NSPR */ -#undef va_start -#undef va_end -#undef va_arg -#include -#else -#include -#endif - -#ifdef OSF1 -static void -error(long va_alist, ...) -#else -static void -error(Pk11Install_Error errcode, ...) -#endif -{ - - va_list ap; - char *errstr; - Pk11Install_ErrorHandler handler; - - if(!errorHandlerLock) { - errorHandlerLock = PR_NewLock(); - } - - PR_Lock(errorHandlerLock); - - handler = errorHandler; - - PR_Unlock(errorHandlerLock); - - if(handler) { -#ifdef OSF1 - va_start(ap); - errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap); -#else - va_start(ap, errcode); - errstr = PR_vsmprintf(errorString[errcode], ap); -#endif - handler(errstr); - PR_smprintf_free(errstr); - va_end(ap); - } -} - -/************************************************************************* - * - * j a r _ c a l l b a c k - */ -static int -jar_callback(int status, JAR *foo, const char *bar, char *pathname, - char *errortext) { - char *string; - - string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext, - pathname); - error(PK11_INSTALL_ERROR_STRING, string); - PR_smprintf_free(string); - return 0; -} - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ D o I n s t a l l - * - * jarFile is the path of a JAR in the PKCS #11 module JAR format. - * installDir is the directory relative to which files will be - * installed. - */ -Pk11Install_Error -Pk11Install_DoInstall(char *jarFile, const char *installDir, - const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify) -{ - JAR *jar; - char *installer; - unsigned long installer_len; - int status; - Pk11Install_Error ret; - PRBool made_temp_file; - Pk11Install_Info installInfo; - Pk11Install_Platform *platform; - char* errMsg; - char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH], - arch[SYS_INFO_BUFFER_LENGTH]; - char *myPlatform; - - jar=NULL; - ret = PK11_INSTALL_UNSPECIFIED; - made_temp_file=PR_FALSE; - errMsg=NULL; - Pk11Install_Info_init(&installInfo); - - /* - printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n", - jarFile, installDir, tempDir); - */ - - /* - * Check out jarFile and installDir for validity - */ - if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir); - return PK11_INSTALL_DIR_DOESNT_EXIST; - } - if(!tempDir) { - tempDir = "."; - } - if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir); - return PK11_INSTALL_DIR_DOESNT_EXIST; - } - if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) { - error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir); - return PK11_INSTALL_DIR_NOT_WRITEABLE; - } - if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) { - error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile); - return PK11_INSTALL_FILE_DOESNT_EXIST; - } - if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) { - error(PK11_INSTALL_FILE_NOT_READABLE, jarFile); - return PK11_INSTALL_FILE_NOT_READABLE; - } - - /* - * Extract the JAR file - */ - jar = JAR_new(); - JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback); - - if(noverify) { - status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url"); - } else { - status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url"); - } - if( (status < 0) || (jar->valid < 0) ) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_ERROR, jarFile, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret=PK11_INSTALL_JAR_ERROR; - goto loser; - } - /*printf("passed the archive\n");*/ - - /* - * Show the user security information, allow them to abort or continue - */ - if( Pk11Install_UserVerifyJar(jar, PR_STDOUT, - force?PR_FALSE:PR_TRUE) && !force) { - if(feedback) { - PR_fprintf(feedback, msgStrings[USER_ABORT]); - } - ret=PK11_INSTALL_USER_ABORT; - goto loser; - } - - /* - * Get the name of the installation file - */ - if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer, - (unsigned long*)&installer_len) ) { - error(PK11_INSTALL_NO_INSTALLER_SCRIPT); - ret=PK11_INSTALL_NO_INSTALLER_SCRIPT; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer); - } - - /* - * Extract the installation file - */ - if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) { - if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) { - error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE); - ret=PK11_INSTALL_DELETE_TEMP_FILE; - goto loser; - } - } - if(noverify) { - status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE); - } else { - status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE); - } - if(status) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_EXTRACT, installer, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret = PK11_INSTALL_JAR_EXTRACT; - goto loser; - } else { - made_temp_file = PR_TRUE; - } - - /* - * Parse the installation file into a syntax tree - */ - Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0); - if(!Pk11Install_FD) { - error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE); - ret=PK11_INSTALL_OPEN_SCRIPT_FILE; - goto loser; - } - if(Pk11Install_yyparse()) { - error(PK11_INSTALL_SCRIPT_PARSE, installer, - Pk11Install_yyerrstr ? Pk11Install_yyerrstr : ""); - ret=PK11_INSTALL_SCRIPT_PARSE; - goto loser; - } - -#if 0 - /* for debugging */ - Pk11Install_valueList->Print(0); -#endif - - /* - * From the syntax tree, build a semantic structure - */ - errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList); - if(errMsg) { - error(PK11_INSTALL_SEMANTIC, errMsg); - ret=PK11_INSTALL_SEMANTIC; - goto loser; - } -#if 0 - installInfo.Print(0); -#endif - - if(feedback) { - PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]); - } - - /* - * Figure out which platform to use - */ - { - sysname[0] = release[0] = arch[0] = '\0'; - - if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) || - (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) || - (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH) - != PR_SUCCESS) ) { - error(PK11_INSTALL_SYSINFO); - ret=PK11_INSTALL_SYSINFO; - goto loser; - } - myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch); - platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform); - if(!platform) { - error(PK11_INSTALL_NO_PLATFORM, myPlatform); - PR_smprintf_free(myPlatform); - ret=PK11_INSTALL_NO_PLATFORM; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform); - PR_fprintf(feedback, msgStrings[USING_PLATFORM], - Pk11Install_PlatformName_GetString(&platform->name)); - } - PR_smprintf_free(myPlatform); - } - - /* Run the install for that platform */ - ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify); - if(ret) { - goto loser; - } - - ret = PK11_INSTALL_SUCCESS; -loser: - if(Pk11Install_valueList) { - Pk11Install_ValueList_delete(Pk11Install_valueList); - PR_Free(Pk11Install_valueList); - Pk11Install_valueList = NULL; - } - if(jar) { - JAR_destroy(jar); - } - if(made_temp_file) { - PR_Delete(SCRIPT_TEMP_FILE); - } - if(errMsg) { - PR_smprintf_free(errMsg); - } - return ret; -} - -/* -///////////////////////////////////////////////////////////////////////// -// actually run the installation, copying files to and fro -*/ -static Pk11Install_Error -DoInstall(JAR *jar, const char *installDir, const char *tempDir, - Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify) -{ - Pk11Install_File *file; - Pk11Install_Error ret; - char *reldir; - char *dest; - char *modDest; - char *cp; - int i; - int status; - char *tempname, *temp; - StringList executables; - StringNode *execNode; - PRProcessAttr *attr; - PRProcess *proc; - char *argv[2]; - char *envp[1]; - int errcode; - - ret=PK11_INSTALL_UNSPECIFIED; - reldir=NULL; - dest=NULL; - modDest=NULL; - tempname=NULL; - - StringList_new(&executables); - /* - // Create Temporary directory - */ - tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME); - if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) { - /* Left over from previous run? Delete it. */ - rm_dash_r(tempname); - } - if(PR_MkDir(tempname, 0700) != PR_SUCCESS) { - error(PK11_INSTALL_CREATE_DIR, tempname); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - - /* - // Install all the files - */ - for(i=0; i < platform->numFiles; i++) { - file = &platform->files[i]; - - if(file->relativePath) { - PRBool foundMarker = PR_FALSE; - reldir = PR_Strdup(file->relativePath); - - /* Replace all the markers with the directories for which they stand */ - while(1) { - if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) { - /* Has a %root% marker */ - *cp = '\0'; - temp = PR_smprintf("%s%s%s", reldir, installDir, - cp+strlen(ROOT_MARKER)); - PR_Free(reldir); - reldir = temp; - foundMarker = PR_TRUE; - } else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) { - /* Has a %temp% marker */ - *cp = '\0'; - temp = PR_smprintf("%s%s%s", reldir, tempname, - cp+strlen(TEMP_MARKER)); - PR_Free(reldir); - reldir = temp; - foundMarker = PR_TRUE; - } else { - break; - } - } - if(!foundMarker) { - /* Has no markers...this isn't really a relative directory */ - error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath); - ret = PK11_INSTALL_BOGUS_REL_DIR; - goto loser; - } - dest = reldir; - reldir = NULL; - } else if(file->absolutePath) { - dest = PR_Strdup(file->absolutePath); - } - - /* Remember if this is the module file, we'll need to add it later */ - if(i == platform->modFile) { - modDest = PR_Strdup(dest); - } - - /* Remember is this is an executable, we'll need to run it later */ - if(file->executable) { - StringList_Append(&executables,dest); - /*executables.Append(dest);*/ - } - - /* Make sure the directory we are targetting exists */ - if( make_dirs(dest, file->permissions) ) { - ret=PK11_INSTALL_CREATE_DIR; - goto loser; - } - - /* Actually extract the file onto the filesystem */ - if(noverify) { - status = JAR_extract(jar, (char*)file->jarPath, dest); - } else { - status = JAR_verified_extract(jar, (char*)file->jarPath, dest); - } - if(status) { - if (status >= JAR_BASE && status <= JAR_BASE_END) { - error(PK11_INSTALL_JAR_EXTRACT, file->jarPath, - JAR_get_error(status)); - } else { - error(PK11_INSTALL_JAR_EXTRACT, file->jarPath, - mySECU_ErrorString((int16) PORT_GetError()) ); - } - ret=PK11_INSTALL_JAR_EXTRACT; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG], - file->jarPath, dest); - } - - /* no NSPR command to change permissions? */ -#ifdef XP_UNIX - chmod(dest, file->permissions); -#endif - - /* Memory clean-up tasks */ - if(reldir) { - PR_Free(reldir); - reldir = NULL; - } - if(dest) { - PR_Free(dest); - dest = NULL; - } - } - /* Make sure we found the module file */ - if(!modDest) { - /* Internal problem here, since every platform is supposed to have - a module file */ - error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName); - ret=PK11_INSTALL_NO_MOD_FILE; - goto loser; - } - - /* - // Execute any executable files - */ - { - argv[1] = NULL; - envp[0] = NULL; - for(execNode = executables.head; execNode; execNode = execNode->next) { - attr = PR_NewProcessAttr(); - argv[0] = PR_Strdup(execNode->str); - - /* Announce our intentions */ - if(feedback) { - PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str); - } - - /* start the process */ - if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) { - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - error(PK11_INSTALL_EXEC_FILE, execNode->str); - ret=PK11_INSTALL_EXEC_FILE; - goto loser; - } - - /* wait for it to finish */ - if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) { - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - error(PK11_INSTALL_WAIT_PROCESS, execNode->str); - ret=PK11_INSTALL_WAIT_PROCESS; - goto loser; - } - - /* What happened? */ - if(errcode) { - /* process returned an error */ - error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode); - } else if(feedback) { - /* process ran successfully */ - PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str); - } - - PR_Free(argv[0]); - PR_DestroyProcessAttr(attr); - } - } - - /* - // Add the module - */ - status = Pk11Install_AddNewModule((char*)platform->moduleName, - (char*)modDest, platform->mechFlags, platform->cipherFlags ); - - if(status != SECSuccess) { - error(PK11_INSTALL_ADD_MODULE, platform->moduleName); - ret=PK11_INSTALL_ADD_MODULE; - goto loser; - } - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG], - platform->moduleName); - } - - if(feedback) { - PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]); - } - - ret = PK11_INSTALL_SUCCESS; - -loser: - if(reldir) { - PR_Free(reldir); - } - if(dest) { - PR_Free(dest); - } - if(modDest) { - PR_Free(modDest); - } - if(tempname) { - PRFileInfo info; - if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) { - if((info.type == PR_FILE_DIRECTORY)) { - /* Recursively remove temporary directory */ - if(rm_dash_r(tempname)) { - error(PK11_INSTALL_REMOVE_DIR, - tempname); - ret=PK11_INSTALL_REMOVE_DIR; - } - - } - } - PR_Free(tempname); - } - StringList_delete(&executables); - return ret; -} - -/* -////////////////////////////////////////////////////////////////////////// -*/ -static char* -PR_Strdup(const char* str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/* - * r m _ d a s h _ r - * - * Remove a file, or a directory recursively. - * - */ -static int -rm_dash_r (char *path) -{ - PRDir *dir; - PRDirEntry *entry; - PRFileInfo fileinfo; - char filename[240]; - - if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) { - /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/ - return -1; - } - if(fileinfo.type == PR_FILE_DIRECTORY) { - - dir = PR_OpenDir(path); - if(!dir) { - return -1; - } - - /* Recursively delete all entries in the directory */ - while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) { - sprintf(filename, "%s/%s", path, entry->name); - if(rm_dash_r(filename)) return -1; - } - - if(PR_CloseDir(dir) != PR_SUCCESS) { - return -1; - } - - /* Delete the directory itself */ - if(PR_RmDir(path) != PR_SUCCESS) { - return -1; - } - } else { - if(PR_Delete(path) != PR_SUCCESS) { - return -1; - } - } - return 0; -} - -/*************************************************************************** - * - * m a k e _ d i r s - * - * Ensure that the directory portion of the path exists. This may require - * making the directory, and its parent, and its parent's parent, etc. - */ -static int -make_dirs(char *path, int file_perms) -{ - char *Path; - char *start; - char *sep; - int ret = 0; - PRFileInfo info; - - if(!path) { - return 0; - } - - Path = PR_Strdup(path); - start = strpbrk(Path, "/\\"); - if(!start) { - return 0; - } - start++; /* start right after first slash */ - - /* Each time through the loop add one more directory. */ - while( (sep=strpbrk(start, "/\\")) ) { - *sep = '\0'; - - if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) { - /* No such dir, we have to create it */ - if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) { - error(PK11_INSTALL_CREATE_DIR, Path); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - } else { - /* something exists by this name, make sure it's a directory */ - if( info.type != PR_FILE_DIRECTORY ) { - error(PK11_INSTALL_CREATE_DIR, Path); - ret = PK11_INSTALL_CREATE_DIR; - goto loser; - } - } - - /* If this is the lowest directory level, make sure it is writeable */ - if(!strpbrk(sep+1, "/\\")) { - if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) { - error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path); - ret = PK11_INSTALL_DIR_NOT_WRITEABLE; - goto loser; - } - } - - start = sep+1; /* start after the next slash */ - *sep = '/'; - } - -loser: - PR_Free(Path); - return ret; -} - -/************************************************************************* - * d i r _ p e r m s - * - * Guesses the desired permissions on a directory based on the permissions - * of a file that will be stored in it. Give read, write, and - * execute to the owner (so we can create the file), read and - * execute to anyone who has read permissions on the file, and write - * to anyone who has write permissions on the file. - */ -static int -dir_perms(int perms) -{ - int ret = 0; - - /* owner */ - ret |= 0700; - - /* group */ - if(perms & 0040) { - /* read on the file -> read and execute on the directory */ - ret |= 0050; - } - if(perms & 0020) { - /* write on the file -> write on the directory */ - ret |= 0020; - } - - /* others */ - if(perms & 0004) { - /* read on the file -> read and execute on the directory */ - ret |= 0005; - } - if(perms & 0002) { - /* write on the file -> write on the directory */ - ret |= 0002; - } - - return ret; -} diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h deleted file mode 100644 index 3874ed77e..000000000 --- a/security/nss/cmd/modutil/install.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef PK11INSTALL_H -#define PK11INSTALL_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef void (*Pk11Install_ErrorHandler)(char *); - -typedef enum { - PK11_INSTALL_NO_ERROR=0, - PK11_INSTALL_DIR_DOESNT_EXIST, - PK11_INSTALL_FILE_DOESNT_EXIST, - PK11_INSTALL_FILE_NOT_READABLE, - PK11_INSTALL_ERROR_STRING, - PK11_INSTALL_JAR_ERROR, - PK11_INSTALL_NO_INSTALLER_SCRIPT, - PK11_INSTALL_DELETE_TEMP_FILE, - PK11_INSTALL_OPEN_SCRIPT_FILE, - PK11_INSTALL_SCRIPT_PARSE, - PK11_INSTALL_SEMANTIC, - PK11_INSTALL_SYSINFO, - PK11_INSTALL_NO_PLATFORM, - PK11_INSTALL_BOGUS_REL_DIR, - PK11_INSTALL_NO_MOD_FILE, - PK11_INSTALL_ADD_MODULE, - PK11_INSTALL_JAR_EXTRACT, - PK11_INSTALL_DIR_NOT_WRITEABLE, - PK11_INSTALL_CREATE_DIR, - PK11_INSTALL_REMOVE_DIR, - PK11_INSTALL_EXEC_FILE, - PK11_INSTALL_WAIT_PROCESS, - PK11_INSTALL_PROC_ERROR, - PK11_INSTALL_USER_ABORT, - PK11_INSTALL_UNSPECIFIED -} Pk11Install_Error; -#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ I n i t - * - * Does initialization that otherwise would be done on the fly. Only - * needs to be called by multithreaded apps, before they make any calls - * to this library. - */ -void -Pk11Install_Init(); - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r - * - * Sets the error handler to be used by the library. Returns the current - * error handler function. - */ -Pk11Install_ErrorHandler -Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler); - - -/************************************************************************** - * - * P k 1 1 I n s t a l l _ R e l e a s e - * - * Releases static data structures used by the library. Don't use the - * library after calling this, unless you call Pk11Install_Init() - * first. This function doesn't have to be called at all unless you're - * really anal about freeing memory before your program exits. - */ -void -Pk11Install_Release(); - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ D o I n s t a l l - * - * jarFile is the path of a JAR in the PKCS #11 module JAR format. - * installDir is the directory relative to which files will be - * installed. - * feedback is a file descriptor to which to write informative (not error) - * status messages: what files are being installed, what modules are being - * installed. If feedback==NULL, no messages will be displayed. - * If force != 0, interactive prompts will be suppressed. - * If noverify == PR_TRUE, signatures won't be checked on the JAR file. - */ -Pk11Install_Error -Pk11Install_DoInstall(char *jarFile, const char *installDir, - const char *tempDir, PRFileDesc *feedback, short force, - PRBool noverify); - -#ifdef __cplusplus -} -#endif - -#endif /*PK11INSTALL_H*/ diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c deleted file mode 100644 index 16f81b6eb..000000000 --- a/security/nss/cmd/modutil/installparse.c +++ /dev/null @@ -1,429 +0,0 @@ -#ifndef lint -char yysccsid[] = "@(#)yaccpar 1.4 (Berkeley) 02/25/90"; -#endif -#line 37 "installparse.y" - -#define yyparse Pk11Install_yyparse -#define yylex Pk11Install_yylex -#define yyerror Pk11Install_yyerror -#define yychar Pk11Install_yychar -#define yyval Pk11Install_yyval -#define yylval Pk11Install_yylval -#define yydebug Pk11Install_yydebug -#define yynerrs Pk11Install_yynerrs -#define yyerrflag Pk11Install_yyerrflag -#define yyss Pk11Install_yyss -#define yyssp Pk11Install_yyssp -#define yyvs Pk11Install_yyvs -#define yyvsp Pk11Install_yyvsp -#define yylhs Pk11Install_yylhs -#define yylen Pk11Install_yylen -#define yydefred Pk11Install_yydefred -#define yydgoto Pk11Install_yydgoto -#define yysindex Pk11Install_yysindex -#define yyrindex Pk11Install_yyrindex -#define yygindex Pk11Install_yygindex -#define yytable Pk11Install_yytable -#define yycheck Pk11Install_yycheck -#define yyname Pk11Install_yyname -#define yyrule Pk11Install_yyrule - -/* C Stuff */ -#include "install-ds.h" -#include - -#define YYSTYPE Pk11Install_Pointer -extern char *Pk11Install_yytext; -char *Pk11Install_yyerrstr=NULL; - -#line 40 "ytab.c" -#define OPENBRACE 257 -#define CLOSEBRACE 258 -#define STRING 259 -#define YYERRCODE 256 -short yylhs[] = { -1, - 0, 1, 1, 2, 2, 3, 4, -}; -short yylen[] = { 2, - 1, 2, 0, 1, 1, 4, 1, -}; -short yydefred[] = { 0, - 0, 0, 1, 0, 4, 0, 2, 0, 0, 6, -}; -short yydgoto[] = { 2, - 3, 4, 5, 6, -}; -short yysindex[] = { -257, - 0, 0, 0, -257, 0, -252, 0, -257, -251, 0, -}; -short yyrindex[] = { 6, - 1, 0, 0, 3, 0, 0, 0, -250, 0, 0, -}; -short yygindex[] = { 0, - -4, 0, 0, 0, -}; -#define YYTABLESIZE 261 -short yytable[] = { 7, - 5, 1, 3, 9, 8, 3, 10, 3, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 7, 5, 5, - 3, -}; -short yycheck[] = { 4, - 0, 259, 0, 8, 257, 0, 258, 258, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, 257, 258, 259, - 258, -}; -#define YYFINAL 2 -#ifndef YYDEBUG -#define YYDEBUG 0 -#endif -#define YYMAXTOKEN 259 -#if YYDEBUG -char *yyname[] = { -"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, -0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING", -}; -char *yyrule[] = { -"$accept : toplist", -"toplist : valuelist", -"valuelist : value valuelist", -"valuelist :", -"value : key_value_pair", -"value : STRING", -"key_value_pair : key OPENBRACE valuelist CLOSEBRACE", -"key : STRING", -}; -#endif -#ifndef YYSTYPE -typedef int YYSTYPE; -#endif -#define yyclearin (yychar=(-1)) -#define yyerrok (yyerrflag=0) -#ifndef YYSTACKSIZE -#ifdef YYMAXDEPTH -#define YYSTACKSIZE YYMAXDEPTH -#else -#define YYSTACKSIZE 300 -#endif -#endif -int yydebug; -int yynerrs; -int yyerrflag; -int yychar; -short *yyssp; -YYSTYPE *yyvsp; -YYSTYPE yyval; -YYSTYPE yylval; -#define yystacksize YYSTACKSIZE -short yyss[YYSTACKSIZE]; -YYSTYPE yyvs[YYSTACKSIZE]; -#line 118 "installparse.y" -/*----------------------- Program Section --------------------------------*/ - -/*************************************************************************/ -void -Pk11Install_yyerror(char *message) -{ - char *tmp; - if(Pk11Install_yyerrstr) { - tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr, - Pk11Install_yylinenum, message); - PR_smprintf_free(Pk11Install_yyerrstr); - } else { - tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message); - } - Pk11Install_yyerrstr=tmp; -} -#line 191 "ytab.c" -#define YYABORT goto yyabort -#define YYACCEPT goto yyaccept -#define YYERROR goto yyerrlab -int -yyparse() -{ - register int yym, yyn, yystate; -#if YYDEBUG - register char *yys; - extern char *getenv(); - - if (yys = getenv("YYDEBUG")) - { - yyn = *yys; - if (yyn >= '0' && yyn <= '9') - yydebug = yyn - '0'; - } -#endif - - yynerrs = 0; - yyerrflag = 0; - yychar = (-1); - - yyssp = yyss; - yyvsp = yyvs; - *yyssp = yystate = 0; - -yyloop: - if (yyn = yydefred[yystate]) goto yyreduce; - if (yychar < 0) - { - if ((yychar = yylex()) < 0) yychar = 0; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, reading %d (%s)\n", yystate, - yychar, yys); - } -#endif - } - if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yychar) - { -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, shifting to state %d\n", - yystate, yytable[yyn]); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate = yytable[yyn]; - *++yyvsp = yylval; - yychar = (-1); - if (yyerrflag > 0) --yyerrflag; - goto yyloop; - } - if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yychar) - { - yyn = yytable[yyn]; - goto yyreduce; - } - if (yyerrflag) goto yyinrecovery; -#ifdef lint - goto yynewerror; -#endif -yynewerror: - yyerror("syntax error"); -#ifdef lint - goto yyerrlab; -#endif -yyerrlab: - ++yynerrs; -yyinrecovery: - if (yyerrflag < 3) - { - yyerrflag = 3; - for (;;) - { - if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE) - { -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, error recovery shifting\ - to state %d\n", *yyssp, yytable[yyn]); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate = yytable[yyn]; - *++yyvsp = yylval; - goto yyloop; - } - else - { -#if YYDEBUG - if (yydebug) - printf("yydebug: error recovery discarding state %d\n", - *yyssp); -#endif - if (yyssp <= yyss) goto yyabort; - --yyssp; - --yyvsp; - } - } - } - else - { - if (yychar == 0) goto yyabort; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, error recovery discards token %d (%s)\n", - yystate, yychar, yys); - } -#endif - yychar = (-1); - goto yyloop; - } -yyreduce: -#if YYDEBUG - if (yydebug) - printf("yydebug: state %d, reducing by rule %d (%s)\n", - yystate, yyn, yyrule[yyn]); -#endif - yym = yylen[yyn]; - yyval = yyvsp[1-yym]; - switch (yyn) - { -case 1: -#line 84 "installparse.y" -{ - Pk11Install_valueList = yyvsp[0].list; -} -break; -case 2: -#line 89 "installparse.y" -{ - Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value); - yyval .list = yyvsp[0].list; -} -break; -case 3: -#line 94 "installparse.y" -{ - yyval .list = Pk11Install_ValueList_new(); -} -break; -case 4: -#line 99 "installparse.y" -{ - yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]); -} -break; -case 5: -#line 103 "installparse.y" -{ - yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]); -} -break; -case 6: -#line 108 "installparse.y" -{ - yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list); -} -break; -case 7: -#line 113 "installparse.y" -{ - yyval .string = yyvsp[0].string; -} -break; -#line 374 "ytab.c" - } - yyssp -= yym; - yystate = *yyssp; - yyvsp -= yym; - yym = yylhs[yyn]; - if (yystate == 0 && yym == 0) - { -#ifdef YYDEBUG - if (yydebug) - printf("yydebug: after reduction, shifting from state 0 to\ - state %d\n", YYFINAL); -#endif - yystate = YYFINAL; - *++yyssp = YYFINAL; - *++yyvsp = yyval; - if (yychar < 0) - { - if ((yychar = yylex()) < 0) yychar = 0; -#if YYDEBUG - if (yydebug) - { - yys = 0; - if (yychar <= YYMAXTOKEN) yys = yyname[yychar]; - if (!yys) yys = "illegal-symbol"; - printf("yydebug: state %d, reading %d (%s)\n", - YYFINAL, yychar, yys); - } -#endif - } - if (yychar == 0) goto yyaccept; - goto yyloop; - } - if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 && - yyn <= YYTABLESIZE && yycheck[yyn] == yystate) - yystate = yytable[yyn]; - else - yystate = yydgoto[yym]; -#ifdef YYDEBUG - if (yydebug) - printf("yydebug: after reduction, shifting from state %d \ -to state %d\n", *yyssp, yystate); -#endif - if (yyssp >= yyss + yystacksize - 1) - { - goto yyoverflow; - } - *++yyssp = yystate; - *++yyvsp = yyval; - goto yyloop; -yyoverflow: - yyerror("yacc stack overflow"); -yyabort: - return (1); -yyaccept: - return (0); -} diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h deleted file mode 100644 index 75686d4fd..000000000 --- a/security/nss/cmd/modutil/installparse.h +++ /dev/null @@ -1,3 +0,0 @@ -#define OPENBRACE 257 -#define CLOSEBRACE 258 -#define STRING 259 diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l deleted file mode 100644 index 6befe16cb..000000000 --- a/security/nss/cmd/modutil/installparse.l +++ /dev/null @@ -1,166 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - - -/* lex file for analyzing PKCS #11 Module installation instructions */ - -/*----------------------------- Definitions ---------------------------*/ -%{ -#include - -#include "install-ds.h" /* defines tokens and data structures */ -#include "installparse.h" /* produced by yacc -d */ -#include -static char *putSimpleString(char*); /* return copy of string */ -static char *putComplexString(char*); /* strip out quotes, deal with */ - /* escaped characters */ - -void Pk11Install_yyerror(char *); - -/* Overrides to use NSPR */ -#define malloc PR_Malloc -#define realloc PR_Realloc -#define free PR_Free - -int Pk11Install_yylinenum=1; -static char *err; - -#define YY_NEVER_INTERACTIVE 1 -#define yyunput Pkcs11Install_yyunput - -/* This is the default YY_INPUT modified for NSPR */ -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) { \ - char c; \ - int n; \ - for ( n = 0; n < max_size && \ - PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \ - buf[n] = c; \ - } \ - if ( c == '\n' ) { \ - buf[n++] = c; \ - } \ - result = n; \ - } else { \ - result = PR_Read(Pk11Install_FD, buf, max_size); \ - } - -%} - -/*** Regular expression definitions ***/ -/* simple_string has no whitespace, quotes, or braces */ -simple_string [^ \t\r\n\""{""}"]+ - -/* complex_string is enclosed in quotes. Inside the quotes, quotes and - backslashes must be backslash-escaped. No newlines or carriage returns - are allowed inside the quotes. Otherwise, anything goes. */ -complex_string \"([^\"\\\r\n]|(\\\")|(\\\\))+\" - -/* Standard whitespace */ -whitespace [ \t\r]+ - -other . - -/*---------------------------- Actions --------------------------------*/ -%% - -"{" return OPENBRACE; -"}" return CLOSEBRACE; -{simple_string} {Pk11Install_yylval.string = - putSimpleString(Pk11Install_yytext); - return STRING;} -{complex_string} {Pk11Install_yylval.string = - putComplexString(Pk11Install_yytext); - return STRING;} - -"\n" Pk11Install_yylinenum++; - -{whitespace} ; - -{other} {err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext); - Pk11Install_yyerror(err); - PR_smprintf_free(err); - return 1; - } - -%% -/*------------------------ Program Section ----------------------------*/ - -PRFileDesc *Pk11Install_FD=NULL; - -/*************************************************************************/ -/* dummy function required by lex */ -int Pk11Install_yywrap(void) { return 1;} - -/*************************************************************************/ -/* Return a copy of the given string */ -static char* -putSimpleString(char *str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/*************************************************************************/ -/* Strip out quotes, replace escaped characters with what they stand for. - This function assumes that what is passed in is actually a complex - string, so error checking is lax. */ -static char* -putComplexString(char *str) -{ - int size, i,j; - char *tmp; - - if(!str) { - return NULL; - } - size = strlen(str); - - /* Allocate the new space. This string will actually be too big, - since quotes and backslashes will be stripped out. But that's ok. */ - tmp = (char*) PR_Malloc(size+1); - - /* Copy it over */ - for(i=0, j=0; i < size; i++) { - if(str[i]=='\"') { - continue; /* skip un-escaped quotes */ - } else if(str[i]=='\\') { - ++i; /* escaped character. skip the backslash */ - } - tmp[j++] = str[i]; - } - tmp[j] = '\0'; - - return tmp; -} diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y deleted file mode 100644 index 6a32e25ab..000000000 --- a/security/nss/cmd/modutil/installparse.y +++ /dev/null @@ -1,133 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* yacc file for parsing PKCS #11 module installation instructions */ -/*------------------------ Definition Section ---------------------------*/ - -%{ -#define yyparse Pk11Install_yyparse -#define yylex Pk11Install_yylex -#define yyerror Pk11Install_yyerror -#define yychar Pk11Install_yychar -#define yyval Pk11Install_yyval -#define yylval Pk11Install_yylval -#define yydebug Pk11Install_yydebug -#define yynerrs Pk11Install_yynerrs -#define yyerrflag Pk11Install_yyerrflag -#define yyss Pk11Install_yyss -#define yyssp Pk11Install_yyssp -#define yyvs Pk11Install_yyvs -#define yyvsp Pk11Install_yyvsp -#define yylhs Pk11Install_yylhs -#define yylen Pk11Install_yylen -#define yydefred Pk11Install_yydefred -#define yydgoto Pk11Install_yydgoto -#define yysindex Pk11Install_yysindex -#define yyrindex Pk11Install_yyrindex -#define yygindex Pk11Install_yygindex -#define yytable Pk11Install_yytable -#define yycheck Pk11Install_yycheck -#define yyname Pk11Install_yyname -#define yyrule Pk11Install_yyrule - -/* C Stuff */ -#include "install-ds.h" -#include - -#define YYSTYPE Pk11Install_Pointer -extern char *Pk11Install_yytext; -char *Pk11Install_yyerrstr=NULL; - -%} - -/* Tokens */ -%token OPENBRACE -%token CLOSEBRACE -%token STRING -%start toplist - -%% - -/*--------------------------- Productions -------------------------------*/ - -toplist : valuelist -{ - Pk11Install_valueList = $1.list; -} - -valuelist : value valuelist -{ - Pk11Install_ValueList_AddItem($2.list,$1.value); - $$.list = $2.list; -} -| -{ - $$.list = Pk11Install_ValueList_new(); -}; - -value : key_value_pair -{ - $$.value= Pk11Install_Value_new(PAIR_VALUE,$1); -} -| STRING -{ - $$.value= Pk11Install_Value_new(STRING_VALUE, $1); -}; - -key_value_pair : key OPENBRACE valuelist CLOSEBRACE -{ - $$.pair = Pk11Install_Pair_new($1.string,$3.list); -}; - -key : STRING -{ - $$.string = $1.string; -}; - -%% -/*----------------------- Program Section --------------------------------*/ - -/*************************************************************************/ -void -Pk11Install_yyerror(char *message) -{ - char *tmp; - if(Pk11Install_yyerrstr) { - tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr, - Pk11Install_yylinenum, message); - PR_smprintf_free(Pk11Install_yyerrstr); - } else { - tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message); - } - Pk11Install_yyerrstr=tmp; -} diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c deleted file mode 100644 index 031bca85a..000000000 --- a/security/nss/cmd/modutil/instsec.c +++ /dev/null @@ -1,178 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include -#include -#include -#include -#include -#include -#include - -/* These are installation functions that make calls to the security library. - * We don't want to include security include files in the C++ code too much. - */ - -static char* PR_fgets(char *buf, int size, PRFileDesc *file); - -/*************************************************************************** - * - * P k 1 1 I n s t a l l _ A d d N e w M o d u l e - */ -int -Pk11Install_AddNewModule(char* moduleName, char* dllPath, - unsigned long defaultMechanismFlags, - unsigned long cipherEnableFlags) -{ - return (SECMOD_AddNewModule(moduleName, dllPath, - SECMOD_PubMechFlagstoInternal(defaultMechanismFlags), - SECMOD_PubCipherFlagstoInternal(cipherEnableFlags)) - == SECSuccess) ? 0 : -1; -} - -/************************************************************************* - * - * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r - * - * Gives the user feedback on the signatures of a JAR files, asks them - * whether they actually want to continue. - * Assumes the jar structure has already been created and is valid. - * Returns 0 if the user wants to continue the installation, nonzero - * if the user wishes to abort. - */ -short -Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query) -{ - JAR_Context *ctx; - JAR_Cert *fing; - JAR_Item *item; - char stdinbuf[80]; - int count=0; - - CERTCertificate *cert, *prev=NULL; - - PR_fprintf(out, "\nThis installation JAR file was signed by:\n"); - - ctx = JAR_find(jar, NULL, jarTypeSign); - - while(JAR_find_next(ctx, &item) >= 0 ) { - fing = (JAR_Cert*) item->data; - cert = fing->cert; - if(cert==prev) { - continue; - } - - count++; - PR_fprintf(out, "----------------------------------------------\n"); - if(cert) { - if(cert->nickname) { - PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname); - } - if(cert->subjectName) { - PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); } - if(cert->issuerName) { - PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName); - } - } else { - PR_fprintf(out, "No matching certificate could be found.\n"); - } - PR_fprintf(out, "----------------------------------------------\n\n"); - - prev=cert; - } - - JAR_find_end(ctx); - - if(count==0) { - PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n"); - } - - if(query) { - PR_fprintf(out, -"Do you wish to continue this installation? (y/n) "); - - if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) { - char *response; - - if( (response=strtok(stdinbuf, " \t\n\r")) ) { - if( !PL_strcasecmp(response, "y") || - !PL_strcasecmp(response, "yes") ) { - return 0; - } - } - } - } - - return 1; -} - -/************************************************************************** - * - * P R _ f g e t s - * - * fgets implemented with NSPR. - */ -static char* -PR_fgets(char *buf, int size, PRFileDesc *file) -{ - int i; - int status; - char c; - - i=0; - while(i < size-1) { - status = PR_Read(file, (void*) &c, 1); - if(status==-1) { - return NULL; - } else if(status==0) { - break; - } - buf[i++] = c; - if(c=='\n') { - break; - } - } - buf[i]='\0'; - - return buf; -} - -/************************************************************************** - * - * m y S E C U _ E r r o r S t r i n g - * - */ -char* mySECU_ErrorString(int16 errnum) -{ - return SECU_Strerror(errnum); -} diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c deleted file mode 100644 index 3943503db..000000000 --- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c +++ /dev/null @@ -1,1691 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#define yy_create_buffer Pk11Install_yy_create_buffer -#define yy_delete_buffer Pk11Install_yy_delete_buffer -#define yy_scan_buffer Pk11Install_yy_scan_buffer -#define yy_scan_string Pk11Install_yy_scan_string -#define yy_scan_bytes Pk11Install_yy_scan_bytes -#define yy_flex_debug Pk11Install_yy_flex_debug -#define yy_init_buffer Pk11Install_yy_init_buffer -#define yy_flush_buffer Pk11Install_yy_flush_buffer -#define yy_load_buffer_state Pk11Install_yy_load_buffer_state -#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer -#define yyin Pk11Install_yyin -#define yyleng Pk11Install_yyleng -#define yylex Pk11Install_yylex -#define yyout Pk11Install_yyout -#define yyrestart Pk11Install_yyrestart -#define yytext Pk11Install_yytext -#define yywrap Pk11Install_yywrap - -#line 20 "lex.Pk11Install_yy.c" -/* A lexical scanner generated by flex */ - -/* Scanner skeleton version: - * $Header$ - */ - -#define FLEX_SCANNER -#define YY_FLEX_MAJOR_VERSION 2 -#define YY_FLEX_MINOR_VERSION 5 - -#include - - -/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */ -#ifdef c_plusplus -#ifndef __cplusplus -#define __cplusplus -#endif -#endif - - -#ifdef __cplusplus - -#include -//#include - -/* Use prototypes in function declarations. */ -#define YY_USE_PROTOS - -/* The "const" storage-class-modifier is valid. */ -#define YY_USE_CONST - -#else /* ! __cplusplus */ - -#if __STDC__ - -#define YY_USE_PROTOS -#define YY_USE_CONST - -#endif /* __STDC__ */ -#endif /* ! __cplusplus */ - -#ifdef __TURBOC__ - #pragma warn -rch - #pragma warn -use -#include -#include -#define YY_USE_CONST -#define YY_USE_PROTOS -#endif - -#ifdef YY_USE_CONST -#define yyconst const -#else -#define yyconst -#endif - - -#ifdef YY_USE_PROTOS -#define YY_PROTO(proto) proto -#else -#define YY_PROTO(proto) () -#endif - -/* Returned upon end-of-file. */ -#define YY_NULL 0 - -/* Promotes a possibly negative, possibly signed char to an unsigned - * integer for use as an array index. If the signed char is negative, - * we want to instead treat it as an 8-bit unsigned char, hence the - * double cast. - */ -#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) - -/* Enter a start condition. This macro really ought to take a parameter, - * but we do it the disgusting crufty way forced on us by the ()-less - * definition of BEGIN. - */ -#define BEGIN yy_start = 1 + 2 * - -/* Translate the current start state into a value that can be later handed - * to BEGIN to return to the state. The YYSTATE alias is for lex - * compatibility. - */ -#define YY_START ((yy_start - 1) / 2) -#define YYSTATE YY_START - -/* Action number for EOF rule of a given start state. */ -#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) - -/* Special action meaning "start processing a new file". */ -#define YY_NEW_FILE yyrestart( yyin ) - -#define YY_END_OF_BUFFER_CHAR 0 - -/* Size of default input buffer. */ -#define YY_BUF_SIZE 16384 - -typedef struct yy_buffer_state *YY_BUFFER_STATE; - -extern int yyleng; -extern FILE *yyin, *yyout; - -#define EOB_ACT_CONTINUE_SCAN 0 -#define EOB_ACT_END_OF_FILE 1 -#define EOB_ACT_LAST_MATCH 2 - -/* The funky do-while in the following #define is used to turn the definition - * int a single C statement (which needs a semi-colon terminator). This - * avoids problems with code like: - * - * if ( condition_holds ) - * yyless( 5 ); - * else - * do_something_else(); - * - * Prior to using the do-while the compiler would get upset at the - * "else" because it interpreted the "if" statement as being all - * done when it reached the ';' after the yyless() call. - */ - -/* Return all but the first 'n' matched characters back to the input stream. */ - -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - *yy_cp = yy_hold_char; \ - YY_RESTORE_YY_MORE_OFFSET \ - yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \ - YY_DO_BEFORE_ACTION; /* set up yytext again */ \ - } \ - while ( 0 ) - -#define unput(c) yyunput( c, yytext_ptr ) - -/* The following is because we cannot portably get our hands on size_t - * (without autoconf's help, which isn't available because we want - * flex-generated scanners to compile on their own). - */ -typedef unsigned int yy_size_t; - - -struct yy_buffer_state - { - FILE *yy_input_file; - - char *yy_ch_buf; /* input buffer */ - char *yy_buf_pos; /* current position in input buffer */ - - /* Size of input buffer in bytes, not including room for EOB - * characters. - */ - yy_size_t yy_buf_size; - - /* Number of characters read into yy_ch_buf, not including EOB - * characters. - */ - int yy_n_chars; - - /* Whether we "own" the buffer - i.e., we know we created it, - * and can realloc() it to grow it, and should free() it to - * delete it. - */ - int yy_is_our_buffer; - - /* Whether this is an "interactive" input source; if so, and - * if we're using stdio for input, then we want to use getc() - * instead of fread(), to make sure we stop fetching input after - * each newline. - */ - int yy_is_interactive; - - /* Whether we're considered to be at the beginning of a line. - * If so, '^' rules will be active on the next match, otherwise - * not. - */ - int yy_at_bol; - - /* Whether to try to fill the input buffer when we reach the - * end of it. - */ - int yy_fill_buffer; - - int yy_buffer_status; -#define YY_BUFFER_NEW 0 -#define YY_BUFFER_NORMAL 1 - /* When an EOF's been seen but there's still some text to process - * then we mark the buffer as YY_EOF_PENDING, to indicate that we - * shouldn't try reading from the input source any more. We might - * still have a bunch of tokens to match, though, because of - * possible backing-up. - * - * When we actually see the EOF, we change the status to "new" - * (via yyrestart()), so that the user can continue scanning by - * just pointing yyin at a new input file. - */ -#define YY_BUFFER_EOF_PENDING 2 - }; - -static YY_BUFFER_STATE yy_current_buffer = 0; - -/* We provide macros for accessing buffer states in case in the - * future we want to put the buffer states in a more general - * "scanner state". - */ -#define YY_CURRENT_BUFFER yy_current_buffer - - -/* yy_hold_char holds the character lost when yytext is formed. */ -static char yy_hold_char; - -static int yy_n_chars; /* number of characters read into yy_ch_buf */ - - -int yyleng; - -/* Points to current character in buffer. */ -static char *yy_c_buf_p = (char *) 0; -static int yy_init = 1; /* whether we need to initialize */ -static int yy_start = 0; /* start state number */ - -/* Flag which is used to allow yywrap()'s to do buffer switches - * instead of setting up a fresh yyin. A bit of a hack ... - */ -static int yy_did_buffer_switch_on_eof; - -void yyrestart YY_PROTO(( FILE *input_file )); - -void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer )); -void yy_load_buffer_state YY_PROTO(( void )); -YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size )); -void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b )); -void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file )); -void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b )); -#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer ) - -YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size )); -YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str )); -YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len )); - -static void *yy_flex_alloc YY_PROTO(( yy_size_t )); -static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t )); -static void yy_flex_free YY_PROTO(( void * )); - -#define yy_new_buffer yy_create_buffer - -#define yy_set_interactive(is_interactive) \ - { \ - if ( ! yy_current_buffer ) \ - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ - yy_current_buffer->yy_is_interactive = is_interactive; \ - } - -#define yy_set_bol(at_bol) \ - { \ - if ( ! yy_current_buffer ) \ - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \ - yy_current_buffer->yy_at_bol = at_bol; \ - } - -#define YY_AT_BOL() (yy_current_buffer->yy_at_bol) - -typedef unsigned char YY_CHAR; -FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; -typedef int yy_state_type; -extern char *yytext; -#define yytext_ptr yytext - -static yy_state_type yy_get_previous_state YY_PROTO(( void )); -static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state )); -static int yy_get_next_buffer YY_PROTO(( void )); -static void yy_fatal_error YY_PROTO(( yyconst char msg[] )); - -/* Done after the current pattern has been matched and before the - * corresponding action - sets up yytext. - */ -#define YY_DO_BEFORE_ACTION \ - yytext_ptr = yy_bp; \ - yyleng = (int) (yy_cp - yy_bp); \ - yy_hold_char = *yy_cp; \ - *yy_cp = '\0'; \ - yy_c_buf_p = yy_cp; - -#define YY_NUM_RULES 8 -#define YY_END_OF_BUFFER 9 -static yyconst short int yy_accept[16] = - { 0, - 0, 0, 9, 3, 6, 5, 7, 1, 2, 3, - 6, 0, 0, 4, 0 - } ; - -static yyconst int yy_ec[256] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, - 1, 1, 4, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 2, 1, 5, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 6, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 7, 1, 8, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, - 1, 1, 1, 1, 1 - } ; - -static yyconst int yy_meta[9] = - { 0, - 1, 2, 3, 4, 3, 1, 5, 5 - } ; - -static yyconst short int yy_base[19] = - { 0, - 0, 0, 19, 0, 0, 21, 12, 21, 21, 0, - 0, 4, 6, 21, 21, 13, 11, 15 - } ; - -static yyconst short int yy_def[19] = - { 0, - 15, 1, 15, 16, 17, 15, 18, 15, 15, 16, - 17, 18, 15, 15, 0, 15, 15, 15 - } ; - -static yyconst short int yy_nxt[30] = - { 0, - 4, 5, 6, 5, 7, 4, 8, 9, 14, 13, - 12, 12, 11, 10, 11, 12, 12, 13, 15, 12, - 3, 15, 15, 15, 15, 15, 15, 15, 15 - } ; - -static yyconst short int yy_chk[30] = - { 0, - 1, 1, 1, 1, 1, 1, 1, 1, 12, 12, - 13, 13, 17, 16, 17, 18, 18, 7, 3, 18, - 15, 15, 15, 15, 15, 15, 15, 15, 15 - } ; - -static yy_state_type yy_last_accepting_state; -static char *yy_last_accepting_cpos; - -/* The intent behind this definition is that it'll catch - * any uses of REJECT which flex missed. - */ -#define REJECT reject_used_but_not_detected -#define yymore() yymore_used_but_not_detected -#define YY_MORE_ADJ 0 -#define YY_RESTORE_YY_MORE_OFFSET -char *yytext; -#line 1 "installparse.l" -#define INITIAL 0 -/* lex file for analyzing PKCS #11 Module installation instructions */ -/*----------------------------- Definitions ---------------------------*/ -#line 5 "installparse.l" -#include - -#include "install-ds.h" /* defines tokens and data structures */ -#include "installparse.h" /* produced by yacc -d */ -#include -static char *putSimpleString(char*); /* return copy of string */ -static char *putComplexString(char*); /* strip out quotes, deal with */ - /* escaped characters */ - -void Pk11Install_yyerror(char *); - -/* Overrides to use NSPR */ -#define malloc PR_Malloc -#define realloc PR_Realloc -#define free PR_Free - -int Pk11Install_yylinenum=1; -static char *err; - -#define YY_NEVER_INTERACTIVE 1 -#define yyunput Pkcs11Install_yyunput - -/* This is the default YY_INPUT modified for NSPR */ -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) { \ - char c; \ - int n; \ - for ( n = 0; n < max_size && \ - PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \ - buf[n] = c; \ - } \ - if ( c == '\n' ) { \ - buf[n++] = c; \ - } \ - result = n; \ - } else { \ - result = PR_Read(Pk11Install_FD, buf, max_size); \ - } - -/*** Regular expression definitions ***/ -/* simple_string has no whitespace, quotes, or braces */ -/* complex_string is enclosed in quotes. Inside the quotes, quotes and - backslashes must be backslash-escaped. Otherwise, anything goes. */ -/* Standard whitespace */ -/*---------------------------- Actions --------------------------------*/ -#line 437 "lex.Pk11Install_yy.cpp" - -/* Macros after this point can all be overridden by user definitions in - * section 1. - */ - -#ifndef YY_SKIP_YYWRAP -#ifdef __cplusplus -extern "C" int yywrap YY_PROTO(( void )); -#else -extern int yywrap YY_PROTO(( void )); -#endif -#endif - -#ifndef YY_NO_UNPUT -static void yyunput YY_PROTO(( int c, char *buf_ptr )); -#endif - -#ifndef yytext_ptr -static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int )); -#endif - -#ifdef YY_NEED_STRLEN -static int yy_flex_strlen YY_PROTO(( yyconst char * )); -#endif - -#ifndef YY_NO_INPUT -#ifdef __cplusplus -static int yyinput YY_PROTO(( void )); -#else -static int input YY_PROTO(( void )); -#endif -#endif - -#if YY_STACK_USED -static int yy_start_stack_ptr = 0; -static int yy_start_stack_depth = 0; -static int *yy_start_stack = 0; -#ifndef YY_NO_PUSH_STATE -static void yy_push_state YY_PROTO(( int new_state )); -#endif -#ifndef YY_NO_POP_STATE -static void yy_pop_state YY_PROTO(( void )); -#endif -#ifndef YY_NO_TOP_STATE -static int yy_top_state YY_PROTO(( void )); -#endif - -#else -#define YY_NO_PUSH_STATE 1 -#define YY_NO_POP_STATE 1 -#define YY_NO_TOP_STATE 1 -#endif - -#ifdef YY_MALLOC_DECL -YY_MALLOC_DECL -#else -#if __STDC__ -#ifndef __cplusplus -#include -#endif -#else -/* Just try to get by without declaring the routines. This will fail - * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int) - * or sizeof(void*) != sizeof(int). - */ -#endif -#endif - -/* Amount of stuff to slurp up with each read. */ -#ifndef YY_READ_BUF_SIZE -#define YY_READ_BUF_SIZE 8192 -#endif - -/* Copy whatever the last rule matched to the standard output. */ - -#ifndef ECHO -/* This used to be an fputs(), but since the string might contain NUL's, - * we now use fwrite(). - */ -#define ECHO (void) fwrite( yytext, yyleng, 1, yyout ) -#endif - -/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, - * is returned in "result". - */ -#ifndef YY_INPUT -#define YY_INPUT(buf,result,max_size) \ - if ( yy_current_buffer->yy_is_interactive ) \ - { \ - int c = '*', n; \ - for ( n = 0; n < max_size && \ - (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ - buf[n] = (char) c; \ - if ( c == '\n' ) \ - buf[n++] = (char) c; \ - if ( c == EOF && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); \ - result = n; \ - } \ - else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \ - && ferror( yyin ) ) \ - YY_FATAL_ERROR( "input in flex scanner failed" ); -#endif - -/* No semi-colon after return; correct usage is to write "yyterminate();" - - * we don't want an extra ';' after the "return" because that will cause - * some compilers to complain about unreachable statements. - */ -#ifndef yyterminate -#define yyterminate() return YY_NULL -#endif - -/* Number of entries by which start-condition stack grows. */ -#ifndef YY_START_STACK_INCR -#define YY_START_STACK_INCR 25 -#endif - -/* Report a fatal error. */ -#ifndef YY_FATAL_ERROR -#define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) -#endif - -/* Default declaration of generated scanner - a define so the user can - * easily add parameters. - */ -#ifndef YY_DECL -#define YY_DECL int yylex YY_PROTO(( void )) -#endif - -/* Code executed at the beginning of each rule, after yytext and yyleng - * have been set up. - */ -#ifndef YY_USER_ACTION -#define YY_USER_ACTION -#endif - -/* Code executed at the end of each rule. */ -#ifndef YY_BREAK -#define YY_BREAK break; -#endif - -#define YY_RULE_SETUP \ - YY_USER_ACTION - -YY_DECL - { - register yy_state_type yy_current_state; - register char *yy_cp, *yy_bp; - register int yy_act; - -#line 60 "installparse.l" - - -#line 591 "lex.Pk11Install_yy.cpp" - - if ( yy_init ) - { - yy_init = 0; - -#ifdef YY_USER_INIT - YY_USER_INIT; -#endif - - if ( ! yy_start ) - yy_start = 1; /* first start state */ - - if ( ! yyin ) - yyin = stdin; - - if ( ! yyout ) - yyout = stdout; - - if ( ! yy_current_buffer ) - yy_current_buffer = - yy_create_buffer( yyin, YY_BUF_SIZE ); - - yy_load_buffer_state(); - } - - while ( 1 ) /* loops until end-of-file is reached */ - { - yy_cp = yy_c_buf_p; - - /* Support of yytext. */ - *yy_cp = yy_hold_char; - - /* yy_bp points to the position in yy_ch_buf of the start of - * the current run. - */ - yy_bp = yy_cp; - - yy_current_state = yy_start; -yy_match: - do - { - register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - ++yy_cp; - } - while ( yy_base[yy_current_state] != 21 ); - -yy_find_action: - yy_act = yy_accept[yy_current_state]; - if ( yy_act == 0 ) - { /* have to back up */ - yy_cp = yy_last_accepting_cpos; - yy_current_state = yy_last_accepting_state; - yy_act = yy_accept[yy_current_state]; - } - - YY_DO_BEFORE_ACTION; - - -do_action: /* This label is used only to access EOF actions. */ - - - switch ( yy_act ) - { /* beginning of action switch */ - case 0: /* must back up */ - /* undo the effects of YY_DO_BEFORE_ACTION */ - *yy_cp = yy_hold_char; - yy_cp = yy_last_accepting_cpos; - yy_current_state = yy_last_accepting_state; - goto yy_find_action; - -case 1: -YY_RULE_SETUP -#line 62 "installparse.l" -return OPENBRACE; - YY_BREAK -case 2: -YY_RULE_SETUP -#line 63 "installparse.l" -return CLOSEBRACE; - YY_BREAK -case 3: -YY_RULE_SETUP -#line 64 "installparse.l" -{Pk11Install_yylval.string = - putSimpleString(Pk11Install_yytext); - return STRING;} - YY_BREAK -case 4: -YY_RULE_SETUP -#line 67 "installparse.l" -{Pk11Install_yylval.string = - putComplexString(Pk11Install_yytext); - return STRING;} - YY_BREAK -case 5: -YY_RULE_SETUP -#line 71 "installparse.l" -Pk11Install_yylinenum++; - YY_BREAK -case 6: -YY_RULE_SETUP -#line 73 "installparse.l" -; - YY_BREAK -case 7: -YY_RULE_SETUP -#line 75 "installparse.l" -{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext); - Pk11Install_yyerror(err); - PR_smprintf_free(err); - return 1; - } - YY_BREAK -case 8: -YY_RULE_SETUP -#line 81 "installparse.l" -ECHO; - YY_BREAK -#line 722 "lex.Pk11Install_yy.cpp" -case YY_STATE_EOF(INITIAL): - yyterminate(); - - case YY_END_OF_BUFFER: - { - /* Amount of text matched not including the EOB char. */ - int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1; - - /* Undo the effects of YY_DO_BEFORE_ACTION. */ - *yy_cp = yy_hold_char; - YY_RESTORE_YY_MORE_OFFSET - - if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW ) - { - /* We're scanning a new file or input source. It's - * possible that this happened because the user - * just pointed yyin at a new source and called - * yylex(). If so, then we have to assure - * consistency between yy_current_buffer and our - * globals. Here is the right place to do so, because - * this is the first action (other than possibly a - * back-up) that will match for the new input source. - */ - yy_n_chars = yy_current_buffer->yy_n_chars; - yy_current_buffer->yy_input_file = yyin; - yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL; - } - - /* Note that here we test for yy_c_buf_p "<=" to the position - * of the first EOB in the buffer, since yy_c_buf_p will - * already have been incremented past the NUL character - * (since all states make transitions on EOB to the - * end-of-buffer state). Contrast this with the test - * in input(). - */ - if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] ) - { /* This was really a NUL. */ - yy_state_type yy_next_state; - - yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state(); - - /* Okay, we're now positioned to make the NUL - * transition. We couldn't have - * yy_get_previous_state() go ahead and do it - * for us because it doesn't know how to deal - * with the possibility of jamming (and we don't - * want to build jamming into it because then it - * will run more slowly). - */ - - yy_next_state = yy_try_NUL_trans( yy_current_state ); - - yy_bp = yytext_ptr + YY_MORE_ADJ; - - if ( yy_next_state ) - { - /* Consume the NUL. */ - yy_cp = ++yy_c_buf_p; - yy_current_state = yy_next_state; - goto yy_match; - } - - else - { - yy_cp = yy_c_buf_p; - goto yy_find_action; - } - } - - else switch ( yy_get_next_buffer() ) - { - case EOB_ACT_END_OF_FILE: - { - yy_did_buffer_switch_on_eof = 0; - - if ( yywrap() ) - { - /* Note: because we've taken care in - * yy_get_next_buffer() to have set up - * yytext, we can now set up - * yy_c_buf_p so that if some total - * hoser (like flex itself) wants to - * call the scanner after we return the - * YY_NULL, it'll still work - another - * YY_NULL will get returned. - */ - yy_c_buf_p = yytext_ptr + YY_MORE_ADJ; - - yy_act = YY_STATE_EOF(YY_START); - goto do_action; - } - - else - { - if ( ! yy_did_buffer_switch_on_eof ) - YY_NEW_FILE; - } - break; - } - - case EOB_ACT_CONTINUE_SCAN: - yy_c_buf_p = - yytext_ptr + yy_amount_of_matched_text; - - yy_current_state = yy_get_previous_state(); - - yy_cp = yy_c_buf_p; - yy_bp = yytext_ptr + YY_MORE_ADJ; - goto yy_match; - - case EOB_ACT_LAST_MATCH: - yy_c_buf_p = - &yy_current_buffer->yy_ch_buf[yy_n_chars]; - - yy_current_state = yy_get_previous_state(); - - yy_cp = yy_c_buf_p; - yy_bp = yytext_ptr + YY_MORE_ADJ; - goto yy_find_action; - } - break; - } - - default: - YY_FATAL_ERROR( - "fatal flex scanner internal error--no action found" ); - } /* end of action switch */ - } /* end of scanning one token */ - } /* end of yylex */ - - -/* yy_get_next_buffer - try to read in a new buffer - * - * Returns a code representing an action: - * EOB_ACT_LAST_MATCH - - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position - * EOB_ACT_END_OF_FILE - end of file - */ - -static int yy_get_next_buffer() - { - register char *dest = yy_current_buffer->yy_ch_buf; - register char *source = yytext_ptr; - register int number_to_move, i; - int ret_val; - - if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] ) - YY_FATAL_ERROR( - "fatal flex scanner internal error--end of buffer missed" ); - - if ( yy_current_buffer->yy_fill_buffer == 0 ) - { /* Don't try to fill the buffer, so this is an EOF. */ - if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 ) - { - /* We matched a single character, the EOB, so - * treat this as a final EOF. - */ - return EOB_ACT_END_OF_FILE; - } - - else - { - /* We matched some text prior to the EOB, first - * process it. - */ - return EOB_ACT_LAST_MATCH; - } - } - - /* Try to read more data. */ - - /* First move last chars to start of buffer. */ - number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1; - - for ( i = 0; i < number_to_move; ++i ) - *(dest++) = *(source++); - - if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING ) - /* don't do the read, it's not guaranteed to return an EOF, - * just force an EOF - */ - yy_current_buffer->yy_n_chars = yy_n_chars = 0; - - else - { - int num_to_read = - yy_current_buffer->yy_buf_size - number_to_move - 1; - - while ( num_to_read <= 0 ) - { /* Not enough room in the buffer - grow it. */ -#ifdef YY_USES_REJECT - YY_FATAL_ERROR( -"input buffer overflow, can't enlarge buffer because scanner uses REJECT" ); -#else - - /* just a shorter name for the current buffer */ - YY_BUFFER_STATE b = yy_current_buffer; - - int yy_c_buf_p_offset = - (int) (yy_c_buf_p - b->yy_ch_buf); - - if ( b->yy_is_our_buffer ) - { - int new_size = b->yy_buf_size * 2; - - if ( new_size <= 0 ) - b->yy_buf_size += b->yy_buf_size / 8; - else - b->yy_buf_size *= 2; - - b->yy_ch_buf = (char *) - /* Include room in for 2 EOB chars. */ - yy_flex_realloc( (void *) b->yy_ch_buf, - b->yy_buf_size + 2 ); - } - else - /* Can't grow it, we don't own it. */ - b->yy_ch_buf = 0; - - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( - "fatal error - scanner input buffer overflow" ); - - yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset]; - - num_to_read = yy_current_buffer->yy_buf_size - - number_to_move - 1; -#endif - } - - if ( num_to_read > YY_READ_BUF_SIZE ) - num_to_read = YY_READ_BUF_SIZE; - - /* Read in more data. */ - YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]), - yy_n_chars, num_to_read ); - - yy_current_buffer->yy_n_chars = yy_n_chars; - } - - if ( yy_n_chars == 0 ) - { - if ( number_to_move == YY_MORE_ADJ ) - { - ret_val = EOB_ACT_END_OF_FILE; - yyrestart( yyin ); - } - - else - { - ret_val = EOB_ACT_LAST_MATCH; - yy_current_buffer->yy_buffer_status = - YY_BUFFER_EOF_PENDING; - } - } - - else - ret_val = EOB_ACT_CONTINUE_SCAN; - - yy_n_chars += number_to_move; - yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR; - yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR; - - yytext_ptr = &yy_current_buffer->yy_ch_buf[0]; - - return ret_val; - } - - -/* yy_get_previous_state - get the state just before the EOB char was reached */ - -static yy_state_type yy_get_previous_state() - { - register yy_state_type yy_current_state; - register char *yy_cp; - - yy_current_state = yy_start; - - for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp ) - { - register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - } - - return yy_current_state; - } - - -/* yy_try_NUL_trans - try to make a transition on the NUL character - * - * synopsis - * next_state = yy_try_NUL_trans( current_state ); - */ - -#ifdef YY_USE_PROTOS -static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state ) -#else -static yy_state_type yy_try_NUL_trans( yy_current_state ) -yy_state_type yy_current_state; -#endif - { - register int yy_is_jam; - register char *yy_cp = yy_c_buf_p; - - register YY_CHAR yy_c = 1; - if ( yy_accept[yy_current_state] ) - { - yy_last_accepting_state = yy_current_state; - yy_last_accepting_cpos = yy_cp; - } - while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) - { - yy_current_state = (int) yy_def[yy_current_state]; - if ( yy_current_state >= 16 ) - yy_c = yy_meta[(unsigned int) yy_c]; - } - yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; - yy_is_jam = (yy_current_state == 15); - - return yy_is_jam ? 0 : yy_current_state; - } - - -#ifndef YY_NO_UNPUT -#ifdef YY_USE_PROTOS -static void yyunput( int c, register char *yy_bp ) -#else -static void yyunput( c, yy_bp ) -int c; -register char *yy_bp; -#endif - { - register char *yy_cp = yy_c_buf_p; - - /* undo effects of setting up yytext */ - *yy_cp = yy_hold_char; - - if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) - { /* need to shift things up to make room */ - /* +2 for EOB chars. */ - register int number_to_move = yy_n_chars + 2; - register char *dest = &yy_current_buffer->yy_ch_buf[ - yy_current_buffer->yy_buf_size + 2]; - register char *source = - &yy_current_buffer->yy_ch_buf[number_to_move]; - - while ( source > yy_current_buffer->yy_ch_buf ) - *--dest = *--source; - - yy_cp += (int) (dest - source); - yy_bp += (int) (dest - source); - yy_current_buffer->yy_n_chars = - yy_n_chars = yy_current_buffer->yy_buf_size; - - if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 ) - YY_FATAL_ERROR( "flex scanner push-back overflow" ); - } - - *--yy_cp = (char) c; - - - yytext_ptr = yy_bp; - yy_hold_char = *yy_cp; - yy_c_buf_p = yy_cp; - } -#endif /* ifndef YY_NO_UNPUT */ - - -#ifdef __cplusplus -static int yyinput() -#else -static int input() -#endif - { - int c; - - *yy_c_buf_p = yy_hold_char; - - if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR ) - { - /* yy_c_buf_p now points to the character we want to return. - * If this occurs *before* the EOB characters, then it's a - * valid NUL; if not, then we've hit the end of the buffer. - */ - if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] ) - /* This was really a NUL. */ - *yy_c_buf_p = '\0'; - - else - { /* need more input */ - int offset = yy_c_buf_p - yytext_ptr; - ++yy_c_buf_p; - - switch ( yy_get_next_buffer() ) - { - case EOB_ACT_LAST_MATCH: - /* This happens because yy_g_n_b() - * sees that we've accumulated a - * token and flags that we need to - * try matching the token before - * proceeding. But for input(), - * there's no matching to consider. - * So convert the EOB_ACT_LAST_MATCH - * to EOB_ACT_END_OF_FILE. - */ - - /* Reset buffer status. */ - yyrestart( yyin ); - - /* fall through */ - - case EOB_ACT_END_OF_FILE: - { - if ( yywrap() ) - return EOF; - - if ( ! yy_did_buffer_switch_on_eof ) - YY_NEW_FILE; -#ifdef __cplusplus - return yyinput(); -#else - return input(); -#endif - } - - case EOB_ACT_CONTINUE_SCAN: - yy_c_buf_p = yytext_ptr + offset; - break; - } - } - } - - c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */ - *yy_c_buf_p = '\0'; /* preserve yytext */ - yy_hold_char = *++yy_c_buf_p; - - - return c; - } - - -#ifdef YY_USE_PROTOS -void yyrestart( FILE *input_file ) -#else -void yyrestart( input_file ) -FILE *input_file; -#endif - { - if ( ! yy_current_buffer ) - yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); - - yy_init_buffer( yy_current_buffer, input_file ); - yy_load_buffer_state(); - } - - -#ifdef YY_USE_PROTOS -void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer ) -#else -void yy_switch_to_buffer( new_buffer ) -YY_BUFFER_STATE new_buffer; -#endif - { - if ( yy_current_buffer == new_buffer ) - return; - - if ( yy_current_buffer ) - { - /* Flush out information for old buffer. */ - *yy_c_buf_p = yy_hold_char; - yy_current_buffer->yy_buf_pos = yy_c_buf_p; - yy_current_buffer->yy_n_chars = yy_n_chars; - } - - yy_current_buffer = new_buffer; - yy_load_buffer_state(); - - /* We don't actually know whether we did this switch during - * EOF (yywrap()) processing, but the only time this flag - * is looked at is after yywrap() is called, so it's safe - * to go ahead and always set it. - */ - yy_did_buffer_switch_on_eof = 1; - } - - -#ifdef YY_USE_PROTOS -void yy_load_buffer_state( void ) -#else -void yy_load_buffer_state() -#endif - { - yy_n_chars = yy_current_buffer->yy_n_chars; - yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos; - yyin = yy_current_buffer->yy_input_file; - yy_hold_char = *yy_c_buf_p; - } - - -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_create_buffer( FILE *file, int size ) -#else -YY_BUFFER_STATE yy_create_buffer( file, size ) -FILE *file; -int size; -#endif - { - YY_BUFFER_STATE b; - - b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_buf_size = size; - - /* yy_ch_buf has to be 2 characters longer than the size given because - * we need to put in 2 end-of-buffer characters. - */ - b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 ); - if ( ! b->yy_ch_buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); - - b->yy_is_our_buffer = 1; - - yy_init_buffer( b, file ); - - return b; - } - - -#ifdef YY_USE_PROTOS -void yy_delete_buffer( YY_BUFFER_STATE b ) -#else -void yy_delete_buffer( b ) -YY_BUFFER_STATE b; -#endif - { - if ( ! b ) - return; - - if ( b == yy_current_buffer ) - yy_current_buffer = (YY_BUFFER_STATE) 0; - - if ( b->yy_is_our_buffer ) - yy_flex_free( (void *) b->yy_ch_buf ); - - yy_flex_free( (void *) b ); - } - - -#ifndef YY_ALWAYS_INTERACTIVE -#ifndef YY_NEVER_INTERACTIVE -extern int isatty YY_PROTO(( int )); -#endif -#endif - -#ifdef YY_USE_PROTOS -void yy_init_buffer( YY_BUFFER_STATE b, FILE *file ) -#else -void yy_init_buffer( b, file ) -YY_BUFFER_STATE b; -FILE *file; -#endif - - - { - yy_flush_buffer( b ); - - b->yy_input_file = file; - b->yy_fill_buffer = 1; - -#if YY_ALWAYS_INTERACTIVE - b->yy_is_interactive = 1; -#else -#if YY_NEVER_INTERACTIVE - b->yy_is_interactive = 0; -#else - b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; -#endif -#endif - } - - -#ifdef YY_USE_PROTOS -void yy_flush_buffer( YY_BUFFER_STATE b ) -#else -void yy_flush_buffer( b ) -YY_BUFFER_STATE b; -#endif - - { - if ( ! b ) - return; - - b->yy_n_chars = 0; - - /* We always need two end-of-buffer characters. The first causes - * a transition to the end-of-buffer state. The second causes - * a jam in that state. - */ - b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; - b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; - - b->yy_buf_pos = &b->yy_ch_buf[0]; - - b->yy_at_bol = 1; - b->yy_buffer_status = YY_BUFFER_NEW; - - if ( b == yy_current_buffer ) - yy_load_buffer_state(); - } - - -#ifndef YY_NO_SCAN_BUFFER -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size ) -#else -YY_BUFFER_STATE yy_scan_buffer( base, size ) -char *base; -yy_size_t size; -#endif - { - YY_BUFFER_STATE b; - - if ( size < 2 || - base[size-2] != YY_END_OF_BUFFER_CHAR || - base[size-1] != YY_END_OF_BUFFER_CHAR ) - /* They forgot to leave room for the EOB's. */ - return 0; - - b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) ); - if ( ! b ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); - - b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ - b->yy_buf_pos = b->yy_ch_buf = base; - b->yy_is_our_buffer = 0; - b->yy_input_file = 0; - b->yy_n_chars = b->yy_buf_size; - b->yy_is_interactive = 0; - b->yy_at_bol = 1; - b->yy_fill_buffer = 0; - b->yy_buffer_status = YY_BUFFER_NEW; - - yy_switch_to_buffer( b ); - - return b; - } -#endif - - -#ifndef YY_NO_SCAN_STRING -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str ) -#else -YY_BUFFER_STATE yy_scan_string( yy_str ) -yyconst char *yy_str; -#endif - { - int len; - for ( len = 0; yy_str[len]; ++len ) - ; - - return yy_scan_bytes( yy_str, len ); - } -#endif - - -#ifndef YY_NO_SCAN_BYTES -#ifdef YY_USE_PROTOS -YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len ) -#else -YY_BUFFER_STATE yy_scan_bytes( bytes, len ) -yyconst char *bytes; -int len; -#endif - { - YY_BUFFER_STATE b; - char *buf; - yy_size_t n; - int i; - - /* Get memory for full buffer, including space for trailing EOB's. */ - n = len + 2; - buf = (char *) yy_flex_alloc( n ); - if ( ! buf ) - YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); - - for ( i = 0; i < len; ++i ) - buf[i] = bytes[i]; - - buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR; - - b = yy_scan_buffer( buf, n ); - if ( ! b ) - YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); - - /* It's okay to grow etc. this buffer, and we should throw it - * away when we're done. - */ - b->yy_is_our_buffer = 1; - - return b; - } -#endif - - -#ifndef YY_NO_PUSH_STATE -#ifdef YY_USE_PROTOS -static void yy_push_state( int new_state ) -#else -static void yy_push_state( new_state ) -int new_state; -#endif - { - if ( yy_start_stack_ptr >= yy_start_stack_depth ) - { - yy_size_t new_size; - - yy_start_stack_depth += YY_START_STACK_INCR; - new_size = yy_start_stack_depth * sizeof( int ); - - if ( ! yy_start_stack ) - yy_start_stack = (int *) yy_flex_alloc( new_size ); - - else - yy_start_stack = (int *) yy_flex_realloc( - (void *) yy_start_stack, new_size ); - - if ( ! yy_start_stack ) - YY_FATAL_ERROR( - "out of memory expanding start-condition stack" ); - } - - yy_start_stack[yy_start_stack_ptr++] = YY_START; - - BEGIN(new_state); - } -#endif - - -#ifndef YY_NO_POP_STATE -static void yy_pop_state() - { - if ( --yy_start_stack_ptr < 0 ) - YY_FATAL_ERROR( "start-condition stack underflow" ); - - BEGIN(yy_start_stack[yy_start_stack_ptr]); - } -#endif - - -#ifndef YY_NO_TOP_STATE -static int yy_top_state() - { - return yy_start_stack[yy_start_stack_ptr - 1]; - } -#endif - -#ifndef YY_EXIT_FAILURE -#define YY_EXIT_FAILURE 2 -#endif - -#ifdef YY_USE_PROTOS -static void yy_fatal_error( yyconst char msg[] ) -#else -static void yy_fatal_error( msg ) -char msg[]; -#endif - { - (void) fprintf( stderr, "%s\n", msg ); - exit( YY_EXIT_FAILURE ); - } - - - -/* Redefine yyless() so it works in section 3 code. */ - -#undef yyless -#define yyless(n) \ - do \ - { \ - /* Undo effects of setting up yytext. */ \ - yytext[yyleng] = yy_hold_char; \ - yy_c_buf_p = yytext + n; \ - yy_hold_char = *yy_c_buf_p; \ - *yy_c_buf_p = '\0'; \ - yyleng = n; \ - } \ - while ( 0 ) - - -/* Internal utility routines. */ - -#ifndef yytext_ptr -#ifdef YY_USE_PROTOS -static void yy_flex_strncpy( char *s1, yyconst char *s2, int n ) -#else -static void yy_flex_strncpy( s1, s2, n ) -char *s1; -yyconst char *s2; -int n; -#endif - { - register int i; - for ( i = 0; i < n; ++i ) - s1[i] = s2[i]; - } -#endif - -#ifdef YY_NEED_STRLEN -#ifdef YY_USE_PROTOS -static int yy_flex_strlen( yyconst char *s ) -#else -static int yy_flex_strlen( s ) -yyconst char *s; -#endif - { - register int n; - for ( n = 0; s[n]; ++n ) - ; - - return n; - } -#endif - - -#ifdef YY_USE_PROTOS -static void *yy_flex_alloc( yy_size_t size ) -#else -static void *yy_flex_alloc( size ) -yy_size_t size; -#endif - { - return (void *) malloc( size ); - } - -#ifdef YY_USE_PROTOS -static void *yy_flex_realloc( void *ptr, yy_size_t size ) -#else -static void *yy_flex_realloc( ptr, size ) -void *ptr; -yy_size_t size; -#endif - { - /* The cast to (char *) in the following accommodates both - * implementations that use char* generic pointers, and those - * that use void* generic pointers. It works with the latter - * because both ANSI C and C++ allow castless assignment from - * any pointer type to void*, and deal with argument conversions - * as though doing an assignment. - */ - return (void *) realloc( (char *) ptr, size ); - } - -#ifdef YY_USE_PROTOS -static void yy_flex_free( void *ptr ) -#else -static void yy_flex_free( ptr ) -void *ptr; -#endif - { - free( ptr ); - } - -#if YY_MAIN -int main() - { - yylex(); - return 0; - } -#endif -#line 81 "installparse.l" - -/*------------------------ Program Section ----------------------------*/ - -PRFileDesc *Pk11Install_FD=NULL; - -/*************************************************************************/ -/* dummy function required by lex */ -int Pk11Install_yywrap(void) { return 1;} - -/*************************************************************************/ -/* Return a copy of the given string */ -static char* -putSimpleString(char *str) -{ - char *tmp = (char*) PR_Malloc(strlen(str)+1); - strcpy(tmp, str); - return tmp; -} - -/*************************************************************************/ -/* Strip out quotes, replace escaped characters with what they stand for. - This function assumes that what is passed in is actually a complex - string, so error checking is lax. */ -static char* -putComplexString(char *str) -{ - int size, i,j; - char *tmp; - - if(!str) { - return NULL; - } - size = strlen(str); - - /* Allocate the new space. This string will actually be too big, - since quotes and backslashes will be stripped out. But that's ok. */ - tmp = (char*) PR_Malloc(size+1); - - /* Copy it over */ - for(i=0, j=0; i < size; i++) { - if(str[i]=='\"') { - continue; /* skip un-escaped quotes */ - } else if(str[i]=='\\') { - ++i; /* escaped character. skip the backslash */ - } - tmp[j++] = str[i]; - } - tmp[j] = '\0'; - - return tmp; -} diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn deleted file mode 100644 index fb0ac6ae3..000000000 --- a/security/nss/cmd/modutil/manifest.mn +++ /dev/null @@ -1,59 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -MODULE = sectools - -EXPORTS = - -CSRCS = modutil.c \ - pk11.c \ - instsec.c \ - install.c \ - installparse.c \ - install-ds.c \ - lex.Pk11Install_yy.c \ - $(NULL) - -CPPSRCS = - -PROGRAM = modutil - -REQUIRES = seccmd security dbm - -DEFINES = -DNSPR20 - -INCLUDES = - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c deleted file mode 100644 index 6a8189d27..000000000 --- a/security/nss/cmd/modutil/modutil.c +++ /dev/null @@ -1,882 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "modutil.h" -#include "install.h" -#include -#include "secrng.h" -#include "certdb.h" /* for CERT_DB_FILE_VERSION */ -#include "nss.h" - -static void install_error(char *message); -static char* PR_fgets(char *buf, int size, PRFileDesc *file); -static char *progName; - - -/* This enum must be kept in sync with the commandNames list */ -typedef enum { - NO_COMMAND, - ADD_COMMAND, - CHANGEPW_COMMAND, - CREATE_COMMAND, - DEFAULT_COMMAND, - DELETE_COMMAND, - DISABLE_COMMAND, - ENABLE_COMMAND, - FIPS_COMMAND, - JAR_COMMAND, - LIST_COMMAND, - UNDEFAULT_COMMAND -} Command; - -/* This list must be kept in sync with the Command enum */ -static char *commandNames[] = { - "(no command)", - "-add", - "-changepw", - "-create", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-jar", - "-list", - "-undefault" -}; - - -/* this enum must be kept in sync with the optionStrings list */ -typedef enum { - ADD_ARG=0, - CHANGEPW_ARG, - CIPHERS_ARG, - CREATE_ARG, - DBDIR_ARG, - DBPREFIX_ARG, - DEFAULT_ARG, - DELETE_ARG, - DISABLE_ARG, - ENABLE_ARG, - FIPS_ARG, - FORCE_ARG, - JAR_ARG, - LIBFILE_ARG, - LIST_ARG, - MECHANISMS_ARG, - NEWPWFILE_ARG, - PWFILE_ARG, - SLOT_ARG, - UNDEFAULT_ARG, - INSTALLDIR_ARG, - TEMPDIR_ARG, - NOCERTDB_ARG, - - NUM_ARGS /* must be last */ -} Arg; - -/* This list must be kept in sync with the Arg enum */ -static char *optionStrings[] = { - "-add", - "-changepw", - "-ciphers", - "-create", - "-dbdir", - "-dbprefix", - "-default", - "-delete", - "-disable", - "-enable", - "-fips", - "-force", - "-jar", - "-libfile", - "-list", - "-mechanisms", - "-newpwfile", - "-pwfile", - "-slot", - "-undefault", - "-installdir", - "-tempdir", - "-nocertdb" -}; - -/* Increment i if doing so would have i still be less than j. If you - are able to do this, return 0. Otherwise return 1. */ -#define TRY_INC(i,j) ( ((i+1) -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "error.h" - -Error FipsMode(char *arg); -Error AddModule(char *moduleName, char *libFile, char *ciphers, - char *mechanisms); -Error DeleteModule(char *moduleName); -Error ListModule(char *moduleName); -Error ListModules(); -Error ChangePW(char *tokenName, char *pwFile, char *newpwFile); -Error EnableModule(char *moduleName, char *slotName, PRBool enable); -Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms); -Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms); -void out_of_memory(void); - -#endif /*MODUTIL_H*/ diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c deleted file mode 100644 index 6081cdcd7..000000000 --- a/security/nss/cmd/modutil/pk11.c +++ /dev/null @@ -1,811 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#include "modutil.h" -#include "secmodti.h" -#include "pk11func.h" - -extern PK11DefaultArrayEntry PK11_DefaultArray[]; -extern int num_pk11_default_mechanisms; -extern SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo*, PK11DefaultArrayEntry*, - PRBool); - -/************************************************************************* - * - * F i p s M o d e - * If arg=="true", enable FIPS mode on the internal module. If arg=="false", - * disable FIPS mode on the internal module. - */ -Error -FipsMode(char *arg) -{ - - char *internal_name; - - if(!PORT_Strcasecmp(arg, "true")) { - if(!PK11_IsFIPS()) { - internal_name = PR_smprintf("%s", - SECMOD_GetInternalModule()->commonName); - if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) { - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); - return FIPS_SWITCH_FAILED_ERR; - } - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]); - } else { - PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]); - return FIPS_ALREADY_ON_ERR; - } - } else if(!PORT_Strcasecmp(arg, "false")) { - if(PK11_IsFIPS()) { - internal_name = PR_smprintf("%s", - SECMOD_GetInternalModule()->commonName); - if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) { - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]); - return FIPS_SWITCH_FAILED_ERR; - } - PR_smprintf_free(internal_name); - PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]); - } else { - PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]); - return FIPS_ALREADY_OFF_ERR; - } - } else { - PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]); - return INVALID_FIPS_ARG; - } - - return SUCCESS; -} - -/************************************************************************ - * Cipher and Mechanism name-bitmask translation tables - */ - -typedef struct { - char *name; - unsigned long mask; -} MaskString; - -static MaskString mechanismStrings[] = { - {"RSA", PUBLIC_MECH_RSA_FLAG}, - {"DSA", PUBLIC_MECH_DSA_FLAG}, - {"RC2", PUBLIC_MECH_RC2_FLAG}, - {"RC4", PUBLIC_MECH_RC4_FLAG}, - {"RC5", PUBLIC_MECH_RC5_FLAG}, - {"DES", PUBLIC_MECH_DES_FLAG}, - {"DH", PUBLIC_MECH_DH_FLAG}, - {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG}, - {"SHA1", PUBLIC_MECH_SHA1_FLAG}, - {"MD5", PUBLIC_MECH_MD5_FLAG}, - {"MD2", PUBLIC_MECH_MD2_FLAG}, - {"SSL", PUBLIC_MECH_SSL_FLAG}, - {"TLS", PUBLIC_MECH_TLS_FLAG}, - {"RANDOM", PUBLIC_MECH_RANDOM_FLAG}, - {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG} -}; -static int numMechanismStrings = - sizeof(mechanismStrings) / sizeof(mechanismStrings[0]); - -static MaskString cipherStrings[] = { - {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG} -}; -static int numCipherStrings = - sizeof(cipherStrings) / sizeof(cipherStrings[0]); - -/* Maximum length of a colon-separated list of all the strings in an - * array. */ -#define MAX_STRING_LIST_LEN 240 /* or less */ - -/************************************************************************ - * - * g e t F l a g s F r o m S t r i n g - * - * Parses a mechanism list passed on the command line and converts it - * to an unsigned long bitmask. - * string is a colon-separated string of constants - * array is an array of MaskStrings. - * elements is the number of elements in array. - */ -static unsigned long -getFlagsFromString(char *string, MaskString array[], int elements) -{ - unsigned long ret = 0; - short i = 0; - char *cp; - char *buf; - char *end; - - if(!string || !string[0]) { - return ret; - } - - /* Make a temporary copy of the string */ - buf = PR_Malloc(strlen(string)+1); - if(!buf) { - out_of_memory(); - } - strcpy(buf, string); - - /* Look at each element of the list passed in */ - for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) { - /* Look at the string up to the next colon */ - end = strchr(cp, ':'); - if(end) { - *end = '\0'; - } - - /* Find which element this is */ - for(i=0; i < elements; i++) { - if( !PORT_Strcasecmp(cp, array[i].name) ) { - break; - } - } - if(i == elements) { - /* Skip a bogus string, but print a warning message */ - PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp); - continue; - } - ret |= array[i].mask; - } - - PR_Free(buf); - return ret; -} - -/********************************************************************** - * - * g e t S t r i n g F r o m F l a g s - * - * The return string's memory is owned by this function. Copy it - * if you need it permanently or you want to change it. - */ -static char * -getStringFromFlags(unsigned long flags, MaskString array[], int elements) -{ - static char buf[MAX_STRING_LIST_LEN]; - int i; - int count=0; - - buf[0] = '\0'; - for(i=0; inext) { - ++count; - if(count!=1) { - PR_fprintf(PR_STDOUT, "\n"); - } - - PR_fprintf(PR_STDOUT, "%3d. %s\n", count, mlp->module->commonName); - - if(mlp->module->dllName) { - PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", mlp->module->dllName); - } - - if(mlp->module->slotCount == 0) { - PR_fprintf(PR_STDOUT, - "\t slots: There are no slots attached to this module\n"); - } else { - PR_fprintf(PR_STDOUT, - "\t slots: %d slot%s attached\n", mlp->module->slotCount, - (mlp->module->slotCount==1 ? "" : "s") ); - } - - if(mlp->module->loaded == 0) { - PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n"); - } else { - PR_fprintf(PR_STDOUT, "\tstatus: loaded\n"); - } - - /* Print slot and token names */ - for (i = 0; i < mlp->module->slotCount; i++) { - PK11SlotInfo *slot = mlp->module->slots[i]; - - PR_fprintf(PR_STDOUT, "\n"); - PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot)); - PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot)); - } - } - - PR_fprintf(PR_STDOUT, - "-----------------------------------------------------------\n"); - - ret = SUCCESS; - -loser: - SECMOD_ReleaseReadLock(lock); - return ret; -} - -/* Strings describing PK11DisableReasons */ -static char *disableReasonStr[] = { - "no reason", - "user disabled", - "could not initialize token", - "could not verify token", - "token not present" -}; -static int numDisableReasonStr = - sizeof(disableReasonStr) / sizeof(disableReasonStr[0]); - -/*********************************************************************** - * - * L i s t M o d u l e - * - * Lists detailed information about the named module. - */ -Error -ListModule(char *moduleName) -{ - SECMODModule *module; - PK11SlotInfo *slot; - int slotnum; - CK_INFO modinfo; - CK_SLOT_INFO slotinfo; - CK_TOKEN_INFO tokeninfo; - char *ciphers, *mechanisms; - PK11DisableReasons reason; - - if(!moduleName) { - return SUCCESS; - } - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - if(PK11_GetModInfo(module, &modinfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName); - return MOD_INFO_ERR; - } - - /* Module info */ - PR_fprintf(PR_STDOUT, - "\n-----------------------------------------------------------\n"); - PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName); - if(module->internal || !module->dllName) { - PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n"); - } else { - PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName); - } - - PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID); - PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription); - PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n", - modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor); - PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n", - modinfo.libraryVersion.major, modinfo.libraryVersion.minor); - - /* Get cipher and mechanism flags */ - ciphers = getStringFromFlags(module->ssl[0], cipherStrings, - numCipherStrings); - if(ciphers[0] == '\0') { - ciphers = "None"; - } - PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers); - mechanisms = NULL; - if(module->slotCount > 0) { - mechanisms = getStringFromFlags(module->slots[0]->defaultFlags, - mechanismStrings, numMechanismStrings); - } - if(mechanisms[0] =='\0') { - mechanisms = "None"; - } - PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms); - -#define PAD " " - - /* Loop over each slot */ - for(slotnum=0; slotnum < module->slotCount; slotnum++) { - slot = module->slots[slotnum]; - if(PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR], - PK11_GetSlotName(slot)); - return SLOT_INFO_ERR; - } - if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR], - slot->token_name); - return TOKEN_INFO_ERR; - } - - /* Slot Info */ - PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot)); - mechanisms = getStringFromFlags(slot->defaultFlags, - mechanismStrings, numMechanismStrings); - if(mechanisms[0] =='\0') { - mechanisms = "None"; - } - PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms); - PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n", - slotinfo.manufacturerID); - if(slot->isHW) { - PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"Type: Software\n"); - } - PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n", - slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor); - PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n", - slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor); - if(slot->disabled) { - reason = PK11_GetDisabledReason(slot); - if(reason < numDisableReasonStr) { - PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n", - disableReasonStr[reason]); - } else { - PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n"); - } - } else { - PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n"); - } - - /* Token Info */ - PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n", - tokeninfo.label); - PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n", - tokeninfo.manufacturerID); - PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model); - PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n", - tokeninfo.serialNumber); - PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n", - tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor); - PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n", - tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor); - if(tokeninfo.flags & CKF_WRITE_PROTECTED) { - PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n"); - } - if(tokeninfo.flags & CKF_LOGIN_REQUIRED) { - PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n"); - } else { - PR_fprintf(PR_STDOUT, PAD - "Login Type: Public (no login required)\n"); - } - if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) { - PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n"); - } else { - PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n"); - } - } - PR_fprintf(PR_STDOUT, - "\n-----------------------------------------------------------\n"); - return SUCCESS; -} - -/************************************************************************ - * - * C h a n g e P W - */ -Error -ChangePW(char *tokenName, char *pwFile, char *newpwFile) -{ - char *oldpw=NULL, *newpw=NULL, *newpw2=NULL; - PK11SlotInfo *slot; - Error ret=UNSPECIFIED_ERR; - PRBool matching; - - slot = PK11_FindSlotByName(tokenName); - if(!slot) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName); - return NO_SUCH_TOKEN_ERR; - } - - PK11_SetPasswordFunc(SECU_GetModulePassword); - - /* Get old password */ - if(! PK11_NeedUserInit(slot)) { - if(pwFile) { - oldpw = SECU_GetPasswordString(pwFile, ""); - if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]); - ret=BAD_PW_ERR; - goto loser; - } - } else { - for(matching=PR_FALSE; !matching; ) { - oldpw = SECU_GetPasswordString(NULL, "Enter old password: "); - if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) { - matching = PR_TRUE; - } else { - PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]); - } - } - } - } - - /* Get new password */ - if(newpwFile) { - newpw = SECU_GetPasswordString(newpwFile, ""); - } else { - for(matching=PR_FALSE; !matching; ) { - newpw = SECU_GetPasswordString(NULL, "Enter new password: "); - newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: "); - if(strcmp(newpw, newpw2)) { - PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]); - } else { - matching = PR_TRUE; - } - } - } - - /* Change the password */ - if(PK11_NeedUserInit(slot)) { - if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); - ret = CHANGEPW_FAILED_ERR; - goto loser; - } - } else { - if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) { - PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName); - ret = CHANGEPW_FAILED_ERR; - goto loser; - } - } - - PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName); - ret = SUCCESS; - -loser: - if(oldpw) { - memset(oldpw, 0, strlen(oldpw)); - PORT_Free(oldpw); - } - if(newpw) { - memset(newpw, 0, strlen(newpw)); - PORT_Free(newpw); - } - if(newpw2) { - memset(newpw2, 0, strlen(newpw)); - PORT_Free(newpw2); - } - return ret; -} - -/*********************************************************************** - * - * E n a b l e M o d u l e - * - * If enable==PR_TRUE, enables the module or slot. - * If enable==PR_FALSE, disables the module or slot. - * moduleName is the name of the module. - * slotName is the name of the slot. It is optional. - */ -Error -EnableModule(char *moduleName, char *slotName, PRBool enable) -{ - int i; - SECMODModule *module; - PK11SlotInfo *slot = NULL; - PRBool found = PR_FALSE; - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - for(i=0; i < module->slotCount; i++) { - slot = module->slots[i]; - if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) { - /* Not the right slot */ - continue; - } - if(enable) { - if(! PK11_UserEnableSlot(slot)) { - PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], - "enable", PK11_GetSlotName(slot)); - return ENABLE_FAILED_ERR; - } else { - found = PR_TRUE; - PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG], - PK11_GetSlotName(slot), "enabled"); - } - } else { - if(! PK11_UserDisableSlot(slot)) { - PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR], - "disable", PK11_GetSlotName(slot)); - return ENABLE_FAILED_ERR; - } else { - found = PR_TRUE; - PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG], - PK11_GetSlotName(slot), "disabled"); - } - } - } - - if(slotName && !found) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName); - return NO_SUCH_SLOT_ERR; - } - - /* Delete and re-add module to save changes */ - if( SECMOD_DeletePermDB(module) != SECSuccess ) { - PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName); - return UPDATE_MOD_FAILED_ERR; - } - if( SECMOD_AddPermDB(module) != SECSuccess ) { - /* We're in big trouble here */ - PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName); - return UPDATE_MOD_FAILED_ERR; - } - - return SUCCESS; -} - -/************************************************************************* - * - * S e t D e f a u l t M o d u l e - * - */ -Error -SetDefaultModule(char *moduleName, char *slotName, char *mechanisms) -{ - SECMODModule *module; - PK11SlotInfo *slot; - int s, i; - unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings, - numMechanismStrings); - PRBool found = PR_FALSE; - Error errcode = UNSPECIFIED_ERR; - - mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags); - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - errcode = NO_SUCH_MODULE_ERR; - goto loser; - } - - /* Go through each slot */ - for(s=0; s < module->slotCount; s++) { - slot = module->slots[s]; - - if ((slotName != NULL) && - !((strcmp(PK11_GetSlotName(slot),slotName) == 0) || - (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) { - /* we are only interested in changing the one slot */ - continue; - } - - found = PR_TRUE; - - /* Go through each mechanism */ - for(i=0; i < num_pk11_default_mechanisms; i++) { - if(PK11_DefaultArray[i].flag & mechFlags) { - /* Enable this default mechanism */ - PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), - PR_TRUE); - } - } - } - if (slotName && !found) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName); - errcode = NO_SUCH_SLOT_ERR; - goto loser; - } - - /* Delete and re-add module to save changes */ - if( SECMOD_DeletePermDB(module) != SECSuccess ) { - PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR], - moduleName); - errcode = DEFAULT_FAILED_ERR; - goto loser; - } - if( SECMOD_AddPermDB(module) != SECSuccess ) { - /* We're in big trouble here */ - PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR], - moduleName); - errcode = DEFAULT_FAILED_ERR; - goto loser; - } - - PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]); - - errcode = SUCCESS; -loser: - return errcode; -} - -/************************************************************************ - * - * U n s e t D e f a u l t M o d u l e - */ -Error -UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms) -{ - SECMODModule * module; - PK11SlotInfo *slot; - int s, i; - unsigned long mechFlags = getFlagsFromString(mechanisms, - mechanismStrings, numMechanismStrings); - PRBool found = PR_FALSE; - - mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags); - - module = SECMOD_FindModule(moduleName); - if(!module) { - PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName); - return NO_SUCH_MODULE_ERR; - } - - for(s=0; s < module->slotCount; s++) { - slot = module->slots[s]; - if ((slotName != NULL) && - !((strcmp(PK11_GetSlotName(slot),slotName) == 0) || - (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) { - /* we are only interested in changing the one slot */ - continue; - } - for(i=0; i - - -PKCS #11 JAR Format - - -

PKCS #11 JAR Format

- -

PKCS #11 modules can be packaged into JAR files that support automatic -installation onto the filesystem and into the security module database. -The JAR file should contain: -

    -
  • All files that will be installed onto the target machine. This will -include at least the PKCS #11 module library file (.DLL or .so), and -may also include any other file that should be installed (such as -documentation). -
  • A script to perform the installation. -
-The script can be in one of two forms. If the JAR file is to be -run by Communicator (or any program that interprets Javascript), the -instructions will be in the form of a SmartUpdate script. -Documentation - on creating this script can be found on DevEdge. - -

If the -JAR file is to be run by a server, modutil, or any other program that -doesn't interpret Javascript, a special information file must be included -in the format described in this document. - -

Declaring the Script in the Manifest File

-The script can have any name, but it must be declared in the manifest file -of the JAR archive. The metainfo tag for this is -Pkcs11_install_script. Meta-information is put in the manifest -file by putting it in a file which is passed to -Signtool. For example, -suppose the PKCS #11 installer script is in the file pk11install. -In Signtool's metainfo file, you would have a line like this: -
-+ Pkcs11_install_script: pk11install
-
- -

Sample Script File

-
-ForwardCompatible { IRIX:6.2:mips Solaris:5.5.1:sparc }
-Platforms {
-	WINNT::x86 {
-		ModuleName { "Fortezza Module" }
-		ModuleFile { win32/fort32.dll }
-		DefaultMechanismFlags{0x0001}
-		DefaultCipherFlags{0x0001}
-		Files {
-			win32/setup.exe {
-				Executable
-				RelativePath { %temp%/setup.exe }
-			}
-			win32/setup.hlp {
-				RelativePath { %temp%/setup.hlp }
-			}
-			win32/setup.cab {
-				RelativePath { %temp%/setup.cab }
-			}
-		}
-	}
-	WIN95::x86 {
-		EquivalentPlatform {WINNT::x86}
-	}
-	Solaris:5.5.1:sparc {
-		ModuleName { "Fortezza UNIX Module" }
-		ModuleFile { unix/fort.so }
-		DefaultMechanismFlags{0x0001}
-		CipherEnableFlags{0x0001}
-		Files {
-			unix/fort.so {
-				RelativePath{%root%/lib/fort.so}
-				AbsolutePath{/usr/local/netscape/lib/fort.so}
-				FilePermissions{555}
-			}
-			xplat/instr.html {
-				RelativePath{%root%/docs/inst.html}
-				AbsolutePath{/usr/local/netscape/docs/inst.html}
-				FilePermissions{555}
-			}
-		}
-	}
-	IRIX:6.2:mips {
-		EquivalentPlatform { Solaris:5.5.1:sparc }
-	}
-}
-
- -
- -

Script File Grammar

-
---> valuelist
-
-valuelist --> value valuelist
-              <null>
-
-value --> key_value_pair
-          string
-
-key_value_pair --> key { valuelist }
-
-key --> string
-
-string --> simple_string
-           "complex_string"
-
-simple_string --> [^ \t\n\""{""}"]+ (no whitespace, quotes, or braces)
-
-complex_string --> ([^\"\\\r\n]|(\\\")|(\\\\))+ (quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)
-
-Outside of complex strings, all whitespace (space, tab, newline) is considered -equal and is used only to delimit tokens. - -
- -

Keys

-Keys are case-insensitive. -

Global Keys

-
-
ForwardCompatible -
Gives a list of platforms that are forward compatible. If the current -platform cannot be found in the list of supported platforms, then the -ForwardCompatible list will be checked for any platforms that have the same -OS and architecture and an earlier version. If one is found, its -attributes will be used for the current platform. -
Platforms (required) -
Gives a list of platforms. Each entry in the list is itself a key-value -pair: -the key is the name of the platform, and the valuelist contains various -attributes of the platform. The ModuleName, ModuleFile, and Files attributes -must be specified, unless an EquivalentPlatform attribute is specified. -The platform string is in the following -format: system name:os release:architecture. The installer -will obtain these values from NSPR. os release is an empty -string on non-UNIX operating systems. The following system names and platforms -are currently defined by NSPR: -
    -
  • AIX (rs6000) -
  • BSDI (x86) -
  • FREEBSD (x86) -
  • HPUX (hppa1.1) -
  • IRIX (mips) -
  • LINUX (ppc, alpha, x86) -
  • MacOS (PowerPC) (Note: NSPR actually defines the OS as -"Mac OS". The -space makes the name unsuitable for being embedded in identifiers. Until -NSPR changes, you will have to add some special code to deal with this case. -) -
  • NCR (x86) -
  • NEC (mips) -
  • OS2 (x86) -
  • OSF (alpha) -
  • ReliantUNIX (mips) -
  • SCO (x86) -
  • SOLARIS (sparc) -
  • SONY (mips) -
  • SUNOS (sparc) -
  • UnixWare (x86) -
  • WIN16 (x86) -
  • WIN95 (x86) -
  • WINNT (x86) -
- -Examples of valid platform strings: IRIX:6.2:mips, Solaris:5.5.1:sparc, -Linux:2.0.32:x86, WIN95::x86. -
- -

Per-Platform Keys

-These keys only have meaning within the value list of an entry in -the Platforms list. -
-
ModuleName (required) -
Gives the common name for the module. This name will be used to -reference the module from Communicator, modutil, servers, or any other -program that uses the Netscape security module database. -
ModuleFile (required) -
Names the PKCS #11 module file (DLL or .so) for this platform. The name -is given as the relative path of the file within the JAR archive. -
Files (required) -
Lists the files that should be installed for this module. Each entry -in the file list is a key-value pair: the key is the path of the file in -the JAR archive, and -the valuelist contains attributes of the file. At least RelativePath and -AbsoluteDir must be specified in this valuelist. -
DefaultMechanismFlags -
This key-value pair specifies -of which mechanisms this module will be a default provider. It is a bitstring -specified in hexadecimal (0x) format. It is constructed as a bitwise OR -of the following constants. If the DefaultMechanismFlags -entry is omitted, the value will default to 0x0. -
-RSA:			0x0000 0001
-DSA:			0x0000 0002
-RC2:			0x0000 0004
-RC4:			0x0000 0008
-DES:			0x0000 0010
-DH:			0x0000 0020
-FORTEZZA:		0x0000 0040
-RC5:			0x0000 0080
-SHA1:			0x0000 0100
-MD5:			0x0000 0200
-MD2:			0x0000 0400
-RANDOM:			0x0800 0000
-FRIENDLY:		0x1000 0000
-OWN_PW_DEFAULTS:	0x2000 0000
-DISABLE:		0x4000 0000
-
-
CipherEnableFlags -
This key-value pair specifies -which SSL ciphers will be enabled. It is a bitstring specified in -hexadecimal (0x) format. It is constructed as a bitwise OR of the following -constants. If the CipherEnableFlags entry is omitted, the -value will default to 0x0. -
-FORTEZZA:		0x0000 0001
-
-
EquivalentPlatform -
Specifies that the attributes of the named platform should also be used -for the current platform. Saves typing when there is more than one platform -that uses the same settings. -
- -

Per-File Keys

-These keys only have meaning within the valuelist of an entry in a -Files list. At least one of RelativePath and -AbsolutePath must be specified. If both are specified, the -relative path will be tried first and the absolute path used only if no -relative root directory is provided by the installer program. -
-
RelativePath -
Specifies the destination directory of the file, relative to some directory -decided at install-time. Two variables can be used in the relative -path, "%root%" and "%temp%". "%root%" will be replaced at run-time with -the directory relative to which files should be installed; for -example, it may be the server's root directory or Communicator's root -directory. "%temp%" is a directory that will be created at the beginning -of the installation and destroyed at the end of the installation. Its purpose -is to hold executable files (such as setup programs), or files that are -used by these programs. For example, a Windows installation might consist -of a setup.exe installation program, a help file, and a .cab file -containing compressed information. All these files could be installed into the -temporary directory. Files destined for the temporary directory are guaranteed -to be in place before any executable file is run, and will not be deleted -until all executable files have finished. -
AbsoluteDir -
Specifies the destination directory of the file as an absolute path. -This will only be used if the installer is unable to determine a -relative directory. -
Executable -
This string specifies that the file is to be executed during the -course of the -installation. Typically this would be used for a setup program provided -by a module vendor, such as a self-extracting setup.exe. -More than one file can be specified as executable, in which case they will -be run in the order they are specified in the script file. -
FilePermissions -
This string is interpreted as a string of octal digits, according to the -standard UNIX format. It is a bitwise OR of the following constants: -
-user read:         400
-user write:        200
-user execute:      100
-group read:        040
-group write:       020
-group execute:     010
-other read:        004
-other write:       002
-other execute:     001
-
-Some platforms may not understand these permissions. They will only be -applied insofar as makes sense for the current platform. If this attribute -is omitted, a default of 777 is assumed. - - - diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk deleted file mode 100644 index b34662513..000000000 --- a/security/nss/cmd/modutil/rules.mk +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -# -# Some versions of yacc generate files that include platform-specific -# system headers. For example, the yacc in Solaris 2.6 inserts -# #include -# which does not exist on NT. For portability, always use Berkeley -# yacc (such as the yacc in Linux) to generate files. -# - -generate: installparse.c installparse.l - -installparse.c: - yacc -p Pk11Install_yy -d installparse.y - mv y.tab.c installparse.c - mv y.tab.h installparse.h - -installparse.l: - lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l - @echo - @echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**" - -install.c: install-ds.h install.h diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html deleted file mode 100644 index 48a1ab7cd..000000000 --- a/security/nss/cmd/modutil/specification.html +++ /dev/null @@ -1,351 +0,0 @@ - - - -Modutil Specification - - -

PKCS #11 Module Management Utility -
Specification

- - - - -

Capabilities

-
    -
  • Add a PKCS #11 module, specifying a name and library file. -(-add) -
  • Add a PKCS #11 module from a server-formatted JAR file. -(-jar) -
  • Change the password on or initialize a token. -(-changepw) -
  • Create databases (secmod[ule].db, key3.db, cert7.db) from scratch. -(-create) -
  • Switch to and from FIPS-140-1 compliant mode. -(-fips) -
  • Delete a PKCS #11 module. (-delete) -
  • List installed PKCS #11 modules. (-list) -
  • List detailed info on a particular module and its tokens, including -whether needs login, is hardware, needs user init -(-list) -
  • Specify which modules should be the default provider of various -cryptographic operations.(-default, --undefault) -
  • Disable and enable slots, find out whether and why they are disabled. -(-disable, -enable, --list) -
- -
- - - - -

Usage

-modutil [command] [options] -

At most one command can be specified. With no arguments, -modutil prints a usage message. -

Commands:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
CommandDescription
--add module name -libfile library file - [-ciphers cipher enable list] - [-mechanisms default mechanism list] -Adds a new module to the database with the given name. - -

library file is the path of the DLL or other library file -containing the module's implementation of the PKCS #11 interface. - -

cipher enable flags is a colon-separated list of ciphers -that will be enabled on this module. The list should be enclosed within quotes -if necessary to prevent shell interpretation. The following ciphers are -currently available: -

    -
  • FORTEZZA -
- -

default mechanism flags is a colon-separated list of -mechanisms for which this module should be the default provider. The -list should be enclosed within quotes if necessary to prevent shell -interpretation. This -list does not enable the mechanisms; it only specifies that this module -will be a default provider for the listed mechanisms. If more than -one module claims to be a default provider for a given mechanism, it is -undefined which will actually be chosen to provide that mechanism. The -following mechanisms are currently available: -

    -
  • RSA -
  • DSA -
  • RC2 -
  • RC4 -
  • RC5 -
  • DES -
  • DH -
  • FORTEZZA -
  • SHA1 -
  • MD5 -
  • MD2 -
  • RANDOM (random number generation) -
  • FRIENDLY (certificates are publicly-readable) -
-
-changepw token name -[-pwfile old password file] -[-newpwfile new password file]Changes the password on the named token. If the token has not been -initialized, this command will initialize the PIN. -If a password file is given, the password will be read from that file; -otherwise, the password will be obtained interactively. -Storing passwords in a file is much less secure than supplying them -interactively. -

The password on the Netscape internal module cannot be changed if -the -nocertdb option is specified. -

-createCreates a new secmod[ule].db, key3.db, and cert7.db in the directory -specified with the --dbdir option, if one is specified. If no directory is -specified, UNIX systems will use the user's .netscape directory, while other -systems will return with an error message. If any of these databases already -exist in the chosen directory, an error message is returned. -

If used with -nocertdb, only secmod[ule].db will be created; -cert7.db and key3.db will not be created. -

-default module name --mechanisms mechanism list -Specifies that the given module will be a default provider of the -listed mechanisms. The mechanism list is the same as in the -add -command. -
-delete module nameDeletes the named module from the database
-disable module name -[-slot slot name]Disables the named slot. If no slot is specified, all slots on -the module are disabled.
-enable module name -[-slot slot name]Enables the named slot. If no slot is specified, all slots on -the module are enabled.
-fips [true | false]Enables or disables FIPS mode on the internal module. Passing -true enables FIPS mode, passing false disables -FIPS mode.
-forceDisables interactive prompts, so modutil can be run in a script. -Should only be used by experts, since the prompts may relate to security -or database integrity. Before using this option, test the command -interactively once to see the warnings that are produced.
-jar JAR file --installdir root installation directory -[-tempdir temporary directory]Adds a new module from the given JAR file. The JAR file uses the -server PKCS #11 JAR format to describe the names of -any files that need to be installed, the name of the module, mechanism flags, -and cipher flags. The root installation directory -is the directory relative to which files will be installed. This should be a - directory -under which it would be natural to store dynamic library files, such as -a server's root directory, or Communicator's root directory. -The temporary directory is where temporary modutil files -will be created in the course of the installation. If no temporary directory -is specified, the current directory will be used. -

If used with the -nocertdb option, the signatures on the JAR -file will not be checked.

-list [module name]Without an argument, lists the PKCS #11 modules present in the module -database. -
-
-% modutil -list
-Using database directory /u/nicolson/.netscape...
-
-Listing of PKCS #11 Modules
------------------------------------------------------------
-  1. Netscape Internal PKCS #11 Module
-         slots: 2 slots attached
-        status: loaded
-
-         slot: Communicator Internal Cryptographic Services Version 4.0
-        token: Communicator Generic Crypto Svcs
-
-         slot: Communicator User Private Key and Certificate Services
-        token: Communicator Certificate DB
------------------------------------------------------------
-
-
-

With an argument, provides a detailed description of the named module -and its slots and tokens. -

-
-% modutil -list "Netscape Internal PKCS #11 Module"
-Using database directory /u/nicolson/.netscape...
-
------------------------------------------------------------
-Name: Netscape Internal PKCS #11 Module
-Library file: **Internal ONLY module**
-Manufacturer: Netscape Communications Corp    
-Description: Communicator Internal Crypto Svc
-PKCS #11 Version 2.0
-Library Version: 4.0
-Cipher Enable Flags: None
-Default Mechanism Flags: RSA:DSA:RC2:RC4:DES:SHA1:MD5:MD2
-
-  Slot: Communicator Internal Cryptographic Services Version 4.0
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 4.1
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Generic Crypto Svcs
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 4.0
-  Token Firmware Version: 0.0
-  Access: Write Protected
-  Login Type: Public (no login required)
-  User Pin: NOT Initialized
-
-  Slot: Communicator User Private Key and Certificate Services
-  Manufacturer: Netscape Communications Corp    
-  Type: Software
-  Version Number: 3.0
-  Firmware Version: 0.0
-  Status: Enabled
-  Token Name: Communicator Certificate DB     
-  Token Manufacturer: Netscape Communications Corp    
-  Token Model: Libsec 4.0      
-  Token Serial Number: 0000000000000000
-  Token Version: 7.0
-  Token Firmware Version: 0.0
-  Access: NOT Write Protected
-  Login Type: Login required
-  User Pin: Initialized
-
------------------------------------------------------------
-
-
-
-undefault module name --mechanisms mechanism listSpecifies that the given module will NOT be a default provider of -the listed mechanisms. This command clears the default mechanism flags -for the given module.
- - - - -

Options:

- - - - - - - - - - - - - - - -
OptionDescription
-dbdir directorySpecifies which directory holds the module database. On UNIX systems, -the user's netscape directory is the default. On other systems, there is -no default, and this option must be used.
-nocertdbDo not open the certificate or key databases. This has several effects. -With the -create command, this means that only a secmod.db file -will be created; cert7.db and key3.db will not be created. With the --jar command, signatures on the JAR file will not be checked. -With the -changepw command, the password on the Netscape internal -module cannot be set or changed, since this password is stored in key3.db. -
- - - diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile deleted file mode 100644 index 490f738e5..000000000 --- a/security/nss/cmd/ocspclnt/Makefile +++ /dev/null @@ -1,73 +0,0 @@ -#! gmake -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -####################################################################### -# (1) Include initial platform-independent assignments (MANDATORY). # -####################################################################### - -include manifest.mn - -####################################################################### -# (2) Include "global" configuration information. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/config.mk - -####################################################################### -# (3) Include "component" configuration information. (OPTIONAL) # -####################################################################### - -####################################################################### -# (4) Include "local" platform-dependent assignments (OPTIONAL). # -####################################################################### - -include ../platlibs.mk - -####################################################################### -# (5) Execute "global" rules. (OPTIONAL) # -####################################################################### - -include $(CORE_DEPTH)/coreconf/rules.mk - -####################################################################### -# (6) Execute "component" rules. (OPTIONAL) # -####################################################################### - - -####################################################################### -# (7) Execute "local" rules. (OPTIONAL). # -####################################################################### - - -include ../platrules.mk diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn deleted file mode 100644 index 225bc7c4a..000000000 --- a/security/nss/cmd/ocspclnt/manifest.mn +++ /dev/null @@ -1,54 +0,0 @@ -# -# The contents of this file are subject to the Mozilla Public -# License Version 1.1 (the "License"); you may not use this file -# except in compliance with the License. You may obtain a copy of -# the License at http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS -# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -# implied. See the License for the specific language governing -# rights and limitations under the License. -# -# The Original Code is the Netscape security libraries. -# -# The Initial Developer of the Original Code is Netscape -# Communications Corporation. Portions created by Netscape are -# Copyright (C) 1994-2000 Netscape Communications Corporation. All -# Rights Reserved. -# -# Contributor(s): -# -# Alternatively, the contents of this file may be used under the -# terms of the GNU General Public License Version 2 or later (the -# "GPL"), in which case the provisions of the GPL are applicable -# instead of those above. If you wish to allow use of your -# version of this file only under the terms of the GPL and not to -# allow others to use your version of this file under the MPL, -# indicate your decision by deleting the provisions above and -# replace them with the notice and other provisions required by -# the GPL. If you do not delete the provisions above, a recipient -# may use your version of this file under either the MPL or the -# GPL. -# - -CORE_DEPTH = ../../.. - -# MODULE public and private header directories are implicitly REQUIRED. -MODULE = security - -CSRCS = \ - ocspclnt.c \ - $(NULL) - -# headers for the MODULE (defined above) are implicitly required. -REQUIRES = dbm seccmd - -# WINNT uses EXTRA_LIBS as the list of libs to link in. -# Unix uses OS_LIBS for that purpose. -# We can solve this via conditional makefile code, but -# can't do this in manifest.mn because OS_ARCH isn't defined there. -# So, look in the local Makefile for the defines for the list of libs. - -PROGRAM = ocspclnt - -USE_STATIC_LIBS = 1 diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c deleted file mode 100644 index c26633fbe..000000000 --- a/security/nss/cmd/ocspclnt/ocspclnt.c +++ /dev/null @@ -1,1220 +0,0 @@ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -/* - * Test program for client-side OCSP. - * - * $Id$ - */ - -#include "secutil.h" -#include "nspr.h" -#include "plgetopt.h" -#include "nss.h" -#include "cert.h" -#include "ocsp.h" -#include "xconst.h" /* - * XXX internal header file; needed to get at - * cert_DecodeAuthInfoAccessExtension -- would be - * nice to not need this, but that would require - * better/different APIs. - */ - -#ifndef NO_PP /* - * Compile with this every once in a while to be - * sure that no dependencies on it get added - * outside of the pretty-printing routines. - */ -#include "ocspti.h" /* internals for pretty-printing routines *only* */ -#endif /* NO_PP */ - -#define DEFAULT_DB_DIR "~/.netscape" - - -static void -synopsis (char *program_name) -{ - PRFileDesc *pr_stderr; - - pr_stderr = PR_STDERR; - PR_fprintf (pr_stderr, "Usage:"); - PR_fprintf (pr_stderr, - "\t%s -p [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -P [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -r [-L] [-s ] [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -R [-l ] [-s ] [-d ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t%s -S [-l -t ]\n", - program_name); - PR_fprintf (pr_stderr, - "\t\t [-s ] [-w