The idea with HEIM_JSON_F_TRY_DECODE_DATA is that on parsing of JSON
texts, if we find a base64-encoded string, decode it. But a lot of
strings that aren't base64-encoded can be decoded anyways, leaving a
mess.
Insted we should -in a future commit- implement this only for the string
values of "heimdal-type-data-76d7fca2-d0da-4b20-a126-1a10f8a0eae6" names
in singleton objects.
- Add HEIM_JSON_F_ESCAPE_NON_ASCII to indicate that non-ASCII must be
escaped as \uXXXX.
- Add HEIM_JSON_F_NO_ESCAPE_NON_ASCII to force non-escaping of BMP
codepoints.
- If the locale's codeset is not UTF-8 and
HEIM_JSON_F_NO_ESCAPE_NON_ASCII is not set, then set
HEIM_JSON_F_ESCAPE_NON_ASCII.
Although not required to address bad code generation in
some versions of gcc 9 and 10, a coding style that requires
explicit comparison of the result to zero before use is
both clearer and would have avoided the generation of bad
code.
This change converts all use of cmp function usage from
```
if (strcmp(a, b) || !strcmp(c, d)) ...
```
to
```
if (strcmp(a, b) != 0 || strcmp(c, d)) == 0
```
for all C library cmp functions and related:
- strcmp(), strncmp()
- strcasecmp(), strncasecmp()
- stricmp(), strnicmp()
- memcmp()
Change-Id: Ic60c15e1e3a07e4faaf10648eefe3adae2543188
This adds a new backend for libhcrypto: the OpenSSL backend.
Now libhcrypto has these backends:
- hcrypto itself (i.e., the algorithms coded in lib/hcrypto)
- Common Crypto (OS X)
- PKCS#11 (specifically for Solaris, but not Solaris-specific)
- Windows CNG (Windows)
- OpenSSL (generic)
The ./configure --with-openssl=... option no longer disables the use of
hcrypto. Instead it enables the use of OpenSSL as a (and the default)
backend in libhcrypto. The libhcrypto framework is now always used.
OpenSSL should no longer be used directly within Heimdal, except in the
OpenSSL hcrypto backend itself, and files where elliptic curve (EC)
crypto is needed.
Because libhcrypto's EC support is incomplete, we can only use OpenSSL
for EC. Currently that means separating all EC-using code so that it
does not use hcrypto, thus the libhx509/hxtool and PKINIT EC code has
been moved out of the files it used to be in.
Add a basic set of tests for the HEIMDAL_MUTEX and HEIMDAL_RWLOCK
abstraction using both static and dynamic initialization.
Change-Id: Iaeb16e5dfcf00d29be7eaa4f2e6970c4f1268fb0
