hx509_ca_tbs_set_signature_algorithm was added by commit
c69c4634ad. It must be exported
for use by hxtool on Windows.
Change-Id: I14b927abde96814ae2e0a90f232ab00915a9f29e
Eventually we'll need to make sure that a) libroken's stdint.h defines
the max integer types, b) the libroken *printf()s can handle all the
standard length and conversion specifiers.
In both hx509_cert_init() and hx509_cert_init_data(), there is an
output parameter for the error code but there are cases where the
error is used as a return value instead of the specified hx509_cert.
We fix these issues. We also check if error is non-NULL and only
set the error in this case, allowing the functions to be called
with error == NULL without segfault.
When building with OpenSSL at a custom prefix, some test cases will fail
to compile due to missing include path compiler options. This patch adds
them, as well as defining CPPFLAGS and LDADD for test_expr.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
To stop the errors when building concurrently, we make a number of
changes:
1. stop including generated files in *_SOURCES,
2. make *-protos.h and *-private.h depend on the *_SOURCES,
3. make all objects depend on *-{protos,private}.h,
4. in a few places change dir/header.h to $(srcdir)/dir/header.h,
This appears to work for me with make -j16 on a 4-way box.
OpenSSL_add_all_algorithms() should only be run once per application
or it will cause data structures to expand. It's not a classic
memory leak as all of the memory will be free(3)d when EVP_cleanup()
is called but as we are a library we cannot call this. We provide
a short term fix here which is using heim_base_once_f() to ensure
that we only call it once.
But the long term fix should be to stop using OpenSSL_add_all_algorithms()
entirely because it both has side effects outside our library and
the caller may destroy our OpenSSL global variables by calling
EVP_cleanup() on his own. It is suboptimal to have potential
interactions between our library and other code in this way.
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer. Note that we get different
warnings on different machines and so this will be a work in
progress. So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).
Notably, we fixed
1. a lot of missing structure initialisers,
2. unchecked return values for functions that glibc
marks as __attribute__((warn-unused-result)),
3. made minor modifications to slc and asn1_compile
which can generate code which generates warnings,
and
4. a few stragglers here and there.
We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g. rsh, rcp,
popper, ftp and telnet.
Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.
We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
Added to 11 out of 14 directories with map files. Not lib/ntlm,
lib/hcrypto and kdc which have the map file as an explicit dependency
to _OBBJECTS.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
