oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,865 Commits 2 Branches 2 Tags
c80c04b2359ba67ecd4c2b1f2c452b0ec5f1e69b
Commit Graph

56 Commits

Author SHA1 Message Date
Nicolas Williams
e23bc7d53d hx509: Fix warnings and leaks 2022-01-14 12:42:52 -06:00
Nicolas Williams
5d939ba1b6 hx509: Make hxtool default store type to FILE 
A common complaint about hxtool(1) is that if one fails to add a TYPE:
prefix to a CSR or certificate/private key store names, then hxtool
fails somewhat inscrutably.  We can't just fix hx509_certs_init() or
hx509_certs_append() because they default to "MEMORY" so who knows what
might break.  Instead we fix all uses of user-provided store names in
hxtool to have a FILE: prefix if no type was given.  For CSRs we'll
default to adding the only type prefix supported, "PKCS10".
 2021-03-24 11:03:14 -05:00
Nicolas Williams
e515745996 hx509: private key exclusion options 
Add two ways to exclude private keys when dealing with an hx509
certificate store.  One as a load option (load no private keys, never
add private keys), one as a store option (store no private keys).

This is useful for CA code so it can have a single store with the
issuer's credentials _and_ the chain for it, and copy those to a store
with the issued certificate and _not_ accidentally include the issuer's
private key.

It would be much safer still to flip the default for this flag, but that
could break out-of-tree libhx509 dependents.
 2019-12-09 18:10:10 -06:00
Nicolas Williams
89b076c543 hx509: match docs for hx509_certs_init() 2019-10-07 21:32:00 -05:00
Nicolas Williams
63ccdca137 hx509: _hx509_certs_keys_free() should not require gate 2019-10-03 13:09:18 -05:00
Nicolas Williams
41fcafd20c hx509: add hx509_certs_destroy() 2019-10-03 13:09:18 -05:00
Jeffrey Altman
387684aa93 WIN32: fix calling conventions for 32-bit builds 
On 32-bit Windows Intel builds the __cdecl and __stdcall calling
conventions are different so labeling the functions that are
exported or assigned to function pointers matters.

Change-Id: I03b6f34baeb9ffb2e683fd979f12f27a5078a4da
 2019-01-14 06:12:36 -05:00
Jeffrey Altman
1dd38cc3de lib/hx509: declare and apply HX509_LIB_xxx macros 
libhx509 is not built according to the same export and calling conventions
on Windows as the other libraries.  This change declares and applies
HX509_LIB_FUNCTION, HX509_LIB_NORETURN_FUNCTION, HX509_LIB_CALL and
HX509_LIB_VARIABLE to lib/hx509.

As a result of this change the calling convention for exported functions
will be __stdcall instead of __cdecl.

Change-Id: Ibc3f05e8088030ef7d13798f1d9c9b190bc57797
 2019-01-02 10:23:39 -06:00
Chris Lamb
aa119d1792 Correct "doesnt" typos. 
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit c4feed0b8cb6df71e14a30c07e4b5560368f54cc)
 2018-09-10 14:42:18 -04:00
Viktor Dukhovni
3657f23a9e Fix more doxygen bitrot 2016-12-15 04:28:21 -05:00
Nicolas Williams
2ebec2e4ec Fix some Doxygen warnings 2016-12-14 22:05:46 -06:00
Roland C. Dowdeswell
cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. 
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
 2012-02-20 19:45:41 +00:00
Love Hornquist Astrand
6d6734bfab document hx509_certs_iter() 2011-03-13 17:09:08 -07:00
Jelmer Vernooij
36ade8b509 hx509: Make various functions used by Samba public. 
* hx509_cert_public_encrypt
* hx509_parse_private_key
* hx509_private_key_assign_rsa
* hx509_private_key_free
* hx509_private_key_private_decrypt
* hx509_private_key_init
* hx509_private_key2SPKI
* hx509_request_get_name
* hx509_request_get_SubjectPublicKeyInfo
* hx509_request_free
* hx509_request_init
* hx509_request_set_name
* hx509_request_set_SubjectPublicKeyInfo

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-02-23 19:47:28 -08:00
Love Hornquist Astrand
2153b884b6 use hx509_certs_iter_f 2009-11-22 13:52:54 -08:00
Love Hornquist Astrand
682e7e012c export hx509_certs_ref 2009-09-29 11:28:24 -07:00
Love Hörnquist Åstrand
ff5dab4f4a remove rcsid 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24795 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-22 23:28:18 +00:00
Love Hörnquist Åstrand
baf73c2f8b doxygen 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24613 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:10:01 +00:00
Love Hörnquist Åstrand
2fbb6ab934 Change prototype of hx509_certs_filter(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24612 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:09:51 +00:00
Love Hörnquist Åstrand
e1ae936e65 doxygen 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24583 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:04:58 +00:00
Love Hörnquist Åstrand
651c4a0ec6 Add hx509_certs_filter(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24582 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:04:48 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
1ab683c478 make refcount slightly more sane. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22851 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-04-07 18:49:07 +00:00
Love Hörnquist Åstrand
f407e08702 document HX509_CERTS_UNPROTECT_ALL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22466 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-16 14:26:35 +00:00
Love Hörnquist Åstrand
6235e74acc Add documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22331 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-16 07:30:37 +00:00
Love Hörnquist Åstrand
bab14f8a46 use HX509_UNSUPPORTED_OPERATION and some more documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22330 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 05:20:00 +00:00
Love Hörnquist Åstrand
b3efcbda59 more documentation 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22327 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 04:49:37 +00:00
Love Hörnquist Åstrand
57fe64a140 Some more documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22322 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 03:47:46 +00:00
Love Hörnquist Åstrand
d651f2187d More documentation 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22275 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-11 11:02:11 +00:00
Love Hörnquist Åstrand
3d4ced794a handle refcount on NULL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-09 20:49:31 +00:00
Love Hörnquist Åstrand
7c5b097a53 Avoid useing freed memory. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 21:24:19 +00:00
Love Hörnquist Åstrand
cadd30c594 Set ref to 1 for the new object. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21080 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-13 01:06:25 +00:00
Love Hörnquist Åstrand
144b8c583c Add refcounting to keystores. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21067 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-12 19:30:33 +00:00
Love Hörnquist Åstrand
43ba803237 (hx509_certs_merge): its ok to merge in the NULL set of certs. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-05 03:41:17 +00:00
Love Hörnquist Åstrand
e28d281748 (hx509_certs_find): collects stats for queries. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20786 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-02 01:04:25 +00:00
Love Hörnquist Åstrand
91a0892b93 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19840 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-11 10:36:29 +00:00
Love Hörnquist Åstrand
82a45c7036 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19839 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-11 09:55:09 +00:00
Love Hörnquist Åstrand
80977a02f6 Factor out private key operation out of the signing, operations, support import, export, and generation of private keys. Add support for writing PEM and PKCS12 files with private keys in them. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19778 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-09 10:52:13 +00:00
Love Hörnquist Åstrand
04fecea15c Remove anther strndup that causes AIX to fall over. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19180 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-28 20:07:57 +00:00
Love Hörnquist Åstrand
1eb85d5451 (hx509_certs_add): add comment on refcounting. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18787 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-21 20:21:51 +00:00
Love Hörnquist Åstrand
5b65222edf (hx509_certs_info): print information about the keyset. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17969 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-04 07:24:33 +00:00
Love Hörnquist Åstrand
5eb2dd8d17 Sprinkle setting error strings. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17409 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-02 11:05:29 +00:00
Love Hörnquist Åstrand
8fd826b57e remove extra x 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17395 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 14:05:06 +00:00
Love Hörnquist Åstrand
7072fcc8ec changed signature of _hx509_query_match_cert 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17394 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 14:04:43 +00:00
Love Hörnquist Åstrand
a7e3644eb9 (hx509_certs_init): pass the right error code back 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 13:36:07 +00:00
Love Hörnquist Åstrand
1e0aaa115c (hx509_ci_print_names): make it print issuer too. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16991 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-03 15:25:28 +00:00
Love Hörnquist Åstrand
a27d1186bf (hx509_certs_free): allow free-ing NULL 
(hx509_certs_find): expose
(hx509_get_one_cert): new function


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16810 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-26 23:43:37 +00:00
Love Hörnquist Åstrand
7dcf3289bb add a hx509_context where we can store configuration 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16476 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-04 20:33:31 +00:00
Love Hörnquist Åstrand
34e449f026 Add _hx509_ks_dir_register. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16428 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-02 13:20:11 +00:00