oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,653 Commits 4 Branches 2 Tags
fd3f463152ca93fda22a45bdfd3b9c2d7034db92
Commit Graph

55 Commits

Author SHA1 Message Date
Nicolas Williams 5d939ba1b6 hx509: Make hxtool default store type to FILE 
A common complaint about hxtool(1) is that if one fails to add a TYPE:
prefix to a CSR or certificate/private key store names, then hxtool
fails somewhat inscrutably.  We can't just fix hx509_certs_init() or
hx509_certs_append() because they default to "MEMORY" so who knows what
might break.  Instead we fix all uses of user-provided store names in
hxtool to have a FILE: prefix if no type was given.  For CSRs we'll
default to adding the only type prefix supported, "PKCS10".
 2021-03-24 11:03:14 -05:00
Nicolas Williams e515745996 hx509: private key exclusion options 
Add two ways to exclude private keys when dealing with an hx509
certificate store.  One as a load option (load no private keys, never
add private keys), one as a store option (store no private keys).

This is useful for CA code so it can have a single store with the
issuer's credentials _and_ the chain for it, and copy those to a store
with the issued certificate and _not_ accidentally include the issuer's
private key.

It would be much safer still to flip the default for this flag, but that
could break out-of-tree libhx509 dependents.
 2019-12-09 18:10:10 -06:00
Nicolas Williams 89b076c543 hx509: match docs for hx509_certs_init() 2019-10-07 21:32:00 -05:00
Nicolas Williams 63ccdca137 hx509: _hx509_certs_keys_free() should not require gate 2019-10-03 13:09:18 -05:00
Nicolas Williams 41fcafd20c hx509: add hx509_certs_destroy() 2019-10-03 13:09:18 -05:00
Jeffrey Altman 387684aa93 WIN32: fix calling conventions for 32-bit builds 
On 32-bit Windows Intel builds the __cdecl and __stdcall calling
conventions are different so labeling the functions that are
exported or assigned to function pointers matters.

Change-Id: I03b6f34baeb9ffb2e683fd979f12f27a5078a4da
 2019-01-14 06:12:36 -05:00
Jeffrey Altman 1dd38cc3de lib/hx509: declare and apply HX509_LIB_xxx macros 
libhx509 is not built according to the same export and calling conventions
on Windows as the other libraries.  This change declares and applies
HX509_LIB_FUNCTION, HX509_LIB_NORETURN_FUNCTION, HX509_LIB_CALL and
HX509_LIB_VARIABLE to lib/hx509.

As a result of this change the calling convention for exported functions
will be __stdcall instead of __cdecl.

Change-Id: Ibc3f05e8088030ef7d13798f1d9c9b190bc57797
 2019-01-02 10:23:39 -06:00
Chris Lamb aa119d1792 Correct "doesnt" typos. 
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit c4feed0b8cb6df71e14a30c07e4b5560368f54cc)
 2018-09-10 14:42:18 -04:00
Viktor Dukhovni 3657f23a9e Fix more doxygen bitrot 2016-12-15 04:28:21 -05:00
Nicolas Williams 2ebec2e4ec Fix some Doxygen warnings 2016-12-14 22:05:46 -06:00
Roland C. Dowdeswell cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. 
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
 2012-02-20 19:45:41 +00:00
Love Hornquist Astrand 6d6734bfab document hx509_certs_iter() 2011-03-13 17:09:08 -07:00
Jelmer Vernooij 36ade8b509 hx509: Make various functions used by Samba public. 
* hx509_cert_public_encrypt
* hx509_parse_private_key
* hx509_private_key_assign_rsa
* hx509_private_key_free
* hx509_private_key_private_decrypt
* hx509_private_key_init
* hx509_private_key2SPKI
* hx509_request_get_name
* hx509_request_get_SubjectPublicKeyInfo
* hx509_request_free
* hx509_request_init
* hx509_request_set_name
* hx509_request_set_SubjectPublicKeyInfo

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2011-02-23 19:47:28 -08:00
Love Hornquist Astrand 2153b884b6 use hx509_certs_iter_f 2009-11-22 13:52:54 -08:00
Love Hornquist Astrand 682e7e012c export hx509_certs_ref 2009-09-29 11:28:24 -07:00
Love Hörnquist Åstrand ff5dab4f4a remove rcsid 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24795 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-22 23:28:18 +00:00
Love Hörnquist Åstrand baf73c2f8b doxygen 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24613 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:10:01 +00:00
Love Hörnquist Åstrand 2fbb6ab934 Change prototype of hx509_certs_filter(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24612 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:09:51 +00:00
Love Hörnquist Åstrand e1ae936e65 doxygen 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24583 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:04:58 +00:00
Love Hörnquist Åstrand 651c4a0ec6 Add hx509_certs_filter(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24582 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-04 22:04:48 +00:00
Love Hörnquist Åstrand 6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand 1ab683c478 make refcount slightly more sane. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22851 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-04-07 18:49:07 +00:00
Love Hörnquist Åstrand f407e08702 document HX509_CERTS_UNPROTECT_ALL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22466 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-16 14:26:35 +00:00
Love Hörnquist Åstrand 6235e74acc Add documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22331 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-16 07:30:37 +00:00
Love Hörnquist Åstrand bab14f8a46 use HX509_UNSUPPORTED_OPERATION and some more documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22330 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 05:20:00 +00:00
Love Hörnquist Åstrand b3efcbda59 more documentation 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22327 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 04:49:37 +00:00
Love Hörnquist Åstrand 57fe64a140 Some more documentation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22322 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-15 03:47:46 +00:00
Love Hörnquist Åstrand d651f2187d More documentation 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22275 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-11 11:02:11 +00:00
Love Hörnquist Åstrand 3d4ced794a handle refcount on NULL 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-09 20:49:31 +00:00
Love Hörnquist Åstrand 7c5b097a53 Avoid useing freed memory. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 21:24:19 +00:00
Love Hörnquist Åstrand cadd30c594 Set ref to 1 for the new object. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21080 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-13 01:06:25 +00:00
Love Hörnquist Åstrand 144b8c583c Add refcounting to keystores. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21067 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-12 19:30:33 +00:00
Love Hörnquist Åstrand 43ba803237 (hx509_certs_merge): its ok to merge in the NULL set of certs. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-05 03:41:17 +00:00
Love Hörnquist Åstrand e28d281748 (hx509_certs_find): collects stats for queries. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20786 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-02 01:04:25 +00:00
Love Hörnquist Åstrand 91a0892b93 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19840 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-11 10:36:29 +00:00
Love Hörnquist Åstrand 82a45c7036 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19839 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-11 09:55:09 +00:00
Love Hörnquist Åstrand 80977a02f6 Factor out private key operation out of the signing, operations, support import, export, and generation of private keys. Add support for writing PEM and PKCS12 files with private keys in them. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19778 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-09 10:52:13 +00:00
Love Hörnquist Åstrand 04fecea15c Remove anther strndup that causes AIX to fall over. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19180 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-28 20:07:57 +00:00
Love Hörnquist Åstrand 1eb85d5451 (hx509_certs_add): add comment on refcounting. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18787 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-21 20:21:51 +00:00
Love Hörnquist Åstrand 5b65222edf (hx509_certs_info): print information about the keyset. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17969 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-04 07:24:33 +00:00
Love Hörnquist Åstrand 5eb2dd8d17 Sprinkle setting error strings. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17409 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-02 11:05:29 +00:00
Love Hörnquist Åstrand 8fd826b57e remove extra x 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17395 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 14:05:06 +00:00
Love Hörnquist Åstrand 7072fcc8ec changed signature of _hx509_query_match_cert 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17394 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 14:04:43 +00:00
Love Hörnquist Åstrand a7e3644eb9 (hx509_certs_init): pass the right error code back 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-01 13:36:07 +00:00
Love Hörnquist Åstrand 1e0aaa115c (hx509_ci_print_names): make it print issuer too. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16991 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-03 15:25:28 +00:00
Love Hörnquist Åstrand a27d1186bf (hx509_certs_free): allow free-ing NULL 
(hx509_certs_find): expose
(hx509_get_one_cert): new function


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16810 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-26 23:43:37 +00:00
Love Hörnquist Åstrand 7dcf3289bb add a hx509_context where we can store configuration 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16476 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-04 20:33:31 +00:00
Love Hörnquist Åstrand 34e449f026 Add _hx509_ks_dir_register. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16428 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-02 13:20:11 +00:00
Love Hörnquist Åstrand f47adcff7d Register pkcs11 module. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16069 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-14 15:53:53 +00:00