[rt-commit] r158 - in /redwax-tool/trunk: ChangeLog Makefile.am config.h.in configure.ac redwax-tool.c redwax-tool.h redwax_libical.c redwax_nss.c redwax_openssl.c redwax_p11kit.c
rt-commit at redwax.eu
rt-commit at redwax.eu
Mon Oct 30 22:13:09 CET 2023
Author: minfrin at redwax.eu
Date: Mon Oct 30 22:13:08 2023
New Revision: 158
Log:
Add support for reading certificates from the MacOS
Keychain.
Modified:
redwax-tool/trunk/ChangeLog
redwax-tool/trunk/Makefile.am
redwax-tool/trunk/config.h.in
redwax-tool/trunk/configure.ac
redwax-tool/trunk/redwax-tool.c
redwax-tool/trunk/redwax-tool.h
redwax-tool/trunk/redwax_libical.c
redwax-tool/trunk/redwax_nss.c
redwax-tool/trunk/redwax_openssl.c
redwax-tool/trunk/redwax_p11kit.c
Modified: redwax-tool/trunk/ChangeLog
==============================================================================
--- redwax-tool/trunk/ChangeLog (original)
+++ redwax-tool/trunk/ChangeLog Mon Oct 30 22:13:08 2023
@@ -1,5 +1,8 @@
Changes with v0.9.4
+
+ *) Add support for reading certificates from the MacOS
+ Keychain. [Graham Leggett]
*) Add libical build parameters to the RPM spec file.
[Graham Leggett]
Modified: redwax-tool/trunk/Makefile.am
==============================================================================
--- redwax-tool/trunk/Makefile.am (original)
+++ redwax-tool/trunk/Makefile.am Mon Oct 30 22:13:08 2023
@@ -8,7 +8,7 @@
endif
bin_PROGRAMS = redwax-tool
-redwax_tool_SOURCES = redwax-tool.c redwax-tool.h redwax_openssl.c redwax_openssl.h redwax_nss.c redwax_nss.h redwax_p11kit.c redwax_p11kit.h redwax_libical.c redwax_libical.h redwax_util.c redwax_util.h
+redwax_tool_SOURCES = redwax-tool.c redwax-tool.h redwax_openssl.c redwax_openssl.h redwax_nss.c redwax_nss.h redwax_p11kit.c redwax_p11kit.h redwax_libical.c redwax_libical.h redwax_keychain.c redwax_keychain.h redwax_util.c redwax_util.h
EXTRA_DIST = redwax-tool.spec
dist_man_MANS = redwax-tool.1
Modified: redwax-tool/trunk/config.h.in
==============================================================================
--- redwax-tool/trunk/config.h.in (original)
+++ redwax-tool/trunk/config.h.in Mon Oct 30 22:13:08 2023
@@ -34,9 +34,6 @@
to 0 otherwise. */
#undef HAVE_MALLOC
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
/* Define to 1 if you have the `NSS_Initialize' function. */
#undef HAVE_NSS_INITIALIZE
@@ -113,11 +110,17 @@
/* Define to 1 if you have the `RSA_set0_key' function. */
#undef HAVE_RSA_SET0_KEY
+/* Define to 1 if you have the <Security/Security.h> header file. */
+#undef HAVE_SECURITY_SECURITY_H
+
/* Define to 1 if stdbool.h conforms to C99. */
#undef HAVE_STDBOOL_H
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdio.h> header file. */
+#undef HAVE_STDIO_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
@@ -198,7 +201,9 @@
/* Define to the version of this package. */
#undef PACKAGE_VERSION
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* Version number of package */
@@ -218,7 +223,7 @@
/* Define to rpl_malloc if the replacement function should be used. */
#undef malloc
-/* Define to `int' if <sys/types.h> does not define. */
+/* Define as a signed integer type capable of holding a process identifier. */
#undef pid_t
/* Define to `unsigned int' if <sys/types.h> does not define. */
Modified: redwax-tool/trunk/configure.ac
==============================================================================
--- redwax-tool/trunk/configure.ac (original)
+++ redwax-tool/trunk/configure.ac Mon Oct 30 22:13:08 2023
@@ -72,6 +72,17 @@
fi
])
+AC_ARG_WITH(keychain,[ --with-keychain use Security library],
+ [
+ if test "$with_keychain" != "no"; then
+
+ LDFLAGS="$LDFLAGS -framework CoreServices -framework Security -framework LocalAuthentication"
+
+ AC_CHECK_HEADERS(Security/Security.h)
+
+ fi
+ ])
+
AC_ARG_WITH([bash-completion-dir],
AS_HELP_STRING([--with-bash-completion-dir[=PATH]],
[Install the bash auto-completion script in this directory. @<:@default=yes@:>@]),
Modified: redwax-tool/trunk/redwax-tool.c
==============================================================================
--- redwax-tool/trunk/redwax-tool.c (original)
+++ redwax-tool/trunk/redwax-tool.c Mon Oct 30 22:13:08 2023
@@ -43,10 +43,30 @@
#include "redwax_openssl.h"
#include "redwax_p11kit.h"
#include "redwax_libical.h"
+#include "redwax_keychain.h"
#if HAVE_LIBGEN_H
#include <libgen.h>
#endif
+
+extern module core_module;
+extern module openssl_module;
+extern module nss_module;
+extern module p11kit_module;
+extern module libical_module;
+extern module keychain_module;
+
+module *redwax_modules[] = {
+ &core_module,
+ &openssl_module,
+ &nss_module,
+ &p11kit_module,
+ &libical_module,
+ &keychain_module,
+ NULL
+};
+
+module core_module;
APR_HOOK_STRUCT(
APR_HOOK_LINK(initialise);
@@ -60,6 +80,8 @@
APR_HOOK_LINK(complete_pkcs11_module_in);
APR_HOOK_LINK(process_pkcs11_module_in);
APR_HOOK_LINK(process_pkcs12_in);
+ APR_HOOK_LINK(complete_keychain_in);
+ APR_HOOK_LINK(process_keychain_in);
APR_HOOK_LINK(complete_filter);
APR_HOOK_LINK(process_filter);
APR_HOOK_LINK(complete_nss_out);
@@ -114,6 +136,10 @@
(redwax_tool_t * r, const char *mod, redwax_token_quoted_e quoted), (r, mod, quoted), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_pkcs12_in,
(redwax_tool_t * r, const char *arg, const char *secret), (r, arg, secret), DECLINED);
+APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_keychain_in,
+ (redwax_tool_t * r, const char *arg), (r, arg), DECLINED);
+APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, complete_keychain_in,
+ (redwax_tool_t * r, const char *url, apr_hash_t *urls), (r, url, urls), DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_ALL(rt, REDWAX, int, complete_filter,
(redwax_tool_t * r, apr_hash_t *filters), (r, filters), OK, DECLINED);
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(rt, REDWAX, int, process_filter,
@@ -180,63 +206,64 @@
#define REDWAX_TOOL_PKCS11_IN 257
#define REDWAX_TOOL_PKCS11_MODULE_IN 258
#define REDWAX_TOOL_PKCS12_IN 259
-#define REDWAX_TOOL_FILTER 260
-#define REDWAX_TOOL_FILTER_EMAIL 261
-#define REDWAX_TOOL_FILTER_HOSTNAME 262
-#define REDWAX_TOOL_FILTER_IP 263
-#define REDWAX_TOOL_FILTER_CURRENT 264
-#define REDWAX_TOOL_FILTER_DATE 265
-#define REDWAX_TOOL_FILTER_EXPIRY 266
-#define REDWAX_TOOL_CERT_OUT 267
-#define REDWAX_TOOL_NO_CERT_OUT 268
-#define REDWAX_TOOL_CHAIN_OUT 269
-#define REDWAX_TOOL_NO_CHAIN_OUT 270
-#define REDWAX_TOOL_ROOT_OUT 271
-#define REDWAX_TOOL_NO_ROOT_OUT 272
-#define REDWAX_TOOL_TRUST_OUT 273
-#define REDWAX_TOOL_NO_TRUST_OUT 274
-#define REDWAX_TOOL_CRL_OUT 275
-#define REDWAX_TOOL_NO_CRL_OUT 276
-#define REDWAX_TOOL_PARAM_OUT 277
-#define REDWAX_TOOL_NO_PARAM_OUT 278
-#define REDWAX_TOOL_KEY_IN 279
-#define REDWAX_TOOL_NO_KEY_IN 280
-#define REDWAX_TOOL_KEY_OUT 281
-#define REDWAX_TOOL_NO_KEY_OUT 282
-#define REDWAX_TOOL_AUTO_OUT 283
-#define REDWAX_TOOL_NO_AUTO_OUT 284
-#define REDWAX_TOOL_FILTER_VERIFY_PARAM 285
-#define REDWAX_TOOL_SECRET_SUFFIX_IN 286
-#define REDWAX_TOOL_SECRET_SUFFIX_OUT 287
-#define REDWAX_TOOL_SECRET_TOKEN_IN 288
-#define REDWAX_TOOL_SECRET_TOKEN_OUT 289
-#define REDWAX_TOOL_LABEL_OUT 290
-#define REDWAX_TOOL_NSS_OUT 291
-#define REDWAX_TOOL_NSS_SLOT_OUT 292
-#define REDWAX_TOOL_DER_OUT 293
-#define REDWAX_TOOL_PEM_OUT 294
-#define REDWAX_TOOL_PKCS12_OUT 295
-#define REDWAX_TOOL_PKCS11_OUT 296
-#define REDWAX_TOOL_PKCS11_MODULE_OUT 297
-#define REDWAX_TOOL_METADATA_OUT 298
-#define REDWAX_TOOL_METADATA_THRESHOLD 299
-#define REDWAX_TOOL_FORMAT_OUT 300
-#define REDWAX_TOOL_CALENDAR_OUT 301
-#define REDWAX_TOOL_CALENDAR_ALARM 302
-#define REDWAX_TOOL_REMINDER_OUT 303
-#define REDWAX_TOOL_JWKS_OUT 304
-#define REDWAX_TOOL_TEXT_OUT 305
-#define REDWAX_TOOL_NO_TEXT_OUT 306
-#define REDWAX_TOOL_SSH_PRIVATE_OUT 307
-#define REDWAX_TOOL_SSH_PUBLIC_OUT 308
-#define REDWAX_TOOL_SMIMEA_OUT 309
-#define REDWAX_TOOL_SSHFP_OUT 310
-#define REDWAX_TOOL_TLSA_OUT 311
-#define REDWAX_TOOL_USER_IN 312
-#define REDWAX_TOOL_USER_OUT 313
-#define REDWAX_TOOL_GROUP_IN 314
-#define REDWAX_TOOL_GROUP_OUT 315
-#define REDWAX_TOOL_ORDER_OUT 316
+#define REDWAX_TOOL_KEYCHAIN_IN 260
+#define REDWAX_TOOL_FILTER 261
+#define REDWAX_TOOL_FILTER_EMAIL 262
+#define REDWAX_TOOL_FILTER_HOSTNAME 263
+#define REDWAX_TOOL_FILTER_IP 264
+#define REDWAX_TOOL_FILTER_CURRENT 265
+#define REDWAX_TOOL_FILTER_DATE 266
+#define REDWAX_TOOL_FILTER_EXPIRY 267
+#define REDWAX_TOOL_CERT_OUT 268
+#define REDWAX_TOOL_NO_CERT_OUT 269
+#define REDWAX_TOOL_CHAIN_OUT 270
+#define REDWAX_TOOL_NO_CHAIN_OUT 271
+#define REDWAX_TOOL_ROOT_OUT 272
+#define REDWAX_TOOL_NO_ROOT_OUT 273
+#define REDWAX_TOOL_TRUST_OUT 274
+#define REDWAX_TOOL_NO_TRUST_OUT 275
+#define REDWAX_TOOL_CRL_OUT 276
+#define REDWAX_TOOL_NO_CRL_OUT 277
+#define REDWAX_TOOL_PARAM_OUT 278
+#define REDWAX_TOOL_NO_PARAM_OUT 279
+#define REDWAX_TOOL_KEY_IN 280
+#define REDWAX_TOOL_NO_KEY_IN 281
+#define REDWAX_TOOL_KEY_OUT 282
+#define REDWAX_TOOL_NO_KEY_OUT 283
+#define REDWAX_TOOL_AUTO_OUT 284
+#define REDWAX_TOOL_NO_AUTO_OUT 285
+#define REDWAX_TOOL_FILTER_VERIFY_PARAM 286
+#define REDWAX_TOOL_SECRET_SUFFIX_IN 287
+#define REDWAX_TOOL_SECRET_SUFFIX_OUT 288
+#define REDWAX_TOOL_SECRET_TOKEN_IN 289
+#define REDWAX_TOOL_SECRET_TOKEN_OUT 290
+#define REDWAX_TOOL_LABEL_OUT 291
+#define REDWAX_TOOL_NSS_OUT 292
+#define REDWAX_TOOL_NSS_SLOT_OUT 293
+#define REDWAX_TOOL_DER_OUT 294
+#define REDWAX_TOOL_PEM_OUT 295
+#define REDWAX_TOOL_PKCS12_OUT 296
+#define REDWAX_TOOL_PKCS11_OUT 297
+#define REDWAX_TOOL_PKCS11_MODULE_OUT 298
+#define REDWAX_TOOL_METADATA_OUT 299
+#define REDWAX_TOOL_METADATA_THRESHOLD 300
+#define REDWAX_TOOL_FORMAT_OUT 301
+#define REDWAX_TOOL_CALENDAR_OUT 302
+#define REDWAX_TOOL_CALENDAR_ALARM 303
+#define REDWAX_TOOL_REMINDER_OUT 304
+#define REDWAX_TOOL_JWKS_OUT 305
+#define REDWAX_TOOL_TEXT_OUT 306
+#define REDWAX_TOOL_NO_TEXT_OUT 307
+#define REDWAX_TOOL_SSH_PRIVATE_OUT 308
+#define REDWAX_TOOL_SSH_PUBLIC_OUT 309
+#define REDWAX_TOOL_SMIMEA_OUT 310
+#define REDWAX_TOOL_SSHFP_OUT 311
+#define REDWAX_TOOL_TLSA_OUT 312
+#define REDWAX_TOOL_USER_IN 313
+#define REDWAX_TOOL_USER_OUT 314
+#define REDWAX_TOOL_GROUP_IN 315
+#define REDWAX_TOOL_GROUP_OUT 316
+#define REDWAX_TOOL_ORDER_OUT 317
#define REDWAX_EXIT_OK 0
#define REDWAX_EXIT_INIT 1
@@ -268,6 +295,7 @@
{ "pkcs12-in", REDWAX_TOOL_PKCS12_IN, 1, " --pkcs12-in=file\t\tRead certificates, intermediate certificates,\n\t\t\t\troot certificates, crls, and keys from a PKCS12\n\t\t\t\tfile. Use '-' for stdin. Provide the secret\n\t\t\t\tusing --secret-suffix-in." },
{ "pkcs11-in", REDWAX_TOOL_PKCS11_IN, 1, " --pkcs11-in=url\t\tRead certificates, intermediate certificates,\n\t\t\t\troot certificates, crls, and keys from a PKCS11\n\t\t\t\ttoken identified by the given url." },
{ "pkcs11-module-in", REDWAX_TOOL_PKCS11_MODULE_IN, 1, " --pkcs11-module-in=mod\tSpecify the name of the PKCS11 module to be used,\n\t\t\t\toverriding system defaults. If relative, use the\n\t\t\t\tdefault PKCS11 module path, otherwise specify the\n\t\t\t\tabsolute path. Include the extension of the module." },
+ { "keychain-in", REDWAX_TOOL_KEYCHAIN_IN, 1, " --keychain-in=keychain\t\tRead certificates, intermediate certificates,\n\t\t\t\troot certificates, crls, and keys from a MacOS\n\t\t\t\tkeychain identified by the given name." },
{ "filter", REDWAX_TOOL_FILTER, 1, " --filter=type\t\t\tApply the given filter to pass inputs to the\n\t\t\t\toutputs. \"search\" will pass through all\n\t\t\t\tcertificates matching the given hostname,\n\t\t\t\temail or ip address. \"verify\" will pass all\n\t\t\t\tleaf certificates that can be successfully\n\t\t\t\tverified through the certificate chain to a\n\t\t\t\ttrusted root certificate. With the default\n\t\t\t\t\"passthrough\", all certificates, csrs, and\n\t\t\t\tkeys are passed through." },
{ "filter-email", REDWAX_TOOL_FILTER_EMAIL, 1, " --filter-email=address\tSearch/verify by the given email address. Leaf\n\t\t\t\tcertificates matching the email address will\n\t\t\t\tbe included. Can be specified more than once." },
{ "filter-hostname", REDWAX_TOOL_FILTER_HOSTNAME, 1, " --filter-hostname=domain\tSearch/verify by the given hostname. Leaf\n\t\t\t\tcertificates matching the hostname will be\n\t\t\t\tkept, taking into account wildcards where\n\t\t\t\tpresent." },
@@ -1780,6 +1808,30 @@
return APR_SUCCESS;
}
+static apr_status_t redwax_complete_keychain_in(redwax_tool_t *r, const char *arg,
+ redwax_token_quoted_e quoted)
+{
+ apr_hash_t *urls = apr_hash_make(r->pool);
+
+ apr_hash_index_t *hi;
+ void *val;
+
+ apr_size_t skiplen = quoted == REDWAX_TOKEN_NOQUOTE ?
+ redwax_strrcspn(arg, r->breaks) : 0;
+
+ rt_run_complete_keychain_in(r, arg, urls);
+
+ for (hi = apr_hash_first(r->pool, urls); hi; hi = apr_hash_next(hi)) {
+ apr_hash_this(hi, NULL, NULL, &val);
+
+ apr_file_printf(r->out, "%s\n",
+ redwax_pescape_echo_quoted(r->pool,
+ redwax_stroff((const char *)val, skiplen), quoted, 0));
+ }
+
+ return APR_SUCCESS;
+}
+
static apr_status_t redwax_complete_format_out(redwax_tool_t *r, const char *arg,
redwax_token_quoted_e quoted)
{
@@ -2417,6 +2469,14 @@
return status;
}
+static apr_status_t redwax_keychain_in(redwax_tool_t *r, const char *arg)
+{
+
+ apr_status_t status = rt_run_process_keychain_in(r, arg);
+
+ return status;
+}
+
void redwax_add_default_hooks()
{
rt_hook_complete_filter(redwax_complete_filter_passthrough, NULL, NULL, APR_HOOK_MIDDLE);
@@ -2517,6 +2577,10 @@
}
case REDWAX_TOOL_PKCS12_IN: {
redwax_dir_walk(r, optarg, &rt_run_process_pkcs12_in);
+ break;
+ }
+ case REDWAX_TOOL_KEYCHAIN_IN: {
+ redwax_keychain_in(r, optarg);
break;
}
}
@@ -2880,6 +2944,10 @@
rt_run_complete_pkcs11_module_in(r, optarg, state.isquoted);
break;
}
+ case REDWAX_TOOL_KEYCHAIN_IN: {
+ redwax_complete_keychain_in(r, optarg, state.isquoted);
+ break;
+ }
case REDWAX_TOOL_SECRET_TOKEN_IN: {
redwax_complete_file(r, optarg, state.isquoted);
break;
@@ -3078,6 +3146,10 @@
}
case REDWAX_TOOL_PKCS12_IN: {
redwax_complete_file(r, "", state.isquoted);
+ break;
+ }
+ case REDWAX_TOOL_KEYCHAIN_IN: {
+ redwax_complete_keychain_in(r, "", state.isquoted);
break;
}
case REDWAX_TOOL_SECRET_TOKEN_IN: {
@@ -3192,6 +3264,33 @@
return REDWAX_EXIT_OK;
}
+static int total_modules = 0;
+static int max_modules = 0;
+static int conf_vector_length = 0;
+module *redwax_top_module = NULL;
+
+redwax_conf_vector_t *redwax_create_module_config(apr_pool_t *p)
+{
+ return apr_pcalloc(p, sizeof(void *) * conf_vector_length);
+}
+
+void redwax_setup_modules(apr_pool_t *pool)
+{
+ module **m;
+
+ total_modules = 0;
+ for (m = redwax_modules; *m != NULL; m++)
+ (*m)->module_index = total_modules++;
+
+ max_modules = total_modules + 1;
+ conf_vector_length = max_modules;
+
+ for (m = redwax_modules; *m != NULL; m++) {
+ (*m)->register_hooks(pool);
+ }
+
+}
+
int main(int argc, const char * const argv[])
{
redwax_tool_t r = { 0 };
@@ -3221,6 +3320,8 @@
exit(REDWAX_EXIT_INIT);
}
+ redwax_setup_modules(apr_hook_global_pool);
+#if 0
#if HAVE_NSS_INITIALIZE
redwax_add_default_nss_hooks();
#endif
@@ -3233,7 +3334,11 @@
#if HAVE_LIBICAL_ICAL_H
redwax_add_default_libical_hooks();
#endif
+#if HAVE_SECURITY_SECURITY_H
+ redwax_add_default_keychain_hooks();
+#endif
redwax_add_default_hooks();
+#endif
apr_hook_sort_all();
@@ -3333,3 +3438,9 @@
exit(rc);
}
+
+REDWAX_DECLARE_MODULE(core) =
+{
+ STANDARD_MODULE_STUFF,
+ redwax_add_default_hooks /* register hooks */
+};
Modified: redwax-tool/trunk/redwax-tool.h
==============================================================================
--- redwax-tool/trunk/redwax-tool.h (original)
+++ redwax-tool/trunk/redwax-tool.h Mon Oct 30 22:13:08 2023
@@ -28,6 +28,37 @@
#include <apr_hooks.h>
#include <apr_pools.h>
#include <apr_tables.h>
+
+#define REDWAX_DECLARE_MODULE(foo) \
+ module foo##_module
+
+/** Use this in all standard modules */
+#define STANDARD_MODULE_STUFF -1, \
+ __FILE__, \
+ NULL
+
+typedef struct module_struct module;
+struct module_struct {
+ int module_index;
+ const char *name;
+ struct module_struct *next;
+ void (*register_hooks) (apr_pool_t *p);
+};
+
+typedef struct redwax_conf_vector_t redwax_conf_vector_t;
+
+redwax_conf_vector_t *redwax_create_module_config(apr_pool_t *p);
+
+void *redwax_get_module_config(const redwax_conf_vector_t *cv,
+ const module *m);
+
+void redwax_set_module_config(redwax_conf_vector_t *cv, const module *m,
+ void *val);
+
+#define redwax_get_module_config(v,m) \
+ (v ? ((void **)(v))[(m)->module_index] : NULL)
+#define redwax_set_module_config(v,m,val) \
+ ((((void **)(v))[(m)->module_index]) = (val))
typedef struct redwax_filter_t {
int filter_applied;
@@ -69,6 +100,7 @@
typedef struct redwax_tool_t {
apr_pool_t *pool;
apr_pool_t *tpool;
+ redwax_conf_vector_t *per_module;
apr_file_t *err;
apr_file_t *in;
apr_file_t *out;
@@ -191,6 +223,7 @@
typedef struct redwax_certificate_t {
apr_pool_t *pool;
struct redwax_certificate_t *next;
+ redwax_conf_vector_t *per_module;
const char *header;
const unsigned char *der;
apr_size_t len;
@@ -271,6 +304,7 @@
typedef struct redwax_key_t {
apr_pool_t *pool;
+ redwax_conf_vector_t *per_module;
const char *header;
const unsigned char *der;
apr_size_t len;
@@ -445,6 +479,22 @@
(redwax_tool_t *r, const char *arg));
/**
+ * Hook to complete keychain in.
+ *
+ * @param r The redwax-tool context.
+ */
+APR_DECLARE_EXTERNAL_HOOK(rt, REDWAX, apr_status_t, complete_keychain_in,
+ (redwax_tool_t *r, const char *url, apr_hash_t *urls));
+
+/**
+ * Hook to write incoming keychain entries.
+ *
+ * @param r The redwax-tool context.
+ */
+APR_DECLARE_EXTERNAL_HOOK(rt, REDWAX, apr_status_t, process_keychain_in,
+ (redwax_tool_t *r, const char *arg));
+
+/**
* Hook to complete incoming certificates / intermediates / keys
* and pass filtered results to the outgoing certificates /
* intermediates / keys.
Modified: redwax-tool/trunk/redwax_libical.c
==============================================================================
--- redwax-tool/trunk/redwax_libical.c (original)
+++ redwax-tool/trunk/redwax_libical.c Mon Oct 30 22:13:08 2023
@@ -42,6 +42,8 @@
icalcomponent *cal;
} redwax_libical_vcalendar_t;
+module libical_module;
+
static apr_status_t redwax_libical_initialise(redwax_tool_t *r)
{
@@ -698,4 +700,16 @@
rt_hook_set_calendar_alarm(redwax_libical_set_calendar_alarm, NULL, NULL, APR_HOOK_MIDDLE);
}
+#else
+
+void redwax_add_default_libical_hooks()
+{
+}
+
#endif
+
+REDWAX_DECLARE_MODULE(libical) =
+{
+ STANDARD_MODULE_STUFF,
+ redwax_add_default_libical_hooks /* register hooks */
+};
Modified: redwax-tool/trunk/redwax_nss.c
==============================================================================
--- redwax-tool/trunk/redwax_nss.c (original)
+++ redwax-tool/trunk/redwax_nss.c Mon Oct 30 22:13:08 2023
@@ -32,6 +32,7 @@
#include "config.h"
#include "redwax-tool.h"
+#include "redwax_util.h"
#if HAVE_NSS_INITIALIZE
@@ -55,6 +56,8 @@
const char *file;
int verify;
} redwax_nss_secret_t;
+
+module nss_module;
static apr_status_t cleanup_nss(void *dummy)
{
@@ -788,4 +791,16 @@
rt_hook_complete_nss_token_out(redwax_nss_complete_nss_token_out, NULL, NULL, APR_HOOK_MIDDLE);
}
+#else
+
+void redwax_add_default_nss_hooks()
+{
+}
+
#endif
+
+REDWAX_DECLARE_MODULE(nss) =
+{
+ STANDARD_MODULE_STUFF,
+ redwax_add_default_nss_hooks /* register hooks */
+};
Modified: redwax-tool/trunk/redwax_openssl.c
==============================================================================
--- redwax-tool/trunk/redwax_openssl.c (original)
+++ redwax-tool/trunk/redwax_openssl.c Mon Oct 30 22:13:08 2023
@@ -57,6 +57,8 @@
#define REDWAX_PKCS12_MIN 8
#define REDWAX_PKCS12_MAX HUGE_STRING_LEN
+
+module openssl_module;
static STACK_OF(X509) *cert_index;
static STACK_OF(X509) *chain_index;
@@ -4987,12 +4989,12 @@
memcpy(nkey, key, sizeof(redwax_key_t));
+ return APR_SUCCESS;
}
else {
- return APR_ENOENT;
- }
-
- return APR_SUCCESS;
+ return DECLINED;
+ }
+
}
static int redwax_openssl_compare_certificate(redwax_tool_t *r,
@@ -5795,4 +5797,14 @@
rt_hook_normalise_certificate(redwax_openssl_normalise_certificate, NULL, NULL, APR_HOOK_MIDDLE);
}
-#endif
+#else
+void redwax_add_default_openssl_hooks()
+{
+}
+#endif
+
+REDWAX_DECLARE_MODULE(openssl) =
+{
+ STANDARD_MODULE_STUFF,
+ redwax_add_default_openssl_hooks /* register hooks */
+};
Modified: redwax-tool/trunk/redwax_p11kit.c
==============================================================================
--- redwax-tool/trunk/redwax_p11kit.c (original)
+++ redwax-tool/trunk/redwax_p11kit.c Mon Oct 30 22:13:08 2023
@@ -69,6 +69,8 @@
} redwax_pkcs11_session_t;
CK_FUNCTION_LIST **global_modules;
+
+module p11kit_module;
static const char *pkcs11_errstr(CK_RV rv)
{
@@ -3263,4 +3265,14 @@
NULL, NULL, APR_HOOK_MIDDLE);
}
+#else
+void redwax_add_default_p11kit_hooks()
+{
+}
#endif
+
+REDWAX_DECLARE_MODULE(p11kit) =
+{
+ STANDARD_MODULE_STUFF,
+ redwax_add_default_p11kit_hooks /* register hooks */
+};
More information about the rt-commit
mailing list