From: Marcel Poul Date: Wed, 6 Feb 2013 15:04:05 +0000 (+0000) Subject: rename proxy_verify... to canl_proxy_verify, may solve GGUS ticket 91208 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=02b80e130dc35ca65549fe9dbfbde2f236d94a5f;p=jra1mw.git rename proxy_verify... to canl_proxy_verify, may solve GGUS ticket 91208 --- diff --git a/emi.canl.canl-c/src/canl_cred.c b/emi.canl.canl-c/src/canl_cred.c index 60069f9..bafcf8f 100644 --- a/emi.canl.canl-c/src/canl_cred.c +++ b/emi.canl.canl-c/src/canl_cred.c @@ -8,8 +8,8 @@ #define LIFETIME_TRESHOLD 10*24*60*60 //10 days static STACK_OF(X509)* my_sk_X509_dup(glb_ctx *cc, STACK_OF(X509) *stack); -extern int proxy_verify_cert_chain(X509 * ucert, STACK_OF(X509) * cert_chain, proxy_verify_desc * pvd); -extern proxy_verify_desc *pvd_setup_initializers(char *cadir, +extern int proxy_verify_cert_chain(X509 * ucert, STACK_OF(X509) * cert_chain, canl_proxy_verify_desc * pvd); +extern canl_proxy_verify_desc *canl_pvd_setup_initializers(char *cadir, unsigned int flags); extern void pvd_destroy_initializers(void *data); extern canl_error map_verify_result(unsigned long ssl_err, @@ -697,9 +697,9 @@ canl_verify_chain(canl_ctx ctx, X509 *ucert, STACK_OF(X509) *cert_chain, char *cadir) { int ret = 0; - proxy_verify_desc *pvd = NULL; /* verification context */ + canl_proxy_verify_desc *pvd = NULL; /* verification context */ - pvd = pvd_setup_initializers(cadir, 0); + pvd = canl_pvd_setup_initializers(cadir, 0); ret = proxy_verify_cert_chain(ucert, cert_chain, pvd); pvd_destroy_initializers(pvd); if (ret) @@ -716,11 +716,11 @@ canl_verify_chain_wo_ossl(canl_ctx ctx, char *cadir, { int ret = 0, depth = 0, i = 0; STACK_OF(X509) *certstack; - proxy_verify_desc *pvd = NULL; /* verification context */ + canl_proxy_verify_desc *pvd = NULL; /* verification context */ unsigned long ssl_err = 0; canl_error canl_err = 0; - pvd = pvd_setup_initializers(cadir, 0); + pvd = canl_pvd_setup_initializers(cadir, 0); X509_STORE_CTX_set_ex_data(store_ctx, PVD_STORE_EX_DATA_IDX, (void *)pvd); #ifdef X509_V_FLAG_ALLOW_PROXY_CERTS X509_STORE_CTX_set_flags(store_ctx, X509_V_FLAG_ALLOW_PROXY_CERTS); @@ -751,15 +751,15 @@ canl_verify_chain_wo_ossl(canl_ctx ctx, char *cadir, return 0; } -proxy_verify_desc *pvd_setup_initializers(char *cadir, unsigned int pvxd_flags) +canl_proxy_verify_desc *canl_pvd_setup_initializers(char *cadir, unsigned int pvxd_flags) { - proxy_verify_ctx_desc *pvxd = NULL; - proxy_verify_desc *pvd = NULL; + canl_proxy_verify_ctx_desc *pvxd = NULL; + canl_proxy_verify_desc *pvd = NULL; char *ca_cert_dirn = NULL; int err = 0; - pvd = (proxy_verify_desc*) malloc(sizeof(proxy_verify_desc)); - pvxd = (proxy_verify_ctx_desc *)malloc(sizeof(proxy_verify_ctx_desc)); + pvd = (canl_proxy_verify_desc*) malloc(sizeof(canl_proxy_verify_desc)); + pvxd = (canl_proxy_verify_ctx_desc *)malloc(sizeof(canl_proxy_verify_ctx_desc)); pvd->cert_store = NULL; @@ -769,8 +769,8 @@ proxy_verify_desc *pvd_setup_initializers(char *cadir, unsigned int pvxd_flags) return NULL; } - proxy_verify_ctx_init(pvxd); - proxy_verify_init(pvd, pvxd); + canl_proxy_verify_ctx_init(pvxd); + canl_proxy_verify_init(pvd, pvxd); /* If cadir is not specified, do the best as to get the standard CA certificates directory name */ @@ -789,15 +789,15 @@ proxy_verify_desc *pvd_setup_initializers(char *cadir, unsigned int pvxd_flags) void pvd_destroy_initializers(void *data) { - proxy_verify_desc *pvd = (proxy_verify_desc *)data; + canl_proxy_verify_desc *pvd = (canl_proxy_verify_desc *)data; if (pvd) { if (pvd->pvxd) - proxy_verify_ctx_release(pvd->pvxd); + canl_proxy_verify_ctx_release(pvd->pvxd); free(pvd->pvxd); pvd->pvxd = NULL; - proxy_verify_release(pvd); + canl_proxy_verify_release(pvd); /* X509_STORE_CTX_free segfaults if passed a NULL store_ctx */ if (pvd->cert_store) diff --git a/emi.canl.canl-c/src/canl_mech_ssl.h b/emi.canl.canl-c/src/canl_mech_ssl.h index 0695eca..e117d33 100644 --- a/emi.canl.canl-c/src/canl_mech_ssl.h +++ b/emi.canl.canl-c/src/canl_mech_ssl.h @@ -22,7 +22,7 @@ typedef struct _mech_glb_ctx char *ca_file; char *crl_dir; cert_key_store *cert_key; - proxy_verify_desc *pvd_ctx; + canl_proxy_verify_desc *pvd_ctx; } mech_glb_ctx; int do_set_ctx_own_cert_file(glb_ctx *cc, mech_glb_ctx *m_ctx, diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c index 588714a..abc4262 100644 --- a/emi.canl.canl-c/src/canl_ssl.c +++ b/emi.canl.canl-c/src/canl_ssl.c @@ -20,7 +20,7 @@ static canl_error map_proxy_error(int reason); static int setup_SSL_proxy_handler(glb_ctx *cc, SSL_CTX *ssl, char *cadir, int leave_pvd); -extern proxy_verify_desc *pvd_setup_initializers(char *cadir, int flags); +extern canl_proxy_verify_desc *canl_pvd_setup_initializers(char *cadir, int flags); extern void pvd_destroy_initializers(void *data); #ifdef DEBUG @@ -390,9 +390,9 @@ err: static int setup_SSL_proxy_handler(glb_ctx *cc, SSL_CTX *ssl, char *cadir, int leave_pvd) { - proxy_verify_desc *new_pvd = NULL; + canl_proxy_verify_desc *new_pvd = NULL; mech_glb_ctx *m_ctx = (mech_glb_ctx *)cc->mech_ctx; - new_pvd = pvd_setup_initializers(cadir, m_ctx->flags); + new_pvd = canl_pvd_setup_initializers(cadir, m_ctx->flags); if (new_pvd){ SSL_CTX_set_ex_data(ssl, PVD_SSL_EX_DATA_IDX, new_pvd); if (!leave_pvd) diff --git a/emi.canl.canl-c/src/proxy/sslutils.c b/emi.canl.canl-c/src/proxy/sslutils.c index 5ece7f4..24b1556 100644 --- a/emi.canl.canl-c/src/proxy/sslutils.c +++ b/emi.canl.canl-c/src/proxy/sslutils.c @@ -1466,9 +1466,9 @@ Returns: **********************************************************************/ void -proxy_verify_init( - proxy_verify_desc * pvd, - proxy_verify_ctx_desc * pvxd) +canl_proxy_verify_init( + canl_proxy_verify_desc * pvd, + canl_proxy_verify_ctx_desc * pvxd) { pvd->magicnum = PVD_MAGIC_NUMBER; /* used for debuging */ @@ -1483,7 +1483,7 @@ proxy_verify_init( } /********************************************************************** -Function: proxy_verify_ctx_init() +Function: canl_proxy_verify_ctx_init() Description: @@ -1493,8 +1493,8 @@ Returns: **********************************************************************/ void -proxy_verify_ctx_init( - proxy_verify_ctx_desc * pvxd) +canl_proxy_verify_ctx_init( + canl_proxy_verify_ctx_desc * pvxd) { pvxd->magicnum = PVXD_MAGIC_NUMBER; /* used for debuging */ @@ -1514,15 +1514,15 @@ Returns: **********************************************************************/ void -proxy_verify_release( - proxy_verify_desc * pvd) +canl_proxy_verify_release( + canl_proxy_verify_desc * pvd) { pvd->cert_chain = NULL; pvd->pvxd = NULL; } /********************************************************************** -Function: proxy_verify_ctx_release() +Function: canl_proxy_verify_ctx_release() Description: @@ -1532,8 +1532,8 @@ Returns: **********************************************************************/ void -proxy_verify_ctx_release( - proxy_verify_ctx_desc * pvxd) +canl_proxy_verify_ctx_release( + canl_proxy_verify_ctx_desc * pvxd) { if (pvxd->certdir) { @@ -1817,7 +1817,7 @@ proxy_verify_callback( #endif SSL * ssl = NULL; SSL_CTX * ssl_ctx = NULL; - proxy_verify_desc * pvd; + canl_proxy_verify_desc * pvd; int itsaproxy = 0; int i; int ret; @@ -1830,20 +1830,20 @@ proxy_verify_callback( /* * If we are being called recursivly to check delegate * cert chains, or being called by the grid-proxy-init, - * a pointer to a proxy_verify_desc will be + * a pointer to a canl_proxy_verify_desc will be * pased in the store. If we are being called by SSL, * by a roundabout process, the app_data of the ctx points at * the SSL. We have saved a pointer to the context handle * in the SSL, and its magic number should be PVD_MAGIC_NUMBER */ - if (!(pvd = (proxy_verify_desc *) + if (!(pvd = (canl_proxy_verify_desc *) X509_STORE_CTX_get_ex_data(ctx, PVD_STORE_EX_DATA_IDX))) { ssl = (SSL *)X509_STORE_CTX_get_app_data(ctx); if (ssl) { ssl_ctx = SSL_get_SSL_CTX(ssl); - pvd = (proxy_verify_desc *)SSL_CTX_get_ex_data(ssl_ctx, + pvd = (canl_proxy_verify_desc *)SSL_CTX_get_ex_data(ssl_ctx, PVD_SSL_EX_DATA_IDX); } } @@ -2252,7 +2252,7 @@ int PRIVATE proxy_verify_cert_chain( X509 * ucert, STACK_OF(X509) * cert_chain, - proxy_verify_desc * pvd) + canl_proxy_verify_desc * pvd) { int retval = 0; X509_STORE * cert_store = NULL; diff --git a/emi.canl.canl-c/src/proxy/sslutils.h b/emi.canl.canl-c/src/proxy/sslutils.h index 2257ade..4df4f1b 100644 --- a/emi.canl.canl-c/src/proxy/sslutils.h +++ b/emi.canl.canl-c/src/proxy/sslutils.h @@ -320,23 +320,23 @@ ERR_set_continue_needed(void); Type definitions **********************************************************************/ -/* proxy_verify_ctx_desc - common to all verifys */ +/* canl_proxy_verify_ctx_desc - common to all verifys */ -typedef struct proxy_verify_ctx_desc_struct { +typedef struct canl_proxy_verify_ctx_desc_struct { int magicnum ; char * certdir; time_t goodtill; unsigned int flags; //OCSP flags etc. -} proxy_verify_ctx_desc ; +} canl_proxy_verify_ctx_desc ; -/* proxy_verify_desc - allows for recursive verifys with delegation */ +/* canl_proxy_verify_desc - allows for recursive verifys with delegation */ -typedef struct proxy_verify_desc_struct proxy_verify_desc; +typedef struct canl_proxy_verify_desc_struct canl_proxy_verify_desc; -struct proxy_verify_desc_struct { +struct canl_proxy_verify_desc_struct { int magicnum; - proxy_verify_desc * previous; - proxy_verify_ctx_desc * pvxd; + canl_proxy_verify_desc * previous; + canl_proxy_verify_ctx_desc * pvxd; int flags; X509_STORE_CTX * cert_store; int recursive_depth; @@ -424,20 +424,20 @@ proxy_load_user_key( unsigned long * hSession); void -proxy_verify_init( - proxy_verify_desc * pvd, - proxy_verify_ctx_desc * pvxd); +canl_proxy_verify_init( + canl_proxy_verify_desc * pvd, + canl_proxy_verify_ctx_desc * pvxd); void -proxy_verify_release( - proxy_verify_desc * pvd); +canl_proxy_verify_release( + canl_proxy_verify_desc * pvd); void -proxy_verify_ctx_init( - proxy_verify_ctx_desc *pvxd); +canl_proxy_verify_ctx_init( + canl_proxy_verify_ctx_desc *pvxd); void -proxy_verify_ctx_release( - proxy_verify_ctx_desc *pvxd); +canl_proxy_verify_ctx_release( + canl_proxy_verify_ctx_desc *pvxd); int proxy_check_proxy_name( @@ -452,7 +452,7 @@ proxy_check_issued( int proxy_verify_certchain( STACK_OF(X509) * certchain, - proxy_verify_desc * ppvd); + canl_proxy_verify_desc * ppvd); int proxy_verify_callback(